1 /* Copyright (c) 2015, 2016 Nicira, Inc.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
18 #include "byte-order.h"
21 #include "lib/poll-loop.h"
23 #include "openvswitch/match.h"
24 #include "openvswitch/ofp-actions.h"
25 #include "openvswitch/ofpbuf.h"
26 #include "openvswitch/vlog.h"
27 #include "ovn-controller.h"
28 #include "ovn/lib/ovn-sb-idl.h"
29 #include "ovn/lib/ovn-util.h"
35 #include "vswitch-idl.h"
37 VLOG_DEFINE_THIS_MODULE(physical);
40 physical_register_ovs_idl(struct ovsdb_idl *ovs_idl)
42 ovsdb_idl_add_table(ovs_idl, &ovsrec_table_bridge);
43 ovsdb_idl_add_column(ovs_idl, &ovsrec_bridge_col_ports);
45 ovsdb_idl_add_table(ovs_idl, &ovsrec_table_port);
46 ovsdb_idl_add_column(ovs_idl, &ovsrec_port_col_name);
47 ovsdb_idl_add_column(ovs_idl, &ovsrec_port_col_interfaces);
48 ovsdb_idl_add_column(ovs_idl, &ovsrec_port_col_external_ids);
50 ovsdb_idl_add_table(ovs_idl, &ovsrec_table_interface);
51 ovsdb_idl_add_column(ovs_idl, &ovsrec_interface_col_name);
52 ovsdb_idl_add_column(ovs_idl, &ovsrec_interface_col_ofport);
53 ovsdb_idl_add_column(ovs_idl, &ovsrec_interface_col_external_ids);
56 static struct simap localvif_to_ofport =
57 SIMAP_INITIALIZER(&localvif_to_ofport);
58 static struct hmap tunnels = HMAP_INITIALIZER(&tunnels);
60 /* UUID to identify OF flows not associated with ovsdb rows. */
61 static struct uuid *hc_uuid = NULL;
62 static bool full_binding_processing = false;
65 physical_reset_processing(void)
67 full_binding_processing = true;
70 /* Maps from a chassis to the OpenFlow port number of the tunnel that can be
71 * used to reach that chassis. */
72 struct chassis_tunnel {
73 struct hmap_node hmap_node;
74 const char *chassis_id;
76 enum chassis_tunnel_type type;
79 static struct chassis_tunnel *
80 chassis_tunnel_find(const char *chassis_id)
82 struct chassis_tunnel *tun;
83 HMAP_FOR_EACH_WITH_HASH (tun, hmap_node, hash_string(chassis_id, 0),
85 if (!strcmp(tun->chassis_id, chassis_id)) {
93 put_load(uint64_t value, enum mf_field_id dst, int ofs, int n_bits,
94 struct ofpbuf *ofpacts)
96 struct ofpact_set_field *sf = ofpact_put_SET_FIELD(ofpacts);
97 sf->field = mf_from_id(dst);
98 sf->flow_has_vlan = false;
100 ovs_be64 n_value = htonll(value);
101 bitwise_copy(&n_value, 8, 0, &sf->value, sf->field->n_bytes, ofs, n_bits);
102 bitwise_one(&sf->mask, sf->field->n_bytes, ofs, n_bits);
106 put_move(enum mf_field_id src, int src_ofs,
107 enum mf_field_id dst, int dst_ofs,
109 struct ofpbuf *ofpacts)
111 struct ofpact_reg_move *move = ofpact_put_REG_MOVE(ofpacts);
112 move->src.field = mf_from_id(src);
113 move->src.ofs = src_ofs;
114 move->src.n_bits = n_bits;
115 move->dst.field = mf_from_id(dst);
116 move->dst.ofs = dst_ofs;
117 move->dst.n_bits = n_bits;
121 put_resubmit(uint8_t table_id, struct ofpbuf *ofpacts)
123 struct ofpact_resubmit *resubmit = ofpact_put_RESUBMIT(ofpacts);
124 resubmit->in_port = OFPP_IN_PORT;
125 resubmit->table_id = table_id;
129 put_encapsulation(enum mf_field_id mff_ovn_geneve,
130 const struct chassis_tunnel *tun,
131 const struct sbrec_datapath_binding *datapath,
132 uint16_t outport, struct ofpbuf *ofpacts)
134 if (tun->type == GENEVE) {
135 put_load(datapath->tunnel_key, MFF_TUN_ID, 0, 24, ofpacts);
136 put_load(outport, mff_ovn_geneve, 0, 32, ofpacts);
137 put_move(MFF_LOG_INPORT, 0, mff_ovn_geneve, 16, 15, ofpacts);
138 } else if (tun->type == STT) {
139 put_load(datapath->tunnel_key | (outport << 24), MFF_TUN_ID, 0, 64,
141 put_move(MFF_LOG_INPORT, 0, MFF_TUN_ID, 40, 15, ofpacts);
142 } else if (tun->type == VXLAN) {
143 put_load(datapath->tunnel_key, MFF_TUN_ID, 0, 24, ofpacts);
150 put_stack(enum mf_field_id field, struct ofpact_stack *stack)
152 stack->subfield.field = mf_from_id(field);
153 stack->subfield.ofs = 0;
154 stack->subfield.n_bits = stack->subfield.field->n_bits;
157 static const struct sbrec_port_binding*
158 get_localnet_port(struct hmap *local_datapaths, int64_t tunnel_key)
160 struct local_datapath *ld = get_local_datapath(local_datapaths,
162 return ld ? ld->localnet_port : NULL;
166 consider_port_binding(enum mf_field_id mff_ovn_geneve,
167 const struct simap *ct_zones,
168 struct hmap *local_datapaths,
169 struct hmap *patched_datapaths,
170 const struct sbrec_port_binding *binding,
171 struct ofpbuf *ofpacts_p)
173 /* Skip the port binding if the port is on a datapath that is neither
174 * local nor with any logical patch port connected, because local ports
175 * would never need to talk to those ports.
177 * Even with this approach there could still be unnecessary port
178 * bindings processed. A better approach would be a kind of "flood
181 * 1. Initialize set S to the logical datapaths that have a port
182 * located on the hypervisor.
184 * 2. For each patch port P in a logical datapath in S, add the
185 * logical datapath of the remote end of P to S. Iterate
186 * until S reaches a fixed point.
188 * This can be implemented in northd, which can generate the sets and
189 * save it on each port-binding record in SB, and ovn-controller can
190 * use the information directly. However, there can be update storms
191 * when a pair of patch ports are added/removed to connect/disconnect
192 * large lrouters and lswitches. This need to be studied further.
194 uint32_t dp_key = binding->datapath->tunnel_key;
195 uint32_t port_key = binding->tunnel_key;
196 if (!get_local_datapath(local_datapaths, dp_key)
197 && !get_patched_datapath(patched_datapaths, dp_key)) {
201 /* Find the OpenFlow port for the logical port, as 'ofport'. This is
204 * - If the port is a VIF on the chassis we're managing, the
205 * OpenFlow port for the VIF. 'tun' will be NULL.
207 * The same logic handles logical patch ports, as well as
208 * localnet patch ports.
210 * For a container nested inside a VM and accessible via a VLAN,
211 * 'tag' is the VLAN ID; otherwise 'tag' is 0.
213 * For a localnet patch port, if a VLAN ID was configured, 'tag'
214 * is set to that VLAN ID; otherwise 'tag' is 0.
216 * - If the port is on a remote chassis, the OpenFlow port for a
217 * tunnel to the VIF's remote chassis. 'tun' identifies that
223 bool is_remote = false;
224 if (binding->parent_port && *binding->parent_port) {
228 ofport = u16_to_ofp(simap_get(&localvif_to_ofport,
229 binding->parent_port));
234 ofport = u16_to_ofp(simap_get(&localvif_to_ofport,
235 binding->logical_port));
236 if ((!strcmp(binding->type, "localnet")
237 || !strcmp(binding->type, "l2gateway"))
238 && ofport && binding->tag) {
243 const struct chassis_tunnel *tun = NULL;
244 const struct sbrec_port_binding *localnet_port =
245 get_localnet_port(local_datapaths, dp_key);
247 /* It is remote port, may be reached by tunnel or localnet port */
249 if (!binding->chassis) {
253 ofport = u16_to_ofp(simap_get(&localvif_to_ofport,
254 localnet_port->logical_port));
259 tun = chassis_tunnel_find(binding->chassis->name);
263 ofport = tun->ofport;
269 int zone_id = simap_get(ct_zones, binding->logical_port);
270 /* Packets that arrive from a vif can belong to a VM or
271 * to a container located inside that VM. Packets that
272 * arrive from containers have a tag (vlan) associated with them.
275 /* Table 0, Priority 150 and 100.
276 * ==============================
278 * Priority 150 is for tagged traffic. This may be containers in a
279 * VM or a VLAN on a local network. For such traffic, match on the
280 * tags and then strip the tag.
282 * Priority 100 is for traffic belonging to VMs or untagged locally
283 * connected networks.
285 * For both types of traffic: set MFF_LOG_INPORT to the logical
286 * input port, MFF_LOG_DATAPATH to the logical datapath, and
287 * resubmit into the logical ingress pipeline starting at table
289 ofpbuf_clear(ofpacts_p);
290 match_init_catchall(&match);
291 match_set_in_port(&match, ofport);
293 /* Match a VLAN tag and strip it, including stripping priority tags
294 * (e.g. VLAN ID 0). In the latter case we'll add a second flow
295 * for frames that lack any 802.1Q header later. */
296 if (tag || !strcmp(binding->type, "localnet")
297 || !strcmp(binding->type, "l2gateway")) {
298 match_set_dl_vlan(&match, htons(tag));
299 ofpact_put_STRIP_VLAN(ofpacts_p);
302 /* Remember the size with just strip vlan added so far,
303 * as we're going to remove this with ofpbuf_pull() later. */
304 uint32_t ofpacts_orig_size = ofpacts_p->size;
307 put_load(zone_id, MFF_LOG_CT_ZONE, 0, 32, ofpacts_p);
310 int zone_id_dnat, zone_id_snat;
311 char *key = xasprintf(UUID_FMT,
312 UUID_ARGS(&binding->datapath->header_.uuid));
313 char *dnat = alloc_nat_zone_key(key, "dnat");
314 char *snat = alloc_nat_zone_key(key, "snat");
317 zone_id_dnat = simap_get(ct_zones, dnat);
319 put_load(zone_id_dnat, MFF_LOG_DNAT_ZONE, 0, 32, ofpacts_p);
323 zone_id_snat = simap_get(ct_zones, snat);
325 put_load(zone_id_snat, MFF_LOG_SNAT_ZONE, 0, 32, ofpacts_p);
329 /* Set MFF_LOG_DATAPATH and MFF_LOG_INPORT. */
330 put_load(dp_key, MFF_LOG_DATAPATH, 0, 64, ofpacts_p);
331 put_load(port_key, MFF_LOG_INPORT, 0, 32, ofpacts_p);
333 /* Resubmit to first logical ingress pipeline table. */
334 put_resubmit(OFTABLE_LOG_INGRESS_PIPELINE, ofpacts_p);
335 ofctrl_add_flow(OFTABLE_PHY_TO_LOG,
336 tag ? 150 : 100, &match, ofpacts_p,
337 &binding->header_.uuid);
339 if (!tag && (!strcmp(binding->type, "localnet")
340 || !strcmp(binding->type, "l2gateway"))) {
342 /* Add a second flow for frames that lack any 802.1Q
343 * header. For these, drop the OFPACT_STRIP_VLAN
345 ofpbuf_pull(ofpacts_p, ofpacts_orig_size);
346 match_set_dl_tci_masked(&match, 0, htons(VLAN_CFI));
347 ofctrl_add_flow(0, 100, &match, ofpacts_p,
348 &binding->header_.uuid);
351 /* Table 33, priority 100.
352 * =======================
354 * Implements output to local hypervisor. Each flow matches a
355 * logical output port on the local hypervisor, and resubmits to
359 match_init_catchall(&match);
360 ofpbuf_clear(ofpacts_p);
362 /* Match MFF_LOG_DATAPATH, MFF_LOG_OUTPORT. */
363 match_set_metadata(&match, htonll(dp_key));
364 match_set_reg(&match, MFF_LOG_OUTPORT - MFF_REG0, port_key);
367 put_load(zone_id, MFF_LOG_CT_ZONE, 0, 32, ofpacts_p);
370 put_load(zone_id_dnat, MFF_LOG_DNAT_ZONE, 0, 32, ofpacts_p);
373 put_load(zone_id_snat, MFF_LOG_SNAT_ZONE, 0, 32, ofpacts_p);
376 /* Resubmit to table 34. */
377 put_resubmit(OFTABLE_DROP_LOOPBACK, ofpacts_p);
378 ofctrl_add_flow(OFTABLE_LOCAL_OUTPUT, 100,
379 &match, ofpacts_p, &binding->header_.uuid);
381 /* Table 34, Priority 100.
382 * =======================
384 * Drop packets whose logical inport and outport are the same. */
385 match_init_catchall(&match);
386 ofpbuf_clear(ofpacts_p);
387 match_set_metadata(&match, htonll(dp_key));
388 match_set_reg(&match, MFF_LOG_INPORT - MFF_REG0, port_key);
389 match_set_reg(&match, MFF_LOG_OUTPORT - MFF_REG0, port_key);
390 ofctrl_add_flow(OFTABLE_DROP_LOOPBACK, 100,
391 &match, ofpacts_p, &binding->header_.uuid);
393 /* Table 64, Priority 100.
394 * =======================
396 * Deliver the packet to the local vif. */
397 match_init_catchall(&match);
398 ofpbuf_clear(ofpacts_p);
399 match_set_metadata(&match, htonll(dp_key));
400 match_set_reg(&match, MFF_LOG_OUTPORT - MFF_REG0, port_key);
402 /* For containers sitting behind a local vif, tag the packets
403 * before delivering them. */
404 struct ofpact_vlan_vid *vlan_vid;
405 vlan_vid = ofpact_put_SET_VLAN_VID(ofpacts_p);
406 vlan_vid->vlan_vid = tag;
407 vlan_vid->push_vlan_if_needed = true;
409 /* A packet might need to hair-pin back into its ingress
410 * OpenFlow port (to a different logical port, which we already
411 * checked back in table 34), so set the in_port to zero. */
412 put_stack(MFF_IN_PORT, ofpact_put_STACK_PUSH(ofpacts_p));
413 put_load(0, MFF_IN_PORT, 0, 16, ofpacts_p);
415 ofpact_put_OUTPUT(ofpacts_p)->port = ofport;
417 /* Revert the tag added to the packets headed to containers
418 * in the previous step. If we don't do this, the packets
419 * that are to be broadcasted to a VM in the same logical
420 * switch will also contain the tag. Also revert the zero'd
422 ofpact_put_STRIP_VLAN(ofpacts_p);
423 put_stack(MFF_IN_PORT, ofpact_put_STACK_POP(ofpacts_p));
425 ofctrl_add_flow(OFTABLE_LOG_TO_PHY, 100,
426 &match, ofpacts_p, &binding->header_.uuid);
428 /* Remote port connected by localnet port */
429 /* Table 33, priority 100.
430 * =======================
432 * Implements switching to localnet port. Each flow matches a
433 * logical output port on remote hypervisor, switch the output port
434 * to connected localnet port and resubmits to same table.
437 match_init_catchall(&match);
438 ofpbuf_clear(ofpacts_p);
440 /* Match MFF_LOG_DATAPATH, MFF_LOG_OUTPORT. */
441 match_set_metadata(&match, htonll(dp_key));
442 match_set_reg(&match, MFF_LOG_OUTPORT - MFF_REG0, port_key);
444 put_load(localnet_port->tunnel_key, MFF_LOG_OUTPORT, 0, 32, ofpacts_p);
446 /* Resubmit to table 33. */
447 put_resubmit(OFTABLE_LOCAL_OUTPUT, ofpacts_p);
448 ofctrl_add_flow(OFTABLE_LOCAL_OUTPUT, 100,
449 &match, ofpacts_p, &binding->header_.uuid);
451 /* Remote port connected by tunnel */
452 /* Table 32, priority 100.
453 * =======================
455 * Implements output to remote hypervisors. Each flow matches an
456 * output port that includes a logical port on a remote hypervisor,
457 * and tunnels the packet to that hypervisor.
460 match_init_catchall(&match);
461 ofpbuf_clear(ofpacts_p);
463 /* Match MFF_LOG_DATAPATH, MFF_LOG_OUTPORT. */
464 match_set_metadata(&match, htonll(dp_key));
465 match_set_reg(&match, MFF_LOG_OUTPORT - MFF_REG0, port_key);
467 put_encapsulation(mff_ovn_geneve, tun, binding->datapath,
468 port_key, ofpacts_p);
470 /* Output to tunnel. */
471 ofpact_put_OUTPUT(ofpacts_p)->port = ofport;
472 ofctrl_add_flow(OFTABLE_REMOTE_OUTPUT, 100,
473 &match, ofpacts_p, &binding->header_.uuid);
478 consider_mc_group(enum mf_field_id mff_ovn_geneve,
479 const struct simap *ct_zones,
480 struct hmap *local_datapaths,
481 const struct sbrec_multicast_group *mc,
482 struct ofpbuf *ofpacts_p,
483 struct ofpbuf *remote_ofpacts_p)
485 struct sset remote_chassis = SSET_INITIALIZER(&remote_chassis);
488 match_init_catchall(&match);
489 match_set_metadata(&match, htonll(mc->datapath->tunnel_key));
490 match_set_reg(&match, MFF_LOG_OUTPORT - MFF_REG0, mc->tunnel_key);
492 /* Go through all of the ports in the multicast group:
494 * - For remote ports, add the chassis to 'remote_chassis'.
496 * - For local ports (other than logical patch ports), add actions
497 * to 'ofpacts_p' to set the output port and resubmit.
499 * - For logical patch ports, add actions to 'remote_ofpacts_p'
500 * instead. (If we put them in 'ofpacts', then the output
501 * would happen on every hypervisor in the multicast group,
502 * effectively duplicating the packet.)
504 ofpbuf_clear(ofpacts_p);
505 ofpbuf_clear(remote_ofpacts_p);
506 for (size_t i = 0; i < mc->n_ports; i++) {
507 struct sbrec_port_binding *port = mc->ports[i];
509 if (port->datapath != mc->datapath) {
510 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(5, 1);
511 VLOG_WARN_RL(&rl, UUID_FMT": multicast group contains ports "
513 UUID_ARGS(&mc->header_.uuid));
517 int zone_id = simap_get(ct_zones, port->logical_port);
519 put_load(zone_id, MFF_LOG_CT_ZONE, 0, 32, ofpacts_p);
522 if (!strcmp(port->type, "patch")) {
523 put_load(port->tunnel_key, MFF_LOG_OUTPORT, 0, 32,
525 put_resubmit(OFTABLE_DROP_LOOPBACK, remote_ofpacts_p);
526 } else if (simap_contains(&localvif_to_ofport,
527 (port->parent_port && *port->parent_port)
528 ? port->parent_port : port->logical_port)) {
529 put_load(port->tunnel_key, MFF_LOG_OUTPORT, 0, 32, ofpacts_p);
530 put_resubmit(OFTABLE_DROP_LOOPBACK, ofpacts_p);
531 } else if (port->chassis && !get_localnet_port(local_datapaths,
532 mc->datapath->tunnel_key)) {
533 /* Add remote chassis only when localnet port not exist,
534 * otherwise multicast will reach remote ports through localnet
536 sset_add(&remote_chassis, port->chassis->name);
540 /* Table 33, priority 100.
541 * =======================
543 * Handle output to the local logical ports in the multicast group, if
545 bool local_ports = ofpacts_p->size > 0;
547 /* Following delivery to local logical ports, restore the multicast
548 * group as the logical output port. */
549 put_load(mc->tunnel_key, MFF_LOG_OUTPORT, 0, 32, ofpacts_p);
551 ofctrl_add_flow(OFTABLE_LOCAL_OUTPUT, 100,
552 &match, ofpacts_p, &mc->header_.uuid);
555 /* Table 32, priority 100.
556 * =======================
558 * Handle output to the remote chassis in the multicast group, if
560 if (!sset_is_empty(&remote_chassis) || remote_ofpacts_p->size > 0) {
561 if (remote_ofpacts_p->size > 0) {
562 /* Following delivery to logical patch ports, restore the
563 * multicast group as the logical output port. */
564 put_load(mc->tunnel_key, MFF_LOG_OUTPORT, 0, 32,
569 const struct chassis_tunnel *prev = NULL;
570 SSET_FOR_EACH (chassis, &remote_chassis) {
571 const struct chassis_tunnel *tun
572 = chassis_tunnel_find(chassis);
577 if (!prev || tun->type != prev->type) {
578 put_encapsulation(mff_ovn_geneve, tun, mc->datapath,
579 mc->tunnel_key, remote_ofpacts_p);
582 ofpact_put_OUTPUT(remote_ofpacts_p)->port = tun->ofport;
585 if (remote_ofpacts_p->size) {
587 put_resubmit(OFTABLE_LOCAL_OUTPUT, remote_ofpacts_p);
589 ofctrl_add_flow(OFTABLE_REMOTE_OUTPUT, 100,
590 &match, remote_ofpacts_p, &mc->header_.uuid);
593 sset_destroy(&remote_chassis);
597 physical_run(struct controller_ctx *ctx, enum mf_field_id mff_ovn_geneve,
598 const struct ovsrec_bridge *br_int, const char *this_chassis_id,
599 const struct simap *ct_zones,
600 struct hmap *local_datapaths, struct hmap *patched_datapaths)
603 hc_uuid = xmalloc(sizeof(struct uuid));
604 uuid_generate(hc_uuid);
607 struct simap new_localvif_to_ofport =
608 SIMAP_INITIALIZER(&new_localvif_to_ofport);
609 for (int i = 0; i < br_int->n_ports; i++) {
610 const struct ovsrec_port *port_rec = br_int->ports[i];
611 if (!strcmp(port_rec->name, br_int->name)) {
615 const char *chassis_id = smap_get(&port_rec->external_ids,
617 if (chassis_id && !strcmp(chassis_id, this_chassis_id)) {
621 const char *localnet = smap_get(&port_rec->external_ids,
622 "ovn-localnet-port");
623 const char *l2gateway = smap_get(&port_rec->external_ids,
624 "ovn-l2gateway-port");
625 const char *logpatch = smap_get(&port_rec->external_ids,
626 "ovn-logical-patch-port");
628 for (int j = 0; j < port_rec->n_interfaces; j++) {
629 const struct ovsrec_interface *iface_rec = port_rec->interfaces[j];
631 /* Get OpenFlow port number. */
632 if (!iface_rec->n_ofport) {
635 int64_t ofport = iface_rec->ofport[0];
636 if (ofport < 1 || ofport > ofp_to_u16(OFPP_MAX)) {
640 /* Record as patch to local net, logical patch port, chassis, or
641 * local logical port. */
642 bool is_patch = !strcmp(iface_rec->type, "patch");
643 if (is_patch && localnet) {
644 /* localnet patch ports can be handled just like VIFs. */
645 simap_put(&new_localvif_to_ofport, localnet, ofport);
647 } else if (is_patch && l2gateway) {
648 /* L2 gateway patch ports can be handled just like VIFs. */
649 simap_put(&new_localvif_to_ofport, l2gateway, ofport);
651 } else if (is_patch && logpatch) {
652 /* Logical patch ports can be handled just like VIFs. */
653 simap_put(&new_localvif_to_ofport, logpatch, ofport);
655 } else if (chassis_id) {
656 enum chassis_tunnel_type tunnel_type;
657 if (!strcmp(iface_rec->type, "geneve")) {
658 tunnel_type = GENEVE;
659 if (!mff_ovn_geneve) {
662 } else if (!strcmp(iface_rec->type, "stt")) {
664 } else if (!strcmp(iface_rec->type, "vxlan")) {
670 struct chassis_tunnel *tun = xmalloc(sizeof *tun);
671 hmap_insert(&tunnels, &tun->hmap_node,
672 hash_string(chassis_id, 0));
673 tun->chassis_id = chassis_id;
674 tun->ofport = u16_to_ofp(ofport);
675 tun->type = tunnel_type;
676 full_binding_processing = true;
677 binding_reset_processing();
679 /* Reprocess logical flow table immediately. */
680 lflow_reset_processing();
681 poll_immediate_wake();
684 const char *iface_id = smap_get(&iface_rec->external_ids,
687 simap_put(&new_localvif_to_ofport, iface_id, ofport);
693 /* Capture changed or removed openflow ports. */
694 bool localvif_map_changed = false;
695 struct simap_node *vif_name, *vif_name_next;
696 SIMAP_FOR_EACH_SAFE (vif_name, vif_name_next, &localvif_to_ofport) {
698 if ((newport = simap_get(&new_localvif_to_ofport, vif_name->name))) {
699 if (newport != simap_get(&localvif_to_ofport, vif_name->name)) {
700 simap_put(&localvif_to_ofport, vif_name->name, newport);
701 localvif_map_changed = true;
704 simap_find_and_delete(&localvif_to_ofport, vif_name->name);
705 localvif_map_changed = true;
708 SIMAP_FOR_EACH (vif_name, &new_localvif_to_ofport) {
709 if (!simap_get(&localvif_to_ofport, vif_name->name)) {
710 simap_put(&localvif_to_ofport, vif_name->name,
711 simap_get(&new_localvif_to_ofport, vif_name->name));
712 localvif_map_changed = true;
715 if (localvif_map_changed) {
716 full_binding_processing = true;
718 /* Reprocess logical flow table immediately. */
719 lflow_reset_processing();
720 poll_immediate_wake();
723 struct ofpbuf ofpacts;
724 ofpbuf_init(&ofpacts, 0);
726 /* Set up flows in table 0 for physical-to-logical translation and in table
727 * 64 for logical-to-physical translation. */
728 const struct sbrec_port_binding *binding;
729 if (full_binding_processing) {
730 SBREC_PORT_BINDING_FOR_EACH (binding, ctx->ovnsb_idl) {
731 consider_port_binding(mff_ovn_geneve, ct_zones, local_datapaths,
732 patched_datapaths, binding, &ofpacts);
734 full_binding_processing = false;
736 SBREC_PORT_BINDING_FOR_EACH_TRACKED (binding, ctx->ovnsb_idl) {
737 if (sbrec_port_binding_is_deleted(binding)) {
738 ofctrl_remove_flows(&binding->header_.uuid);
740 if (!sbrec_port_binding_is_new(binding)) {
741 ofctrl_remove_flows(&binding->header_.uuid);
743 consider_port_binding(mff_ovn_geneve, ct_zones, local_datapaths,
744 patched_datapaths, binding, &ofpacts);
749 /* Handle output to multicast groups, in tables 32 and 33. */
750 const struct sbrec_multicast_group *mc;
751 struct ofpbuf remote_ofpacts;
752 ofpbuf_init(&remote_ofpacts, 0);
753 SBREC_MULTICAST_GROUP_FOR_EACH (mc, ctx->ovnsb_idl) {
754 consider_mc_group(mff_ovn_geneve, ct_zones,
755 local_datapaths, mc, &ofpacts, &remote_ofpacts);
758 ofpbuf_uninit(&remote_ofpacts);
760 /* Table 0, priority 100.
761 * ======================
763 * Process packets that arrive from a remote hypervisor (by matching
764 * on tunnel in_port). */
766 /* Add flows for Geneve and STT encapsulations. These
767 * encapsulations have metadata about the ingress and egress logical
768 * ports. We set MFF_LOG_DATAPATH, MFF_LOG_INPORT, and
769 * MFF_LOG_OUTPORT from the tunnel key data, then resubmit to table
770 * 33 to handle packets to the local hypervisor. */
771 struct chassis_tunnel *tun;
772 HMAP_FOR_EACH (tun, hmap_node, &tunnels) {
773 struct match match = MATCH_CATCHALL_INITIALIZER;
774 match_set_in_port(&match, tun->ofport);
776 ofpbuf_clear(&ofpacts);
777 if (tun->type == GENEVE) {
778 put_move(MFF_TUN_ID, 0, MFF_LOG_DATAPATH, 0, 24, &ofpacts);
779 put_move(mff_ovn_geneve, 16, MFF_LOG_INPORT, 0, 15,
781 put_move(mff_ovn_geneve, 0, MFF_LOG_OUTPORT, 0, 16,
783 } else if (tun->type == STT) {
784 put_move(MFF_TUN_ID, 40, MFF_LOG_INPORT, 0, 15, &ofpacts);
785 put_move(MFF_TUN_ID, 24, MFF_LOG_OUTPORT, 0, 16, &ofpacts);
786 put_move(MFF_TUN_ID, 0, MFF_LOG_DATAPATH, 0, 24, &ofpacts);
787 } else if (tun->type == VXLAN) {
788 /* We'll handle VXLAN later. */
794 put_resubmit(OFTABLE_LOCAL_OUTPUT, &ofpacts);
796 ofctrl_add_flow(OFTABLE_PHY_TO_LOG, 100, &match, &ofpacts,
800 /* Add flows for VXLAN encapsulations. Due to the limited amount of
801 * metadata, we only support VXLAN for connections to gateways. The
802 * VNI is used to populate MFF_LOG_DATAPATH. The gateway's logical
803 * port is set to MFF_LOG_INPORT. Then the packet is resubmitted to
804 * table 16 to determine the logical egress port.
806 * xxx Due to resubmitting to table 16, broadcasts will be re-sent to
807 * xxx all logical ports, including non-local ones which could cause
808 * xxx duplicate packets to be received by multiply-connected gateways. */
809 HMAP_FOR_EACH (tun, hmap_node, &tunnels) {
810 if (tun->type != VXLAN) {
814 SBREC_PORT_BINDING_FOR_EACH (binding, ctx->ovnsb_idl) {
815 struct match match = MATCH_CATCHALL_INITIALIZER;
817 if (!binding->chassis ||
818 strcmp(tun->chassis_id, binding->chassis->name)) {
822 match_set_in_port(&match, tun->ofport);
823 match_set_tun_id(&match, htonll(binding->datapath->tunnel_key));
825 ofpbuf_clear(&ofpacts);
826 put_move(MFF_TUN_ID, 0, MFF_LOG_DATAPATH, 0, 24, &ofpacts);
827 put_load(binding->tunnel_key, MFF_LOG_INPORT, 0, 15, &ofpacts);
828 put_resubmit(OFTABLE_LOG_INGRESS_PIPELINE, &ofpacts);
830 ofctrl_add_flow(OFTABLE_PHY_TO_LOG, 100, &match, &ofpacts, hc_uuid);
834 /* Table 32, Priority 0.
835 * =======================
837 * Resubmit packets that are not directed at tunnels or part of a
838 * multicast group to the local output table. */
840 match_init_catchall(&match);
841 ofpbuf_clear(&ofpacts);
842 put_resubmit(OFTABLE_LOCAL_OUTPUT, &ofpacts);
843 ofctrl_add_flow(OFTABLE_REMOTE_OUTPUT, 0, &match, &ofpacts, hc_uuid);
845 /* Table 34, Priority 0.
846 * =======================
848 * Resubmit packets that don't output to the ingress port (already checked
849 * in table 33) to the logical egress pipeline, clearing the logical
850 * registers (for consistent behavior with packets that get tunneled). */
851 match_init_catchall(&match);
852 ofpbuf_clear(&ofpacts);
853 #define MFF_LOG_REG(ID) put_load(0, ID, 0, 32, &ofpacts);
856 put_resubmit(OFTABLE_LOG_EGRESS_PIPELINE, &ofpacts);
857 ofctrl_add_flow(OFTABLE_DROP_LOOPBACK, 0, &match, &ofpacts, hc_uuid);
859 ofpbuf_uninit(&ofpacts);
860 HMAP_FOR_EACH_POP (tun, hmap_node, &tunnels) {
863 hmap_clear(&tunnels);
865 simap_destroy(&new_localvif_to_ofport);
projects / cascardo / ovs.git / blob