When a switch receives a barrier message it must first complete all
commands sent before the barrier message before executing any commands
after it. When all commands before the Barrier message have completed,
it must send a barrier reply message back to the controller.
detection handler for table maintanance
Add a CHECK_OVERLAP flag to flow mods which requires the switch to do
the (potentially more costly) check that there doesn't already exist a
conflicting flow with the same priority. If there is one, the mod
fails and an error code is returned.
Flow expiry: Record OFPFF_SEND_FLOW_EXP flag in user data path
Previously, a switch would only notify the controller when flows expired.
Now, when a switch is told to delete flows, it sends a flow expiration
message, enabling the controller to get packet and byte counts from
deleted flows. Without this, the controller must retrieve flow statistics
and then delete the flow, during which time the counts could change. This
could also aid in debugging if multiple applications or programs
controlling the same switch are deleting each others' flows.
This commit adds a OFPER_DELETE as a choice for the reason field of a flow
expiration.
Make flow expirations per-flow-entry, rather than per-switch.
This commit should give controllers extra flexibility to decide when they
want expirations, will simplify the job of an OpenFlow hypervisor, and may
reduce CPU load at the switch.
collector
Fix BUG#49: Add OpenFlow protocol statistical information collector
and user interface. This feature use PRIVATE_VENDOR_ID to communicate
betwewn control plane process and user interface. PRIVATE_VENDOR_ID is
defined only for private use (and based on private OUI).
Remove monolithic OpenFlow switch.
Add userspace datapath.
Fix BUG#13: Revise check wildcards for in_port != out_port output
validation.
Fix BUG#30: Made use of get_jiffies_64 instead of jiffies.
Fix BUG#31: Fix NetFPGA crash in case of test_delete test harness run.
Fix BUG#32: Add stack depth limitation to avoid inifinite loop in
log_backtrace.
Fix BUG#33: Improve NetFPGA kernel extension and NetFPGA image to
support MAC address rewrite features (two actions) on NetFPGA enabled
OpenFlow switch.
Fix BUG#34: Add NetFPGA kernel extension source codes to create
distribution package with NetFPGA correctly.
Fix BUG#38: Improve regression test for FLOW_MOD ACTION SET_DL_SRC and
SET_DL_DST.
Fix BUG#39: Correct misunderstanding of byte order ops for OFPAT_XXX.
To support this, an "out_port" field has been added to the "ofp_flow_mod",
"ofp_flow_stats_request", and "ofp_aggregate_stats_request" messages. If an
"out_port" contains a value other than "OFPP_NONE", it introduces a constraint
when matching. This constraint is that the rule must contain an output action
directed at that port. Other constraints such as ofp_match structs and
priorities are still used; this is purely an *additional* constraint. Note
that to get previous behavior, though, "out_port" must be set to "OFPP_NONE",
since "0" is a valid port id. This only applies to the delete and
delete_strict flow mod commands; the field is ignored by add, modify, and
modify_strict.
Pull configuration information from DMI when available. In its current form,
it will only use DMI information set by Nicira. Otherwise, it will use default
values. This change also makes DPIDs the same as the MAC address of the
local OpenFlow device.
This makes it easier to install the headers, or to use them directly from
another software package with -I$(openflow)/include, without invading
the top-level include file namespace.
* New command-line options for configuring log files, hence:
- Centralized vlog usage messages.
* New vlogconf action for reopening log files.
* New vlogconf support for specifying a target by pidfile.
Make "make" behave properly when these are changed by re-running
"configure", by putting their definitions into a generated file that
depends on Makefile.
Before, we tried to use the port configuration bits to implement STP; e.g.
if a port was in LISTEN state we turned off sending and receiving frame
other than BPDUs. Unfortunately this interacts very badly with in-band
control: when the switch connects to the controller, it can be connected
to the controller over a port that is not in FORWARD, and so then the
controller disabled that port, and the connection eventually dropped when
an echo request/reply failed to get through.
Now, we implement STP by querying the flows on the switch and killing
off the ones that STP does not allow. This works much better because,
although we still kill off the in-band control connection, the in-band
hook in secchan is then able to resurrect it.
--no-stp is still the default since this has not been tested very much.
To enable SNAT, run configure with the "--enable-snat" flag. This has
only been tested with the 2.6.23 kernel...more diverse testing will follow.
Documentation and a cleaner build setup will also be in a future check-in.
When secchan is configured to "fail open" after failing to connect to
a controller for a period of time, it needs a heuristic for what
constitutes a successful connection. Until now, that heuristic was
simply that when it received an OpenFlow message from the controller
(any OpenFlow message), it considered the connection successful.
However, this is no longer good enough, because NOX performs
admission control on connections after sending a number of OpenFlow
messages, in particular after doing OpenFlow version negotiation and
requesting the switch features (and receiving the reply). Thus, this
commit adjusts the heuristic by only considering certain OpenFlow
messages to demonstrate that admission control checks have passed and
thus that the connection should be considered successful.
As a fallback, any connection that persists for 30 seconds or longer is
also considered successful.
An alternate and complementary approach (that this commit does not
implement) would be to use an OpenFlow error message to indicate why
the connection is closing.
Fixes bug #239.
Mikio Hara
Yiannis Yiakoumis
tyabe
Brandon Heller
Glen Gibb
Justin Pettit
Ben Pfaff