From 119ad8c845eb9e19ab87523ab07c190a9f151f3f Mon Sep 17 00:00:00 2001 From: Yakir Dorani Date: Sun, 15 Jan 2017 15:20:15 +0200 Subject: [PATCH] Bug 7544: L2 control packets that should not be forwarded are forwarded Currently L2 service is flooding L2 control protocols, which shouldn't be forwarded. This change installs drop rules for them. Depends-On: https://git.opendaylight.org/gerrit/#/c/50489 Change-Id: Ifb363f7a641b25ec90e15b649ee0dc720ffd1dc4 Signed-off-by: Yakir Dorani --- .../elan/internal/ElanNodeListener.java | 69 ++++++++++++++----- .../netvirt/elan/utils/ElanConstants.java | 2 + 2 files changed, 52 insertions(+), 19 deletions(-) diff --git a/vpnservice/elanmanager/elanmanager-impl/src/main/java/org/opendaylight/netvirt/elan/internal/ElanNodeListener.java b/vpnservice/elanmanager/elanmanager-impl/src/main/java/org/opendaylight/netvirt/elan/internal/ElanNodeListener.java index 7eabb1024a..3655af2b6a 100644 --- a/vpnservice/elanmanager/elanmanager-impl/src/main/java/org/opendaylight/netvirt/elan/internal/ElanNodeListener.java +++ b/vpnservice/elanmanager/elanmanager-impl/src/main/java/org/opendaylight/netvirt/elan/internal/ElanNodeListener.java @@ -25,13 +25,16 @@ import org.opendaylight.genius.mdsalutil.MatchInfoBase; import org.opendaylight.genius.mdsalutil.NwConstants; import org.opendaylight.genius.mdsalutil.NxMatchFieldType; import org.opendaylight.genius.mdsalutil.NxMatchInfo; +import org.opendaylight.genius.mdsalutil.actions.ActionDrop; import org.opendaylight.genius.mdsalutil.actions.ActionLearn; import org.opendaylight.genius.mdsalutil.actions.ActionNxResubmit; import org.opendaylight.genius.mdsalutil.actions.ActionPuntToController; import org.opendaylight.genius.mdsalutil.instructions.InstructionApplyActions; import org.opendaylight.genius.mdsalutil.instructions.InstructionGotoTable; import org.opendaylight.genius.mdsalutil.interfaces.IMdsalApiManager; +import org.opendaylight.genius.mdsalutil.matches.MatchEthernetDestination; import org.opendaylight.netvirt.elan.utils.ElanConstants; +import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.MacAddress; import org.opendaylight.yang.gen.v1.urn.opendaylight.inventory.rev130819.NodeId; import org.opendaylight.yang.gen.v1.urn.opendaylight.inventory.rev130819.Nodes; import org.opendaylight.yang.gen.v1.urn.opendaylight.inventory.rev130819.nodes.Node; @@ -64,8 +67,8 @@ public class ElanNodeListener extends AbstractDataChangeListener implement } private void registerListener(final DataBroker db) { - listenerRegistration = db.registerDataChangeListener(LogicalDatastoreType.OPERATIONAL, - getWildCardPath(), ElanNodeListener.this, AsyncDataBroker.DataChangeScope.SUBTREE); + listenerRegistration = db.registerDataChangeListener(LogicalDatastoreType.OPERATIONAL, getWildCardPath(), + ElanNodeListener.this, AsyncDataBroker.DataChangeScope.SUBTREE); } private InstanceIdentifier getWildCardPath() { @@ -83,13 +86,14 @@ public class ElanNodeListener extends AbstractDataChangeListener implement @Override protected void add(InstanceIdentifier identifier, Node add) { NodeId nodeId = add.getId(); - String[] node = nodeId.getValue().split(":"); + String[] node = nodeId.getValue().split(":"); if (node.length < 2) { LOG.warn("Unexpected nodeId {}", nodeId.getValue()); return; } BigInteger dpId = new BigInteger(node[1]); createTableMissEntry(dpId); + createMulticastFlows(dpId); } public void createTableMissEntry(BigInteger dpnId) { @@ -101,12 +105,13 @@ public class ElanNodeListener extends AbstractDataChangeListener implement List actionsInfos = new ArrayList<>(); actionsInfos.add(new ActionPuntToController()); actionsInfos.add(new ActionLearn(0, tempSmacLearnTimeout, 0, ElanConstants.COOKIE_ELAN_LEARNED_SMAC, 0, - NwConstants.ELAN_SMAC_LEARNED_TABLE, 0, 0, Arrays.asList( - new ActionLearn.MatchFromField(NwConstants.NxmOfFieldType.NXM_OF_ETH_SRC.getType(), - NwConstants.NxmOfFieldType.NXM_OF_ETH_SRC.getType(), - NwConstants.NxmOfFieldType.NXM_OF_ETH_SRC.getFlowModHeaderLenInt()), - new ActionLearn.CopyFromValue(LEARN_MATCH_REG4_VALUE, - NwConstants.NxmOfFieldType.NXM_NX_REG4.getType(), 8)))); + NwConstants.ELAN_SMAC_LEARNED_TABLE, 0, 0, + Arrays.asList( + new ActionLearn.MatchFromField(NwConstants.NxmOfFieldType.NXM_OF_ETH_SRC.getType(), + NwConstants.NxmOfFieldType.NXM_OF_ETH_SRC.getType(), + NwConstants.NxmOfFieldType.NXM_OF_ETH_SRC.getFlowModHeaderLenInt()), + new ActionLearn.CopyFromValue(LEARN_MATCH_REG4_VALUE, + NwConstants.NxmOfFieldType.NXM_NX_REG4.getType(), 8)))); List mkInstructions = new ArrayList<>(); mkInstructions.add(new InstructionApplyActions(actionsInfos)); @@ -123,7 +128,7 @@ public class ElanNodeListener extends AbstractDataChangeListener implement } private void addSmacBaseTableFlow(BigInteger dpId) { - //T48 - resubmit to T49 & T50 + // T48 - resubmit to T49 & T50 List actionsInfo = new ArrayList<>(); actionsInfo.add(new ActionNxResubmit(NwConstants.ELAN_SMAC_LEARNED_TABLE)); actionsInfo.add(new ActionNxResubmit(NwConstants.ELAN_SMAC_TABLE)); @@ -131,25 +136,23 @@ public class ElanNodeListener extends AbstractDataChangeListener implement mkInstruct.add(new InstructionApplyActions(actionsInfo)); List mkMatch = new ArrayList<>(); FlowEntity doubleResubmitTable = MDSALUtil.buildFlowEntity(dpId, NwConstants.ELAN_BASE_TABLE, - getTableMissFlowRef(NwConstants.ELAN_BASE_TABLE), - 0, "Elan sMac resubmit table", 0, 0, + getTableMissFlowRef(NwConstants.ELAN_BASE_TABLE), 0, "Elan sMac resubmit table", 0, 0, ElanConstants.COOKIE_ELAN_BASE_SMAC, mkMatch, mkInstruct); mdsalManager.installFlow(doubleResubmitTable); } private void addSmacLearnedTableFlow(BigInteger dpId) { - //T50 - match on Reg4 and goto T51 + // T50 - match on Reg4 and goto T51 List mkMatches = new ArrayList<>(); - mkMatches.add(new NxMatchInfo(NxMatchFieldType.nxm_reg_4, new long[] { - Long.valueOf(LEARN_MATCH_REG4_VALUE)})); + mkMatches.add(new NxMatchInfo(NxMatchFieldType.nxm_reg_4, new long[] { Long.valueOf(LEARN_MATCH_REG4_VALUE) })); List mkInstructions = new ArrayList<>(); mkInstructions.add(new InstructionGotoTable(NwConstants.ELAN_DMAC_TABLE)); String flowRef = new StringBuffer().append(NwConstants.ELAN_SMAC_TABLE).append(NwConstants.FLOWID_SEPARATOR) .append(LEARN_MATCH_REG4_VALUE).toString(); - FlowEntity flowEntity = MDSALUtil.buildFlowEntity(dpId, NwConstants.ELAN_SMAC_TABLE, flowRef, - 10, "ELAN sMac Table Reg4 Flow", 0, 0, - ElanConstants.COOKIE_ELAN_KNOWN_SMAC.add(BigInteger.valueOf(LEARN_MATCH_REG4_VALUE)), - mkMatches, mkInstructions); + FlowEntity flowEntity = + MDSALUtil.buildFlowEntity(dpId, NwConstants.ELAN_SMAC_TABLE, flowRef, 10, "ELAN sMac Table Reg4 Flow", + 0, 0, ElanConstants.COOKIE_ELAN_KNOWN_SMAC.add(BigInteger.valueOf(LEARN_MATCH_REG4_VALUE)), + mkMatches, mkInstructions); mdsalManager.installFlow(flowEntity); } @@ -162,9 +165,37 @@ public class ElanNodeListener extends AbstractDataChangeListener implement FlowEntity flowEntity = MDSALUtil.buildFlowEntity(dpId, NwConstants.ELAN_DMAC_TABLE, getTableMissFlowRef(NwConstants.ELAN_DMAC_TABLE), 0, "ELAN dMac Table Miss Flow", 0, 0, ElanConstants.COOKIE_ELAN_KNOWN_DMAC, mkMatches, mkInstructions); + mdsalManager.installFlow(flowEntity); } + private void createMulticastFlows(BigInteger dpId) { + createL2ControlProtocolDropFlows(dpId); + } + + private void createL2ControlProtocolDropFlows(BigInteger dpId) { + List mkMatches = new ArrayList<>(); + MatchEthernetDestination matchEthDst = + new MatchEthernetDestination(new MacAddress(ElanConstants.L2_CONTROL_PACKETS_DMAC), + new MacAddress(ElanConstants.L2_CONTROL_PACKETS_DMAC_MASK)); + + mkMatches.add(matchEthDst); + + List listActionInfo = new ArrayList<>(); + listActionInfo.add(new ActionDrop()); + + List mkInstructions = new ArrayList<>(); + mkInstructions.add(new InstructionApplyActions(listActionInfo)); + + String flowId = dpId.toString() + NwConstants.ELAN_DMAC_TABLE + "l2control" + + ElanConstants.L2_CONTROL_PACKETS_DMAC + ElanConstants.L2_CONTROL_PACKETS_DMAC_MASK; + FlowEntity flow = MDSALUtil.buildFlowEntity(dpId, NwConstants.ELAN_DMAC_TABLE, flowId, 15, + "L2 control packets dMac Table Flow", 0, 0, ElanConstants.COOKIE_ELAN_KNOWN_DMAC, mkMatches, + mkInstructions); + + mdsalManager.installFlow(flow); + } + private String getTableMissFlowRef(long tableId) { return new StringBuffer().append(tableId).toString(); } diff --git a/vpnservice/elanmanager/elanmanager-impl/src/main/java/org/opendaylight/netvirt/elan/utils/ElanConstants.java b/vpnservice/elanmanager/elanmanager-impl/src/main/java/org/opendaylight/netvirt/elan/utils/ElanConstants.java index 2bbdee699a..98b9ab2e05 100755 --- a/vpnservice/elanmanager/elanmanager-impl/src/main/java/org/opendaylight/netvirt/elan/utils/ElanConstants.java +++ b/vpnservice/elanmanager/elanmanager-impl/src/main/java/org/opendaylight/netvirt/elan/utils/ElanConstants.java @@ -29,6 +29,8 @@ public class ElanConstants { public static final BigInteger COOKIE_ELAN_KNOWN_DMAC = new BigInteger("8030000", 16); public static final long DEFAULT_MAC_TIME_OUT = 300; public static final BigInteger COOKIE_ELAN_FILTER_EQUALS = new BigInteger("8800000", 16); + public static final String L2_CONTROL_PACKETS_DMAC = "01:80:C2:00:00:00"; + public static final String L2_CONTROL_PACKETS_DMAC_MASK = "FF:FF:FF:FF:FF:F0"; public static final String L2GATEWAY_DS_JOB_NAME = "L2GW"; public static final String UNKNOWN_DMAC = "00:00:00:00:00:00"; -- 2.36.6