Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Next »

There was recently some confusion in this thread about exactly how to create a FlowMod with for network sources/destinations with a CIDR netmask (and some of the advice given was not current). Here is a code example that works:

(info)

This documentation is for pre-v1.0 releases of Floodlight, such as v0.9 and v0.91. Wildcards are handled for you behind the scenes in Floodlight v1.0.

OFMatch Wildcards Example
        OFMatch match = new OFMatch()

        match.setNetworkSource(IPv4.toIPv4Address("192.168.12.0"));      // (1)
        match.setNetworkDestination(IPv4.toIPv4Address("10.0.0.0"));       // (2)
        match.setWildcards(Wildcards.FULL.withNwSrcMask(24).withNwDstMask(8));      // (3) 

Explanation: Setting an IP address with a netmask in an OFMatch is a two step process. You set the actual IP address with setNetworkSource or setNetworkDestination (steps (1) and (2) ). Then you set the appropriate wildcard bits on the match so only parts of your IP addresses are being matched. 

What are the wildcard bits?
OpenFlow 1.0 uses a 32-bit wildcards field that has binary flags for most fields in the match. E.g., you can decide to match on or wildcard dl_src, dl_dst, dl_type, in_port etc. Network Source and Destination addresses are special however: they are the only fields that can be partially wildcarded. This requires some obnoxious bitshifting to convert from the usual CIDR style netmask (/8) to the appropriate OpenFlow wildcards representation. The details are in the spec, and highly confusing :) 

What's an easier way to do it?
Floodlight has a convenience API called Wildcards that allows you to construct a correct Wildcard bitmask more easily.
The way you use it is you start out with either Wildcards.FULL (all bits wildcarded) or Wildcards.EXACT (no bits wildcarded). Then you set / unset the appropriate Wildcard bits using wildcard(Flag) or matchOn(Flag). The Layer 3 Network Source Masks and Network Destination Masks are set with 'withNwSrcMask' or withNwDstMask. These methods take normal CIDR-style netmask lengths and do the conversion for you.

Example for a match that matches on in_port, dl_type, and on IP src/dst masks:

match.setWildcards(Wildcards.FULL.matchOn(Flag.IN_PORT).matchOn(Flag.DL_TYPE).withNwSrcMask(24).withNwDstMask(8));

Example of how to modify the wildcards:

match.setWildcards(Wildcards.FULL.matchOn(Flag.IN_PORT).matchOn(Flag.DL_TYPE).withNwSrcMask(24).withNwDstMask(8));

What doesn't work?

Most of the other stuff that was suggested in this thread was somehow wrong. In particular.

((Integer)sw.getAttribute(IOFSwitch.PROP_FASTWILDCARDS)).intValue() queries a generic switch property and has nothing to do with setting wildcards flags on flow mods.

int MY_SHIFT_BITS = 16;
int my_nw_src_mask = ((1 << OFMatch.OFPFW_NW_SRC_BITS) - 1) << MY_SHIFT_BITS;   this is the wrong way to manually compute the wildcard masks

  • No labels