2 * Copyright (C) 2013 Red Hat, Inc.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
8 * Authors : Madhu Venugopal, Brent Salisbury, Dave Tucker
10 package org.opendaylight.ovsdb.openstack.netvirt.providers.openflow13;
12 import java.net.InetAddress;
13 import java.util.List;
16 import java.util.concurrent.ExecutionException;
18 import org.opendaylight.controller.md.sal.binding.api.DataBroker;
19 import org.opendaylight.controller.md.sal.binding.api.ReadOnlyTransaction;
20 import org.opendaylight.controller.md.sal.binding.api.ReadWriteTransaction;
21 import org.opendaylight.controller.md.sal.binding.api.WriteTransaction;
22 import org.opendaylight.controller.md.sal.common.api.data.LogicalDatastoreType;
23 import org.opendaylight.controller.md.sal.common.api.data.TransactionCommitFailedException;
24 import org.opendaylight.neutron.spi.NeutronNetwork;
25 import org.opendaylight.neutron.spi.NeutronSecurityGroup;
26 import org.opendaylight.controller.sal.core.Node;
27 import org.opendaylight.controller.sal.utils.HexEncode;
28 import org.opendaylight.controller.sal.utils.Status;
29 import org.opendaylight.controller.sal.utils.StatusCode;
30 import org.opendaylight.ovsdb.lib.notation.Row;
31 import org.opendaylight.ovsdb.lib.notation.UUID;
32 import org.opendaylight.ovsdb.openstack.netvirt.NetworkHandler;
33 import org.opendaylight.ovsdb.openstack.netvirt.api.BridgeConfigurationManager;
34 import org.opendaylight.ovsdb.openstack.netvirt.api.ClassifierProvider;
35 import org.opendaylight.ovsdb.openstack.netvirt.api.ConfigurationService;
36 import org.opendaylight.ovsdb.openstack.netvirt.api.Constants;
37 import org.opendaylight.ovsdb.openstack.netvirt.api.EgressAclProvider;
38 import org.opendaylight.ovsdb.openstack.netvirt.api.IngressAclProvider;
39 import org.opendaylight.ovsdb.openstack.netvirt.api.L2ForwardingProvider;
40 import org.opendaylight.ovsdb.openstack.netvirt.api.NetworkingProvider;
41 import org.opendaylight.ovsdb.openstack.netvirt.api.SecurityServicesManager;
42 import org.opendaylight.ovsdb.openstack.netvirt.api.TenantNetworkManager;
43 import org.opendaylight.ovsdb.compatibility.plugin.api.OvsdbConfigurationService;
44 import org.opendaylight.ovsdb.compatibility.plugin.api.OvsdbConnectionService;
45 import org.opendaylight.controller.sal.utils.Status;
46 import org.opendaylight.controller.sal.utils.StatusCode;
47 import org.opendaylight.ovsdb.compatibility.plugin.api.StatusWithUuid;
48 import org.opendaylight.ovsdb.schema.openvswitch.Bridge;
49 import org.opendaylight.ovsdb.schema.openvswitch.Interface;
50 import org.opendaylight.ovsdb.schema.openvswitch.Port;
51 import org.opendaylight.ovsdb.utils.mdsal.openflow.InstructionUtils;
52 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev100924.Uri;
53 import org.opendaylight.yang.gen.v1.urn.opendaylight.action.types.rev131112.action.action.GroupActionCase;
54 import org.opendaylight.yang.gen.v1.urn.opendaylight.action.types.rev131112.action.action.GroupActionCaseBuilder;
55 import org.opendaylight.yang.gen.v1.urn.opendaylight.action.types.rev131112.action.action.OutputActionCase;
56 import org.opendaylight.yang.gen.v1.urn.opendaylight.action.types.rev131112.action.action.OutputActionCaseBuilder;
57 import org.opendaylight.yang.gen.v1.urn.opendaylight.action.types.rev131112.action.action.group.action._case.GroupActionBuilder;
58 import org.opendaylight.yang.gen.v1.urn.opendaylight.action.types.rev131112.action.action.output.action._case.OutputActionBuilder;
59 import org.opendaylight.yang.gen.v1.urn.opendaylight.action.types.rev131112.action.list.Action;
60 import org.opendaylight.yang.gen.v1.urn.opendaylight.action.types.rev131112.action.list.ActionBuilder;
61 import org.opendaylight.yang.gen.v1.urn.opendaylight.action.types.rev131112.action.list.ActionKey;
62 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.inventory.rev130819.FlowCapableNode;
63 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.inventory.rev130819.FlowId;
64 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.inventory.rev130819.tables.Table;
65 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.inventory.rev130819.tables.TableKey;
66 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.inventory.rev130819.tables.table.Flow;
67 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.inventory.rev130819.tables.table.FlowBuilder;
68 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.inventory.rev130819.tables.table.FlowKey;
69 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.flow.InstructionsBuilder;
70 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.flow.MatchBuilder;
71 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.instruction.instruction.ApplyActionsCase;
72 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.instruction.instruction.ApplyActionsCaseBuilder;
73 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.instruction.instruction.apply.actions._case.ApplyActionsBuilder;
74 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.instruction.list.Instruction;
75 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.instruction.list.InstructionBuilder;
76 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.instruction.list.InstructionKey;
77 import org.opendaylight.yang.gen.v1.urn.opendaylight.group.types.rev131018.BucketId;
78 import org.opendaylight.yang.gen.v1.urn.opendaylight.group.types.rev131018.GroupId;
79 import org.opendaylight.yang.gen.v1.urn.opendaylight.group.types.rev131018.GroupTypes;
80 import org.opendaylight.yang.gen.v1.urn.opendaylight.group.types.rev131018.group.Buckets;
81 import org.opendaylight.yang.gen.v1.urn.opendaylight.group.types.rev131018.group.BucketsBuilder;
82 import org.opendaylight.yang.gen.v1.urn.opendaylight.group.types.rev131018.group.buckets.Bucket;
83 import org.opendaylight.yang.gen.v1.urn.opendaylight.group.types.rev131018.group.buckets.BucketBuilder;
84 import org.opendaylight.yang.gen.v1.urn.opendaylight.group.types.rev131018.group.buckets.BucketKey;
85 import org.opendaylight.yang.gen.v1.urn.opendaylight.group.types.rev131018.groups.Group;
86 import org.opendaylight.yang.gen.v1.urn.opendaylight.group.types.rev131018.groups.GroupBuilder;
87 import org.opendaylight.yang.gen.v1.urn.opendaylight.group.types.rev131018.groups.GroupKey;
88 import org.opendaylight.yang.gen.v1.urn.opendaylight.inventory.rev130819.NodeConnectorId;
89 import org.opendaylight.yang.gen.v1.urn.opendaylight.inventory.rev130819.NodeId;
90 import org.opendaylight.yang.gen.v1.urn.opendaylight.inventory.rev130819.Nodes;
91 import org.opendaylight.yang.gen.v1.urn.opendaylight.inventory.rev130819.nodes.NodeBuilder;
92 import org.opendaylight.yang.gen.v1.urn.opendaylight.inventory.rev130819.nodes.NodeKey;
93 import org.opendaylight.yangtools.yang.binding.InstanceIdentifier;
94 import org.slf4j.Logger;
95 import org.slf4j.LoggerFactory;
97 import com.google.common.base.Optional;
98 import com.google.common.base.Preconditions;
99 import com.google.common.collect.Lists;
100 import com.google.common.collect.Maps;
101 import com.google.common.util.concurrent.CheckedFuture;
104 * Open vSwitch OpenFlow 1.3 Networking Provider for OpenStack Neutron
106 public class OF13Provider implements NetworkingProvider {
107 private static final Logger logger = LoggerFactory.getLogger(OF13Provider.class);
108 private DataBroker dataBroker;
109 private static final short TABLE_0_DEFAULT_INGRESS = 0;
110 private static final short TABLE_1_ISOLATE_TENANT = 10;
111 private static final short TABLE_2_LOCAL_FORWARD = 20;
112 private static final String OPENFLOW = "openflow:";
113 private static Long groupId = 1L;
115 private volatile ConfigurationService configurationService;
116 private volatile BridgeConfigurationManager bridgeConfigurationManager;
117 private volatile TenantNetworkManager tenantNetworkManager;
118 private volatile OvsdbConfigurationService ovsdbConfigurationService;
119 private volatile OvsdbConnectionService connectionService;
120 private volatile MdsalConsumer mdsalConsumer;
121 private volatile SecurityServicesManager securityServicesManager;
122 private volatile IngressAclProvider ingressAclProvider;
123 private volatile EgressAclProvider egressAclProvider;
124 private volatile ClassifierProvider classifierProvider;
125 private volatile L2ForwardingProvider l2ForwardingProvider;
127 public static final String NAME = "OF13Provider";
129 public OF13Provider(){
134 public String getName() {
139 public boolean supportsServices() {
144 public boolean hasPerTenantTunneling() {
148 private Status getTunnelReadinessStatus (Node node, String tunnelKey) {
149 InetAddress srcTunnelEndPoint = configurationService.getTunnelEndPoint(node);
150 if (srcTunnelEndPoint == null) {
151 logger.error("Tunnel Endpoint not configured for Node {}", node);
152 return new Status(StatusCode.NOTFOUND, "Tunnel Endpoint not configured for "+ node);
155 if (!bridgeConfigurationManager.isNodeNeutronReady(node)) {
156 logger.error(node+" is not Overlay ready");
157 return new Status(StatusCode.NOTACCEPTABLE, node+" is not Overlay ready");
160 if (!tenantNetworkManager.isTenantNetworkPresentInNode(node, tunnelKey)) {
161 logger.debug(node+" has no VM corresponding to segment "+ tunnelKey);
162 return new Status(StatusCode.NOTACCEPTABLE, node+" has no VM corresponding to segment "+ tunnelKey);
164 return new Status(StatusCode.SUCCESS);
167 private String getTunnelName(String tunnelType, InetAddress dst) {
168 return tunnelType+"-"+dst.getHostAddress();
171 private boolean isTunnelPresent(Node node, String tunnelName, String bridgeUUID) throws Exception {
172 Preconditions.checkNotNull(ovsdbConfigurationService);
173 Row bridgeRow = ovsdbConfigurationService
174 .getRow(node, ovsdbConfigurationService.getTableName(node, Bridge.class), bridgeUUID);
175 Bridge bridge = ovsdbConfigurationService.getTypedRow(node, Bridge.class, bridgeRow);
176 if (bridge != null) {
177 Set<UUID> ports = bridge.getPortsColumn().getData();
178 for (UUID portUUID : ports) {
179 Row portRow = ovsdbConfigurationService
180 .getRow(node, ovsdbConfigurationService.getTableName(node, Port.class), portUUID.toString());
181 Port port = ovsdbConfigurationService.getTypedRow(node, Port.class, portRow);
182 if (port != null && tunnelName.equalsIgnoreCase(port.getName())) return true;
188 private String getPortUuid(Node node, String name, String bridgeUUID) throws Exception {
189 Preconditions.checkNotNull(ovsdbConfigurationService);
190 Row bridgeRow = ovsdbConfigurationService
191 .getRow(node, ovsdbConfigurationService.getTableName(node, Bridge.class), bridgeUUID);
192 Bridge bridge = ovsdbConfigurationService.getTypedRow(node, Bridge.class, bridgeRow);
193 if (bridge != null) {
194 Set<UUID> ports = bridge.getPortsColumn().getData();
195 for (UUID portUUID : ports) {
196 Row portRow = ovsdbConfigurationService
197 .getRow(node, ovsdbConfigurationService.getTableName(node, Port.class), portUUID.toString());
198 Port port = ovsdbConfigurationService.getTypedRow(node, Port.class, portRow);
199 if (port != null && name.equalsIgnoreCase(port.getName())) return portUUID.toString();
205 private Status addTunnelPort (Node node, String tunnelType, InetAddress src, InetAddress dst) {
206 Preconditions.checkNotNull(ovsdbConfigurationService);
208 String bridgeUUID = null;
209 String tunnelBridgeName = configurationService.getIntegrationBridgeName();
210 Map<String, Row> bridgeTable = ovsdbConfigurationService.getRows(node, ovsdbConfigurationService.getTableName(node, Bridge.class));
211 if (bridgeTable != null) {
212 for (String uuid : bridgeTable.keySet()) {
213 Bridge bridge = ovsdbConfigurationService.getTypedRow(node,Bridge.class, bridgeTable.get(uuid));
214 if (bridge.getName().equals(tunnelBridgeName)) {
220 if (bridgeUUID == null) {
221 logger.error("Could not find Bridge {} in {}", tunnelBridgeName, node);
222 return new Status(StatusCode.NOTFOUND, "Could not find "+tunnelBridgeName+" in "+node);
224 String portName = getTunnelName(tunnelType, dst);
226 if (this.isTunnelPresent(node, portName, bridgeUUID)) {
227 logger.trace("Tunnel {} is present in {} of {}", portName, tunnelBridgeName, node);
228 return new Status(StatusCode.SUCCESS);
231 Port tunnelPort = ovsdbConfigurationService.createTypedRow(node, Port.class);
232 tunnelPort.setName(portName);
233 StatusWithUuid statusWithUuid = ovsdbConfigurationService
234 .insertRow(node, ovsdbConfigurationService.getTableName(node, Port.class), bridgeUUID, tunnelPort.getRow());
235 if (!statusWithUuid.isSuccess()) {
236 logger.error("Failed to insert Tunnel port {} in {}", portName, bridgeUUID);
237 return statusWithUuid;
240 String tunnelPortUUID = statusWithUuid.getUuid().toString();
241 String interfaceUUID = null;
243 while ((interfaceUUID == null) && (timeout > 0)) {
244 Row portRow = ovsdbConfigurationService
245 .getRow(node, ovsdbConfigurationService.getTableName(node, Port.class), tunnelPortUUID);
246 tunnelPort = ovsdbConfigurationService.getTypedRow(node, Port.class, portRow);
247 Set<UUID> interfaces = tunnelPort.getInterfacesColumn().getData();
248 if (interfaces == null || interfaces.size() == 0) {
249 // Wait for the OVSDB update to sync up the Local cache.
254 interfaceUUID = interfaces.toArray()[0].toString();
255 Row intfRow = ovsdbConfigurationService
256 .getRow(node, ovsdbConfigurationService.getTableName(node, Interface.class), interfaceUUID);
257 Interface intf = ovsdbConfigurationService.getTypedRow(node, Interface.class, intfRow);
258 if (intf == null) interfaceUUID = null;
261 if (interfaceUUID == null) {
262 logger.error("Cannot identify Tunnel Interface for port {}/{}", portName, tunnelPortUUID);
263 return new Status(StatusCode.INTERNALERROR);
266 Interface tunInterface = ovsdbConfigurationService.createTypedRow(node, Interface.class);
267 tunInterface.setType(tunnelType);
268 Map<String, String> options = Maps.newHashMap();
269 options.put("key", "flow");
270 options.put("local_ip", src.getHostAddress());
271 options.put("remote_ip", dst.getHostAddress());
272 tunInterface.setOptions(options);
273 Status status = ovsdbConfigurationService
274 .updateRow(node, ovsdbConfigurationService.getTableName(node, Interface.class), tunnelPortUUID, interfaceUUID, tunInterface.getRow());
275 logger.debug("Tunnel {} add status : {}", tunInterface, status);
277 } catch (Exception e) {
278 logger.error("Exception in addTunnelPort", e);
279 return new Status(StatusCode.INTERNALERROR);
283 /* delete port from ovsdb port table */
284 private Status deletePort(Node node, String bridgeName, String portName) {
285 Preconditions.checkNotNull(ovsdbConfigurationService);
287 String bridgeUUID = null;
288 Map<String, Row> bridgeTable = ovsdbConfigurationService.getRows(node, ovsdbConfigurationService.getTableName(node, Bridge.class));
289 if (bridgeTable != null) {
290 for (String uuid : bridgeTable.keySet()) {
291 Bridge bridge = ovsdbConfigurationService.getTypedRow(node, Bridge.class, bridgeTable.get(uuid));
292 if (bridge.getName().equals(bridgeName)) {
298 if (bridgeUUID == null) {
299 logger.debug("Could not find Bridge {} in {}", bridgeName, node);
300 return new Status(StatusCode.SUCCESS);
303 String portUUID = this.getPortUuid(node, portName, bridgeUUID);
304 Status status = new Status(StatusCode.SUCCESS);
305 if (portUUID != null) {
306 status = ovsdbConfigurationService
307 .deleteRow(node, ovsdbConfigurationService.getTableName(node, Port.class), portUUID);
308 if (!status.isSuccess()) {
309 logger.error("Failed to delete port {} in {} status : {}", portName, bridgeUUID,
313 logger.debug("Port {} delete status : {}", portName, status);
316 } catch (Exception e) {
317 logger.error("Exception in deletePort", e);
318 return new Status(StatusCode.INTERNALERROR);
322 private Status deleteTunnelPort(Node node, String tunnelType, InetAddress src, InetAddress dst) {
323 String tunnelBridgeName = configurationService.getIntegrationBridgeName();
324 String portName = getTunnelName(tunnelType, dst);
325 return deletePort(node, tunnelBridgeName, portName);
328 private Status deletePhysicalPort(Node node, String phyIntfName) {
329 String intBridgeName = configurationService.getIntegrationBridgeName();
330 return deletePort(node, intBridgeName, phyIntfName);
333 private void programLocalBridgeRules(Node node, Long dpid, String segmentationId, String attachedMac, long localPort) {
337 * Match: VM sMac and Local Ingress Port
338 * Action:Action: Set Tunnel ID and GOTO Local Table (5)
341 handleLocalInPort(dpid, TABLE_0_DEFAULT_INGRESS, TABLE_1_ISOLATE_TENANT, segmentationId, localPort, attachedMac, true);
346 * Match: Drop any remaining Ingress Local VM Packets
347 * Action: Drop w/ a low priority
350 handleDropSrcIface(dpid, localPort, true);
355 * Match: Match TunID and Destination DL/dMAC Addr
356 * Action: Output Port
357 * table=2,tun_id=0x5,dl_dst=00:00:00:00:00:01 actions=output:2
360 handleLocalUcastOut(dpid, TABLE_2_LOCAL_FORWARD, segmentationId, localPort, attachedMac, true);
365 * Match: Tunnel ID and dMAC (::::FF:FF)
366 * table=2,priority=16384,tun_id=0x5,dl_dst=ff:ff:ff:ff:ff:ff \
367 * actions=output:2,3,4,5
370 handleLocalBcastOut(dpid, TABLE_2_LOCAL_FORWARD, segmentationId, localPort, true);
371 handleTunnelFloodOut(dpid, TABLE_1_ISOLATE_TENANT, TABLE_2_LOCAL_FORWARD, segmentationId, localPort, true);
374 * TODO : Optimize the following 2 writes to be restricted only for the very first port known in a segment.
379 * Match: Any remaining Ingress Local VM Packets
380 * Action: Drop w/ a low priority
381 * -------------------------------------------
382 * table=1,priority=8192,tun_id=0x5 actions=goto_table:2
385 handleTunnelMiss(dpid, TABLE_1_ISOLATE_TENANT, TABLE_2_LOCAL_FORWARD, segmentationId, true);
390 * Match: Any Remaining Flows w/a TunID
391 * Action: Drop w/ a low priority
392 * table=2,priority=8192,tun_id=0x5 actions=drop
395 handleLocalTableMiss(dpid, TABLE_2_LOCAL_FORWARD, segmentationId, true);
398 private void removeLocalBridgeRules(Node node, Long dpid, String segmentationId, String attachedMac, long localPort) {
402 * Match: VM sMac and Local Ingress Port
403 * Action:Action: Set Tunnel ID and GOTO Local Table (5)
406 handleLocalInPort(dpid, TABLE_0_DEFAULT_INGRESS, TABLE_1_ISOLATE_TENANT, segmentationId, localPort, attachedMac, false);
411 * Match: Drop any remaining Ingress Local VM Packets
412 * Action: Drop w/ a low priority
415 handleDropSrcIface(dpid, localPort, false);
420 * Match: Match TunID and Destination DL/dMAC Addr
421 * Action: Output Port
422 * table=2,tun_id=0x5,dl_dst=00:00:00:00:00:01 actions=output:2
425 handleLocalUcastOut(dpid, TABLE_2_LOCAL_FORWARD, segmentationId, localPort, attachedMac, false);
430 * Match: Tunnel ID and dMAC (::::FF:FF)
431 * table=2,priority=16384,tun_id=0x5,dl_dst=ff:ff:ff:ff:ff:ff \
432 * actions=output:2,3,4,5
435 handleLocalBcastOut(dpid, TABLE_2_LOCAL_FORWARD, segmentationId, localPort, false);
436 handleTunnelFloodOut(dpid, TABLE_1_ISOLATE_TENANT, TABLE_2_LOCAL_FORWARD, segmentationId, localPort, false);
439 private void programLocalIngressTunnelBridgeRules(Node node, Long dpid, String segmentationId, String attachedMac, long tunnelOFPort, long localPort) {
443 * Match: Ingress Port, Tunnel ID
444 * Action: GOTO Local Table (20)
447 handleTunnelIn(dpid, TABLE_0_DEFAULT_INGRESS, TABLE_2_LOCAL_FORWARD, segmentationId, tunnelOFPort, true);
452 * Match: Match Tunnel ID and L2 ::::FF:FF Flooding
453 * Action: Flood to selected destination TEPs
454 * -------------------------------------------
455 * table=1,priority=16384,tun_id=0x5,dl_dst=ff:ff:ff:ff:ff:ff \
456 * actions=output:10,output:11,goto_table:2
459 handleTunnelFloodOut(dpid, TABLE_1_ISOLATE_TENANT, TABLE_2_LOCAL_FORWARD, segmentationId, tunnelOFPort, true);
463 private void programRemoteEgressTunnelBridgeRules(Node node, Long dpid, String segmentationId, String attachedMac, long tunnelOFPort, long localPort) {
467 * Match: Drop any remaining Ingress Local VM Packets
468 * Action: Drop w/ a low priority
469 * -------------------------------------------
470 * table=1,tun_id=0x5,dl_dst=00:00:00:00:00:08 \
471 * actions=output:11,goto_table:2
474 handleTunnelOut(dpid, TABLE_1_ISOLATE_TENANT, TABLE_2_LOCAL_FORWARD, segmentationId, tunnelOFPort, attachedMac, true);
477 private void removeRemoteEgressTunnelBridgeRules(Node node, Long dpid, String segmentationId, String attachedMac, long tunnelOFPort, long localPort) {
481 * Match: Drop any remaining Ingress Local VM Packets
482 * Action: Drop w/ a low priority
483 * -------------------------------------------
484 * table=1,tun_id=0x5,dl_dst=00:00:00:00:00:08 \
485 * actions=output:11,goto_table:2
488 handleTunnelOut(dpid, TABLE_1_ISOLATE_TENANT, TABLE_2_LOCAL_FORWARD, segmentationId, tunnelOFPort, attachedMac, false);
491 /* Remove tunnel rules if last node in this tenant network */
492 private void removePerTunnelRules(Node node, Long dpid, String segmentationId, long tunnelOFPort) {
494 * TODO : Optimize the following 2 writes to be restricted only for the very first port known in a segment.
499 * Match: Any remaining Ingress Local VM Packets
500 * Action: Drop w/ a low priority
501 * -------------------------------------------
502 * table=1,priority=8192,tun_id=0x5 actions=goto_table:2
505 handleTunnelMiss(dpid, TABLE_1_ISOLATE_TENANT, TABLE_2_LOCAL_FORWARD, segmentationId, false);
510 * Match: Any Remaining Flows w/a TunID
511 * Action: Drop w/ a low priority
512 * table=2,priority=8192,tun_id=0x5 actions=drop
515 handleLocalTableMiss(dpid, TABLE_2_LOCAL_FORWARD, segmentationId, false);
520 * Match: Ingress Port, Tunnel ID
521 * Action: GOTO Local Table (10)
524 handleTunnelIn(dpid, TABLE_0_DEFAULT_INGRESS, TABLE_2_LOCAL_FORWARD, segmentationId, tunnelOFPort, false);
529 * Match: Match Tunnel ID and L2 ::::FF:FF Flooding
530 * Action: Flood to selected destination TEPs
531 * -------------------------------------------
532 * table=1,priority=16384,tun_id=0x5,dl_dst=ff:ff:ff:ff:ff:ff \
533 * actions=output:10,output:11,goto_table:2
536 handleTunnelFloodOut(dpid, TABLE_1_ISOLATE_TENANT, TABLE_2_LOCAL_FORWARD, segmentationId, tunnelOFPort, false);
539 private void programLocalVlanRules(Node node, Long dpid, String segmentationId, String attachedMac, long localPort) {
543 * Tag traffic coming from the local port and vm srcmac
544 * Match: VM sMac and Local Ingress Port
545 * Action: Set VLAN ID and GOTO Local Table 1
548 handleLocalInPortSetVlan(dpid, TABLE_0_DEFAULT_INGRESS,
549 TABLE_1_ISOLATE_TENANT, segmentationId, localPort,
555 * Drop all other traffic coming from the local port
556 * Match: Drop any remaining Ingress Local VM Packets
557 * Action: Drop w/ a low priority
560 handleDropSrcIface(dpid, localPort, true);
565 * Forward unicast traffic destined to the local port after stripping tag
566 * Match: Match VLAN ID and Destination DL/dMAC Addr
567 * Action: strip vlan, output to local port
568 * Example: table=2,vlan_id=0x5,dl_dst=00:00:00:00:00:01 actions= strip vlan, output:2
571 handleLocalVlanUcastOut(dpid, TABLE_2_LOCAL_FORWARD, segmentationId,
572 localPort, attachedMac, true);
577 * Match: VLAN ID and dMAC (::::FF:FF)
578 * Action: strip vlan, output to all local ports in this vlan
579 * Example: table=2,priority=16384,vlan_id=0x5,dl_dst=ff:ff:ff:ff:ff:ff \
580 * actions= strip_vlan, output:2,3,4,5
583 //handleLocalVlanBcastOut(dpid, TABLE_2_LOCAL_FORWARD, segmentationId,
584 // localPort, ethPort, true);
585 //handleVlanFloodOut(dpid, TABLE_1_ISOLATE_TENANT, TABLE_2_LOCAL_FORWARD,
586 // segmentationId, localPort, ethport, true);
591 * Match: Any Remaining Flows w/a VLAN ID
592 * Action: Drop w/ a low priority
593 * Example: table=2,priority=8192,vlan_id=0x5 actions=drop
596 //handleLocalVlanTableMiss(dpid, TABLE_2_LOCAL_FORWARD, segmentationId,
600 private void removeLocalVlanRules(Node node, Long dpid,
601 String segmentationId, String attachedMac, long localPort) {
605 * Match: VM sMac and Local Ingress Port
606 * Action: Set VLAN ID and GOTO Local Table 1
609 handleLocalInPortSetVlan(dpid, TABLE_0_DEFAULT_INGRESS,
610 TABLE_1_ISOLATE_TENANT, segmentationId, localPort,
616 * Match: Drop any remaining Ingress Local VM Packets
617 * Action: Drop w/ a low priority
620 handleDropSrcIface(dpid, localPort, false);
625 * Match: Match VLAN ID and Destination DL/dMAC Addr
626 * Action: strip vlan, output to local port
627 * Example: table=2,vlan_id=0x5,dl_dst=00:00:00:00:00:01 actions= strip vlan, output:2
630 handleLocalVlanUcastOut(dpid, TABLE_2_LOCAL_FORWARD, segmentationId,
631 localPort, attachedMac, false);
636 * Match: VLAN ID and dMAC (::::FF:FF)
637 * Action: strip vlan, output to all local ports in this vlan
638 * Example: table=2,priority=16384,vlan_id=0x5,dl_dst=ff:ff:ff:ff:ff:ff \
639 * actions= strip_vlan, output:2,3,4,5
642 //handleLocalVlanBcastOut(dpid, TABLE_2_LOCAL_FORWARD, segmentationId,
643 // localPort, ethPort, false);
644 //handleVlanFloodOut(dpid, TABLE_1_ISOLATE_TENANT, TABLE_2_LOCAL_FORWARD,
645 // segmentationId, localPort, false);
649 private void programLocalIngressVlanRules(Node node, Long dpid, String segmentationId, String attachedMac,
650 long localPort, long ethPort) {
654 * Match: Ingress port = physical interface, Vlan ID
655 * Action: GOTO Local Table 2
658 handleVlanIn(dpid, TABLE_0_DEFAULT_INGRESS, TABLE_2_LOCAL_FORWARD,
659 segmentationId, ethPort, true);
664 * Match: Match VLAN ID and L2 ::::FF:FF Flooding
665 * Action: Flood to local and remote VLAN members
666 * -------------------------------------------
667 * Example: table=1,priority=16384,vlan_id=0x5,dl_dst=ff:ff:ff:ff:ff:ff \
668 * actions=output:10 (eth port),goto_table:2
669 * table=110, priority=16384,dl_vlan=2001,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 actions=output:2,pop_vlan,output:1,output:3,output:4
672 handleLocalVlanBcastOut(dpid, TABLE_2_LOCAL_FORWARD, segmentationId, localPort, ethPort, true);
677 * Match: Match VLAN ID and L2 ::::FF:FF Flooding
678 * Action: Flood to local and remote VLAN members
679 * -------------------------------------------
680 * Example: table=1,priority=16384,vlan_id=0x5,dl_dst=ff:ff:ff:ff:ff:ff \
681 * actions=output:10 (eth port),goto_table:2
684 //handleVlanFloodOut(dpid, TABLE_1_ISOLATE_TENANT, TABLE_2_LOCAL_FORWARD,
685 // segmentationId, ethPort, true);
688 private void programRemoteEgressVlanRules(Node node, Long dpid, String segmentationId,
689 String attachedMac, long ethPort) {
693 * Match: Destination MAC is local VM MAC and vlan id
694 * Action: go to table 2
695 * -------------------------------------------
696 * Example: table=1,vlan_id=0x5,dl_dst=00:00:00:00:00:08 \
697 * actions=goto_table:2
700 //handleVlanOut(dpid, TABLE_1_ISOLATE_TENANT, TABLE_2_LOCAL_FORWARD,
701 // segmentationId, ethPort, attachedMac, true);
707 * Action: Go to table 2
708 * -------------------------------------------
709 * Example: table=1,priority=8192,vlan_id=0x5 actions=output:1,goto_table:2
710 * table=110,priority=8192,dl_vlan=2001 actions=output:2
713 handleVlanMiss(dpid, TABLE_1_ISOLATE_TENANT, TABLE_2_LOCAL_FORWARD, segmentationId, ethPort, true);
716 private void removeRemoteEgressVlanRules(Node node, Long dpid, String segmentationId,
717 String attachedMac, long localPort, long ethPort) {
721 * Match: Destination MAC is local VM MAC and vlan id
722 * Action: go to table 2
723 * -------------------------------------------
724 * Example: table=1,vlan_id=0x5,dl_dst=00:00:00:00:00:08 \
725 * actions=goto_table:2
728 //handleVlanOut(dpid, TABLE_1_ISOLATE_TENANT, TABLE_2_LOCAL_FORWARD,
729 // segmentationId, ethPort, attachedMac, false);
734 * Match: Match VLAN ID and L2 ::::FF:FF Flooding
735 * Action: Flood to local and remote VLAN members
736 * -------------------------------------------
737 * Example: table=1,priority=16384,vlan_id=0x5,dl_dst=ff:ff:ff:ff:ff:ff \
738 * actions=output:10 (eth port),goto_table:2
739 * table=110, priority=16384,dl_vlan=2001,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 actions=output:2,pop_vlan,output:1,output:3,output:4
742 handleLocalVlanBcastOut(dpid, TABLE_2_LOCAL_FORWARD, segmentationId, localPort, ethPort, false);
745 private void removePerVlanRules(Node node, Long dpid, String segmentationId, long localPort, long ethPort) {
749 * Match: Any Remaining Flows w/a VLAN ID
750 * Action: Drop w/ a low priority
751 * Example: table=2,priority=8192,vlan_id=0x5 actions=drop
754 //handleLocalVlanTableMiss(dpid, TABLE_2_LOCAL_FORWARD, segmentationId, false);
759 * Match: Ingress port = physical interface, Vlan ID
760 * Action: GOTO Local Table 2
763 handleVlanIn(dpid, TABLE_0_DEFAULT_INGRESS, TABLE_2_LOCAL_FORWARD, segmentationId, ethPort, false);
768 * Match: Match VLAN ID and L2 ::::FF:FF Flooding
769 * Action: Flood to local and remote VLAN members
770 * -------------------------------------------
771 * Example: table=1,priority=16384,vlan_id=0x5,dl_dst=ff:ff:ff:ff:ff:ff \
772 * actions=output:10 (eth port),goto_table:2
773 * table=110, priority=16384,dl_vlan=2001,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 actions=output:2,pop_vlan,output:1,output:3,output:4
776 //handleLocalVlanBcastOut(dpid, TABLE_2_LOCAL_FORWARD, segmentationId, localPort, ethPort, false);
781 * Match: Match VLAN ID and L2 ::::FF:FF Flooding
782 * Action: Flood to local and remote VLAN members
783 * -------------------------------------------
784 * Example: table=1,priority=16384,vlan_id=0x5,dl_dst=ff:ff:ff:ff:ff:ff \
785 * actions=output:10 (eth port),goto_table:2
788 //handleVlanFloodOut(dpid, TABLE_1_ISOLATE_TENANT, TABLE_2_LOCAL_FORWARD,
789 // segmentationId, ethPort, false);
795 * Action: Go to table 2
796 * -------------------------------------------
797 * Example: table=1,priority=8192,vlan_id=0x5 actions=output:1,goto_table:2
798 * table=110,priority=8192,dl_vlan=2001 actions=output:2
801 handleVlanMiss(dpid, TABLE_1_ISOLATE_TENANT, TABLE_2_LOCAL_FORWARD, segmentationId, ethPort, false);
804 private Long getDpid (Node node, String bridgeUuid) {
805 Preconditions.checkNotNull(ovsdbConfigurationService);
807 Row bridgeRow = ovsdbConfigurationService
808 .getRow(node, ovsdbConfigurationService.getTableName(node, Bridge.class), bridgeUuid);
809 Bridge bridge = ovsdbConfigurationService.getTypedRow(node, Bridge.class, bridgeRow);
810 Set<String> dpids = bridge.getDatapathIdColumn().getData();
811 if (dpids == null || dpids.size() == 0) return 0L;
812 return HexEncode.stringToLong((String) dpids.toArray()[0]);
813 } catch (Exception e) {
814 logger.error("Error finding Bridge's OF DPID", e);
819 private Long getIntegrationBridgeOFDPID (Node node) {
821 String bridgeName = configurationService.getIntegrationBridgeName();
822 String brIntId = this.getInternalBridgeUUID(node, bridgeName);
823 if (brIntId == null) {
824 logger.error("Unable to spot Bridge Identifier for {} in {}", bridgeName, node);
828 return getDpid(node, brIntId);
829 } catch (Exception e) {
830 logger.error("Error finding Integration Bridge's OF DPID", e);
835 private Long getExternalBridgeDpid (Node node) {
837 String bridgeName = configurationService.getExternalBridgeName();
838 String brUuid = this.getInternalBridgeUUID(node, bridgeName);
839 if (brUuid == null) {
840 logger.error("Unable to spot Bridge Identifier for {} in {}", bridgeName, node);
844 return getDpid(node, brUuid);
845 } catch (Exception e) {
846 logger.error("Error finding External Bridge's OF DPID", e);
851 private void programLocalRules (String networkType, String segmentationId, Node node, Interface intf) {
853 Long dpid = this.getIntegrationBridgeOFDPID(node);
855 logger.debug("Openflow Datapath-ID not set for the integration bridge in {}", node);
859 Set<Long> of_ports = intf.getOpenFlowPortColumn().getData();
860 if (of_ports == null || of_ports.size() <= 0) {
861 logger.debug("Could NOT Identify OF value for port {} on {}", intf.getName(), node);
864 long localPort = (Long)of_ports.toArray()[0];
866 Map<String, String> externalIds = intf.getExternalIdsColumn().getData();
867 if (externalIds == null) {
868 logger.error("No external_ids seen in {}", intf);
872 String attachedMac = externalIds.get(Constants.EXTERNAL_ID_VM_MAC);
873 if (attachedMac == null) {
874 logger.error("No AttachedMac seen in {}", intf);
878 /* Program local rules based on network type */
879 if (networkType.equalsIgnoreCase(NetworkHandler.NETWORK_TYPE_VLAN)) {
880 logger.debug("Program local vlan rules for interface {}", intf.getName());
881 programLocalVlanRules(node, dpid, segmentationId, attachedMac, localPort);
883 /* If the network type is tunnel based (VXLAN/GRRE/etc) with Neutron Port Security ACLs */
884 if ((networkType.equalsIgnoreCase(NetworkHandler.NETWORK_TYPE_GRE) || networkType.equalsIgnoreCase
885 (NetworkHandler.NETWORK_TYPE_VXLAN)) && securityServicesManager.isPortSecurityReady(intf)) {
886 logger.debug("Neutron port has a Port Security Group");
887 /* Retrieve the security group UUID from the Neutron Port */
888 NeutronSecurityGroup securityGroupInPort = securityServicesManager.getSecurityGroupInPort(intf);
889 logger.debug("Program Local rules for networkType: {} does contain a Port Security Group: {} " +
890 "to be installed on DPID: {}", networkType, securityGroupInPort, dpid);
891 ingressAclProvider.programPortSecurityACL(node, dpid, segmentationId, attachedMac, localPort,
892 securityGroupInPort);
893 egressAclProvider.programPortSecurityACL(node, dpid, segmentationId, attachedMac, localPort,
894 securityGroupInPort);
896 if (networkType.equalsIgnoreCase(NetworkHandler.NETWORK_TYPE_GRE) ||
897 networkType.equalsIgnoreCase(NetworkHandler.NETWORK_TYPE_VXLAN)) {
898 logger.debug("Program local bridge rules for interface {}", intf.getName());
899 programLocalBridgeRules(node, dpid, segmentationId, attachedMac, localPort);
901 } catch (Exception e) {
902 logger.error("Exception in programming Local Rules for "+intf+" on "+node, e);
906 private void removeLocalRules (String networkType, String segmentationId, Node node, Interface intf) {
908 Long dpid = this.getIntegrationBridgeOFDPID(node);
910 logger.debug("Openflow Datapath-ID not set for the integration bridge in {}", node);
914 Set<Long> of_ports = intf.getOpenFlowPortColumn().getData();
915 if (of_ports == null || of_ports.size() <= 0) {
916 logger.debug("Could NOT Identify OF value for port {} on {}", intf.getName(), node);
919 long localPort = (Long)of_ports.toArray()[0];
921 Map<String, String> externalIds = intf.getExternalIdsColumn().getData();
922 if (externalIds == null) {
923 logger.error("No external_ids seen in {}", intf);
927 String attachedMac = externalIds.get(Constants.EXTERNAL_ID_VM_MAC);
928 if (attachedMac == null) {
929 logger.error("No AttachedMac seen in {}", intf);
933 /* Program local rules based on network type */
934 if (networkType.equalsIgnoreCase(NetworkHandler.NETWORK_TYPE_VLAN)) {
935 logger.debug("Remove local vlan rules for interface {}", intf.getName());
936 removeLocalVlanRules(node, dpid, segmentationId, attachedMac, localPort);
937 } else if (networkType.equalsIgnoreCase(NetworkHandler.NETWORK_TYPE_GRE) ||
938 networkType.equalsIgnoreCase(NetworkHandler.NETWORK_TYPE_VXLAN)) {
939 logger.debug("Remove local bridge rules for interface {}", intf.getName());
940 removeLocalBridgeRules(node, dpid, segmentationId, attachedMac, localPort);
942 } catch (Exception e) {
943 logger.error("Exception in removing Local Rules for "+intf+" on "+node, e);
947 private void programTunnelRules (String tunnelType, String segmentationId, InetAddress dst, Node node,
948 Interface intf, boolean local) {
950 Preconditions.checkNotNull(ovsdbConfigurationService);
954 Long dpid = this.getIntegrationBridgeOFDPID(node);
956 logger.debug("Openflow Datapath-ID not set for the integration bridge in {}", node);
960 Set<Long> of_ports = intf.getOpenFlowPortColumn().getData();
961 if (of_ports == null || of_ports.size() <= 0) {
962 logger.debug("Could NOT Identify OF value for port {} on {}", intf.getName(), node);
965 long localPort = (Long)of_ports.toArray()[0];
967 Map<String, String> externalIds = intf.getExternalIdsColumn().getData();
968 if (externalIds == null) {
969 logger.error("No external_ids seen in {}", intf);
973 String attachedMac = externalIds.get(Constants.EXTERNAL_ID_VM_MAC);
974 if (attachedMac == null) {
975 logger.error("No AttachedMac seen in {}", intf);
979 Map<String, Row> intfs = ovsdbConfigurationService.getRows(node, ovsdbConfigurationService.getTableName(node, Interface.class));
981 for (Row row : intfs.values()) {
982 Interface tunIntf = ovsdbConfigurationService.getTypedRow(node, Interface.class, row);
983 if (tunIntf.getName().equals(this.getTunnelName(tunnelType, dst))) {
984 of_ports = tunIntf.getOpenFlowPortColumn().getData();
985 if (of_ports == null || of_ports.size() <= 0) {
986 logger.debug("Could NOT Identify Tunnel port {} on {}", tunIntf.getName(), node);
989 long tunnelOFPort = (Long)of_ports.toArray()[0];
991 if (tunnelOFPort == -1) {
992 logger.error("Could NOT Identify Tunnel port {} -> OF ({}) on {}", tunIntf.getName(), tunnelOFPort, node);
995 logger.debug("Identified Tunnel port {} -> OF ({}) on {}", tunIntf.getName(), tunnelOFPort, node);
998 programRemoteEgressTunnelBridgeRules(node, dpid, segmentationId, attachedMac, tunnelOFPort, localPort);
1000 logger.trace("program local ingress tunnel rules: node" + node.getNodeIDString() + " intf " + intf.getName());
1002 programLocalIngressTunnelBridgeRules(node, dpid, segmentationId, attachedMac, tunnelOFPort, localPort);
1008 } catch (Exception e) {
1009 logger.error("", e);
1013 private void removeTunnelRules (String tunnelType, String segmentationId, InetAddress dst, Node node,
1014 Interface intf, boolean local, boolean isLastInstanceOnNode) {
1016 Preconditions.checkNotNull(ovsdbConfigurationService);
1019 Long dpid = this.getIntegrationBridgeOFDPID(node);
1021 logger.debug("Openflow Datapath-ID not set for the integration bridge in {}", node);
1025 Set<Long> of_ports = intf.getOpenFlowPortColumn().getData();
1026 if (of_ports == null || of_ports.size() <= 0) {
1027 logger.error("Could NOT Identify OF value for port {} on {}", intf.getName(), node);
1030 long localPort = (Long)of_ports.toArray()[0];
1032 Map<String, String> externalIds = intf.getExternalIdsColumn().getData();
1033 if (externalIds == null) {
1034 logger.error("No external_ids seen in {}", intf);
1038 String attachedMac = externalIds.get(Constants.EXTERNAL_ID_VM_MAC);
1039 if (attachedMac == null) {
1040 logger.error("No AttachedMac seen in {}", intf);
1044 Map<String, Row> intfs = ovsdbConfigurationService.getRows(node, ovsdbConfigurationService.getTableName(node, Interface.class));
1045 if (intfs != null) {
1046 for (Row row : intfs.values()) {
1047 Interface tunIntf = ovsdbConfigurationService.getTypedRow(node, Interface.class, row);
1048 if (tunIntf.getName().equals(this.getTunnelName(tunnelType, dst))) {
1049 of_ports = tunIntf.getOpenFlowPortColumn().getData();
1050 if (of_ports == null || of_ports.size() <= 0) {
1051 logger.error("Could NOT Identify Tunnel port {} on {}", tunIntf.getName(), node);
1054 long tunnelOFPort = (Long)of_ports.toArray()[0];
1056 if (tunnelOFPort == -1) {
1057 logger.error("Could NOT Identify Tunnel port {} -> OF ({}) on {}", tunIntf.getName(), tunnelOFPort, node);
1060 logger.debug("Identified Tunnel port {} -> OF ({}) on {}", tunIntf.getName(), tunnelOFPort, node);
1063 removeRemoteEgressTunnelBridgeRules(node, dpid, segmentationId, attachedMac, tunnelOFPort, localPort);
1065 if (local && isLastInstanceOnNode) {
1066 removePerTunnelRules(node, dpid, segmentationId, tunnelOFPort);
1072 } catch (Exception e) {
1073 logger.error("", e);
1077 private void programVlanRules (NeutronNetwork network, Node node, Interface intf) {
1078 Preconditions.checkNotNull(ovsdbConfigurationService);
1079 logger.debug("Program vlan rules for interface {}", intf.getName());
1082 Long dpid = this.getIntegrationBridgeOFDPID(node);
1084 logger.debug("Openflow Datapath-ID not set for the integration bridge in {}", node);
1088 Set<Long> of_ports = intf.getOpenFlowPortColumn().getData();
1090 while ((of_ports == null) && (timeout > 0)) {
1091 of_ports = intf.getOpenFlowPortColumn().getData();
1092 if (of_ports == null || of_ports.size() <= 0) {
1093 // Wait for the OVSDB update to sync up the Local cache.
1098 if (of_ports == null || of_ports.size() <= 0) {
1099 logger.error("Could NOT Identify OF value for port {} on {}", intf.getName(), node);
1102 long localPort = (Long)of_ports.toArray()[0];
1104 Map<String, String> externalIds = intf.getExternalIdsColumn().getData();
1105 if (externalIds == null) {
1106 logger.error("No external_ids seen in {}", intf);
1110 String attachedMac = externalIds.get(Constants.EXTERNAL_ID_VM_MAC);
1111 if (attachedMac == null) {
1112 logger.error("No AttachedMac seen in {}", intf);
1116 Map<String, Row> intfs = ovsdbConfigurationService.getRows(node, ovsdbConfigurationService.getTableName(node, Interface.class));
1117 if (intfs != null) {
1118 for (Row row : intfs.values()) {
1119 Interface ethIntf = ovsdbConfigurationService.getTypedRow(node, Interface.class, row);
1120 if (ethIntf.getName().equalsIgnoreCase(bridgeConfigurationManager.getPhysicalInterfaceName(node, network.getProviderPhysicalNetwork()))) {
1121 of_ports = ethIntf.getOpenFlowPortColumn().getData();
1123 while ((of_ports == null) && (timeout > 0)) {
1124 of_ports = ethIntf.getOpenFlowPortColumn().getData();
1125 if (of_ports == null || of_ports.size() <= 0) {
1126 // Wait for the OVSDB update to sync up the Local cache.
1132 if (of_ports == null || of_ports.size() <= 0) {
1133 logger.error("Could NOT Identify eth port {} on {}", ethIntf.getName(), node);
1136 long ethOFPort = (Long)of_ports.toArray()[0];
1138 if (ethOFPort == -1) {
1139 logger.error("Could NOT Identify eth port {} -> OF ({}) on {}", ethIntf.getName(), ethOFPort, node);
1140 throw new Exception("port number < 0");
1142 logger.debug("Identified eth port {} -> OF ({}) on {}", ethIntf.getName(), ethOFPort, node);
1143 // TODO: add logic to only add rule on remote nodes
1144 programRemoteEgressVlanRules(node, dpid, network.getProviderSegmentationID(), attachedMac, ethOFPort);
1145 programLocalIngressVlanRules(node, dpid, network.getProviderSegmentationID(), attachedMac, localPort, ethOFPort);
1150 } catch (Exception e) {
1151 logger.error("", e);
1155 private void removeVlanRules (NeutronNetwork network, Node node,
1156 Interface intf, boolean isLastInstanceOnNode) {
1157 Preconditions.checkNotNull(ovsdbConfigurationService);
1158 logger.debug("Remove vlan rules for interface {}", intf.getName());
1162 Long dpid = this.getIntegrationBridgeOFDPID(node);
1164 logger.debug("Openflow Datapath-ID not set for the integration bridge in {}", node);
1168 Set<Long> of_ports = intf.getOpenFlowPortColumn().getData();
1169 if (of_ports == null || of_ports.size() <= 0) {
1170 logger.error("Could NOT Identify OF value for port {} on {}", intf.getName(), node);
1173 long localPort = (Long)of_ports.toArray()[0];
1175 Map<String, String> externalIds = intf.getExternalIdsColumn().getData();
1176 if (externalIds == null) {
1177 logger.error("No external_ids seen in {}", intf);
1181 String attachedMac = externalIds.get(Constants.EXTERNAL_ID_VM_MAC);
1182 if (attachedMac == null) {
1183 logger.error("No AttachedMac seen in {}", intf);
1187 Map<String, Row> intfs = ovsdbConfigurationService.getRows(node, ovsdbConfigurationService.getTableName(node, Interface.class));
1188 if (intfs != null) {
1189 for (Row row : intfs.values()) {
1190 Interface ethIntf = ovsdbConfigurationService.getTypedRow(node, Interface.class, row);
1191 if (ethIntf.getName().equalsIgnoreCase(bridgeConfigurationManager.getPhysicalInterfaceName(node,
1192 network.getProviderPhysicalNetwork()))) {
1193 of_ports = ethIntf.getOpenFlowPortColumn().getData();
1194 if (of_ports == null || of_ports.size() <= 0) {
1195 logger.error("Could NOT Identify eth port {} on {}", ethIntf.getName(), node);
1198 long ethOFPort = (Long)of_ports.toArray()[0];
1200 if (ethOFPort == -1) {
1201 logger.error("Could NOT Identify eth port {} -> OF ({}) on {}", ethIntf.getName(), ethOFPort, node);
1202 throw new Exception("port number < 0");
1204 logger.debug("Identified eth port {} -> OF ({}) on {}", ethIntf.getName(), ethOFPort, node);
1206 removeRemoteEgressVlanRules(node, dpid, network.getProviderSegmentationID(), attachedMac, localPort, ethOFPort);
1207 if (isLastInstanceOnNode) {
1208 removePerVlanRules(node, dpid, network.getProviderSegmentationID(), localPort, ethOFPort);
1214 } catch (Exception e) {
1215 logger.error("", e);
1220 public Status handleInterfaceUpdate(NeutronNetwork network, Node srcNode, Interface intf) {
1221 Preconditions.checkNotNull(connectionService);
1222 List<Node> nodes = connectionService.getNodes();
1223 nodes.remove(srcNode);
1224 this.programLocalRules(network.getProviderNetworkType(), network.getProviderSegmentationID(), srcNode, intf);
1226 if (network.getProviderNetworkType().equalsIgnoreCase(NetworkHandler.NETWORK_TYPE_VLAN)) {
1227 this.programVlanRules(network, srcNode, intf);
1228 } else if (network.getProviderNetworkType().equalsIgnoreCase(NetworkHandler.NETWORK_TYPE_GRE)
1229 || network.getProviderNetworkType().equalsIgnoreCase(NetworkHandler.NETWORK_TYPE_VXLAN)){
1230 for (Node dstNode : nodes) {
1231 InetAddress src = configurationService.getTunnelEndPoint(srcNode);
1232 InetAddress dst = configurationService.getTunnelEndPoint(dstNode);
1233 if ((src != null) && (dst != null)) {
1234 Status status = addTunnelPort(srcNode, network.getProviderNetworkType(), src, dst);
1235 if (status.isSuccess()) {
1236 this.programTunnelRules(network.getProviderNetworkType(), network.getProviderSegmentationID(), dst, srcNode, intf, true);
1238 addTunnelPort(dstNode, network.getProviderNetworkType(), dst, src);
1239 if (status.isSuccess()) {
1240 this.programTunnelRules(network.getProviderNetworkType(), network.getProviderSegmentationID(), src, dstNode, intf, false);
1243 logger.warn("Tunnel end-point configuration missing. Please configure it in OpenVSwitch Table. " +
1244 "Check source {} or destination {}",
1245 src != null ? src.getHostAddress() : "null",
1246 dst != null ? dst.getHostAddress() : "null");
1251 return new Status(StatusCode.SUCCESS);
1254 private Status triggerInterfaceUpdates(Node node) {
1255 Preconditions.checkNotNull(ovsdbConfigurationService);
1257 Map<String, Row> intfs = ovsdbConfigurationService.getRows(node, ovsdbConfigurationService.getTableName(node, Interface.class));
1258 if (intfs != null) {
1259 for (Row row : intfs.values()) {
1260 Interface intf = ovsdbConfigurationService.getTypedRow(node, Interface.class, row);
1261 NeutronNetwork network = tenantNetworkManager.getTenantNetwork(intf);
1262 logger.debug("Trigger Interface update for {}", intf);
1263 if (network != null) {
1264 this.handleInterfaceUpdate(network, node, intf);
1268 } catch (Exception e) {
1269 logger.error("Error Triggering the lost interface updates for "+ node, e);
1270 return new Status(StatusCode.INTERNALERROR, e.getLocalizedMessage());
1272 return new Status(StatusCode.SUCCESS);
1275 public Status handleInterfaceUpdate(String tunnelType, String tunnelKey) {
1276 // TODO Auto-generated method stub
1281 public Status handleInterfaceDelete(String tunnelType, NeutronNetwork network, Node srcNode, Interface intf,
1282 boolean isLastInstanceOnNode) {
1283 Preconditions.checkNotNull(connectionService);
1284 Status status = new Status(StatusCode.SUCCESS);
1285 List<Node> nodes = connectionService.getNodes();
1286 nodes.remove(srcNode);
1288 logger.info("Delete intf " + intf.getName() + " isLastInstanceOnNode " + isLastInstanceOnNode);
1289 List<String> phyIfName = bridgeConfigurationManager.getAllPhysicalInterfaceNames(srcNode);
1290 if (intf.getTypeColumn().getData().equalsIgnoreCase(NetworkHandler.NETWORK_TYPE_VXLAN)
1291 || intf.getTypeColumn().getData().equalsIgnoreCase(NetworkHandler.NETWORK_TYPE_GRE)) {
1292 /* Delete tunnel port */
1294 Map<String, String> options = intf.getOptionsColumn().getData();
1295 InetAddress src = InetAddress.getByName(options.get("local_ip"));
1296 InetAddress dst = InetAddress.getByName(options.get("remote_ip"));
1297 status = deleteTunnelPort(srcNode, intf.getTypeColumn().getData(), src, dst);
1298 } catch (Exception e) {
1299 logger.error(e.getMessage(), e);
1301 } else if (phyIfName.contains(intf.getName())) {
1302 deletePhysicalPort(srcNode, intf.getName());
1304 /* delete all other interfaces */
1305 this.removeLocalRules(network.getProviderNetworkType(), network.getProviderSegmentationID(),
1308 if (network.getProviderNetworkType().equalsIgnoreCase(NetworkHandler.NETWORK_TYPE_VLAN)) {
1309 this.removeVlanRules(network, srcNode,
1310 intf, isLastInstanceOnNode);
1311 } else if (network.getProviderNetworkType().equalsIgnoreCase(NetworkHandler.NETWORK_TYPE_GRE)
1312 || network.getProviderNetworkType().equalsIgnoreCase(NetworkHandler.NETWORK_TYPE_VXLAN)) {
1314 for (Node dstNode : nodes) {
1315 InetAddress src = configurationService.getTunnelEndPoint(srcNode);
1316 InetAddress dst = configurationService.getTunnelEndPoint(dstNode);
1317 if ((src != null) && (dst != null)) {
1318 logger.info("Remove tunnel rules for interface " + intf.getName() + " on srcNode " + srcNode.getNodeIDString());
1319 this.removeTunnelRules(tunnelType, network.getProviderSegmentationID(),
1320 dst, srcNode, intf, true, isLastInstanceOnNode);
1321 logger.info("Remove tunnel rules for interface " + intf.getName() + " on dstNode " + dstNode.getNodeIDString());
1322 this.removeTunnelRules(tunnelType, network.getProviderSegmentationID(),
1323 src, dstNode, intf, false, isLastInstanceOnNode);
1325 logger.warn("Tunnel end-point configuration missing. Please configure it in OpenVSwitch Table. ",
1326 "Check source {} or destination {}",
1327 src != null ? src.getHostAddress() : "null",
1328 dst != null ? dst.getHostAddress() : "null");
1337 public void initializeFlowRules(Node node) {
1338 this.initializeFlowRules(node, configurationService.getIntegrationBridgeName());
1339 this.initializeFlowRules(node, configurationService.getExternalBridgeName());
1340 this.triggerInterfaceUpdates(node);
1343 private void initializeFlowRules(Node node, String bridgeName) {
1344 String bridgeUuid = this.getInternalBridgeUUID(node, bridgeName);
1345 if (bridgeUuid == null) {
1349 Long dpid = getDpid(node, bridgeUuid);
1352 logger.debug("Openflow Datapath-ID not set for the integration bridge in {}", node);
1359 * Match: LLDP (0x88CCL)
1360 * Action: Packet_In to Controller Reserved Port
1363 writeLLDPRule(dpid);
1364 if (bridgeName.equals(configurationService.getExternalBridgeName())) {
1365 writeNormalRule(dpid);
1370 * Create an LLDP Flow Rule to encapsulate into
1371 * a packet_in that is sent to the controller
1372 * for topology handling.
1373 * Match: Ethertype 0x88CCL
1374 * Action: Punt to Controller in a Packet_In msg
1377 private void writeLLDPRule(Long dpidLong) {
1378 classifierProvider.programLLDPPuntRule(dpidLong);
1382 * Create a NORMAL Table Miss Flow Rule
1384 * Action: forward to NORMAL pipeline
1387 private void writeNormalRule(Long dpidLong) {
1389 String nodeName = OPENFLOW + dpidLong;
1391 MatchBuilder matchBuilder = new MatchBuilder();
1392 NodeBuilder nodeBuilder = createNodeBuilder(nodeName);
1393 FlowBuilder flowBuilder = new FlowBuilder();
1395 // Create the OF Actions and Instructions
1396 InstructionBuilder ib = new InstructionBuilder();
1397 InstructionsBuilder isb = new InstructionsBuilder();
1399 // Instructions List Stores Individual Instructions
1400 List<Instruction> instructions = Lists.newArrayList();
1402 // Call the InstructionBuilder Methods Containing Actions
1403 InstructionUtils.createNormalInstructions(nodeName, ib);
1405 ib.setKey(new InstructionKey(0));
1406 instructions.add(ib.build());
1408 // Add InstructionBuilder to the Instruction(s)Builder List
1409 isb.setInstruction(instructions);
1411 // Add InstructionsBuilder to FlowBuilder
1412 flowBuilder.setInstructions(isb.build());
1414 String flowId = "NORMAL";
1415 flowBuilder.setId(new FlowId(flowId));
1416 FlowKey key = new FlowKey(new FlowId(flowId));
1417 flowBuilder.setMatch(matchBuilder.build());
1418 flowBuilder.setPriority(0);
1419 flowBuilder.setBarrier(true);
1420 flowBuilder.setTableId((short) 0);
1421 flowBuilder.setKey(key);
1422 flowBuilder.setFlowName(flowId);
1423 flowBuilder.setHardTimeout(0);
1424 flowBuilder.setIdleTimeout(0);
1425 writeFlow(flowBuilder, nodeBuilder);
1429 * (Table:0) Ingress Tunnel Traffic
1430 * Match: OpenFlow InPort and Tunnel ID
1431 * Action: GOTO Local Table (10)
1432 * table=0,tun_id=0x5,in_port=10, actions=goto_table:2
1435 private void handleTunnelIn(Long dpidLong, Short writeTable,
1436 Short goToTableId, String segmentationId,
1437 Long ofPort, boolean write) {
1438 classifierProvider.programTunnelIn(dpidLong, segmentationId, ofPort, write);
1442 * (Table:0) Ingress VLAN Traffic
1443 * Match: OpenFlow InPort and vlan ID
1444 * Action: GOTO Local Table (20)
1445 * table=0,vlan_id=0x5,in_port=10, actions=goto_table:2
1448 private void handleVlanIn(Long dpidLong, Short writeTable, Short goToTableId,
1449 String segmentationId, Long ethPort, boolean write) {
1450 classifierProvider.programVlanIn(dpidLong, segmentationId, ethPort, write);
1454 * (Table:0) Egress VM Traffic Towards TEP
1455 * Match: Destination Ethernet Addr and OpenFlow InPort
1456 * Instruction: Set TunnelID and GOTO Table Tunnel Table (n)
1457 * table=0,in_port=2,dl_src=00:00:00:00:00:01 \
1458 * actions=set_field:5->tun_id,goto_table=1"
1461 private void handleLocalInPort(Long dpidLong, Short writeTable, Short goToTableId,
1462 String segmentationId, Long inPort, String attachedMac,
1464 classifierProvider.programLocalInPort(dpidLong, segmentationId, inPort, attachedMac, write);
1468 * (Table:0) Egress VM Traffic Towards TEP
1469 * Match: Source Ethernet Addr and OpenFlow InPort
1470 * Instruction: Set VLANID and GOTO Table Egress (n)
1471 * table=0,in_port=2,dl_src=00:00:00:00:00:01 \
1472 * actions=push_vlan, set_field:5->vlan_id,goto_table=1"
1475 private void handleLocalInPortSetVlan(Long dpidLong, Short writeTable,
1476 Short goToTableId, String segmentationId,
1477 Long inPort, String attachedMac,
1479 classifierProvider.programLocalInPortSetVlan(dpidLong, segmentationId, inPort, attachedMac, write);
1483 * (Table:0) Drop frames source from a VM that do not
1484 * match the associated MAC address of the local VM.
1485 * Match: Low priority anything not matching the VM SMAC
1487 * table=0,priority=16384,in_port=1 actions=drop"
1490 private void handleDropSrcIface(Long dpidLong, Long inPort, boolean write) {
1491 classifierProvider.programDropSrcIface(dpidLong, inPort, write);
1495 * (Table:1) Egress Tunnel Traffic
1496 * Match: Destination Ethernet Addr and Local InPort
1497 * Instruction: Set TunnelID and GOTO Table Tunnel Table (n)
1498 * table=1,tun_id=0x5,dl_dst=00:00:00:00:00:08 \
1499 * actions=output:10,goto_table:2"
1501 private void handleTunnelOut(Long dpidLong, Short writeTable,
1502 Short goToTableId, String segmentationId,
1503 Long OFPortOut, String attachedMac,
1505 l2ForwardingProvider.programTunnelOut(dpidLong, segmentationId, OFPortOut, attachedMac, write);
1509 * (Table:1) Egress VLAN Traffic
1510 * Match: Destination Ethernet Addr and VLAN id
1511 * Instruction: GOTO Table Table 2
1512 * table=1,vlan_id=0x5,dl_dst=00:00:00:00:00:08 \
1513 * actions= goto_table:2"
1516 private void handleVlanOut(Long dpidLong, Short writeTable,
1517 Short goToTableId, String segmentationId,
1518 Long ethPort, String attachedMac, boolean write) {
1519 l2ForwardingProvider.programVlanOut(dpidLong, segmentationId, ethPort, attachedMac, write);
1523 * (Table:1) Egress Tunnel Traffic
1524 * Match: Destination Ethernet Addr and Local InPort
1525 * Instruction: Set TunnelID and GOTO Table Tunnel Table (n)
1526 * table=1,priority=16384,tun_id=0x5,dl_dst=ff:ff:ff:ff:ff:ff \
1527 * actions=output:10,output:11,goto_table:2
1530 private void handleTunnelFloodOut(Long dpidLong, Short writeTable,
1531 Short localTable, String segmentationId,
1532 Long OFPortOut, boolean write) {
1533 l2ForwardingProvider.programTunnelFloodOut(dpidLong, segmentationId, OFPortOut, write);
1537 * (Table:1) Egress VLAN Traffic
1538 * Match: Destination Ethernet Addr and VLAN id
1539 * Instruction: GOTO table 2 and Output port eth interface
1540 * Example: table=1,priority=16384,vlan_id=0x5,dl_dst=ff:ff:ff:ff:ff:ff \
1541 * actions=output:eth1,goto_table:2
1544 private void handleVlanFloodOut(Long dpidLong, Short writeTable,
1545 Short localTable, String segmentationId,
1546 Long localPort, Long ethPort, boolean write) {
1547 //l2ForwardingProvider.programVlanFloodOut(dpidLong, segmentationId, localPort, ethPort, write);
1551 * (Table:1) Table Drain w/ Catch All
1553 * Action: GOTO Local Table (10)
1554 * table=2,priority=8192,tun_id=0x5 actions=drop
1557 private void handleTunnelMiss(Long dpidLong, Short writeTable,
1558 Short goToTableId, String segmentationId,
1560 l2ForwardingProvider.programTunnelMiss(dpidLong, segmentationId, write);
1565 * (Table:1) Table Drain w/ Catch All
1567 * Action: Output port eth interface
1568 * table=1,priority=8192,vlan_id=0x5 actions= output port:eth1
1569 * table=110,priority=8192,dl_vlan=2001 actions=output:2
1572 private void handleVlanMiss(Long dpidLong, Short writeTable,
1573 Short goToTableId, String segmentationId,
1574 Long ethPort, boolean write) {
1575 l2ForwardingProvider.programVlanMiss(dpidLong, segmentationId, ethPort, write);
1579 * (Table:1) Local Broadcast Flood
1580 * Match: Tunnel ID and dMAC
1581 * Action: Output Port
1582 * table=2,tun_id=0x5,dl_dst=00:00:00:00:00:01 actions=output:2
1585 private void handleLocalUcastOut(Long dpidLong, Short writeTable,
1586 String segmentationId, Long localPort,
1587 String attachedMac, boolean write) {
1588 l2ForwardingProvider.programLocalUcastOut(dpidLong, segmentationId, localPort, attachedMac, write);
1592 * (Table:2) Local VLAN unicast
1593 * Match: VLAN ID and dMAC
1594 * Action: Output Port
1595 * table=2,vlan_id=0x5,dl_dst=00:00:00:00:00:01 actions=output:2
1598 private void handleLocalVlanUcastOut(Long dpidLong, Short writeTable,
1599 String segmentationId, Long localPort,
1600 String attachedMac, boolean write) {
1601 l2ForwardingProvider.programLocalVlanUcastOut(dpidLong, segmentationId, localPort, attachedMac, write);
1605 * (Table:2) Local Broadcast Flood
1606 * Match: Tunnel ID and dMAC (::::FF:FF)
1607 * table=2,priority=16384,tun_id=0x5,dl_dst=ff:ff:ff:ff:ff:ff \
1608 * actions=output:2,3,4,5
1611 private void handleLocalBcastOut(Long dpidLong, Short writeTable,
1612 String segmentationId, Long localPort,
1614 l2ForwardingProvider.programLocalBcastOut(dpidLong, segmentationId, localPort, write);
1618 * (Table:2) Local VLAN Broadcast Flood
1619 * Match: vlan ID and dMAC (::::FF:FF)
1620 * table=2,priority=16384,vlan_id=0x5,dl_dst=ff:ff:ff:ff:ff:ff \
1621 * actions=strip_vlan, output:2,3,4,5
1622 * table=110,dl_vlan=2001,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 actions=output:2,pop_vlan,output:1,output:3,output:4
1625 private void handleLocalVlanBcastOut(Long dpidLong, Short writeTable, String segmentationId,
1626 Long localPort, Long ethPort, boolean write) {
1627 l2ForwardingProvider.programLocalVlanBcastOut(dpidLong, segmentationId, localPort, ethPort, write);
1631 * (Table:1) Local Table Miss
1632 * Match: Any Remaining Flows w/a TunID
1633 * Action: Drop w/ a low priority
1634 * table=2,priority=8192,tun_id=0x5 actions=drop
1637 private void handleLocalTableMiss(Long dpidLong, Short writeTable,
1638 String segmentationId, boolean write) {
1639 l2ForwardingProvider.programLocalTableMiss(dpidLong, segmentationId, write);
1643 * (Table:1) Local Table Miss
1644 * Match: Any Remaining Flows w/a VLAN ID
1645 * Action: Drop w/ a low priority
1646 * table=2,priority=8192,vlan_id=0x5 actions=drop
1649 private void handleLocalVlanTableMiss(Long dpidLong, Short writeTable,
1650 String segmentationId, boolean write) {
1651 l2ForwardingProvider.programLocalVlanTableMiss(dpidLong, segmentationId, write);
1654 private Group getGroup(GroupBuilder groupBuilder, NodeBuilder nodeBuilder) {
1655 Preconditions.checkNotNull(mdsalConsumer);
1656 if (mdsalConsumer == null) {
1657 logger.error("ERROR finding MDSAL Service. Its possible that writeFlow is called too soon ?");
1661 dataBroker = mdsalConsumer.getDataBroker();
1662 if (dataBroker == null) {
1663 logger.error("ERROR finding reference for DataBroker. Please check MD-SAL support on the Controller.");
1667 InstanceIdentifier<Group> path1 = InstanceIdentifier.builder(Nodes.class).child(org.opendaylight.yang.gen.v1.urn.opendaylight.inventory
1668 .rev130819.nodes.Node.class, nodeBuilder.getKey()).augmentation(FlowCapableNode.class).child(Group.class,
1669 new GroupKey(groupBuilder.getGroupId())).build();
1670 ReadOnlyTransaction readTx = dataBroker.newReadOnlyTransaction();
1672 Optional<Group> data = readTx.read(LogicalDatastoreType.CONFIGURATION, path1).get();
1673 if (data.isPresent()) {
1676 } catch (InterruptedException|ExecutionException e) {
1677 logger.error(e.getMessage(), e);
1680 logger.debug("Cannot find data for Group " + groupBuilder.getGroupName());
1684 private void writeGroup(GroupBuilder groupBuilder, NodeBuilder nodeBuilder) {
1685 Preconditions.checkNotNull(mdsalConsumer);
1686 if (mdsalConsumer == null) {
1687 logger.error("ERROR finding MDSAL Service. Its possible that writeFlow is called too soon ?");
1691 dataBroker = mdsalConsumer.getDataBroker();
1692 if (dataBroker == null) {
1693 logger.error("ERROR finding reference for DataBroker. Please check MD-SAL support on the Controller.");
1697 ReadWriteTransaction modification = dataBroker.newReadWriteTransaction();
1698 InstanceIdentifier<Group> path1 = InstanceIdentifier.builder(Nodes.class).child(org.opendaylight.yang.gen.v1.urn.opendaylight.inventory
1699 .rev130819.nodes.Node.class, nodeBuilder.getKey()).augmentation(FlowCapableNode.class).child(Group.class,
1700 new GroupKey(groupBuilder.getGroupId())).build();
1701 modification.put(LogicalDatastoreType.CONFIGURATION, path1, groupBuilder.build(), true /*createMissingParents*/);
1703 CheckedFuture<Void, TransactionCommitFailedException> commitFuture = modification.submit();
1705 commitFuture.get(); // TODO: Make it async (See bug 1362)
1706 logger.debug("Transaction success for write of Group "+groupBuilder.getGroupName());
1707 } catch (InterruptedException|ExecutionException e) {
1708 logger.error(e.getMessage(), e);
1712 private void removeGroup(GroupBuilder groupBuilder, NodeBuilder nodeBuilder) {
1713 Preconditions.checkNotNull(mdsalConsumer);
1714 if (mdsalConsumer == null) {
1715 logger.error("ERROR finding MDSAL Service. Its possible that writeFlow is called too soon ?");
1719 dataBroker = mdsalConsumer.getDataBroker();
1720 if (dataBroker == null) {
1721 logger.error("ERROR finding reference for DataBroker. Please check MD-SAL support on the Controller.");
1725 WriteTransaction modification = dataBroker.newWriteOnlyTransaction();
1726 InstanceIdentifier<Group> path1 = InstanceIdentifier.builder(Nodes.class).child(org.opendaylight.yang.gen.v1.urn.opendaylight.inventory
1727 .rev130819.nodes.Node.class, nodeBuilder.getKey()).augmentation(FlowCapableNode.class).child(Group.class,
1728 new GroupKey(groupBuilder.getGroupId())).build();
1729 modification.delete(LogicalDatastoreType.CONFIGURATION, path1);
1730 CheckedFuture<Void, TransactionCommitFailedException> commitFuture = modification.submit();
1733 commitFuture.get(); // TODO: Make it async (See bug 1362)
1734 logger.debug("Transaction success for deletion of Group "+groupBuilder.getGroupName());
1735 } catch (InterruptedException|ExecutionException e) {
1736 logger.error(e.getMessage(), e);
1739 private Flow getFlow(FlowBuilder flowBuilder, NodeBuilder nodeBuilder) {
1740 Preconditions.checkNotNull(mdsalConsumer);
1741 if (mdsalConsumer == null) {
1742 logger.error("ERROR finding MDSAL Service. Its possible that writeFlow is called too soon ?");
1746 dataBroker = mdsalConsumer.getDataBroker();
1747 if (dataBroker == null) {
1748 logger.error("ERROR finding reference for DataBroker. Please check MD-SAL support on the Controller.");
1752 InstanceIdentifier<Flow> path1 = InstanceIdentifier.builder(Nodes.class).child(org.opendaylight.yang.gen.v1.urn.opendaylight.inventory
1753 .rev130819.nodes.Node.class, nodeBuilder.getKey()).augmentation(FlowCapableNode.class).child(Table.class,
1754 new TableKey(flowBuilder.getTableId())).child(Flow.class, flowBuilder.getKey()).build();
1756 ReadOnlyTransaction readTx = dataBroker.newReadOnlyTransaction();
1758 Optional<Flow> data = readTx.read(LogicalDatastoreType.CONFIGURATION, path1).get();
1759 if (data.isPresent()) {
1762 } catch (InterruptedException|ExecutionException e) {
1763 logger.error(e.getMessage(), e);
1766 logger.debug("Cannot find data for Flow " + flowBuilder.getFlowName());
1770 private void writeFlow(FlowBuilder flowBuilder, NodeBuilder nodeBuilder) {
1771 Preconditions.checkNotNull(mdsalConsumer);
1772 if (mdsalConsumer == null) {
1773 logger.error("ERROR finding MDSAL Service. Its possible that writeFlow is called too soon ?");
1777 dataBroker = mdsalConsumer.getDataBroker();
1778 if (dataBroker == null) {
1779 logger.error("ERROR finding reference for DataBroker. Please check MD-SAL support on the Controller.");
1783 ReadWriteTransaction modification = dataBroker.newReadWriteTransaction();
1784 InstanceIdentifier<Flow> path1 = InstanceIdentifier.builder(Nodes.class).child(org.opendaylight.yang.gen.v1.urn.opendaylight.inventory
1785 .rev130819.nodes.Node.class, nodeBuilder.getKey()).augmentation(FlowCapableNode.class).child(Table.class,
1786 new TableKey(flowBuilder.getTableId())).child(Flow.class, flowBuilder.getKey()).build();
1788 //modification.put(LogicalDatastoreType.OPERATIONAL, path1, flowBuilder.build());
1789 modification.put(LogicalDatastoreType.CONFIGURATION, path1, flowBuilder.build(), true /*createMissingParents*/);
1792 CheckedFuture<Void, TransactionCommitFailedException> commitFuture = modification.submit();
1794 commitFuture.get(); // TODO: Make it async (See bug 1362)
1795 logger.debug("Transaction success for write of Flow "+flowBuilder.getFlowName());
1796 } catch (InterruptedException|ExecutionException e) {
1797 logger.error(e.getMessage(), e);
1801 private void removeFlow(FlowBuilder flowBuilder, NodeBuilder nodeBuilder) {
1802 Preconditions.checkNotNull(mdsalConsumer);
1803 if (mdsalConsumer == null) {
1804 logger.error("ERROR finding MDSAL Service.");
1808 dataBroker = mdsalConsumer.getDataBroker();
1809 if (dataBroker == null) {
1810 logger.error("ERROR finding reference for DataBroker. Please check MD-SAL support on the Controller.");
1814 WriteTransaction modification = dataBroker.newWriteOnlyTransaction();
1815 InstanceIdentifier<Flow> path1 = InstanceIdentifier.builder(Nodes.class)
1816 .child(org.opendaylight.yang.gen.v1.urn.opendaylight.inventory
1817 .rev130819.nodes.Node.class, nodeBuilder.getKey())
1818 .augmentation(FlowCapableNode.class).child(Table.class,
1819 new TableKey(flowBuilder.getTableId())).child(Flow.class, flowBuilder.getKey()).build();
1820 //modification.delete(LogicalDatastoreType.OPERATIONAL, nodeBuilderToInstanceId(nodeBuilder));
1821 //modification.delete(LogicalDatastoreType.OPERATIONAL, path1);
1822 //modification.delete(LogicalDatastoreType.CONFIGURATION, nodeBuilderToInstanceId(nodeBuilder));
1823 modification.delete(LogicalDatastoreType.CONFIGURATION, path1);
1825 CheckedFuture<Void, TransactionCommitFailedException> commitFuture = modification.submit();
1827 commitFuture.get(); // TODO: Make it async (See bug 1362)
1828 logger.debug("Transaction success for deletion of Flow "+flowBuilder.getFlowName());
1829 } catch (InterruptedException|ExecutionException e) {
1830 logger.error(e.getMessage(), e);
1835 * Create Output Port Group Instruction
1837 * @param ib Map InstructionBuilder without any instructions
1838 * @param dpidLong Long the datapath ID of a switch/node
1839 * @param port Long representing a port on a switch/node
1840 * @return ib InstructionBuilder Map with instructions
1842 protected InstructionBuilder createOutputGroupInstructions(NodeBuilder nodeBuilder,
1843 InstructionBuilder ib,
1844 Long dpidLong, Long port ,
1845 List<Instruction> instructions) {
1846 NodeConnectorId ncid = new NodeConnectorId(OPENFLOW + dpidLong + ":" + port);
1847 logger.debug("createOutputGroupInstructions() Node Connector ID is - Type=openflow: DPID={} port={} existingInstructions={}", dpidLong, port, instructions);
1849 List<Action> actionList = Lists.newArrayList();
1850 ActionBuilder ab = new ActionBuilder();
1852 List<Action> existingActions;
1853 if (instructions != null) {
1854 for (Instruction in : instructions) {
1855 if (in.getInstruction() instanceof ApplyActionsCase) {
1856 existingActions = (((ApplyActionsCase) in.getInstruction()).getApplyActions().getAction());
1857 actionList.addAll(existingActions);
1862 GroupBuilder groupBuilder = new GroupBuilder();
1865 /* Create output action for this port*/
1866 OutputActionBuilder oab = new OutputActionBuilder();
1867 oab.setOutputNodeConnector(ncid);
1868 ab.setAction(new OutputActionCaseBuilder().setOutputAction(oab.build()).build());
1869 logger.debug("createOutputGroupInstructions(): output action {}", ab.build());
1870 boolean addNew = true;
1871 boolean groupActionAdded = false;
1873 /* Find the group action and get the group */
1874 for (Action action : actionList) {
1875 if (action.getAction() instanceof GroupActionCase) {
1876 groupActionAdded = true;
1877 GroupActionCase groupAction = (GroupActionCase) action.getAction();
1878 Long id = groupAction.getGroupAction().getGroupId();
1879 String groupName = groupAction.getGroupAction().getGroup();
1880 GroupKey key = new GroupKey(new GroupId(id));
1882 groupBuilder.setGroupId(new GroupId(id));
1883 groupBuilder.setGroupName(groupName);
1884 groupBuilder.setGroupType(GroupTypes.GroupAll);
1885 groupBuilder.setKey(key);
1886 group = getGroup(groupBuilder, nodeBuilder);
1887 logger.debug("createOutputGroupInstructions: group {}", group);
1892 logger.debug("createOutputGroupInstructions: groupActionAdded {}", groupActionAdded);
1893 if (groupActionAdded) {
1894 /* modify the action bucket in group */
1895 groupBuilder = new GroupBuilder(group);
1896 Buckets buckets = groupBuilder.getBuckets();
1897 for (Bucket bucket : buckets.getBucket()) {
1898 List<Action> bucketActions = bucket.getAction();
1899 logger.debug("createOutputGroupInstructions: bucketActions {}", bucketActions);
1900 for (Action action : bucketActions) {
1901 if (action.getAction() instanceof OutputActionCase) {
1902 OutputActionCase opAction = (OutputActionCase)action.getAction();
1903 /* If output port action already in the action list of one of the buckets, skip */
1904 if (opAction.getOutputAction().getOutputNodeConnector().equals(new Uri(ncid))) {
1911 logger.debug("createOutputGroupInstructions: addNew {}", addNew);
1913 /* the new output action is not in the bucket, add to bucket */
1914 if (!buckets.getBucket().isEmpty()) {
1915 Bucket bucket = buckets.getBucket().get(0);
1916 List<Action> bucketActionList = Lists.newArrayList();
1917 bucketActionList.addAll(bucket.getAction());
1918 /* set order for new action and add to action list */
1919 ab.setOrder(bucketActionList.size());
1920 ab.setKey(new ActionKey(bucketActionList.size()));
1921 bucketActionList.add(ab.build());
1923 /* set bucket and buckets list. Reset groupBuilder with new buckets.*/
1924 BucketsBuilder bucketsBuilder = new BucketsBuilder();
1925 List<Bucket> bucketList = Lists.newArrayList();
1926 BucketBuilder bucketBuilder = new BucketBuilder();
1927 bucketBuilder.setBucketId(new BucketId((long) 1));
1928 bucketBuilder.setKey(new BucketKey(new BucketId((long) 1)));
1929 bucketBuilder.setAction(bucketActionList);
1930 bucketList.add(bucketBuilder.build());
1931 bucketsBuilder.setBucket(bucketList);
1932 groupBuilder.setBuckets(bucketsBuilder.build());
1933 logger.debug("createOutputGroupInstructions: bucketList {}", bucketList);
1938 groupBuilder = new GroupBuilder();
1939 groupBuilder.setGroupType(GroupTypes.GroupAll);
1940 groupBuilder.setGroupId(new GroupId(groupId));
1941 groupBuilder.setKey(new GroupKey(new GroupId(groupId)));
1942 groupBuilder.setGroupName("Output port group " + groupId);
1943 groupBuilder.setBarrier(false);
1945 BucketsBuilder bucketBuilder = new BucketsBuilder();
1946 List<Bucket> bucketList = Lists.newArrayList();
1947 BucketBuilder bucket = new BucketBuilder();
1948 bucket.setBucketId(new BucketId((long) 1));
1949 bucket.setKey(new BucketKey(new BucketId((long) 1)));
1951 /* put output action to the bucket */
1952 List<Action> bucketActionList = Lists.newArrayList();
1953 /* set order for new action and add to action list */
1954 ab.setOrder(bucketActionList.size());
1955 ab.setKey(new ActionKey(bucketActionList.size()));
1956 bucketActionList.add(ab.build());
1958 bucket.setAction(bucketActionList);
1959 bucketList.add(bucket.build());
1960 bucketBuilder.setBucket(bucketList);
1961 groupBuilder.setBuckets(bucketBuilder.build());
1963 /* Add new group action */
1964 GroupActionBuilder groupActionB = new GroupActionBuilder();
1965 groupActionB.setGroupId(groupId);
1966 groupActionB.setGroup("Output port group " + groupId);
1967 ab = new ActionBuilder();
1968 ab.setAction(new GroupActionCaseBuilder().setGroupAction(groupActionB.build()).build());
1969 ab.setOrder(actionList.size());
1970 ab.setKey(new ActionKey(actionList.size()));
1971 actionList.add(ab.build());
1975 logger.debug("createOutputGroupInstructions: group {}", groupBuilder.build());
1976 logger.debug("createOutputGroupInstructions: actionList {}", actionList);
1979 /* rewrite the group to group table */
1980 writeGroup(groupBuilder, nodeBuilder);
1983 // Create an Apply Action
1984 ApplyActionsBuilder aab = new ApplyActionsBuilder();
1985 aab.setAction(actionList);
1986 ib.setInstruction(new ApplyActionsCaseBuilder().setApplyActions(aab.build()).build());
1992 * Remove Output Port from action list in group bucket
1994 * @param ib Map InstructionBuilder without any instructions
1995 * @param dpidLong Long the datapath ID of a switch/node
1996 * @param port Long representing a port on a switch/node
1997 * @return ib InstructionBuilder Map with instructions
1999 protected boolean removeOutputPortFromGroup(NodeBuilder nodeBuilder, InstructionBuilder ib,
2000 Long dpidLong, Long port , List<Instruction> instructions) {
2002 NodeConnectorId ncid = new NodeConnectorId(OPENFLOW + dpidLong + ":" + port);
2003 logger.debug("removeOutputPortFromGroup() Node Connector ID is - Type=openflow: DPID={} port={} existingInstructions={}", dpidLong, port, instructions);
2005 List<Action> actionList = Lists.newArrayList();
2008 List<Action> existingActions;
2009 if (instructions != null) {
2010 for (Instruction in : instructions) {
2011 if (in.getInstruction() instanceof ApplyActionsCase) {
2012 existingActions = (((ApplyActionsCase) in.getInstruction()).getApplyActions().getAction());
2013 actionList.addAll(existingActions);
2019 GroupBuilder groupBuilder = new GroupBuilder();
2021 boolean groupActionAdded = false;
2022 /* Find the group action and get the group */
2023 for (Action action : actionList) {
2024 if (action.getAction() instanceof GroupActionCase) {
2025 groupActionAdded = true;
2026 GroupActionCase groupAction = (GroupActionCase) action.getAction();
2027 Long id = groupAction.getGroupAction().getGroupId();
2028 String groupName = groupAction.getGroupAction().getGroup();
2029 GroupKey key = new GroupKey(new GroupId(id));
2031 groupBuilder.setGroupId(new GroupId(id));
2032 groupBuilder.setGroupName(groupName);
2033 groupBuilder.setGroupType(GroupTypes.GroupAll);
2034 groupBuilder.setKey(key);
2035 group = getGroup(groupBuilder, nodeBuilder);
2040 if (groupActionAdded) {
2041 /* modify the action bucket in group */
2042 groupBuilder = new GroupBuilder(group);
2043 Buckets buckets = groupBuilder.getBuckets();
2044 List<Action> bucketActions = Lists.newArrayList();
2045 for (Bucket bucket : buckets.getBucket()) {
2047 boolean isPortDeleted = false;
2048 bucketActions = bucket.getAction();
2049 for (Action action : bucketActions) {
2050 if (action.getAction() instanceof OutputActionCase) {
2051 OutputActionCase opAction = (OutputActionCase)action.getAction();
2052 if (opAction.getOutputAction().getOutputNodeConnector().equals(new Uri(ncid))) {
2053 /* Find the output port in action list and remove */
2054 index = bucketActions.indexOf(action);
2055 bucketActions.remove(action);
2056 isPortDeleted = true;
2061 if (isPortDeleted && !bucketActions.isEmpty()) {
2062 for (int i = index; i< bucketActions.size(); i++) {
2063 Action action = bucketActions.get(i);
2064 if (action.getOrder() != i) {
2065 /* Shift the action order */
2066 ab = new ActionBuilder();
2067 ab.setAction(action.getAction());
2069 ab.setKey(new ActionKey(i));
2070 Action actionNewOrder = ab.build();
2071 bucketActions.remove(action);
2072 bucketActions.add(i, actionNewOrder);
2076 } else if (bucketActions.isEmpty()) {
2077 /* remove bucket with empty action list */
2078 buckets.getBucket().remove(bucket);
2082 if (!buckets.getBucket().isEmpty()) {
2083 /* rewrite the group to group table */
2084 /* set bucket and buckets list. Reset groupBuilder with new buckets.*/
2085 BucketsBuilder bucketsBuilder = new BucketsBuilder();
2086 List<Bucket> bucketList = Lists.newArrayList();
2087 BucketBuilder bucketBuilder = new BucketBuilder();
2088 bucketBuilder.setBucketId(new BucketId((long) 1));
2089 bucketBuilder.setKey(new BucketKey(new BucketId((long) 1)));
2090 bucketBuilder.setAction(bucketActions);
2091 bucketList.add(bucketBuilder.build());
2092 bucketsBuilder.setBucket(bucketList);
2093 groupBuilder.setBuckets(bucketsBuilder.build());
2094 logger.debug("removeOutputPortFromGroup: bucketList {}", bucketList);
2096 writeGroup(groupBuilder, nodeBuilder);
2097 ApplyActionsBuilder aab = new ApplyActionsBuilder();
2098 aab.setAction(actionList);
2099 ib.setInstruction(new ApplyActionsCaseBuilder().setApplyActions(aab.build()).build());
2102 /* remove group with empty bucket. return true to delete flow */
2103 removeGroup(groupBuilder, nodeBuilder);
2107 /* no group for port list. flow can be removed */
2113 public void initializeOFFlowRules(Node openflowNode) {
2114 Preconditions.checkNotNull(connectionService);
2115 List<Node> ovsNodes = connectionService.getNodes();
2116 if (ovsNodes == null) return;
2117 for (Node ovsNode : ovsNodes) {
2118 Long brIntDpid = this.getIntegrationBridgeOFDPID(ovsNode);
2119 Long brExDpid = this.getExternalBridgeDpid(ovsNode);
2120 logger.debug("Compare openflowNode to OVS node {} vs {} and {}", openflowNode.getID(), brIntDpid, brExDpid);
2121 String openflowID = openflowNode.getID().toString();
2122 if (openflowID.contains(brExDpid.toString())) {
2123 this.initializeFlowRules(ovsNode, configurationService.getExternalBridgeName());
2124 this.triggerInterfaceUpdates(ovsNode);
2126 if (openflowID.contains(brIntDpid.toString())) {
2127 this.initializeFlowRules(ovsNode, configurationService.getIntegrationBridgeName());
2128 this.triggerInterfaceUpdates(ovsNode);
2133 public static NodeBuilder createNodeBuilder(String nodeId) {
2134 NodeBuilder builder = new NodeBuilder();
2135 builder.setId(new NodeId(nodeId));
2136 builder.setKey(new NodeKey(builder.getId()));
2140 private InstanceIdentifier<org.opendaylight.yang.gen.v1.urn.opendaylight.inventory.rev130819.nodes.Node> nodeBuilderToInstanceId(NodeBuilder
2142 return InstanceIdentifier.builder(Nodes.class).child(org.opendaylight.yang.gen.v1.urn.opendaylight.inventory.rev130819.nodes.Node.class,
2143 node.getKey()).toInstance();
2146 private String getInternalBridgeUUID (Node node, String bridgeName) {
2147 Preconditions.checkNotNull(ovsdbConfigurationService);
2149 Map<String, Row> bridgeTable = ovsdbConfigurationService.getRows(node, ovsdbConfigurationService.getTableName(node, Bridge.class));
2150 if (bridgeTable == null) return null;
2151 for (String key : bridgeTable.keySet()) {
2152 Bridge bridge = ovsdbConfigurationService.getTypedRow(node, Bridge.class, bridgeTable.get(key));
2153 if (bridge.getName().equals(bridgeName)) return key;
2155 } catch (Exception e) {
2156 logger.error("Error getting Bridge Identifier for {} / {}", node, bridgeName, e);
Code Review / ovsdb.git / blob