diff options
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/.gitignore | 2 | ||||
| -rw-r--r-- | tests/automake.mk | 7 | ||||
| -rw-r--r-- | tests/test-controller.8.in | 186 | ||||
| -rw-r--r-- | tests/test-controller.c | 406 |
4 files changed, 601 insertions, 0 deletions
diff --git a/tests/.gitignore b/tests/.gitignore index 2b1049aa2..34187c479 100644 --- a/tests/.gitignore +++ b/tests/.gitignore @@ -13,6 +13,8 @@ /test-bundle /test-byte-order /test-classifier +/test-controller.8 +/test-controller /test-csum /test-file_name /test-flows diff --git a/tests/automake.mk b/tests/automake.mk index f2e0edcc4..099398aa5 100644 --- a/tests/automake.mk +++ b/tests/automake.mk @@ -190,6 +190,13 @@ noinst_PROGRAMS += tests/test-classifier tests_test_classifier_SOURCES = tests/test-classifier.c tests_test_classifier_LDADD = lib/libopenvswitch.a $(SSL_LIBS) +noinst_PROGRAMS += tests/test-controller +MAN_ROOTS += tests/test-controller.8.in +DISTCLEANFILES += utilities/test-controller.8 +noinst_man_MANS += tests/test-controller.8 +tests_test_controller_SOURCES = tests/test-controller.c +tests_test_controller_LDADD = lib/libopenvswitch.a $(SSL_LIBS) + noinst_PROGRAMS += tests/test-csum tests_test_csum_SOURCES = tests/test-csum.c tests_test_csum_LDADD = lib/libopenvswitch.a $(SSL_LIBS) diff --git a/tests/test-controller.8.in b/tests/test-controller.8.in new file mode 100644 index 000000000..62bfa0f57 --- /dev/null +++ b/tests/test-controller.8.in @@ -0,0 +1,186 @@ + .\" -*- nroff -*- +.de IQ +. br +. ns +. IP "\\$1" +.. +.TH test\-controller 8 "@VERSION@" "Open vSwitch" "Open vSwitch Manual" +.ds PN test\-controller +. +.SH NAME +test\-controller \- simple OpenFlow controller for testing +. +.SH SYNOPSIS +.B test\-controller +[\fIoptions\fR] \fImethod\fR \fB[\fImethod\fR]\&... +. +.SH DESCRIPTION +.PP +\fBtest\-controller\fR is a simple OpenFlow controller. It is very +easy to set up, so it may be suitable for initial testing of +connectivity between an OpenFlow switch and a controller. It may also +be useful for developer testing and debugging of some Open vSwitch +features. +.PP +\fBtest\-controller\fR is not a general-purpose OpenFlow controller. +It does not make sense to deploy it routinely or in production. +\fBtest\-controller\fR does not provide any features that are not +built into Open vSwitch, and lacks many that are built in to Open +vSwitch, so adding it to an Open vSwitch deployment actually reduces +functionality and performance while increasing latency. +.PP +\fBtest\-controller\fR manages any number of remote switches over +OpenFlow protocol, causing them to function as L2 MAC-learning +switches or hub. The switches it controls are specified as one or +more of the following OpenFlow connection methods: +. +.RS +.so lib/vconn-passive.man +.so lib/vconn-active.man +.RE +. +.SH OPTIONS +.IP "\fB\-n\fR" +.IQ "\fB\-\-noflow\fR" +By default, \fBtest\-controller\fR sets up a flow in each OpenFlow switch +whenever it receives a packet whose destination is known due through +MAC learning. This option disables flow setup, so that every packet +in the network passes through the controller. +.IP +This option is most useful for debugging. It reduces switching +performance, so it should not be used in production. +. +.TP +\fB\-\-max\-idle=\fIsecs\fR|\fBpermanent\fR +Sets \fIsecs\fR as the number of seconds that a flow set up by the +controller will remain in the switch's flow table without any matching +packets being seen. If \fBpermanent\fR is specified, which is not +recommended, flows will never expire. The default is 60 seconds. +.IP +This option has no effect when \fB\-n\fR (or \fB\-\-noflow\fR) is in use +(because the controller does not set up flows in that case). +. +.IP "\fB\-H\fR" +.IQ "\fB\-\-hub\fR" +By default, the controller acts as an L2 MAC-learning switch. This +option changes its behavior to that of a hub that floods packets on +all but the incoming port. +.IP +If \fB\-H\fR (or \fB\-\-hub\fR) and \fB\-n\fR (or \fB\-\-noflow\fR) are used +together, then the cumulative effect is that every packet passes +through the controller and every packet is flooded. +.IP +This option is most useful for debugging. It reduces switching +performance, so it should not be used in production. +. +.IP "\fB\-w\fR[\fIwildcard_mask\fR]" +.IQ "\fB\-\-wildcards\fR[\fB=\fIwildcard_mask\fR]\fR" +By default, \fBtest\-controller\fR sets up exact-match flows. This +option allows it to set up wildcarded flows, which may reduce +flow setup latency by causing less traffic to be sent up to the +controller. +.IP +The optional \fIwildcard_mask\fR is an OpenFlow wildcard bitmask in +hexadecimal that specifies the fields to wildcard. If no +\fIwildcard_mask\fR is specified, the default value 0x2820F0 is used +which specifies L2-only switching and wildcards L3 and L4 fields. +Another interesting value is 0x2000EC, which specifies L3-only +switching and wildcards L2 and L4 fields. +.IP +This option has no effect when \fB\-n\fR (or \fB\-\-noflow\fR) is in use +(because the controller does not set up flows in that case). +. +.IP "\fB\-N\fR" +.IQ "\fB\-\-normal\fR" +By default, \fBtest\-controller\fR directs packets to a particular port +or floods them. This option causes it to direct non-flooded packets +to the OpenFlow \fBOFPP_NORMAL\fR port. This allows the switch itself +to make decisions about packet destinations. Support for +\fBOFPP_NORMAL\fR is optional in OpenFlow, so this option may not well +with some non-Open vSwitch switches. +. +.IP "\fB\-\-mute\fR" +Prevents test\-controller from replying to any OpenFlow messages sent +to it by switches. +.IP +This option is only for debugging the Open vSwitch implementation of +``fail open'' mode. It must not be used in production. +. +.IP "\fB\-q \fIid\fR" +.IQ "\fB\-\-queue=\fIid\fR" +By default, \fBtest\-controller\fR uses the default OpenFlow queue for +sending packets and setting up flows. Use one of these options, +supplying \fIid\fR as an OpenFlow queue ID as a decimal number, to +instead use that specific queue. +.IP +This option is incompatible with \fB\-N\fR or \fB\-\-normal\fR and +with \fB\-H\fR or \fB\-\-hub\fR. If more than one is specified then +this option takes precedence. +.IP +This option may be useful for testing or debugging quality of service +setups. +. +.IP "\fB\-Q \fIport-name\fB:\fIqueue-id\fR" +.IP "\fB\-\-port\-queue \fIport-name\fB:\fIqueue-id\fR" +Configures packets received on the port named \fIport-name\fR +(e.g. \fBeth0\fR) to be output on OpenFlow queue ID \fIqueue-id\fR +(specified as a decimal number). For the specified port, this option +overrides the default specified on \fB\-q\fR or \fB\-\-queue\fR. +.IP +This option may be specified any number of times with different +\fIport-name\fR arguments. +.IP +This option is incompatible with \fB\-N\fR or \fB\-\-normal\fR and +with \fB\-H\fR or \fB\-\-hub\fR. If more than one is specified then +this option takes precedence. +.IP +This option may be useful for testing or debugging quality of service +setups. +. +.IP "\fB\-\-with\-flows \fIfile\fR" +When a switch connects, push the flow entries as described in +\fIfile\fR. Each line in \fIfile\fR is a flow entry in the format +described for the \fBadd\-flows\fR command in the \fBFlow Syntax\fR +section of the \fBovs\-ofctl\fR(8) man page. +.IP +Use this option more than once to add flows from multiple files. +. +.SS "Public Key Infrastructure Options" +.so lib/ssl.man +.so lib/ssl-peer-ca-cert.man +.ds DD +.so lib/daemon.man +.so lib/vlog.man +.so lib/unixctl.man +.so lib/common.man +.so so lib/ofp-version.man +. +.SH EXAMPLES +.PP +To bind locally to port 6633 (the default) and wait for incoming +connections from OpenFlow switches: +.IP +\fB% test\-controller ptcp:\fR +.PP +In the future, the default port number will change to 6653, which is the +IANA-defined value. +.SH "BUGS" +.PP +Configuring a Citrix XenServer to connect to a particular controller +only points the remote OVSDB management connection to that controller. +It does not also configure OpenFlow connections, because the manager +is expected to do that over the management protocol. +\fBtest\-controller\fR is not an Open vSwitch manager and does not know +how to do that. +.PP +As a stopgap workaround, \fBovs\-vsctl\fR can wait for an OVSDB +connection and set the controller, e.g.: +.IP +\fB% ovs\-vsctl \-t0 \-\-db=pssl: \-\-certificate=cert.pem +\-\-ca\-cert=none \-\-private\-key=privkey.pem +\-\-peer\-ca\-cert=cacert.pem set\-controller ssl:\fIip\fR +.SH "SEE ALSO" +. +.BR ovs\-appctl (8), +.BR ovs\-ofctl (8), +.BR ovs\-dpctl (8) diff --git a/tests/test-controller.c b/tests/test-controller.c new file mode 100644 index 000000000..9596ad4ad --- /dev/null +++ b/tests/test-controller.c @@ -0,0 +1,406 @@ +/* + * Copyright (c) 2008, 2009, 2010, 2011, 2012, 2013 Nicira, Inc. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <config.h> + +#include <errno.h> +#include <getopt.h> +#include <limits.h> +#include <signal.h> +#include <stdlib.h> +#include <stdio.h> +#include <string.h> + +#include "command-line.h" +#include "compiler.h" +#include "daemon.h" +#include "learning-switch.h" +#include "ofp-parse.h" +#include "ofp-version-opt.h" +#include "ofpbuf.h" +#include "openflow/openflow.h" +#include "poll-loop.h" +#include "rconn.h" +#include "simap.h" +#include "stream-ssl.h" +#include "timeval.h" +#include "unixctl.h" +#include "util.h" +#include "vconn.h" +#include "vlog.h" +#include "socket-util.h" +#include "ofp-util.h" + +VLOG_DEFINE_THIS_MODULE(controller); + +#define MAX_SWITCHES 16 +#define MAX_LISTENERS 16 + +struct switch_ { + struct lswitch *lswitch; +}; + +/* -H, --hub: Learn the ports on which MAC addresses appear? */ +static bool learn_macs = true; + +/* -n, --noflow: Set up flows? (If not, every packet is processed at the + * controller.) */ +static bool set_up_flows = true; + +/* -N, --normal: Use "NORMAL" action instead of explicit port? */ +static bool action_normal = false; + +/* -w, --wildcard: 0 to disable wildcard flow entries, an OFPFW10_* bitmask to + * enable specific wildcards, or UINT32_MAX to use the default wildcards. */ +static uint32_t wildcards = 0; + +/* --max-idle: Maximum idle time, in seconds, before flows expire. */ +static int max_idle = 60; + +/* --mute: If true, accept connections from switches but do not reply to any + * of their messages (for debugging fail-open mode). */ +static bool mute = false; + +/* -q, --queue: default OpenFlow queue, none if UINT32_MAX. */ +static uint32_t default_queue = UINT32_MAX; + +/* -Q, --port-queue: map from port name to port number. */ +static struct simap port_queues = SIMAP_INITIALIZER(&port_queues); + +/* --with-flows: Flows to send to switch. */ +static struct ofputil_flow_mod *default_flows; +static size_t n_default_flows; +static enum ofputil_protocol usable_protocols; + +/* --unixctl: Name of unixctl socket, or null to use the default. */ +static char *unixctl_path = NULL; + +static void new_switch(struct switch_ *, struct vconn *); +static void parse_options(int argc, char *argv[]); +static void usage(void) NO_RETURN; + +int +main(int argc, char *argv[]) +{ + struct unixctl_server *unixctl; + struct switch_ switches[MAX_SWITCHES]; + struct pvconn *listeners[MAX_LISTENERS]; + int n_switches, n_listeners; + int retval; + int i; + + proctitle_init(argc, argv); + set_program_name(argv[0]); + parse_options(argc, argv); + signal(SIGPIPE, SIG_IGN); + + if (argc - optind < 1) { + ovs_fatal(0, "at least one vconn argument required; " + "use --help for usage"); + } + + n_switches = n_listeners = 0; + for (i = optind; i < argc; i++) { + const char *name = argv[i]; + struct vconn *vconn; + + retval = vconn_open(name, get_allowed_ofp_versions(), DSCP_DEFAULT, + &vconn); + if (!retval) { + if (n_switches >= MAX_SWITCHES) { + ovs_fatal(0, "max %d switch connections", n_switches); + } + new_switch(&switches[n_switches++], vconn); + continue; + } else if (retval == EAFNOSUPPORT) { + struct pvconn *pvconn; + retval = pvconn_open(name, get_allowed_ofp_versions(), + DSCP_DEFAULT, &pvconn); + if (!retval) { + if (n_listeners >= MAX_LISTENERS) { + ovs_fatal(0, "max %d passive connections", n_listeners); + } + listeners[n_listeners++] = pvconn; + } + } + if (retval) { + VLOG_ERR("%s: connect: %s", name, ovs_strerror(retval)); + } + } + if (n_switches == 0 && n_listeners == 0) { + ovs_fatal(0, "no active or passive switch connections"); + } + + daemonize_start(); + + retval = unixctl_server_create(unixctl_path, &unixctl); + if (retval) { + exit(EXIT_FAILURE); + } + + daemonize_complete(); + + while (n_switches > 0 || n_listeners > 0) { + /* Accept connections on listening vconns. */ + for (i = 0; i < n_listeners && n_switches < MAX_SWITCHES; ) { + struct vconn *new_vconn; + + retval = pvconn_accept(listeners[i], &new_vconn); + if (!retval || retval == EAGAIN) { + if (!retval) { + new_switch(&switches[n_switches++], new_vconn); + } + i++; + } else { + pvconn_close(listeners[i]); + listeners[i] = listeners[--n_listeners]; + } + } + + /* Do some switching work. . */ + for (i = 0; i < n_switches; ) { + struct switch_ *this = &switches[i]; + lswitch_run(this->lswitch); + if (lswitch_is_alive(this->lswitch)) { + i++; + } else { + lswitch_destroy(this->lswitch); + switches[i] = switches[--n_switches]; + } + } + + unixctl_server_run(unixctl); + + /* Wait for something to happen. */ + if (n_switches < MAX_SWITCHES) { + for (i = 0; i < n_listeners; i++) { + pvconn_wait(listeners[i]); + } + } + for (i = 0; i < n_switches; i++) { + struct switch_ *sw = &switches[i]; + lswitch_wait(sw->lswitch); + } + unixctl_server_wait(unixctl); + poll_block(); + } + + return 0; +} + +static void +new_switch(struct switch_ *sw, struct vconn *vconn) +{ + struct lswitch_config cfg; + struct rconn *rconn; + + rconn = rconn_create(60, 0, DSCP_DEFAULT, get_allowed_ofp_versions()); + rconn_connect_unreliably(rconn, vconn, NULL); + + cfg.mode = (action_normal ? LSW_NORMAL + : learn_macs ? LSW_LEARN + : LSW_FLOOD); + cfg.wildcards = wildcards; + cfg.max_idle = set_up_flows ? max_idle : -1; + cfg.default_flows = default_flows; + cfg.n_default_flows = n_default_flows; + cfg.usable_protocols = usable_protocols; + cfg.default_queue = default_queue; + cfg.port_queues = &port_queues; + cfg.mute = mute; + sw->lswitch = lswitch_create(rconn, &cfg); +} + +static void +add_port_queue(char *s) +{ + char *save_ptr = NULL; + char *port_name; + char *queue_id; + + port_name = strtok_r(s, ":", &save_ptr); + queue_id = strtok_r(NULL, "", &save_ptr); + if (!queue_id) { + ovs_fatal(0, "argument to -Q or --port-queue should take the form " + "\"<port-name>:<queue-id>\""); + } + + if (!simap_put(&port_queues, port_name, atoi(queue_id))) { + ovs_fatal(0, "<port-name> arguments for -Q or --port-queue must " + "be unique"); + } +} + +static void +parse_options(int argc, char *argv[]) +{ + enum { + OPT_MAX_IDLE = UCHAR_MAX + 1, + OPT_PEER_CA_CERT, + OPT_MUTE, + OPT_WITH_FLOWS, + OPT_UNIXCTL, + VLOG_OPTION_ENUMS, + DAEMON_OPTION_ENUMS, + OFP_VERSION_OPTION_ENUMS + }; + static const struct option long_options[] = { + {"hub", no_argument, NULL, 'H'}, + {"noflow", no_argument, NULL, 'n'}, + {"normal", no_argument, NULL, 'N'}, + {"wildcards", optional_argument, NULL, 'w'}, + {"max-idle", required_argument, NULL, OPT_MAX_IDLE}, + {"mute", no_argument, NULL, OPT_MUTE}, + {"queue", required_argument, NULL, 'q'}, + {"port-queue", required_argument, NULL, 'Q'}, + {"with-flows", required_argument, NULL, OPT_WITH_FLOWS}, + {"unixctl", required_argument, NULL, OPT_UNIXCTL}, + {"help", no_argument, NULL, 'h'}, + DAEMON_LONG_OPTIONS, + OFP_VERSION_LONG_OPTIONS, + VLOG_LONG_OPTIONS, + STREAM_SSL_LONG_OPTIONS, + {"peer-ca-cert", required_argument, NULL, OPT_PEER_CA_CERT}, + {NULL, 0, NULL, 0}, + }; + char *short_options = long_options_to_short_options(long_options); + + for (;;) { + int indexptr; + char *error; + int c; + + c = getopt_long(argc, argv, short_options, long_options, &indexptr); + if (c == -1) { + break; + } + + switch (c) { + case 'H': + learn_macs = false; + break; + + case 'n': + set_up_flows = false; + break; + + case OPT_MUTE: + mute = true; + break; + + case 'N': + action_normal = true; + break; + + case 'w': + wildcards = optarg ? strtol(optarg, NULL, 16) : UINT32_MAX; + break; + + case OPT_MAX_IDLE: + if (!strcmp(optarg, "permanent")) { + max_idle = OFP_FLOW_PERMANENT; + } else { + max_idle = atoi(optarg); + if (max_idle < 1 || max_idle > 65535) { + ovs_fatal(0, "--max-idle argument must be between 1 and " + "65535 or the word 'permanent'"); + } + } + break; + + case 'q': + default_queue = atoi(optarg); + break; + + case 'Q': + add_port_queue(optarg); + break; + + case OPT_WITH_FLOWS: + error = parse_ofp_flow_mod_file(optarg, OFPFC_ADD, &default_flows, + &n_default_flows, + &usable_protocols, false); + if (error) { + ovs_fatal(0, "%s", error); + } + break; + + case OPT_UNIXCTL: + unixctl_path = optarg; + break; + + case 'h': + usage(); + + VLOG_OPTION_HANDLERS + OFP_VERSION_OPTION_HANDLERS + DAEMON_OPTION_HANDLERS + + STREAM_SSL_OPTION_HANDLERS + + case OPT_PEER_CA_CERT: + stream_ssl_set_peer_ca_cert_file(optarg); + break; + + case '?': + exit(EXIT_FAILURE); + + default: + abort(); + } + } + free(short_options); + + if (!simap_is_empty(&port_queues) || default_queue != UINT32_MAX) { + if (action_normal) { + ovs_error(0, "queue IDs are incompatible with -N or --normal; " + "not using OFPP_NORMAL"); + action_normal = false; + } + + if (!learn_macs) { + ovs_error(0, "queue IDs are incompatible with -H or --hub; " + "not acting as hub"); + learn_macs = true; + } + } +} + +static void +usage(void) +{ + printf("%s: OpenFlow controller\n" + "usage: %s [OPTIONS] METHOD\n" + "where METHOD is any OpenFlow connection method.\n", + program_name, program_name); + vconn_usage(true, true, false); + daemon_usage(); + ofp_version_usage(); + vlog_usage(); + printf("\nOther options:\n" + " -H, --hub act as hub instead of learning switch\n" + " -n, --noflow pass traffic, but don't add flows\n" + " --max-idle=SECS max idle time for new flows\n" + " -N, --normal use OFPP_NORMAL action\n" + " -w, --wildcards[=MASK] wildcard (specified) bits in flows\n" + " -q, --queue=QUEUE-ID OpenFlow queue ID to use for output\n" + " -Q PORT-NAME:QUEUE-ID use QUEUE-ID for frames from PORT-NAME\n" + " --with-flows FILE use the flows from FILE\n" + " --unixctl=SOCKET override default control socket name\n" + " -h, --help display this help message\n" + " -V, --version display version information\n"); + exit(EXIT_SUCCESS); +} |