diff options
author | Neale Ranns <nranns@cisco.com> | 2019-12-31 05:13:14 +0000 |
---|---|---|
committer | Damjan Marion <dmarion@me.com> | 2020-01-30 20:12:19 +0000 |
commit | e5b94dded0dfd7258d5fd0f4ef897d9ccb48715b (patch) | |
tree | 819c62a17acf0b234a76c8eef2f00e944e1da8b3 | |
parent | 9ace36d0f9b04e2d4db410607ee33a8e72ef00c5 (diff) |
gre: Tunnel encap/decap flags
Type: feature
common funcitons across IP-in-IP and GRE tunnels for encap/decap
functions
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I325b66824878d843af167adfe5a7a96b0ab90566
-rw-r--r-- | src/vnet/CMakeLists.txt | 1 | ||||
-rw-r--r-- | src/vnet/gre/gre.api | 3 | ||||
-rw-r--r-- | src/vnet/gre/gre.c | 127 | ||||
-rw-r--r-- | src/vnet/gre/gre.h | 2 | ||||
-rw-r--r-- | src/vnet/gre/gre_api.c | 7 | ||||
-rw-r--r-- | src/vnet/gre/interface.c | 1 | ||||
-rw-r--r-- | src/vnet/ip/ip4_packet.h | 2 | ||||
-rw-r--r-- | src/vnet/ipip/ipip.c | 153 | ||||
-rw-r--r-- | src/vnet/ipip/node.c | 32 | ||||
-rw-r--r-- | src/vnet/tunnel/tunnel_dp.h | 104 | ||||
-rw-r--r-- | test/test_gre.py | 62 | ||||
-rw-r--r-- | test/vpp_gre_interface.py | 37 | ||||
-rw-r--r-- | test/vpp_papi_provider.py | 37 |
13 files changed, 395 insertions, 173 deletions
diff --git a/src/vnet/CMakeLists.txt b/src/vnet/CMakeLists.txt index 16d5cacdcd8..eb96699193c 100644 --- a/src/vnet/CMakeLists.txt +++ b/src/vnet/CMakeLists.txt @@ -762,6 +762,7 @@ list(APPEND VNET_API_FILES list(APPEND VNET_HEADERS tunnel/tunnel.h + tunnel/tunnel_dp.h ) ############################################################################## diff --git a/src/vnet/gre/gre.api b/src/vnet/gre/gre.api index 0a98178ca87..fb78b47f3aa 100644 --- a/src/vnet/gre/gre.api +++ b/src/vnet/gre/gre.api @@ -34,6 +34,8 @@ enum gre_tunnel_type : u8 @param context - sender context, to match reply w/ request @param tunnel_type - 0: L3, 1: TEB, 2: ERSPAN @param instance - optional unique custom device instance, else ~0. + @param mode - P2P or P2MP + @param flags - to control encap/decap behaviour @param src - Source IP address @param dst - Destination IP address, can be multicast @param outer_table_id - Encap FIB table ID @@ -44,6 +46,7 @@ typedef gre_tunnel { vl_api_gre_tunnel_type_t type; vl_api_tunnel_mode_t mode; + vl_api_tunnel_encap_decap_flags_t flags; u16 session_id; u32 instance; u32 outer_table_id; diff --git a/src/vnet/gre/gre.c b/src/vnet/gre/gre.c index 2b95d99148a..f1bc6946416 100644 --- a/src/vnet/gre/gre.c +++ b/src/vnet/gre/gre.c @@ -18,6 +18,7 @@ #include <vnet/vnet.h> #include <vnet/gre/gre.h> #include <vnet/adj/adj_midchain.h> +#include <vnet/tunnel/tunnel_dp.h> extern gre_main_t gre_main; @@ -274,11 +275,45 @@ gre_build_rewrite (vnet_main_t * vnm, return (rewrite); } -#define is_v4_packet(_h) ((*(u8*) _h) & 0xF0) == 0x40 +static void +gre44_fixup (vlib_main_t * vm, + const ip_adjacency_t * adj, vlib_buffer_t * b0, const void *data) +{ + tunnel_encap_decap_flags_t flags; + ip4_and_gre_header_t *ip0; + + ip0 = vlib_buffer_get_current (b0); + flags = pointer_to_uword (data); + + /* Fixup the checksum and len fields in the GRE tunnel encap + * that was applied at the midchain node */ + ip0->ip4.length = + clib_host_to_net_u16 (vlib_buffer_length_in_chain (vm, b0)); + tunnel_encap_fixup_4o4 (flags, (ip4_header_t *) (ip0 + 1), &ip0->ip4); + ip0->ip4.checksum = ip4_header_checksum (&ip0->ip4); +} static void -gre4_fixup (vlib_main_t * vm, - const ip_adjacency_t * adj, vlib_buffer_t * b0, const void *data) +gre64_fixup (vlib_main_t * vm, + const ip_adjacency_t * adj, vlib_buffer_t * b0, const void *data) +{ + tunnel_encap_decap_flags_t flags; + ip4_and_gre_header_t *ip0; + + ip0 = vlib_buffer_get_current (b0); + flags = pointer_to_uword (data); + + /* Fixup the checksum and len fields in the GRE tunnel encap + * that was applied at the midchain node */ + ip0->ip4.length = + clib_host_to_net_u16 (vlib_buffer_length_in_chain (vm, b0)); + tunnel_encap_fixup_6o4 (flags, (ip6_header_t *) (ip0 + 1), &ip0->ip4); + ip0->ip4.checksum = ip4_header_checksum (&ip0->ip4); +} + +static void +grex4_fixup (vlib_main_t * vm, + const ip_adjacency_t * adj, vlib_buffer_t * b0, const void *data) { ip4_header_t *ip0; @@ -291,8 +326,44 @@ gre4_fixup (vlib_main_t * vm, } static void -gre6_fixup (vlib_main_t * vm, - const ip_adjacency_t * adj, vlib_buffer_t * b0, const void *data) +gre46_fixup (vlib_main_t * vm, + const ip_adjacency_t * adj, vlib_buffer_t * b0, const void *data) +{ + tunnel_encap_decap_flags_t flags; + ip6_and_gre_header_t *ip0; + + ip0 = vlib_buffer_get_current (b0); + flags = pointer_to_uword (data); + + /* Fixup the payload length field in the GRE tunnel encap that was applied + * at the midchain node */ + ip0->ip6.payload_length = + clib_host_to_net_u16 (vlib_buffer_length_in_chain (vm, b0) - + sizeof (*ip0)); + tunnel_encap_fixup_4o6 (flags, (ip4_header_t *) (ip0 + 1), &ip0->ip6); +} + +static void +gre66_fixup (vlib_main_t * vm, + const ip_adjacency_t * adj, vlib_buffer_t * b0, const void *data) +{ + tunnel_encap_decap_flags_t flags; + ip6_and_gre_header_t *ip0; + + ip0 = vlib_buffer_get_current (b0); + flags = pointer_to_uword (data); + + /* Fixup the payload length field in the GRE tunnel encap that was applied + * at the midchain node */ + ip0->ip6.payload_length = + clib_host_to_net_u16 (vlib_buffer_length_in_chain (vm, b0) - + sizeof (*ip0)); + tunnel_encap_fixup_6o6 (flags, (ip6_header_t *) (ip0 + 1), &ip0->ip6); +} + +static void +grex6_fixup (vlib_main_t * vm, + const ip_adjacency_t * adj, vlib_buffer_t * b0, const void *data) { ip6_header_t *ip0; @@ -305,25 +376,49 @@ gre6_fixup (vlib_main_t * vm, sizeof (*ip0)); } +/** + * return the appropriate fixup function given the overlay (link-type) and + * underlay (fproto) combination + */ +static adj_midchain_fixup_t +gre_get_fixup (fib_protocol_t fproto, vnet_link_t lt) +{ + if (fproto == FIB_PROTOCOL_IP6 && lt == VNET_LINK_IP6) + return (gre66_fixup); + if (fproto == FIB_PROTOCOL_IP6 && lt == VNET_LINK_IP4) + return (gre46_fixup); + if (fproto == FIB_PROTOCOL_IP4 && lt == VNET_LINK_IP6) + return (gre64_fixup); + if (fproto == FIB_PROTOCOL_IP4 && lt == VNET_LINK_IP4) + return (gre44_fixup); + if (fproto == FIB_PROTOCOL_IP6 && lt == VNET_LINK_ETHERNET) + return (grex6_fixup); + if (fproto == FIB_PROTOCOL_IP4 && lt == VNET_LINK_ETHERNET) + return (grex4_fixup); + + ASSERT (0); + return (gre44_fixup); +} + void gre_update_adj (vnet_main_t * vnm, u32 sw_if_index, adj_index_t ai) { gre_main_t *gm = &gre_main; gre_tunnel_t *t; adj_flags_t af; - u8 is_ipv6; u32 ti; ti = gm->tunnel_index_by_sw_if_index[sw_if_index]; t = pool_elt_at_index (gm->tunnels, ti); - is_ipv6 = t->tunnel_dst.fp_proto == FIB_PROTOCOL_IP6 ? 1 : 0; af = ADJ_FLAG_MIDCHAIN_IP_STACK; if (VNET_LINK_ETHERNET == adj_get_link_type (ai)) af |= ADJ_FLAG_MIDCHAIN_NO_COUNT; adj_nbr_midchain_update_rewrite - (ai, !is_ipv6 ? gre4_fixup : gre6_fixup, NULL, af, + (ai, gre_get_fixup (t->tunnel_dst.fp_proto, + adj_get_link_type (ai)), + uword_to_pointer (t->flags, void *), af, gre_build_rewrite (vnm, sw_if_index, adj_get_link_type (ai), &t->tunnel_dst.fp_addr)); @@ -334,13 +429,12 @@ adj_walk_rc_t mgre_mk_complete_walk (adj_index_t ai, void *data) { mgre_walk_ctx_t *ctx = data; - adj_midchain_fixup_t f; - - f = (ctx->t->tunnel_dst.fp_proto == FIB_PROTOCOL_IP4 ? - gre4_fixup : gre6_fixup); adj_nbr_midchain_update_rewrite - (ai, f, NULL, ADJ_FLAG_MIDCHAIN_IP_STACK, + (ai, gre_get_fixup (ctx->t->tunnel_dst.fp_proto, + adj_get_link_type (ai)), + uword_to_pointer (ctx->t->flags, void *), + ADJ_FLAG_MIDCHAIN_IP_STACK, gre_build_rewrite (vnet_get_main (), ctx->t->sw_if_index, adj_get_link_type (ai), @@ -355,11 +449,10 @@ adj_walk_rc_t mgre_mk_incomplete_walk (adj_index_t ai, void *data) { gre_tunnel_t *t = data; - adj_midchain_fixup_t f; - - f = (t->tunnel_dst.fp_proto == FIB_PROTOCOL_IP4 ? gre4_fixup : gre6_fixup); - adj_nbr_midchain_update_rewrite (ai, f, NULL, ADJ_FLAG_NONE, NULL); + adj_nbr_midchain_update_rewrite (ai, gre_get_fixup (t->tunnel_dst.fp_proto, + adj_get_link_type (ai)), + NULL, ADJ_FLAG_NONE, NULL); adj_midchain_delegate_unstack (ai); diff --git a/src/vnet/gre/gre.h b/src/vnet/gre/gre.h index 70f624122ce..0cc60b87eeb 100644 --- a/src/vnet/gre/gre.h +++ b/src/vnet/gre/gre.h @@ -206,6 +206,7 @@ typedef struct u32 sw_if_index; gre_tunnel_type_t type; tunnel_mode_t mode; + tunnel_encap_decap_flags_t flags; /** * an L2 tunnel always rquires an L2 midchain. cache here for DP. @@ -368,6 +369,7 @@ typedef struct ip46_address_t src, dst; u32 outer_table_id; u16 session_id; + tunnel_encap_decap_flags_t flags; } vnet_gre_tunnel_add_del_args_t; extern int vnet_gre_tunnel_add_del (vnet_gre_tunnel_add_del_args_t * a, diff --git a/src/vnet/gre/gre_api.c b/src/vnet/gre/gre_api.c index 619b5fc233c..934fc661b47 100644 --- a/src/vnet/gre/gre_api.c +++ b/src/vnet/gre/gre_api.c @@ -89,6 +89,7 @@ static void vl_api_gre_tunnel_add_del_t_handler { vnet_gre_tunnel_add_del_args_t _a = { }, *a = &_a; vl_api_gre_tunnel_add_del_reply_t *rmp; + tunnel_encap_decap_flags_t flags; u32 sw_if_index = ~0; ip46_type_t itype[2]; int rv = 0; @@ -118,11 +119,17 @@ static void vl_api_gre_tunnel_add_del_t_handler if (rv) goto out; + rv = tunnel_encap_decap_flags_decode (mp->tunnel.flags, &flags); + + if (rv) + goto out; + a->is_add = mp->is_add; a->is_ipv6 = (itype[0] == IP46_TYPE_IP6); a->instance = ntohl (mp->tunnel.instance); a->session_id = ntohs (mp->tunnel.session_id); a->outer_table_id = ntohl (mp->tunnel.outer_table_id); + a->flags = flags; rv = vnet_gre_tunnel_add_del (a, &sw_if_index); diff --git a/src/vnet/gre/interface.c b/src/vnet/gre/interface.c index 178b080a73b..553c89aeb51 100644 --- a/src/vnet/gre/interface.c +++ b/src/vnet/gre/interface.c @@ -346,6 +346,7 @@ vnet_gre_tunnel_add (vnet_gre_tunnel_add_del_args_t * a, t->type = a->type; t->mode = a->mode; + t->flags = a->flags; if (t->type == GRE_TUNNEL_TYPE_ERSPAN) t->session_id = a->session_id; diff --git a/src/vnet/ip/ip4_packet.h b/src/vnet/ip/ip4_packet.h index 1d3607ea34c..3872ccdd465 100644 --- a/src/vnet/ip/ip4_packet.h +++ b/src/vnet/ip/ip4_packet.h @@ -322,7 +322,7 @@ ip4_header_clear_df (ip4_header_t * ip4) } always_inline u8 -ip4_header_get_df (ip4_header_t * ip4) +ip4_header_get_df (const ip4_header_t * ip4) { return (! !(ip4->flags_and_fragment_offset & clib_host_to_net_u16 (IP4_HEADER_FLAG_DONT_FRAGMENT))); diff --git a/src/vnet/ipip/ipip.c b/src/vnet/ipip/ipip.c index aa8d8daca4b..c94e91d1727 100644 --- a/src/vnet/ipip/ipip.c +++ b/src/vnet/ipip/ipip.c @@ -26,6 +26,7 @@ #include <vnet/ip/format.h> #include <vnet/ipip/ipip.h> #include <vnet/nhrp/nhrp.h> +#include <vnet/tunnel/tunnel_dp.h> ipip_main_t ipip_main; @@ -84,6 +85,18 @@ ipip_build_rewrite (vnet_main_t * vnm, u32 sw_if_index, if (t->flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_SET_DF) ip4_header_set_df (ip4); ip4->checksum = ip4_header_checksum (ip4); + + switch (link_type) + { + case VNET_LINK_IP6: + ip4->protocol = IP_PROTOCOL_IPV6; + break; + case VNET_LINK_IP4: + ip4->protocol = IP_PROTOCOL_IP_IN_IP; + break; + default: + break; + } break; case IPIP_TRANSPORT_IP6: @@ -99,14 +112,26 @@ ipip_build_rewrite (vnet_main_t * vnm, u32 sw_if_index, ip6->dst_address.as_u64[1] = dst->ip6.as_u64[1]; if (!(t->flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_DSCP)) ip6_set_dscp_network_order (ip6, t->dscp); + + switch (link_type) + { + case VNET_LINK_IP6: + ip6->protocol = IP_PROTOCOL_IPV6; + break; + case VNET_LINK_IP4: + ip6->protocol = IP_PROTOCOL_IP_IN_IP; + break; + default: + break; + } break; } return (rewrite); } static void -ipip4_fixup (vlib_main_t * vm, const ip_adjacency_t * adj, vlib_buffer_t * b, - const void *data) +ipip64_fixup (vlib_main_t * vm, const ip_adjacency_t * adj, vlib_buffer_t * b, + const void *data) { tunnel_encap_decap_flags_t flags; ip4_header_t *ip4; @@ -115,41 +140,30 @@ ipip4_fixup (vlib_main_t * vm, const ip_adjacency_t * adj, vlib_buffer_t * b, ip4 = vlib_buffer_get_current (b); ip4->length = clib_host_to_net_u16 (vlib_buffer_length_in_chain (vm, b)); - switch (adj->ia_link) - { - case VNET_LINK_IP6: - ip4->protocol = IP_PROTOCOL_IPV6; - if (flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_DSCP) - ip4_header_set_dscp (ip4, - ip6_dscp_network_order ((ip6_header_t *) (ip4 + - 1))); - if (flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_ECN) - ip4_header_set_ecn (ip4, - ip6_ecn_network_order ((ip6_header_t *) (ip4 + - 1))); - break; + tunnel_encap_fixup_6o4 (flags, ((ip6_header_t *) (ip4 + 1)), ip4); - case VNET_LINK_IP4: - ip4->protocol = IP_PROTOCOL_IP_IN_IP; - if (flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_DSCP) - ip4_header_set_dscp (ip4, ip4_header_get_dscp (ip4 + 1)); - if (flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_ECN) - ip4_header_set_ecn (ip4, ip4_header_get_ecn (ip4 + 1)); - if ((flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_DF) && - ip4_header_get_df (ip4 + 1)) - ip4_header_set_df (ip4); - break; + ip4->checksum = ip4_header_checksum (ip4); +} - default: - break; - } +static void +ipip44_fixup (vlib_main_t * vm, const ip_adjacency_t * adj, vlib_buffer_t * b, + const void *data) +{ + tunnel_encap_decap_flags_t flags; + ip4_header_t *ip4; + + flags = pointer_to_uword (data); + + ip4 = vlib_buffer_get_current (b); + ip4->length = clib_host_to_net_u16 (vlib_buffer_length_in_chain (vm, b)); + tunnel_encap_fixup_4o4 (flags, ip4 + 1, ip4); ip4->checksum = ip4_header_checksum (ip4); } static void -ipip6_fixup (vlib_main_t * vm, const ip_adjacency_t * adj, vlib_buffer_t * b, - const void *data) +ipip46_fixup (vlib_main_t * vm, const ip_adjacency_t * adj, vlib_buffer_t * b, + const void *data) { tunnel_encap_decap_flags_t flags; ip6_header_t *ip6; @@ -164,29 +178,27 @@ ipip6_fixup (vlib_main_t * vm, const ip_adjacency_t * adj, vlib_buffer_t * b, ip6->payload_length = clib_host_to_net_u16 (vlib_buffer_length_in_chain (vm, b) - sizeof (*ip6)); - switch (adj->ia_link) - { - case VNET_LINK_IP6: - ip6->protocol = IP_PROTOCOL_IPV6; - if (flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_DSCP) - ip6_set_dscp_network_order (ip6, ip6_dscp_network_order (ip6 + 1)); - if (flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_ECN) - ip6_set_ecn_network_order (ip6, ip6_ecn_network_order (ip6 + 1)); - break; + tunnel_encap_fixup_4o6 (flags, ((ip4_header_t *) (ip6 + 1)), ip6); +} - case VNET_LINK_IP4: - ip6->protocol = IP_PROTOCOL_IP_IN_IP; - if (flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_DSCP) - ip6_set_dscp_network_order - (ip6, ip4_header_get_dscp ((ip4_header_t *) (ip6 + 1))); - if (flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_ECN) - ip6_set_ecn_network_order - (ip6, ip4_header_get_ecn ((ip4_header_t *) (ip6 + 1))); - break; +static void +ipip66_fixup (vlib_main_t * vm, + const ip_adjacency_t * adj, vlib_buffer_t * b, const void *data) +{ + tunnel_encap_decap_flags_t flags; + ip6_header_t *ip6; - default: - break; - } + flags = pointer_to_uword (data); + + /* Must set locally originated otherwise we're not allowed to + fragment the packet later */ + b->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED; + + ip6 = vlib_buffer_get_current (b); + ip6->payload_length = + clib_host_to_net_u16 (vlib_buffer_length_in_chain (vm, b) - + sizeof (*ip6)); + tunnel_encap_fixup_6o6 (flags, ip6 + 1, ip6); } static void @@ -246,10 +258,25 @@ ipip_tunnel_restack (ipip_tunnel_t * gt) } } +static adj_midchain_fixup_t +ipip_get_fixup (const ipip_tunnel_t * t, vnet_link_t lt) +{ + if (t->transport == IPIP_TRANSPORT_IP6 && lt == VNET_LINK_IP6) + return (ipip66_fixup); + if (t->transport == IPIP_TRANSPORT_IP6 && lt == VNET_LINK_IP4) + return (ipip46_fixup); + if (t->transport == IPIP_TRANSPORT_IP4 && lt == VNET_LINK_IP6) + return (ipip64_fixup); + if (t->transport == IPIP_TRANSPORT_IP4 && lt == VNET_LINK_IP4) + return (ipip44_fixup); + + ASSERT (0); + return (ipip44_fixup); +} + void ipip_update_adj (vnet_main_t * vnm, u32 sw_if_index, adj_index_t ai) { - adj_midchain_fixup_t f; ipip_tunnel_t *t; adj_flags_t af; @@ -257,13 +284,13 @@ ipip_update_adj (vnet_main_t * vnm, u32 sw_if_index, adj_index_t ai) if (!t) return; - f = t->transport == IPIP_TRANSPORT_IP6 ? ipip6_fixup : ipip4_fixup; af = ADJ_FLAG_MIDCHAIN_IP_STACK; if (VNET_LINK_ETHERNET == adj_get_link_type (ai)) af |= ADJ_FLAG_MIDCHAIN_NO_COUNT; adj_nbr_midchain_update_rewrite - (ai, f, uword_to_pointer (t->flags, void *), af, + (ai, ipip_get_fixup (t, adj_get_link_type (ai)), + uword_to_pointer (t->flags, void *), af, ipip_build_rewrite (vnm, sw_if_index, adj_get_link_type (ai), &t->tunnel_dst)); ipip_tunnel_stack (ai); @@ -279,12 +306,10 @@ static adj_walk_rc_t mipip_mk_complete_walk (adj_index_t ai, void *data) { mipip_walk_ctx_t *ctx = data; - adj_midchain_fixup_t f; - - f = ctx->t->transport == IPIP_TRANSPORT_IP6 ? ipip6_fixup : ipip4_fixup; adj_nbr_midchain_update_rewrite - (ai, f, uword_to_pointer (ctx->t->flags, void *), + (ai, ipip_get_fixup (ctx->t, adj_get_link_type (ai)), + uword_to_pointer (ctx->t->flags, void *), ADJ_FLAG_MIDCHAIN_IP_STACK, ipip_build_rewrite (vnet_get_main (), ctx->t->sw_if_index, adj_get_link_type (ai), @@ -300,11 +325,10 @@ static adj_walk_rc_t mipip_mk_incomplete_walk (adj_index_t ai, void *data) { ipip_tunnel_t *t = data; - adj_midchain_fixup_t f; - f = t->transport == IPIP_TRANSPORT_IP6 ? ipip6_fixup : ipip4_fixup; - - adj_nbr_midchain_update_rewrite (ai, f, NULL, ADJ_FLAG_NONE, NULL); + adj_nbr_midchain_update_rewrite + (ai, ipip_get_fixup (t, adj_get_link_type (ai)), + NULL, ADJ_FLAG_NONE, NULL); adj_midchain_delegate_unstack (ai); @@ -315,7 +339,6 @@ void mipip_update_adj (vnet_main_t * vnm, u32 sw_if_index, adj_index_t ai) { ipip_main_t *gm = &ipip_main; - adj_midchain_fixup_t f; ip_adjacency_t *adj; nhrp_entry_t *ne; ipip_tunnel_t *t; @@ -324,7 +347,6 @@ mipip_update_adj (vnet_main_t * vnm, u32 sw_if_index, adj_index_t ai) adj = adj_get (ai); ti = gm->tunnel_index_by_sw_if_index[sw_if_index]; t = pool_elt_at_index (gm->tunnels, ti); - f = t->transport == IPIP_TRANSPORT_IP6 ? ipip6_fixup : ipip4_fixup; ne = nhrp_entry_find (sw_if_index, &adj->sub_type.nbr.next_hop); @@ -332,7 +354,8 @@ mipip_update_adj (vnet_main_t * vnm, u32 sw_if_index, adj_index_t ai) { // no NHRP entry to provide the next-hop adj_nbr_midchain_update_rewrite - (ai, f, uword_to_pointer (t->flags, void *), ADJ_FLAG_NONE, NULL); + (ai, ipip_get_fixup (t, adj_get_link_type (ai)), + uword_to_pointer (t->flags, void *), ADJ_FLAG_NONE, NULL); return; } diff --git a/src/vnet/ipip/node.c b/src/vnet/ipip/node.c index 0f47f2636db..baaeee863fc 100644 --- a/src/vnet/ipip/node.c +++ b/src/vnet/ipip/node.c @@ -19,7 +19,7 @@ #include <vnet/ipip/ipip.h> #include <vnet/ip/ip6_packet.h> #include <vnet/mpls/mpls.h> -#include <vnet/pg/pg.h> +#include <vnet/tunnel/tunnel_dp.h> #include <vppinfra/sparse_vec.h> #define foreach_ipip_input_next \ @@ -159,29 +159,21 @@ ipip_input (vlib_main_t * vm, vlib_node_runtime_t * node, { next0 = IPIP_INPUT_NEXT_IP6_INPUT; - if (t0->flags & TUNNEL_ENCAP_DECAP_FLAG_DECAP_COPY_ECN) - { - if (is_ipv6) - ip6_set_ecn_network_order ((ip60 + 1), - ip6_ecn_network_order (ip60)); - else - ip6_set_ecn_network_order ((ip6_header_t *) (ip40 + 1), - ip4_header_get_ecn (ip40)); - } + if (is_ipv6) + tunnel_decap_fixup_6o6 (t0->flags, (ip60 + 1), ip60); + else + tunnel_decap_fixup_6o4 (t0->flags, + (ip6_header_t *) (ip40 + 1), ip40); } else if (inner_protocol0 == IP_PROTOCOL_IP_IN_IP) { next0 = IPIP_INPUT_NEXT_IP4_INPUT; - if (t0->flags & TUNNEL_ENCAP_DECAP_FLAG_DECAP_COPY_ECN) - { - if (is_ipv6) - ip4_header_set_ecn_w_chksum ((ip4_header_t *) (ip60 + 1), - ip6_ecn_network_order - (ip60)); - else - ip4_header_set_ecn_w_chksum (ip40 + 1, - ip4_header_get_ecn (ip40)); - } + + if (is_ipv6) + tunnel_decap_fixup_4o6 (t0->flags, + (ip4_header_t *) (ip60 + 1), ip60); + else + tunnel_decap_fixup_4o4 (t0->flags, ip40 + 1, ip40); } if (!is_ipv6 && t0->mode == IPIP_MODE_6RD diff --git a/src/vnet/tunnel/tunnel_dp.h b/src/vnet/tunnel/tunnel_dp.h new file mode 100644 index 00000000000..3e3a81307f1 --- /dev/null +++ b/src/vnet/tunnel/tunnel_dp.h @@ -0,0 +1,104 @@ +/* + * tunnel_dp.h: data-plane functions tunnels. + * + * Copyright (c) 2019 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __TUNNEL_DP_H__ +#define __TUNNEL_DP_H__ + +static_always_inline void +tunnel_encap_fixup_4o4 (tunnel_encap_decap_flags_t flags, + const ip4_header_t * inner, ip4_header_t * outer) +{ + if (flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_DSCP) + ip4_header_set_dscp (outer, ip4_header_get_dscp (inner)); + if (flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_ECN) + ip4_header_set_ecn (outer, ip4_header_get_ecn (inner)); + if ((flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_DF) && + ip4_header_get_df (inner)) + ip4_header_set_df (outer); +} + +static_always_inline void +tunnel_encap_fixup_6o4 (tunnel_encap_decap_flags_t flags, + const ip6_header_t * inner, ip4_header_t * outer) +{ + if (flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_DSCP) + ip4_header_set_dscp (outer, ip6_dscp_network_order (inner)); + if (flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_ECN) + ip4_header_set_ecn (outer, ip6_ecn_network_order ((inner))); +} + +static_always_inline void +tunnel_encap_fixup_6o6 (tunnel_encap_decap_flags_t flags, + const ip6_header_t * inner, ip6_header_t * outer) +{ + if (flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_DSCP) + ip6_set_dscp_network_order (outer, ip6_dscp_network_order (inner)); + if (flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_ECN) + ip6_set_ecn_network_order (outer, ip6_ecn_network_order (inner)); +} + +static_always_inline void +tunnel_encap_fixup_4o6 (tunnel_encap_decap_flags_t flags, + const ip4_header_t * inner, ip6_header_t * outer) +{ + if (flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_DSCP) + ip6_set_dscp_network_order (outer, ip4_header_get_dscp (inner)); + if (flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_ECN) + ip6_set_ecn_network_order (outer, ip4_header_get_ecn (inner)); +} + +static_always_inline void +tunnel_decap_fixup_4o6 (tunnel_encap_decap_flags_t flags, + ip4_header_t * inner, const ip6_header_t * outer) +{ + if (flags & TUNNEL_ENCAP_DECAP_FLAG_DECAP_COPY_ECN) + ip4_header_set_ecn_w_chksum (inner, ip6_ecn_network_order (outer)); +} + +static_always_inline void +tunnel_decap_fixup_6o6 (tunnel_encap_decap_flags_t flags, + ip6_header_t * inner, const ip6_header_t * outer) +{ + if (flags & TUNNEL_ENCAP_DECAP_FLAG_DECAP_COPY_ECN) + ip6_set_ecn_network_order (inner, ip6_ecn_network_order (outer)); +} + +static_always_inline void +tunnel_decap_fixup_6o4 (tunnel_encap_decap_flags_t flags, + ip6_header_t * inner, const ip4_header_t * outer) +{ + if (flags & TUNNEL_ENCAP_DECAP_FLAG_DECAP_COPY_ECN) + ip6_set_ecn_network_order (inner, ip4_header_get_ecn (outer)); +} + +static_always_inline void +tunnel_decap_fixup_4o4 (tunnel_encap_decap_flags_t flags, + ip4_header_t * inner, const ip4_header_t * outer) +{ + if (flags & TUNNEL_ENCAP_DECAP_FLAG_DECAP_COPY_ECN) + ip4_header_set_ecn_w_chksum (inner, ip4_header_get_ecn (outer)); +} + +#endif + +/* + * fd.io coding-style-patch-verification: ON + * + * Local Variables: + * eval: (c-set-style "gnu") + * End: + */ diff --git a/test/test_gre.py b/test/test_gre.py index e3e21c0ad99..e73ba2f99a6 100644 --- a/test/test_gre.py +++ b/test/test_gre.py @@ -108,26 +108,28 @@ class TestGRE(VppTestCase): self.pg1.set_table_ip4(0) super(TestGRE, self).tearDown() - def create_stream_ip4(self, src_if, src_ip, dst_ip): + def create_stream_ip4(self, src_if, src_ip, dst_ip, dscp=0, ecn=0): pkts = [] + tos = (dscp << 2) | ecn for i in range(0, 257): info = self.create_packet_info(src_if, src_if) payload = self.info_to_payload(info) p = (Ether(dst=src_if.local_mac, src=src_if.remote_mac) / - IP(src=src_ip, dst=dst_ip) / + IP(src=src_ip, dst=dst_ip, tos=tos) / UDP(sport=1234, dport=1234) / Raw(payload)) info.data = p.copy() pkts.append(p) return pkts - def create_stream_ip6(self, src_if, src_ip, dst_ip): + def create_stream_ip6(self, src_if, src_ip, dst_ip, dscp=0, ecn=0): pkts = [] + tc = (dscp << 2) | ecn for i in range(0, 257): info = self.create_packet_info(src_if, src_if) payload = self.info_to_payload(info) p = (Ether(dst=src_if.local_mac, src=src_if.remote_mac) / - IPv6(src=src_ip, dst=dst_ip) / + IPv6(src=src_ip, dst=dst_ip, tc=tc) / UDP(sport=1234, dport=1234) / Raw(payload)) info.data = p.copy() @@ -225,9 +227,11 @@ class TestGRE(VppTestCase): return pkts def verify_tunneled_4o4(self, src_if, capture, sent, - tunnel_src, tunnel_dst): + tunnel_src, tunnel_dst, + dscp=0, ecn=0): self.assertEqual(len(capture), len(sent)) + tos = (dscp << 2) | ecn for i in range(len(capture)): try: @@ -239,6 +243,7 @@ class TestGRE(VppTestCase): self.assertEqual(rx_ip.src, tunnel_src) self.assertEqual(rx_ip.dst, tunnel_dst) + self.assertEqual(rx_ip.tos, tos) rx_gre = rx[GRE] rx_ip = rx_gre[IP] @@ -254,9 +259,11 @@ class TestGRE(VppTestCase): raise def verify_tunneled_6o6(self, src_if, capture, sent, - tunnel_src, tunnel_dst): + tunnel_src, tunnel_dst, + dscp=0, ecn=0): self.assertEqual(len(capture), len(sent)) + tc = (dscp << 2) | ecn for i in range(len(capture)): try: @@ -268,6 +275,7 @@ class TestGRE(VppTestCase): self.assertEqual(rx_ip.src, tunnel_src) self.assertEqual(rx_ip.dst, tunnel_dst) + self.assertEqual(rx_ip.tc, tc) rx_gre = GRE(scapy.compat.raw(rx_ip[IPv6].payload)) rx_ip = rx_gre[IPv6] @@ -719,6 +727,8 @@ class TestGRE(VppTestCase): def test_gre_vrf(self): """ GRE tunnel VRF Tests """ + e = VppEnum.vl_api_tunnel_encap_decap_flags_t + # # Create an L3 GRE tunnel whose destination is in the non-default # table. The underlay is thus non-default - the overlay is still @@ -726,9 +736,13 @@ class TestGRE(VppTestCase): # - set it admin up # - assign an IP Addres # - gre_if = VppGreInterface(self, self.pg1.local_ip4, - "2.2.2.2", - outer_table_id=1) + gre_if = VppGreInterface( + self, self.pg1.local_ip4, + "2.2.2.2", + outer_table_id=1, + flags=(e.TUNNEL_API_ENCAP_DECAP_FLAG_ENCAP_COPY_DSCP | + e.TUNNEL_API_ENCAP_DECAP_FLAG_ENCAP_COPY_ECN)) + gre_if.add_vpp_config() gre_if.admin_up() gre_if.config_ip4() @@ -756,10 +770,12 @@ class TestGRE(VppTestCase): # - packets are GRE encapped # self.vapi.cli("clear trace") - tx = self.create_stream_ip4(self.pg0, "5.5.5.5", "9.9.9.9") + tx = self.create_stream_ip4(self.pg0, "5.5.5.5", "9.9.9.9", + dscp=5, ecn=3) rx = self.send_and_expect(self.pg0, tx, self.pg1) self.verify_tunneled_4o4(self.pg1, rx, tx, - self.pg1.local_ip4, "2.2.2.2") + self.pg1.local_ip4, "2.2.2.2", + dscp=5, ecn=3) # # Send tunneled packets that match the created tunnel and @@ -1100,6 +1116,8 @@ class TestGRE(VppTestCase): self.pg0.config_ip6() self.pg0.resolve_ndp() + e = VppEnum.vl_api_tunnel_encap_decap_flags_t + for itf in self.pg_interfaces[3:]: # # one underlay nh for each overlay/tunnel peer @@ -1114,11 +1132,14 @@ class TestGRE(VppTestCase): # - assign an IP Addres # - Add a route via the tunnel # - gre_if = VppGreInterface(self, - itf.local_ip6, - "::", - mode=(VppEnum.vl_api_tunnel_mode_t. - TUNNEL_API_MODE_MP)) + gre_if = VppGreInterface( + self, + itf.local_ip6, + "::", + mode=(VppEnum.vl_api_tunnel_mode_t. + TUNNEL_API_MODE_MP), + flags=e.TUNNEL_API_ENCAP_DECAP_FLAG_ENCAP_COPY_DSCP) + gre_if.add_vpp_config() gre_if.admin_up() gre_if.config_ip6() @@ -1151,11 +1172,13 @@ class TestGRE(VppTestCase): # Send a packet stream that is routed into the tunnel # - packets are GRE encapped # - tx_e = self.create_stream_ip6(self.pg0, "5::5", route_addr) + tx_e = self.create_stream_ip6(self.pg0, "5::5", route_addr, + dscp=2, ecn=1) rx = self.send_and_expect(self.pg0, tx_e, itf) self.verify_tunneled_6o6(self.pg0, rx, tx_e, itf.local_ip6, - itf._remote_hosts[ii].ip6) + itf._remote_hosts[ii].ip6, + dscp=2) tx_i = self.create_tunnel_stream_6o6(self.pg0, itf._remote_hosts[ii].ip6, itf.local_ip6, @@ -1174,7 +1197,8 @@ class TestGRE(VppTestCase): rx = self.send_and_expect(self.pg0, tx_e, itf) self.verify_tunneled_6o6(self.pg0, rx, tx_e, itf.local_ip6, - itf._remote_hosts[ii].ip6) + itf._remote_hosts[ii].ip6, + dscp=2) rx = self.send_and_expect(self.pg0, tx_i, self.pg0) self.verify_decapped_6o6(self.pg0, rx, tx_i) diff --git a/test/vpp_gre_interface.py b/test/vpp_gre_interface.py index 9a9069ac9ab..770292e80b8 100644 --- a/test/vpp_gre_interface.py +++ b/test/vpp_gre_interface.py @@ -10,7 +10,7 @@ class VppGreInterface(VppInterface): """ def __init__(self, test, src_ip, dst_ip, outer_table_id=0, - type=None, mode=None, + type=None, mode=None, flags=0, session=0): """ Create VPP GRE interface """ super(VppGreInterface, self).__init__(test) @@ -18,6 +18,7 @@ class VppGreInterface(VppInterface): self.t_dst = dst_ip self.t_outer_table = outer_table_id self.t_session = session + self.t_flags = flags self.t_type = type if not self.t_type: self.t_type = (VppEnum.vl_api_gre_tunnel_type_t. @@ -29,12 +30,16 @@ class VppGreInterface(VppInterface): def add_vpp_config(self): r = self.test.vapi.gre_tunnel_add_del( - self.t_src, - self.t_dst, - outer_table_id=self.t_outer_table, - type=self.t_type, - mode=self.t_mode, - session_id=self.t_session) + is_add=1, + tunnel={ + 'src': self.t_src, + 'dst': self.t_dst, + 'outer_table_id': self.t_outer_table, + 'instance': 0xffffffff, + 'type': self.t_type, + 'mode': self.t_mode, + 'flags': self.t_flags, + 'session_id': self.t_session}) self.set_sw_if_index(r.sw_if_index) self.generate_remote_hosts() self.test.registry.register(self, self.test.logger) @@ -42,13 +47,17 @@ class VppGreInterface(VppInterface): def remove_vpp_config(self): self.unconfig() - self.test.vapi.gre_tunnel_add_del(self.t_src, - self.t_dst, - outer_table_id=self.t_outer_table, - type=self.t_type, - mode=self.t_mode, - session_id=self.t_session, - is_add=0) + self.test.vapi.gre_tunnel_add_del( + is_add=0, + tunnel={ + 'src': self.t_src, + 'dst': self.t_dst, + 'outer_table_id': self.t_outer_table, + 'instance': 0xffffffff, + 'type': self.t_type, + 'mode': self.t_mode, + 'flags': self.t_flags, + 'session_id': self.t_session}) def object_id(self): return "gre-%d" % self.sw_if_index diff --git a/test/vpp_papi_provider.py b/test/vpp_papi_provider.py index 964b68c1761..789e3c083d5 100644 --- a/test/vpp_papi_provider.py +++ b/test/vpp_papi_provider.py @@ -45,7 +45,6 @@ defaultmapping = { 'gbp_subnet_add_del': {'sw_if_index': 4294967295, 'epg_id': 65535, }, 'geneve_add_del_tunnel': {'mcast_sw_if_index': 4294967295, 'is_add': 1, 'decap_next_index': 4294967295, }, - 'gre_tunnel_add_del': {'instance': 4294967295, 'is_add': 1, }, 'input_acl_set_interface': {'ip4_table_index': 4294967295, 'ip6_table_index': 4294967295, 'l2_table_index': 4294967295, }, @@ -505,42 +504,6 @@ class VppPapiProvider(object): } ) - def gre_tunnel_add_del(self, - src, - dst, - outer_table_id=0, - type=0, - mode=0, - instance=0xFFFFFFFF, - session_id=0, - is_add=1): - """ Add a GRE tunnel - - :param src_address: - :param dst_address: - :param outer_fib_id: (Default value = 0) - :param tunnel_type: (Default value = 0) - :param instance: (Default value = 0xFFFFFFFF) - :param session_id: (Default value = 0) - :param is_add: (Default value = 1) - :param is_ipv6: (Default value = 0) - """ - - return self.api( - self.papi.gre_tunnel_add_del, - {'is_add': is_add, - 'tunnel': - { - 'type': type, - 'mode': mode, - 'instance': instance, - 'src': src, - 'dst': dst, - 'outer_table_id': outer_table_id, - 'session_id': session_id} - } - ) - def udp_encap_add(self, src_ip, dst_ip, |