Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 1 | /* |
| 2 | * Copyright 2015 Open Networking Laboratory |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | package org.onosproject.driver.pipeline; |
| 17 | |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 18 | import static org.slf4j.LoggerFactory.getLogger; |
| 19 | |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 20 | import java.util.ArrayDeque; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 21 | import java.util.ArrayList; |
| 22 | import java.util.Collection; |
| 23 | import java.util.Collections; |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 24 | import java.util.Deque; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 25 | import java.util.List; |
Sho SHIMIZU | 4590604 | 2016-01-13 23:05:54 -0800 | [diff] [blame] | 26 | import java.util.Objects; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 27 | import java.util.Set; |
| 28 | import java.util.concurrent.ConcurrentHashMap; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 29 | |
| 30 | import org.onlab.osgi.ServiceDirectory; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 31 | import org.onlab.packet.Ethernet; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 32 | import org.onlab.packet.MacAddress; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 33 | import org.onlab.packet.VlanId; |
| 34 | import org.onlab.util.KryoNamespace; |
| 35 | import org.onosproject.core.ApplicationId; |
| 36 | import org.onosproject.core.CoreService; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 37 | import org.onosproject.net.DeviceId; |
| 38 | import org.onosproject.net.Port; |
| 39 | import org.onosproject.net.PortNumber; |
| 40 | import org.onosproject.net.behaviour.NextGroup; |
| 41 | import org.onosproject.net.behaviour.Pipeliner; |
| 42 | import org.onosproject.net.behaviour.PipelinerContext; |
| 43 | import org.onosproject.net.device.DeviceService; |
| 44 | import org.onosproject.net.driver.AbstractHandlerBehaviour; |
| 45 | import org.onosproject.net.flow.DefaultFlowRule; |
| 46 | import org.onosproject.net.flow.DefaultTrafficSelector; |
| 47 | import org.onosproject.net.flow.DefaultTrafficTreatment; |
| 48 | import org.onosproject.net.flow.FlowRule; |
| 49 | import org.onosproject.net.flow.FlowRuleOperations; |
| 50 | import org.onosproject.net.flow.FlowRuleOperationsContext; |
| 51 | import org.onosproject.net.flow.FlowRuleService; |
| 52 | import org.onosproject.net.flow.TrafficSelector; |
| 53 | import org.onosproject.net.flow.TrafficTreatment; |
| 54 | import org.onosproject.net.flow.criteria.Criteria; |
| 55 | import org.onosproject.net.flow.criteria.Criterion; |
| 56 | import org.onosproject.net.flow.criteria.EthCriterion; |
| 57 | import org.onosproject.net.flow.criteria.EthTypeCriterion; |
| 58 | import org.onosproject.net.flow.criteria.IPCriterion; |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 59 | import org.onosproject.net.flow.criteria.MplsBosCriterion; |
| 60 | import org.onosproject.net.flow.criteria.MplsCriterion; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 61 | import org.onosproject.net.flow.criteria.PortCriterion; |
| 62 | import org.onosproject.net.flow.criteria.VlanIdCriterion; |
| 63 | import org.onosproject.net.flow.instructions.Instruction; |
| 64 | import org.onosproject.net.flow.instructions.Instructions.OutputInstruction; |
| 65 | import org.onosproject.net.flow.instructions.L2ModificationInstruction; |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 66 | import org.onosproject.net.flow.instructions.L2ModificationInstruction.L2SubType; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 67 | import org.onosproject.net.flow.instructions.L2ModificationInstruction.ModVlanIdInstruction; |
| 68 | import org.onosproject.net.flowobjective.FilteringObjective; |
| 69 | import org.onosproject.net.flowobjective.FlowObjectiveStore; |
| 70 | import org.onosproject.net.flowobjective.ForwardingObjective; |
| 71 | import org.onosproject.net.flowobjective.NextObjective; |
| 72 | import org.onosproject.net.flowobjective.Objective; |
| 73 | import org.onosproject.net.flowobjective.ObjectiveError; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 74 | import org.onosproject.net.group.DefaultGroupKey; |
| 75 | import org.onosproject.net.group.Group; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 76 | import org.onosproject.net.group.GroupKey; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 77 | import org.onosproject.net.group.GroupService; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 78 | import org.onosproject.store.serializers.KryoNamespaces; |
| 79 | import org.slf4j.Logger; |
| 80 | |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 81 | /** |
| 82 | * Driver for Broadcom's OF-DPA v2.0 TTP. |
| 83 | * |
| 84 | */ |
| 85 | public class OFDPA2Pipeline extends AbstractHandlerBehaviour implements Pipeliner { |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 86 | protected static final int PORT_TABLE = 0; |
| 87 | protected static final int VLAN_TABLE = 10; |
| 88 | protected static final int TMAC_TABLE = 20; |
| 89 | protected static final int UNICAST_ROUTING_TABLE = 30; |
| 90 | protected static final int MULTICAST_ROUTING_TABLE = 40; |
| 91 | protected static final int MPLS_TABLE_0 = 23; |
| 92 | protected static final int MPLS_TABLE_1 = 24; |
| 93 | protected static final int BRIDGING_TABLE = 50; |
| 94 | protected static final int ACL_TABLE = 60; |
| 95 | protected static final int MAC_LEARNING_TABLE = 254; |
| 96 | protected static final long OFPP_MAX = 0xffffff00L; |
| 97 | |
| 98 | private static final int HIGHEST_PRIORITY = 0xffff; |
Saurav Das | 2857f38 | 2015-11-03 14:39:27 -0800 | [diff] [blame] | 99 | protected static final int DEFAULT_PRIORITY = 0x8000; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 100 | protected static final int LOWEST_PRIORITY = 0x0; |
| 101 | |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 102 | private final Logger log = getLogger(getClass()); |
| 103 | private ServiceDirectory serviceDirectory; |
| 104 | protected FlowRuleService flowRuleService; |
| 105 | private CoreService coreService; |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 106 | protected GroupService groupService; |
| 107 | protected FlowObjectiveStore flowObjectiveStore; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 108 | protected DeviceId deviceId; |
| 109 | protected ApplicationId driverId; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 110 | protected DeviceService deviceService; |
Charles Chan | 188ebf5 | 2015-12-23 00:15:11 -0800 | [diff] [blame] | 111 | protected static KryoNamespace appKryo = new KryoNamespace.Builder() |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 112 | .register(KryoNamespaces.API) |
| 113 | .register(GroupKey.class) |
| 114 | .register(DefaultGroupKey.class) |
Andrea Campanella | 238d96e | 2016-01-20 11:52:02 -0800 | [diff] [blame] | 115 | .register(OFDPA2GroupHandler.OfdpaNextGroup.class) |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 116 | .register(byte[].class) |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 117 | .register(ArrayDeque.class) |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 118 | .build(); |
| 119 | |
Charles Chan | 188ebf5 | 2015-12-23 00:15:11 -0800 | [diff] [blame] | 120 | protected OFDPA2GroupHandler ofdpa2GroupHandler; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 121 | |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 122 | private Set<IPCriterion> sentIpFilters = Collections.newSetFromMap( |
Charles Chan | 188ebf5 | 2015-12-23 00:15:11 -0800 | [diff] [blame] | 123 | new ConcurrentHashMap<>()); |
Saurav Das | 4f98008 | 2015-11-05 13:39:15 -0800 | [diff] [blame] | 124 | |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 125 | @Override |
| 126 | public void init(DeviceId deviceId, PipelinerContext context) { |
| 127 | this.serviceDirectory = context.directory(); |
| 128 | this.deviceId = deviceId; |
| 129 | |
Charles Chan | 188ebf5 | 2015-12-23 00:15:11 -0800 | [diff] [blame] | 130 | // Initialize OFDPA group handler |
| 131 | ofdpa2GroupHandler = new OFDPA2GroupHandler(); |
| 132 | ofdpa2GroupHandler.init(deviceId, context); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 133 | |
| 134 | coreService = serviceDirectory.get(CoreService.class); |
| 135 | flowRuleService = serviceDirectory.get(FlowRuleService.class); |
| 136 | groupService = serviceDirectory.get(GroupService.class); |
| 137 | flowObjectiveStore = context.store(); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 138 | deviceService = serviceDirectory.get(DeviceService.class); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 139 | |
| 140 | driverId = coreService.registerApplication( |
| 141 | "org.onosproject.driver.OFDPA2Pipeline"); |
| 142 | |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 143 | initializePipeline(); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 144 | } |
| 145 | |
| 146 | protected void initializePipeline() { |
Charles Chan | 188ebf5 | 2015-12-23 00:15:11 -0800 | [diff] [blame] | 147 | // OF-DPA does not require initializing the pipeline as it puts default |
| 148 | // rules automatically in the hardware. However emulation of OFDPA in |
| 149 | // software switches does require table-miss-entries. |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 150 | } |
| 151 | |
| 152 | ////////////////////////////////////// |
| 153 | // Flow Objectives |
| 154 | ////////////////////////////////////// |
| 155 | |
| 156 | @Override |
| 157 | public void filter(FilteringObjective filteringObjective) { |
| 158 | if (filteringObjective.type() == FilteringObjective.Type.PERMIT) { |
| 159 | processFilter(filteringObjective, |
| 160 | filteringObjective.op() == Objective.Operation.ADD, |
| 161 | filteringObjective.appId()); |
| 162 | } else { |
| 163 | // Note that packets that don't match the PERMIT filter are |
| 164 | // automatically denied. The DENY filter is used to deny packets |
| 165 | // that are otherwise permitted by the PERMIT filter. |
| 166 | // Use ACL table flow rules here for DENY filtering objectives |
| 167 | log.debug("filter objective other than PERMIT currently not supported"); |
| 168 | fail(filteringObjective, ObjectiveError.UNSUPPORTED); |
| 169 | } |
| 170 | } |
| 171 | |
| 172 | @Override |
| 173 | public void forward(ForwardingObjective fwd) { |
| 174 | Collection<FlowRule> rules; |
| 175 | FlowRuleOperations.Builder flowOpsBuilder = FlowRuleOperations.builder(); |
| 176 | |
| 177 | rules = processForward(fwd); |
| 178 | switch (fwd.op()) { |
| 179 | case ADD: |
| 180 | rules.stream() |
Sho SHIMIZU | 4590604 | 2016-01-13 23:05:54 -0800 | [diff] [blame] | 181 | .filter(Objects::nonNull) |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 182 | .forEach(flowOpsBuilder::add); |
| 183 | break; |
| 184 | case REMOVE: |
| 185 | rules.stream() |
Sho SHIMIZU | 4590604 | 2016-01-13 23:05:54 -0800 | [diff] [blame] | 186 | .filter(Objects::nonNull) |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 187 | .forEach(flowOpsBuilder::remove); |
| 188 | break; |
| 189 | default: |
| 190 | fail(fwd, ObjectiveError.UNKNOWN); |
| 191 | log.warn("Unknown forwarding type {}", fwd.op()); |
| 192 | } |
| 193 | |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 194 | flowRuleService.apply(flowOpsBuilder.build(new FlowRuleOperationsContext() { |
| 195 | @Override |
| 196 | public void onSuccess(FlowRuleOperations ops) { |
| 197 | pass(fwd); |
| 198 | } |
| 199 | |
| 200 | @Override |
| 201 | public void onError(FlowRuleOperations ops) { |
| 202 | fail(fwd, ObjectiveError.FLOWINSTALLATIONFAILED); |
| 203 | } |
| 204 | })); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 205 | } |
| 206 | |
| 207 | @Override |
| 208 | public void next(NextObjective nextObjective) { |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 209 | NextGroup nextGroup = flowObjectiveStore.getNextGroup(nextObjective.id()); |
| 210 | switch (nextObjective.op()) { |
| 211 | case ADD: |
Saurav Das | 4f98008 | 2015-11-05 13:39:15 -0800 | [diff] [blame] | 212 | if (nextGroup != null) { |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 213 | log.warn("Cannot add next {} that already exists in device {}", |
| 214 | nextObjective.id(), deviceId); |
| 215 | return; |
| 216 | } |
| 217 | log.debug("Processing NextObjective id{} in dev{} - add group", |
| 218 | nextObjective.id(), deviceId); |
Charles Chan | 188ebf5 | 2015-12-23 00:15:11 -0800 | [diff] [blame] | 219 | ofdpa2GroupHandler.addGroup(nextObjective); |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 220 | break; |
| 221 | case ADD_TO_EXISTING: |
| 222 | if (nextGroup != null) { |
| 223 | log.debug("Processing NextObjective id{} in dev{} - add bucket", |
| 224 | nextObjective.id(), deviceId); |
Charles Chan | 188ebf5 | 2015-12-23 00:15:11 -0800 | [diff] [blame] | 225 | ofdpa2GroupHandler.addBucketToGroup(nextObjective, nextGroup); |
Saurav Das | 4f98008 | 2015-11-05 13:39:15 -0800 | [diff] [blame] | 226 | } else { |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 227 | // it is possible that group-chain has not been fully created yet |
Saurav Das | 423fe2b | 2015-12-04 10:52:59 -0800 | [diff] [blame] | 228 | log.debug("Waiting to add bucket to group for next-id:{} in dev:{}", |
| 229 | nextObjective.id(), deviceId); |
| 230 | // by design only one pending bucket is allowed for the group |
Charles Chan | 188ebf5 | 2015-12-23 00:15:11 -0800 | [diff] [blame] | 231 | ofdpa2GroupHandler.pendingBuckets.put(nextObjective.id(), nextObjective); |
Saurav Das | 4f98008 | 2015-11-05 13:39:15 -0800 | [diff] [blame] | 232 | } |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 233 | break; |
| 234 | case REMOVE: |
| 235 | if (nextGroup == null) { |
| 236 | log.warn("Cannot remove next {} that does not exist in device {}", |
| 237 | nextObjective.id(), deviceId); |
| 238 | return; |
| 239 | } |
| 240 | log.debug("Processing NextObjective id{} in dev{} - remove group", |
| 241 | nextObjective.id(), deviceId); |
Charles Chan | 188ebf5 | 2015-12-23 00:15:11 -0800 | [diff] [blame] | 242 | ofdpa2GroupHandler.removeGroup(nextObjective, nextGroup); |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 243 | break; |
| 244 | case REMOVE_FROM_EXISTING: |
| 245 | if (nextGroup == null) { |
| 246 | log.warn("Cannot remove from next {} that does not exist in device {}", |
| 247 | nextObjective.id(), deviceId); |
| 248 | return; |
| 249 | } |
| 250 | log.debug("Processing NextObjective id{} in dev{} - remove bucket", |
| 251 | nextObjective.id(), deviceId); |
Charles Chan | 188ebf5 | 2015-12-23 00:15:11 -0800 | [diff] [blame] | 252 | ofdpa2GroupHandler.removeBucketFromGroup(nextObjective, nextGroup); |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 253 | break; |
| 254 | default: |
Saurav Das | 4f98008 | 2015-11-05 13:39:15 -0800 | [diff] [blame] | 255 | log.warn("Unsupported operation {}", nextObjective.op()); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 256 | } |
| 257 | } |
| 258 | |
| 259 | ////////////////////////////////////// |
| 260 | // Flow handling |
| 261 | ////////////////////////////////////// |
| 262 | |
| 263 | /** |
| 264 | * As per OFDPA 2.0 TTP, filtering of VLAN ids, MAC addresses (for routing) |
| 265 | * and IP addresses configured on switch ports happen in different tables. |
| 266 | * Note that IP filtering rules need to be added to the ACL table, as there |
| 267 | * is no mechanism to send to controller via IP table. |
| 268 | * |
| 269 | * @param filt the filtering objective |
| 270 | * @param install indicates whether to add or remove the objective |
| 271 | * @param applicationId the application that sent this objective |
| 272 | */ |
| 273 | private void processFilter(FilteringObjective filt, |
| 274 | boolean install, ApplicationId applicationId) { |
| 275 | // This driver only processes filtering criteria defined with switch |
| 276 | // ports as the key |
| 277 | PortCriterion portCriterion = null; |
| 278 | EthCriterion ethCriterion = null; |
| 279 | VlanIdCriterion vidCriterion = null; |
| 280 | Collection<IPCriterion> ips = new ArrayList<IPCriterion>(); |
| 281 | if (!filt.key().equals(Criteria.dummy()) && |
| 282 | filt.key().type() == Criterion.Type.IN_PORT) { |
| 283 | portCriterion = (PortCriterion) filt.key(); |
| 284 | } else { |
| 285 | log.warn("No key defined in filtering objective from app: {}. Not" |
| 286 | + "processing filtering objective", applicationId); |
| 287 | fail(filt, ObjectiveError.UNKNOWN); |
| 288 | return; |
| 289 | } |
| 290 | // convert filtering conditions for switch-intfs into flowrules |
| 291 | FlowRuleOperations.Builder ops = FlowRuleOperations.builder(); |
| 292 | for (Criterion criterion : filt.conditions()) { |
| 293 | if (criterion.type() == Criterion.Type.ETH_DST) { |
| 294 | ethCriterion = (EthCriterion) criterion; |
| 295 | } else if (criterion.type() == Criterion.Type.VLAN_VID) { |
| 296 | vidCriterion = (VlanIdCriterion) criterion; |
| 297 | } else if (criterion.type() == Criterion.Type.IPV4_DST) { |
| 298 | ips.add((IPCriterion) criterion); |
| 299 | } else { |
| 300 | log.error("Unsupported filter {}", criterion); |
| 301 | fail(filt, ObjectiveError.UNSUPPORTED); |
| 302 | return; |
| 303 | } |
| 304 | } |
| 305 | |
Saurav Das | 0e99e2b | 2015-10-28 12:39:42 -0700 | [diff] [blame] | 306 | VlanId assignedVlan = null; |
Charles Chan | e849c19 | 2016-01-11 18:28:54 -0800 | [diff] [blame] | 307 | // For VLAN cross-connect packets, use the configured VLAN |
| 308 | if (vidCriterion != null) { |
| 309 | if (vidCriterion.vlanId() != VlanId.NONE) { |
| 310 | assignedVlan = vidCriterion.vlanId(); |
| 311 | |
| 312 | // For untagged packets, assign a VLAN ID |
| 313 | } else { |
| 314 | if (filt.meta() == null) { |
| 315 | log.error("Missing metadata in filtering objective required " + |
| 316 | "for vlan assignment in dev {}", deviceId); |
| 317 | fail(filt, ObjectiveError.BADPARAMS); |
| 318 | return; |
Saurav Das | 0e99e2b | 2015-10-28 12:39:42 -0700 | [diff] [blame] | 319 | } |
Charles Chan | e849c19 | 2016-01-11 18:28:54 -0800 | [diff] [blame] | 320 | for (Instruction i : filt.meta().allInstructions()) { |
| 321 | if (i instanceof ModVlanIdInstruction) { |
| 322 | assignedVlan = ((ModVlanIdInstruction) i).vlanId(); |
| 323 | } |
| 324 | } |
| 325 | if (assignedVlan == null) { |
| 326 | log.error("Driver requires an assigned vlan-id to tag incoming " |
| 327 | + "untagged packets. Not processing vlan filters on " |
| 328 | + "device {}", deviceId); |
| 329 | fail(filt, ObjectiveError.BADPARAMS); |
| 330 | return; |
| 331 | } |
Saurav Das | 0e99e2b | 2015-10-28 12:39:42 -0700 | [diff] [blame] | 332 | } |
| 333 | } |
| 334 | |
Charles Chan | e849c19 | 2016-01-11 18:28:54 -0800 | [diff] [blame] | 335 | if (ethCriterion == null || ethCriterion.mac().equals(MacAddress.NONE)) { |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 336 | log.debug("filtering objective missing dstMac, cannot program TMAC table"); |
| 337 | } else { |
| 338 | for (FlowRule tmacRule : processEthDstFilter(portCriterion, ethCriterion, |
Saurav Das | 0e99e2b | 2015-10-28 12:39:42 -0700 | [diff] [blame] | 339 | vidCriterion, assignedVlan, |
| 340 | applicationId)) { |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 341 | log.debug("adding MAC filtering rules in TMAC table: {} for dev: {}", |
| 342 | tmacRule, deviceId); |
| 343 | ops = install ? ops.add(tmacRule) : ops.remove(tmacRule); |
| 344 | } |
| 345 | } |
| 346 | |
| 347 | if (ethCriterion == null || vidCriterion == null) { |
Charles Chan | e849c19 | 2016-01-11 18:28:54 -0800 | [diff] [blame] | 348 | log.debug("filtering objective missing dstMac or VLAN, " |
| 349 | + "cannot program VLAN Table"); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 350 | } else { |
| 351 | for (FlowRule vlanRule : processVlanIdFilter(portCriterion, vidCriterion, |
Saurav Das | 0e99e2b | 2015-10-28 12:39:42 -0700 | [diff] [blame] | 352 | assignedVlan, |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 353 | applicationId)) { |
| 354 | log.debug("adding VLAN filtering rule in VLAN table: {} for dev: {}", |
| 355 | vlanRule, deviceId); |
| 356 | ops = install ? ops.add(vlanRule) : ops.remove(vlanRule); |
| 357 | } |
| 358 | } |
| 359 | |
| 360 | for (IPCriterion ipaddr : ips) { |
| 361 | // since we ignore port information for IP rules, and the same (gateway) IP |
| 362 | // can be configured on multiple ports, we make sure that we send |
| 363 | // only a single rule to the switch. |
| 364 | if (!sentIpFilters.contains(ipaddr)) { |
| 365 | sentIpFilters.add(ipaddr); |
| 366 | log.debug("adding IP filtering rules in ACL table {} for dev: {}", |
| 367 | ipaddr, deviceId); |
| 368 | TrafficSelector.Builder selector = DefaultTrafficSelector.builder(); |
| 369 | TrafficTreatment.Builder treatment = DefaultTrafficTreatment.builder(); |
| 370 | selector.matchEthType(Ethernet.TYPE_IPV4); |
| 371 | selector.matchIPDst(ipaddr.ip()); |
| 372 | treatment.setOutput(PortNumber.CONTROLLER); |
| 373 | FlowRule rule = DefaultFlowRule.builder() |
| 374 | .forDevice(deviceId) |
| 375 | .withSelector(selector.build()) |
| 376 | .withTreatment(treatment.build()) |
| 377 | .withPriority(HIGHEST_PRIORITY) |
| 378 | .fromApp(applicationId) |
| 379 | .makePermanent() |
| 380 | .forTable(ACL_TABLE).build(); |
| 381 | ops = install ? ops.add(rule) : ops.remove(rule); |
| 382 | } |
| 383 | } |
| 384 | |
| 385 | // apply filtering flow rules |
| 386 | flowRuleService.apply(ops.build(new FlowRuleOperationsContext() { |
| 387 | @Override |
| 388 | public void onSuccess(FlowRuleOperations ops) { |
| 389 | log.info("Applied {} filtering rules in device {}", |
| 390 | ops.stages().get(0).size(), deviceId); |
| 391 | pass(filt); |
| 392 | } |
| 393 | |
| 394 | @Override |
| 395 | public void onError(FlowRuleOperations ops) { |
| 396 | log.info("Failed to apply all filtering rules in dev {}", deviceId); |
| 397 | fail(filt, ObjectiveError.FLOWINSTALLATIONFAILED); |
| 398 | } |
| 399 | })); |
| 400 | |
| 401 | } |
| 402 | |
| 403 | /** |
| 404 | * Allows untagged packets into pipeline by assigning a vlan id. |
Saurav Das | 0e99e2b | 2015-10-28 12:39:42 -0700 | [diff] [blame] | 405 | * Vlan assignment is done by the application. |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 406 | * Allows tagged packets into pipeline as per configured port-vlan info. |
Saurav Das | 0e99e2b | 2015-10-28 12:39:42 -0700 | [diff] [blame] | 407 | * |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 408 | * @param portCriterion port on device for which this filter is programmed |
| 409 | * @param vidCriterion vlan assigned to port, or NONE for untagged |
Saurav Das | 0e99e2b | 2015-10-28 12:39:42 -0700 | [diff] [blame] | 410 | * @param assignedVlan assigned vlan-id for untagged packets |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 411 | * @param applicationId for application programming this filter |
| 412 | * @return list of FlowRule for port-vlan filters |
| 413 | */ |
| 414 | protected List<FlowRule> processVlanIdFilter(PortCriterion portCriterion, |
| 415 | VlanIdCriterion vidCriterion, |
Saurav Das | 0e99e2b | 2015-10-28 12:39:42 -0700 | [diff] [blame] | 416 | VlanId assignedVlan, |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 417 | ApplicationId applicationId) { |
| 418 | List<FlowRule> rules = new ArrayList<FlowRule>(); |
| 419 | TrafficSelector.Builder selector = DefaultTrafficSelector.builder(); |
| 420 | TrafficTreatment.Builder treatment = DefaultTrafficTreatment.builder(); |
| 421 | selector.matchVlanId(vidCriterion.vlanId()); |
Saurav Das | 4f98008 | 2015-11-05 13:39:15 -0800 | [diff] [blame] | 422 | treatment.transition(TMAC_TABLE); |
| 423 | |
| 424 | VlanId storeVlan = null; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 425 | if (vidCriterion.vlanId() == VlanId.NONE) { |
| 426 | // untagged packets are assigned vlans |
Saurav Das | 0e99e2b | 2015-10-28 12:39:42 -0700 | [diff] [blame] | 427 | treatment.pushVlan().setVlanId(assignedVlan); |
Saurav Das | 2857f38 | 2015-11-03 14:39:27 -0800 | [diff] [blame] | 428 | // XXX ofdpa will require an additional vlan match on the assigned vlan |
| 429 | // and it may not require the push. This is not in compliance with OF |
| 430 | // standard. Waiting on what the exact flows are going to look like. |
Saurav Das | 4f98008 | 2015-11-05 13:39:15 -0800 | [diff] [blame] | 431 | storeVlan = assignedVlan; |
| 432 | } else { |
| 433 | storeVlan = vidCriterion.vlanId(); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 434 | } |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 435 | |
| 436 | // ofdpa cannot match on ALL portnumber, so we need to use separate |
| 437 | // rules for each port. |
| 438 | List<PortNumber> portnums = new ArrayList<PortNumber>(); |
| 439 | if (portCriterion.port() == PortNumber.ALL) { |
| 440 | for (Port port : deviceService.getPorts(deviceId)) { |
| 441 | if (port.number().toLong() > 0 && port.number().toLong() < OFPP_MAX) { |
| 442 | portnums.add(port.number()); |
| 443 | } |
| 444 | } |
| 445 | } else { |
| 446 | portnums.add(portCriterion.port()); |
| 447 | } |
Saurav Das | 4f98008 | 2015-11-05 13:39:15 -0800 | [diff] [blame] | 448 | |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 449 | for (PortNumber pnum : portnums) { |
Saurav Das | 4f98008 | 2015-11-05 13:39:15 -0800 | [diff] [blame] | 450 | // update storage |
Charles Chan | 188ebf5 | 2015-12-23 00:15:11 -0800 | [diff] [blame] | 451 | ofdpa2GroupHandler.port2Vlan.put(pnum, storeVlan); |
| 452 | Set<PortNumber> vlanPorts = ofdpa2GroupHandler.vlan2Port.get(storeVlan); |
Saurav Das | 4f98008 | 2015-11-05 13:39:15 -0800 | [diff] [blame] | 453 | if (vlanPorts == null) { |
| 454 | vlanPorts = Collections.newSetFromMap( |
| 455 | new ConcurrentHashMap<PortNumber, Boolean>()); |
| 456 | vlanPorts.add(pnum); |
Charles Chan | 188ebf5 | 2015-12-23 00:15:11 -0800 | [diff] [blame] | 457 | ofdpa2GroupHandler.vlan2Port.put(storeVlan, vlanPorts); |
Saurav Das | 4f98008 | 2015-11-05 13:39:15 -0800 | [diff] [blame] | 458 | } else { |
| 459 | vlanPorts.add(pnum); |
| 460 | } |
| 461 | // create rest of flowrule |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 462 | selector.matchInPort(pnum); |
| 463 | FlowRule rule = DefaultFlowRule.builder() |
| 464 | .forDevice(deviceId) |
| 465 | .withSelector(selector.build()) |
| 466 | .withTreatment(treatment.build()) |
| 467 | .withPriority(DEFAULT_PRIORITY) |
| 468 | .fromApp(applicationId) |
| 469 | .makePermanent() |
| 470 | .forTable(VLAN_TABLE).build(); |
| 471 | rules.add(rule); |
| 472 | } |
| 473 | return rules; |
| 474 | } |
| 475 | |
| 476 | /** |
| 477 | * Allows routed packets with correct destination MAC to be directed |
| 478 | * to unicast-IP routing table or MPLS forwarding table. |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 479 | * |
| 480 | * @param portCriterion port on device for which this filter is programmed |
| 481 | * @param ethCriterion dstMac of device for which is filter is programmed |
| 482 | * @param vidCriterion vlan assigned to port, or NONE for untagged |
Saurav Das | 0e99e2b | 2015-10-28 12:39:42 -0700 | [diff] [blame] | 483 | * @param assignedVlan assigned vlan-id for untagged packets |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 484 | * @param applicationId for application programming this filter |
| 485 | * @return list of FlowRule for port-vlan filters |
| 486 | |
| 487 | */ |
| 488 | protected List<FlowRule> processEthDstFilter(PortCriterion portCriterion, |
| 489 | EthCriterion ethCriterion, |
| 490 | VlanIdCriterion vidCriterion, |
Saurav Das | 0e99e2b | 2015-10-28 12:39:42 -0700 | [diff] [blame] | 491 | VlanId assignedVlan, |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 492 | ApplicationId applicationId) { |
| 493 | //handling untagged packets via assigned VLAN |
| 494 | if (vidCriterion.vlanId() == VlanId.NONE) { |
Saurav Das | 0e99e2b | 2015-10-28 12:39:42 -0700 | [diff] [blame] | 495 | vidCriterion = (VlanIdCriterion) Criteria.matchVlanId(assignedVlan); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 496 | } |
| 497 | // ofdpa cannot match on ALL portnumber, so we need to use separate |
| 498 | // rules for each port. |
| 499 | List<PortNumber> portnums = new ArrayList<PortNumber>(); |
| 500 | if (portCriterion.port() == PortNumber.ALL) { |
| 501 | for (Port port : deviceService.getPorts(deviceId)) { |
| 502 | if (port.number().toLong() > 0 && port.number().toLong() < OFPP_MAX) { |
| 503 | portnums.add(port.number()); |
| 504 | } |
| 505 | } |
| 506 | } else { |
| 507 | portnums.add(portCriterion.port()); |
| 508 | } |
| 509 | |
| 510 | List<FlowRule> rules = new ArrayList<FlowRule>(); |
| 511 | for (PortNumber pnum : portnums) { |
| 512 | // for unicast IP packets |
| 513 | TrafficSelector.Builder selector = DefaultTrafficSelector.builder(); |
| 514 | TrafficTreatment.Builder treatment = DefaultTrafficTreatment.builder(); |
| 515 | selector.matchInPort(pnum); |
| 516 | selector.matchVlanId(vidCriterion.vlanId()); |
| 517 | selector.matchEthType(Ethernet.TYPE_IPV4); |
| 518 | selector.matchEthDst(ethCriterion.mac()); |
| 519 | treatment.transition(UNICAST_ROUTING_TABLE); |
| 520 | FlowRule rule = DefaultFlowRule.builder() |
| 521 | .forDevice(deviceId) |
| 522 | .withSelector(selector.build()) |
| 523 | .withTreatment(treatment.build()) |
| 524 | .withPriority(DEFAULT_PRIORITY) |
| 525 | .fromApp(applicationId) |
| 526 | .makePermanent() |
| 527 | .forTable(TMAC_TABLE).build(); |
| 528 | rules.add(rule); |
| 529 | //for MPLS packets |
| 530 | selector = DefaultTrafficSelector.builder(); |
| 531 | treatment = DefaultTrafficTreatment.builder(); |
| 532 | selector.matchInPort(pnum); |
| 533 | selector.matchVlanId(vidCriterion.vlanId()); |
| 534 | selector.matchEthType(Ethernet.MPLS_UNICAST); |
| 535 | selector.matchEthDst(ethCriterion.mac()); |
| 536 | treatment.transition(MPLS_TABLE_0); |
| 537 | rule = DefaultFlowRule.builder() |
| 538 | .forDevice(deviceId) |
| 539 | .withSelector(selector.build()) |
| 540 | .withTreatment(treatment.build()) |
| 541 | .withPriority(DEFAULT_PRIORITY) |
| 542 | .fromApp(applicationId) |
| 543 | .makePermanent() |
| 544 | .forTable(TMAC_TABLE).build(); |
| 545 | rules.add(rule); |
| 546 | } |
| 547 | return rules; |
| 548 | } |
| 549 | |
| 550 | private Collection<FlowRule> processForward(ForwardingObjective fwd) { |
| 551 | switch (fwd.flag()) { |
| 552 | case SPECIFIC: |
| 553 | return processSpecific(fwd); |
| 554 | case VERSATILE: |
| 555 | return processVersatile(fwd); |
| 556 | default: |
| 557 | fail(fwd, ObjectiveError.UNKNOWN); |
| 558 | log.warn("Unknown forwarding flag {}", fwd.flag()); |
| 559 | } |
| 560 | return Collections.emptySet(); |
| 561 | } |
| 562 | |
| 563 | /** |
| 564 | * In the OF-DPA 2.0 pipeline, versatile forwarding objectives go to the |
| 565 | * ACL table. |
| 566 | * @param fwd the forwarding objective of type 'versatile' |
| 567 | * @return a collection of flow rules to be sent to the switch. An empty |
| 568 | * collection may be returned if there is a problem in processing |
| 569 | * the flow rule |
| 570 | */ |
| 571 | private Collection<FlowRule> processVersatile(ForwardingObjective fwd) { |
| 572 | log.info("Processing versatile forwarding objective"); |
| 573 | TrafficSelector selector = fwd.selector(); |
| 574 | |
| 575 | EthTypeCriterion ethType = |
| 576 | (EthTypeCriterion) selector.getCriterion(Criterion.Type.ETH_TYPE); |
| 577 | if (ethType == null) { |
| 578 | log.error("Versatile forwarding objective must include ethType"); |
| 579 | fail(fwd, ObjectiveError.BADPARAMS); |
| 580 | return Collections.emptySet(); |
| 581 | } |
| 582 | if (fwd.nextId() == null && fwd.treatment() == null) { |
| 583 | log.error("Forwarding objective {} from {} must contain " |
| 584 | + "nextId or Treatment", fwd.selector(), fwd.appId()); |
| 585 | return Collections.emptySet(); |
| 586 | } |
Saurav Das | 49cb5a1 | 2016-01-16 22:54:07 -0800 | [diff] [blame^] | 587 | |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 588 | // XXX driver does not currently do type checking as per Tables 65-67 in |
| 589 | // OFDPA 2.0 spec. The only allowed treatment is a punt to the controller. |
Saurav Das | 49cb5a1 | 2016-01-16 22:54:07 -0800 | [diff] [blame^] | 590 | TrafficTreatment.Builder ttBuilder = DefaultTrafficTreatment.builder(); |
| 591 | if (fwd.treatment() != null) { |
| 592 | for (Instruction ins : fwd.treatment().allInstructions()) { |
| 593 | if (ins instanceof OutputInstruction) { |
| 594 | OutputInstruction o = (OutputInstruction) ins; |
| 595 | if (o.port() == PortNumber.CONTROLLER) { |
| 596 | ttBuilder.add(o); |
| 597 | } else { |
| 598 | log.warn("Only allowed treatments in versatile forwarding " |
| 599 | + "objectives are punts to the controller"); |
| 600 | } |
| 601 | } else { |
| 602 | log.warn("Cannot process instruction in versatile fwd {}", ins); |
| 603 | } |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 604 | } |
| 605 | } |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 606 | if (fwd.nextId() != null) { |
Saurav Das | 49cb5a1 | 2016-01-16 22:54:07 -0800 | [diff] [blame^] | 607 | // overide case |
| 608 | NextGroup next = getGroupForNextObjective(fwd.nextId()); |
| 609 | List<Deque<GroupKey>> gkeys = appKryo.deserialize(next.data()); |
| 610 | // we only need the top level group's key to point the flow to it |
| 611 | Group group = groupService.getGroup(deviceId, gkeys.get(0).peekFirst()); |
| 612 | if (group == null) { |
| 613 | log.warn("Group with key:{} for next-id:{} not found in dev:{}", |
| 614 | gkeys.get(0).peekFirst(), fwd.nextId(), deviceId); |
| 615 | fail(fwd, ObjectiveError.GROUPMISSING); |
| 616 | return Collections.emptySet(); |
| 617 | } |
| 618 | ttBuilder.deferred().group(group.id()); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 619 | } |
Saurav Das | 49cb5a1 | 2016-01-16 22:54:07 -0800 | [diff] [blame^] | 620 | // ensure that match does not include vlan = NONE as OF-DPA does not |
| 621 | // match untagged packets this way in the ACL table. |
| 622 | TrafficSelector.Builder selBuilder = DefaultTrafficSelector.builder(); |
| 623 | for (Criterion criterion : fwd.selector().criteria()) { |
| 624 | if (criterion instanceof VlanIdCriterion && |
| 625 | ((VlanIdCriterion) criterion).vlanId() == VlanId.NONE) { |
| 626 | continue; |
| 627 | } |
| 628 | selBuilder.add(criterion); |
| 629 | } |
| 630 | |
| 631 | FlowRule.Builder ruleBuilder = DefaultFlowRule.builder() |
| 632 | .fromApp(fwd.appId()) |
| 633 | .withPriority(fwd.priority()) |
| 634 | .forDevice(deviceId) |
| 635 | .withSelector(selBuilder.build()) |
| 636 | .withTreatment(ttBuilder.build()) |
| 637 | .makePermanent() |
| 638 | .forTable(ACL_TABLE); |
| 639 | return Collections.singletonList(ruleBuilder.build()); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 640 | } |
| 641 | |
| 642 | /** |
| 643 | * In the OF-DPA 2.0 pipeline, specific forwarding refers to the IP table |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 644 | * (unicast or multicast) or the L2 table (mac + vlan) or the MPLS table. |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 645 | * |
| 646 | * @param fwd the forwarding objective of type 'specific' |
| 647 | * @return a collection of flow rules. Typically there will be only one |
| 648 | * for this type of forwarding objective. An empty set may be |
| 649 | * returned if there is an issue in processing the objective. |
| 650 | */ |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 651 | protected Collection<FlowRule> processSpecific(ForwardingObjective fwd) { |
Saurav Das | 4ce4596 | 2015-11-24 23:21:05 -0800 | [diff] [blame] | 652 | log.trace("Processing specific fwd objective:{} in dev:{} with next:{}", |
| 653 | fwd.id(), deviceId, fwd.nextId()); |
| 654 | boolean isEthTypeObj = isSupportedEthTypeObjective(fwd); |
| 655 | boolean isEthDstObj = isSupportedEthDstObjective(fwd); |
| 656 | |
| 657 | if (isEthTypeObj) { |
| 658 | return processEthTypeSpecific(fwd); |
| 659 | } else if (isEthDstObj) { |
| 660 | return processEthDstSpecific(fwd); |
| 661 | } else { |
| 662 | log.warn("processSpecific: Unsupported forwarding objective " |
| 663 | + "criteria fwd:{} in dev:{}", fwd.nextId(), deviceId); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 664 | fail(fwd, ObjectiveError.UNSUPPORTED); |
| 665 | return Collections.emptySet(); |
| 666 | } |
Saurav Das | 4ce4596 | 2015-11-24 23:21:05 -0800 | [diff] [blame] | 667 | } |
| 668 | |
| 669 | private boolean isSupportedEthTypeObjective(ForwardingObjective fwd) { |
| 670 | TrafficSelector selector = fwd.selector(); |
| 671 | EthTypeCriterion ethType = (EthTypeCriterion) selector |
| 672 | .getCriterion(Criterion.Type.ETH_TYPE); |
Charles Chan | 188ebf5 | 2015-12-23 00:15:11 -0800 | [diff] [blame] | 673 | return !((ethType == null) || |
Saurav Das | 4ce4596 | 2015-11-24 23:21:05 -0800 | [diff] [blame] | 674 | ((ethType.ethType().toShort() != Ethernet.TYPE_IPV4) && |
Charles Chan | 188ebf5 | 2015-12-23 00:15:11 -0800 | [diff] [blame] | 675 | (ethType.ethType().toShort() != Ethernet.MPLS_UNICAST))); |
Saurav Das | 4ce4596 | 2015-11-24 23:21:05 -0800 | [diff] [blame] | 676 | } |
| 677 | |
| 678 | private boolean isSupportedEthDstObjective(ForwardingObjective fwd) { |
| 679 | TrafficSelector selector = fwd.selector(); |
| 680 | EthCriterion ethDst = (EthCriterion) selector |
| 681 | .getCriterion(Criterion.Type.ETH_DST); |
| 682 | VlanIdCriterion vlanId = (VlanIdCriterion) selector |
| 683 | .getCriterion(Criterion.Type.VLAN_VID); |
Charles Chan | 188ebf5 | 2015-12-23 00:15:11 -0800 | [diff] [blame] | 684 | return !(ethDst == null && vlanId == null); |
Saurav Das | 4ce4596 | 2015-11-24 23:21:05 -0800 | [diff] [blame] | 685 | } |
| 686 | |
| 687 | /** |
| 688 | * Handles forwarding rules to the IP and MPLS tables. |
| 689 | * |
| 690 | * @param fwd the forwarding objective |
| 691 | * @return A collection of flow rules, or an empty set |
| 692 | */ |
| 693 | protected Collection<FlowRule> processEthTypeSpecific(ForwardingObjective fwd) { |
| 694 | TrafficSelector selector = fwd.selector(); |
| 695 | EthTypeCriterion ethType = |
| 696 | (EthTypeCriterion) selector.getCriterion(Criterion.Type.ETH_TYPE); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 697 | |
Charles Chan | 188ebf5 | 2015-12-23 00:15:11 -0800 | [diff] [blame] | 698 | int forTableId; |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 699 | TrafficSelector.Builder filteredSelector = DefaultTrafficSelector.builder(); |
| 700 | if (ethType.ethType().toShort() == Ethernet.TYPE_IPV4) { |
| 701 | filteredSelector.matchEthType(Ethernet.TYPE_IPV4) |
| 702 | .matchIPDst(((IPCriterion) |
| 703 | selector.getCriterion(Criterion.Type.IPV4_DST)).ip()); |
| 704 | forTableId = UNICAST_ROUTING_TABLE; |
Saurav Das | 4ce4596 | 2015-11-24 23:21:05 -0800 | [diff] [blame] | 705 | log.debug("processing IPv4 specific forwarding objective {} -> next:{}" |
| 706 | + " in dev:{}", fwd.id(), fwd.nextId(), deviceId); |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 707 | } else { |
| 708 | filteredSelector |
| 709 | .matchEthType(Ethernet.MPLS_UNICAST) |
| 710 | .matchMplsLabel(((MplsCriterion) |
| 711 | selector.getCriterion(Criterion.Type.MPLS_LABEL)).label()); |
| 712 | MplsBosCriterion bos = (MplsBosCriterion) selector |
| 713 | .getCriterion(Criterion.Type.MPLS_BOS); |
| 714 | if (bos != null) { |
| 715 | filteredSelector.matchMplsBos(bos.mplsBos()); |
| 716 | } |
| 717 | forTableId = MPLS_TABLE_1; |
Saurav Das | 4ce4596 | 2015-11-24 23:21:05 -0800 | [diff] [blame] | 718 | log.debug("processing MPLS specific forwarding objective {} -> next:{}" |
| 719 | + " in dev {}", fwd.id(), fwd.nextId(), deviceId); |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 720 | } |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 721 | |
| 722 | TrafficTreatment.Builder tb = DefaultTrafficTreatment.builder(); |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 723 | boolean popMpls = false; |
| 724 | if (fwd.treatment() != null) { |
| 725 | for (Instruction i : fwd.treatment().allInstructions()) { |
Charles Chan | 7d10b16 | 2015-12-07 18:54:45 -0800 | [diff] [blame] | 726 | /* |
| 727 | * NOTE: OF-DPA does not support immediate instruction in |
| 728 | * L3 unicast and MPLS table. |
| 729 | */ |
| 730 | tb.deferred().add(i); |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 731 | if (i instanceof L2ModificationInstruction && |
| 732 | ((L2ModificationInstruction) i).subtype() == L2SubType.MPLS_POP) { |
| 733 | popMpls = true; |
| 734 | } |
| 735 | } |
| 736 | } |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 737 | |
| 738 | if (fwd.nextId() != null) { |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 739 | if (forTableId == MPLS_TABLE_1 && !popMpls) { |
| 740 | log.warn("SR CONTINUE case cannot be handled as MPLS ECMP " |
| 741 | + "is not implemented in OF-DPA yet. Aborting this flow " |
| 742 | + "in this device {}", deviceId); |
| 743 | // XXX We could convert to forwarding to a single-port, via a |
| 744 | // MPLS interface, or a MPLS SWAP (with-same) but that would |
| 745 | // have to be handled in the next-objective. Also the pop-mpls |
| 746 | // logic used here won't work in non-BoS case. |
Saurav Das | 4ce4596 | 2015-11-24 23:21:05 -0800 | [diff] [blame] | 747 | fail(fwd, ObjectiveError.FLOWINSTALLATIONFAILED); |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 748 | return Collections.emptySet(); |
| 749 | } |
| 750 | |
Saurav Das | 423fe2b | 2015-12-04 10:52:59 -0800 | [diff] [blame] | 751 | NextGroup next = getGroupForNextObjective(fwd.nextId()); |
| 752 | if (next != null) { |
| 753 | List<Deque<GroupKey>> gkeys = appKryo.deserialize(next.data()); |
| 754 | // we only need the top level group's key to point the flow to it |
| 755 | Group group = groupService.getGroup(deviceId, gkeys.get(0).peekFirst()); |
| 756 | if (group == null) { |
| 757 | log.warn("Group with key:{} for next-id:{} not found in dev:{}", |
| 758 | gkeys.get(0).peekFirst(), fwd.nextId(), deviceId); |
| 759 | fail(fwd, ObjectiveError.GROUPMISSING); |
| 760 | return Collections.emptySet(); |
| 761 | } |
| 762 | tb.deferred().group(group.id()); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 763 | } |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 764 | } |
| 765 | tb.transition(ACL_TABLE); |
| 766 | FlowRule.Builder ruleBuilder = DefaultFlowRule.builder() |
| 767 | .fromApp(fwd.appId()) |
| 768 | .withPriority(fwd.priority()) |
| 769 | .forDevice(deviceId) |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 770 | .withSelector(filteredSelector.build()) |
| 771 | .withTreatment(tb.build()) |
| 772 | .forTable(forTableId); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 773 | |
| 774 | if (fwd.permanent()) { |
| 775 | ruleBuilder.makePermanent(); |
| 776 | } else { |
| 777 | ruleBuilder.makeTemporary(fwd.timeout()); |
| 778 | } |
| 779 | |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 780 | return Collections.singletonList(ruleBuilder.build()); |
| 781 | } |
| 782 | |
Saurav Das | 4ce4596 | 2015-11-24 23:21:05 -0800 | [diff] [blame] | 783 | /** |
| 784 | * Handles forwarding rules to the L2 bridging table. Flow actions are not |
| 785 | * allowed in the bridging table - instead we use L2 Interface group or |
| 786 | * L2 flood group |
| 787 | * |
| 788 | * @param fwd the forwarding objective |
| 789 | * @return A collection of flow rules, or an empty set |
| 790 | */ |
| 791 | protected Collection<FlowRule> processEthDstSpecific(ForwardingObjective fwd) { |
| 792 | List<FlowRule> rules = new ArrayList<>(); |
| 793 | |
| 794 | // Build filtered selector |
| 795 | TrafficSelector selector = fwd.selector(); |
| 796 | EthCriterion ethCriterion = (EthCriterion) selector |
| 797 | .getCriterion(Criterion.Type.ETH_DST); |
| 798 | VlanIdCriterion vlanIdCriterion = (VlanIdCriterion) selector |
| 799 | .getCriterion(Criterion.Type.VLAN_VID); |
| 800 | |
| 801 | if (vlanIdCriterion == null) { |
| 802 | log.warn("Forwarding objective for bridging requires vlan. Not " |
| 803 | + "installing fwd:{} in dev:{}", fwd.id(), deviceId); |
| 804 | fail(fwd, ObjectiveError.BADPARAMS); |
| 805 | return Collections.emptySet(); |
| 806 | } |
| 807 | |
| 808 | TrafficSelector.Builder filteredSelectorBuilder = |
| 809 | DefaultTrafficSelector.builder(); |
| 810 | // Do not match MacAddress for subnet broadcast entry |
| 811 | if (!ethCriterion.mac().equals(MacAddress.NONE)) { |
| 812 | filteredSelectorBuilder.matchEthDst(ethCriterion.mac()); |
| 813 | log.debug("processing L2 forwarding objective:{} -> next:{} in dev:{}", |
| 814 | fwd.id(), fwd.nextId(), deviceId); |
| 815 | } else { |
| 816 | log.debug("processing L2 Broadcast forwarding objective:{} -> next:{} " |
| 817 | + "in dev:{} for vlan:{}", |
| 818 | fwd.id(), fwd.nextId(), deviceId, vlanIdCriterion.vlanId()); |
| 819 | } |
| 820 | filteredSelectorBuilder.matchVlanId(vlanIdCriterion.vlanId()); |
| 821 | TrafficSelector filteredSelector = filteredSelectorBuilder.build(); |
| 822 | |
| 823 | if (fwd.treatment() != null) { |
| 824 | log.warn("Ignoring traffic treatment in fwd rule {} meant for L2 table" |
| 825 | + "for dev:{}. Expecting only nextId", fwd.id(), deviceId); |
| 826 | } |
| 827 | |
| 828 | TrafficTreatment.Builder treatmentBuilder = DefaultTrafficTreatment.builder(); |
| 829 | if (fwd.nextId() != null) { |
Saurav Das | 423fe2b | 2015-12-04 10:52:59 -0800 | [diff] [blame] | 830 | NextGroup next = getGroupForNextObjective(fwd.nextId()); |
Saurav Das | 4ce4596 | 2015-11-24 23:21:05 -0800 | [diff] [blame] | 831 | if (next != null) { |
| 832 | List<Deque<GroupKey>> gkeys = appKryo.deserialize(next.data()); |
| 833 | // we only need the top level group's key to point the flow to it |
| 834 | Group group = groupService.getGroup(deviceId, gkeys.get(0).peekFirst()); |
| 835 | if (group != null) { |
| 836 | treatmentBuilder.deferred().group(group.id()); |
| 837 | } else { |
| 838 | log.warn("Group with key:{} for next-id:{} not found in dev:{}", |
| 839 | gkeys.get(0).peekFirst(), fwd.nextId(), deviceId); |
| 840 | fail(fwd, ObjectiveError.GROUPMISSING); |
| 841 | return Collections.emptySet(); |
| 842 | } |
| 843 | } |
| 844 | } |
| 845 | treatmentBuilder.immediate().transition(ACL_TABLE); |
| 846 | TrafficTreatment filteredTreatment = treatmentBuilder.build(); |
| 847 | |
| 848 | // Build bridging table entries |
| 849 | FlowRule.Builder flowRuleBuilder = DefaultFlowRule.builder(); |
| 850 | flowRuleBuilder.fromApp(fwd.appId()) |
| 851 | .withPriority(fwd.priority()) |
| 852 | .forDevice(deviceId) |
| 853 | .withSelector(filteredSelector) |
| 854 | .withTreatment(filteredTreatment) |
| 855 | .forTable(BRIDGING_TABLE); |
| 856 | if (fwd.permanent()) { |
| 857 | flowRuleBuilder.makePermanent(); |
| 858 | } else { |
| 859 | flowRuleBuilder.makeTemporary(fwd.timeout()); |
| 860 | } |
| 861 | rules.add(flowRuleBuilder.build()); |
| 862 | return rules; |
| 863 | } |
| 864 | |
Saurav Das | 423fe2b | 2015-12-04 10:52:59 -0800 | [diff] [blame] | 865 | protected NextGroup getGroupForNextObjective(Integer nextId) { |
| 866 | NextGroup next = flowObjectiveStore.getNextGroup(nextId); |
| 867 | if (next != null) { |
| 868 | List<Deque<GroupKey>> gkeys = appKryo.deserialize(next.data()); |
| 869 | if (gkeys != null && !gkeys.isEmpty()) { |
| 870 | return next; |
| 871 | } else { |
| 872 | log.warn("Empty next group found in FlowObjective store for " |
| 873 | + "next-id:{} in dev:{}", nextId, deviceId); |
| 874 | } |
| 875 | } else { |
| 876 | log.warn("next-id {} not found in Flow objective store for dev:{}", |
| 877 | nextId, deviceId); |
| 878 | } |
| 879 | return null; |
| 880 | } |
| 881 | |
Charles Chan | 188ebf5 | 2015-12-23 00:15:11 -0800 | [diff] [blame] | 882 | protected static void pass(Objective obj) { |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 883 | if (obj.context().isPresent()) { |
| 884 | obj.context().get().onSuccess(obj); |
| 885 | } |
| 886 | } |
| 887 | |
Charles Chan | 188ebf5 | 2015-12-23 00:15:11 -0800 | [diff] [blame] | 888 | protected static void fail(Objective obj, ObjectiveError error) { |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 889 | if (obj.context().isPresent()) { |
| 890 | obj.context().get().onError(obj, error); |
| 891 | } |
| 892 | } |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 893 | } |