def push_dp(self):
'''
(1) Check if there are any policies queued to be pushed
(2) Send the queued policies to reference monitor
'''
self.logger.debug("Pushing current flow mod queue:")
# it is crucial that dp_queued is traversed chronologically
fm_builder = FlowModMsgBuilder(self.id, self.refmon_client.key)
for flowmod in self.dp_queued:
self.logger.debug("MOD: " + str(flowmod))
if (flowmod['mod_type'] == 'remove'):
fm_builder.delete_flow_mod(flowmod['mod_type'],
flowmod['rule_type'],
flowmod['cookie'][0],
flowmod['cookie'][1])
elif (flowmod['mod_type'] == 'insert'):
fm_builder.add_flow_mod(**flowmod)
else:
self.logger.error("Unhandled flow type: " +
flowmod['mod_type'])
continue
self.dp_pushed.append(flowmod)
self.dp_queued = []
self.refmon_client.send(json.dumps(fm_builder.get_msg()))
def push_dp(self):
'''
(1) Check if there are any policies queued to be pushed
(2) Send the queued policies to reference monitor
'''
self.logger.debug("Pushing current flow mod queue:")
# it is crucial that dp_queued is traversed chronologically
fm_builder = FlowModMsgBuilder(self.id, self.refmon_client.key)
for flowmod in self.dp_queued:
self.logger.debug("MOD: "+str(flowmod))
if (flowmod['mod_type'] == 'remove'):
fm_builder.delete_flow_mod(flowmod['mod_type'], flowmod['rule_type'], flowmod['cookie'][0], flowmod['cookie'][1])
elif (flowmod['mod_type'] == 'insert'):
fm_builder.add_flow_mod(**flowmod)
else:
self.logger.error("Unhandled flow type: " + flowmod['mod_type'])
continue
self.dp_pushed.append(flowmod)
self.dp_queued = []
self.refmon_client.send(json.dumps(fm_builder.get_msg()))
class ParticipantController(object):
def __init__(self, id, config_file, policy_file, logger):
# participant id
self.id = id
# print ID for logging
self.logger = logger
# used to signal termination
self.run = True
self.prefix_lock = {}
# Initialize participant params
self.cfg = PConfig(config_file, self.id)
# Vmac encoding mode
# self.cfg.vmac_mode = config_file["vmac_mode"]
# Dataplane mode---multi table or multi switch
# self.cfg.dp_mode = config_file["dp_mode"]
self.load_policies(policy_file)
# The port 0 MAC is used for tagging outbound rules as belonging to us
self.port0_mac = self.cfg.port0_mac
self.nexthop_2_part = self.cfg.get_nexthop_2_part()
# VNHs related params
self.num_VNHs_in_use = 0
self.VNH_2_prefix = {}
self.prefix_2_VNH = {}
# Superset related params
if self.cfg.isSupersetsMode():
self.supersets = SuperSets(self, self.cfg.vmac_options)
else:
# TODO: create similar class and variables for MDS
self.mds = None
# Keep track of flow rules pushed
self.dp_pushed = []
# Keep track of flow rules which are scheduled to be pushed
self.dp_queued = []
def start(self):
# Start all clients/listeners/whatevs
self.logger.info("Starting controller for participant")
# ExaBGP Peering Instance
self.bgp_instance = self.cfg.get_bgp_instance()
self.logger.debug("Trace: Started controller for participant")
# Route server client, Reference monitor client, Arp Proxy client
self.xrs_client = self.cfg.get_xrs_client(self.logger)
self.arp_client = self.cfg.get_arp_client(self.logger)
self.refmon_client = self.cfg.get_refmon_client(self.logger)
# class for building flow mod msgs to the reference monitor
self.fm_builder = FlowModMsgBuilder(self.id, self.refmon_client.key)
# Send flow rules for initial policies to the SDX's Reference Monitor
self.initialize_dataplane()
self.push_dp()
# Start the event handler
eh_socket = self.cfg.get_eh_info()
self.listener_eh = Listener(eh_socket, authkey=None)
self.start_eh()
#ps_thread = Thread(target=self.start_eh)
#ps_thread.daemon = True
#ps_thread.start()
def load_policies(self, policy_file):
# Load policies from file
with open(policy_file, 'r') as f:
self.policies = json.load(f)
port_count = len(self.cfg.ports)
# sanitize the input policies
if 'inbound' in self.policies:
for policy in self.policies['inbound']:
if 'action' not in policy:
continue
if 'fwd' in policy['action'] and int(policy['action']['fwd']) >= port_count:
policy['action']['fwd'] = 0
def initialize_dataplane(self):
"Read the config file and update the queued policy variable"
self.logger.info("Initializing inbound rules")
final_switch = "main-in"
if self.cfg.isMultiTableMode():
final_switch = "main-out"
self.init_vnh_assignment()
rule_msgs = init_inbound_rules(self.id, self.policies,
self.supersets, final_switch)
self.logger.debug("Rule Messages INBOUND:: "+str(rule_msgs))
rule_msgs2 = init_outbound_rules(self, self.id, self.policies,
self.supersets, final_switch)
self.logger.debug("Rule Messages OUTBOUND:: "+str(rule_msgs2))
if 'changes' in rule_msgs2:
if 'changes' not in rule_msgs:
rule_msgs['changes'] = []
rule_msgs['changes'] += rule_msgs2['changes']
#TODO: Initialize Outbound Policies from RIB
self.logger.debug("Rule Messages:: "+str(rule_msgs))
if 'changes' in rule_msgs:
self.dp_queued.extend(rule_msgs["changes"])
def push_dp(self):
'''
(1) Check if there are any policies queued to be pushed
(2) Send the queued policies to reference monitor
'''
self.logger.debug("Pushing current flow mod queue:")
# it is crucial that dp_queued is traversed chronologically
for flowmod in self.dp_queued:
self.logger.debug("MOD: "+str(flowmod))
self.fm_builder.add_flow_mod(**flowmod)
self.dp_pushed.append(flowmod)
self.dp_queued = []
self.refmon_client.send(json.dumps(self.fm_builder.get_msg()))
def stop(self):
"Stop the Participants' SDN Controller"
self.logger.info("Stopping Controller. "+str(self.logger_info))
# Signal Termination and close blocking listener
self.run = False
conn = Client(self.cfg.get_eh_info(), authkey=None)
conn.send("terminate")
conn.close()
# TODO: confirm that this isn't silly
self.xrs_client = None
self.refmon_client = None
self.arp_client = None
# TODO: Think of better way of terminating this listener
self.listener_eh.close()
def start_eh(self):
'''Socket listener for network events '''
self.logger.info("Event Handler started.")
while self.run:
self.logger.debug("EH waiting for connection...")
conn_eh = self.listener_eh.accept()
tmp = conn_eh.recv()
if tmp != "terminate":
self.logger.debug("EH established connection...")
data = json.loads(tmp)
self.logger.debug("Event received of type "+str(data.keys()))
# Starting a thread for independently processing each incoming network event
event_processor_thread = Thread(target = self.process_event, args = [data])
event_processor_thread.daemon = True
event_processor_thread.start()
# Send a message back to the sender.
reply = "Event Received"
conn_eh.send(reply)
conn_eh.close()
def process_event(self, data):
"Locally process each incoming network event"
if 'bgp' in data:
self.logger.debug("Event Received: BGP Update.")
route = data['bgp']
# Process the incoming BGP updates from XRS
#self.logger.debug("BGP Route received: "+str(route)+" "+str(type(route)))
self.process_bgp_route(route)
elif 'policy' in data:
# Process the event requesting change of participants' policies
self.logger.debug("Event Received: Policy change.")
change_info = data['policy']
self.process_policy_changes(change_info)
elif 'arp' in data:
(requester_srcmac, requested_vnh) = tuple(data['arp'])
self.logger.debug("Event Received: ARP request for IP "+str(requested_vnh))
self.process_arp_request(requester_srcmac, requested_vnh)
else:
self.logger.warn("UNKNOWN EVENT TYPE RECEIVED: "+str(data))
def process_policy_changes(self, change_info):
"Process the changes in participants' policies"
# TODO: Implement the logic of dynamically changing participants' outbound and inbound policy
'''
change_info =
{
'removal_cookies' : [cookie1, ...], # Cookies of deleted policies
'new_policies' :
{
<policy file format>
}
}
'''
# remove flow rules for the old policies
removal_msgs = []
'''
for cookie in change_info['removal_cookies']:
mod = {"rule_type":"outbound", "priority":0,
"match":match_args , "action":{},
"cookie":cookie, "mod_type":"remove"}
removal_msgs.append(mod)
'''
self.dp_queued.extend(removal_msgs)
# add flow rules for the new policies
if self.cfg.isSupersetsMode():
dp_msgs = ss_process_policy_change(self.supersets, add_policies, remove_policies, policies,
self.port_count, self.port0_mac)
else:
dp_msgs = []
self.dp_queued.extend(dp_msgs)
self.push_dp()
return 0
def process_arp_request(self, part_mac, vnh):
vmac = ""
if self.cfg.isSupersetsMode():
vmac = self.supersets.get_vmac(self, vnh)
else:
vmac = "whoa" # MDS vmac goes here
arp_responses = list()
# if this is gratuitous, send a reply to the part's ID
if part_mac is None:
gratuitous = True
# set fields appropriately for gratuitous arps
i = 0
for port in self.cfg.ports:
eth_dst = vmac_part_port_match(self.id, i, self.supersets, False)
arp_responses.append({'SPA': vnh, 'TPA': vnh,
'SHA': vmac, 'THA': vmac,
'eth_src': vmac, 'eth_dst': eth_dst})
i += 1
else: # if it wasn't gratuitous
gratuitous = False
# dig up the IP of the target participant
for port in self.cfg.ports:
if part_mac == port["MAC"]:
part_ip = port["IP"]
break
# set field appropriately for arp responses
arp_responses.append({'SPA': vnh, 'TPA': part_ip,
'SHA': vmac, 'THA': part_mac,
'eth_src': vmac, 'eth_dst': part_mac})
if gratuitous:
self.logger.debug("Sending Gratuitious ARP: "+str(arp_responses))
else:
self.logger.debug("Sending ARP Response: "+str(arp_responses))
for arp_response in arp_responses:
self.arp_client.send(json.dumps(arp_response))
def getlock(self, prefixes):
prefixes.sort()
hsh = "-".join(prefixes)
if hsh not in self.prefix_lock:
#self.logger.debug("First Lock:: "+str(hsh))
self.prefix_lock[hsh] = RLock()
#else:
#self.logger.debug("Repeat :: "+str(hsh))
return self.prefix_lock[hsh]
def process_bgp_route(self, route):
"Process each incoming BGP advertisement"
tstart = time.time()
prefixes = get_prefixes_from_announcements(route)
with self.getlock(prefixes):
reply = ''
# Map to update for each prefix in the route advertisement.
updates = self.bgp_instance.update(route)
#self.logger.debug("process_bgp_route:: "+str(updates))
# TODO: This step should be parallelized
# TODO: The decision process for these prefixes is going to be same, we
# should think about getting rid of such redundant computations.
for update in updates:
self.bgp_instance.decision_process_local(update)
self.vnh_assignment(update)
if TIMING:
elapsed = time.time() - tstart
self.logger.debug("Time taken for decision process: "+str(elapsed))
tstart = time.time()
if self.cfg.isSupersetsMode():
################## SUPERSET RESPONSE TO BGP ##################
# update supersets
"Map the set of BGP updates to a list of superset expansions."
ss_changes, ss_changed_prefs = self.supersets.update_supersets(self, updates)
if TIMING:
elapsed = time.time() - tstart
self.logger.debug("Time taken to update supersets: "+str(elapsed))
tstart = time.time()
# ss_changed_prefs are prefixes for which the VMAC bits have changed
# these prefixes must have gratuitous arps sent
garp_required_vnhs = [self.prefix_2_VNH[prefix] for prefix in ss_changed_prefs]
"If a recomputation event was needed, wipe out the flow rules."
if ss_changes["type"] == "new":
self.logger.debug("Wiping outbound rules.")
wipe_msgs = msg_clear_all_outbound(self.policies, self.port0_mac)
self.dp_queued.extend(wipe_msgs)
#if a recomputation was needed, all VMACs must be reARPed
# TODO: confirm reARPed is a word
garp_required_vnhs = self.VNH_2_prefix.keys()
if len(ss_changes['changes']) > 0:
self.logger.debug("Supersets have changed: "+str(ss_changes))
"Map the superset changes to a list of new flow rules."
flow_msgs = update_outbound_rules(ss_changes, self.policies,
self.supersets, self.port0_mac)
self.logger.debug("Flow msgs: "+str(flow_msgs))
"Dump the new rules into the dataplane queue."
self.dp_queued.extend(flow_msgs)
if TIMING:
elapsed = time.time() - tstart
self.logger.debug("Time taken to deal with ss_changes: "+str(elapsed))
tstart = time.time()
################## END SUPERSET RESPONSE ##################
else:
# TODO: similar logic for MDS
self.logger.debug("Creating ctrlr messages for MDS scheme")
self.push_dp()
if TIMING:
elapsed = time.time() - tstart
self.logger.debug("Time taken to push dp msgs: "+str(elapsed))
tstart = time.time()
changed_vnhs, announcements = self.bgp_instance.bgp_update_peers(updates,
self.prefix_2_VNH, self.cfg.ports)
""" Combine the VNHs which have changed BGP default routes with the
VNHs which have changed supersets.
"""
changed_vnhs = set(changed_vnhs)
changed_vnhs.update(garp_required_vnhs)
# Send gratuitous ARP responses for all them
for vnh in changed_vnhs:
self.process_arp_request(None, vnh)
# Tell Route Server that it needs to announce these routes
for announcement in announcements:
# TODO: Complete the logic for this function
self.send_announcement(announcement)
if TIMING:
elapsed = time.time() - tstart
self.logger.debug("Time taken to send garps/announcements: "+str(elapsed))
tstart = time.time()
return reply
def send_announcement(self, announcement):
"Send the announcements to XRS"
self.logger.debug("Sending announcements to XRS. "+str(type(announcement)))
self.xrs_client.send(json.dumps(announcement))
def vnh_assignment(self, update):
"Assign VNHs for the advertised prefixes"
if self.cfg.isSupersetsMode():
" Superset"
# TODO: Do we really need to assign a VNH for each advertised prefix?
if ('announce' in update):
prefix = update['announce'].prefix
if (prefix not in self.prefix_2_VNH):
# get next VNH and assign it the prefix
self.num_VNHs_in_use += 1
vnh = str(self.cfg.VNHs[self.num_VNHs_in_use])
self.prefix_2_VNH[prefix] = vnh
self.VNH_2_prefix[vnh] = prefix
else:
"Disjoint"
# TODO: @Robert: Place your logic here for VNH assignment for MDS scheme
self.logger.debug("VNH assignment called for disjoint vmac_mode")
def init_vnh_assignment(self):
"Assign VNHs for the advertised prefixes"
if self.cfg.isSupersetsMode():
" Superset"
# TODO: Do we really need to assign a VNH for each advertised prefix?
#self.bgp_instance.rib["local"].dump()
prefixes = self.bgp_instance.rib["local"].get_prefixes()
#print 'init_vnh_assignment: prefixes:', prefixes
#print 'init_vnh_assignment: prefix_2_VNH:', self.prefix_2_VNH
for prefix in prefixes:
if (prefix not in self.prefix_2_VNH):
# get next VNH and assign it the prefix
self.num_VNHs_in_use += 1
vnh = str(self.cfg.VNHs[self.num_VNHs_in_use])
self.prefix_2_VNH[prefix] = vnh
self.VNH_2_prefix[vnh] = prefix
else:
"Disjoint"
# TODO: @Robert: Place your logic here for VNH assignment for MDS scheme
self.logger.debug("VNH assignment called for disjoint vmac_mode")
class ParticipantController(object):
def __init__(self, id, config_file, policy_file, logger):
# participant id
self.id = id
# print ID for logging
self.logger = logger
# used to signal termination
self.run = True
self.prefix_lock = {}
# Initialize participant params
self.cfg = PConfig(config_file, self.id)
# Vmac encoding mode
# self.cfg.vmac_mode = config_file["vmac_mode"]
# Dataplane mode---multi table or multi switch
# self.cfg.dp_mode = config_file["dp_mode"]
self.policies = self.load_policies(policy_file)
# The port 0 MAC is used for tagging outbound rules as belonging to us
self.port0_mac = self.cfg.port0_mac
self.nexthop_2_part = self.cfg.get_nexthop_2_part()
# VNHs related params
self.num_VNHs_in_use = 0
self.VNH_2_prefix = {}
self.prefix_2_VNH = {}
# Superset related params
if self.cfg.isSupersetsMode():
self.supersets = SuperSets(self, self.cfg.vmac_options)
else:
# TODO: create similar class and variables for MDS
self.mds = None
# Keep track of flow rules pushed
self.dp_pushed = []
# Keep track of flow rules which are scheduled to be pushed
self.dp_queued = []
def xstart(self):
# Start all clients/listeners/whatevs
self.logger.info("Starting controller for participant")
# ExaBGP Peering Instance
self.bgp_instance = self.cfg.get_bgp_instance()
# Route server client, Reference monitor client, Arp Proxy client
self.xrs_client = self.cfg.get_xrs_client(self.logger)
self.xrs_client.send({'msgType': 'hello', 'id': self.cfg.id, 'peers_in': self.cfg.peers_in, 'peers_out': self.cfg.peers_out, 'ports': self.cfg.get_ports()})
self.arp_client = self.cfg.get_arp_client(self.logger)
self.arp_client.send({'msgType': 'hello', 'macs': self.cfg.get_macs()})
# Participant API for dynamic route updates
self.participant_api = self.cfg.get_participant_api(self.id, self.logger)
self.participant_api.start(self)
# RefMon Instance
self.refmon_client = self.cfg.get_refmon_client(self.logger)
# class for building flow mod msgs to the reference monitor
self.fm_builder = FlowModMsgBuilder(self.id, self.refmon_client.key)
# Send flow rules for initial policies to the SDX's Reference Monitor
self.initialize_dataplane()
self.push_dp()
# Start the event handlers
ps_thread_arp = Thread(target=self.start_eh_arp)
ps_thread_arp.daemon = True
ps_thread_arp.start()
ps_thread_xrs = Thread(target=self.start_eh_xrs)
ps_thread_xrs.daemon = True
ps_thread_xrs.start()
ps_thread_arp.join()
ps_thread_xrs.join()
self.logger.debug("Return from ps_thread.join()")
def sanitize_policies(self, policies):
port_count = len(self.cfg.ports)
# sanitize the input policies
if 'inbound' in policies:
for policy in policies['inbound']:
if 'action' not in policy:
continue
if 'fwd' in policy['action'] and int(policy['action']['fwd']) >= port_count:
policy['action']['fwd'] = 0
return policies
def load_policies(self, policy_file):
# Load policies from file
with open(policy_file, 'r') as f:
policies = json.load(f)
return self.sanitize_policies(policies)
def initialize_dataplane(self):
"Read the config file and update the queued policy variable"
self.logger.info("Initializing inbound rules")
final_switch = "main-in"
if self.cfg.isMultiTableMode():
final_switch = "main-out"
self.init_vnh_assignment()
rule_msgs = init_inbound_rules(self.id, self.policies,
self.supersets, final_switch)
self.logger.debug("Rule Messages INBOUND:: "+str(rule_msgs))
rule_msgs2 = init_outbound_rules(self, self.id, self.policies,
self.supersets, final_switch)
self.logger.debug("Rule Messages OUTBOUND:: "+str(rule_msgs2))
if 'changes' in rule_msgs2:
if 'changes' not in rule_msgs:
rule_msgs['changes'] = []
rule_msgs['changes'] += rule_msgs2['changes']
#TODO: Initialize Outbound Policies from RIB
self.logger.debug("Rule Messages:: "+str(rule_msgs))
if 'changes' in rule_msgs:
self.dp_queued.extend(rule_msgs["changes"])
def push_dp(self):
'''
(1) Check if there are any policies queued to be pushed
(2) Send the queued policies to reference monitor
'''
# it is crucial that dp_queued is traversed chronologically
for flowmod in self.dp_queued:
self.fm_builder.add_flow_mod(**flowmod)
self.dp_pushed.append(flowmod)
# reset queue
self.dp_queued = []
self.refmon_client.send(json.dumps(self.fm_builder.get_msg()))
# reset flow_mods after send - self.flow_mods = []
self.fm_builder.reset_flow_mod()
def stop(self):
"Stop the Participants' SDN Controller"
self.logger.info("Stopping Controller.")
# Signal Termination and close blocking listener
self.run = False
# TODO: confirm that this isn't silly
#self.refmon_client = None
def start_eh_arp(self):
self.logger.info("ARP Event Handler started.")
while self.run:
# need to poll since recv() will not detect close from this end
# and need some way to shutdown gracefully.
if not self.arp_client.poll(1):
continue
try:
tmp = self.arp_client.recv()
except EOFError:
break
data = json.loads(tmp)
self.logger.debug("ARP Event received: %s", data)
# Starting a thread for independently processing each incoming network event
event_processor_thread = Thread(target=self.process_event, args=(data,))
event_processor_thread.daemon = True
event_processor_thread.start()
self.arp_client.close()
self.logger.debug("Exiting start_eh_arp")
def start_eh_xrs(self):
self.logger.info("XRS Event Handler started.")
while self.run:
# need to poll since recv() will not detect close from this end
# and need some way to shutdown gracefully.
if not self.xrs_client.poll(1):
continue
try:
tmp = self.xrs_client.recv()
except EOFError:
break
data = json.loads(tmp)
self.logger.debug("XRS Event received: %s", data)
self.process_event(data)
self.xrs_client.close()
self.logger.debug("Exiting start_eh_xrs")
def process_event(self, data, mod_type=None):
"Locally process each incoming network event"
if 'bgp' in data:
self.logger.debug("Event Received: BGP Update.")
route = data['bgp']
# Process the incoming BGP updates from XRS
#self.logger.debug("BGP Route received: "+str(route)+" "+str(type(route)))
self.process_bgp_route(route)
elif 'policy' in data:
# Process the event requesting change of participants' policies
self.logger.debug("Event Received: Policy change.")
change_info = data['policy']
for element in change_info:
if 'remove' in element:
self.process_policy_changes(element['remove'], 'remove')
#self.logger.debug("PART_Test: REMOVE: %s" % element)
if 'insert' in element:
self.process_policy_changes(element['insert'], 'insert')
#self.logger.debug("PART_Test: INSERT: %s" % element)
elif 'arp' in data:
(requester_srcmac, requested_vnh) = tuple(data['arp'])
self.logger.debug("Event Received: ARP request for IP "+str(requested_vnh))
self.process_arp_request(requester_srcmac, requested_vnh)
else:
self.logger.warn("UNKNOWN EVENT TYPE RECEIVED: "+str(data))
def process_policy_changes(self, change_info, mod_type):
# idea to remove flow rules for the old policies with cookies
'''
removal_msgs = []
for element in change_info:
if 'removal_cookies' in element:
for cookie in element['removal_cookies']:
cookie_id = (cookie['cookie'],65535)
match_args = cookie['match']
mod = {"rule_type":"inbound", "priority":4,"match":{} , "action":{}, "cookie":cookie_id, "mod_type":"remove"}
removal_msgs.append(mod)
self.dp_queued.extend(removal_msgs)
'''
# json file format for change_info - mod_type = remove or insert
'''
{
"policy": [
{
mod_type: [
# change_info begin
{
"inbound": [
{ cookie1 ... match ... action }
{ cookie2 ... match ... action }
]
}
{
"outbound": [
{ cookie1 ... match ... action }
{ cookie2 ... match ... action }
]
}
# change_info end
] // end mod_type-array
},
{
mod_type: ...
}
] // end policy-array
}
'''
policies = self.sanitize_policies(change_info)
final_switch = "main-in"
if self.cfg.isMultiTableMode():
final_switch = "main-out"
#self.init_vnh_assignment() // not used
inbound_policies = {}
outbound_policies = {}
for element in policies:
if 'inbound' in element:
inbound_policies = element
if 'outbound' in element:
outbound_policies = element
#self.logger.debug("PART_Test: INBOUND: %s" % inbound_policies)
#self.logger.debug("PART_Test: OUTBOUND: %s" % outbound_policies)
rule_msgs = init_inbound_rules(self.id, inbound_policies,
self.supersets, final_switch)
rule_msgs2 = init_outbound_rules(self, self.id, outbound_policies,
self.supersets, final_switch)
if 'changes' in rule_msgs2:
if 'changes' not in rule_msgs:
rule_msgs['changes'] = []
rule_msgs['changes'] += rule_msgs2['changes']
for rule in rule_msgs['changes']:
rule['mod_type'] = mod_type
#self.logger.debug("PART_Test: Rule Msgs: %s" % rule_msgs)
if 'changes' in rule_msgs:
self.dp_queued.extend(rule_msgs["changes"])
self.push_dp()
def process_arp_request(self, part_mac, vnh):
vmac = ""
if self.cfg.isSupersetsMode():
vmac = self.supersets.get_vmac(self, vnh)
else:
vmac = "whoa" # MDS vmac goes here
arp_responses = list()
# if this is gratuitous, send a reply to the part's ID
if part_mac is None:
gratuitous = True
# set fields appropriately for gratuitous arps
i = 0
for port in self.cfg.ports:
eth_dst = vmac_part_port_match(self.id, i, self.supersets, False)
arp_responses.append({'SPA': vnh, 'TPA': vnh,
'SHA': vmac, 'THA': vmac,
'eth_src': vmac, 'eth_dst': eth_dst})
i += 1
else: # if it wasn't gratuitous
gratuitous = False
# dig up the IP of the target participant
for port in self.cfg.ports:
if part_mac == port["MAC"]:
part_ip = port["IP"]
break
# set field appropriately for arp responses
arp_responses.append({'SPA': vnh, 'TPA': part_ip,
'SHA': vmac, 'THA': part_mac,
'eth_src': vmac, 'eth_dst': part_mac})
if gratuitous:
self.logger.debug("Sending Gratuitious ARP: "+str(arp_responses))
else:
self.logger.debug("Sending ARP Response: "+str(arp_responses))
for arp_response in arp_responses:
arp_response['msgType'] = 'garp'
self.arp_client.send(arp_response)
def getlock(self, prefixes):
prefixes.sort()
hsh = "-".join(prefixes)
if hsh not in self.prefix_lock:
#self.logger.debug("First Lock:: "+str(hsh))
self.prefix_lock[hsh] = RLock()
#else:
#self.logger.debug("Repeat :: "+str(hsh))
return self.prefix_lock[hsh]
def process_bgp_route(self, route):
"Process each incoming BGP advertisement"
tstart = time.time()
# Map to update for each prefix in the route advertisement.
updates = self.bgp_instance.update(route)
#self.logger.debug("process_bgp_route:: "+str(updates))
# TODO: This step should be parallelized
# TODO: The decision process for these prefixes is going to be same, we
# should think about getting rid of such redundant computations.
for update in updates:
self.bgp_instance.decision_process_local(update)
self.vnh_assignment(update)
if TIMING:
elapsed = time.time() - tstart
self.logger.debug("Time taken for decision process: "+str(elapsed))
tstart = time.time()
if self.cfg.isSupersetsMode():
################## SUPERSET RESPONSE TO BGP ##################
# update supersets
"Map the set of BGP updates to a list of superset expansions."
ss_changes, ss_changed_prefs = self.supersets.update_supersets(self, updates)
if TIMING:
elapsed = time.time() - tstart
self.logger.debug("Time taken to update supersets: "+str(elapsed))
tstart = time.time()
# ss_changed_prefs are prefixes for which the VMAC bits have changed
# these prefixes must have gratuitous arps sent
garp_required_vnhs = [self.prefix_2_VNH[prefix] for prefix in ss_changed_prefs]
"If a recomputation event was needed, wipe out the flow rules."
if ss_changes["type"] == "new":
self.logger.debug("Wiping outbound rules.")
wipe_msgs = msg_clear_all_outbound(self.policies, self.port0_mac)
self.dp_queued.extend(wipe_msgs)
#if a recomputation was needed, all VMACs must be reARPed
# TODO: confirm reARPed is a word
garp_required_vnhs = self.VNH_2_prefix.keys()
if len(ss_changes['changes']) > 0:
self.logger.debug("Supersets have changed: "+str(ss_changes))
"Map the superset changes to a list of new flow rules."
flow_msgs = update_outbound_rules(ss_changes, self.policies,
self.supersets, self.port0_mac)
self.logger.debug("Flow msgs: "+str(flow_msgs))
"Dump the new rules into the dataplane queue."
self.dp_queued.extend(flow_msgs)
if TIMING:
elapsed = time.time() - tstart
self.logger.debug("Time taken to deal with ss_changes: "+str(elapsed))
tstart = time.time()
################## END SUPERSET RESPONSE ##################
else:
# TODO: similar logic for MDS
self.logger.debug("Creating ctrlr messages for MDS scheme")
self.push_dp()
if TIMING:
elapsed = time.time() - tstart
self.logger.debug("Time taken to push dp msgs: "+str(elapsed))
tstart = time.time()
changed_vnhs, announcements = self.bgp_instance.bgp_update_peers(updates,
self.prefix_2_VNH, self.cfg.ports)
""" Combine the VNHs which have changed BGP default routes with the
VNHs which have changed supersets.
"""
changed_vnhs = set(changed_vnhs)
changed_vnhs.update(garp_required_vnhs)
# Send gratuitous ARP responses for all them
for vnh in changed_vnhs:
self.process_arp_request(None, vnh)
# Tell Route Server that it needs to announce these routes
for announcement in announcements:
# TODO: Complete the logic for this function
self.send_announcement(announcement)
if TIMING:
elapsed = time.time() - tstart
self.logger.debug("Time taken to send garps/announcements: "+str(elapsed))
tstart = time.time()
def send_announcement(self, announcement):
"Send the announcements to XRS"
self.logger.debug("Sending announcements to XRS: %s", announcement)
self.xrs_client.send({'msgType': 'bgp', 'announcement': announcement})
def vnh_assignment(self, update):
"Assign VNHs for the advertised prefixes"
if self.cfg.isSupersetsMode():
" Superset"
# TODO: Do we really need to assign a VNH for each advertised prefix?
if ('announce' in update):
prefix = update['announce'].prefix
if (prefix not in self.prefix_2_VNH):
# get next VNH and assign it the prefix
self.num_VNHs_in_use += 1
vnh = str(self.cfg.VNHs[self.num_VNHs_in_use])
self.prefix_2_VNH[prefix] = vnh
self.VNH_2_prefix[vnh] = prefix
else:
"Disjoint"
# TODO: @Robert: Place your logic here for VNH assignment for MDS scheme
self.logger.debug("VNH assignment called for disjoint vmac_mode")
def init_vnh_assignment(self):
"Assign VNHs for the advertised prefixes"
if self.cfg.isSupersetsMode():
" Superset"
# TODO: Do we really need to assign a VNH for each advertised prefix?
#self.bgp_instance.rib["local"].dump()
prefixes = self.bgp_instance.rib["local"].get_prefixes()
#print 'init_vnh_assignment: prefixes:', prefixes
#print 'init_vnh_assignment: prefix_2_VNH:', self.prefix_2_VNH
for prefix in prefixes:
if (prefix not in self.prefix_2_VNH):
# get next VNH and assign it the prefix
self.num_VNHs_in_use += 1
vnh = str(self.cfg.VNHs[self.num_VNHs_in_use])
self.prefix_2_VNH[prefix] = vnh
self.VNH_2_prefix[vnh] = prefix
else:
"Disjoint"
# TODO: @Robert: Place your logic here for VNH assignment for MDS scheme
self.logger.debug("VNH assignment called for disjoint vmac_mode")
class Umbrella(object):
def __init__(self, config, sender, logger, lbal):
# Maps of ports.
self.logger = logger
self.sender = sender
self.config = config
self.lbal = lbal
self.fm_builder = FlowModMsgBuilder(0, self.config.flanc_auth["key"])
lbal.lb_policy(self.config.edge_core)
# Format to umbrella fabric mac address.
# core_port: core switch port connected to the edge
# edge_port: edge port connected to a participant
def create_umbrella_mac(self, core_port, edge_port):
# First byte: core switch port connected to the
# destination's edge switch.
mac_1st_byte = '{}'.format('0' + format(core_port, 'x') if len(
hex(core_port)) == 3 else format(core_port, 'x'))
# Second byte: one of the edges ports connected to the
# destination peer.
mac_2nd_byte = '{}'.format('0' + format(edge_port, 'x') if len(
hex(edge_port)) == 3 else format(edge_port, 'x'))
mac = '%s:%s:00:00:00:00' % (mac_1st_byte, mac_2nd_byte)
return mac
def ARP_match(self, arp_tpa):
#"eth_dst": ETH_BROADCAST_MAC,
match = {"eth_type": ETH_TYPE_ARP, "arp_tpa": arp_tpa}
return match
def l2_match(self, eth_dst):
match = {"eth_dst": eth_dst}
return match
def handle_ARP(self, rule_type):
# peers are in the same edge
for dp in self.config.edge_peers:
peers = self.config.edge_peers[dp]
for peer in peers:
out_port = peers[peer]
match = self.ARP_match(peer.ip)
action = {"set_eth_dst": peer.mac, "fwd": [out_port]}
self.fm_builder.add_flow_mod("insert", rule_type, ARP_PRIORITY,
match, action,
self.config.dpid_2_name[dp])
#TODO: peers are in different edges. Edges connected directly.
# Or create a different class to handle topologies like this
# peers are in different edges. Edges are connected through cores.
for edge in self.config.edge_peers:
for target_dp, hosts in self.config.edge_peers.iteritems():
if target_dp == edge:
continue
else:
for host in hosts:
core, out_port_to_core = self.lbal.lb_action(edge)
core_port_to_target = self.config.core_edge[core][
target_dp]
edge_port = self.config.edge_peers[target_dp][host]
match = self.ARP_match(host.ip)
actions = {
"set_eth_dst":
self.create_umbrella_mac(core_port_to_target,
edge_port),
"fwd": [out_port_to_core]
}
self.fm_builder.add_flow_mod(
"insert", rule_type, ARP_PRIORITY, match, actions,
self.config.dpid_2_name[edge])
def handle_ingress_l2(self, rule_type):
# peers are in the same edge
for dp in self.config.edge_peers:
peers = self.config.edge_peers[dp]
for peer in peers:
out_port = peers[peer]
match = self.l2_match(peer.mac)
action = {"fwd": [out_port]}
self.fm_builder.add_flow_mod("insert", rule_type,
FORWARDING_PRIORITY, match,
action,
self.config.dpid_2_name[dp])
for edge in self.config.edge_peers:
for target_dp, hosts in self.config.edge_peers.iteritems():
if target_dp == edge:
continue
else:
for host in hosts:
# need to install one flow per core for the load balancing
# TODO: find a better way to do it. It is too ugly now
for core in self.config.core_edge:
out_port_to_core = self.config.edge_core[edge][
core]
core_port_to_target = self.config.core_edge[core][
target_dp]
edge_port = self.config.edge_peers[target_dp][host]
match = self.l2_match(host.mac)
match["metadata"] = core
actions = {
"set_eth_dst":
self.create_umbrella_mac(
core_port_to_target, edge_port),
"fwd": [out_port_to_core]
}
self.fm_builder.add_flow_mod(
"insert", rule_type, FORWARDING_PRIORITY,
match, actions, self.config.dpid_2_name[edge])
def create_egress_match(self, edge_port):
mac_2nd_byte = '{}'.format('0' + format(edge_port, 'x') if len(
hex(edge_port)) == 3 else format(edge_port, 'x'))
eth_dst = ('00:%s:00:00:00:00' % (mac_2nd_byte), "00:ff:00:00:00:00")
match = {"eth_dst": eth_dst}
return match
def handle_egress(self, rule_type):
for dp in self.config.edge_peers:
peers = self.config.edge_peers[dp]
for peer in peers:
# Flow match destination MAC is
#based on the edge port connected
edge_port = self.config.edge_peers[dp][peer]
match = self.create_egress_match(edge_port)
peer_mac = peer.mac
action = {"set_eth_dst": peer_mac, "fwd": [edge_port]}
self.fm_builder.add_flow_mod("insert", rule_type,
FORWARDING_PRIORITY, match,
action,
self.config.dpid_2_name[dp])
def create_core_match(self, out_port):
mac_1st_byte = '{}'.format('0' + format(out_port, 'x') if len(
hex(out_port)) == 3 else format(out_port, 'x'))
eth_dst = ('%s:00:00:00:00:00' % (mac_1st_byte), "ff:00:00:00:00:00")
match = {"eth_dst": eth_dst}
return match
def handle_core_switches(self, rule_type):
for core in self.config.core_edge:
for edge in self.config.core_edge[core]:
# Flow match is based on the core port connected to the
# edge switch
out_port = self.config.core_edge[core][edge]
match = self.create_core_match(out_port)
action = {"fwd": [out_port]}
self.fm_builder.add_flow_mod("insert", rule_type,
FORWARDING_PRIORITY, match,
action,
self.config.dpid_2_name[core])
# Just send load balancer flows to umbrella.
def handle_load_balancer(self, rule_type):
# multi check
match_byte1 = [0, 0, 0, "00000001"]
match_byte2 = [0, 0, 0, "00000001"]
# create id_matches - init core multi match with id_matches
id_matcher1, id_matcher2 = self.lbal.init_multi_match(
match_byte1, match_byte2)
self.lbal.set_core_multi_match(self.config.cores,
[id_matcher1, id_matcher2])
# Rule for every Edge
for edge in self.config.edge_core:
# Rule to every Core
for core in self.config.cores:
# Decision for Match is core_id
core_id = self.config.cores[core]
# multi check field(s)
match, metadata = self.lbal.get_ip_multi_match(
core_id, ['ipv4_src', 'ipv4_dst'])
# Build Instruction Meta-Information and Goto-Table
instructions = {"meta": metadata, "fwd": ["umbrella-edge"]}
# Send for every Core to every Edge
self.fm_builder.add_flow_mod("insert", rule_type, LB_PRIORITY,
match, instructions,
self.config.dpid_2_name[edge])
# Need to handle VNH MACS.
# TODO: Add group to support fast failover.
match = {"eth_type": ETH_TYPE_ARP}
# Picking the last core from the last loop. Should be replaced
# with a group later
metadata = [self.config.cores[core], METADATA_MASK]
instructions = {"meta": metadata, "fwd": ["umbrella-edge"]}
self.fm_builder.add_flow_mod("insert", rule_type, LB_PRIORITY,
match, instructions,
self.config.dpid_2_name[edge])
def start(self):
self.logger.info('start')
self.handle_ARP("umbrella-edge")
self.handle_ingress_l2("umbrella-edge")
self.handle_core_switches("umbrella-core")
self.handle_egress("umbrella-edge")
self.handle_load_balancer("load-balancer")
self.sender.send(self.fm_builder.get_msg())
self.logger.info('sent flow mods to reference monitor')
class Umbrella(object):
def __init__(self, config, sender, logger, lbal):
# Maps of ports.
self.logger = logger
self.sender = sender
self.config = config
self.lbal = lbal
self.fm_builder = FlowModMsgBuilder(0, self.config.flanc_auth["key"])
lbal.lb_policy(self.config.edge_core)
# Format to umbrella fabric mac address.
# core_port: core switch port connected to the edge
# edge_port: edge port connected to a participant
def create_umbrella_mac(self, core_port, edge_port):
# First byte: core switch port connected to the
# destination's edge switch.
mac_1st_byte = '{}'.format('0' + format(core_port, 'x') if len(hex(core_port)) == 3 else format(core_port, 'x'))
# Second byte: one of the edges ports connected to the
# destination peer.
mac_2nd_byte = '{}'.format('0' + format(edge_port, 'x') if len(hex(edge_port)) == 3 else format(edge_port, 'x'))
mac = '%s:%s:00:00:00:00' % (mac_1st_byte, mac_2nd_byte)
return mac
def ARP_match(self, arp_tpa):
#"eth_dst": ETH_BROADCAST_MAC,
match = {"eth_type": ETH_TYPE_ARP, "arp_tpa":arp_tpa}
return match
def l2_match(self, eth_dst):
match = {"eth_dst":eth_dst}
return match
def handle_ARP(self, rule_type):
# peers are in the same edge
for dp in self.config.edge_peers:
peers = self.config.edge_peers[dp]
for peer in peers:
out_port = peers[peer]
match = self.ARP_match(peer.ip)
action = {"set_eth_dst":peer.mac, "fwd": [out_port]}
self.fm_builder.add_flow_mod("insert", rule_type, ARP_PRIORITY, match, action, self.config.dpid_2_name[dp])
#TODO: peers are in different edges. Edges connected directly.
# Or create a different class to handle topologies like this
# peers are in different edges. Edges are connected through cores.
for edge in self.config.edge_peers:
for target_dp, hosts in self.config.edge_peers.iteritems():
if target_dp == edge:
continue
else:
for host in hosts:
core, out_port_to_core = self.lbal.lb_action(edge)
core_port_to_target = self.config.core_edge[core][target_dp]
edge_port = self.config.edge_peers[target_dp][host]
match = self.ARP_match(host.ip)
actions = {"set_eth_dst": self.create_umbrella_mac(core_port_to_target, edge_port), "fwd": [out_port_to_core]}
self.fm_builder.add_flow_mod("insert", rule_type, ARP_PRIORITY, match, actions, self.config.dpid_2_name[edge])
def handle_ingress_l2(self, rule_type):
# peers are in the same edge
for dp in self.config.edge_peers:
peers = self.config.edge_peers[dp]
for peer in peers:
out_port = peers[peer]
match = self.l2_match(peer.mac)
action = {"fwd": [out_port]}
self.fm_builder.add_flow_mod("insert", rule_type, FORWARDING_PRIORITY, match, action, self.config.dpid_2_name[dp])
for edge in self.config.edge_peers:
for target_dp, hosts in self.config.edge_peers.iteritems():
if target_dp == edge:
continue
else:
for host in hosts:
# need to install one flow per core for the load balancing
# TODO: find a better way to do it. It is too ugly now
for core in self.config.core_edge:
out_port_to_core = self.config.edge_core[edge][core]
core_port_to_target = self.config.core_edge[core][target_dp]
edge_port = self.config.edge_peers[target_dp][host]
match = self.l2_match(host.mac)
match["metadata"] = core
actions = {"set_eth_dst": self.create_umbrella_mac(core_port_to_target, edge_port), "fwd": [out_port_to_core]}
self.fm_builder.add_flow_mod("insert", rule_type, FORWARDING_PRIORITY, match, actions, self.config.dpid_2_name[edge])
def create_egress_match(self, edge_port):
mac_2nd_byte = '{}'.format('0' + format(edge_port, 'x') if len(hex(edge_port)) == 3 else format(edge_port, 'x'))
eth_dst = ('00:%s:00:00:00:00' % (mac_2nd_byte), "00:ff:00:00:00:00")
match = {"eth_dst":eth_dst}
return match
def handle_egress(self, rule_type):
for dp in self.config.edge_peers:
peers = self.config.edge_peers[dp]
for peer in peers:
# Flow match destination MAC is
#based on the edge port connected
edge_port = self.config.edge_peers[dp][peer]
match = self.create_egress_match(edge_port)
peer_mac = peer.mac
action = {"set_eth_dst": peer_mac, "fwd": [edge_port]}
self.fm_builder.add_flow_mod("insert", rule_type, FORWARDING_PRIORITY, match, action, self.config.dpid_2_name[dp])
def create_core_match(self, out_port):
mac_1st_byte = '{}'.format('0' + format(out_port, 'x') if len(hex(out_port)) == 3 else format(out_port, 'x'))
eth_dst = ('%s:00:00:00:00:00' % (mac_1st_byte), "ff:00:00:00:00:00")
match = {"eth_dst": eth_dst}
return match
def handle_core_switches(self, rule_type):
for core in self.config.core_edge:
for edge in self.config.core_edge[core]:
# Flow match is based on the core port connected to the
# edge switch
out_port = self.config.core_edge[core][edge]
match = self.create_core_match(out_port)
action = {"fwd": [out_port]}
self.fm_builder.add_flow_mod("insert", rule_type, FORWARDING_PRIORITY, match, action, self.config.dpid_2_name[core] )
# Just send load balancer flows to umbrella.
def handle_load_balancer(self, rule_type):
# multi check
match_byte1 = [0, 0, 0, "00000001"]
match_byte2 = [0, 0, 0, "00000001"]
# create id_matches - init core multi match with id_matches
id_matcher1, id_matcher2 = self.lbal.init_multi_match(match_byte1, match_byte2)
self.lbal.set_core_multi_match(self.config.cores, [id_matcher1, id_matcher2])
# Rule for every Edge
for edge in self.config.edge_core:
# Rule to every Core
for core in self.config.cores:
# Decision for Match is core_id
core_id = self.config.cores[core]
# multi check field(s)
match, metadata = self.lbal.get_ip_multi_match(core_id, ['ipv4_src','ipv4_dst'])
# Build Instruction Meta-Information and Goto-Table
instructions = {"meta": metadata, "fwd": ["umbrella-edge"]}
# Send for every Core to every Edge
self.fm_builder.add_flow_mod("insert", rule_type, LB_PRIORITY, match, instructions, self.config.dpid_2_name[edge])
# Need to handle VNH MACS.
# TODO: Add group to support fast failover.
match = {"eth_type": ETH_TYPE_ARP}
# Picking the last core from the last loop. Should be replaced
# with a group later
metadata = [self.config.cores[core], METADATA_MASK]
instructions = {"meta": metadata, "fwd": ["umbrella-edge"]}
self.fm_builder.add_flow_mod("insert", rule_type, LB_PRIORITY, match, instructions, self.config.dpid_2_name[edge])
def start(self):
self.logger.info('start')
self.handle_ARP("umbrella-edge")
self.handle_ingress_l2("umbrella-edge")
self.handle_core_switches("umbrella-core")
self.handle_egress("umbrella-edge")
self.handle_load_balancer("load-balancer")
self.sender.send(self.fm_builder.get_msg())
self.logger.info('sent flow mods to reference monitor')