def tcp_udp_flows(self, vlan_id, nfvip, eth_type, nat_flows): return ( # Learn from coprocessor port/do inbound translation. (self.FROM_COPRO_TABLE, parser.OFPMatch(eth_type=eth_type, vlan_vid=vlan_id), nat_flows(nfvip)), # Packets from coprocessor go to tuple inbound table. (self.INTF_TABLE, parser.OFPMatch(eth_type=eth_type, ip_proto=socket.IPPROTO_TCP, in_port=COPROPORT, vlan_vid=vlan_id), [parser.OFPInstructionGotoTable(self.FROM_COPRO_TABLE)]), (self.INTF_TABLE, parser.OFPMatch(eth_type=eth_type, ip_proto=socket.IPPROTO_UDP, in_port=COPROPORT, vlan_vid=vlan_id), [parser.OFPInstructionGotoTable(self.FROM_COPRO_TABLE)]), # Packets from fake interface go outbound table. (self.INTF_TABLE, parser.OFPMatch(eth_type=eth_type, ip_proto=socket.IPPROTO_TCP, in_port=FAKEPORT, vlan_vid=vlan_id), [parser.OFPInstructionGotoTable(self.TO_COPRO_TABLE)]), (self.INTF_TABLE, parser.OFPMatch(eth_type=eth_type, ip_proto=socket.IPPROTO_UDP, in_port=FAKEPORT, vlan_vid=vlan_id), [parser.OFPInstructionGotoTable(self.TO_COPRO_TABLE)]))
def ipv4_flows(self, vlan_id, nfvip): return ( # Program OVS to respond to ARP on fake port. (self.TO_COPRO_TABLE, parser.OFPMatch(eth_type=ether.ETH_TYPE_ARP, vlan_vid=vlan_id), self.arp_reply_actions()), (self.INTF_TABLE, parser.OFPMatch(eth_type=ether.ETH_TYPE_ARP, eth_src=FAKESERVERMAC, in_port=FAKEPORT, arp_op=arp.ARP_REQUEST, vlan_vid=vlan_id), [parser.OFPInstructionGotoTable( self.TO_COPRO_TABLE)])) + self.tcp_udp_flows( vlan_id, nfvip, ether.ETH_TYPE_IP, self.natv4_flows)
def send_req(self): if self.ryudp: match = parser.OFPMatch() self.req = parser.OFPFlowStatsRequest( self.ryudp, 0, ofp.OFPTT_ALL, ofp.OFPP_ANY, ofp.OFPG_ANY, 0, 0, match) self.ryudp.send_msg(self.req)
def match(match_fields): """Return OpenFlow matches from dict. Args: match_fields (dict): match fields and values. Returns: ryu.ofproto.ofproto_v1_3_parser.OFPMatch: matches. """ return parser.OFPMatch(**match_fields)
def ipv6_flows(self, vlan_id, nfvip): return ( (self.INTF_TABLE, parser.OFPMatch(eth_type=ether.ETH_TYPE_IPV6, vlan_vid=vlan_id, ip_proto=socket.IPPROTO_ICMPV6, icmpv6_type=icmpv6.ND_NEIGHBOR_SOLICIT), self.apply_actions([parser.OFPActionOutput( ofp.OFPP_CONTROLLER)])), ) + self.tcp_udp_flows( vlan_id, nfvip, ether.ETH_TYPE_IPV6, self.natv6_flows)
def test_reply_ttl_invalid_message_with_rate_limit(self): pkt = packet.Packet() pkt.add_protocol(ethernet.ethernet(dst='aa:bb:cc:dd:ee:ff')) pkt.add_protocol(ipv4.ipv4(proto=in_proto.IPPROTO_UDP)) pkt.add_protocol(udp.udp()) pkt.serialize() lswitch = l2.LogicalSwitch( id='lswitch1', topic='topic1', unique_key=9, version=1, ) self.app.db_store.update(lswitch) lrouter = l3.LogicalRouter( id='lrouter1', topic='topic1', version=1, unique_key=22, ports=[ l3.LogicalRouterPort( id='lrouter1-port1', unique_key=55, topic='topic1', mac='aa:bb:cc:dd:ee:ff', network='10.0.0.1/24', lswitch='lswitch1', ), ], ) self.app.db_store.update(lrouter) event = ofp_event.EventOFPMsgBase(msg=ofproto_parser.OFPPacketIn( datapath=mock.Mock(), reason=self.app.ofproto.OFPR_INVALID_TTL, match=ofproto_parser.OFPMatch( metadata=lswitch.unique_key, reg5=lrouter.unique_key, ), data=pkt.data, )) with mock.patch("dragonflow.controller.common." "icmp_error_generator.generate") as icmp_error: for _ in range(self.app.conf.router_ttl_invalid_max_rate * 2): self.app.packet_in_handler(event) self.assertEqual(self.app.conf.router_ttl_invalid_max_rate, icmp_error.call_count) icmp_error.assert_called_with(icmp.ICMP_TIME_EXCEEDED, icmp.ICMP_TTL_EXPIRED_CODE, mock.ANY, "10.0.0.1", mock.ANY)
def match_from_dict(match_dict): """Parse a match dict into a OFPMatch object""" kwargs = {} for of_match, field in match_dict.items(): of_match = OLD_MATCH_FIELDS.get(of_match, of_match) test_config_condition(of_match not in MATCH_FIELDS, 'Unknown match field: %s' % of_match) try: encoded_field = MATCH_FIELDS[of_match](field) except TypeError as type_error: raise InvalidConfigError('%s cannot be type %s' % (of_match, type(field))) from type_error kwargs[of_match] = encoded_field return parser.OFPMatch(**kwargs)
def test_reply_icmp_unreachable_with_rate_limit(self): pkt = packet.Packet() pkt.add_protocol(ethernet.ethernet(dst='aa:bb:cc:dd:ee:ff')) pkt.add_protocol(ipv4.ipv4(dst='10.0.0.1', proto=in_proto.IPPROTO_UDP)) pkt.add_protocol(udp.udp()) pkt.serialize() lrouter = l3.LogicalRouter( id='lrouter1', topic='topic1', version=1, unique_key=22, ports=[ l3.LogicalRouterPort( id='lrouter1-port1', unique_key=55, topic='topic1', mac='aa:bb:cc:dd:ee:ff', network='10.0.0.1/24', ), ], ) self.app.db_store.update(lrouter) event = ofp_event.EventOFPMsgBase(msg=ofproto_parser.OFPPacketIn( datapath=mock.Mock(), reason=self.app.ofproto.OFPR_PACKET_IN, match=ofproto_parser.OFPMatch(reg7=lrouter.ports[0].unique_key, ), data=pkt.data, )) with mock.patch("dragonflow.controller.common." "icmp_error_generator.generate") as icmp_error: for _ in range(self.app.conf.router_port_unreach_max_rate * 2): self.app.packet_in_handler(event) self.assertEqual(self.app.conf.router_port_unreach_max_rate, icmp_error.call_count) icmp_error.assert_called_with(icmp.ICMP_DEST_UNREACH, icmp.ICMP_PORT_UNREACH_CODE, pkt.data, pkt=mock.ANY)
def generate_all_matches(): """ Generate all OpenFlow Extensible Matches (oxm) and return a single OFPMatch with all of these oxms. The value for each oxm is the largest value possible for the data type. For example, the largest number for a 4 bit int is 15. """ matches = dict() for oxm_type in ofproto.oxm_types: if oxm_type.type == type_desc.MacAddr: value = 'ff:ff:ff:ff:ff:ff' elif oxm_type.type == type_desc.IPv4Addr: value = '255.255.255.255' elif oxm_type.type == type_desc.IPv6Addr: value = 'ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff' elif isinstance(oxm_type.type, type_desc.IntDescr): value = 2**oxm_type.type.size - 1 else: continue matches[oxm_type.name] = value return parser.OFPMatch(**matches)