dpif-netdev: Exact match non-presence of vlans.

The Netlink encoding of datapath flow keys cannot express wildcarding the presence of a VLAN tag. Instead, a missing VLAN tag is interpreted as exact match on the fact that there is no VLAN. This makes reading datapath flow dumps confusing, since for everything else, a missing key value means that the corresponding key was wildcarded. Unless we refactor a lot of code that translates between Netlink and struct flow representations, we have to do the same in the userspace datapath. This makes at least the flow install logs show that the vlan_tci field is matched to zero. However, the datapath flow dumps remain as they were before, as they are performed using the netlink format. Add a test to verify that packet with a vlan will not match a rule that may seem wildcarding the presence of the vlan tag. Applying this test without the userspace datapath modification showed that the userspace datapath failed to create a new datapath flow for the VLAN packet before this patch. Reported-by: Tony van der Peet <tony.vanderpeet@gmail.com> Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
2025-08-31 14:25:26 +00:00 · 2015-09-18 17:47:37 -07:00
parent cee06621d9
commit 449b813113
3 changed files with 120 additions and 35 deletions
--- a/lib/odp-util.c
+++ b/lib/odp-util.c
@@ -4193,6 +4193,7 @@ odp_flow_key_to_flow__(const struct nlattr *key, size_t key_len,
                                  expected_attrs, flow, key, key_len, src_flow);
    }
    if (is_mask) {
+        /* A missing VLAN mask means exact match on vlan_tci 0 (== no VLAN). */
        flow->vlan_tci = htons(0xffff);
        if (present_attrs & (UINT64_C(1) << OVS_KEY_ATTR_VLAN)) {
            flow->vlan_tci = nl_attr_get_be16(attrs[OVS_KEY_ATTR_VLAN]);