X-Git-Url: https://pintos-os.org/cgi-bin/gitweb.cgi?a=blobdiff_plain;f=ofproto%2Fofproto-dpif.c;h=84f6abf26ecf813eb9163df1b4118b96d3cd2a09;hb=6fca1ffbff93d507336961602947b46320e0ef41;hp=9356800c3bd57f1cdd83112b505a31c0d678635a;hpb=fea393b1d6b2729a784b898dbdd48d30d42e3ff7;p=openvswitch diff --git a/ofproto/ofproto-dpif.c b/ofproto/ofproto-dpif.c index 9356800c..84f6abf2 100644 --- a/ofproto/ofproto-dpif.c +++ b/ofproto/ofproto-dpif.c @@ -121,9 +121,10 @@ struct ofmirror { struct hmapx dsts; /* Contains "struct ofbundle *"s. */ unsigned long *vlans; /* Bitmap of chosen VLANs, NULL selects all. */ - /* Output (mutually exclusive). */ + /* Output (exactly one of out == NULL and out_vlan == -1 is true). */ struct ofbundle *out; /* Output port or NULL. */ int out_vlan; /* Output VLAN or -1. */ + mirror_mask_t dup_mirrors; /* Bitmap of mirrors with the same output. */ }; static void mirror_destroy(struct ofmirror *); @@ -144,6 +145,7 @@ struct ofbundle { * NULL if all VLANs are trunked. */ struct lacp *lacp; /* LACP if LACP is enabled, otherwise NULL. */ struct bond *bond; /* Nonnull iff more than one port. */ + bool use_priority_tags; /* Use 802.1p tag for frames in VLAN 0? */ /* Status. */ bool floodable; /* True if no port has OFPPC_NO_FLOOD set. */ @@ -164,6 +166,8 @@ static void bundle_wait(struct ofbundle *); static void stp_run(struct ofproto_dpif *ofproto); static void stp_wait(struct ofproto_dpif *ofproto); +static bool ofbundle_includes_vlan(const struct ofbundle *, uint16_t vlan); + struct action_xlate_ctx { /* action_xlate_ctx_init() initializes these members. */ @@ -298,8 +302,8 @@ static void facet_account(struct ofproto_dpif *, struct facet *); static bool facet_is_controller_flow(struct facet *); -static void flow_push_stats(const struct rule_dpif *, - struct flow *, uint64_t packets, uint64_t bytes, +static void flow_push_stats(const struct rule_dpif *, const struct flow *, + uint64_t packets, uint64_t bytes, long long int used); static uint32_t rule_calculate_tag(const struct flow *, @@ -321,6 +325,18 @@ struct ofport_dpif { struct stp_port *stp_port; /* Spanning Tree Protocol, if any. */ enum stp_state stp_state; /* Always STP_DISABLED if STP not in use. */ long long int stp_state_entered; + + struct hmap priorities; /* Map of attached 'priority_to_dscp's. */ +}; + +/* Node in 'ofport_dpif''s 'priorities' map. Used to maintain a map from + * 'priority' (the datapath's term for QoS queue) to the dscp bits which all + * traffic egressing the 'ofport' with that priority should be marked with. */ +struct priority_to_dscp { + struct hmap_node hmap_node; /* Node in 'ofport_dpif''s 'priorities' map. */ + uint32_t priority; /* Priority of this queue (see struct flow). */ + + uint8_t dscp; /* DSCP bits to mark outgoing traffic with. */ }; static struct ofport_dpif * @@ -333,6 +349,7 @@ ofport_dpif_cast(const struct ofport *ofport) static void port_run(struct ofport_dpif *); static void port_wait(struct ofport_dpif *); static int set_cfm(struct ofport *, const struct cfm_settings *); +static void ofport_clear_priorities(struct ofport_dpif *); struct dpif_completion { struct list list_node; @@ -409,12 +426,9 @@ static struct ofport_dpif *get_odp_port(struct ofproto_dpif *, static void update_learning_table(struct ofproto_dpif *, const struct flow *, int vlan, struct ofbundle *); -static bool is_admissible(struct ofproto_dpif *, const struct flow *, - bool have_packet, tag_type *, int *vlanp, - struct ofbundle **in_bundlep); - /* Upcalls. */ #define FLOW_MISS_MAX_BATCH 50 + static void handle_upcall(struct ofproto_dpif *, struct dpif_upcall *); static void handle_miss_upcalls(struct ofproto_dpif *, struct dpif_upcall *, size_t n); @@ -422,6 +436,9 @@ static void handle_miss_upcalls(struct ofproto_dpif *, /* Flow expiration. */ static int expire(struct ofproto_dpif *); +/* NetFlow. */ +static void send_netflow_active_timeouts(struct ofproto_dpif *); + /* Utilities. */ static int send_packet(struct ofproto_dpif *, uint32_t odp_port, const struct ofpbuf *packet); @@ -627,7 +644,9 @@ run(struct ofproto *ofproto_) } if (ofproto->netflow) { - netflow_run(ofproto->netflow); + if (netflow_run(ofproto->netflow)) { + send_netflow_active_timeouts(ofproto); + } } if (ofproto->sflow) { dpif_sflow_run(ofproto->sflow); @@ -690,6 +709,9 @@ wait(struct ofproto *ofproto_) HMAP_FOR_EACH (bundle, hmap_node, &ofproto->bundles) { bundle_wait(bundle); } + if (ofproto->netflow) { + netflow_wait(ofproto->netflow); + } mac_learning_wait(ofproto->ml); stp_wait(ofproto); if (ofproto->need_revalidate) { @@ -753,24 +775,6 @@ get_tables(struct ofproto *ofproto_, struct ofp_table_stats *ots) htonll(s.n_hit + ofproto->n_matches)); } -static int -set_netflow(struct ofproto *ofproto_, - const struct netflow_options *netflow_options) -{ - struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_); - - if (netflow_options) { - if (!ofproto->netflow) { - ofproto->netflow = netflow_create(); - } - return netflow_set_options(ofproto->netflow, netflow_options); - } else { - netflow_destroy(ofproto->netflow); - ofproto->netflow = NULL; - return 0; - } -} - static struct ofport * port_alloc(void) { @@ -799,6 +803,7 @@ port_construct(struct ofport *port_) port->may_enable = true; port->stp_port = NULL; port->stp_state = STP_DISABLED; + hmap_init(&port->priorities); if (ofproto->sflow) { dpif_sflow_add_port(ofproto->sflow, port->odp_port, @@ -820,6 +825,9 @@ port_destruct(struct ofport *port_) if (ofproto->sflow) { dpif_sflow_del_port(ofproto->sflow, port->odp_port); } + + ofport_clear_priorities(port); + hmap_destroy(&port->priorities); } static void @@ -1035,7 +1043,7 @@ update_stp_port_state(struct ofport_dpif *ofport) ofport->stp_state = state; ofport->stp_state_entered = time_msec(); - if (fwd_change) { + if (fwd_change && ofport->bundle) { bundle_update(ofport->bundle); } @@ -1105,6 +1113,7 @@ get_stp_port_status(struct ofport *ofport_, s->state = stp_port_get_state(sp); s->sec_in_state = (time_msec() - ofport->stp_state_entered) / 1000; s->role = stp_port_get_role(sp); + stp_port_get_counts(sp, &s->tx_count, &s->rx_count, &s->error_count); return 0; } @@ -1170,6 +1179,82 @@ stp_process_packet(const struct ofport_dpif *ofport, } } +static struct priority_to_dscp * +get_priority(const struct ofport_dpif *ofport, uint32_t priority) +{ + struct priority_to_dscp *pdscp; + uint32_t hash; + + hash = hash_int(priority, 0); + HMAP_FOR_EACH_IN_BUCKET (pdscp, hmap_node, hash, &ofport->priorities) { + if (pdscp->priority == priority) { + return pdscp; + } + } + return NULL; +} + +static void +ofport_clear_priorities(struct ofport_dpif *ofport) +{ + struct priority_to_dscp *pdscp, *next; + + HMAP_FOR_EACH_SAFE (pdscp, next, hmap_node, &ofport->priorities) { + hmap_remove(&ofport->priorities, &pdscp->hmap_node); + free(pdscp); + } +} + +static int +set_queues(struct ofport *ofport_, + const struct ofproto_port_queue *qdscp_list, + size_t n_qdscp) +{ + struct ofport_dpif *ofport = ofport_dpif_cast(ofport_); + struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofport->up.ofproto); + struct hmap new = HMAP_INITIALIZER(&new); + size_t i; + + for (i = 0; i < n_qdscp; i++) { + struct priority_to_dscp *pdscp; + uint32_t priority; + uint8_t dscp; + + dscp = (qdscp_list[i].dscp << 2) & IP_DSCP_MASK; + if (dpif_queue_to_priority(ofproto->dpif, qdscp_list[i].queue, + &priority)) { + continue; + } + + pdscp = get_priority(ofport, priority); + if (pdscp) { + hmap_remove(&ofport->priorities, &pdscp->hmap_node); + } else { + pdscp = xmalloc(sizeof *pdscp); + pdscp->priority = priority; + pdscp->dscp = dscp; + ofproto->need_revalidate = true; + } + + if (pdscp->dscp != dscp) { + pdscp->dscp = dscp; + ofproto->need_revalidate = true; + } + + hmap_insert(&new, &pdscp->hmap_node, hash_int(pdscp->priority, 0)); + } + + if (!hmap_is_empty(&ofport->priorities)) { + ofport_clear_priorities(ofport); + ofproto->need_revalidate = true; + } + + hmap_swap(&new, &ofport->priorities); + hmap_destroy(&new); + + return 0; +} + /* Bundles. */ /* Expires all MAC learning entries associated with 'port' and forces ofproto @@ -1228,8 +1313,7 @@ bundle_update(struct ofbundle *bundle) bundle->floodable = true; LIST_FOR_EACH (port, bundle_node, &bundle->ports) { - if (port->up.opp.config & htonl(OFPPC_NO_FLOOD) - || !stp_forward_in_state(port->stp_state)) { + if (port->up.opp.config & htonl(OFPPC_NO_FLOOD)) { bundle->floodable = false; break; } @@ -1276,8 +1360,7 @@ bundle_add_port(struct ofbundle *bundle, uint32_t ofp_port, port->bundle = bundle; list_push_back(&bundle->ports, &port->bundle_node); - if (port->up.opp.config & htonl(OFPPC_NO_FLOOD) - || !stp_forward_in_state(port->stp_state)) { + if (port->up.opp.config & htonl(OFPPC_NO_FLOOD)) { bundle->floodable = false; } } @@ -1363,6 +1446,7 @@ bundle_set(struct ofproto *ofproto_, void *aux, bundle->vlan_mode = PORT_VLAN_TRUNK; bundle->vlan = -1; bundle->trunks = NULL; + bundle->use_priority_tags = s->use_priority_tags; bundle->lacp = NULL; bundle->bond = NULL; @@ -1421,8 +1505,10 @@ bundle_set(struct ofproto *ofproto_, void *aux, } /* Set VLAN tagging mode */ - if (s->vlan_mode != bundle->vlan_mode) { + if (s->vlan_mode != bundle->vlan_mode + || s->use_priority_tags != bundle->use_priority_tags) { bundle->vlan_mode = s->vlan_mode; + bundle->use_priority_tags = s->use_priority_tags; need_flush = true; } @@ -1656,6 +1742,39 @@ mirror_lookup(struct ofproto_dpif *ofproto, void *aux) return NULL; } +/* Update the 'dup_mirrors' member of each of the ofmirrors in 'ofproto'. */ +static void +mirror_update_dups(struct ofproto_dpif *ofproto) +{ + int i; + + for (i = 0; i < MAX_MIRRORS; i++) { + struct ofmirror *m = ofproto->mirrors[i]; + + if (m) { + m->dup_mirrors = MIRROR_MASK_C(1) << i; + } + } + + for (i = 0; i < MAX_MIRRORS; i++) { + struct ofmirror *m1 = ofproto->mirrors[i]; + int j; + + if (!m1) { + continue; + } + + for (j = i + 1; j < MAX_MIRRORS; j++) { + struct ofmirror *m2 = ofproto->mirrors[j]; + + if (m2 && m1->out == m2->out && m1->out_vlan == m2->out_vlan) { + m1->dup_mirrors |= MIRROR_MASK_C(1) << j; + m2->dup_mirrors |= m1->dup_mirrors; + } + } + } +} + static int mirror_set(struct ofproto *ofproto_, void *aux, const struct ofproto_mirror_settings *s) @@ -1761,6 +1880,7 @@ mirror_set(struct ofproto *ofproto_, void *aux, ofproto->need_revalidate = true; mac_learning_flush(ofproto->ml); + mirror_update_dups(ofproto); return 0; } @@ -1794,6 +1914,8 @@ mirror_destroy(struct ofmirror *mirror) ofproto->mirrors[mirror->idx] = NULL; free(mirror->name); free(mirror); + + mirror_update_dups(ofproto); } static int @@ -2566,29 +2688,6 @@ facet_max_idle(const struct ofproto_dpif *ofproto) return bucket * BUCKET_WIDTH; } -static void -facet_active_timeout(struct ofproto_dpif *ofproto, struct facet *facet) -{ - if (ofproto->netflow && !facet_is_controller_flow(facet) && - netflow_active_timeout_expired(ofproto->netflow, &facet->nf_flow)) { - struct ofexpired expired; - - if (facet->installed) { - struct dpif_flow_stats stats; - - facet_put__(ofproto, facet, facet->actions, facet->actions_len, - &stats); - facet_update_stats(ofproto, facet, &stats); - } - - expired.flow = facet->flow; - expired.packet_count = facet->packet_count; - expired.byte_count = facet->byte_count; - expired.used = facet->used; - netflow_expire(ofproto->netflow, &facet->nf_flow, &expired); - } -} - static void expire_facets(struct ofproto_dpif *ofproto, int dp_max_idle) { @@ -2596,7 +2695,6 @@ expire_facets(struct ofproto_dpif *ofproto, int dp_max_idle) struct facet *facet, *next_facet; HMAP_FOR_EACH_SAFE (facet, next_facet, hmap_node, &ofproto->facets) { - facet_active_timeout(ofproto, facet); if (facet->used < cutoff) { facet_remove(ofproto, facet); } @@ -3211,7 +3309,7 @@ push_resubmit(struct action_xlate_ctx *ctx, struct rule_dpif *rule) * 'rule''s actions. */ static void flow_push_stats(const struct rule_dpif *rule, - struct flow *flow, uint64_t packets, uint64_t bytes, + const struct flow *flow, uint64_t packets, uint64_t bytes, long long int used) { struct ofproto_dpif *ofproto = ofproto_dpif_cast(rule->up.ofproto); @@ -3369,7 +3467,8 @@ rule_get_stats(struct rule *rule_, uint64_t *packets, uint64_t *bytes) } static int -rule_execute(struct rule *rule_, struct flow *flow, struct ofpbuf *packet) +rule_execute(struct rule *rule_, const struct flow *flow, + struct ofpbuf *packet) { struct rule_dpif *rule = rule_dpif_cast(rule_); struct ofproto_dpif *ofproto = ofproto_dpif_cast(rule->up.ofproto); @@ -3476,19 +3575,12 @@ put_userspace_action(const struct ofproto_dpif *ofproto, const struct flow *flow, const struct user_action_cookie *cookie) { - size_t offset; uint32_t pid; pid = dpif_port_get_pid(ofproto->dpif, ofp_port_to_odp_port(flow->in_port)); - offset = nl_msg_start_nested(odp_actions, OVS_ACTION_ATTR_USERSPACE); - nl_msg_put_u32(odp_actions, OVS_USERSPACE_ATTR_PID, pid); - nl_msg_put_unspec(odp_actions, OVS_USERSPACE_ATTR_USERDATA, - cookie, sizeof *cookie); - nl_msg_end_nested(odp_actions, offset); - - return odp_actions->size - NLA_ALIGN(sizeof *cookie); + return odp_put_userspace_action(pid, cookie, odp_actions); } /* Compose SAMPLE action for sFlow. */ @@ -3622,27 +3714,26 @@ commit_set_ether_addr_action(const struct flow *flow, struct flow *base, } static void -commit_vlan_action(struct action_xlate_ctx *ctx, ovs_be16 new_tci) +commit_vlan_action(const struct flow *flow, struct flow *base, + struct ofpbuf *odp_actions) { - struct flow *base = &ctx->base_flow; - - if (base->vlan_tci == new_tci) { + if (base->vlan_tci == flow->vlan_tci) { return; } if (base->vlan_tci & htons(VLAN_CFI)) { - nl_msg_put_flag(ctx->odp_actions, OVS_ACTION_ATTR_POP_VLAN); + nl_msg_put_flag(odp_actions, OVS_ACTION_ATTR_POP_VLAN); } - if (new_tci & htons(VLAN_CFI)) { + if (flow->vlan_tci & htons(VLAN_CFI)) { struct ovs_action_push_vlan vlan; vlan.vlan_tpid = htons(ETH_TYPE_VLAN); - vlan.vlan_tci = new_tci & ~htons(VLAN_CFI); - nl_msg_put_unspec(ctx->odp_actions, OVS_ACTION_ATTR_PUSH_VLAN, + vlan.vlan_tci = flow->vlan_tci; + nl_msg_put_unspec(odp_actions, OVS_ACTION_ATTR_PUSH_VLAN, &vlan, sizeof vlan); } - base->vlan_tci = new_tci; + base->vlan_tci = flow->vlan_tci; } static void @@ -3666,9 +3757,9 @@ commit_set_nw_action(const struct flow *flow, struct flow *base, ipv4_key.ipv4_src = base->nw_src = flow->nw_src; ipv4_key.ipv4_dst = base->nw_dst = flow->nw_dst; + ipv4_key.ipv4_tos = base->nw_tos = flow->nw_tos; + ipv4_key.ipv4_ttl = base->nw_ttl = flow->nw_ttl; ipv4_key.ipv4_proto = base->nw_proto; - ipv4_key.ipv4_tos = flow->nw_tos; - ipv4_key.ipv4_ttl = flow->nw_ttl; ipv4_key.ipv4_frag = (base->nw_frag == 0 ? OVS_FRAG_TYPE_NONE : base->nw_frag == FLOW_NW_FRAG_ANY ? OVS_FRAG_TYPE_FIRST : OVS_FRAG_TYPE_LATER); @@ -3732,43 +3823,51 @@ commit_odp_actions(struct action_xlate_ctx *ctx) commit_set_tun_id_action(flow, base, odp_actions); commit_set_ether_addr_action(flow, base, odp_actions); - commit_vlan_action(ctx, flow->vlan_tci); + commit_vlan_action(flow, base, odp_actions); commit_set_nw_action(flow, base, odp_actions); commit_set_port_action(flow, base, odp_actions); commit_set_priority_action(flow, base, odp_actions); } static void -compose_output_action(struct action_xlate_ctx *ctx, uint16_t odp_port) -{ - nl_msg_put_u32(ctx->odp_actions, OVS_ACTION_ATTR_OUTPUT, odp_port); - ctx->sflow_odp_port = odp_port; - ctx->sflow_n_outputs++; -} - -static void -add_output_action(struct action_xlate_ctx *ctx, uint16_t ofp_port) +compose_output_action__(struct action_xlate_ctx *ctx, uint16_t ofp_port, + bool check_stp) { const struct ofport_dpif *ofport = get_ofp_port(ctx->ofproto, ofp_port); uint16_t odp_port = ofp_port_to_odp_port(ofp_port); + uint8_t flow_nw_tos = ctx->flow.nw_tos; if (ofport) { + struct priority_to_dscp *pdscp; + if (ofport->up.opp.config & htonl(OFPPC_NO_FWD) - || !stp_forward_in_state(ofport->stp_state)) { - /* Forwarding disabled on port. */ + || (check_stp && !stp_forward_in_state(ofport->stp_state))) { return; } + + pdscp = get_priority(ofport, ctx->flow.priority); + if (pdscp) { + ctx->flow.nw_tos &= ~IP_DSCP_MASK; + ctx->flow.nw_tos |= pdscp->dscp; + } } else { - /* - * We don't have an ofport record for this port, but it doesn't hurt to - * allow forwarding to it anyhow. Maybe such a port will appear later - * and we're pre-populating the flow table. - */ + /* We may not have an ofport record for this port, but it doesn't hurt + * to allow forwarding to it anyhow. Maybe such a port will appear + * later and we're pre-populating the flow table. */ } commit_odp_actions(ctx); - compose_output_action(ctx, odp_port); + nl_msg_put_u32(ctx->odp_actions, OVS_ACTION_ATTR_OUTPUT, odp_port); + ctx->sflow_odp_port = odp_port; + ctx->sflow_n_outputs++; ctx->nf_output_iface = ofp_port; + ctx->flow.nw_tos = flow_nw_tos; +} + +static void +compose_output_action(struct action_xlate_ctx *ctx, uint16_t ofp_port) +{ + compose_output_action__(ctx, ofp_port, true); } static void @@ -3840,17 +3939,22 @@ xlate_resubmit_table(struct action_xlate_ctx *ctx, } static void -flood_packets(struct action_xlate_ctx *ctx, ovs_be32 mask) +flood_packets(struct action_xlate_ctx *ctx, bool all) { struct ofport_dpif *ofport; commit_odp_actions(ctx); HMAP_FOR_EACH (ofport, up.hmap_node, &ctx->ofproto->up.ports) { uint16_t ofp_port = ofport->up.ofp_port; - if (ofp_port != ctx->flow.in_port - && !(ofport->up.opp.config & mask) - && stp_forward_in_state(ofport->stp_state)) { - compose_output_action(ctx, ofport->odp_port); + + if (ofp_port == ctx->flow.in_port) { + continue; + } + + if (all) { + compose_output_action__(ctx, ofp_port, false); + } else if (!(ofport->up.opp.config & htonl(OFPPC_NO_FLOOD))) { + compose_output_action(ctx, ofp_port); } } @@ -3862,6 +3966,7 @@ compose_controller_action(struct action_xlate_ctx *ctx, int len) { struct user_action_cookie cookie; + commit_odp_actions(ctx); cookie.type = USER_ACTION_COOKIE_CONTROLLER; cookie.data = len; cookie.n_output = 0; @@ -3879,7 +3984,7 @@ xlate_output_action__(struct action_xlate_ctx *ctx, switch (port) { case OFPP_IN_PORT: - add_output_action(ctx, ctx->flow.in_port); + compose_output_action(ctx, ctx->flow.in_port); break; case OFPP_TABLE: xlate_table_action(ctx, ctx->flow.in_port, ctx->table_id); @@ -3888,23 +3993,22 @@ xlate_output_action__(struct action_xlate_ctx *ctx, xlate_normal(ctx); break; case OFPP_FLOOD: - flood_packets(ctx, htonl(OFPPC_NO_FLOOD)); + flood_packets(ctx, false); break; case OFPP_ALL: - flood_packets(ctx, htonl(0)); + flood_packets(ctx, true); break; case OFPP_CONTROLLER: - commit_odp_actions(ctx); compose_controller_action(ctx, max_len); break; case OFPP_LOCAL: - add_output_action(ctx, OFPP_LOCAL); + compose_output_action(ctx, OFPP_LOCAL); break; case OFPP_NONE: break; default: if (port != ctx->flow.in_port) { - add_output_action(ctx, port); + compose_output_action(ctx, port); } break; } @@ -3943,7 +4047,7 @@ static void xlate_enqueue_action(struct action_xlate_ctx *ctx, const struct ofp_action_enqueue *oae) { - uint16_t ofp_port, odp_port; + uint16_t ofp_port; uint32_t flow_priority, priority; int error; @@ -3962,17 +4066,16 @@ xlate_enqueue_action(struct action_xlate_ctx *ctx, } else if (ofp_port == ctx->flow.in_port) { return; } - odp_port = ofp_port_to_odp_port(ofp_port); /* Add datapath actions. */ flow_priority = ctx->flow.priority; ctx->flow.priority = priority; - add_output_action(ctx, odp_port); + compose_output_action(ctx, ofp_port); ctx->flow.priority = flow_priority; /* Update NetFlow output port. */ if (ctx->nf_output_iface == NF_OUT_DROP) { - ctx->nf_output_iface = odp_port; + ctx->nf_output_iface = ofp_port; } else if (ctx->nf_output_iface != NF_OUT_FLOOD) { ctx->nf_output_iface = NF_OUT_MULTI; } @@ -4330,7 +4433,7 @@ xlate_actions(struct action_xlate_ctx *ctx, if (ctx->packet && connmgr_msg_in_hook(ctx->ofproto->up.connmgr, &ctx->flow, ctx->packet)) { - compose_output_action(ctx, OVSP_LOCAL); + compose_output_action(ctx, OFPP_LOCAL); } } fix_sflow_action(ctx); @@ -4341,21 +4444,6 @@ xlate_actions(struct action_xlate_ctx *ctx, /* OFPP_NORMAL implementation. */ -struct dst { - struct ofport_dpif *port; - uint16_t vid; -}; - -struct dst_set { - struct dst builtin[32]; - struct dst *dsts; - size_t n, allocated; -}; - -static void dst_set_init(struct dst_set *); -static void dst_set_add(struct dst_set *, const struct dst *); -static void dst_set_free(struct dst_set *); - static struct ofport_dpif *ofbundle_get_a_port(const struct ofbundle *); /* Given 'vid', the VID obtained from the 802.1Q header that was received as @@ -4384,6 +4472,58 @@ input_vid_to_vlan(const struct ofbundle *in_bundle, uint16_t vid) } } +/* Checks whether a packet with the given 'vid' may ingress on 'in_bundle'. + * If so, returns true. Otherwise, returns false and, if 'warn' is true, logs + * a warning. + * + * 'vid' should be the VID obtained from the 802.1Q header that was received as + * part of a packet (specify 0 if there was no 802.1Q header), in the range + * 0...4095. */ +static bool +input_vid_is_valid(uint16_t vid, struct ofbundle *in_bundle, bool warn) +{ + switch (in_bundle->vlan_mode) { + case PORT_VLAN_ACCESS: + if (vid) { + if (warn) { + static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); + VLOG_WARN_RL(&rl, "bridge %s: dropping VLAN %"PRIu16" tagged " + "packet received on port %s configured as VLAN " + "%"PRIu16" access port", + in_bundle->ofproto->up.name, vid, + in_bundle->name, in_bundle->vlan); + } + return false; + } + return true; + + case PORT_VLAN_NATIVE_UNTAGGED: + case PORT_VLAN_NATIVE_TAGGED: + if (!vid) { + /* Port must always carry its native VLAN. */ + return true; + } + /* Fall through. */ + case PORT_VLAN_TRUNK: + if (!ofbundle_includes_vlan(in_bundle, vid)) { + if (warn) { + static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); + VLOG_WARN_RL(&rl, "bridge %s: dropping VLAN %"PRIu16" packet " + "received on port %s not configured for trunking " + "VLAN %"PRIu16, + in_bundle->ofproto->up.name, vid, + in_bundle->name, vid); + } + return false; + } + return true; + + default: + NOT_REACHED(); + } + +} + /* Given 'vlan', the VLAN that a packet belongs to, and * 'out_bundle', a bundle on which the packet is to be output, returns the VID * that should be included in the 802.1Q header. (If the return value is 0, @@ -4410,20 +4550,38 @@ output_vlan_to_vid(const struct ofbundle *out_bundle, uint16_t vlan) } } -static bool -set_dst(struct action_xlate_ctx *ctx, struct dst *dst, - const struct ofbundle *in_bundle, const struct ofbundle *out_bundle) +static void +output_normal(struct action_xlate_ctx *ctx, const struct ofbundle *out_bundle, + uint16_t vlan) { - uint16_t vlan; + struct ofport_dpif *port; + uint16_t vid; + ovs_be16 tci, old_tci; - vlan = input_vid_to_vlan(in_bundle, vlan_tci_to_vid(ctx->flow.vlan_tci)); - dst->vid = output_vlan_to_vid(out_bundle, vlan); + vid = output_vlan_to_vid(out_bundle, vlan); + if (!out_bundle->bond) { + port = ofbundle_get_a_port(out_bundle); + } else { + port = bond_choose_output_slave(out_bundle->bond, &ctx->flow, + vid, &ctx->tags); + if (!port) { + /* No slaves enabled, so drop packet. */ + return; + } + } - dst->port = (!out_bundle->bond - ? ofbundle_get_a_port(out_bundle) - : bond_choose_output_slave(out_bundle->bond, &ctx->flow, - dst->vid, &ctx->tags)); - return dst->port != NULL; + old_tci = ctx->flow.vlan_tci; + tci = htons(vid); + if (tci || out_bundle->use_priority_tags) { + tci |= ctx->flow.vlan_tci & htons(VLAN_PCP_MASK); + if (tci) { + tci |= htons(VLAN_CFI); + } + } + ctx->flow.vlan_tci = tci; + + compose_output_action(ctx, port->up.ofp_port); + ctx->flow.vlan_tci = old_tci; } static int @@ -4433,54 +4591,6 @@ mirror_mask_ffs(mirror_mask_t mask) return ffs(mask); } -static void -dst_set_init(struct dst_set *set) -{ - set->dsts = set->builtin; - set->n = 0; - set->allocated = ARRAY_SIZE(set->builtin); -} - -static void -dst_set_add(struct dst_set *set, const struct dst *dst) -{ - if (set->n >= set->allocated) { - size_t new_allocated; - struct dst *new_dsts; - - new_allocated = set->allocated * 2; - new_dsts = xmalloc(new_allocated * sizeof *new_dsts); - memcpy(new_dsts, set->dsts, set->n * sizeof *new_dsts); - - dst_set_free(set); - - set->dsts = new_dsts; - set->allocated = new_allocated; - } - set->dsts[set->n++] = *dst; -} - -static void -dst_set_free(struct dst_set *set) -{ - if (set->dsts != set->builtin) { - free(set->dsts); - } -} - -static bool -dst_is_duplicate(const struct dst_set *set, const struct dst *test) -{ - size_t i; - for (i = 0; i < set->n; i++) { - if (set->dsts[i].vid == test->vid - && set->dsts[i].port == test->port) { - return true; - } - } - return false; -} - static bool ofbundle_trunks_vlan(const struct ofbundle *bundle, uint16_t vlan) { @@ -4502,12 +4612,12 @@ ofbundle_get_a_port(const struct ofbundle *bundle) struct ofport_dpif, bundle_node); } -static void +static mirror_mask_t compose_dsts(struct action_xlate_ctx *ctx, uint16_t vlan, const struct ofbundle *in_bundle, - const struct ofbundle *out_bundle, struct dst_set *set) + const struct ofbundle *out_bundle) { - struct dst dst; + mirror_mask_t dst_mirrors = 0; if (out_bundle == OFBUNDLE_FLOOD) { struct ofbundle *bundle; @@ -4516,16 +4626,18 @@ compose_dsts(struct action_xlate_ctx *ctx, uint16_t vlan, if (bundle != in_bundle && ofbundle_includes_vlan(bundle, vlan) && bundle->floodable - && !bundle->mirror_out - && set_dst(ctx, &dst, in_bundle, bundle)) { - dst_set_add(set, &dst); + && !bundle->mirror_out) { + output_normal(ctx, bundle, vlan); + dst_mirrors |= bundle->dst_mirrors; } } ctx->nf_output_iface = NF_OUT_FLOOD; - } else if (out_bundle && set_dst(ctx, &dst, in_bundle, out_bundle)) { - dst_set_add(set, &dst); - ctx->nf_output_iface = dst.port->odp_port; + } else if (out_bundle) { + output_normal(ctx, out_bundle, vlan); + dst_mirrors = out_bundle->dst_mirrors; } + + return dst_mirrors; } static bool @@ -4576,153 +4688,41 @@ eth_dst_may_rspan(const uint8_t dst[ETH_ADDR_LEN]) } static void -compose_mirror_dsts(struct action_xlate_ctx *ctx, - uint16_t vlan, const struct ofbundle *in_bundle, - struct dst_set *set) +output_mirrors(struct action_xlate_ctx *ctx, + uint16_t vlan, const struct ofbundle *in_bundle, + mirror_mask_t dst_mirrors) { struct ofproto_dpif *ofproto = ctx->ofproto; mirror_mask_t mirrors; - uint16_t flow_vid; - size_t i; - - mirrors = in_bundle->src_mirrors; - for (i = 0; i < set->n; i++) { - mirrors |= set->dsts[i].port->bundle->dst_mirrors; - } + mirrors = in_bundle->src_mirrors | dst_mirrors; if (!mirrors) { return; } - flow_vid = vlan_tci_to_vid(ctx->flow.vlan_tci); while (mirrors) { - struct ofmirror *m = ofproto->mirrors[mirror_mask_ffs(mirrors) - 1]; - if (vlan_is_mirrored(m, vlan)) { - struct dst dst; - - if (m->out) { - if (set_dst(ctx, &dst, in_bundle, m->out) - && !dst_is_duplicate(set, &dst)) { - dst_set_add(set, &dst); - } - } else if (eth_dst_may_rspan(ctx->flow.dl_dst)) { - struct ofbundle *bundle; - - HMAP_FOR_EACH (bundle, hmap_node, &ofproto->bundles) { - if (ofbundle_includes_vlan(bundle, m->out_vlan) - && set_dst(ctx, &dst, in_bundle, bundle)) - { - /* set_dst() got dst->vid from the input packet's VLAN, - * not from m->out_vlan, so recompute it. */ - dst.vid = output_vlan_to_vid(bundle, m->out_vlan); - - if (dst_is_duplicate(set, &dst)) { - continue; - } - - if (bundle == in_bundle && dst.vid == flow_vid) { - /* Don't send out input port on same VLAN. */ - continue; - } - dst_set_add(set, &dst); - } - } - } - } - mirrors &= mirrors - 1; - } -} + struct ofmirror *m; -static void -compose_actions(struct action_xlate_ctx *ctx, uint16_t vlan, - const struct ofbundle *in_bundle, - const struct ofbundle *out_bundle) -{ - uint16_t initial_vid, cur_vid; - const struct dst *dst; - struct dst_set set; - - dst_set_init(&set); - compose_dsts(ctx, vlan, in_bundle, out_bundle, &set); - compose_mirror_dsts(ctx, vlan, in_bundle, &set); - if (!set.n) { - dst_set_free(&set); - return; - } + m = ofproto->mirrors[mirror_mask_ffs(mirrors) - 1]; - /* Output all the packets we can without having to change the VLAN. */ - commit_odp_actions(ctx); - initial_vid = vlan_tci_to_vid(ctx->flow.vlan_tci); - for (dst = set.dsts; dst < &set.dsts[set.n]; dst++) { - if (dst->vid != initial_vid) { + if (!vlan_is_mirrored(m, vlan)) { + mirrors &= mirrors - 1; continue; } - compose_output_action(ctx, dst->port->odp_port); - } - /* Then output the rest. */ - cur_vid = initial_vid; - for (dst = set.dsts; dst < &set.dsts[set.n]; dst++) { - if (dst->vid == initial_vid) { - continue; - } - if (dst->vid != cur_vid) { - ovs_be16 tci; - - tci = htons(dst->vid); - tci |= ctx->flow.vlan_tci & htons(VLAN_PCP_MASK); - if (tci) { - tci |= htons(VLAN_CFI); - } - commit_vlan_action(ctx, tci); - - cur_vid = dst->vid; - } - compose_output_action(ctx, dst->port->odp_port); - } - - dst_set_free(&set); -} - -/* Returns the effective vlan of a packet, taking into account both the - * 802.1Q header and implicitly tagged ports. A value of 0 indicates that - * the packet is untagged and -1 indicates it has an invalid header and - * should be dropped. */ -static int -flow_get_vlan(struct ofproto_dpif *ofproto, const struct flow *flow, - struct ofbundle *in_bundle, bool have_packet) -{ - int vlan = vlan_tci_to_vid(flow->vlan_tci); - if (vlan) { - if (in_bundle->vlan_mode == PORT_VLAN_ACCESS) { - /* Drop tagged packet on access port */ - if (have_packet) { - static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); - VLOG_WARN_RL(&rl, "bridge %s: dropping VLAN %d tagged " - "packet received on port %s configured with " - "implicit VLAN %"PRIu16, - ofproto->up.name, vlan, - in_bundle->name, in_bundle->vlan); - } - return -1; - } else if (ofbundle_includes_vlan(in_bundle, vlan)) { - return vlan; - } else { - /* Drop packets from a VLAN not member of the trunk */ - if (have_packet) { - static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); - VLOG_WARN_RL(&rl, "bridge %s: dropping VLAN %d tagged " - "packet received on port %s not configured for " - "trunking VLAN %d", - ofproto->up.name, vlan, in_bundle->name, vlan); + mirrors &= ~m->dup_mirrors; + if (m->out) { + output_normal(ctx, m->out, vlan); + } else if (eth_dst_may_rspan(ctx->flow.dl_dst) + && vlan != m->out_vlan) { + struct ofbundle *bundle; + + HMAP_FOR_EACH (bundle, hmap_node, &ofproto->bundles) { + if (ofbundle_includes_vlan(bundle, m->out_vlan) + && !bundle->mirror_out) { + output_normal(ctx, bundle, m->out_vlan); + } } - return -1; - } - } else { - if (in_bundle->vlan_mode != PORT_VLAN_TRUNK) { - return in_bundle->vlan; - } else { - return ofbundle_includes_vlan(in_bundle, 0) ? 0 : -1; } } } @@ -4777,83 +4777,62 @@ update_learning_table(struct ofproto_dpif *ofproto, } } -/* Determines whether packets in 'flow' within 'br' should be forwarded or +static struct ofport_dpif * +lookup_input_bundle(struct ofproto_dpif *ofproto, uint16_t in_port, bool warn) +{ + struct ofport_dpif *ofport; + + /* Find the port and bundle for the received packet. */ + ofport = get_ofp_port(ofproto, in_port); + if (ofport && ofport->bundle) { + return ofport; + } + + /* Odd. A few possible reasons here: + * + * - We deleted a port but there are still a few packets queued up + * from it. + * + * - Someone externally added a port (e.g. "ovs-dpctl add-if") that + * we don't know about. + * + * - The ofproto client didn't configure the port as part of a bundle. + */ + if (warn) { + static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); + + VLOG_WARN_RL(&rl, "bridge %s: received packet on unknown " + "port %"PRIu16, ofproto->up.name, in_port); + } + return NULL; +} + +/* Determines whether packets in 'flow' within 'ofproto' should be forwarded or * dropped. Returns true if they may be forwarded, false if they should be * dropped. * - * If 'have_packet' is true, it indicates that the caller is processing a - * received packet. If 'have_packet' is false, then the caller is just - * revalidating an existing flow because configuration has changed. Either - * way, 'have_packet' only affects logging (there is no point in logging errors - * during revalidation). + * 'in_port' must be the ofport_dpif that corresponds to flow->in_port. + * 'in_port' must be part of a bundle (e.g. in_port->bundle must be nonnull). * - * Sets '*in_portp' to the input port. This will be a null pointer if - * flow->in_port does not designate a known input port (in which case - * is_admissible() returns false). - * - * When returning true, sets '*vlanp' to the effective VLAN of the input - * packet, as returned by flow_get_vlan(). + * 'vlan' must be the VLAN that corresponds to flow->vlan_tci on 'in_port', as + * returned by input_vid_to_vlan(). It must be a valid VLAN for 'in_port', as + * checked by input_vid_is_valid(). * * May also add tags to '*tags', although the current implementation only does * so in one special case. */ static bool is_admissible(struct ofproto_dpif *ofproto, const struct flow *flow, - bool have_packet, - tag_type *tags, int *vlanp, struct ofbundle **in_bundlep) + struct ofport_dpif *in_port, uint16_t vlan, tag_type *tags) { - struct ofport_dpif *in_port; - struct ofbundle *in_bundle; - int vlan; - - /* Find the port and bundle for the received packet. */ - in_port = get_ofp_port(ofproto, flow->in_port); - *in_bundlep = in_bundle = in_port ? in_port->bundle : NULL; - if (!in_port || !in_bundle) { - /* No interface? Something fishy... */ - if (have_packet) { - /* Odd. A few possible reasons here: - * - * - We deleted a port but there are still a few packets queued up - * from it. - * - * - Someone externally added a port (e.g. "ovs-dpctl add-if") that - * we don't know about. - * - * - Packet arrived on the local port but the local port is not - * part of a bundle. - */ - static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); + struct ofbundle *in_bundle = in_port->bundle; - VLOG_WARN_RL(&rl, "bridge %s: received packet on unknown " - "port %"PRIu16, - ofproto->up.name, flow->in_port); - } - *vlanp = -1; - return false; - } - *vlanp = vlan = flow_get_vlan(ofproto, flow, in_bundle, have_packet); - if (vlan < 0) { - return false; - } - - /* Drop frames for reserved multicast addresses only if forward_bpdu - * option is absent. */ + /* Drop frames for reserved multicast addresses + * only if forward_bpdu option is absent. */ if (eth_addr_is_reserved(flow->dl_dst) && !ofproto->up.forward_bpdu) { return false; } - /* Drop frames on bundles reserved for mirroring. */ - if (in_bundle->mirror_out) { - if (have_packet) { - static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); - VLOG_WARN_RL(&rl, "bridge %s: dropping packet received on port " - "%s, which is reserved exclusively for mirroring", - ofproto->up.name, in_bundle->name); - } - return false; - } - if (in_bundle->bond) { struct mac_entry *mac; @@ -4882,18 +4861,60 @@ is_admissible(struct ofproto_dpif *ofproto, const struct flow *flow, static void xlate_normal(struct action_xlate_ctx *ctx) { + mirror_mask_t dst_mirrors = 0; + struct ofport_dpif *in_port; struct ofbundle *in_bundle; struct ofbundle *out_bundle; struct mac_entry *mac; - int vlan; + uint16_t vlan; + uint16_t vid; ctx->has_normal = true; - /* Check whether we should drop packets in this flow. */ - if (!is_admissible(ctx->ofproto, &ctx->flow, ctx->packet != NULL, - &ctx->tags, &vlan, &in_bundle)) { - out_bundle = NULL; - goto done; + /* Obtain in_port from ctx->flow.in_port. + * + * lookup_input_bundle() also ensures that in_port belongs to a bundle. */ + in_port = lookup_input_bundle(ctx->ofproto, ctx->flow.in_port, + ctx->packet != NULL); + if (!in_port) { + return; + } + in_bundle = in_port->bundle; + + /* Drop malformed frames. */ + if (ctx->flow.dl_type == htons(ETH_TYPE_VLAN) && + !(ctx->flow.vlan_tci & htons(VLAN_CFI))) { + if (ctx->packet != NULL) { + static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); + VLOG_WARN_RL(&rl, "bridge %s: dropping packet with partial " + "VLAN tag received on port %s", + ctx->ofproto->up.name, in_bundle->name); + } + return; + } + + /* Drop frames on bundles reserved for mirroring. */ + if (in_bundle->mirror_out) { + if (ctx->packet != NULL) { + static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); + VLOG_WARN_RL(&rl, "bridge %s: dropping packet received on port " + "%s, which is reserved exclusively for mirroring", + ctx->ofproto->up.name, in_bundle->name); + } + return; + } + + /* Check VLAN. */ + vid = vlan_tci_to_vid(ctx->flow.vlan_tci); + if (!input_vid_is_valid(vid, in_bundle, ctx->packet != NULL)) { + return; + } + vlan = input_vid_to_vlan(in_bundle, vid); + + /* Check other admissibility requirements. */ + if (!is_admissible(ctx->ofproto, &ctx->flow, in_port, vlan, &ctx->tags)) { + output_mirrors(ctx, vlan, in_bundle, 0); + return; } /* Learn source MAC. */ @@ -4919,14 +4940,10 @@ xlate_normal(struct action_xlate_ctx *ctx) } /* Don't send packets out their input bundles. */ - if (in_bundle == out_bundle) { - out_bundle = NULL; - } - -done: - if (in_bundle) { - compose_actions(ctx, vlan, in_bundle, out_bundle); + if (in_bundle != out_bundle) { + dst_mirrors = compose_dsts(ctx, vlan, in_bundle, out_bundle); } + output_mirrors(ctx, vlan, in_bundle, dst_mirrors); } /* Optimized flow revalidation. @@ -5088,6 +5105,26 @@ packet_out(struct ofproto *ofproto_, struct ofpbuf *packet, } return error; } + +/* NetFlow. */ + +static int +set_netflow(struct ofproto *ofproto_, + const struct netflow_options *netflow_options) +{ + struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_); + + if (netflow_options) { + if (!ofproto->netflow) { + ofproto->netflow = netflow_create(); + } + return netflow_set_options(ofproto->netflow, netflow_options); + } else { + netflow_destroy(ofproto->netflow); + ofproto->netflow = NULL; + return 0; + } +} static void get_netflow_ids(const struct ofproto *ofproto_, @@ -5097,6 +5134,39 @@ get_netflow_ids(const struct ofproto *ofproto_, dpif_get_netflow_ids(ofproto->dpif, engine_type, engine_id); } + +static void +send_active_timeout(struct ofproto_dpif *ofproto, struct facet *facet) +{ + if (!facet_is_controller_flow(facet) && + netflow_active_timeout_expired(ofproto->netflow, &facet->nf_flow)) { + struct ofexpired expired; + + if (facet->installed) { + struct dpif_flow_stats stats; + + facet_put__(ofproto, facet, facet->actions, facet->actions_len, + &stats); + facet_update_stats(ofproto, facet, &stats); + } + + expired.flow = facet->flow; + expired.packet_count = facet->packet_count; + expired.byte_count = facet->byte_count; + expired.used = facet->used; + netflow_expire(ofproto->netflow, &facet->nf_flow, &expired); + } +} + +static void +send_netflow_active_timeouts(struct ofproto_dpif *ofproto) +{ + struct facet *facet; + + HMAP_FOR_EACH (facet, hmap_node, &ofproto->facets) { + send_active_timeout(ofproto, facet); + } +} static struct ofproto_dpif * ofproto_dpif_lookup(const char *name) @@ -5246,7 +5316,7 @@ ofproto_unixctl_trace(struct unixctl_conn *conn, const char *args_, /* Convert string to datapath key. */ ofpbuf_init(&odp_key, 0); - error = odp_flow_key_from_string(arg1, &odp_key); + error = odp_flow_key_from_string(arg1, NULL, &odp_key); if (error) { unixctl_command_reply(conn, 501, "Bad flow syntax"); goto exit; @@ -5378,7 +5448,7 @@ ofproto_dpif_unixctl_init(void) unixctl_command_register("fdb/flush", "bridge", ofproto_unixctl_fdb_flush, NULL); unixctl_command_register("fdb/show", "bridge", ofproto_unixctl_fdb_show, - NULL); + NULL); unixctl_command_register("ofproto/clog", "", ofproto_dpif_clog, NULL); unixctl_command_register("ofproto/unclog", "", ofproto_dpif_unclog, NULL); } @@ -5431,6 +5501,7 @@ const struct ofproto_class ofproto_dpif_class = { get_stp_status, set_stp_port, get_stp_port_status, + set_queues, bundle_set, bundle_remove, mirror_set,