Pull configuration information from DMI when available. In its current form,
it will only use DMI information set by Nicira. Otherwise, it will use default
values. This change also makes DPIDs the same as the MAC address of the
local OpenFlow device.
This makes it easier to install the headers, or to use them directly from
another software package with -I$(openflow)/include, without invading
the top-level include file namespace.
* New command-line options for configuring log files, hence:
- Centralized vlog usage messages.
* New vlogconf action for reopening log files.
* New vlogconf support for specifying a target by pidfile.
Make "make" behave properly when these are changed by re-running
"configure", by putting their definitions into a generated file that
depends on Makefile.
Before, we tried to use the port configuration bits to implement STP; e.g.
if a port was in LISTEN state we turned off sending and receiving frame
other than BPDUs. Unfortunately this interacts very badly with in-band
control: when the switch connects to the controller, it can be connected
to the controller over a port that is not in FORWARD, and so then the
controller disabled that port, and the connection eventually dropped when
an echo request/reply failed to get through.
Now, we implement STP by querying the flows on the switch and killing
off the ones that STP does not allow. This works much better because,
although we still kill off the in-band control connection, the in-band
hook in secchan is then able to resurrect it.
--no-stp is still the default since this has not been tested very much.
To enable SNAT, run configure with the "--enable-snat" flag. This has
only been tested with the 2.6.23 kernel...more diverse testing will follow.
Documentation and a cleaner build setup will also be in a future check-in.
When secchan is configured to "fail open" after failing to connect to
a controller for a period of time, it needs a heuristic for what
constitutes a successful connection. Until now, that heuristic was
simply that when it received an OpenFlow message from the controller
(any OpenFlow message), it considered the connection successful.
However, this is no longer good enough, because NOX performs
admission control on connections after sending a number of OpenFlow
messages, in particular after doing OpenFlow version negotiation and
requesting the switch features (and receiving the reply). Thus, this
commit adjusts the heuristic by only considering certain OpenFlow
messages to demonstrate that admission control checks have passed and
thus that the connection should be considered successful.
As a fallback, any connection that persists for 30 seconds or longer is
also considered successful.
An alternate and complementary approach (that this commit does not
implement) would be to use an OpenFlow error message to indicate why
the connection is closing.
Fixes bug #239.
Allow vendors to define their own actions. Actions were originally fixed-
length, which was a bit constraining. Actions now contain a length field,
which gives them more flexibility.
Stripping VLANs is now done through the OFPAT_STRIP_VLAN action (i.e., you
don't specify a magic value in the generirc VLAN action). Also, it is now
possible to modify the priority bits associated with the VLAN tag through
the OFPAT_SET_VLAN_PCP action. The OFPAT_SET_DL_VLAN has been renamed to
OFPAT_SET_VLAN_VID.
This new OpenFlow message format provides a cleaner interface and greater
detail and control over ports. It is now possible to see what features
the switch's port is currently configured as having, what it's advertising,
and what it's capable of handling. It is also possible to return the
features advertised by the port's peer.
802.1D Spanning Tree Protocol supports a maximum of 255 ports per bridge,
but OpenFlow supported 256, so 1 port had to not implement STP. This
gets rid of the problem by reducing the maximum number of ports to 255.
This cleans up the handling of modifying existing flows. There now exists
OFPFC_MODIFY and OFPFC_MODIFY_STRICT commands, which have the same matching
characteristics to their OFPFC_DELETE* counterparts. When adding a flow that
already exists, the counters and timers are now reset (ie, its treated as a
new flow). This commit also adds the "--strict" option to dpctl to allow
strict matching for "mod-flows" and "del-flows".
Justin Pettit
Ben Pfaff