Code Review / groupbasedpolicy.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
Bug 5617: Added UT for GroupTable and ChainActionFlows
[groupbasedpolicy.git] / renderers / ofoverlay / src / main / java / org / opendaylight / groupbasedpolicy / renderer / ofoverlay / flow / ChainActionFlows.java
1 /*
2  * Copyright (c) 2014 Cisco Systems, Inc. and others. All rights reserved.
3  *
4  * This program and the accompanying materials are made available under the
5  * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6  * and is available at http://www.eclipse.org/legal/epl-v10.html
7  */
8
9 package org.opendaylight.groupbasedpolicy.renderer.ofoverlay.flow;
10
11 import static org.opendaylight.groupbasedpolicy.renderer.ofoverlay.flow.FlowUtils.addNxNsiMatch;
12 import static org.opendaylight.groupbasedpolicy.renderer.ofoverlay.flow.FlowUtils.addNxNspMatch;
13 import static org.opendaylight.groupbasedpolicy.renderer.ofoverlay.flow.FlowUtils.addNxRegMatch;
14 import static org.opendaylight.groupbasedpolicy.renderer.ofoverlay.flow.FlowUtils.addNxTunIdMatch;
15 import static org.opendaylight.groupbasedpolicy.renderer.ofoverlay.flow.FlowUtils.addNxTunIpv4DstMatch;
16 import static org.opendaylight.groupbasedpolicy.renderer.ofoverlay.flow.FlowUtils.applyActionIns;
17 import static org.opendaylight.groupbasedpolicy.renderer.ofoverlay.flow.FlowUtils.gotoTableIns;
18 import static org.opendaylight.groupbasedpolicy.renderer.ofoverlay.flow.FlowUtils.instructions;
19 import static org.opendaylight.groupbasedpolicy.renderer.ofoverlay.flow.FlowUtils.nxLoadNshc1RegAction;
20 import static org.opendaylight.groupbasedpolicy.renderer.ofoverlay.flow.FlowUtils.nxLoadNshc2RegAction;
21 import static org.opendaylight.groupbasedpolicy.renderer.ofoverlay.flow.FlowUtils.nxLoadRegAction;
22 import static org.opendaylight.groupbasedpolicy.renderer.ofoverlay.flow.FlowUtils.nxLoadTunIPv4Action;
23 import static org.opendaylight.groupbasedpolicy.renderer.ofoverlay.flow.FlowUtils.nxLoadTunIdAction;
24 import static org.opendaylight.groupbasedpolicy.renderer.ofoverlay.flow.FlowUtils.nxOutputRegAction;
25 import static org.opendaylight.groupbasedpolicy.renderer.ofoverlay.flow.FlowUtils.outputAction;
26
27 import java.math.BigInteger;
28 import java.util.ArrayList;
29 import java.util.List;
30
31 import org.apache.commons.lang3.StringUtils;
32 import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.OfContext;
33 import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.OfWriter;
34 import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.PolicyManager;
35 import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.flow.FlowUtils.RegMatch;
36 import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.flow.OrdinalFactory.EndpointFwdCtxOrdinals;
37 import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.mapper.policyenforcer.NetworkElements;
38 import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.node.SwitchManager;
39 import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.sf.ChainAction;
40 import org.opendaylight.groupbasedpolicy.renderer.ofoverlay.sfcutils.SfcNshHeader;
41 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev100924.IpAddress;
42 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev100924.Ipv4Address;
43 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev100924.Ipv4Prefix;
44 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev100924.Ipv6Prefix;
45 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.inventory.rev130819.FlowId;
46 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.inventory.rev130819.tables.table.Flow;
47 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.inventory.rev130819.tables.table.FlowBuilder;
48 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.flow.Match;
49 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.flow.MatchBuilder;
50 import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.instruction.instruction.go.to.table._case.GoToTable;
51 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.endpoint.rev140421.endpoint.fields.L3Address;
52 import org.opendaylight.yang.gen.v1.urn.opendaylight.groupbasedpolicy.policy.rev140421.HasDirection.Direction;
53 import org.opendaylight.yang.gen.v1.urn.opendaylight.inventory.rev130819.NodeConnectorId;
54 import org.opendaylight.yang.gen.v1.urn.opendaylight.inventory.rev130819.NodeId;
55 import org.opendaylight.yang.gen.v1.urn.opendaylight.model.match.types.rev131026.match.Layer3Match;
56 import org.opendaylight.yang.gen.v1.urn.opendaylight.model.match.types.rev131026.match.layer._3.match.Ipv4MatchBuilder;
57 import org.opendaylight.yang.gen.v1.urn.opendaylight.model.match.types.rev131026.match.layer._3.match.Ipv6MatchBuilder;
58 import org.opendaylight.yang.gen.v1.urn.opendaylight.openflowjava.nx.match.rev140421.NxmNxReg0;
59 import org.opendaylight.yang.gen.v1.urn.opendaylight.openflowjava.nx.match.rev140421.NxmNxReg1;
60 import org.opendaylight.yang.gen.v1.urn.opendaylight.openflowjava.nx.match.rev140421.NxmNxReg4;
61 import org.opendaylight.yang.gen.v1.urn.opendaylight.openflowjava.nx.match.rev140421.NxmNxReg5;
62 import org.opendaylight.yang.gen.v1.urn.opendaylight.openflowjava.nx.match.rev140421.NxmNxReg6;
63 import org.opendaylight.yang.gen.v1.urn.opendaylight.openflowjava.nx.match.rev140421.NxmNxReg7;
64 import org.opendaylight.yang.gen.v1.urn.opendaylight.params.xml.ns.yang.overlay.rev150105.TunnelTypeVxlanGpe;
65 import org.slf4j.Logger;
66 import org.slf4j.LoggerFactory;
67
68 import com.google.common.annotations.VisibleForTesting;
69
70 /**
71  * <h1>Creation of flows related to service chain</h1>
72  *
73  * These flows are built across most of gbp of tables and have higher priority than basic flows. It ensures, that
74  * packet redirected to chain will be sent to tunnel output
75  * <p>
76  *
77  * Flow that allows ALL traffic incoming from chain last hop
78  * <p>
79  * <i>Allow from chain flow</i><br>
80  * Table = 0<br>
81  * Priority = 1200<br>
82  * Matches:<br>
83  *      - Nshc1<br>
84  *      - Nsp<br>
85  *      - Nsi<br>
86  *      - in_port (tunnel port) {@link NodeConnectorId}<br>
87  * Actions:<br>
88  *      - {@link GoToTable} SOURCE MAPPER table
89  * <p>
90  * TODO: looks like duplicity, the same flow is created in policy enforcer
91  * <i>Allow from chain tunnel</i>
92  * Table = 4<br>
93  * Priority = 65000<br>
94  * Matches:<br>
95  *      - in_port (tunnel port) {@link NodeConnectorId}<br>
96  *      - Reg7 (fixed value 0xffffff) {@link NxmNxReg7}
97  * Actions:<br>
98  *      - {@link GoToTable} SOURCE MAPPER table
99  * <p>
100  * <i>Create external flow</i>
101  * Table = 6<br>
102  * Priority = 1000 (if dst node == src node, priority = 1500)<br>
103  * Matches:<br>
104  *      - Reg6 {@link NxmNxReg6}<br>
105  *      - tunnel ID<br>
106  *      - nsp<br>
107  *      - nsi<br>
108  *      - tun_dst (only if dst node == src node)<br>
109  * Actions:<br>
110  *      - set nshc1<br>
111  *      - set nshc2<br>
112  *      - load tunnel ID<br>
113  *      - load tunnel ipv4<br>
114  *      - output:(tunnel port)<br>
115  * <p>
116  * <i>Chain tunnel flow</i><br>
117  * Table = 2<br>
118  * Priority = 150<br>
119  * Matches:<br>
120  *      - in_port (tunnel port) {@link NodeConnectorId}<br>
121  *      - tunnel ID<br>
122  *      - nsp<br>
123  *      - nsi<br>
124  * Actions:<br>
125  *      - Reg0 {@link NxmNxReg0}<br>
126  *      - Reg1 {@link NxmNxReg1}<br>
127  *      - Reg4 {@link NxmNxReg4}<br>
128  *      - Reg5 {@link NxmNxReg5}<br>
129  *      - Reg6 {@link NxmNxReg6}<br>
130  *      - {@link GoToTable} DESTINATION MAPPER table<br>
131  * <p>
132  * <i>Chain broadcast flow</i><br>
133  * Table = 2<br>
134  * Priority = 150<br>
135  * Matches:<br>
136  *      - in_port (tunnel port) {@link NodeConnectorId}<br>
137  *      - tunnel ID<br>
138  *      - nsp<br>
139  *      - nsi<br>
140  * Actions:<br>
141  *      - load Reg5 {@link NxmNxReg5}<br>
142  *      - {@link GoToTable} DESTINATION MAPPER table<br>
143  */
144 public class ChainActionFlows {
145
146     private static final Logger LOG = LoggerFactory.getLogger(ChainAction.class);
147
148     public ChainActionFlows() {
149
150     }
151
152     public static void createChainTunnelFlows(SfcNshHeader sfcNshHeader, NetworkElements netElements, OfWriter ofWriter,
153             OfContext ctx, Direction direction) {
154
155         NodeId localNodeId = netElements.getLocalNodeId();
156         EndpointFwdCtxOrdinals epOrdinals = netElements.getSrcEpOrdinals();
157
158         NodeConnectorId localNodeTunPort = ctx.getSwitchManager().getTunnelPort(localNodeId, TunnelTypeVxlanGpe.class);
159         Ipv4Address tunDestAddress = ctx.getSwitchManager()
160             .getTunnelIP(netElements.getDstNodeId(), TunnelTypeVxlanGpe.class)
161             .getIpv4Address();
162         if (localNodeTunPort == null) {
163             LOG.error("createChainTunnelFlows: No valid VXLAN GPE tunnel for Node {} ", localNodeId);
164             return;
165         }
166         if (direction.equals(Direction.In)) {
167             ofWriter.writeFlow(localNodeId, ctx.getPolicyManager().getTABLEID_PORTSECURITY(), allowFromChainPort(
168                     sfcNshHeader, localNodeTunPort, ctx.getPolicyManager().getTABLEID_PORTSECURITY(), ctx));
169
170             for (Flow flow : createChainTunnelFlow(sfcNshHeader, localNodeTunPort, netElements,
171                     ctx.getPolicyManager().getTABLEID_SOURCE_MAPPER(), ctx)) {
172                 ofWriter.writeFlow(localNodeId, ctx.getPolicyManager().getTABLEID_SOURCE_MAPPER(), flow);
173             }
174
175             ofWriter.writeFlow(localNodeId, ctx.getPolicyManager().getTABLEID_POLICY_ENFORCER(),
176                     allowFromChainTunnel(localNodeTunPort, ctx.getPolicyManager().getTABLEID_POLICY_ENFORCER()));
177
178             ofWriter.writeFlow(localNodeId, ctx.getPolicyManager().getTABLEID_SOURCE_MAPPER(),
179                     createChainBroadcastFlow(sfcNshHeader, localNodeTunPort, epOrdinals,
180                             ctx.getPolicyManager().getTABLEID_SOURCE_MAPPER(), ctx));
181         } else {
182             ofWriter.writeFlow(localNodeId, ctx.getPolicyManager().getTABLEID_EXTERNAL_MAPPER(),
183                     createExternalFlow(sfcNshHeader, localNodeTunPort, netElements, ctx.getPolicyManager(),
184                             ctx.getSwitchManager(), tunDestAddress));
185         }
186     }
187
188     private static Flow createChainBroadcastFlow(SfcNshHeader sfcNshHeader, NodeConnectorId tunPort,
189             EndpointFwdCtxOrdinals epFwdCtxOrds, short tableId, OfContext ctx) {
190
191         int fdId = epFwdCtxOrds.getFdId();
192
193         MatchBuilder mb = new MatchBuilder().setInPort(tunPort);
194
195         addNxNsiMatch(mb, sfcNshHeader.getNshNsiFromChain());
196         addNxNspMatch(mb, sfcNshHeader.getNshNspFromChain());
197         addNxTunIdMatch(mb, fdId);
198
199         org.opendaylight.yang.gen.v1.urn.opendaylight.action.types.rev131112.action.Action fdReg =
200                 nxLoadRegAction(NxmNxReg5.class, BigInteger.valueOf(fdId));
201
202         Match match = mb.build();
203         FlowId flowId = FlowIdUtils.newFlowId(tableId, "chainbroadcast", match);
204
205         FlowBuilder flowb = base(tableId).setId(flowId)
206             .setPriority(150)
207             .setMatch(match)
208             .setInstructions(instructions(applyActionIns(fdReg),
209                     gotoTableIns(ctx.getPolicyManager().getTABLEID_DESTINATION_MAPPER())));
210         return flowb.build();
211     }
212
213     private static Flow createExternalFlow(SfcNshHeader sfcNshHeader, NodeConnectorId tunPort, NetworkElements netElements,
214                                    PolicyManager policyManager, SwitchManager switchManager, Ipv4Address ipTunDest) {
215
216         short tableId = policyManager.getTABLEID_EXTERNAL_MAPPER();
217         org.opendaylight.yang.gen.v1.urn.opendaylight.action.types.rev131112.action.Action loadC1;
218         org.opendaylight.yang.gen.v1.urn.opendaylight.action.types.rev131112.action.Action outputAction;
219
220         Integer priority = 1000;
221         int matchTunnelId = netElements.getSrcEpOrdinals().getTunnelId();
222         long setTunnelId = netElements.getDstEpOrdinals().getTunnelId();
223         Long l3c = (long) netElements.getSrcEpOrdinals().getL3Id();
224         loadC1 = nxLoadNshc1RegAction(sfcNshHeader.getNshMetaC1());
225
226         // Test for if SFF is on same node
227         IpAddress ipAddress = switchManager.getTunnelIP(netElements.getLocalNodeId(), TunnelTypeVxlanGpe.class);
228
229         if (ipAddress != null && ipAddress.getIpv4Address().equals(sfcNshHeader.getNshTunIpDst())) {
230             Integer newPort = returnOfPortFromNodeConnector(tunPort);
231             outputAction = FlowUtils.createActionResubmit(newPort, policyManager.getTABLEID_SFC_EGRESS());
232         } else {
233             outputAction = outputAction(tunPort);
234         }
235
236         org.opendaylight.yang.gen.v1.urn.opendaylight.action.types.rev131112.action.Action loadC2 =
237                 nxLoadNshc2RegAction(setTunnelId);
238         org.opendaylight.yang.gen.v1.urn.opendaylight.action.types.rev131112.action.Action loadChainTunVnid =
239                 nxLoadTunIdAction(BigInteger.valueOf(setTunnelId), false);
240         org.opendaylight.yang.gen.v1.urn.opendaylight.action.types.rev131112.action.Action loadChainTunDest =
241                 nxLoadTunIPv4Action(sfcNshHeader.getNshTunIpDst().getValue(), false);
242
243         MatchBuilder mb = new MatchBuilder();
244         addNxRegMatch(mb, RegMatch.of(NxmNxReg6.class, l3c));
245         addNxTunIdMatch(mb, matchTunnelId);
246         addNxNspMatch(mb, sfcNshHeader.getNshNspToChain());
247         addNxNsiMatch(mb, sfcNshHeader.getNshNsiToChain());
248         if (!netElements.getDstNodeId().equals(netElements.getSrcNodeId())) {
249             addNxTunIpv4DstMatch(mb, ipTunDest);
250             priority = 1500;
251         }
252
253         Match match = mb.build();
254         FlowId flowId = FlowIdUtils.newFlowId(tableId, "chainexternal", match);
255         FlowBuilder flowb =
256                 base(tableId).setId(flowId).setPriority(priority).setMatch(match).setInstructions(
257                         instructions(applyActionIns(loadC1, loadC2, loadChainTunDest, loadChainTunVnid, outputAction)));
258         return flowb.build();
259     }
260
261     private static List<Flow> createChainTunnelFlow(SfcNshHeader sfcNshHeader, NodeConnectorId tunPort,
262             NetworkElements netElements, short tableId, OfContext ctx) {
263
264         int egId = netElements.getDstEpOrdinals().getEpgId();
265         int bdId = netElements.getDstEpOrdinals().getBdId();
266         int fdId = netElements.getDstEpOrdinals().getFdId();
267         int l3Id = netElements.getDstEpOrdinals().getL3Id();
268         int tunnelId = netElements.getSrcEpOrdinals().getTunnelId();
269
270         org.opendaylight.yang.gen.v1.urn.opendaylight.action.types.rev131112.action.Action segReg =
271                 nxLoadRegAction(NxmNxReg0.class, BigInteger.valueOf(egId));
272         org.opendaylight.yang.gen.v1.urn.opendaylight.action.types.rev131112.action.Action scgReg =
273                 nxLoadRegAction(NxmNxReg1.class, BigInteger.valueOf(0xffffff));
274         org.opendaylight.yang.gen.v1.urn.opendaylight.action.types.rev131112.action.Action bdReg =
275                 nxLoadRegAction(NxmNxReg4.class, BigInteger.valueOf(bdId));
276         org.opendaylight.yang.gen.v1.urn.opendaylight.action.types.rev131112.action.Action fdReg =
277                 nxLoadRegAction(NxmNxReg5.class, BigInteger.valueOf(fdId));
278         org.opendaylight.yang.gen.v1.urn.opendaylight.action.types.rev131112.action.Action vrfReg =
279                 nxLoadRegAction(NxmNxReg6.class, BigInteger.valueOf(l3Id));
280
281         List<Flow> flows = new ArrayList<>();
282         for (L3Address address : netElements.getDstEp().getL3Address()) {
283             Layer3Match l3Match = null;
284             MatchBuilder mb = null;
285             if (address.getIpAddress() != null) {
286                 if (address.getIpAddress().getIpv4Address() != null) {
287                     l3Match = new Ipv4MatchBuilder()
288                         .setIpv4Source(new Ipv4Prefix(address.getIpAddress().getIpv4Address().getValue() + "/32"))
289                         .build();
290                     mb = new MatchBuilder().setInPort(tunPort)
291                         .setLayer3Match(l3Match)
292                         .setEthernetMatch(FlowUtils.ethernetMatch(null, null, FlowUtils.IPv4));
293                 } else if (address.getIpAddress().getIpv6Address() != null) {
294                     l3Match = new Ipv6MatchBuilder()
295                         .setIpv6Source(new Ipv6Prefix(address.getIpAddress().getIpv6Address().getValue() + "/128"))
296                         .build();
297                     mb = new MatchBuilder().setInPort(tunPort)
298                         .setLayer3Match(l3Match)
299                         .setEthernetMatch(FlowUtils.ethernetMatch(null, null, FlowUtils.IPv6));
300                 }
301             }
302
303             addNxTunIdMatch(mb, tunnelId);
304             addNxNspMatch(mb, sfcNshHeader.getNshNspFromChain());
305             addNxNsiMatch(mb, sfcNshHeader.getNshNsiFromChain());
306
307             Match match = mb.build();
308             FlowId flowId = FlowIdUtils.newFlowId(tableId, "chaintunnel", match);
309             FlowBuilder flowb = base(tableId).setId(flowId).setPriority(150).setMatch(match).setInstructions(
310                     instructions(applyActionIns(segReg, scgReg, bdReg, fdReg, vrfReg),
311                             gotoTableIns(ctx.getPolicyManager().getTABLEID_DESTINATION_MAPPER())));
312             flows.add(flowb.build());
313         }
314         return flows;
315     }
316
317     private static Flow allowFromChainPort(SfcNshHeader sfcNshHeader, NodeConnectorId port, short tableId,
318             OfContext ctx) {
319
320         // Matching on last NSP/NSI that SFF leaves on but with C1=0
321         MatchBuilder mb = new MatchBuilder();
322         FlowUtils.addNxNshc1RegMatch(mb, 0L);
323         FlowUtils.addNxNsiMatch(mb, sfcNshHeader.getNshNsiFromChain());
324         FlowUtils.addNxNspMatch(mb, sfcNshHeader.getNshNspFromChain());
325         Match match = mb.setInPort(port).build();
326
327         FlowId flowId = FlowIdUtils.newFlowId(tableId, "chainport", match);
328         FlowBuilder flowb =
329                 base(tableId).setId(flowId).setPriority(1200).setMatch(match).setInstructions(
330                         FlowUtils.gotoTableInstructions(ctx.getPolicyManager().getTABLEID_SOURCE_MAPPER()));
331         return flowb.build();
332     }
333
334     private static Flow allowFromChainTunnel(NodeConnectorId tunPort, short tableId) {
335
336         MatchBuilder mb = new MatchBuilder().setInPort(tunPort);
337         addNxRegMatch(mb, RegMatch.of(NxmNxReg1.class, 0xffffffL));
338         Match match = mb.build();
339         FlowId flowId = FlowIdUtils.newFlowId(tableId, "chainport", match);
340
341         FlowBuilder flow = base(tableId).setId(flowId).setMatch(match).setPriority(65000).setInstructions(
342                 instructions(applyActionIns(nxOutputRegAction(NxmNxReg7.class))));
343         return flow.build();
344
345     }
346
347     private static Integer returnOfPortFromNodeConnector(NodeConnectorId nodeConnectorId) {
348         String[] elements = StringUtils.split(nodeConnectorId.getValue(), ":");
349         if (elements.length != 3)
350             return null;
351         return new Integer(elements[2]);
352     }
353
354     /**
355      * Get a base flow builder with some common features already set
356      */
357     private static FlowBuilder base(short tableId) {
358         return new FlowBuilder().setTableId(tableId).setBarrier(false).setHardTimeout(0).setIdleTimeout(0);
359     }
360 }
OpenDaylight Group Based Policy Plugin