X-Git-Url: https://pintos-os.org/cgi-bin/gitweb.cgi?a=blobdiff_plain;f=vswitchd%2Fbridge.c;h=b1e4e165f39cf91c6ccc212f05a89afae2d262af;hb=675febfa2f31372e45e2a6a28ce19256b22106d7;hp=b525f3d6d117029af825c97097bda2f37adee312;hpb=c77dc7705ba162eff9bdd6cfff2e958637bf1a6f;p=openvswitch diff --git a/vswitchd/bridge.c b/vswitchd/bridge.c index b525f3d6..b1e4e165 100644 --- a/vswitchd/bridge.c +++ b/vswitchd/bridge.c @@ -43,12 +43,12 @@ #include "odp-util.h" #include "ofp-print.h" #include "ofpbuf.h" +#include "ofproto/ofproto.h" #include "packets.h" #include "poll-loop.h" #include "port-array.h" #include "proc-net-compat.h" #include "process.h" -#include "secchan/ofproto.h" #include "socket-util.h" #include "stp.h" #include "svec.h" @@ -71,17 +71,18 @@ struct dst { extern uint64_t mgmt_id; struct iface { + /* These members are always valid. */ struct port *port; /* Containing port. */ size_t port_ifidx; /* Index within containing port. */ - char *name; /* Host network device name. */ - int dp_ifidx; /* Index within kernel datapath. */ - - uint8_t mac[ETH_ADDR_LEN]; /* Ethernet address (all zeros if unknowns). */ - tag_type tag; /* Tag associated with this interface. */ - bool enabled; /* May be chosen for flows? */ long long delay_expires; /* Time after which 'enabled' may change. */ + + /* These members are valid only after bridge_reconfigure() causes them to + * be initialized.*/ + int dp_ifidx; /* Index within kernel datapath. */ + struct netdev *netdev; /* Network device. */ + bool enabled; /* May be chosen for flows? */ }; #define BOND_MASK 0xff @@ -159,7 +160,7 @@ struct bridge { struct ofproto *ofproto; /* OpenFlow switch. */ /* Kernel datapath information. */ - struct dpif dpif; /* Kernel datapath. */ + struct dpif *dpif; /* Datapath. */ struct port_array ifaces; /* Indexed by kernel datapath port number. */ /* Bridge ports. */ @@ -193,7 +194,7 @@ enum { DP_MAX = 256 }; static struct bridge *bridge_create(const char *name); static void bridge_destroy(struct bridge *); static struct bridge *bridge_lookup(const char *name); -static void bridge_unixctl_dump_flows(struct unixctl_conn *, const char *); +static unixctl_cb_func bridge_unixctl_dump_flows; static int bridge_run_one(struct bridge *); static void bridge_reconfigure_one(struct bridge *); static void bridge_reconfigure_controller(struct bridge *); @@ -202,13 +203,14 @@ static void bridge_fetch_dp_ifaces(struct bridge *); static void bridge_flush(struct bridge *); static void bridge_pick_local_hw_addr(struct bridge *, uint8_t ea[ETH_ADDR_LEN], - const char **devname); + struct iface **hw_addr_iface); static uint64_t bridge_pick_datapath_id(struct bridge *, const uint8_t bridge_ea[ETH_ADDR_LEN], - const char *devname); + struct iface *hw_addr_iface); +static struct iface *bridge_get_local_iface(struct bridge *); static uint64_t dpid_from_hash(const void *, size_t nbytes); -static void bridge_unixctl_fdb_show(struct unixctl_conn *, const char *args); +static unixctl_cb_func bridge_unixctl_fdb_show; static void bond_init(void); static void bond_run(struct bridge *); @@ -225,6 +227,7 @@ static struct port *port_from_dp_ifidx(const struct bridge *, uint16_t dp_ifidx); static void port_update_bond_compat(struct port *); static void port_update_vlan_compat(struct port *); +static void port_update_bonding(struct port *); static void mirror_create(struct bridge *, const char *name); static void mirror_destroy(struct mirror *); @@ -242,6 +245,8 @@ static void iface_destroy(struct iface *); static struct iface *iface_lookup(const struct bridge *, const char *name); static struct iface *iface_from_dp_ifidx(const struct bridge *, uint16_t dp_ifidx); +static bool iface_is_internal(const struct bridge *, const char *name); +static void iface_set_mac(struct iface *); /* Hooks into ofproto processing. */ static struct ofhooks bridge_ofhooks; @@ -263,8 +268,8 @@ bridge_get_ifaces(struct svec *svec) for (j = 0; j < port->n_ifaces; j++) { struct iface *iface = port->ifaces[j]; if (iface->dp_ifidx < 0) { - VLOG_ERR("%s interface not in dp%u, ignoring", - iface->name, dpif_id(&br->dpif)); + VLOG_ERR("%s interface not in datapath %s, ignoring", + iface->name, dpif_name(br->dpif)); } else { if (iface->dp_ifidx != ODPP_LOCAL) { svec_add(svec, iface->name); @@ -279,34 +284,42 @@ bridge_get_ifaces(struct svec *svec) void bridge_init(void) { - int retval; - int i; - - bond_init(); + struct svec dpif_names; + size_t i; - unixctl_command_register("fdb/show", bridge_unixctl_fdb_show); + unixctl_command_register("fdb/show", bridge_unixctl_fdb_show, NULL); - for (i = 0; i < DP_MAX; i++) { - struct dpif dpif; - char devname[16]; + svec_init(&dpif_names); + dp_enumerate(&dpif_names); + for (i = 0; i < dpif_names.n; i++) { + const char *dpif_name = dpif_names.names[i]; + struct dpif *dpif; + int retval; - sprintf(devname, "dp%d", i); - retval = dpif_open(devname, &dpif); + retval = dpif_open(dpif_name, &dpif); if (!retval) { - char dpif_name[IF_NAMESIZE]; - if (dpif_get_name(&dpif, dpif_name, sizeof dpif_name) - || !cfg_has("bridge.%s.port", dpif_name)) { - dpif_delete(&dpif); + struct svec all_names; + size_t j; + + svec_init(&all_names); + dpif_get_all_names(dpif, &all_names); + for (j = 0; j < all_names.n; j++) { + if (cfg_has("bridge.%s.port", all_names.names[j])) { + goto found; + } } - dpif_close(&dpif); - } else if (retval != ENODEV) { - VLOG_ERR("failed to delete datapath dp%d: %s", - i, strerror(retval)); + dpif_delete(dpif); + found: + svec_destroy(&all_names); + dpif_close(dpif); } } + svec_destroy(&dpif_names); - unixctl_command_register("bridge/dump-flows", bridge_unixctl_dump_flows); + unixctl_command_register("bridge/dump-flows", bridge_unixctl_dump_flows, + NULL); + bond_init(); bridge_reconfigure(); } @@ -348,43 +361,116 @@ bridge_configure_ssl(void) * the old certificate will still be trusted until vSwitch is * restarted. We may want to address this in vconn's SSL library. */ if (config_string_change("ssl.ca-cert", &cacert_file) - || (stat(cacert_file, &s) && errno == ENOENT)) { + || (cacert_file && stat(cacert_file, &s) && errno == ENOENT)) { vconn_ssl_set_ca_cert_file(cacert_file, cfg_get_bool(0, "ssl.bootstrap-ca-cert")); } } #endif +/* iterate_and_prune_ifaces() callback function that opens the network device + * for 'iface', if it is not already open, and retrieves the interface's MAC + * address and carrier status. */ +static bool +init_iface_netdev(struct bridge *br UNUSED, struct iface *iface, + void *aux UNUSED) +{ + if (iface->netdev) { + return true; + } else if (!netdev_open(iface->name, NETDEV_ETH_TYPE_NONE, + &iface->netdev)) { + netdev_get_carrier(iface->netdev, &iface->enabled); + return true; + } else { + /* If the network device can't be opened, then we're not going to try + * to do anything with this interface. */ + return false; + } +} + +static bool +check_iface_dp_ifidx(struct bridge *br, struct iface *iface, void *aux UNUSED) +{ + if (iface->dp_ifidx >= 0) { + VLOG_DBG("%s has interface %s on port %d", + dpif_name(br->dpif), + iface->name, iface->dp_ifidx); + return true; + } else { + VLOG_ERR("%s interface not in %s, dropping", + iface->name, dpif_name(br->dpif)); + return false; + } +} + +static bool +set_iface_properties(struct bridge *br UNUSED, struct iface *iface, + void *aux UNUSED) +{ + int rate, burst; + + /* Set policing attributes. */ + rate = cfg_get_int(0, "port.%s.ingress.policing-rate", iface->name); + burst = cfg_get_int(0, "port.%s.ingress.policing-burst", iface->name); + netdev_set_policing(iface->netdev, rate, burst); + + /* Set MAC address of internal interfaces other than the local + * interface. */ + if (iface->dp_ifidx != ODPP_LOCAL + && iface_is_internal(br, iface->name)) { + iface_set_mac(iface); + } + + return true; +} + +/* Calls 'cb' for each interfaces in 'br', passing along the 'aux' argument. + * Deletes from 'br' all the interfaces for which 'cb' returns false, and then + * deletes from 'br' any ports that no longer have any interfaces. */ +static void +iterate_and_prune_ifaces(struct bridge *br, + bool (*cb)(struct bridge *, struct iface *, + void *aux), + void *aux) +{ + size_t i, j; + + for (i = 0; i < br->n_ports; ) { + struct port *port = br->ports[i]; + for (j = 0; j < port->n_ifaces; ) { + struct iface *iface = port->ifaces[j]; + if (cb(br, iface, aux)) { + j++; + } else { + iface_destroy(iface); + } + } + + if (port->n_ifaces) { + i++; + } else { + VLOG_ERR("%s port has no interfaces, dropping", port->name); + port_destroy(port); + } + } +} + void bridge_reconfigure(void) { - struct svec old_br, new_br, raw_new_br; + struct svec old_br, new_br; struct bridge *br, *next; - size_t i, j; + size_t i; COVERAGE_INC(bridge_reconfigure); - /* Collect old bridges. */ + /* Collect old and new bridges. */ svec_init(&old_br); + svec_init(&new_br); LIST_FOR_EACH (br, struct bridge, node, &all_bridges) { svec_add(&old_br, br->name); } - - /* Collect new bridges. */ - svec_init(&raw_new_br); - cfg_get_subsections(&raw_new_br, "bridge"); - svec_init(&new_br); - for (i = 0; i < raw_new_br.n; i++) { - const char *name = raw_new_br.names[i]; - if ((!strncmp(name, "dp", 2) && isdigit(name[2])) || - (!strncmp(name, "nl:", 3) && isdigit(name[3]))) { - VLOG_ERR("%s is not a valid bridge name (bridges may not be " - "named \"dp\" or \"nl:\" followed by a digit)", name); - } else { - svec_add(&new_br, name); - } - } - svec_destroy(&raw_new_br); + cfg_get_subsections(&new_br, "bridge"); /* Get rid of deleted bridges and add new bridges. */ svec_sort(&old_br); @@ -425,16 +511,17 @@ bridge_reconfigure(void) size_t n_dpif_ports; struct svec want_ifaces; - dpif_port_list(&br->dpif, &dpif_ports, &n_dpif_ports); + dpif_port_list(br->dpif, &dpif_ports, &n_dpif_ports); bridge_get_all_ifaces(br, &want_ifaces); for (i = 0; i < n_dpif_ports; i++) { const struct odp_port *p = &dpif_ports[i]; if (!svec_contains(&want_ifaces, p->devname) && strcmp(p->devname, br->name)) { - int retval = dpif_port_del(&br->dpif, p->port); + int retval = dpif_port_del(br->dpif, p->port); if (retval) { - VLOG_ERR("failed to remove %s interface from dp%u: %s", - p->devname, dpif_id(&br->dpif), strerror(retval)); + VLOG_ERR("failed to remove %s interface from %s: %s", + p->devname, dpif_name(br->dpif), + strerror(retval)); } } } @@ -445,9 +532,8 @@ bridge_reconfigure(void) struct odp_port *dpif_ports; size_t n_dpif_ports; struct svec cur_ifaces, want_ifaces, add_ifaces; - int next_port_no; - dpif_port_list(&br->dpif, &dpif_ports, &n_dpif_ports); + dpif_port_list(br->dpif, &dpif_ports, &n_dpif_ports); svec_init(&cur_ifaces); for (i = 0; i < n_dpif_ports; i++) { svec_add(&cur_ifaces, dpif_ports[i].devname); @@ -457,42 +543,24 @@ bridge_reconfigure(void) bridge_get_all_ifaces(br, &want_ifaces); svec_diff(&want_ifaces, &cur_ifaces, &add_ifaces, NULL, NULL); - next_port_no = 1; for (i = 0; i < add_ifaces.n; i++) { const char *if_name = add_ifaces.names[i]; - for (;;) { - bool internal; - int error; - - /* It's an internal interface if it's marked that way, or if - * it's a bonded interface for which we're faking up a network - * device. */ - internal = cfg_get_bool(0, "iface.%s.internal", if_name); - if (cfg_get_bool(0, "bonding.%s.fake-iface", if_name)) { - struct port *port = port_lookup(br, if_name); - if (port && port->n_ifaces > 1) { - internal = true; - } - } + bool internal; + int error; - /* Add to datapath. */ - error = dpif_port_add(&br->dpif, if_name, next_port_no++, - internal ? ODP_PORT_INTERNAL : 0); - if (error != EEXIST) { - if (next_port_no >= 256) { - VLOG_ERR("ran out of valid port numbers on dp%u", - dpif_id(&br->dpif)); - goto out; - } - if (error) { - VLOG_ERR("failed to add %s interface to dp%u: %s", - if_name, dpif_id(&br->dpif), strerror(error)); - } - break; - } + /* Add to datapath. */ + internal = iface_is_internal(br, if_name); + error = dpif_port_add(br->dpif, if_name, + internal ? ODP_PORT_INTERNAL : 0, NULL); + if (error == EFBIG) { + VLOG_ERR("ran out of valid port numbers on %s", + dpif_name(br->dpif)); + break; + } else if (error) { + VLOG_ERR("failed to add %s interface to %s: %s", + if_name, dpif_name(br->dpif), strerror(error)); } } - out: svec_destroy(&cur_ifaces); svec_destroy(&want_ifaces); svec_destroy(&add_ifaces); @@ -500,44 +568,22 @@ bridge_reconfigure(void) LIST_FOR_EACH (br, struct bridge, node, &all_bridges) { uint8_t ea[8]; uint64_t dpid; - struct iface *local_iface = NULL; - const char *devname; - uint8_t engine_type = br->dpif.minor; - uint8_t engine_id = br->dpif.minor; + struct iface *local_iface; + struct iface *hw_addr_iface; + uint8_t engine_type, engine_id; bool add_id_to_iface = false; struct svec nf_hosts; bridge_fetch_dp_ifaces(br); - for (i = 0; i < br->n_ports; ) { - struct port *port = br->ports[i]; + iterate_and_prune_ifaces(br, init_iface_netdev, NULL); - for (j = 0; j < port->n_ifaces; ) { - struct iface *iface = port->ifaces[j]; - if (iface->dp_ifidx < 0) { - VLOG_ERR("%s interface not in dp%u, dropping", - iface->name, dpif_id(&br->dpif)); - iface_destroy(iface); - } else { - if (iface->dp_ifidx == ODPP_LOCAL) { - local_iface = iface; - } - VLOG_DBG("dp%u has interface %s on port %d", - dpif_id(&br->dpif), iface->name, iface->dp_ifidx); - j++; - } - } - if (!port->n_ifaces) { - VLOG_ERR("%s port has no interfaces, dropping", port->name); - port_destroy(port); - continue; - } - i++; - } + iterate_and_prune_ifaces(br, check_iface_dp_ifidx, NULL); /* Pick local port hardware address, datapath ID. */ - bridge_pick_local_hw_addr(br, ea, &devname); + bridge_pick_local_hw_addr(br, ea, &hw_addr_iface); + local_iface = bridge_get_local_iface(br); if (local_iface) { - int error = netdev_nodev_set_etheraddr(local_iface->name, ea); + int error = netdev_set_etheraddr(local_iface->netdev, ea); if (error) { static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); VLOG_ERR_RL(&rl, "bridge %s: failed to set bridge " @@ -546,10 +592,11 @@ bridge_reconfigure(void) } } - dpid = bridge_pick_datapath_id(br, ea, devname); + dpid = bridge_pick_datapath_id(br, ea, hw_addr_iface); ofproto_set_datapath_id(br->ofproto, dpid); /* Set NetFlow configuration on this bridge. */ + dpif_get_netflow_ids(br->dpif, &engine_type, &engine_id); if (cfg_has("netflow.%s.engine-type", br->name)) { engine_type = cfg_get_int(0, "netflow.%s.engine-type", br->name); @@ -594,23 +641,26 @@ bridge_reconfigure(void) LIST_FOR_EACH (br, struct bridge, node, &all_bridges) { for (i = 0; i < br->n_ports; i++) { struct port *port = br->ports[i]; + port_update_vlan_compat(port); + port_update_bonding(port); } } LIST_FOR_EACH (br, struct bridge, node, &all_bridges) { brstp_reconfigure(br); + iterate_and_prune_ifaces(br, set_iface_properties, NULL); } } static void bridge_pick_local_hw_addr(struct bridge *br, uint8_t ea[ETH_ADDR_LEN], - const char **devname) + struct iface **hw_addr_iface) { uint64_t requested_ea; size_t i, j; int error; - *devname = NULL; + *hw_addr_iface = NULL; /* Did the user request a particular MAC? */ requested_ea = cfg_get_mac(0, "bridge.%s.mac", br->name); @@ -653,7 +703,7 @@ bridge_pick_local_hw_addr(struct bridge *br, uint8_t ea[ETH_ADDR_LEN], for (j = 0; j < port->n_ifaces; j++) { struct iface *candidate = port->ifaces[j]; uint8_t candidate_ea[ETH_ADDR_LEN]; - if (!netdev_nodev_get_etheraddr(candidate->name, candidate_ea) + if (!netdev_get_etheraddr(candidate->netdev, candidate_ea) && eth_addr_equals(iface_ea, candidate_ea)) { iface = candidate; } @@ -683,7 +733,7 @@ bridge_pick_local_hw_addr(struct bridge *br, uint8_t ea[ETH_ADDR_LEN], } /* Grab MAC. */ - error = netdev_nodev_get_etheraddr(iface->name, iface_ea); + error = netdev_get_etheraddr(iface->netdev, iface_ea); if (error) { static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); VLOG_ERR_RL(&rl, "failed to obtain Ethernet address of %s: %s", @@ -699,12 +749,12 @@ bridge_pick_local_hw_addr(struct bridge *br, uint8_t ea[ETH_ADDR_LEN], memcmp(iface_ea, ea, ETH_ADDR_LEN) < 0) { memcpy(ea, iface_ea, ETH_ADDR_LEN); - *devname = iface ? iface->name : NULL; + *hw_addr_iface = iface; } } if (eth_addr_is_multicast(ea) || eth_addr_is_vif(ea)) { memcpy(ea, br->default_ea, ETH_ADDR_LEN); - *devname = NULL; + *hw_addr_iface = NULL; VLOG_WARN("bridge %s: using default bridge Ethernet " "address "ETH_ADDR_FMT, br->name, ETH_ADDR_ARGS(ea)); } else { @@ -715,13 +765,13 @@ bridge_pick_local_hw_addr(struct bridge *br, uint8_t ea[ETH_ADDR_LEN], /* Choose and returns the datapath ID for bridge 'br' given that the bridge * Ethernet address is 'bridge_ea'. If 'bridge_ea' is the Ethernet address of - * a network device, then that network device's name must be passed in as - * 'devname'; if 'bridge_ea' was derived some other way, then 'devname' must be - * passed in as a null pointer. */ + * an interface on 'br', then that interface must be passed in as + * 'hw_addr_iface'; if 'bridge_ea' was derived some other way, then + * 'hw_addr_iface' must be passed in as a null pointer. */ static uint64_t bridge_pick_datapath_id(struct bridge *br, const uint8_t bridge_ea[ETH_ADDR_LEN], - const char *devname) + struct iface *hw_addr_iface) { /* * The procedure for choosing a bridge MAC address will, in the most @@ -742,9 +792,9 @@ bridge_pick_datapath_id(struct bridge *br, return dpid; } - if (devname) { + if (hw_addr_iface) { int vlan; - if (!netdev_get_vlan_vid(devname, &vlan)) { + if (!netdev_get_vlan_vid(hw_addr_iface->netdev, &vlan)) { /* * A bridge whose MAC address is taken from a VLAN network device * (that is, a network device created with vconfig(8) or similar @@ -854,10 +904,31 @@ bridge_flush(struct bridge *br) mac_learning_flush(br->ml); } } + +/* Returns the 'br' interface for the ODPP_LOCAL port, or null if 'br' has no + * such interface. */ +static struct iface * +bridge_get_local_iface(struct bridge *br) +{ + size_t i, j; + + for (i = 0; i < br->n_ports; i++) { + struct port *port = br->ports[i]; + for (j = 0; j < port->n_ifaces; j++) { + struct iface *iface = port->ifaces[j]; + if (iface->dp_ifidx == ODPP_LOCAL) { + return iface; + } + } + } + + return NULL; +} /* Bridge unixctl user interface functions. */ static void -bridge_unixctl_fdb_show(struct unixctl_conn *conn, const char *args) +bridge_unixctl_fdb_show(struct unixctl_conn *conn, + const char *args, void *aux UNUSED) { struct ds ds = DS_EMPTY_INITIALIZER; const struct bridge *br; @@ -893,10 +964,10 @@ bridge_create(const char *name) int error; assert(!bridge_lookup(name)); - br = xcalloc(1, sizeof *br); + br = xzalloc(sizeof *br); error = dpif_create(name, &br->dpif); - if (error == EEXIST) { + if (error == EEXIST || error == EBUSY) { error = dpif_open(name, &br->dpif); if (error) { VLOG_ERR("datapath %s already exists but cannot be opened: %s", @@ -904,7 +975,7 @@ bridge_create(const char *name) free(br); return NULL; } - dpif_flow_flush(&br->dpif); + dpif_flow_flush(br->dpif); } else if (error) { VLOG_ERR("failed to create datapath %s: %s", name, strerror(error)); free(br); @@ -914,8 +985,8 @@ bridge_create(const char *name) error = ofproto_create(name, &bridge_ofhooks, br, &br->ofproto); if (error) { VLOG_ERR("failed to create switch %s: %s", name, strerror(error)); - dpif_delete(&br->dpif); - dpif_close(&br->dpif); + dpif_delete(br->dpif); + dpif_close(br->dpif); free(br); return NULL; } @@ -932,7 +1003,7 @@ bridge_create(const char *name) list_push_back(&all_bridges, &br->node); - VLOG_INFO("created bridge %s on dp%u", br->name, dpif_id(&br->dpif)); + VLOG_INFO("created bridge %s on %s", br->name, dpif_name(br->dpif)); return br; } @@ -947,12 +1018,12 @@ bridge_destroy(struct bridge *br) port_destroy(br->ports[br->n_ports - 1]); } list_remove(&br->node); - error = dpif_delete(&br->dpif); + error = dpif_delete(br->dpif); if (error && error != ENOENT) { - VLOG_ERR("failed to delete dp%u: %s", - dpif_id(&br->dpif), strerror(error)); + VLOG_ERR("failed to delete %s: %s", + dpif_name(br->dpif), strerror(error)); } - dpif_close(&br->dpif); + dpif_close(br->dpif); ofproto_destroy(br->ofproto); free(br->controller); mac_learning_destroy(br->ml); @@ -992,7 +1063,8 @@ bridge_get_datapathid(const char *name) /* Handle requests for a listing of all flows known by the OpenFlow * stack, including those normally hidden. */ static void -bridge_unixctl_dump_flows(struct unixctl_conn *conn, const char *args) +bridge_unixctl_dump_flows(struct unixctl_conn *conn, + const char *args, void *aux UNUSED) { struct bridge *br; struct ds results; @@ -1044,13 +1116,29 @@ bridge_get_controller(const struct bridge *br) return controller && controller[0] ? controller : NULL; } +static bool +check_duplicate_ifaces(struct bridge *br, struct iface *iface, void *ifaces_) +{ + struct svec *ifaces = ifaces_; + if (!svec_contains(ifaces, iface->name)) { + svec_add(ifaces, iface->name); + svec_sort(ifaces); + return true; + } else { + VLOG_ERR("bridge %s: %s interface is on multiple ports, " + "removing from %s", + br->name, iface->name, iface->port->name); + return false; + } +} + static void bridge_reconfigure_one(struct bridge *br) { struct svec old_ports, new_ports, ifaces; struct svec listeners, old_listeners; struct svec snoops, old_snoops; - size_t i, j; + size_t i; /* Collect old ports. */ svec_init(&old_ports); @@ -1064,9 +1152,16 @@ bridge_reconfigure_one(struct bridge *br) svec_init(&new_ports); cfg_get_all_keys(&new_ports, "bridge.%s.port", br->name); svec_sort(&new_ports); - if (bridge_get_controller(br) && !svec_contains(&new_ports, br->name)) { - svec_add(&new_ports, br->name); - svec_sort(&new_ports); + if (bridge_get_controller(br)) { + char local_name[IF_NAMESIZE]; + int error; + + error = dpif_port_get_name(br->dpif, ODPP_LOCAL, + local_name, sizeof local_name); + if (!error && !svec_contains(&new_ports, local_name)) { + svec_add(&new_ports, local_name); + svec_sort(&new_ports); + } } if (!svec_is_unique(&new_ports)) { VLOG_WARN("bridge %s: %s specified twice as bridge port", @@ -1101,28 +1196,7 @@ bridge_reconfigure_one(struct bridge *br) /* Check and delete duplicate interfaces. */ svec_init(&ifaces); - for (i = 0; i < br->n_ports; ) { - struct port *port = br->ports[i]; - for (j = 0; j < port->n_ifaces; ) { - struct iface *iface = port->ifaces[j]; - if (svec_contains(&ifaces, iface->name)) { - VLOG_ERR("bridge %s: %s interface is on multiple ports, " - "removing from %s", - br->name, iface->name, port->name); - iface_destroy(iface); - } else { - svec_add(&ifaces, iface->name); - svec_sort(&ifaces); - j++; - } - } - if (!port->n_ifaces) { - VLOG_ERR("%s port has no interfaces, dropping", port->name); - port_destroy(port); - } else { - i++; - } - } + iterate_and_prune_ifaces(br, check_duplicate_ifaces, &ifaces); svec_destroy(&ifaces); /* Delete all flows if we're switching from connected to standalone or vice @@ -1203,9 +1277,8 @@ bridge_reconfigure_controller(struct bridge *br) cfg_get_string(0, "%s.accept-regex", pfx), update_resolv_conf); } else { - struct netdev *netdev; + struct iface *local_iface; bool in_band; - int error; in_band = (!cfg_is_valid(CFG_BOOL | CFG_REQUIRED, "%s.in-band", pfx) @@ -1213,33 +1286,32 @@ bridge_reconfigure_controller(struct bridge *br) ofproto_set_discovery(br->ofproto, false, NULL, NULL); ofproto_set_in_band(br->ofproto, in_band); - error = netdev_open(br->name, NETDEV_ETH_TYPE_NONE, &netdev); - if (!error) { - if (cfg_is_valid(CFG_IP | CFG_REQUIRED, "%s.ip", pfx)) { - struct in_addr ip, mask, gateway; - ip.s_addr = cfg_get_ip(0, "%s.ip", pfx); - mask.s_addr = cfg_get_ip(0, "%s.netmask", pfx); - gateway.s_addr = cfg_get_ip(0, "%s.gateway", pfx); - - netdev_turn_flags_on(netdev, NETDEV_UP, true); - if (!mask.s_addr) { - mask.s_addr = guess_netmask(ip.s_addr); - } - if (!netdev_set_in4(netdev, ip, mask)) { - VLOG_INFO("bridge %s: configured IP address "IP_FMT", " - "netmask "IP_FMT, - br->name, IP_ARGS(&ip.s_addr), - IP_ARGS(&mask.s_addr)); - } + local_iface = bridge_get_local_iface(br); + if (local_iface + && cfg_is_valid(CFG_IP | CFG_REQUIRED, "%s.ip", pfx)) { + struct netdev *netdev = local_iface->netdev; + struct in_addr ip, mask, gateway; + ip.s_addr = cfg_get_ip(0, "%s.ip", pfx); + mask.s_addr = cfg_get_ip(0, "%s.netmask", pfx); + gateway.s_addr = cfg_get_ip(0, "%s.gateway", pfx); + + netdev_turn_flags_on(netdev, NETDEV_UP, true); + if (!mask.s_addr) { + mask.s_addr = guess_netmask(ip.s_addr); + } + if (!netdev_set_in4(netdev, ip, mask)) { + VLOG_INFO("bridge %s: configured IP address "IP_FMT", " + "netmask "IP_FMT, + br->name, IP_ARGS(&ip.s_addr), + IP_ARGS(&mask.s_addr)); + } - if (gateway.s_addr) { - if (!netdev_add_router(gateway)) { - VLOG_INFO("bridge %s: configured gateway "IP_FMT, - br->name, IP_ARGS(&gateway.s_addr)); - } + if (gateway.s_addr) { + if (!netdev_add_router(netdev, gateway)) { + VLOG_INFO("bridge %s: configured gateway "IP_FMT, + br->name, IP_ARGS(&gateway.s_addr)); } } - netdev_close(netdev); } } @@ -1369,17 +1441,17 @@ bridge_fetch_dp_ifaces(struct bridge *br) } port_array_clear(&br->ifaces); - dpif_port_list(&br->dpif, &dpif_ports, &n_dpif_ports); + dpif_port_list(br->dpif, &dpif_ports, &n_dpif_ports); for (i = 0; i < n_dpif_ports; i++) { struct odp_port *p = &dpif_ports[i]; struct iface *iface = iface_lookup(br, p->devname); if (iface) { if (iface->dp_ifidx >= 0) { - VLOG_WARN("dp%u reported interface %s twice", - dpif_id(&br->dpif), p->devname); + VLOG_WARN("%s reported interface %s twice", + dpif_name(br->dpif), p->devname); } else if (iface_from_dp_ifidx(br, p->port)) { - VLOG_WARN("dp%u reported interface %"PRIu16" twice", - dpif_id(&br->dpif), p->port); + VLOG_WARN("%s reported interface %"PRIu16" twice", + dpif_name(br->dpif), p->port); } else { port_array_set(&br->ifaces, p->port, iface); iface->dp_ifidx = p->port; @@ -1714,14 +1786,26 @@ compose_dsts(const struct bridge *br, const flow_t *flow, uint16_t vlan, if (port_includes_vlan(port, m->out_vlan) && set_dst(dst, flow, in_port, port, tags)) { + int flow_vlan; + if (port->vlan < 0) { dst->vlan = m->out_vlan; } if (dst_is_duplicate(dsts, dst - dsts, dst)) { continue; } - if (dst->dp_ifidx == flow->in_port - && dst->vlan == vlan) { + + /* Use the vlan tag on the original flow instead of + * the one passed in the vlan parameter. This ensures + * that we compare the vlan from before any implicit + * tagging tags place. This is necessary because + * dst->vlan is the final vlan, after removing implicit + * tags. */ + flow_vlan = ntohs(flow->dl_vlan); + if (flow_vlan == 0) { + flow_vlan = OFP_VLAN_NONE; + } + if (port == in_port && dst->vlan == flow_vlan) { /* Don't send out input port on same VLAN. */ continue; } @@ -1884,33 +1968,27 @@ process_flow(struct bridge *br, const flow_t *flow, goto done; } - /* Multicast (and broadcast) packets on bonds need special attention, to - * avoid receiving duplicates. */ - if (in_port->n_ifaces > 1 && eth_addr_is_multicast(flow->dl_dst)) { - *tags |= in_port->active_iface_tag; - if (in_port->active_iface != in_iface->port_ifidx) { - /* Drop all multicast packets on inactive slaves. */ - goto done; - } else { - /* Drop all multicast packets for which we have learned a different - * input port, because we probably sent the packet on one slave - * and got it back on the active slave. Broadcast ARP replies are - * an exception to this rule: the host has moved to another - * switch. */ - int src_idx = mac_learning_lookup(br->ml, flow->dl_src, vlan); - if (src_idx != -1 && src_idx != in_port->port_idx) { - if (packet) { - if (!is_bcast_arp_reply(flow, packet)) { - goto done; - } - } else { - /* No way to know whether it's an ARP reply, because the - * flow entry doesn't include enough information and we - * don't have a packet. Punt. */ - return false; - } + /* Packets received on bonds need special attention to avoid duplicates. */ + if (in_port->n_ifaces > 1) { + int src_idx; + + if (eth_addr_is_multicast(flow->dl_dst)) { + *tags |= in_port->active_iface_tag; + if (in_port->active_iface != in_iface->port_ifidx) { + /* Drop all multicast packets on inactive slaves. */ + goto done; } } + + /* Drop all packets for which we have learned a different input + * port, because we probably sent the packet on one slave and got + * it back on the other. Broadcast ARP replies are an exception + * to this rule: the host has moved to another switch. */ + src_idx = mac_learning_lookup(br->ml, flow->dl_src, vlan); + if (src_idx != -1 && src_idx != in_port->port_idx && + (!packet || !is_bcast_arp_reply(flow, packet))) { + goto done; + } } /* MAC learning. */ @@ -1940,6 +2018,11 @@ process_flow(struct bridge *br, const flow_t *flow, tags); if (out_port_idx >= 0 && out_port_idx < br->n_ports) { out_port = br->ports[out_port_idx]; + } else if (!packet) { + /* If we are revalidating but don't have a learning entry then + * eject the flow. Installing a flow that floods packets will + * prevent us from seeing future packets and learning properly. */ + return false; } } @@ -1992,7 +2075,6 @@ bridge_port_changed_ofhook_cb(enum ofp_port_reason reason, bridge_flush(br); } else { - memcpy(iface->mac, opp->hw_addr, ETH_ADDR_LEN); if (port->n_ifaces > 1) { bool up = !(opp->state & OFPPS_LINK_DOWN); bond_link_status_update(iface, up); @@ -2191,8 +2273,9 @@ log_bals(const struct slave_balance *bals, size_t n_bals, struct port *port) /* Shifts 'hash' from 'from' to 'to' within 'port'. */ static void bond_shift_load(struct slave_balance *from, struct slave_balance *to, - struct bond_entry *hash) + int hash_idx) { + struct bond_entry *hash = from->hashes[hash_idx]; struct port *port = from->iface->port; uint64_t delta = hash->tx_bytes; @@ -2210,12 +2293,11 @@ bond_shift_load(struct slave_balance *from, struct slave_balance *to, * it require more work, the only purpose it would be to allow that hash to * be migrated to another slave in this rebalancing run, and there is no * point in doing that. */ - if (from->hashes[0] == hash) { + if (hash_idx == 0) { from->hashes++; } else { - int i = hash - from->hashes[0]; - memmove(from->hashes + i, from->hashes + i + 1, - (from->n_hashes - (i + 1)) * sizeof *from->hashes); + memmove(from->hashes + hash_idx, from->hashes + hash_idx + 1, + (from->n_hashes - (hash_idx + 1)) * sizeof *from->hashes); } from->n_hashes--; @@ -2300,22 +2382,60 @@ bond_rebalance_port(struct port *port) /* 'from' is carrying significantly more load than 'to', and that * load is split across at least two different hashes. Pick a hash * to migrate to 'to' (the least-loaded slave), given that doing so - * must not cause 'to''s load to exceed 'from''s load. + * must decrease the ratio of the load on the two slaves by at + * least 0.1. * * The sort order we use means that we prefer to shift away the * smallest hashes instead of the biggest ones. There is little * reason behind this decision; we could use the opposite sort * order to shift away big hashes ahead of small ones. */ size_t i; + bool order_swapped; for (i = 0; i < from->n_hashes; i++) { + double old_ratio, new_ratio; uint64_t delta = from->hashes[i]->tx_bytes; - if (to->tx_bytes + delta < from->tx_bytes - delta) { + + if (delta == 0 || from->tx_bytes - delta == 0) { + /* Pointless move. */ + continue; + } + + order_swapped = from->tx_bytes - delta < to->tx_bytes + delta; + + if (to->tx_bytes == 0) { + /* Nothing on the new slave, move it. */ + break; + } + + old_ratio = (double)from->tx_bytes / to->tx_bytes; + new_ratio = (double)(from->tx_bytes - delta) / + (to->tx_bytes + delta); + + if (new_ratio == 0) { + /* Should already be covered but check to prevent division + * by zero. */ + continue; + } + + if (new_ratio < 1) { + new_ratio = 1 / new_ratio; + } + + if (old_ratio - new_ratio > 0.1) { + /* Would decrease the ratio, move it. */ break; } } if (i < from->n_hashes) { - bond_shift_load(from, to, from->hashes[i]); + bond_shift_load(from, to, i); + port->bond_compat_is_stale = true; + + /* If the result of the migration changed the relative order of + * 'from' and 'to' swap them back to maintain invariants. */ + if (order_swapped) { + swap_bals(from, to); + } /* Re-sort 'bals'. Note that this may make 'from' and 'to' * point to different slave_balance structures. It is only @@ -2326,7 +2446,6 @@ bond_rebalance_port(struct port *port) } else { from++; } - port->bond_compat_is_stale = true; } } @@ -2405,7 +2524,8 @@ bond_send_learning_packets(struct port *port) /* Bonding unixctl user interface functions. */ static void -bond_unixctl_list(struct unixctl_conn *conn, const char *args UNUSED) +bond_unixctl_list(struct unixctl_conn *conn, + const char *args UNUSED, void *aux UNUSED) { struct ds ds = DS_EMPTY_INITIALIZER; const struct bridge *br; @@ -2455,7 +2575,8 @@ bond_find(const char *name) } static void -bond_unixctl_show(struct unixctl_conn *conn, const char *args) +bond_unixctl_show(struct unixctl_conn *conn, + const char *args, void *aux UNUSED) { struct ds ds = DS_EMPTY_INITIALIZER; const struct port *port; @@ -2524,7 +2645,8 @@ bond_unixctl_show(struct unixctl_conn *conn, const char *args) } static void -bond_unixctl_migrate(struct unixctl_conn *conn, const char *args_) +bond_unixctl_migrate(struct unixctl_conn *conn, const char *args_, + void *aux UNUSED) { char *args = (char *) args_; char *save_ptr = NULL; @@ -2580,7 +2702,8 @@ bond_unixctl_migrate(struct unixctl_conn *conn, const char *args_) } static void -bond_unixctl_set_active_slave(struct unixctl_conn *conn, const char *args_) +bond_unixctl_set_active_slave(struct unixctl_conn *conn, const char *args_, + void *aux UNUSED) { char *args = (char *) args_; char *save_ptr = NULL; @@ -2660,27 +2783,52 @@ enable_slave(struct unixctl_conn *conn, const char *args_, bool enable) } static void -bond_unixctl_enable_slave(struct unixctl_conn *conn, const char *args) +bond_unixctl_enable_slave(struct unixctl_conn *conn, const char *args, + void *aux UNUSED) { enable_slave(conn, args, true); } static void -bond_unixctl_disable_slave(struct unixctl_conn *conn, const char *args) +bond_unixctl_disable_slave(struct unixctl_conn *conn, const char *args, + void *aux UNUSED) { enable_slave(conn, args, false); } +static void +bond_unixctl_hash(struct unixctl_conn *conn, const char *args, + void *aux UNUSED) +{ + uint8_t mac[ETH_ADDR_LEN]; + uint8_t hash; + char *hash_cstr; + + if (sscanf(args, ETH_ADDR_SCAN_FMT, ETH_ADDR_SCAN_ARGS(mac)) + == ETH_ADDR_SCAN_COUNT) { + hash = bond_hash(mac); + + hash_cstr = xasprintf("%u", hash); + unixctl_command_reply(conn, 200, hash_cstr); + free(hash_cstr); + } else { + unixctl_command_reply(conn, 501, "invalid mac"); + } +} + static void bond_init(void) { - unixctl_command_register("bond/list", bond_unixctl_list); - unixctl_command_register("bond/show", bond_unixctl_show); - unixctl_command_register("bond/migrate", bond_unixctl_migrate); + unixctl_command_register("bond/list", bond_unixctl_list, NULL); + unixctl_command_register("bond/show", bond_unixctl_show, NULL); + unixctl_command_register("bond/migrate", bond_unixctl_migrate, NULL); unixctl_command_register("bond/set-active-slave", - bond_unixctl_set_active_slave); - unixctl_command_register("bond/enable-slave", bond_unixctl_enable_slave); - unixctl_command_register("bond/disable-slave", bond_unixctl_disable_slave); + bond_unixctl_set_active_slave, NULL); + unixctl_command_register("bond/enable-slave", bond_unixctl_enable_slave, + NULL); + unixctl_command_register("bond/disable-slave", bond_unixctl_disable_slave, + NULL); + unixctl_command_register("bond/hash", bond_unixctl_hash, NULL); } /* Port functions. */ @@ -2690,7 +2838,7 @@ port_create(struct bridge *br, const char *name) { struct port *port; - port = xcalloc(1, sizeof *port); + port = xzalloc(sizeof *port); port->bridge = br; port->port_idx = br->n_ports; port->vlan = -1; @@ -2979,7 +3127,20 @@ port_update_bond_compat(struct port *port) if (slave->up) { bond.up = true; } - memcpy(slave->mac, iface->mac, ETH_ADDR_LEN); + netdev_get_etheraddr(iface->netdev, slave->mac); + } + + if (cfg_get_bool(0, "bonding.%s.fake-iface", port->name)) { + struct netdev *bond_netdev; + + if (!netdev_open(port->name, NETDEV_ETH_TYPE_NONE, &bond_netdev)) { + if (bond.up) { + netdev_turn_flags_on(bond_netdev, NETDEV_UP, true); + } else { + netdev_turn_flags_off(bond_netdev, NETDEV_UP, true); + } + netdev_close(bond_netdev); + } } proc_net_compat_update_bond(port->name, &bond); @@ -3010,7 +3171,8 @@ port_update_vlan_compat(struct port *port) && p->n_ifaces && (!vlandev_name || strcmp(p->name, vlandev_name) <= 0)) { - const uint8_t *ea = p->ifaces[0]->mac; + uint8_t ea[ETH_ADDR_LEN]; + netdev_get_etheraddr(p->ifaces[0]->netdev, ea); if (!eth_addr_is_multicast(ea) && !eth_addr_is_reserved(ea) && !eth_addr_is_zero(ea)) { @@ -3029,25 +3191,14 @@ iface_create(struct port *port, const char *name) { struct iface *iface; - iface = xcalloc(1, sizeof *iface); + iface = xzalloc(sizeof *iface); iface->port = port; iface->port_ifidx = port->n_ifaces; iface->name = xstrdup(name); iface->dp_ifidx = -1; iface->tag = tag_create_random(); iface->delay_expires = LLONG_MAX; - - if (!cfg_get_bool(0, "iface.%s.internal", iface->name)) { - netdev_nodev_get_etheraddr(name, iface->mac); - netdev_nodev_get_carrier(name, &iface->enabled); - } else { - /* Internal interfaces are created later by the call to dpif_port_add() - * in bridge_reconfigure(). Until then, we can't obtain any - * information about them. (There's no real value in doing so, anyway, - * because the 'mac' and 'enabled' values are only used for interfaces - * that are bond slaves, and it doesn't normally make sense to bond an - * internal interface.) */ - } + iface->netdev = NULL; if (port->n_ifaces >= port->allocated_ifaces) { port->ifaces = x2nrealloc(port->ifaces, &port->allocated_ifaces, @@ -3060,7 +3211,6 @@ iface_create(struct port *port, const char *name) VLOG_DBG("attached network device %s to port %s", iface->name, port->name); - port_update_bonding(port); bridge_flush(port->bridge); } @@ -3080,6 +3230,7 @@ iface_destroy(struct iface *iface) del = port->ifaces[iface->port_ifidx] = port->ifaces[--port->n_ifaces]; del->port_ifidx = iface->port_ifidx; + netdev_close(iface->netdev); free(iface->name); free(iface); @@ -3089,7 +3240,6 @@ iface_destroy(struct iface *iface) bond_send_learning_packets(port); } - port_update_bonding(port); bridge_flush(port->bridge); } } @@ -3116,6 +3266,60 @@ iface_from_dp_ifidx(const struct bridge *br, uint16_t dp_ifidx) { return port_array_get(&br->ifaces, dp_ifidx); } + +/* Returns true if 'iface' is the name of an "internal" interface on bridge + * 'br', that is, an interface that is entirely simulated within the datapath. + * The local port (ODPP_LOCAL) is always an internal interface. Other local + * interfaces are created by setting "iface..internal = true". + * + * In addition, we have a kluge-y feature that creates an internal port with + * the name of a bonded port if "bonding..fake-iface = true" is set. + * This feature needs to go away in the long term. Until then, this is one + * reason why this function takes a name instead of a struct iface: the fake + * interfaces created this way do not have a struct iface. */ +static bool +iface_is_internal(const struct bridge *br, const char *iface) +{ + if (!strcmp(iface, br->name) + || cfg_get_bool(0, "iface.%s.internal", iface)) { + return true; + } + + if (cfg_get_bool(0, "bonding.%s.fake-iface", iface)) { + struct port *port = port_lookup(br, iface); + if (port && port->n_ifaces > 1) { + return true; + } + } + + return false; +} + +/* Set Ethernet address of 'iface', if one is specified in the configuration + * file. */ +static void +iface_set_mac(struct iface *iface) +{ + uint64_t mac = cfg_get_mac(0, "iface.%s.mac", iface->name); + if (mac) { + static uint8_t ea[ETH_ADDR_LEN]; + + eth_addr_from_uint64(mac, ea); + if (eth_addr_is_multicast(ea)) { + VLOG_ERR("interface %s: cannot set MAC to multicast address", + iface->name); + } else if (iface->dp_ifidx == ODPP_LOCAL) { + VLOG_ERR("ignoring iface.%s.mac; use bridge.%s.mac instead", + iface->name, iface->name); + } else { + int error = netdev_set_etheraddr(iface->netdev, ea); + if (error) { + VLOG_ERR("interface %s: setting MAC failed (%s)", + iface->name, strerror(error)); + } + } + } +} /* Port mirroring. */ @@ -3194,7 +3398,7 @@ mirror_create(struct bridge *br, const char *name) VLOG_INFO("created port mirror %s on bridge %s", name, br->name); bridge_flush(br); - br->mirrors[i] = m = xcalloc(1, sizeof *m); + br->mirrors[i] = m = xzalloc(sizeof *m); m->bridge = br; m->idx = i; m->name = xstrdup(name); @@ -3437,23 +3641,25 @@ brstp_send_bpdu(struct ofpbuf *pkt, int port_no, void *br_) if (!iface) { VLOG_WARN_RL(&rl, "%s: cannot send BPDU on unknown port %d", br->name, port_no); - } else if (eth_addr_is_zero(iface->mac)) { - VLOG_WARN_RL(&rl, "%s: cannot send BPDU on port %d with unknown MAC", - br->name, port_no); } else { - union ofp_action action; struct eth_header *eth = pkt->l2; - flow_t flow; - memcpy(eth->eth_src, iface->mac, ETH_ADDR_LEN); + netdev_get_etheraddr(iface->netdev, eth->eth_src); + if (eth_addr_is_zero(eth->eth_src)) { + VLOG_WARN_RL(&rl, "%s: cannot send BPDU on port %d " + "with unknown MAC", br->name, port_no); + } else { + union ofp_action action; + flow_t flow; - memset(&action, 0, sizeof action); - action.type = htons(OFPAT_OUTPUT); - action.output.len = htons(sizeof action); - action.output.port = htons(port_no); + memset(&action, 0, sizeof action); + action.type = htons(OFPAT_OUTPUT); + action.output.len = htons(sizeof action); + action.output.port = htons(port_no); - flow_extract(pkt, ODPP_NONE, &flow); - ofproto_send_packet(br->ofproto, &flow, &action, 1, pkt); + flow_extract(pkt, ODPP_NONE, &flow); + ofproto_send_packet(br->ofproto, &flow, &action, 1, pkt); + } } ofpbuf_delete(pkt); }