aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNeale Ranns <nranns@cisco.com>2017-05-16 08:46:45 -0700
committerDamjan Marion <dmarion.lists@gmail.com>2017-05-17 00:16:24 +0000
commitd5b6aa139856a1447f7bc5377058202110eaa4cf (patch)
treeb192c8176824c075c2192d14ec5cd65ccd2ef4f8
parent259cdaeccb70ea1a45b422218d3f5e1920459db8 (diff)
ARP learning fixes (VPP-843)
learn ARP peers if, 1) it's a reply to a local address, 2) we are sending a response to a request. send proxy ARP responses only in the interface the request was sent. Change-Id: I22b949c65122824233076492b7dd537daca07bc2 Signed-off-by: Neale Ranns <nranns@cisco.com>
Diffstat
-rw-r--r--src/vnet/ethernet/arp.c119
-rw-r--r--src/vnet/ip/ip6_neighbor.c8
-rw-r--r--src/vnet/ip/lookup.h23
-rw-r--r--test/test_neighbor.py38
4 files changed, 98 insertions, 90 deletions
diff --git a/src/vnet/ethernet/arp.c b/src/vnet/ethernet/arp.c
index 31af4fbaa80..bfcd3573885 100644
--- a/src/vnet/ethernet/arp.c
+++ b/src/vnet/ethernet/arp.c
@@ -564,6 +564,7 @@ vnet_arp_set_ip4_over_ethernet_internal (vnet_main_t * vnm,
e->sw_if_index = sw_if_index;
e->ip4_address = a->ip4;
+ e->fib_entry_index = FIB_NODE_INDEX_INVALID;
clib_memcpy (e->ethernet_address,
a->ethernet, sizeof (e->ethernet_address));
@@ -827,66 +828,39 @@ unset_random_arp_entry (void)
static int
arp_unnumbered (vlib_buffer_t * p0,
- u32 pi0, ethernet_header_t * eth0, u32 sw_if_index)
+ u32 pi0,
+ ethernet_header_t * eth0,
+ u32 input_sw_if_index, u32 conn_sw_if_index)
{
vlib_main_t *vm = vlib_get_main ();
vnet_main_t *vnm = vnet_get_main ();
vnet_interface_main_t *vim = &vnm->interface_main;
vnet_sw_interface_t *si;
vnet_hw_interface_t *hi;
- u32 unnum_src_sw_if_index;
- u32 *broadcast_swifs = 0;
u32 *buffers = 0;
- u32 n_alloc = 0;
vlib_buffer_t *b0;
int i;
u8 dst_mac_address[6];
i16 header_size;
ethernet_arp_header_t *arp0;
- /* Save the dst mac address */
- clib_memcpy (dst_mac_address, eth0->dst_address, sizeof (dst_mac_address));
+ /* verify that the input interface is unnumbered to the connected.
+ * the connected interface is the interface on which the subnet is
+ * configured */
+ si = &vim->sw_interfaces[input_sw_if_index];
- /* Figure out which sw_if_index supplied the address */
- unnum_src_sw_if_index = sw_if_index;
-
- /* Track down all users of the unnumbered source */
- /* *INDENT-OFF* */
- pool_foreach (si, vim->sw_interfaces,
- ({
- if (si->flags & VNET_SW_INTERFACE_FLAG_UNNUMBERED &&
- (si->unnumbered_sw_if_index == unnum_src_sw_if_index))
- {
- vec_add1 (broadcast_swifs, si->sw_if_index);
- }
- }));
- /* *INDENT-ON* */
-
- /* If there are no interfaces un-unmbered to this interface,
- we are done here. */
- if (0 == vec_len (broadcast_swifs))
- return 0;
-
- /* Allocate buffering if we need it */
- if (vec_len (broadcast_swifs) > 1)
+ if (!(si->flags & VNET_SW_INTERFACE_FLAG_UNNUMBERED &&
+ (si->unnumbered_sw_if_index == conn_sw_if_index)))
{
- vec_validate (buffers, vec_len (broadcast_swifs) - 2);
- n_alloc = vlib_buffer_alloc (vm, buffers, vec_len (buffers));
- _vec_len (buffers) = n_alloc;
- for (i = 0; i < n_alloc; i++)
- {
- b0 = vlib_get_buffer (vm, buffers[i]);
-
- /* xerox (partially built) ARP pkt */
- clib_memcpy (b0->data, p0->data,
- p0->current_length + p0->current_data);
- b0->current_data = p0->current_data;
- b0->current_length = p0->current_length;
- vnet_buffer (b0)->sw_if_index[VLIB_RX] =
- vnet_buffer (p0)->sw_if_index[VLIB_RX];
- }
+ /* the input interface is not unnumbered to the interface on which
+ * the sub-net is configured that covers the ARP request.
+ * So this is not the case for unnumbered.. */
+ return 0;
}
+ /* Save the dst mac address */
+ clib_memcpy (dst_mac_address, eth0->dst_address, sizeof (dst_mac_address));
+
vec_insert (buffers, 1, 0);
buffers[0] = pi0;
@@ -895,8 +869,8 @@ arp_unnumbered (vlib_buffer_t * p0,
b0 = vlib_get_buffer (vm, buffers[i]);
arp0 = vlib_buffer_get_current (b0);
- hi = vnet_get_sup_hw_interface (vnm, broadcast_swifs[i]);
- si = vnet_get_sw_interface (vnm, broadcast_swifs[i]);
+ hi = vnet_get_sup_hw_interface (vnm, input_sw_if_index);
+ si = vnet_get_sw_interface (vnm, input_sw_if_index);
/* For decoration, most likely */
vnet_buffer (b0)->sw_if_index[VLIB_TX] = hi->sw_if_index;
@@ -966,14 +940,25 @@ arp_unnumbered (vlib_buffer_t * p0,
}
/* The regular path outputs the original pkt.. */
- vnet_buffer (p0)->sw_if_index[VLIB_TX] = broadcast_swifs[0];
+ vnet_buffer (p0)->sw_if_index[VLIB_TX] = input_sw_if_index;
- vec_free (broadcast_swifs);
vec_free (buffers);
return !0;
}
+static u32
+arp_learn (vnet_main_t * vnm,
+ ethernet_arp_main_t * am, u32 sw_if_index, void *addr)
+{
+ if (am->limit_arp_cache_size &&
+ pool_elts (am->ip4_entry_pool) >= am->limit_arp_cache_size)
+ unset_random_arp_entry ();
+
+ vnet_arp_set_ip4_over_ethernet (vnm, sw_if_index, addr, 0, 0);
+ return (ETHERNET_ARP_ERROR_l3_src_address_learned);
+}
+
static uword
arp_input (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame)
{
@@ -1121,28 +1106,14 @@ arp_input (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame)
goto drop2;
}
- /* Learn or update sender's mapping only for requests or unicasts
- that don't match local interface address. */
- if (ethernet_address_cast (eth0->dst_address) ==
- ETHERNET_ADDRESS_UNICAST || is_request0)
- {
- if (am->limit_arp_cache_size &&
- pool_elts (am->ip4_entry_pool) >= am->limit_arp_cache_size)
- unset_random_arp_entry ();
-
- vnet_arp_set_ip4_over_ethernet (vnm, sw_if_index0,
- &arp0->ip4_over_ethernet[0],
- 0 /* is_static */ , 0);
- error0 = ETHERNET_ARP_ERROR_l3_src_address_learned;
- }
-
- /* Only send a reply for requests sent which match a local interface. */
- if (!(is_request0 && dst_is_local0))
+ /* Learn or update sender's mapping only for replies to addresses
+ * that are local to the subnet */
+ if (arp0->opcode ==
+ clib_host_to_net_u16 (ETHERNET_ARP_OPCODE_reply) &&
+ dst_is_local0)
{
- error0 =
- (arp0->opcode ==
- clib_host_to_net_u16 (ETHERNET_ARP_OPCODE_reply) ?
- ETHERNET_ARP_ERROR_replies_received : error0);
+ error0 = arp_learn (vnm, am, sw_if_index0,
+ &arp0->ip4_over_ethernet[0]);
goto drop1;
}
@@ -1176,7 +1147,8 @@ arp_input (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame)
{
if (is_unnum0)
{
- if (!arp_unnumbered (p0, pi0, eth0, conn_sw_if_index0))
+ if (!arp_unnumbered (p0, pi0, eth0,
+ sw_if_index0, conn_sw_if_index0))
goto drop2;
}
else
@@ -1230,6 +1202,10 @@ arp_input (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame)
}
}
+ /* We are going to reply to this request, so learn the sender */
+ error0 = arp_learn (vnm, am, sw_if_index0,
+ &arp0->ip4_over_ethernet[1]);
+
vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
n_left_to_next, pi0, next0);
@@ -1685,9 +1661,8 @@ arp_entry_free (ethernet_arp_interface_t * eai, ethernet_arp_ip4_entry_t * e)
{
ethernet_arp_main_t *am = &ethernet_arp_main;
- /* it's safe to delete the ADJ source on the FIB entry, even if it
- * was added */
- fib_table_entry_delete_index (e->fib_entry_index, FIB_SOURCE_ADJ);
+ if (FIB_NODE_INDEX_INVALID != e->fib_entry_index)
+ fib_table_entry_delete_index (e->fib_entry_index, FIB_SOURCE_ADJ);
hash_unset (eai->arp_entries, e->ip4_address.as_u32);
pool_put (am->ip4_entry_pool, e);
}
diff --git a/src/vnet/ip/ip6_neighbor.c b/src/vnet/ip/ip6_neighbor.c
index ee80ee3d4b4..4fd078dcf32 100644
--- a/src/vnet/ip/ip6_neighbor.c
+++ b/src/vnet/ip/ip6_neighbor.c
@@ -273,7 +273,8 @@ ip6_neighbor_sw_interface_up_down (vnet_main_t * vnm,
{
n = pool_elt_at_index (nm->neighbor_pool, to_delete[i]);
mhash_unset (&nm->neighbor_index_by_key, &n->key, 0);
- fib_table_entry_delete_index (n->fib_entry_index, FIB_SOURCE_ADJ);
+ if (FIB_NODE_INDEX_INVALID != n->fib_entry_index)
+ fib_table_entry_delete_index (n->fib_entry_index, FIB_SOURCE_ADJ);
pool_put (nm->neighbor_pool, n);
}
@@ -610,6 +611,7 @@ vnet_set_ip6_ethernet_neighbor (vlib_main_t * vm,
mhash_set (&nm->neighbor_index_by_key, &k, n - nm->neighbor_pool,
/* old value */ 0);
n->key = k;
+ n->fib_entry_index = FIB_NODE_INDEX_INVALID;
clib_memcpy (n->link_layer_address,
link_layer_address, n_bytes_link_layer_address);
@@ -750,7 +752,9 @@ vnet_unset_ip6_ethernet_neighbor (vlib_main_t * vm,
adj_nbr_walk_nh6 (sw_if_index,
&n->key.ip6_address, ip6_nd_mk_incomplete_walk, NULL);
- fib_table_entry_delete_index (n->fib_entry_index, FIB_SOURCE_ADJ);
+
+ if (FIB_NODE_INDEX_INVALID != n->fib_entry_index)
+ fib_table_entry_delete_index (n->fib_entry_index, FIB_SOURCE_ADJ);
pool_put (nm->neighbor_pool, n);
out:
diff --git a/src/vnet/ip/lookup.h b/src/vnet/ip/lookup.h
index 941a6df965e..90c6a25573f 100644
--- a/src/vnet/ip/lookup.h
+++ b/src/vnet/ip/lookup.h
@@ -181,7 +181,7 @@ ip_interface_address_get_address (ip_lookup_main_t * lm,
/* *INDENT-OFF* */
#define foreach_ip_interface_address(lm,a,sw_if_index,loop,body) \
do { \
- vnet_main_t *_vnm = vnet_get_main(); \
+ vnet_main_t *_vnm = vnet_get_main(); \
u32 _sw_if_index = sw_if_index; \
vnet_sw_interface_t *_swif; \
_swif = vnet_get_sw_interface (_vnm, _sw_if_index); \
@@ -189,13 +189,20 @@ do { \
/* \
* Loop => honor unnumbered interface addressing. \
*/ \
- if (loop && _swif->flags & VNET_SW_INTERFACE_FLAG_UNNUMBERED) \
- _sw_if_index = _swif->unnumbered_sw_if_index; \
- u32 _ia = \
- (vec_len((lm)->if_address_pool_index_by_sw_if_index) \
- > (_sw_if_index)) \
- ? vec_elt ((lm)->if_address_pool_index_by_sw_if_index, \
- (_sw_if_index)) : (u32)~0; \
+ if (_swif->flags & VNET_SW_INTERFACE_FLAG_UNNUMBERED) \
+ { \
+ if (loop) \
+ _sw_if_index = _swif->unnumbered_sw_if_index; \
+ else \
+ /* the interface is unnumbered, by the caller does not want \
+ * unnumbered interfaces considered/honoured */ \
+ break; \
+ } \
+ u32 _ia = ((vec_len((lm)->if_address_pool_index_by_sw_if_index) \
+ > (_sw_if_index)) ? \
+ vec_elt ((lm)->if_address_pool_index_by_sw_if_index, \
+ (_sw_if_index)) : \
+ (u32)~0); \
ip_interface_address_t * _a; \
while (_ia != ~0) \
{ \
diff --git a/test/test_neighbor.py b/test/test_neighbor.py
index f2b1cfa47ee..48c6a291248 100644
--- a/test/test_neighbor.py
+++ b/test/test_neighbor.py
@@ -112,8 +112,11 @@ class ARPTestCase(VppTestCase):
intf.add_stream(pkts)
self.pg_enable_capture(self.pg_interfaces)
self.pg_start()
+ timeout = 1
for i in self.pg_interfaces:
+ i.get_capture(0, timeout=timeout)
i.assert_nothing_captured(remark=remark)
+ timeout = 0.1
def test_arp(self):
""" ARP """
@@ -438,7 +441,9 @@ class ARPTestCase(VppTestCase):
# ERROR Cases
# 1 - don't respond to ARP request for address not within the
# interface's sub-net
- # 1a - nor within the unnumbered subnet
+ # 1b - nor within the unnumbered subnet
+ # 1c - nor within the subnet of a different interface
+ #
p = (Ether(dst="ff:ff:ff:ff:ff:ff", src=self.pg0.remote_mac) /
ARP(op="who-has",
hwsrc=self.pg0.remote_mac,
@@ -446,6 +451,10 @@ class ARPTestCase(VppTestCase):
psrc=self.pg0.remote_ip4))
self.send_and_assert_no_replies(self.pg0, p,
"ARP req for non-local destination")
+ self.assertFalse(find_nbr(self,
+ self.pg0.sw_if_index,
+ "10.10.10.3"))
+
p = (Ether(dst="ff:ff:ff:ff:ff:ff", src=self.pg2.remote_mac) /
ARP(op="who-has",
hwsrc=self.pg2.remote_mac,
@@ -455,6 +464,17 @@ class ARPTestCase(VppTestCase):
self.pg0, p,
"ARP req for non-local destination - unnum")
+ p = (Ether(dst="ff:ff:ff:ff:ff:ff", src=self.pg0.remote_mac) /
+ ARP(op="who-has",
+ hwsrc=self.pg0.remote_mac,
+ pdst=self.pg1.local_ip4,
+ psrc=self.pg1.remote_ip4))
+ self.send_and_assert_no_replies(self.pg0, p,
+ "ARP req diff sub-net")
+ self.assertFalse(find_nbr(self,
+ self.pg0.sw_if_index,
+ self.pg1.remote_ip4))
+
#
# 2 - don't respond to ARP request from an address not within the
# interface's sub-net
@@ -514,15 +534,11 @@ class ARPTestCase(VppTestCase):
def test_proxy_arp(self):
""" Proxy ARP """
+ self.pg1.generate_remote_hosts(2)
+
#
# Proxy ARP rewquest packets for each interface
#
- arp_req_pg2 = (Ether(src=self.pg2.remote_mac,
- dst="ff:ff:ff:ff:ff:ff") /
- ARP(op="who-has",
- hwsrc=self.pg2.remote_mac,
- pdst="10.10.10.3",
- psrc=self.pg1.remote_ip4))
arp_req_pg0 = (Ether(src=self.pg0.remote_mac,
dst="ff:ff:ff:ff:ff:ff") /
ARP(op="who-has",
@@ -535,6 +551,12 @@ class ARPTestCase(VppTestCase):
hwsrc=self.pg1.remote_mac,
pdst="10.10.10.3",
psrc=self.pg1.remote_ip4))
+ arp_req_pg2 = (Ether(src=self.pg2.remote_mac,
+ dst="ff:ff:ff:ff:ff:ff") /
+ ARP(op="who-has",
+ hwsrc=self.pg2.remote_mac,
+ pdst="10.10.10.3",
+ psrc=self.pg1.remote_hosts[1].ip4))
arp_req_pg3 = (Ether(src=self.pg3.remote_mac,
dst="ff:ff:ff:ff:ff:ff") /
ARP(op="who-has",
@@ -607,7 +629,7 @@ class ARPTestCase(VppTestCase):
self.pg2.local_mac,
self.pg2.remote_mac,
"10.10.10.3",
- self.pg1.remote_ip4)
+ self.pg1.remote_hosts[1].ip4)
#
# A request for an address out of the configured range
quot;License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at: * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #ifndef __FIB_TYPES_H__ #define __FIB_TYPES_H__ #include <stdbool.h> #include <vlib/vlib.h> #include <vnet/ip/ip6_packet.h> #include <vnet/mpls/packet.h> #include <vnet/dpo/dpo.h> #include <vnet/bier/bier_types.h> /** * A typedef of a node index. * we make this typedef so the code becomes easier for a human to parse. */ typedef u32 fib_node_index_t; #define FIB_NODE_INDEX_INVALID ((fib_node_index_t)(~0)) /** * Protocol Type. packed so it consumes a u8 only */ typedef enum fib_protocol_t_ { FIB_PROTOCOL_IP4 = DPO_PROTO_IP4, FIB_PROTOCOL_IP6 = DPO_PROTO_IP6, FIB_PROTOCOL_MPLS = DPO_PROTO_MPLS, } __attribute__ ((packed)) fib_protocol_t; #define FIB_PROTOCOLS { \ [FIB_PROTOCOL_IP4] = "ipv4", \ [FIB_PROTOCOL_IP6] = "ipv6", \ [FIB_PROTOCOL_MPLS] = "MPLS", \ } /** * Definition outside of enum so it does not need to be included in non-defaulted * switch statements */ #define FIB_PROTOCOL_MAX (FIB_PROTOCOL_MPLS + 1) /** * Definition outside of enum so it does not need to be included in non-defaulted * switch statements */ #define FIB_PROTOCOL_IP_MAX (FIB_PROTOCOL_IP6 + 1) /** * Not part of the enum so it does not have to be handled in switch statements */ #define FIB_PROTOCOL_NONE (FIB_PROTOCOL_MAX+1) #define FOR_EACH_FIB_PROTOCOL(_item) \ for (_item = FIB_PROTOCOL_IP4; \ _item <= FIB_PROTOCOL_MPLS; \ _item++) #define FOR_EACH_FIB_IP_PROTOCOL(_item) \ for (_item = FIB_PROTOCOL_IP4; \ _item <= FIB_PROTOCOL_IP6; \ _item++) /** * @brief Convert from boolean is_ip6 to FIB protocol. * Drop MPLS on the floor in favor of IPv4. */ static inline fib_protocol_t fib_ip_proto(bool is_ip6) { return (is_ip6) ? FIB_PROTOCOL_IP6 : FIB_PROTOCOL_IP4; } /** * @brief Convert from fib_protocol to ip46_type */ extern ip46_type_t fib_proto_to_ip46(fib_protocol_t fproto); /** * @brief Convert from ip46_type to fib_protocol */ extern fib_protocol_t fib_proto_from_ip46(ip46_type_t iproto); /** * @brief Convert from a protocol to a link type */ vnet_link_t fib_proto_to_link (fib_protocol_t proto); /** * FIB output chain type. When a child object requests a forwarding contribution * from a parent, it does so for a particular scenario. This enumererates those * sceanrios */ typedef enum fib_forward_chain_type_t_ { /** * Contribute an object that is to be used to forward IP4 packets */ FIB_FORW_CHAIN_TYPE_UNICAST_IP4, /** * Contribute an object that is to be used to forward IP6 packets */ FIB_FORW_CHAIN_TYPE_UNICAST_IP6, /** * Contribute an object that is to be used to forward non-end-of-stack * MPLS packets */ FIB_FORW_CHAIN_TYPE_MPLS_NON_EOS, /** * Contribute an object that is to be used to forward BIER packets. */ FIB_FORW_CHAIN_TYPE_BIER, /** * Contribute an object that is to be used to forward end-of-stack * MPLS packets. This is a convenient ID for clients. A real EOS chain * must be pay-load protocol specific. This * option is converted into one of the other three internally. */ FIB_FORW_CHAIN_TYPE_MPLS_EOS, /** * Contribute an object that is to be used to forward IP4 packets */ FIB_FORW_CHAIN_TYPE_MCAST_IP4, /** * Contribute an object that is to be used to forward IP6 packets */ FIB_FORW_CHAIN_TYPE_MCAST_IP6, /** * Contribute an object that is to be used to forward Ethernet packets. */ FIB_FORW_CHAIN_TYPE_ETHERNET, /** * Contribute an object that is to be used to forward NSH packets. * This is last in the list since it is not valid for many FIB objects, * and thus their array of per-chain-type DPOs can be sized smaller. */ FIB_FORW_CHAIN_TYPE_NSH, } __attribute__ ((packed)) fib_forward_chain_type_t; #define FIB_FORW_CHAINS { \ [FIB_FORW_CHAIN_TYPE_ETHERNET] = "ethernet", \ [FIB_FORW_CHAIN_TYPE_BIER] = "bier", \ [FIB_FORW_CHAIN_TYPE_UNICAST_IP4] = "unicast-ip4", \ [FIB_FORW_CHAIN_TYPE_UNICAST_IP6] = "unicast-ip6", \ [FIB_FORW_CHAIN_TYPE_MCAST_IP4] = "multicast-ip4", \ [FIB_FORW_CHAIN_TYPE_MCAST_IP6] = "multicast-ip6", \ [FIB_FORW_CHAIN_TYPE_MPLS_NON_EOS] = "mpls-neos", \ [FIB_FORW_CHAIN_TYPE_MPLS_EOS] = "mpls-eos", \ [FIB_FORW_CHAIN_TYPE_NSH] = "nsh", \ } #define FIB_FORW_CHAIN_NUM (FIB_FORW_CHAIN_TYPE_NSH+1) #define FIB_FORW_CHAIN_MPLS_NUM (FIB_FORW_CHAIN_TYPE_MPLS_EOS+1) #define FOR_EACH_FIB_FORW_CHAIN(_item) \ for (_item = FIB_FORW_CHAIN_TYPE_UNICAST_IP4; \ _item <= FIB_FORW_CHAIN_TYPE_NSH; \ _item++) #define FOR_EACH_FIB_FORW_MPLS_CHAIN(_item) \ for (_item = FIB_FORW_CHAIN_TYPE_UNICAST_IP4; \ _item <= FIB_FORW_CHAIN_TYPE_MPLS_EOS; \ _item++) /** * @brief Convert from a chain type to the adjacency's link type */ extern vnet_link_t fib_forw_chain_type_to_link_type(fib_forward_chain_type_t fct); /** * @brief Convert from a adjacency's link type to chain type */ extern fib_forward_chain_type_t fib_forw_chain_type_from_link_type(vnet_link_t lt); /** * @brief Convert from a payload-protocol to a chain type. */ extern fib_forward_chain_type_t fib_forw_chain_type_from_dpo_proto(dpo_proto_t proto); /** * @brief Convert from a fib-protocol to a chain type. */ extern fib_forward_chain_type_t fib_forw_chain_type_from_fib_proto(fib_protocol_t proto); /** * @brief Convert from a chain type to the DPO proto it will install */ extern dpo_proto_t fib_forw_chain_type_to_dpo_proto(fib_forward_chain_type_t fct); /** * Aggregate type for a prefix */ typedef struct fib_prefix_t_ { /** * The mask length */ u16 fp_len; /** * protocol type */ fib_protocol_t fp_proto; /** * Pad to keep the address 4 byte aligned */ u8 ___fp___pad; union { /** * The address type is not deriveable from the fp_addr member. * If it's v4, then the first 3 u32s of the address will be 0. * v6 addresses (even v4 mapped ones) have at least 2 u32s assigned * to non-zero values. true. but when it's all zero, one cannot decide. */ ip46_address_t fp_addr; struct { mpls_label_t fp_label; mpls_eos_bit_t fp_eos; /** * This protocol determines the payload protocol of packets * that will be forwarded by this entry once the label is popped. * For a non-eos entry it will be MPLS. */ dpo_proto_t fp_payload_proto; }; }; } fib_prefix_t; STATIC_ASSERT(STRUCT_OFFSET_OF(fib_prefix_t, fp_addr) == 4, "FIB Prefix's address is 4 byte aligned."); /** * \brief Compare two prefixes for equality */ extern int fib_prefix_cmp(const fib_prefix_t *p1, const fib_prefix_t *p2); /** * \brief Copy a prefix */ extern void fib_prefix_copy(fib_prefix_t *dst, const fib_prefix_t *src); /** * \brief Compare two prefixes for covering relationship * * \return non-zero if the first prefix is a cover for the second */ extern int fib_prefix_is_cover(const fib_prefix_t *p1, const fib_prefix_t *p2); /** * \brief Return true is the prefix is a host prefix */ extern int fib_prefix_is_host(const fib_prefix_t *p); /** * \brief Host prefix from ip */ extern void fib_prefix_from_ip46_addr (const ip46_address_t *addr, fib_prefix_t *pfx); extern u8 * format_fib_prefix(u8 * s, va_list * args); extern u8 * format_fib_forw_chain_type(u8 * s, va_list * args); extern dpo_proto_t fib_proto_to_dpo(fib_protocol_t fib_proto); extern fib_protocol_t dpo_proto_to_fib(dpo_proto_t dpo_proto); /** * Convert from BIER next-hop proto to FIB proto */ extern fib_protocol_t bier_hdr_proto_to_fib(bier_hdr_proto_id_t bproto); /** * Enurmeration of special path/entry types */ typedef enum fib_special_type_t_ { /** * Marker. Add new types after this one. */ FIB_SPECIAL_TYPE_FIRST = 0, /** * Local/for-us paths */ FIB_SPECIAL_TYPE_LOCAL = FIB_SPECIAL_TYPE_FIRST, /** * drop paths */ FIB_SPECIAL_TYPE_DROP, /** * Marker. Add new types before this one, then update it. */ FIB_SPECIAL_TYPE_LAST = FIB_SPECIAL_TYPE_DROP, } __attribute__ ((packed)) fib_special_type_t; /** * The maximum number of types */ #define FIB_SPEICAL_TYPE_MAX (FIB_SPEICAL_TYPE_LAST + 1) #define FOR_EACH_FIB_SPEICAL_TYPE(_item) \ for (_item = FIB_TYPE_SPEICAL_FIRST; \ _item <= FIB_SPEICAL_TYPE_LAST; _item++) extern u8 * format_fib_protocol(u8 * s, va_list *ap); extern u8 * format_vnet_link(u8 *s, va_list *ap); /** * Path flags from the control plane */ typedef enum fib_route_path_flags_t_ { FIB_ROUTE_PATH_FLAG_NONE = 0, /** * Recursion constraint of via a host prefix */ FIB_ROUTE_PATH_RESOLVE_VIA_HOST = (1 << 0), /** * Recursion constraint of via an attahced prefix */ FIB_ROUTE_PATH_RESOLVE_VIA_ATTACHED = (1 << 1), /** * A for-us/local path */ FIB_ROUTE_PATH_LOCAL = (1 << 2), /** * Attached path */ FIB_ROUTE_PATH_ATTACHED = (1 << 3), /** * A Drop path - resolve the path on the drop DPO */ FIB_ROUTE_PATH_DROP = (1 << 4), /** * Don't resolve the path, use the DPO the client provides */ FIB_ROUTE_PATH_EXCLUSIVE = (1 << 5), /** * A path that result in received traffic being recieved/recirculated * so that it appears to have arrived on the new interface */ FIB_ROUTE_PATH_INTF_RX = (1 << 6), /** * A local path with a RPF-ID => multicast traffic */ FIB_ROUTE_PATH_RPF_ID = (1 << 7), /** * A deag path using the packet's source not destination address. */ FIB_ROUTE_PATH_SOURCE_LOOKUP = (1 << 8), /** * A path via a UDP encap object. */ FIB_ROUTE_PATH_UDP_ENCAP = (1 << 9), /** * A path that resolves via a BIER F-Mask */ FIB_ROUTE_PATH_BIER_FMASK = (1 << 10), /** * A path that resolves via a BIER [ECMP] Table */ FIB_ROUTE_PATH_BIER_TABLE = (1 << 11), /** * A path that resolves via a BIER impostion object */ FIB_ROUTE_PATH_BIER_IMP = (1 << 12), /** * A path that resolves via another table */ FIB_ROUTE_PATH_DEAG = (1 << 13), /** * A path that resolves via a DVR DPO */ FIB_ROUTE_PATH_DVR = (1 << 14), FIB_ROUTE_PATH_ICMP_UNREACH = (1 << 15), FIB_ROUTE_PATH_ICMP_PROHIBIT = (1 << 16), FIB_ROUTE_PATH_CLASSIFY = (1 << 17), /** * Pop a Psuedo Wire Control Word */ FIB_ROUTE_PATH_POP_PW_CW = (1 << 18), } fib_route_path_flags_t; /** * An RPF-ID is numerical value that is used RPF validate. An entry * has-a RPF-ID, when a packet egress from (e.g. an LSP) it gains an * RPF-ID, these two are compared for the RPF check. * This replaces the interfce based chack (since the LSP has no associated * interface. */ typedef u32 fib_rpf_id_t; #define MFIB_RPF_ID_NONE (0) /** * MPLS LSP mode - only valid at the head and tail */ typedef enum fib_mpls_lsp_mode_t_ { /** * Pipe Mode - the default. * TTL and DSCP markings are not carried between the layers */ FIB_MPLS_LSP_MODE_PIPE, /** * Uniform mode. * TTL and DSCP are copied between the layers */ FIB_MPLS_LSP_MODE_UNIFORM, } __attribute__((packed)) fib_mpls_lsp_mode_t; #define FIB_MPLS_LSP_MODES { \ [FIB_MPLS_LSP_MODE_PIPE] = "pipe", \ [FIB_MPLS_LSP_MODE_UNIFORM] = "uniform", \ } /** * Format an LSP mode type */ extern u8 * format_fib_mpls_lsp_mode(u8 *s, va_list *ap); /** * Configuration for each label value in the output-stack */ typedef struct fib_mpls_label_t_ { /** * The label value */ mpls_label_t fml_value; /** * The LSP mode */ fib_mpls_lsp_mode_t fml_mode; /** * TTL. valid only at imposition. */ u8 fml_ttl; /** * EXP bits; valid only at imposition. */ u8 fml_exp; } fib_mpls_label_t; /** * Format an MPLS label */ extern u8 * format_fib_mpls_label(u8 *s, va_list *ap); /** * @brief * A representation of a path as described by a route producer. * These paramenters will determine the path 'type', of which there are: * 1) Attached-next-hop: * a single peer on a link. * It is 'attached' because it is in the same sub-net as the router, on a link * directly connected to the route. * It is 'next=hop' since the next-hop address of the peer is known. * 2) Attached: * the next-hop is not known. but we can ARP for it. * 3) Recursive. * The next-hop is known but the interface is not. So to find the adj to use * we must recursively resolve the next-hop. * 3) deaggregate (deag) * A further lookup is required. */ typedef struct fib_route_path_t_ { /** * The protocol of the address below. We need this since the all * zeros address is ambiguous. */ dpo_proto_t frp_proto; union { struct { union { /** * The next-hop address. * Will be NULL for attached paths. * Will be all zeros for attached-next-hop paths on a p2p interface * Will be all zeros for a deag path. */ ip46_address_t frp_addr; struct { /** * The MPLS local Label to reursively resolve through. * This is valid when the path type is MPLS. */ mpls_label_t frp_local_label; /** * EOS bit for the resolving label */ mpls_eos_bit_t frp_eos; }; /** * A path via a BIER imposition object. * Present in an mfib path list */ index_t frp_bier_imp; }; /** * The interface. * Will be invalid for recursive paths. */ u32 frp_sw_if_index; /** * The RPF-ID */ fib_rpf_id_t frp_rpf_id; union { /** * The FIB index to lookup the nexthop * Only valid for recursive paths. */ u32 frp_fib_index; /** * The BIER table to resolve the fmask in */ u32 frp_bier_fib_index; }; /** * The outgoing MPLS label Stack. NULL implies no label. */ fib_mpls_label_t *frp_label_stack; /** * Exclusive DPO */ dpo_id_t dpo; /** * MFIB interface flags */ u32 frp_mitf_flags; }; /** * A path that resolves via a BIER Table. * This would be for a MPLS label at a BIER midpoint or tail */ bier_table_id_t frp_bier_tbl; /** * UDP encap ID */ u32 frp_udp_encap_id; /** * Classify table ID */ u32 frp_classify_table_id; /** * Resolving via a BIER Fmask */ index_t frp_bier_fmask; /** * The DPO for use with exclusive paths */ dpo_id_t frp_dpo; }; /** * [un]equal cost path weight */ u8 frp_weight; /** * A path preference. 0 is the best. * Only paths of the best preference, that are 'up', are considered * for forwarding. */ u8 frp_preference; /** * flags on the path */ fib_route_path_flags_t frp_flags; } fib_route_path_t; /** * Unformat a fib_route_path_t from CLI input */ extern uword unformat_fib_route_path(unformat_input_t * input, va_list * args); /** * A help string to list the FIB path options */ #define FIB_ROUTE_PATH_HELP "[next-hop-address] [next-hop-interface] [next-hop-table <value>] [weight <value>] [preference <value>] [udp-encap-id <value>] [ip4-lookup-in-table <value>] [ip6-lookup-in-table <value>] [mpls-lookup-in-table <value>] [resolve-via-host] [resolve-via-connected] [rx-ip4 <interface>] [out-labels <value value value>]" /** * return code to control pat-hlist walk */ typedef enum fib_path_list_walk_rc_t_ { FIB_PATH_LIST_WALK_STOP, FIB_PATH_LIST_WALK_CONTINUE, } fib_path_list_walk_rc_t; /** * A list of path-extensions */ typedef struct fib_path_ext_list_t_ { struct fib_path_ext_t_ *fpel_exts; } fib_path_ext_list_t; #endif