import java.util.Map;
import java.util.Set;
import java.util.stream.Collectors;
-import javax.annotation.Nullable;
import javax.annotation.PostConstruct;
import javax.inject.Singleton;
import org.apache.commons.lang3.ObjectUtils;
+import org.eclipse.jdt.annotation.Nullable;
import org.opendaylight.controller.md.sal.binding.api.DataBroker;
import org.opendaylight.controller.md.sal.common.api.data.LogicalDatastoreType;
import org.opendaylight.controller.md.sal.common.api.data.ReadFailedException;
import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.Uuid;
import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.rev160406.IfL2vlan;
import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.rev160406.IfL2vlanBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.rev160406.ParentRefs;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.rev160406.ParentRefsBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.rev160406.SplitHorizon;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.rev160406.SplitHorizonBuilder;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.l2.types.rev130827.VlanId;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.InterfaceAcl;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.InterfaceAclBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.interfaces._interface.AllowedAddressPairs;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev160111.ext.routers.RoutersBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev160111.floating.ip.port.info.FloatingIpIdToPortMappingBuilder;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.natservice.rev160111.floating.ip.port.info.FloatingIpIdToPortMappingKey;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.neutronvpn.config.rev160806.NeutronvpnConfig;
+import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.neutronvpn.rev150602.neutron.vpn.port.id.subport.data.PortIdToSubport;
import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.neutronvpn.rev150602.subnetmaps.Subnetmap;
import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.binding.rev150712.PortBindingExtension;
import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.hostconfig.rev150712.hostconfig.attributes.hostconfigs.Hostconfig;
private final NeutronvpnUtils neutronvpnUtils;
private final HostConfigCache hostConfigCache;
private final DataTreeEventCallbackRegistrar eventCallbacks;
+ private final NeutronvpnConfig neutronvpnConfig;
public NeutronPortChangeListener(final DataBroker dataBroker,
final NeutronvpnManager neutronvpnManager,
final JobCoordinator jobCoordinator,
final NeutronvpnUtils neutronvpnUtils,
final HostConfigCache hostConfigCache,
- final DataTreeEventCallbackRegistrar dataTreeEventCallbackRegistrar) {
+ final DataTreeEventCallbackRegistrar dataTreeEventCallbackRegistrar,
+ final NeutronvpnConfig neutronvpnConfig) {
super(Port.class, NeutronPortChangeListener.class);
this.dataBroker = dataBroker;
this.txRunner = new ManagedNewTransactionRunnerImpl(dataBroker);
this.neutronvpnUtils = neutronvpnUtils;
this.hostConfigCache = hostConfigCache;
this.eventCallbacks = dataTreeEventCallbackRegistrar;
+ this.neutronvpnConfig = neutronvpnConfig;
+
}
@Override
}
final String portName = update.getUuid().getValue();
Network network = neutronvpnUtils.getNeutronNetwork(update.getNetworkId());
- LOG.info("Update port {} from network {}", portName, update.getNetworkId().toString());
if (network == null || !NeutronvpnUtils.isNetworkTypeSupported(network)) {
LOG.warn("neutron vpn received a port update() for a network without a provider extension augmentation "
+ "or with an unsupported network type for the port {} which is part of network {}",
// check if port security enabled/disabled as part of port update
boolean origSecurityEnabled = NeutronvpnUtils.getPortSecurityEnabled(original);
boolean updatedSecurityEnabled = NeutronvpnUtils.getPortSecurityEnabled(update);
-
- if (origSecurityEnabled || updatedSecurityEnabled) {
+ boolean isDhcpServerPort = neutronvpnConfig.isLimitBumtrafficToDhcpserver()
+ && NeutronvpnUtils.isDhcpServerPort(update);
+ if (origSecurityEnabled || updatedSecurityEnabled || isDhcpServerPort) {
InstanceIdentifier<Interface> interfaceIdentifier = NeutronvpnUtils.buildVlanInterfaceIdentifier(portName);
jobCoordinator.enqueueJob("PORT- " + portName,
() -> Collections.singletonList(txRunner.callWithNewReadWriteTransactionAndSubmit(CONFIGURATION,
confTx.read(interfaceIdentifier).get();
if (optionalInf.isPresent()) {
InterfaceBuilder interfaceBuilder = new InterfaceBuilder(optionalInf.get());
- InterfaceAcl infAcl = handlePortSecurityUpdated(original, update,
- origSecurityEnabled, updatedSecurityEnabled, interfaceBuilder).build();
- interfaceBuilder.addAugmentation(InterfaceAcl.class, infAcl);
+ if (origSecurityEnabled || updatedSecurityEnabled) {
+ InterfaceAcl infAcl = handlePortSecurityUpdated(original, update, origSecurityEnabled,
+ updatedSecurityEnabled, interfaceBuilder).build();
+ interfaceBuilder.addAugmentation(InterfaceAcl.class, infAcl);
+ } else if (isDhcpServerPort) {
+ Set<FixedIps> oldIPs = getFixedIpSet(original.getFixedIps());
+ Set<FixedIps> newIPs = getFixedIpSet(update.getFixedIps());
+ if (!oldIPs.equals(newIPs)) {
+ InterfaceAcl infAcl = neutronvpnUtils.getDhcpInterfaceAcl(update);
+ interfaceBuilder.addAugmentation(InterfaceAcl.class, infAcl);
+ }
+ }
LOG.info("update: Of-port-interface updation for port {}", portName);
// Update OFPort interface for this neutron port
confTx.put(interfaceIdentifier, interfaceBuilder.build());
}
private void handleFloatingIpPortUpdated(@Nullable Port original, Port update) {
- if ((original == null || NeutronConstants.FLOATING_IP_DEVICE_ID_PENDING.equals(original.getDeviceId()))
- && !NeutronConstants.FLOATING_IP_DEVICE_ID_PENDING.equals(update.getDeviceId())) {
+ if ((original == null || NeutronConstants.FLOATING_IP_DEVICE_ID_PENDING.equals(original.getDeviceId())
+ && !NeutronConstants.FLOATING_IP_DEVICE_ID_PENDING.equals(update.getDeviceId()))) {
// populate floating-ip uuid and floating-ip port attributes (uuid, mac and subnet id for the ONLY
// fixed IP) to be used by NAT, depopulated in NATService once mac is retrieved in the removal path
addToFloatingIpPortInfo(new Uuid(update.getDeviceId()), update.getUuid(), update.getFixedIps().get(0)
return false;
}
String vnicType = portBinding.getVnicType().trim().toLowerCase(Locale.getDefault());
- return vnicType.equals(NeutronConstants.VNIC_TYPE_DIRECT);
+ return NeutronConstants.VNIC_TYPE_DIRECT.equals(vnicType);
}
private boolean isSupportedVnicTypeByHost(final Port port, final String vnicType) {
Boolean isVlanTransparent = network.isVlanTransparent();
if (isVlanTransparent != null && isVlanTransparent) {
l2VlanMode = IfL2vlan.L2vlanMode.Transparent;
+ } else {
+ PortIdToSubport portIdToSubport = neutronvpnUtils.getPortIdToSubport(port.getUuid());
+ if (portIdToSubport != null) {
+ l2VlanMode = IfL2vlan.L2vlanMode.TrunkMember;
+ ifL2vlanBuilder.setVlanId(new VlanId(portIdToSubport.getVlanId().intValue()));
+ String parentRefName = portIdToSubport.getTrunkPortId().getValue();
+ ParentRefsBuilder parentRefsBuilder = new ParentRefsBuilder().setParentInterface(parentRefName);
+ interfaceBuilder.addAugmentation(ParentRefs.class, parentRefsBuilder.build());
+ SplitHorizon splitHorizon =
+ new SplitHorizonBuilder().setOverrideSplitHorizonProtection(true).build();
+ interfaceBuilder.addAugmentation(SplitHorizon.class, splitHorizon);
+ }
}
ifL2vlanBuilder.setL2vlanMode(l2VlanMode);
interfaceAclBuilder.setPortSecurityEnabled(true);
neutronvpnUtils.populateInterfaceAclBuilder(interfaceAclBuilder, port);
interfaceBuilder.addAugmentation(InterfaceAcl.class, interfaceAclBuilder.build());
+ } else if (neutronvpnConfig.isLimitBumtrafficToDhcpserver() && NeutronvpnUtils.isDhcpServerPort(port)) {
+ interfaceBuilder.addAugmentation(InterfaceAcl.class, neutronvpnUtils.getDhcpInterfaceAcl(port));
}
return interfaceBuilder.build();
}