2 * Copyright (C) 2013 Red Hat, Inc.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
8 * Authors : Madhu Venugopal, Brent Salisbury, Dave Tucker
10 package org.opendaylight.ovsdb.openstack.netvirt.providers.openflow13;
12 import java.net.InetAddress;
13 import java.util.List;
16 import java.util.concurrent.ExecutionException;
18 import org.opendaylight.controller.md.sal.binding.api.DataBroker;
19 import org.opendaylight.controller.md.sal.binding.api.ReadOnlyTransaction;
20 import org.opendaylight.controller.md.sal.binding.api.ReadWriteTransaction;
21 import org.opendaylight.controller.md.sal.binding.api.WriteTransaction;
22 import org.opendaylight.controller.md.sal.common.api.data.LogicalDatastoreType;
23 import org.opendaylight.controller.md.sal.common.api.data.TransactionCommitFailedException;
24 import org.opendaylight.controller.networkconfig.neutron.NeutronNetwork;
25 import org.opendaylight.controller.networkconfig.neutron.NeutronSecurityGroup;
26 import org.opendaylight.controller.sal.core.Node;
27 import org.opendaylight.controller.sal.utils.HexEncode;
28 import org.opendaylight.controller.sal.utils.Status;
29 import org.opendaylight.controller.sal.utils.StatusCode;
30 import org.opendaylight.ovsdb.lib.notation.Row;
31 import org.opendaylight.ovsdb.lib.notation.UUID;
32 import org.opendaylight.ovsdb.openstack.netvirt.NetworkHandler;
33 import org.opendaylight.ovsdb.openstack.netvirt.api.BridgeConfigurationManager;
34 import org.opendaylight.ovsdb.openstack.netvirt.api.ClassifierProvider;
35 import org.opendaylight.ovsdb.openstack.netvirt.api.Constants;
36 import org.opendaylight.ovsdb.openstack.netvirt.api.EgressAclProvider;
37 import org.opendaylight.ovsdb.openstack.netvirt.api.IngressAclProvider;
38 import org.opendaylight.ovsdb.openstack.netvirt.api.L2ForwardingProvider;
39 import org.opendaylight.ovsdb.openstack.netvirt.api.NetworkingProvider;
40 import org.opendaylight.ovsdb.openstack.netvirt.api.SecurityServicesManager;
41 import org.opendaylight.ovsdb.openstack.netvirt.api.TenantNetworkManager;
42 import org.opendaylight.ovsdb.plugin.api.OvsdbConfigurationService;
43 import org.opendaylight.ovsdb.plugin.api.OvsdbConnectionService;
44 import org.opendaylight.ovsdb.plugin.api.StatusWithUuid;
45 import org.opendaylight.ovsdb.schema.openvswitch.Bridge;
46 import org.opendaylight.ovsdb.schema.openvswitch.Interface;
47 import org.opendaylight.ovsdb.schema.openvswitch.Port;
48 import org.opendaylight.ovsdb.utils.mdsal.openflow.InstructionUtils;
49 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev100924.Uri;
50 import org.opendaylight.yang.gen.v1.urn.opendaylight.action.types.rev131112.action.action.GroupActionCase;
51 import org.opendaylight.yang.gen.v1.urn.opendaylight.action.types.rev131112.action.action.GroupActionCaseBuilder;
52 import org.opendaylight.yang.gen.v1.urn.opendaylight.action.types.rev131112.action.action.OutputActionCase;
53 import org.opendaylight.yang.gen.v1.urn.opendaylight.action.types.rev131112.action.action.OutputActionCaseBuilder;
54 import org.opendaylight.yang.gen.v1.urn.opendaylight.action.types.rev131112.action.action.group.action._case.GroupActionBuilder;
55 import org.opendaylight.yang.gen.v1.urn.opendaylight.action.types.rev131112.action.action.output.action._case.OutputActionBuilder;
56 import org.opendaylight.yang.gen.v1.urn.opendaylight.action.types.rev131112.action.list.Action;
57 import org.opendaylight.yang.gen.v1.urn.opendaylight.action.types.rev131112.action.list.ActionBuilder;
58 import org.opendaylight.yang.gen.v1.urn.opendaylight.action.types.rev131112.action.list.ActionKey;
59 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.inventory.rev130819.FlowCapableNode;
60 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.inventory.rev130819.FlowId;
61 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.inventory.rev130819.tables.Table;
62 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.inventory.rev130819.tables.TableKey;
63 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.inventory.rev130819.tables.table.Flow;
64 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.inventory.rev130819.tables.table.FlowBuilder;
65 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.inventory.rev130819.tables.table.FlowKey;
66 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.flow.InstructionsBuilder;
67 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.flow.MatchBuilder;
68 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.instruction.instruction.ApplyActionsCase;
69 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.instruction.instruction.ApplyActionsCaseBuilder;
70 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.instruction.instruction.apply.actions._case.ApplyActionsBuilder;
71 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.instruction.list.Instruction;
72 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.instruction.list.InstructionBuilder;
73 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.instruction.list.InstructionKey;
74 import org.opendaylight.yang.gen.v1.urn.opendaylight.group.types.rev131018.BucketId;
75 import org.opendaylight.yang.gen.v1.urn.opendaylight.group.types.rev131018.GroupId;
76 import org.opendaylight.yang.gen.v1.urn.opendaylight.group.types.rev131018.GroupTypes;
77 import org.opendaylight.yang.gen.v1.urn.opendaylight.group.types.rev131018.group.Buckets;
78 import org.opendaylight.yang.gen.v1.urn.opendaylight.group.types.rev131018.group.BucketsBuilder;
79 import org.opendaylight.yang.gen.v1.urn.opendaylight.group.types.rev131018.group.buckets.Bucket;
80 import org.opendaylight.yang.gen.v1.urn.opendaylight.group.types.rev131018.group.buckets.BucketBuilder;
81 import org.opendaylight.yang.gen.v1.urn.opendaylight.group.types.rev131018.group.buckets.BucketKey;
82 import org.opendaylight.yang.gen.v1.urn.opendaylight.group.types.rev131018.groups.Group;
83 import org.opendaylight.yang.gen.v1.urn.opendaylight.group.types.rev131018.groups.GroupBuilder;
84 import org.opendaylight.yang.gen.v1.urn.opendaylight.group.types.rev131018.groups.GroupKey;
85 import org.opendaylight.yang.gen.v1.urn.opendaylight.inventory.rev130819.NodeConnectorId;
86 import org.opendaylight.yang.gen.v1.urn.opendaylight.inventory.rev130819.NodeId;
87 import org.opendaylight.yang.gen.v1.urn.opendaylight.inventory.rev130819.Nodes;
88 import org.opendaylight.yang.gen.v1.urn.opendaylight.inventory.rev130819.nodes.NodeBuilder;
89 import org.opendaylight.yang.gen.v1.urn.opendaylight.inventory.rev130819.nodes.NodeKey;
90 import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
91 import org.slf4j.Logger;
92 import org.slf4j.LoggerFactory;
94 import com.google.common.base.Optional;
95 import com.google.common.base.Preconditions;
96 import com.google.common.collect.Lists;
97 import com.google.common.collect.Maps;
98 import com.google.common.util.concurrent.CheckedFuture;
101 * Open vSwitch OpenFlow 1.3 Networking Provider for OpenStack Neutron
103 public class OF13Provider implements NetworkingProvider {
104 private static final Logger logger = LoggerFactory.getLogger(OF13Provider.class);
105 private DataBroker dataBroker;
106 private static final short TABLE_0_DEFAULT_INGRESS = 0;
107 private static final short TABLE_1_ISOLATE_TENANT = 10;
108 private static final short TABLE_2_LOCAL_FORWARD = 20;
109 private static final String OPENFLOW = "openflow:";
110 private static Long groupId = 1L;
112 private volatile org.opendaylight.ovsdb.openstack.netvirt.api.ConfigurationService configurationService;
113 private volatile BridgeConfigurationManager bridgeConfigurationManager;
114 private volatile TenantNetworkManager tenantNetworkManager;
115 private volatile OvsdbConfigurationService ovsdbConfigurationService;
116 private volatile OvsdbConnectionService connectionService;
117 private volatile MdsalConsumer mdsalConsumer;
118 private volatile SecurityServicesManager securityServicesManager;
119 private volatile IngressAclProvider ingressAclProvider;
120 private volatile EgressAclProvider egressAclProvider;
121 private volatile ClassifierProvider classifierProvider;
122 private volatile L2ForwardingProvider l2ForwardingProvider;
124 public static final String NAME = "OF13Provider";
126 public OF13Provider(){
131 public String getName() {
136 public boolean supportsServices() {
141 public boolean hasPerTenantTunneling() {
145 private Status getTunnelReadinessStatus (Node node, String tunnelKey) {
146 InetAddress srcTunnelEndPoint = configurationService.getTunnelEndPoint(node);
147 if (srcTunnelEndPoint == null) {
148 logger.error("Tunnel Endpoint not configured for Node {}", node);
149 return new Status(StatusCode.NOTFOUND, "Tunnel Endpoint not configured for "+ node);
152 if (!bridgeConfigurationManager.isNodeNeutronReady(node)) {
153 logger.error(node+" is not Overlay ready");
154 return new Status(StatusCode.NOTACCEPTABLE, node+" is not Overlay ready");
157 if (!tenantNetworkManager.isTenantNetworkPresentInNode(node, tunnelKey)) {
158 logger.debug(node+" has no VM corresponding to segment "+ tunnelKey);
159 return new Status(StatusCode.NOTACCEPTABLE, node+" has no VM corresponding to segment "+ tunnelKey);
161 return new Status(StatusCode.SUCCESS);
164 private String getTunnelName(String tunnelType, InetAddress dst) {
165 return tunnelType+"-"+dst.getHostAddress();
168 private boolean isTunnelPresent(Node node, String tunnelName, String bridgeUUID) throws Exception {
169 Preconditions.checkNotNull(ovsdbConfigurationService);
170 Row bridgeRow = ovsdbConfigurationService
171 .getRow(node, ovsdbConfigurationService.getTableName(node, Bridge.class), bridgeUUID);
172 Bridge bridge = ovsdbConfigurationService.getTypedRow(node, Bridge.class, bridgeRow);
173 if (bridge != null) {
174 Set<UUID> ports = bridge.getPortsColumn().getData();
175 for (UUID portUUID : ports) {
176 Row portRow = ovsdbConfigurationService
177 .getRow(node, ovsdbConfigurationService.getTableName(node, Port.class), portUUID.toString());
178 Port port = ovsdbConfigurationService.getTypedRow(node, Port.class, portRow);
179 if (port != null && tunnelName.equalsIgnoreCase(port.getName())) return true;
185 private String getPortUuid(Node node, String name, String bridgeUUID) throws Exception {
186 Preconditions.checkNotNull(ovsdbConfigurationService);
187 Row bridgeRow = ovsdbConfigurationService
188 .getRow(node, ovsdbConfigurationService.getTableName(node, Bridge.class), bridgeUUID);
189 Bridge bridge = ovsdbConfigurationService.getTypedRow(node, Bridge.class, bridgeRow);
190 if (bridge != null) {
191 Set<UUID> ports = bridge.getPortsColumn().getData();
192 for (UUID portUUID : ports) {
193 Row portRow = ovsdbConfigurationService
194 .getRow(node, ovsdbConfigurationService.getTableName(node, Port.class), portUUID.toString());
195 Port port = ovsdbConfigurationService.getTypedRow(node, Port.class, portRow);
196 if (port != null && name.equalsIgnoreCase(port.getName())) return portUUID.toString();
202 private Status addTunnelPort (Node node, String tunnelType, InetAddress src, InetAddress dst) {
203 Preconditions.checkNotNull(ovsdbConfigurationService);
205 String bridgeUUID = null;
206 String tunnelBridgeName = configurationService.getIntegrationBridgeName();
207 Map<String, Row> bridgeTable = ovsdbConfigurationService.getRows(node, ovsdbConfigurationService.getTableName(node, Bridge.class));
208 if (bridgeTable != null) {
209 for (String uuid : bridgeTable.keySet()) {
210 Bridge bridge = ovsdbConfigurationService.getTypedRow(node,Bridge.class, bridgeTable.get(uuid));
211 if (bridge.getName().equals(tunnelBridgeName)) {
217 if (bridgeUUID == null) {
218 logger.error("Could not find Bridge {} in {}", tunnelBridgeName, node);
219 return new Status(StatusCode.NOTFOUND, "Could not find "+tunnelBridgeName+" in "+node);
221 String portName = getTunnelName(tunnelType, dst);
223 if (this.isTunnelPresent(node, portName, bridgeUUID)) {
224 logger.trace("Tunnel {} is present in {} of {}", portName, tunnelBridgeName, node);
225 return new Status(StatusCode.SUCCESS);
228 Port tunnelPort = ovsdbConfigurationService.createTypedRow(node, Port.class);
229 tunnelPort.setName(portName);
230 StatusWithUuid statusWithUuid = ovsdbConfigurationService
231 .insertRow(node, ovsdbConfigurationService.getTableName(node, Port.class), bridgeUUID, tunnelPort.getRow());
232 if (!statusWithUuid.isSuccess()) {
233 logger.error("Failed to insert Tunnel port {} in {}", portName, bridgeUUID);
234 return statusWithUuid;
237 String tunnelPortUUID = statusWithUuid.getUuid().toString();
238 String interfaceUUID = null;
240 while ((interfaceUUID == null) && (timeout > 0)) {
241 Row portRow = ovsdbConfigurationService
242 .getRow(node, ovsdbConfigurationService.getTableName(node, Port.class), tunnelPortUUID);
243 tunnelPort = ovsdbConfigurationService.getTypedRow(node, Port.class, portRow);
244 Set<UUID> interfaces = tunnelPort.getInterfacesColumn().getData();
245 if (interfaces == null || interfaces.size() == 0) {
246 // Wait for the OVSDB update to sync up the Local cache.
251 interfaceUUID = interfaces.toArray()[0].toString();
252 Row intfRow = ovsdbConfigurationService
253 .getRow(node, ovsdbConfigurationService.getTableName(node, Interface.class), interfaceUUID);
254 Interface intf = ovsdbConfigurationService.getTypedRow(node, Interface.class, intfRow);
255 if (intf == null) interfaceUUID = null;
258 if (interfaceUUID == null) {
259 logger.error("Cannot identify Tunnel Interface for port {}/{}", portName, tunnelPortUUID);
260 return new Status(StatusCode.INTERNALERROR);
263 Interface tunInterface = ovsdbConfigurationService.createTypedRow(node, Interface.class);
264 tunInterface.setType(tunnelType);
265 Map<String, String> options = Maps.newHashMap();
266 options.put("key", "flow");
267 options.put("local_ip", src.getHostAddress());
268 options.put("remote_ip", dst.getHostAddress());
269 tunInterface.setOptions(options);
270 Status status = ovsdbConfigurationService
271 .updateRow(node, ovsdbConfigurationService.getTableName(node, Interface.class), tunnelPortUUID, interfaceUUID, tunInterface.getRow());
272 logger.debug("Tunnel {} add status : {}", tunInterface, status);
274 } catch (Exception e) {
275 logger.error("Exception in addTunnelPort", e);
276 return new Status(StatusCode.INTERNALERROR);
280 /* delete port from ovsdb port table */
281 private Status deletePort(Node node, String bridgeName, String portName) {
282 Preconditions.checkNotNull(ovsdbConfigurationService);
284 String bridgeUUID = null;
285 Map<String, Row> bridgeTable = ovsdbConfigurationService.getRows(node, ovsdbConfigurationService.getTableName(node, Bridge.class));
286 if (bridgeTable != null) {
287 for (String uuid : bridgeTable.keySet()) {
288 Bridge bridge = ovsdbConfigurationService.getTypedRow(node, Bridge.class, bridgeTable.get(uuid));
289 if (bridge.getName().equals(bridgeName)) {
295 if (bridgeUUID == null) {
296 logger.debug("Could not find Bridge {} in {}", bridgeName, node);
297 return new Status(StatusCode.SUCCESS);
300 String portUUID = this.getPortUuid(node, portName, bridgeUUID);
301 Status status = new Status(StatusCode.SUCCESS);
302 if (portUUID != null) {
303 status = ovsdbConfigurationService
304 .deleteRow(node, ovsdbConfigurationService.getTableName(node, Port.class), portUUID);
305 if (!status.isSuccess()) {
306 logger.error("Failed to delete port {} in {} status : {}", portName, bridgeUUID,
310 logger.debug("Port {} delete status : {}", portName, status);
313 } catch (Exception e) {
314 logger.error("Exception in deletePort", e);
315 return new Status(StatusCode.INTERNALERROR);
319 private Status deleteTunnelPort(Node node, String tunnelType, InetAddress src, InetAddress dst) {
320 String tunnelBridgeName = configurationService.getIntegrationBridgeName();
321 String portName = getTunnelName(tunnelType, dst);
322 return deletePort(node, tunnelBridgeName, portName);
325 private Status deletePhysicalPort(Node node, String phyIntfName) {
326 String intBridgeName = configurationService.getIntegrationBridgeName();
327 return deletePort(node, intBridgeName, phyIntfName);
330 private void programLocalBridgeRules(Node node, Long dpid, String segmentationId, String attachedMac, long localPort) {
334 * Match: VM sMac and Local Ingress Port
335 * Action:Action: Set Tunnel ID and GOTO Local Table (5)
338 handleLocalInPort(dpid, TABLE_0_DEFAULT_INGRESS, TABLE_1_ISOLATE_TENANT, segmentationId, localPort, attachedMac, true);
343 * Match: Drop any remaining Ingress Local VM Packets
344 * Action: Drop w/ a low priority
347 handleDropSrcIface(dpid, localPort, true);
352 * Match: Match TunID and Destination DL/dMAC Addr
353 * Action: Output Port
354 * table=2,tun_id=0x5,dl_dst=00:00:00:00:00:01 actions=output:2
357 handleLocalUcastOut(dpid, TABLE_2_LOCAL_FORWARD, segmentationId, localPort, attachedMac, true);
362 * Match: Tunnel ID and dMAC (::::FF:FF)
363 * table=2,priority=16384,tun_id=0x5,dl_dst=ff:ff:ff:ff:ff:ff \
364 * actions=output:2,3,4,5
367 handleLocalBcastOut(dpid, TABLE_2_LOCAL_FORWARD, segmentationId, localPort, true);
368 handleTunnelFloodOut(dpid, TABLE_1_ISOLATE_TENANT, TABLE_2_LOCAL_FORWARD, segmentationId, localPort, true);
371 * TODO : Optimize the following 2 writes to be restricted only for the very first port known in a segment.
376 * Match: Any remaining Ingress Local VM Packets
377 * Action: Drop w/ a low priority
378 * -------------------------------------------
379 * table=1,priority=8192,tun_id=0x5 actions=goto_table:2
382 handleTunnelMiss(dpid, TABLE_1_ISOLATE_TENANT, TABLE_2_LOCAL_FORWARD, segmentationId, true);
387 * Match: Any Remaining Flows w/a TunID
388 * Action: Drop w/ a low priority
389 * table=2,priority=8192,tun_id=0x5 actions=drop
392 handleLocalTableMiss(dpid, TABLE_2_LOCAL_FORWARD, segmentationId, true);
395 private void removeLocalBridgeRules(Node node, Long dpid, String segmentationId, String attachedMac, long localPort) {
399 * Match: VM sMac and Local Ingress Port
400 * Action:Action: Set Tunnel ID and GOTO Local Table (5)
403 handleLocalInPort(dpid, TABLE_0_DEFAULT_INGRESS, TABLE_1_ISOLATE_TENANT, segmentationId, localPort, attachedMac, false);
408 * Match: Drop any remaining Ingress Local VM Packets
409 * Action: Drop w/ a low priority
412 handleDropSrcIface(dpid, localPort, false);
417 * Match: Match TunID and Destination DL/dMAC Addr
418 * Action: Output Port
419 * table=2,tun_id=0x5,dl_dst=00:00:00:00:00:01 actions=output:2
422 handleLocalUcastOut(dpid, TABLE_2_LOCAL_FORWARD, segmentationId, localPort, attachedMac, false);
427 * Match: Tunnel ID and dMAC (::::FF:FF)
428 * table=2,priority=16384,tun_id=0x5,dl_dst=ff:ff:ff:ff:ff:ff \
429 * actions=output:2,3,4,5
432 handleLocalBcastOut(dpid, TABLE_2_LOCAL_FORWARD, segmentationId, localPort, false);
433 handleTunnelFloodOut(dpid, TABLE_1_ISOLATE_TENANT, TABLE_2_LOCAL_FORWARD, segmentationId, localPort, false);
436 private void programLocalIngressTunnelBridgeRules(Node node, Long dpid, String segmentationId, String attachedMac, long tunnelOFPort, long localPort) {
440 * Match: Ingress Port, Tunnel ID
441 * Action: GOTO Local Table (20)
444 handleTunnelIn(dpid, TABLE_0_DEFAULT_INGRESS, TABLE_2_LOCAL_FORWARD, segmentationId, tunnelOFPort, true);
449 * Match: Match Tunnel ID and L2 ::::FF:FF Flooding
450 * Action: Flood to selected destination TEPs
451 * -------------------------------------------
452 * table=1,priority=16384,tun_id=0x5,dl_dst=ff:ff:ff:ff:ff:ff \
453 * actions=output:10,output:11,goto_table:2
456 handleTunnelFloodOut(dpid, TABLE_1_ISOLATE_TENANT, TABLE_2_LOCAL_FORWARD, segmentationId, tunnelOFPort, true);
460 private void programRemoteEgressTunnelBridgeRules(Node node, Long dpid, String segmentationId, String attachedMac, long tunnelOFPort, long localPort) {
464 * Match: Drop any remaining Ingress Local VM Packets
465 * Action: Drop w/ a low priority
466 * -------------------------------------------
467 * table=1,tun_id=0x5,dl_dst=00:00:00:00:00:08 \
468 * actions=output:11,goto_table:2
471 handleTunnelOut(dpid, TABLE_1_ISOLATE_TENANT, TABLE_2_LOCAL_FORWARD, segmentationId, tunnelOFPort, attachedMac, true);
474 private void removeRemoteEgressTunnelBridgeRules(Node node, Long dpid, String segmentationId, String attachedMac, long tunnelOFPort, long localPort) {
478 * Match: Drop any remaining Ingress Local VM Packets
479 * Action: Drop w/ a low priority
480 * -------------------------------------------
481 * table=1,tun_id=0x5,dl_dst=00:00:00:00:00:08 \
482 * actions=output:11,goto_table:2
485 handleTunnelOut(dpid, TABLE_1_ISOLATE_TENANT, TABLE_2_LOCAL_FORWARD, segmentationId, tunnelOFPort, attachedMac, false);
488 /* Remove tunnel rules if last node in this tenant network */
489 private void removePerTunnelRules(Node node, Long dpid, String segmentationId, long tunnelOFPort) {
491 * TODO : Optimize the following 2 writes to be restricted only for the very first port known in a segment.
496 * Match: Any remaining Ingress Local VM Packets
497 * Action: Drop w/ a low priority
498 * -------------------------------------------
499 * table=1,priority=8192,tun_id=0x5 actions=goto_table:2
502 handleTunnelMiss(dpid, TABLE_1_ISOLATE_TENANT, TABLE_2_LOCAL_FORWARD, segmentationId, false);
507 * Match: Any Remaining Flows w/a TunID
508 * Action: Drop w/ a low priority
509 * table=2,priority=8192,tun_id=0x5 actions=drop
512 handleLocalTableMiss(dpid, TABLE_2_LOCAL_FORWARD, segmentationId, false);
517 * Match: Ingress Port, Tunnel ID
518 * Action: GOTO Local Table (10)
521 handleTunnelIn(dpid, TABLE_0_DEFAULT_INGRESS, TABLE_2_LOCAL_FORWARD, segmentationId, tunnelOFPort, false);
526 * Match: Match Tunnel ID and L2 ::::FF:FF Flooding
527 * Action: Flood to selected destination TEPs
528 * -------------------------------------------
529 * table=1,priority=16384,tun_id=0x5,dl_dst=ff:ff:ff:ff:ff:ff \
530 * actions=output:10,output:11,goto_table:2
533 handleTunnelFloodOut(dpid, TABLE_1_ISOLATE_TENANT, TABLE_2_LOCAL_FORWARD, segmentationId, tunnelOFPort, false);
536 private void programLocalVlanRules(Node node, Long dpid, String segmentationId, String attachedMac, long localPort) {
540 * Tag traffic coming from the local port and vm srcmac
541 * Match: VM sMac and Local Ingress Port
542 * Action: Set VLAN ID and GOTO Local Table 1
545 handleLocalInPortSetVlan(dpid, TABLE_0_DEFAULT_INGRESS,
546 TABLE_1_ISOLATE_TENANT, segmentationId, localPort,
552 * Drop all other traffic coming from the local port
553 * Match: Drop any remaining Ingress Local VM Packets
554 * Action: Drop w/ a low priority
557 handleDropSrcIface(dpid, localPort, true);
562 * Forward unicast traffic destined to the local port after stripping tag
563 * Match: Match VLAN ID and Destination DL/dMAC Addr
564 * Action: strip vlan, output to local port
565 * Example: table=2,vlan_id=0x5,dl_dst=00:00:00:00:00:01 actions= strip vlan, output:2
568 handleLocalVlanUcastOut(dpid, TABLE_2_LOCAL_FORWARD, segmentationId,
569 localPort, attachedMac, true);
574 * Match: VLAN ID and dMAC (::::FF:FF)
575 * Action: strip vlan, output to all local ports in this vlan
576 * Example: table=2,priority=16384,vlan_id=0x5,dl_dst=ff:ff:ff:ff:ff:ff \
577 * actions= strip_vlan, output:2,3,4,5
580 //handleLocalVlanBcastOut(dpid, TABLE_2_LOCAL_FORWARD, segmentationId,
581 // localPort, ethPort, true);
582 //handleVlanFloodOut(dpid, TABLE_1_ISOLATE_TENANT, TABLE_2_LOCAL_FORWARD,
583 // segmentationId, localPort, ethport, true);
588 * Match: Any Remaining Flows w/a VLAN ID
589 * Action: Drop w/ a low priority
590 * Example: table=2,priority=8192,vlan_id=0x5 actions=drop
593 //handleLocalVlanTableMiss(dpid, TABLE_2_LOCAL_FORWARD, segmentationId,
597 private void removeLocalVlanRules(Node node, Long dpid,
598 String segmentationId, String attachedMac, long localPort) {
602 * Match: VM sMac and Local Ingress Port
603 * Action: Set VLAN ID and GOTO Local Table 1
606 handleLocalInPortSetVlan(dpid, TABLE_0_DEFAULT_INGRESS,
607 TABLE_1_ISOLATE_TENANT, segmentationId, localPort,
613 * Match: Drop any remaining Ingress Local VM Packets
614 * Action: Drop w/ a low priority
617 handleDropSrcIface(dpid, localPort, false);
622 * Match: Match VLAN ID and Destination DL/dMAC Addr
623 * Action: strip vlan, output to local port
624 * Example: table=2,vlan_id=0x5,dl_dst=00:00:00:00:00:01 actions= strip vlan, output:2
627 handleLocalVlanUcastOut(dpid, TABLE_2_LOCAL_FORWARD, segmentationId,
628 localPort, attachedMac, false);
633 * Match: VLAN ID and dMAC (::::FF:FF)
634 * Action: strip vlan, output to all local ports in this vlan
635 * Example: table=2,priority=16384,vlan_id=0x5,dl_dst=ff:ff:ff:ff:ff:ff \
636 * actions= strip_vlan, output:2,3,4,5
639 //handleLocalVlanBcastOut(dpid, TABLE_2_LOCAL_FORWARD, segmentationId,
640 // localPort, ethPort, false);
641 //handleVlanFloodOut(dpid, TABLE_1_ISOLATE_TENANT, TABLE_2_LOCAL_FORWARD,
642 // segmentationId, localPort, false);
646 private void programLocalIngressVlanRules(Node node, Long dpid, String segmentationId, String attachedMac,
647 long localPort, long ethPort) {
651 * Match: Ingress port = physical interface, Vlan ID
652 * Action: GOTO Local Table 2
655 handleVlanIn(dpid, TABLE_0_DEFAULT_INGRESS, TABLE_2_LOCAL_FORWARD,
656 segmentationId, ethPort, true);
661 * Match: Match VLAN ID and L2 ::::FF:FF Flooding
662 * Action: Flood to local and remote VLAN members
663 * -------------------------------------------
664 * Example: table=1,priority=16384,vlan_id=0x5,dl_dst=ff:ff:ff:ff:ff:ff \
665 * actions=output:10 (eth port),goto_table:2
666 * table=110, priority=16384,dl_vlan=2001,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 actions=output:2,pop_vlan,output:1,output:3,output:4
669 handleLocalVlanBcastOut(dpid, TABLE_2_LOCAL_FORWARD, segmentationId, localPort, ethPort, true);
674 * Match: Match VLAN ID and L2 ::::FF:FF Flooding
675 * Action: Flood to local and remote VLAN members
676 * -------------------------------------------
677 * Example: table=1,priority=16384,vlan_id=0x5,dl_dst=ff:ff:ff:ff:ff:ff \
678 * actions=output:10 (eth port),goto_table:2
681 //handleVlanFloodOut(dpid, TABLE_1_ISOLATE_TENANT, TABLE_2_LOCAL_FORWARD,
682 // segmentationId, ethPort, true);
685 private void programRemoteEgressVlanRules(Node node, Long dpid, String segmentationId,
686 String attachedMac, long ethPort) {
690 * Match: Destination MAC is local VM MAC and vlan id
691 * Action: go to table 2
692 * -------------------------------------------
693 * Example: table=1,vlan_id=0x5,dl_dst=00:00:00:00:00:08 \
694 * actions=goto_table:2
697 //handleVlanOut(dpid, TABLE_1_ISOLATE_TENANT, TABLE_2_LOCAL_FORWARD,
698 // segmentationId, ethPort, attachedMac, true);
704 * Action: Go to table 2
705 * -------------------------------------------
706 * Example: table=1,priority=8192,vlan_id=0x5 actions=output:1,goto_table:2
707 * table=110,priority=8192,dl_vlan=2001 actions=output:2
710 handleVlanMiss(dpid, TABLE_1_ISOLATE_TENANT, TABLE_2_LOCAL_FORWARD, segmentationId, ethPort, true);
713 private void removeRemoteEgressVlanRules(Node node, Long dpid, String segmentationId,
714 String attachedMac, long localPort, long ethPort) {
718 * Match: Destination MAC is local VM MAC and vlan id
719 * Action: go to table 2
720 * -------------------------------------------
721 * Example: table=1,vlan_id=0x5,dl_dst=00:00:00:00:00:08 \
722 * actions=goto_table:2
725 //handleVlanOut(dpid, TABLE_1_ISOLATE_TENANT, TABLE_2_LOCAL_FORWARD,
726 // segmentationId, ethPort, attachedMac, false);
731 * Match: Match VLAN ID and L2 ::::FF:FF Flooding
732 * Action: Flood to local and remote VLAN members
733 * -------------------------------------------
734 * Example: table=1,priority=16384,vlan_id=0x5,dl_dst=ff:ff:ff:ff:ff:ff \
735 * actions=output:10 (eth port),goto_table:2
736 * table=110, priority=16384,dl_vlan=2001,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 actions=output:2,pop_vlan,output:1,output:3,output:4
739 handleLocalVlanBcastOut(dpid, TABLE_2_LOCAL_FORWARD, segmentationId, localPort, ethPort, false);
742 private void removePerVlanRules(Node node, Long dpid, String segmentationId, long localPort, long ethPort) {
746 * Match: Any Remaining Flows w/a VLAN ID
747 * Action: Drop w/ a low priority
748 * Example: table=2,priority=8192,vlan_id=0x5 actions=drop
751 //handleLocalVlanTableMiss(dpid, TABLE_2_LOCAL_FORWARD, segmentationId, false);
756 * Match: Ingress port = physical interface, Vlan ID
757 * Action: GOTO Local Table 2
760 handleVlanIn(dpid, TABLE_0_DEFAULT_INGRESS, TABLE_2_LOCAL_FORWARD, segmentationId, ethPort, false);
765 * Match: Match VLAN ID and L2 ::::FF:FF Flooding
766 * Action: Flood to local and remote VLAN members
767 * -------------------------------------------
768 * Example: table=1,priority=16384,vlan_id=0x5,dl_dst=ff:ff:ff:ff:ff:ff \
769 * actions=output:10 (eth port),goto_table:2
770 * table=110, priority=16384,dl_vlan=2001,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 actions=output:2,pop_vlan,output:1,output:3,output:4
773 //handleLocalVlanBcastOut(dpid, TABLE_2_LOCAL_FORWARD, segmentationId, localPort, ethPort, false);
778 * Match: Match VLAN ID and L2 ::::FF:FF Flooding
779 * Action: Flood to local and remote VLAN members
780 * -------------------------------------------
781 * Example: table=1,priority=16384,vlan_id=0x5,dl_dst=ff:ff:ff:ff:ff:ff \
782 * actions=output:10 (eth port),goto_table:2
785 //handleVlanFloodOut(dpid, TABLE_1_ISOLATE_TENANT, TABLE_2_LOCAL_FORWARD,
786 // segmentationId, ethPort, false);
792 * Action: Go to table 2
793 * -------------------------------------------
794 * Example: table=1,priority=8192,vlan_id=0x5 actions=output:1,goto_table:2
795 * table=110,priority=8192,dl_vlan=2001 actions=output:2
798 handleVlanMiss(dpid, TABLE_1_ISOLATE_TENANT, TABLE_2_LOCAL_FORWARD, segmentationId, ethPort, false);
801 private Long getDpid (Node node, String bridgeUuid) {
802 Preconditions.checkNotNull(ovsdbConfigurationService);
804 Row bridgeRow = ovsdbConfigurationService
805 .getRow(node, ovsdbConfigurationService.getTableName(node, Bridge.class), bridgeUuid);
806 Bridge bridge = ovsdbConfigurationService.getTypedRow(node, Bridge.class, bridgeRow);
807 Set<String> dpids = bridge.getDatapathIdColumn().getData();
808 if (dpids == null || dpids.size() == 0) return 0L;
809 return HexEncode.stringToLong((String) dpids.toArray()[0]);
810 } catch (Exception e) {
811 logger.error("Error finding Bridge's OF DPID", e);
816 private Long getIntegrationBridgeOFDPID (Node node) {
818 String bridgeName = configurationService.getIntegrationBridgeName();
819 String brIntId = this.getInternalBridgeUUID(node, bridgeName);
820 if (brIntId == null) {
821 logger.error("Unable to spot Bridge Identifier for {} in {}", bridgeName, node);
825 return getDpid(node, brIntId);
826 } catch (Exception e) {
827 logger.error("Error finding Integration Bridge's OF DPID", e);
832 private Long getExternalBridgeDpid (Node node) {
834 String bridgeName = configurationService.getExternalBridgeName();
835 String brUuid = this.getInternalBridgeUUID(node, bridgeName);
836 if (brUuid == null) {
837 logger.error("Unable to spot Bridge Identifier for {} in {}", bridgeName, node);
841 return getDpid(node, brUuid);
842 } catch (Exception e) {
843 logger.error("Error finding External Bridge's OF DPID", e);
848 private void programLocalRules (String networkType, String segmentationId, Node node, Interface intf) {
850 Long dpid = this.getIntegrationBridgeOFDPID(node);
852 logger.debug("Openflow Datapath-ID not set for the integration bridge in {}", node);
856 Set<Long> of_ports = intf.getOpenFlowPortColumn().getData();
857 if (of_ports == null || of_ports.size() <= 0) {
858 logger.debug("Could NOT Identify OF value for port {} on {}", intf.getName(), node);
861 long localPort = (Long)of_ports.toArray()[0];
863 Map<String, String> externalIds = intf.getExternalIdsColumn().getData();
864 if (externalIds == null) {
865 logger.error("No external_ids seen in {}", intf);
869 String attachedMac = externalIds.get(Constants.EXTERNAL_ID_VM_MAC);
870 if (attachedMac == null) {
871 logger.error("No AttachedMac seen in {}", intf);
875 /* Program local rules based on network type */
876 if (networkType.equalsIgnoreCase(NetworkHandler.NETWORK_TYPE_VLAN)) {
877 logger.debug("Program local vlan rules for interface {}", intf.getName());
878 programLocalVlanRules(node, dpid, segmentationId, attachedMac, localPort);
880 /* If the network type is tunnel based (VXLAN/GRRE/etc) with Neutron Port Security ACLs */
881 if ((networkType.equalsIgnoreCase(NetworkHandler.NETWORK_TYPE_GRE) || networkType.equalsIgnoreCase
882 (NetworkHandler.NETWORK_TYPE_VXLAN)) && securityServicesManager.isPortSecurityReady(intf)) {
883 logger.debug("Neutron port has a Port Security Group");
884 /* Retrieve the security group UUID from the Neutron Port */
885 NeutronSecurityGroup securityGroupInPort = securityServicesManager.getSecurityGroupInPort(intf);
886 logger.debug("Program Local rules for networkType: {} does contain a Port Security Group: {} " +
887 "to be installed on DPID: {}", networkType, securityGroupInPort, dpid);
888 ingressAclProvider.programPortSecurityACL(node, dpid, segmentationId, attachedMac, localPort,
889 securityGroupInPort);
890 egressAclProvider.programPortSecurityACL(node, dpid, segmentationId, attachedMac, localPort,
891 securityGroupInPort);
893 if (networkType.equalsIgnoreCase(NetworkHandler.NETWORK_TYPE_GRE) ||
894 networkType.equalsIgnoreCase(NetworkHandler.NETWORK_TYPE_VXLAN)) {
895 logger.debug("Program local bridge rules for interface {}", intf.getName());
896 programLocalBridgeRules(node, dpid, segmentationId, attachedMac, localPort);
898 } catch (Exception e) {
899 logger.error("Exception in programming Local Rules for "+intf+" on "+node, e);
903 private void removeLocalRules (String networkType, String segmentationId, Node node, Interface intf) {
905 Long dpid = this.getIntegrationBridgeOFDPID(node);
907 logger.debug("Openflow Datapath-ID not set for the integration bridge in {}", node);
911 Set<Long> of_ports = intf.getOpenFlowPortColumn().getData();
912 if (of_ports == null || of_ports.size() <= 0) {
913 logger.debug("Could NOT Identify OF value for port {} on {}", intf.getName(), node);
916 long localPort = (Long)of_ports.toArray()[0];
918 Map<String, String> externalIds = intf.getExternalIdsColumn().getData();
919 if (externalIds == null) {
920 logger.error("No external_ids seen in {}", intf);
924 String attachedMac = externalIds.get(Constants.EXTERNAL_ID_VM_MAC);
925 if (attachedMac == null) {
926 logger.error("No AttachedMac seen in {}", intf);
930 /* Program local rules based on network type */
931 if (networkType.equalsIgnoreCase(NetworkHandler.NETWORK_TYPE_VLAN)) {
932 logger.debug("Remove local vlan rules for interface {}", intf.getName());
933 removeLocalVlanRules(node, dpid, segmentationId, attachedMac, localPort);
934 } else if (networkType.equalsIgnoreCase(NetworkHandler.NETWORK_TYPE_GRE) ||
935 networkType.equalsIgnoreCase(NetworkHandler.NETWORK_TYPE_VXLAN)) {
936 logger.debug("Remove local bridge rules for interface {}", intf.getName());
937 removeLocalBridgeRules(node, dpid, segmentationId, attachedMac, localPort);
939 } catch (Exception e) {
940 logger.error("Exception in removing Local Rules for "+intf+" on "+node, e);
944 private void programTunnelRules (String tunnelType, String segmentationId, InetAddress dst, Node node,
945 Interface intf, boolean local) {
947 Preconditions.checkNotNull(ovsdbConfigurationService);
951 Long dpid = this.getIntegrationBridgeOFDPID(node);
953 logger.debug("Openflow Datapath-ID not set for the integration bridge in {}", node);
957 Set<Long> of_ports = intf.getOpenFlowPortColumn().getData();
958 if (of_ports == null || of_ports.size() <= 0) {
959 logger.debug("Could NOT Identify OF value for port {} on {}", intf.getName(), node);
962 long localPort = (Long)of_ports.toArray()[0];
964 Map<String, String> externalIds = intf.getExternalIdsColumn().getData();
965 if (externalIds == null) {
966 logger.error("No external_ids seen in {}", intf);
970 String attachedMac = externalIds.get(Constants.EXTERNAL_ID_VM_MAC);
971 if (attachedMac == null) {
972 logger.error("No AttachedMac seen in {}", intf);
976 Map<String, Row> intfs = ovsdbConfigurationService.getRows(node, ovsdbConfigurationService.getTableName(node, Interface.class));
978 for (Row row : intfs.values()) {
979 Interface tunIntf = ovsdbConfigurationService.getTypedRow(node, Interface.class, row);
980 if (tunIntf.getName().equals(this.getTunnelName(tunnelType, dst))) {
981 of_ports = tunIntf.getOpenFlowPortColumn().getData();
982 if (of_ports == null || of_ports.size() <= 0) {
983 logger.debug("Could NOT Identify Tunnel port {} on {}", tunIntf.getName(), node);
986 long tunnelOFPort = (Long)of_ports.toArray()[0];
988 if (tunnelOFPort == -1) {
989 logger.error("Could NOT Identify Tunnel port {} -> OF ({}) on {}", tunIntf.getName(), tunnelOFPort, node);
992 logger.debug("Identified Tunnel port {} -> OF ({}) on {}", tunIntf.getName(), tunnelOFPort, node);
995 programRemoteEgressTunnelBridgeRules(node, dpid, segmentationId, attachedMac, tunnelOFPort, localPort);
997 logger.trace("program local ingress tunnel rules: node" + node.getNodeIDString() + " intf " + intf.getName());
999 programLocalIngressTunnelBridgeRules(node, dpid, segmentationId, attachedMac, tunnelOFPort, localPort);
1005 } catch (Exception e) {
1006 logger.error("", e);
1010 private void removeTunnelRules (String tunnelType, String segmentationId, InetAddress dst, Node node,
1011 Interface intf, boolean local, boolean isLastInstanceOnNode) {
1013 Preconditions.checkNotNull(ovsdbConfigurationService);
1016 Long dpid = this.getIntegrationBridgeOFDPID(node);
1018 logger.debug("Openflow Datapath-ID not set for the integration bridge in {}", node);
1022 Set<Long> of_ports = intf.getOpenFlowPortColumn().getData();
1023 if (of_ports == null || of_ports.size() <= 0) {
1024 logger.error("Could NOT Identify OF value for port {} on {}", intf.getName(), node);
1027 long localPort = (Long)of_ports.toArray()[0];
1029 Map<String, String> externalIds = intf.getExternalIdsColumn().getData();
1030 if (externalIds == null) {
1031 logger.error("No external_ids seen in {}", intf);
1035 String attachedMac = externalIds.get(Constants.EXTERNAL_ID_VM_MAC);
1036 if (attachedMac == null) {
1037 logger.error("No AttachedMac seen in {}", intf);
1041 Map<String, Row> intfs = ovsdbConfigurationService.getRows(node, ovsdbConfigurationService.getTableName(node, Interface.class));
1042 if (intfs != null) {
1043 for (Row row : intfs.values()) {
1044 Interface tunIntf = ovsdbConfigurationService.getTypedRow(node, Interface.class, row);
1045 if (tunIntf.getName().equals(this.getTunnelName(tunnelType, dst))) {
1046 of_ports = tunIntf.getOpenFlowPortColumn().getData();
1047 if (of_ports == null || of_ports.size() <= 0) {
1048 logger.error("Could NOT Identify Tunnel port {} on {}", tunIntf.getName(), node);
1051 long tunnelOFPort = (Long)of_ports.toArray()[0];
1053 if (tunnelOFPort == -1) {
1054 logger.error("Could NOT Identify Tunnel port {} -> OF ({}) on {}", tunIntf.getName(), tunnelOFPort, node);
1057 logger.debug("Identified Tunnel port {} -> OF ({}) on {}", tunIntf.getName(), tunnelOFPort, node);
1060 removeRemoteEgressTunnelBridgeRules(node, dpid, segmentationId, attachedMac, tunnelOFPort, localPort);
1062 if (local && isLastInstanceOnNode) {
1063 removePerTunnelRules(node, dpid, segmentationId, tunnelOFPort);
1069 } catch (Exception e) {
1070 logger.error("", e);
1074 private void programVlanRules (NeutronNetwork network, Node node, Interface intf) {
1075 Preconditions.checkNotNull(ovsdbConfigurationService);
1076 logger.debug("Program vlan rules for interface {}", intf.getName());
1079 Long dpid = this.getIntegrationBridgeOFDPID(node);
1081 logger.debug("Openflow Datapath-ID not set for the integration bridge in {}", node);
1085 Set<Long> of_ports = intf.getOpenFlowPortColumn().getData();
1087 while ((of_ports == null) && (timeout > 0)) {
1088 of_ports = intf.getOpenFlowPortColumn().getData();
1089 if (of_ports == null || of_ports.size() <= 0) {
1090 // Wait for the OVSDB update to sync up the Local cache.
1095 if (of_ports == null || of_ports.size() <= 0) {
1096 logger.error("Could NOT Identify OF value for port {} on {}", intf.getName(), node);
1099 long localPort = (Long)of_ports.toArray()[0];
1101 Map<String, String> externalIds = intf.getExternalIdsColumn().getData();
1102 if (externalIds == null) {
1103 logger.error("No external_ids seen in {}", intf);
1107 String attachedMac = externalIds.get(Constants.EXTERNAL_ID_VM_MAC);
1108 if (attachedMac == null) {
1109 logger.error("No AttachedMac seen in {}", intf);
1113 Map<String, Row> intfs = ovsdbConfigurationService.getRows(node, ovsdbConfigurationService.getTableName(node, Interface.class));
1114 if (intfs != null) {
1115 for (Row row : intfs.values()) {
1116 Interface ethIntf = ovsdbConfigurationService.getTypedRow(node, Interface.class, row);
1117 if (ethIntf.getName().equalsIgnoreCase(bridgeConfigurationManager.getPhysicalInterfaceName(node, network.getProviderPhysicalNetwork()))) {
1118 of_ports = ethIntf.getOpenFlowPortColumn().getData();
1120 while ((of_ports == null) && (timeout > 0)) {
1121 of_ports = ethIntf.getOpenFlowPortColumn().getData();
1122 if (of_ports == null || of_ports.size() <= 0) {
1123 // Wait for the OVSDB update to sync up the Local cache.
1129 if (of_ports == null || of_ports.size() <= 0) {
1130 logger.error("Could NOT Identify eth port {} on {}", ethIntf.getName(), node);
1133 long ethOFPort = (Long)of_ports.toArray()[0];
1135 if (ethOFPort == -1) {
1136 logger.error("Could NOT Identify eth port {} -> OF ({}) on {}", ethIntf.getName(), ethOFPort, node);
1137 throw new Exception("port number < 0");
1139 logger.debug("Identified eth port {} -> OF ({}) on {}", ethIntf.getName(), ethOFPort, node);
1140 // TODO: add logic to only add rule on remote nodes
1141 programRemoteEgressVlanRules(node, dpid, network.getProviderSegmentationID(), attachedMac, ethOFPort);
1142 programLocalIngressVlanRules(node, dpid, network.getProviderSegmentationID(), attachedMac, localPort, ethOFPort);
1147 } catch (Exception e) {
1148 logger.error("", e);
1152 private void removeVlanRules (NeutronNetwork network, Node node,
1153 Interface intf, boolean isLastInstanceOnNode) {
1154 Preconditions.checkNotNull(ovsdbConfigurationService);
1155 logger.debug("Remove vlan rules for interface {}", intf.getName());
1159 Long dpid = this.getIntegrationBridgeOFDPID(node);
1161 logger.debug("Openflow Datapath-ID not set for the integration bridge in {}", node);
1165 Set<Long> of_ports = intf.getOpenFlowPortColumn().getData();
1166 if (of_ports == null || of_ports.size() <= 0) {
1167 logger.error("Could NOT Identify OF value for port {} on {}", intf.getName(), node);
1170 long localPort = (Long)of_ports.toArray()[0];
1172 Map<String, String> externalIds = intf.getExternalIdsColumn().getData();
1173 if (externalIds == null) {
1174 logger.error("No external_ids seen in {}", intf);
1178 String attachedMac = externalIds.get(Constants.EXTERNAL_ID_VM_MAC);
1179 if (attachedMac == null) {
1180 logger.error("No AttachedMac seen in {}", intf);
1184 Map<String, Row> intfs = ovsdbConfigurationService.getRows(node, ovsdbConfigurationService.getTableName(node, Interface.class));
1185 if (intfs != null) {
1186 for (Row row : intfs.values()) {
1187 Interface ethIntf = ovsdbConfigurationService.getTypedRow(node, Interface.class, row);
1188 if (ethIntf.getName().equalsIgnoreCase(bridgeConfigurationManager.getPhysicalInterfaceName(node,
1189 network.getProviderPhysicalNetwork()))) {
1190 of_ports = ethIntf.getOpenFlowPortColumn().getData();
1191 if (of_ports == null || of_ports.size() <= 0) {
1192 logger.error("Could NOT Identify eth port {} on {}", ethIntf.getName(), node);
1195 long ethOFPort = (Long)of_ports.toArray()[0];
1197 if (ethOFPort == -1) {
1198 logger.error("Could NOT Identify eth port {} -> OF ({}) on {}", ethIntf.getName(), ethOFPort, node);
1199 throw new Exception("port number < 0");
1201 logger.debug("Identified eth port {} -> OF ({}) on {}", ethIntf.getName(), ethOFPort, node);
1203 removeRemoteEgressVlanRules(node, dpid, network.getProviderSegmentationID(), attachedMac, localPort, ethOFPort);
1204 if (isLastInstanceOnNode) {
1205 removePerVlanRules(node, dpid, network.getProviderSegmentationID(), localPort, ethOFPort);
1211 } catch (Exception e) {
1212 logger.error("", e);
1217 public Status handleInterfaceUpdate(NeutronNetwork network, Node srcNode, Interface intf) {
1218 Preconditions.checkNotNull(connectionService);
1219 List<Node> nodes = connectionService.getNodes();
1220 nodes.remove(srcNode);
1221 this.programLocalRules(network.getProviderNetworkType(), network.getProviderSegmentationID(), srcNode, intf);
1223 if (network.getProviderNetworkType().equalsIgnoreCase(NetworkHandler.NETWORK_TYPE_VLAN)) {
1224 this.programVlanRules(network, srcNode, intf);
1225 } else if (network.getProviderNetworkType().equalsIgnoreCase(NetworkHandler.NETWORK_TYPE_GRE)
1226 || network.getProviderNetworkType().equalsIgnoreCase(NetworkHandler.NETWORK_TYPE_VXLAN)){
1227 for (Node dstNode : nodes) {
1228 InetAddress src = configurationService.getTunnelEndPoint(srcNode);
1229 InetAddress dst = configurationService.getTunnelEndPoint(dstNode);
1230 Status status = addTunnelPort(srcNode, network.getProviderNetworkType(), src, dst);
1231 if (status.isSuccess()) {
1232 this.programTunnelRules(network.getProviderNetworkType(), network.getProviderSegmentationID(), dst, srcNode, intf, true);
1234 addTunnelPort(dstNode, network.getProviderNetworkType(), dst, src);
1235 if (status.isSuccess()) {
1236 this.programTunnelRules(network.getProviderNetworkType(), network.getProviderSegmentationID(), src, dstNode, intf, false);
1241 return new Status(StatusCode.SUCCESS);
1244 private Status triggerInterfaceUpdates(Node node) {
1245 Preconditions.checkNotNull(ovsdbConfigurationService);
1247 Map<String, Row> intfs = ovsdbConfigurationService.getRows(node, ovsdbConfigurationService.getTableName(node, Interface.class));
1248 if (intfs != null) {
1249 for (Row row : intfs.values()) {
1250 Interface intf = ovsdbConfigurationService.getTypedRow(node, Interface.class, row);
1251 NeutronNetwork network = tenantNetworkManager.getTenantNetwork(intf);
1252 logger.debug("Trigger Interface update for {}", intf);
1253 if (network != null) {
1254 this.handleInterfaceUpdate(network, node, intf);
1258 } catch (Exception e) {
1259 logger.error("Error Triggering the lost interface updates for "+ node, e);
1260 return new Status(StatusCode.INTERNALERROR, e.getLocalizedMessage());
1262 return new Status(StatusCode.SUCCESS);
1265 public Status handleInterfaceUpdate(String tunnelType, String tunnelKey) {
1266 // TODO Auto-generated method stub
1271 public Status handleInterfaceDelete(String tunnelType, NeutronNetwork network, Node srcNode, Interface intf,
1272 boolean isLastInstanceOnNode) {
1273 Preconditions.checkNotNull(connectionService);
1274 Status status = new Status(StatusCode.SUCCESS);
1275 List<Node> nodes = connectionService.getNodes();
1276 nodes.remove(srcNode);
1278 logger.info("Delete intf " + intf.getName() + " isLastInstanceOnNode " + isLastInstanceOnNode);
1279 List<String> phyIfName = bridgeConfigurationManager.getAllPhysicalInterfaceNames(srcNode);
1280 if (intf.getTypeColumn().getData().equalsIgnoreCase(NetworkHandler.NETWORK_TYPE_VXLAN)
1281 || intf.getTypeColumn().getData().equalsIgnoreCase(NetworkHandler.NETWORK_TYPE_GRE)) {
1282 /* Delete tunnel port */
1284 Map<String, String> options = intf.getOptionsColumn().getData();
1285 InetAddress src = InetAddress.getByName(options.get("local_ip"));
1286 InetAddress dst = InetAddress.getByName(options.get("remote_ip"));
1287 status = deleteTunnelPort(srcNode, intf.getTypeColumn().getData(), src, dst);
1288 } catch (Exception e) {
1289 logger.error(e.getMessage(), e);
1291 } else if (phyIfName.contains(intf.getName())) {
1292 deletePhysicalPort(srcNode, intf.getName());
1294 /* delete all other interfaces */
1295 this.removeLocalRules(network.getProviderNetworkType(), network.getProviderSegmentationID(),
1298 if (network.getProviderNetworkType().equalsIgnoreCase(NetworkHandler.NETWORK_TYPE_VLAN)) {
1299 this.removeVlanRules(network, srcNode,
1300 intf, isLastInstanceOnNode);
1301 } else if (network.getProviderNetworkType().equalsIgnoreCase(NetworkHandler.NETWORK_TYPE_GRE)
1302 || network.getProviderNetworkType().equalsIgnoreCase(NetworkHandler.NETWORK_TYPE_VXLAN)) {
1304 for (Node dstNode : nodes) {
1305 InetAddress src = configurationService.getTunnelEndPoint(srcNode);
1306 InetAddress dst = configurationService.getTunnelEndPoint(dstNode);
1307 logger.info("Remove tunnel rules for interface " + intf.getName() + " on srcNode " + srcNode.getNodeIDString());
1308 this.removeTunnelRules(tunnelType, network.getProviderSegmentationID(),
1309 dst, srcNode, intf, true, isLastInstanceOnNode);
1310 logger.info("Remove tunnel rules for interface " + intf.getName() + " on dstNode " + dstNode.getNodeIDString());
1311 this.removeTunnelRules(tunnelType, network.getProviderSegmentationID(),
1312 src, dstNode, intf, false, isLastInstanceOnNode);
1320 public void initializeFlowRules(Node node) {
1321 this.initializeFlowRules(node, configurationService.getIntegrationBridgeName());
1322 this.initializeFlowRules(node, configurationService.getExternalBridgeName());
1323 this.triggerInterfaceUpdates(node);
1326 private void initializeFlowRules(Node node, String bridgeName) {
1327 String bridgeUuid = this.getInternalBridgeUUID(node, bridgeName);
1328 if (bridgeUuid == null) {
1332 Long dpid = getDpid(node, bridgeUuid);
1335 logger.debug("Openflow Datapath-ID not set for the integration bridge in {}", node);
1342 * Match: LLDP (0x88CCL)
1343 * Action: Packet_In to Controller Reserved Port
1346 writeLLDPRule(dpid);
1347 if (bridgeName.equals(configurationService.getExternalBridgeName())) {
1348 writeNormalRule(dpid);
1353 * Create an LLDP Flow Rule to encapsulate into
1354 * a packet_in that is sent to the controller
1355 * for topology handling.
1356 * Match: Ethertype 0x88CCL
1357 * Action: Punt to Controller in a Packet_In msg
1360 private void writeLLDPRule(Long dpidLong) {
1361 classifierProvider.programLLDPPuntRule(dpidLong);
1365 * Create a NORMAL Table Miss Flow Rule
1367 * Action: forward to NORMAL pipeline
1370 private void writeNormalRule(Long dpidLong) {
1372 String nodeName = OPENFLOW + dpidLong;
1374 MatchBuilder matchBuilder = new MatchBuilder();
1375 NodeBuilder nodeBuilder = createNodeBuilder(nodeName);
1376 FlowBuilder flowBuilder = new FlowBuilder();
1378 // Create the OF Actions and Instructions
1379 InstructionBuilder ib = new InstructionBuilder();
1380 InstructionsBuilder isb = new InstructionsBuilder();
1382 // Instructions List Stores Individual Instructions
1383 List<Instruction> instructions = Lists.newArrayList();
1385 // Call the InstructionBuilder Methods Containing Actions
1386 InstructionUtils.createNormalInstructions(ib);
1388 ib.setKey(new InstructionKey(0));
1389 instructions.add(ib.build());
1391 // Add InstructionBuilder to the Instruction(s)Builder List
1392 isb.setInstruction(instructions);
1394 // Add InstructionsBuilder to FlowBuilder
1395 flowBuilder.setInstructions(isb.build());
1397 String flowId = "NORMAL";
1398 flowBuilder.setId(new FlowId(flowId));
1399 FlowKey key = new FlowKey(new FlowId(flowId));
1400 flowBuilder.setMatch(matchBuilder.build());
1401 flowBuilder.setPriority(0);
1402 flowBuilder.setBarrier(true);
1403 flowBuilder.setTableId((short) 0);
1404 flowBuilder.setKey(key);
1405 flowBuilder.setFlowName(flowId);
1406 flowBuilder.setHardTimeout(0);
1407 flowBuilder.setIdleTimeout(0);
1408 writeFlow(flowBuilder, nodeBuilder);
1412 * (Table:0) Ingress Tunnel Traffic
1413 * Match: OpenFlow InPort and Tunnel ID
1414 * Action: GOTO Local Table (10)
1415 * table=0,tun_id=0x5,in_port=10, actions=goto_table:2
1418 private void handleTunnelIn(Long dpidLong, Short writeTable,
1419 Short goToTableId, String segmentationId,
1420 Long ofPort, boolean write) {
1421 classifierProvider.programTunnelIn(dpidLong, segmentationId, ofPort, write);
1425 * (Table:0) Ingress VLAN Traffic
1426 * Match: OpenFlow InPort and vlan ID
1427 * Action: GOTO Local Table (20)
1428 * table=0,vlan_id=0x5,in_port=10, actions=goto_table:2
1431 private void handleVlanIn(Long dpidLong, Short writeTable, Short goToTableId,
1432 String segmentationId, Long ethPort, boolean write) {
1433 classifierProvider.programVlanIn(dpidLong, segmentationId, ethPort, write);
1437 * (Table:0) Egress VM Traffic Towards TEP
1438 * Match: Destination Ethernet Addr and OpenFlow InPort
1439 * Instruction: Set TunnelID and GOTO Table Tunnel Table (n)
1440 * table=0,in_port=2,dl_src=00:00:00:00:00:01 \
1441 * actions=set_field:5->tun_id,goto_table=1"
1444 private void handleLocalInPort(Long dpidLong, Short writeTable, Short goToTableId,
1445 String segmentationId, Long inPort, String attachedMac,
1447 classifierProvider.programLocalInPort(dpidLong, segmentationId, inPort, attachedMac, write);
1451 * (Table:0) Egress VM Traffic Towards TEP
1452 * Match: Source Ethernet Addr and OpenFlow InPort
1453 * Instruction: Set VLANID and GOTO Table Egress (n)
1454 * table=0,in_port=2,dl_src=00:00:00:00:00:01 \
1455 * actions=push_vlan, set_field:5->vlan_id,goto_table=1"
1458 private void handleLocalInPortSetVlan(Long dpidLong, Short writeTable,
1459 Short goToTableId, String segmentationId,
1460 Long inPort, String attachedMac,
1462 classifierProvider.programLocalInPortSetVlan(dpidLong, segmentationId, inPort, attachedMac, write);
1466 * (Table:0) Drop frames source from a VM that do not
1467 * match the associated MAC address of the local VM.
1468 * Match: Low priority anything not matching the VM SMAC
1470 * table=0,priority=16384,in_port=1 actions=drop"
1473 private void handleDropSrcIface(Long dpidLong, Long inPort, boolean write) {
1474 classifierProvider.programDropSrcIface(dpidLong, inPort, write);
1478 * (Table:1) Egress Tunnel Traffic
1479 * Match: Destination Ethernet Addr and Local InPort
1480 * Instruction: Set TunnelID and GOTO Table Tunnel Table (n)
1481 * table=1,tun_id=0x5,dl_dst=00:00:00:00:00:08 \
1482 * actions=output:10,goto_table:2"
1484 private void handleTunnelOut(Long dpidLong, Short writeTable,
1485 Short goToTableId, String segmentationId,
1486 Long OFPortOut, String attachedMac,
1488 l2ForwardingProvider.programTunnelOut(dpidLong, segmentationId, OFPortOut, attachedMac, write);
1492 * (Table:1) Egress VLAN Traffic
1493 * Match: Destination Ethernet Addr and VLAN id
1494 * Instruction: GOTO Table Table 2
1495 * table=1,vlan_id=0x5,dl_dst=00:00:00:00:00:08 \
1496 * actions= goto_table:2"
1499 private void handleVlanOut(Long dpidLong, Short writeTable,
1500 Short goToTableId, String segmentationId,
1501 Long ethPort, String attachedMac, boolean write) {
1502 l2ForwardingProvider.programVlanOut(dpidLong, segmentationId, ethPort, attachedMac, write);
1506 * (Table:1) Egress Tunnel Traffic
1507 * Match: Destination Ethernet Addr and Local InPort
1508 * Instruction: Set TunnelID and GOTO Table Tunnel Table (n)
1509 * table=1,priority=16384,tun_id=0x5,dl_dst=ff:ff:ff:ff:ff:ff \
1510 * actions=output:10,output:11,goto_table:2
1513 private void handleTunnelFloodOut(Long dpidLong, Short writeTable,
1514 Short localTable, String segmentationId,
1515 Long OFPortOut, boolean write) {
1516 l2ForwardingProvider.programTunnelFloodOut(dpidLong, segmentationId, OFPortOut, write);
1520 * (Table:1) Egress VLAN Traffic
1521 * Match: Destination Ethernet Addr and VLAN id
1522 * Instruction: GOTO table 2 and Output port eth interface
1523 * Example: table=1,priority=16384,vlan_id=0x5,dl_dst=ff:ff:ff:ff:ff:ff \
1524 * actions=output:eth1,goto_table:2
1527 private void handleVlanFloodOut(Long dpidLong, Short writeTable,
1528 Short localTable, String segmentationId,
1529 Long localPort, Long ethPort, boolean write) {
1530 //l2ForwardingProvider.programVlanFloodOut(dpidLong, segmentationId, localPort, ethPort, write);
1534 * (Table:1) Table Drain w/ Catch All
1536 * Action: GOTO Local Table (10)
1537 * table=2,priority=8192,tun_id=0x5 actions=drop
1540 private void handleTunnelMiss(Long dpidLong, Short writeTable,
1541 Short goToTableId, String segmentationId,
1543 l2ForwardingProvider.programTunnelMiss(dpidLong, segmentationId, write);
1548 * (Table:1) Table Drain w/ Catch All
1550 * Action: Output port eth interface
1551 * table=1,priority=8192,vlan_id=0x5 actions= output port:eth1
1552 * table=110,priority=8192,dl_vlan=2001 actions=output:2
1555 private void handleVlanMiss(Long dpidLong, Short writeTable,
1556 Short goToTableId, String segmentationId,
1557 Long ethPort, boolean write) {
1558 l2ForwardingProvider.programVlanMiss(dpidLong, segmentationId, ethPort, write);
1562 * (Table:1) Local Broadcast Flood
1563 * Match: Tunnel ID and dMAC
1564 * Action: Output Port
1565 * table=2,tun_id=0x5,dl_dst=00:00:00:00:00:01 actions=output:2
1568 private void handleLocalUcastOut(Long dpidLong, Short writeTable,
1569 String segmentationId, Long localPort,
1570 String attachedMac, boolean write) {
1571 l2ForwardingProvider.programLocalUcastOut(dpidLong, segmentationId, localPort, attachedMac, write);
1575 * (Table:2) Local VLAN unicast
1576 * Match: VLAN ID and dMAC
1577 * Action: Output Port
1578 * table=2,vlan_id=0x5,dl_dst=00:00:00:00:00:01 actions=output:2
1581 private void handleLocalVlanUcastOut(Long dpidLong, Short writeTable,
1582 String segmentationId, Long localPort,
1583 String attachedMac, boolean write) {
1584 l2ForwardingProvider.programLocalVlanUcastOut(dpidLong, segmentationId, localPort, attachedMac, write);
1588 * (Table:2) Local Broadcast Flood
1589 * Match: Tunnel ID and dMAC (::::FF:FF)
1590 * table=2,priority=16384,tun_id=0x5,dl_dst=ff:ff:ff:ff:ff:ff \
1591 * actions=output:2,3,4,5
1594 private void handleLocalBcastOut(Long dpidLong, Short writeTable,
1595 String segmentationId, Long localPort,
1597 l2ForwardingProvider.programLocalBcastOut(dpidLong, segmentationId, localPort, write);
1601 * (Table:2) Local VLAN Broadcast Flood
1602 * Match: vlan ID and dMAC (::::FF:FF)
1603 * table=2,priority=16384,vlan_id=0x5,dl_dst=ff:ff:ff:ff:ff:ff \
1604 * actions=strip_vlan, output:2,3,4,5
1605 * table=110,dl_vlan=2001,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 actions=output:2,pop_vlan,output:1,output:3,output:4
1608 private void handleLocalVlanBcastOut(Long dpidLong, Short writeTable, String segmentationId,
1609 Long localPort, Long ethPort, boolean write) {
1610 l2ForwardingProvider.programLocalVlanBcastOut(dpidLong, segmentationId, localPort, ethPort, write);
1614 * (Table:1) Local Table Miss
1615 * Match: Any Remaining Flows w/a TunID
1616 * Action: Drop w/ a low priority
1617 * table=2,priority=8192,tun_id=0x5 actions=drop
1620 private void handleLocalTableMiss(Long dpidLong, Short writeTable,
1621 String segmentationId, boolean write) {
1622 l2ForwardingProvider.programLocalTableMiss(dpidLong, segmentationId, write);
1626 * (Table:1) Local Table Miss
1627 * Match: Any Remaining Flows w/a VLAN ID
1628 * Action: Drop w/ a low priority
1629 * table=2,priority=8192,vlan_id=0x5 actions=drop
1632 private void handleLocalVlanTableMiss(Long dpidLong, Short writeTable,
1633 String segmentationId, boolean write) {
1634 l2ForwardingProvider.programLocalVlanTableMiss(dpidLong, segmentationId, write);
1637 private Group getGroup(GroupBuilder groupBuilder, NodeBuilder nodeBuilder) {
1638 Preconditions.checkNotNull(mdsalConsumer);
1639 if (mdsalConsumer == null) {
1640 logger.error("ERROR finding MDSAL Service. Its possible that writeFlow is called too soon ?");
1644 dataBroker = mdsalConsumer.getDataBroker();
1645 if (dataBroker == null) {
1646 logger.error("ERROR finding reference for DataBroker. Please check MD-SAL support on the Controller.");
1650 InstanceIdentifier<Group> path1 = InstanceIdentifier.builder(Nodes.class).child(org.opendaylight.yang.gen.v1.urn.opendaylight.inventory
1651 .rev130819.nodes.Node.class, nodeBuilder.getKey()).augmentation(FlowCapableNode.class).child(Group.class,
1652 new GroupKey(groupBuilder.getGroupId())).build();
1653 ReadOnlyTransaction readTx = dataBroker.newReadOnlyTransaction();
1655 Optional<Group> data = readTx.read(LogicalDatastoreType.CONFIGURATION, path1).get();
1656 if (data.isPresent()) {
1659 } catch (InterruptedException|ExecutionException e) {
1660 logger.error(e.getMessage(), e);
1663 logger.debug("Cannot find data for Group " + groupBuilder.getGroupName());
1667 private void writeGroup(GroupBuilder groupBuilder, NodeBuilder nodeBuilder) {
1668 Preconditions.checkNotNull(mdsalConsumer);
1669 if (mdsalConsumer == null) {
1670 logger.error("ERROR finding MDSAL Service. Its possible that writeFlow is called too soon ?");
1674 dataBroker = mdsalConsumer.getDataBroker();
1675 if (dataBroker == null) {
1676 logger.error("ERROR finding reference for DataBroker. Please check MD-SAL support on the Controller.");
1680 ReadWriteTransaction modification = dataBroker.newReadWriteTransaction();
1681 InstanceIdentifier<Group> path1 = InstanceIdentifier.builder(Nodes.class).child(org.opendaylight.yang.gen.v1.urn.opendaylight.inventory
1682 .rev130819.nodes.Node.class, nodeBuilder.getKey()).augmentation(FlowCapableNode.class).child(Group.class,
1683 new GroupKey(groupBuilder.getGroupId())).build();
1684 modification.put(LogicalDatastoreType.CONFIGURATION, path1, groupBuilder.build(), true /*createMissingParents*/);
1686 CheckedFuture<Void, TransactionCommitFailedException> commitFuture = modification.submit();
1688 commitFuture.get(); // TODO: Make it async (See bug 1362)
1689 logger.debug("Transaction success for write of Group "+groupBuilder.getGroupName());
1690 } catch (InterruptedException|ExecutionException e) {
1691 logger.error(e.getMessage(), e);
1695 private void removeGroup(GroupBuilder groupBuilder, NodeBuilder nodeBuilder) {
1696 Preconditions.checkNotNull(mdsalConsumer);
1697 if (mdsalConsumer == null) {
1698 logger.error("ERROR finding MDSAL Service. Its possible that writeFlow is called too soon ?");
1702 dataBroker = mdsalConsumer.getDataBroker();
1703 if (dataBroker == null) {
1704 logger.error("ERROR finding reference for DataBroker. Please check MD-SAL support on the Controller.");
1708 WriteTransaction modification = dataBroker.newWriteOnlyTransaction();
1709 InstanceIdentifier<Group> path1 = InstanceIdentifier.builder(Nodes.class).child(org.opendaylight.yang.gen.v1.urn.opendaylight.inventory
1710 .rev130819.nodes.Node.class, nodeBuilder.getKey()).augmentation(FlowCapableNode.class).child(Group.class,
1711 new GroupKey(groupBuilder.getGroupId())).build();
1712 modification.delete(LogicalDatastoreType.CONFIGURATION, path1);
1713 CheckedFuture<Void, TransactionCommitFailedException> commitFuture = modification.submit();
1716 commitFuture.get(); // TODO: Make it async (See bug 1362)
1717 logger.debug("Transaction success for deletion of Group "+groupBuilder.getGroupName());
1718 } catch (InterruptedException|ExecutionException e) {
1719 logger.error(e.getMessage(), e);
1722 private Flow getFlow(FlowBuilder flowBuilder, NodeBuilder nodeBuilder) {
1723 Preconditions.checkNotNull(mdsalConsumer);
1724 if (mdsalConsumer == null) {
1725 logger.error("ERROR finding MDSAL Service. Its possible that writeFlow is called too soon ?");
1729 dataBroker = mdsalConsumer.getDataBroker();
1730 if (dataBroker == null) {
1731 logger.error("ERROR finding reference for DataBroker. Please check MD-SAL support on the Controller.");
1735 InstanceIdentifier<Flow> path1 = InstanceIdentifier.builder(Nodes.class).child(org.opendaylight.yang.gen.v1.urn.opendaylight.inventory
1736 .rev130819.nodes.Node.class, nodeBuilder.getKey()).augmentation(FlowCapableNode.class).child(Table.class,
1737 new TableKey(flowBuilder.getTableId())).child(Flow.class, flowBuilder.getKey()).build();
1739 ReadOnlyTransaction readTx = dataBroker.newReadOnlyTransaction();
1741 Optional<Flow> data = readTx.read(LogicalDatastoreType.CONFIGURATION, path1).get();
1742 if (data.isPresent()) {
1745 } catch (InterruptedException|ExecutionException e) {
1746 logger.error(e.getMessage(), e);
1749 logger.debug("Cannot find data for Flow " + flowBuilder.getFlowName());
1753 private void writeFlow(FlowBuilder flowBuilder, NodeBuilder nodeBuilder) {
1754 Preconditions.checkNotNull(mdsalConsumer);
1755 if (mdsalConsumer == null) {
1756 logger.error("ERROR finding MDSAL Service. Its possible that writeFlow is called too soon ?");
1760 dataBroker = mdsalConsumer.getDataBroker();
1761 if (dataBroker == null) {
1762 logger.error("ERROR finding reference for DataBroker. Please check MD-SAL support on the Controller.");
1766 ReadWriteTransaction modification = dataBroker.newReadWriteTransaction();
1767 InstanceIdentifier<Flow> path1 = InstanceIdentifier.builder(Nodes.class).child(org.opendaylight.yang.gen.v1.urn.opendaylight.inventory
1768 .rev130819.nodes.Node.class, nodeBuilder.getKey()).augmentation(FlowCapableNode.class).child(Table.class,
1769 new TableKey(flowBuilder.getTableId())).child(Flow.class, flowBuilder.getKey()).build();
1771 //modification.put(LogicalDatastoreType.OPERATIONAL, path1, flowBuilder.build());
1772 modification.put(LogicalDatastoreType.CONFIGURATION, path1, flowBuilder.build(), true /*createMissingParents*/);
1775 CheckedFuture<Void, TransactionCommitFailedException> commitFuture = modification.submit();
1777 commitFuture.get(); // TODO: Make it async (See bug 1362)
1778 logger.debug("Transaction success for write of Flow "+flowBuilder.getFlowName());
1779 } catch (InterruptedException|ExecutionException e) {
1780 logger.error(e.getMessage(), e);
1784 private void removeFlow(FlowBuilder flowBuilder, NodeBuilder nodeBuilder) {
1785 Preconditions.checkNotNull(mdsalConsumer);
1786 if (mdsalConsumer == null) {
1787 logger.error("ERROR finding MDSAL Service.");
1791 dataBroker = mdsalConsumer.getDataBroker();
1792 if (dataBroker == null) {
1793 logger.error("ERROR finding reference for DataBroker. Please check MD-SAL support on the Controller.");
1797 WriteTransaction modification = dataBroker.newWriteOnlyTransaction();
1798 InstanceIdentifier<Flow> path1 = InstanceIdentifier.builder(Nodes.class)
1799 .child(org.opendaylight.yang.gen.v1.urn.opendaylight.inventory
1800 .rev130819.nodes.Node.class, nodeBuilder.getKey())
1801 .augmentation(FlowCapableNode.class).child(Table.class,
1802 new TableKey(flowBuilder.getTableId())).child(Flow.class, flowBuilder.getKey()).build();
1803 //modification.delete(LogicalDatastoreType.OPERATIONAL, nodeBuilderToInstanceId(nodeBuilder));
1804 //modification.delete(LogicalDatastoreType.OPERATIONAL, path1);
1805 //modification.delete(LogicalDatastoreType.CONFIGURATION, nodeBuilderToInstanceId(nodeBuilder));
1806 modification.delete(LogicalDatastoreType.CONFIGURATION, path1);
1808 CheckedFuture<Void, TransactionCommitFailedException> commitFuture = modification.submit();
1810 commitFuture.get(); // TODO: Make it async (See bug 1362)
1811 logger.debug("Transaction success for deletion of Flow "+flowBuilder.getFlowName());
1812 } catch (InterruptedException|ExecutionException e) {
1813 logger.error(e.getMessage(), e);
1818 * Create Output Port Group Instruction
1820 * @param ib Map InstructionBuilder without any instructions
1821 * @param dpidLong Long the datapath ID of a switch/node
1822 * @param port Long representing a port on a switch/node
1823 * @return ib InstructionBuilder Map with instructions
1825 protected InstructionBuilder createOutputGroupInstructions(NodeBuilder nodeBuilder,
1826 InstructionBuilder ib,
1827 Long dpidLong, Long port ,
1828 List<Instruction> instructions) {
1829 NodeConnectorId ncid = new NodeConnectorId(OPENFLOW + dpidLong + ":" + port);
1830 logger.debug("createOutputGroupInstructions() Node Connector ID is - Type=openflow: DPID={} port={} existingInstructions={}", dpidLong, port, instructions);
1832 List<Action> actionList = Lists.newArrayList();
1833 ActionBuilder ab = new ActionBuilder();
1835 List<Action> existingActions;
1836 if (instructions != null) {
1837 for (Instruction in : instructions) {
1838 if (in.getInstruction() instanceof ApplyActionsCase) {
1839 existingActions = (((ApplyActionsCase) in.getInstruction()).getApplyActions().getAction());
1840 actionList.addAll(existingActions);
1845 GroupBuilder groupBuilder = new GroupBuilder();
1848 /* Create output action for this port*/
1849 OutputActionBuilder oab = new OutputActionBuilder();
1850 oab.setOutputNodeConnector(ncid);
1851 ab.setAction(new OutputActionCaseBuilder().setOutputAction(oab.build()).build());
1852 logger.debug("createOutputGroupInstructions(): output action {}", ab.build());
1853 boolean addNew = true;
1854 boolean groupActionAdded = false;
1856 /* Find the group action and get the group */
1857 for (Action action : actionList) {
1858 if (action.getAction() instanceof GroupActionCase) {
1859 groupActionAdded = true;
1860 GroupActionCase groupAction = (GroupActionCase) action.getAction();
1861 Long id = groupAction.getGroupAction().getGroupId();
1862 String groupName = groupAction.getGroupAction().getGroup();
1863 GroupKey key = new GroupKey(new GroupId(id));
1865 groupBuilder.setGroupId(new GroupId(id));
1866 groupBuilder.setGroupName(groupName);
1867 groupBuilder.setGroupType(GroupTypes.GroupAll);
1868 groupBuilder.setKey(key);
1869 group = getGroup(groupBuilder, nodeBuilder);
1870 logger.debug("createOutputGroupInstructions: group {}", group);
1875 logger.debug("createOutputGroupInstructions: groupActionAdded {}", groupActionAdded);
1876 if (groupActionAdded) {
1877 /* modify the action bucket in group */
1878 groupBuilder = new GroupBuilder(group);
1879 Buckets buckets = groupBuilder.getBuckets();
1880 for (Bucket bucket : buckets.getBucket()) {
1881 List<Action> bucketActions = bucket.getAction();
1882 logger.debug("createOutputGroupInstructions: bucketActions {}", bucketActions);
1883 for (Action action : bucketActions) {
1884 if (action.getAction() instanceof OutputActionCase) {
1885 OutputActionCase opAction = (OutputActionCase)action.getAction();
1886 /* If output port action already in the action list of one of the buckets, skip */
1887 if (opAction.getOutputAction().getOutputNodeConnector().equals(new Uri(ncid))) {
1894 logger.debug("createOutputGroupInstructions: addNew {}", addNew);
1896 /* the new output action is not in the bucket, add to bucket */
1897 if (!buckets.getBucket().isEmpty()) {
1898 Bucket bucket = buckets.getBucket().get(0);
1899 List<Action> bucketActionList = Lists.newArrayList();
1900 bucketActionList.addAll(bucket.getAction());
1901 /* set order for new action and add to action list */
1902 ab.setOrder(bucketActionList.size());
1903 ab.setKey(new ActionKey(bucketActionList.size()));
1904 bucketActionList.add(ab.build());
1906 /* set bucket and buckets list. Reset groupBuilder with new buckets.*/
1907 BucketsBuilder bucketsBuilder = new BucketsBuilder();
1908 List<Bucket> bucketList = Lists.newArrayList();
1909 BucketBuilder bucketBuilder = new BucketBuilder();
1910 bucketBuilder.setBucketId(new BucketId((long) 1));
1911 bucketBuilder.setKey(new BucketKey(new BucketId((long) 1)));
1912 bucketBuilder.setAction(bucketActionList);
1913 bucketList.add(bucketBuilder.build());
1914 bucketsBuilder.setBucket(bucketList);
1915 groupBuilder.setBuckets(bucketsBuilder.build());
1916 logger.debug("createOutputGroupInstructions: bucketList {}", bucketList);
1921 groupBuilder = new GroupBuilder();
1922 groupBuilder.setGroupType(GroupTypes.GroupAll);
1923 groupBuilder.setGroupId(new GroupId(groupId));
1924 groupBuilder.setKey(new GroupKey(new GroupId(groupId)));
1925 groupBuilder.setGroupName("Output port group " + groupId);
1926 groupBuilder.setBarrier(false);
1928 BucketsBuilder bucketBuilder = new BucketsBuilder();
1929 List<Bucket> bucketList = Lists.newArrayList();
1930 BucketBuilder bucket = new BucketBuilder();
1931 bucket.setBucketId(new BucketId((long) 1));
1932 bucket.setKey(new BucketKey(new BucketId((long) 1)));
1934 /* put output action to the bucket */
1935 List<Action> bucketActionList = Lists.newArrayList();
1936 /* set order for new action and add to action list */
1937 ab.setOrder(bucketActionList.size());
1938 ab.setKey(new ActionKey(bucketActionList.size()));
1939 bucketActionList.add(ab.build());
1941 bucket.setAction(bucketActionList);
1942 bucketList.add(bucket.build());
1943 bucketBuilder.setBucket(bucketList);
1944 groupBuilder.setBuckets(bucketBuilder.build());
1946 /* Add new group action */
1947 GroupActionBuilder groupActionB = new GroupActionBuilder();
1948 groupActionB.setGroupId(groupId);
1949 groupActionB.setGroup("Output port group " + groupId);
1950 ab = new ActionBuilder();
1951 ab.setAction(new GroupActionCaseBuilder().setGroupAction(groupActionB.build()).build());
1952 ab.setOrder(actionList.size());
1953 ab.setKey(new ActionKey(actionList.size()));
1954 actionList.add(ab.build());
1958 logger.debug("createOutputGroupInstructions: group {}", groupBuilder.build());
1959 logger.debug("createOutputGroupInstructions: actionList {}", actionList);
1962 /* rewrite the group to group table */
1963 writeGroup(groupBuilder, nodeBuilder);
1966 // Create an Apply Action
1967 ApplyActionsBuilder aab = new ApplyActionsBuilder();
1968 aab.setAction(actionList);
1969 ib.setInstruction(new ApplyActionsCaseBuilder().setApplyActions(aab.build()).build());
1975 * Remove Output Port from action list in group bucket
1977 * @param ib Map InstructionBuilder without any instructions
1978 * @param dpidLong Long the datapath ID of a switch/node
1979 * @param port Long representing a port on a switch/node
1980 * @return ib InstructionBuilder Map with instructions
1982 protected boolean removeOutputPortFromGroup(NodeBuilder nodeBuilder, InstructionBuilder ib,
1983 Long dpidLong, Long port , List<Instruction> instructions) {
1985 NodeConnectorId ncid = new NodeConnectorId(OPENFLOW + dpidLong + ":" + port);
1986 logger.debug("removeOutputPortFromGroup() Node Connector ID is - Type=openflow: DPID={} port={} existingInstructions={}", dpidLong, port, instructions);
1988 List<Action> actionList = Lists.newArrayList();
1991 List<Action> existingActions;
1992 if (instructions != null) {
1993 for (Instruction in : instructions) {
1994 if (in.getInstruction() instanceof ApplyActionsCase) {
1995 existingActions = (((ApplyActionsCase) in.getInstruction()).getApplyActions().getAction());
1996 actionList.addAll(existingActions);
2002 GroupBuilder groupBuilder = new GroupBuilder();
2004 boolean groupActionAdded = false;
2005 /* Find the group action and get the group */
2006 for (Action action : actionList) {
2007 if (action.getAction() instanceof GroupActionCase) {
2008 groupActionAdded = true;
2009 GroupActionCase groupAction = (GroupActionCase) action.getAction();
2010 Long id = groupAction.getGroupAction().getGroupId();
2011 String groupName = groupAction.getGroupAction().getGroup();
2012 GroupKey key = new GroupKey(new GroupId(id));
2014 groupBuilder.setGroupId(new GroupId(id));
2015 groupBuilder.setGroupName(groupName);
2016 groupBuilder.setGroupType(GroupTypes.GroupAll);
2017 groupBuilder.setKey(key);
2018 group = getGroup(groupBuilder, nodeBuilder);
2023 if (groupActionAdded) {
2024 /* modify the action bucket in group */
2025 groupBuilder = new GroupBuilder(group);
2026 Buckets buckets = groupBuilder.getBuckets();
2027 List<Action> bucketActions = Lists.newArrayList();
2028 for (Bucket bucket : buckets.getBucket()) {
2030 boolean isPortDeleted = false;
2031 bucketActions = bucket.getAction();
2032 for (Action action : bucketActions) {
2033 if (action.getAction() instanceof OutputActionCase) {
2034 OutputActionCase opAction = (OutputActionCase)action.getAction();
2035 if (opAction.getOutputAction().getOutputNodeConnector().equals(new Uri(ncid))) {
2036 /* Find the output port in action list and remove */
2037 index = bucketActions.indexOf(action);
2038 bucketActions.remove(action);
2039 isPortDeleted = true;
2044 if (isPortDeleted && !bucketActions.isEmpty()) {
2045 for (int i = index; i< bucketActions.size(); i++) {
2046 Action action = bucketActions.get(i);
2047 if (action.getOrder() != i) {
2048 /* Shift the action order */
2049 ab = new ActionBuilder();
2050 ab.setAction(action.getAction());
2052 ab.setKey(new ActionKey(i));
2053 Action actionNewOrder = ab.build();
2054 bucketActions.remove(action);
2055 bucketActions.add(i, actionNewOrder);
2059 } else if (bucketActions.isEmpty()) {
2060 /* remove bucket with empty action list */
2061 buckets.getBucket().remove(bucket);
2065 if (!buckets.getBucket().isEmpty()) {
2066 /* rewrite the group to group table */
2067 /* set bucket and buckets list. Reset groupBuilder with new buckets.*/
2068 BucketsBuilder bucketsBuilder = new BucketsBuilder();
2069 List<Bucket> bucketList = Lists.newArrayList();
2070 BucketBuilder bucketBuilder = new BucketBuilder();
2071 bucketBuilder.setBucketId(new BucketId((long) 1));
2072 bucketBuilder.setKey(new BucketKey(new BucketId((long) 1)));
2073 bucketBuilder.setAction(bucketActions);
2074 bucketList.add(bucketBuilder.build());
2075 bucketsBuilder.setBucket(bucketList);
2076 groupBuilder.setBuckets(bucketsBuilder.build());
2077 logger.debug("removeOutputPortFromGroup: bucketList {}", bucketList);
2079 writeGroup(groupBuilder, nodeBuilder);
2080 ApplyActionsBuilder aab = new ApplyActionsBuilder();
2081 aab.setAction(actionList);
2082 ib.setInstruction(new ApplyActionsCaseBuilder().setApplyActions(aab.build()).build());
2085 /* remove group with empty bucket. return true to delete flow */
2086 removeGroup(groupBuilder, nodeBuilder);
2090 /* no group for port list. flow can be removed */
2096 public void initializeOFFlowRules(Node openflowNode) {
2097 Preconditions.checkNotNull(connectionService);
2098 List<Node> ovsNodes = connectionService.getNodes();
2099 if (ovsNodes == null) return;
2100 for (Node ovsNode : ovsNodes) {
2101 Long brIntDpid = this.getIntegrationBridgeOFDPID(ovsNode);
2102 Long brExDpid = this.getExternalBridgeDpid(ovsNode);
2103 logger.debug("Compare openflowNode to OVS node {} vs {} and {}", openflowNode.getID(), brIntDpid, brExDpid);
2104 String openflowID = openflowNode.getID().toString();
2105 if (openflowID.contains(brExDpid.toString())) {
2106 this.initializeFlowRules(ovsNode, configurationService.getExternalBridgeName());
2107 this.triggerInterfaceUpdates(ovsNode);
2109 if (openflowID.contains(brIntDpid.toString())) {
2110 this.initializeFlowRules(ovsNode, configurationService.getIntegrationBridgeName());
2111 this.triggerInterfaceUpdates(ovsNode);
2116 public static NodeBuilder createNodeBuilder(String nodeId) {
2117 NodeBuilder builder = new NodeBuilder();
2118 builder.setId(new NodeId(nodeId));
2119 builder.setKey(new NodeKey(builder.getId()));
2123 private InstanceIdentifier<org.opendaylight.yang.gen.v1.urn.opendaylight.inventory.rev130819.nodes.Node> nodeBuilderToInstanceId(NodeBuilder
2125 return InstanceIdentifier.builder(Nodes.class).child(org.opendaylight.yang.gen.v1.urn.opendaylight.inventory.rev130819.nodes.Node.class,
2126 node.getKey()).toInstance();
2129 private String getInternalBridgeUUID (Node node, String bridgeName) {
2130 Preconditions.checkNotNull(ovsdbConfigurationService);
2132 Map<String, Row> bridgeTable = ovsdbConfigurationService.getRows(node, ovsdbConfigurationService.getTableName(node, Bridge.class));
2133 if (bridgeTable == null) return null;
2134 for (String key : bridgeTable.keySet()) {
2135 Bridge bridge = ovsdbConfigurationService.getTypedRow(node, Bridge.class, bridgeTable.get(key));
2136 if (bridge.getName().equals(bridgeName)) return key;
2138 } catch (Exception e) {
2139 logger.error("Error getting Bridge Identifier for {} / {}", node, bridgeName, e);
Code Review / netvirt.git / blob