| Age | Commit message (Collapse) | Author |
|---|
|
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Henceforth, Ryu-Book includes the source files for application of Ryu.
This patch Integrates the source files for application of Ryu-Book.
Just for information, the source files for application of Ryu-Book
will Integrate as for OpenFlow1.3.
Signed-off-by: Shinpei Muraoka <shinpei.muraoka@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
To create GRE tunnel, the local_ip field is not mandatory field.
This patch makes the local_ip field to optional for the convenience.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
According to ovs-vswitchd.conf.db(5), the tag column is an integer
in range 0 to 4095, but OVS may returns the empty list [] as the
default value.
OTOH, Ryu expects an integer type as the default and fails to get
the port information in the table.
This patch enables to catch the empty list as the default and
fixes this problem.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Currently, stplib compares the status of OFPPortStatus message with
that of Datapath instance, but this comparison returns always "equal",
so stplib fails to get the correct port status.
This patch fixes to store the current port status and to compare the
new status with the stored status.
Signed-off-by: Shinpei Muraoka <shinpei.muraoka@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
cmp() func was introduced for Python 3 compatibility before,
but this implementation is not enough, because a MAC address
can not be compared with a Bridge ID (integer value) by com() func.
This patch fixes to convert the MAC address into an integer value
before comparing with Bridge ID and fixes this problem.
Signed-off-by: Shinpei Muraoka <shinpei.muraoka@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Currently, in Python3, api.operator call APIs, which are used by
BGPSpeaker.rib_get() for example, cannot be registered correctly.
So call('operator.show', **kwargs) fails to get the registered
method by the symbol 'operator.show'.
This patch simplifies the registration decorator for api.operator
call APIs and fixes this problem.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Recently, I discovered major multipart message parser flaw. The issue
was observed while testing Aggregate Flow Statistics message in OpenFlow
1.5 and Open vSwitch. Similar (and potentially also vulnerable) code
snippets are also present in other message parsers (e.g. OFPHello). I'd
like to ask for opinions on proposed solution. If accepted, similar
patches should also be applied for other message parsers.
Brief description (steps to reproduce the issue):
1. REST API is called to retrieve aggregate flow stats:
curl http://localhost:8080/stats/aggregateflow/8796750139643
2. Open vSwitch replies to Aggregate Stats Request with Aggregate Stats
Reply:
message buffer: 0x06 0x13 0x00 0x28 0x53 0xfe 0xc4 0xaf 0x00 0x02 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
0x00
(note that due to incomplete OF 1.5 support in OvS, message is
malformed - ofp_stats struct filled with zeros)
3. Message is processed by Ryu parsers:
ofproto_parser.msg -> ofproto_v1_5_parser.msg_parser ->
ofproto_v1_5_parser.OFPMultipartReply.parser
4. Here, message body contents are parsed
(ofproto_v1_5_parser.OFPMultipartReply.parser, lines 1858-1861):
while offset < msg_len:
b = stats_type_cls.cls_stats_body_cls.parser(msg.buf, offset)
body.append(b)
offset += b.length if hasattr(b, 'length') else b.len
5. Due to incorrect message format, zero-filled message part is parsed
as b=OFPAggregateStats(length=0,stats=OFPStats(oxs_fields={})),
resulting in constant offset value, as in each iteration offset += 0.
6. Parser remains trapped in a infinite loop with offset = 16, msg_len =
40. Ryu controller hangs completely.
OFPMultipartReply parser was observed to handle malformed messages
improperly. The patch introduces offset check to fix processing of
malformed messages in ofproto_v1_5_parser.OFPMultipartReply.parser.
Signed-off-by: Michal Rzepka <mrzepka@student.agh.edu.pl>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
This fixes the problem of the payload being always shown when another field
differs between ingress and egress test.
Signed-off-by: Monthadar Al Jaberi <monthadar.al-jaberi@infinera.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
This Nicira extension field is VLAN VID+CFI+PCP.
OXM_OF_VLAN_VID and OXM_OF_VLAN_PCP should work fine in theory, but
in OvS it seems vlan_tci must be used to access the CFI bit from
NX_LEARN actions.
Signed-off-by: IWAMOTO Toshihiro <iwamoto@valinux.co.jp>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Currently, when BGPSpeaker instance calls 'core.stop', CORE_MANAGER
fails to stop its own activities and outputs traceback, because the
dictionaries which maps name to instance are changed during iteration.
This patch makes a list copy of items() to avoid this problem and
enable to shutdown gracefully.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
To get more detail information about BGP route by using
best_path_change_handler, this patch adds path member into
EventPrefix and implements property to get existing attributes.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Currently, VRF Table supposes the incoming NLRI has MPLS labels
field, but some EVPN NLRI don't have MPLS labels field, and
BGPSpeaker fails to import the incoming routes from the neighbours.
This patch fixes this problem.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
This patch adds the missing support for importing EVPN Table from
the Global Table to VRF Table when BGPSpeaker recieved a new EVPN
route.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
This patch fixes incorrect conversion of De Morgan's laws.
e.g.) not (A and B) == not A or not B
Original:
if not (vpn_path.source is None
and route_dist == vrf_table.vrf_conf.route_dist):
Incorrect:
if (vpn_path.source is not None and # !!! Should be "or"
route_dist != vrf_table.vrf_conf.route_dist):
Correct:
if (vpn_path.source is not None or
route_dist != vrf_table.vrf_conf.route_dist):
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
This patch enables to advertise VNI as MPLS lables field in the
MAC/IP Advertisement Route of EVPN.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
This patch adds support to advertise the BGP Tunnel Encapsulation
Attribute for the Ethernet VPN Routes.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
This patch adds the support for BGP Encapsulation Extended Community
[RFC5512].
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
This is a minimal change to keep the supplied sample code
working with latest software. The sample code is not compatible
with OFP v1.3+, and if there is no requirement on supported version
Ryu will probably accept latest supported OF switch.
Signed-off-by: Monthadar Al Jaberi <monthadar.al-jaberi@infinera.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
add description about role API
Signed-off-by: tungyueh <tylin.cs03g@nctu.edu.tw>
Reviewed-by: Iwase Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Invalid OFPFlowMod flag and importance values were observed when using
app/ofctl_rest. This patch restores the proper order of arguments passed
to OFPFlowMod constructor in mod_flow_entry (ofctl_v1_4.py).
Signed-off-by: Michal Rzepka <mrzepka@student.agh.edu.pl>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
loop DoS
When the controller receive loop currently accepts an OpenFlow
message, it does not validate the message length. As a result, a
malicious or malfunctioning switch could cause send a message that
would result in the receive loop making no forward progress.
This patch ensures that the message length passed in the OpenFlow
message is validated against the specified minimum, and forced to that
value if it is smaller.
Thanks to Samuel Jero (at Purdue's Dependable and Secure Distributed
Systems Lab) for discovering this issue.
Signed-off-by: Victor J. Orlikowski <vjo@duke.edu>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Usage: After installing Ryu (on virtualenv is better), build a
ryu-manager executable as following:
$ pip install PyInstaller==3.1.1
$ cd tools/
$ pyinstaller ryu-manager.spec
$ ./dist/ryu-manager
Note: PyInstaller==3.2 may have a bug of str encoding, please use
Pyinstaller==3.1.1 instead.
https://github.com/pyinstaller/pyinstaller/issues/1976
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Navigates back the stack to locate the module instead of relying on
inspect to locate the module based on the file name.
This patch is suggested by papostolescu as Pull Request(*1)
on GitHub.
(*1) https://github.com/osrg/ryu/pull/26
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Because the NLRI_CLASS of the VRF EVPN Table is the same as the
NLRI_CLASS of the Global EVPN Table, the str representation can not
be distinguished with 'formatted_nlri_str' format.
So, 'show vrf' commands on the SSH console returns the str outputs
with Route Distinguisher (RD) even if the route on the VRF Table
can be identified without RD value.
This patch implements the str representation properties to output
BGP routes on SSH console.
Current: RD '65001:100' is duplicated
bgpd> show vrf all
VPN: ('65001:100', 'evpn')
*> 65001:100:multicast_etag(ethernet_tag_id:300,ip_addr:10.10.1.0) None 0.0.0.0 Only Path ?
With this patch:
bgpd> show vrf all
VPN: ('65001:100', 'evpn')
*> multicast_etag(ethernet_tag_id:300,ip_addr:10.10.1.0) None 0.0.0.0 Only Path ?
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Currently, RegisterWithArgChecks validates only required arguments,
so invalid arguments might be passed through if the arguments are
registered as optionals.
This patch fixes to enable validation for optional arguments.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
In the validator for the API arguments should raise exception
when the validator detects invalid arguments, otherwise the
decorator for registering API functions, RegisterWithArgChecks,
can pass through the invalid arguments.
This patch fixes this problem.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
This patch fixes to reduce Pylint warnings, to use 'netaddr' utilities
and to reduce redundant if statements.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
This patch remames the internal (not for users) API for the consistency,
and add missing docstring.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
This patch enables BGPSpeaker to store EVPN routes into the VRF
tables and to provide the API for advertising routes.
Usage example:
speaker = BGPSpeaker(as_number=65001,
router_id='172.17.0.1')
speaker.neighbor_add(address='172.17.0.2', remote_as=65002,
enable_evpn=True)
speaker.vrf_add(route_dist='65001:100',
import_rts=['65001:100'],
export_rts=['65001:100'],
route_family=RF_L2_EVPN)
speaker.evpn_prefix_add(route_type=EVPN_MAC_IP_ADV_ROUTE,
route_dist='65001:100',
esi=0,
ethernet_tag_id=200,
mac_addr='aa:bb:cc:dd:ee:ff',
ip_addr='10.0.0.1',
next_hop='172.19.0.1')
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
This patch enables BGPSpeaker to advertise BGP EVPN routes and
store the advertised BGP EVPN routes from the neighbors.
TODO:
- To support the VRF table for BGP EVPN routes.
This patch supports the global table only.
- To implement Multihoming Functions.
Currently, ONLY Single-Homing is supported.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Currently, SSH console of BGPSpeaker fails to recieve commands from
user when it is running on Python3 due to the binary conversion.
This patch fixes this problem and enables to use SSH console on
Python3.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
|
This patch fixes the TCP packet parser to return the BGP packet
parser class if the TCP src or dst port is the reserved BGP port
and enable to parse the entire packet data.
Signed-off-by: IWASE Yusuke <iwase.yusuke0@gmail.com>
Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
|
