private void setSecurityGroupRule(DeviceId id, OpenstackSecurityGroupRule sgRule, Ip4Address vmIp, IpPrefix remoteIp) { ForwardingObjective.Builder foBuilder = buildFlowObjective(id, sgRule, vmIp, remoteIp); if (foBuilder != null) { flowObjectiveService.forward(id, foBuilder.add()); } }
private void removeSecurityGroupRule(DeviceId id, OpenstackSecurityGroupRule sgRule, Ip4Address vmIp, IpPrefix remoteIp) { ForwardingObjective.Builder foBuilder = buildFlowObjective(id, sgRule, vmIp, remoteIp); if (foBuilder != null) { flowObjectiveService.forward(id, foBuilder.remove()); } }
private synchronized void deleteRoute(ResolvedRoute route) { //Integer nextId = nextHops.get(route.nextHop()); /* Group group = deleteNextHop(route.prefix()); if (group == null) { log.warn("Group not found when deleting {}", route); return; }*/ flowObjectiveService.forward(deviceId, generateRibForwardingObj(route.prefix(), null).remove()); }
private void updateRoute(ResolvedRoute route) { addNextHop(route); Integer nextId; synchronized (this) { nextId = nextHops.get(route.nextHop()); } flowObjectiveService.forward(deviceId, generateRibForwardingObj(route.prefix(), nextId).add()); log.trace("Sending forwarding objective {} -> nextId:{}", route, nextId); }
/** * Send service-function-forwarder to OVS. * * @param selector traffic selector * @param treatment traffic treatment * @param deviceId device id * @param type operation type * @param priority priority of classifier */ public void sendSfcRule(TrafficSelector.Builder selector, TrafficTreatment.Builder treatment, DeviceId deviceId, Objective.Operation type, int priority) { log.info("Sending sfc flow rule. Selector {}, Treatment {}", selector.toString(), treatment.toString()); ForwardingObjective.Builder objective = DefaultForwardingObjective.builder().withTreatment(treatment.build()) .withSelector(selector.build()).fromApp(appId).makePermanent().withFlag(Flag.VERSATILE) .withPriority(priority); if (type.equals(Objective.Operation.ADD)) { log.debug("flowClassifierRules-->ADD"); flowObjectiveService.forward(deviceId, objective.add()); } else { log.debug("flowClassifierRules-->REMOVE"); flowObjectiveService.forward(deviceId, objective.remove()); } }
@Override public void removeSnatRules(DeviceId deviceId, TrafficSelector selector, TrafficTreatment treatment, int priority, Objective.Operation type) { ForwardingObjective.Builder objective = DefaultForwardingObjective .builder().withTreatment(treatment).withSelector(selector) .fromApp(appId).withFlag(Flag.SPECIFIC).withPriority(priority); if (type.equals(Objective.Operation.ADD)) { flowObjectiveService.forward(deviceId, objective.add()); } else { flowObjectiveService.forward(deviceId, objective.remove()); } } }
/** * Send bgp flow forwarder to bgp provider. * * @param selector traffic selector * @param treatment traffic treatment * @param deviceId device id * @param type operation type */ public void sendBgpFlowRuleForwarder(TrafficSelector.Builder selector, TrafficTreatment.Builder treatment, DeviceId deviceId, Objective.Operation type) { ForwardingObjective.Builder objective = DefaultForwardingObjective.builder().withTreatment(treatment.build()) .withSelector(selector.build()).fromApp(appId).makePermanent().withFlag(Flag.VERSATILE); if (type.equals(Objective.Operation.ADD)) { log.debug("ADD"); flowObjectiveService.forward(deviceId, objective.add()); } else { log.debug("REMOVE"); flowObjectiveService.forward(deviceId, objective.remove()); } } }
/** * Removes packet intercept flow rules from the device. * * @param device the device to remove the rules deom * @param request the packet request */ private void removeRule(Device device, PacketRequest request) { if (!device.type().equals(Device.Type.SWITCH)) { return; } ForwardingObjective forwarding = createBuilder(request) .remove(new ObjectiveContext() { @Override public void onError(Objective objective, ObjectiveError error) { log.warn("Failed to withdraw packet request {} from {}: {}", request, device.id(), error); } }); objectiveService.forward(device.id(), forwarding); }
/** * Install a rule for pushing unique global labels to the device. * * @param deviceId device to which flow should be pushed * @param labelId label for the device * @param type type of operation */ private void installNodeLabelRule(DeviceId deviceId, LabelResourceId labelId, Objective.Operation type) { checkNotNull(flowObjectiveService); checkNotNull(appId); TrafficSelector.Builder selectorBuilder = DefaultTrafficSelector.builder(); selectorBuilder.matchMplsLabel(MplsLabel.mplsLabel(labelId.id().intValue())); TrafficTreatment treatment = DefaultTrafficTreatment.builder().build(); ForwardingObjective.Builder forwardingObjective = DefaultForwardingObjective.builder() .withSelector(selectorBuilder.build()).withTreatment(treatment) .withFlag(ForwardingObjective.Flag.VERSATILE).fromApp(appId).makePermanent(); if (type.equals(Objective.Operation.ADD)) { flowObjectiveService.forward(deviceId, forwardingObjective.add()); } else { flowObjectiveService.forward(deviceId, forwardingObjective.remove()); } }
@Override public void programLocalIn(DeviceId deviceId, SegmentationId segmentationId, PortNumber inPort, MacAddress srcMac, ApplicationId appid, Objective.Operation type) { TrafficSelector selector = DefaultTrafficSelector.builder() .matchInPort(inPort).matchEthSrc(srcMac).build(); TrafficTreatment.Builder treatment = DefaultTrafficTreatment.builder(); treatment.add(Instructions .modTunnelId(Long.parseLong(segmentationId.toString()))); ForwardingObjective.Builder objective = DefaultForwardingObjective .builder().withTreatment(treatment.build()) .withSelector(selector).fromApp(appId).makePermanent() .withFlag(Flag.SPECIFIC).withPriority(L2_CLASSIFIER_PRIORITY); if (type.equals(Objective.Operation.ADD)) { log.debug("programLocalIn-->ADD"); flowObjectiveService.forward(deviceId, objective.add()); } else { log.debug("programLocalIn-->REMOVE"); flowObjectiveService.forward(deviceId, objective.remove()); } }
@Override public void programL3ExPortClassifierRules(DeviceId deviceId, PortNumber inPort, IpAddress dstIp, Objective.Operation type) { TrafficSelector selector = DefaultTrafficSelector.builder() .matchEthType(Ethernet.TYPE_IPV4).matchInPort(inPort) .matchIPDst(IpPrefix.valueOf(dstIp, 32)).build(); TrafficTreatment treatment = DefaultTrafficTreatment.builder().build(); ForwardingObjective.Builder objective = DefaultForwardingObjective .builder().withTreatment(treatment).withSelector(selector) .fromApp(appId).withFlag(Flag.SPECIFIC) .withPriority(L3_CLASSIFIER_PRIORITY); if (type.equals(Objective.Operation.ADD)) { log.debug("L3ExToInClassifierRules-->ADD"); flowObjectiveService.forward(deviceId, objective.add()); } else { log.debug("L3ExToInClassifierRules-->REMOVE"); flowObjectiveService.forward(deviceId, objective.remove()); } }
@Override public void programLocalOut(DeviceId deviceId, SegmentationId segmentationId, PortNumber outPort, MacAddress sourceMac, Objective.Operation type) { TrafficSelector selector = DefaultTrafficSelector.builder() .matchTunnelId(Long.parseLong(segmentationId.toString())) .matchEthDst(sourceMac).build(); TrafficTreatment treatment = DefaultTrafficTreatment.builder() .setOutput(outPort).build(); ForwardingObjective.Builder objective = DefaultForwardingObjective .builder().withTreatment(treatment).withSelector(selector) .fromApp(appId).withFlag(Flag.SPECIFIC) .withPriority(MAC_PRIORITY); if (type.equals(Objective.Operation.ADD)) { flowObjectiveService.forward(deviceId, objective.add()); } else { flowObjectiveService.forward(deviceId, objective.remove()); } }
@Override public void programExternalOut(DeviceId deviceId, SegmentationId segmentationId, PortNumber outPort, MacAddress sourceMac, Objective.Operation type) { TrafficSelector selector = DefaultTrafficSelector.builder() .matchTunnelId(Long.parseLong(segmentationId.toString())) .matchEthSrc(sourceMac).build(); TrafficTreatment treatment = DefaultTrafficTreatment.builder() .setOutput(outPort).build(); ForwardingObjective.Builder objective = DefaultForwardingObjective .builder().withTreatment(treatment).withSelector(selector) .fromApp(appId).withFlag(Flag.SPECIFIC) .withPriority(MAC_PRIORITY); if (type.equals(Objective.Operation.ADD)) { flowObjectiveService.forward(deviceId, objective.add()); } else { flowObjectiveService.forward(deviceId, objective.remove()); } }
/** * Pushes packet intercept flow rules to the device. * * @param device the device to push the rules to * @param request the packet request */ private void pushRule(Device device, PacketRequest request) { if (!device.type().equals(Device.Type.SWITCH)) { return; } if (!deviceService.isAvailable(device.id())) { return; } ForwardingObjective forwarding = createBuilder(request) .add(new ObjectiveContext() { @Override public void onError(Objective objective, ObjectiveError error) { log.warn("Failed to install packet request {} to {}: {}", request, device.id(), error); } }); objectiveService.forward(device.id(), forwarding); }
@Override public void programSnatDiffSegmentRules(DeviceId deviceId, SegmentationId matchVni, IpAddress srcIP, MacAddress ethDst, MacAddress ethSrc, IpAddress ipSrc, SegmentationId actionVni, Objective.Operation type) { TrafficSelector selector = DefaultTrafficSelector.builder() .matchEthType(Ethernet.TYPE_IPV4) .matchTunnelId(Long.parseLong(matchVni.segmentationId())) .matchIPSrc(IpPrefix.valueOf(srcIP, PREFIC_LENGTH)).build(); TrafficTreatment.Builder treatment = DefaultTrafficTreatment.builder(); treatment.setEthDst(ethDst).setEthSrc(ethSrc).setIpSrc(ipSrc) .setTunnelId(Long.parseLong(actionVni.segmentationId())); ForwardingObjective.Builder objective = DefaultForwardingObjective .builder().withTreatment(treatment.build()) .withSelector(selector).fromApp(appId).withFlag(Flag.SPECIFIC) .withPriority(SNAT_DIFF_SEG_PRIORITY); if (type.equals(Objective.Operation.ADD)) { flowObjectiveService.forward(deviceId, objective.add()); } else { flowObjectiveService.forward(deviceId, objective.remove()); } }
private void setFlowRuleForTunnelTag(DeviceId deviceId, Port port, String vni) { TrafficSelector.Builder sBuilder = DefaultTrafficSelector.builder(); TrafficTreatment.Builder tBuilder = DefaultTrafficTreatment.builder(); sBuilder.matchEthType(Ethernet.TYPE_IPV4) .matchInPort(port.number()); tBuilder.setTunnelId(Long.parseLong(vni)); ForwardingObjective fo = DefaultForwardingObjective.builder() .withSelector(sBuilder.build()) .withTreatment(tBuilder.build()) .withPriority(TUNNELTAG_RULE_PRIORITY) .withFlag(ForwardingObjective.Flag.SPECIFIC) .fromApp(appId) .add(); flowObjectiveService.forward(deviceId, fo); }
@Override public void programExportPortArpClassifierRules(Port exportPort, DeviceId deviceId, Operation type) { TrafficSelector selector = DefaultTrafficSelector.builder() .matchEthType(EtherType.ARP.ethType().toShort()) .matchInPort(exportPort.number()).build(); TrafficTreatment.Builder treatment = DefaultTrafficTreatment.builder(); treatment.add(Instructions.createOutput(PortNumber.CONTROLLER)); ForwardingObjective.Builder objective = DefaultForwardingObjective .builder().withTreatment(treatment.build()) .withSelector(selector).fromApp(appId).withFlag(Flag.SPECIFIC) .withPriority(L3_CLASSIFIER_PRIORITY); if (type.equals(Objective.Operation.ADD)) { flowObjectiveService.forward(deviceId, objective.add()); } else { flowObjectiveService.forward(deviceId, objective.remove()); } } }
/** * Removes flow rules for tagging tunnelId. * * @param deviceId device id * @param portNumber port number */ private void removeFlowRuleForTunnelTag(DeviceId deviceId, PortNumber portNumber) { TrafficSelector.Builder sBuilder = DefaultTrafficSelector.builder(); TrafficTreatment.Builder tBuilder = DefaultTrafficTreatment.builder(); sBuilder.matchEthType(Ethernet.TYPE_IPV4) .matchInPort(portNumber); ForwardingObjective fo = DefaultForwardingObjective.builder() .withSelector(sBuilder.build()) .withTreatment(tBuilder.build()) .withPriority(TUNNELTAG_RULE_PRIORITY) .withFlag(ForwardingObjective.Flag.SPECIFIC) .fromApp(appId) .remove(); flowObjectiveService.forward(deviceId, fo); }
/** * Removes the flow rules between traffic from VMs in different Cnode. * * @param deviceId device id * @param vmIp ip * @param vni vni which removed VM was belonged */ private void removeVxLanFlowRule(DeviceId deviceId, Ip4Address vmIp, long vni) { TrafficSelector.Builder sBuilder = DefaultTrafficSelector.builder(); sBuilder.matchEthType(Ethernet.TYPE_IPV4) .matchTunnelId(vni) .matchIPDst(vmIp.toIpPrefix()); ForwardingObjective fo = DefaultForwardingObjective.builder() .withSelector(sBuilder.build()) .withTreatment(DefaultTrafficTreatment.builder().build()) .withFlag(ForwardingObjective.Flag.SPECIFIC) .withPriority(SWITCHING_RULE_PRIORITY) .fromApp(appId) .remove(); flowObjectiveService.forward(deviceId, fo); }
/** * Removes the flow rules for traffic between VMs in the same Cnode. * * @param deviceId device id on which removed VM was run * @param vmIp ip of the removed VM * @param vni vni which removed VM was belonged */ private void removeFlowRuleForVMsInSameCnode(DeviceId deviceId, Ip4Address vmIp, long vni) { TrafficSelector.Builder sBuilder = DefaultTrafficSelector.builder(); sBuilder.matchEthType(Ethernet.TYPE_IPV4) .matchIPDst(vmIp.toIpPrefix()) .matchTunnelId(vni); ForwardingObjective fo = DefaultForwardingObjective.builder() .withSelector(sBuilder.build()) .withTreatment(DefaultTrafficTreatment.builder().build()) .withFlag(ForwardingObjective.Flag.SPECIFIC) .withPriority(SWITCHING_RULE_PRIORITY) .fromApp(appId) .remove(); flowObjectiveService.forward(deviceId, fo); }