2 * Copyright (c) 2018 Alten Calsoft Labs India Pvt Ltd. and others. All rights reserved.
4 * This program and the accompanying materials are made available under the
5 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
6 * and is available at http://www.eclipse.org/legal/epl-v10.html
9 package org.opendaylight.netvirt.vpnmanager.iplearn;
11 import com.google.common.cache.Cache;
12 import com.google.common.cache.CacheBuilder;
13 import java.util.List;
14 import java.util.Objects;
15 import java.util.Optional;
16 import java.util.concurrent.TimeUnit;
17 import java.util.concurrent.locks.ReentrantLock;
18 import org.apache.commons.lang3.tuple.ImmutablePair;
19 import org.apache.commons.lang3.tuple.Pair;
20 import org.opendaylight.genius.mdsalutil.NWUtil;
21 import org.opendaylight.genius.utils.JvmGlobalLocks;
22 import org.opendaylight.netvirt.neutronvpn.api.enums.IpVersionChoice;
23 import org.opendaylight.netvirt.neutronvpn.interfaces.INeutronVpnManager;
24 import org.opendaylight.netvirt.vpnmanager.VpnUtil;
25 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IpAddress;
26 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IpPrefix;
27 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.inet.types.rev130715.IpPrefixBuilder;
28 import org.opendaylight.yang.gen.v1.urn.ietf.params.xml.ns.yang.ietf.yang.types.rev130715.MacAddress;
29 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.l3vpn.rev130911.LearntVpnVipToPortEventAction;
30 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.l3vpn.rev130911.learnt.vpn.vip.to.port.data.LearntVpnVipToPort;
31 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.neutronvpn.l3vpn.rev200204.adjacency.list.Adjacency;
32 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.neutronvpn.rev150602.neutron.vpn.portip.port.data.VpnPortipToPort;
33 import org.opendaylight.yang.gen.v1.urn.opendaylight.netvirt.vpn.config.rev161130.VpnConfig;
34 import org.opendaylight.yang.gen.v1.urn.opendaylight.neutron.ports.rev150712.ports.attributes.ports.Port;
35 import org.opendaylight.yangtools.yang.common.Uint64;
36 import org.slf4j.Logger;
37 import org.slf4j.LoggerFactory;
39 public abstract class AbstractIpLearnNotificationHandler {
41 private static final Logger LOG = LoggerFactory.getLogger(AbstractIpLearnNotificationHandler.class);
43 // temp where Key is VPNInstance+IP and value is timestamp
44 private final Cache<Pair<String, String>, Uint64> migrateIpCache;
46 protected final VpnConfig config;
47 protected final VpnUtil vpnUtil;
48 protected final INeutronVpnManager neutronVpnManager;
49 private long bootupTime = 0L;
51 public AbstractIpLearnNotificationHandler(VpnConfig vpnConfig, VpnUtil vpnUtil,
52 INeutronVpnManager neutronVpnManager) {
53 this.config = vpnConfig;
54 this.vpnUtil = vpnUtil;
55 this.neutronVpnManager = neutronVpnManager;
57 long duration = config.getIpLearnTimeout().toJava() * 10;
58 long cacheSize = config.getMigrateIpCacheSize().longValue();
60 CacheBuilder.newBuilder().maximumSize(cacheSize).expireAfterWrite(duration,
61 TimeUnit.MILLISECONDS).build();
62 this.bootupTime = System.currentTimeMillis();
65 protected void validateAndProcessIpLearning(String srcInterface, IpAddress srcIP, MacAddress srcMac,
66 IpAddress targetIP, Uint64 metadata) {
67 List<Adjacency> adjacencies = vpnUtil.getAdjacenciesForVpnInterfaceFromConfig(srcInterface);
68 IpVersionChoice srcIpVersion = VpnUtil.getIpVersionFromString(srcIP.stringValue());
69 boolean isSrcIpVersionPartOfVpn = false;
70 if (adjacencies != null && !adjacencies.isEmpty()) {
71 for (Adjacency adj : adjacencies) {
72 IpPrefix ipPrefix = IpPrefixBuilder.getDefaultInstance(adj.getIpAddress());
73 // If extra/static route is configured, we should ignore for learning process
74 if (NWUtil.isIpAddressInRange(srcIP, ipPrefix)) {
77 IpVersionChoice currentAdjIpVersion = VpnUtil.getIpVersionFromString(adj.getIpAddress());
78 if (srcIpVersion.isIpVersionChosen(currentAdjIpVersion)) {
79 isSrcIpVersionPartOfVpn = true;
82 //If srcIP version is not part of the srcInterface VPN Adjacency, ignore IpLearning process
83 if (!isSrcIpVersionPartOfVpn) {
88 LOG.trace("ARP/NA Notification Response Received from interface {} and IP {} having MAC {}, learning MAC",
89 srcInterface, srcIP.stringValue(), srcMac.getValue());
90 processIpLearning(srcInterface, srcIP, srcMac, metadata, targetIP);
93 protected void processIpLearning(String srcInterface, IpAddress srcIP, MacAddress srcMac, Uint64 metadata,
96 if (!VpnUtil.isArpLearningEnabled()) {
97 LOG.trace("Not handling packet as ARP Based Learning is disabled");
100 if (metadata == null || Objects.equals(metadata, Uint64.ZERO)) {
104 Optional<List<String>> vpnList = vpnUtil.getVpnHandlingIpv4AssociatedWithInterface(srcInterface);
105 if (!vpnList.isPresent()) {
106 LOG.info("IP LEARN NO_RESOLVE: VPN not configured. Ignoring responding to ARP/NA requests from this"
107 + " Interface {}.", srcInterface);
111 String srcIpToQuery = srcIP.stringValue();
112 String destIpToQuery = dstIP.stringValue();
113 for (String vpnName : vpnList.get()) {
114 LOG.info("Received ARP/NA for sender MAC {} and sender IP {} via interface {}", srcMac.getValue(),
115 srcIpToQuery, srcInterface);
116 final ReentrantLock lock = lockFor(vpnName, srcIpToQuery);
119 VpnPortipToPort vpnPortipToPort = vpnUtil.getNeutronPortFromVpnPortFixedIp(vpnName, srcIpToQuery);
120 // Check if this IP belongs to external network
121 if (vpnPortipToPort == null) {
122 String extSubnetId = vpnUtil.getAssociatedExternalSubnet(srcIpToQuery);
123 if (extSubnetId != null) {
125 vpnUtil.getNeutronPortFromVpnPortFixedIp(extSubnetId, srcIpToQuery);
128 if (vpnPortipToPort != null && !vpnPortipToPort.isLearntIp()) {
130 * This is a well known neutron port and so should be ignored from being
131 * discovered...unless it is an Octavia VIP
133 String portName = vpnPortipToPort.getPortName();
134 Port neutronPort = neutronVpnManager.getNeutronPort(portName);
136 if (neutronPort == null) {
137 LOG.warn("{} should have been a neutron port but could not retrieve it. Aborting processing",
142 if (!"Octavia".equals(neutronPort.getDeviceOwner())) {
143 LOG.debug("Neutron port {} is not an Octavia port, ignoring", portName);
147 // For IPs learnt before cluster-reboot/upgrade, GARP/ArpResponse is received
149 // after reboot, it would be ignored.
150 if (vpnPortipToPort != null && vpnPortipToPort.isLearntIp()) {
151 if (System.currentTimeMillis()
152 < this.bootupTime + config.getBootDelayArpLearning().toJava() * 1000) {
153 LOG.trace("GARP/Arp Response not handled for IP {} vpnName {} for time {}s",
154 vpnPortipToPort.getPortFixedip(), vpnName, config.getBootDelayArpLearning());
158 LearntVpnVipToPort learntVpnVipToPort = vpnUtil.getLearntVpnVipToPort(vpnName, srcIpToQuery);
159 if (learntVpnVipToPort != null) {
160 String oldPortName = learntVpnVipToPort.getPortName();
161 String oldMac = learntVpnVipToPort.getMacAddress();
162 if (!oldMac.equalsIgnoreCase(srcMac.getValue())) {
163 // MAC has changed for requested IP
164 LOG.info("ARP/NA Source IP/MAC data modified for IP {} with MAC {} and Port {}", srcIpToQuery,
165 srcMac, srcInterface);
166 vpnUtil.createLearntVpnVipToPortEvent(vpnName, srcIpToQuery, destIpToQuery, oldPortName, oldMac,
167 LearntVpnVipToPortEventAction.Delete, null);
168 putVpnIpToMigrateIpCache(vpnName, srcIpToQuery, srcMac);
170 } else if (!isIpInMigrateCache(vpnName, srcIpToQuery)) {
171 if (vpnPortipToPort != null && !vpnPortipToPort.getPortName().equals(srcInterface)) {
173 "LearntIp: {} vpnName {} is already present in VpnPortIpToPort with " + "PortName {} ",
174 srcIpToQuery, vpnName, vpnPortipToPort.getPortName());
175 vpnUtil.createLearntVpnVipToPortEvent(vpnName, srcIpToQuery, destIpToQuery,
176 vpnPortipToPort.getPortName(), vpnPortipToPort.getMacAddress(),
177 LearntVpnVipToPortEventAction.Delete, null);
180 learnMacFromIncomingPacket(vpnName, srcInterface, srcIP, srcMac, dstIP);
188 private void learnMacFromIncomingPacket(String vpnName, String srcInterface, IpAddress srcIP, MacAddress srcMac,
190 String srcIpToQuery = srcIP.stringValue();
191 String destIpToQuery = dstIP.stringValue();
192 final ReentrantLock lock = lockFor(vpnName, srcIpToQuery);
195 vpnUtil.createLearntVpnVipToPortEvent(vpnName, srcIpToQuery, destIpToQuery, srcInterface,
196 srcMac.getValue(), LearntVpnVipToPortEventAction.Add, null);
202 private void putVpnIpToMigrateIpCache(String vpnName, String ipToQuery, MacAddress srcMac) {
203 long cacheSize = config.getMigrateIpCacheSize().longValue();
204 if (migrateIpCache.size() >= cacheSize) {
205 LOG.debug("IP_MIGRATE_CACHE: max size {} reached, assuming cache eviction we still put IP {}"
206 + " vpnName {} with MAC {}", cacheSize, ipToQuery, vpnName, srcMac);
208 LOG.debug("IP_MIGRATE_CACHE: add to dirty cache IP {} vpnName {} with MAC {}", ipToQuery, vpnName, srcMac);
209 migrateIpCache.put(new ImmutablePair<>(vpnName, ipToQuery),
210 Uint64.valueOf(String.valueOf(System.currentTimeMillis())));
213 private boolean isIpInMigrateCache(String vpnName, String ipToQuery) {
214 if (migrateIpCache == null || migrateIpCache.size() == 0) {
217 Pair<String, String> keyPair = new ImmutablePair<>(vpnName, ipToQuery);
218 Uint64 prevTimeStampCached = migrateIpCache.getIfPresent(keyPair);
219 if (prevTimeStampCached == null) {
220 LOG.debug("IP_MIGRATE_CACHE: there is no IP {} vpnName {} in dirty cache, so learn it",
224 if (System.currentTimeMillis() > prevTimeStampCached.longValue() + config.getIpLearnTimeout().toJava()) {
225 LOG.debug("IP_MIGRATE_CACHE: older than timeout value - remove from dirty cache IP {} vpnName {}",
227 migrateIpCache.invalidate(keyPair);
230 LOG.debug("IP_MIGRATE_CACHE: younger than timeout value - ignore learning IP {} vpnName {}",
235 private static ReentrantLock lockFor(String vpnName, String srcIpToQuery) {
236 // FIXME: form an Identifier? That would side-step string concat here
237 return JvmGlobalLocks.getLockForString(vpnName + srcIpToQuery);