/*
- * Copyright (c) 2008, 2009, 2010, 2011 Nicira, Inc.
+ * Copyright (c) 2008, 2009, 2010, 2011, 2013, 2014, 2015 Nicira, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
#include "socket-util.h"
#include "timeval.h"
#include "util.h"
-#include "vlog.h"
+#include "openvswitch/vlog.h"
VLOG_DEFINE_THIS_MODULE(netflow);
long long int reconfig_time; /* When we reconfigured the timeouts. */
struct hmap flows; /* Contains 'netflow_flows'. */
+
+ struct ovs_refcount ref_cnt;
};
struct netflow_flow {
long long int used; /* Last-used time (0 if never used). */
};
+static struct ovs_mutex mutex = OVS_MUTEX_INITIALIZER;
+static atomic_count netflow_count = ATOMIC_COUNT_INIT(0);
+
static struct netflow_flow *netflow_flow_lookup(const struct netflow *,
- const struct flow *);
+ const struct flow *)
+ OVS_REQUIRES(mutex);
static uint32_t netflow_flow_hash(const struct flow *);
-static void netflow_expire__(struct netflow *, struct netflow_flow *);
+static void netflow_expire__(struct netflow *, struct netflow_flow *)
+ OVS_REQUIRES(mutex);
+static void netflow_run__(struct netflow *) OVS_REQUIRES(mutex);
void
-netflow_mask_wc(struct flow *flow, struct flow_wildcards *wc)
+netflow_mask_wc(const struct flow *flow, struct flow_wildcards *wc)
{
if (flow->dl_type != htons(ETH_TYPE_IP)) {
return;
memset(&wc->masks.nw_proto, 0xff, sizeof wc->masks.nw_proto);
memset(&wc->masks.nw_src, 0xff, sizeof wc->masks.nw_src);
memset(&wc->masks.nw_dst, 0xff, sizeof wc->masks.nw_dst);
- memset(&wc->masks.tp_src, 0xff, sizeof wc->masks.tp_src);
- memset(&wc->masks.tp_dst, 0xff, sizeof wc->masks.tp_dst);
+ flow_unwildcard_tp_ports(flow, wc);
wc->masks.nw_tos |= IP_DSCP_MASK;
}
static void
gen_netflow_rec(struct netflow *nf, struct netflow_flow *nf_flow,
uint32_t packet_count, uint32_t byte_count)
+ OVS_REQUIRES(mutex)
{
struct netflow_v5_header *nf_hdr;
struct netflow_v5_record *nf_rec;
nf_hdr->sysuptime = htonl(time_msec() - nf->boot_time);
nf_hdr->unix_secs = htonl(now.tv_sec);
nf_hdr->unix_nsecs = htonl(now.tv_nsec);
- nf_hdr->flow_seq = htonl(nf->netflow_cnt++);
nf_hdr->engine_type = nf->engine_type;
nf_hdr->engine_id = nf->engine_id;
nf_hdr->sampling_interval = htons(0);
nf_hdr = nf->packet.data;
nf_hdr->count = htons(ntohs(nf_hdr->count) + 1);
+ nf_hdr->flow_seq = htonl(nf->netflow_cnt++);
nf_rec = ofpbuf_put_zeros(&nf->packet, sizeof *nf_rec);
nf_rec->src_addr = nf_flow->nw_src;
/* NetFlow messages are limited to 30 records. */
if (ntohs(nf_hdr->count) >= 30) {
- netflow_run(nf);
+ netflow_run__(nf);
}
}
void
-netflow_flow_update(struct netflow *nf, struct flow *flow,
+netflow_flow_update(struct netflow *nf, const struct flow *flow,
ofp_port_t output_iface,
const struct dpif_flow_stats *stats)
+ OVS_EXCLUDED(mutex)
{
struct netflow_flow *nf_flow;
long long int used;
return;
}
+ ovs_mutex_lock(&mutex);
nf_flow = netflow_flow_lookup(nf, flow);
if (!nf_flow) {
nf_flow = xzalloc(sizeof *nf_flow);
nf_flow->last_expired = time_msec();
}
}
+
+ ovs_mutex_unlock(&mutex);
}
static void
netflow_expire__(struct netflow *nf, struct netflow_flow *nf_flow)
+ OVS_REQUIRES(mutex)
{
uint64_t pkts, bytes;
}
/* Update flow tracking data. */
- nf_flow->created = 0;
nf_flow->packet_count = 0;
nf_flow->byte_count = 0;
nf_flow->tcp_flags = 0;
}
void
-netflow_expire(struct netflow *nf, struct flow *flow)
+netflow_flow_clear(struct netflow *nf, const struct flow *flow)
+ OVS_EXCLUDED(mutex)
{
- struct netflow_flow *nf_flow = netflow_flow_lookup(nf, flow);
+ struct netflow_flow *nf_flow;
+ ovs_mutex_lock(&mutex);
+ nf_flow = netflow_flow_lookup(nf, flow);
if (nf_flow) {
netflow_expire__(nf, nf_flow);
- }
-}
-
-void
-netflow_flow_clear(struct netflow *nf, struct flow *flow)
-{
- struct netflow_flow *nf_flow = netflow_flow_lookup(nf, flow);
-
- if (nf_flow) {
- ovs_assert(!nf_flow->packet_count);
- ovs_assert(!nf_flow->byte_count);
hmap_remove(&nf->flows, &nf_flow->hmap_node);
free(nf_flow);
}
+ ovs_mutex_unlock(&mutex);
}
/* Returns true if it's time to send out a round of NetFlow active timeouts,
* false otherwise. */
-void
-netflow_run(struct netflow *nf)
+static void
+netflow_run__(struct netflow *nf) OVS_REQUIRES(mutex)
{
long long int now = time_msec();
struct netflow_flow *nf_flow, *next;
}
void
-netflow_wait(struct netflow *nf)
+netflow_run(struct netflow *nf)
{
+ ovs_mutex_lock(&mutex);
+ netflow_run__(nf);
+ ovs_mutex_unlock(&mutex);
+}
+
+void
+netflow_wait(struct netflow *nf) OVS_EXCLUDED(mutex)
+{
+ ovs_mutex_lock(&mutex);
if (nf->active_timeout) {
poll_timer_wait_until(nf->next_timeout);
}
if (nf->packet.size) {
poll_immediate_wake();
}
+ ovs_mutex_unlock(&mutex);
}
int
netflow_set_options(struct netflow *nf,
const struct netflow_options *nf_options)
+ OVS_EXCLUDED(mutex)
{
int error = 0;
long long int old_timeout;
+ ovs_mutex_lock(&mutex);
nf->engine_type = nf_options->engine_type;
nf->engine_id = nf_options->engine_id;
nf->add_id_to_iface = nf_options->add_id_to_iface;
nf->reconfig_time = time_msec();
nf->next_timeout = time_msec();
}
+ ovs_mutex_unlock(&mutex);
return error;
}
netflow_create(void)
{
struct netflow *nf = xzalloc(sizeof *nf);
+
nf->engine_type = 0;
nf->engine_id = 0;
nf->boot_time = time_msec();
nf->add_id_to_iface = false;
nf->netflow_cnt = 0;
hmap_init(&nf->flows);
+ ovs_refcount_init(&nf->ref_cnt);
ofpbuf_init(&nf->packet, 1500);
+ atomic_count_inc(&netflow_count);
return nf;
}
-void
-netflow_destroy(struct netflow *nf)
+struct netflow *
+netflow_ref(const struct netflow *nf_)
{
+ struct netflow *nf = CONST_CAST(struct netflow *, nf_);
if (nf) {
- ofpbuf_uninit(&nf->packet);
+ ovs_refcount_ref(&nf->ref_cnt);
+ }
+ return nf;
+}
+
+void
+netflow_unref(struct netflow *nf)
+{
+ if (nf && ovs_refcount_unref_relaxed(&nf->ref_cnt) == 1) {
+ atomic_count_dec(&netflow_count);
collectors_destroy(nf->collectors);
+ ofpbuf_uninit(&nf->packet);
free(nf);
}
}
+
+/* Returns true if there exist any netflow objects, false otherwise.
+ * Callers must cope with transient false positives, i.e., there is no tight
+ * synchronization with the count and the actual existence of netflow objects.
+ */
+bool
+netflow_exists(void)
+{
+ return atomic_count_get(&netflow_count) > 0;
+}
\f
/* Helpers. */
static struct netflow_flow *
netflow_flow_lookup(const struct netflow *nf, const struct flow *flow)
+ OVS_REQUIRES(mutex)
{
struct netflow_flow *nf_flow;
{
uint32_t hash = 0;
- hash = mhash_add(hash, (OVS_FORCE uint32_t) flow->in_port.ofp_port);
- hash = mhash_add(hash, ntohl(flow->nw_src));
- hash = mhash_add(hash, ntohl(flow->nw_dst));
- hash = mhash_add(hash, flow->nw_tos);
- hash = mhash_add(hash, flow->nw_proto);
- hash = mhash_add(hash, ntohs(flow->tp_src));
- hash = mhash_add(hash, ntohs(flow->tp_dst));
+ hash = hash_add(hash, (OVS_FORCE uint32_t) flow->in_port.ofp_port);
+ hash = hash_add(hash, ntohl(flow->nw_src));
+ hash = hash_add(hash, ntohl(flow->nw_dst));
+ hash = hash_add(hash, flow->nw_tos);
+ hash = hash_add(hash, flow->nw_proto);
+ hash = hash_add(hash, ntohs(flow->tp_src));
+ hash = hash_add(hash, ntohs(flow->tp_dst));
- return mhash_finish(hash, 28);
+ return hash_finish(hash, 28);
}