forked from contiv/ofnet
-
Notifications
You must be signed in to change notification settings - Fork 16
/
fgraphFlow.go
2243 lines (1890 loc) · 62.9 KB
/
fgraphFlow.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
/***
Copyright 2014 Cisco Systems Inc. All rights reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package ofctrl
// This file implements the forwarding graph API for the flow
import (
"encoding/binary"
"encoding/json"
"errors"
"fmt"
"net"
"sync"
"antrea.io/libOpenflow/openflow15"
"antrea.io/libOpenflow/util"
log "github.com/sirupsen/logrus"
)
// Small subset of openflow fields we currently support
type FlowMatch struct {
Priority uint16 // Priority of the flow
InputPort uint32 // Input port number
MacDa *net.HardwareAddr // Mac dest
MacDaMask *net.HardwareAddr // Mac dest mask
MacSa *net.HardwareAddr // Mac source
MacSaMask *net.HardwareAddr // Mac source mask
Ethertype uint16 // Ethertype
NonVlan bool // Non-vlan
VlanId *uint16 // vlan id
VlanMask *uint16 // Mask for vlan id
ArpOper uint16 // ARP Oper type
ArpSha *net.HardwareAddr // ARP source host address
ArpTha *net.HardwareAddr // ARP target host address
ArpSpa *net.IP // ARP source protocol address
ArpTpa *net.IP // ARP target protocol address
IpSa *net.IP // IPv4 source addr
IpSaMask *net.IP // IPv4 source mask
IpDa *net.IP // IPv4 dest addr
IpDaMask *net.IP // IPv4 dest mask
CtIpSa *net.IP // IPv4 source addr in ct
CtIpSaMask *net.IP // IPv4 source mask in ct
CtIpDa *net.IP // IPv4 dest addr in ct
CtIpDaMask *net.IP // IPv4 dest mask in ct
CtIpv6Sa *net.IP // IPv6 source addr
CtIpv6Da *net.IP // IPv6 dest addr in ct
IpProto uint8 // IP protocol
CtIpProto uint8 // IP protocol in ct
IpDscp uint8 // DSCP/TOS field
SrcPort uint16 // Source port in transport layer
SrcPortMask *uint16 // Mask for source port in transport layer
DstPort uint16 // Dest port in transport layer
DstPortMask *uint16 // Mask for dest port in transport layer
CtTpSrcPort uint16 // Source port in the transport layer in ct
CtTpDstPort uint16 // Dest port in the transport layer in ct
Icmp6Code *uint8 // ICMPv6 code
Icmp6Type *uint8 // ICMPv6 type
Icmp4Code *uint8 // ICMPv4 code
Icmp4Type *uint8 // ICMPv4 type
NdTarget *net.IP // ICMPv6 Neighbor Discovery Target
NdTargetMask *net.IP // Mask for ICMPv6 Neighbor Discovery Target
NdSll *net.HardwareAddr // ICMPv6 Neighbor Discovery Source Ethernet Address
NdTll *net.HardwareAddr // ICMPv6 Neighbor DIscovery Target Ethernet Address
IpTtl *uint8 // IPV4 TTL
Metadata *uint64 // OVS metadata
MetadataMask *uint64 // Metadata mask
TunnelId uint64 // Vxlan Tunnel id i.e. VNI
TunnelDst *net.IP // Tunnel destination addr
TcpFlags *uint16 // TCP flags
TcpFlagsMask *uint16 // Mask for TCP flags
ConjunctionID *uint32 // Add AddConjunction ID
CtStates *openflow15.CTStates // Connection tracking states
NxRegs []*NXRegister // regX or regX[m..n]
XxRegs []*XXRegister // xxregN or xxRegN[m..n]
CtMark uint32 // conn_track mark
CtMarkMask *uint32 // Mask of conn_track mark
CtLabelLo uint64 // conntrack label [0..63]
CtLabelHi uint64 // conntrack label [64..127]
CtLabelLoMask uint64 // conntrack label masks [0..63]
CtLabelHiMask uint64 // conntrack label masks [64..127]
ActsetOutput uint32 // Output port number
TunMetadatas []*NXTunMetadata // tun_metadataX or tun_metadataX[m..n]
PktMark uint32 // Packet mark
PktMarkMask *uint32 // Packet mark mask
}
// additional Actions in flow's instruction set
type FlowAction struct {
ActionType string // Type of action "setVlan", "setMetadata"
vlanId uint16 // Vlan Id in case of "setVlan"
macAddr net.HardwareAddr // Mac address to set
mplsEtherType uint16 // mpls ether type to push or pop
ipAddr net.IP // IP address to be set
l4Port uint16 // Transport port to be set
arpOper uint16 // Arp operation type to be set
tunnelId uint64 // Tunnel Id (used for setting VNI)
metadata uint64 // Metadata in case of "setMetadata"
metadataMask uint64 // Metadata mask
dscp uint8 // DSCP field
setFieldAct *SetFieldAction // SetField action
copyFieldAct *CopyFieldAction // CopyField action
//TODO: remove following two actions.
loadAct *NXLoadAction // Load data into OXM/NXM fields, one or more Actions
moveAct *NXMoveAction // Move data from src OXM/NXM field to dst field
conjunction *NXConjunctionAction // AddConjunction Actions to be set
connTrack *NXConnTrackAction // ct Actions to be set
resubmit *Resubmit // resubmit packet to a specific Table and port. Resubmit could also be a NextElem.
// If the packet is resubmitted to multiple ports, use resubmit as a FlowAction
// and the NextElem should be Empty.
learn *FlowLearn // nxm learn action
notes []byte // data to set in note action
controller *NXController // send packet to controller
nxOutput *NXOutput // output packet to a provided register
}
// State of a flow entry
type Flow struct {
Table *Table // Table where this flow resides
Match FlowMatch // Fields to be matched
NextElem FgraphElem // Next fw graph element
HardTimeout uint16 // Timeout to remove the flow after it is installed in the switch
IdleTimeout uint16 // Timeout to remove the flow after its last hit
isInstalled bool // Is the flow installed in the switch
CookieID uint64 // Cookie ID for flowMod message
CookieMask *uint64 // Cookie Mask for flowMod message
flowActions []*FlowAction // List of flow Actions
lock sync.RWMutex // lock for modifying flow state
statusLock sync.RWMutex // lock for modifying flow realized status
realized bool // Realized status of flow
appliedActions []OFAction
writtenActions []OFAction
metadata *writeMetadata
gotoTable *uint8
clearActions bool
meter *uint32
}
type writeMetadata struct {
data uint64
mask uint64
}
// Matches data either exactly or with optional mask in register number ID. The mask
// could be calculated according to range automatically
type NXRegister struct {
ID int // ID of NXM_NX_REG, value should be from 0 to 15
Data uint32 // Data to cache in register. Note: Don't shift Data to its offset in caller
Mask uint32 // Bitwise mask of data
Range *openflow15.NXRange // Range of bits in register
}
type XXRegister struct {
ID int // ID of NXM_NX_XXREG, value should be from 0 to 3
Data []byte // Data to cache in xxreg
}
type NXTunMetadata struct {
ID int // ID of NXM_NX_TUN_METADATA, value should be from 0 to 7. OVS supports 64 tun_metadata, but only 0-7 is implemented in libOpenflow
Data interface{} // Data to set in the register
Range *openflow15.NXRange // Range of bits in the field
}
const IP_PROTO_TCP = 6
const IP_PROTO_UDP = 17
const IP_PROTO_SCTP = 132
var (
EmptyFlowActionError = errors.New("flow Actions is empty")
UnknownElementTypeError = errors.New("unknown Fgraph element type")
UnknownActionTypeError = errors.New("unknown action type")
)
type FlowBundleMessage struct {
message *openflow15.FlowMod
}
func (m *FlowBundleMessage) resetXid(xid uint32) util.Message {
m.message.Xid = xid
log.Debugf("resetXid xid: %x", m.message.Xid)
return m.message
}
func (m *FlowBundleMessage) getXid() uint32 {
return m.message.Xid
}
// string key for the flow
// FIXME: simple json conversion for now. This needs to be smarter
func (self *Flow) flowKey() string {
jsonVal, err := json.Marshal(self.Match)
if err != nil {
log.Errorf("Error forming flowkey for %+v. Err: %v", self, err)
return ""
}
return string(jsonVal)
}
// Fgraph element type for the flow
func (self *Flow) Type() string {
return "flow"
}
// instruction set for flow element
func (self *Flow) GetFlowInstr() openflow15.Instruction {
log.Fatalf("Unexpected call to get flow's instruction set")
return nil
}
// Translate our match fields into openflow 1.5 match fields
func (self *Flow) xlateMatch() openflow15.Match {
ofMatch := openflow15.NewMatch()
// Handle input port
if self.Match.InputPort != 0 {
inportField := openflow15.NewInPortField(self.Match.InputPort)
ofMatch.AddField(*inportField)
}
// Handle MacDa field
if self.Match.MacDa != nil {
if self.Match.MacDaMask != nil {
macDaField := openflow15.NewEthDstField(*self.Match.MacDa, self.Match.MacDaMask)
ofMatch.AddField(*macDaField)
} else {
macDaField := openflow15.NewEthDstField(*self.Match.MacDa, nil)
ofMatch.AddField(*macDaField)
}
}
// Handle MacSa field
if self.Match.MacSa != nil {
if self.Match.MacSaMask != nil {
macSaField := openflow15.NewEthSrcField(*self.Match.MacSa, self.Match.MacSaMask)
ofMatch.AddField(*macSaField)
} else {
macSaField := openflow15.NewEthSrcField(*self.Match.MacSa, nil)
ofMatch.AddField(*macSaField)
}
}
// Handle ethertype
if self.Match.Ethertype != 0 {
etypeField := openflow15.NewEthTypeField(self.Match.Ethertype)
ofMatch.AddField(*etypeField)
}
// Handle Vlan id
if self.Match.NonVlan {
vidField := openflow15.NewVlanIdField(0, nil)
vidField.Value = new(openflow15.VlanIdField)
ofMatch.AddField(*vidField)
} else if self.Match.VlanId != nil {
vidField := openflow15.NewVlanIdField(*self.Match.VlanId, self.Match.VlanMask)
ofMatch.AddField(*vidField)
}
// Handle ARP Oper type
if self.Match.ArpOper != 0 {
arpOperField := openflow15.NewArpOperField(self.Match.ArpOper)
ofMatch.AddField(*arpOperField)
}
// Handle ARP THA
if self.Match.ArpTha != nil {
arpTHAField := openflow15.NewArpThaField(*self.Match.ArpTha)
ofMatch.AddField(*arpTHAField)
}
// Handle ARP SHA
if self.Match.ArpSha != nil {
arpSHAField := openflow15.NewArpShaField(*self.Match.ArpSha)
ofMatch.AddField(*arpSHAField)
}
// Handle ARP TPA
if self.Match.ArpTpa != nil {
arpTPAField := openflow15.NewArpTpaField(*self.Match.ArpTpa)
ofMatch.AddField(*arpTPAField)
}
// Handle ARP SPA
if self.Match.ArpSpa != nil {
arpSPAField := openflow15.NewArpSpaField(*self.Match.ArpSpa)
ofMatch.AddField(*arpSPAField)
}
// Handle IP Dst
if self.Match.IpDa != nil {
if self.Match.IpDa.To4() != nil {
ipDaField := openflow15.NewIpv4DstField(*self.Match.IpDa, self.Match.IpDaMask)
ofMatch.AddField(*ipDaField)
} else {
ipv6DaField := openflow15.NewIpv6DstField(*self.Match.IpDa, self.Match.IpDaMask)
ofMatch.AddField(*ipv6DaField)
}
}
// Handle IP Src
if self.Match.IpSa != nil {
if self.Match.IpSa.To4() != nil {
ipSaField := openflow15.NewIpv4SrcField(*self.Match.IpSa, self.Match.IpSaMask)
ofMatch.AddField(*ipSaField)
} else {
ipv6SaField := openflow15.NewIpv6SrcField(*self.Match.IpSa, self.Match.IpSaMask)
ofMatch.AddField(*ipv6SaField)
}
}
// Handle IP protocol
if self.Match.IpProto != 0 {
protoField := openflow15.NewIpProtoField(self.Match.IpProto)
ofMatch.AddField(*protoField)
}
// Handle IP dscp
if self.Match.IpDscp != 0 {
dscpField := openflow15.NewIpDscpField(self.Match.IpDscp, nil)
ofMatch.AddField(*dscpField)
}
// Handle port numbers
if self.Match.SrcPort != 0 {
var portField *openflow15.MatchField
switch self.Match.IpProto {
case IP_PROTO_UDP:
portField = openflow15.NewUdpSrcField(self.Match.SrcPort)
case IP_PROTO_SCTP:
portField = openflow15.NewSctpSrcField(self.Match.SrcPort)
case IP_PROTO_TCP:
fallthrough
default:
portField = openflow15.NewTcpSrcField(self.Match.SrcPort)
}
if self.Match.SrcPortMask != nil {
portField.HasMask = true
portMaskField := openflow15.NewPortField(*self.Match.SrcPortMask)
portField.Mask = portMaskField
portField.Length += uint8(portMaskField.Len())
}
ofMatch.AddField(*portField)
}
if self.Match.DstPort != 0 {
var portField *openflow15.MatchField
switch self.Match.IpProto {
case IP_PROTO_UDP:
portField = openflow15.NewUdpDstField(self.Match.DstPort)
case IP_PROTO_SCTP:
portField = openflow15.NewSctpDstField(self.Match.DstPort)
case IP_PROTO_TCP:
fallthrough
default:
portField = openflow15.NewTcpDstField(self.Match.DstPort)
}
if self.Match.DstPortMask != nil {
portField.HasMask = true
portMaskField := openflow15.NewPortField(*self.Match.DstPortMask)
portField.Mask = portMaskField
portField.Length += uint8(portMaskField.Len())
}
ofMatch.AddField(*portField)
}
// Handle tcp flags
if self.Match.IpProto == IP_PROTO_TCP && self.Match.TcpFlags != nil {
tcpFlagField := openflow15.NewTcpFlagsField(*self.Match.TcpFlags, self.Match.TcpFlagsMask)
ofMatch.AddField(*tcpFlagField)
}
// Handle metadata
if self.Match.Metadata != nil {
if self.Match.MetadataMask != nil {
metadataField := openflow15.NewMetadataField(*self.Match.Metadata, self.Match.MetadataMask)
ofMatch.AddField(*metadataField)
} else {
metadataField := openflow15.NewMetadataField(*self.Match.Metadata, nil)
ofMatch.AddField(*metadataField)
}
}
// Handle Vxlan tunnel id
if self.Match.TunnelId != 0 {
tunnelIdField := openflow15.NewTunnelIdField(self.Match.TunnelId)
ofMatch.AddField(*tunnelIdField)
}
// Handle IPv4 tunnel destination addr
if self.Match.TunnelDst != nil {
if ipv4Dst := self.Match.TunnelDst.To4(); ipv4Dst != nil {
tunnelDstField := openflow15.NewTunnelIpv4DstField(ipv4Dst, nil)
ofMatch.AddField(*tunnelDstField)
} else {
tunnelIpv6DstField := openflow15.NewTunnelIpv6DstField(*self.Match.TunnelDst, nil)
ofMatch.AddField(*tunnelIpv6DstField)
}
}
// Handle conjunction id
if self.Match.ConjunctionID != nil {
conjIDField := openflow15.NewConjIDMatchField(*self.Match.ConjunctionID)
ofMatch.AddField(*conjIDField)
}
// Handle ct states
if self.Match.CtStates != nil {
ctStateField := openflow15.NewCTStateMatchField(self.Match.CtStates)
ofMatch.AddField(*ctStateField)
}
// Handle reg match
if self.Match.NxRegs != nil {
regMap := make(map[int][]*NXRegister)
for _, reg := range self.Match.NxRegs {
_, found := regMap[reg.ID]
if !found {
regMap[reg.ID] = []*NXRegister{reg}
} else {
regMap[reg.ID] = append(regMap[reg.ID], reg)
}
}
for _, regs := range regMap {
reg := merge(regs)
regField := openflow15.NewRegMatchFieldWithMask(reg.ID, reg.Data, reg.Mask)
ofMatch.AddField(*regField)
}
}
// Handle xxreg match
if self.Match.XxRegs != nil {
for _, reg := range self.Match.XxRegs {
fieldName := fmt.Sprintf("NXM_NX_XXReg%d", reg.ID)
field, _ := openflow15.FindFieldHeaderByName(fieldName, false)
field.Value = &openflow15.ByteArrayField{Data: reg.Data, Length: uint8(len(reg.Data))}
ofMatch.AddField(*field)
}
}
// Handle ct_mark match
if self.Match.CtMark != 0 || self.Match.CtMarkMask != nil {
ctMarkField := openflow15.NewCTMarkMatchField(self.Match.CtMark, self.Match.CtMarkMask)
ofMatch.AddField(*ctMarkField)
}
if self.Match.CtLabelHiMask != 0 || self.Match.CtLabelLoMask != 0 || self.Match.CtLabelHi != 0 || self.Match.CtLabelLo != 0 {
var buf [16]byte
binary.BigEndian.PutUint64(buf[:8], self.Match.CtLabelHi)
binary.BigEndian.PutUint64(buf[8:], self.Match.CtLabelLo)
if self.Match.CtLabelLoMask != 0 || self.Match.CtLabelHiMask != 0 {
var maskBuf [16]byte
binary.BigEndian.PutUint64(maskBuf[:8], self.Match.CtLabelHiMask)
binary.BigEndian.PutUint64(maskBuf[8:], self.Match.CtLabelLoMask)
ofMatch.AddField(*openflow15.NewCTLabelMatchField(buf, &maskBuf))
} else {
ofMatch.AddField(*openflow15.NewCTLabelMatchField(buf, nil))
}
}
// Handle actset_output match
if self.Match.ActsetOutput != 0 {
actsetOutputField := openflow15.NewActsetOutputField(self.Match.ActsetOutput)
ofMatch.AddField(*actsetOutputField)
}
// Handle tun_metadata match
if len(self.Match.TunMetadatas) > 0 {
for _, m := range self.Match.TunMetadatas {
data := getDataBytes(m.Data, m.Range)
var mask []byte
if m.Range != nil {
start := int(m.Range.GetOfs())
length := int(m.Range.GetNbits())
mask = getMaskBytes(start, length)
}
tmField := openflow15.NewTunMetadataField(m.ID, data, mask)
ofMatch.AddField(*tmField)
}
}
if self.Match.CtIpSa != nil {
ctIPSaField, _ := openflow15.FindFieldHeaderByName("NXM_NX_CT_NW_SRC", false)
ctIPSaField.Value = &openflow15.Ipv4SrcField{
Ipv4Src: *self.Match.CtIpSa,
}
if self.Match.CtIpSaMask != nil {
mask := new(openflow15.Ipv4SrcField)
mask.Ipv4Src = *self.Match.CtIpSaMask
ctIPSaField.HasMask = true
ctIPSaField.Mask = mask
ctIPSaField.Length += uint8(mask.Len())
}
ofMatch.AddField(*ctIPSaField)
}
if self.Match.CtIpDa != nil {
ctIPDaField, _ := openflow15.FindFieldHeaderByName("NXM_NX_CT_NW_DST", false)
ctIPDaField.Value = &openflow15.Ipv4DstField{
Ipv4Dst: *self.Match.CtIpDa,
}
if self.Match.CtIpDaMask != nil {
mask := new(openflow15.Ipv4DstField)
mask.Ipv4Dst = *self.Match.CtIpDaMask
ctIPDaField.HasMask = true
ctIPDaField.Mask = mask
ctIPDaField.Length += uint8(mask.Len())
}
ofMatch.AddField(*ctIPDaField)
}
if self.Match.CtIpProto > 0 {
ctIPProtoField, _ := openflow15.FindFieldHeaderByName("NXM_NX_CT_NW_PROTO", false)
ctIPProtoField.Value = &ProtocolField{protocol: self.Match.CtIpProto}
ofMatch.AddField(*ctIPProtoField)
}
if self.Match.CtIpv6Sa != nil {
ctIPv6SaField, _ := openflow15.FindFieldHeaderByName("NXM_NX_CT_IPV6_SRC", false)
ctIPv6SaField.Value = &openflow15.Ipv6SrcField{Ipv6Src: *self.Match.CtIpv6Sa}
ofMatch.AddField(*ctIPv6SaField)
}
if self.Match.CtIpv6Da != nil {
ctIPv6DaField, _ := openflow15.FindFieldHeaderByName("NXM_NX_CT_IPV6_DST", false)
ctIPv6DaField.Value = &openflow15.Ipv6DstField{Ipv6Dst: *self.Match.CtIpv6Da}
ofMatch.AddField(*ctIPv6DaField)
}
if self.Match.CtTpSrcPort > 0 {
ctTpSrcPortField, _ := openflow15.FindFieldHeaderByName("NXM_NX_CT_TP_SRC", false)
ctTpSrcPortField.Value = &PortField{port: self.Match.CtTpSrcPort}
ofMatch.AddField(*ctTpSrcPortField)
}
if self.Match.CtTpDstPort > 0 {
ctTpDstPortField, _ := openflow15.FindFieldHeaderByName("NXM_NX_CT_TP_DST", false)
ctTpDstPortField.Value = &PortField{port: self.Match.CtTpDstPort}
ofMatch.AddField(*ctTpDstPortField)
}
if self.Match.Icmp6Code != nil {
icmp6CodeField, _ := openflow15.FindFieldHeaderByName("NXM_NX_ICMPV6_CODE", false)
icmp6CodeField.Value = &openflow15.IcmpCodeField{Code: *self.Match.Icmp6Code}
ofMatch.AddField(*icmp6CodeField)
}
if self.Match.Icmp6Type != nil {
icmp6TypeField, _ := openflow15.FindFieldHeaderByName("NXM_NX_ICMPV6_Type", false)
icmp6TypeField.Value = &openflow15.IcmpTypeField{Type: *self.Match.Icmp6Type}
ofMatch.AddField(*icmp6TypeField)
}
if self.Match.NdTarget != nil {
ndTargetField, _ := openflow15.FindFieldHeaderByName("NXM_NX_ND_TARGET", self.Match.NdTargetMask != nil)
ndTargetField.Value = &openflow15.Ipv6DstField{Ipv6Dst: *self.Match.NdTarget}
if self.Match.NdTargetMask != nil {
ndTargetField.Mask = &openflow15.Ipv6DstField{Ipv6Dst: *self.Match.NdTargetMask}
}
ofMatch.AddField(*ndTargetField)
}
if self.Match.NdSll != nil {
ndSllField, _ := openflow15.FindFieldHeaderByName("NXM_NX_ND_SLL", false)
ndSllField.Value = &openflow15.EthSrcField{EthSrc: *self.Match.NdSll}
ofMatch.AddField(*ndSllField)
}
if self.Match.NdTll != nil {
ndTllField, _ := openflow15.FindFieldHeaderByName("NXM_NX_ND_TLL", false)
ndTllField.Value = &openflow15.EthDstField{EthDst: *self.Match.NdTll}
ofMatch.AddField(*ndTllField)
}
if self.Match.IpTtl != nil {
ipTtlField, _ := openflow15.FindFieldHeaderByName("NXM_NX_IP_TTL", false)
ipTtlField.Value = &openflow15.TtlField{Ttl: *self.Match.IpTtl}
ofMatch.AddField(*ipTtlField)
}
// Handle pkt_mark match
if self.Match.PktMark != 0 {
pktMarkField, _ := openflow15.FindFieldHeaderByName("NXM_NX_PKT_MARK", self.Match.PktMarkMask != nil)
pktMarkField.Value = &openflow15.Uint32Message{Data: self.Match.PktMark}
if self.Match.PktMarkMask != nil {
pktMarkField.Mask = &openflow15.Uint32Message{Data: *self.Match.PktMarkMask}
}
ofMatch.AddField(*pktMarkField)
}
if self.Match.Icmp4Code != nil {
icmp4CodeField, _ := openflow15.FindFieldHeaderByName("NXM_OF_ICMP_CODE", false)
icmp4CodeField.Value = &openflow15.IcmpCodeField{Code: *self.Match.Icmp4Code}
ofMatch.AddField(*icmp4CodeField)
}
if self.Match.Icmp4Type != nil {
icmp4TypeField, _ := openflow15.FindFieldHeaderByName("NXM_OF_ICMP_TYPE", false)
icmp4TypeField.Value = &openflow15.IcmpTypeField{Type: *self.Match.Icmp4Type}
ofMatch.AddField(*icmp4TypeField)
}
return *ofMatch
}
func getRangeEnd(rng *openflow15.NXRange) uint16 {
return rng.GetOfs() + rng.GetNbits() - 1
}
func getStartFromMask(mask uint32) uint16 {
var count uint16
if mask == 0 {
return 0
}
for mask&1 == 0 {
mask >>= 1
count++
}
return count
}
func merge(regs []*NXRegister) *NXRegister {
var data, mask uint32
for _, reg := range regs {
if reg.Mask != 0 {
data |= reg.Data << getStartFromMask(reg.Mask)
mask |= reg.Mask
} else if reg.Range != nil {
// no mask, need to compute mask according to range
end := getRangeEnd(reg.Range)
start := reg.Range.GetOfs()
data |= reg.Data << start
mask |= ((uint32(1) << (end - start + 1)) - 1) << start
} else {
// full range
data |= reg.Data
mask |= 0xffffffff
}
}
return &NXRegister{
ID: regs[0].ID,
Data: data,
Mask: mask,
}
}
func getDataBytes(value interface{}, nxRange *openflow15.NXRange) []byte {
start := int(nxRange.GetOfs())
length := int(nxRange.GetNbits())
switch v := value.(type) {
case uint32:
rst := getUint32WithOfs(v, start, length)
data := make([]byte, 4)
binary.BigEndian.PutUint32(data, rst)
return data
case uint64:
rst := getUint64WithOfs(v, start, length)
data := make([]byte, 8)
binary.BigEndian.PutUint64(data, rst)
return data
case []byte:
return v
}
return nil
}
func getUint32WithOfs(data uint32, start, length int) uint32 {
return data << (32 - length) >> (32 - length - start)
}
func getUint64WithOfs(data uint64, start, length int) uint64 {
return data << (64 - length) >> (64 - length - start)
}
func getMaskBytes(start, length int) []byte {
end := start + length - 1
if end < 32 {
data := make([]byte, 4)
mask := getUint32WithOfs(^uint32(0), start, length)
binary.BigEndian.PutUint32(data, mask)
return data
}
if end < 64 {
data := make([]byte, 8)
mask := getUint64WithOfs(^uint64(0), start, length)
binary.BigEndian.PutUint64(data, mask)
return data
}
i := 0
bytesLength := 8 * ((end + 63) / 64)
data := make([]byte, bytesLength)
for i < bytesLength {
subStart := i * 64
subEnd := i*64 + 63
if start > subEnd {
binary.BigEndian.PutUint64(data[i:], uint64(0))
i += 8
continue
}
var rngStart, rngLength int
if start < subStart {
rngStart = 0
} else {
rngStart = start - subStart
}
if end > subEnd {
rngLength = 64 - rngStart
} else {
rngLength = (end - subStart) - rngStart + 1
}
data = append(data, getMaskBytes(rngStart, rngLength)...)
i += 8
}
return data
}
// Install all flow Actions
func (self *Flow) installFlowActions(flowMod *openflow15.FlowMod,
instr openflow15.Instruction) error {
var actInstr openflow15.Instruction
var addActn bool = false
var err error
// Create a apply_action instruction to be used if its not already created
switch instr.(type) {
case *openflow15.InstrActions:
actInstr = instr
default:
actInstr = openflow15.NewInstrApplyActions()
}
// Loop thru all Actions in reversed order, and prepend the action into instruction, so that the Actions is in the
// order as it is added by the client.
for i := len(self.flowActions) - 1; i >= 0; i-- {
flowAction := self.flowActions[i]
switch flowAction.ActionType {
case ActTypeSetVlan:
// Push Vlan Tag action
pushVlanAction := openflow15.NewActionPushVlan(0x8100)
// Set Outer vlan tag field
vlanField := openflow15.NewVlanIdField(flowAction.vlanId, nil)
setVlanAction := openflow15.NewActionSetField(*vlanField)
// Prepend push vlan & setvlan Actions to existing instruction
err = actInstr.AddAction(setVlanAction, true)
if err != nil {
return err
}
err = actInstr.AddAction(pushVlanAction, true)
if err != nil {
return err
}
addActn = true
log.Debugf("flow install. Added pushvlan action: %+v, setVlan Actions: %+v",
pushVlanAction, setVlanAction)
case ActTypePopVlan:
// Create pop vln action
popVlan := openflow15.NewActionPopVlan()
// Add it to instruction
err = actInstr.AddAction(popVlan, true)
if err != nil {
return err
}
addActn = true
log.Debugf("flow install. Added popVlan action: %+v", popVlan)
case ActTypePushMpls:
// Create push mpls action
pushMpls := (&PushMPLSAction{EtherType: flowAction.mplsEtherType}).GetActionMessage()
// Add it to instruction
err = actInstr.AddAction(pushMpls, true)
if err != nil {
return err
}
addActn = true
log.Debugf("flow install. Added pushMpls action: %+v", pushMpls)
case ActTypePopMpls:
// Create pop mpls action
popMpls := (&PopMPLSAction{EtherType: flowAction.mplsEtherType}).GetActionMessage()
// Add it to instruction
err = actInstr.AddAction(popMpls, true)
if err != nil {
return err
}
addActn = true
log.Debugf("flow install. Added popMpls action: %+v", popMpls)
case ActTypeSetDstMac:
// Set Outer MacDA field
macDaField := openflow15.NewEthDstField(flowAction.macAddr, nil)
setMacDaAction := openflow15.NewActionSetField(*macDaField)
// Add set macDa action to the instruction
err = actInstr.AddAction(setMacDaAction, true)
if err != nil {
return err
}
addActn = true
log.Debugf("flow install. Added setMacDa action: %+v", setMacDaAction)
case ActTypeSetSrcMac:
// Set Outer MacSA field
macSaField := openflow15.NewEthSrcField(flowAction.macAddr, nil)
setMacSaAction := openflow15.NewActionSetField(*macSaField)
// Add set macDa action to the instruction
err = actInstr.AddAction(setMacSaAction, true)
if err != nil {
return err
}
addActn = true
log.Debugf("flow install. Added setMacSa Action: %+v", setMacSaAction)
case ActTypeSetTunnelID:
// Set tunnelId field
tunnelIdField := openflow15.NewTunnelIdField(flowAction.tunnelId)
setTunnelAction := openflow15.NewActionSetField(*tunnelIdField)
// Add set tunnel action to the instruction
err = actInstr.AddAction(setTunnelAction, true)
if err != nil {
return err
}
addActn = true
log.Debugf("flow install. Added setTunnelId Action: %+v", setTunnelAction)
case "setMetadata":
// Set Metadata instruction
metadataInstr := openflow15.NewInstrWriteMetadata(flowAction.metadata, flowAction.metadataMask)
// Add the instruction to flowmod
flowMod.AddInstruction(metadataInstr)
case ActTypeSetSrcIP:
// Set IP src
ipSaField := openflow15.NewIpv4SrcField(flowAction.ipAddr, nil)
setIPSaAction := openflow15.NewActionSetField(*ipSaField)
// Add set action to the instruction
err = actInstr.AddAction(setIPSaAction, true)
if err != nil {
return err
}
addActn = true
log.Debugf("flow install. Added setIPSa Action: %+v", setIPSaAction)
case ActTypeSetDstIP:
// Set IP dst
ipDaField := openflow15.NewIpv4DstField(flowAction.ipAddr, nil)
setIPDaAction := openflow15.NewActionSetField(*ipDaField)
// Add set action to the instruction
err = actInstr.AddAction(setIPDaAction, true)
if err != nil {
return err
}
addActn = true
log.Debugf("flow install. Added setIPDa Action: %+v", setIPDaAction)
case ActTypeSetTunnelSrcIP:
// Set tunnel src addr field
tunnelSrcField := openflow15.NewTunnelIpv4SrcField(flowAction.ipAddr, nil)
setTunnelSrcAction := openflow15.NewActionSetField(*tunnelSrcField)
// Add set tunnel action to the instruction
err = actInstr.AddAction(setTunnelSrcAction, true)
if err != nil {
return err
}
addActn = true
log.Debugf("flow action: Added setTunSa Action: %+v", setTunnelSrcAction)
case ActTypeSetTunnelDstIP:
// Set tunnel dst addr field
tunnelDstField := openflow15.NewTunnelIpv4DstField(flowAction.ipAddr, nil)
setTunnelAction := openflow15.NewActionSetField(*tunnelDstField)
// Add set tunnel action to the instruction
err = actInstr.AddAction(setTunnelAction, true)
if err != nil {
return err
}
addActn = true
log.Debugf("flow action: Added setTunDa Action: %+v", setTunnelAction)
case ActTypeSetDSCP:
// Set DSCP field
ipDscpField := openflow15.NewIpDscpField(flowAction.dscp, nil)
setIPDscpAction := openflow15.NewActionSetField(*ipDscpField)
// Add set action to the instruction
err = actInstr.AddAction(setIPDscpAction, true)
if err != nil {
return err
}
addActn = true
log.Debugf("flow install. Added setDscp Action: %+v", setIPDscpAction)
case ActTypeSetARPOper:
// Set ARP operation type field
arpOpField := openflow15.NewArpOperField(flowAction.arpOper)
setARPOpAction := openflow15.NewActionSetField(*arpOpField)
// Add set ARP operation type action to the instruction
err = actInstr.AddAction(setARPOpAction, true)
if err != nil {
return err
}
addActn = true
log.Debugf("flow action: Added setArpOper Action: %+v", setARPOpAction)
case ActTypeSetARPSHA:
// Set ARP_SHA field
arpShaField := openflow15.NewArpShaField(flowAction.macAddr)
setARPShaAction := openflow15.NewActionSetField(*arpShaField)
// Append set ARP_SHA action to the instruction
err = actInstr.AddAction(setARPShaAction, true)
if err != nil {
return err
}
addActn = true
log.Debugf("flow action: Added setARPSha Action: %+v", setARPShaAction)
case ActTypeSetARPTHA:
// Set ARP_THA field
arpThaField := openflow15.NewArpThaField(flowAction.macAddr)
setARPThaAction := openflow15.NewActionSetField(*arpThaField)
// Add set ARP_THA action to the instruction
err = actInstr.AddAction(setARPThaAction, true)
if err != nil {
return err
}
addActn = true
log.Debugf("flow action: Added setARPTha Action: %+v", setARPThaAction)
case ActTypeSetARPSPA:
// Set ARP_SPA field
arpSpaField := openflow15.NewArpSpaField(flowAction.ipAddr)
setARPSpaAction := openflow15.NewActionSetField(*arpSpaField)
// Add set ARP_SPA action to the instruction
err = actInstr.AddAction(setARPSpaAction, true)
if err != nil {
return err
}
addActn = true
log.Debugf("flow action: Added setARPSpa Action: %+v", setARPSpaAction)
case ActTypeSetARPTPA:
// Set ARP_TPA field
arpTpaField := openflow15.NewArpTpaField(flowAction.ipAddr)
setARPTpaAction := openflow15.NewActionSetField(*arpTpaField)
// Add set ARP_SPA action to the instruction
err = actInstr.AddAction(setARPTpaAction, true)
if err != nil {
return err
}
addActn = true
log.Debugf("flow action: Added setARPTpa Action: %+v", setARPTpaAction)
case ActTypeSetTCPsPort:
// Set TCP src