[ovs-dev] [PATCH 14/23] ovn: Add new predicates for matching broadcast and multicast packets.

Ben Pfaff blp at nicira.com
Sat Oct 10 04:20:33 UTC 2015


In my opinion, "eth.mcast" is a bit more readable than "eth.dst[40]", and
so on.

Signed-off-by: Ben Pfaff <blp at nicira.com>
---
 ovn/controller/lflow.c      | 4 ++++
 ovn/northd/ovn-northd.8.xml | 4 ++--
 ovn/northd/ovn-northd.c     | 4 ++--
 ovn/ovn-sb.xml              | 3 +++
 4 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/ovn/controller/lflow.c b/ovn/controller/lflow.c
index 2b1984a..066f908 100644
--- a/ovn/controller/lflow.c
+++ b/ovn/controller/lflow.c
@@ -62,6 +62,9 @@ symtab_init(void)
     expr_symtab_add_field(&symtab, "eth.src", MFF_ETH_SRC, NULL, false);
     expr_symtab_add_field(&symtab, "eth.dst", MFF_ETH_DST, NULL, false);
     expr_symtab_add_field(&symtab, "eth.type", MFF_ETH_TYPE, NULL, true);
+    expr_symtab_add_predicate(&symtab, "eth.bcast",
+                              "eth.dst == ff:ff:ff:ff:ff:ff");
+    expr_symtab_add_subfield(&symtab, "eth.mcast", NULL, "eth.dst[40]");
 
     expr_symtab_add_field(&symtab, "vlan.tci", MFF_VLAN_TCI, NULL, false);
     expr_symtab_add_predicate(&symtab, "vlan.present", "vlan.tci[12]");
@@ -80,6 +83,7 @@ symtab_init(void)
 
     expr_symtab_add_field(&symtab, "ip4.src", MFF_IPV4_SRC, "ip4", false);
     expr_symtab_add_field(&symtab, "ip4.dst", MFF_IPV4_DST, "ip4", false);
+    expr_symtab_add_predicate(&symtab, "ip4.mcast", "ip4.dst[28..31] == 0xe");
 
     expr_symtab_add_predicate(&symtab, "icmp4", "ip4 && ip.proto == 1");
     expr_symtab_add_field(&symtab, "icmp4.type", MFF_ICMPV4_TYPE, "icmp4",
diff --git a/ovn/northd/ovn-northd.8.xml b/ovn/northd/ovn-northd.8.xml
index 3731d56..002708b 100644
--- a/ovn/northd/ovn-northd.8.xml
+++ b/ovn/northd/ovn-northd.8.xml
@@ -202,7 +202,7 @@
       <code>eth.src</code>.  Second, packets directed to broadcast or multicast
       <code>eth.dst</code> are always accepted instead of being subject to the
       port security rules; this is implemented through a priority-100 flow that
-      matches on <code>eth.dst[40]</code> with action <code>output;</code>.
+      matches on <code>eth.mcast</code> with action <code>output;</code>.
       Finally, to ensure that even broadcast and multicast packets are not
       delivered to disabled logical ports, a priority-150 flow for each
       disabled logical <code>outport</code> overrides the priority-100 flow
@@ -227,7 +227,7 @@
       <li>
         For each enabled router port <var>P</var> with Ethernet address
         <var>E</var>, a priority-50 flow that matches <code>inport ==
-        <var>P</var> &amp;&amp; (eth.dst[40] || eth.dst ==
+        <var>P</var> &amp;&amp; (eth.mcast || eth.dst ==
         <var>E</var></code>), with action <code>next;</code>.
       </li>
     </ul>
diff --git a/ovn/northd/ovn-northd.c b/ovn/northd/ovn-northd.c
index e698907..089bf75 100644
--- a/ovn/northd/ovn-northd.c
+++ b/ovn/northd/ovn-northd.c
@@ -798,7 +798,7 @@ build_lflows(struct northd_context *ctx, struct hmap *datapaths,
         }
     }
     HMAP_FOR_EACH (od, key_node, datapaths) {
-        ovn_lflow_add(&lflows, od, P_IN, S_IN_L2_LKUP, 100, "eth.dst[40]",
+        ovn_lflow_add(&lflows, od, P_IN, S_IN_L2_LKUP, 100, "eth.mcast",
                       "outport = \""MC_FLOOD"\"; output;");
     }
 
@@ -867,7 +867,7 @@ build_lflows(struct northd_context *ctx, struct hmap *datapaths,
     /* Egress table 1: Egress port security multicast/broadcast (priority
      * 100). */
     HMAP_FOR_EACH (od, key_node, datapaths) {
-        ovn_lflow_add(&lflows, od, P_OUT, S_OUT_PORT_SEC, 100, "eth.dst[40]",
+        ovn_lflow_add(&lflows, od, P_OUT, S_OUT_PORT_SEC, 100, "eth.mcast",
                       "output;");
     }
 
diff --git a/ovn/ovn-sb.xml b/ovn/ovn-sb.xml
index bd116c3..f898f97 100644
--- a/ovn/ovn-sb.xml
+++ b/ovn/ovn-sb.xml
@@ -705,8 +705,11 @@
       </p>
 
       <ul>
+        <li><code>eth.bcast</code> expands to <code>eth.dst == ff:ff:ff:ff:ff:ff</code></li>
+        <li><code>eth.mcast</code> expands to <code>eth.dst[40]</code></li>
         <li><code>vlan.present</code> expands to <code>vlan.tci[12]</code></li>
         <li><code>ip4</code> expands to <code>eth.type == 0x800</code></li>
+        <li><code>ip4.mcast</code> expands to <code>ip4.dst[28..31] == 0xe</code></li>
         <li><code>ip6</code> expands to <code>eth.type == 0x86dd</code></li>
         <li><code>ip</code> expands to <code>ip4 || ip6</code></li>
         <li><code>icmp4</code> expands to <code>ip4 &amp;&amp; ip.proto == 1</code></li>
-- 
2.1.3




More information about the dev mailing list