[ovs-dev] [PATCH v2] ipfix: Skip BFD packets.

Tue, 01 Dec 2015 18:44:29 -0800 

The patch is to skip BFD packets in ipfix.
Bidirectional Forwarding Detection (BFD) packets are for monitoring
the tunnel link status and consumed by ovs itself, no need to sample
them.
Refer to IETF RFC 5881, BFD control packets are the UDP packets with
destination port 3784 and BFD echo packets are the UDP packets with dst
destination port 3785.
Ipfix will skip both BFD control packets and BFD echo packets.

Signed-off-by: Wenyu Zhang <wen...@vmware.com>
---
 ofproto/ofproto-dpif-ipfix.c |   21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/ofproto/ofproto-dpif-ipfix.c b/ofproto/ofproto-dpif-ipfix.c
index 9ad8fa2..7bf8097 100644
--- a/ofproto/ofproto-dpif-ipfix.c
+++ b/ofproto/ofproto-dpif-ipfix.c
@@ -43,6 +43,10 @@ static struct ovs_mutex mutex = OVS_MUTEX_INITIALIZER;
 /* Cf. IETF RFC 5101 Section 10.3.4. */
 #define IPFIX_DEFAULT_COLLECTOR_PORT 4739
 
+/* Cf. IETF RFC 5881 Setion 8. */
+#define BFD_CONTROL_DEST_PORT        3784
+#define BFD_ECHO_DEST_PORT           3785
+
 /* The standard layer2SegmentId (ID 351) element is included in vDS to send
  * the VxLAN tunnel's VNI. It is 64-bit long, the most significant byte is
  * used to indicate the type of tunnel (0x01 = VxLAN, 0x02 = GRE) and the three
@@ -1696,6 +1700,22 @@ dpif_ipfix_bridge_sample(struct dpif_ipfix *di, const 
struct dp_packet *packet,
         ovs_mutex_unlock(&mutex);
         return;
     }
+
+    /* Skip BFD packets:
+     * Bidirectional Forwarding Detection(BFD) packets are for monitoring
+     * the tunnel link status and consumed by ovs itself. No need to
+     * smaple them.
+     * CF  IETF RFC 5881, BFD control packet is the UDP packet with
+     * destination port 3784, and BFD echo packet is the UDP packet with
+     * destination port 3785.
+     */
+    if (flow->nw_proto == IPPROTO_UDP &&
+        (flow->tp_dst == htons(BFD_CONTROL_DEST_PORT) ||
+         flow->tp_dst == htons(BFD_ECHO_DEST_PORT))) {
+        ovs_mutex_unlock(&mutex);
+        return;
+    }
+
     /* Use the sampling probability as an approximation of the number
      * of matched packets. */
     packet_delta_count = UINT32_MAX / di->bridge_exporter.probability;
@@ -1711,6 +1731,7 @@ dpif_ipfix_bridge_sample(struct dpif_ipfix *di, const 
struct dp_packet *packet,
             tunnel_port = dpif_ipfix_find_port(di, output_odp_port);
         }
     }
+
     dpif_ipfix_sample(&di->bridge_exporter.exporter, packet, flow,
                       packet_delta_count,
                       di->bridge_exporter.options->obs_domain_id,
-- 
1.7.9.5

_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev

Reply via email to