Found a bug that OVS allows goto_table_id to be smaller than (or equal to)
the current table id where the flow resides. It potentially creates an
infinite loop when composing actions for a packet. To fix it, we just let
OVS returns an error message to prevent such flow to be programmed.
Signed-off-by: Jing Ai <jinga@google.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Always update the ids pointer after calling ofpbuf_put()
to ensure that it is valid when accessed.
During testing a case came up where the call to ofpbuf_put() in the
for (i = 0; i < ids->n_controllers; i++) loop would cause the underlying
buffer to be reallocated. This resulted in ids->n_controllers being an
incorrect value, the loop continuing on longer than desired and finally a
segmentation fault.
Reported-by: Joe Stringer <joe@wand.net.nz>
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Update handling of the following actions to use the dl_type set by MPLS
push and pop actions if it differs from the original dl_type. This is
consistent with the existing checking of load actions and allows
their existing checks to enforce dl_type pre-requisites correctly.
output_reg
bundle
reg_move
stack_push
stack_pop
learn
multipath
In order to avoid the verbosity of updating the flow for each applicable
action the update is treated as a common case and performed in
ofpact_check(). This was suggested by Jesse Gross.
Cc: Jesse Gross <jesse@nicira.com>
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Define a new NXAST_SAMPLE OpenFlow vendor action and the corresponding
OFPACT_SAMPLE OVS action, to do per-flow packet sampling, translated
into a new SAMPLE "flow_sample" dp action.
Make the userspace action's userdata size vary depending on the union
member used. Add a new "flow_sample" upcall to do per-flow packet
sampling. Add a new "ipfix" upcall to do per-bridge packet sampling
to IPFIX collectors.
Extend the OVSDB schema to support configuring IPFIX collector sets.
Add support for configuring multiple IPFIX collectors for per-flow
packet sampling. Add support for configuring per-bridge IPFIX
sampling.
Automatically generate standard IPFIX entity definitions from the IANA
specs. Send one IPFIX data record message for every packet sampled by
an OpenFlow sample action or received by a bridge configured with
IPFIX sampling, and periodically send IPFIX template set messages.
Signed-off-by: Romain Lenglet <rlenglet@vmware.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
The Push action takes a single parameter. Any source allowed by NXAST_REG_MOVE
is allowed to be pushed onto the stack. When the source is a bit field,
its value will be right shifted to bit zero before being pushed onto the
stack. The remaining bits will be set to zero.
The Pop action also takes a single parameter. Any destination allowed by
NXAST_REG_MOVE can be used as the destination of the action. The value, in
case of a bit field, will be taken from top of the stack, starting from
bit zero.
The stack size is not limited. The initial 8KB is statically allocated to
efficiently handle most common use cases. When more stack space is
required, the stack can grow using malloc().
Signed-off-by: Andy Zhou <azhou@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
This adds support for the OpenFlow 1.1+ set_mpls_ttl action.
And also adds an NX set_mpls_ttl action.
The handling of the TTL modification is entirely handled in userspace.
Reviewed-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
This adds support for the OpenFlow 1.1+ dec_mpls_ttl action.
And also adds an NX dec_mpls_ttl action.
The handling of the TTL modification is entirely handled in userspace.
Reviewed-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
The autopath action was attempting to achieve functionality similar
to the bundle action, but was significantly clunkier, more
difficult to understand, more difficult to use, and less reliable.
This patch removes it.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
This patch implements use-space datapath and non-datapath code
to match and use the datapath API set out in Leo Alterman's patch
"user-space datapath: Add basic MPLS support to kernel".
The resulting MPLS implementation supports:
* Pushing a single MPLS label
* Poping a single MPLS label
* Modifying an MPLS lable using set-field or load actions
that act on the label value, tc and bos bit.
* There is no support for manipulating the TTL
this is considered future work.
The single-level push pop limitation is implemented by processing
push, pop and set-field/load actions in order and discarding information
that would require multiple levels of push/pop to be supported.
e.g.
push,push -> the first push is discarded
pop,pop -> the first pop is discarded
This patch is based heavily on work by Ravi K.
Cc: Ravi K <rkerur@gmail.com>
Reviewed-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
This is a straight search-and-replace, except that I also removed #include
<assert.h> from each file where there were no assert calls left.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>
Open vSwitch enforces that, when instructions appear as Nicira extensions
in OpenFlow 1.0 action lists, the instructions appear in the order that
an OpenFlow 1.1+ switch would execute them and that no duplicates appear.
But the check wasn't general enough, because it had been implemented when
only one instruction was implemented and never later generalized. This
commit fixes the problem.
One of the tests was actually testing for the wrong behavior that the
check implemented, so this commit corrects that test. It also updates
another test with updated log messages.
Reported-by: Jing Ai <ai_jing2000@hotmail.com>
Tested-by: Jing Ai <ai_jing2000@hotmail.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
An ovs_be32 is a more obvious way to represent an IP address than a
pointer to one. It is also more type-safe, especially since "sparse" is
able to check that the argument is in network byte order.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>
The OFPERR_* naming scheme is confusing, because it mixes categories with
specific errors. Categories can't be encoded for sending to controllers,
so this is a problem. This commit fixes up the cases where categories
were used as errors, replacing them by real errors types.
Signed-off-by: Jarno Rajahalme <jarno.rajahalme@nsn.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Moved remaining common definitions from openflow-1.0.h to
openflow-common.h and renamed 1.0 specific definitions with
the "10" infix. Added hstamp rules for new headers, fixed
non-ASCII characters in openflow-1.3.h, Commented out
trailing zero-length data members.
Signed-off-by: Jarno Rajahalme <jarno.rajahalme@nsn.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
This implementes push_vlan with 802.1Q.
NOTE: 802.1AD (QinQ) is not supported. It requires another effort.
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Ben Pfaff <blp@nicira.com>
In OpenFlow 1.1, we add support for OFPIT_WRITE_METADATA. This allows us to
write to the metadata field. Internally it is represented using ofpact_metadata.
We introduce NXAST_WRITE_METADATA to handle writing to the metadata field in
OpenFlow 1.0+. This structure reflects OFPIT_WRITE_METADATA.
When writing out the structure to OpenFlow 1.1, it uses the OFPIT_WRITE_METADATA
instruction only, and not the new NXAST action (which would be redundant).
Signed-off-by: Joe Stringer <joe@wand.net.nz>
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Ben Pfaff <blp@nicira.com>
When "dec_ttl" is specified as the name of an action, in OpenFlow 1.1 and
later we should prefer to use the standardized action, rather than the
Nicira extension.
Reported-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Reviewed-by: Isaku Yamahata <yamahata@valinux.co.jp>
Previously there was no need for this, because all implemented standard
OpenFlow actions had a fixed length, but the OF1.2 "set-field" action (soon
to be implemented) is variable length.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Reviewed-by: Simon Horman <horms@verge.net.au>
The numbering of OpenFlow 1.0 actions overlaps with the numbering
of OpenFlow 1.1+ actions, so the two sets of actions have to be
distinguished for input and output. But OpenFlow 1.1 and 1.2
actions are numbered to avoid this problem, so there is no need
to distinguish them in the same way. Therefore, this commit
prepares to treat them together.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Reviewed-by: Simon Horman <horms@verge.net.au>
OpenFlow 1.0 has special reserved ports in the range 0xfff8 to 0xffff.
OpenFlow 1.1 and later has the same ports in the range 0xfffffff8 to
0xffffffff and allows the OF1.0 range to be used for ordinary ("physical")
switch ports. This means that, naively, the meaning of a port number in
the range 0xfff8 to 0xffff given on the ovs-ofctl command line depends on
the protocol in use. This commit implements something a little smarter:
- Accept keyword names (e.g. LOCAL) for special reserved ports
everywhere that such a port can plausibly be used (previously they
were only accepted in some places).
- Translate 0xfff8...0xffff to 0xfffffff8...0xffffffff for now, since
OF1.1+ isn't in widespread use and those particular ports aren't
likely to be in use in OF1.1+ anyway.
- Log warnings about those ports when they are specified by number, to
allow users to fix their invocations.
Also:
- Accept the OF1.1+ port numbers for these ports, without warning, for
compatibility with the upcoming OF1.1+ support.
- Stop accepting port number 0, which has never been a valid port
number in OpenFlow 1.0 and later. (This required fixing some tests
that inadvertently used this port number).
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Simon Horman <horms@verge.net.au>
Add necessary macros to ofp-util for OF12 support.
This is just a placeholder.
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
OFPERR_NXBIC_DUP_TYPE is currently only used in
decode_openflow11_instructions() which is part of a non-NX extension
portion of the Open Flow 1.1+ implementation.
After recent discussion it has been decided to attempt to only use
standardised, albeit less-specific, errors unless errors arise from use of
an NX extension.
With the above in mind it seems appropriate to:
* Use OFPERR_OFPIT_BAD_INSTRUCTION in place of OFPERR_NXBIC_DUP_TYPE.
* Remove OFPERR_NXBIC_DUP_TYPE as it is no longer used.
An unfortunate side-effect of this change is that the error for
the case in question is now less-specific.
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
The autopath action is an obsolete attempt to replicate
functionality contained in the bundle action. It is ugly and of
questionable usefulness. This patch deprecates it and schedules
its removal for February 2013. If there are concerns, please email
dev@openvswitch.org.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
This patch changes the name of Nicira from "Nicira Networks" which
is incorrect, to "Nicira, Inc." which is correct.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Currently, if a controller having a nonzero id registers to get a
OFPR_INVALID_TTL async message, it will not receive it. This is because
compose_dec_ttl() only sent the invalid ttl packets to the default controller
id. NXAST_DEC_TTL_CNT_IDS is a new action that accepts a list of controller
ids, each separated by `,', to which the OFPR_INVALID_TTL packets must be sent.
The earlier requirement of the controller having to explicitly register to
receive these asynchronous messages is retained.
The syntax of this action is:
dec_ttl(id1,id2)
where id1, id2 are valid controller ids.
Signed-off-by: Mehak Mahajan <mmahajan@nicira.com>
This patch introduces helper functions
- to cast
- to convert from/to text
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Modify ofpacts_put_openflow11_actions() to return the length of actions
appended. This will be used when encoding Packet Out messages for
Open Flow 1.1 and 1.2. The motivation for this is to avoid open coding
the size calculation which may end up being needed elsewhere too.
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Those logic is same, so simplify it. This will be also use for OF12.
Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Commit 0c449c5683 improved action error logging for one case, but we might
as well do it for the other case too.
Signed-off-by: Ben Pfaff <blp@nicira.com>
This patch fixes the following warnings on my system:
lib/ofp-actions.c:458:13: error: format '%x' expects argument of
type 'unsigned int', but argument 4 has type 'long unsigned int'
[-Werror=format]
ofproto/ofproto.c:3940:13: error: comparison between 'enum
ofoperation_type' and 'enum nx_flow_update_event'
[-Werror=enum-compare]
ofproto/ofproto.c:3941:13: error: comparison between 'enum
ofoperation_type' and 'enum nx_flow_update_event'
[-Werror=enum-compare]
ofproto/ofproto.c:3942:13: error: comparison between 'enum
ofoperation_type' and 'enum nx_flow_update_event'
[-Werror=enum-compare]
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
So far, only the Apply-Actions instruction is supported, and only
actions that have identical semantics to OpenFlow 1.0 actions.
Co-authored-by: Simon Horman <horms@verge.net.au>
Co-authored-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Ben Pfaff <blp@nicira.com>
OpenFlow actions have always been somewhat awkward to handle.
Moreover, over time we've started creating actions that require more
complicated parsing. When we maintain those actions internally in
their wire format, we end up parsing them multiple times, whenever
we have to look at the set of actions.
When we add support for OpenFlow 1.1 or later protocols, the situation
will get worse, because these newer protocols support many of the same
actions but with different representations. It becomes unrealistic to
handle each protocol in its wire format.
This commit adopts a new strategy, by converting OpenFlow actions into
an internal form from the wire format when they are read, and converting
them back to the wire format when flows are dumped. I believe that this
will be more maintainable over time.
Thanks to Simon Horman and Pravin Shelar for reviews.
Signed-off-by: Ben Pfaff <blp@nicira.com>