2011-09-12 12:11:50 -07:00
|
|
|
/*
|
ofp-actions: Fix variable length meta-flow OXMs.
Previously, if a flow action that involves a tunnel metadata meta-flow
field is dumped from vswitchd, the replied field length in the OXM header
is filled with the maximum possible field length, instead of the length
configured in the tunnel TLV mapping table. To solve this issue, this patch
introduces the following changes.
In order to maintain the correct length of variable length mf_fields (i.e.
tun_metadata), this patch creates a per-switch based map (struct vl_mff_map)
that hosts the variable length mf_fields. This map is updated when a
controller adds/deletes tlv-mapping entries to/from a switch. Although the
per-swtch based vl_mff_map only hosts tun_metadata for now, it is able to
support new variable length mf_fields in the future.
With this commit, when a switch decodes a flow action with mf_field, the switch
firstly looks up the global mf_fields map to identify the mf_field type. For
the variable length mf_fields, the switch uses the vl_mff_map to get the
configured mf_field entries. By lookig up vl_mff_map, the switch can check
if the added flow action access beyond the configured size of a variable
length mf_field, and the switch reports an ofperr if the controller adds a flow
with unmapped variable length mf_field. Later on, when a controller request
flows from the switch, with the per-switch based mf_fields, the switch will
encode the OXM header with correct length for variable length mf_fields.
To use the vl_mff_map for decoding flow actions, extract-ofp-actions is
updated to pass the vl_mff_map to the required action decoding functions.
Also, a new error code is introduced to identify a flow with an invalid
variable length mf_field. Moreover, a testcase is added to prevent future
regressions.
Committer notes:
- Factor out common code
- Style fixups
- Rename OFPERR_NXFMFC_INVALID_VL_MFF -> OFPERR_NXFMFC_INVALID_TLV_FIELD
VMWare-BZ: #1768370
Reported-by: Harold Lim <haroldl@vmware.com>
Suggested-by: Joe Stringer <joe@ovn.org>
Suggested-by: Jarno Rajahalme <jarno@ovn.org>
Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com>
Signed-off-by: Joe Stringer <joe@ovn.org>
2017-01-20 15:12:21 -08:00
|
|
|
* Copyright (c) 2011-2017 Nicira, Inc.
|
2011-09-12 12:11:50 -07:00
|
|
|
*
|
|
|
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
|
* you may not use this file except in compliance with the License.
|
|
|
|
|
* You may obtain a copy of the License at:
|
|
|
|
|
*
|
|
|
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
|
*
|
|
|
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
|
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
|
* See the License for the specific language governing permissions and
|
|
|
|
|
* limitations under the License.
|
|
|
|
|
*/
|
|
|
|
|
|
2016-04-04 21:32:07 -04:00
|
|
|
#ifndef OPENVSWITCH_META_FLOW_H
|
|
|
|
|
#define OPENVSWITCH_META_FLOW_H 1
|
2011-09-12 12:11:50 -07:00
|
|
|
|
2016-04-04 21:32:07 -04:00
|
|
|
#include <limits.h>
|
|
|
|
|
#include <stdarg.h>
|
2016-08-31 08:43:48 -07:00
|
|
|
#include <string.h>
|
2011-11-01 13:25:49 +01:00
|
|
|
#include <sys/types.h>
|
|
|
|
|
#include <netinet/in.h>
|
2011-09-12 12:11:50 -07:00
|
|
|
#include <netinet/ip6.h>
|
2016-04-04 21:32:07 -04:00
|
|
|
#include "openvswitch/flow.h"
|
2016-03-03 10:20:43 -08:00
|
|
|
#include "openvswitch/ofp-errors.h"
|
2018-02-09 10:04:26 -08:00
|
|
|
#include "openvswitch/ofp-protocol.h"
|
2016-04-04 21:32:07 -04:00
|
|
|
#include "openvswitch/packets.h"
|
|
|
|
|
#include "openvswitch/util.h"
|
2011-09-12 12:11:50 -07:00
|
|
|
|
2017-07-30 18:03:24 -07:00
|
|
|
#ifdef __cplusplus
|
|
|
|
|
extern "C" {
|
|
|
|
|
#endif
|
|
|
|
|
|
2011-09-12 12:11:50 -07:00
|
|
|
struct ds;
|
2012-08-07 15:28:18 -07:00
|
|
|
struct match;
|
2017-05-31 16:06:12 -07:00
|
|
|
struct ofputil_port_map;
|
ofp-actions: Fix variable length meta-flow OXMs.
Previously, if a flow action that involves a tunnel metadata meta-flow
field is dumped from vswitchd, the replied field length in the OXM header
is filled with the maximum possible field length, instead of the length
configured in the tunnel TLV mapping table. To solve this issue, this patch
introduces the following changes.
In order to maintain the correct length of variable length mf_fields (i.e.
tun_metadata), this patch creates a per-switch based map (struct vl_mff_map)
that hosts the variable length mf_fields. This map is updated when a
controller adds/deletes tlv-mapping entries to/from a switch. Although the
per-swtch based vl_mff_map only hosts tun_metadata for now, it is able to
support new variable length mf_fields in the future.
With this commit, when a switch decodes a flow action with mf_field, the switch
firstly looks up the global mf_fields map to identify the mf_field type. For
the variable length mf_fields, the switch uses the vl_mff_map to get the
configured mf_field entries. By lookig up vl_mff_map, the switch can check
if the added flow action access beyond the configured size of a variable
length mf_field, and the switch reports an ofperr if the controller adds a flow
with unmapped variable length mf_field. Later on, when a controller request
flows from the switch, with the per-switch based mf_fields, the switch will
encode the OXM header with correct length for variable length mf_fields.
To use the vl_mff_map for decoding flow actions, extract-ofp-actions is
updated to pass the vl_mff_map to the required action decoding functions.
Also, a new error code is introduced to identify a flow with an invalid
variable length mf_field. Moreover, a testcase is added to prevent future
regressions.
Committer notes:
- Factor out common code
- Style fixups
- Rename OFPERR_NXFMFC_INVALID_VL_MFF -> OFPERR_NXFMFC_INVALID_TLV_FIELD
VMWare-BZ: #1768370
Reported-by: Harold Lim <haroldl@vmware.com>
Suggested-by: Joe Stringer <joe@ovn.org>
Suggested-by: Jarno Rajahalme <jarno@ovn.org>
Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com>
Signed-off-by: Joe Stringer <joe@ovn.org>
2017-01-20 15:12:21 -08:00
|
|
|
struct ofputil_tlv_table_mod;
|
2011-09-12 12:11:50 -07:00
|
|
|
|
2014-10-07 15:24:11 -07:00
|
|
|
/* Open vSwitch fields
|
|
|
|
|
* ===================
|
|
|
|
|
*
|
2017-01-25 13:58:03 -08:00
|
|
|
* Refer to ovs-fields(7) for a detailed introduction to Open vSwitch fields.
|
2014-10-07 15:24:11 -07:00
|
|
|
*
|
|
|
|
|
*
|
|
|
|
|
* Field specifications
|
|
|
|
|
* ====================
|
|
|
|
|
*
|
|
|
|
|
* Each of the enumeration values below represents a field. The comments
|
|
|
|
|
* preceding each enum must be in a stylized form that is parsed at compile
|
|
|
|
|
* time by the extract-ofp-fields program. The comment itself consists of a
|
|
|
|
|
* series of paragraphs separate by blank lines. The paragraphs consist of:
|
|
|
|
|
*
|
|
|
|
|
* - The first paragraph gives the user-visible name of the field as a
|
|
|
|
|
* quoted string. This is the name used for parsing and formatting the
|
|
|
|
|
* field.
|
|
|
|
|
*
|
|
|
|
|
* For historical reasons, some fields have an additional name that is
|
|
|
|
|
* accepted as an alternative in parsing. This name, when there is one,
|
|
|
|
|
* is given as a quoted string in parentheses along with "aka". For
|
|
|
|
|
* example:
|
|
|
|
|
*
|
|
|
|
|
* "tun_id" (aka "tunnel_id").
|
|
|
|
|
*
|
|
|
|
|
* New fields should have only one name.
|
|
|
|
|
*
|
2017-01-25 13:58:03 -08:00
|
|
|
* - Any number of paragraphs of free text that describe the field. These
|
|
|
|
|
* are kept brief because the main description is in meta-flow.xml.
|
2014-10-07 15:24:11 -07:00
|
|
|
*
|
|
|
|
|
* - A final paragraph that consists of a series of key-value pairs, one
|
|
|
|
|
* per line, in the form "key: value." where the period at the end of the
|
|
|
|
|
* line is a mandatory part of the syntax.
|
|
|
|
|
*
|
|
|
|
|
* Every field must specify the following key-value pairs:
|
|
|
|
|
*
|
|
|
|
|
* Type:
|
|
|
|
|
*
|
|
|
|
|
* The format and size of the field's value. Some possible values are
|
|
|
|
|
* generic:
|
|
|
|
|
*
|
|
|
|
|
* u8: A one-byte field.
|
|
|
|
|
* be16: A two-byte field.
|
|
|
|
|
* be32: A four-byte field.
|
|
|
|
|
* be64: An eight-byte field.
|
|
|
|
|
*
|
|
|
|
|
* The remaining values imply more about the value's semantics, though OVS
|
|
|
|
|
* does not currently take advantage of this additional information:
|
|
|
|
|
*
|
|
|
|
|
* MAC: A six-byte field whose value is an Ethernet address.
|
|
|
|
|
* IPv6: A 16-byte field whose value is an IPv6 address.
|
tunnel: Geneve TLV handling support for OpenFlow.
The current support for Geneve in OVS is exactly equivalent to VXLAN:
it is possible to set and match on the VNI but not on any options
contained in the header. This patch enables the use of options.
The goal for Geneve support is not to add support for any particular option
but to allow end users or controllers to specify what they would like to
match. That is, the full range of Geneve's capabilities should be exposed
without modifying the code (the one exception being options that require
per-packet computation in the fast path).
The main issue with supporting Geneve options is how to integrate the
fields into the existing OpenFlow pipeline. All existing operations
are referred to by their NXM/OXM field name - matches, action generation,
arithmetic operations (i.e. tranfer to a register). However, the Geneve
option space is exactly the same as the OXM space, so a direct mapping
is not feasible. Instead, we create a pool of 64 NXMs that are then
dynamically mapped on Geneve option TLVs using OpenFlow. Once mapped,
these fields become first-class citizens in the OpenFlow pipeline.
An example of how to use Geneve options:
ovs-ofctl add-geneve-map br0 {class=0xffff,type=0,len=4}->tun_metadata0
ovs-ofctl add-flow br0 in_port=LOCAL,actions=set_field:0xffffffff->tun_metadata0,1
This will add a 4 bytes option (filled will all 1's) to all packets
coming from the LOCAL port and then send then out to port 1.
A limitation of this patch is that although the option table is specified
for a particular switch over OpenFlow, it is currently global to all
switches. This will be addressed in a future patch.
Based on work originally done by Madhu Challa. Ben Pfaff also significantly
improved the comments.
Signed-off-by: Madhu Challa <challa@noironetworks.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
2015-04-30 18:09:57 -07:00
|
|
|
* tunnelMD: A variable length field, up to 124 bytes, that carries
|
|
|
|
|
* tunnel metadata.
|
2014-10-07 15:24:11 -07:00
|
|
|
*
|
|
|
|
|
* Maskable:
|
|
|
|
|
*
|
|
|
|
|
* Either "bitwise", if OVS supports matching any subset of bits in the
|
|
|
|
|
* field, or "no", if OVS only supports matching or wildcarding the entire
|
|
|
|
|
* field.
|
|
|
|
|
*
|
|
|
|
|
* Formatting:
|
|
|
|
|
*
|
|
|
|
|
* Explains how a field's value is formatted and parsed for human
|
|
|
|
|
* consumption. Some of the options are fairly generally useful:
|
|
|
|
|
*
|
|
|
|
|
* decimal: Formats the value as a decimal number. On parsing, accepts
|
|
|
|
|
* decimal (with no prefix), hexadecimal with 0x prefix, or octal
|
|
|
|
|
* with 0 prefix.
|
|
|
|
|
*
|
|
|
|
|
* hexadecimal: Same as decimal except nonzero values are formatted in
|
|
|
|
|
* hex with 0x prefix. The default for parsing is *not* hexadecimal:
|
|
|
|
|
* only with a 0x prefix is the input in hexadecimal.
|
|
|
|
|
*
|
|
|
|
|
* Ethernet: Formats and accepts the common format xx:xx:xx:xx:xx:xx.
|
|
|
|
|
* 6-byte fields only.
|
|
|
|
|
*
|
|
|
|
|
* IPv4: Formats and accepts the common format w.x.y.z. 4-byte fields
|
|
|
|
|
* only.
|
|
|
|
|
*
|
|
|
|
|
* IPv6: Formats and accepts the common IPv6 formats. 16-byte fields
|
|
|
|
|
* only.
|
|
|
|
|
*
|
|
|
|
|
* OpenFlow 1.0 port: Accepts an OpenFlow well-known port name
|
|
|
|
|
* (e.g. "IN_PORT") in uppercase or lowercase, or a 16-bit port
|
|
|
|
|
* number in decimal. Formats ports using their well-known names in
|
|
|
|
|
* uppercase, or in decimal otherwise. 2-byte fields only.
|
|
|
|
|
*
|
|
|
|
|
* OpenFlow 1.1+ port: Same syntax as for OpenFlow 1.0 ports but for
|
|
|
|
|
* 4-byte OpenFlow 1.1+ port number fields.
|
|
|
|
|
*
|
|
|
|
|
* Others are very specific to particular fields:
|
|
|
|
|
*
|
|
|
|
|
* frag: One of the strings "no", "first", "later", "yes", "not_later"
|
|
|
|
|
* describing which IPv4/v6 fragments are matched.
|
|
|
|
|
*
|
|
|
|
|
* tunnel flags: Any number of the strings "df", "csum", "key", or
|
|
|
|
|
* "oam" separated by "|".
|
|
|
|
|
*
|
2018-11-08 21:39:00 -08:00
|
|
|
* TCP flags: See the description of tcp_flags in ovs-fields(7).
|
2014-10-07 15:24:11 -07:00
|
|
|
*
|
2017-06-23 16:47:57 +00:00
|
|
|
* packet type: A pair of packet type namespace NS and NS_TYPE within
|
|
|
|
|
* that namespace "(NS,NS_TYPE)". NS and NS_TYPE are formatted in
|
|
|
|
|
* decimal or hexadecimal as and accept decimal and hexadecimal (with
|
|
|
|
|
* 0x prefix) at parsing.
|
|
|
|
|
*
|
2014-10-07 15:24:11 -07:00
|
|
|
* Prerequisites:
|
|
|
|
|
*
|
|
|
|
|
* The field's prerequisites. The values should be straightfoward.
|
|
|
|
|
*
|
|
|
|
|
* Access:
|
|
|
|
|
*
|
|
|
|
|
* Either "read-only", for a field that cannot be changed via OpenFlow, or
|
|
|
|
|
* "read/write" for a modifiable field.
|
|
|
|
|
*
|
|
|
|
|
* NXM:
|
|
|
|
|
*
|
|
|
|
|
* If the field has an NXM field assignment, then this specifies the NXM
|
|
|
|
|
* name of the field (e.g. "NXM_OF_ETH_SRC"), followed by its nxm_type in
|
|
|
|
|
* parentheses, followed by "since v<x>.<y>" specifying the version of Open
|
|
|
|
|
* vSwitch that first supported this field in NXM (e.g. "since v1.1" if it
|
|
|
|
|
* was introduced in Open vSwitch 1.1).
|
|
|
|
|
*
|
|
|
|
|
* The NXM name must begin with NXM_OF_ or NXM_NX_. This allows OVS to
|
|
|
|
|
* determine the correct NXM class.
|
|
|
|
|
*
|
|
|
|
|
* If the field does not have an NXM field assignment, specify "none".
|
|
|
|
|
*
|
|
|
|
|
* OXM:
|
|
|
|
|
*
|
|
|
|
|
* If the field has an OXM field assignment, then this specifies the OXM
|
|
|
|
|
* name of the field (e.g. "OXM_OF_ETH_SRC"), followed by its nxm_type in
|
|
|
|
|
* parentheses, followed by "since OF<a>.<b> v<x>.<y>" specifying the
|
|
|
|
|
* versions of OpenFlow and Open vSwitch that first supported this field in
|
|
|
|
|
* OXM (e.g. "since OF1.3 and v1.10" if it was introduced in OpenFlow 1.3
|
|
|
|
|
* and first supported by Open vSwitch in version 1.10).
|
|
|
|
|
*
|
2014-10-09 22:57:47 -07:00
|
|
|
* Some fields have more than one OXM field assignment. For example,
|
|
|
|
|
* actset_output has an experimenter OXM assignment in OpenFlow 1.3 and a
|
|
|
|
|
* standard OXM assignment in OpenFlow 1.5. In such a case, specify both,
|
|
|
|
|
* separated by commas.
|
|
|
|
|
*
|
2014-10-07 15:24:11 -07:00
|
|
|
* OVS uses the start of the OXM field name to determine the correct OXM
|
|
|
|
|
* class. To support a new OXM class, edit the mapping table in
|
|
|
|
|
* build-aux/extract-ofp-fields.
|
|
|
|
|
*
|
|
|
|
|
* If the field does not have an OXM field assignment, specify "none".
|
|
|
|
|
*
|
|
|
|
|
* The following key-value pairs are optional. Open vSwitch already supports
|
|
|
|
|
* all the fields to which they apply, so new fields should probably not
|
|
|
|
|
* include these pairs:
|
|
|
|
|
*
|
|
|
|
|
* OF1.0:
|
|
|
|
|
*
|
|
|
|
|
* Specify this as "exact match" if OpenFlow 1.0 can match or wildcard the
|
|
|
|
|
* entire field, or as "CIDR mask" if OpenFlow 1.0 can match any CIDR
|
|
|
|
|
* prefix of the field. (OpenFlow 1.0 did not support bitwise matching.)
|
|
|
|
|
* Omit, if OpenFlow 1.0 did not support this field.
|
|
|
|
|
*
|
|
|
|
|
* OF1.1:
|
|
|
|
|
*
|
|
|
|
|
* Specify this as "exact match" if OpenFlow 1.1 can match or wildcard the
|
|
|
|
|
* entire field, or as "bitwise" if OpenFlow 1.1 can match any subset of
|
|
|
|
|
* bits in the field. Omit, if OpenFlow 1.1 did not support this field.
|
|
|
|
|
*
|
|
|
|
|
* The following key-value pair is optional:
|
|
|
|
|
*
|
|
|
|
|
* Prefix lookup member:
|
|
|
|
|
*
|
|
|
|
|
* If this field makes sense for use with classifier_set_prefix_fields(),
|
|
|
|
|
* specify the name of the "struct flow" member that corresponds to the
|
|
|
|
|
* field.
|
|
|
|
|
*
|
|
|
|
|
* Finally, a few "register" fields have very similar names and purposes,
|
2016-06-23 17:54:26 -07:00
|
|
|
* e.g. MFF_REG0 through MFF_REG15. For these, the comments may be merged
|
2014-10-07 15:24:11 -07:00
|
|
|
* together using <N> as a metasyntactic variable for the numeric suffix.
|
|
|
|
|
* Lines in the comment that are specific to one of the particular fields by
|
|
|
|
|
* writing, e.g. <1>, to consider that line only for e.g. MFF_REG1.
|
|
|
|
|
*/
|
|
|
|
|
|
2013-10-24 13:19:27 -07:00
|
|
|
enum OVS_PACKED_ENUM mf_field_id {
|
2014-10-07 15:24:11 -07:00
|
|
|
/* ## -------- ## */
|
|
|
|
|
/* ## Metadata ## */
|
|
|
|
|
/* ## -------- ## */
|
|
|
|
|
|
|
|
|
|
/* "dp_hash".
|
|
|
|
|
*
|
|
|
|
|
* Flow hash computed in the datapath. Internal use only, not programmable
|
|
|
|
|
* from controller.
|
|
|
|
|
*
|
nx-match: Add support for experimenter OXM.
OpenFlow 1.2+ defines a means for vendors to define vendor-specific OXM
fields, called "experimenter OXM". These OXM fields are expressed with a
64-bit OXM header instead of the 32-bit header used for standard OXM (and
NXM). Until now, OVS has not implemented experimenter OXM, and indeed we
have had little need to do so because of a pair of special 32-bit OXM classes
grandfathered to OVS as part of the OpenFlow 1.2 standardization process.
However, I want to prototype a feature for OpenFlow 1.5 that uses an
experimenter OXM as part of the prototype, so to do this OVS needs to
support experimenter OXM. This commit adds that support.
Most of this commit is a fairly straightforward change: it extends the type
used for OXM/NXM from 32 to 64 bits and adds code to encode and decode the
longer headers when necessary. Some other changes are necessary because
experimenter OXMs have a funny idea of the division between "header" and
"body": the extra 32 bits for experimenter OXMs are counted as part of the body
rather than the header according to the OpenFlow standard (even though this
does not entirely make sense), so arithmetic in various places has to be
adjusted, which is the reason for the new functions nxm_experimenter_len(),
nxm_payload_len(), and nxm_header_len().
Another change that calls for explanation is the new function mf_nxm_header()
that has been split from mf_oxm_header(). This function is used in actions
where the space for an NXM or OXM header is fixed so that there is no room
for a 64-bit experimenter type. An upcoming commit will add new variations
of these actions that can support experimenter OXM.
Testing experimenter OXM is tricky because I do not know of any in
widespread use. Two ONF proposals use experimenter OXMs: EXT-256 and
EXT-233. EXT-256 is not suitable to implement for testing because its use
of experimenter OXM is wrong and will be changed. EXT-233 is not suitable
to implement for testing because it requires adding a new field to struct
flow and I am not yet convinced that that field and the feature that it
supports is worth having in Open vSwitch. Thus, this commit assigns an
experimenter OXM code point to an existing OVS field that is currently
restricted from use by controllers, "dp_hash", and uses that for testing.
Because controllers cannot use it, this leaves future versions of OVS free
to drop the support for the experimenter OXM for this field without causing
backward compatibility problems.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jarno Rajahalme <jrajahalme@nicira.com>
2014-10-08 15:41:00 -07:00
|
|
|
* The OXM code point for this is an attempt to test OXM experimenter
|
|
|
|
|
* support, which is otherwise difficult to test due to the dearth of use
|
|
|
|
|
* out in the wild. Because controllers can't add flows that match on
|
|
|
|
|
* dp_hash, this doesn't commit OVS to supporting this OXM experimenter
|
|
|
|
|
* code point in the future.
|
|
|
|
|
*
|
2014-10-07 15:24:11 -07:00
|
|
|
* Type: be32.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: hexadecimal.
|
|
|
|
|
* Prerequisites: none.
|
|
|
|
|
* Access: read-only.
|
|
|
|
|
* NXM: NXM_NX_DP_HASH(35) since v2.2.
|
2018-05-18 10:16:40 -07:00
|
|
|
* OXM: NXOXM_ET_DP_HASH(0) since v2.4.
|
2014-10-07 15:24:11 -07:00
|
|
|
*/
|
|
|
|
|
MFF_DP_HASH,
|
|
|
|
|
|
|
|
|
|
/* "recirc_id".
|
|
|
|
|
*
|
|
|
|
|
* ID for recirculation. The value 0 is reserved for initially received
|
|
|
|
|
* packets. Internal use only, not programmable from controller.
|
|
|
|
|
*
|
|
|
|
|
* Type: be32.
|
|
|
|
|
* Maskable: no.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: none.
|
|
|
|
|
* Access: read-only.
|
|
|
|
|
* NXM: NXM_NX_RECIRC_ID(36) since v2.2.
|
|
|
|
|
* OXM: none.
|
|
|
|
|
*/
|
|
|
|
|
MFF_RECIRC_ID,
|
|
|
|
|
|
2017-06-23 16:47:57 +00:00
|
|
|
/* "packet_type".
|
|
|
|
|
*
|
|
|
|
|
* Define the packet type in OpenFlow 1.5+.
|
|
|
|
|
*
|
|
|
|
|
* Type: be32.
|
|
|
|
|
* Maskable: no.
|
|
|
|
|
* Formatting: packet type.
|
|
|
|
|
* Prerequisites: none.
|
|
|
|
|
* Access: read-only.
|
|
|
|
|
* NXM: none.
|
|
|
|
|
* OXM: OXM_OF_PACKET_TYPE(44) since OF1.5 and v2.8.
|
|
|
|
|
*/
|
|
|
|
|
MFF_PACKET_TYPE,
|
|
|
|
|
|
2015-01-11 13:25:24 -08:00
|
|
|
/* "conj_id".
|
|
|
|
|
*
|
2018-11-08 21:39:00 -08:00
|
|
|
* ID for "conjunction" actions. Please refer to ovs-fields(7)
|
2015-01-11 13:25:24 -08:00
|
|
|
* documentation of "conjunction" for details.
|
|
|
|
|
*
|
|
|
|
|
* Type: be32.
|
|
|
|
|
* Maskable: no.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: none.
|
|
|
|
|
* Access: read-only.
|
|
|
|
|
* NXM: NXM_NX_CONJ_ID(37) since v2.4.
|
|
|
|
|
* OXM: none. */
|
|
|
|
|
MFF_CONJ_ID,
|
|
|
|
|
|
2014-10-07 15:24:11 -07:00
|
|
|
/* "tun_id" (aka "tunnel_id").
|
|
|
|
|
*
|
|
|
|
|
* The "key" or "tunnel ID" or "VNI" in a packet received via a keyed
|
|
|
|
|
* tunnel. For protocols in which the key is shorter than 64 bits, the key
|
|
|
|
|
* is stored in the low bits and the high bits are zeroed. For non-keyed
|
|
|
|
|
* tunnels and packets not received via a tunnel, the value is 0.
|
|
|
|
|
*
|
|
|
|
|
* Type: be64.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: hexadecimal.
|
|
|
|
|
* Prerequisites: none.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: NXM_NX_TUN_ID(16) since v1.1.
|
|
|
|
|
* OXM: OXM_OF_TUNNEL_ID(38) since OF1.3 and v1.10.
|
|
|
|
|
* Prefix lookup member: tunnel.tun_id.
|
|
|
|
|
*/
|
|
|
|
|
MFF_TUN_ID,
|
|
|
|
|
|
|
|
|
|
/* "tun_src".
|
|
|
|
|
*
|
|
|
|
|
* The IPv4 source address in the outer IP header of a tunneled packet.
|
|
|
|
|
*
|
|
|
|
|
* For non-tunneled packets, the value is 0.
|
|
|
|
|
*
|
|
|
|
|
* Type: be32.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: IPv4.
|
|
|
|
|
* Prerequisites: none.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: NXM_NX_TUN_IPV4_SRC(31) since v2.0.
|
|
|
|
|
* OXM: none.
|
|
|
|
|
* Prefix lookup member: tunnel.ip_src.
|
|
|
|
|
*/
|
|
|
|
|
MFF_TUN_SRC,
|
|
|
|
|
|
|
|
|
|
/* "tun_dst".
|
|
|
|
|
*
|
|
|
|
|
* The IPv4 destination address in the outer IP header of a tunneled
|
|
|
|
|
* packet.
|
|
|
|
|
*
|
|
|
|
|
* For non-tunneled packets, the value is 0.
|
|
|
|
|
*
|
|
|
|
|
* Type: be32.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: IPv4.
|
|
|
|
|
* Prerequisites: none.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: NXM_NX_TUN_IPV4_DST(32) since v2.0.
|
|
|
|
|
* OXM: none.
|
|
|
|
|
* Prefix lookup member: tunnel.ip_dst.
|
|
|
|
|
*/
|
|
|
|
|
MFF_TUN_DST,
|
|
|
|
|
|
2015-12-04 12:36:50 -02:00
|
|
|
/* "tun_ipv6_src".
|
|
|
|
|
*
|
|
|
|
|
* The IPv6 source address in the outer IP header of a tunneled packet.
|
|
|
|
|
*
|
|
|
|
|
* For non-tunneled packets, the value is 0.
|
|
|
|
|
*
|
|
|
|
|
* Type: be128.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: IPv6.
|
|
|
|
|
* Prerequisites: none.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: NXM_NX_TUN_IPV6_SRC(109) since v2.5.
|
|
|
|
|
* OXM: none.
|
|
|
|
|
* Prefix lookup member: tunnel.ipv6_src.
|
|
|
|
|
*/
|
|
|
|
|
MFF_TUN_IPV6_SRC,
|
|
|
|
|
|
|
|
|
|
/* "tun_ipv6_dst".
|
|
|
|
|
*
|
|
|
|
|
* The IPv6 destination address in the outer IP header of a tunneled
|
|
|
|
|
* packet.
|
|
|
|
|
*
|
|
|
|
|
* For non-tunneled packets, the value is 0.
|
|
|
|
|
*
|
|
|
|
|
* Type: be128.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: IPv6.
|
|
|
|
|
* Prerequisites: none.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: NXM_NX_TUN_IPV6_DST(110) since v2.5.
|
|
|
|
|
* OXM: none.
|
|
|
|
|
* Prefix lookup member: tunnel.ipv6_dst.
|
|
|
|
|
*/
|
|
|
|
|
MFF_TUN_IPV6_DST,
|
|
|
|
|
|
2014-10-07 15:24:11 -07:00
|
|
|
/* "tun_flags".
|
|
|
|
|
*
|
2015-07-08 16:02:30 -07:00
|
|
|
* Flags representing aspects of tunnel behavior.
|
|
|
|
|
*
|
2014-10-07 15:24:11 -07:00
|
|
|
* For non-tunneled packets, the value is 0.
|
|
|
|
|
*
|
2015-07-08 16:02:30 -07:00
|
|
|
* Type: be16 (low 1 bits).
|
|
|
|
|
* Maskable: bitwise.
|
2014-10-07 15:24:11 -07:00
|
|
|
* Formatting: tunnel flags.
|
|
|
|
|
* Prerequisites: none.
|
2015-07-08 16:02:30 -07:00
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: NXM_NX_TUN_FLAGS(104) since v2.5.
|
2014-10-07 15:24:11 -07:00
|
|
|
* OXM: none.
|
|
|
|
|
*/
|
|
|
|
|
MFF_TUN_FLAGS,
|
|
|
|
|
|
|
|
|
|
/* "tun_ttl".
|
|
|
|
|
*
|
|
|
|
|
* The TTL in the outer IP header of a tunneled packet. Internal use only,
|
|
|
|
|
* not programmable from controller.
|
|
|
|
|
*
|
|
|
|
|
* For non-tunneled packets, the value is 0.
|
|
|
|
|
*
|
|
|
|
|
* Type: u8.
|
|
|
|
|
* Maskable: no.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: none.
|
|
|
|
|
* Access: read-only.
|
|
|
|
|
* NXM: none.
|
|
|
|
|
* OXM: none.
|
|
|
|
|
*/
|
|
|
|
|
MFF_TUN_TTL,
|
|
|
|
|
|
|
|
|
|
/* "tun_tos".
|
|
|
|
|
*
|
|
|
|
|
* The ToS value in the outer IP header of a tunneled packet. Internal use
|
|
|
|
|
* only, not programmable from controller.
|
|
|
|
|
*
|
|
|
|
|
* Type: u8.
|
|
|
|
|
* Maskable: no.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: none.
|
|
|
|
|
* Access: read-only.
|
|
|
|
|
* NXM: none.
|
|
|
|
|
* OXM: none.
|
|
|
|
|
*/
|
|
|
|
|
MFF_TUN_TOS,
|
|
|
|
|
|
2015-02-14 15:13:17 +01:00
|
|
|
/* "tun_gbp_id".
|
|
|
|
|
*
|
|
|
|
|
* VXLAN Group Policy ID
|
|
|
|
|
*
|
|
|
|
|
* Type: be16.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: none.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: NXM_NX_TUN_GBP_ID(38) since v2.4.
|
|
|
|
|
* OXM: none.
|
|
|
|
|
*/
|
|
|
|
|
MFF_TUN_GBP_ID,
|
|
|
|
|
|
|
|
|
|
/* "tun_gbp_flags".
|
|
|
|
|
*
|
|
|
|
|
* VXLAN Group Policy flags
|
|
|
|
|
*
|
|
|
|
|
* Type: u8.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: hexadecimal.
|
|
|
|
|
* Prerequisites: none.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: NXM_NX_TUN_GBP_FLAGS(39) since v2.4.
|
|
|
|
|
* OXM: none.
|
|
|
|
|
*/
|
|
|
|
|
MFF_TUN_GBP_FLAGS,
|
|
|
|
|
|
2018-05-15 16:10:48 -04:00
|
|
|
/* "tun_erspan_idx".
|
|
|
|
|
*
|
|
|
|
|
* ERSPAN index (direction/port number)
|
|
|
|
|
*
|
|
|
|
|
* Type: be32 (low 20 bits).
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: hexadecimal.
|
|
|
|
|
* Prerequisites: none.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: none.
|
2018-05-18 10:16:40 -07:00
|
|
|
* OXM: NXOXM_ET_ERSPAN_IDX(11) since v2.10.
|
2018-05-15 16:10:48 -04:00
|
|
|
*/
|
|
|
|
|
MFF_TUN_ERSPAN_IDX,
|
|
|
|
|
|
|
|
|
|
/* "tun_erspan_ver".
|
|
|
|
|
*
|
|
|
|
|
* ERSPAN version (v1 / v2)
|
|
|
|
|
*
|
|
|
|
|
* Type: u8 (low 4 bits).
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: none.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: none.
|
2018-05-18 10:16:40 -07:00
|
|
|
* OXM: NXOXM_ET_ERSPAN_VER(12) since v2.10.
|
2018-05-15 16:10:48 -04:00
|
|
|
*/
|
|
|
|
|
MFF_TUN_ERSPAN_VER,
|
|
|
|
|
|
|
|
|
|
/* "tun_erspan_dir".
|
|
|
|
|
*
|
|
|
|
|
* ERSPAN mirrored traffic's direction
|
|
|
|
|
*
|
|
|
|
|
* Type: u8 (low 1 bits).
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: none.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: none.
|
2018-05-18 10:16:40 -07:00
|
|
|
* OXM: NXOXM_ET_ERSPAN_DIR(13) since v2.10.
|
2018-05-15 16:10:48 -04:00
|
|
|
*/
|
|
|
|
|
MFF_TUN_ERSPAN_DIR,
|
|
|
|
|
|
|
|
|
|
/* "tun_erspan_hwid".
|
|
|
|
|
*
|
|
|
|
|
* ERSPAN Hardware ID
|
|
|
|
|
*
|
|
|
|
|
* Type: u8 (low 6 bits).
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: hexadecimal.
|
|
|
|
|
* Prerequisites: none.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: none.
|
2018-05-18 10:16:40 -07:00
|
|
|
* OXM: NXOXM_ET_ERSPAN_HWID(14) since v2.10.
|
2018-05-15 16:10:48 -04:00
|
|
|
*/
|
|
|
|
|
MFF_TUN_ERSPAN_HWID,
|
|
|
|
|
|
2019-11-25 11:19:23 -08:00
|
|
|
/* "tun_gtpu_flags".
|
|
|
|
|
*
|
|
|
|
|
* GTP-U tunnel flags.
|
|
|
|
|
*
|
|
|
|
|
* Type: u8.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: hexadecimal.
|
|
|
|
|
* Prerequisites: none.
|
|
|
|
|
* Access: read-only.
|
|
|
|
|
* NXM: none.
|
|
|
|
|
* OXM: NXOXM_ET_GTPU_FLAGS(15) since v2.13.
|
|
|
|
|
*/
|
|
|
|
|
MFF_TUN_GTPU_FLAGS,
|
|
|
|
|
|
|
|
|
|
/* "tun_gtpu_msgtype".
|
|
|
|
|
*
|
|
|
|
|
* GTP-U tunnel message type.
|
|
|
|
|
*
|
|
|
|
|
* Type: u8.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: none.
|
|
|
|
|
* Access: read-only.
|
|
|
|
|
* NXM: none.
|
|
|
|
|
* OXM: NXOXM_ET_GTPU_MSGTYPE(16) since v2.13.
|
|
|
|
|
*/
|
|
|
|
|
MFF_TUN_GTPU_MSGTYPE,
|
|
|
|
|
|
tunnel: Geneve TLV handling support for OpenFlow.
The current support for Geneve in OVS is exactly equivalent to VXLAN:
it is possible to set and match on the VNI but not on any options
contained in the header. This patch enables the use of options.
The goal for Geneve support is not to add support for any particular option
but to allow end users or controllers to specify what they would like to
match. That is, the full range of Geneve's capabilities should be exposed
without modifying the code (the one exception being options that require
per-packet computation in the fast path).
The main issue with supporting Geneve options is how to integrate the
fields into the existing OpenFlow pipeline. All existing operations
are referred to by their NXM/OXM field name - matches, action generation,
arithmetic operations (i.e. tranfer to a register). However, the Geneve
option space is exactly the same as the OXM space, so a direct mapping
is not feasible. Instead, we create a pool of 64 NXMs that are then
dynamically mapped on Geneve option TLVs using OpenFlow. Once mapped,
these fields become first-class citizens in the OpenFlow pipeline.
An example of how to use Geneve options:
ovs-ofctl add-geneve-map br0 {class=0xffff,type=0,len=4}->tun_metadata0
ovs-ofctl add-flow br0 in_port=LOCAL,actions=set_field:0xffffffff->tun_metadata0,1
This will add a 4 bytes option (filled will all 1's) to all packets
coming from the LOCAL port and then send then out to port 1.
A limitation of this patch is that although the option table is specified
for a particular switch over OpenFlow, it is currently global to all
switches. This will be addressed in a future patch.
Based on work originally done by Madhu Challa. Ben Pfaff also significantly
improved the comments.
Signed-off-by: Madhu Challa <challa@noironetworks.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
2015-04-30 18:09:57 -07:00
|
|
|
#if TUN_METADATA_NUM_OPTS == 64
|
|
|
|
|
/* "tun_metadata<N>".
|
|
|
|
|
*
|
|
|
|
|
* Encapsulation metadata for tunnels.
|
|
|
|
|
*
|
|
|
|
|
* Each NXM can be dynamically mapped onto a particular tunnel field using
|
|
|
|
|
* OpenFlow commands. The individual NXMs can each carry up to 124 bytes
|
|
|
|
|
* of data and a combined total of 256 across all allocated fields.
|
|
|
|
|
*
|
|
|
|
|
* Type: tunnelMD.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: hexadecimal.
|
|
|
|
|
* Prerequisites: none.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA0(40) since v2.5. <0>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA1(41) since v2.5. <1>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA2(42) since v2.5. <2>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA3(43) since v2.5. <3>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA4(44) since v2.5. <4>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA5(45) since v2.5. <5>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA6(46) since v2.5. <6>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA7(47) since v2.5. <7>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA8(48) since v2.5. <8>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA9(49) since v2.5. <9>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA10(50) since v2.5. <10>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA11(51) since v2.5. <11>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA12(52) since v2.5. <12>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA13(53) since v2.5. <13>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA14(54) since v2.5. <14>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA15(55) since v2.5. <15>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA16(56) since v2.5. <16>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA17(57) since v2.5. <17>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA18(58) since v2.5. <18>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA19(59) since v2.5. <19>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA20(60) since v2.5. <20>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA21(61) since v2.5. <21>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA22(62) since v2.5. <22>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA23(63) since v2.5. <23>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA24(64) since v2.5. <24>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA25(65) since v2.5. <25>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA26(66) since v2.5. <26>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA27(67) since v2.5. <27>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA28(68) since v2.5. <28>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA29(69) since v2.5. <29>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA30(70) since v2.5. <30>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA31(71) since v2.5. <31>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA32(72) since v2.5. <32>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA33(73) since v2.5. <33>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA34(74) since v2.5. <34>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA35(75) since v2.5. <35>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA36(76) since v2.5. <36>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA37(77) since v2.5. <37>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA38(78) since v2.5. <38>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA39(79) since v2.5. <39>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA40(80) since v2.5. <40>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA41(81) since v2.5. <41>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA42(82) since v2.5. <42>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA43(83) since v2.5. <43>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA44(84) since v2.5. <44>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA45(85) since v2.5. <45>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA46(86) since v2.5. <46>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA47(87) since v2.5. <47>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA48(88) since v2.5. <48>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA49(89) since v2.5. <49>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA50(90) since v2.5. <50>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA51(91) since v2.5. <51>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA52(92) since v2.5. <52>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA53(93) since v2.5. <53>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA54(94) since v2.5. <54>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA55(95) since v2.5. <55>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA56(96) since v2.5. <56>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA57(97) since v2.5. <57>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA58(98) since v2.5. <58>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA59(99) since v2.5. <59>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA60(100) since v2.5. <60>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA61(101) since v2.5. <61>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA62(102) since v2.5. <62>
|
|
|
|
|
* NXM: NXM_NX_TUN_METADATA63(103) since v2.5. <63>
|
|
|
|
|
* OXM: none.
|
|
|
|
|
*/
|
|
|
|
|
MFF_TUN_METADATA0,
|
|
|
|
|
MFF_TUN_METADATA1,
|
|
|
|
|
MFF_TUN_METADATA2,
|
|
|
|
|
MFF_TUN_METADATA3,
|
|
|
|
|
MFF_TUN_METADATA4,
|
|
|
|
|
MFF_TUN_METADATA5,
|
|
|
|
|
MFF_TUN_METADATA6,
|
|
|
|
|
MFF_TUN_METADATA7,
|
|
|
|
|
MFF_TUN_METADATA8,
|
|
|
|
|
MFF_TUN_METADATA9,
|
|
|
|
|
MFF_TUN_METADATA10,
|
|
|
|
|
MFF_TUN_METADATA11,
|
|
|
|
|
MFF_TUN_METADATA12,
|
|
|
|
|
MFF_TUN_METADATA13,
|
|
|
|
|
MFF_TUN_METADATA14,
|
|
|
|
|
MFF_TUN_METADATA15,
|
|
|
|
|
MFF_TUN_METADATA16,
|
|
|
|
|
MFF_TUN_METADATA17,
|
|
|
|
|
MFF_TUN_METADATA18,
|
|
|
|
|
MFF_TUN_METADATA19,
|
|
|
|
|
MFF_TUN_METADATA20,
|
|
|
|
|
MFF_TUN_METADATA21,
|
|
|
|
|
MFF_TUN_METADATA22,
|
|
|
|
|
MFF_TUN_METADATA23,
|
|
|
|
|
MFF_TUN_METADATA24,
|
|
|
|
|
MFF_TUN_METADATA25,
|
|
|
|
|
MFF_TUN_METADATA26,
|
|
|
|
|
MFF_TUN_METADATA27,
|
|
|
|
|
MFF_TUN_METADATA28,
|
|
|
|
|
MFF_TUN_METADATA29,
|
|
|
|
|
MFF_TUN_METADATA30,
|
|
|
|
|
MFF_TUN_METADATA31,
|
|
|
|
|
MFF_TUN_METADATA32,
|
|
|
|
|
MFF_TUN_METADATA33,
|
|
|
|
|
MFF_TUN_METADATA34,
|
|
|
|
|
MFF_TUN_METADATA35,
|
|
|
|
|
MFF_TUN_METADATA36,
|
|
|
|
|
MFF_TUN_METADATA37,
|
|
|
|
|
MFF_TUN_METADATA38,
|
|
|
|
|
MFF_TUN_METADATA39,
|
|
|
|
|
MFF_TUN_METADATA40,
|
|
|
|
|
MFF_TUN_METADATA41,
|
|
|
|
|
MFF_TUN_METADATA42,
|
|
|
|
|
MFF_TUN_METADATA43,
|
|
|
|
|
MFF_TUN_METADATA44,
|
|
|
|
|
MFF_TUN_METADATA45,
|
|
|
|
|
MFF_TUN_METADATA46,
|
|
|
|
|
MFF_TUN_METADATA47,
|
|
|
|
|
MFF_TUN_METADATA48,
|
|
|
|
|
MFF_TUN_METADATA49,
|
|
|
|
|
MFF_TUN_METADATA50,
|
|
|
|
|
MFF_TUN_METADATA51,
|
|
|
|
|
MFF_TUN_METADATA52,
|
|
|
|
|
MFF_TUN_METADATA53,
|
|
|
|
|
MFF_TUN_METADATA54,
|
|
|
|
|
MFF_TUN_METADATA55,
|
|
|
|
|
MFF_TUN_METADATA56,
|
|
|
|
|
MFF_TUN_METADATA57,
|
|
|
|
|
MFF_TUN_METADATA58,
|
|
|
|
|
MFF_TUN_METADATA59,
|
|
|
|
|
MFF_TUN_METADATA60,
|
|
|
|
|
MFF_TUN_METADATA61,
|
|
|
|
|
MFF_TUN_METADATA62,
|
|
|
|
|
MFF_TUN_METADATA63,
|
|
|
|
|
#else
|
|
|
|
|
#error "Need to update MFF_TUN_METADATA* to match TUN_METADATA_NUM_OPTS"
|
|
|
|
|
#endif
|
|
|
|
|
|
2014-10-07 15:24:11 -07:00
|
|
|
/* "metadata".
|
|
|
|
|
*
|
|
|
|
|
* A scratch pad value standardized in OpenFlow 1.1+. Initially zero, at
|
|
|
|
|
* the beginning of the pipeline.
|
|
|
|
|
*
|
|
|
|
|
* Type: be64.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: hexadecimal.
|
|
|
|
|
* Prerequisites: none.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: none.
|
|
|
|
|
* OXM: OXM_OF_METADATA(2) since OF1.2 and v1.8.
|
|
|
|
|
* OF1.1: bitwise mask.
|
|
|
|
|
*/
|
|
|
|
|
MFF_METADATA,
|
|
|
|
|
|
|
|
|
|
/* "in_port".
|
|
|
|
|
*
|
|
|
|
|
* 16-bit (OpenFlow 1.0) view of the physical or virtual port on which the
|
|
|
|
|
* packet was received.
|
|
|
|
|
*
|
|
|
|
|
* Type: be16.
|
|
|
|
|
* Maskable: no.
|
|
|
|
|
* Formatting: OpenFlow 1.0 port.
|
|
|
|
|
* Prerequisites: none.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: NXM_OF_IN_PORT(0) since v1.1.
|
|
|
|
|
* OXM: none.
|
|
|
|
|
* OF1.0: exact match.
|
|
|
|
|
* OF1.1: exact match.
|
|
|
|
|
*/
|
|
|
|
|
MFF_IN_PORT,
|
|
|
|
|
|
|
|
|
|
/* "in_port_oxm".
|
|
|
|
|
*
|
|
|
|
|
* 32-bit (OpenFlow 1.1+) view of the physical or virtual port on which the
|
|
|
|
|
* packet was received.
|
|
|
|
|
*
|
|
|
|
|
* Type: be32.
|
|
|
|
|
* Maskable: no.
|
|
|
|
|
* Formatting: OpenFlow 1.1+ port.
|
|
|
|
|
* Prerequisites: none.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: none.
|
|
|
|
|
* OXM: OXM_OF_IN_PORT(0) since OF1.2 and v1.7.
|
|
|
|
|
* OF1.1: exact match.
|
|
|
|
|
*/
|
|
|
|
|
MFF_IN_PORT_OXM,
|
|
|
|
|
|
2014-11-03 14:24:01 -08:00
|
|
|
/* "actset_output".
|
|
|
|
|
*
|
|
|
|
|
* Type: be32.
|
|
|
|
|
* Maskable: no.
|
|
|
|
|
* Formatting: OpenFlow 1.1+ port.
|
|
|
|
|
* Prerequisites: none.
|
|
|
|
|
* Access: read-only.
|
|
|
|
|
* NXM: none.
|
|
|
|
|
* OXM: ONFOXM_ET_ACTSET_OUTPUT(43) since OF1.3 and v2.4,
|
|
|
|
|
* OXM_OF_ACTSET_OUTPUT(43) since OF1.5 and v2.4.
|
|
|
|
|
*/
|
|
|
|
|
MFF_ACTSET_OUTPUT,
|
|
|
|
|
|
2014-10-07 15:24:11 -07:00
|
|
|
/* "skb_priority".
|
|
|
|
|
*
|
|
|
|
|
* Designates the queue to which output will be directed. The value in
|
|
|
|
|
* this field is not necessarily the OpenFlow queue number; with the Linux
|
|
|
|
|
* kernel switch, it instead has a pair of subfields designating the
|
|
|
|
|
* "major" and "minor" numbers of a Linux kernel qdisc handle.
|
|
|
|
|
*
|
|
|
|
|
* This field is "semi-internal" in that it can be set with the "set_queue"
|
|
|
|
|
* action but not matched or read or written other ways.
|
|
|
|
|
*
|
|
|
|
|
* Type: be32.
|
|
|
|
|
* Maskable: no.
|
|
|
|
|
* Formatting: hexadecimal.
|
|
|
|
|
* Prerequisites: none.
|
|
|
|
|
* Access: read-only.
|
|
|
|
|
* NXM: none.
|
|
|
|
|
* OXM: none.
|
|
|
|
|
*/
|
|
|
|
|
MFF_SKB_PRIORITY,
|
|
|
|
|
|
|
|
|
|
/* "pkt_mark".
|
|
|
|
|
*
|
|
|
|
|
* Packet metadata mark. The mark may be passed into other system
|
|
|
|
|
* components in order to facilitate interaction between subsystems. On
|
|
|
|
|
* Linux this corresponds to struct sk_buff's "skb_mark" member but the
|
|
|
|
|
* exact implementation is platform-dependent.
|
|
|
|
|
*
|
|
|
|
|
* Type: be32.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: hexadecimal.
|
|
|
|
|
* Prerequisites: none.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: NXM_NX_PKT_MARK(33) since v2.0.
|
|
|
|
|
* OXM: none.
|
|
|
|
|
*/
|
|
|
|
|
MFF_PKT_MARK,
|
2011-09-12 12:11:50 -07:00
|
|
|
|
Add support for connection tracking.
This patch adds a new action and fields to OVS that allow connection
tracking to be performed. This support works in conjunction with the
Linux kernel support merged into the Linux-4.3 development cycle.
Packets have two possible states with respect to connection tracking:
Untracked packets have not previously passed through the connection
tracker, while tracked packets have previously been through the
connection tracker. For OpenFlow pipeline processing, untracked packets
can become tracked, and they will remain tracked until the end of the
pipeline. Tracked packets cannot become untracked.
Connections can be unknown, uncommitted, or committed. Packets which are
untracked have unknown connection state. To know the connection state,
the packet must become tracked. Uncommitted connections have no
connection state stored about them, so it is only possible for the
connection tracker to identify whether they are a new connection or
whether they are invalid. Committed connections have connection state
stored beyond the lifetime of the packet, which allows later packets in
the same connection to be identified as part of the same established
connection, or related to an existing connection - for instance ICMP
error responses.
The new 'ct' action transitions the packet from "untracked" to
"tracked" by sending this flow through the connection tracker.
The following parameters are supported initally:
- "commit": When commit is executed, the connection moves from
uncommitted state to committed state. This signals that information
about the connection should be stored beyond the lifetime of the
packet within the pipeline. This allows future packets in the same
connection to be recognized as part of the same "established" (est)
connection, as well as identifying packets in the reply (rpl)
direction, or packets related to an existing connection (rel).
- "zone=[u16|NXM]": Perform connection tracking in the zone specified.
Each zone is an independent connection tracking context. When the
"commit" parameter is used, the connection will only be committed in
the specified zone, and not in other zones. This is 0 by default.
- "table=NUMBER": Fork pipeline processing in two. The original instance
of the packet will continue processing the current actions list as an
untracked packet. An additional instance of the packet will be sent to
the connection tracker, which will be re-injected into the OpenFlow
pipeline to resume processing in the specified table, with the
ct_state and other ct match fields set. If the table is not specified,
then the packet is submitted to the connection tracker, but the
pipeline does not fork and the ct match fields are not populated. It
is strongly recommended to specify a table later than the current
table to prevent loops.
When the "table" option is used, the packet that continues processing in
the specified table will have the ct_state populated. The ct_state may
have any of the following flags set:
- Tracked (trk): Connection tracking has occurred.
- Reply (rpl): The flow is in the reply direction.
- Invalid (inv): The connection tracker couldn't identify the connection.
- New (new): This is the beginning of a new connection.
- Established (est): This is part of an already existing connection.
- Related (rel): This connection is related to an existing connection.
For more information, consult the ovs-ofctl(8) man pages.
Below is a simple example flow table to allow outbound TCP traffic from
port 1 and drop traffic from port 2 that was not initiated by port 1:
table=0,priority=1,action=drop
table=0,arp,action=normal
table=0,in_port=1,tcp,ct_state=-trk,action=ct(commit,zone=9),2
table=0,in_port=2,tcp,ct_state=-trk,action=ct(zone=9,table=1)
table=1,in_port=2,ct_state=+trk+est,tcp,action=1
table=1,in_port=2,ct_state=+trk+new,tcp,action=drop
Based on original design by Justin Pettit, contributions from Thomas
Graf and Daniele Di Proietto.
Signed-off-by: Joe Stringer <joestringer@nicira.com>
Acked-by: Jarno Rajahalme <jrajahalme@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
2015-08-11 10:56:09 -07:00
|
|
|
/* "ct_state".
|
|
|
|
|
*
|
|
|
|
|
* Connection tracking state. The field is populated by the NXAST_CT
|
2017-01-25 13:58:03 -08:00
|
|
|
* action.
|
Add support for connection tracking.
This patch adds a new action and fields to OVS that allow connection
tracking to be performed. This support works in conjunction with the
Linux kernel support merged into the Linux-4.3 development cycle.
Packets have two possible states with respect to connection tracking:
Untracked packets have not previously passed through the connection
tracker, while tracked packets have previously been through the
connection tracker. For OpenFlow pipeline processing, untracked packets
can become tracked, and they will remain tracked until the end of the
pipeline. Tracked packets cannot become untracked.
Connections can be unknown, uncommitted, or committed. Packets which are
untracked have unknown connection state. To know the connection state,
the packet must become tracked. Uncommitted connections have no
connection state stored about them, so it is only possible for the
connection tracker to identify whether they are a new connection or
whether they are invalid. Committed connections have connection state
stored beyond the lifetime of the packet, which allows later packets in
the same connection to be identified as part of the same established
connection, or related to an existing connection - for instance ICMP
error responses.
The new 'ct' action transitions the packet from "untracked" to
"tracked" by sending this flow through the connection tracker.
The following parameters are supported initally:
- "commit": When commit is executed, the connection moves from
uncommitted state to committed state. This signals that information
about the connection should be stored beyond the lifetime of the
packet within the pipeline. This allows future packets in the same
connection to be recognized as part of the same "established" (est)
connection, as well as identifying packets in the reply (rpl)
direction, or packets related to an existing connection (rel).
- "zone=[u16|NXM]": Perform connection tracking in the zone specified.
Each zone is an independent connection tracking context. When the
"commit" parameter is used, the connection will only be committed in
the specified zone, and not in other zones. This is 0 by default.
- "table=NUMBER": Fork pipeline processing in two. The original instance
of the packet will continue processing the current actions list as an
untracked packet. An additional instance of the packet will be sent to
the connection tracker, which will be re-injected into the OpenFlow
pipeline to resume processing in the specified table, with the
ct_state and other ct match fields set. If the table is not specified,
then the packet is submitted to the connection tracker, but the
pipeline does not fork and the ct match fields are not populated. It
is strongly recommended to specify a table later than the current
table to prevent loops.
When the "table" option is used, the packet that continues processing in
the specified table will have the ct_state populated. The ct_state may
have any of the following flags set:
- Tracked (trk): Connection tracking has occurred.
- Reply (rpl): The flow is in the reply direction.
- Invalid (inv): The connection tracker couldn't identify the connection.
- New (new): This is the beginning of a new connection.
- Established (est): This is part of an already existing connection.
- Related (rel): This connection is related to an existing connection.
For more information, consult the ovs-ofctl(8) man pages.
Below is a simple example flow table to allow outbound TCP traffic from
port 1 and drop traffic from port 2 that was not initiated by port 1:
table=0,priority=1,action=drop
table=0,arp,action=normal
table=0,in_port=1,tcp,ct_state=-trk,action=ct(commit,zone=9),2
table=0,in_port=2,tcp,ct_state=-trk,action=ct(zone=9,table=1)
table=1,in_port=2,ct_state=+trk+est,tcp,action=1
table=1,in_port=2,ct_state=+trk+new,tcp,action=drop
Based on original design by Justin Pettit, contributions from Thomas
Graf and Daniele Di Proietto.
Signed-off-by: Joe Stringer <joestringer@nicira.com>
Acked-by: Jarno Rajahalme <jrajahalme@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
2015-08-11 10:56:09 -07:00
|
|
|
*
|
|
|
|
|
* Type: be32.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: ct state.
|
|
|
|
|
* Prerequisites: none.
|
|
|
|
|
* Access: read-only.
|
|
|
|
|
* NXM: NXM_NX_CT_STATE(105) since v2.5.
|
|
|
|
|
* OXM: none.
|
|
|
|
|
*/
|
|
|
|
|
MFF_CT_STATE,
|
|
|
|
|
|
|
|
|
|
/* "ct_zone".
|
|
|
|
|
*
|
|
|
|
|
* Connection tracking zone. The field is populated by the
|
|
|
|
|
* NXAST_CT action.
|
|
|
|
|
*
|
|
|
|
|
* Type: be16.
|
|
|
|
|
* Maskable: no.
|
|
|
|
|
* Formatting: hexadecimal.
|
|
|
|
|
* Prerequisites: none.
|
|
|
|
|
* Access: read-only.
|
|
|
|
|
* NXM: NXM_NX_CT_ZONE(106) since v2.5.
|
|
|
|
|
* OXM: none.
|
|
|
|
|
*/
|
|
|
|
|
MFF_CT_ZONE,
|
|
|
|
|
|
Add connection tracking mark support.
This patch adds a new 32-bit metadata field to the connection tracking
interface. When a mark is specified as part of the ct action and the
connection is committed, the value is saved with the current connection.
Subsequent ct lookups with the table specified will expose this metadata
as the "ct_mark" field in the flow.
For example, to allow new TCP connections from port 1->2 and only allow
established connections from port 2->1, and to associate a mark with those
connections:
table=0,priority=1,action=drop
table=0,arp,action=normal
table=0,in_port=1,tcp,action=ct(commit,exec(set_field:1->ct_mark)),2
table=0,in_port=2,ct_state=-trk,tcp,action=ct(table=1)
table=1,in_port=2,ct_state=+trk,ct_mark=1,tcp,action=1
Signed-off-by: Joe Stringer <joestringer@nicira.com>
Acked-by: Jarno Rajahalme <jrajahalme@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
2015-09-18 13:58:00 -07:00
|
|
|
/* "ct_mark".
|
|
|
|
|
*
|
|
|
|
|
* Connection tracking mark. The mark is carried with the
|
|
|
|
|
* connection tracking state. On Linux this corresponds to the
|
|
|
|
|
* nf_conn's "mark" member but the exact implementation is
|
|
|
|
|
* platform-dependent.
|
|
|
|
|
*
|
|
|
|
|
* Writable only from nested actions within the NXAST_CT action.
|
|
|
|
|
*
|
|
|
|
|
* Type: be32.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: hexadecimal.
|
|
|
|
|
* Prerequisites: none.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: NXM_NX_CT_MARK(107) since v2.5.
|
|
|
|
|
* OXM: none.
|
|
|
|
|
*/
|
|
|
|
|
MFF_CT_MARK,
|
|
|
|
|
|
Add connection tracking label support.
This patch adds a new 128-bit metadata field to the connection tracking
interface. When a label is specified as part of the ct action and the
connection is committed, the value is saved with the current connection.
Subsequent ct lookups with the table specified will expose this metadata
as the "ct_label" field in the flow.
For example, to allow new TCP connections from port 1->2 and only allow
established connections from port 2->1, and to associate a label with
those connections:
table=0,priority=1,action=drop
table=0,arp,action=normal
table=0,in_port=1,tcp,action=ct(commit,exec(set_field:1->ct_label)),2
table=0,in_port=2,ct_state=-trk,tcp,action=ct(table=1)
table=1,in_port=2,ct_state=+trk,ct_label=1,tcp,action=1
Signed-off-by: Joe Stringer <joestringer@nicira.com>
Acked-by: Jarno Rajahalme <jrajahalme@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
2015-10-13 11:13:10 -07:00
|
|
|
/* "ct_label".
|
|
|
|
|
*
|
|
|
|
|
* Connection tracking label. The label is carried with the
|
|
|
|
|
* connection tracking state. On Linux this is held in the
|
|
|
|
|
* conntrack label extension but the exact implementation is
|
|
|
|
|
* platform-dependent.
|
|
|
|
|
*
|
|
|
|
|
* Writable only from nested actions within the NXAST_CT action.
|
|
|
|
|
*
|
|
|
|
|
* Type: be128.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: hexadecimal.
|
|
|
|
|
* Prerequisites: none.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: NXM_NX_CT_LABEL(108) since v2.5.
|
|
|
|
|
* OXM: none.
|
|
|
|
|
*/
|
|
|
|
|
MFF_CT_LABEL,
|
|
|
|
|
|
2017-03-08 17:18:23 -08:00
|
|
|
/* "ct_nw_proto".
|
|
|
|
|
*
|
|
|
|
|
* The "protocol" byte in the IPv4 or IPv6 header for the original
|
2020-06-17 15:31:09 -07:00
|
|
|
* direction conntrack tuple, or of the parent conntrack entry, if the
|
2017-03-08 17:18:23 -08:00
|
|
|
* current connection is a related connection.
|
|
|
|
|
*
|
|
|
|
|
* The value is initially zero and populated by the CT action. The value
|
|
|
|
|
* remains zero after the CT action only if the packet can not be
|
|
|
|
|
* associated with a valid connection, in which case the prerequisites
|
|
|
|
|
* for matching this field ("CT") are not met.
|
|
|
|
|
*
|
|
|
|
|
* Type: u8.
|
|
|
|
|
* Maskable: no.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: CT.
|
|
|
|
|
* Access: read-only.
|
2017-03-14 15:46:25 -07:00
|
|
|
* NXM: NXM_NX_CT_NW_PROTO(119) since v2.8.
|
2017-03-08 17:18:23 -08:00
|
|
|
* OXM: none.
|
|
|
|
|
*/
|
|
|
|
|
MFF_CT_NW_PROTO,
|
|
|
|
|
|
|
|
|
|
/* "ct_nw_src".
|
|
|
|
|
*
|
|
|
|
|
* IPv4 source address of the original direction tuple of the conntrack
|
2020-06-17 15:31:09 -07:00
|
|
|
* entry, or of the parent conntrack entry, if the current connection is a
|
2017-03-08 17:18:23 -08:00
|
|
|
* related connection.
|
|
|
|
|
*
|
|
|
|
|
* The value is populated by the CT action.
|
|
|
|
|
*
|
|
|
|
|
* Type: be32.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: IPv4.
|
2017-03-24 11:47:15 -07:00
|
|
|
* Prerequisites: CT.
|
2017-03-08 17:18:23 -08:00
|
|
|
* Access: read-only.
|
2017-03-14 15:46:25 -07:00
|
|
|
* NXM: NXM_NX_CT_NW_SRC(120) since v2.8.
|
2017-03-08 17:18:23 -08:00
|
|
|
* OXM: none.
|
|
|
|
|
* Prefix lookup member: ct_nw_src.
|
|
|
|
|
*/
|
|
|
|
|
MFF_CT_NW_SRC,
|
|
|
|
|
|
|
|
|
|
/* "ct_nw_dst".
|
|
|
|
|
*
|
|
|
|
|
* IPv4 destination address of the original direction tuple of the
|
2020-06-17 15:31:09 -07:00
|
|
|
* conntrack entry, or of the parent conntrack entry, if the current
|
2017-03-08 17:18:23 -08:00
|
|
|
* connection is a related connection.
|
|
|
|
|
*
|
|
|
|
|
* The value is populated by the CT action.
|
|
|
|
|
*
|
|
|
|
|
* Type: be32.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: IPv4.
|
2017-03-24 11:47:15 -07:00
|
|
|
* Prerequisites: CT.
|
2017-03-08 17:18:23 -08:00
|
|
|
* Access: read-only.
|
2017-03-14 15:46:25 -07:00
|
|
|
* NXM: NXM_NX_CT_NW_DST(121) since v2.8.
|
2017-03-08 17:18:23 -08:00
|
|
|
* OXM: none.
|
|
|
|
|
* Prefix lookup member: ct_nw_dst.
|
|
|
|
|
*/
|
|
|
|
|
MFF_CT_NW_DST,
|
|
|
|
|
|
|
|
|
|
/* "ct_ipv6_src".
|
|
|
|
|
*
|
|
|
|
|
* IPv6 source address of the original direction tuple of the conntrack
|
2020-06-17 15:31:09 -07:00
|
|
|
* entry, or of the parent conntrack entry, if the current connection is a
|
2017-03-08 17:18:23 -08:00
|
|
|
* related connection.
|
|
|
|
|
*
|
|
|
|
|
* The value is populated by the CT action.
|
|
|
|
|
*
|
|
|
|
|
* Type: be128.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: IPv6.
|
2017-03-24 11:47:15 -07:00
|
|
|
* Prerequisites: CT.
|
2017-03-08 17:18:23 -08:00
|
|
|
* Access: read-only.
|
2017-03-14 15:46:25 -07:00
|
|
|
* NXM: NXM_NX_CT_IPV6_SRC(122) since v2.8.
|
2017-03-08 17:18:23 -08:00
|
|
|
* OXM: none.
|
|
|
|
|
* Prefix lookup member: ct_ipv6_src.
|
|
|
|
|
*/
|
|
|
|
|
MFF_CT_IPV6_SRC,
|
|
|
|
|
|
|
|
|
|
/* "ct_ipv6_dst".
|
|
|
|
|
*
|
|
|
|
|
* IPv6 destination address of the original direction tuple of the
|
2020-06-17 15:31:09 -07:00
|
|
|
* conntrack entry, or of the parent conntrack entry, if the current
|
2017-03-08 17:18:23 -08:00
|
|
|
* connection is a related connection.
|
|
|
|
|
*
|
|
|
|
|
* The value is populated by the CT action.
|
|
|
|
|
*
|
|
|
|
|
* Type: be128.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: IPv6.
|
2017-03-24 11:47:15 -07:00
|
|
|
* Prerequisites: CT.
|
2017-03-08 17:18:23 -08:00
|
|
|
* Access: read-only.
|
2017-03-14 15:46:25 -07:00
|
|
|
* NXM: NXM_NX_CT_IPV6_DST(123) since v2.8.
|
2017-03-08 17:18:23 -08:00
|
|
|
* OXM: none.
|
|
|
|
|
* Prefix lookup member: ct_ipv6_dst.
|
|
|
|
|
*/
|
|
|
|
|
MFF_CT_IPV6_DST,
|
|
|
|
|
|
|
|
|
|
/* "ct_tp_src".
|
|
|
|
|
*
|
|
|
|
|
* Transport layer source port of the original direction tuple of the
|
2020-06-17 15:31:09 -07:00
|
|
|
* conntrack entry, or of the parent conntrack entry, if the current
|
2017-03-08 17:18:23 -08:00
|
|
|
* connection is a related connection.
|
|
|
|
|
*
|
|
|
|
|
* The value is populated by the CT action.
|
|
|
|
|
*
|
|
|
|
|
* Type: be16.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: CT.
|
|
|
|
|
* Access: read-only.
|
2017-03-14 15:46:25 -07:00
|
|
|
* NXM: NXM_NX_CT_TP_SRC(124) since v2.8.
|
2017-03-08 17:18:23 -08:00
|
|
|
* OXM: none.
|
|
|
|
|
*/
|
|
|
|
|
MFF_CT_TP_SRC,
|
|
|
|
|
|
|
|
|
|
/* "ct_tp_dst".
|
|
|
|
|
*
|
|
|
|
|
* Transport layer destination port of the original direction tuple of the
|
2020-06-17 15:31:09 -07:00
|
|
|
* conntrack entry, or of the parent conntrack entry, if the current
|
2017-03-08 17:18:23 -08:00
|
|
|
* connection is a related connection.
|
|
|
|
|
*
|
|
|
|
|
* The value is populated by the CT action.
|
|
|
|
|
*
|
|
|
|
|
* Type: be16.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: CT.
|
|
|
|
|
* Access: read-only.
|
2017-03-14 15:46:25 -07:00
|
|
|
* NXM: NXM_NX_CT_TP_DST(125) since v2.8.
|
2017-03-08 17:18:23 -08:00
|
|
|
* OXM: none.
|
|
|
|
|
*/
|
|
|
|
|
MFF_CT_TP_DST,
|
|
|
|
|
|
2016-06-23 17:54:26 -07:00
|
|
|
#if FLOW_N_REGS == 16
|
2014-10-07 15:24:11 -07:00
|
|
|
/* "reg<N>".
|
|
|
|
|
*
|
|
|
|
|
* Nicira extension scratch pad register with initial value 0.
|
|
|
|
|
*
|
|
|
|
|
* Type: be32.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: hexadecimal.
|
|
|
|
|
* Prerequisites: none.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: NXM_NX_REG0(0) since v1.1. <0>
|
|
|
|
|
* NXM: NXM_NX_REG1(1) since v1.1. <1>
|
|
|
|
|
* NXM: NXM_NX_REG2(2) since v1.1. <2>
|
|
|
|
|
* NXM: NXM_NX_REG3(3) since v1.1. <3>
|
|
|
|
|
* NXM: NXM_NX_REG4(4) since v1.3. <4>
|
|
|
|
|
* NXM: NXM_NX_REG5(5) since v1.7. <5>
|
|
|
|
|
* NXM: NXM_NX_REG6(6) since v1.7. <6>
|
|
|
|
|
* NXM: NXM_NX_REG7(7) since v1.7. <7>
|
2016-06-23 17:54:26 -07:00
|
|
|
* NXM: NXM_NX_REG8(8) since v2.6. <8>
|
|
|
|
|
* NXM: NXM_NX_REG9(9) since v2.6. <9>
|
|
|
|
|
* NXM: NXM_NX_REG10(10) since v2.6. <10>
|
|
|
|
|
* NXM: NXM_NX_REG11(11) since v2.6. <11>
|
|
|
|
|
* NXM: NXM_NX_REG12(12) since v2.6. <12>
|
|
|
|
|
* NXM: NXM_NX_REG13(13) since v2.6. <13>
|
|
|
|
|
* NXM: NXM_NX_REG14(14) since v2.6. <14>
|
|
|
|
|
* NXM: NXM_NX_REG15(15) since v2.6. <15>
|
2014-10-07 15:24:11 -07:00
|
|
|
* OXM: none.
|
|
|
|
|
*/
|
|
|
|
|
MFF_REG0,
|
|
|
|
|
MFF_REG1,
|
|
|
|
|
MFF_REG2,
|
|
|
|
|
MFF_REG3,
|
|
|
|
|
MFF_REG4,
|
|
|
|
|
MFF_REG5,
|
|
|
|
|
MFF_REG6,
|
|
|
|
|
MFF_REG7,
|
2016-06-23 17:54:26 -07:00
|
|
|
MFF_REG8,
|
|
|
|
|
MFF_REG9,
|
|
|
|
|
MFF_REG10,
|
|
|
|
|
MFF_REG11,
|
|
|
|
|
MFF_REG12,
|
|
|
|
|
MFF_REG13,
|
|
|
|
|
MFF_REG14,
|
|
|
|
|
MFF_REG15,
|
2014-05-15 08:19:11 -07:00
|
|
|
#else
|
|
|
|
|
#error "Need to update MFF_REG* to match FLOW_N_REGS"
|
2014-07-28 09:50:37 -07:00
|
|
|
#endif
|
|
|
|
|
|
2016-06-23 17:54:26 -07:00
|
|
|
#if FLOW_N_XREGS == 8
|
2014-10-07 15:24:11 -07:00
|
|
|
/* "xreg<N>".
|
|
|
|
|
*
|
2017-01-25 13:58:03 -08:00
|
|
|
* OpenFlow 1.5 ``extended register".
|
2014-11-24 10:41:54 -08:00
|
|
|
*
|
2014-10-07 15:24:11 -07:00
|
|
|
* Type: be64.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: hexadecimal.
|
|
|
|
|
* Prerequisites: none.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: none.
|
2014-11-24 10:41:54 -08:00
|
|
|
* OXM: OXM_OF_PKT_REG<N>(<N>) since OF1.3 and v2.4.
|
2014-10-07 15:24:11 -07:00
|
|
|
*/
|
|
|
|
|
MFF_XREG0,
|
|
|
|
|
MFF_XREG1,
|
|
|
|
|
MFF_XREG2,
|
|
|
|
|
MFF_XREG3,
|
2016-06-23 17:54:26 -07:00
|
|
|
MFF_XREG4,
|
|
|
|
|
MFF_XREG5,
|
|
|
|
|
MFF_XREG6,
|
|
|
|
|
MFF_XREG7,
|
2014-07-28 09:50:37 -07:00
|
|
|
#else
|
|
|
|
|
#error "Need to update MFF_REG* to match FLOW_N_XREGS"
|
2011-09-12 12:11:50 -07:00
|
|
|
#endif
|
|
|
|
|
|
2015-10-31 04:45:28 -07:00
|
|
|
#if FLOW_N_XXREGS == 4
|
|
|
|
|
/* "xxreg<N>".
|
|
|
|
|
*
|
2017-01-25 13:58:03 -08:00
|
|
|
* ``extended-extended register".
|
2015-10-31 04:45:28 -07:00
|
|
|
*
|
|
|
|
|
* Type: be128.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: hexadecimal.
|
|
|
|
|
* Prerequisites: none.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: NXM_NX_XXREG0(111) since v2.6. <0>
|
|
|
|
|
* NXM: NXM_NX_XXREG1(112) since v2.6. <1>
|
2016-10-10 11:27:57 -07:00
|
|
|
* NXM: NXM_NX_XXREG2(113) since v2.6. <2>
|
|
|
|
|
* NXM: NXM_NX_XXREG3(114) since v2.6. <3>
|
|
|
|
|
* NXM: NXM_NX_XXREG4(115) since vX.Y. <4>
|
|
|
|
|
* NXM: NXM_NX_XXREG5(116) since vX.Y. <5>
|
|
|
|
|
* NXM: NXM_NX_XXREG6(117) since vX.Y. <6>
|
|
|
|
|
* NXM: NXM_NX_XXREG7(118) since vX.Y. <7>
|
2015-10-31 04:45:28 -07:00
|
|
|
* OXM: none.
|
|
|
|
|
*/
|
|
|
|
|
MFF_XXREG0,
|
|
|
|
|
MFF_XXREG1,
|
|
|
|
|
MFF_XXREG2,
|
|
|
|
|
MFF_XXREG3,
|
|
|
|
|
#else
|
|
|
|
|
#error "Need to update MFF_REG* to match FLOW_N_XXREGS"
|
|
|
|
|
#endif
|
|
|
|
|
|
2014-10-07 15:24:11 -07:00
|
|
|
/* ## -------- ## */
|
|
|
|
|
/* ## Ethernet ## */
|
|
|
|
|
/* ## -------- ## */
|
|
|
|
|
|
|
|
|
|
/* "eth_src" (aka "dl_src").
|
|
|
|
|
*
|
|
|
|
|
* Source address in Ethernet header.
|
|
|
|
|
*
|
|
|
|
|
* Type: MAC.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: Ethernet.
|
2017-06-02 16:16:17 +00:00
|
|
|
* Prerequisites: Ethernet.
|
2014-10-07 15:24:11 -07:00
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: NXM_OF_ETH_SRC(2) since v1.1.
|
|
|
|
|
* OXM: OXM_OF_ETH_SRC(4) since OF1.2 and v1.7.
|
|
|
|
|
* OF1.0: exact match.
|
|
|
|
|
* OF1.1: bitwise mask.
|
|
|
|
|
*/
|
|
|
|
|
MFF_ETH_SRC,
|
|
|
|
|
|
|
|
|
|
/* "eth_dst" (aka "dl_dst").
|
|
|
|
|
*
|
|
|
|
|
* Destination address in Ethernet header.
|
|
|
|
|
*
|
|
|
|
|
* Type: MAC.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: Ethernet.
|
2017-06-02 16:16:17 +00:00
|
|
|
* Prerequisites: Ethernet.
|
2014-10-07 15:24:11 -07:00
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: NXM_OF_ETH_DST(1) since v1.1.
|
|
|
|
|
* OXM: OXM_OF_ETH_DST(3) since OF1.2 and v1.7.
|
|
|
|
|
* OF1.0: exact match.
|
|
|
|
|
* OF1.1: bitwise mask.
|
|
|
|
|
*/
|
|
|
|
|
MFF_ETH_DST,
|
|
|
|
|
|
|
|
|
|
/* "eth_type" (aka "dl_type").
|
|
|
|
|
*
|
|
|
|
|
* Packet's Ethernet type.
|
|
|
|
|
*
|
|
|
|
|
* For a packet with an 802.1Q header, this is the type of the encapsulated
|
|
|
|
|
* frame.
|
|
|
|
|
*
|
|
|
|
|
* Type: be16.
|
|
|
|
|
* Maskable: no.
|
|
|
|
|
* Formatting: hexadecimal.
|
2017-06-02 16:16:17 +00:00
|
|
|
* Prerequisites: Ethernet.
|
2014-10-07 15:24:11 -07:00
|
|
|
* Access: read-only.
|
|
|
|
|
* NXM: NXM_OF_ETH_TYPE(3) since v1.1.
|
|
|
|
|
* OXM: OXM_OF_ETH_TYPE(5) since OF1.2 and v1.7.
|
|
|
|
|
* OF1.0: exact match.
|
|
|
|
|
* OF1.1: exact match.
|
|
|
|
|
*/
|
|
|
|
|
MFF_ETH_TYPE,
|
|
|
|
|
|
|
|
|
|
/* ## ---- ## */
|
|
|
|
|
/* ## VLAN ## */
|
|
|
|
|
/* ## ---- ## */
|
|
|
|
|
|
|
|
|
|
/* It looks odd for vlan_tci, vlan_vid, and vlan_pcp to say that they are
|
|
|
|
|
* supported in OF1.0 and OF1.1, since the detailed semantics of these fields
|
|
|
|
|
* only apply to NXM or OXM. They are marked as supported for exact matches in
|
|
|
|
|
* OF1.0 and OF1.1 because exact matches on those fields can be successfully
|
|
|
|
|
* translated into the OF1.0 and OF1.1 flow formats. */
|
|
|
|
|
|
|
|
|
|
/* "vlan_tci".
|
|
|
|
|
*
|
|
|
|
|
* 802.1Q TCI.
|
|
|
|
|
*
|
|
|
|
|
* For a packet with an 802.1Q header, this is the Tag Control Information
|
|
|
|
|
* (TCI) field, with the CFI bit forced to 1. For a packet with no 802.1Q
|
|
|
|
|
* header, this has value 0.
|
|
|
|
|
*
|
|
|
|
|
* Type: be16.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: hexadecimal.
|
2017-06-02 16:16:17 +00:00
|
|
|
* Prerequisites: Ethernet.
|
2014-10-07 15:24:11 -07:00
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: NXM_OF_VLAN_TCI(4) since v1.1.
|
|
|
|
|
* OXM: none.
|
|
|
|
|
* OF1.0: exact match.
|
|
|
|
|
* OF1.1: exact match.
|
|
|
|
|
*/
|
|
|
|
|
MFF_VLAN_TCI,
|
|
|
|
|
|
|
|
|
|
/* "dl_vlan" (OpenFlow 1.0).
|
|
|
|
|
*
|
|
|
|
|
* VLAN ID field. Zero if no 802.1Q header is present.
|
|
|
|
|
*
|
|
|
|
|
* Type: be16 (low 12 bits).
|
|
|
|
|
* Maskable: no.
|
|
|
|
|
* Formatting: decimal.
|
2017-06-02 16:16:17 +00:00
|
|
|
* Prerequisites: Ethernet.
|
2014-10-07 15:24:11 -07:00
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: none.
|
|
|
|
|
* OXM: none.
|
|
|
|
|
* OF1.0: exact match.
|
|
|
|
|
* OF1.1: exact match.
|
|
|
|
|
*/
|
|
|
|
|
MFF_DL_VLAN,
|
|
|
|
|
|
|
|
|
|
/* "vlan_vid" (OpenFlow 1.2+).
|
|
|
|
|
*
|
|
|
|
|
* If an 802.1Q header is present, this field's value is 0x1000
|
|
|
|
|
* bitwise-or'd with the VLAN ID. If no 802.1Q is present, this field's
|
|
|
|
|
* value is 0.
|
|
|
|
|
*
|
|
|
|
|
* Type: be16 (low 12 bits).
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: decimal.
|
2017-06-02 16:16:17 +00:00
|
|
|
* Prerequisites: Ethernet.
|
2014-10-07 15:24:11 -07:00
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: none.
|
|
|
|
|
* OXM: OXM_OF_VLAN_VID(6) since OF1.2 and v1.7.
|
|
|
|
|
* OF1.0: exact match.
|
|
|
|
|
* OF1.1: exact match.
|
|
|
|
|
*/
|
|
|
|
|
MFF_VLAN_VID,
|
|
|
|
|
|
|
|
|
|
/* "dl_vlan_pcp" (OpenFlow 1.0).
|
|
|
|
|
*
|
|
|
|
|
* VLAN priority (PCP) field. Zero if no 802.1Q header is present.
|
|
|
|
|
*
|
|
|
|
|
* Type: u8 (low 3 bits).
|
|
|
|
|
* Maskable: no.
|
|
|
|
|
* Formatting: decimal.
|
2017-06-02 16:16:17 +00:00
|
|
|
* Prerequisites: Ethernet.
|
2014-10-07 15:24:11 -07:00
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: none.
|
|
|
|
|
* OXM: none.
|
|
|
|
|
* OF1.0: exact match.
|
|
|
|
|
* OF1.1: exact match.
|
|
|
|
|
*/
|
|
|
|
|
MFF_DL_VLAN_PCP,
|
|
|
|
|
|
|
|
|
|
/* "vlan_pcp" (OpenFlow 1.2+).
|
|
|
|
|
*
|
|
|
|
|
* VLAN priority (PCP) field. Zero if no 802.1Q header is present.
|
|
|
|
|
*
|
|
|
|
|
* Type: u8 (low 3 bits).
|
|
|
|
|
* Maskable: no.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: VLAN VID.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: none.
|
|
|
|
|
* OXM: OXM_OF_VLAN_PCP(7) since OF1.2 and v1.7.
|
|
|
|
|
* OF1.0: exact match.
|
|
|
|
|
* OF1.1: exact match.
|
|
|
|
|
*/
|
|
|
|
|
MFF_VLAN_PCP,
|
|
|
|
|
|
|
|
|
|
/* ## ---- ## */
|
|
|
|
|
/* ## MPLS ## */
|
|
|
|
|
/* ## ---- ## */
|
|
|
|
|
|
|
|
|
|
/* "mpls_label".
|
|
|
|
|
*
|
|
|
|
|
* The outermost MPLS label, or 0 if no MPLS labels are present.
|
|
|
|
|
*
|
|
|
|
|
* Type: be32 (low 20 bits).
|
|
|
|
|
* Maskable: no.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: MPLS.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: none.
|
|
|
|
|
* OXM: OXM_OF_MPLS_LABEL(34) since OF1.2 and v1.11.
|
|
|
|
|
* OF1.1: exact match.
|
|
|
|
|
*/
|
|
|
|
|
MFF_MPLS_LABEL,
|
|
|
|
|
|
|
|
|
|
/* "mpls_tc".
|
|
|
|
|
*
|
|
|
|
|
* The outermost MPLS label's traffic control (TC) field, or 0 if no MPLS
|
|
|
|
|
* labels are present.
|
|
|
|
|
*
|
|
|
|
|
* Type: u8 (low 3 bits).
|
|
|
|
|
* Maskable: no.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: MPLS.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: none.
|
|
|
|
|
* OXM: OXM_OF_MPLS_TC(35) since OF1.2 and v1.11.
|
|
|
|
|
* OF1.1: exact match.
|
|
|
|
|
*/
|
|
|
|
|
MFF_MPLS_TC,
|
|
|
|
|
|
|
|
|
|
/* "mpls_bos".
|
|
|
|
|
*
|
|
|
|
|
* The outermost MPLS label's bottom of stack (BoS) field, or 0 if no MPLS
|
|
|
|
|
* labels are present.
|
|
|
|
|
*
|
|
|
|
|
* Type: u8 (low 1 bits).
|
|
|
|
|
* Maskable: no.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: MPLS.
|
|
|
|
|
* Access: read-only.
|
|
|
|
|
* NXM: none.
|
|
|
|
|
* OXM: OXM_OF_MPLS_BOS(36) since OF1.3 and v1.11.
|
|
|
|
|
*/
|
|
|
|
|
MFF_MPLS_BOS,
|
|
|
|
|
|
2016-03-07 20:46:48 -08:00
|
|
|
/* "mpls_ttl".
|
|
|
|
|
*
|
|
|
|
|
* The outermost MPLS label's time-to-live (TTL) field, or 0 if no MPLS
|
|
|
|
|
* labels are present.
|
|
|
|
|
*
|
|
|
|
|
* Type: u8.
|
|
|
|
|
* Maskable: no.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: MPLS.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: NXM_NX_MPLS_TTL(30) since v2.6.
|
|
|
|
|
* OXM: none.
|
|
|
|
|
*/
|
|
|
|
|
MFF_MPLS_TTL,
|
|
|
|
|
|
2014-10-07 15:24:11 -07:00
|
|
|
/* ## ---- ## */
|
|
|
|
|
/* ## IPv4 ## */
|
|
|
|
|
/* ## ---- ## */
|
|
|
|
|
|
|
|
|
|
/* Update mf_is_l3_or_higher() if MFF_IPV4_SRC is no longer the first element
|
|
|
|
|
* for a field of layer 3 or higher */
|
|
|
|
|
|
|
|
|
|
/* "ip_src" (aka "nw_src").
|
|
|
|
|
*
|
|
|
|
|
* The source address in the IPv4 header.
|
|
|
|
|
*
|
|
|
|
|
* Before Open vSwitch 1.8, only CIDR masks were supported.
|
|
|
|
|
*
|
|
|
|
|
* Type: be32.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: IPv4.
|
|
|
|
|
* Prerequisites: IPv4.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: NXM_OF_IP_SRC(7) since v1.1.
|
|
|
|
|
* OXM: OXM_OF_IPV4_SRC(11) since OF1.2 and v1.7.
|
|
|
|
|
* OF1.0: CIDR mask.
|
|
|
|
|
* OF1.1: bitwise mask.
|
|
|
|
|
* Prefix lookup member: nw_src.
|
|
|
|
|
*/
|
|
|
|
|
MFF_IPV4_SRC,
|
|
|
|
|
|
|
|
|
|
/* "ip_dst" (aka "nw_dst").
|
|
|
|
|
*
|
|
|
|
|
* The destination address in the IPv4 header.
|
|
|
|
|
*
|
|
|
|
|
* Before Open vSwitch 1.8, only CIDR masks were supported.
|
|
|
|
|
*
|
|
|
|
|
* Type: be32.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: IPv4.
|
|
|
|
|
* Prerequisites: IPv4.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: NXM_OF_IP_DST(8) since v1.1.
|
|
|
|
|
* OXM: OXM_OF_IPV4_DST(12) since OF1.2 and v1.7.
|
|
|
|
|
* OF1.0: CIDR mask.
|
|
|
|
|
* OF1.1: bitwise mask.
|
|
|
|
|
* Prefix lookup member: nw_dst.
|
|
|
|
|
*/
|
|
|
|
|
MFF_IPV4_DST,
|
|
|
|
|
|
|
|
|
|
/* ## ---- ## */
|
|
|
|
|
/* ## IPv6 ## */
|
|
|
|
|
/* ## ---- ## */
|
|
|
|
|
|
|
|
|
|
/* "ipv6_src".
|
|
|
|
|
*
|
|
|
|
|
* The source address in the IPv6 header.
|
|
|
|
|
*
|
2015-09-22 18:11:36 -07:00
|
|
|
* Type: be128.
|
2014-10-07 15:24:11 -07:00
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: IPv6.
|
|
|
|
|
* Prerequisites: IPv6.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: NXM_NX_IPV6_SRC(19) since v1.1.
|
|
|
|
|
* OXM: OXM_OF_IPV6_SRC(26) since OF1.2 and v1.1.
|
|
|
|
|
* Prefix lookup member: ipv6_src.
|
|
|
|
|
*/
|
|
|
|
|
MFF_IPV6_SRC,
|
|
|
|
|
|
|
|
|
|
/* "ipv6_dst".
|
|
|
|
|
*
|
|
|
|
|
* The destination address in the IPv6 header.
|
|
|
|
|
*
|
2015-09-22 18:11:36 -07:00
|
|
|
* Type: be128.
|
2014-10-07 15:24:11 -07:00
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: IPv6.
|
|
|
|
|
* Prerequisites: IPv6.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: NXM_NX_IPV6_DST(20) since v1.1.
|
|
|
|
|
* OXM: OXM_OF_IPV6_DST(27) since OF1.2 and v1.1.
|
|
|
|
|
* Prefix lookup member: ipv6_dst.
|
|
|
|
|
*/
|
|
|
|
|
MFF_IPV6_DST,
|
|
|
|
|
|
|
|
|
|
/* "ipv6_label".
|
|
|
|
|
*
|
|
|
|
|
* The flow label in the IPv6 header.
|
|
|
|
|
*
|
|
|
|
|
* Type: be32 (low 20 bits).
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: hexadecimal.
|
|
|
|
|
* Prerequisites: IPv6.
|
2015-01-12 17:46:49 -08:00
|
|
|
* Access: read/write.
|
2014-10-07 15:24:11 -07:00
|
|
|
* NXM: NXM_NX_IPV6_LABEL(27) since v1.4.
|
|
|
|
|
* OXM: OXM_OF_IPV6_FLABEL(28) since OF1.2 and v1.7.
|
|
|
|
|
*/
|
|
|
|
|
MFF_IPV6_LABEL,
|
|
|
|
|
|
|
|
|
|
/* ## ----------------------- ## */
|
|
|
|
|
/* ## IPv4/IPv6 common fields ## */
|
|
|
|
|
/* ## ----------------------- ## */
|
|
|
|
|
|
|
|
|
|
/* "nw_proto" (aka "ip_proto").
|
|
|
|
|
*
|
|
|
|
|
* The "protocol" byte in the IPv4 or IPv6 header.
|
|
|
|
|
*
|
|
|
|
|
* Type: u8.
|
|
|
|
|
* Maskable: no.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: IPv4/IPv6.
|
|
|
|
|
* Access: read-only.
|
|
|
|
|
* NXM: NXM_OF_IP_PROTO(6) since v1.1.
|
|
|
|
|
* OXM: OXM_OF_IP_PROTO(10) since OF1.2 and v1.7.
|
|
|
|
|
* OF1.0: exact match.
|
|
|
|
|
* OF1.1: exact match.
|
|
|
|
|
*/
|
|
|
|
|
MFF_IP_PROTO,
|
|
|
|
|
|
|
|
|
|
/* Both views of the DSCP below are marked as supported in all of the versions
|
|
|
|
|
* of OpenFlow because a match on either view can be successfully translated
|
|
|
|
|
* into every OpenFlow flow format. */
|
|
|
|
|
|
|
|
|
|
/* "nw_tos" (OpenFlow 1.0/1.1).
|
|
|
|
|
*
|
|
|
|
|
* The DSCP byte in the IPv4 header or the traffic class byte from the IPv6
|
|
|
|
|
* header, with the ECN bits forced to 0. (That is, bits 2-7 contain the
|
|
|
|
|
* type of service and bits 0-1 are zero.)
|
|
|
|
|
*
|
|
|
|
|
* Type: u8.
|
|
|
|
|
* Maskable: no.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: IPv4/IPv6.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: NXM_OF_IP_TOS(5) since v1.1.
|
|
|
|
|
* OXM: none.
|
|
|
|
|
* OF1.0: exact match.
|
|
|
|
|
* OF1.1: exact match.
|
|
|
|
|
*/
|
|
|
|
|
MFF_IP_DSCP,
|
|
|
|
|
|
|
|
|
|
/* "ip_dscp" (OpenFlow 1.2+).
|
|
|
|
|
*
|
|
|
|
|
* The DSCP byte in the IPv4 header or the traffic class byte from the IPv6
|
|
|
|
|
* header, shifted right 2 bits. (That is, bits 0-5 contain the type of
|
|
|
|
|
* service and bits 6-7 are zero.)
|
|
|
|
|
*
|
|
|
|
|
* Type: u8 (low 6 bits).
|
|
|
|
|
* Maskable: no.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: IPv4/IPv6.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: none.
|
|
|
|
|
* OXM: OXM_OF_IP_DSCP(8) since OF1.2 and v1.7.
|
|
|
|
|
* OF1.0: exact match.
|
|
|
|
|
* OF1.1: exact match.
|
|
|
|
|
*/
|
|
|
|
|
MFF_IP_DSCP_SHIFTED,
|
|
|
|
|
|
|
|
|
|
/* "nw_ecn" (aka "ip_ecn").
|
|
|
|
|
*
|
|
|
|
|
* The ECN bits in the IPv4 or IPv6 header.
|
|
|
|
|
*
|
|
|
|
|
* Type: u8 (low 2 bits).
|
|
|
|
|
* Maskable: no.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: IPv4/IPv6.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: NXM_NX_IP_ECN(28) since v1.4.
|
|
|
|
|
* OXM: OXM_OF_IP_ECN(9) since OF1.2 and v1.7.
|
2017-02-21 14:22:53 -05:00
|
|
|
* OF1.1: exact match.
|
2014-10-07 15:24:11 -07:00
|
|
|
*/
|
|
|
|
|
MFF_IP_ECN,
|
|
|
|
|
|
|
|
|
|
/* "nw_ttl".
|
|
|
|
|
*
|
|
|
|
|
* The time-to-live (TTL) in the IPv4 header or hop limit in the IPv6
|
|
|
|
|
* header.
|
|
|
|
|
*
|
|
|
|
|
* Type: u8.
|
|
|
|
|
* Maskable: no.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: IPv4/IPv6.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: NXM_NX_IP_TTL(29) since v1.4.
|
|
|
|
|
* OXM: none.
|
|
|
|
|
*/
|
|
|
|
|
MFF_IP_TTL,
|
|
|
|
|
|
2018-09-20 11:01:35 -07:00
|
|
|
/* "ip_frag" (aka "nw_frag").
|
2014-10-07 15:24:11 -07:00
|
|
|
*
|
|
|
|
|
* IP fragment information.
|
|
|
|
|
*
|
|
|
|
|
* Type: u8 (low 2 bits).
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: frag.
|
|
|
|
|
* Prerequisites: IPv4/IPv6.
|
|
|
|
|
* Access: read-only.
|
|
|
|
|
* NXM: NXM_NX_IP_FRAG(26) since v1.3.
|
|
|
|
|
* OXM: none.
|
|
|
|
|
*/
|
|
|
|
|
MFF_IP_FRAG,
|
|
|
|
|
|
|
|
|
|
/* ## --- ## */
|
|
|
|
|
/* ## ARP ## */
|
|
|
|
|
/* ## --- ## */
|
|
|
|
|
|
|
|
|
|
/* "arp_op".
|
|
|
|
|
*
|
|
|
|
|
* ARP opcode.
|
|
|
|
|
*
|
|
|
|
|
* For an Ethernet+IP ARP packet, the opcode in the ARP header. Always 0
|
|
|
|
|
* otherwise. Only ARP opcodes between 1 and 255 should be specified for
|
|
|
|
|
* matching.
|
|
|
|
|
*
|
|
|
|
|
* Type: be16.
|
|
|
|
|
* Maskable: no.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: ARP.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: NXM_OF_ARP_OP(15) since v1.1.
|
|
|
|
|
* OXM: OXM_OF_ARP_OP(21) since OF1.2 and v1.7.
|
|
|
|
|
* OF1.0: exact match.
|
|
|
|
|
* OF1.1: exact match.
|
|
|
|
|
*/
|
|
|
|
|
MFF_ARP_OP,
|
|
|
|
|
|
|
|
|
|
/* "arp_spa".
|
|
|
|
|
*
|
|
|
|
|
* For an Ethernet+IP ARP packet, the source protocol (IPv4) address in the
|
|
|
|
|
* ARP header. Always 0 otherwise.
|
|
|
|
|
*
|
|
|
|
|
* Before Open vSwitch 1.8, only CIDR masks were supported.
|
|
|
|
|
*
|
|
|
|
|
* Type: be32.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: IPv4.
|
|
|
|
|
* Prerequisites: ARP.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: NXM_OF_ARP_SPA(16) since v1.1.
|
|
|
|
|
* OXM: OXM_OF_ARP_SPA(22) since OF1.2 and v1.7.
|
|
|
|
|
* OF1.0: CIDR mask.
|
|
|
|
|
* OF1.1: bitwise mask.
|
|
|
|
|
*/
|
|
|
|
|
MFF_ARP_SPA,
|
|
|
|
|
|
|
|
|
|
/* "arp_tpa".
|
|
|
|
|
*
|
|
|
|
|
* For an Ethernet+IP ARP packet, the target protocol (IPv4) address in the
|
|
|
|
|
* ARP header. Always 0 otherwise.
|
|
|
|
|
*
|
|
|
|
|
* Before Open vSwitch 1.8, only CIDR masks were supported.
|
|
|
|
|
*
|
|
|
|
|
* Type: be32.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: IPv4.
|
|
|
|
|
* Prerequisites: ARP.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: NXM_OF_ARP_TPA(17) since v1.1.
|
|
|
|
|
* OXM: OXM_OF_ARP_TPA(23) since OF1.2 and v1.7.
|
|
|
|
|
* OF1.0: CIDR mask.
|
|
|
|
|
* OF1.1: bitwise mask.
|
|
|
|
|
*/
|
|
|
|
|
MFF_ARP_TPA,
|
|
|
|
|
|
|
|
|
|
/* "arp_sha".
|
|
|
|
|
*
|
|
|
|
|
* For an Ethernet+IP ARP packet, the source hardware (Ethernet) address in
|
|
|
|
|
* the ARP header. Always 0 otherwise.
|
|
|
|
|
*
|
|
|
|
|
* Type: MAC.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: Ethernet.
|
|
|
|
|
* Prerequisites: ARP.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: NXM_NX_ARP_SHA(17) since v1.1.
|
|
|
|
|
* OXM: OXM_OF_ARP_SHA(24) since OF1.2 and v1.7.
|
|
|
|
|
*/
|
|
|
|
|
MFF_ARP_SHA,
|
|
|
|
|
|
|
|
|
|
/* "arp_tha".
|
|
|
|
|
*
|
|
|
|
|
* For an Ethernet+IP ARP packet, the target hardware (Ethernet) address in
|
|
|
|
|
* the ARP header. Always 0 otherwise.
|
|
|
|
|
*
|
|
|
|
|
* Type: MAC.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: Ethernet.
|
|
|
|
|
* Prerequisites: ARP.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: NXM_NX_ARP_THA(18) since v1.1.
|
|
|
|
|
* OXM: OXM_OF_ARP_THA(25) since OF1.2 and v1.7.
|
|
|
|
|
*/
|
|
|
|
|
MFF_ARP_THA,
|
|
|
|
|
|
|
|
|
|
/* ## --- ## */
|
|
|
|
|
/* ## TCP ## */
|
|
|
|
|
/* ## --- ## */
|
|
|
|
|
|
|
|
|
|
/* "tcp_src" (aka "tp_src").
|
|
|
|
|
*
|
|
|
|
|
* TCP source port.
|
|
|
|
|
*
|
|
|
|
|
* Type: be16.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: TCP.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: NXM_OF_TCP_SRC(9) since v1.1.
|
|
|
|
|
* OXM: OXM_OF_TCP_SRC(13) since OF1.2 and v1.7.
|
|
|
|
|
* OF1.0: exact match.
|
|
|
|
|
* OF1.1: exact match.
|
|
|
|
|
*/
|
|
|
|
|
MFF_TCP_SRC,
|
|
|
|
|
|
|
|
|
|
/* "tcp_dst" (aka "tp_dst").
|
|
|
|
|
*
|
|
|
|
|
* TCP destination port.
|
|
|
|
|
*
|
|
|
|
|
* Type: be16.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: TCP.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: NXM_OF_TCP_DST(10) since v1.1.
|
|
|
|
|
* OXM: OXM_OF_TCP_DST(14) since OF1.2 and v1.7.
|
|
|
|
|
* OF1.0: exact match.
|
|
|
|
|
* OF1.1: exact match.
|
|
|
|
|
*/
|
|
|
|
|
MFF_TCP_DST,
|
|
|
|
|
|
|
|
|
|
/* "tcp_flags".
|
|
|
|
|
*
|
|
|
|
|
* Flags in the TCP header.
|
|
|
|
|
*
|
|
|
|
|
* TCP currently defines 9 flag bits, and additional 3 bits are reserved
|
|
|
|
|
* (must be transmitted as zero). See RFCs 793, 3168, and 3540.
|
|
|
|
|
*
|
|
|
|
|
* Type: be16 (low 12 bits).
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: TCP flags.
|
|
|
|
|
* Prerequisites: TCP.
|
|
|
|
|
* Access: read-only.
|
|
|
|
|
* NXM: NXM_NX_TCP_FLAGS(34) since v2.1.
|
2014-11-24 15:06:34 -08:00
|
|
|
* OXM: ONFOXM_ET_TCP_FLAGS(42) since OF1.3 and v2.4,
|
|
|
|
|
* OXM_OF_TCP_FLAGS(42) since OF1.5 and v2.3.
|
2014-10-07 15:24:11 -07:00
|
|
|
*/
|
|
|
|
|
MFF_TCP_FLAGS,
|
|
|
|
|
|
|
|
|
|
/* ## --- ## */
|
|
|
|
|
/* ## UDP ## */
|
|
|
|
|
/* ## --- ## */
|
|
|
|
|
|
|
|
|
|
/* "udp_src".
|
|
|
|
|
*
|
|
|
|
|
* UDP source port.
|
|
|
|
|
*
|
|
|
|
|
* Type: be16.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: UDP.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: NXM_OF_UDP_SRC(11) since v1.1.
|
|
|
|
|
* OXM: OXM_OF_UDP_SRC(15) since OF1.2 and v1.7.
|
|
|
|
|
* OF1.0: exact match.
|
|
|
|
|
* OF1.1: exact match.
|
|
|
|
|
*/
|
|
|
|
|
MFF_UDP_SRC,
|
|
|
|
|
|
|
|
|
|
/* "udp_dst".
|
|
|
|
|
*
|
|
|
|
|
* UDP destination port
|
|
|
|
|
*
|
|
|
|
|
* Type: be16.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: UDP.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: NXM_OF_UDP_DST(12) since v1.1.
|
|
|
|
|
* OXM: OXM_OF_UDP_DST(16) since OF1.2 and v1.7.
|
|
|
|
|
* OF1.0: exact match.
|
|
|
|
|
* OF1.1: exact match.
|
|
|
|
|
*/
|
|
|
|
|
MFF_UDP_DST,
|
|
|
|
|
|
|
|
|
|
/* ## ---- ## */
|
|
|
|
|
/* ## SCTP ## */
|
|
|
|
|
/* ## ---- ## */
|
|
|
|
|
|
|
|
|
|
/* "sctp_src".
|
|
|
|
|
*
|
|
|
|
|
* SCTP source port.
|
|
|
|
|
*
|
|
|
|
|
* Type: be16.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: SCTP.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: none.
|
|
|
|
|
* OXM: OXM_OF_SCTP_SRC(17) since OF1.2 and v2.0.
|
|
|
|
|
* OF1.1: exact match.
|
|
|
|
|
*/
|
|
|
|
|
MFF_SCTP_SRC,
|
|
|
|
|
|
|
|
|
|
/* "sctp_dst".
|
|
|
|
|
*
|
|
|
|
|
* SCTP destination port.
|
|
|
|
|
*
|
|
|
|
|
* Type: be16.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: SCTP.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: none.
|
|
|
|
|
* OXM: OXM_OF_SCTP_DST(18) since OF1.2 and v2.0.
|
|
|
|
|
* OF1.1: exact match.
|
|
|
|
|
*/
|
|
|
|
|
MFF_SCTP_DST,
|
|
|
|
|
|
|
|
|
|
/* ## ---- ## */
|
|
|
|
|
/* ## ICMP ## */
|
|
|
|
|
/* ## ---- ## */
|
|
|
|
|
|
|
|
|
|
/* "icmp_type".
|
|
|
|
|
*
|
|
|
|
|
* ICMPv4 type.
|
|
|
|
|
*
|
|
|
|
|
* Type: u8.
|
|
|
|
|
* Maskable: no.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: ICMPv4.
|
2015-10-20 22:03:02 -07:00
|
|
|
* Access: read/write.
|
2014-10-07 15:24:11 -07:00
|
|
|
* NXM: NXM_OF_ICMP_TYPE(13) since v1.1.
|
|
|
|
|
* OXM: OXM_OF_ICMPV4_TYPE(19) since OF1.2 and v1.7.
|
|
|
|
|
* OF1.0: exact match.
|
|
|
|
|
* OF1.1: exact match.
|
|
|
|
|
*/
|
|
|
|
|
MFF_ICMPV4_TYPE,
|
|
|
|
|
|
|
|
|
|
/* "icmp_code".
|
|
|
|
|
*
|
|
|
|
|
* ICMPv4 code.
|
|
|
|
|
*
|
|
|
|
|
* Type: u8.
|
|
|
|
|
* Maskable: no.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: ICMPv4.
|
2015-10-20 22:03:02 -07:00
|
|
|
* Access: read/write.
|
2014-10-07 15:24:11 -07:00
|
|
|
* NXM: NXM_OF_ICMP_CODE(14) since v1.1.
|
|
|
|
|
* OXM: OXM_OF_ICMPV4_CODE(20) since OF1.2 and v1.7.
|
|
|
|
|
* OF1.0: exact match.
|
|
|
|
|
* OF1.1: exact match.
|
|
|
|
|
*/
|
|
|
|
|
MFF_ICMPV4_CODE,
|
|
|
|
|
|
|
|
|
|
/* "icmpv6_type".
|
|
|
|
|
*
|
|
|
|
|
* ICMPv6 type.
|
|
|
|
|
*
|
|
|
|
|
* Type: u8.
|
|
|
|
|
* Maskable: no.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: ICMPv6.
|
2015-10-20 22:03:02 -07:00
|
|
|
* Access: read/write.
|
2014-10-07 15:24:11 -07:00
|
|
|
* NXM: NXM_NX_ICMPV6_TYPE(21) since v1.1.
|
|
|
|
|
* OXM: OXM_OF_ICMPV6_TYPE(29) since OF1.2 and v1.7.
|
|
|
|
|
*/
|
|
|
|
|
MFF_ICMPV6_TYPE,
|
|
|
|
|
|
|
|
|
|
/* "icmpv6_code".
|
|
|
|
|
*
|
|
|
|
|
* ICMPv6 code.
|
|
|
|
|
*
|
|
|
|
|
* Type: u8.
|
|
|
|
|
* Maskable: no.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: ICMPv6.
|
2015-10-20 22:03:02 -07:00
|
|
|
* Access: read/write.
|
2014-10-07 15:24:11 -07:00
|
|
|
* NXM: NXM_NX_ICMPV6_CODE(22) since v1.1.
|
|
|
|
|
* OXM: OXM_OF_ICMPV6_CODE(30) since OF1.2 and v1.7.
|
|
|
|
|
*/
|
|
|
|
|
MFF_ICMPV6_CODE,
|
|
|
|
|
|
|
|
|
|
/* ## ------------------------- ## */
|
|
|
|
|
/* ## ICMPv6 Neighbor Discovery ## */
|
|
|
|
|
/* ## ------------------------- ## */
|
|
|
|
|
|
|
|
|
|
/* "nd_target".
|
|
|
|
|
*
|
|
|
|
|
* The target address in an IPv6 Neighbor Discovery message.
|
|
|
|
|
*
|
|
|
|
|
* Before Open vSwitch 1.8, only CIDR masks were supported.
|
|
|
|
|
*
|
2015-09-22 18:11:36 -07:00
|
|
|
* Type: be128.
|
2014-10-07 15:24:11 -07:00
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: IPv6.
|
|
|
|
|
* Prerequisites: ND.
|
2014-12-23 23:42:05 +00:00
|
|
|
* Access: read/write.
|
2014-10-07 15:24:11 -07:00
|
|
|
* NXM: NXM_NX_ND_TARGET(23) since v1.1.
|
|
|
|
|
* OXM: OXM_OF_IPV6_ND_TARGET(31) since OF1.2 and v1.7.
|
|
|
|
|
*/
|
|
|
|
|
MFF_ND_TARGET,
|
|
|
|
|
|
|
|
|
|
/* "nd_sll".
|
|
|
|
|
*
|
|
|
|
|
* The source link layer address in an IPv6 Neighbor Discovery message.
|
|
|
|
|
*
|
|
|
|
|
* Type: MAC.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: Ethernet.
|
|
|
|
|
* Prerequisites: ND solicit.
|
2014-12-23 23:42:05 +00:00
|
|
|
* Access: read/write.
|
2014-10-07 15:24:11 -07:00
|
|
|
* NXM: NXM_NX_ND_SLL(24) since v1.1.
|
|
|
|
|
* OXM: OXM_OF_IPV6_ND_SLL(32) since OF1.2 and v1.7.
|
|
|
|
|
*/
|
|
|
|
|
MFF_ND_SLL,
|
|
|
|
|
|
|
|
|
|
/* "nd_tll".
|
|
|
|
|
*
|
|
|
|
|
* The target link layer address in an IPv6 Neighbor Discovery message.
|
|
|
|
|
*
|
|
|
|
|
* Type: MAC.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: Ethernet.
|
|
|
|
|
* Prerequisites: ND advert.
|
2014-12-23 23:42:05 +00:00
|
|
|
* Access: read/write.
|
2014-10-07 15:24:11 -07:00
|
|
|
* NXM: NXM_NX_ND_TLL(25) since v1.1.
|
|
|
|
|
* OXM: OXM_OF_IPV6_ND_TLL(33) since OF1.2 and v1.7.
|
|
|
|
|
*/
|
|
|
|
|
MFF_ND_TLL,
|
2011-09-12 12:11:50 -07:00
|
|
|
|
2019-01-28 11:41:06 +00:00
|
|
|
/* "nd_reserved".
|
|
|
|
|
*
|
|
|
|
|
* The reserved field in IPv6 Neighbor Discovery message.
|
|
|
|
|
*
|
|
|
|
|
* Type: be32.
|
|
|
|
|
* Maskable: no.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: ND.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: none.
|
|
|
|
|
* OXM: ERICOXM_OF_ICMPV6_ND_RESERVED(1) since v2.11.
|
|
|
|
|
*/
|
|
|
|
|
MFF_ND_RESERVED,
|
|
|
|
|
|
|
|
|
|
/* "nd_options_type".
|
|
|
|
|
*
|
|
|
|
|
* The type of the option in IPv6 Neighbor Discovery message.
|
|
|
|
|
*
|
|
|
|
|
* Type: u8.
|
|
|
|
|
* Maskable: no.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: ND.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: none.
|
|
|
|
|
* OXM: ERICOXM_OF_ICMPV6_ND_OPTIONS_TYPE(2) since v2.11.
|
|
|
|
|
*/
|
|
|
|
|
MFF_ND_OPTIONS_TYPE,
|
|
|
|
|
|
userspace: Add support for NSH MD1 match fields
This patch adds support for NSH packet header fields to the OVS
control plane and the userspace datapath. Initially we support the
fields of the NSH base header as defined in
https://www.ietf.org/id/draft-ietf-sfc-nsh-13.txt
and the fixed context headers specified for metadata format MD1.
The variable length MD2 format is parsed but the TLV context headers
are not yet available for matching.
The NSH fields are modelled as experimenter fields with the dedicated
experimenter class 0x005ad650 proposed for NSH in ONF. The following
fields are defined:
NXOXM code ofctl name Size Comment
=====================================================================
NXOXM_NSH_FLAGS nsh_flags 8 Bits 2-9 of 1st NSH word
(0x005ad650,1)
NXOXM_NSH_MDTYPE nsh_mdtype 8 Bits 16-23
(0x005ad650,2)
NXOXM_NSH_NEXTPROTO nsh_np 8 Bits 24-31
(0x005ad650,3)
NXOXM_NSH_SPI nsh_spi 24 Bits 0-23 of 2nd NSH word
(0x005ad650,4)
NXOXM_NSH_SI nsh_si 8 Bits 24-31
(0x005ad650,5)
NXOXM_NSH_C1 nsh_c1 32 Maskable, nsh_mdtype==1
(0x005ad650,6)
NXOXM_NSH_C2 nsh_c2 32 Maskable, nsh_mdtype==1
(0x005ad650,7)
NXOXM_NSH_C3 nsh_c3 32 Maskable, nsh_mdtype==1
(0x005ad650,8)
NXOXM_NSH_C4 nsh_c4 32 Maskable, nsh_mdtype==1
(0x005ad650,9)
Co-authored-by: Johnson Li <johnson.li@intel.com>
Signed-off-by: Yi Yang <yi.y.yang@intel.com>
Signed-off-by: Jan Scheurich <jan.scheurich@ericsson.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
2017-08-05 13:41:08 +08:00
|
|
|
/* ## ---- ## */
|
|
|
|
|
/* ## NSH ## */
|
|
|
|
|
/* ## ---- ## */
|
|
|
|
|
|
|
|
|
|
/* "nsh_flags".
|
|
|
|
|
*
|
|
|
|
|
* flags field in NSH base header.
|
|
|
|
|
*
|
|
|
|
|
* Type: u8.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: NSH.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: none.
|
2018-05-18 10:16:40 -07:00
|
|
|
* OXM: NXOXM_NSH_FLAGS(1) since v2.8.
|
userspace: Add support for NSH MD1 match fields
This patch adds support for NSH packet header fields to the OVS
control plane and the userspace datapath. Initially we support the
fields of the NSH base header as defined in
https://www.ietf.org/id/draft-ietf-sfc-nsh-13.txt
and the fixed context headers specified for metadata format MD1.
The variable length MD2 format is parsed but the TLV context headers
are not yet available for matching.
The NSH fields are modelled as experimenter fields with the dedicated
experimenter class 0x005ad650 proposed for NSH in ONF. The following
fields are defined:
NXOXM code ofctl name Size Comment
=====================================================================
NXOXM_NSH_FLAGS nsh_flags 8 Bits 2-9 of 1st NSH word
(0x005ad650,1)
NXOXM_NSH_MDTYPE nsh_mdtype 8 Bits 16-23
(0x005ad650,2)
NXOXM_NSH_NEXTPROTO nsh_np 8 Bits 24-31
(0x005ad650,3)
NXOXM_NSH_SPI nsh_spi 24 Bits 0-23 of 2nd NSH word
(0x005ad650,4)
NXOXM_NSH_SI nsh_si 8 Bits 24-31
(0x005ad650,5)
NXOXM_NSH_C1 nsh_c1 32 Maskable, nsh_mdtype==1
(0x005ad650,6)
NXOXM_NSH_C2 nsh_c2 32 Maskable, nsh_mdtype==1
(0x005ad650,7)
NXOXM_NSH_C3 nsh_c3 32 Maskable, nsh_mdtype==1
(0x005ad650,8)
NXOXM_NSH_C4 nsh_c4 32 Maskable, nsh_mdtype==1
(0x005ad650,9)
Co-authored-by: Johnson Li <johnson.li@intel.com>
Signed-off-by: Yi Yang <yi.y.yang@intel.com>
Signed-off-by: Jan Scheurich <jan.scheurich@ericsson.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
2017-08-05 13:41:08 +08:00
|
|
|
*/
|
|
|
|
|
MFF_NSH_FLAGS,
|
|
|
|
|
|
|
|
|
|
/* "nsh_mdtype".
|
|
|
|
|
*
|
|
|
|
|
* mdtype field in NSH base header.
|
|
|
|
|
*
|
|
|
|
|
* Type: u8.
|
|
|
|
|
* Maskable: no.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: NSH.
|
|
|
|
|
* Access: read-only.
|
|
|
|
|
* NXM: none.
|
2018-05-18 10:16:40 -07:00
|
|
|
* OXM: NXOXM_NSH_MDTYPE(2) since v2.8.
|
userspace: Add support for NSH MD1 match fields
This patch adds support for NSH packet header fields to the OVS
control plane and the userspace datapath. Initially we support the
fields of the NSH base header as defined in
https://www.ietf.org/id/draft-ietf-sfc-nsh-13.txt
and the fixed context headers specified for metadata format MD1.
The variable length MD2 format is parsed but the TLV context headers
are not yet available for matching.
The NSH fields are modelled as experimenter fields with the dedicated
experimenter class 0x005ad650 proposed for NSH in ONF. The following
fields are defined:
NXOXM code ofctl name Size Comment
=====================================================================
NXOXM_NSH_FLAGS nsh_flags 8 Bits 2-9 of 1st NSH word
(0x005ad650,1)
NXOXM_NSH_MDTYPE nsh_mdtype 8 Bits 16-23
(0x005ad650,2)
NXOXM_NSH_NEXTPROTO nsh_np 8 Bits 24-31
(0x005ad650,3)
NXOXM_NSH_SPI nsh_spi 24 Bits 0-23 of 2nd NSH word
(0x005ad650,4)
NXOXM_NSH_SI nsh_si 8 Bits 24-31
(0x005ad650,5)
NXOXM_NSH_C1 nsh_c1 32 Maskable, nsh_mdtype==1
(0x005ad650,6)
NXOXM_NSH_C2 nsh_c2 32 Maskable, nsh_mdtype==1
(0x005ad650,7)
NXOXM_NSH_C3 nsh_c3 32 Maskable, nsh_mdtype==1
(0x005ad650,8)
NXOXM_NSH_C4 nsh_c4 32 Maskable, nsh_mdtype==1
(0x005ad650,9)
Co-authored-by: Johnson Li <johnson.li@intel.com>
Signed-off-by: Yi Yang <yi.y.yang@intel.com>
Signed-off-by: Jan Scheurich <jan.scheurich@ericsson.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
2017-08-05 13:41:08 +08:00
|
|
|
*/
|
|
|
|
|
MFF_NSH_MDTYPE,
|
|
|
|
|
|
|
|
|
|
/* "nsh_np".
|
|
|
|
|
*
|
|
|
|
|
* np (next protocol) field in NSH base header.
|
|
|
|
|
*
|
|
|
|
|
* Type: u8.
|
|
|
|
|
* Maskable: no.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: NSH.
|
|
|
|
|
* Access: read-only.
|
|
|
|
|
* NXM: none.
|
2018-05-18 10:16:40 -07:00
|
|
|
* OXM: NXOXM_NSH_NP(3) since v2.8.
|
userspace: Add support for NSH MD1 match fields
This patch adds support for NSH packet header fields to the OVS
control plane and the userspace datapath. Initially we support the
fields of the NSH base header as defined in
https://www.ietf.org/id/draft-ietf-sfc-nsh-13.txt
and the fixed context headers specified for metadata format MD1.
The variable length MD2 format is parsed but the TLV context headers
are not yet available for matching.
The NSH fields are modelled as experimenter fields with the dedicated
experimenter class 0x005ad650 proposed for NSH in ONF. The following
fields are defined:
NXOXM code ofctl name Size Comment
=====================================================================
NXOXM_NSH_FLAGS nsh_flags 8 Bits 2-9 of 1st NSH word
(0x005ad650,1)
NXOXM_NSH_MDTYPE nsh_mdtype 8 Bits 16-23
(0x005ad650,2)
NXOXM_NSH_NEXTPROTO nsh_np 8 Bits 24-31
(0x005ad650,3)
NXOXM_NSH_SPI nsh_spi 24 Bits 0-23 of 2nd NSH word
(0x005ad650,4)
NXOXM_NSH_SI nsh_si 8 Bits 24-31
(0x005ad650,5)
NXOXM_NSH_C1 nsh_c1 32 Maskable, nsh_mdtype==1
(0x005ad650,6)
NXOXM_NSH_C2 nsh_c2 32 Maskable, nsh_mdtype==1
(0x005ad650,7)
NXOXM_NSH_C3 nsh_c3 32 Maskable, nsh_mdtype==1
(0x005ad650,8)
NXOXM_NSH_C4 nsh_c4 32 Maskable, nsh_mdtype==1
(0x005ad650,9)
Co-authored-by: Johnson Li <johnson.li@intel.com>
Signed-off-by: Yi Yang <yi.y.yang@intel.com>
Signed-off-by: Jan Scheurich <jan.scheurich@ericsson.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
2017-08-05 13:41:08 +08:00
|
|
|
*/
|
|
|
|
|
MFF_NSH_NP,
|
|
|
|
|
|
|
|
|
|
/* "nsh_spi" (aka "nsp").
|
|
|
|
|
*
|
|
|
|
|
* spi (service path identifier) field in NSH base header.
|
|
|
|
|
*
|
|
|
|
|
* Type: be32 (low 24 bits).
|
|
|
|
|
* Maskable: no.
|
|
|
|
|
* Formatting: hexadecimal.
|
|
|
|
|
* Prerequisites: NSH.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: none.
|
2018-05-18 10:16:40 -07:00
|
|
|
* OXM: NXOXM_NSH_SPI(4) since v2.8.
|
userspace: Add support for NSH MD1 match fields
This patch adds support for NSH packet header fields to the OVS
control plane and the userspace datapath. Initially we support the
fields of the NSH base header as defined in
https://www.ietf.org/id/draft-ietf-sfc-nsh-13.txt
and the fixed context headers specified for metadata format MD1.
The variable length MD2 format is parsed but the TLV context headers
are not yet available for matching.
The NSH fields are modelled as experimenter fields with the dedicated
experimenter class 0x005ad650 proposed for NSH in ONF. The following
fields are defined:
NXOXM code ofctl name Size Comment
=====================================================================
NXOXM_NSH_FLAGS nsh_flags 8 Bits 2-9 of 1st NSH word
(0x005ad650,1)
NXOXM_NSH_MDTYPE nsh_mdtype 8 Bits 16-23
(0x005ad650,2)
NXOXM_NSH_NEXTPROTO nsh_np 8 Bits 24-31
(0x005ad650,3)
NXOXM_NSH_SPI nsh_spi 24 Bits 0-23 of 2nd NSH word
(0x005ad650,4)
NXOXM_NSH_SI nsh_si 8 Bits 24-31
(0x005ad650,5)
NXOXM_NSH_C1 nsh_c1 32 Maskable, nsh_mdtype==1
(0x005ad650,6)
NXOXM_NSH_C2 nsh_c2 32 Maskable, nsh_mdtype==1
(0x005ad650,7)
NXOXM_NSH_C3 nsh_c3 32 Maskable, nsh_mdtype==1
(0x005ad650,8)
NXOXM_NSH_C4 nsh_c4 32 Maskable, nsh_mdtype==1
(0x005ad650,9)
Co-authored-by: Johnson Li <johnson.li@intel.com>
Signed-off-by: Yi Yang <yi.y.yang@intel.com>
Signed-off-by: Jan Scheurich <jan.scheurich@ericsson.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
2017-08-05 13:41:08 +08:00
|
|
|
*/
|
|
|
|
|
MFF_NSH_SPI,
|
|
|
|
|
|
|
|
|
|
/* "nsh_si" (aka "nsi").
|
|
|
|
|
*
|
|
|
|
|
* si (service index) field in NSH base header.
|
|
|
|
|
*
|
|
|
|
|
* Type: u8.
|
|
|
|
|
* Maskable: no.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: NSH.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: none.
|
2018-05-18 10:16:40 -07:00
|
|
|
* OXM: NXOXM_NSH_SI(5) since v2.8.
|
userspace: Add support for NSH MD1 match fields
This patch adds support for NSH packet header fields to the OVS
control plane and the userspace datapath. Initially we support the
fields of the NSH base header as defined in
https://www.ietf.org/id/draft-ietf-sfc-nsh-13.txt
and the fixed context headers specified for metadata format MD1.
The variable length MD2 format is parsed but the TLV context headers
are not yet available for matching.
The NSH fields are modelled as experimenter fields with the dedicated
experimenter class 0x005ad650 proposed for NSH in ONF. The following
fields are defined:
NXOXM code ofctl name Size Comment
=====================================================================
NXOXM_NSH_FLAGS nsh_flags 8 Bits 2-9 of 1st NSH word
(0x005ad650,1)
NXOXM_NSH_MDTYPE nsh_mdtype 8 Bits 16-23
(0x005ad650,2)
NXOXM_NSH_NEXTPROTO nsh_np 8 Bits 24-31
(0x005ad650,3)
NXOXM_NSH_SPI nsh_spi 24 Bits 0-23 of 2nd NSH word
(0x005ad650,4)
NXOXM_NSH_SI nsh_si 8 Bits 24-31
(0x005ad650,5)
NXOXM_NSH_C1 nsh_c1 32 Maskable, nsh_mdtype==1
(0x005ad650,6)
NXOXM_NSH_C2 nsh_c2 32 Maskable, nsh_mdtype==1
(0x005ad650,7)
NXOXM_NSH_C3 nsh_c3 32 Maskable, nsh_mdtype==1
(0x005ad650,8)
NXOXM_NSH_C4 nsh_c4 32 Maskable, nsh_mdtype==1
(0x005ad650,9)
Co-authored-by: Johnson Li <johnson.li@intel.com>
Signed-off-by: Yi Yang <yi.y.yang@intel.com>
Signed-off-by: Jan Scheurich <jan.scheurich@ericsson.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
2017-08-05 13:41:08 +08:00
|
|
|
*/
|
|
|
|
|
MFF_NSH_SI,
|
|
|
|
|
|
|
|
|
|
/* "nsh_c<N>" (aka "nshc<N>").
|
|
|
|
|
*
|
|
|
|
|
* context fields in NSH context header.
|
|
|
|
|
*
|
|
|
|
|
* Type: be32.
|
|
|
|
|
* Maskable: bitwise.
|
|
|
|
|
* Formatting: hexadecimal.
|
|
|
|
|
* Prerequisites: NSH.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: none.
|
2018-05-18 10:16:40 -07:00
|
|
|
* OXM: NXOXM_NSH_C1(6) since v2.8. <1>
|
|
|
|
|
* OXM: NXOXM_NSH_C2(7) since v2.8. <2>
|
|
|
|
|
* OXM: NXOXM_NSH_C3(8) since v2.8. <3>
|
|
|
|
|
* OXM: NXOXM_NSH_C4(9) since v2.8. <4>
|
userspace: Add support for NSH MD1 match fields
This patch adds support for NSH packet header fields to the OVS
control plane and the userspace datapath. Initially we support the
fields of the NSH base header as defined in
https://www.ietf.org/id/draft-ietf-sfc-nsh-13.txt
and the fixed context headers specified for metadata format MD1.
The variable length MD2 format is parsed but the TLV context headers
are not yet available for matching.
The NSH fields are modelled as experimenter fields with the dedicated
experimenter class 0x005ad650 proposed for NSH in ONF. The following
fields are defined:
NXOXM code ofctl name Size Comment
=====================================================================
NXOXM_NSH_FLAGS nsh_flags 8 Bits 2-9 of 1st NSH word
(0x005ad650,1)
NXOXM_NSH_MDTYPE nsh_mdtype 8 Bits 16-23
(0x005ad650,2)
NXOXM_NSH_NEXTPROTO nsh_np 8 Bits 24-31
(0x005ad650,3)
NXOXM_NSH_SPI nsh_spi 24 Bits 0-23 of 2nd NSH word
(0x005ad650,4)
NXOXM_NSH_SI nsh_si 8 Bits 24-31
(0x005ad650,5)
NXOXM_NSH_C1 nsh_c1 32 Maskable, nsh_mdtype==1
(0x005ad650,6)
NXOXM_NSH_C2 nsh_c2 32 Maskable, nsh_mdtype==1
(0x005ad650,7)
NXOXM_NSH_C3 nsh_c3 32 Maskable, nsh_mdtype==1
(0x005ad650,8)
NXOXM_NSH_C4 nsh_c4 32 Maskable, nsh_mdtype==1
(0x005ad650,9)
Co-authored-by: Johnson Li <johnson.li@intel.com>
Signed-off-by: Yi Yang <yi.y.yang@intel.com>
Signed-off-by: Jan Scheurich <jan.scheurich@ericsson.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
2017-08-05 13:41:08 +08:00
|
|
|
*/
|
|
|
|
|
MFF_NSH_C1,
|
|
|
|
|
MFF_NSH_C2,
|
|
|
|
|
MFF_NSH_C3,
|
|
|
|
|
MFF_NSH_C4,
|
|
|
|
|
|
2018-01-11 13:24:01 +08:00
|
|
|
/* "nsh_ttl".
|
|
|
|
|
*
|
|
|
|
|
* TTL field in NSH base header.
|
|
|
|
|
*
|
|
|
|
|
* Type: u8.
|
|
|
|
|
* Maskable: no.
|
|
|
|
|
* Formatting: decimal.
|
|
|
|
|
* Prerequisites: NSH.
|
|
|
|
|
* Access: read/write.
|
|
|
|
|
* NXM: none.
|
2018-05-18 10:16:40 -07:00
|
|
|
* OXM: NXOXM_NSH_TTL(10) since v2.9.
|
2018-01-11 13:24:01 +08:00
|
|
|
*/
|
|
|
|
|
MFF_NSH_TTL,
|
|
|
|
|
|
2011-09-12 12:11:50 -07:00
|
|
|
MFF_N_IDS
|
|
|
|
|
};
|
|
|
|
|
|
2014-07-26 12:15:26 -07:00
|
|
|
/* A set of mf_field_ids. */
|
|
|
|
|
struct mf_bitmap {
|
|
|
|
|
unsigned long bm[BITMAP_N_LONGS(MFF_N_IDS)];
|
|
|
|
|
};
|
|
|
|
|
#define MF_BITMAP_INITIALIZER { { [0] = 0 } }
|
|
|
|
|
|
2018-08-29 11:30:13 -07:00
|
|
|
bool mf_bitmap_is_superset(const struct mf_bitmap *super,
|
|
|
|
|
const struct mf_bitmap *sub);
|
2019-12-04 15:06:07 -08:00
|
|
|
struct mf_bitmap mf_bitmap_and(struct mf_bitmap, struct mf_bitmap);
|
|
|
|
|
struct mf_bitmap mf_bitmap_or(struct mf_bitmap, struct mf_bitmap);
|
|
|
|
|
struct mf_bitmap mf_bitmap_not(struct mf_bitmap);
|
2018-08-29 11:30:13 -07:00
|
|
|
|
2012-06-27 07:23:25 -07:00
|
|
|
/* Use this macro as CASE_MFF_REGS: in a switch statement to choose all of the
|
2014-07-28 09:50:37 -07:00
|
|
|
* MFF_REGn cases. */
|
2016-06-23 17:54:26 -07:00
|
|
|
#if FLOW_N_REGS ==16
|
|
|
|
|
#define CASE_MFF_REGS \
|
|
|
|
|
case MFF_REG0: case MFF_REG1: case MFF_REG2: case MFF_REG3: \
|
|
|
|
|
case MFF_REG4: case MFF_REG5: case MFF_REG6: case MFF_REG7: \
|
|
|
|
|
case MFF_REG8: case MFF_REG9: case MFF_REG10: case MFF_REG11: \
|
|
|
|
|
case MFF_REG12: case MFF_REG13: case MFF_REG14: case MFF_REG15
|
2012-06-27 07:23:25 -07:00
|
|
|
#else
|
2014-05-15 08:19:11 -07:00
|
|
|
#error "Need to update CASE_MFF_REGS to match FLOW_N_REGS"
|
2012-06-27 07:23:25 -07:00
|
|
|
#endif
|
|
|
|
|
|
2014-07-28 09:50:37 -07:00
|
|
|
/* Use this macro as CASE_MFF_XREGS: in a switch statement to choose all of the
|
|
|
|
|
* MFF_REGn cases. */
|
2016-06-23 17:54:26 -07:00
|
|
|
#if FLOW_N_XREGS == 8
|
2014-07-28 09:50:37 -07:00
|
|
|
#define CASE_MFF_XREGS \
|
2016-06-23 17:54:26 -07:00
|
|
|
case MFF_XREG0: case MFF_XREG1: case MFF_XREG2: case MFF_XREG3: \
|
|
|
|
|
case MFF_XREG4: case MFF_XREG5: case MFF_XREG6: case MFF_XREG7
|
2014-07-28 09:50:37 -07:00
|
|
|
#else
|
|
|
|
|
#error "Need to update CASE_MFF_XREGS to match FLOW_N_XREGS"
|
|
|
|
|
#endif
|
2015-10-31 04:45:28 -07:00
|
|
|
|
|
|
|
|
/* Use this macro as CASE_MFF_XXREGS: in a switch statement to choose
|
|
|
|
|
* all of the MFF_REGn cases. */
|
|
|
|
|
#if FLOW_N_XXREGS == 4
|
|
|
|
|
#define CASE_MFF_XXREGS \
|
|
|
|
|
case MFF_XXREG0: case MFF_XXREG1: case MFF_XXREG2: case MFF_XXREG3
|
|
|
|
|
#else
|
|
|
|
|
#error "Need to update CASE_MFF_XXREGS to match FLOW_N_XXREGS"
|
|
|
|
|
#endif
|
2014-07-28 09:50:37 -07:00
|
|
|
|
ovn-trace: New utility.
This new utility is intended to fulfill for OVN the purpose that
"ofproto/trace" has for Open vSwitch. First, it's meant to be a useful
tool for troubleshooting and diagnosis and in general for improving one's
understanding of the emergent properties of a flow table. Second, it
simplifies and increases the practical scope of testing, as well as making
testing more reliable and repeatable and failures easier to interpret.
This commit adds only a single test that uses the new utility, based on the
oldest OVN end-to-end test "ovn -- 3 HVs, 1 LS, 3 lports/HV". The
differences between the old and the new test illustrate properties of
tracing. First, the new test does not start any ovn-controller processes
or simulate any hypervisors in a nontrivial way. This is because ovn-trace
does not actually forward packets or rely on the physical structure of the
system. Second, whereas the old test tested not just the logical but also
the physical structure of the system, it needed to have several logical
ports, a total of 9 (3 on each of 3 HVs), whereas since this test only
tests the logical network implementation it can use a smaller number. This
property also means that the new test runs signicantly faster than the old
one (less than a second on my laptop).
In my opinion this approach points the way toward the future of OVN
testing. Certainly, we need end-to-end tests. However, I believe that the
bulk of our tests can be broken into ones that test the logical network
implementation (using tracing) and ones that test physical/logical
translation.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Ryan Moats <rmoats@us.ibm.com>
2016-08-14 15:22:29 -07:00
|
|
|
static inline bool
|
|
|
|
|
mf_is_register(enum mf_field_id id)
|
|
|
|
|
{
|
|
|
|
|
return ((id >= MFF_REG0 && id < MFF_REG0 + FLOW_N_REGS) ||
|
|
|
|
|
(id >= MFF_XREG0 && id < MFF_XREG0 + FLOW_N_XREGS) ||
|
|
|
|
|
(id >= MFF_XXREG0 && id < MFF_XXREG0 + FLOW_N_XXREGS));
|
|
|
|
|
}
|
|
|
|
|
|
tunnel: Geneve TLV handling support for OpenFlow.
The current support for Geneve in OVS is exactly equivalent to VXLAN:
it is possible to set and match on the VNI but not on any options
contained in the header. This patch enables the use of options.
The goal for Geneve support is not to add support for any particular option
but to allow end users or controllers to specify what they would like to
match. That is, the full range of Geneve's capabilities should be exposed
without modifying the code (the one exception being options that require
per-packet computation in the fast path).
The main issue with supporting Geneve options is how to integrate the
fields into the existing OpenFlow pipeline. All existing operations
are referred to by their NXM/OXM field name - matches, action generation,
arithmetic operations (i.e. tranfer to a register). However, the Geneve
option space is exactly the same as the OXM space, so a direct mapping
is not feasible. Instead, we create a pool of 64 NXMs that are then
dynamically mapped on Geneve option TLVs using OpenFlow. Once mapped,
these fields become first-class citizens in the OpenFlow pipeline.
An example of how to use Geneve options:
ovs-ofctl add-geneve-map br0 {class=0xffff,type=0,len=4}->tun_metadata0
ovs-ofctl add-flow br0 in_port=LOCAL,actions=set_field:0xffffffff->tun_metadata0,1
This will add a 4 bytes option (filled will all 1's) to all packets
coming from the LOCAL port and then send then out to port 1.
A limitation of this patch is that although the option table is specified
for a particular switch over OpenFlow, it is currently global to all
switches. This will be addressed in a future patch.
Based on work originally done by Madhu Challa. Ben Pfaff also significantly
improved the comments.
Signed-off-by: Madhu Challa <challa@noironetworks.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
2015-04-30 18:09:57 -07:00
|
|
|
/* Use this macro as CASE_MFF_TUN_METADATA: in a switch statement to choose
|
|
|
|
|
* all of the MFF_TUN_METADATAn cases. */
|
|
|
|
|
#define CASE_MFF_TUN_METADATA \
|
|
|
|
|
case MFF_TUN_METADATA0: case MFF_TUN_METADATA1: \
|
|
|
|
|
case MFF_TUN_METADATA2: case MFF_TUN_METADATA3: \
|
|
|
|
|
case MFF_TUN_METADATA4: case MFF_TUN_METADATA5: \
|
|
|
|
|
case MFF_TUN_METADATA6: case MFF_TUN_METADATA7: \
|
|
|
|
|
case MFF_TUN_METADATA8: case MFF_TUN_METADATA9: \
|
|
|
|
|
case MFF_TUN_METADATA10: case MFF_TUN_METADATA11: \
|
|
|
|
|
case MFF_TUN_METADATA12: case MFF_TUN_METADATA13: \
|
|
|
|
|
case MFF_TUN_METADATA14: case MFF_TUN_METADATA15: \
|
|
|
|
|
case MFF_TUN_METADATA16: case MFF_TUN_METADATA17: \
|
|
|
|
|
case MFF_TUN_METADATA18: case MFF_TUN_METADATA19: \
|
|
|
|
|
case MFF_TUN_METADATA20: case MFF_TUN_METADATA21: \
|
|
|
|
|
case MFF_TUN_METADATA22: case MFF_TUN_METADATA23: \
|
|
|
|
|
case MFF_TUN_METADATA24: case MFF_TUN_METADATA25: \
|
|
|
|
|
case MFF_TUN_METADATA26: case MFF_TUN_METADATA27: \
|
|
|
|
|
case MFF_TUN_METADATA28: case MFF_TUN_METADATA29: \
|
|
|
|
|
case MFF_TUN_METADATA30: case MFF_TUN_METADATA31: \
|
|
|
|
|
case MFF_TUN_METADATA32: case MFF_TUN_METADATA33: \
|
|
|
|
|
case MFF_TUN_METADATA34: case MFF_TUN_METADATA35: \
|
|
|
|
|
case MFF_TUN_METADATA36: case MFF_TUN_METADATA37: \
|
|
|
|
|
case MFF_TUN_METADATA38: case MFF_TUN_METADATA39: \
|
|
|
|
|
case MFF_TUN_METADATA40: case MFF_TUN_METADATA41: \
|
|
|
|
|
case MFF_TUN_METADATA42: case MFF_TUN_METADATA43: \
|
|
|
|
|
case MFF_TUN_METADATA44: case MFF_TUN_METADATA45: \
|
|
|
|
|
case MFF_TUN_METADATA46: case MFF_TUN_METADATA47: \
|
|
|
|
|
case MFF_TUN_METADATA48: case MFF_TUN_METADATA49: \
|
|
|
|
|
case MFF_TUN_METADATA50: case MFF_TUN_METADATA51: \
|
|
|
|
|
case MFF_TUN_METADATA52: case MFF_TUN_METADATA53: \
|
|
|
|
|
case MFF_TUN_METADATA54: case MFF_TUN_METADATA55: \
|
|
|
|
|
case MFF_TUN_METADATA56: case MFF_TUN_METADATA57: \
|
|
|
|
|
case MFF_TUN_METADATA58: case MFF_TUN_METADATA59: \
|
|
|
|
|
case MFF_TUN_METADATA60: case MFF_TUN_METADATA61: \
|
|
|
|
|
case MFF_TUN_METADATA62: case MFF_TUN_METADATA63
|
|
|
|
|
|
2011-09-12 12:11:50 -07:00
|
|
|
/* Prerequisites for matching a field.
|
|
|
|
|
*
|
|
|
|
|
* A field may only be matched if the correct lower-level protocols are also
|
|
|
|
|
* matched. For example, the TCP port may be matched only if the Ethernet type
|
|
|
|
|
* matches ETH_TYPE_IP and the IP protocol matches IPPROTO_TCP. */
|
2013-10-24 13:19:27 -07:00
|
|
|
enum OVS_PACKED_ENUM mf_prereqs {
|
2011-09-12 12:11:50 -07:00
|
|
|
MFP_NONE,
|
|
|
|
|
|
|
|
|
|
/* L2 requirements. */
|
2017-06-02 16:16:17 +00:00
|
|
|
MFP_ETHERNET,
|
2011-09-12 12:11:50 -07:00
|
|
|
MFP_ARP,
|
2012-07-23 11:36:44 +09:00
|
|
|
MFP_VLAN_VID,
|
2011-09-12 12:11:50 -07:00
|
|
|
MFP_IPV4,
|
|
|
|
|
MFP_IPV6,
|
|
|
|
|
MFP_IP_ANY,
|
userspace: Add support for NSH MD1 match fields
This patch adds support for NSH packet header fields to the OVS
control plane and the userspace datapath. Initially we support the
fields of the NSH base header as defined in
https://www.ietf.org/id/draft-ietf-sfc-nsh-13.txt
and the fixed context headers specified for metadata format MD1.
The variable length MD2 format is parsed but the TLV context headers
are not yet available for matching.
The NSH fields are modelled as experimenter fields with the dedicated
experimenter class 0x005ad650 proposed for NSH in ONF. The following
fields are defined:
NXOXM code ofctl name Size Comment
=====================================================================
NXOXM_NSH_FLAGS nsh_flags 8 Bits 2-9 of 1st NSH word
(0x005ad650,1)
NXOXM_NSH_MDTYPE nsh_mdtype 8 Bits 16-23
(0x005ad650,2)
NXOXM_NSH_NEXTPROTO nsh_np 8 Bits 24-31
(0x005ad650,3)
NXOXM_NSH_SPI nsh_spi 24 Bits 0-23 of 2nd NSH word
(0x005ad650,4)
NXOXM_NSH_SI nsh_si 8 Bits 24-31
(0x005ad650,5)
NXOXM_NSH_C1 nsh_c1 32 Maskable, nsh_mdtype==1
(0x005ad650,6)
NXOXM_NSH_C2 nsh_c2 32 Maskable, nsh_mdtype==1
(0x005ad650,7)
NXOXM_NSH_C3 nsh_c3 32 Maskable, nsh_mdtype==1
(0x005ad650,8)
NXOXM_NSH_C4 nsh_c4 32 Maskable, nsh_mdtype==1
(0x005ad650,9)
Co-authored-by: Johnson Li <johnson.li@intel.com>
Signed-off-by: Yi Yang <yi.y.yang@intel.com>
Signed-off-by: Jan Scheurich <jan.scheurich@ericsson.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
2017-08-05 13:41:08 +08:00
|
|
|
MFP_NSH,
|
2011-09-12 12:11:50 -07:00
|
|
|
|
2013-01-25 16:22:07 +09:00
|
|
|
/* L2.5 requirements. */
|
|
|
|
|
MFP_MPLS,
|
|
|
|
|
|
2011-09-12 12:11:50 -07:00
|
|
|
/* L2+L3 requirements. */
|
|
|
|
|
MFP_TCP, /* On IPv4 or IPv6. */
|
|
|
|
|
MFP_UDP, /* On IPv4 or IPv6. */
|
2013-08-22 20:24:45 +12:00
|
|
|
MFP_SCTP, /* On IPv4 or IPv6. */
|
2011-10-22 13:11:48 -07:00
|
|
|
MFP_ICMPV4,
|
2011-09-12 12:11:50 -07:00
|
|
|
MFP_ICMPV6,
|
2017-03-08 17:18:23 -08:00
|
|
|
MFP_CT_VALID, /* Implies IPv4 or IPv6. */
|
2011-09-12 12:11:50 -07:00
|
|
|
|
|
|
|
|
/* L2+L3+L4 requirements. */
|
|
|
|
|
MFP_ND,
|
|
|
|
|
MFP_ND_SOLICIT,
|
|
|
|
|
MFP_ND_ADVERT
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/* Forms of partial-field masking allowed for a field.
|
|
|
|
|
*
|
|
|
|
|
* Every field may be masked as a whole. */
|
2013-10-24 13:19:27 -07:00
|
|
|
enum OVS_PACKED_ENUM mf_maskable {
|
2011-09-12 12:11:50 -07:00
|
|
|
MFM_NONE, /* No sub-field masking. */
|
|
|
|
|
MFM_FULLY, /* Every bit is individually maskable. */
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/* How to format or parse a field's value. */
|
2013-10-24 13:19:27 -07:00
|
|
|
enum OVS_PACKED_ENUM mf_string {
|
2011-09-12 12:11:50 -07:00
|
|
|
/* Integer formats.
|
|
|
|
|
*
|
|
|
|
|
* The particular MFS_* constant sets the output format. On input, either
|
|
|
|
|
* decimal or hexadecimal (prefixed with 0x) is accepted. */
|
|
|
|
|
MFS_DECIMAL,
|
|
|
|
|
MFS_HEXADECIMAL,
|
|
|
|
|
|
|
|
|
|
/* Other formats. */
|
Add support for connection tracking.
This patch adds a new action and fields to OVS that allow connection
tracking to be performed. This support works in conjunction with the
Linux kernel support merged into the Linux-4.3 development cycle.
Packets have two possible states with respect to connection tracking:
Untracked packets have not previously passed through the connection
tracker, while tracked packets have previously been through the
connection tracker. For OpenFlow pipeline processing, untracked packets
can become tracked, and they will remain tracked until the end of the
pipeline. Tracked packets cannot become untracked.
Connections can be unknown, uncommitted, or committed. Packets which are
untracked have unknown connection state. To know the connection state,
the packet must become tracked. Uncommitted connections have no
connection state stored about them, so it is only possible for the
connection tracker to identify whether they are a new connection or
whether they are invalid. Committed connections have connection state
stored beyond the lifetime of the packet, which allows later packets in
the same connection to be identified as part of the same established
connection, or related to an existing connection - for instance ICMP
error responses.
The new 'ct' action transitions the packet from "untracked" to
"tracked" by sending this flow through the connection tracker.
The following parameters are supported initally:
- "commit": When commit is executed, the connection moves from
uncommitted state to committed state. This signals that information
about the connection should be stored beyond the lifetime of the
packet within the pipeline. This allows future packets in the same
connection to be recognized as part of the same "established" (est)
connection, as well as identifying packets in the reply (rpl)
direction, or packets related to an existing connection (rel).
- "zone=[u16|NXM]": Perform connection tracking in the zone specified.
Each zone is an independent connection tracking context. When the
"commit" parameter is used, the connection will only be committed in
the specified zone, and not in other zones. This is 0 by default.
- "table=NUMBER": Fork pipeline processing in two. The original instance
of the packet will continue processing the current actions list as an
untracked packet. An additional instance of the packet will be sent to
the connection tracker, which will be re-injected into the OpenFlow
pipeline to resume processing in the specified table, with the
ct_state and other ct match fields set. If the table is not specified,
then the packet is submitted to the connection tracker, but the
pipeline does not fork and the ct match fields are not populated. It
is strongly recommended to specify a table later than the current
table to prevent loops.
When the "table" option is used, the packet that continues processing in
the specified table will have the ct_state populated. The ct_state may
have any of the following flags set:
- Tracked (trk): Connection tracking has occurred.
- Reply (rpl): The flow is in the reply direction.
- Invalid (inv): The connection tracker couldn't identify the connection.
- New (new): This is the beginning of a new connection.
- Established (est): This is part of an already existing connection.
- Related (rel): This connection is related to an existing connection.
For more information, consult the ovs-ofctl(8) man pages.
Below is a simple example flow table to allow outbound TCP traffic from
port 1 and drop traffic from port 2 that was not initiated by port 1:
table=0,priority=1,action=drop
table=0,arp,action=normal
table=0,in_port=1,tcp,ct_state=-trk,action=ct(commit,zone=9),2
table=0,in_port=2,tcp,ct_state=-trk,action=ct(zone=9,table=1)
table=1,in_port=2,ct_state=+trk+est,tcp,action=1
table=1,in_port=2,ct_state=+trk+new,tcp,action=drop
Based on original design by Justin Pettit, contributions from Thomas
Graf and Daniele Di Proietto.
Signed-off-by: Joe Stringer <joestringer@nicira.com>
Acked-by: Jarno Rajahalme <jrajahalme@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
2015-08-11 10:56:09 -07:00
|
|
|
MFS_CT_STATE, /* Connection tracking state */
|
2011-09-12 12:11:50 -07:00
|
|
|
MFS_ETHERNET,
|
|
|
|
|
MFS_IPV4,
|
|
|
|
|
MFS_IPV6,
|
2014-10-07 15:24:11 -07:00
|
|
|
MFS_OFP_PORT, /* 16-bit OpenFlow 1.0 port number or name. */
|
|
|
|
|
MFS_OFP_PORT_OXM, /* 32-bit OpenFlow 1.1+ port number or name. */
|
2012-11-21 18:51:36 -08:00
|
|
|
MFS_FRAG, /* no, yes, first, later, not_later */
|
|
|
|
|
MFS_TNL_FLAGS, /* FLOW_TNL_F_* flags */
|
2013-12-02 15:14:09 -08:00
|
|
|
MFS_TCP_FLAGS, /* TCP_* flags */
|
2017-06-23 16:47:57 +00:00
|
|
|
MFS_PACKET_TYPE, /* "(NS,NS_TYPE)" */
|
2011-09-12 12:11:50 -07:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
struct mf_field {
|
|
|
|
|
/* Identification. */
|
|
|
|
|
enum mf_field_id id; /* MFF_*. */
|
|
|
|
|
const char *name; /* Name of this field, e.g. "eth_type". */
|
|
|
|
|
const char *extra_name; /* Alternate name, e.g. "dl_type", or NULL. */
|
|
|
|
|
|
|
|
|
|
/* Size.
|
|
|
|
|
*
|
2011-10-29 20:31:00 -07:00
|
|
|
* Most fields have n_bytes * 8 == n_bits. There are a few exceptions:
|
|
|
|
|
*
|
|
|
|
|
* - "dl_vlan" is 2 bytes but only 12 bits.
|
|
|
|
|
* - "dl_vlan_pcp" is 1 byte but only 3 bits.
|
|
|
|
|
* - "is_frag" is 1 byte but only 2 bits.
|
2011-11-01 15:57:56 -07:00
|
|
|
* - "ipv6_label" is 4 bytes but only 20 bits.
|
2013-01-25 16:22:07 +09:00
|
|
|
* - "mpls_label" is 4 bytes but only 20 bits.
|
|
|
|
|
* - "mpls_tc" is 1 byte but only 3 bits.
|
|
|
|
|
* - "mpls_bos" is 1 byte but only 1 bit.
|
2011-10-29 20:31:00 -07:00
|
|
|
*/
|
2011-09-12 12:11:50 -07:00
|
|
|
unsigned int n_bytes; /* Width of the field in bytes. */
|
|
|
|
|
unsigned int n_bits; /* Number of significant bits in field. */
|
2015-05-06 17:57:03 -07:00
|
|
|
bool variable_len; /* Length is variable, if so width is max. */
|
2011-09-12 12:11:50 -07:00
|
|
|
|
|
|
|
|
/* Properties. */
|
|
|
|
|
enum mf_maskable maskable;
|
|
|
|
|
enum mf_string string;
|
|
|
|
|
enum mf_prereqs prereqs;
|
2011-10-12 17:04:13 -07:00
|
|
|
bool writable; /* May be written by actions? */
|
ofp-actions: Fix variable length meta-flow OXMs.
Previously, if a flow action that involves a tunnel metadata meta-flow
field is dumped from vswitchd, the replied field length in the OXM header
is filled with the maximum possible field length, instead of the length
configured in the tunnel TLV mapping table. To solve this issue, this patch
introduces the following changes.
In order to maintain the correct length of variable length mf_fields (i.e.
tun_metadata), this patch creates a per-switch based map (struct vl_mff_map)
that hosts the variable length mf_fields. This map is updated when a
controller adds/deletes tlv-mapping entries to/from a switch. Although the
per-swtch based vl_mff_map only hosts tun_metadata for now, it is able to
support new variable length mf_fields in the future.
With this commit, when a switch decodes a flow action with mf_field, the switch
firstly looks up the global mf_fields map to identify the mf_field type. For
the variable length mf_fields, the switch uses the vl_mff_map to get the
configured mf_field entries. By lookig up vl_mff_map, the switch can check
if the added flow action access beyond the configured size of a variable
length mf_field, and the switch reports an ofperr if the controller adds a flow
with unmapped variable length mf_field. Later on, when a controller request
flows from the switch, with the per-switch based mf_fields, the switch will
encode the OXM header with correct length for variable length mf_fields.
To use the vl_mff_map for decoding flow actions, extract-ofp-actions is
updated to pass the vl_mff_map to the required action decoding functions.
Also, a new error code is introduced to identify a flow with an invalid
variable length mf_field. Moreover, a testcase is added to prevent future
regressions.
Committer notes:
- Factor out common code
- Style fixups
- Rename OFPERR_NXFMFC_INVALID_VL_MFF -> OFPERR_NXFMFC_INVALID_TLV_FIELD
VMWare-BZ: #1768370
Reported-by: Harold Lim <haroldl@vmware.com>
Suggested-by: Joe Stringer <joe@ovn.org>
Suggested-by: Jarno Rajahalme <jarno@ovn.org>
Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com>
Signed-off-by: Joe Stringer <joe@ovn.org>
2017-01-20 15:12:21 -08:00
|
|
|
bool mapped; /* Variable length mf_field is mapped. */
|
2011-10-12 17:04:13 -07:00
|
|
|
|
2013-08-20 18:41:45 -07:00
|
|
|
/* Usable protocols.
|
2014-07-26 12:15:26 -07:00
|
|
|
*
|
2013-08-20 18:41:45 -07:00
|
|
|
* NXM and OXM are extensible, allowing later extensions to be sent in
|
|
|
|
|
* earlier protocol versions, so this does not necessarily correspond to
|
|
|
|
|
* the OpenFlow protocol version the field was introduced in.
|
|
|
|
|
* Also, some field types are tranparently mapped to each other via the
|
|
|
|
|
* struct flow (like vlan and dscp/tos fields), so each variant supports
|
2018-02-09 10:04:26 -08:00
|
|
|
* all protocols. */
|
|
|
|
|
enum ofputil_protocol usable_protocols_exact; /* Match/set whole field. */
|
|
|
|
|
enum ofputil_protocol usable_protocols_cidr; /* Match CIDR mask. */
|
|
|
|
|
enum ofputil_protocol usable_protocols_bitwise; /* Match arbitrary bits. */
|
2013-12-11 11:07:01 -08:00
|
|
|
|
|
|
|
|
int flow_be32ofs; /* Field's be32 offset in "struct flow", if prefix tree
|
|
|
|
|
* lookup is supported for the field, or -1. */
|
2011-09-12 12:11:50 -07:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/* The representation of a field's value. */
|
|
|
|
|
union mf_value {
|
2016-07-29 16:52:03 -07:00
|
|
|
uint8_t b[128];
|
2015-06-19 13:39:03 -07:00
|
|
|
uint8_t tun_metadata[128];
|
2011-09-12 12:11:50 -07:00
|
|
|
struct in6_addr ipv6;
|
2015-08-28 14:55:11 -07:00
|
|
|
struct eth_addr mac;
|
2015-09-22 23:24:11 -07:00
|
|
|
ovs_be128 be128;
|
2013-10-15 12:40:37 -07:00
|
|
|
ovs_be64 be64;
|
|
|
|
|
ovs_be32 be32;
|
|
|
|
|
ovs_be16 be16;
|
|
|
|
|
uint8_t u8;
|
2011-09-12 12:11:50 -07:00
|
|
|
};
|
2015-06-19 13:39:03 -07:00
|
|
|
BUILD_ASSERT_DECL(sizeof(union mf_value) == 128);
|
2015-12-16 02:47:50 +08:00
|
|
|
BUILD_ASSERT_DECL(sizeof(union mf_value) >= TLV_MAX_OPT_SIZE);
|
2013-10-15 12:40:37 -07:00
|
|
|
|
2015-08-27 10:48:03 -07:00
|
|
|
/* A const mf_value with all bits initialized to ones. */
|
|
|
|
|
extern const union mf_value exact_match_mask;
|
|
|
|
|
|
2011-12-28 12:42:14 -08:00
|
|
|
/* Part of a field. */
|
|
|
|
|
struct mf_subfield {
|
|
|
|
|
const struct mf_field *field;
|
|
|
|
|
unsigned int ofs; /* Bit offset. */
|
|
|
|
|
unsigned int n_bits; /* Number of bits. */
|
|
|
|
|
};
|
|
|
|
|
|
2012-04-11 14:45:34 -07:00
|
|
|
/* Data for some part of an mf_field.
|
|
|
|
|
*
|
|
|
|
|
* The data is stored "right-justified". For example, if "union mf_subvalue
|
|
|
|
|
* value" contains NXM_OF_VLAN_TCI[0..11], then one could access the
|
|
|
|
|
* corresponding data in value.be16[7] as the bits in the mask htons(0xfff). */
|
|
|
|
|
union mf_subvalue {
|
2015-02-25 09:33:54 -08:00
|
|
|
/* Access to full data. */
|
2015-06-19 13:39:03 -07:00
|
|
|
uint8_t u8[128];
|
|
|
|
|
ovs_be16 be16[64];
|
|
|
|
|
ovs_be32 be32[32];
|
|
|
|
|
ovs_be64 be64[16];
|
2016-07-15 14:13:40 -07:00
|
|
|
ovs_be128 be128[8];
|
2015-02-25 09:33:54 -08:00
|
|
|
|
|
|
|
|
/* Convenient access to just least-significant bits in various forms. */
|
2016-06-15 14:47:35 +05:30
|
|
|
struct {
|
|
|
|
|
uint8_t dummy_u8[127];
|
|
|
|
|
uint8_t u8_val;
|
|
|
|
|
};
|
|
|
|
|
struct {
|
|
|
|
|
ovs_be16 dummy_be16[63];
|
|
|
|
|
ovs_be16 be16_int;
|
|
|
|
|
};
|
|
|
|
|
struct {
|
|
|
|
|
ovs_be32 dummy_be32[31];
|
|
|
|
|
ovs_be32 be32_int;
|
|
|
|
|
};
|
2015-02-25 09:33:54 -08:00
|
|
|
struct {
|
2015-06-19 13:39:03 -07:00
|
|
|
ovs_be64 dummy_integer[15];
|
2015-02-25 09:33:54 -08:00
|
|
|
ovs_be64 integer;
|
|
|
|
|
};
|
2016-07-15 20:33:59 +05:30
|
|
|
struct {
|
|
|
|
|
ovs_be128 dummy_be128[7];
|
|
|
|
|
ovs_be128 be128_int;
|
|
|
|
|
};
|
2015-02-25 09:33:54 -08:00
|
|
|
struct {
|
2015-06-19 13:39:03 -07:00
|
|
|
uint8_t dummy_mac[122];
|
2015-08-28 14:55:11 -07:00
|
|
|
struct eth_addr mac;
|
2015-02-25 09:33:54 -08:00
|
|
|
};
|
|
|
|
|
struct {
|
2015-06-19 13:39:03 -07:00
|
|
|
ovs_be32 dummy_ipv4[31];
|
2015-02-25 09:33:54 -08:00
|
|
|
ovs_be32 ipv4;
|
|
|
|
|
};
|
2015-06-19 13:39:03 -07:00
|
|
|
struct {
|
|
|
|
|
struct in6_addr dummy_ipv6[7];
|
|
|
|
|
struct in6_addr ipv6;
|
|
|
|
|
};
|
2012-04-11 14:45:34 -07:00
|
|
|
};
|
|
|
|
|
BUILD_ASSERT_DECL(sizeof(union mf_value) == sizeof (union mf_subvalue));
|
|
|
|
|
|
2015-04-15 15:06:23 -07:00
|
|
|
bool mf_subvalue_intersect(const union mf_subvalue *a_value,
|
|
|
|
|
const union mf_subvalue *a_mask,
|
|
|
|
|
const union mf_subvalue *b_value,
|
|
|
|
|
const union mf_subvalue *b_mask,
|
|
|
|
|
union mf_subvalue *dst_value,
|
|
|
|
|
union mf_subvalue *dst_mask);
|
|
|
|
|
int mf_subvalue_width(const union mf_subvalue *);
|
|
|
|
|
void mf_subvalue_shift(union mf_subvalue *, int n);
|
Implement serializing the state of packet traversal in "continuations".
One purpose of OpenFlow packet-in messages is to allow a controller to
interpose on the path of a packet through the flow tables. If, for
example, the controller needs to modify a packet in some way that the
switch doesn't directly support, the controller should be able to
program the switch to send it the packet, then modify the packet and
send it back to the switch to continue through the flow table.
That's the theory. In practice, this doesn't work with any but the
simplest flow tables. Packet-in messages simply don't include enough
context to allow the flow table traversal to continue. For example:
* Via "resubmit" actions, an Open vSwitch packet can have an
effective "call stack", but a packet-in can't describe it, and
so it would be lost.
* A packet-in can't preserve the stack used by NXAST_PUSH and
NXAST_POP actions.
* A packet-in can't preserve the OpenFlow 1.1+ action set.
* A packet-in can't preserve the state of Open vSwitch mirroring
or connection tracking.
This commit introduces a solution called "continuations". A continuation
is the state of a packet's traversal through OpenFlow flow tables. A
"controller" action with the "pause" flag, which is newly implemented in
this commit, generates a continuation and sends it to the OpenFlow
controller in a packet-in asynchronous message (only NXT_PACKET_IN2
supports continuations, so the controller must configure them with
NXT_SET_PACKET_IN_FORMAT). The controller processes the packet-in,
possibly modifying some of its data, and sends it back to the switch with
an NXT_RESUME request, which causes flow table traversal to continue. In
principle, a single packet can be paused and resumed multiple times.
Another way to look at it is:
- "pause" is an extension of the existing OFPAT_CONTROLLER
action. It sends the packet to the controller, with full
pipeline context (some of which is switch implementation
dependent, and may thus vary from switch to switch).
- A continuation is an extension of OFPT_PACKET_IN, allowing for
implementation dependent metadata.
- NXT_RESUME is an extension of OFPT_PACKET_OUT, with the
semantics that the pipeline processing is continued with the
original translation context from where it was left at the time
it was paused.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Jarno Rajahalme <jarno@ovn.org>
2016-02-19 16:10:06 -08:00
|
|
|
void mf_subvalue_format(const union mf_subvalue *, struct ds *);
|
2015-04-15 15:06:23 -07:00
|
|
|
|
2016-08-31 08:43:48 -07:00
|
|
|
static inline void mf_subvalue_from_value(const struct mf_subfield *sf,
|
|
|
|
|
union mf_subvalue *sv,
|
|
|
|
|
const void *value)
|
|
|
|
|
{
|
|
|
|
|
unsigned int n_bytes = DIV_ROUND_UP(sf->n_bits, 8);
|
|
|
|
|
memset(sv, 0, sizeof *sv - n_bytes);
|
|
|
|
|
memcpy(&sv->u8[sizeof sv->u8 - n_bytes], value, n_bytes);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2016-07-29 16:52:04 -07:00
|
|
|
/* Set of field values. 'values' only includes the actual data bytes for each
|
|
|
|
|
* field for which is used, as marked by 1-bits in 'used'. */
|
2015-03-20 13:50:30 +09:00
|
|
|
struct field_array {
|
|
|
|
|
struct mf_bitmap used;
|
2016-07-29 16:52:04 -07:00
|
|
|
size_t values_size; /* Number of bytes currently in 'values'. */
|
|
|
|
|
uint8_t *values; /* Dynamically allocated to the correct size. */
|
2015-03-20 13:50:30 +09:00
|
|
|
};
|
|
|
|
|
|
2011-09-12 12:11:50 -07:00
|
|
|
/* Finding mf_fields. */
|
|
|
|
|
const struct mf_field *mf_from_name(const char *name);
|
ofp-parse: Allow match field names in actions and brackets in matches.
Allow using match field names in addition to the canonical register
names in actions (including 'load', 'move', 'push', 'pop', 'output',
'multipath', 'bundle_load', and 'learn'). Allow also leaving out the
trailing '[]' to indicate full field. These changes allow simpler
syntax similar to 'set_field' to be used also elsewhere.
Correspondingly, allow the '[start..end]' syntax to be used in matches
in addition to the more explicit 'value/mask' notation. For example,
to match on the value 2 of the bits 14..15 of NXM_NX_REG0, the match
could include:
... reg0[14..15]=2 ...
instead of
... reg0=0x8000/0xc000 ...
Note that only contiguous masks can be specified with the bracket
notation.
Signed-off-by: Jarno Rajahalme <jarno@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
2017-01-04 16:10:56 -08:00
|
|
|
const struct mf_field *mf_from_name_len(const char *name, size_t len);
|
2011-09-12 12:11:50 -07:00
|
|
|
|
2013-10-24 13:19:27 -07:00
|
|
|
static inline const struct mf_field *
|
|
|
|
|
mf_from_id(enum mf_field_id id)
|
|
|
|
|
{
|
|
|
|
|
extern const struct mf_field mf_fields[MFF_N_IDS];
|
|
|
|
|
ovs_assert((unsigned int) id < MFF_N_IDS);
|
|
|
|
|
return &mf_fields[id];
|
|
|
|
|
}
|
|
|
|
|
|
2011-09-12 12:11:50 -07:00
|
|
|
/* Inspecting wildcarded bits. */
|
|
|
|
|
bool mf_is_all_wild(const struct mf_field *, const struct flow_wildcards *);
|
|
|
|
|
|
|
|
|
|
bool mf_is_mask_valid(const struct mf_field *, const union mf_value *mask);
|
|
|
|
|
void mf_get_mask(const struct mf_field *, const struct flow_wildcards *,
|
|
|
|
|
union mf_value *mask);
|
|
|
|
|
|
|
|
|
|
/* Prerequisites. */
|
2016-07-29 16:52:03 -07:00
|
|
|
bool mf_are_prereqs_ok(const struct mf_field *mf, const struct flow *flow,
|
|
|
|
|
struct flow_wildcards *wc);
|
2017-03-08 17:18:22 -08:00
|
|
|
bool mf_are_match_prereqs_ok(const struct mf_field *, const struct match *);
|
2011-09-12 12:11:50 -07:00
|
|
|
|
2014-05-02 17:41:32 +09:00
|
|
|
static inline bool
|
|
|
|
|
mf_is_l3_or_higher(const struct mf_field *mf)
|
|
|
|
|
{
|
|
|
|
|
return mf->id >= MFF_IPV4_SRC;
|
|
|
|
|
}
|
|
|
|
|
|
2011-09-12 12:11:50 -07:00
|
|
|
/* Field values. */
|
|
|
|
|
bool mf_is_value_valid(const struct mf_field *, const union mf_value *value);
|
|
|
|
|
|
|
|
|
|
void mf_get_value(const struct mf_field *, const struct flow *,
|
|
|
|
|
union mf_value *value);
|
|
|
|
|
void mf_set_value(const struct mf_field *, const union mf_value *value,
|
2015-08-31 14:20:17 -07:00
|
|
|
struct match *, char **err_str);
|
2011-10-12 17:04:13 -07:00
|
|
|
void mf_set_flow_value(const struct mf_field *, const union mf_value *value,
|
|
|
|
|
struct flow *);
|
2014-10-07 16:49:50 -07:00
|
|
|
void mf_set_flow_value_masked(const struct mf_field *,
|
|
|
|
|
const union mf_value *value,
|
|
|
|
|
const union mf_value *mask,
|
|
|
|
|
struct flow *);
|
2015-08-11 18:41:37 -07:00
|
|
|
bool mf_is_tun_metadata(const struct mf_field *);
|
ofproto-dpif-xlate: Fix zone set from non-frozen-metadata fields.
CT zone could be set from a field that is not included in frozen
metadata. Consider the example rules which are typically seen in
OpenStack security group rules:
priority=100,in_port=1,tcp,ct_state=-trk,action=ct(zone=5,table=0)
priority=100,in_port=1,tcp,ct_state=+trk,action=ct(commit,zone=NXM_NX_CT_ZONE[]),2
The zone is set from the first rule's ct action. These two rules will
generate two megaflows: the first one uses zone=5 to query the CT module,
the second one sets the zone-id from the first megaflow and commit to CT.
The current implementation will generate a megaflow that does not use
ct_zone=5 as a match, but directly commit into the ct using zone=5, as zone is
set by an Imm not a field.
Consider a situation that one changes the zone id (for example to 15)
in the first rule, however, still keep the second rule unchanged. During
this change, there is traffic hitting the two generated megaflows, the
revaldiator would revalidate all megaflows, however, the revalidator will
not change the second megaflow, because zone=5 is recorded in the
megaflow, so the xlate will still translate the commit action into zone=5,
and the new traffic will still commit to CT as zone=5, not zone=15,
resulting in taffic drops and other issues.
Just like OVS set-field convention, if a field X is set by Y
(Y is a variable not an Imm), we should also mask Y as a match
in the generated megaflow. An exception is that if the zone-id is
set by the field that is included in the frozen state (i.e. regs) and this
upcall is a resume of a thawed xlate, the un-wildcarding can be skipped,
as the recirc_id is a hash of the values in these fields, and it will change
following the changes of these fields. When the recirc_id changes,
all megaflows with the old recirc id will be invalid later.
Fixes: 07659514c3 ("Add support for connection tracking.")
Reported-by: Sai Su <susai.ss@bytedance.com>
Signed-off-by: Peng He <hepeng.0320@bytedance.com>
Acked-by: Mark D. Gray <mark.d.gray@redhat.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
2021-08-01 21:09:11 +08:00
|
|
|
bool mf_is_frozen_metadata(const struct mf_field *);
|
ofproto: Add pipeline fields support for OF 1.5 packet-out
This patch decodes pipeline fields from a packet-out message, and populates
the pipeline fields into datapath. Error OFPERR_OFPBRC_PIPELINE_FIELDS_ONLY
is returned if the match field of a packet-out messages contains any
non pipeline fields. Currently, the supported pipeline fields
are as following.
* metadata fields:
- in_port, in_port_oxm
* tunnel fields:
- tun_id, tun_src, tun_dst, tun_ipv6_src, tun_ipv6_dst
- tun_gbp_id, tun_gpb_flags, tun_flags
- tun_metadata0 - tun_metadata63
* register fields:
- metadata
- reg0 - reg-15, xreg0 - xreg7, xxreg0 - xxreg3
Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
2017-05-15 10:04:57 -07:00
|
|
|
bool mf_is_pipeline_field(const struct mf_field *);
|
2015-08-11 18:41:37 -07:00
|
|
|
bool mf_is_set(const struct mf_field *, const struct flow *);
|
2016-07-29 16:52:03 -07:00
|
|
|
void mf_mask_field(const struct mf_field *, struct flow_wildcards *);
|
|
|
|
|
void mf_mask_field_masked(const struct mf_field *, const union mf_value *mask,
|
|
|
|
|
struct flow_wildcards *);
|
2015-05-06 18:05:18 -07:00
|
|
|
int mf_field_len(const struct mf_field *, const union mf_value *value,
|
2015-08-11 18:41:37 -07:00
|
|
|
const union mf_value *mask, bool *is_masked);
|
2011-09-12 12:11:50 -07:00
|
|
|
|
2012-08-07 15:28:18 -07:00
|
|
|
void mf_get(const struct mf_field *, const struct match *,
|
2011-09-12 12:11:50 -07:00
|
|
|
union mf_value *value, union mf_value *mask);
|
2013-08-20 18:41:45 -07:00
|
|
|
|
|
|
|
|
/* Returns the set of usable protocols. */
|
2015-10-09 17:24:00 -07:00
|
|
|
uint32_t mf_set(const struct mf_field *, const union mf_value *value,
|
|
|
|
|
const union mf_value *mask, struct match *, char **err_str);
|
2011-09-12 12:11:50 -07:00
|
|
|
|
2015-08-31 14:20:17 -07:00
|
|
|
void mf_set_wild(const struct mf_field *, struct match *, char **err_str);
|
2011-09-12 12:11:50 -07:00
|
|
|
|
2011-12-28 12:42:14 -08:00
|
|
|
/* Subfields. */
|
2012-09-12 17:44:28 +09:00
|
|
|
void mf_write_subfield_flow(const struct mf_subfield *,
|
|
|
|
|
const union mf_subvalue *, struct flow *);
|
2012-04-11 14:45:34 -07:00
|
|
|
void mf_write_subfield(const struct mf_subfield *, const union mf_subvalue *,
|
2012-08-07 15:28:18 -07:00
|
|
|
struct match *);
|
2016-08-31 08:43:48 -07:00
|
|
|
void mf_write_subfield_value(const struct mf_subfield *, const void *src,
|
|
|
|
|
struct match *);
|
|
|
|
|
|
2015-04-15 15:06:23 -07:00
|
|
|
void mf_mask_subfield(const struct mf_field *,
|
|
|
|
|
const union mf_subvalue *value,
|
|
|
|
|
const union mf_subvalue *mask,
|
|
|
|
|
struct match *);
|
2012-04-11 14:45:34 -07:00
|
|
|
|
|
|
|
|
void mf_read_subfield(const struct mf_subfield *, const struct flow *,
|
|
|
|
|
union mf_subvalue *);
|
2011-12-28 12:42:14 -08:00
|
|
|
uint64_t mf_get_subfield(const struct mf_subfield *, const struct flow *);
|
|
|
|
|
|
2016-08-01 22:50:10 -07:00
|
|
|
void mf_subfield_copy(const struct mf_subfield *src,
|
|
|
|
|
const struct mf_subfield *dst,
|
|
|
|
|
struct flow *, struct flow_wildcards *);
|
|
|
|
|
void mf_subfield_swap(const struct mf_subfield *,
|
|
|
|
|
const struct mf_subfield *,
|
|
|
|
|
struct flow *flow, struct flow_wildcards *);
|
2012-04-11 14:45:34 -07:00
|
|
|
|
2017-03-08 17:18:22 -08:00
|
|
|
enum ofperr mf_check_src(const struct mf_subfield *, const struct match *);
|
|
|
|
|
enum ofperr mf_check_dst(const struct mf_subfield *, const struct match *);
|
2011-12-28 12:42:14 -08:00
|
|
|
|
2011-09-12 12:11:50 -07:00
|
|
|
/* Parsing and formatting. */
|
|
|
|
|
char *mf_parse(const struct mf_field *, const char *,
|
2017-05-31 16:06:12 -07:00
|
|
|
const struct ofputil_port_map *,
|
2011-09-12 12:11:50 -07:00
|
|
|
union mf_value *value, union mf_value *mask);
|
2017-05-31 16:06:12 -07:00
|
|
|
char *mf_parse_value(const struct mf_field *, const char *,
|
|
|
|
|
const struct ofputil_port_map *, union mf_value *);
|
2011-09-12 12:11:50 -07:00
|
|
|
void mf_format(const struct mf_field *,
|
|
|
|
|
const union mf_value *value, const union mf_value *mask,
|
2017-05-31 16:06:12 -07:00
|
|
|
const struct ofputil_port_map *,
|
2011-09-12 12:11:50 -07:00
|
|
|
struct ds *);
|
2012-09-12 17:44:28 +09:00
|
|
|
void mf_format_subvalue(const union mf_subvalue *subvalue, struct ds *s);
|
2011-09-12 12:11:50 -07:00
|
|
|
|
2015-03-20 13:50:30 +09:00
|
|
|
/* Field Arrays. */
|
|
|
|
|
void field_array_set(enum mf_field_id id, const union mf_value *,
|
|
|
|
|
struct field_array *);
|
2017-07-30 18:03:24 -07:00
|
|
|
|
2023-03-31 17:17:27 -04:00
|
|
|
/* Mask the required l3 prerequisites if a 'set' action occurs. */
|
|
|
|
|
void mf_set_mask_l3_prereqs(const struct mf_field *, const struct flow *,
|
|
|
|
|
struct flow_wildcards *);
|
|
|
|
|
|
2017-07-30 18:03:24 -07:00
|
|
|
#ifdef __cplusplus
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
|
2011-09-12 12:11:50 -07:00
|
|
|
#endif /* meta-flow.h */
|
