summaryrefslogtreecommitdiffstats
path: root/src/plugins/mss_clamp/mss_clamp.c
diff options
context:
space:
mode:
authorNeale Ranns <neale.ranns@cisco.com>2018-10-04 06:40:30 -0700
committerDamjan Marion <dmarion@me.com>2021-03-05 10:55:26 +0000
commitbf55e9931ce203049385fbf55dde291ead556679 (patch)
tree44ddb0b8a74f14971cdd95eca75f8fac6263d4b4 /src/plugins/mss_clamp/mss_clamp.c
parentab9f57355f43976930ef52e6091ef80412b065a0 (diff)
mss_clamp: TCP MSS clamping plugin
Type: feature Configure TCP MSS clamping on an interface as follows: set interface tcp-mss-clamp [rx|tx] <interface-name> ip4 [enable|disable|rx|tx] ip4-mss <size> ip6 [enable|disable|rx|tx] ip6-mss <size> Change-Id: I45b04e50a0b70a33e14a9066f981c651292ebffb Signed-off-by: Neale Ranns <neale.ranns@cisco.com> Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com> Signed-off-by: Miklos Tirpak <miklos.tirpak@gmail.com> Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Diffstat (limited to 'src/plugins/mss_clamp/mss_clamp.c')
-rw-r--r--src/plugins/mss_clamp/mss_clamp.c292
1 files changed, 292 insertions, 0 deletions
diff --git a/src/plugins/mss_clamp/mss_clamp.c b/src/plugins/mss_clamp/mss_clamp.c
new file mode 100644
index 00000000000..cdac5456641
--- /dev/null
+++ b/src/plugins/mss_clamp/mss_clamp.c
@@ -0,0 +1,292 @@
+/*
+ * mss_clamp.c - TCP MSS clamping plug-in
+ *
+ * Copyright (c) 2018 Cisco and/or its affiliates
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <vnet/vnet.h>
+#include <vnet/plugin/plugin.h>
+#include <mss_clamp/mss_clamp.h>
+#include <mss_clamp/mss_clamp.api_types.h>
+
+mssc_main_t mssc_main;
+
+/* Action function shared between message handler and debug CLI */
+
+static void
+mssc_enable_disable_feat (u32 sw_if_index, u8 dir4, u8 dir6, int enable)
+{
+ if (dir4 == MSS_CLAMP_DIR_NONE && dir6 == MSS_CLAMP_DIR_NONE)
+ return;
+
+ // ip4
+ if ((dir4 & MSS_CLAMP_DIR_RX) != MSS_CLAMP_DIR_NONE)
+ vnet_feature_enable_disable ("ip4-unicast", "tcp-mss-clamping-ip4-in",
+ sw_if_index, enable, 0, 0);
+ if ((dir4 & MSS_CLAMP_DIR_TX) != MSS_CLAMP_DIR_NONE)
+ vnet_feature_enable_disable ("ip4-output", "tcp-mss-clamping-ip4-out",
+ sw_if_index, enable, 0, 0);
+ // ip6
+ if ((dir6 & MSS_CLAMP_DIR_RX) != MSS_CLAMP_DIR_NONE)
+ vnet_feature_enable_disable ("ip6-unicast", "tcp-mss-clamping-ip6-in",
+ sw_if_index, enable, 0, 0);
+ if ((dir6 & MSS_CLAMP_DIR_TX) != MSS_CLAMP_DIR_NONE)
+ vnet_feature_enable_disable ("ip6-output", "tcp-mss-clamping-ip6-out",
+ sw_if_index, enable, 0, 0);
+}
+
+int
+mssc_enable_disable (u32 sw_if_index, u8 dir4, u8 dir6, u16 mss4, u16 mss6)
+{
+ mssc_main_t *cm = &mssc_main;
+ u8 *dir_enabled4, *dir_enabled6;
+ int rv = 0;
+
+ if (dir4 == MSS_CLAMP_DIR_NONE)
+ mss4 = MSS_CLAMP_UNSET;
+ if (dir6 == MSS_CLAMP_DIR_NONE)
+ mss6 = MSS_CLAMP_UNSET;
+
+ vec_validate_init_empty (cm->dir_enabled4, sw_if_index, MSS_CLAMP_DIR_NONE);
+ vec_validate_init_empty (cm->dir_enabled6, sw_if_index, MSS_CLAMP_DIR_NONE);
+ vec_validate_init_empty (cm->max_mss4, sw_if_index, MSS_CLAMP_UNSET);
+ vec_validate_init_empty (cm->max_mss6, sw_if_index, MSS_CLAMP_UNSET);
+
+ cm->max_mss4[sw_if_index] = mss4;
+ cm->max_mss6[sw_if_index] = mss6;
+ dir_enabled4 = &cm->dir_enabled4[sw_if_index];
+ dir_enabled6 = &cm->dir_enabled6[sw_if_index];
+
+ // Disable the directions that are no longer needed
+ mssc_enable_disable_feat (sw_if_index, (*dir_enabled4) & ~dir4,
+ (*dir_enabled6) & ~dir6, 0);
+ // Enable the new directions
+ mssc_enable_disable_feat (sw_if_index, ~(*dir_enabled4) & dir4,
+ ~(*dir_enabled6) & dir6, 1);
+
+ *dir_enabled4 = dir4;
+ *dir_enabled6 = dir6;
+
+ return rv;
+}
+
+int
+mssc_get_mss (u32 sw_if_index, u8 *dir4, u8 *dir6, u16 *mss4, u16 *mss6)
+{
+ mssc_main_t *cm = &mssc_main;
+ int rv = VNET_API_ERROR_FEATURE_DISABLED;
+
+ if (vec_len (cm->dir_enabled4) > sw_if_index &&
+ MSS_CLAMP_DIR_NONE != cm->dir_enabled4[sw_if_index])
+ {
+ *mss4 = cm->max_mss4[sw_if_index];
+ *dir4 = cm->dir_enabled4[sw_if_index];
+ rv = 0;
+ }
+ else
+ {
+ *mss4 = MSS_CLAMP_DIR_NONE;
+ *dir4 = 0;
+ }
+
+ if (vec_len (cm->dir_enabled6) > sw_if_index &&
+ MSS_CLAMP_DIR_NONE != cm->dir_enabled6[sw_if_index])
+ {
+ *mss6 = cm->max_mss6[sw_if_index];
+ *dir6 = cm->dir_enabled6[sw_if_index];
+ rv = 0;
+ }
+ else
+ {
+ *mss6 = MSS_CLAMP_DIR_NONE;
+ *dir6 = 0;
+ }
+ return rv;
+}
+
+static uword
+unformat_mssc_dir (unformat_input_t *input, va_list *args)
+{
+ u8 *result = va_arg (*args, u8 *);
+ u8 dir = MSS_CLAMP_DIR_RX | MSS_CLAMP_DIR_TX;
+
+ if (unformat (input, "disable"))
+ dir = MSS_CLAMP_DIR_NONE;
+ else if (unformat (input, "enable"))
+ dir = MSS_CLAMP_DIR_RX | MSS_CLAMP_DIR_TX;
+ else if (unformat (input, "rx"))
+ dir = MSS_CLAMP_DIR_RX;
+ else if (unformat (input, "tx"))
+ dir = MSS_CLAMP_DIR_TX;
+ else
+ return 0;
+
+ *result = dir;
+ return 1;
+}
+
+static clib_error_t *
+mssc_enable_command_fn (vlib_main_t *vm, unformat_input_t *input,
+ vlib_cli_command_t *cmd)
+{
+ u32 sw_if_index = ~0;
+ u8 dir4 = ~0, dir6 = ~0;
+ u32 mss4 = ~0, mss6 = ~0;
+ int rv;
+
+ while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
+ {
+ if (unformat (input, "ip4 %U", unformat_mssc_dir, &dir4))
+ ;
+ else if (unformat (input, "ip6 %U", unformat_mssc_dir, &dir6))
+ ;
+ else if (unformat (input, "ip4-mss %d", &mss4))
+ ;
+ else if (unformat (input, "ip6-mss %d", &mss6))
+ ;
+ else if (unformat (input, "%U", unformat_vnet_sw_interface,
+ vnet_get_main (), &sw_if_index))
+ ;
+ else
+ break;
+ }
+
+ if (sw_if_index == ~0)
+ return clib_error_return (0, "Please specify an interface");
+
+ if (dir4 == (u8) ~0 || dir6 == (u8) ~0)
+ return clib_error_return (
+ 0, "Please specify the MSS clamping direction for ip4 and ip6");
+
+ if (dir4 != MSS_CLAMP_DIR_NONE)
+ {
+ if (mss4 == ~0)
+ return clib_error_return (
+ 0, "Please specify the Max Segment Size for ip4");
+ if (mss4 >= MSS_CLAMP_UNSET)
+ return clib_error_return (0, "Invalid Max Segment Size");
+ }
+ if (dir6 != MSS_CLAMP_DIR_NONE)
+ {
+ if (mss6 == ~0)
+ return clib_error_return (
+ 0, "Please specify the Max Segment Size for ip6");
+ if (mss6 >= MSS_CLAMP_UNSET)
+ return clib_error_return (0, "Invalid Max Segment Size");
+ }
+
+ rv = mssc_enable_disable (sw_if_index, dir4, dir6, mss4, mss6);
+
+ if (rv)
+ return clib_error_return (0, "Failed: %d = %U", rv, format_vnet_api_errno,
+ rv);
+
+ return (NULL);
+}
+
+VLIB_CLI_COMMAND (mssc_enable_disable_command, static) = {
+ .path = "set interface tcp-mss-clamp",
+ .short_help = "set interface tcp-mss-clamp <interface-name> "
+ "ip4 [enable|disable|rx|tx] ip4-mss <size> "
+ "ip6 [enable|disable|rx|tx] ip6-mss <size>",
+ .function = mssc_enable_command_fn,
+};
+
+static u8 *
+format_mssc_clamping (u8 *s, va_list *args)
+{
+ u8 dir = va_arg (*args, u32);
+ u16 mss = va_arg (*args, u32);
+#define DIR2S(d) \
+ (((d) == (MSS_CLAMP_DIR_RX | MSS_CLAMP_DIR_TX)) ? \
+ "" : \
+ (((d) == MSS_CLAMP_DIR_RX) ? " [RX]" : " [TX]"))
+
+ if (MSS_CLAMP_DIR_NONE == dir)
+ {
+ return format (s, "disabled");
+ }
+ u32 mss_u32 = mss;
+ return format (s, "%d%s", mss_u32, DIR2S (dir));
+}
+
+static clib_error_t *
+mssc_show_command_fn (vlib_main_t *vm, unformat_input_t *input,
+ vlib_cli_command_t *cmd)
+{
+ mssc_main_t *cm = &mssc_main;
+ u32 sw_if_index = ~0;
+ u32 ii;
+
+ while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
+ {
+ if (unformat (input, "%U", unformat_vnet_sw_interface, vnet_get_main (),
+ &sw_if_index))
+ ;
+ else
+ break;
+ }
+
+ if (sw_if_index == ~0)
+ {
+ vec_foreach_index (ii, cm->dir_enabled4)
+ {
+ u8 dir4 = cm->dir_enabled4[ii];
+ u8 dir6 = cm->dir_enabled6[ii];
+ if (MSS_CLAMP_DIR_NONE != dir4 || MSS_CLAMP_DIR_NONE != dir6)
+ {
+ u16 mss4 = cm->max_mss4[ii];
+ u16 mss6 = cm->max_mss6[ii];
+ vlib_cli_output (vm, "%U: ip4: %U ip6: %U",
+ format_vnet_sw_if_index_name, vnet_get_main (),
+ ii, format_mssc_clamping, dir4, mss4,
+ format_mssc_clamping, dir6, mss6);
+ }
+ }
+ }
+ else
+ {
+ u16 mss4, mss6;
+ u8 dir4, dir6;
+ mssc_get_mss (sw_if_index, &dir4, &dir6, &mss4, &mss6);
+ vlib_cli_output (vm, "%U: ip4: %U ip6: %U", format_vnet_sw_if_index_name,
+ vnet_get_main (), sw_if_index, format_mssc_clamping,
+ dir4, mss4, format_mssc_clamping, dir6, mss6);
+ }
+
+ return (NULL);
+}
+
+VLIB_CLI_COMMAND (mssc_show_command, static) = {
+ .path = "show interface tcp-mss-clamp",
+ .short_help = "show interface tcp-mss-clamp [interface-name]",
+ .long_help = "show TCP MSS clamping configurations",
+ .function = mssc_show_command_fn,
+};
+
+static clib_error_t *
+mssc_init (vlib_main_t *vm)
+{
+ return NULL;
+}
+
+VLIB_INIT_FUNCTION (mssc_init);
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */