* http://docs.openstack.org/api/openstack-network/2.0/content/security_groups.html
*
*/
+
+ if (portSecurityRule == null ||
+ portSecurityRule.getSecurityRuleEthertype() == null ||
+ portSecurityRule.getSecurityRuleDirection() == null) {
+ continue;
+ }
+
if ("IPv4".equals(portSecurityRule.getSecurityRuleEthertype())
&& portSecurityRule.getSecurityRuleDirection().equals("egress")) {
LOG.debug("programPortSecurityGroup: Acl Rule matching IPv4 and ingress is: {} ", portSecurityRule);
Constants.PROTO_PORT_PREFIX_MATCH_PRIORITY);
break;
default:
- LOG.error("programPortSecurityRule: Protocol not supported", portSecurityRule);
+ LOG.info("programPortSecurityAcl: Protocol is not TCP/UDP/ICMP but other " +
+ "protocol = ", portSecurityRule.getSecurityRuleProtocol());
+ egressOtherProtocolAclHandler(dpid, segmentationId, attachedMac,
+ portSecurityRule, ipaddress, write,
+ Constants.PROTO_PORT_PREFIX_MATCH_PRIORITY);
break;
}
}
}
+ private void egressOtherProtocolAclHandler(Long dpidLong, String segmentationId, String srcMac,
+ NeutronSecurityRule portSecurityRule, String dstAddress,
+ boolean write, Integer protoPortMatchPriority) {
+
+ MatchBuilder matchBuilder = new MatchBuilder();
+ String flowId = "Egress_Other_" + segmentationId + "_" + srcMac + "_";
+ matchBuilder = MatchUtils.createEtherMatchWithType(matchBuilder,srcMac,null);
+
+ short proto = 0;
+ try {
+ Integer protocol = new Integer(portSecurityRule.getSecurityRuleProtocol());
+ proto = protocol.shortValue();
+ flowId = flowId + proto;
+ } catch (NumberFormatException e) {
+ LOG.error("Protocol vlaue conversion failure", e);
+ }
+ matchBuilder = MatchUtils.createIpProtocolMatch(matchBuilder, proto);
+
+ if (null != dstAddress) {
+ flowId = flowId + dstAddress;
+ matchBuilder = MatchUtils.addRemoteIpPrefix(matchBuilder,null,
+ MatchUtils.iPv4PrefixFromIPv4Address(dstAddress));
+
+ } else if (null != portSecurityRule.getSecurityRuleRemoteIpPrefix()) {
+ flowId = flowId + portSecurityRule.getSecurityRuleRemoteIpPrefix();
+ matchBuilder = MatchUtils.addRemoteIpPrefix(matchBuilder, null,new Ipv4Prefix(portSecurityRule
+ .getSecurityRuleRemoteIpPrefix()));
+ }
+ flowId = flowId + "_Permit";
+ String nodeName = Constants.OPENFLOW_NODE_PREFIX + dpidLong;
+ NodeBuilder nodeBuilder = createNodeBuilder(nodeName);
+ syncFlow(flowId, nodeBuilder, matchBuilder, protoPortMatchPriority, write, false);
+ }
+
@Override
public void programFixedSecurityGroup(Long dpid, String segmentationId, String attachedMac,
long localPort, List<Neutron_IPs> srcAddressList,
if (portSecurityRule.getSecurityRulePortMin().equals(PORT_RANGE_MIN)
&& portSecurityRule.getSecurityRulePortMax().equals(PORT_RANGE_MAX)) {
flowId = flowId + portSecurityRule.getSecurityRulePortMin() + "_"
- + portSecurityRule.getSecurityRulePortMax() + "_";
+ + portSecurityRule.getSecurityRulePortMax() + "_";
matchBuilder = MatchUtils.addLayer4Match(matchBuilder, MatchUtils.TCP_SHORT, 0, 0);
}
/*TODO TCP PortRange Match*/
if (null != dstAddress) {
flowId = flowId + dstAddress;
matchBuilder = MatchUtils.addRemoteIpPrefix(matchBuilder,null,
- MatchUtils.iPv4PrefixFromIPv4Address(dstAddress));
+ MatchUtils.iPv4PrefixFromIPv4Address(dstAddress));
} else if (null != portSecurityRule.getSecurityRuleRemoteIpPrefix()) {
flowId = flowId + portSecurityRule.getSecurityRuleRemoteIpPrefix();
matchBuilder = MatchUtils.addRemoteIpPrefix(matchBuilder,null,
- new Ipv4Prefix(portSecurityRule
- .getSecurityRuleRemoteIpPrefix()));
+ new Ipv4Prefix(portSecurityRule.getSecurityRuleRemoteIpPrefix()));
}
flowId = flowId + "_Permit";
String nodeName = Constants.OPENFLOW_NODE_PREFIX + dpidLong;
private void egressAclIcmp(Long dpidLong, String segmentationId, String srcMac,
NeutronSecurityRule portSecurityRule, String dstAddress,
boolean write, Integer protoPortMatchPriority) {
+
MatchBuilder matchBuilder = new MatchBuilder();
- String flowId = "Egress_ICMP_" + segmentationId + "_" + srcMac + "_"
- + portSecurityRule.getSecurityRulePortMin().shortValue() + "_"
- + portSecurityRule.getSecurityRulePortMax().shortValue() + "_";
+ String flowId = "Egress_ICMP_" + segmentationId + "_" + srcMac + "_";
matchBuilder = MatchUtils.createEtherMatchWithType(matchBuilder,srcMac,null);
- matchBuilder = MatchUtils.createICMPv4Match(matchBuilder,
- portSecurityRule.getSecurityRulePortMin().shortValue(),
- portSecurityRule.getSecurityRulePortMax().shortValue());
+ /*Custom ICMP Match */
+ if (portSecurityRule.getSecurityRulePortMin() != null &&
+ portSecurityRule.getSecurityRulePortMax() != null) {
+ flowId = flowId + portSecurityRule.getSecurityRulePortMin().shortValue() + "_"
+ + portSecurityRule.getSecurityRulePortMax().shortValue() + "_";
+ matchBuilder = MatchUtils.createICMPv4Match(matchBuilder,
+ portSecurityRule.getSecurityRulePortMin().shortValue(),
+ portSecurityRule.getSecurityRulePortMax().shortValue());
+ } else {
+ /* All ICMP Match */ // We are getting from neutron NULL for both min and max
+ flowId = flowId + "all" + "_" ;
+ matchBuilder = MatchUtils.createICMPv4Match(matchBuilder, MatchUtils.ALL_ICMP, MatchUtils.ALL_ICMP);
+ }
if (null != dstAddress) {
flowId = flowId + dstAddress;
matchBuilder = MatchUtils.addRemoteIpPrefix(matchBuilder,null,
*
*/
+ if (portSecurityRule == null ||
+ portSecurityRule.getSecurityRuleEthertype() == null ||
+ portSecurityRule.getSecurityRuleDirection() == null) {
+ continue;
+ }
+
if ("IPv4".equals(portSecurityRule.getSecurityRuleEthertype())
&& "ingress".equals(portSecurityRule.getSecurityRuleDirection())) {
LOG.debug("programPortSecurityGroup: Rule matching IPv4 and ingress is: {} ", portSecurityRule);
securityGroupCacheManger.portRemoved(securityGroup.getSecurityGroupUUID(), portUuid);
}
}
-
-
-
}
}
write, Constants.PROTO_PORT_PREFIX_MATCH_PRIORITY);
break;
default:
- LOG.error("programPortSecurityRule: Protocol not supported", portSecurityRule);
+ LOG.info("programPortSecurityAcl: Protocol is not TCP/UDP/ICMP but other " +
+ "protocol = ", portSecurityRule.getSecurityRuleProtocol());
+ ingressOtherProtocolAclHandler(dpid, segmentationId, attachedMac, portSecurityRule,
+ null, write, Constants.PROTO_PORT_PREFIX_MATCH_PRIORITY);
break;
}
}
}
+ private void ingressOtherProtocolAclHandler(Long dpidLong, String segmentationId, String dstMac,
+ NeutronSecurityRule portSecurityRule, String srcAddress,
+ boolean write, Integer protoPortMatchPriority) {
+
+ MatchBuilder matchBuilder = new MatchBuilder();
+ String flowId = "Ingress_Other_" + segmentationId + "_" + dstMac + "_";
+ matchBuilder = MatchUtils.createEtherMatchWithType(matchBuilder,null,dstMac);
+ short proto = 0;
+ try {
+ Integer protocol = new Integer(portSecurityRule.getSecurityRuleProtocol());
+ proto = protocol.shortValue();
+ flowId = flowId + proto;
+ } catch (NumberFormatException e) {
+ LOG.error("Protocol vlaue conversion failure", e);
+ }
+ matchBuilder = MatchUtils.createIpProtocolMatch(matchBuilder, proto);
+ if (null != srcAddress) {
+ flowId = flowId + srcAddress;
+ matchBuilder = MatchUtils.addRemoteIpPrefix(matchBuilder,
+ MatchUtils.iPv4PrefixFromIPv4Address(srcAddress), null);
+ } else if (null != portSecurityRule.getSecurityRuleRemoteIpPrefix()) {
+ flowId = flowId + portSecurityRule.getSecurityRuleRemoteIpPrefix();
+ matchBuilder = MatchUtils.addRemoteIpPrefix(matchBuilder,
+ new Ipv4Prefix(portSecurityRule.getSecurityRuleRemoteIpPrefix()),null);
+ }
+ String nodeName = Constants.OPENFLOW_NODE_PREFIX + dpidLong;
+ NodeBuilder nodeBuilder = createNodeBuilder(nodeName);
+ flowId = flowId + "_Permit";
+ syncFlow(flowId, nodeBuilder, matchBuilder, protoPortMatchPriority, write, false);
+ }
+
@Override
public void programFixedSecurityGroup(Long dpid, String segmentationId, String dhcpMacAddress,
long localPort, boolean isLastPortinSubnet,
boolean write, Integer protoPortMatchPriority) {
MatchBuilder matchBuilder = new MatchBuilder();
- FlowBuilder flowBuilder = new FlowBuilder();
- String flowId = "Ingress_ICMP_" + segmentationId + "_" + dstMac + "_"
- + portSecurityRule.getSecurityRulePortMin().shortValue() + "_"
- + portSecurityRule.getSecurityRulePortMax().shortValue() + "_";
+ String flowId = "Ingress_ICMP_" + segmentationId + "_" + dstMac + "_";
matchBuilder = MatchUtils.createEtherMatchWithType(matchBuilder,null,dstMac);
- matchBuilder = MatchUtils.createICMPv4Match(matchBuilder,
- portSecurityRule.getSecurityRulePortMin().shortValue(),
- portSecurityRule.getSecurityRulePortMax().shortValue());
+
+ /* Custom ICMP Match */
+ if (portSecurityRule.getSecurityRulePortMin() != null &&
+ portSecurityRule.getSecurityRulePortMax() != null) {
+ flowId = flowId + portSecurityRule.getSecurityRulePortMin().shortValue() + "_"
+ + portSecurityRule.getSecurityRulePortMax().shortValue() + "_";
+ matchBuilder = MatchUtils.createICMPv4Match(matchBuilder,
+ portSecurityRule.getSecurityRulePortMin().shortValue(),
+ portSecurityRule.getSecurityRulePortMax().shortValue());
+ } else {
+ /* All ICMP Match */
+ flowId = flowId + "all" + "_";
+ matchBuilder = MatchUtils.createICMPv4Match(matchBuilder,MatchUtils.ALL_ICMP, MatchUtils.ALL_ICMP);
+ }
if (null != srcAddress) {
flowId = flowId + srcAddress;
matchBuilder = MatchUtils.addRemoteIpPrefix(matchBuilder,
verify(commitFuture, times(1)).get();
}
*/
+ /**
+ * Test method {@link EgressAclService#programPortSecurityGroup(java.lang.Long, java.lang.String,
+ * java.lang.String, long, org.opendaylight.ovsdb.openstack.netvirt.translator.NeutronSecurityGroup,
+ * java.lang.String, boolean)} when portSecurityRule is incomplete
+ */
+ @Test
+ public void testProgramPortSecurityGroupWithIncompleteRule() throws Exception {
+ NeutronSecurityRule portSecurityRule1 = mock(NeutronSecurityRule.class);
+ when(portSecurityRule1.getSecurityRuleEthertype()).thenReturn("IPv4");
+ when(portSecurityRule1.getSecurityRuleDirection()).thenReturn("not_egress"); // other direction
+
+ NeutronSecurityRule portSecurityRule2 = mock(NeutronSecurityRule.class);
+ when(portSecurityRule2.getSecurityRuleEthertype()).thenReturn(null);
+ when(portSecurityRule2.getSecurityRuleDirection()).thenReturn("egress");
+
+ NeutronSecurityRule portSecurityRule3 = mock(NeutronSecurityRule.class);
+ when(portSecurityRule3.getSecurityRuleEthertype()).thenReturn("IPv4");
+ when(portSecurityRule3.getSecurityRuleDirection()).thenReturn(null);
+
+ NeutronSecurityRule portSecurityRule4 = mock(NeutronSecurityRule.class);
+ when(portSecurityRule4.getSecurityRuleEthertype()).thenReturn(null);
+ when(portSecurityRule4.getSecurityRuleDirection()).thenReturn(null);
+
+ List<NeutronSecurityRule> portSecurityList = new ArrayList<>();
+ portSecurityList.add(null);
+ portSecurityList.add(portSecurityRule1);
+ portSecurityList.add(portSecurityRule2);
+ portSecurityList.add(portSecurityRule3);
+ portSecurityList.add(portSecurityRule4);
+
+ NeutronSecurityGroup localSecurityGroup = mock(NeutronSecurityGroup.class);
+ when(localSecurityGroup.getSecurityRules()).thenReturn(portSecurityList);
+
+ egressAclServiceSpy.programPortSecurityGroup(DP_ID_LONG, SEGMENT_ID, MAC_ADDRESS, LOCAL_PORT,
+ localSecurityGroup, PORT_UUID, true);
+ }
+
/**
* Test method {@link EgressAclService#egressACLDefaultTcpDrop(Long, String, String, int, boolean)}
*/
verify(commitFuture, times(1)).get();
}
*/
+ /**
+ * Test method {@link EgressAclService#programPortSecurityGroup(java.lang.Long, java.lang.String,
+ * java.lang.String, long, org.opendaylight.ovsdb.openstack.netvirt.translator.NeutronSecurityGroup,
+ * java.lang.String, boolean)} when portSecurityRule is incomplete
+ */
+ @Test
+ public void testProgramPortSecurityGroupWithIncompleteRule() throws Exception {
+ NeutronSecurityRule portSecurityRule1 = mock(NeutronSecurityRule.class);
+ when(portSecurityRule1.getSecurityRuleEthertype()).thenReturn("IPv4");
+ when(portSecurityRule1.getSecurityRuleDirection()).thenReturn("not_ingress"); // other direction
+
+ NeutronSecurityRule portSecurityRule2 = mock(NeutronSecurityRule.class);
+ when(portSecurityRule2.getSecurityRuleEthertype()).thenReturn(null);
+ when(portSecurityRule2.getSecurityRuleDirection()).thenReturn("ingress");
+
+ NeutronSecurityRule portSecurityRule3 = mock(NeutronSecurityRule.class);
+ when(portSecurityRule3.getSecurityRuleEthertype()).thenReturn("IPv4");
+ when(portSecurityRule3.getSecurityRuleDirection()).thenReturn(null);
+
+ NeutronSecurityRule portSecurityRule4 = mock(NeutronSecurityRule.class);
+ when(portSecurityRule4.getSecurityRuleEthertype()).thenReturn(null);
+ when(portSecurityRule4.getSecurityRuleDirection()).thenReturn(null);
+
+ List<NeutronSecurityRule> portSecurityList = new ArrayList<>();
+ portSecurityList.add(null);
+ portSecurityList.add(portSecurityRule1);
+ portSecurityList.add(portSecurityRule2);
+ portSecurityList.add(portSecurityRule3);
+ portSecurityList.add(portSecurityRule4);
+
+ NeutronSecurityGroup localSecurityGroup = mock(NeutronSecurityGroup.class);
+ when(localSecurityGroup.getSecurityRules()).thenReturn(portSecurityList);
+
+ ingressAclServiceSpy.programPortSecurityGroup(
+ Long.valueOf(1554), "2", MAC_ADDRESS, 124, localSecurityGroup, PORT_UUID, false);
+ }
+
/**
* Test IPv4 add test case.
*/
--- /dev/null
+{
+ "id":"19f6b1a8-4d54-62f8-6bd6-f52e0b6e40b8",
+ "name":"Ovsdb HwvtepSouthbound",
+ "timestamp":1424977469540,
+ "order":[
+ "e9ff6957-4dc2-9257-c0c6-21560bfd5de2",
+ "ee151670-85a0-30ec-b22b-5defe7b66e0b",
+ "6de1ede7-817c-ccbb-3df9-ef510bdaf583",
+ "6e7c88e4-485d-ab9f-4c3a-cc235e022905",
+ "92ee7422-5b08-6d63-2b95-961ec0e18ffa",
+ "e92ac963-daaf-0899-c3e8-a00d897be0e2",
+ "9bc22ca7-049c-af51-7c12-6bf71044b2ec",
+ "f6d300f7-380a-d090-0d4a-2b2ddefe5104",
+ "f9f71d74-a49d-b190-d929-b6772ce0ba73",
+ "18032e93-3bc5-9976-4525-fe1e77e98207",
+ "22354294-1d01-cebf-180c-d609747be9bc",
+ "c8e8f3fd-3bfb-aafa-e3ec-a671a942f426",
+ "d362ddc4-1c5f-67d5-e354-c2a8d2ba9d79",
+ "538c71b3-e3e6-f01b-cc4c-d2b686686aa8"
+ ],
+ "owner":0,
+ "sharedWithTeam":false,
+ "synced":false,
+ "subscribed":false,
+ "hasRequests":true,
+ "requests":[
+ {
+ "collectionId":"19f6b1a8-4d54-62f8-6bd6-f52e0b6e40b8",
+ "id":"18032e93-3bc5-9976-4525-fe1e77e98207",
+ "name":"Delete Specific Config Logical Switch",
+ "description":"This restconf request delete specific logical switch from the config data store.",
+ "url":"http://odl:8181/restconf/config/network-topology:network-topology/topology/hwvtep:1/node/hwvtep:%2F%2F192.168.1.115:6640%2Flogicalswitch%2Fls0",
+ "method":"DELETE",
+ "headers":"Authorization: Basic YWRtaW46YWRtaW4=\n",
+ "data":[],
+ "dataMode":"params",
+ "timestamp":0,
+ "version":2,
+ "time":1447335528744
+ },
+ {
+ "collectionId":"19f6b1a8-4d54-62f8-6bd6-f52e0b6e40b8",
+ "id":"22354294-1d01-cebf-180c-d609747be9bc",
+ "name":"Get All Operational Topology",
+ "description":"This restconf request will fetch the operational topology. Operational topology details are fetch by hwvtepsouthbound plugin from all the connected hwvtep node.",
+ "url":"http://odl:8181/restconf/operational/network-topology:network-topology/",
+ "method":"GET",
+ "headers":"Authorization: Basic YWRtaW46YWRtaW4=\n",
+ "data":[],
+ "dataMode":"params",
+ "timestamp":0,
+ "version":2
+ },
+ {
+ "collectionId":"19f6b1a8-4d54-62f8-6bd6-f52e0b6e40b8",
+ "id":"538c71b3-e3e6-f01b-cc4c-d2b686686aa8",
+ "name":"Get Specific Operational Logical Switch",
+ "description":"This restconf request fetch the operational for specific Logical Switch",
+ "url":"http://odl:8181/restconf/operational/network-topology:network-topology/topology/hwvtep:1/node/hwvtep:%2F%2F192.168.1.115:6640%2logicalswitch%2ls0",
+ "method":"GET",
+ "headers":"Authorization: Basic YWRtaW46YWRtaW4=\n",
+ "data":"{\n \"network-topology:node\": [\n {\n \"node-id\": \"hwvtep://192.168.1.115:6640/logicalswitch/ls0\",\n \"hwvtep-node-description\": \"\",\n \"hwvtep-node-name\": \"ls0\",\n \"tunnel-key\": \"10000\"\n }\n ]\n}",
+ "dataMode":"raw",
+ "timestamp":0,
+ "version":2,
+ "time":1447335701900
+ },
+ {
+ "collectionId":"19f6b1a8-4d54-62f8-6bd6-f52e0b6e40b8",
+ "id":"6de1ede7-817c-ccbb-3df9-ef510bdaf583",
+ "name":"Create Specific Config HwvtepNode",
+ "description":"Fire this Restconf request if you want to initiate the connection to hwvtep node from controller. It assumes that hwvtep node is listening for tcp connection in passive mode.",
+ "url":"http://odl:8181/restconf/config/network-topology:network-topology/topology/hwvtep:1/",
+ "method":"POST",
+ "headers":"Authorization: Basic YWRtaW46YWRtaW4=\nContent-Type: application/json\n",
+ "data":"{\n \"network-topology:node\": [\n {\n \"node-id\": \"hwvtep://192.168.1.115:6640\",\n \"connection-info\": {\n \"ovsdb:remote-port\": 6640,\n \"ovsdb:remote-ip\": \"192.168.1.115\"\n }\n }\n ]\n}",
+ "dataMode":"raw",
+ "timestamp":0,
+ "version":2,
+ "time":1447334840814
+ },
+ {
+ "collectionId":"19f6b1a8-4d54-62f8-6bd6-f52e0b6e40b8",
+ "id":"6e7c88e4-485d-ab9f-4c3a-cc235e022905",
+ "name":"Update Specific Config HwvtepNode",
+ "description":"Fire this Restconf request if you want to update the connection to Hwvtep node from controller.",
+ "url":"http://odl:8181/restconf/config/network-topology:network-topology/topology/hwvtep:1/node/hwvtep:%2F%2F192.168.1.115:6640",
+ "method":"PUT",
+ "headers":"Authorization: Basic YWRtaW46YWRtaW4=\nContent-Type: application/json\n",
+ "data":"{\n \"network-topology:node\": [\n {\n \"node-id\": \"hwvtep://192.168.1.115:6640\",\n \"connection-info\": {\n \"ovsdb:remote-port\": 6640,\n \"ovsdb:remote-ip\": \"192.168.1.115\"\n }\n }\n ]\n}",
+ "dataMode":"raw",
+ "timestamp":0,
+ "version":2,
+ "time":1447334483164
+ },
+ {
+ "collectionId":"19f6b1a8-4d54-62f8-6bd6-f52e0b6e40b8",
+ "id":"92ee7422-5b08-6d63-2b95-961ec0e18ffa",
+ "name":"Get Specific Config HwvtepNode",
+ "description":"This restconf request fetch the configration for specific hwvtep node.",
+ "url":"http://odl:8181/restconf/config/network-topology:network-topology/topology/hwvtep:1/node/hwvtep:%2F%2F192.168.1.115:6640",
+ "method":"GET",
+ "headers":"Authorization: Basic YWRtaW46YWRtaW4=\n",
+ "data":"{\n \"network-topology:node\": [\n {\n \"node-id\": \"hwvtep://192.168.1.115:6640\",\n \"connection-info\": {\n \"ovsdb:remote-port\": 6640,\n \"ovsdb:remote-ip\": \"192.168.1.115\"\n }\n }\n ]\n}",
+ "dataMode":"raw",
+ "timestamp":0,
+ "version":2,
+ "time":1447334914971
+ },
+ {
+ "collectionId":"19f6b1a8-4d54-62f8-6bd6-f52e0b6e40b8",
+ "id":"9bc22ca7-049c-af51-7c12-6bf71044b2ec",
+ "name":"Create Specific Config Logical Switch",
+ "description":"Fire this Restconf request if you want to create a logical switch.",
+ "url":"http://odl:8181/restconf/config/network-topology:network-topology/topology/hwvtep:1/",
+ "method":"POST",
+ "headers":"Authorization: Basic YWRtaW46YWRtaW4=\nContent-Type: application/json\n",
+ "data":"{\n \"network-topology:node\": [\n {\n \"node-id\": \"hwvtep://192.168.1.115:6640/logicalswitch/ls0\",\n \"hwvtep-node-description\": \"\",\n \"hwvtep-node-name\": \"ls0\",\n \"tunnel-key\": \"10000\",\n \"managed-by\": \"/network-topology:network-topology/network-topology:topology[network-topology:topology-id='hwvtep:1']/network-topology:node[network-topology:node-id='hwvtep://192.168.1.115:6640']\" \n }\n ]\n}",
+ "dataMode":"raw",
+ "timestamp":0,
+ "version":2,
+ "time":1447340822378
+ },
+ {
+ "collectionId":"19f6b1a8-4d54-62f8-6bd6-f52e0b6e40b8",
+ "id":"c8e8f3fd-3bfb-aafa-e3ec-a671a942f426",
+ "name":"Get Operational Hwvtep Topology",
+ "description":"",
+ "url":"http://odl:8181/restconf/operational/network-topology:network-topology/hwvtep:1/",
+ "method":"GET",
+ "headers":"Authorization: Basic YWRtaW46YWRtaW4=\n",
+ "data":"{\n \"network-topology:node\": [\n {\n \"node-id\": \"hwvtep://192.168.1.115:6640\",\n \"connection-info\": {\n \"ovsdb:remote-port\": 6640,\n \"ovsdb:remote-ip\": \"192.168.1.115\"\n }\n }\n ]\n}",
+ "dataMode":"raw",
+ "timestamp":0,
+ "version":2,
+ "time":1447335830695
+ },
+ {
+ "collectionId":"19f6b1a8-4d54-62f8-6bd6-f52e0b6e40b8",
+ "id":"d362ddc4-1c5f-67d5-e354-c2a8d2ba9d79",
+ "name":"Get Specific Operational HwvtepNode",
+ "description":"This restconf request fetch the operational for specific HwvtepNode",
+ "url":"http://odl:8181/restconf/operational/network-topology:network-topology/topology/hwvtep:1/node/hwvtep:%2F%2F192.168.1.115:6640",
+ "method":"GET",
+ "headers":"Authorization: Basic YWRtaW46YWRtaW4=\n",
+ "data":"{\n \"network-topology:node\": [\n {\n \"node-id\": \"hwvtep://192.168.1.115:6640/logicalswitch/ls0\",\n \"hwvtep-node-description\": \"\",\n \"hwvtep-node-name\": \"ls0\",\n \"tunnel-key\": \"10000\"\n }\n ]\n}",
+ "dataMode":"raw",
+ "timestamp":0,
+ "version":2,
+ "time":1447335686540
+ },
+ {
+ "collectionId":"19f6b1a8-4d54-62f8-6bd6-f52e0b6e40b8",
+ "id":"e92ac963-daaf-0899-c3e8-a00d897be0e2",
+ "name":"Delete Specific Config HwvtepNode",
+ "description":"This restconf request delete any node (ovsdb node or bridge node) from the config data store. You can use the same request to delete the ovsdb node by using the following URI: http://localhost:8080/restconf/config/network-topology:network-topology/topology/ovsdb:1/node/ovsdb:%2F%2F10.10.10.10:22222",
+ "url":"http://odl:8181/restconf/config/network-topology:network-topology/topology/hwvtep:1/node/hwvtep:%2F%2F219.141.189.115:6640",
+ "method":"DELETE",
+ "headers":"Authorization: Basic YWRtaW46YWRtaW4=\n",
+ "data":[],
+ "dataMode":"params",
+ "timestamp":0,
+ "version":2
+ },
+ {
+ "collectionId":"19f6b1a8-4d54-62f8-6bd6-f52e0b6e40b8",
+ "id":"e9ff6957-4dc2-9257-c0c6-21560bfd5de2",
+ "name":"Get All Config Topology",
+ "description":"Fetch all the config topology from configuration data store.",
+ "url":"http://odl:8181/restconf/config/network-topology:network-topology/",
+ "method":"GET",
+ "headers":"Authorization: Basic YWRtaW46YWRtaW4=\n",
+ "data":"{\n \"network-topology:node\": [\n {\n \"node-id\": \"hwvtep://219.141.189.115:6640\",\n \"connection-info\": {\n \"ovsdb:remote-port\": 6640,\n \"ovsdb:remote-ip\": \"219.141.189.115\"\n }\n }\n ]\n}",
+ "dataMode":"raw",
+ "timestamp":0,
+ "version":2,
+ "time":1447311894927
+ },
+ {
+ "collectionId":"19f6b1a8-4d54-62f8-6bd6-f52e0b6e40b8",
+ "id":"ee151670-85a0-30ec-b22b-5defe7b66e0b",
+ "name":"Get Config Hwvtep Topology",
+ "description":"Fetch the config hwvtep topology from configuration data store.",
+ "url":"http://odl:8181/restconf/config/network-topology:network-topology/hwvtep:1/",
+ "method":"GET",
+ "headers":"Authorization: Basic YWRtaW46YWRtaW4=\n",
+ "data":"{\n \"network-topology:node\": [\n {\n \"node-id\": \"hwvtep://192.168.1.115:6640\",\n \"connection-info\": {\n \"ovsdb:remote-port\": 6640,\n \"ovsdb:remote-ip\": \"192.168.1.115\"\n }\n }\n ]\n}",
+ "dataMode":"raw",
+ "timestamp":0,
+ "version":2,
+ "time":1447335823182
+ },
+ {
+ "collectionId":"19f6b1a8-4d54-62f8-6bd6-f52e0b6e40b8",
+ "id":"f6d300f7-380a-d090-0d4a-2b2ddefe5104",
+ "name":"Create Specific Config Logical Switch",
+ "description":"Fire this request if you want to update specific logical switch.",
+ "url":"http://odl:8181/restconf/config/network-topology:network-topology/topology/hwvtep:1/node/hwvtep:%2F%2F192.168.1.115:6640%2Flogicalswitch%2Fls0",
+ "method":"PUT",
+ "headers":"Authorization: Basic YWRtaW46YWRtaW4=\nContent-Type: application/json\n",
+ "data":"{\n \"network-topology:node\": [\n {\n \"node-id\": \"hwvtep://192.168.1.115:6640/logicalswitch/ls0\",\n \"hwvtep-node-description\": \"\",\n \"hwvtep-node-name\": \"ls0\",\n \"tunnel-key\": \"10000\",\n \"managed-by\": \"/network-topology:network-topology/network-topology:topology[network-topology:topology-id='hwvtep:1']/network-topology:node[network-topology:node-id='hwvtep://192.168.1.115:6640']\" \n }\n ]\n}",
+ "dataMode":"raw",
+ "timestamp":0,
+ "version":2,
+ "time":1447340847211
+ },
+ {
+ "collectionId":"19f6b1a8-4d54-62f8-6bd6-f52e0b6e40b8",
+ "id":"f9f71d74-a49d-b190-d929-b6772ce0ba73",
+ "name":"Get Specific Config Logical Switch",
+ "description":"This restconf request fetch configuration for specific logical switch.",
+ "url":"http://odl:8181/restconf/config/network-topology:network-topology/topology/hwvtep:1/node/hwvtep:%2F%2F192.168.1.115:6640%2Flogicalswitch%2Fls0",
+ "method":"GET",
+ "headers":"Authorization: Basic YWRtaW46YWRtaW4=\n",
+ "data":"{\n \"network-topology:node\": [\n {\n \"node-id\": \"hwvtep://192.168.1.115:6640/logicalswitch/ls0\",\n \"hwvtep-node-description\": \"\",\n \"hwvtep-node-name\": \"ls0\",\n \"tunnel-key\": \"10000\"\n }\n ]\n}",
+ "dataMode":"raw",
+ "timestamp":0,
+ "version":2,
+ "time":1447335408595
+ }
+ ]
+}
- showOvsdbMdsal.py : Dumps mdsal related info from running ODL that is related to ovsdb and netvirt. Use 'showOvsdbMdsal.py -h' for usage
- ODL-Clustering.json.postman_collection : Collection contains Restconf request to fetch clustering service related data to check the state of 3 node cluster and inventory/topology shards.
- - Please import and load 3-Node-Cluster-Setup-Environment-Variables.postman_environment file, because Restconf request present in this collection depends on the variable defined in this collection.
+ - Please import and load 3-Node-Cluster-Setup-Environment-Variables.postman_environment file, because Restconf request present in this collection depends on the variable defined in this collection.
- Ovsdb-Southbound-Collection-for-Single-Node-Cluster.json.postman_collection : Collection contains Restconf request for doing CRUD operations (connection, bridge, termination point) on southbound plugin running in standalone controller.
- - Please import and load Single-Node-Cluster-Setup-Environment-Variables.postman_environment file, because Restconf request present in this collection depends on the variable defined in this collection.
+ - Please import and load Single-Node-Cluster-Setup-Environment-Variables.postman_environment file, because Restconf request present in this collection depends on the variable defined in this collection.
-- Ovsdb-Southbound-Collection-for-3-Node-Cluster.json.postman_collection :
- - Please import and load 3-Node-Cluster-Setup-Environment-Variables.postman_environment file, because Restconf request present in this collection depends on the variable defined in this collection.
+- Ovsdb-Southbound-Collection-for-3-Node-Cluster.json.postman_collection :
+ - Please import and load 3-Node-Cluster-Setup-Environment-Variables.postman_environment file, because Restconf request present in this collection depends on the variable defined in this collection.
- Single-Node-Cluster-Setup-Environment-Variables.postman_environment : Postman environment file that defines variables for Restconf request for southbound plugin running in Single controller instance
- 3-Node-Cluster-Setup-Environment-Variables.postman_environment : Postman environment file that defines variables for Restconf request for southbound plugin running in 3 node cluster environment
- NetvirtSfc.json.postman_collection : Collection of REST-APIs to interact with Netvirt-Sfc.
+
+- Ovsdb-HwvtepSouthbound-Collection.json.postman_collection : Collection contains Restconf request for doing CRUD operations (hwvtep global node, physical switch, logical switch, physical locator, and physical port) on hwvtepsouthbound plugin running in standalone controller.
public static final String UDP = "udp";
private static final int TCP_SYN = 0x0002;
public static final String ICMP = "icmp";
+ public static final short ALL_ICMP = -1;
/**
* Create Ingress Port Match dpidLong, inPort
// Build the ICMPv4 Match
Icmpv4MatchBuilder icmpv4match = new Icmpv4MatchBuilder();
- icmpv4match.setIcmpv4Type(type);
- icmpv4match.setIcmpv4Code(code);
+ if (type != ALL_ICMP || code != ALL_ICMP) {
+ icmpv4match.setIcmpv4Type(type);
+ icmpv4match.setIcmpv4Code(code);
+ }
matchBuilder.setIcmpv4Match(icmpv4match.build());
return matchBuilder;