diff options
| author |   Neale Ranns <nranns@cisco.com> | 2019-09-30 10:53:31 +0000 |
|---|---|---|
| committer |   Ole Trøan <otroan@employees.org> | 2019-12-17 10:56:20 +0000 |
| commit | cbe25aab3be72154f2c706c39eeba6a77f34450f (patch) | |
| tree | 131fb53b5ec973be045ffb9e2eb797af01d112a0 /src/vnet/ip-neighbor/ip_neighbor.c | |
| parent | 96453fd2417ebd1d69354a7fb692976129cea80e (diff) | |
ip: Protocol Independent IP Neighbors
Type: feature
- ip-neighbour: generic neighbour handling; APIs, DBs, event handling,
aging
- arp: ARP protocol implementation
- ip6-nd; IPv6 neighbor discovery implementation; separate ND,
MLD, RA
- ip6-link; manage link-local addresses
- l2-arp-term; events separated from IP neighbours, since they are not
the same.
vnet retains just enough education to perform ND/ARP packet
construction.
arp and ip6-nd to be moved to plugins soon.
Change-Id: I88dedd0006b299344f4c7024a0aa5baa6b9a8bbe
Signed-off-by: Neale Ranns <nranns@cisco.com>
Diffstat (limited to 'src/vnet/ip-neighbor/ip_neighbor.c')
| -rw-r--r-- | src/vnet/ip-neighbor/ip_neighbor.c | 1664 |
1 files changed, 1664 insertions, 0 deletions
diff --git a/src/vnet/ip-neighbor/ip_neighbor.c b/src/vnet/ip-neighbor/ip_neighbor.c new file mode 100644 index 00000000000..11684eb9de5 --- /dev/null +++ b/src/vnet/ip-neighbor/ip_neighbor.c @@ -0,0 +1,1664 @@ +/* + * src/vnet/ip/ip_neighboor.c: ip neighbor generic handling + * + * Copyright (c) 2018 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <vppinfra/llist.h> + +#include <vnet/ip-neighbor/ip_neighbor.h> +#include <vnet/ip-neighbor/ip4_neighbor.h> +#include <vnet/ip-neighbor/ip6_neighbor.h> +#include <vnet/ip-neighbor/ip_neighbor_watch.h> + +#include <vnet/ip/ip6_ll_table.h> +#include <vnet/fib/fib_table.h> +#include <vnet/adj/adj_mcast.h> + +/** Pool for All IP neighbors */ +static ip_neighbor_t *ip_neighbor_pool; + +/** protocol specific lists of time sorted neighbors */ +index_t ip_neighbor_list_head[IP46_N_TYPES]; + +typedef struct ip_neighbor_elt_t_ +{ + clib_llist_anchor_t ipne_anchor; + index_t ipne_index; +} ip_neighbor_elt_t; + +/** Pool of linked list elemeents */ +ip_neighbor_elt_t *ip_neighbor_elt_pool; + +typedef struct ip_neighbor_db_t_ +{ + /** per interface hash */ + uword **ipndb_hash; + /** per-protocol limit - max number of neighbors*/ + u32 ipndb_limit; + /** max age of a neighbor before it's forcibly evicted */ + u32 ipndb_age; + /** when the limit is reached and new neighbors are created, should + * we recycle an old one */ + bool ipndb_recycle; + /** per-protocol number of elements */ + u32 ipndb_n_elts; + /** per-protocol number of elements per-fib-index*/ + u32 *ipndb_n_elts_per_fib; +} ip_neighbor_db_t; + +static vlib_log_class_t ipn_logger; + +/* DBs of neighbours one per AF */ +/* *INDENT-OFF* */ +static ip_neighbor_db_t ip_neighbor_db[IP46_N_TYPES] = { + [IP46_TYPE_IP4] = { + .ipndb_limit = 50000, + /* Default to not aging and not recycling */ + .ipndb_age = 0, + .ipndb_recycle = false, + }, + [IP46_TYPE_IP6] = { + .ipndb_limit = 50000, + /* Default to not aging and not recycling */ + .ipndb_age = 0, + .ipndb_recycle = false, + } +}; +/* *INDENT-ON* */ + +#define IP_NEIGHBOR_DBG(...) \ + vlib_log_debug (ipn_logger, __VA_ARGS__); + +#define IP_NEIGHBOR_INFO(...) \ + vlib_log_notice (ipn_logger, __VA_ARGS__); + +ip_neighbor_t * +ip_neighbor_get (index_t ipni) +{ + if (pool_is_free_index (ip_neighbor_pool, ipni)) + return (NULL); + + return (pool_elt_at_index (ip_neighbor_pool, ipni)); +} + +static index_t +ip_neighbor_get_index (const ip_neighbor_t * ipn) +{ + return (ipn - ip_neighbor_pool); +} + +static bool +ip_neighbor_is_dynamic (const ip_neighbor_t * ipn) +{ + return (ipn->ipn_flags & IP_NEIGHBOR_FLAG_DYNAMIC); +} + +const ip46_address_t * +ip_neighbor_get_ip (const ip_neighbor_t * ipn) +{ + return (&ipn->ipn_key->ipnk_ip); +} + +const mac_address_t * +ip_neighbor_get_mac (const ip_neighbor_t * ipn) +{ + return (&ipn->ipn_mac); +} + +const u32 +ip_neighbor_get_sw_if_index (const ip_neighbor_t * ipn) +{ + return (ipn->ipn_key->ipnk_sw_if_index); +} + +static void +ip_neighbor_list_remove (ip_neighbor_t * ipn) +{ + /* new neighbours, are added to the head of the list, since the + * list is time sorted, newest first */ + ip_neighbor_elt_t *elt; + + if (~0 != ipn->ipn_elt) + { + elt = pool_elt_at_index (ip_neighbor_elt_pool, ipn->ipn_elt); + + clib_llist_remove (ip_neighbor_elt_pool, ipne_anchor, elt); + } +} + +static void +ip_neighbor_refresh (ip_neighbor_t * ipn) +{ + /* new neighbours, are added to the head of the list, since the + * list is time sorted, newest first */ + ip_neighbor_elt_t *elt, *head; + + ipn->ipn_time_last_updated = vlib_time_now (vlib_get_main ()); + ipn->ipn_n_probes = 0; + + if (ip_neighbor_is_dynamic (ipn)) + { + if (~0 == ipn->ipn_elt) + /* first time insertion */ + pool_get_zero (ip_neighbor_elt_pool, elt); + else + { + /* already inserted - extract first */ + elt = pool_elt_at_index (ip_neighbor_elt_pool, ipn->ipn_elt); + + clib_llist_remove (ip_neighbor_elt_pool, ipne_anchor, elt); + } + head = pool_elt_at_index (ip_neighbor_elt_pool, + ip_neighbor_list_head[ipn-> + ipn_key->ipnk_type]); + + elt->ipne_index = ip_neighbor_get_index (ipn); + clib_llist_add (ip_neighbor_elt_pool, ipne_anchor, elt, head); + ipn->ipn_elt = elt - ip_neighbor_elt_pool; + } +} + +static void +ip_neighbor_db_add (const ip_neighbor_t * ipn) +{ + vec_validate (ip_neighbor_db[ipn->ipn_key->ipnk_type].ipndb_hash, + ipn->ipn_key->ipnk_sw_if_index); + + if (!ip_neighbor_db[ipn->ipn_key->ipnk_type].ipndb_hash + [ipn->ipn_key->ipnk_sw_if_index]) + ip_neighbor_db[ipn->ipn_key->ipnk_type].ipndb_hash[ipn-> + ipn_key->ipnk_sw_if_index] + = hash_create_mem (0, sizeof (ip_neighbor_key_t), sizeof (index_t)); + + hash_set_mem (ip_neighbor_db[ipn->ipn_key->ipnk_type].ipndb_hash + [ipn->ipn_key->ipnk_sw_if_index], ipn->ipn_key, + ip_neighbor_get_index (ipn)); + + ip_neighbor_db[ipn->ipn_key->ipnk_type].ipndb_n_elts++; +} + +static void +ip_neighbor_db_remove (const ip_neighbor_key_t * key) +{ + vec_validate (ip_neighbor_db[key->ipnk_type].ipndb_hash, + key->ipnk_sw_if_index); + + hash_unset_mem (ip_neighbor_db[key->ipnk_type].ipndb_hash + [key->ipnk_sw_if_index], key); + + ip_neighbor_db[key->ipnk_type].ipndb_n_elts--; +} + +static ip_neighbor_t * +ip_neighbor_db_find (const ip_neighbor_key_t * key) +{ + uword *p; + + if (key->ipnk_sw_if_index >= + vec_len (ip_neighbor_db[key->ipnk_type].ipndb_hash)) + return NULL; + + p = + hash_get_mem (ip_neighbor_db[key->ipnk_type].ipndb_hash + [key->ipnk_sw_if_index], key); + + if (p) + return ip_neighbor_get (p[0]); + + return (NULL); +} + +static u8 +ip46_type_pfx_len (ip46_type_t type) +{ + return (type == IP46_TYPE_IP4 ? 32 : 128); +} + +static void +ip_neighbor_adj_fib_add (ip_neighbor_t * ipn, u32 fib_index) +{ + if (ipn->ipn_key->ipnk_type == IP46_TYPE_IP6 && + ip6_address_is_link_local_unicast (&ipn->ipn_key->ipnk_ip.ip6)) + { + ip6_ll_prefix_t pfx = { + .ilp_addr = ipn->ipn_key->ipnk_ip.ip6, + .ilp_sw_if_index = ipn->ipn_key->ipnk_sw_if_index, + }; + ipn->ipn_fib_entry_index = + ip6_ll_table_entry_update (&pfx, FIB_ROUTE_PATH_FLAG_NONE); + } + else + { + fib_protocol_t fproto; + + fproto = fib_proto_from_ip46 (ipn->ipn_key->ipnk_type); + + fib_prefix_t pfx = { + .fp_len = ip46_type_pfx_len (ipn->ipn_key->ipnk_type), + .fp_proto = fproto, + .fp_addr = ipn->ipn_key->ipnk_ip, + }; + + ipn->ipn_fib_entry_index = + fib_table_entry_path_add (fib_index, &pfx, FIB_SOURCE_ADJ, + FIB_ENTRY_FLAG_ATTACHED, + fib_proto_to_dpo (fproto), + &pfx.fp_addr, + ipn->ipn_key->ipnk_sw_if_index, + ~0, 1, NULL, FIB_ROUTE_PATH_FLAG_NONE); + + vec_validate (ip_neighbor_db + [ipn->ipn_key->ipnk_type].ipndb_n_elts_per_fib, + fib_index); + + ip_neighbor_db[ipn->ipn_key-> + ipnk_type].ipndb_n_elts_per_fib[fib_index]++; + + if (1 == + ip_neighbor_db[ipn->ipn_key-> + ipnk_type].ipndb_n_elts_per_fib[fib_index]) + fib_table_lock (fib_index, fproto, FIB_SOURCE_ADJ); + } +} + +static void +ip_neighbor_adj_fib_remove (ip_neighbor_t * ipn, u32 fib_index) +{ + if (FIB_NODE_INDEX_INVALID != ipn->ipn_fib_entry_index) + { + if (ipn->ipn_key->ipnk_type == IP46_TYPE_IP6 && + ip6_address_is_link_local_unicast (&ipn->ipn_key->ipnk_ip.ip6)) + { + ip6_ll_prefix_t pfx = { + .ilp_addr = ipn->ipn_key->ipnk_ip.ip6, + .ilp_sw_if_index = ipn->ipn_key->ipnk_sw_if_index, + }; + ip6_ll_table_entry_delete (&pfx); + } + else + { + fib_protocol_t fproto; + + fproto = fib_proto_from_ip46 (ipn->ipn_key->ipnk_type); + + fib_prefix_t pfx = { + .fp_len = ip46_type_pfx_len (ipn->ipn_key->ipnk_type), + .fp_proto = fproto, + .fp_addr = ipn->ipn_key->ipnk_ip, + }; + + fib_table_entry_path_remove (fib_index, + &pfx, + FIB_SOURCE_ADJ, + fib_proto_to_dpo (fproto), + &pfx.fp_addr, + ipn->ipn_key->ipnk_sw_if_index, + ~0, 1, FIB_ROUTE_PATH_FLAG_NONE); + + ip_neighbor_db[ipn->ipn_key-> + ipnk_type].ipndb_n_elts_per_fib[fib_index]--; + + if (0 == + ip_neighbor_db[ipn->ipn_key-> + ipnk_type].ipndb_n_elts_per_fib[fib_index]) + fib_table_unlock (fib_index, fproto, FIB_SOURCE_ADJ); + } + } +} + +static void +ip_neighbor_mk_complete (adj_index_t ai, ip_neighbor_t * ipn) +{ + adj_nbr_update_rewrite (ai, ADJ_NBR_REWRITE_FLAG_COMPLETE, + ethernet_build_rewrite (vnet_get_main (), + ipn-> + ipn_key->ipnk_sw_if_index, + adj_get_link_type (ai), + ipn->ipn_mac.bytes)); +} + +static void +ip_neighbor_mk_incomplete (adj_index_t ai) +{ + ip_adjacency_t *adj = adj_get (ai); + + adj_nbr_update_rewrite (ai, + ADJ_NBR_REWRITE_FLAG_INCOMPLETE, + ethernet_build_rewrite (vnet_get_main (), + adj-> + rewrite_header.sw_if_index, + adj_get_link_type (ai), + VNET_REWRITE_FOR_SW_INTERFACE_ADDRESS_BROADCAST)); +} + +static adj_walk_rc_t +ip_neighbor_mk_complete_walk (adj_index_t ai, void *ctx) +{ + ip_neighbor_t *ipn = ctx; + + ip_neighbor_mk_complete (ai, ipn); + + return (ADJ_WALK_RC_CONTINUE); +} + +static adj_walk_rc_t +ip_neighbor_mk_incomplete_walk (adj_index_t ai, void *ctx) +{ + ip_neighbor_mk_incomplete (ai); + + return (ADJ_WALK_RC_CONTINUE); +} + +static void +ip_neighbor_free (ip_neighbor_t * ipn) +{ + IP_NEIGHBOR_DBG ("free: %U", format_ip_neighbor, + ip_neighbor_get_index (ipn)); + + adj_nbr_walk_nh (ipn->ipn_key->ipnk_sw_if_index, + fib_proto_from_ip46 (ipn->ipn_key->ipnk_type), + &ipn->ipn_key->ipnk_ip, + ip_neighbor_mk_incomplete_walk, ipn); + ip_neighbor_adj_fib_remove + (ipn, + fib_table_get_index_for_sw_if_index + (fib_proto_from_ip46 (ipn->ipn_key->ipnk_type), + ipn->ipn_key->ipnk_sw_if_index)); + + ip_neighbor_list_remove (ipn); + ip_neighbor_db_remove (ipn->ipn_key); + clib_mem_free (ipn->ipn_key); + + pool_put (ip_neighbor_pool, ipn); +} + +static bool +ip_neighbor_force_reuse (ip46_type_t type) +{ + if (!ip_neighbor_db[type].ipndb_recycle) + return false; + + /* pluck the oldest entry, which is the one from the end of the list */ + ip_neighbor_elt_t *elt, *head; + + head = + pool_elt_at_index (ip_neighbor_elt_pool, ip_neighbor_list_head[type]); + + if (clib_llist_is_empty (ip_neighbor_elt_pool, ipne_anchor, head)) + return (false); + + elt = clib_llist_prev (ip_neighbor_elt_pool, ipne_anchor, head); + ip_neighbor_free (ip_neighbor_get (elt->ipne_index)); + + return (true); +} + +static ip_neighbor_t * +ip_neighbor_alloc (const ip_neighbor_key_t * key, + const mac_address_t * mac, ip_neighbor_flags_t flags) +{ + ip_neighbor_t *ipn; + + if (ip_neighbor_db[key->ipnk_type].ipndb_limit && + (ip_neighbor_db[key->ipnk_type].ipndb_n_elts >= + ip_neighbor_db[key->ipnk_type].ipndb_limit)) + { + if (!ip_neighbor_force_reuse (key->ipnk_type)) + return (NULL); + } + + pool_get_zero (ip_neighbor_pool, ipn); + + ipn->ipn_key = clib_mem_alloc (sizeof (*ipn->ipn_key)); + clib_memcpy (ipn->ipn_key, key, sizeof (*ipn->ipn_key)); + + ipn->ipn_fib_entry_index = FIB_NODE_INDEX_INVALID; + ipn->ipn_flags = flags; + ipn->ipn_elt = ~0; + + mac_address_copy (&ipn->ipn_mac, mac); + + ip_neighbor_db_add (ipn); + + /* create the adj-fib. the entry in the FIB table for the peer's interface */ + if (!(ipn->ipn_flags & IP_NEIGHBOR_FLAG_NO_FIB_ENTRY)) + ip_neighbor_adj_fib_add + (ipn, fib_table_get_index_for_sw_if_index + (fib_proto_from_ip46 (ipn->ipn_key->ipnk_type), + ipn->ipn_key->ipnk_sw_if_index)); + + return (ipn); +} + +int +ip_neighbor_add (const ip46_address_t * ip, + ip46_type_t type, + const mac_address_t * mac, + u32 sw_if_index, + ip_neighbor_flags_t flags, u32 * stats_index) +{ + fib_protocol_t fproto; + ip_neighbor_t *ipn; + + /* main thread only */ + ASSERT (0 == vlib_get_thread_index ()); + + fproto = fib_proto_from_ip46 (type); + + const ip_neighbor_key_t key = { + .ipnk_ip = *ip, + .ipnk_sw_if_index = sw_if_index, + .ipnk_type = type, + }; + + ipn = ip_neighbor_db_find (&key); + + if (ipn) + { + IP_NEIGHBOR_DBG ("update: %U, %U", + format_vnet_sw_if_index_name, vnet_get_main (), + sw_if_index, format_ip46_address, ip, type, + format_ip_neighbor_flags, flags, format_mac_address_t, + mac); + + /* Refuse to over-write static neighbor entry. */ + if (!(flags & IP_NEIGHBOR_FLAG_STATIC) && + (ipn->ipn_flags & IP_NEIGHBOR_FLAG_STATIC)) + { + /* if MAC address match, still check to send event */ + if (0 == mac_address_cmp (&ipn->ipn_mac, mac)) + goto check_customers; + return -2; + } + + /* + * prevent a DoS attack from the data-plane that + * spams us with no-op updates to the MAC address + */ + if (0 == mac_address_cmp (&ipn->ipn_mac, mac)) + { + ip_neighbor_refresh (ipn); + goto check_customers; + } + + mac_address_copy (&ipn->ipn_mac, mac); + + /* A dynamic entry can become static, but not vice-versa. + * i.e. since if it was programmed by the CP then it must + * be removed by the CP */ + if ((flags & IP_NEIGHBOR_FLAG_STATIC) && + !(ipn->ipn_flags & IP_NEIGHBOR_FLAG_STATIC)) + { + ip_neighbor_list_remove (ipn); + ipn->ipn_flags |= IP_NEIGHBOR_FLAG_STATIC; + ipn->ipn_flags &= ~IP_NEIGHBOR_FLAG_DYNAMIC; + } + } + else + { + IP_NEIGHBOR_INFO ("add: %U, %U", + format_vnet_sw_if_index_name, vnet_get_main (), + sw_if_index, format_ip46_address, ip, type, + format_ip_neighbor_flags, flags, format_mac_address_t, + mac); + + ipn = ip_neighbor_alloc (&key, mac, flags); + + if (NULL == ipn) + return VNET_API_ERROR_LIMIT_EXCEEDED; + } + + /* Update time stamp and flags. */ + ip_neighbor_refresh (ipn); + + adj_nbr_walk_nh (ipn->ipn_key->ipnk_sw_if_index, + fproto, &ipn->ipn_key->ipnk_ip, + ip_neighbor_mk_complete_walk, ipn); + +check_customers: + /* Customer(s) requesting event for this address? */ + ip_neighbor_publish (ip_neighbor_get_index (ipn)); + + if (stats_index) + *stats_index = adj_nbr_find (fproto, + fib_proto_to_link (fproto), + &ipn->ipn_key->ipnk_ip, + ipn->ipn_key->ipnk_sw_if_index); + return 0; +} + +int +ip_neighbor_del (const ip46_address_t * ip, ip46_type_t type, u32 sw_if_index) +{ + ip_neighbor_t *ipn; + + /* main thread only */ + ASSERT (0 == vlib_get_thread_index ()); + + IP_NEIGHBOR_INFO ("delete: %U, %U", + format_vnet_sw_if_index_name, vnet_get_main (), + sw_if_index, format_ip46_address, ip, type); + + const ip_neighbor_key_t key = { + .ipnk_ip = *ip, + .ipnk_sw_if_index = sw_if_index, + .ipnk_type = type, + }; + + ipn = ip_neighbor_db_find (&key); + + if (NULL == ipn) + return (VNET_API_ERROR_NO_SUCH_ENTRY); + + ip_neighbor_free (ipn); + + return (0); +} + +void +ip_neighbor_update (vnet_main_t * vnm, adj_index_t ai) +{ + ip_neighbor_t *ipn; + ip_adjacency_t *adj; + + adj = adj_get (ai); + + ip_neighbor_key_t key = { + .ipnk_ip = adj->sub_type.nbr.next_hop, + .ipnk_type = fib_proto_to_ip46 (adj->ia_nh_proto), + .ipnk_sw_if_index = adj->rewrite_header.sw_if_index, + }; + ipn = ip_neighbor_db_find (&key); + + switch (adj->lookup_next_index) + { + case IP_LOOKUP_NEXT_ARP: + if (NULL != ipn) + { + adj_nbr_walk_nh (adj->rewrite_header.sw_if_index, + adj->ia_nh_proto, + &ipn->ipn_key->ipnk_ip, + ip_neighbor_mk_complete_walk, ipn); + } + else + { + /* + * no matching ARP entry. + * construct the rewrite required to for an ARP packet, and stick + * that in the adj's pipe to smoke. + */ + adj_nbr_update_rewrite + (ai, + ADJ_NBR_REWRITE_FLAG_INCOMPLETE, + ethernet_build_rewrite + (vnm, + adj->rewrite_header.sw_if_index, + VNET_LINK_ARP, + VNET_REWRITE_FOR_SW_INTERFACE_ADDRESS_BROADCAST)); + + /* + * since the FIB has added this adj for a route, it makes sense it + * may want to forward traffic sometime soon. Let's send a + * speculative ARP. just one. If we were to do periodically that + * wouldn't be bad either, but that's more code than i'm prepared to + * write at this time for relatively little reward. + */ + ip_neighbor_probe (adj); + } + break; + case IP_LOOKUP_NEXT_GLEAN: + case IP_LOOKUP_NEXT_BCAST: + case IP_LOOKUP_NEXT_MCAST: + case IP_LOOKUP_NEXT_DROP: + case IP_LOOKUP_NEXT_PUNT: + case IP_LOOKUP_NEXT_LOCAL: + case IP_LOOKUP_NEXT_REWRITE: + case IP_LOOKUP_NEXT_MCAST_MIDCHAIN: + case IP_LOOKUP_NEXT_MIDCHAIN: + case IP_LOOKUP_NEXT_ICMP_ERROR: + case IP_LOOKUP_N_NEXT: + ASSERT (0); + break; + } +} + +void +ip_neighbor_learn (const ip_neighbor_learn_t * l) +{ + ip_neighbor_add (&l->ip, l->type, &l->mac, l->sw_if_index, + IP_NEIGHBOR_FLAG_DYNAMIC, NULL); +} + +static clib_error_t * +ip_neighbor_cmd (vlib_main_t * vm, + unformat_input_t * input, vlib_cli_command_t * cmd) +{ + ip46_address_t ip = ip46_address_initializer; + mac_address_t mac = ZERO_MAC_ADDRESS; + vnet_main_t *vnm = vnet_get_main (); + ip_neighbor_flags_t flags; + u32 sw_if_index = ~0; + int is_add = 1; + int count = 1; + + flags = IP_NEIGHBOR_FLAG_DYNAMIC; + + while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) + { + /* set ip arp TenGigE1/1/0/1 1.2.3.4 aa:bb:... or aabb.ccdd... */ + if (unformat (input, "%U %U %U", + unformat_vnet_sw_interface, vnm, &sw_if_index, + unformat_ip46_address, &ip, IP46_TYPE_ANY, + unformat_mac_address_t, &mac)) + ; + else if (unformat (input, "delete") || unformat (input, "del")) + is_add = 0; + else if (unformat (input, "static")) + { + flags |= IP_NEIGHBOR_FLAG_STATIC; + flags &= ~IP_NEIGHBOR_FLAG_DYNAMIC; + } + else if (unformat (input, "no-fib-entry")) + flags |= IP_NEIGHBOR_FLAG_NO_FIB_ENTRY; + else if (unformat (input, "count %d", &count)) + ; + else + break; + } + + if (sw_if_index == ~0 || + ip46_address_is_zero (&ip) || mac_address_is_zero (&mac)) + return clib_error_return (0, + "specify interface, IP address and MAC: `%U'", + format_unformat_error, input); + + while (count) + { + if (is_add) + ip_neighbor_add (&ip, ip46_address_get_type (&ip), &mac, sw_if_index, + flags, NULL); + else + ip_neighbor_del (&ip, ip46_address_get_type (&ip), sw_if_index); + + ip46_address_increment (ip46_address_get_type (&ip), &ip); + mac_address_increment (&mac); + + --count; + } + + return NULL; +} + +/* *INDENT-OFF* */ +/*? + * Add or delete IPv4 ARP cache entries. + * + * @note 'set ip neighbor' options (e.g. delete, static, 'fib-id <id>', + * 'count <number>', 'interface ip4_addr mac_addr') can be added in + * any order and combination. + * + * @cliexpar + * @parblock + * Add or delete IPv4 ARP cache entries as follows. MAC Address can be in + * either aa:bb:cc:dd:ee:ff format or aabb.ccdd.eeff format. + * @cliexcmd{set ip neighbor GigabitEthernet2/0/0 6.0.0.3 dead.beef.babe} + * @cliexcmd{set ip neighbor delete GigabitEthernet2/0/0 6.0.0.3 de:ad:be:ef:ba:be} + * + * To add or delete an IPv4 ARP cache entry to or from a specific fib + * table: + * @cliexcmd{set ip neighbor fib-id 1 GigabitEthernet2/0/0 6.0.0.3 dead.beef.babe} + * @cliexcmd{set ip neighbor fib-id 1 delete GigabitEthernet2/0/0 6.0.0.3 dead.beef.babe} + * + * Add or delete IPv4 static ARP cache entries as follows: + * @cliexcmd{set ip neighbor static GigabitEthernet2/0/0 6.0.0.3 dead.beef.babe} + * @cliexcmd{set ip neighbor static delete GigabitEthernet2/0/0 6.0.0.3 dead.beef.babe} + * + * For testing / debugging purposes, the 'set ip neighbor' command can add or + * delete multiple entries. Supply the 'count N' parameter: + * @cliexcmd{set ip neighbor count 10 GigabitEthernet2/0/0 6.0.0.3 dead.beef.babe} + * @endparblock + ?*/ +VLIB_CLI_COMMAND (ip_neighbor_command, static) = { + .path = "set ip neighbor", + .short_help = + "set ip neighbor [del] <intfc> <ip-address> <mac-address> [static] [no-fib-entry] [count <count>] [fib-id <fib-id>] [proxy <lo-addr> - <hi-addr>]", + .function = ip_neighbor_cmd, +}; +VLIB_CLI_COMMAND (ip_neighbor_command2, static) = { + .path = "ip neighbor", + .short_help = + "ip neighbor [del] <intfc> <ip-address> <mac-address> [static] [no-fib-entry] [count <count>] [fib-id <fib-id>] [proxy <lo-addr> - <hi-addr>]", + .function = ip_neighbor_cmd, +}; +/* *INDENT-ON* */ + +static int +ip_neighbor_sort (void *a1, void *a2) +{ + index_t *ipni1 = a1, *ipni2 = a2; + ip_neighbor_t *ipn1, *ipn2; + int cmp; + + ipn1 = ip_neighbor_get (*ipni1); + ipn2 = ip_neighbor_get (*ipni2); + + cmp = vnet_sw_interface_compare (vnet_get_main (), + ipn1->ipn_key->ipnk_sw_if_index, + ipn2->ipn_key->ipnk_sw_if_index); + if (!cmp) + cmp = ip46_address_cmp (&ipn1->ipn_key->ipnk_ip, &ipn2->ipn_key->ipnk_ip); + return cmp; +} + +static index_t * +ip_neighbor_entries (u32 sw_if_index, ip46_type_t type) +{ + index_t *ipnis = NULL; + ip_neighbor_t *ipn; + + /* *INDENT-OFF* */ + pool_foreach (ipn, ip_neighbor_pool, + ({ + if (sw_if_index != ~0 && + ipn->ipn_key->ipnk_sw_if_index != sw_if_index && + (IP46_TYPE_ANY == type || + (ipn->ipn_key->ipnk_type == type))) + continue; + vec_add1 (ipnis, ip_neighbor_get_index(ipn)); + })); + + /* *INDENT-ON* */ + + if (ipnis) + vec_sort_with_function (ipnis, ip_neighbor_sort); + return ipnis; +} + +static clib_error_t * +ip_neighbor_show_sorted_i (vlib_main_t * vm, + unformat_input_t * input, + vlib_cli_command_t * cmd, ip46_type_t type) +{ + ip_neighbor_elt_t *elt, *head; + + head = pool_elt_at_index (ip_neighbor_elt_pool, + ip_neighbor_list_head[type]); + + + vlib_cli_output (vm, "%=12s%=40s%=6s%=20s%=24s", "Time", "IP", + "Flags", "Ethernet", "Interface"); + + /* *INDENT-OFF*/ + /* the list is time sorted, newest first, so start from the back + * and work forwards. Stop when we get to one that is alive */ + clib_llist_foreach_reverse(ip_neighbor_elt_pool, + ipne_anchor, head, elt, + ({ + vlib_cli_output (vm, "%U", format_ip_neighbor, elt->ipne_index); + })); + /* *INDENT-ON*/ + + return (NULL); +} + +static clib_error_t * +ip_neighbor_show_i (vlib_main_t * vm, + unformat_input_t * input, + vlib_cli_command_t * cmd, ip46_type_t type) +{ + index_t *ipni, *ipnis = NULL; + u32 sw_if_index; + + /* Filter entries by interface if given. */ + sw_if_index = ~0; + (void) unformat_user (input, unformat_vnet_sw_interface, vnet_get_main (), + &sw_if_index); + + ipnis = ip_neighbor_entries (sw_if_index, type); + + if (ipnis) + vlib_cli_output (vm, "%=12s%=40s%=6s%=20s%=24s", "Time", "IP", + "Flags", "Ethernet", "Interface"); + + vec_foreach (ipni, ipnis) + { + vlib_cli_output (vm, "%U", format_ip_neighbor, *ipni); + } + vec_free (ipnis); + + return (NULL); +} + +static clib_error_t * +ip_neighbor_show (vlib_main_t * vm, + unformat_input_t * input, vlib_cli_command_t * cmd) +{ + return (ip_neighbor_show_i (vm, input, cmd, IP46_TYPE_ANY)); +} + +static clib_error_t * +ip6_neighbor_show (vlib_main_t * vm, + unformat_input_t * input, vlib_cli_command_t * cmd) +{ + return (ip_neighbor_show_i (vm, input, cmd, IP46_TYPE_IP6)); +} + +static clib_error_t * +ip4_neighbor_show (vlib_main_t * vm, + unformat_input_t * input, vlib_cli_command_t * cmd) +{ + return (ip_neighbor_show_i (vm, input, cmd, IP46_TYPE_IP4)); +} + +static clib_error_t * +ip6_neighbor_show_sorted (vlib_main_t * vm, + unformat_input_t * input, vlib_cli_command_t * cmd) +{ + return (ip_neighbor_show_sorted_i (vm, input, cmd, IP46_TYPE_IP6)); +} + +static clib_error_t * +ip4_neighbor_show_sorted (vlib_main_t * vm, + unformat_input_t * input, vlib_cli_command_t * cmd) +{ + return (ip_neighbor_show_sorted_i (vm, input, cmd, IP46_TYPE_IP4)); +} + +/*? + * Display all the IP neighbor entries. + * + * @cliexpar + * Example of how to display the IPv4 ARP table: + * @cliexstart{show ip neighbor} + * Time FIB IP4 Flags Ethernet Interface + * 346.3028 0 6.1.1.3 de:ad:be:ef:ba:be GigabitEthernet2/0/0 + * 3077.4271 0 6.1.1.4 S de:ad:be:ef:ff:ff GigabitEthernet2/0/0 + * 2998.6409 1 6.2.2.3 de:ad:be:ef:00:01 GigabitEthernet2/0/0 + * Proxy arps enabled for: + * Fib_index 0 6.0.0.1 - 6.0.0.11 + * @cliexend + ?*/ +/* *INDENT-OFF* */ +VLIB_CLI_COMMAND (show_ip_neighbors_cmd_node, static) = { + .path = "show ip neighbors", + .function = ip_neighbor_show, + .short_help = "show ip neighbors [interface]", +}; +VLIB_CLI_COMMAND (show_ip4_neighbors_cmd_node, static) = { + .path = "show ip4 neighbors", + .function = ip4_neighbor_show, + .short_help = "show ip4 neighbors [interface]", +}; +VLIB_CLI_COMMAND (show_ip6_neighbors_cmd_node, static) = { + .path = "show ip6 neighbors", + .function = ip6_neighbor_show, + .short_help = "show ip6 neighbors [interface]", +}; +VLIB_CLI_COMMAND (show_ip_neighbor_cmd_node, static) = { + .path = "show ip neighbor", + .function = ip_neighbor_show, + .short_help = "show ip neighbor [interface]", +}; +VLIB_CLI_COMMAND (show_ip4_neighbor_cmd_node, static) = { + .path = "show ip4 neighbor", + .function = ip4_neighbor_show, + .short_help = "show ip4 neighbor [interface]", +}; +VLIB_CLI_COMMAND (show_ip6_neighbor_cmd_node, static) = { + .path = "show ip6 neighbor", + .function = ip6_neighbor_show, + .short_help = "show ip6 neighbor [interface]", +}; +VLIB_CLI_COMMAND (show_ip4_neighbor_sorted_cmd_node, static) = { + .path = "show ip4 neighbor-sorted", + .function = ip4_neighbor_show_sorted, + .short_help = "show ip4 neighbor-sorted", +}; +VLIB_CLI_COMMAND (show_ip6_neighbor_sorted_cmd_node, static) = { + .path = "show ip6 neighbor-sorted", + .function = ip6_neighbor_show_sorted, + .short_help = "show ip6 neighbor-sorted", +}; +/* *INDENT-ON* */ + +static ip_neighbor_vft_t ip_nbr_vfts[IP46_N_TYPES]; + +void +ip_neighbor_register (ip46_type_t type, const ip_neighbor_vft_t * vft) +{ + ip_nbr_vfts[type] = *vft; +} + +void +ip_neighbor_probe_dst (const ip_adjacency_t * adj, const ip46_address_t * dst) +{ + if (!vnet_sw_interface_is_admin_up (vnet_get_main (), + adj->rewrite_header.sw_if_index)) + return; + + switch (adj->ia_nh_proto) + { + case FIB_PROTOCOL_IP6: + ip6_neighbor_probe_dst (adj, &dst->ip6); + break; + case FIB_PROTOCOL_IP4: + ip4_neighbor_probe_dst (adj, &dst->ip4); + break; + case FIB_PROTOCOL_MPLS: + ASSERT (0); + break; + } +} + +void +ip_neighbor_probe (const ip_adjacency_t * adj) +{ + ip_neighbor_probe_dst (adj, &adj->sub_type.nbr.next_hop); +} + +void +ip_neighbor_advertise (vlib_main_t * vm, + ip46_type_t type, + const ip46_address_t * addr, u32 sw_if_index) +{ + vnet_main_t *vnm = vnet_get_main (); + + if (type == IP46_TYPE_IP4 || type == IP46_TYPE_BOTH) + ip4_neighbor_advertise (vm, vnm, sw_if_index, &addr->ip4); + if (type == IP46_TYPE_IP6 || type == IP46_TYPE_BOTH) + ip6_neighbor_advertise (vm, vnm, sw_if_index, &addr->ip6); +} + +void +ip_neighbor_walk (ip46_type_t type, + u32 sw_if_index, ip_neighbor_walk_cb_t cb, void *ctx) +{ + ip_neighbor_key_t *key; + index_t ipni; + + if (~0 == sw_if_index) + { + uword **hash; + + vec_foreach (hash, ip_neighbor_db[type].ipndb_hash) + { + /* *INDENT-OFF* */ + hash_foreach (key, ipni, *hash, + ({ + cb (ipni, ctx); + })); + /* *INDENT-ON* */ + } + } + else + { + uword *hash; + + if (vec_len (ip_neighbor_db[type].ipndb_hash) <= sw_if_index) + return; + hash = ip_neighbor_db[type].ipndb_hash[sw_if_index]; + + /* *INDENT-OFF* */ + hash_foreach (key, ipni, hash, + ({ + cb (ipni, ctx); + })); + /* *INDENT-ON* */ + } +} + +int +ip4_neighbor_proxy_add (u32 fib_index, + const ip4_address_t * start, + const ip4_address_t * end) +{ + if (ip_nbr_vfts[IP46_TYPE_IP4].inv_proxy4_add) + { + return (ip_nbr_vfts[IP46_TYPE_IP4].inv_proxy4_add + (fib_index, start, end)); + } + + return (-1); +} + +int +ip4_neighbor_proxy_delete (u32 fib_index, + const ip4_address_t * start, + const ip4_address_t * end) +{ + if (ip_nbr_vfts[IP46_TYPE_IP4].inv_proxy4_del) + { + return (ip_nbr_vfts[IP46_TYPE_IP4].inv_proxy4_del + (fib_index, start, end)); + } + return -1; +} + +int +ip4_neighbor_proxy_enable (u32 sw_if_index) +{ + if (ip_nbr_vfts[IP46_TYPE_IP4].inv_proxy4_enable) + { + return (ip_nbr_vfts[IP46_TYPE_IP4].inv_proxy4_enable (sw_if_index)); + } + return -1; +} + +int +ip4_neighbor_proxy_disable (u32 sw_if_index) +{ + if (ip_nbr_vfts[IP46_TYPE_IP4].inv_proxy4_disable) + { + return (ip_nbr_vfts[IP46_TYPE_IP4].inv_proxy4_disable (sw_if_index)); + } + return -1; +} + +int +ip6_neighbor_proxy_add (u32 sw_if_index, const ip6_address_t * addr) +{ + if (ip_nbr_vfts[IP46_TYPE_IP6].inv_proxy6_add) + { + return (ip_nbr_vfts[IP46_TYPE_IP6].inv_proxy6_add (sw_if_index, addr)); + } + return -1; +} + +int +ip6_neighbor_proxy_del (u32 sw_if_index, const ip6_address_t * addr) +{ + if (ip_nbr_vfts[IP46_TYPE_IP6].inv_proxy6_del) + { + return (ip_nbr_vfts[IP46_TYPE_IP6].inv_proxy6_del (sw_if_index, addr)); + } + return -1; +} + +static void +ip_neighbor_ethernet_change_mac (ethernet_main_t * em, + u32 sw_if_index, uword opaque) +{ + ip_neighbor_t *ipn; + adj_index_t ai; + + IP_NEIGHBOR_DBG ("mac-change: %U", + format_vnet_sw_if_index_name, vnet_get_main (), + sw_if_index); + + /* *INDENT-OFF* */ + pool_foreach (ipn, ip_neighbor_pool, + ({ + if (ipn->ipn_key->ipnk_sw_if_index == sw_if_index) + adj_nbr_walk_nh (ipn->ipn_key->ipnk_sw_if_index, + fib_proto_from_ip46(ipn->ipn_key->ipnk_type), + &ipn->ipn_key->ipnk_ip, + ip_neighbor_mk_complete_walk, + ipn); + })); + /* *INDENT-ON* */ + + ai = adj_glean_get (FIB_PROTOCOL_IP4, sw_if_index); + + if (ADJ_INDEX_INVALID != ai) + adj_glean_update_rewrite (ai); +} + +void +ip_neighbor_populate (ip46_type_t type, u32 sw_if_index) +{ + index_t *ipnis = NULL, *ipni; + ip_neighbor_t *ipn; + + IP_NEIGHBOR_DBG ("populate: %U %U", + format_vnet_sw_if_index_name, vnet_get_main (), + sw_if_index, format_ip46_type, type); + + /* *INDENT-OFF* */ + pool_foreach (ipn, ip_neighbor_pool, + ({ + if (ipn->ipn_key->ipnk_type == type && + ipn->ipn_key->ipnk_sw_if_index == sw_if_index) + vec_add1 (ipnis, ipn - ip_neighbor_pool); + })); + /* *INDENT-ON* */ + + vec_foreach (ipni, ipnis) + { + ipn = ip_neighbor_get (*ipni); + + adj_nbr_walk_nh (ipn->ipn_key->ipnk_sw_if_index, + fib_proto_from_ip46 (ipn->ipn_key->ipnk_type), + &ipn->ipn_key->ipnk_ip, + ip_neighbor_mk_complete_walk, ipn); + } + vec_free (ipnis); +} + +void +ip_neighbor_flush (ip46_type_t type, u32 sw_if_index) +{ + index_t *ipnis = NULL, *ipni; + ip_neighbor_t *ipn; + + IP_NEIGHBOR_DBG ("flush: %U %U", + format_vnet_sw_if_index_name, vnet_get_main (), + sw_if_index, format_ip46_type, type); + + /* *INDENT-OFF* */ + pool_foreach (ipn, ip_neighbor_pool, + ({ + if (ipn->ipn_key->ipnk_type == type && + ipn->ipn_key->ipnk_sw_if_index == sw_if_index && + ip_neighbor_is_dynamic (ipn)) + vec_add1 (ipnis, ipn - ip_neighbor_pool); + })); + /* *INDENT-ON* */ + + vec_foreach (ipni, ipnis) ip_neighbor_free (ip_neighbor_get (*ipni)); + vec_free (ipnis); +} + +/* + * Remove any arp entries associated with the specified interface + */ +static clib_error_t * +ip_neighbor_interface_admin_change (vnet_main_t * vnm, + u32 sw_if_index, u32 flags) +{ + ip46_type_t type; + + IP_NEIGHBOR_DBG ("interface-admin: %U %s", + format_vnet_sw_if_index_name, vnet_get_main (), + sw_if_index, + (flags & VNET_SW_INTERFACE_FLAG_ADMIN_UP ? "up" : "down")); + + if (flags & VNET_SW_INTERFACE_FLAG_ADMIN_UP) + { + FOREACH_IP46_TYPE (type) ip_neighbor_populate (type, sw_if_index); + } + else + { + /* admin down, flush all neighbours */ + FOREACH_IP46_TYPE (type) ip_neighbor_flush (type, sw_if_index); + } + + return (NULL); +} + +VNET_SW_INTERFACE_ADMIN_UP_DOWN_FUNCTION (ip_neighbor_interface_admin_change); + +/* + * Remove any arp entries associated with the specified interface + */ +static clib_error_t * +ip_neighbor_delete_sw_interface (vnet_main_t * vnm, + u32 sw_if_index, u32 is_add) +{ + IP_NEIGHBOR_DBG ("interface-change: %U %s", + format_vnet_sw_if_index_name, vnet_get_main (), + sw_if_index, (is_add ? "add" : "del")); + + if (!is_add && sw_if_index != ~0) + { + ip46_type_t type; + + FOREACH_IP46_TYPE (type) ip_neighbor_flush (type, sw_if_index); + } + + return (NULL); +} + +VNET_SW_INTERFACE_ADD_DEL_FUNCTION (ip_neighbor_delete_sw_interface); + +typedef struct ip_neighbor_walk_covered_ctx_t_ +{ + ip46_type_t type; + ip46_address_t addr; + u32 length; + index_t *ipnis; +} ip_neighbor_walk_covered_ctx_t; + +static walk_rc_t +ip_neighbor_walk_covered (index_t ipni, void *arg) +{ + ip_neighbor_walk_covered_ctx_t *ctx = arg; + ip_neighbor_t *ipn; + + ipn = ip_neighbor_get (ipni); + + ASSERT (ipn->ipn_key->ipnk_type == ctx->type); + + if (IP46_TYPE_IP4 == ctx->type) + { + if (ip4_destination_matches_route (&ip4_main, + &ipn->ipn_key->ipnk_ip.ip4, + &ctx->addr.ip4, + ctx->length) && + ip_neighbor_is_dynamic (ipn)) + { + vec_add1 (ctx->ipnis, ip_neighbor_get_index (ipn)); + } + } + return (WALK_CONTINUE); +} + + +/* + * callback when an interface address is added or deleted + */ +static void +ip_neighbor_add_del_interface_address_v4 (ip4_main_t * im, + uword opaque, + u32 sw_if_index, + ip4_address_t * address, + u32 address_length, + u32 if_address_index, u32 is_del) +{ + /* + * Flush the ARP cache of all entries covered by the address + * that is being removed. + */ + IP_NEIGHBOR_DBG ("addr-%d: %U, %U/%d", + (is_del ? "del" : "add"), + format_vnet_sw_if_index_name, vnet_get_main (), + sw_if_index, format_ip4_address, address, address_length); + + if (is_del) + { + ip_neighbor_walk_covered_ctx_t ctx = { + .addr.ip4 = *address, + .type = IP46_TYPE_IP4, + .length = address_length, + }; + index_t *ipni; + + ip_neighbor_walk (IP46_TYPE_IP4, sw_if_index, + ip_neighbor_walk_covered, &ctx); + + vec_foreach (ipni, ctx.ipnis) + ip_neighbor_free (ip_neighbor_get (*ipni)); + + vec_free (ctx.ipnis); + } +} + +/* + * callback when an interface address is added or deleted + */ +static void +ip_neighbor_add_del_interface_address_v6 (ip6_main_t * im, + uword opaque, + u32 sw_if_index, + ip6_address_t * address, + u32 address_length, + u32 if_address_index, u32 is_del) +{ + /* + * Flush the ARP cache of all entries covered by the address + * that is being removed. + */ + IP_NEIGHBOR_DBG ("addr-change: %U, %U/%d %s", + format_vnet_sw_if_index_name, vnet_get_main (), + sw_if_index, format_ip6_address, address, address_length, + (is_del ? "del" : "add")); + + if (is_del) + { + ip_neighbor_walk_covered_ctx_t ctx = { + .addr.ip6 = *address, + .type = IP46_TYPE_IP6, + .length = address_length, + }; + index_t *ipni; + + ip_neighbor_walk (IP46_TYPE_IP6, sw_if_index, + ip_neighbor_walk_covered, &ctx); + + vec_foreach (ipni, ctx.ipnis) + ip_neighbor_free (ip_neighbor_get (*ipni)); + + vec_free (ctx.ipnis); + } +} + +typedef struct ip_neighbor_table_bind_ctx_t_ +{ + u32 new_fib_index; + u32 old_fib_index; +} ip_neighbor_table_bind_ctx_t; + +static walk_rc_t +ip_neighbor_walk_table_bind (index_t ipni, void *arg) +{ + ip_neighbor_table_bind_ctx_t *ctx = arg; + ip_neighbor_t *ipn; + + ipn = ip_neighbor_get (ipni); + ip_neighbor_adj_fib_remove (ipn, ctx->old_fib_index); + ip_neighbor_adj_fib_add (ipn, ctx->new_fib_index); + + return (WALK_CONTINUE); +} + +static void +ip_neighbor_table_bind_v4 (ip4_main_t * im, + uword opaque, + u32 sw_if_index, + u32 new_fib_index, u32 old_fib_index) +{ + ip_neighbor_table_bind_ctx_t ctx = { + .old_fib_index = old_fib_index, + .new_fib_index = new_fib_index, + }; + + ip_neighbor_walk (IP46_TYPE_IP4, sw_if_index, + ip_neighbor_walk_table_bind, &ctx); +} + +static void +ip_neighbor_table_bind_v6 (ip6_main_t * im, + uword opaque, + u32 sw_if_index, + u32 new_fib_index, u32 old_fib_index) +{ + ip_neighbor_table_bind_ctx_t ctx = { + .old_fib_index = old_fib_index, + .new_fib_index = new_fib_index, + }; + + ip_neighbor_walk (IP46_TYPE_IP6, sw_if_index, + ip_neighbor_walk_table_bind, &ctx); +} + +typedef enum ip_neighbor_age_state_t_ +{ + IP_NEIGHBOR_AGE_ALIVE, + IP_NEIGHBOR_AGE_PROBE, + IP_NEIGHBOR_AGE_DEAD, +} ip_neighbor_age_state_t; + +#define IP_NEIGHBOR_PROCESS_SLEEP_LONG (0) + +static ip_neighbor_age_state_t +ip_neighbour_age_out (index_t ipni, f64 now, f64 * wait) +{ + ip_neighbor_t *ipn; + f64 ttl; + + ipn = ip_neighbor_get (ipni); + ttl = now - ipn->ipn_time_last_updated; + *wait = IP_NEIGHBOR_PROCESS_SLEEP_LONG; + + if (ttl > ip_neighbor_db[ipn->ipn_key->ipnk_type].ipndb_age) + { + IP_NEIGHBOR_DBG ("aged: %U @%f - %f > %d", + format_ip_neighbor, ipni, now, + ipn->ipn_time_last_updated, + ip_neighbor_db[ipn->ipn_key->ipnk_type].ipndb_age); + if (ipn->ipn_n_probes > 2) + { + /* 3 strikes and yea-re out */ + IP_NEIGHBOR_DBG ("dead: %U", format_ip_neighbor, ipni); + return (IP_NEIGHBOR_AGE_DEAD); + } + else + { + adj_index_t ai; + + ai = adj_glean_get (fib_proto_from_ip46 (ipn->ipn_key->ipnk_type), + ip_neighbor_get_sw_if_index (ipn)); + + if (ADJ_INDEX_INVALID != ai) + ip_neighbor_probe_dst (adj_get (ai), ip_neighbor_get_ip (ipn)); + + ipn->ipn_n_probes++; + *wait = 1; + } + } + else + { + *wait = ttl; + return (IP_NEIGHBOR_AGE_ALIVE); + } + + return (IP_NEIGHBOR_AGE_PROBE); +} + +typedef enum ip_neighbor_process_event_t_ +{ + IP_NEIGHBOR_AGE_PROCESS_WAKEUP, +} ip_neighbor_process_event_t; + +static uword +ip_neighbor_age_loop (vlib_main_t * vm, + vlib_node_runtime_t * rt, + vlib_frame_t * f, ip46_type_t type) +{ + uword event_type, *event_data = NULL; + f64 timeout; + + /* Set the timeout to an effectively infinite value when the process starts */ + timeout = IP_NEIGHBOR_PROCESS_SLEEP_LONG; + + while (1) + { + f64 now; + + if (!timeout) + vlib_process_wait_for_event (vm); + else + vlib_process_wait_for_event_or_clock (vm, timeout); + + event_type = vlib_process_get_events (vm, &event_data); + vec_reset_length (event_data); + + now = vlib_time_now (vm); + + switch (event_type) + { + case ~0: + { + /* timer expired */ + ip_neighbor_elt_t *elt, *head; + f64 wait; + + timeout = 1e5; + head = pool_elt_at_index (ip_neighbor_elt_pool, + ip_neighbor_list_head[type]); + + /* *INDENT-OFF*/ + /* the list is time sorted, newest first, so start from the back + * and work forwards. Stop when we get to one that is alive */ + restart: + clib_llist_foreach_reverse(ip_neighbor_elt_pool, + ipne_anchor, head, elt, + ({ + ip_neighbor_age_state_t res; + + res = ip_neighbour_age_out(elt->ipne_index, now, &wait); + + if (IP_NEIGHBOR_AGE_ALIVE == res) { + /* the oldest neighbor has not yet expired, go back to sleep */ + break; + } + else if (IP_NEIGHBOR_AGE_DEAD == res) { + /* the oldest neighbor is dead, pop it, then restart the walk + * again from the back */ + ip_neighbor_free (ip_neighbor_get(elt->ipne_index)); + goto restart; + } + + timeout = clib_min (wait, timeout); + })); + /* *INDENT-ON* */ + break; + } + case IP_NEIGHBOR_AGE_PROCESS_WAKEUP: + { + + if (!ip_neighbor_db[type].ipndb_age) + { + /* aging has been disabled */ + timeout = 0; + break; + } + ip_neighbor_elt_t *elt, *head; + + head = pool_elt_at_index (ip_neighbor_elt_pool, + ip_neighbor_list_head[type]); + elt = clib_llist_prev (ip_neighbor_elt_pool, ipne_anchor, head); + + /* poke the oldset neighbour for aging, which returns how long we sleep for */ + if (IP_NEIGHBOR_AGE_PROBE == + ip_neighbour_age_out (elt->ipne_index, now, &timeout)) + /* we probed for the oldest entry, sleep for a short time to get to the next */ + timeout = 0.01; + break; + } + } + } + return 0; +} + +static uword +ip4_neighbor_age_process (vlib_main_t * vm, + vlib_node_runtime_t * rt, vlib_frame_t * f) +{ + return (ip_neighbor_age_loop (vm, rt, f, IP46_TYPE_IP4)); +} + +static uword +ip6_neighbor_age_process (vlib_main_t * vm, + vlib_node_runtime_t * rt, vlib_frame_t * f) +{ + return (ip_neighbor_age_loop (vm, rt, f, IP46_TYPE_IP6)); +} + +/* *INDENT-OFF* */ +VLIB_REGISTER_NODE (ip4_neighbor_age_process_node,static) = { + .function = ip4_neighbor_age_process, + .type = VLIB_NODE_TYPE_PROCESS, + .name = "ip4-neighbor-age-process", +}; +VLIB_REGISTER_NODE (ip6_neighbor_age_process_node,static) = { + .function = ip6_neighbor_age_process, + .type = VLIB_NODE_TYPE_PROCESS, + .name = "ip6-neighbor-age-process", +}; +/* *INDENT-ON* */ + +int +ip_neighbor_config (ip46_type_t type, u32 limit, u32 age, bool recycle) +{ + ip_neighbor_db[type].ipndb_limit = limit; + ip_neighbor_db[type].ipndb_recycle = recycle; + ip_neighbor_db[type].ipndb_age = age; + + vlib_process_signal_event (vlib_get_main (), + (IP46_TYPE_IP4 == type ? + ip4_neighbor_age_process_node.index : + ip6_neighbor_age_process_node.index), + IP_NEIGHBOR_AGE_PROCESS_WAKEUP, 0); + + return (0); +} + +static clib_error_t * +ip_neighbor_config_show (vlib_main_t * vm, + unformat_input_t * input, vlib_cli_command_t * cmd) +{ + ip46_type_t type; + + /* *INDENT-OFF* */ + FOREACH_IP46_TYPE(type) { + vlib_cli_output (vm, "%U:", format_ip46_type, type); + vlib_cli_output (vm, " limit:%d, age:%d, recycle:%d", + ip_neighbor_db[type].ipndb_limit, + ip_neighbor_db[type].ipndb_age, + ip_neighbor_db[type].ipndb_recycle); + } + + /* *INDENT-ON* */ + return (NULL); +} + +/* *INDENT-OFF* */ +VLIB_CLI_COMMAND (show_ip_neighbor_cfg_cmd_node, static) = { + .path = "show ip neighbor-config", + .function = ip_neighbor_config_show, + .short_help = "show ip neighbor-config", +}; +/* *INDENT-ON* */ + +static clib_error_t * +ip_neighbor_init (vlib_main_t * vm) +{ + { + ip4_add_del_interface_address_callback_t cb = { + .function = ip_neighbor_add_del_interface_address_v4, + }; + vec_add1 (ip4_main.add_del_interface_address_callbacks, cb); + } + { + ip6_add_del_interface_address_callback_t cb = { + .function = ip_neighbor_add_del_interface_address_v6, + }; + vec_add1 (ip6_main.add_del_interface_address_callbacks, cb); + } + { + ip4_table_bind_callback_t cb = { + .function = ip_neighbor_table_bind_v4, + }; + vec_add1 (ip4_main.table_bind_callbacks, cb); + } + { + ip6_table_bind_callback_t cb = { + .function = ip_neighbor_table_bind_v6, + }; + vec_add1 (ip6_main.table_bind_callbacks, cb); + } + { + ethernet_address_change_ctx_t ctx = { + .function = ip_neighbor_ethernet_change_mac, + .function_opaque = 0, + }; + vec_add1 (ethernet_main.address_change_callbacks, ctx); + } + + ipn_logger = vlib_log_register_class ("ip", "neighbor"); + + ip46_type_t type; + + FOREACH_IP46_TYPE (type) + ip_neighbor_list_head[type] = + clib_llist_make_head (ip_neighbor_elt_pool, ipne_anchor); + + return (NULL); +} + +/* *INDENT-OFF* */ +VLIB_INIT_FUNCTION (ip_neighbor_init) = +{ + .runs_after = VLIB_INITS("ip_main_init"), +}; +/* *INDENT-ON* */ + +/* + * fd.io coding-style-patch-verification: ON + * + * Local Variables: + * eval: (c-set-style "gnu") + * End: + */ |