Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 1 | /* |
Brian O'Connor | 5ab426f | 2016-04-09 01:19:45 -0700 | [diff] [blame] | 2 | * Copyright 2016-present Open Networking Laboratory |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | package org.onosproject.driver.pipeline; |
| 17 | |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 18 | import static org.slf4j.LoggerFactory.getLogger; |
| 19 | |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 20 | import java.util.ArrayDeque; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 21 | import java.util.ArrayList; |
| 22 | import java.util.Collection; |
| 23 | import java.util.Collections; |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 24 | import java.util.Deque; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 25 | import java.util.List; |
Sho SHIMIZU | 4590604 | 2016-01-13 23:05:54 -0800 | [diff] [blame] | 26 | import java.util.Objects; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 27 | import java.util.Set; |
| 28 | import java.util.concurrent.ConcurrentHashMap; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 29 | |
Charles Chan | 5270ed0 | 2016-01-30 23:22:37 -0800 | [diff] [blame] | 30 | import com.google.common.collect.ImmutableList; |
Charles Chan | 5b9df8d | 2016-03-28 22:21:40 -0700 | [diff] [blame] | 31 | import com.google.common.collect.ImmutableSet; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 32 | import org.onlab.osgi.ServiceDirectory; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 33 | import org.onlab.packet.Ethernet; |
Charles Chan | 14967c2 | 2015-12-07 11:11:50 -0800 | [diff] [blame] | 34 | import org.onlab.packet.IpPrefix; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 35 | import org.onlab.packet.MacAddress; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 36 | import org.onlab.packet.VlanId; |
| 37 | import org.onlab.util.KryoNamespace; |
| 38 | import org.onosproject.core.ApplicationId; |
| 39 | import org.onosproject.core.CoreService; |
Charles Chan | cad338a | 2016-09-16 18:03:11 -0700 | [diff] [blame^] | 40 | import org.onosproject.driver.extensions.Ofdpa3MplsType; |
| 41 | import org.onosproject.driver.extensions.Ofdpa3SetMplsType; |
Charles Chan | 14967c2 | 2015-12-07 11:11:50 -0800 | [diff] [blame] | 42 | import org.onosproject.driver.extensions.OfdpaMatchVlanVid; |
| 43 | import org.onosproject.driver.extensions.OfdpaSetVlanVid; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 44 | import org.onosproject.net.DeviceId; |
| 45 | import org.onosproject.net.Port; |
| 46 | import org.onosproject.net.PortNumber; |
| 47 | import org.onosproject.net.behaviour.NextGroup; |
| 48 | import org.onosproject.net.behaviour.Pipeliner; |
| 49 | import org.onosproject.net.behaviour.PipelinerContext; |
| 50 | import org.onosproject.net.device.DeviceService; |
| 51 | import org.onosproject.net.driver.AbstractHandlerBehaviour; |
| 52 | import org.onosproject.net.flow.DefaultFlowRule; |
| 53 | import org.onosproject.net.flow.DefaultTrafficSelector; |
| 54 | import org.onosproject.net.flow.DefaultTrafficTreatment; |
| 55 | import org.onosproject.net.flow.FlowRule; |
| 56 | import org.onosproject.net.flow.FlowRuleOperations; |
| 57 | import org.onosproject.net.flow.FlowRuleOperationsContext; |
| 58 | import org.onosproject.net.flow.FlowRuleService; |
| 59 | import org.onosproject.net.flow.TrafficSelector; |
| 60 | import org.onosproject.net.flow.TrafficTreatment; |
| 61 | import org.onosproject.net.flow.criteria.Criteria; |
| 62 | import org.onosproject.net.flow.criteria.Criterion; |
| 63 | import org.onosproject.net.flow.criteria.EthCriterion; |
| 64 | import org.onosproject.net.flow.criteria.EthTypeCriterion; |
Charles Chan | 14967c2 | 2015-12-07 11:11:50 -0800 | [diff] [blame] | 65 | import org.onosproject.net.flow.criteria.ExtensionCriterion; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 66 | import org.onosproject.net.flow.criteria.IPCriterion; |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 67 | import org.onosproject.net.flow.criteria.MplsBosCriterion; |
| 68 | import org.onosproject.net.flow.criteria.MplsCriterion; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 69 | import org.onosproject.net.flow.criteria.PortCriterion; |
| 70 | import org.onosproject.net.flow.criteria.VlanIdCriterion; |
| 71 | import org.onosproject.net.flow.instructions.Instruction; |
| 72 | import org.onosproject.net.flow.instructions.Instructions.OutputInstruction; |
| 73 | import org.onosproject.net.flow.instructions.L2ModificationInstruction; |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 74 | import org.onosproject.net.flow.instructions.L2ModificationInstruction.L2SubType; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 75 | import org.onosproject.net.flow.instructions.L2ModificationInstruction.ModVlanIdInstruction; |
Charles Chan | 14967c2 | 2015-12-07 11:11:50 -0800 | [diff] [blame] | 76 | import org.onosproject.net.flow.instructions.L3ModificationInstruction; |
| 77 | import org.onosproject.net.flow.instructions.L3ModificationInstruction.L3SubType; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 78 | import org.onosproject.net.flowobjective.FilteringObjective; |
| 79 | import org.onosproject.net.flowobjective.FlowObjectiveStore; |
| 80 | import org.onosproject.net.flowobjective.ForwardingObjective; |
| 81 | import org.onosproject.net.flowobjective.NextObjective; |
| 82 | import org.onosproject.net.flowobjective.Objective; |
| 83 | import org.onosproject.net.flowobjective.ObjectiveError; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 84 | import org.onosproject.net.group.DefaultGroupKey; |
| 85 | import org.onosproject.net.group.Group; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 86 | import org.onosproject.net.group.GroupKey; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 87 | import org.onosproject.net.group.GroupService; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 88 | import org.onosproject.store.serializers.KryoNamespaces; |
| 89 | import org.slf4j.Logger; |
| 90 | |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 91 | /** |
| 92 | * Driver for Broadcom's OF-DPA v2.0 TTP. |
| 93 | * |
| 94 | */ |
Charles Chan | 361154b | 2016-03-24 10:23:39 -0700 | [diff] [blame] | 95 | public class Ofdpa2Pipeline extends AbstractHandlerBehaviour implements Pipeliner { |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 96 | protected static final int PORT_TABLE = 0; |
| 97 | protected static final int VLAN_TABLE = 10; |
| 98 | protected static final int TMAC_TABLE = 20; |
| 99 | protected static final int UNICAST_ROUTING_TABLE = 30; |
| 100 | protected static final int MULTICAST_ROUTING_TABLE = 40; |
| 101 | protected static final int MPLS_TABLE_0 = 23; |
| 102 | protected static final int MPLS_TABLE_1 = 24; |
Charles Chan | cad338a | 2016-09-16 18:03:11 -0700 | [diff] [blame^] | 103 | protected static final int MPLS_L3_TYPE = 27; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 104 | protected static final int BRIDGING_TABLE = 50; |
| 105 | protected static final int ACL_TABLE = 60; |
| 106 | protected static final int MAC_LEARNING_TABLE = 254; |
| 107 | protected static final long OFPP_MAX = 0xffffff00L; |
| 108 | |
Saurav Das | 5202596 | 2016-01-28 22:30:01 -0800 | [diff] [blame] | 109 | protected static final int HIGHEST_PRIORITY = 0xffff; |
Saurav Das | 2857f38 | 2015-11-03 14:39:27 -0800 | [diff] [blame] | 110 | protected static final int DEFAULT_PRIORITY = 0x8000; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 111 | protected static final int LOWEST_PRIORITY = 0x0; |
| 112 | |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 113 | private final Logger log = getLogger(getClass()); |
Charles Chan | 425854b | 2016-04-11 15:32:12 -0700 | [diff] [blame] | 114 | protected ServiceDirectory serviceDirectory; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 115 | protected FlowRuleService flowRuleService; |
Charles Chan | 425854b | 2016-04-11 15:32:12 -0700 | [diff] [blame] | 116 | protected CoreService coreService; |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 117 | protected GroupService groupService; |
| 118 | protected FlowObjectiveStore flowObjectiveStore; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 119 | protected DeviceId deviceId; |
| 120 | protected ApplicationId driverId; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 121 | protected DeviceService deviceService; |
Charles Chan | 188ebf5 | 2015-12-23 00:15:11 -0800 | [diff] [blame] | 122 | protected static KryoNamespace appKryo = new KryoNamespace.Builder() |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 123 | .register(KryoNamespaces.API) |
| 124 | .register(GroupKey.class) |
| 125 | .register(DefaultGroupKey.class) |
Charles Chan | 361154b | 2016-03-24 10:23:39 -0700 | [diff] [blame] | 126 | .register(Ofdpa2GroupHandler.OfdpaNextGroup.class) |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 127 | .register(ArrayDeque.class) |
Charles Chan | eefdedf | 2016-05-23 16:45:45 -0700 | [diff] [blame] | 128 | .build("Ofdpa2Pipeline"); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 129 | |
Charles Chan | 425854b | 2016-04-11 15:32:12 -0700 | [diff] [blame] | 130 | protected Ofdpa2GroupHandler groupHandler; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 131 | |
Saurav Das | 5202596 | 2016-01-28 22:30:01 -0800 | [diff] [blame] | 132 | protected Set<IPCriterion> sentIpFilters = Collections.newSetFromMap( |
Charles Chan | 188ebf5 | 2015-12-23 00:15:11 -0800 | [diff] [blame] | 133 | new ConcurrentHashMap<>()); |
Saurav Das | 4f98008 | 2015-11-05 13:39:15 -0800 | [diff] [blame] | 134 | |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 135 | @Override |
| 136 | public void init(DeviceId deviceId, PipelinerContext context) { |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 137 | this.deviceId = deviceId; |
| 138 | |
Charles Chan | 188ebf5 | 2015-12-23 00:15:11 -0800 | [diff] [blame] | 139 | // Initialize OFDPA group handler |
Charles Chan | 425854b | 2016-04-11 15:32:12 -0700 | [diff] [blame] | 140 | groupHandler = new Ofdpa2GroupHandler(); |
| 141 | groupHandler.init(deviceId, context); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 142 | |
Charles Chan | 425854b | 2016-04-11 15:32:12 -0700 | [diff] [blame] | 143 | serviceDirectory = context.directory(); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 144 | coreService = serviceDirectory.get(CoreService.class); |
| 145 | flowRuleService = serviceDirectory.get(FlowRuleService.class); |
| 146 | groupService = serviceDirectory.get(GroupService.class); |
| 147 | flowObjectiveStore = context.store(); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 148 | deviceService = serviceDirectory.get(DeviceService.class); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 149 | |
| 150 | driverId = coreService.registerApplication( |
Charles Chan | 425854b | 2016-04-11 15:32:12 -0700 | [diff] [blame] | 151 | "org.onosproject.driver.Ofdpa2Pipeline"); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 152 | |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 153 | initializePipeline(); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 154 | } |
| 155 | |
| 156 | protected void initializePipeline() { |
Charles Chan | 188ebf5 | 2015-12-23 00:15:11 -0800 | [diff] [blame] | 157 | // OF-DPA does not require initializing the pipeline as it puts default |
| 158 | // rules automatically in the hardware. However emulation of OFDPA in |
| 159 | // software switches does require table-miss-entries. |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 160 | } |
| 161 | |
| 162 | ////////////////////////////////////// |
| 163 | // Flow Objectives |
| 164 | ////////////////////////////////////// |
| 165 | |
| 166 | @Override |
| 167 | public void filter(FilteringObjective filteringObjective) { |
| 168 | if (filteringObjective.type() == FilteringObjective.Type.PERMIT) { |
| 169 | processFilter(filteringObjective, |
| 170 | filteringObjective.op() == Objective.Operation.ADD, |
| 171 | filteringObjective.appId()); |
| 172 | } else { |
| 173 | // Note that packets that don't match the PERMIT filter are |
| 174 | // automatically denied. The DENY filter is used to deny packets |
| 175 | // that are otherwise permitted by the PERMIT filter. |
| 176 | // Use ACL table flow rules here for DENY filtering objectives |
| 177 | log.debug("filter objective other than PERMIT currently not supported"); |
| 178 | fail(filteringObjective, ObjectiveError.UNSUPPORTED); |
| 179 | } |
| 180 | } |
| 181 | |
| 182 | @Override |
| 183 | public void forward(ForwardingObjective fwd) { |
| 184 | Collection<FlowRule> rules; |
| 185 | FlowRuleOperations.Builder flowOpsBuilder = FlowRuleOperations.builder(); |
| 186 | |
| 187 | rules = processForward(fwd); |
Saurav Das | 2519081 | 2016-05-27 13:54:07 -0700 | [diff] [blame] | 188 | if (rules == null || rules.isEmpty()) { |
| 189 | // Assumes fail message has already been generated to the objective |
| 190 | // context. Returning here prevents spurious pass message to be |
| 191 | // generated by FlowRule service for empty flowOps. |
| 192 | return; |
| 193 | } |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 194 | switch (fwd.op()) { |
| 195 | case ADD: |
| 196 | rules.stream() |
Sho SHIMIZU | 4590604 | 2016-01-13 23:05:54 -0800 | [diff] [blame] | 197 | .filter(Objects::nonNull) |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 198 | .forEach(flowOpsBuilder::add); |
| 199 | break; |
| 200 | case REMOVE: |
| 201 | rules.stream() |
Sho SHIMIZU | 4590604 | 2016-01-13 23:05:54 -0800 | [diff] [blame] | 202 | .filter(Objects::nonNull) |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 203 | .forEach(flowOpsBuilder::remove); |
| 204 | break; |
| 205 | default: |
| 206 | fail(fwd, ObjectiveError.UNKNOWN); |
| 207 | log.warn("Unknown forwarding type {}", fwd.op()); |
| 208 | } |
| 209 | |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 210 | flowRuleService.apply(flowOpsBuilder.build(new FlowRuleOperationsContext() { |
| 211 | @Override |
| 212 | public void onSuccess(FlowRuleOperations ops) { |
| 213 | pass(fwd); |
| 214 | } |
| 215 | |
| 216 | @Override |
| 217 | public void onError(FlowRuleOperations ops) { |
| 218 | fail(fwd, ObjectiveError.FLOWINSTALLATIONFAILED); |
| 219 | } |
| 220 | })); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 221 | } |
| 222 | |
| 223 | @Override |
| 224 | public void next(NextObjective nextObjective) { |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 225 | NextGroup nextGroup = flowObjectiveStore.getNextGroup(nextObjective.id()); |
| 226 | switch (nextObjective.op()) { |
| 227 | case ADD: |
Saurav Das | 4f98008 | 2015-11-05 13:39:15 -0800 | [diff] [blame] | 228 | if (nextGroup != null) { |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 229 | log.warn("Cannot add next {} that already exists in device {}", |
| 230 | nextObjective.id(), deviceId); |
| 231 | return; |
| 232 | } |
| 233 | log.debug("Processing NextObjective id{} in dev{} - add group", |
| 234 | nextObjective.id(), deviceId); |
Charles Chan | 425854b | 2016-04-11 15:32:12 -0700 | [diff] [blame] | 235 | groupHandler.addGroup(nextObjective); |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 236 | break; |
| 237 | case ADD_TO_EXISTING: |
| 238 | if (nextGroup != null) { |
| 239 | log.debug("Processing NextObjective id{} in dev{} - add bucket", |
| 240 | nextObjective.id(), deviceId); |
Charles Chan | 425854b | 2016-04-11 15:32:12 -0700 | [diff] [blame] | 241 | groupHandler.addBucketToGroup(nextObjective, nextGroup); |
Saurav Das | 4f98008 | 2015-11-05 13:39:15 -0800 | [diff] [blame] | 242 | } else { |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 243 | // it is possible that group-chain has not been fully created yet |
Saurav Das | 423fe2b | 2015-12-04 10:52:59 -0800 | [diff] [blame] | 244 | log.debug("Waiting to add bucket to group for next-id:{} in dev:{}", |
| 245 | nextObjective.id(), deviceId); |
| 246 | // by design only one pending bucket is allowed for the group |
Charles Chan | 425854b | 2016-04-11 15:32:12 -0700 | [diff] [blame] | 247 | groupHandler.pendingBuckets.put(nextObjective.id(), nextObjective); |
Saurav Das | 4f98008 | 2015-11-05 13:39:15 -0800 | [diff] [blame] | 248 | } |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 249 | break; |
| 250 | case REMOVE: |
| 251 | if (nextGroup == null) { |
| 252 | log.warn("Cannot remove next {} that does not exist in device {}", |
| 253 | nextObjective.id(), deviceId); |
| 254 | return; |
| 255 | } |
| 256 | log.debug("Processing NextObjective id{} in dev{} - remove group", |
| 257 | nextObjective.id(), deviceId); |
Charles Chan | 425854b | 2016-04-11 15:32:12 -0700 | [diff] [blame] | 258 | groupHandler.removeGroup(nextObjective, nextGroup); |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 259 | break; |
| 260 | case REMOVE_FROM_EXISTING: |
| 261 | if (nextGroup == null) { |
| 262 | log.warn("Cannot remove from next {} that does not exist in device {}", |
| 263 | nextObjective.id(), deviceId); |
| 264 | return; |
| 265 | } |
| 266 | log.debug("Processing NextObjective id{} in dev{} - remove bucket", |
| 267 | nextObjective.id(), deviceId); |
Charles Chan | 425854b | 2016-04-11 15:32:12 -0700 | [diff] [blame] | 268 | groupHandler.removeBucketFromGroup(nextObjective, nextGroup); |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 269 | break; |
| 270 | default: |
Saurav Das | 4f98008 | 2015-11-05 13:39:15 -0800 | [diff] [blame] | 271 | log.warn("Unsupported operation {}", nextObjective.op()); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 272 | } |
| 273 | } |
| 274 | |
| 275 | ////////////////////////////////////// |
| 276 | // Flow handling |
| 277 | ////////////////////////////////////// |
| 278 | |
| 279 | /** |
| 280 | * As per OFDPA 2.0 TTP, filtering of VLAN ids, MAC addresses (for routing) |
| 281 | * and IP addresses configured on switch ports happen in different tables. |
| 282 | * Note that IP filtering rules need to be added to the ACL table, as there |
| 283 | * is no mechanism to send to controller via IP table. |
| 284 | * |
| 285 | * @param filt the filtering objective |
| 286 | * @param install indicates whether to add or remove the objective |
| 287 | * @param applicationId the application that sent this objective |
| 288 | */ |
Saurav Das | 5202596 | 2016-01-28 22:30:01 -0800 | [diff] [blame] | 289 | protected void processFilter(FilteringObjective filt, |
| 290 | boolean install, ApplicationId applicationId) { |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 291 | // This driver only processes filtering criteria defined with switch |
| 292 | // ports as the key |
| 293 | PortCriterion portCriterion = null; |
| 294 | EthCriterion ethCriterion = null; |
| 295 | VlanIdCriterion vidCriterion = null; |
| 296 | Collection<IPCriterion> ips = new ArrayList<IPCriterion>(); |
| 297 | if (!filt.key().equals(Criteria.dummy()) && |
| 298 | filt.key().type() == Criterion.Type.IN_PORT) { |
| 299 | portCriterion = (PortCriterion) filt.key(); |
| 300 | } else { |
| 301 | log.warn("No key defined in filtering objective from app: {}. Not" |
| 302 | + "processing filtering objective", applicationId); |
Saurav Das | 59232cf | 2016-04-27 18:35:50 -0700 | [diff] [blame] | 303 | fail(filt, ObjectiveError.BADPARAMS); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 304 | return; |
| 305 | } |
Saurav Das | 59232cf | 2016-04-27 18:35:50 -0700 | [diff] [blame] | 306 | log.debug("Received filtering objective for dev/port: {}/{}", deviceId, |
| 307 | portCriterion.port()); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 308 | // convert filtering conditions for switch-intfs into flowrules |
| 309 | FlowRuleOperations.Builder ops = FlowRuleOperations.builder(); |
| 310 | for (Criterion criterion : filt.conditions()) { |
Charles Chan | 5b9df8d | 2016-03-28 22:21:40 -0700 | [diff] [blame] | 311 | if (criterion.type() == Criterion.Type.ETH_DST || |
| 312 | criterion.type() == Criterion.Type.ETH_DST_MASKED) { |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 313 | ethCriterion = (EthCriterion) criterion; |
| 314 | } else if (criterion.type() == Criterion.Type.VLAN_VID) { |
| 315 | vidCriterion = (VlanIdCriterion) criterion; |
| 316 | } else if (criterion.type() == Criterion.Type.IPV4_DST) { |
| 317 | ips.add((IPCriterion) criterion); |
| 318 | } else { |
| 319 | log.error("Unsupported filter {}", criterion); |
| 320 | fail(filt, ObjectiveError.UNSUPPORTED); |
| 321 | return; |
| 322 | } |
| 323 | } |
| 324 | |
Saurav Das | 0e99e2b | 2015-10-28 12:39:42 -0700 | [diff] [blame] | 325 | VlanId assignedVlan = null; |
Charles Chan | e849c19 | 2016-01-11 18:28:54 -0800 | [diff] [blame] | 326 | if (vidCriterion != null) { |
Charles Chan | d55e84d | 2016-03-30 17:54:24 -0700 | [diff] [blame] | 327 | // Use the VLAN in metadata whenever a metadata is provided |
| 328 | if (filt.meta() != null) { |
| 329 | assignedVlan = readVlanFromTreatment(filt.meta()); |
| 330 | // Use the VLAN in criterion if metadata is not present and the traffic is tagged |
| 331 | } else if (!vidCriterion.vlanId().equals(VlanId.NONE)) { |
Charles Chan | e849c19 | 2016-01-11 18:28:54 -0800 | [diff] [blame] | 332 | assignedVlan = vidCriterion.vlanId(); |
Charles Chan | d55e84d | 2016-03-30 17:54:24 -0700 | [diff] [blame] | 333 | } |
Charles Chan | e849c19 | 2016-01-11 18:28:54 -0800 | [diff] [blame] | 334 | |
Charles Chan | d55e84d | 2016-03-30 17:54:24 -0700 | [diff] [blame] | 335 | if (assignedVlan == null) { |
| 336 | log.error("Driver fails to extract VLAN information. " |
| 337 | + "Not proccessing VLAN filters on device {}.", deviceId); |
| 338 | log.debug("VLAN ID in criterion={}, metadata={}", |
| 339 | readVlanFromTreatment(filt.meta()), vidCriterion.vlanId()); |
| 340 | fail(filt, ObjectiveError.BADPARAMS); |
| 341 | return; |
Saurav Das | 0e99e2b | 2015-10-28 12:39:42 -0700 | [diff] [blame] | 342 | } |
| 343 | } |
| 344 | |
Charles Chan | e849c19 | 2016-01-11 18:28:54 -0800 | [diff] [blame] | 345 | if (ethCriterion == null || ethCriterion.mac().equals(MacAddress.NONE)) { |
Charles Chan | 985b12e | 2016-05-11 19:47:22 -0700 | [diff] [blame] | 346 | // NOTE: it is possible that a filtering objective only has vidCriterion |
| 347 | log.debug("filtering objective missing dstMac, cannot program TMAC table"); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 348 | } else { |
| 349 | for (FlowRule tmacRule : processEthDstFilter(portCriterion, ethCriterion, |
Saurav Das | 0e99e2b | 2015-10-28 12:39:42 -0700 | [diff] [blame] | 350 | vidCriterion, assignedVlan, |
| 351 | applicationId)) { |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 352 | log.debug("adding MAC filtering rules in TMAC table: {} for dev: {}", |
| 353 | tmacRule, deviceId); |
| 354 | ops = install ? ops.add(tmacRule) : ops.remove(tmacRule); |
| 355 | } |
| 356 | } |
| 357 | |
Charles Chan | 985b12e | 2016-05-11 19:47:22 -0700 | [diff] [blame] | 358 | if (vidCriterion == null) { |
| 359 | // NOTE: it is possible that a filtering objective only has ethCriterion |
| 360 | log.debug("filtering objective missing dstMac or VLAN, " |
Charles Chan | e849c19 | 2016-01-11 18:28:54 -0800 | [diff] [blame] | 361 | + "cannot program VLAN Table"); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 362 | } else { |
Charles Chan | 14967c2 | 2015-12-07 11:11:50 -0800 | [diff] [blame] | 363 | /* |
| 364 | * NOTE: Separate vlan filtering rules and assignment rules |
| 365 | * into different stage in order to guarantee that filtering rules |
Saurav Das | 5202596 | 2016-01-28 22:30:01 -0800 | [diff] [blame] | 366 | * always go first, as required by ofdpa. |
Charles Chan | 14967c2 | 2015-12-07 11:11:50 -0800 | [diff] [blame] | 367 | */ |
| 368 | List<FlowRule> allRules = processVlanIdFilter( |
| 369 | portCriterion, vidCriterion, assignedVlan, applicationId); |
| 370 | List<FlowRule> filteringRules = new ArrayList<>(); |
| 371 | List<FlowRule> assignmentRules = new ArrayList<>(); |
| 372 | |
| 373 | allRules.forEach(flowRule -> { |
| 374 | ExtensionCriterion extCriterion = |
| 375 | (ExtensionCriterion) flowRule.selector().getCriterion(Criterion.Type.EXTENSION); |
| 376 | VlanId vlanId = ((OfdpaMatchVlanVid) extCriterion.extensionSelector()).vlanId(); |
Charles Chan | be8aea4 | 2016-02-24 12:04:47 -0800 | [diff] [blame] | 377 | if (!vlanId.equals(VlanId.NONE)) { |
Charles Chan | 14967c2 | 2015-12-07 11:11:50 -0800 | [diff] [blame] | 378 | filteringRules.add(flowRule); |
| 379 | } else { |
| 380 | assignmentRules.add(flowRule); |
| 381 | } |
| 382 | }); |
| 383 | |
| 384 | for (FlowRule filteringRule : filteringRules) { |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 385 | log.debug("adding VLAN filtering rule in VLAN table: {} for dev: {}", |
Charles Chan | 14967c2 | 2015-12-07 11:11:50 -0800 | [diff] [blame] | 386 | filteringRule, deviceId); |
| 387 | ops = install ? ops.add(filteringRule) : ops.remove(filteringRule); |
| 388 | } |
| 389 | |
| 390 | ops.newStage(); |
| 391 | |
| 392 | for (FlowRule assignmentRule : assignmentRules) { |
| 393 | log.debug("adding VLAN assignment rule in VLAN table: {} for dev: {}", |
| 394 | assignmentRule, deviceId); |
| 395 | ops = install ? ops.add(assignmentRule) : ops.remove(assignmentRule); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 396 | } |
| 397 | } |
| 398 | |
| 399 | for (IPCriterion ipaddr : ips) { |
| 400 | // since we ignore port information for IP rules, and the same (gateway) IP |
| 401 | // can be configured on multiple ports, we make sure that we send |
| 402 | // only a single rule to the switch. |
| 403 | if (!sentIpFilters.contains(ipaddr)) { |
| 404 | sentIpFilters.add(ipaddr); |
| 405 | log.debug("adding IP filtering rules in ACL table {} for dev: {}", |
| 406 | ipaddr, deviceId); |
| 407 | TrafficSelector.Builder selector = DefaultTrafficSelector.builder(); |
| 408 | TrafficTreatment.Builder treatment = DefaultTrafficTreatment.builder(); |
| 409 | selector.matchEthType(Ethernet.TYPE_IPV4); |
| 410 | selector.matchIPDst(ipaddr.ip()); |
| 411 | treatment.setOutput(PortNumber.CONTROLLER); |
| 412 | FlowRule rule = DefaultFlowRule.builder() |
| 413 | .forDevice(deviceId) |
| 414 | .withSelector(selector.build()) |
| 415 | .withTreatment(treatment.build()) |
| 416 | .withPriority(HIGHEST_PRIORITY) |
| 417 | .fromApp(applicationId) |
| 418 | .makePermanent() |
| 419 | .forTable(ACL_TABLE).build(); |
| 420 | ops = install ? ops.add(rule) : ops.remove(rule); |
| 421 | } |
| 422 | } |
| 423 | |
| 424 | // apply filtering flow rules |
| 425 | flowRuleService.apply(ops.build(new FlowRuleOperationsContext() { |
| 426 | @Override |
| 427 | public void onSuccess(FlowRuleOperations ops) { |
| 428 | log.info("Applied {} filtering rules in device {}", |
| 429 | ops.stages().get(0).size(), deviceId); |
| 430 | pass(filt); |
| 431 | } |
| 432 | |
| 433 | @Override |
| 434 | public void onError(FlowRuleOperations ops) { |
| 435 | log.info("Failed to apply all filtering rules in dev {}", deviceId); |
| 436 | fail(filt, ObjectiveError.FLOWINSTALLATIONFAILED); |
| 437 | } |
| 438 | })); |
| 439 | |
| 440 | } |
| 441 | |
| 442 | /** |
| 443 | * Allows untagged packets into pipeline by assigning a vlan id. |
Saurav Das | 0e99e2b | 2015-10-28 12:39:42 -0700 | [diff] [blame] | 444 | * Vlan assignment is done by the application. |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 445 | * Allows tagged packets into pipeline as per configured port-vlan info. |
Saurav Das | 0e99e2b | 2015-10-28 12:39:42 -0700 | [diff] [blame] | 446 | * |
Charles Chan | f9e9865 | 2016-09-07 16:54:23 -0700 | [diff] [blame] | 447 | * @param portCriterion port on device for which this filter is programmed |
| 448 | * @param vidCriterion vlan assigned to port, or NONE for untagged |
| 449 | * @param assignedVlan assigned vlan-id for untagged packets |
| 450 | * @param applicationId for application programming this filter |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 451 | * @return list of FlowRule for port-vlan filters |
| 452 | */ |
| 453 | protected List<FlowRule> processVlanIdFilter(PortCriterion portCriterion, |
| 454 | VlanIdCriterion vidCriterion, |
Saurav Das | 0e99e2b | 2015-10-28 12:39:42 -0700 | [diff] [blame] | 455 | VlanId assignedVlan, |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 456 | ApplicationId applicationId) { |
Charles Chan | f9e9865 | 2016-09-07 16:54:23 -0700 | [diff] [blame] | 457 | return processVlanIdFilterInternal(portCriterion, vidCriterion, assignedVlan, |
| 458 | applicationId, true); |
| 459 | } |
| 460 | |
| 461 | /** |
| 462 | * Internal implementation of processVlanIdFilter. |
| 463 | * <p> |
| 464 | * The is_present bit in set_vlan_vid action is required to be 0 in OFDPA i12. |
| 465 | * Since it is non-OF spec, we need an extension treatment for that. |
| 466 | * The useSetVlanExtension must be set to false for OFDPA i12. |
| 467 | * </p> |
| 468 | * |
| 469 | * @param portCriterion port on device for which this filter is programmed |
| 470 | * @param vidCriterion vlan assigned to port, or NONE for untagged |
| 471 | * @param assignedVlan assigned vlan-id for untagged packets |
| 472 | * @param applicationId for application programming this filter |
| 473 | * @param useSetVlanExtension use the setVlanVid extension that has is_present bit set to 0. |
| 474 | * @return list of FlowRule for port-vlan filters |
| 475 | */ |
| 476 | protected List<FlowRule> processVlanIdFilterInternal(PortCriterion portCriterion, |
| 477 | VlanIdCriterion vidCriterion, |
| 478 | VlanId assignedVlan, |
| 479 | ApplicationId applicationId, |
| 480 | boolean useSetVlanExtension) { |
Charles Chan | 14967c2 | 2015-12-07 11:11:50 -0800 | [diff] [blame] | 481 | List<FlowRule> rules = new ArrayList<>(); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 482 | TrafficSelector.Builder selector = DefaultTrafficSelector.builder(); |
| 483 | TrafficTreatment.Builder treatment = DefaultTrafficTreatment.builder(); |
Charles Chan | 14967c2 | 2015-12-07 11:11:50 -0800 | [diff] [blame] | 484 | TrafficSelector.Builder preSelector = null; |
| 485 | TrafficTreatment.Builder preTreatment = null; |
| 486 | |
Saurav Das | 4f98008 | 2015-11-05 13:39:15 -0800 | [diff] [blame] | 487 | treatment.transition(TMAC_TABLE); |
| 488 | |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 489 | if (vidCriterion.vlanId() == VlanId.NONE) { |
| 490 | // untagged packets are assigned vlans |
Charles Chan | be8aea4 | 2016-02-24 12:04:47 -0800 | [diff] [blame] | 491 | OfdpaMatchVlanVid ofdpaMatchVlanVid = new OfdpaMatchVlanVid(VlanId.NONE); |
Charles Chan | 14967c2 | 2015-12-07 11:11:50 -0800 | [diff] [blame] | 492 | selector.extension(ofdpaMatchVlanVid, deviceId); |
Charles Chan | f9e9865 | 2016-09-07 16:54:23 -0700 | [diff] [blame] | 493 | if (useSetVlanExtension) { |
| 494 | OfdpaSetVlanVid ofdpaSetVlanVid = new OfdpaSetVlanVid(assignedVlan); |
| 495 | treatment.extension(ofdpaSetVlanVid, deviceId); |
| 496 | } else { |
| 497 | treatment.setVlanId(assignedVlan); |
| 498 | } |
Charles Chan | 14967c2 | 2015-12-07 11:11:50 -0800 | [diff] [blame] | 499 | |
| 500 | preSelector = DefaultTrafficSelector.builder(); |
| 501 | OfdpaMatchVlanVid preOfdpaMatchVlanVid = new OfdpaMatchVlanVid(assignedVlan); |
| 502 | preSelector.extension(preOfdpaMatchVlanVid, deviceId); |
| 503 | preTreatment = DefaultTrafficTreatment.builder().transition(TMAC_TABLE); |
| 504 | |
Saurav Das | 4f98008 | 2015-11-05 13:39:15 -0800 | [diff] [blame] | 505 | } else { |
Charles Chan | 14967c2 | 2015-12-07 11:11:50 -0800 | [diff] [blame] | 506 | OfdpaMatchVlanVid ofdpaMatchVlanVid = new OfdpaMatchVlanVid(vidCriterion.vlanId()); |
| 507 | selector.extension(ofdpaMatchVlanVid, deviceId); |
Charles Chan | d55e84d | 2016-03-30 17:54:24 -0700 | [diff] [blame] | 508 | |
| 509 | if (!assignedVlan.equals(vidCriterion.vlanId())) { |
| 510 | OfdpaSetVlanVid ofdpaSetVlanVid = new OfdpaSetVlanVid(assignedVlan); |
| 511 | treatment.extension(ofdpaSetVlanVid, deviceId); |
| 512 | } |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 513 | } |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 514 | |
| 515 | // ofdpa cannot match on ALL portnumber, so we need to use separate |
| 516 | // rules for each port. |
Charles Chan | 14967c2 | 2015-12-07 11:11:50 -0800 | [diff] [blame] | 517 | List<PortNumber> portnums = new ArrayList<>(); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 518 | if (portCriterion.port() == PortNumber.ALL) { |
| 519 | for (Port port : deviceService.getPorts(deviceId)) { |
| 520 | if (port.number().toLong() > 0 && port.number().toLong() < OFPP_MAX) { |
| 521 | portnums.add(port.number()); |
| 522 | } |
| 523 | } |
| 524 | } else { |
| 525 | portnums.add(portCriterion.port()); |
| 526 | } |
Saurav Das | 4f98008 | 2015-11-05 13:39:15 -0800 | [diff] [blame] | 527 | |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 528 | for (PortNumber pnum : portnums) { |
Saurav Das | 4f98008 | 2015-11-05 13:39:15 -0800 | [diff] [blame] | 529 | // create rest of flowrule |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 530 | selector.matchInPort(pnum); |
| 531 | FlowRule rule = DefaultFlowRule.builder() |
| 532 | .forDevice(deviceId) |
| 533 | .withSelector(selector.build()) |
| 534 | .withTreatment(treatment.build()) |
| 535 | .withPriority(DEFAULT_PRIORITY) |
| 536 | .fromApp(applicationId) |
| 537 | .makePermanent() |
| 538 | .forTable(VLAN_TABLE).build(); |
Charles Chan | 14967c2 | 2015-12-07 11:11:50 -0800 | [diff] [blame] | 539 | |
| 540 | if (preSelector != null) { |
| 541 | preSelector.matchInPort(pnum); |
| 542 | FlowRule preRule = DefaultFlowRule.builder() |
| 543 | .forDevice(deviceId) |
| 544 | .withSelector(preSelector.build()) |
| 545 | .withTreatment(preTreatment.build()) |
| 546 | .withPriority(DEFAULT_PRIORITY) |
| 547 | .fromApp(applicationId) |
| 548 | .makePermanent() |
| 549 | .forTable(VLAN_TABLE).build(); |
| 550 | rules.add(preRule); |
| 551 | } |
| 552 | |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 553 | rules.add(rule); |
| 554 | } |
| 555 | return rules; |
| 556 | } |
| 557 | |
| 558 | /** |
| 559 | * Allows routed packets with correct destination MAC to be directed |
| 560 | * to unicast-IP routing table or MPLS forwarding table. |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 561 | * |
| 562 | * @param portCriterion port on device for which this filter is programmed |
| 563 | * @param ethCriterion dstMac of device for which is filter is programmed |
| 564 | * @param vidCriterion vlan assigned to port, or NONE for untagged |
Saurav Das | 0e99e2b | 2015-10-28 12:39:42 -0700 | [diff] [blame] | 565 | * @param assignedVlan assigned vlan-id for untagged packets |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 566 | * @param applicationId for application programming this filter |
| 567 | * @return list of FlowRule for port-vlan filters |
| 568 | |
| 569 | */ |
| 570 | protected List<FlowRule> processEthDstFilter(PortCriterion portCriterion, |
| 571 | EthCriterion ethCriterion, |
| 572 | VlanIdCriterion vidCriterion, |
Saurav Das | 0e99e2b | 2015-10-28 12:39:42 -0700 | [diff] [blame] | 573 | VlanId assignedVlan, |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 574 | ApplicationId applicationId) { |
Charles Chan | 5270ed0 | 2016-01-30 23:22:37 -0800 | [diff] [blame] | 575 | // Consider PortNumber.ANY as wildcard. Match ETH_DST only |
| 576 | if (portCriterion != null && portCriterion.port() == PortNumber.ANY) { |
| 577 | return processEthDstOnlyFilter(ethCriterion, applicationId); |
| 578 | } |
| 579 | |
Charles Chan | 5b9df8d | 2016-03-28 22:21:40 -0700 | [diff] [blame] | 580 | // Multicast MAC |
| 581 | if (ethCriterion.mask() != null) { |
| 582 | return processMcastEthDstFilter(ethCriterion, applicationId); |
| 583 | } |
| 584 | |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 585 | //handling untagged packets via assigned VLAN |
| 586 | if (vidCriterion.vlanId() == VlanId.NONE) { |
Saurav Das | 0e99e2b | 2015-10-28 12:39:42 -0700 | [diff] [blame] | 587 | vidCriterion = (VlanIdCriterion) Criteria.matchVlanId(assignedVlan); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 588 | } |
| 589 | // ofdpa cannot match on ALL portnumber, so we need to use separate |
| 590 | // rules for each port. |
| 591 | List<PortNumber> portnums = new ArrayList<PortNumber>(); |
| 592 | if (portCriterion.port() == PortNumber.ALL) { |
| 593 | for (Port port : deviceService.getPorts(deviceId)) { |
| 594 | if (port.number().toLong() > 0 && port.number().toLong() < OFPP_MAX) { |
| 595 | portnums.add(port.number()); |
| 596 | } |
| 597 | } |
| 598 | } else { |
| 599 | portnums.add(portCriterion.port()); |
| 600 | } |
| 601 | |
| 602 | List<FlowRule> rules = new ArrayList<FlowRule>(); |
| 603 | for (PortNumber pnum : portnums) { |
Charles Chan | 14967c2 | 2015-12-07 11:11:50 -0800 | [diff] [blame] | 604 | OfdpaMatchVlanVid ofdpaMatchVlanVid = new OfdpaMatchVlanVid(vidCriterion.vlanId()); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 605 | // for unicast IP packets |
| 606 | TrafficSelector.Builder selector = DefaultTrafficSelector.builder(); |
| 607 | TrafficTreatment.Builder treatment = DefaultTrafficTreatment.builder(); |
| 608 | selector.matchInPort(pnum); |
Charles Chan | 14967c2 | 2015-12-07 11:11:50 -0800 | [diff] [blame] | 609 | selector.extension(ofdpaMatchVlanVid, deviceId); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 610 | selector.matchEthType(Ethernet.TYPE_IPV4); |
| 611 | selector.matchEthDst(ethCriterion.mac()); |
| 612 | treatment.transition(UNICAST_ROUTING_TABLE); |
| 613 | FlowRule rule = DefaultFlowRule.builder() |
| 614 | .forDevice(deviceId) |
| 615 | .withSelector(selector.build()) |
| 616 | .withTreatment(treatment.build()) |
| 617 | .withPriority(DEFAULT_PRIORITY) |
| 618 | .fromApp(applicationId) |
| 619 | .makePermanent() |
| 620 | .forTable(TMAC_TABLE).build(); |
| 621 | rules.add(rule); |
| 622 | //for MPLS packets |
| 623 | selector = DefaultTrafficSelector.builder(); |
| 624 | treatment = DefaultTrafficTreatment.builder(); |
| 625 | selector.matchInPort(pnum); |
Charles Chan | 14967c2 | 2015-12-07 11:11:50 -0800 | [diff] [blame] | 626 | selector.extension(ofdpaMatchVlanVid, deviceId); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 627 | selector.matchEthType(Ethernet.MPLS_UNICAST); |
| 628 | selector.matchEthDst(ethCriterion.mac()); |
| 629 | treatment.transition(MPLS_TABLE_0); |
| 630 | rule = DefaultFlowRule.builder() |
| 631 | .forDevice(deviceId) |
| 632 | .withSelector(selector.build()) |
| 633 | .withTreatment(treatment.build()) |
| 634 | .withPriority(DEFAULT_PRIORITY) |
| 635 | .fromApp(applicationId) |
| 636 | .makePermanent() |
| 637 | .forTable(TMAC_TABLE).build(); |
| 638 | rules.add(rule); |
| 639 | } |
| 640 | return rules; |
| 641 | } |
| 642 | |
Charles Chan | 5270ed0 | 2016-01-30 23:22:37 -0800 | [diff] [blame] | 643 | protected List<FlowRule> processEthDstOnlyFilter(EthCriterion ethCriterion, |
| 644 | ApplicationId applicationId) { |
| 645 | TrafficSelector.Builder selector = DefaultTrafficSelector.builder(); |
| 646 | TrafficTreatment.Builder treatment = DefaultTrafficTreatment.builder(); |
| 647 | selector.matchEthType(Ethernet.TYPE_IPV4); |
| 648 | selector.matchEthDst(ethCriterion.mac()); |
| 649 | treatment.transition(UNICAST_ROUTING_TABLE); |
| 650 | FlowRule rule = DefaultFlowRule.builder() |
| 651 | .forDevice(deviceId) |
| 652 | .withSelector(selector.build()) |
| 653 | .withTreatment(treatment.build()) |
| 654 | .withPriority(DEFAULT_PRIORITY) |
| 655 | .fromApp(applicationId) |
| 656 | .makePermanent() |
| 657 | .forTable(TMAC_TABLE).build(); |
| 658 | return ImmutableList.<FlowRule>builder().add(rule).build(); |
| 659 | } |
| 660 | |
Charles Chan | 5b9df8d | 2016-03-28 22:21:40 -0700 | [diff] [blame] | 661 | protected List<FlowRule> processMcastEthDstFilter(EthCriterion ethCriterion, |
| 662 | ApplicationId applicationId) { |
| 663 | TrafficSelector.Builder selector = DefaultTrafficSelector.builder(); |
| 664 | TrafficTreatment.Builder treatment = DefaultTrafficTreatment.builder(); |
| 665 | selector.matchEthType(Ethernet.TYPE_IPV4); |
| 666 | selector.matchEthDstMasked(ethCriterion.mac(), ethCriterion.mask()); |
| 667 | treatment.transition(MULTICAST_ROUTING_TABLE); |
| 668 | FlowRule rule = DefaultFlowRule.builder() |
| 669 | .forDevice(deviceId) |
| 670 | .withSelector(selector.build()) |
| 671 | .withTreatment(treatment.build()) |
| 672 | .withPriority(DEFAULT_PRIORITY) |
| 673 | .fromApp(applicationId) |
| 674 | .makePermanent() |
| 675 | .forTable(TMAC_TABLE).build(); |
| 676 | return ImmutableList.<FlowRule>builder().add(rule).build(); |
| 677 | } |
| 678 | |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 679 | private Collection<FlowRule> processForward(ForwardingObjective fwd) { |
| 680 | switch (fwd.flag()) { |
| 681 | case SPECIFIC: |
| 682 | return processSpecific(fwd); |
| 683 | case VERSATILE: |
| 684 | return processVersatile(fwd); |
| 685 | default: |
| 686 | fail(fwd, ObjectiveError.UNKNOWN); |
| 687 | log.warn("Unknown forwarding flag {}", fwd.flag()); |
| 688 | } |
| 689 | return Collections.emptySet(); |
| 690 | } |
| 691 | |
| 692 | /** |
| 693 | * In the OF-DPA 2.0 pipeline, versatile forwarding objectives go to the |
| 694 | * ACL table. |
| 695 | * @param fwd the forwarding objective of type 'versatile' |
| 696 | * @return a collection of flow rules to be sent to the switch. An empty |
| 697 | * collection may be returned if there is a problem in processing |
| 698 | * the flow rule |
| 699 | */ |
Saurav Das | 5202596 | 2016-01-28 22:30:01 -0800 | [diff] [blame] | 700 | protected Collection<FlowRule> processVersatile(ForwardingObjective fwd) { |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 701 | log.info("Processing versatile forwarding objective"); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 702 | |
| 703 | EthTypeCriterion ethType = |
Saurav Das | 77b5e90 | 2016-01-27 17:01:59 -0800 | [diff] [blame] | 704 | (EthTypeCriterion) fwd.selector().getCriterion(Criterion.Type.ETH_TYPE); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 705 | if (ethType == null) { |
| 706 | log.error("Versatile forwarding objective must include ethType"); |
| 707 | fail(fwd, ObjectiveError.BADPARAMS); |
| 708 | return Collections.emptySet(); |
| 709 | } |
| 710 | if (fwd.nextId() == null && fwd.treatment() == null) { |
| 711 | log.error("Forwarding objective {} from {} must contain " |
| 712 | + "nextId or Treatment", fwd.selector(), fwd.appId()); |
Zsolt Haraszti | 9faab75 | 2016-02-17 15:55:20 -0800 | [diff] [blame] | 713 | fail(fwd, ObjectiveError.BADPARAMS); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 714 | return Collections.emptySet(); |
| 715 | } |
Saurav Das | 49cb5a1 | 2016-01-16 22:54:07 -0800 | [diff] [blame] | 716 | |
Saurav Das | 77b5e90 | 2016-01-27 17:01:59 -0800 | [diff] [blame] | 717 | TrafficSelector.Builder sbuilder = DefaultTrafficSelector.builder(); |
| 718 | fwd.selector().criteria().forEach(criterion -> { |
| 719 | if (criterion instanceof VlanIdCriterion) { |
| 720 | VlanId vlanId = ((VlanIdCriterion) criterion).vlanId(); |
| 721 | // ensure that match does not include vlan = NONE as OF-DPA does not |
| 722 | // match untagged packets this way in the ACL table. |
| 723 | if (vlanId.equals(VlanId.NONE)) { |
| 724 | return; |
| 725 | } |
| 726 | OfdpaMatchVlanVid ofdpaMatchVlanVid = |
| 727 | new OfdpaMatchVlanVid(vlanId); |
| 728 | sbuilder.extension(ofdpaMatchVlanVid, deviceId); |
| 729 | } else { |
| 730 | sbuilder.add(criterion); |
| 731 | } |
| 732 | }); |
| 733 | |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 734 | // XXX driver does not currently do type checking as per Tables 65-67 in |
| 735 | // OFDPA 2.0 spec. The only allowed treatment is a punt to the controller. |
Saurav Das | 49cb5a1 | 2016-01-16 22:54:07 -0800 | [diff] [blame] | 736 | TrafficTreatment.Builder ttBuilder = DefaultTrafficTreatment.builder(); |
| 737 | if (fwd.treatment() != null) { |
| 738 | for (Instruction ins : fwd.treatment().allInstructions()) { |
| 739 | if (ins instanceof OutputInstruction) { |
| 740 | OutputInstruction o = (OutputInstruction) ins; |
| 741 | if (o.port() == PortNumber.CONTROLLER) { |
| 742 | ttBuilder.add(o); |
| 743 | } else { |
| 744 | log.warn("Only allowed treatments in versatile forwarding " |
| 745 | + "objectives are punts to the controller"); |
| 746 | } |
| 747 | } else { |
| 748 | log.warn("Cannot process instruction in versatile fwd {}", ins); |
| 749 | } |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 750 | } |
| 751 | } |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 752 | if (fwd.nextId() != null) { |
Saurav Das | 49cb5a1 | 2016-01-16 22:54:07 -0800 | [diff] [blame] | 753 | // overide case |
| 754 | NextGroup next = getGroupForNextObjective(fwd.nextId()); |
| 755 | List<Deque<GroupKey>> gkeys = appKryo.deserialize(next.data()); |
| 756 | // we only need the top level group's key to point the flow to it |
| 757 | Group group = groupService.getGroup(deviceId, gkeys.get(0).peekFirst()); |
| 758 | if (group == null) { |
| 759 | log.warn("Group with key:{} for next-id:{} not found in dev:{}", |
| 760 | gkeys.get(0).peekFirst(), fwd.nextId(), deviceId); |
| 761 | fail(fwd, ObjectiveError.GROUPMISSING); |
| 762 | return Collections.emptySet(); |
| 763 | } |
| 764 | ttBuilder.deferred().group(group.id()); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 765 | } |
Saurav Das | 49cb5a1 | 2016-01-16 22:54:07 -0800 | [diff] [blame] | 766 | |
| 767 | FlowRule.Builder ruleBuilder = DefaultFlowRule.builder() |
| 768 | .fromApp(fwd.appId()) |
| 769 | .withPriority(fwd.priority()) |
| 770 | .forDevice(deviceId) |
Saurav Das | 77b5e90 | 2016-01-27 17:01:59 -0800 | [diff] [blame] | 771 | .withSelector(sbuilder.build()) |
Saurav Das | 49cb5a1 | 2016-01-16 22:54:07 -0800 | [diff] [blame] | 772 | .withTreatment(ttBuilder.build()) |
| 773 | .makePermanent() |
| 774 | .forTable(ACL_TABLE); |
| 775 | return Collections.singletonList(ruleBuilder.build()); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 776 | } |
| 777 | |
| 778 | /** |
| 779 | * In the OF-DPA 2.0 pipeline, specific forwarding refers to the IP table |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 780 | * (unicast or multicast) or the L2 table (mac + vlan) or the MPLS table. |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 781 | * |
| 782 | * @param fwd the forwarding objective of type 'specific' |
| 783 | * @return a collection of flow rules. Typically there will be only one |
| 784 | * for this type of forwarding objective. An empty set may be |
| 785 | * returned if there is an issue in processing the objective. |
| 786 | */ |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 787 | protected Collection<FlowRule> processSpecific(ForwardingObjective fwd) { |
Saurav Das | 2519081 | 2016-05-27 13:54:07 -0700 | [diff] [blame] | 788 | log.debug("Processing specific fwd objective:{} in dev:{} with next:{}", |
Saurav Das | 4ce4596 | 2015-11-24 23:21:05 -0800 | [diff] [blame] | 789 | fwd.id(), deviceId, fwd.nextId()); |
| 790 | boolean isEthTypeObj = isSupportedEthTypeObjective(fwd); |
| 791 | boolean isEthDstObj = isSupportedEthDstObjective(fwd); |
| 792 | |
| 793 | if (isEthTypeObj) { |
| 794 | return processEthTypeSpecific(fwd); |
| 795 | } else if (isEthDstObj) { |
| 796 | return processEthDstSpecific(fwd); |
| 797 | } else { |
| 798 | log.warn("processSpecific: Unsupported forwarding objective " |
| 799 | + "criteria fwd:{} in dev:{}", fwd.nextId(), deviceId); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 800 | fail(fwd, ObjectiveError.UNSUPPORTED); |
| 801 | return Collections.emptySet(); |
| 802 | } |
Saurav Das | 4ce4596 | 2015-11-24 23:21:05 -0800 | [diff] [blame] | 803 | } |
| 804 | |
| 805 | private boolean isSupportedEthTypeObjective(ForwardingObjective fwd) { |
| 806 | TrafficSelector selector = fwd.selector(); |
| 807 | EthTypeCriterion ethType = (EthTypeCriterion) selector |
| 808 | .getCriterion(Criterion.Type.ETH_TYPE); |
Charles Chan | 188ebf5 | 2015-12-23 00:15:11 -0800 | [diff] [blame] | 809 | return !((ethType == null) || |
Saurav Das | 4ce4596 | 2015-11-24 23:21:05 -0800 | [diff] [blame] | 810 | ((ethType.ethType().toShort() != Ethernet.TYPE_IPV4) && |
Charles Chan | 188ebf5 | 2015-12-23 00:15:11 -0800 | [diff] [blame] | 811 | (ethType.ethType().toShort() != Ethernet.MPLS_UNICAST))); |
Saurav Das | 4ce4596 | 2015-11-24 23:21:05 -0800 | [diff] [blame] | 812 | } |
| 813 | |
| 814 | private boolean isSupportedEthDstObjective(ForwardingObjective fwd) { |
| 815 | TrafficSelector selector = fwd.selector(); |
| 816 | EthCriterion ethDst = (EthCriterion) selector |
| 817 | .getCriterion(Criterion.Type.ETH_DST); |
| 818 | VlanIdCriterion vlanId = (VlanIdCriterion) selector |
| 819 | .getCriterion(Criterion.Type.VLAN_VID); |
Charles Chan | 188ebf5 | 2015-12-23 00:15:11 -0800 | [diff] [blame] | 820 | return !(ethDst == null && vlanId == null); |
Saurav Das | 4ce4596 | 2015-11-24 23:21:05 -0800 | [diff] [blame] | 821 | } |
| 822 | |
| 823 | /** |
| 824 | * Handles forwarding rules to the IP and MPLS tables. |
| 825 | * |
| 826 | * @param fwd the forwarding objective |
| 827 | * @return A collection of flow rules, or an empty set |
| 828 | */ |
| 829 | protected Collection<FlowRule> processEthTypeSpecific(ForwardingObjective fwd) { |
Charles Chan | cad338a | 2016-09-16 18:03:11 -0700 | [diff] [blame^] | 830 | return processEthTypeSpecificInternal(fwd, false, ACL_TABLE); |
Charles Chan | f9e9865 | 2016-09-07 16:54:23 -0700 | [diff] [blame] | 831 | } |
| 832 | |
| 833 | /** |
| 834 | * Internal implementation of processEthTypeSpecific. |
| 835 | * <p> |
| 836 | * Wildcarded IPv4_DST is not supported in OFDPA i12. Therefore, we break |
| 837 | * the rule into 0.0.0.0/1 and 128.0.0.0/1. |
| 838 | * The allowDefaultRoute must be set to false for OFDPA i12. |
| 839 | * </p> |
| 840 | * |
| 841 | * @param fwd the forwarding objective |
| 842 | * @param allowDefaultRoute allow wildcarded IPv4_DST or not |
| 843 | * @return A collection of flow rules, or an empty set |
| 844 | */ |
| 845 | protected Collection<FlowRule> processEthTypeSpecificInternal(ForwardingObjective fwd, |
Charles Chan | cad338a | 2016-09-16 18:03:11 -0700 | [diff] [blame^] | 846 | boolean allowDefaultRoute, |
| 847 | int mplsNextTable) { |
Saurav Das | 4ce4596 | 2015-11-24 23:21:05 -0800 | [diff] [blame] | 848 | TrafficSelector selector = fwd.selector(); |
| 849 | EthTypeCriterion ethType = |
| 850 | (EthTypeCriterion) selector.getCriterion(Criterion.Type.ETH_TYPE); |
Flavio Castro | e10fa24 | 2016-01-15 12:43:51 -0800 | [diff] [blame] | 851 | boolean defaultRule = false; |
| 852 | boolean popMpls = false; |
Charles Chan | 188ebf5 | 2015-12-23 00:15:11 -0800 | [diff] [blame] | 853 | int forTableId; |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 854 | TrafficSelector.Builder filteredSelector = DefaultTrafficSelector.builder(); |
Charles Chan | 14967c2 | 2015-12-07 11:11:50 -0800 | [diff] [blame] | 855 | TrafficTreatment.Builder tb = DefaultTrafficTreatment.builder(); |
Flavio Castro | e10fa24 | 2016-01-15 12:43:51 -0800 | [diff] [blame] | 856 | TrafficSelector.Builder complementarySelector = DefaultTrafficSelector.builder(); |
Charles Chan | 14967c2 | 2015-12-07 11:11:50 -0800 | [diff] [blame] | 857 | |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 858 | if (ethType.ethType().toShort() == Ethernet.TYPE_IPV4) { |
Flavio Castro | e10fa24 | 2016-01-15 12:43:51 -0800 | [diff] [blame] | 859 | IpPrefix ipv4Dst = ((IPCriterion) selector.getCriterion(Criterion.Type.IPV4_DST)).ip(); |
Charles Chan | 5b9df8d | 2016-03-28 22:21:40 -0700 | [diff] [blame] | 860 | if (ipv4Dst.isMulticast()) { |
| 861 | if (ipv4Dst.prefixLength() != 32) { |
| 862 | log.warn("Multicast specific forwarding objective can only be /32"); |
| 863 | fail(fwd, ObjectiveError.BADPARAMS); |
| 864 | return ImmutableSet.of(); |
| 865 | } |
| 866 | VlanId assignedVlan = readVlanFromSelector(fwd.meta()); |
| 867 | if (assignedVlan == null) { |
| 868 | log.warn("VLAN ID required by multicast specific fwd obj is missing. Abort."); |
| 869 | fail(fwd, ObjectiveError.BADPARAMS); |
| 870 | return ImmutableSet.of(); |
| 871 | } |
| 872 | OfdpaMatchVlanVid ofdpaMatchVlanVid = new OfdpaMatchVlanVid(assignedVlan); |
| 873 | filteredSelector.extension(ofdpaMatchVlanVid, deviceId); |
| 874 | filteredSelector.matchEthType(Ethernet.TYPE_IPV4).matchIPDst(ipv4Dst); |
| 875 | forTableId = MULTICAST_ROUTING_TABLE; |
| 876 | log.debug("processing IPv4 multicast specific forwarding objective {} -> next:{}" |
| 877 | + " in dev:{}", fwd.id(), fwd.nextId(), deviceId); |
Flavio Castro | e10fa24 | 2016-01-15 12:43:51 -0800 | [diff] [blame] | 878 | } else { |
Charles Chan | f9e9865 | 2016-09-07 16:54:23 -0700 | [diff] [blame] | 879 | if (ipv4Dst.prefixLength() == 0) { |
| 880 | if (allowDefaultRoute) { |
| 881 | // The entire IPV4_DST field is wildcarded intentionally |
| 882 | filteredSelector.matchEthType(Ethernet.TYPE_IPV4); |
| 883 | } else { |
| 884 | /* |
| 885 | * NOTE: The switch does not support matching 0.0.0.0/0 |
| 886 | * Split it into 0.0.0.0/1 and 128.0.0.0/1 |
| 887 | */ |
| 888 | filteredSelector.matchEthType(Ethernet.TYPE_IPV4) |
| 889 | .matchIPDst(IpPrefix.valueOf("0.0.0.0/1")); |
| 890 | complementarySelector.matchEthType(Ethernet.TYPE_IPV4) |
| 891 | .matchIPDst(IpPrefix.valueOf("128.0.0.0/1")); |
| 892 | defaultRule = true; |
| 893 | } |
Charles Chan | 5b9df8d | 2016-03-28 22:21:40 -0700 | [diff] [blame] | 894 | } else { |
Charles Chan | f9e9865 | 2016-09-07 16:54:23 -0700 | [diff] [blame] | 895 | filteredSelector.matchEthType(Ethernet.TYPE_IPV4).matchIPDst(ipv4Dst); |
Charles Chan | 5b9df8d | 2016-03-28 22:21:40 -0700 | [diff] [blame] | 896 | } |
| 897 | forTableId = UNICAST_ROUTING_TABLE; |
| 898 | log.debug("processing IPv4 unicast specific forwarding objective {} -> next:{}" |
| 899 | + " in dev:{}", fwd.id(), fwd.nextId(), deviceId); |
Flavio Castro | e10fa24 | 2016-01-15 12:43:51 -0800 | [diff] [blame] | 900 | } |
Charles Chan | 14967c2 | 2015-12-07 11:11:50 -0800 | [diff] [blame] | 901 | |
| 902 | if (fwd.treatment() != null) { |
| 903 | for (Instruction instr : fwd.treatment().allInstructions()) { |
| 904 | if (instr instanceof L3ModificationInstruction && |
| 905 | ((L3ModificationInstruction) instr).subtype() == L3SubType.DEC_TTL) { |
| 906 | tb.deferred().add(instr); |
| 907 | } |
| 908 | } |
| 909 | } |
| 910 | |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 911 | } else { |
| 912 | filteredSelector |
| 913 | .matchEthType(Ethernet.MPLS_UNICAST) |
| 914 | .matchMplsLabel(((MplsCriterion) |
| 915 | selector.getCriterion(Criterion.Type.MPLS_LABEL)).label()); |
| 916 | MplsBosCriterion bos = (MplsBosCriterion) selector |
| 917 | .getCriterion(Criterion.Type.MPLS_BOS); |
| 918 | if (bos != null) { |
| 919 | filteredSelector.matchMplsBos(bos.mplsBos()); |
| 920 | } |
| 921 | forTableId = MPLS_TABLE_1; |
Saurav Das | 4ce4596 | 2015-11-24 23:21:05 -0800 | [diff] [blame] | 922 | log.debug("processing MPLS specific forwarding objective {} -> next:{}" |
| 923 | + " in dev {}", fwd.id(), fwd.nextId(), deviceId); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 924 | |
Charles Chan | 14967c2 | 2015-12-07 11:11:50 -0800 | [diff] [blame] | 925 | if (fwd.treatment() != null) { |
| 926 | for (Instruction instr : fwd.treatment().allInstructions()) { |
| 927 | if (instr instanceof L2ModificationInstruction && |
| 928 | ((L2ModificationInstruction) instr).subtype() == L2SubType.MPLS_POP) { |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 929 | popMpls = true; |
Charles Chan | 14967c2 | 2015-12-07 11:11:50 -0800 | [diff] [blame] | 930 | tb.immediate().add(instr); |
| 931 | } |
| 932 | if (instr instanceof L3ModificationInstruction && |
| 933 | ((L3ModificationInstruction) instr).subtype() == L3SubType.DEC_TTL) { |
| 934 | // FIXME Should modify the app to send the correct DEC_MPLS_TTL instruction |
| 935 | tb.immediate().decMplsTtl(); |
| 936 | } |
| 937 | if (instr instanceof L3ModificationInstruction && |
| 938 | ((L3ModificationInstruction) instr).subtype() == L3SubType.TTL_IN) { |
| 939 | tb.immediate().add(instr); |
| 940 | } |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 941 | } |
| 942 | } |
| 943 | } |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 944 | |
| 945 | if (fwd.nextId() != null) { |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 946 | if (forTableId == MPLS_TABLE_1 && !popMpls) { |
| 947 | log.warn("SR CONTINUE case cannot be handled as MPLS ECMP " |
Saurav Das | 2519081 | 2016-05-27 13:54:07 -0700 | [diff] [blame] | 948 | + "is not implemented in OF-DPA yet. Aborting this flow {} -> next:{}" |
| 949 | + "in this device {}", fwd.id(), fwd.nextId(), deviceId); |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 950 | // XXX We could convert to forwarding to a single-port, via a |
| 951 | // MPLS interface, or a MPLS SWAP (with-same) but that would |
| 952 | // have to be handled in the next-objective. Also the pop-mpls |
| 953 | // logic used here won't work in non-BoS case. |
Saurav Das | 4ce4596 | 2015-11-24 23:21:05 -0800 | [diff] [blame] | 954 | fail(fwd, ObjectiveError.FLOWINSTALLATIONFAILED); |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 955 | return Collections.emptySet(); |
| 956 | } |
| 957 | |
Saurav Das | 423fe2b | 2015-12-04 10:52:59 -0800 | [diff] [blame] | 958 | NextGroup next = getGroupForNextObjective(fwd.nextId()); |
| 959 | if (next != null) { |
| 960 | List<Deque<GroupKey>> gkeys = appKryo.deserialize(next.data()); |
| 961 | // we only need the top level group's key to point the flow to it |
| 962 | Group group = groupService.getGroup(deviceId, gkeys.get(0).peekFirst()); |
| 963 | if (group == null) { |
| 964 | log.warn("Group with key:{} for next-id:{} not found in dev:{}", |
| 965 | gkeys.get(0).peekFirst(), fwd.nextId(), deviceId); |
| 966 | fail(fwd, ObjectiveError.GROUPMISSING); |
| 967 | return Collections.emptySet(); |
| 968 | } |
| 969 | tb.deferred().group(group.id()); |
Saurav Das | 2519081 | 2016-05-27 13:54:07 -0700 | [diff] [blame] | 970 | } else { |
| 971 | log.warn("Cannot find group for nextId:{} in dev:{}. Aborting fwd:{}", |
| 972 | fwd.nextId(), deviceId, fwd.id()); |
| 973 | fail(fwd, ObjectiveError.FLOWINSTALLATIONFAILED); |
| 974 | return Collections.emptySet(); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 975 | } |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 976 | } |
Charles Chan | cad338a | 2016-09-16 18:03:11 -0700 | [diff] [blame^] | 977 | |
| 978 | if (forTableId == MPLS_TABLE_1) { |
| 979 | if (mplsNextTable == MPLS_L3_TYPE) { |
| 980 | Ofdpa3SetMplsType setMplsType = new Ofdpa3SetMplsType(Ofdpa3MplsType.L3_PHP); |
| 981 | tb.extension(setMplsType, deviceId); |
| 982 | } |
| 983 | tb.transition(mplsNextTable); |
| 984 | } else { |
| 985 | tb.transition(ACL_TABLE); |
| 986 | } |
| 987 | |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 988 | FlowRule.Builder ruleBuilder = DefaultFlowRule.builder() |
| 989 | .fromApp(fwd.appId()) |
| 990 | .withPriority(fwd.priority()) |
| 991 | .forDevice(deviceId) |
Saurav Das | 8a0732e | 2015-11-20 15:27:53 -0800 | [diff] [blame] | 992 | .withSelector(filteredSelector.build()) |
| 993 | .withTreatment(tb.build()) |
| 994 | .forTable(forTableId); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 995 | |
| 996 | if (fwd.permanent()) { |
| 997 | ruleBuilder.makePermanent(); |
| 998 | } else { |
| 999 | ruleBuilder.makeTemporary(fwd.timeout()); |
| 1000 | } |
Flavio Castro | e10fa24 | 2016-01-15 12:43:51 -0800 | [diff] [blame] | 1001 | Collection<FlowRule> flowRuleCollection = new ArrayList<>(); |
| 1002 | flowRuleCollection.add(ruleBuilder.build()); |
| 1003 | if (defaultRule) { |
| 1004 | FlowRule.Builder rule = DefaultFlowRule.builder() |
| 1005 | .fromApp(fwd.appId()) |
| 1006 | .withPriority(fwd.priority()) |
| 1007 | .forDevice(deviceId) |
| 1008 | .withSelector(complementarySelector.build()) |
| 1009 | .withTreatment(tb.build()) |
| 1010 | .forTable(forTableId); |
| 1011 | if (fwd.permanent()) { |
| 1012 | rule.makePermanent(); |
| 1013 | } else { |
| 1014 | rule.makeTemporary(fwd.timeout()); |
| 1015 | } |
| 1016 | flowRuleCollection.add(rule.build()); |
| 1017 | log.debug("Default rule 0.0.0.0/0 is being installed two rules"); |
| 1018 | } |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 1019 | |
Flavio Castro | e10fa24 | 2016-01-15 12:43:51 -0800 | [diff] [blame] | 1020 | return flowRuleCollection; |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 1021 | } |
| 1022 | |
Saurav Das | 4ce4596 | 2015-11-24 23:21:05 -0800 | [diff] [blame] | 1023 | /** |
| 1024 | * Handles forwarding rules to the L2 bridging table. Flow actions are not |
| 1025 | * allowed in the bridging table - instead we use L2 Interface group or |
| 1026 | * L2 flood group |
| 1027 | * |
| 1028 | * @param fwd the forwarding objective |
| 1029 | * @return A collection of flow rules, or an empty set |
| 1030 | */ |
| 1031 | protected Collection<FlowRule> processEthDstSpecific(ForwardingObjective fwd) { |
| 1032 | List<FlowRule> rules = new ArrayList<>(); |
| 1033 | |
| 1034 | // Build filtered selector |
| 1035 | TrafficSelector selector = fwd.selector(); |
| 1036 | EthCriterion ethCriterion = (EthCriterion) selector |
| 1037 | .getCriterion(Criterion.Type.ETH_DST); |
| 1038 | VlanIdCriterion vlanIdCriterion = (VlanIdCriterion) selector |
| 1039 | .getCriterion(Criterion.Type.VLAN_VID); |
| 1040 | |
| 1041 | if (vlanIdCriterion == null) { |
| 1042 | log.warn("Forwarding objective for bridging requires vlan. Not " |
| 1043 | + "installing fwd:{} in dev:{}", fwd.id(), deviceId); |
| 1044 | fail(fwd, ObjectiveError.BADPARAMS); |
| 1045 | return Collections.emptySet(); |
| 1046 | } |
| 1047 | |
| 1048 | TrafficSelector.Builder filteredSelectorBuilder = |
| 1049 | DefaultTrafficSelector.builder(); |
| 1050 | // Do not match MacAddress for subnet broadcast entry |
| 1051 | if (!ethCriterion.mac().equals(MacAddress.NONE)) { |
| 1052 | filteredSelectorBuilder.matchEthDst(ethCriterion.mac()); |
| 1053 | log.debug("processing L2 forwarding objective:{} -> next:{} in dev:{}", |
| 1054 | fwd.id(), fwd.nextId(), deviceId); |
| 1055 | } else { |
| 1056 | log.debug("processing L2 Broadcast forwarding objective:{} -> next:{} " |
| 1057 | + "in dev:{} for vlan:{}", |
| 1058 | fwd.id(), fwd.nextId(), deviceId, vlanIdCriterion.vlanId()); |
| 1059 | } |
Charles Chan | 14967c2 | 2015-12-07 11:11:50 -0800 | [diff] [blame] | 1060 | OfdpaMatchVlanVid ofdpaMatchVlanVid = new OfdpaMatchVlanVid(vlanIdCriterion.vlanId()); |
| 1061 | filteredSelectorBuilder.extension(ofdpaMatchVlanVid, deviceId); |
Saurav Das | 4ce4596 | 2015-11-24 23:21:05 -0800 | [diff] [blame] | 1062 | TrafficSelector filteredSelector = filteredSelectorBuilder.build(); |
| 1063 | |
| 1064 | if (fwd.treatment() != null) { |
| 1065 | log.warn("Ignoring traffic treatment in fwd rule {} meant for L2 table" |
| 1066 | + "for dev:{}. Expecting only nextId", fwd.id(), deviceId); |
| 1067 | } |
| 1068 | |
| 1069 | TrafficTreatment.Builder treatmentBuilder = DefaultTrafficTreatment.builder(); |
| 1070 | if (fwd.nextId() != null) { |
Saurav Das | 423fe2b | 2015-12-04 10:52:59 -0800 | [diff] [blame] | 1071 | NextGroup next = getGroupForNextObjective(fwd.nextId()); |
Saurav Das | 4ce4596 | 2015-11-24 23:21:05 -0800 | [diff] [blame] | 1072 | if (next != null) { |
| 1073 | List<Deque<GroupKey>> gkeys = appKryo.deserialize(next.data()); |
| 1074 | // we only need the top level group's key to point the flow to it |
| 1075 | Group group = groupService.getGroup(deviceId, gkeys.get(0).peekFirst()); |
| 1076 | if (group != null) { |
| 1077 | treatmentBuilder.deferred().group(group.id()); |
| 1078 | } else { |
| 1079 | log.warn("Group with key:{} for next-id:{} not found in dev:{}", |
| 1080 | gkeys.get(0).peekFirst(), fwd.nextId(), deviceId); |
| 1081 | fail(fwd, ObjectiveError.GROUPMISSING); |
| 1082 | return Collections.emptySet(); |
| 1083 | } |
| 1084 | } |
| 1085 | } |
| 1086 | treatmentBuilder.immediate().transition(ACL_TABLE); |
| 1087 | TrafficTreatment filteredTreatment = treatmentBuilder.build(); |
| 1088 | |
| 1089 | // Build bridging table entries |
| 1090 | FlowRule.Builder flowRuleBuilder = DefaultFlowRule.builder(); |
| 1091 | flowRuleBuilder.fromApp(fwd.appId()) |
| 1092 | .withPriority(fwd.priority()) |
| 1093 | .forDevice(deviceId) |
| 1094 | .withSelector(filteredSelector) |
| 1095 | .withTreatment(filteredTreatment) |
| 1096 | .forTable(BRIDGING_TABLE); |
| 1097 | if (fwd.permanent()) { |
| 1098 | flowRuleBuilder.makePermanent(); |
| 1099 | } else { |
| 1100 | flowRuleBuilder.makeTemporary(fwd.timeout()); |
| 1101 | } |
| 1102 | rules.add(flowRuleBuilder.build()); |
| 1103 | return rules; |
| 1104 | } |
| 1105 | |
Saurav Das | 423fe2b | 2015-12-04 10:52:59 -0800 | [diff] [blame] | 1106 | protected NextGroup getGroupForNextObjective(Integer nextId) { |
| 1107 | NextGroup next = flowObjectiveStore.getNextGroup(nextId); |
| 1108 | if (next != null) { |
| 1109 | List<Deque<GroupKey>> gkeys = appKryo.deserialize(next.data()); |
| 1110 | if (gkeys != null && !gkeys.isEmpty()) { |
| 1111 | return next; |
| 1112 | } else { |
| 1113 | log.warn("Empty next group found in FlowObjective store for " |
| 1114 | + "next-id:{} in dev:{}", nextId, deviceId); |
| 1115 | } |
| 1116 | } else { |
| 1117 | log.warn("next-id {} not found in Flow objective store for dev:{}", |
| 1118 | nextId, deviceId); |
| 1119 | } |
| 1120 | return null; |
| 1121 | } |
| 1122 | |
Charles Chan | 188ebf5 | 2015-12-23 00:15:11 -0800 | [diff] [blame] | 1123 | protected static void pass(Objective obj) { |
Sho SHIMIZU | ef7e290 | 2016-02-12 18:38:29 -0800 | [diff] [blame] | 1124 | obj.context().ifPresent(context -> context.onSuccess(obj)); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 1125 | } |
| 1126 | |
Charles Chan | 188ebf5 | 2015-12-23 00:15:11 -0800 | [diff] [blame] | 1127 | protected static void fail(Objective obj, ObjectiveError error) { |
Sho SHIMIZU | ef7e290 | 2016-02-12 18:38:29 -0800 | [diff] [blame] | 1128 | obj.context().ifPresent(context -> context.onError(obj, error)); |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 1129 | } |
Saurav Das | 2443119 | 2016-03-07 19:13:00 -0800 | [diff] [blame] | 1130 | |
Saurav Das | 2443119 | 2016-03-07 19:13:00 -0800 | [diff] [blame] | 1131 | @Override |
| 1132 | public List<String> getNextMappings(NextGroup nextGroup) { |
| 1133 | List<String> mappings = new ArrayList<>(); |
| 1134 | List<Deque<GroupKey>> gkeys = appKryo.deserialize(nextGroup.data()); |
| 1135 | for (Deque<GroupKey> gkd : gkeys) { |
| 1136 | Group lastGroup = null; |
Saurav Das | 8be4e3a | 2016-03-11 17:19:07 -0800 | [diff] [blame] | 1137 | StringBuffer gchain = new StringBuffer(); |
Saurav Das | 2443119 | 2016-03-07 19:13:00 -0800 | [diff] [blame] | 1138 | for (GroupKey gk : gkd) { |
| 1139 | Group g = groupService.getGroup(deviceId, gk); |
Saurav Das | 8be4e3a | 2016-03-11 17:19:07 -0800 | [diff] [blame] | 1140 | if (g == null) { |
Saurav Das | 2519081 | 2016-05-27 13:54:07 -0700 | [diff] [blame] | 1141 | gchain.append(" NoGrp").append(" -->"); |
Saurav Das | 8be4e3a | 2016-03-11 17:19:07 -0800 | [diff] [blame] | 1142 | continue; |
| 1143 | } |
| 1144 | gchain.append(" 0x").append(Integer.toHexString(g.id().id())) |
| 1145 | .append(" -->"); |
Saurav Das | 2443119 | 2016-03-07 19:13:00 -0800 | [diff] [blame] | 1146 | lastGroup = g; |
| 1147 | } |
| 1148 | // add port information for last group in group-chain |
Saurav Das | 2519081 | 2016-05-27 13:54:07 -0700 | [diff] [blame] | 1149 | List<Instruction> lastGroupIns = new ArrayList<Instruction>(); |
Saurav Das | b5c236e | 2016-06-07 10:08:06 -0700 | [diff] [blame] | 1150 | if (lastGroup != null) { |
Saurav Das | 2519081 | 2016-05-27 13:54:07 -0700 | [diff] [blame] | 1151 | lastGroupIns = lastGroup.buckets().buckets().get(0) |
| 1152 | .treatment().allInstructions(); |
| 1153 | } |
| 1154 | for (Instruction i: lastGroupIns) { |
Saurav Das | 2443119 | 2016-03-07 19:13:00 -0800 | [diff] [blame] | 1155 | if (i instanceof OutputInstruction) { |
Saurav Das | 8be4e3a | 2016-03-11 17:19:07 -0800 | [diff] [blame] | 1156 | gchain.append(" port:").append(((OutputInstruction) i).port()); |
Saurav Das | 2443119 | 2016-03-07 19:13:00 -0800 | [diff] [blame] | 1157 | } |
| 1158 | } |
Saurav Das | 8be4e3a | 2016-03-11 17:19:07 -0800 | [diff] [blame] | 1159 | mappings.add(gchain.toString()); |
Saurav Das | 2443119 | 2016-03-07 19:13:00 -0800 | [diff] [blame] | 1160 | } |
| 1161 | return mappings; |
| 1162 | } |
Charles Chan | 5b9df8d | 2016-03-28 22:21:40 -0700 | [diff] [blame] | 1163 | |
| 1164 | protected static VlanId readVlanFromSelector(TrafficSelector selector) { |
Saurav Das | 59232cf | 2016-04-27 18:35:50 -0700 | [diff] [blame] | 1165 | if (selector == null) { |
| 1166 | return null; |
| 1167 | } |
Charles Chan | 5b9df8d | 2016-03-28 22:21:40 -0700 | [diff] [blame] | 1168 | Criterion criterion = selector.getCriterion(Criterion.Type.VLAN_VID); |
| 1169 | return (criterion == null) |
| 1170 | ? null : ((VlanIdCriterion) criterion).vlanId(); |
| 1171 | } |
| 1172 | |
| 1173 | protected static IpPrefix readIpDstFromSelector(TrafficSelector selector) { |
Saurav Das | 59232cf | 2016-04-27 18:35:50 -0700 | [diff] [blame] | 1174 | if (selector == null) { |
| 1175 | return null; |
| 1176 | } |
Charles Chan | 5b9df8d | 2016-03-28 22:21:40 -0700 | [diff] [blame] | 1177 | Criterion criterion = selector.getCriterion(Criterion.Type.IPV4_DST); |
| 1178 | return (criterion == null) ? null : ((IPCriterion) criterion).ip(); |
| 1179 | } |
Charles Chan | d55e84d | 2016-03-30 17:54:24 -0700 | [diff] [blame] | 1180 | |
| 1181 | private static VlanId readVlanFromTreatment(TrafficTreatment treatment) { |
Saurav Das | 59232cf | 2016-04-27 18:35:50 -0700 | [diff] [blame] | 1182 | if (treatment == null) { |
| 1183 | return null; |
| 1184 | } |
Charles Chan | d55e84d | 2016-03-30 17:54:24 -0700 | [diff] [blame] | 1185 | for (Instruction i : treatment.allInstructions()) { |
| 1186 | if (i instanceof ModVlanIdInstruction) { |
| 1187 | return ((ModVlanIdInstruction) i).vlanId(); |
| 1188 | } |
| 1189 | } |
| 1190 | return null; |
| 1191 | } |
Saurav Das | 822c4e2 | 2015-10-23 10:51:11 -0700 | [diff] [blame] | 1192 | } |