summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNathan Skrzypczak <nathan.skrzypczak@gmail.com>2021-09-09 18:31:36 +0200
committerNeale Ranns <neale@graphiant.com>2021-10-21 16:39:37 +0000
commitbfa86084af0e4d0cc8ad8ccbeafe999b748a990e (patch)
tree2b2f072cd1b46dde857188c8f9cd11600d2c8409
parent1b6fb40bad69a6582e2a9a7ff8d3bcb65ddfe8ad (diff)
ip: Add ip46-local node for local swif[rx]
Type: improvement This adds a new ip[46]-receive node, sibling of ip[46]-local. Its goal is to set vnet_buffer (b)->ip.rx_sw_if_index to the sw_if_index of the local interface. In dependant nodes further down the line (e.g. hoststack) we then set sw_if_idx[rx] to this value. So that we know which local interface did receive the packet. The TCP issue this fixes is that : On accepts, we were setting tc->sw_if_index to the source sw_if_index. We should use the dest sw_if_index, so that packets coming back on this connection have the right source sw_if_index. And also setting it in the tx-ed packet. Change-Id: I569ed673e15c21e71f365c3ad45439b05bd14a9f Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
-rw-r--r--src/vnet/buffer.h13
-rw-r--r--src/vnet/dpo/receive_dpo.c14
-rw-r--r--src/vnet/ip/ip4_forward.c81
-rw-r--r--src/vnet/ip/ip6_forward.c61
-rw-r--r--src/vnet/tcp/tcp_inlines.h7
5 files changed, 132 insertions, 44 deletions
diff --git a/src/vnet/buffer.h b/src/vnet/buffer.h
index cbaf4d84e42..2b3152fbcd6 100644
--- a/src/vnet/buffer.h
+++ b/src/vnet/buffer.h
@@ -190,8 +190,17 @@ typedef struct
/* Rewrite length */
u8 save_rewrite_length;
- /* MFIB RPF ID */
- u32 rpf_id;
+ union
+ {
+ /* sw_if_index of the local interface the buffer was received on
+ * - if hitting a DPO_RECEIVE - it is set in ip[46]-receive.
+ * This is ~0 if the dpo is not a receive dpo, or if the
+ * interface is not specified (e.g. route add via local) */
+ u32 rx_sw_if_index;
+
+ /* MFIB RPF ID */
+ u32 rpf_id;
+ };
};
/* ICMP */
diff --git a/src/vnet/dpo/receive_dpo.c b/src/vnet/dpo/receive_dpo.c
index b12b382ce64..0a97e1d373b 100644
--- a/src/vnet/dpo/receive_dpo.c
+++ b/src/vnet/dpo/receive_dpo.c
@@ -156,15 +156,13 @@ const static dpo_vft_t receive_vft = {
* this means that these graph nodes are ones from which a receive is the
* parent object in the DPO-graph.
*/
-const static char* const receive_ip4_nodes[] =
-{
- "ip4-local",
- NULL,
+const static char *const receive_ip4_nodes[] = {
+ "ip4-receive",
+ NULL,
};
-const static char* const receive_ip6_nodes[] =
-{
- "ip6-local",
- NULL,
+const static char *const receive_ip6_nodes[] = {
+ "ip6-receive",
+ NULL,
};
const static char* const * const receive_nodes[DPO_PROTO_NUM] =
diff --git a/src/vnet/ip/ip4_forward.c b/src/vnet/ip/ip4_forward.c
index 055df637c7f..900a1b4ce8e 100644
--- a/src/vnet/ip/ip4_forward.c
+++ b/src/vnet/ip/ip4_forward.c
@@ -52,6 +52,7 @@
#include <vnet/mfib/ip4_mfib.h>
#include <vnet/dpo/load_balance.h>
#include <vnet/dpo/load_balance_map.h>
+#include <vnet/dpo/receive_dpo.h>
#include <vnet/dpo/classify_dpo.h>
#include <vnet/mfib/mfib_table.h> /* for mFIB table and entry creation */
#include <vnet/adj/adj_dp.h>
@@ -1387,10 +1388,9 @@ ip4_tcp_udp_validate_checksum (vlib_main_t * vm, vlib_buffer_t * p0)
#endif
/* *INDENT-OFF* */
-VNET_FEATURE_ARC_INIT (ip4_local) =
-{
- .arc_name = "ip4-local",
- .start_nodes = VNET_FEATURES ("ip4-local"),
+VNET_FEATURE_ARC_INIT (ip4_local) = {
+ .arc_name = "ip4-local",
+ .start_nodes = VNET_FEATURES ("ip4-local", "ip4-receive"),
.last_in_arc = "ip4-local-end-of-arc",
};
/* *INDENT-ON* */
@@ -1515,8 +1515,9 @@ typedef struct
} ip4_local_last_check_t;
static inline void
-ip4_local_check_src (vlib_buffer_t * b, ip4_header_t * ip0,
- ip4_local_last_check_t * last_check, u8 * error0)
+ip4_local_check_src (vlib_buffer_t *b, ip4_header_t *ip0,
+ ip4_local_last_check_t *last_check, u8 *error0,
+ int is_receive_dpo)
{
const dpo_id_t *dpo0;
load_balance_t *lb0;
@@ -1526,6 +1527,15 @@ ip4_local_check_src (vlib_buffer_t * b, ip4_header_t * ip0,
vnet_buffer (b)->sw_if_index[VLIB_TX] != ~0 ?
vnet_buffer (b)->sw_if_index[VLIB_TX] : vnet_buffer (b)->ip.fib_index;
+ if (is_receive_dpo)
+ {
+ receive_dpo_t *rd;
+ rd = receive_dpo_get (vnet_buffer (b)->ip.adj_index[VLIB_TX]);
+ vnet_buffer (b)->ip.rx_sw_if_index = rd->rd_sw_if_index;
+ }
+ else
+ vnet_buffer (b)->ip.rx_sw_if_index = ~0;
+
/*
* vnet_buffer()->ip.adj_index[VLIB_RX] will be set to the index of the
* adjacency for the destination address (the local interface address).
@@ -1579,8 +1589,9 @@ ip4_local_check_src (vlib_buffer_t * b, ip4_header_t * ip0,
}
static inline void
-ip4_local_check_src_x2 (vlib_buffer_t ** b, ip4_header_t ** ip,
- ip4_local_last_check_t * last_check, u8 * error)
+ip4_local_check_src_x2 (vlib_buffer_t **b, ip4_header_t **ip,
+ ip4_local_last_check_t *last_check, u8 *error,
+ int is_receive_dpo)
{
const dpo_id_t *dpo[2];
load_balance_t *lb[2];
@@ -1601,6 +1612,20 @@ ip4_local_check_src_x2 (vlib_buffer_t ** b, ip4_header_t ** ip,
vnet_buffer (b[1])->sw_if_index[VLIB_TX] :
vnet_buffer (b[1])->ip.fib_index;
+ if (is_receive_dpo)
+ {
+ const receive_dpo_t *rd0, *rd1;
+ rd0 = receive_dpo_get (vnet_buffer (b[0])->ip.adj_index[VLIB_TX]);
+ rd1 = receive_dpo_get (vnet_buffer (b[1])->ip.adj_index[VLIB_TX]);
+ vnet_buffer (b[0])->ip.rx_sw_if_index = rd0->rd_sw_if_index;
+ vnet_buffer (b[1])->ip.rx_sw_if_index = rd1->rd_sw_if_index;
+ }
+ else
+ {
+ vnet_buffer (b[0])->ip.rx_sw_if_index = ~0;
+ vnet_buffer (b[1])->ip.rx_sw_if_index = ~0;
+ }
+
/*
* vnet_buffer()->ip.adj_index[VLIB_RX] will be set to the index of the
* adjacency for the destination address (the local interface address).
@@ -1697,9 +1722,9 @@ ip4_local_classify (vlib_buffer_t * b, ip4_header_t * ip, u16 * next)
}
static inline uword
-ip4_local_inline (vlib_main_t * vm,
- vlib_node_runtime_t * node,
- vlib_frame_t * frame, int head_of_feature_arc)
+ip4_local_inline (vlib_main_t *vm, vlib_node_runtime_t *node,
+ vlib_frame_t *frame, int head_of_feature_arc,
+ int is_receive_dpo)
{
u32 *from, n_left_from;
vlib_node_runtime_t *error_node =
@@ -1764,19 +1789,21 @@ ip4_local_inline (vlib_main_t * vm,
if (PREDICT_TRUE (not_batch == 0))
{
ip4_local_check_l4_csum_x2 (vm, b, ip, error);
- ip4_local_check_src_x2 (b, ip, &last_check, error);
+ ip4_local_check_src_x2 (b, ip, &last_check, error, is_receive_dpo);
}
else
{
if (!pt[0])
{
ip4_local_check_l4_csum (vm, b[0], ip[0], &error[0]);
- ip4_local_check_src (b[0], ip[0], &last_check, &error[0]);
+ ip4_local_check_src (b[0], ip[0], &last_check, &error[0],
+ is_receive_dpo);
}
if (!pt[1])
{
ip4_local_check_l4_csum (vm, b[1], ip[1], &error[1]);
- ip4_local_check_src (b[1], ip[1], &last_check, &error[1]);
+ ip4_local_check_src (b[1], ip[1], &last_check, &error[1],
+ is_receive_dpo);
}
}
@@ -1804,7 +1831,8 @@ ip4_local_inline (vlib_main_t * vm,
goto skip_check;
ip4_local_check_l4_csum (vm, b[0], ip[0], &error[0]);
- ip4_local_check_src (b[0], ip[0], &last_check, &error[0]);
+ ip4_local_check_src (b[0], ip[0], &last_check, &error[0],
+ is_receive_dpo);
skip_check:
@@ -1823,10 +1851,10 @@ ip4_local_inline (vlib_main_t * vm,
VLIB_NODE_FN (ip4_local_node) (vlib_main_t * vm, vlib_node_runtime_t * node,
vlib_frame_t * frame)
{
- return ip4_local_inline (vm, node, frame, 1 /* head of feature arc */ );
+ return ip4_local_inline (vm, node, frame, 1 /* head of feature arc */,
+ 0 /* is_receive_dpo */);
}
-/* *INDENT-OFF* */
VLIB_REGISTER_NODE (ip4_local_node) =
{
.name = "ip4-local",
@@ -1844,17 +1872,29 @@ VLIB_REGISTER_NODE (ip4_local_node) =
[IP_LOCAL_NEXT_REASSEMBLY] = "ip4-full-reassembly",
},
};
-/* *INDENT-ON* */
+VLIB_NODE_FN (ip4_receive_local_node)
+(vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *frame)
+{
+ return ip4_local_inline (vm, node, frame, 1 /* head of feature arc */,
+ 1 /* is_receive_dpo */);
+}
+
+VLIB_REGISTER_NODE (ip4_receive_local_node) = {
+ .name = "ip4-receive",
+ .vector_size = sizeof (u32),
+ .format_trace = format_ip4_forward_next_trace,
+ .sibling_of = "ip4-local"
+};
VLIB_NODE_FN (ip4_local_end_of_arc_node) (vlib_main_t * vm,
vlib_node_runtime_t * node,
vlib_frame_t * frame)
{
- return ip4_local_inline (vm, node, frame, 0 /* head of feature arc */ );
+ return ip4_local_inline (vm, node, frame, 0 /* head of feature arc */,
+ 0 /* is_receive_dpo */);
}
-/* *INDENT-OFF* */
VLIB_REGISTER_NODE (ip4_local_end_of_arc_node) = {
.name = "ip4-local-end-of-arc",
.vector_size = sizeof (u32),
@@ -1868,7 +1908,6 @@ VNET_FEATURE_INIT (ip4_local_end_of_arc, static) = {
.node_name = "ip4-local-end-of-arc",
.runs_before = 0, /* not before any other features */
};
-/* *INDENT-ON* */
#ifndef CLIB_MARCH_VARIANT
void
diff --git a/src/vnet/ip/ip6_forward.c b/src/vnet/ip/ip6_forward.c
index d9c015f6fb4..b9f9892f929 100644
--- a/src/vnet/ip/ip6_forward.c
+++ b/src/vnet/ip/ip6_forward.c
@@ -48,6 +48,7 @@
#include <vnet/fib/ip6_fib.h>
#include <vnet/mfib/ip6_mfib.h>
#include <vnet/dpo/load_balance_map.h>
+#include <vnet/dpo/receive_dpo.h>
#include <vnet/dpo/classify_dpo.h>
#include <vnet/classify/vnet_classify.h>
#include <vnet/pg/pg.h>
@@ -1228,10 +1229,9 @@ ip6_next_proto_is_tcp_udp (vlib_buffer_t * p0, ip6_header_t * ip0,
}
/* *INDENT-OFF* */
-VNET_FEATURE_ARC_INIT (ip6_local) =
-{
- .arc_name = "ip6-local",
- .start_nodes = VNET_FEATURES ("ip6-local"),
+VNET_FEATURE_ARC_INIT (ip6_local) = {
+ .arc_name = "ip6-local",
+ .start_nodes = VNET_FEATURES ("ip6-local", "ip6-receive"),
};
/* *INDENT-ON* */
@@ -1278,10 +1278,10 @@ ip6_tcp_udp_icmp_bad_length (vlib_main_t * vm, vlib_buffer_t * p0)
return 1;
}
-
always_inline uword
-ip6_local_inline (vlib_main_t * vm, vlib_node_runtime_t * node,
- vlib_frame_t * frame, int head_of_feature_arc)
+ip6_local_inline (vlib_main_t *vm, vlib_node_runtime_t *node,
+ vlib_frame_t *frame, int head_of_feature_arc,
+ int is_receive_dpo)
{
ip6_main_t *im = &ip6_main;
ip_lookup_main_t *lm = &im->lookup_main;
@@ -1469,6 +1469,21 @@ ip6_local_inline (vlib_main_t * vm, vlib_node_runtime_t * node,
vnet_buffer (b[1])->sw_if_index[VLIB_TX] != ~0 ?
vnet_buffer (b[1])->sw_if_index[VLIB_TX] :
vnet_buffer (b[1])->ip.fib_index;
+ if (is_receive_dpo)
+ {
+ const receive_dpo_t *rd0, *rd1;
+ rd0 =
+ receive_dpo_get (vnet_buffer (b[0])->ip.adj_index[VLIB_TX]);
+ rd1 =
+ receive_dpo_get (vnet_buffer (b[1])->ip.adj_index[VLIB_TX]);
+ vnet_buffer (b[0])->ip.rx_sw_if_index = rd0->rd_sw_if_index;
+ vnet_buffer (b[1])->ip.rx_sw_if_index = rd1->rd_sw_if_index;
+ }
+ else
+ {
+ vnet_buffer (b[0])->ip.rx_sw_if_index = ~0;
+ vnet_buffer (b[1])->ip.rx_sw_if_index = ~0;
+ }
} /* head_of_feature_arc */
next[0] = lm->local_next_by_ip_protocol[ip[0]->protocol];
@@ -1596,6 +1611,14 @@ ip6_local_inline (vlib_main_t * vm, vlib_node_runtime_t * node,
vnet_buffer (b[0])->sw_if_index[VLIB_TX] != ~0 ?
vnet_buffer (b[0])->sw_if_index[VLIB_TX] :
vnet_buffer (b[0])->ip.fib_index;
+ if (is_receive_dpo)
+ {
+ receive_dpo_t *rd;
+ rd = receive_dpo_get (vnet_buffer (b[0])->ip.adj_index[VLIB_TX]);
+ vnet_buffer (b[0])->ip.rx_sw_if_index = rd->rd_sw_if_index;
+ }
+ else
+ vnet_buffer (b[0])->ip.rx_sw_if_index = ~0;
} /* head_of_feature_arc */
next[0] = lm->local_next_by_ip_protocol[ip->protocol];
@@ -1629,10 +1652,10 @@ ip6_local_inline (vlib_main_t * vm, vlib_node_runtime_t * node,
VLIB_NODE_FN (ip6_local_node) (vlib_main_t * vm, vlib_node_runtime_t * node,
vlib_frame_t * frame)
{
- return ip6_local_inline (vm, node, frame, 1 /* head of feature arc */ );
+ return ip6_local_inline (vm, node, frame, 1 /* head of feature arc */,
+ 0 /* ip6_local_inline */);
}
-/* *INDENT-OFF* */
VLIB_REGISTER_NODE (ip6_local_node) =
{
.name = "ip6-local",
@@ -1648,16 +1671,29 @@ VLIB_REGISTER_NODE (ip6_local_node) =
[IP_LOCAL_NEXT_REASSEMBLY] = "ip6-full-reassembly",
},
};
-/* *INDENT-ON* */
+
+VLIB_NODE_FN (ip6_receive_local_node)
+(vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *frame)
+{
+ return ip6_local_inline (vm, node, frame, 1 /* head of feature arc */,
+ 1 /* is_receive_dpo */);
+}
+
+VLIB_REGISTER_NODE (ip6_receive_local_node) = {
+ .name = "ip6-receive",
+ .vector_size = sizeof (u32),
+ .format_trace = format_ip6_forward_next_trace,
+ .sibling_of = "ip6-local"
+};
VLIB_NODE_FN (ip6_local_end_of_arc_node) (vlib_main_t * vm,
vlib_node_runtime_t * node,
vlib_frame_t * frame)
{
- return ip6_local_inline (vm, node, frame, 0 /* head of feature arc */ );
+ return ip6_local_inline (vm, node, frame, 0 /* head of feature arc */,
+ 0 /* ip6_local_inline */);
}
-/* *INDENT-OFF* */
VLIB_REGISTER_NODE (ip6_local_end_of_arc_node) = {
.name = "ip6-local-end-of-arc",
.vector_size = sizeof (u32),
@@ -1671,7 +1707,6 @@ VNET_FEATURE_INIT (ip6_local_end_of_arc, static) = {
.node_name = "ip6-local-end-of-arc",
.runs_before = 0, /* not before any other features */
};
-/* *INDENT-ON* */
#ifdef CLIB_MARCH_VARIANT
extern vlib_node_registration_t ip6_local_node;
diff --git a/src/vnet/tcp/tcp_inlines.h b/src/vnet/tcp/tcp_inlines.h
index dfdf801d0ab..e82f308d9b8 100644
--- a/src/vnet/tcp/tcp_inlines.h
+++ b/src/vnet/tcp/tcp_inlines.h
@@ -237,6 +237,13 @@ tcp_input_lookup_buffer (vlib_buffer_t * b, u8 thread_index, u32 * error,
tcp_header_t *tcp;
u8 result = 0;
+ /* Set the sw_if_index[VLIB_RX] to the interface we received
+ * the connection on (the local interface) */
+ vnet_buffer (b)->sw_if_index[VLIB_RX] =
+ vnet_buffer (b)->ip.rx_sw_if_index != ~0 ?
+ vnet_buffer (b)->ip.rx_sw_if_index :
+ vnet_buffer (b)->sw_if_index[VLIB_RX];
+
if (is_ip4)
{
ip4_header_t *ip4 = vlib_buffer_get_current (b);