-/* Copyright (c) 2009, 2010, 2011, 2012, 2013, 2014, 2015 Nicira, Inc.
+/* Copyright (c) 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016 Nicira, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
#include <sys/socket.h>
#include <netinet/in.h>
-#include "tnl-arp-cache.h"
+#include "tnl-neigh-cache.h"
#include "bfd.h"
#include "bitmap.h"
#include "bond.h"
#include "ofproto/ofproto-dpif-sflow.h"
#include "ofproto/ofproto-dpif.h"
#include "ofproto/ofproto-provider.h"
+#include "packets.h"
#include "ovs-router.h"
#include "tnl-ports.h"
#include "tunnel.h"
XC_NORMAL,
XC_FIN_TIMEOUT,
XC_GROUP,
- XC_TNL_ARP,
+ XC_TNL_NEIGH,
};
/* xlate_cache entries hold enough information to perform the side effects of
} group;
struct {
char br_name[IFNAMSIZ];
- ovs_be32 d_ip;
- } tnl_arp_cache;
+ struct in6_addr d_ipv6;
+ } tnl_neigh_cache;
} u;
};
static int
tnl_route_lookup_flow(const struct flow *oflow,
- ovs_be32 *ip, struct xport **out_port)
+ struct in6_addr *ip, struct xport **out_port)
{
char out_dev[IFNAMSIZ];
struct xbridge *xbridge;
struct xlate_cfg *xcfg;
- ovs_be32 gw;
+ struct in6_addr gw;
+ struct in6_addr dst;
- if (!ovs_router_lookup4(oflow->tunnel.ip_dst, out_dev, &gw)) {
+ dst = flow_tnl_dst(&oflow->tunnel);
+ if (!ovs_router_lookup(&dst, out_dev, &gw)) {
return -ENOENT;
}
- if (gw) {
+ if (ipv6_addr_is_set(&gw) &&
+ (!IN6_IS_ADDR_V4MAPPED(&gw) || in6_addr_get_mapped_ipv4(&gw))) {
*ip = gw;
} else {
- *ip = oflow->tunnel.ip_dst;
+ *ip = dst;
}
xcfg = ovsrcu_get(struct xlate_cfg *, &xcfgp);
ctx->recurse, ctx->resubmits, packet);
}
+static void
+tnl_send_nd_request(struct xlate_ctx *ctx, const struct xport *out_dev,
+ const struct eth_addr eth_src,
+ struct in6_addr * ipv6_src, struct in6_addr * ipv6_dst)
+{
+ struct dp_packet packet;
+
+ dp_packet_init(&packet, 0);
+ compose_nd(&packet, eth_src, ipv6_src, ipv6_dst);
+ compose_table_xlate(ctx, out_dev, &packet);
+ dp_packet_uninit(&packet);
+}
+
static void
tnl_send_arp_request(struct xlate_ctx *ctx, const struct xport *out_dev,
const struct eth_addr eth_src,
{
struct ovs_action_push_tnl tnl_push_data;
struct xport *out_dev = NULL;
- ovs_be32 s_ip, d_ip = 0;
+ ovs_be32 s_ip = 0, d_ip = 0;
+ struct in6_addr s_ip6 = in6addr_any;
+ struct in6_addr d_ip6 = in6addr_any;
struct eth_addr smac;
struct eth_addr dmac;
int err;
+ char buf_sip6[INET6_ADDRSTRLEN];
+ char buf_dip6[INET6_ADDRSTRLEN];
- err = tnl_route_lookup_flow(flow, &d_ip, &out_dev);
+ err = tnl_route_lookup_flow(flow, &d_ip6, &out_dev);
if (err) {
xlate_report(ctx, "native tunnel routing failed");
return err;
}
- xlate_report(ctx, "tunneling to "IP_FMT" via %s",
- IP_ARGS(d_ip), netdev_get_name(out_dev->netdev));
+
+ xlate_report(ctx, "tunneling to %s via %s",
+ ipv6_string_mapped(buf_dip6, &d_ip6),
+ netdev_get_name(out_dev->netdev));
/* Use mac addr of bridge port of the peer. */
err = netdev_get_etheraddr(out_dev->netdev, &smac);
return err;
}
- err = netdev_get_in4(out_dev->netdev, (struct in_addr *) &s_ip, NULL);
- if (err) {
- xlate_report(ctx, "tunnel output device lacks IPv4 address");
- return err;
+ d_ip = in6_addr_get_mapped_ipv4(&d_ip6);
+ if (d_ip) {
+ err = netdev_get_in4(out_dev->netdev, (struct in_addr *) &s_ip, NULL);
+ if (err) {
+ xlate_report(ctx, "tunnel output device lacks IPv4 address");
+ return err;
+ }
+ in6_addr_set_mapped_ipv4(&s_ip6, s_ip);
+ } else {
+ err = netdev_get_in6(out_dev->netdev, &s_ip6);
+ if (err) {
+ xlate_report(ctx, "tunnel output device lacks IPv6 address");
+ return err;
+ }
}
- err = tnl_arp_lookup(out_dev->xbridge->name, d_ip, &dmac);
+ err = tnl_neigh_lookup(out_dev->xbridge->name, &d_ip6, &dmac);
if (err) {
- xlate_report(ctx, "ARP cache miss for "IP_FMT" on bridge %s, "
- "sending ARP request",
- IP_ARGS(d_ip), out_dev->xbridge->name);
- tnl_send_arp_request(ctx, out_dev, smac, s_ip, d_ip);
+ xlate_report(ctx, "neighbor cache miss for %s on bridge %s, "
+ "sending %s request",
+ buf_dip6, out_dev->xbridge->name, d_ip ? "ARP" : "ND");
+ if (d_ip) {
+ tnl_send_arp_request(ctx, out_dev, smac, s_ip, d_ip);
+ } else {
+ tnl_send_nd_request(ctx, out_dev, smac, &s_ip6, &d_ip6);
+ }
return err;
}
+
if (ctx->xin->xcache) {
struct xc_entry *entry;
- entry = xlate_cache_add_entry(ctx->xin->xcache, XC_TNL_ARP);
- ovs_strlcpy(entry->u.tnl_arp_cache.br_name, out_dev->xbridge->name,
- sizeof entry->u.tnl_arp_cache.br_name);
- entry->u.tnl_arp_cache.d_ip = d_ip;
+ entry = xlate_cache_add_entry(ctx->xin->xcache, XC_TNL_NEIGH);
+ ovs_strlcpy(entry->u.tnl_neigh_cache.br_name, out_dev->xbridge->name,
+ sizeof entry->u.tnl_neigh_cache.br_name);
+ entry->u.tnl_neigh_cache.d_ipv6 = d_ip6;
}
- xlate_report(ctx, "tunneling from "ETH_ADDR_FMT" "IP_FMT
- " to "ETH_ADDR_FMT" "IP_FMT,
- ETH_ADDR_ARGS(smac), IP_ARGS(s_ip),
- ETH_ADDR_ARGS(dmac), IP_ARGS(d_ip));
+ xlate_report(ctx, "tunneling from "ETH_ADDR_FMT" %s"
+ " to "ETH_ADDR_FMT" %s",
+ ETH_ADDR_ARGS(smac), ipv6_string_mapped(buf_sip6, &s_ip6),
+ ETH_ADDR_ARGS(dmac), buf_dip6);
+
err = tnl_port_build_header(xport->ofport, flow,
- dmac, smac, s_ip, &tnl_push_data);
+ dmac, smac, &s_ip6, &tnl_push_data);
if (err) {
return err;
}
/* If 'struct flow' gets additional metadata, we'll need to zero it out
* before traversing a patch port. */
- BUILD_ASSERT_DECL(FLOW_WC_SEQ == 34);
+ BUILD_ASSERT_DECL(FLOW_WC_SEQ == 35);
memset(&flow_tnl, 0, sizeof flow_tnl);
if (!xport) {
}
if (xport->is_tunnel) {
- ovs_be32 dst;
+ struct in6_addr dst;
/* Save tunnel metadata so that changes made due to
* the Logical (tunnel) Port are not visible for any further
* matches, while explicit set actions on tunnel metadata are.
xlate_report(ctx, "Tunneling decided against output");
goto out; /* restore flow_nw_tos */
}
- dst = in6_addr_get_mapped_ipv4(&ctx->orig_tunnel_ipv6_dst);
- if (flow->tunnel.ip_dst == dst) {
+ dst = flow_tnl_dst(&flow->tunnel);
+ if (ipv6_addr_equals(&dst, &ctx->orig_tunnel_ipv6_dst)) {
xlate_report(ctx, "Not tunneling to our own address");
goto out; /* restore flow_nw_tos */
}
struct dp_packet *packet;
ctx->xout->slow |= SLOW_CONTROLLER;
+ xlate_commit_actions(ctx);
if (!ctx->xin->packet) {
return;
}
packet = dp_packet_clone(ctx->xin->packet);
- xlate_commit_actions(ctx);
-
odp_execute_actions(NULL, &packet, 1, false,
ctx->odp_actions->data, ctx->odp_actions->size, NULL);
- pin = xmalloc(sizeof *pin);
- pin->up.packet_len = dp_packet_size(packet);
- pin->up.packet = dp_packet_steal_data(packet);
- pin->up.reason = reason;
- pin->up.table_id = ctx->table_id;
- pin->up.cookie = ctx->rule_cookie;
+ /* A packet sent by an action in a table-miss rule is considered an
+ * explicit table miss. OpenFlow before 1.3 doesn't have that concept so
+ * it will get translated back to OFPR_ACTION for those versions. */
+ if (reason == OFPR_ACTION
+ && ctx->rule && rule_dpif_is_table_miss(ctx->rule)) {
+ reason = OFPR_EXPLICIT_MISS;
+ }
+ size_t packet_len = dp_packet_size(packet);
+
+ pin = xmalloc(sizeof *pin);
+ *pin = (struct ofproto_packet_in) {
+ .controller_id = controller_id,
+ .up = {
+ .packet = dp_packet_steal_data(packet),
+ .len = packet_len,
+ .reason = reason,
+ .table_id = ctx->table_id,
+ .cookie = ctx->rule_cookie,
+ },
+ .max_len = len,
+ };
flow_get_metadata(&ctx->xin->flow, &pin->up.flow_metadata);
- pin->controller_id = controller_id;
- pin->send_len = len;
- /* If a rule is a table-miss rule then this is
- * a table-miss handled by a table-miss rule.
- *
- * Else, if rule is internal and has a controller action,
- * the later being implied by the rule being processed here,
- * then this is a table-miss handled without a table-miss rule.
- *
- * Otherwise this is not a table-miss. */
- pin->miss_type = OFPROTO_PACKET_IN_NO_MISS;
- if (ctx->rule) {
- if (rule_dpif_is_table_miss(ctx->rule)) {
- pin->miss_type = OFPROTO_PACKET_IN_MISS_FLOW;
- } else if (rule_dpif_is_internal(ctx->rule)) {
- pin->miss_type = OFPROTO_PACKET_IN_MISS_WITHOUT_FLOW;
- }
- }
ofproto_dpif_send_packet_in(ctx->xbridge->ofproto, pin);
dp_packet_delete(packet);
}
}
ofpbuf_put(&ctx->action_set, on->actions, on_len);
- ofpact_pad(&ctx->action_set);
}
static void
const struct ofpact *a;
if (ovs_native_tunneling_is_on(ctx->xbridge->ofproto)) {
- tnl_arp_snoop(flow, wc, ctx->xbridge->name);
- tnl_nd_snoop(flow, wc, ctx->xbridge->name);
+ tnl_neigh_snoop(flow, wc, ctx->xbridge->name);
}
/* dl_type already in the mask, not set below. */
{
*xout = (struct xlate_out) {
.slow = 0,
- .fail_open = false,
.recircs = RECIRC_REFS_EMPTY_INITIALIZER,
};
.xin = xin,
.xout = xout,
.base_flow = *flow,
+ .orig_tunnel_ipv6_dst = flow_tnl_dst(&flow->tunnel),
.xbridge = xbridge,
.stack = OFPBUF_STUB_INITIALIZER(stack_stub),
.rule = xin->rule,
.action_set_has_group = false,
.action_set = OFPBUF_STUB_INITIALIZER(action_set_stub),
};
- in6_addr_set_mapped_ipv4(&ctx.orig_tunnel_ipv6_dst, flow->tunnel.ip_dst);
/* 'base_flow' reflects the packet as it came in, but we need it to reflect
* the packet as the datapath will treat it for output actions:
ctx.xin->resubmit_hook(ctx.xin, ctx.rule, 0);
}
}
- xout->fail_open = ctx.rule && rule_dpif_is_fail_open(ctx.rule);
/* Get the proximate input port of the packet. (If xin->recirc,
* flow->in_port is the ultimate input port of the packet.) */
group_dpif_credit_stats(entry->u.group.group, entry->u.group.bucket,
stats);
break;
- case XC_TNL_ARP:
- /* Lookup arp to avoid arp timeout. */
- tnl_arp_lookup(entry->u.tnl_arp_cache.br_name,
- entry->u.tnl_arp_cache.d_ip, &dmac);
+ case XC_TNL_NEIGH:
+ /* Lookup neighbor to avoid timeout. */
+ tnl_neigh_lookup(entry->u.tnl_neigh_cache.br_name,
+ &entry->u.tnl_neigh_cache.d_ipv6, &dmac);
break;
default:
OVS_NOT_REACHED();
case XC_GROUP:
group_dpif_unref(entry->u.group.group);
break;
- case XC_TNL_ARP:
+ case XC_TNL_NEIGH:
break;
default:
OVS_NOT_REACHED();