Code Review / netvirt.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
NETVIRT-1630 migrate to md-sal APIs
[netvirt.git] / vpnmanager / impl / src / main / java / org / opendaylight / netvirt / vpnmanager / iplearn / AbstractIpLearnNotificationHandler.java
1 /*
2  * Copyright (c) 2018 Alten Calsoft Labs India Pvt Ltd. and others.  All rights reserved.
3  *
4  * This program and the accompanying materials are made available under the
5  * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6  * and is available at http://www.eclipse.org/legal/epl-v10.html
7  */
8
9 package org.opendaylight.netvirt.vpnmanager.iplearn;
10
11 import com.google.common.cache.Cache;
12 import com.google.common.cache.CacheBuilder;
13 import java.util.List;
14 import java.util.Objects;
15 import java.util.Optional;
16 import java.util.concurrent.TimeUnit;
17 import java.util.concurrent.locks.ReentrantLock;
18 import org.apache.commons.lang3.tuple.ImmutablePair;
19 import org.apache.commons.lang3.tuple.Pair;
20 import org.opendaylight.genius.mdsalutil.NWUtil;
21 import org.opendaylight.genius.utils.JvmGlobalLocks;
22 import org.opendaylight.netvirt.neutronvpn.api.enums.IpVersionChoice;
23 import org.opendaylight.netvirt.neutronvpn.interfaces.INeutronVpnManager;
24 import org.opendaylight.netvirt.vpnmanager.VpnUtil;
25 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IpAddress;
26 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IpPrefix;
27 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IpPrefixBuilder;
28 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.MacAddress;
29 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.l3vpn.rev130911.LearntVpnVipToPortEventAction;
30 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.l3vpn.rev130911.learnt.vpn.vip.to.port.data.LearntVpnVipToPort;
31 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.neutronvpn.l3vpn.rev200204.adjacency.list.Adjacency;
32 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.neutronvpn.rev150602.neutron.vpn.portip.port.data.VpnPortipToPort;
33 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.vpn.config.rev161130.VpnConfig;
34 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.ports.rev150712.ports.attributes.ports.Port;
35 import org.opendaylight.yangtools.yang.common.Uint64;
36 import org.slf4j.Logger;
37 import org.slf4j.LoggerFactory;
38
39 public abstract class AbstractIpLearnNotificationHandler {
40
41     private static final Logger LOG = LoggerFactory.getLogger(AbstractIpLearnNotificationHandler.class);
42
43     // temp where Key is VPNInstance+IP and value is timestamp
44     private final Cache<Pair<String, String>, Uint64> migrateIpCache;
45
46     protected final VpnConfig config;
47     protected final VpnUtil vpnUtil;
48     protected final INeutronVpnManager neutronVpnManager;
49     private long bootupTime = 0L;
50
51     public AbstractIpLearnNotificationHandler(VpnConfig vpnConfig, VpnUtil vpnUtil,
52             INeutronVpnManager neutronVpnManager) {
53         this.config = vpnConfig;
54         this.vpnUtil = vpnUtil;
55         this.neutronVpnManager = neutronVpnManager;
56
57         long duration = config.getIpLearnTimeout().toJava() * 10;
58         long cacheSize = config.getMigrateIpCacheSize().longValue();
59         migrateIpCache =
60                 CacheBuilder.newBuilder().maximumSize(cacheSize).expireAfterWrite(duration,
61                         TimeUnit.MILLISECONDS).build();
62         this.bootupTime = System.currentTimeMillis();
63     }
64
65     protected void validateAndProcessIpLearning(String srcInterface, IpAddress srcIP, MacAddress srcMac,
66             IpAddress targetIP, Uint64 metadata) {
67         List<Adjacency> adjacencies = vpnUtil.getAdjacenciesForVpnInterfaceFromConfig(srcInterface);
68         IpVersionChoice srcIpVersion = VpnUtil.getIpVersionFromString(srcIP.stringValue());
69         boolean isSrcIpVersionPartOfVpn = false;
70         if (adjacencies != null && !adjacencies.isEmpty()) {
71             for (Adjacency adj : adjacencies) {
72                 IpPrefix ipPrefix = IpPrefixBuilder.getDefaultInstance(adj.getIpAddress());
73                 // If extra/static route is configured, we should ignore for learning process
74                 if (NWUtil.isIpAddressInRange(srcIP, ipPrefix)) {
75                     return;
76                 }
77                 IpVersionChoice currentAdjIpVersion = VpnUtil.getIpVersionFromString(adj.getIpAddress());
78                 if (srcIpVersion.isIpVersionChosen(currentAdjIpVersion)) {
79                     isSrcIpVersionPartOfVpn = true;
80                 }
81             }
82             //If srcIP version is not part of the srcInterface VPN Adjacency, ignore IpLearning process
83             if (!isSrcIpVersionPartOfVpn) {
84                 return;
85             }
86         }
87
88         LOG.trace("ARP/NA Notification Response Received from interface {} and IP {} having MAC {}, learning MAC",
89                 srcInterface, srcIP.stringValue(), srcMac.getValue());
90         processIpLearning(srcInterface, srcIP, srcMac, metadata, targetIP);
91     }
92
93     protected void processIpLearning(String srcInterface, IpAddress srcIP, MacAddress srcMac, Uint64 metadata,
94                                      IpAddress dstIP) {
95
96         if (!VpnUtil.isArpLearningEnabled()) {
97             LOG.trace("Not handling packet as ARP Based Learning is disabled");
98             return;
99         }
100         if (metadata == null || Objects.equals(metadata, Uint64.ZERO)) {
101             return;
102         }
103
104         Optional<List<String>> vpnList = vpnUtil.getVpnHandlingIpv4AssociatedWithInterface(srcInterface);
105         if (!vpnList.isPresent()) {
106             LOG.info("IP LEARN NO_RESOLVE: VPN  not configured. Ignoring responding to ARP/NA requests from this"
107                     + " Interface {}.", srcInterface);
108             return;
109         }
110
111         String srcIpToQuery = srcIP.stringValue();
112         String destIpToQuery = dstIP.stringValue();
113         for (String vpnName : vpnList.get()) {
114             LOG.info("Received ARP/NA for sender MAC {} and sender IP {} via interface {}", srcMac.getValue(),
115                     srcIpToQuery, srcInterface);
116             final ReentrantLock lock = lockFor(vpnName, srcIpToQuery);
117             lock.lock();
118             try {
119                 VpnPortipToPort vpnPortipToPort = vpnUtil.getNeutronPortFromVpnPortFixedIp(vpnName, srcIpToQuery);
120                 // Check if this IP belongs to  external network
121                 if (vpnPortipToPort == null) {
122                     String extSubnetId = vpnUtil.getAssociatedExternalSubnet(srcIpToQuery);
123                     if (extSubnetId != null) {
124                         vpnPortipToPort =
125                                 vpnUtil.getNeutronPortFromVpnPortFixedIp(extSubnetId, srcIpToQuery);
126                     }
127                 }
128                 if (vpnPortipToPort != null && !vpnPortipToPort.isLearntIp()) {
129                     /*
130                      * This is a well known neutron port and so should be ignored from being
131                      * discovered...unless it is an Octavia VIP
132                      */
133                     String portName = vpnPortipToPort.getPortName();
134                     Port neutronPort = neutronVpnManager.getNeutronPort(portName);
135
136                     if (neutronPort == null) {
137                         LOG.warn("{} should have been a neutron port but could not retrieve it. Aborting processing",
138                                 portName);
139                         continue;
140                     }
141
142                     if (!"Octavia".equals(neutronPort.getDeviceOwner())) {
143                         LOG.debug("Neutron port {} is not an Octavia port, ignoring", portName);
144                         continue;
145                     }
146                 }
147                 // For IPs learnt before cluster-reboot/upgrade, GARP/ArpResponse is received
148                 // within 300sec
149                 // after reboot, it would be ignored.
150                 if (vpnPortipToPort != null && vpnPortipToPort.isLearntIp()) {
151                     if (System.currentTimeMillis()
152                             < this.bootupTime + config.getBootDelayArpLearning().toJava() * 1000) {
153                         LOG.trace("GARP/Arp Response not handled for IP {} vpnName {} for time {}s",
154                                 vpnPortipToPort.getPortFixedip(), vpnName, config.getBootDelayArpLearning());
155                         continue;
156                     }
157                 }
158                 LearntVpnVipToPort learntVpnVipToPort = vpnUtil.getLearntVpnVipToPort(vpnName, srcIpToQuery);
159                 if (learntVpnVipToPort != null) {
160                     String oldPortName = learntVpnVipToPort.getPortName();
161                     String oldMac = learntVpnVipToPort.getMacAddress();
162                     if (!oldMac.equalsIgnoreCase(srcMac.getValue())) {
163                         // MAC has changed for requested IP
164                         LOG.info("ARP/NA Source IP/MAC data modified for IP {} with MAC {} and Port {}", srcIpToQuery,
165                                 srcMac, srcInterface);
166                         vpnUtil.createLearntVpnVipToPortEvent(vpnName, srcIpToQuery, destIpToQuery, oldPortName, oldMac,
167                                 LearntVpnVipToPortEventAction.Delete, null);
168                         putVpnIpToMigrateIpCache(vpnName, srcIpToQuery, srcMac);
169                     }
170                 } else if (!isIpInMigrateCache(vpnName, srcIpToQuery)) {
171                     if (vpnPortipToPort != null && !vpnPortipToPort.getPortName().equals(srcInterface)) {
172                         LOG.trace(
173                                 "LearntIp: {} vpnName {} is already present in VpnPortIpToPort with " + "PortName {} ",
174                                 srcIpToQuery, vpnName, vpnPortipToPort.getPortName());
175                         vpnUtil.createLearntVpnVipToPortEvent(vpnName, srcIpToQuery, destIpToQuery,
176                                 vpnPortipToPort.getPortName(), vpnPortipToPort.getMacAddress(),
177                                 LearntVpnVipToPortEventAction.Delete, null);
178                         continue;
179                     }
180                     learnMacFromIncomingPacket(vpnName, srcInterface, srcIP, srcMac, dstIP);
181                 }
182             } finally {
183                 lock.unlock();
184             }
185         }
186     }
187
188     private void learnMacFromIncomingPacket(String vpnName, String srcInterface, IpAddress srcIP, MacAddress srcMac,
189             IpAddress dstIP) {
190         String srcIpToQuery = srcIP.stringValue();
191         String destIpToQuery = dstIP.stringValue();
192         final ReentrantLock lock = lockFor(vpnName, srcIpToQuery);
193         lock.lock();
194         try {
195             vpnUtil.createLearntVpnVipToPortEvent(vpnName, srcIpToQuery, destIpToQuery, srcInterface,
196                     srcMac.getValue(), LearntVpnVipToPortEventAction.Add, null);
197         } finally {
198             lock.unlock();
199         }
200     }
201
202     private void putVpnIpToMigrateIpCache(String vpnName, String ipToQuery, MacAddress srcMac) {
203         long cacheSize = config.getMigrateIpCacheSize().longValue();
204         if (migrateIpCache.size() >= cacheSize) {
205             LOG.debug("IP_MIGRATE_CACHE: max size {} reached, assuming cache eviction we still put IP {}"
206                     + " vpnName {} with MAC {}", cacheSize, ipToQuery, vpnName, srcMac);
207         }
208         LOG.debug("IP_MIGRATE_CACHE: add to dirty cache IP {} vpnName {} with MAC {}", ipToQuery, vpnName, srcMac);
209         migrateIpCache.put(new ImmutablePair<>(vpnName, ipToQuery),
210                 Uint64.valueOf(String.valueOf(System.currentTimeMillis())));
211     }
212
213     private boolean isIpInMigrateCache(String vpnName, String ipToQuery) {
214         if (migrateIpCache == null || migrateIpCache.size() == 0) {
215             return false;
216         }
217         Pair<String, String> keyPair = new ImmutablePair<>(vpnName, ipToQuery);
218         Uint64 prevTimeStampCached = migrateIpCache.getIfPresent(keyPair);
219         if (prevTimeStampCached == null) {
220             LOG.debug("IP_MIGRATE_CACHE: there is no IP {} vpnName {} in dirty cache, so learn it",
221                     ipToQuery, vpnName);
222             return false;
223         }
224         if (System.currentTimeMillis() > prevTimeStampCached.longValue() + config.getIpLearnTimeout().toJava()) {
225             LOG.debug("IP_MIGRATE_CACHE: older than timeout value - remove from dirty cache IP {} vpnName {}",
226                     ipToQuery, vpnName);
227             migrateIpCache.invalidate(keyPair);
228             return false;
229         }
230         LOG.debug("IP_MIGRATE_CACHE: younger than timeout value - ignore learning IP {} vpnName {}",
231                 ipToQuery, vpnName);
232         return true;
233     }
234
235     private static ReentrantLock lockFor(String vpnName, String srcIpToQuery) {
236         // FIXME: form an Identifier? That would side-step string concat here
237         return JvmGlobalLocks.getLockForString(vpnName + srcIpToQuery);
238     }
239 }
NetVirt - Archived