Introduces two new NXMs to represent VXLAN-GBP [0] fields.
actions=load:0x10->NXM_NX_TUN_GBP_ID[],NORMAL
tun_gbp_id=0x10,actions=drop
This enables existing VXLAN tunnels to carry security label
information such as a SELinux context to other network peers.
The values are carried to/from the datapath using the attribute
OVS_TUNNEL_KEY_ATTR_VXLAN_OPTS.
[0] https://tools.ietf.org/html/draft-smith-vxlan-group-policy-00
Signed-off-by: Madhu Challa <challa@noironetworks.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Signed-off-by: Thomas Graf <tgraf@noironetworks.com>
This patch adds set-field operations for nd_target, nd_sll, and nd_tll
fields, with and without masks, using Nicira extensions and OpenFlow 1.2
protocol.
Signed-off-by: Randall A Sharo <randall.sharo at navy.mil>
Signed-off-by: Ben Pfaff <blp@nicira.com>
struct list is a common name and can't be used in public headers.
Signed-off-by: Thomas Graf <tgraf@noironetworks.com>
Acked-by: Ben Pfaff <blp@nicira.com>
The following macros are renamed to avoid conflicts with other headers:
* WARN_UNUSED_RESULT to OVS_WARN_UNUSED_RESULT
* PRINTF_FORMAT to OVS_PRINTF_FORMAT
* NO_RETURN to OVS_NO_RETURN
Signed-off-by: Thomas Graf <tgraf@noironetworks.com>
Acked-by: Ben Pfaff <blp@nicira.com>
This patch enables a user to set importance for a new rule via add-flow
OF1.4+ in the OVS and display the same via dump-flows command OF1.4+.
The changes are made in accordance with OpenFlow 1.4 specs to implement
eviction on the basis of "importance". This patch also enhances the
diff-flows & replace-flows CLI for addition of importance parameter in
a rule.
This doesn't actually implement eviction on the basis of importance, which
will happen in a later patch.
Signed-off-by: Rishi Bamba <rishi.bamba@tcs.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Slightly simplify ofp10_match_to_string() by using ds_chomp()
rather than open-coding its logic.
Signed-off-by: Simon Horman <simon.horman@netronome.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
The ofproto implementation has had an abstraction layer on top of
OFPTC11_TABLE_MISS for a while. This commit pushes that abstraction layer
farther down, into ofp-util. This will be more useful in an upcoming
commit.
During the conversion I realized that the previous implementation was
not entirely correct. In particular, the OpenFlow 1.3+ "table mod" was
still being treated as if it had table miss configuration bits, even
though it doesn't. This commit fixes that issue and updates the tests.
OpenFlow 1.4 adds some more OFPTC_* flags that this new abstraction doesn't
yet support, but OVS didn't support those flags any better before this
commit, so abstracting those is left as future work.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jarno Rajahalme <jrajahalme@nicira.com>
Until now, sets of actions have been abstracted separately outside
ofp-actions, as enum ofputil_action_bitmap. Drawing sets of actions into
ofp-actions, as done in this commit, makes for a better overall
abstraction of actions, with better consistency.
A big part of this commit is shifting from using ofp12_table_stats as if
it were an abstraction for OpenFlow table stats, toward using a new
struct ofputil_table_stats, which is what we generally do with other
OpenFlow structures and fits better with the rest of the code.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jarno Rajahalme <jrajahalme@nicira.com>
An upcoming commit will increase the number of fields beyond 64.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jarno Rajahalme <jrajahalme@nicira.com>
Merge ofp_print_stats_reply() and ofp_print_stats_request()
into a single new function, ofp_print_stats().
For stats replies there should be no run-time change in behaviour.
For pre-OpenFlow1.3 stats requests there should also be
no run-time change in behaviour.
For OpenFlow1.3+ stats requests the more flag is now printed
as present. Previously ***unknown flags 0x0001*** was printed.
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
OpenFlow 1.4 and earlier always send the description of every port in
response to an OFPMP_PORT_DESC request. OpenFlow 1.5 proposes allowing
the controller to request a description of a single port. This commit
implements a prototype.
EXT-69.
Signed-off-by: Ben Pfaff <blp@nicira.com>
OpenFlow 1.4 and earlier always send the description of every group in
response to an OFPMP_GROUP_DESC request. OpenFlow 1.5 proposes allowing
the controller to request a description of a single group. This commit
implements a prototype.
EXT-69.
Signed-off-by: Ben Pfaff <blp@nicira.com>
It's harder to calculate the number of ports in a given amount of space in
OpenFlow 1.4 and later, because the ofp_port structure becomes variable
length in those versions. This commit removes the one caller, replacing
it by a version that doesn't need to know the number of ports in advance.
Signed-off-by: Ben Pfaff <blp@nicira.com>
This is only the communication part of the bundles functionality.
The actual message pre-validation and commits are not implemented.
We also enable OF1.4 for all the tests.
Signed-off-by: Alexandru Copot <alex.mihai.c@gmail.com>
Cc: Daniel Baluta <dbaluta@ixiacom.com>
[blp@nicira.com made ofputil_decode_bundle_add() more obviously correct]
Signed-off-by: Ben Pfaff <blp@nicira.com>
Also fix some tests that can now properly print packets
with the new protocol version.
Signed-off-by: Alexandru Copot <alex.mihai.c@gmail.com>
Cc: Daniel Baluta <dbaluta@ixiacom.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Infrastructure to enable megaflow support for bond ports using
recirculation. This patch adds the following features:
* Generate RECIRC action when bond can benefit from recirculation.
* Populate post recirculation rules in a hidden table. Currently table 254.
* Uses post recirculation rules for bond rebalancing
* A recirculation implementation in dpif-netdev.
The goal of this patch is to be able to megaflow bond outputs and
thus greatly improve performance. However, this patch does not
actually improve the megaflow generation. It is left for a later commit.
Signed-off-by: Andy Zhou <azhou@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
The body of an OpenFlow error message often contains an inner OpenFlow
message, and when it does, the inner message starts at an odd multiple of 4
bytes from the beginning of the outer message. That means that, on RISC
systems, accessing the inner message directly causes a bus error. This
commit fixes the problem in a way that should make it difficult to recur.
This fixes the failure of tests 643, 645, and 651 on sparc seen here:
https://buildd.debian.org/status/fetch.php?pkg=openvswitch&arch=sparc&ver=2.1.0%2Bgit20140325-1&stamp=1396438624
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jarno Rajahalme <jrajahalme@nicira.com>
Code reads better without the "get", for example "ofpbuf_l3()"
v.s. "ofpbuf_get_l3()". L4 payoad access functions still use the
"get" (e.g., "ofpbuf_get_tcp_payload()").
Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com>
This patch shrinks the struct ofpbuf from 104 to 48 bytes on 64-bit
systems, or from 52 to 36 bytes on 32-bit systems (counting in the
'l7' removal from an earlier patch). This may help contribute to
cache efficiency, and will speed up initializing, copying and
manipulating ofpbufs. This is potentially important for the DPDK
datapath, but the rest of the code base may also see a little benefit.
Changes are:
- Remove 'l7' pointer (previous patch).
- Use offsets instead of layer pointers for l2_5, l3, and l4 using
'l2' as basis. Usually 'data' is the same as 'l2', but this is not
always the case (e.g., when parsing or constructing a packet), so it
can not be easily used as the offset basis. Also, packet parsing is
faster if we do not need to maintain the offsets each time we pull
data from the ofpbuf.
- Use uint32_t for 'allocated' and 'size', as 2^32 is enough even for
largest possible messages/packets.
- Use packed enum for 'source'.
- Rearrange to avoid unnecessary padding.
- Remove 'private_p', which was used only in two cases, both of which
had the invariant ('l2' == 'data'), so we can temporarily use 'l2'
as a private pointer.
Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Now that we don't need to parse TCP flags from the packet after
extraction, we usually do not need the 'l7' pointer any more. When
needed, ofpbuf_get_tcp|udp|sctp|icmp_payload() or ofpbuf_get_l4_size()
can be used instead.
Removal of 'l7' was requested by Pravin for the DPDK datapath work, as
it simplifies packet parsing a bit.
Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
'metadata_match' and 'metadata_write' fields are defined as ovs_be64,
but sometimes used and referred to as uint64_t.
Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com>
This defines the version number for OpenFlow 1.4 so that the switch
can actually use it. The ovsdb schema is also modified.
Signed-off-by: Alexandru Copot <alex.mihai.c@gmail.com>
Cc: Daniel Baluta <dbaluta@ixiacom.com>
[blp@nicira.com adjusted code in cases where 1.3 and 1.4 are the same]
Signed-off-by: Ben Pfaff <blp@nicira.com>
We used to map ODPP_NONE to port number 0, which is wrong, as
ODPP_NONE is a valid value of the flow's in_port.
Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Change the flow_extract() API to accept struct pkt_metadata,
instead of individual metadata fields. It will make the API more
logical and easier to maintain when we need to expand metadata
down the road.
Signed-off-by: Andy Zhou <azhou@nicira.com>
Acked-by: Jarno Rajahalme <jrajahalme@nicira.com>¬
Occasionally I run a command like this:
watch -n.1 ovs-ofctl dump-flows br0
to see how flows change over time. Until now, it has been more difficult
than necessary to spot real changes, because flows "jump around" as the
number of decimals printed for duration changes from moment to moment.
That is, you might see
cookie=0x0, duration=4.566s, table=0, n_packets=0, ...
one moment, and then
cookie=0x0, duration=4.8s, table=0, n_packets=0, ...
the next moment. Shortening 4.8 to 4.800 shifts everything following it
two places to the left, creating a visual jump.
This commit avoids that problem by always printing at least three decimals
if we print any. There can still be an occasional jump if a duration is
exactly on a second boundary, but that only happens 1/1000 of the time.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Andy Zhou <azhou@nicira.com>
This allows other libraries to use util.h that has already
defined NOT_REACHED.
Signed-off-by: Harold Lim <haroldl@vmware.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
The MSVC C library printf() implementation does not support the 'z', 't',
'j', or 'hh' format specifiers. This commit changes the Open vSwitch code
to avoid those format specifiers, switching to standard macros from
<inttypes.h> where available and inventing new macros resembling them
where necessary. It also updates CodingStyle to specify the macros' use
and adds a Makefile rule to report violations.
Signed-off-by: Alin Serdean <aserdean@cloudbasesolutions.com>
Co-authored-by: Ben Pfaff <blp@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Jarno pointed out that modify_flows__() didn't really need to check every
instance of the flow separately. After some further investigation I
decided that this was even more of an improvement.
CC: Jarno Rajahalme <jrajahalme@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jarno Rajahalme <jrajahalme@nicira.com>
When a controller changes its role to MASTER, the others are marked
as SLAVE. This patch makes it possible to notify the controllers
of this change.
Signed-off-by: Alexandru Copot <alex.mihai.c@gmail.com>
Cc: Daniel Baluta <dbaluta@ixiacom.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
It contains only Set-Async-Config and Role status message definitions.
Signed-off-by: Alexandru Copot <alex.mihai.c@gmail.com>
Cc: Daniel Baluta <dbaluta@ixiacom.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Open vSwitch has never implemented this request and reply, even though they
have been in OpenFlow since version 1.0. This commit adds an
implementation.
Signed-off: Venkitachalam Gopalakrishnan <gops@vmware.com>
Co-authored-by: Ben Pfaff <blp@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Joe Stringer <joestringer@nicira.com>
OpenFlow 1.3 uses all-1-bits in a packet_in to indicate that the packet_in
was not generated by a flow, but Open vSwitch incorrectly used 0. This
fixes the problem.
For consistency, this commit also changes NXT_PACKET_IN to use all-1-bits
for this case, event though NXT_PACKET_IN was previously defined to use
zero. This doesn't appear to make a difference for the NVP controller; if
it causes a problem for some other controller then I will revert that part
of the change.
Found by inspection.
Signed-off-by: Ben Pfaff <blp@nicira.com>
In OpenFlow 1.1 and 1.2, the push_mpls action pushes the MPLS label after
any existing VLAN tag. In OpenFlow 1.3, it pushes the label before any
existing VLAN tag. Until now, the action parser didn't distinguish these
cases. This commit adds support. Nothing yet actually changes the
behavior of push_mpls.
enum ofpact_mpls_position contributed by Ben Pfaff.
Signed-off-by: Joe Stringer <joe@wand.net.nz>
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Added infrastructure to support Openflow OFPT_TABLE_MOD message. This patch
does not include the flexible table miss handling code that is necessary to
support the semantics specified in OFPT_TABLE_MOD messages.
Current flow miss behavior continues to conform to Openflow 1.0. Future
commits to add more flexible table miss support are needed to fully support
OPFT_TABLE_MOD for Openflow-1.1+.
Signed-off-by: Andy Zhou <azhou@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
struct ofputil_group_stats has an arbitrary limit
of 16 buckets for which it can record statistics.
However the code does not appear to enforce this
limit and it seems to me that the code could overflow.
This patch aims to remove the arbitrary limit by
changing the 'bucket_stats' field of struct ofputil_group_stats
from a fixed length array to a pointer whose storage is allocated and freed
as necessary.
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>
This doesn't include a dpif implementation of groups functionality. In its
current form, it is untested.
Signed-off-by: Neil Zhu <zhuj@centecnetworks.com>
Co-authored-by: Ben Pfaff <blp@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Co-authored-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Simon Horman <horms@verge.net.au>
Co-authored-by: Jarno Rajahalme <jrajahalme@nicira.com>
Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com>
The OFPFF_* flags used in flow_mods are just confusing enough that it
seems worthwhile to try to abstract them out. In particular:
* OFPFF_EMERG was introduced in OF1.0, deleted in OF1.1, and then
its bit was reused for a different purpose in OF1.2.
* OFPFF_RESET_COUNTS was introduced in OF1.2 but the semantics that it
specifies are implied by "add" commands in earlier versions, so
proper translation requires the OpenFlow version number and flow_mod
command.
This commit does the abstraction.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>
