* Allow OXM matches which specified in OpenFlow 1.2.
Also allow them for OpenFlow 1.1 as there seems little reason not to.
* Pass padded_match_len parameter which if on NULL will be set to
the padded match len. This will be used when decoding flow statistics
response messages.
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
OVS has all kinds of odd fields, e.g. registers, and it doesn't make sense
to try to match on all of them. This commit changes learning-switch to
only try to match on the fields defined by OpenFlow 1.0. That's still not
minimal, but it's more reasonable.
This commit should not have an immediately visible effect since
ovs-controller always sends OF1.0 format flows to the switch, and OF1.0
format flows don't have these extra fields. But in the future when we
add support for new protocols and flow formats to ovs-controller, it
will make a difference.
Signed-off-by: Ben Pfaff <blp@nicira.com>
There are capabilities which are present in one, two and three
of Open Flow 1.0, 1.1 and 1.2. Update OFPC_COMMON to only include
capabilities that are present in all three Open Flow versions and
add ofputil_capabilities_mask() to return the mask of capabilities
for each version.
This does not cover OFPUTIL_C_STP and OFPUTIL_C_GROUP_STATS, which
both use capability bit 3 and are treated as special cases in
ofputil_encode_switch_features() and ofputil_decode_switch_features().
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Use an enum for ofp_version in ofp-util and ofp-msg.
This in conjunction with the use of switch() statements
allows the compiler to warn when a new ofp_version isn't handled.
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
OpenFlow headers are not as uniform as they could be, with size, alignment,
and numbering changes from one version to another and across varieties
(e.g. ordinary messages vs. "stats" messages). Until now the Open vSwitch
internal APIs haven't done a good job of abstracting those differences in
header formats. This commit changes that; from this commit forward very
little code actually needs to understand the header format or numbering.
Instead, it can just encode or decode, or pull or put, the header using
a more abstract API using the ofpraw_, ofptype_, and other APIs in the
new ofp-msgs module.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Tested-by: Simon Horman <horms@verge.net.au>
Reviewed-by: Simon Horman <horms@verge.net.au>
Add OFPUTIL_P_OF12 and NXFF_OPENFLOW12 for Open Flow 1.2
OFPUTIL_P_OF12_TID and in turn OFPUTIL_P_OF12_ANY is not provided as
OFPUTIL_P_OF12 supports the use of table ids in modify flow messages.
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
OpenFlow switching monitoring and controller coordination can be made more
efficient if the switch can notify a controller of flow table changes as
they occur, rather than periodically polling for changes. This commit
implements such a feature.
Feature #6633.
CC: Natasha Gude <natasha@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
An upcoming commit will introduce a user outside of ofp-util.c.
The change to put_stats_reply__() is larger than strictly necessary to
avoid making really ugly line breaks.
Signed-off-by: Ben Pfaff <blp@nicira.com>
So far, only the Apply-Actions instruction is supported, and only
actions that have identical semantics to OpenFlow 1.0 actions.
Co-authored-by: Simon Horman <horms@verge.net.au>
Co-authored-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Ben Pfaff <blp@nicira.com>
OpenFlow actions have always been somewhat awkward to handle.
Moreover, over time we've started creating actions that require more
complicated parsing. When we maintain those actions internally in
their wire format, we end up parsing them multiple times, whenever
we have to look at the set of actions.
When we add support for OpenFlow 1.1 or later protocols, the situation
will get worse, because these newer protocols support many of the same
actions but with different representations. It becomes unrealistic to
handle each protocol in its wire format.
This commit adopts a new strategy, by converting OpenFlow actions into
an internal form from the wire format when they are read, and converting
them back to the wire format when flows are dumped. I believe that this
will be more maintainable over time.
Thanks to Simon Horman and Pravin Shelar for reviews.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Possibly the ofputil_decode_action() interface should be rethought now
that ofputil_action_code has an invalid value.
Reviewed-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
This is another step toward OpenFlow 1.1 support. The change does not
affect any outwardly visible OpenFlow behavior yet.
Reviewed-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
This better fits our general policy of adding a version number suffix
to structures and constants whose values differ from one OpenFlow
version to the next.
Reviewed-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Commit e72e793 (Add ability to restrict flow mods and flow stats
requests to cookies.) modified cookie handling. Some of its behavior
was unintuitive and there was at least one bug (described below).
Commit f66b87d (DESIGN: Document uses for flow cookies.) attempted to
document a clean design for cookie handling. This commit updates the
DESIGN document and brings the implementation in line with it.
In commit e72e793, the code that handled processing OpenFlow flow
modification requests set the cookie mask to exact-match. This seems
reasonable for adding flows, but is not correct for matching, since
OpenFlow 1.0 doesn't support matching based on the cookie. This commit
changes to cookie mask to fully wildcarded, which is the correct
behavior for modifications and deletions. It doesn't cause any problems
for flow additions, since the mask is ignored for that operation.
Bug #9742
Reported-by: Luca Giraudo <lgiraudo@nicira.com>
Reported-by: Paul Ingram <paul@nicira.com>
Signed-off-by: Justin Pettit <jpettit@nicira.com>
Add function to determine whether the max number of ports are contains
in a Features Reply. If so, it removes the port list, since it may be
incomplete. This function will be used in a later commit.
Signed-off-by: Justin Pettit <jpettit@nicira.com>
OpenFlow 1.0 is limited to displaying 1364 ports in the Features Reply
message, and there is no other way to get consolidated port information.
OpenFlow 1.3 adds a new port description multipart message
(OFPMP_PORT_DESC) that is not limited by size. This commit adds support
through the OpenFlow 1.0 stats mechanism, since they have complimentary
enum values.
Bug #11040
Signed-off-by: Justin Pettit <jpettit@nicira.com>
Some OpenFlow 1.0 controllers incorrectly use OPFP_CONTROLLER as the
in_port in packet-out messages, when OFPP_NONE is their intent. Until now,
Open vSwitch has rejected such requests with an error message. This commit
makes Open vSwitch instead treat OFPP_CONTROLLER the same as OFPP_NONE for
compatibility with those controllers.
(Also, as of this writing, OpenFlow 1.0.1 appears to be changing the port
to use from OFPP_NONE to OFPP_CONTROLLER.)
Suggested-by: Rob Sherwood <rob.sherwood@bigswitch.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Replaced all instances of Nicira Networks(, Inc) to Nicira, Inc.
Feature #10593
Signed-off-by: Raju Subramanian <rsubramanian@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
An upcoming commit will start referring to OpenFlow 1.1 actions, which are
renumbered relative to OpenFlow 1.0 actions, so this commit prepares by
changing all the existing uses of OFPAT_* to instead use OFPAT10_*.
This commit also introduces the OFPAT11_* constants.
Reviewed-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
netdev_get_features() and other functions have always used OpenFlow 1.0
"enum ofp_port_features" bits as part of their interface. This commit
switches over to using an internally defined interface that is not tied
directly to any OpenFlow version, making evolution of each side of the
interface easier in the future.
Reviewed-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
OpenFlow 1.1 extends port numbers to 32 bits. Initially we plan to support
only port numbers in the 16-bit range in Open vSwitch. However the OF1.1
reserved ports have high-valued fixed numbers that require translation to
high fixed values in the 16-bit range for OF1.0. These new functions
provide this translation.
Nothing uses these functions yet.
Reviewed-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Open vSwitch already handles a few different protocol variations, but it
does so in a nonuniform manner:
- OpenFlow 1.0 and NXM flow formats are distinguished using the NXFF_*
constant values from nicira-ext.h.
- The "flow_mod_table_id" feature setting is maintained in ofproto as
part of an OpenFlow connection's (ofconn's) state.
There's no way to easily communicate this state among components. It's
not much of a problem yet, but as more protocol support is added it seems
better to have an abstract, uniform way to represent protocol versions and
variants. This commit implements that by introducing a new type
"enum ofputil_protocol". Each ofputil_protocol value represents a variant
of a protocol version. Each value is a separate bit, so a single enum
can also represent a set of protocols, which is often useful as well.
Reviewed-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Nicira's controllers are somewhat heterogeneous, so that particular
"packet-in" messages should be directed to particular controllers. This
new Nicira extension action allows designating a controller or controllers
to receive the "packet-in" using a 16-bit integer ID.
The new NXAST_CONTROLLER action also specifies the "reason" code to include
in the "packet-in" message. This is particularly useful for simulating a
"no-match" "packet-in" using a rule.
Feature #8946.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Upcoming commits add a user for ofputil_packet_in_reason_from_string()
and more users for ofputil_packet_in_reason_to_string().
Signed-off-by: Ben Pfaff <blp@nicira.com>
The "learn" action can create matching return flows. If those have a long
timeout then it's a good idea to have a way to notice when in fact the
flows have terminated. This new action and matching "learn" feature
provides that way.
Feature #8603.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Until now, the rules that cover the asynchronous messages that Open vSwitch
sends to a controller have been ad hoc. The new NXT_SET_ASYNC_CONFIG
message provides systematic, precise control.
Feature #7086.
Signed-off-by: Ben Pfaff <blp@nicira.com>
This makes the ofp-util support for packet_out better match the support
that ofp-util has for other OpenFlow messages. It also prepares for an
upcoming patch that adds a new piece of code that generates packet_out
messages.
Signed-off-by: Ben Pfaff <blp@nicira.com>
The "learn" action is useful for MAC learning, but until now there has been
no way to find out through OpenFlow how much time remains before a MAC
learning entry (a learned flow) expires. This commit adds that ability.
Feature #7193.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Following patch implements dec_ttl as vendor action with similar
semantics as OpenFlow 1.2. If TTL reaches zero while procession
actions in current table, the remaining actions in previous tables
are processed. A configuration parameter is added to make TTL
decrement to zero generate packet in.
Feature #8758
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
This commit switches from using the actual protocol values of error codes
internally in Open vSwitch, to using abstract values that are translated to
and from protocol values at message parsing and serialization time. I
believe that this makes the code easier to read and to write.
This is also one step along the way toward OpenFlow 1.1 support because
OpenFlow 1.1 renumbered a bunch of error codes.
Signed-off-by: Ben Pfaff <blp@nicira.com>
The new PACKET_IN format implemented in this patch includes flow
metadata such as the cookie, table_id, and registers.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
This will make the memory ownership clearer in future patches which
make more extensive use of ofputil_packet_in.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
This patch removes an optimization which significantly complicates
the code in ways which would get worse in future patches if not
removed. Furthermore, future patches will have fewer cases which
can take advantage of the optimization further mitigating its
justification.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
With this commit, it is possible to limit flow deletions and
modifications to specific cookies. It also provides the ability to
dump flows based on their cookies.
Signed-off-by: Justin Pettit <jpettit@nicira.com>
Until now, OVS has handled IP fragments more awkwardly than necessary. It
has not been possible to match on L4 headers, even in fragments with offset
0 where they are actually present. This means that there was no way to
implement ACLs that treat, say, different TCP ports differently, on
fragmented traffic; instead, all decisions for fragment forwarding had to
be made on the basis of L2 and L3 headers alone.
This commit improves the situation significantly. It is still not possible
to match on L4 headers in fragments with nonzero offset, because that
information is simply not present in such fragments, but this commit adds
the ability to match on L4 headers for fragments with zero offset. This
means that it becomes possible to implement ACLs that drop such "first
fragments" on the basis of L4 headers. In practice, that effectively
blocks even fragmented traffic on an L4 basis, because the receiving IP
stack cannot reassemble a full packet when the first fragment is missing.
This commit works by adding a new "fragment type" to the kernel flow match
and making it available through OpenFlow as a new NXM field named
NXM_NX_IP_FRAG. Because OpenFlow 1.0 explicitly says that the L4 fields
are always 0 for IP fragments, it adds a new OpenFlow fragment handling
mode that fills in the L4 fields for "first fragments". It also enhances
ovs-ofctl to allow users to configure this new fragment handling mode and
to parse the new field.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Bug #7557.
