Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 1 | /* |
| 2 | * Copyright 2015 Open Networking Laboratory |
| 3 | * |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | * you may not use this file except in compliance with the License. |
| 6 | * You may obtain a copy of the License at |
| 7 | * |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | * |
| 10 | * Unless required by applicable law or agreed to in writing, software |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | * See the License for the specific language governing permissions and |
| 14 | * limitations under the License. |
| 15 | */ |
| 16 | package org.onosproject.cordvtn; |
| 17 | |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 18 | import com.google.common.collect.Lists; |
| 19 | import com.google.common.collect.Maps; |
| 20 | import org.onlab.packet.Ethernet; |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 21 | import org.onlab.packet.Ip4Address; |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 22 | import org.onlab.packet.Ip4Prefix; |
| 23 | import org.onlab.packet.IpAddress; |
| 24 | import org.onlab.packet.IpPrefix; |
| 25 | import org.onlab.packet.MacAddress; |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 26 | import org.onlab.util.ItemNotFoundException; |
| 27 | import org.onosproject.core.ApplicationId; |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 28 | import org.onosproject.core.DefaultGroupId; |
| 29 | import org.onosproject.core.GroupId; |
| 30 | import org.onosproject.mastership.MastershipService; |
| 31 | import org.onosproject.net.Device; |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 32 | import org.onosproject.net.DeviceId; |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 33 | import org.onosproject.net.Host; |
| 34 | import org.onosproject.net.PortNumber; |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 35 | import org.onosproject.net.behaviour.ExtensionTreatmentResolver; |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 36 | import org.onosproject.net.device.DeviceService; |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 37 | import org.onosproject.net.driver.DefaultDriverData; |
| 38 | import org.onosproject.net.driver.DefaultDriverHandler; |
| 39 | import org.onosproject.net.driver.Driver; |
| 40 | import org.onosproject.net.driver.DriverHandler; |
| 41 | import org.onosproject.net.driver.DriverService; |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 42 | import org.onosproject.net.flow.DefaultFlowRule; |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 43 | import org.onosproject.net.flow.DefaultTrafficSelector; |
| 44 | import org.onosproject.net.flow.DefaultTrafficTreatment; |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 45 | import org.onosproject.net.flow.FlowRule; |
| 46 | import org.onosproject.net.flow.FlowRuleOperations; |
| 47 | import org.onosproject.net.flow.FlowRuleOperationsContext; |
| 48 | import org.onosproject.net.flow.FlowRuleService; |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 49 | import org.onosproject.net.flow.TrafficSelector; |
| 50 | import org.onosproject.net.flow.TrafficTreatment; |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 51 | import org.onosproject.net.flow.criteria.Criterion; |
| 52 | import org.onosproject.net.flow.criteria.EthCriterion; |
| 53 | import org.onosproject.net.flow.criteria.IPCriterion; |
| 54 | import org.onosproject.net.flow.criteria.PortCriterion; |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 55 | import org.onosproject.net.flow.instructions.ExtensionPropertyException; |
| 56 | import org.onosproject.net.flow.instructions.ExtensionTreatment; |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 57 | import org.onosproject.net.flow.instructions.Instruction; |
| 58 | import org.onosproject.net.flow.instructions.Instructions; |
| 59 | import org.onosproject.net.flow.instructions.L2ModificationInstruction.ModEtherInstruction; |
| 60 | import org.onosproject.net.group.DefaultGroupBucket; |
| 61 | import org.onosproject.net.group.DefaultGroupDescription; |
| 62 | import org.onosproject.net.group.DefaultGroupKey; |
| 63 | import org.onosproject.net.group.Group; |
| 64 | import org.onosproject.net.group.GroupBucket; |
| 65 | import org.onosproject.net.group.GroupBuckets; |
| 66 | import org.onosproject.net.group.GroupDescription; |
| 67 | import org.onosproject.net.group.GroupKey; |
| 68 | import org.onosproject.net.group.GroupService; |
| 69 | import org.onosproject.openstackswitching.OpenstackNetwork; |
| 70 | import org.onosproject.openstackswitching.OpenstackSubnet; |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 71 | import org.slf4j.Logger; |
| 72 | |
Hyunsun Moon | ee37c44 | 2016-01-07 01:32:31 -0800 | [diff] [blame] | 73 | import java.util.ArrayList; |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 74 | import java.util.List; |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 75 | import java.util.Map; |
| 76 | import java.util.NoSuchElementException; |
| 77 | import java.util.Objects; |
| 78 | import java.util.Set; |
| 79 | import java.util.stream.Collectors; |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 80 | |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 81 | import static com.google.common.base.Preconditions.checkNotNull; |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 82 | import static org.onosproject.net.Device.Type.SWITCH; |
| 83 | import static org.onosproject.net.flow.criteria.Criterion.Type.IN_PORT; |
| 84 | import static org.onosproject.net.flow.criteria.Criterion.Type.IPV4_DST; |
| 85 | import static org.onosproject.net.flow.criteria.Criterion.Type.IPV4_SRC; |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 86 | import static org.onosproject.net.flow.instructions.ExtensionTreatmentType.ExtensionTreatmentTypes.NICIRA_SET_TUNNEL_DST; |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 87 | import static org.onosproject.net.flow.instructions.L2ModificationInstruction.L2SubType.ETH_DST; |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 88 | import static org.slf4j.LoggerFactory.getLogger; |
| 89 | |
| 90 | /** |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 91 | * Populates rules for CORD VTN service. |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 92 | */ |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 93 | public class CordVtnRuleInstaller { |
| 94 | |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 95 | protected final Logger log = getLogger(getClass()); |
| 96 | |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 97 | private static final int TABLE_IN_PORT = 0; |
| 98 | private static final int TABLE_ACCESS_TYPE = 1; |
| 99 | private static final int TABLE_IN_SERVICE = 2; |
| 100 | private static final int TABLE_DST_IP = 3; |
| 101 | private static final int TABLE_TUNNEL_IN = 4; |
| 102 | |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 103 | private static final int DEFAULT_PRIORITY = 5000; |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 104 | private static final int LOWER_PRIORITY = 4000; |
| 105 | private static final int LOWEST_PRIORITY = 0; |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 106 | |
| 107 | private final ApplicationId appId; |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 108 | private final FlowRuleService flowRuleService; |
| 109 | private final DeviceService deviceService; |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 110 | private final DriverService driverService; |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 111 | private final GroupService groupService; |
| 112 | private final MastershipService mastershipService; |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 113 | private final String tunnelType; |
| 114 | |
| 115 | /** |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 116 | * Creates a new rule populator. |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 117 | * |
| 118 | * @param appId application id |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 119 | * @param flowRuleService flow rule service |
| 120 | * @param deviceService device service |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 121 | * @param driverService driver service |
| 122 | * @param tunnelType tunnel type |
| 123 | */ |
| 124 | public CordVtnRuleInstaller(ApplicationId appId, |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 125 | FlowRuleService flowRuleService, |
| 126 | DeviceService deviceService, |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 127 | DriverService driverService, |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 128 | GroupService groupService, |
| 129 | MastershipService mastershipService, |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 130 | String tunnelType) { |
| 131 | this.appId = appId; |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 132 | this.flowRuleService = flowRuleService; |
| 133 | this.deviceService = deviceService; |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 134 | this.driverService = driverService; |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 135 | this.groupService = groupService; |
| 136 | this.mastershipService = mastershipService; |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 137 | this.tunnelType = checkNotNull(tunnelType); |
| 138 | } |
| 139 | |
| 140 | /** |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 141 | * Installs table miss rule to a give device. |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 142 | * |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 143 | * @param deviceId device id to install the rules |
| 144 | * @param tunnelPort tunnel port number of the device |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 145 | */ |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 146 | public void init(DeviceId deviceId, PortNumber tunnelPort) { |
| 147 | // default is drop packets which can be accomplished without |
| 148 | // a table miss entry for all table. |
| 149 | populateTunnelInPortRule(deviceId, tunnelPort); |
| 150 | processAccessTypeTable(deviceId); |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 151 | } |
| 152 | |
| 153 | /** |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 154 | * Populates basic rules that connect a VM to the other VMs in the system. |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 155 | * |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 156 | * @param host host |
| 157 | * @param hostIp host ip |
| 158 | * @param tunnelIp tunnel ip |
| 159 | * @param vNet openstack network |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 160 | */ |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 161 | public void populateBasicConnectionRules(Host host, IpAddress hostIp, IpAddress tunnelIp, |
| 162 | OpenstackNetwork vNet) { |
| 163 | // TODO we can get host ip from host.ip() after applying NetworkConfig host provider |
| 164 | checkNotNull(host); |
| 165 | checkNotNull(vNet); |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 166 | |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 167 | DeviceId deviceId = host.location().deviceId(); |
| 168 | if (!mastershipService.isLocalMaster(deviceId)) { |
| 169 | return; |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 170 | } |
| 171 | |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 172 | PortNumber inPort = host.location().port(); |
| 173 | MacAddress dstMac = host.mac(); |
| 174 | long tunnelId = Long.parseLong(vNet.segmentId()); |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 175 | |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 176 | OpenstackSubnet subnet = vNet.subnets().stream() |
| 177 | .findFirst() |
| 178 | .orElse(null); |
| 179 | |
| 180 | if (subnet == null) { |
| 181 | log.error("Failed to get subnet for {}", host.id()); |
| 182 | return; |
| 183 | } |
| 184 | |
| 185 | populateLocalInPortRule(deviceId, inPort, hostIp); |
| 186 | populateDirectAccessRule(Ip4Prefix.valueOf(subnet.cidr()), Ip4Prefix.valueOf(subnet.cidr())); |
| 187 | populateDstIpRule(deviceId, inPort, dstMac, hostIp, tunnelId, tunnelIp); |
| 188 | populateTunnelInRule(deviceId, inPort, dstMac, tunnelId); |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 189 | } |
| 190 | |
| 191 | /** |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 192 | * Removes basic rules related to a given flow information. |
| 193 | * |
| 194 | * @param host host to be removed |
| 195 | */ |
| 196 | public void removeBasicConnectionRules(Host host) { |
| 197 | checkNotNull(host); |
| 198 | |
| 199 | DeviceId deviceId = host.location().deviceId(); |
| 200 | MacAddress mac = host.mac(); |
| 201 | PortNumber port = host.location().port(); |
| 202 | IpAddress ip = host.ipAddresses().stream().findFirst().orElse(null); |
| 203 | |
| 204 | if (!mastershipService.isLocalMaster(deviceId)) { |
| 205 | return; |
| 206 | } |
| 207 | |
| 208 | for (FlowRule flowRule : flowRuleService.getFlowRulesById(appId)) { |
| 209 | if (flowRule.deviceId().equals(deviceId)) { |
| 210 | PortNumber inPort = getInPort(flowRule); |
| 211 | if (inPort != null && inPort.equals(port)) { |
| 212 | processFlowRule(false, flowRule); |
| 213 | continue; |
| 214 | } |
| 215 | } |
| 216 | |
| 217 | MacAddress dstMac = getDstMacFromTreatment(flowRule); |
| 218 | if (dstMac != null && dstMac.equals(mac)) { |
| 219 | processFlowRule(false, flowRule); |
| 220 | continue; |
| 221 | } |
| 222 | |
| 223 | dstMac = getDstMacFromSelector(flowRule); |
| 224 | if (dstMac != null && dstMac.equals(mac)) { |
| 225 | processFlowRule(false, flowRule); |
| 226 | continue; |
| 227 | } |
| 228 | |
| 229 | IpPrefix dstIp = getDstIpFromSelector(flowRule); |
| 230 | if (dstIp != null && dstIp.equals(ip.toIpPrefix())) { |
| 231 | processFlowRule(false, flowRule); |
| 232 | } |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 233 | } |
| 234 | |
| 235 | // TODO uninstall same network access rule in access table if no vm exists in the network |
| 236 | } |
| 237 | |
| 238 | /** |
Hyunsun Moon | ee37c44 | 2016-01-07 01:32:31 -0800 | [diff] [blame] | 239 | * Populates service dependency rules. |
| 240 | * |
| 241 | * @param tService tenant cord service |
| 242 | * @param pService provider cord service |
| 243 | */ |
| 244 | public void populateServiceDependencyRules(CordService tService, CordService pService) { |
| 245 | checkNotNull(tService); |
| 246 | checkNotNull(pService); |
| 247 | |
| 248 | Ip4Prefix srcRange = tService.serviceIpRange().getIp4Prefix(); |
| 249 | Ip4Prefix dstRange = pService.serviceIpRange().getIp4Prefix(); |
| 250 | Ip4Address serviceIp = pService.serviceIp().getIp4Address(); |
| 251 | |
| 252 | Map<DeviceId, GroupId> outGroups = Maps.newHashMap(); |
| 253 | Map<DeviceId, Set<PortNumber>> inPorts = Maps.newHashMap(); |
| 254 | |
| 255 | for (Device device : deviceService.getAvailableDevices(SWITCH)) { |
| 256 | GroupId groupId = createServiceGroup(device.id(), pService); |
| 257 | outGroups.put(device.id(), groupId); |
| 258 | |
| 259 | Set<PortNumber> vms = tService.hosts().keySet() |
| 260 | .stream() |
| 261 | .filter(host -> host.location().deviceId().equals(device.id())) |
| 262 | .map(host -> host.location().port()) |
| 263 | .collect(Collectors.toSet()); |
| 264 | inPorts.put(device.id(), vms); |
| 265 | } |
| 266 | |
| 267 | populateIndirectAccessRule(srcRange, serviceIp, outGroups); |
| 268 | populateDirectAccessRule(srcRange, dstRange); |
| 269 | populateInServiceRule(inPorts, outGroups); |
| 270 | } |
| 271 | |
| 272 | /** |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 273 | * Removes service dependency rules. |
| 274 | * |
| 275 | * @param tService tenant cord service |
| 276 | * @param pService provider cord service |
| 277 | */ |
| 278 | public void removeServiceDependencyRules(CordService tService, CordService pService) { |
| 279 | checkNotNull(tService); |
| 280 | checkNotNull(pService); |
| 281 | |
| 282 | Ip4Prefix srcRange = tService.serviceIpRange().getIp4Prefix(); |
| 283 | Ip4Prefix dstRange = pService.serviceIpRange().getIp4Prefix(); |
| 284 | IpPrefix serviceIp = pService.serviceIp().toIpPrefix(); |
| 285 | |
| 286 | Map<DeviceId, GroupId> outGroups = Maps.newHashMap(); |
| 287 | GroupKey groupKey = new DefaultGroupKey(pService.id().id().getBytes()); |
| 288 | |
| 289 | deviceService.getAvailableDevices(SWITCH).forEach(device -> { |
| 290 | Group group = groupService.getGroup(device.id(), groupKey); |
| 291 | if (group != null) { |
| 292 | outGroups.put(device.id(), group.id()); |
| 293 | } |
| 294 | }); |
| 295 | |
| 296 | for (FlowRule flowRule : flowRuleService.getFlowRulesById(appId)) { |
| 297 | IpPrefix dstIp = getDstIpFromSelector(flowRule); |
| 298 | IpPrefix srcIp = getSrcIpFromSelector(flowRule); |
| 299 | |
| 300 | if (dstIp != null && dstIp.equals(serviceIp)) { |
| 301 | processFlowRule(false, flowRule); |
| 302 | continue; |
| 303 | } |
| 304 | |
| 305 | if (dstIp != null && srcIp != null) { |
| 306 | if (dstIp.equals(dstRange) && srcIp.equals(srcRange)) { |
| 307 | processFlowRule(false, flowRule); |
| 308 | continue; |
| 309 | } |
| 310 | |
| 311 | if (dstIp.equals(srcRange) && srcIp.equals(dstRange)) { |
| 312 | processFlowRule(false, flowRule); |
| 313 | continue; |
| 314 | } |
| 315 | } |
| 316 | |
| 317 | GroupId groupId = getGroupIdFromTreatment(flowRule); |
| 318 | if (groupId != null && groupId.equals(outGroups.get(flowRule.deviceId()))) { |
| 319 | processFlowRule(false, flowRule); |
| 320 | } |
| 321 | } |
| 322 | |
| 323 | // TODO remove the group if it is not in use |
| 324 | } |
| 325 | |
| 326 | /** |
Hyunsun Moon | ee37c44 | 2016-01-07 01:32:31 -0800 | [diff] [blame] | 327 | * Updates group buckets for a given service to all devices. |
| 328 | * |
| 329 | * @param service cord service |
| 330 | */ |
| 331 | public void updateServiceGroup(CordService service) { |
| 332 | checkNotNull(service); |
| 333 | |
| 334 | GroupKey groupKey = getGroupKey(service.id()); |
| 335 | |
| 336 | for (Device device : deviceService.getAvailableDevices(SWITCH)) { |
| 337 | DeviceId deviceId = device.id(); |
| 338 | if (!mastershipService.isLocalMaster(deviceId)) { |
| 339 | continue; |
| 340 | } |
| 341 | |
| 342 | Group group = groupService.getGroup(deviceId, groupKey); |
| 343 | if (group == null) { |
| 344 | log.debug("No group exists for service {} in {}", service.id(), deviceId); |
| 345 | continue; |
| 346 | } |
| 347 | |
| 348 | List<GroupBucket> oldBuckets = group.buckets().buckets(); |
| 349 | List<GroupBucket> newBuckets = getServiceGroupBuckets( |
| 350 | deviceId, service.segmentationId(), service.hosts()).buckets(); |
| 351 | |
| 352 | if (oldBuckets.equals(newBuckets)) { |
| 353 | continue; |
| 354 | } |
| 355 | |
| 356 | List<GroupBucket> bucketsToRemove = new ArrayList<>(oldBuckets); |
| 357 | bucketsToRemove.removeAll(newBuckets); |
| 358 | if (!bucketsToRemove.isEmpty()) { |
| 359 | groupService.removeBucketsFromGroup( |
| 360 | deviceId, |
| 361 | groupKey, |
| 362 | new GroupBuckets(bucketsToRemove), |
| 363 | groupKey, appId); |
| 364 | } |
| 365 | |
| 366 | List<GroupBucket> bucketsToAdd = new ArrayList<>(newBuckets); |
| 367 | bucketsToAdd.removeAll(oldBuckets); |
| 368 | if (!bucketsToAdd.isEmpty()) { |
| 369 | groupService.addBucketsToGroup( |
| 370 | deviceId, |
| 371 | groupKey, |
| 372 | new GroupBuckets(bucketsToAdd), |
| 373 | groupKey, appId); |
| 374 | } |
| 375 | } |
| 376 | } |
| 377 | |
| 378 | /** |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 379 | * Creates a new group for a given service. |
| 380 | * |
| 381 | * @param deviceId device id to create a group |
| 382 | * @param service cord service |
| 383 | * @return group id, or null if it fails to create |
| 384 | */ |
| 385 | private GroupId createServiceGroup(DeviceId deviceId, CordService service) { |
| 386 | checkNotNull(service); |
| 387 | |
| 388 | GroupKey groupKey = getGroupKey(service.id()); |
| 389 | Group group = groupService.getGroup(deviceId, groupKey); |
| 390 | GroupId groupId = getGroupId(service.id(), deviceId); |
| 391 | |
| 392 | if (group != null) { |
| 393 | log.debug("Group {} is already exist in {}", service.id(), deviceId); |
| 394 | return groupId; |
| 395 | } |
| 396 | |
| 397 | GroupBuckets buckets = getServiceGroupBuckets(deviceId, service.segmentationId(), service.hosts()); |
| 398 | GroupDescription groupDescription = new DefaultGroupDescription( |
| 399 | deviceId, |
| 400 | GroupDescription.Type.SELECT, |
| 401 | buckets, |
| 402 | groupKey, |
| 403 | groupId.id(), |
| 404 | appId); |
| 405 | |
| 406 | groupService.addGroup(groupDescription); |
| 407 | |
| 408 | return groupId; |
| 409 | } |
| 410 | |
| 411 | /** |
| 412 | * Returns group buckets for a given device. |
| 413 | * |
| 414 | * @param deviceId device id |
| 415 | * @param tunnelId tunnel id |
| 416 | * @param hosts list of host |
| 417 | * @return group buckets |
| 418 | */ |
| 419 | private GroupBuckets getServiceGroupBuckets(DeviceId deviceId, long tunnelId, Map<Host, IpAddress> hosts) { |
| 420 | List<GroupBucket> buckets = Lists.newArrayList(); |
| 421 | |
| 422 | for (Map.Entry<Host, IpAddress> entry : hosts.entrySet()) { |
| 423 | Host host = entry.getKey(); |
| 424 | Ip4Address remoteIp = entry.getValue().getIp4Address(); |
| 425 | DeviceId hostDevice = host.location().deviceId(); |
| 426 | |
| 427 | TrafficTreatment.Builder tBuilder = DefaultTrafficTreatment |
| 428 | .builder() |
| 429 | .setEthDst(host.mac()); |
| 430 | |
| 431 | if (deviceId.equals(hostDevice)) { |
| 432 | tBuilder.setOutput(host.location().port()); |
| 433 | } else { |
| 434 | ExtensionTreatment tunnelDst = getTunnelDst(deviceId, remoteIp); |
| 435 | if (tunnelDst == null) { |
| 436 | continue; |
| 437 | } |
| 438 | |
| 439 | tBuilder.extension(tunnelDst, deviceId) |
| 440 | .setTunnelId(tunnelId) |
| 441 | .setOutput(getTunnelPort(hostDevice)); |
| 442 | } |
| 443 | |
| 444 | buckets.add(DefaultGroupBucket.createSelectGroupBucket(tBuilder.build())); |
| 445 | } |
| 446 | |
| 447 | return new GroupBuckets(buckets); |
| 448 | } |
| 449 | |
| 450 | /** |
| 451 | * Returns globally unique group ID. |
| 452 | * |
| 453 | * @param serviceId service id |
| 454 | * @param deviceId device id |
| 455 | * @return group id |
| 456 | */ |
| 457 | private GroupId getGroupId(CordServiceId serviceId, DeviceId deviceId) { |
| 458 | return new DefaultGroupId(Objects.hash(serviceId, deviceId)); |
| 459 | } |
| 460 | |
| 461 | /** |
| 462 | * Returns group key of a service. |
| 463 | * |
| 464 | * @param serviceId service id |
| 465 | * @return group key |
| 466 | */ |
| 467 | private GroupKey getGroupKey(CordServiceId serviceId) { |
| 468 | return new DefaultGroupKey(serviceId.id().getBytes()); |
| 469 | } |
| 470 | |
| 471 | /** |
| 472 | * Forward table miss rules in ACCESS_TYPE table to IN_SERVICE table. |
| 473 | * |
| 474 | * @param deviceId device id |
| 475 | */ |
| 476 | private void processAccessTypeTable(DeviceId deviceId) { |
| 477 | TrafficSelector selector = DefaultTrafficSelector.builder() |
| 478 | .build(); |
| 479 | |
| 480 | TrafficTreatment treatment = DefaultTrafficTreatment.builder() |
| 481 | .transition(TABLE_IN_SERVICE) |
| 482 | .build(); |
| 483 | |
| 484 | FlowRule flowRule = DefaultFlowRule.builder() |
| 485 | .fromApp(appId) |
| 486 | .withSelector(selector) |
| 487 | .withTreatment(treatment) |
| 488 | .withPriority(LOWEST_PRIORITY) |
| 489 | .forDevice(deviceId) |
| 490 | .forTable(TABLE_ACCESS_TYPE) |
| 491 | .makePermanent() |
| 492 | .build(); |
| 493 | |
| 494 | processFlowRule(true, flowRule); |
| 495 | } |
| 496 | |
| 497 | /** |
| 498 | * Populates rules for tunnel flows in port in IN_PORT table. |
| 499 | * All flows from tunnel port are forwarded to TUNNEL_ID table. |
| 500 | * |
| 501 | * @param deviceId device id to install the rules |
| 502 | * @param tunnelPort tunnel port |
| 503 | */ |
| 504 | private void populateTunnelInPortRule(DeviceId deviceId, PortNumber tunnelPort) { |
| 505 | checkNotNull(tunnelPort); |
| 506 | |
| 507 | TrafficSelector selector = DefaultTrafficSelector.builder() |
| 508 | .matchInPort(tunnelPort) |
| 509 | .build(); |
| 510 | TrafficTreatment treatment = DefaultTrafficTreatment.builder() |
| 511 | .transition(TABLE_TUNNEL_IN) |
| 512 | .build(); |
| 513 | |
| 514 | FlowRule flowRule = DefaultFlowRule.builder() |
| 515 | .fromApp(appId) |
| 516 | .withSelector(selector) |
| 517 | .withTreatment(treatment) |
| 518 | .withPriority(DEFAULT_PRIORITY) |
| 519 | .forDevice(deviceId) |
| 520 | .forTable(TABLE_IN_PORT) |
| 521 | .makePermanent() |
| 522 | .build(); |
| 523 | |
| 524 | processFlowRule(true, flowRule); |
| 525 | } |
| 526 | |
| 527 | /** |
| 528 | * Populates rules for local in port in IN_PORT table. |
| 529 | * Flows from a given in port, whose source IP is service IP transition |
| 530 | * to DST_TYPE table. Other flows transition to IN_SERVICE table. |
| 531 | * |
| 532 | * @param deviceId device id to install the rules |
| 533 | * @param inPort in port |
| 534 | * @param srcIp source ip |
| 535 | */ |
| 536 | private void populateLocalInPortRule(DeviceId deviceId, PortNumber inPort, IpAddress srcIp) { |
| 537 | TrafficSelector selector = DefaultTrafficSelector.builder() |
| 538 | .matchInPort(inPort) |
| 539 | .matchEthType(Ethernet.TYPE_IPV4) |
| 540 | .matchIPSrc(srcIp.toIpPrefix()) |
| 541 | .build(); |
| 542 | TrafficTreatment treatment = DefaultTrafficTreatment.builder() |
| 543 | .transition(TABLE_ACCESS_TYPE) |
| 544 | .build(); |
| 545 | |
| 546 | |
| 547 | FlowRule flowRule = DefaultFlowRule.builder() |
| 548 | .fromApp(appId) |
| 549 | .withSelector(selector) |
| 550 | .withTreatment(treatment) |
| 551 | .withPriority(DEFAULT_PRIORITY) |
| 552 | .forDevice(deviceId) |
| 553 | .forTable(TABLE_IN_PORT) |
| 554 | .makePermanent() |
| 555 | .build(); |
| 556 | |
| 557 | processFlowRule(true, flowRule); |
| 558 | |
| 559 | selector = DefaultTrafficSelector.builder() |
| 560 | .matchInPort(inPort) |
| 561 | .build(); |
| 562 | treatment = DefaultTrafficTreatment.builder() |
| 563 | .transition(TABLE_IN_SERVICE) |
| 564 | .build(); |
| 565 | |
| 566 | flowRule = DefaultFlowRule.builder() |
| 567 | .fromApp(appId) |
| 568 | .withSelector(selector) |
| 569 | .withTreatment(treatment) |
| 570 | .withPriority(LOWER_PRIORITY) |
| 571 | .forDevice(deviceId) |
| 572 | .forTable(TABLE_IN_PORT) |
| 573 | .makePermanent() |
| 574 | .build(); |
| 575 | |
| 576 | processFlowRule(true, flowRule); |
| 577 | } |
| 578 | |
| 579 | /** |
| 580 | * Populates direct VM access rules for ACCESS_TYPE table. |
| 581 | * These rules are installed to all devices. |
| 582 | * |
| 583 | * @param srcRange source ip range |
| 584 | * @param dstRange destination ip range |
| 585 | */ |
| 586 | private void populateDirectAccessRule(Ip4Prefix srcRange, Ip4Prefix dstRange) { |
| 587 | TrafficSelector selector = DefaultTrafficSelector.builder() |
| 588 | .matchEthType(Ethernet.TYPE_IPV4) |
| 589 | .matchIPSrc(srcRange) |
| 590 | .matchIPDst(dstRange) |
| 591 | .build(); |
| 592 | TrafficTreatment treatment = DefaultTrafficTreatment.builder() |
| 593 | .transition(TABLE_DST_IP) |
| 594 | .build(); |
| 595 | |
| 596 | for (Device device : deviceService.getAvailableDevices(SWITCH)) { |
| 597 | FlowRule flowRuleDirect = DefaultFlowRule.builder() |
| 598 | .fromApp(appId) |
| 599 | .withSelector(selector) |
| 600 | .withTreatment(treatment) |
| 601 | .withPriority(LOWER_PRIORITY) |
| 602 | .forDevice(device.id()) |
| 603 | .forTable(TABLE_ACCESS_TYPE) |
| 604 | .makePermanent() |
| 605 | .build(); |
| 606 | |
| 607 | processFlowRule(true, flowRuleDirect); |
| 608 | } |
| 609 | } |
| 610 | |
| 611 | /** |
| 612 | * Populates indirect service access rules for ACCESS_TYPE table. |
| 613 | * These rules are installed to all devices. |
| 614 | * |
| 615 | * @param srcRange source range |
| 616 | * @param serviceIp service ip |
| 617 | * @param outGroups list of output group |
| 618 | */ |
| 619 | private void populateIndirectAccessRule(Ip4Prefix srcRange, Ip4Address serviceIp, |
| 620 | Map<DeviceId, GroupId> outGroups) { |
| 621 | TrafficSelector selector = DefaultTrafficSelector.builder() |
| 622 | .matchEthType(Ethernet.TYPE_IPV4) |
| 623 | .matchIPSrc(srcRange) |
| 624 | .matchIPDst(serviceIp.toIpPrefix()) |
| 625 | .build(); |
| 626 | |
| 627 | for (Map.Entry<DeviceId, GroupId> outGroup : outGroups.entrySet()) { |
| 628 | TrafficTreatment treatment = DefaultTrafficTreatment.builder() |
| 629 | .group(outGroup.getValue()) |
| 630 | .build(); |
| 631 | |
| 632 | FlowRule flowRule = DefaultFlowRule.builder() |
| 633 | .fromApp(appId) |
| 634 | .withSelector(selector) |
| 635 | .withTreatment(treatment) |
| 636 | .withPriority(DEFAULT_PRIORITY) |
| 637 | .forDevice(outGroup.getKey()) |
| 638 | .forTable(TABLE_ACCESS_TYPE) |
| 639 | .makePermanent() |
| 640 | .build(); |
| 641 | |
| 642 | processFlowRule(true, flowRule); |
| 643 | } |
| 644 | } |
| 645 | |
| 646 | /** |
| 647 | * Populates flow rules for IN_SERVICE table. |
| 648 | * |
| 649 | * @param inPorts list of inports related to the service for each device |
| 650 | * @param outGroups set of output groups |
| 651 | */ |
| 652 | private void populateInServiceRule(Map<DeviceId, Set<PortNumber>> inPorts, Map<DeviceId, GroupId> outGroups) { |
| 653 | checkNotNull(inPorts); |
| 654 | checkNotNull(outGroups); |
| 655 | |
| 656 | for (Map.Entry<DeviceId, Set<PortNumber>> entry : inPorts.entrySet()) { |
| 657 | Set<PortNumber> ports = entry.getValue(); |
| 658 | DeviceId deviceId = entry.getKey(); |
| 659 | |
| 660 | GroupId groupId = outGroups.get(deviceId); |
| 661 | if (groupId == null) { |
| 662 | continue; |
| 663 | } |
| 664 | |
| 665 | ports.stream().forEach(port -> { |
| 666 | TrafficSelector selector = DefaultTrafficSelector.builder() |
| 667 | .matchInPort(port) |
| 668 | .build(); |
| 669 | TrafficTreatment treatment = DefaultTrafficTreatment.builder() |
| 670 | .group(groupId) |
| 671 | .build(); |
| 672 | |
| 673 | FlowRule flowRule = DefaultFlowRule.builder() |
| 674 | .fromApp(appId) |
| 675 | .withSelector(selector) |
| 676 | .withTreatment(treatment) |
| 677 | .withPriority(DEFAULT_PRIORITY) |
| 678 | .forDevice(deviceId) |
| 679 | .forTable(TABLE_IN_SERVICE) |
| 680 | .makePermanent() |
| 681 | .build(); |
| 682 | |
| 683 | processFlowRule(true, flowRule); |
| 684 | }); |
| 685 | } |
| 686 | } |
| 687 | |
| 688 | /** |
| 689 | * Populates flow rules for DST_IP table. |
| 690 | * |
| 691 | * @param deviceId device id |
| 692 | * @param inPort in port |
| 693 | * @param dstMac mac address |
| 694 | * @param dstIp destination ip |
| 695 | * @param tunnelId tunnel id |
| 696 | * @param tunnelIp tunnel remote ip |
| 697 | */ |
| 698 | private void populateDstIpRule(DeviceId deviceId, PortNumber inPort, MacAddress dstMac, |
| 699 | IpAddress dstIp, long tunnelId, IpAddress tunnelIp) { |
| 700 | TrafficSelector selector = DefaultTrafficSelector.builder() |
| 701 | .matchEthType(Ethernet.TYPE_IPV4) |
| 702 | .matchIPDst(dstIp.toIpPrefix()) |
| 703 | .build(); |
| 704 | TrafficTreatment treatment = DefaultTrafficTreatment.builder() |
| 705 | .setEthDst(dstMac) |
| 706 | .setOutput(inPort) |
| 707 | .build(); |
| 708 | |
| 709 | FlowRule flowRule = DefaultFlowRule.builder() |
| 710 | .fromApp(appId) |
| 711 | .withSelector(selector) |
| 712 | .withTreatment(treatment) |
| 713 | .withPriority(DEFAULT_PRIORITY) |
| 714 | .forDevice(deviceId) |
| 715 | .forTable(TABLE_DST_IP) |
| 716 | .makePermanent() |
| 717 | .build(); |
| 718 | |
| 719 | processFlowRule(true, flowRule); |
| 720 | |
| 721 | for (Device device : deviceService.getAvailableDevices(SWITCH)) { |
| 722 | if (device.id().equals(deviceId)) { |
| 723 | continue; |
| 724 | } |
| 725 | |
| 726 | ExtensionTreatment tunnelDst = getTunnelDst(device.id(), tunnelIp.getIp4Address()); |
| 727 | if (tunnelDst == null) { |
| 728 | continue; |
| 729 | } |
| 730 | |
| 731 | treatment = DefaultTrafficTreatment.builder() |
| 732 | .setEthDst(dstMac) |
| 733 | .setTunnelId(tunnelId) |
| 734 | .extension(tunnelDst, device.id()) |
| 735 | .setOutput(getTunnelPort(device.id())) |
| 736 | .build(); |
| 737 | |
| 738 | flowRule = DefaultFlowRule.builder() |
| 739 | .fromApp(appId) |
| 740 | .withSelector(selector) |
| 741 | .withTreatment(treatment) |
| 742 | .withPriority(DEFAULT_PRIORITY) |
| 743 | .forDevice(device.id()) |
| 744 | .forTable(TABLE_DST_IP) |
| 745 | .makePermanent() |
| 746 | .build(); |
| 747 | |
| 748 | processFlowRule(true, flowRule); |
| 749 | } |
| 750 | } |
| 751 | |
| 752 | /** |
| 753 | * Populates flow rules for TUNNEL_ID table. |
| 754 | * |
| 755 | * @param deviceId device id |
| 756 | * @param inPort in port |
| 757 | * @param mac mac address |
| 758 | * @param tunnelId tunnel id |
| 759 | */ |
| 760 | private void populateTunnelInRule(DeviceId deviceId, PortNumber inPort, MacAddress mac, long tunnelId) { |
| 761 | TrafficSelector selector = DefaultTrafficSelector.builder() |
| 762 | .matchTunnelId(tunnelId) |
| 763 | .matchEthDst(mac) |
| 764 | .build(); |
| 765 | |
| 766 | TrafficTreatment treatment = DefaultTrafficTreatment.builder() |
| 767 | .setOutput(inPort) |
| 768 | .build(); |
| 769 | |
| 770 | FlowRule flowRule = DefaultFlowRule.builder() |
| 771 | .fromApp(appId) |
| 772 | .withSelector(selector) |
| 773 | .withTreatment(treatment) |
| 774 | .withPriority(DEFAULT_PRIORITY) |
| 775 | .forDevice(deviceId) |
| 776 | .forTable(TABLE_TUNNEL_IN) |
| 777 | .makePermanent() |
| 778 | .build(); |
| 779 | |
| 780 | processFlowRule(true, flowRule); |
| 781 | } |
| 782 | |
| 783 | /** |
| 784 | * Installs or uninstall a given rule. |
| 785 | * |
| 786 | * @param install true to install, false to uninstall |
| 787 | * @param rule rule |
| 788 | */ |
| 789 | private void processFlowRule(boolean install, FlowRule rule) { |
| 790 | FlowRuleOperations.Builder oBuilder = FlowRuleOperations.builder(); |
| 791 | oBuilder = install ? oBuilder.add(rule) : oBuilder.remove(rule); |
| 792 | |
| 793 | flowRuleService.apply(oBuilder.build(new FlowRuleOperationsContext() { |
| 794 | @Override |
| 795 | public void onError(FlowRuleOperations ops) { |
| 796 | log.error(String.format("Failed %s, %s", ops.toString(), rule.toString())); |
| 797 | } |
| 798 | })); |
| 799 | } |
| 800 | |
| 801 | /** |
| 802 | * Returns tunnel port of the device. |
| 803 | * |
| 804 | * @param deviceId device id |
| 805 | * @return tunnel port number, or null if no tunnel port exists on a given device |
| 806 | */ |
| 807 | private PortNumber getTunnelPort(DeviceId deviceId) { |
| 808 | try { |
| 809 | return deviceService.getPorts(deviceId).stream() |
| 810 | .filter(p -> p.annotations().value("portName").contains(tunnelType)) |
| 811 | .findFirst().get().number(); |
| 812 | } catch (NoSuchElementException e) { |
| 813 | return null; |
| 814 | } |
| 815 | } |
| 816 | |
| 817 | /** |
| 818 | * Returns the inport from a given flow rule if the rule contains the match of it. |
| 819 | * |
| 820 | * @param flowRule flow rule |
| 821 | * @return port number, or null if the rule doesn't have inport match |
| 822 | */ |
| 823 | private PortNumber getInPort(FlowRule flowRule) { |
| 824 | Criterion criterion = flowRule.selector().getCriterion(IN_PORT); |
| 825 | if (criterion != null && criterion instanceof PortCriterion) { |
| 826 | PortCriterion port = (PortCriterion) criterion; |
| 827 | return port.port(); |
| 828 | } else { |
| 829 | return null; |
| 830 | } |
| 831 | } |
| 832 | |
| 833 | /** |
| 834 | * Returns the destination mac address from a given flow rule if the rule |
| 835 | * contains the instruction of it. |
| 836 | * |
| 837 | * @param flowRule flow rule |
| 838 | * @return mac address, or null if the rule doesn't have destination mac instruction |
| 839 | */ |
| 840 | private MacAddress getDstMacFromTreatment(FlowRule flowRule) { |
| 841 | Instruction instruction = flowRule.treatment().allInstructions().stream() |
| 842 | .filter(inst -> inst instanceof ModEtherInstruction && |
| 843 | ((ModEtherInstruction) inst).subtype().equals(ETH_DST)) |
| 844 | .findFirst() |
| 845 | .orElse(null); |
| 846 | |
| 847 | if (instruction == null) { |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 848 | return null; |
| 849 | } |
| 850 | |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 851 | return ((ModEtherInstruction) instruction).mac(); |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 852 | } |
| 853 | |
| 854 | /** |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 855 | * Returns the destination mac address from a given flow rule if the rule |
| 856 | * contains the match of it. |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 857 | * |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 858 | * @param flowRule flow rule |
| 859 | * @return mac address, or null if the rule doesn't have destination mac match |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 860 | */ |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 861 | private MacAddress getDstMacFromSelector(FlowRule flowRule) { |
| 862 | Criterion criterion = flowRule.selector().getCriterion(Criterion.Type.ETH_DST); |
| 863 | if (criterion != null && criterion instanceof EthCriterion) { |
| 864 | EthCriterion eth = (EthCriterion) criterion; |
| 865 | return eth.mac(); |
| 866 | } else { |
| 867 | return null; |
| 868 | } |
| 869 | } |
| 870 | |
| 871 | /** |
| 872 | * Returns the destination IP from a given flow rule if the rule contains |
| 873 | * the match of it. |
| 874 | * |
| 875 | * @param flowRule flow rule |
| 876 | * @return ip prefix, or null if the rule doesn't have ip match |
| 877 | */ |
| 878 | private IpPrefix getDstIpFromSelector(FlowRule flowRule) { |
| 879 | Criterion criterion = flowRule.selector().getCriterion(IPV4_DST); |
| 880 | if (criterion != null && criterion instanceof IPCriterion) { |
| 881 | IPCriterion ip = (IPCriterion) criterion; |
| 882 | return ip.ip(); |
| 883 | } else { |
| 884 | return null; |
| 885 | } |
| 886 | } |
| 887 | |
| 888 | /** |
| 889 | * Returns the source IP from a given flow rule if the rule contains |
| 890 | * the match of it. |
| 891 | * |
| 892 | * @param flowRule flow rule |
| 893 | * @return ip prefix, or null if the rule doesn't have ip match |
| 894 | */ |
| 895 | private IpPrefix getSrcIpFromSelector(FlowRule flowRule) { |
| 896 | Criterion criterion = flowRule.selector().getCriterion(IPV4_SRC); |
| 897 | if (criterion != null && criterion instanceof IPCriterion) { |
| 898 | IPCriterion ip = (IPCriterion) criterion; |
| 899 | return ip.ip(); |
| 900 | } else { |
| 901 | return null; |
| 902 | } |
| 903 | } |
| 904 | |
| 905 | /** |
| 906 | * Returns the group ID from a given flow rule if the rule contains the |
| 907 | * treatment of it. |
| 908 | * |
| 909 | * @param flowRule flow rule |
| 910 | * @return group id, or null if the rule doesn't have group instruction |
| 911 | */ |
| 912 | private GroupId getGroupIdFromTreatment(FlowRule flowRule) { |
| 913 | Instruction instruction = flowRule.treatment().allInstructions().stream() |
| 914 | .filter(inst -> inst instanceof Instructions.GroupInstruction) |
| 915 | .findFirst() |
| 916 | .orElse(null); |
| 917 | |
| 918 | if (instruction == null) { |
| 919 | return null; |
| 920 | } |
| 921 | |
| 922 | return ((Instructions.GroupInstruction) instruction).groupId(); |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 923 | } |
| 924 | |
| 925 | /** |
| 926 | * Returns extension instruction to set tunnel destination. |
| 927 | * |
| 928 | * @param deviceId device id |
| 929 | * @param remoteIp tunnel destination address |
| 930 | * @return extension treatment or null if it fails to get instruction |
| 931 | */ |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 932 | private ExtensionTreatment getTunnelDst(DeviceId deviceId, Ip4Address remoteIp) { |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 933 | try { |
| 934 | Driver driver = driverService.getDriver(deviceId); |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 935 | DefaultDriverData driverData = new DefaultDriverData(driver, deviceId); |
| 936 | DriverHandler handler = new DefaultDriverHandler(driverData); |
| 937 | ExtensionTreatmentResolver resolver = handler.behaviour(ExtensionTreatmentResolver.class); |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 938 | |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 939 | ExtensionTreatment treatment = |
| 940 | resolver.getExtensionInstruction(NICIRA_SET_TUNNEL_DST.type()); |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 941 | treatment.setPropertyValue("tunnelDst", remoteIp); |
| 942 | |
| 943 | return treatment; |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 944 | } catch (ItemNotFoundException | UnsupportedOperationException | |
| 945 | ExtensionPropertyException e) { |
| 946 | log.error("Failed to get extension instruction {}", deviceId); |
Hyunsun Moon | 05f528a | 2015-11-04 17:34:35 -0800 | [diff] [blame] | 947 | return null; |
| 948 | } |
| 949 | } |
| 950 | } |
Hyunsun Moon | ba29007 | 2015-12-16 20:53:23 -0800 | [diff] [blame] | 951 | |