From df1b93f85d6e13f6c316539a8f234d9c18acf38d Mon Sep 17 00:00:00 2001 From: Somashekar Byrappa Date: Tue, 5 Jul 2016 15:11:49 +0530 Subject: [PATCH] ACL ingress/egress service bindings + ACL ingress/egress service binding implementation is done but currently the call to bind/unbind services are commented. This should be uncommented once ACL related flow programming is complete. + Service priorities have been updated for L3VPN and ELAN. + Added table miss entries for both ingress and egress ACL tables during node up. Change-Id: Ibf4168328f3c8fb647cfcdf9079729fbbc93f7ae Signed-off-by: Somashekar Byrappa --- .../aclservice/AclServiceProvider.java | 8 +- .../netvirt/aclservice/AclServiceUtils.java | 45 ++++ .../aclservice/EgressAclServiceImpl.java | 113 +++++++--- .../aclservice/IngressAclServiceImpl.java | 95 ++++++--- .../aclservice/listeners/AclNodeListener.java | 196 ++++++++++++++++++ .../aclservice/utils/AclConstants.java | 27 +++ .../netvirt/elan/utils/ElanConstants.java | 2 +- .../netvirt/vpnmanager/VpnConstants.java | 2 +- 8 files changed, 430 insertions(+), 58 deletions(-) create mode 100644 vpnservice/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/listeners/AclNodeListener.java create mode 100644 vpnservice/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/utils/AclConstants.java diff --git a/vpnservice/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/AclServiceProvider.java b/vpnservice/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/AclServiceProvider.java index a33e9890ec..ade66507e3 100644 --- a/vpnservice/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/AclServiceProvider.java +++ b/vpnservice/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/AclServiceProvider.java @@ -15,8 +15,8 @@ import org.opendaylight.controller.sal.binding.api.BindingAwareProvider; import org.opendaylight.controller.sal.binding.api.RpcProviderRegistry; import org.opendaylight.genius.mdsalutil.interfaces.IMdsalApiManager; import org.opendaylight.netvirt.aclservice.api.AclServiceManager; +import org.opendaylight.netvirt.aclservice.listeners.AclNodeListener; import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.rpcs.rev160406.OdlInterfaceRpcService; - import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -29,6 +29,7 @@ public class AclServiceProvider implements BindingAwareProvider, AutoCloseable { private RpcProviderRegistry rpcProviderRegistry; private AclServiceManager aclServiceManager; private AclInterfaceEventListener aclInterfaceEventListener; + private AclNodeListener aclNodeListener; /** * Set the rpc registery. @@ -55,12 +56,17 @@ public class AclServiceProvider implements BindingAwareProvider, AutoCloseable { aclServiceManager.addAclServiceListner(new EgressAclServiceImpl(broker, interfaceService, mdsalManager)); aclInterfaceEventListener = new AclInterfaceEventListener(aclServiceManager, broker); aclInterfaceEventListener.registerListener(LogicalDatastoreType.OPERATIONAL, broker); + aclNodeListener = new AclNodeListener(mdsalManager); + aclNodeListener.registerListener(LogicalDatastoreType.OPERATIONAL, broker); LOG.info("ACL Service Initiated"); } @Override public void close() throws Exception { + aclInterfaceEventListener.close(); + aclNodeListener.close(); + LOG.info("ACL Service closed"); } } \ No newline at end of file diff --git a/vpnservice/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/AclServiceUtils.java b/vpnservice/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/AclServiceUtils.java index e1f06a1755..28a26f12ff 100644 --- a/vpnservice/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/AclServiceUtils.java +++ b/vpnservice/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/AclServiceUtils.java @@ -28,10 +28,21 @@ import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces. import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces.rev140508.InterfacesState; import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces.rev140508.interfaces.Interface; import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces.rev140508.interfaces.InterfaceKey; +import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.instruction.list.Instruction; import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.rpcs.rev160406.GetDpidFromInterfaceInput; import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.rpcs.rev160406.GetDpidFromInterfaceInputBuilder; import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.rpcs.rev160406.GetDpidFromInterfaceOutput; import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.rpcs.rev160406.OdlInterfaceRpcService; +import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.servicebinding.rev160406.ServiceBindings; +import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.servicebinding.rev160406.ServiceModeBase; +import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.servicebinding.rev160406.ServiceTypeFlowBased; +import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.servicebinding.rev160406.StypeOpenflow; +import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.servicebinding.rev160406.StypeOpenflowBuilder; +import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.servicebinding.rev160406.service.bindings.ServicesInfo; +import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.servicebinding.rev160406.service.bindings.ServicesInfoKey; +import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.servicebinding.rev160406.service.bindings.services.info.BoundServices; +import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.servicebinding.rev160406.service.bindings.services.info.BoundServicesBuilder; +import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.servicebinding.rev160406.service.bindings.services.info.BoundServicesKey; import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.aclservice.rev160608.InterfaceAcl; import org.opendaylight.yangtools.yang.binding.DataObject; import org.opendaylight.yangtools.yang.binding.InstanceIdentifier; @@ -217,4 +228,38 @@ public class AclServiceUtils { new long[] { dscPort})); return matches; } + + /** + * Builds the service id. + * + * @param interfaceName the interface name + * @param serviceIndex the service index + * @param serviceMode the service mode + * @return the instance identifier + */ + public static InstanceIdentifier buildServiceId(String interfaceName, short serviceIndex, + Class serviceMode) { + return InstanceIdentifier.builder(ServiceBindings.class) + .child(ServicesInfo.class, new ServicesInfoKey(interfaceName, serviceMode)) + .child(BoundServices.class, new BoundServicesKey(serviceIndex)).build(); + } + + /** + * Gets the bound services. + * + * @param serviceName the service name + * @param servicePriority the service priority + * @param flowPriority the flow priority + * @param cookie the cookie + * @param instructions the instructions + * @return the bound services + */ + public static BoundServices getBoundServices(String serviceName, short servicePriority, int flowPriority, + BigInteger cookie, List instructions) { + StypeOpenflowBuilder augBuilder = new StypeOpenflowBuilder().setFlowCookie(cookie).setFlowPriority(flowPriority) + .setInstruction(instructions); + return new BoundServicesBuilder().setKey(new BoundServicesKey(servicePriority)).setServiceName(serviceName) + .setServicePriority(servicePriority).setServiceType(ServiceTypeFlowBased.class) + .addAugmentation(StypeOpenflow.class, augBuilder.build()).build(); + } } diff --git a/vpnservice/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/EgressAclServiceImpl.java b/vpnservice/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/EgressAclServiceImpl.java index 6bb7b873b1..9c56b4a9c5 100644 --- a/vpnservice/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/EgressAclServiceImpl.java +++ b/vpnservice/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/EgressAclServiceImpl.java @@ -10,8 +10,8 @@ package org.opendaylight.netvirt.aclservice; import java.math.BigInteger; import java.util.ArrayList; import java.util.List; - import org.opendaylight.controller.md.sal.binding.api.DataBroker; +import org.opendaylight.controller.md.sal.common.api.data.LogicalDatastoreType; import org.opendaylight.genius.mdsalutil.ActionInfo; import org.opendaylight.genius.mdsalutil.ActionType; import org.opendaylight.genius.mdsalutil.InstructionInfo; @@ -25,8 +25,13 @@ import org.opendaylight.genius.mdsalutil.NxMatchFieldType; import org.opendaylight.genius.mdsalutil.NxMatchInfo; import org.opendaylight.genius.mdsalutil.interfaces.IMdsalApiManager; import org.opendaylight.netvirt.aclservice.api.AclServiceListener; +import org.opendaylight.netvirt.aclservice.utils.AclConstants; import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces.rev140508.interfaces.Interface; +import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.instruction.list.Instruction; import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.rpcs.rev160406.OdlInterfaceRpcService; +import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.servicebinding.rev160406.ServiceModeIngress; +import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.servicebinding.rev160406.service.bindings.services.info.BoundServices; +import org.opendaylight.yangtools.yang.binding.InstanceIdentifier; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -34,9 +39,7 @@ public class EgressAclServiceImpl implements AclServiceListener { private static final Logger logger = LoggerFactory.getLogger(EgressAclServiceImpl.class); - private IMdsalApiManager mdsalUtil; - short tableIdInstall = 22; - short tableIdNext = 23; + private IMdsalApiManager mdsalManager; private OdlInterfaceRpcService interfaceManager; private DataBroker dataBroker; @@ -44,13 +47,13 @@ public class EgressAclServiceImpl implements AclServiceListener { * Intilaze the member variables. * @param dataBroker the data broker instance. * @param interfaceManager the interface manager instance. - * @param mdsalUtil the mdsal util instance. + * @param mdsalManager the mdsal manager instance. */ public EgressAclServiceImpl(DataBroker dataBroker, OdlInterfaceRpcService interfaceManager, - IMdsalApiManager mdsalUtil) { + IMdsalApiManager mdsalManager) { this.dataBroker = dataBroker; this.interfaceManager = interfaceManager; - this.mdsalUtil = mdsalUtil; + this.mdsalManager = mdsalManager; } @Override @@ -64,6 +67,10 @@ public class EgressAclServiceImpl implements AclServiceListener { interfaceState = AclServiceUtils.getInterfaceStateFromOperDS(dataBroker, port.getName()); String attachMac = interfaceState.getPhysAddress().getValue(); programFixedSecurityGroup(dpId, "", attachMac, NwConstants.ADD_FLOW); + + // TODO: uncomment bindservice() when the acl flow programming is + // implemented + // bindService(port.getName()); return true; } @@ -82,11 +89,60 @@ public class EgressAclServiceImpl implements AclServiceListener { interfaceState = AclServiceUtils.getInterfaceStateFromOperDS(dataBroker, port.getName()); String attachMac = interfaceState.getPhysAddress().getValue(); programFixedSecurityGroup(dpId, "", attachMac, NwConstants.DEL_FLOW); + + // TODO: uncomment unbindService() when the acl flow programming is + // implemented + // unbindService(port.getName()); return true; } + /** + * Bind service. + * + * @param interfaceName the interface name + */ + private void bindService(String interfaceName) { + int flowPriority = AclConstants.EGRESS_ACL_DEFAULT_FLOW_PRIORITY; + + int instructionKey = 0; + List instructions = new ArrayList<>(); + instructions.add(MDSALUtil.buildAndGetGotoTableInstruction(AclConstants.EGRESS_ACL_TABLE_ID, ++instructionKey)); + BoundServices serviceInfo = AclServiceUtils.getBoundServices( + String.format("%s.%s.%s", "vpn", "egressacl", interfaceName), AclConstants.EGRESS_ACL_SERVICE_PRIORITY, + flowPriority, AclServiceUtils.COOKIE_ACL_BASE, instructions); + InstanceIdentifier path = AclServiceUtils.buildServiceId(interfaceName, + AclConstants.EGRESS_ACL_SERVICE_PRIORITY, ServiceModeIngress.class); + MDSALUtil.syncWrite(dataBroker, LogicalDatastoreType.CONFIGURATION, path, serviceInfo); + } + + /** + * Unbind service. + * + * @param interfaceName the interface name + */ + private void unbindService(String interfaceName) { + InstanceIdentifier path = AclServiceUtils.buildServiceId(interfaceName, + AclConstants.EGRESS_ACL_SERVICE_PRIORITY, ServiceModeIngress.class); + MDSALUtil.syncDelete(dataBroker, LogicalDatastoreType.CONFIGURATION, path); + } + + /** + * Gets the instructions for dispatcher table resubmit. + * + * @return the instructions for dispatcher table resubmit + */ + private List getInstructionsForDispatcherTableResubmit() { + List instructions = new ArrayList<>(); + List actionsInfos = new ArrayList<>(); + actionsInfos.add(new ActionInfo(ActionType.nx_resubmit, + new String[] {Short.toString(NwConstants.LPORT_DISPATCHER_TABLE)})); + instructions.add(new InstructionInfo(InstructionType.apply_actions, actionsInfos)); + return instructions; + } + /** * Program the default anti-spoofing rule and the conntrack rules. + * * @param dpid the dpid * @param dhcpMacAddress the dhcp mac address. * @param attachMac The vm mac address @@ -129,7 +185,7 @@ public class EgressAclServiceImpl implements AclServiceListener { actionsInfos.add(new ActionInfo(ActionType.drop_action, new String[] {})); String flowName = "Egress_DHCP_Server_v4" + dpId + "_" + attachMac + "_" + dhcpMacAddress + "_Drop_"; - syncFlow(dpId, tableIdInstall, flowName, AclServiceUtils.PROTO_MATCH_PRIORITY, "ACL", 0, 0, + syncFlow(dpId, AclConstants.EGRESS_ACL_TABLE_ID, flowName, AclServiceUtils.PROTO_MATCH_PRIORITY, "ACL", 0, 0, AclServiceUtils.COOKIE_ACL_BASE, matches, instructions, addOrRemove); } @@ -156,7 +212,7 @@ public class EgressAclServiceImpl implements AclServiceListener { actionsInfos.add(new ActionInfo(ActionType.drop_action, new String[] {})); String flowName = "Egress_DHCP_Server_v4" + "_" + dpId + "_" + attachMac + "_" + dhcpMacAddress + "_Drop_"; - syncFlow(dpId, tableIdInstall, flowName, AclServiceUtils.PROTO_MATCH_PRIORITY, "ACL", 0, 0, + syncFlow(dpId, AclConstants.EGRESS_ACL_TABLE_ID, flowName, AclServiceUtils.PROTO_MATCH_PRIORITY, "ACL", 0, 0, AclServiceUtils.COOKIE_ACL_BASE, matches, instructions, addOrRemove); } @@ -190,9 +246,9 @@ public class EgressAclServiceImpl implements AclServiceListener { instructions.add(new InstructionInfo(InstructionType.goto_table, - new long[] { tableIdNext })); + new long[] { AclConstants.EGRESS_ACL_NEXT_TABLE_ID })); String flowName = "Egress_DHCP_Client_v4" + dpId + "_" + attachMac + "_" + dhcpMacAddress + "_Permit_"; - syncFlow(dpId, tableIdInstall, flowName, AclServiceUtils.PROTO_MATCH_PRIORITY, "ACL", 0, 0, + syncFlow(dpId, AclConstants.EGRESS_ACL_TABLE_ID, flowName, AclServiceUtils.PROTO_MATCH_PRIORITY, "ACL", 0, 0, AclServiceUtils.COOKIE_ACL_BASE, matches, instructions, addOrRemove); } @@ -225,9 +281,9 @@ public class EgressAclServiceImpl implements AclServiceListener { actionsInfos)); instructions.add(new InstructionInfo(InstructionType.goto_table, - new long[] { tableIdNext })); + new long[] { AclConstants.EGRESS_ACL_NEXT_TABLE_ID })); String flowName = "Egress_DHCP_Client_v4" + "_" + dpId + "_" + attachMac + "_" + dhcpMacAddress + "_Permit_"; - syncFlow(dpId, tableIdInstall, flowName, AclServiceUtils.PROTO_MATCH_PRIORITY, "ACL", 0, 0, + syncFlow(dpId, AclConstants.EGRESS_ACL_TABLE_ID, flowName, AclServiceUtils.PROTO_MATCH_PRIORITY, "ACL", 0, 0, AclServiceUtils.COOKIE_ACL_BASE, matches, instructions, addOrRemove); } @@ -244,9 +300,9 @@ public class EgressAclServiceImpl implements AclServiceListener { private void programConntrackRecircRule(BigInteger dpId, String attachMac, Integer priority, String flowId, int conntrackState, int conntrackMask, int addOrRemove) { List matches = new ArrayList<>(); - matches.add((MatchInfoBase)new MatchInfo(MatchFieldType.eth_type, + matches.add(new MatchInfo(MatchFieldType.eth_type, new long[] { NwConstants.ETHTYPE_IPV4 })); - matches.add((MatchInfoBase)new NxMatchInfo(NxMatchFieldType.ct_state, + matches.add(new NxMatchInfo(NxMatchFieldType.ct_state, new long[] {conntrackState, conntrackMask})); matches.add(new MatchInfo(MatchFieldType.eth_src, new String[] { attachMac })); @@ -255,11 +311,11 @@ public class EgressAclServiceImpl implements AclServiceListener { List actionsInfos = new ArrayList<>(); actionsInfos.add(new ActionInfo(ActionType.nx_conntrack, - new String[] {"0", "0", "0", Short.toString(tableIdInstall)}, 2)); + new String[] {"0", "0", "0", Short.toString(AclConstants.EGRESS_ACL_TABLE_ID)}, 2)); instructions.add(new InstructionInfo(InstructionType.apply_actions, actionsInfos)); String flowName = "Egress_Fixed_Conntrk_Untrk_" + dpId + "_" + attachMac + "_" + flowId; - syncFlow(dpId, tableIdInstall, flowName, AclServiceUtils.PROTO_MATCH_PRIORITY, "ACL", 0, 0, + syncFlow(dpId, AclConstants.EGRESS_ACL_TABLE_ID, flowName, AclServiceUtils.PROTO_MATCH_PRIORITY, "ACL", 0, 0, AclServiceUtils.COOKIE_ACL_BASE, matches, instructions, addOrRemove); } @@ -276,9 +332,9 @@ public class EgressAclServiceImpl implements AclServiceListener { private void programConntrackForwardRule(BigInteger dpId, String attachMac, Integer priority, String flowId, int conntrackState, int conntrackMask, int addOrRemove) { List matches = new ArrayList<>(); - matches.add((MatchInfoBase)new MatchInfo(MatchFieldType.eth_type, + matches.add(new MatchInfo(MatchFieldType.eth_type, new long[] { NwConstants.ETHTYPE_IPV4 })); - matches.add((MatchInfoBase)new NxMatchInfo(NxMatchFieldType.ct_state, + matches.add(new NxMatchInfo(NxMatchFieldType.ct_state, new long[] {conntrackState, conntrackMask})); matches.add(new MatchInfo(MatchFieldType.eth_src, new String[] { attachMac })); @@ -290,9 +346,9 @@ public class EgressAclServiceImpl implements AclServiceListener { new String[] {})); instructions.add(new InstructionInfo(InstructionType.goto_table, - new long[] { tableIdNext })); + new long[] { AclConstants.EGRESS_ACL_NEXT_TABLE_ID })); String flowName = "Egress_Fixed_Conntrk_Untrk_" + dpId + "_" + attachMac + "_" + flowId; - syncFlow(dpId, tableIdInstall, flowName, priority, "ACL", 0, 0, + syncFlow(dpId, AclConstants.EGRESS_ACL_TABLE_ID, flowName, priority, "ACL", 0, 0, AclServiceUtils.COOKIE_ACL_BASE, matches, instructions, addOrRemove); } @@ -309,9 +365,9 @@ public class EgressAclServiceImpl implements AclServiceListener { private void programConntrackDropRule(BigInteger dpId, String attachMac, Integer priority, String flowId, int conntrackState, int conntrackMask, int addOrRemove) { List matches = new ArrayList<>(); - matches.add((MatchInfoBase)new MatchInfo(MatchFieldType.eth_type, + matches.add(new MatchInfo(MatchFieldType.eth_type, new long[] { NwConstants.ETHTYPE_IPV4 })); - matches.add((MatchInfoBase)new NxMatchInfo(NxMatchFieldType.ct_state, + matches.add(new NxMatchInfo(NxMatchFieldType.ct_state, new long[] { conntrackState, conntrackMask})); matches.add(new MatchInfo(MatchFieldType.eth_src, new String[] { attachMac })); @@ -322,7 +378,7 @@ public class EgressAclServiceImpl implements AclServiceListener { actionsInfos.add(new ActionInfo(ActionType.drop_action, new String[] {})); String flowName = "Egress_Fixed_Conntrk_NewDrop_" + dpId + "_" + attachMac + "_" + flowId; - syncFlow(dpId, tableIdInstall, flowName, priority, "ACL", 0, 0, + syncFlow(dpId, AclConstants.EGRESS_ACL_TABLE_ID, flowName, priority, "ACL", 0, 0, AclServiceUtils.COOKIE_ACL_BASE, matches, instructions, addOrRemove); } @@ -347,9 +403,9 @@ public class EgressAclServiceImpl implements AclServiceListener { new String[] {})); instructions.add(new InstructionInfo(InstructionType.goto_table, - new long[] { tableIdNext })); + new long[] { AclConstants.EGRESS_ACL_NEXT_TABLE_ID })); String flowName = "Egress_ARP_" + dpId + "_" + attachMac ; - syncFlow(dpId, tableIdInstall, flowName, AclServiceUtils.PROTO_MATCH_PRIORITY, "ACL", 0, 0, + syncFlow(dpId, AclConstants.EGRESS_ACL_TABLE_ID, flowName, AclServiceUtils.PROTO_MATCH_PRIORITY, "ACL", 0, 0, AclServiceUtils.COOKIE_ACL_BASE, matches, instructions, addOrRemove); } @@ -371,9 +427,8 @@ public class EgressAclServiceImpl implements AclServiceListener { int idleTimeOut, int hardTimeOut, BigInteger cookie, List matches, List instructions, int addOrRemove) { if (addOrRemove == NwConstants.DEL_FLOW) { - MDSALUtil.buildFlowEntity(dpId, tableIdInstall, - flowName, AclServiceUtils.PROTO_MATCH_PRIORITY, "ACL", 0, 0, - AclServiceUtils.COOKIE_ACL_BASE, matches, null); + MDSALUtil.buildFlowEntity(dpId, tableId, flowName, AclServiceUtils.PROTO_MATCH_PRIORITY, "ACL", 0, 0, + AclServiceUtils.COOKIE_ACL_BASE, matches, null); logger.trace("Removing Acl Flow DpId {}, vmMacAddress {}", dpId, flowId); // TODO Need to be done as a part of genius integration //mdsalUtil.removeFlow(flowEntity); diff --git a/vpnservice/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/IngressAclServiceImpl.java b/vpnservice/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/IngressAclServiceImpl.java index aff2bf3adc..c2d5db3fd0 100644 --- a/vpnservice/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/IngressAclServiceImpl.java +++ b/vpnservice/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/IngressAclServiceImpl.java @@ -11,6 +11,7 @@ import java.math.BigInteger; import java.util.ArrayList; import java.util.List; import org.opendaylight.controller.md.sal.binding.api.DataBroker; +import org.opendaylight.controller.md.sal.common.api.data.LogicalDatastoreType; import org.opendaylight.genius.mdsalutil.ActionInfo; import org.opendaylight.genius.mdsalutil.ActionType; import org.opendaylight.genius.mdsalutil.InstructionInfo; @@ -24,8 +25,13 @@ import org.opendaylight.genius.mdsalutil.NxMatchFieldType; import org.opendaylight.genius.mdsalutil.NxMatchInfo; import org.opendaylight.genius.mdsalutil.interfaces.IMdsalApiManager; import org.opendaylight.netvirt.aclservice.api.AclServiceListener; +import org.opendaylight.netvirt.aclservice.utils.AclConstants; import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.interfaces.rev140508.interfaces.Interface; +import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.types.rev131026.instruction.list.Instruction; import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.rpcs.rev160406.OdlInterfaceRpcService; +import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.servicebinding.rev160406.ServiceModeEgress; +import org.opendaylight.yang.gen.v1.urn.opendaylight.genius.interfacemanager.servicebinding.rev160406.service.bindings.services.info.BoundServices; +import org.opendaylight.yangtools.yang.binding.InstanceIdentifier; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -33,9 +39,7 @@ public class IngressAclServiceImpl implements AclServiceListener { private static final Logger logger = LoggerFactory.getLogger(IngressAclServiceImpl.class); - private IMdsalApiManager mdsalUtil; - short tableIdInstall = 20; - short tableIdNext = 21; + private IMdsalApiManager mdsalManager; private OdlInterfaceRpcService interfaceManager; private DataBroker dataBroker; @@ -43,13 +47,13 @@ public class IngressAclServiceImpl implements AclServiceListener { * Intilaze the member variables. * @param dataBroker the data broker instance. * @param interfaceManager the interface manager instance. - * @param mdsalUtil the mdsal util instance. + * @param mdsalManager the mdsal manager. */ public IngressAclServiceImpl(DataBroker dataBroker, OdlInterfaceRpcService interfaceManager, - IMdsalApiManager mdsalUtil) { + IMdsalApiManager mdsalManager) { this.dataBroker = dataBroker; this.interfaceManager = interfaceManager; - this.mdsalUtil = mdsalUtil; + this.mdsalManager = mdsalManager; } @Override @@ -63,6 +67,10 @@ public class IngressAclServiceImpl implements AclServiceListener { interfaceState = AclServiceUtils.getInterfaceStateFromOperDS(dataBroker, port.getName()); String attachMac = interfaceState.getPhysAddress().getValue(); programFixedSecurityGroup(dpId, "", attachMac, NwConstants.ADD_FLOW); + + // TODO: uncomment bindservice() when interface mgr supports egress + // service binding also when acl flow programming is implemented + // bindService(port.getName()); return true; } @@ -82,11 +90,47 @@ public class IngressAclServiceImpl implements AclServiceListener { interfaceState = AclServiceUtils.getInterfaceStateFromOperDS(dataBroker, port.getName()); String attachMac = interfaceState.getPhysAddress().getValue(); programFixedSecurityGroup(dpId, "", attachMac, NwConstants.DEL_FLOW); + + // TODO: uncomment bindservice() when interface mgr supports egress + // service binding also when acl flow programming is implemented + // unbindService(port.getName()); return true; } + /** + * Bind service. + * + * @param interfaceName the interface name + */ + private void bindService(String interfaceName) { + int flowPriority = AclConstants.INGRESS_ACL_DEFAULT_FLOW_PRIORITY; + + int instructionKey = 0; + List instructions = new ArrayList<>(); + instructions + .add(MDSALUtil.buildAndGetGotoTableInstruction(AclConstants.INGRESS_ACL_TABLE_ID, ++instructionKey)); + BoundServices serviceInfo = AclServiceUtils.getBoundServices( + String.format("%s.%s.%s", "vpn", "ingressacl", interfaceName), + AclConstants.INGRESS_ACL_SERVICE_PRIORITY, flowPriority, AclServiceUtils.COOKIE_ACL_BASE, instructions); + InstanceIdentifier path = AclServiceUtils.buildServiceId(interfaceName, + AclConstants.INGRESS_ACL_SERVICE_PRIORITY, ServiceModeEgress.class); + MDSALUtil.syncWrite(dataBroker, LogicalDatastoreType.CONFIGURATION, path, serviceInfo); + } + + /** + * Unbind service. + * + * @param interfaceName the interface name + */ + private void unbindService(String interfaceName) { + InstanceIdentifier path = AclServiceUtils.buildServiceId(interfaceName, + AclConstants.INGRESS_ACL_SERVICE_PRIORITY, ServiceModeEgress.class); + MDSALUtil.syncDelete(dataBroker, LogicalDatastoreType.CONFIGURATION, path); + } + /** * Program the default anti-spoofing rule and the conntrack rules. + * * @param dpid the dpid * @param dhcpMacAddress the dhcp mac address. * @param attachMac The vm mac address @@ -136,9 +180,9 @@ public class IngressAclServiceImpl implements AclServiceListener { instructions.add(new InstructionInfo(InstructionType.goto_table, - new long[] { tableIdNext })); + new long[] { AclConstants.INGRESS_ACL_NEXT_TABLE_ID })); String flowName = "Ingress_DHCP_Server_v4" + dpId + "_" + attachMac + "_" + dhcpMacAddress + "_Permit_"; - syncFlow(dpId, tableIdInstall, flowName, AclServiceUtils.PROTO_MATCH_PRIORITY, "ACL", 0, 0, + syncFlow(dpId, AclConstants.INGRESS_ACL_TABLE_ID, flowName, AclServiceUtils.PROTO_MATCH_PRIORITY, "ACL", 0, 0, AclServiceUtils.COOKIE_ACL_BASE, matches, instructions, addOrRemove); } @@ -172,10 +216,10 @@ public class IngressAclServiceImpl implements AclServiceListener { actionsInfos)); instructions.add(new InstructionInfo(InstructionType.goto_table, - new long[] { tableIdNext })); + new long[] { AclConstants.INGRESS_ACL_NEXT_TABLE_ID })); String flowName = "Ingress_DHCP_Server_v6" + "_" + dpId + "_" + attachMac + "_" + "_" + dhcpMacAddress + "_Permit_"; - syncFlow(dpId, tableIdInstall, flowName, AclServiceUtils.PROTO_MATCH_PRIORITY, "ACL", 0, 0, + syncFlow(dpId, AclConstants.INGRESS_ACL_TABLE_ID, flowName, AclServiceUtils.PROTO_MATCH_PRIORITY, "ACL", 0, 0, AclServiceUtils.COOKIE_ACL_BASE, matches, instructions, addOrRemove); } @@ -192,9 +236,9 @@ public class IngressAclServiceImpl implements AclServiceListener { private void programConntrackRecircRule(BigInteger dpId, String attachMac, Integer priority, String flowId, int conntrackState, int conntrackMask, int addOrRemove) { List matches = new ArrayList<>(); - matches.add((MatchInfoBase)new MatchInfo(MatchFieldType.eth_type, + matches.add(new MatchInfo(MatchFieldType.eth_type, new long[] { NwConstants.ETHTYPE_IPV4 })); - matches.add((MatchInfoBase)new NxMatchInfo(NxMatchFieldType.ct_state, + matches.add(new NxMatchInfo(NxMatchFieldType.ct_state, new long[] {conntrackState, conntrackMask})); matches.add(new MatchInfo(MatchFieldType.eth_src, new String[] { attachMac })); @@ -203,11 +247,11 @@ public class IngressAclServiceImpl implements AclServiceListener { List actionsInfos = new ArrayList<>(); actionsInfos.add(new ActionInfo(ActionType.nx_conntrack, - new String[] {"0", "0", "0", Short.toString(tableIdInstall)}, 2)); + new String[] {"0", "0", "0", Short.toString(AclConstants.INGRESS_ACL_TABLE_ID)}, 2)); instructions.add(new InstructionInfo(InstructionType.apply_actions, actionsInfos)); String flowName = "Ingress_Fixed_Conntrk_Untrk_" + dpId + "_" + attachMac + "_" + flowId; - syncFlow(dpId, tableIdInstall, flowName, AclServiceUtils.PROTO_MATCH_PRIORITY, "ACL", 0, 0, + syncFlow(dpId, AclConstants.INGRESS_ACL_TABLE_ID, flowName, AclServiceUtils.PROTO_MATCH_PRIORITY, "ACL", 0, 0, AclServiceUtils.COOKIE_ACL_BASE, matches, instructions, addOrRemove); } @@ -225,9 +269,9 @@ public class IngressAclServiceImpl implements AclServiceListener { int conntrackState, int conntrackMask, int addOrRemove) { List matches = new ArrayList<>(); - matches.add((MatchInfoBase)new MatchInfo(MatchFieldType.eth_type, + matches.add(new MatchInfo(MatchFieldType.eth_type, new long[] { NwConstants.ETHTYPE_IPV4 })); - matches.add((MatchInfoBase)new NxMatchInfo(NxMatchFieldType.ct_state, + matches.add(new NxMatchInfo(NxMatchFieldType.ct_state, new long[] {conntrackState, conntrackMask})); matches.add(new MatchInfo(MatchFieldType.eth_src, new String[] { attachMac })); @@ -239,9 +283,9 @@ public class IngressAclServiceImpl implements AclServiceListener { new String[] {})); instructions.add(new InstructionInfo(InstructionType.goto_table, - new long[] { tableIdNext })); + new long[] { AclConstants.INGRESS_ACL_NEXT_TABLE_ID })); String flowName = "Ingress_Fixed_Conntrk_Untrk_" + dpId + "_" + attachMac + "_" + flowId; - syncFlow(dpId, tableIdInstall, flowName, priority, "ACL", 0, 0, + syncFlow(dpId, AclConstants.INGRESS_ACL_TABLE_ID, flowName, priority, "ACL", 0, 0, AclServiceUtils.COOKIE_ACL_BASE, matches, instructions, addOrRemove); } @@ -258,9 +302,9 @@ public class IngressAclServiceImpl implements AclServiceListener { private void programConntrackDropRule(BigInteger dpId, String attachMac, Integer priority, String flowId, int conntrackState, int conntrackMask, int addOrRemove) { List matches = new ArrayList<>(); - matches.add((MatchInfoBase)new MatchInfo(MatchFieldType.eth_type, + matches.add(new MatchInfo(MatchFieldType.eth_type, new long[] { NwConstants.ETHTYPE_IPV4 })); - matches.add((MatchInfoBase)new NxMatchInfo(NxMatchFieldType.ct_state, + matches.add(new NxMatchInfo(NxMatchFieldType.ct_state, new long[] { conntrackState, conntrackMask})); matches.add(new MatchInfo(MatchFieldType.eth_src, new String[] { attachMac })); @@ -271,7 +315,7 @@ public class IngressAclServiceImpl implements AclServiceListener { actionsInfos.add(new ActionInfo(ActionType.drop_action, new String[] {})); String flowName = "Ingress_Fixed_Conntrk_NewDrop_" + dpId + "_" + attachMac + "_" + flowId; - syncFlow(dpId, tableIdInstall, flowName, priority, "ACL", 0, 0, + syncFlow(dpId, AclConstants.INGRESS_ACL_TABLE_ID, flowName, priority, "ACL", 0, 0, AclServiceUtils.COOKIE_ACL_BASE, matches, instructions, addOrRemove); } @@ -296,9 +340,9 @@ public class IngressAclServiceImpl implements AclServiceListener { new String[] {})); instructions.add(new InstructionInfo(InstructionType.goto_table, - new long[] { tableIdNext })); + new long[] { AclConstants.INGRESS_ACL_NEXT_TABLE_ID })); String flowName = "Ingress_ARP_" + dpId + "_" + attachMac; - syncFlow(dpId, tableIdInstall, flowName, AclServiceUtils.PROTO_MATCH_PRIORITY, "ACL", 0, 0, + syncFlow(dpId, AclConstants.INGRESS_ACL_TABLE_ID, flowName, AclServiceUtils.PROTO_MATCH_PRIORITY, "ACL", 0, 0, AclServiceUtils.COOKIE_ACL_BASE, matches, instructions, addOrRemove); } @@ -320,9 +364,8 @@ public class IngressAclServiceImpl implements AclServiceListener { int idleTimeOut, int hardTimeOut, BigInteger cookie, List matches, List instructions, int addOrRemove) { if (addOrRemove == NwConstants.DEL_FLOW) { - MDSALUtil.buildFlowEntity(dpId, tableIdInstall, - flowName, AclServiceUtils.PROTO_MATCH_PRIORITY, "ACL", idleTimeOut, hardTimeOut, - AclServiceUtils.COOKIE_ACL_BASE, matches, null); + MDSALUtil.buildFlowEntity(dpId, tableId, flowName, AclServiceUtils.PROTO_MATCH_PRIORITY, "ACL", idleTimeOut, + hardTimeOut, AclServiceUtils.COOKIE_ACL_BASE, matches, null); logger.trace("Removing Acl Flow DpId {}, vmMacAddress {}", dpId, flowId); // TODO Need to be done as a part of genius integration // mdsalUtil.removeFlow(flowEntity); diff --git a/vpnservice/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/listeners/AclNodeListener.java b/vpnservice/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/listeners/AclNodeListener.java new file mode 100644 index 0000000000..51bed417a8 --- /dev/null +++ b/vpnservice/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/listeners/AclNodeListener.java @@ -0,0 +1,196 @@ +/* + * Copyright (c) 2016 Ericsson India Global Services Pvt Ltd. and others. All rights reserved. + * + * This program and the accompanying materials are made available under the + * terms of the Eclipse Public License v1.0 which accompanies this distribution, + * and is available at http://www.eclipse.org/legal/epl-v10.html + */ + +package org.opendaylight.netvirt.aclservice.listeners; + +import java.math.BigInteger; +import java.util.ArrayList; +import java.util.List; +import org.opendaylight.genius.datastoreutils.AsyncDataTreeChangeListenerBase; +import org.opendaylight.genius.mdsalutil.ActionInfo; +import org.opendaylight.genius.mdsalutil.ActionType; +import org.opendaylight.genius.mdsalutil.FlowEntity; +import org.opendaylight.genius.mdsalutil.InstructionInfo; +import org.opendaylight.genius.mdsalutil.InstructionType; +import org.opendaylight.genius.mdsalutil.MDSALUtil; +import org.opendaylight.genius.mdsalutil.MatchInfo; +import org.opendaylight.genius.mdsalutil.interfaces.IMdsalApiManager; +import org.opendaylight.netvirt.aclservice.AclServiceUtils; +import org.opendaylight.netvirt.aclservice.utils.AclConstants; +import org.opendaylight.yang.gen.v1.urn.opendaylight.flow.inventory.rev130819.FlowCapableNode; +import org.opendaylight.yang.gen.v1.urn.opendaylight.inventory.rev130819.Nodes; +import org.opendaylight.yang.gen.v1.urn.opendaylight.inventory.rev130819.nodes.Node; +import org.opendaylight.yang.gen.v1.urn.opendaylight.inventory.rev130819.nodes.NodeKey; +import org.opendaylight.yangtools.yang.binding.InstanceIdentifier; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * Listener to handle flow capable node updates. + */ +public class AclNodeListener extends AsyncDataTreeChangeListenerBase + implements AutoCloseable { + + /** The Constant LOG. */ + private static final Logger LOG = LoggerFactory.getLogger(AclNodeListener.class); + + /** The mdsal manager. */ + private IMdsalApiManager mdsalManager; + + /** + * Instantiates a new acl node listener. + * + * @param mdsalManager the mdsal manager + */ + public AclNodeListener(final IMdsalApiManager mdsalManager) { + super(FlowCapableNode.class, AclNodeListener.class); + + this.mdsalManager = mdsalManager; + } + + /* + * (non-Javadoc) + * + * @see + * org.opendaylight.genius.datastoreutils.AsyncDataTreeChangeListenerBase# + * getWildCardPath() + */ + @Override + protected InstanceIdentifier getWildCardPath() { + return InstanceIdentifier.create(Nodes.class).child(Node.class).augmentation(FlowCapableNode.class); + } + + /* + * (non-Javadoc) + * + * @see + * org.opendaylight.genius.datastoreutils.AsyncDataTreeChangeListenerBase# + * remove(org.opendaylight.yangtools.yang.binding.InstanceIdentifier, + * org.opendaylight.yangtools.yang.binding.DataObject) + */ + @Override + protected void remove(InstanceIdentifier key, FlowCapableNode dataObjectModification) { + // do nothing + + } + + /* + * (non-Javadoc) + * + * @see + * org.opendaylight.genius.datastoreutils.AsyncDataTreeChangeListenerBase# + * update(org.opendaylight.yangtools.yang.binding.InstanceIdentifier, + * org.opendaylight.yangtools.yang.binding.DataObject, + * org.opendaylight.yangtools.yang.binding.DataObject) + */ + @Override + protected void update(InstanceIdentifier key, FlowCapableNode dataObjectModificationBefore, + FlowCapableNode dataObjectModificationAfter) { + // do nothing + + } + + /* + * (non-Javadoc) + * + * @see + * org.opendaylight.genius.datastoreutils.AsyncDataTreeChangeListenerBase# + * add(org.opendaylight.yangtools.yang.binding.InstanceIdentifier, + * org.opendaylight.yangtools.yang.binding.DataObject) + */ + @Override + protected void add(InstanceIdentifier key, FlowCapableNode dataObjectModification) { + LOG.trace("FlowCapableNode Added: key: {}", key); + + NodeKey nodeKey = key.firstKeyOf(Node.class); + BigInteger dpnId = MDSALUtil.getDpnIdFromNodeName(nodeKey.getId()); + createTableMissEntries(dpnId); + } + + /** + * Creates the table miss entries. + * + * @param dpnId the dpn id + */ + private void createTableMissEntries(BigInteger dpnId) { + addIngressAclTableMissFlow(dpnId); + addEgressAclTableMissFlow(dpnId); + } + + /** + * Adds the ingress acl table miss flow. + * + * @param dpId the dp id + */ + private void addIngressAclTableMissFlow(BigInteger dpId) { + List mkMatches = new ArrayList<>(); + List mkInstructions = new ArrayList<>(); + List actionsInfos = new ArrayList<>(); + actionsInfos.add(new ActionInfo(ActionType.drop_action, new String[] {})); + mkInstructions.add(new InstructionInfo(InstructionType.apply_actions, actionsInfos)); + + FlowEntity flowEntity = MDSALUtil.buildFlowEntity(dpId, AclConstants.INGRESS_ACL_TABLE_ID, + getTableMissFlowId(AclConstants.INGRESS_ACL_TABLE_ID), 0, "Ingress ACL Table Miss Flow", 0, 0, + AclServiceUtils.COOKIE_ACL_BASE, mkMatches, mkInstructions); + mdsalManager.installFlow(flowEntity); + + FlowEntity nextTblFlowEntity = MDSALUtil.buildFlowEntity(dpId, AclConstants.INGRESS_ACL_NEXT_TABLE_ID, + getTableMissFlowId(AclConstants.INGRESS_ACL_NEXT_TABLE_ID), 0, "Ingress ACL Table Miss Flow", 0, 0, + AclServiceUtils.COOKIE_ACL_BASE, mkMatches, mkInstructions); + mdsalManager.installFlow(nextTblFlowEntity); + + LOG.debug("Added Ingress ACL Table Miss Flows for dpn {}", dpId); + } + + /** + * Adds the egress acl table miss flow. + * + * @param dpId the dp id + */ + private void addEgressAclTableMissFlow(BigInteger dpId) { + List mkMatches = new ArrayList<>(); + List mkInstructions = new ArrayList<>(); + List actionsInfos = new ArrayList<>(); + actionsInfos.add(new ActionInfo(ActionType.drop_action, new String[] {})); + mkInstructions.add(new InstructionInfo(InstructionType.apply_actions, actionsInfos)); + + FlowEntity flowEntity = MDSALUtil.buildFlowEntity(dpId, AclConstants.EGRESS_ACL_TABLE_ID, + getTableMissFlowId(AclConstants.EGRESS_ACL_TABLE_ID), 0, "Egress ACL Table Miss Flow", 0, 0, + AclServiceUtils.COOKIE_ACL_BASE, mkMatches, mkInstructions); + mdsalManager.installFlow(flowEntity); + + FlowEntity nextTblFlowEntity = MDSALUtil.buildFlowEntity(dpId, AclConstants.EGRESS_ACL_NEXT_TABLE_ID, + getTableMissFlowId(AclConstants.EGRESS_ACL_NEXT_TABLE_ID), 0, "Egress ACL Table Miss Flow", 0, 0, + AclServiceUtils.COOKIE_ACL_BASE, mkMatches, mkInstructions); + mdsalManager.installFlow(nextTblFlowEntity); + + LOG.debug("Added Egress ACL Table Miss Flows for dpn {}", dpId); + } + + /** + * Gets the table miss flow id. + * + * @param tableId the table id + * @return the table miss flow id + */ + private String getTableMissFlowId(short tableId) { + return String.valueOf(tableId); + } + + /* + * (non-Javadoc) + * + * @see + * org.opendaylight.genius.datastoreutils.AsyncDataTreeChangeListenerBase# + * getDataTreeChangeListener() + */ + @Override + protected AclNodeListener getDataTreeChangeListener() { + return AclNodeListener.this; + } +} diff --git a/vpnservice/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/utils/AclConstants.java b/vpnservice/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/utils/AclConstants.java new file mode 100644 index 0000000000..40962448a3 --- /dev/null +++ b/vpnservice/aclservice/impl/src/main/java/org/opendaylight/netvirt/aclservice/utils/AclConstants.java @@ -0,0 +1,27 @@ +/* + * Copyright (c) 2016 Ericsson India Global Services Pvt Ltd. and others. All rights reserved. + * + * This program and the accompanying materials are made available under the + * terms of the Eclipse Public License v1.0 which accompanies this distribution, + * and is available at http://www.eclipse.org/legal/epl-v10.html + */ + +package org.opendaylight.netvirt.aclservice.utils; + +/** + * The class to have ACL related constants. + */ +public final class AclConstants { + + // TODO: Move all service related constants across all modules to a common + // place + public static final short EGRESS_ACL_TABLE_ID = 40; + public static final short EGRESS_ACL_NEXT_TABLE_ID = 41; + public static final short EGRESS_ACL_SERVICE_PRIORITY = 2; + public static final short EGRESS_ACL_DEFAULT_FLOW_PRIORITY = 11; + + public static final short INGRESS_ACL_TABLE_ID = 251; + public static final short INGRESS_ACL_NEXT_TABLE_ID = 252; + public static final short INGRESS_ACL_SERVICE_PRIORITY = 10; + public static final short INGRESS_ACL_DEFAULT_FLOW_PRIORITY = 1; +} diff --git a/vpnservice/elanmanager/elanmanager-impl/src/main/java/org/opendaylight/netvirt/elan/utils/ElanConstants.java b/vpnservice/elanmanager/elanmanager-impl/src/main/java/org/opendaylight/netvirt/elan/utils/ElanConstants.java index da6a940119..b7ae0a61e0 100755 --- a/vpnservice/elanmanager/elanmanager-impl/src/main/java/org/opendaylight/netvirt/elan/utils/ElanConstants.java +++ b/vpnservice/elanmanager/elanmanager-impl/src/main/java/org/opendaylight/netvirt/elan/utils/ElanConstants.java @@ -21,7 +21,7 @@ public class ElanConstants { public static final short ELAN_SMAC_TABLE = 50; public static final short ELAN_DMAC_TABLE = 51; public static final short ELAN_UNKNOWN_DMAC_TABLE = 52; - public static final short ELAN_SERVICE_INDEX = 3; + public static final short ELAN_SERVICE_INDEX = 4; public static final int ELAN_SERVICE_PRIORITY = 5; public static final int STATIC_MAC_TIMEOUT = 0; public static final long DELAY_TIME_IN_MILLISECOND = 5000; diff --git a/vpnservice/vpnmanager/vpnmanager-impl/src/main/java/org/opendaylight/netvirt/vpnmanager/VpnConstants.java b/vpnservice/vpnmanager/vpnmanager-impl/src/main/java/org/opendaylight/netvirt/vpnmanager/VpnConstants.java index ee6f61f6ca..fff56b1e0e 100644 --- a/vpnservice/vpnmanager/vpnmanager-impl/src/main/java/org/opendaylight/netvirt/vpnmanager/VpnConstants.java +++ b/vpnservice/vpnmanager/vpnmanager-impl/src/main/java/org/opendaylight/netvirt/vpnmanager/VpnConstants.java @@ -15,7 +15,7 @@ public class VpnConstants { public static final long VPN_IDPOOL_START = 100L; public static final String VPN_IDPOOL_SIZE = "100000"; public static final short DEFAULT_FLOW_PRIORITY = 10; - public static final short L3VPN_SERVICE_IDENTIFIER = 2; + public static final short L3VPN_SERVICE_IDENTIFIER = 3; public static final long INVALID_ID = -1; public static final String SEPARATOR = "."; public static final BigInteger COOKIE_VM_INGRESS_TABLE = new BigInteger("8000001", 16); -- 2.36.6