aboutsummaryrefslogtreecommitdiffstats
path: root/src/vnet/tcp/tcp_output.c
diff options
context:
space:
mode:
authorDave Barach <dave@barachs.net>2017-02-28 15:15:56 -0500
committerDamjan Marion <dmarion.lists@gmail.com>2017-03-01 20:25:48 +0000
commit68b0fb0c620c7451ef1a6380c43c39de6614db51 (patch)
treef4188fa09723152f3ebfcebbbe4cacad903e0cf1 /src/vnet/tcp/tcp_output.c
parentf869028740aaebeb0375077d4d84fa07a17fff1a (diff)
VPP-598: tcp stack initial commit
Change-Id: I49e5ce0aae6e4ff634024387ceaf7dbc432a0351 Signed-off-by: Dave Barach <dave@barachs.net> Signed-off-by: Florin Coras <fcoras@cisco.com>
Diffstat (limited to 'src/vnet/tcp/tcp_output.c')
-rw-r--r--src/vnet/tcp/tcp_output.c1412
1 files changed, 1412 insertions, 0 deletions
diff --git a/src/vnet/tcp/tcp_output.c b/src/vnet/tcp/tcp_output.c
new file mode 100644
index 00000000000..dbcf1f74975
--- /dev/null
+++ b/src/vnet/tcp/tcp_output.c
@@ -0,0 +1,1412 @@
+/*
+ * Copyright (c) 2016 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <vnet/tcp/tcp.h>
+#include <vnet/lisp-cp/packets.h>
+
+vlib_node_registration_t tcp4_output_node;
+vlib_node_registration_t tcp6_output_node;
+
+typedef enum _tcp_output_nect
+{
+ TCP_OUTPUT_NEXT_DROP,
+ TCP_OUTPUT_NEXT_IP_LOOKUP,
+ TCP_OUTPUT_N_NEXT
+} tcp_output_next_t;
+
+#define foreach_tcp4_output_next \
+ _ (DROP, "error-drop") \
+ _ (IP_LOOKUP, "ip4-lookup")
+
+#define foreach_tcp6_output_next \
+ _ (DROP, "error-drop") \
+ _ (IP_LOOKUP, "ip6-lookup")
+
+static char *tcp_error_strings[] = {
+#define tcp_error(n,s) s,
+#include <vnet/tcp/tcp_error.def>
+#undef tcp_error
+};
+
+typedef struct
+{
+ u16 src_port;
+ u16 dst_port;
+ u8 state;
+} tcp_tx_trace_t;
+
+u16 dummy_mtu = 400;
+
+u8 *
+format_tcp_tx_trace (u8 * s, va_list * args)
+{
+ CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
+ CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
+
+ s = format (s, "TBD\n");
+
+ return s;
+}
+
+void
+tcp_set_snd_mss (tcp_connection_t * tc)
+{
+ u16 snd_mss;
+
+ /* TODO find our iface MTU */
+ snd_mss = dummy_mtu;
+
+ /* TODO cache mss and consider PMTU discovery */
+ snd_mss = tc->opt.mss < snd_mss ? tc->opt.mss : snd_mss;
+
+ tc->snd_mss = snd_mss;
+
+ if (tc->snd_mss == 0)
+ {
+ clib_warning ("snd mss is 0");
+ tc->snd_mss = dummy_mtu;
+ }
+}
+
+static u8
+tcp_window_compute_scale (u32 available_space)
+{
+ u8 wnd_scale = 0;
+ while (wnd_scale < TCP_MAX_WND_SCALE
+ && (available_space >> wnd_scale) > TCP_WND_MAX)
+ wnd_scale++;
+ return wnd_scale;
+}
+
+/**
+ * Compute initial window and scale factor. As per RFC1323, window field in
+ * SYN and SYN-ACK segments is never scaled.
+ */
+u32
+tcp_initial_window_to_advertise (tcp_connection_t * tc)
+{
+ u32 available_space;
+
+ /* Initial wnd for SYN. Fifos are not allocated yet.
+ * Use some predefined value */
+ if (tc->state != TCP_STATE_SYN_RCVD)
+ {
+ return TCP_DEFAULT_RX_FIFO_SIZE;
+ }
+
+ available_space = stream_session_max_enqueue (&tc->connection);
+ tc->rcv_wscale = tcp_window_compute_scale (available_space);
+ tc->rcv_wnd = clib_min (available_space, TCP_WND_MAX << tc->rcv_wscale);
+
+ return clib_min (tc->rcv_wnd, TCP_WND_MAX);
+}
+
+/**
+ * Compute and return window to advertise, scaled as per RFC1323
+ */
+u32
+tcp_window_to_advertise (tcp_connection_t * tc, tcp_state_t state)
+{
+ u32 available_space, wnd, scaled_space;
+
+ if (state != TCP_STATE_ESTABLISHED)
+ return tcp_initial_window_to_advertise (tc);
+
+ available_space = stream_session_max_enqueue (&tc->connection);
+ scaled_space = available_space >> tc->rcv_wscale;
+
+ /* Need to update scale */
+ if (PREDICT_FALSE ((scaled_space == 0 && available_space != 0))
+ || (scaled_space >= TCP_WND_MAX))
+ tc->rcv_wscale = tcp_window_compute_scale (available_space);
+
+ wnd = clib_min (available_space, TCP_WND_MAX << tc->rcv_wscale);
+ tc->rcv_wnd = wnd;
+
+ return wnd >> tc->rcv_wscale;
+}
+
+/**
+ * Write TCP options to segment.
+ */
+u32
+tcp_options_write (u8 * data, tcp_options_t * opts)
+{
+ u32 opts_len = 0;
+ u32 buf, seq_len = 4;
+
+ if (tcp_opts_mss (opts))
+ {
+ *data++ = TCP_OPTION_MSS;
+ *data++ = TCP_OPTION_LEN_MSS;
+ buf = clib_host_to_net_u16 (opts->mss);
+ clib_memcpy (data, &buf, sizeof (opts->mss));
+ data += sizeof (opts->mss);
+ opts_len += TCP_OPTION_LEN_MSS;
+ }
+
+ if (tcp_opts_wscale (opts))
+ {
+ *data++ = TCP_OPTION_WINDOW_SCALE;
+ *data++ = TCP_OPTION_LEN_WINDOW_SCALE;
+ *data++ = opts->wscale;
+ opts_len += TCP_OPTION_LEN_WINDOW_SCALE;
+ }
+
+ if (tcp_opts_sack_permitted (opts))
+ {
+ *data++ = TCP_OPTION_SACK_PERMITTED;
+ *data++ = TCP_OPTION_LEN_SACK_PERMITTED;
+ opts_len += TCP_OPTION_LEN_SACK_PERMITTED;
+ }
+
+ if (tcp_opts_tstamp (opts))
+ {
+ *data++ = TCP_OPTION_TIMESTAMP;
+ *data++ = TCP_OPTION_LEN_TIMESTAMP;
+ buf = clib_host_to_net_u32 (opts->tsval);
+ clib_memcpy (data, &buf, sizeof (opts->tsval));
+ data += sizeof (opts->tsval);
+ buf = clib_host_to_net_u32 (opts->tsecr);
+ clib_memcpy (data, &buf, sizeof (opts->tsecr));
+ data += sizeof (opts->tsecr);
+ opts_len += TCP_OPTION_LEN_TIMESTAMP;
+ }
+
+ if (tcp_opts_sack (opts))
+ {
+ int i;
+ u32 n_sack_blocks = clib_min (vec_len (opts->sacks),
+ TCP_OPTS_MAX_SACK_BLOCKS);
+
+ if (n_sack_blocks != 0)
+ {
+ *data++ = TCP_OPTION_SACK_BLOCK;
+ *data++ = 2 + n_sack_blocks * TCP_OPTION_LEN_SACK_BLOCK;
+ for (i = 0; i < n_sack_blocks; i++)
+ {
+ buf = clib_host_to_net_u32 (opts->sacks[i].start);
+ clib_memcpy (data, &buf, seq_len);
+ data += seq_len;
+ buf = clib_host_to_net_u32 (opts->sacks[i].end);
+ clib_memcpy (data, &buf, seq_len);
+ data += seq_len;
+ }
+ opts_len += 2 + n_sack_blocks * TCP_OPTION_LEN_SACK_BLOCK;
+ }
+ }
+
+ /* Terminate TCP options */
+ if (opts_len % 4)
+ {
+ *data++ = TCP_OPTION_EOL;
+ opts_len += TCP_OPTION_LEN_EOL;
+ }
+
+ /* Pad with zeroes to a u32 boundary */
+ while (opts_len % 4)
+ {
+ *data++ = TCP_OPTION_NOOP;
+ opts_len += TCP_OPTION_LEN_NOOP;
+ }
+ return opts_len;
+}
+
+always_inline int
+tcp_make_syn_options (tcp_options_t * opts, u32 initial_wnd)
+{
+ u8 len = 0;
+
+ opts->flags |= TCP_OPTS_FLAG_MSS;
+ opts->mss = dummy_mtu; /*XXX discover that */
+ len += TCP_OPTION_LEN_MSS;
+
+ opts->flags |= TCP_OPTS_FLAG_WSCALE;
+ opts->wscale = tcp_window_compute_scale (initial_wnd);
+ len += TCP_OPTION_LEN_WINDOW_SCALE;
+
+ opts->flags |= TCP_OPTS_FLAG_TSTAMP;
+ opts->tsval = tcp_time_now ();
+ opts->tsecr = 0;
+ len += TCP_OPTION_LEN_TIMESTAMP;
+
+ opts->flags |= TCP_OPTS_FLAG_SACK_PERMITTED;
+ len += TCP_OPTION_LEN_SACK_PERMITTED;
+
+ /* Align to needed boundary */
+ len += (TCP_OPTS_ALIGN - len % TCP_OPTS_ALIGN) % TCP_OPTS_ALIGN;
+ return len;
+}
+
+always_inline int
+tcp_make_synack_options (tcp_connection_t * tc, tcp_options_t * opts)
+{
+ u8 len = 0;
+
+ opts->flags |= TCP_OPTS_FLAG_MSS;
+ opts->mss = dummy_mtu; /*XXX discover that */
+ len += TCP_OPTION_LEN_MSS;
+
+ if (tcp_opts_wscale (&tc->opt))
+ {
+ opts->flags |= TCP_OPTS_FLAG_WSCALE;
+ opts->wscale = tc->rcv_wscale;
+ len += TCP_OPTION_LEN_WINDOW_SCALE;
+ }
+
+ if (tcp_opts_tstamp (&tc->opt))
+ {
+ opts->flags |= TCP_OPTS_FLAG_TSTAMP;
+ opts->tsval = tcp_time_now ();
+ opts->tsecr = tc->tsval_recent;
+ len += TCP_OPTION_LEN_TIMESTAMP;
+ }
+
+ if (tcp_opts_sack_permitted (&tc->opt))
+ {
+ opts->flags |= TCP_OPTS_FLAG_SACK_PERMITTED;
+ len += TCP_OPTION_LEN_SACK_PERMITTED;
+ }
+
+ /* Align to needed boundary */
+ len += (TCP_OPTS_ALIGN - len % TCP_OPTS_ALIGN) % TCP_OPTS_ALIGN;
+ return len;
+}
+
+always_inline int
+tcp_make_established_options (tcp_connection_t * tc, tcp_options_t * opts)
+{
+ u8 len = 0;
+
+ opts->flags = 0;
+
+ if (tcp_opts_tstamp (&tc->opt))
+ {
+ opts->flags |= TCP_OPTS_FLAG_TSTAMP;
+ opts->tsval = tcp_time_now ();
+ opts->tsecr = tc->tsval_recent;
+ len += TCP_OPTION_LEN_TIMESTAMP;
+ }
+ if (tcp_opts_sack_permitted (&tc->opt))
+ {
+ if (vec_len (tc->snd_sacks))
+ {
+ opts->flags |= TCP_OPTS_FLAG_SACK;
+ opts->sacks = tc->snd_sacks;
+ opts->n_sack_blocks = vec_len (tc->snd_sacks);
+ len += 2 + TCP_OPTION_LEN_SACK_BLOCK * opts->n_sack_blocks;
+ }
+ }
+
+ /* Align to needed boundary */
+ len += (TCP_OPTS_ALIGN - len % TCP_OPTS_ALIGN) % TCP_OPTS_ALIGN;
+ return len;
+}
+
+always_inline int
+tcp_make_options (tcp_connection_t * tc, tcp_options_t * opts,
+ tcp_state_t state)
+{
+ switch (state)
+ {
+ case TCP_STATE_ESTABLISHED:
+ case TCP_STATE_FIN_WAIT_1:
+ return tcp_make_established_options (tc, opts);
+ case TCP_STATE_SYN_RCVD:
+ return tcp_make_synack_options (tc, opts);
+ case TCP_STATE_SYN_SENT:
+ return tcp_make_syn_options (opts,
+ tcp_initial_window_to_advertise (tc));
+ default:
+ clib_warning ("Not handled!");
+ return 0;
+ }
+}
+
+#define tcp_get_free_buffer_index(tm, bidx) \
+do { \
+ u32 *my_tx_buffers, n_free_buffers; \
+ u32 cpu_index = tm->vlib_main->cpu_index; \
+ my_tx_buffers = tm->tx_buffers[cpu_index]; \
+ if (PREDICT_FALSE(vec_len (my_tx_buffers) == 0)) \
+ { \
+ n_free_buffers = 32; /* TODO config or macro */ \
+ vec_validate (my_tx_buffers, n_free_buffers - 1); \
+ _vec_len(my_tx_buffers) = vlib_buffer_alloc_from_free_list ( \
+ tm->vlib_main, my_tx_buffers, n_free_buffers, \
+ VLIB_BUFFER_DEFAULT_FREE_LIST_INDEX); \
+ tm->tx_buffers[cpu_index] = my_tx_buffers; \
+ } \
+ /* buffer shortage */ \
+ if (PREDICT_FALSE (vec_len (my_tx_buffers) == 0)) \
+ return; \
+ *bidx = my_tx_buffers[_vec_len (my_tx_buffers)-1]; \
+ _vec_len (my_tx_buffers) -= 1; \
+} while (0)
+
+always_inline void
+tcp_reuse_buffer (vlib_main_t * vm, vlib_buffer_t * b)
+{
+ vlib_buffer_t *it = b;
+ do
+ {
+ it->current_data = 0;
+ it->current_length = 0;
+ it->total_length_not_including_first_buffer = 0;
+ }
+ while ((it->flags & VLIB_BUFFER_NEXT_PRESENT)
+ && (it = vlib_get_buffer (vm, it->next_buffer)));
+
+ /* Leave enough space for headers */
+ vlib_buffer_make_headroom (b, MAX_HDRS_LEN);
+}
+
+/**
+ * Prepare ACK
+ */
+void
+tcp_make_ack_i (tcp_connection_t * tc, vlib_buffer_t * b, tcp_state_t state,
+ u8 flags)
+{
+ tcp_options_t _snd_opts, *snd_opts = &_snd_opts;
+ u8 tcp_opts_len, tcp_hdr_opts_len;
+ tcp_header_t *th;
+ u16 wnd;
+
+ wnd = tcp_window_to_advertise (tc, state);
+
+ /* Make and write options */
+ tcp_opts_len = tcp_make_established_options (tc, snd_opts);
+ tcp_hdr_opts_len = tcp_opts_len + sizeof (tcp_header_t);
+
+ th = vlib_buffer_push_tcp (b, tc->c_lcl_port, tc->c_rmt_port, tc->snd_nxt,
+ tc->rcv_nxt, tcp_hdr_opts_len, flags, wnd);
+
+ tcp_options_write ((u8 *) (th + 1), snd_opts);
+
+ /* Mark as ACK */
+ vnet_buffer (b)->tcp.connection_index = tc->c_c_index;
+}
+
+/**
+ * Convert buffer to ACK
+ */
+void
+tcp_make_ack (tcp_connection_t * tc, vlib_buffer_t * b)
+{
+ tcp_main_t *tm = vnet_get_tcp_main ();
+ vlib_main_t *vm = tm->vlib_main;
+
+ tcp_reuse_buffer (vm, b);
+ tcp_make_ack_i (tc, b, TCP_STATE_ESTABLISHED, TCP_FLAG_ACK);
+ vnet_buffer (b)->tcp.flags = TCP_BUF_FLAG_ACK;
+}
+
+/**
+ * Convert buffer to FIN-ACK
+ */
+void
+tcp_make_finack (tcp_connection_t * tc, vlib_buffer_t * b)
+{
+ tcp_main_t *tm = vnet_get_tcp_main ();
+ vlib_main_t *vm = tm->vlib_main;
+
+ tcp_reuse_buffer (vm, b);
+ tcp_make_ack_i (tc, b, TCP_STATE_ESTABLISHED, TCP_FLAG_ACK | TCP_FLAG_FIN);
+
+ /* Reset flags, make sure ack is sent */
+ tc->flags = TCP_CONN_SNDACK;
+ vnet_buffer (b)->tcp.flags &= ~TCP_BUF_FLAG_DUPACK;
+
+ tc->snd_nxt += 1;
+}
+
+/**
+ * Convert buffer to SYN-ACK
+ */
+void
+tcp_make_synack (tcp_connection_t * tc, vlib_buffer_t * b)
+{
+ tcp_main_t *tm = vnet_get_tcp_main ();
+ vlib_main_t *vm = tm->vlib_main;
+ tcp_options_t _snd_opts, *snd_opts = &_snd_opts;
+ u8 tcp_opts_len, tcp_hdr_opts_len;
+ tcp_header_t *th;
+ u16 initial_wnd;
+ u32 time_now;
+
+ memset (snd_opts, 0, sizeof (*snd_opts));
+
+ tcp_reuse_buffer (vm, b);
+
+ /* Set random initial sequence */
+ time_now = tcp_time_now ();
+
+ tc->iss = random_u32 (&time_now);
+ tc->snd_una = tc->iss;
+ tc->snd_nxt = tc->iss + 1;
+ tc->snd_una_max = tc->snd_nxt;
+
+ initial_wnd = tcp_initial_window_to_advertise (tc);
+
+ /* Make and write options */
+ tcp_opts_len = tcp_make_synack_options (tc, snd_opts);
+ tcp_hdr_opts_len = tcp_opts_len + sizeof (tcp_header_t);
+
+ th = vlib_buffer_push_tcp (b, tc->c_lcl_port, tc->c_rmt_port, tc->iss,
+ tc->rcv_nxt, tcp_hdr_opts_len,
+ TCP_FLAG_SYN | TCP_FLAG_ACK, initial_wnd);
+
+ tcp_options_write ((u8 *) (th + 1), snd_opts);
+
+ vnet_buffer (b)->tcp.connection_index = tc->c_c_index;
+ vnet_buffer (b)->tcp.flags = TCP_BUF_FLAG_ACK;
+
+ /* Init retransmit timer */
+ tcp_retransmit_timer_set (tm, tc);
+}
+
+always_inline void
+tcp_enqueue_to_ip_lookup (vlib_main_t * vm, vlib_buffer_t * b, u32 bi,
+ u8 is_ip4)
+{
+ u32 *to_next, next_index;
+ vlib_frame_t *f;
+
+ b->flags |= VNET_BUFFER_LOCALLY_ORIGINATED;
+ b->error = 0;
+
+ /* Default FIB for now */
+ vnet_buffer (b)->sw_if_index[VLIB_TX] = 0;
+
+ /* Send to IP lookup */
+ next_index = is_ip4 ? ip4_lookup_node.index : ip6_lookup_node.index;
+ f = vlib_get_frame_to_node (vm, next_index);
+
+ /* Enqueue the packet */
+ to_next = vlib_frame_vector_args (f);
+ to_next[0] = bi;
+ f->n_vectors = 1;
+ vlib_put_frame_to_node (vm, next_index, f);
+}
+
+int
+tcp_make_reset_in_place (vlib_main_t * vm, vlib_buffer_t * b0,
+ tcp_state_t state, u32 my_thread_index, u8 is_ip4)
+{
+ u8 tcp_hdr_len = sizeof (tcp_header_t);
+ ip4_header_t *ih4;
+ ip6_header_t *ih6;
+ tcp_header_t *th0;
+ ip4_address_t src_ip40;
+ ip6_address_t src_ip60;
+ u16 src_port0;
+ u32 tmp;
+
+ /* Find IP and TCP headers */
+ if (is_ip4)
+ {
+ ih4 = vlib_buffer_get_current (b0);
+ th0 = ip4_next_header (ih4);
+ }
+ else
+ {
+ ih6 = vlib_buffer_get_current (b0);
+ th0 = ip6_next_header (ih6);
+ }
+
+ /* Swap src and dst ip */
+ if (is_ip4)
+ {
+ ASSERT ((ih4->ip_version_and_header_length & 0xF0) == 0x40);
+ src_ip40.as_u32 = ih4->src_address.as_u32;
+ ih4->src_address.as_u32 = ih4->dst_address.as_u32;
+ ih4->dst_address.as_u32 = src_ip40.as_u32;
+
+ /* Chop the end of the pkt */
+ b0->current_length += ip4_header_bytes (ih4) + tcp_hdr_len;
+ }
+ else
+ {
+ ASSERT ((ih6->ip_version_traffic_class_and_flow_label & 0xF0) == 0x60);
+ clib_memcpy (&src_ip60, &ih6->src_address, sizeof (ip6_address_t));
+ clib_memcpy (&ih6->src_address, &ih6->dst_address,
+ sizeof (ip6_address_t));
+ clib_memcpy (&ih6->dst_address, &src_ip60, sizeof (ip6_address_t));
+
+ /* Chop the end of the pkt */
+ b0->current_length += sizeof (ip6_header_t) + tcp_hdr_len;
+ }
+
+ /* Try to determine what/why we're actually resetting and swap
+ * src and dst ports */
+ if (state == TCP_STATE_CLOSED)
+ {
+ if (!tcp_syn (th0))
+ return -1;
+
+ tmp = clib_net_to_host_u32 (th0->seq_number);
+
+ /* Got a SYN for no listener. */
+ th0->flags = TCP_FLAG_RST | TCP_FLAG_ACK;
+ th0->ack_number = clib_host_to_net_u32 (tmp + 1);
+ th0->seq_number = 0;
+
+ }
+ else if (state >= TCP_STATE_SYN_SENT)
+ {
+ th0->flags = TCP_FLAG_RST | TCP_FLAG_ACK;
+ th0->seq_number = th0->ack_number;
+ th0->ack_number = 0;
+ }
+
+ src_port0 = th0->src_port;
+ th0->src_port = th0->dst_port;
+ th0->dst_port = src_port0;
+ th0->window = 0;
+ th0->data_offset_and_reserved = (tcp_hdr_len >> 2) << 4;
+ th0->urgent_pointer = 0;
+
+ /* Compute checksum */
+ if (is_ip4)
+ {
+ th0->checksum = ip4_tcp_udp_compute_checksum (vm, b0, ih4);
+ }
+ else
+ {
+ int bogus = ~0;
+ th0->checksum = ip6_tcp_udp_icmp_compute_checksum (vm, b0, ih6, &bogus);
+ ASSERT (!bogus);
+ }
+
+ return 0;
+}
+
+/**
+ * Send reset without reusing existing buffer
+ */
+void
+tcp_send_reset (vlib_buffer_t * pkt, u8 is_ip4)
+{
+ vlib_buffer_t *b;
+ u32 bi;
+ tcp_main_t *tm = vnet_get_tcp_main ();
+ vlib_main_t *vm = tm->vlib_main;
+ u8 tcp_hdr_len, flags = 0;
+ tcp_header_t *th, *pkt_th;
+ u32 seq, ack;
+ ip4_header_t *ih4, *pkt_ih4;
+ ip6_header_t *ih6, *pkt_ih6;
+
+ tcp_get_free_buffer_index (tm, &bi);
+ b = vlib_get_buffer (vm, bi);
+
+ /* Leave enough space for headers */
+ vlib_buffer_make_headroom (b, MAX_HDRS_LEN);
+
+ /* Make and write options */
+ tcp_hdr_len = sizeof (tcp_header_t);
+
+ if (is_ip4)
+ {
+ pkt_ih4 = vlib_buffer_get_current (pkt);
+ pkt_th = ip4_next_header (pkt_ih4);
+ }
+ else
+ {
+ pkt_ih6 = vlib_buffer_get_current (pkt);
+ pkt_th = ip6_next_header (pkt_ih6);
+ }
+
+ if (tcp_ack (pkt_th))
+ {
+ flags = TCP_FLAG_RST;
+ seq = pkt_th->ack_number;
+ ack = 0;
+ }
+ else
+ {
+ flags = TCP_FLAG_RST | TCP_FLAG_ACK;
+ seq = 0;
+ ack = clib_host_to_net_u32 (vnet_buffer (pkt)->tcp.seq_end);
+ }
+
+ th = vlib_buffer_push_tcp_net_order (b, pkt_th->dst_port, pkt_th->src_port,
+ seq, ack, tcp_hdr_len, flags, 0);
+
+ /* Swap src and dst ip */
+ if (is_ip4)
+ {
+ ASSERT ((pkt_ih4->ip_version_and_header_length & 0xF0) == 0x40);
+ ih4 = vlib_buffer_push_ip4 (vm, b, &pkt_ih4->dst_address,
+ &pkt_ih4->src_address, IP_PROTOCOL_TCP);
+ th->checksum = ip4_tcp_udp_compute_checksum (vm, b, ih4);
+ }
+ else
+ {
+ int bogus = ~0;
+ pkt_ih6 = (ip6_header_t *) (pkt_th - 1);
+ ASSERT ((pkt_ih6->ip_version_traffic_class_and_flow_label & 0xF0) ==
+ 0x60);
+ ih6 =
+ vlib_buffer_push_ip6 (vm, b, &pkt_ih6->dst_address,
+ &pkt_ih6->src_address, IP_PROTOCOL_TCP);
+ th->checksum = ip6_tcp_udp_icmp_compute_checksum (vm, b, ih6, &bogus);
+ ASSERT (!bogus);
+ }
+
+ tcp_enqueue_to_ip_lookup (vm, b, bi, is_ip4);
+}
+
+void
+tcp_push_ip_hdr (tcp_main_t * tm, tcp_connection_t * tc, vlib_buffer_t * b)
+{
+ tcp_header_t *th = vlib_buffer_get_current (b);
+
+ if (tc->c_is_ip4)
+ {
+ ip4_header_t *ih;
+ ih = vlib_buffer_push_ip4 (tm->vlib_main, b, &tc->c_lcl_ip4,
+ &tc->c_rmt_ip4, IP_PROTOCOL_TCP);
+ th->checksum = ip4_tcp_udp_compute_checksum (tm->vlib_main, b, ih);
+ }
+ else
+ {
+ ip6_header_t *ih;
+ int bogus = ~0;
+
+ ih = vlib_buffer_push_ip6 (tm->vlib_main, b, &tc->c_lcl_ip6,
+ &tc->c_rmt_ip6, IP_PROTOCOL_TCP);
+ th->checksum = ip6_tcp_udp_icmp_compute_checksum (tm->vlib_main, b, ih,
+ &bogus);
+ ASSERT (!bogus);
+ }
+}
+
+/**
+ * Send SYN
+ *
+ * Builds a SYN packet for a half-open connection and sends it to ipx_lookup.
+ * The packet is not forwarded through tcpx_output to avoid doing lookups
+ * in the half_open pool.
+ */
+void
+tcp_send_syn (tcp_connection_t * tc)
+{
+ vlib_buffer_t *b;
+ u32 bi;
+ tcp_main_t *tm = vnet_get_tcp_main ();
+ vlib_main_t *vm = tm->vlib_main;
+ u8 tcp_hdr_opts_len, tcp_opts_len;
+ tcp_header_t *th;
+ u32 time_now;
+ u16 initial_wnd;
+ tcp_options_t snd_opts;
+
+ tcp_get_free_buffer_index (tm, &bi);
+ b = vlib_get_buffer (vm, bi);
+
+ /* Leave enough space for headers */
+ vlib_buffer_make_headroom (b, MAX_HDRS_LEN);
+
+ /* Set random initial sequence */
+ time_now = tcp_time_now ();
+
+ tc->iss = random_u32 (&time_now);
+ tc->snd_una = tc->iss;
+ tc->snd_una_max = tc->snd_nxt = tc->iss + 1;
+
+ initial_wnd = tcp_initial_window_to_advertise (tc);
+
+ /* Make and write options */
+ memset (&snd_opts, 0, sizeof (snd_opts));
+ tcp_opts_len = tcp_make_syn_options (&snd_opts, initial_wnd);
+ tcp_hdr_opts_len = tcp_opts_len + sizeof (tcp_header_t);
+
+ th = vlib_buffer_push_tcp (b, tc->c_lcl_port, tc->c_rmt_port, tc->iss,
+ tc->rcv_nxt, tcp_hdr_opts_len, TCP_FLAG_SYN,
+ initial_wnd);
+
+ tcp_options_write ((u8 *) (th + 1), &snd_opts);
+
+ /* Measure RTT with this */
+ tc->rtt_ts = tcp_time_now ();
+ tc->rtt_seq = tc->snd_nxt;
+
+ /* Start retransmit trimer */
+ tcp_timer_set (tc, TCP_TIMER_RETRANSMIT_SYN, tc->rto * TCP_TO_TIMER_TICK);
+ tc->rto_boff = 0;
+
+ /* Set the connection establishment timer */
+ tcp_timer_set (tc, TCP_TIMER_ESTABLISH, TCP_ESTABLISH_TIME);
+
+ tcp_push_ip_hdr (tm, tc, b);
+ tcp_enqueue_to_ip_lookup (vm, b, bi, tc->c_is_ip4);
+}
+
+always_inline void
+tcp_enqueue_to_output (vlib_main_t * vm, vlib_buffer_t * b, u32 bi, u8 is_ip4)
+{
+ u32 *to_next, next_index;
+ vlib_frame_t *f;
+
+ b->flags |= VNET_BUFFER_LOCALLY_ORIGINATED;
+ b->error = 0;
+
+ /* Decide where to send the packet */
+ next_index = is_ip4 ? tcp4_output_node.index : tcp6_output_node.index;
+ f = vlib_get_frame_to_node (vm, next_index);
+
+ /* Enqueue the packet */
+ to_next = vlib_frame_vector_args (f);
+ to_next[0] = bi;
+ f->n_vectors = 1;
+ vlib_put_frame_to_node (vm, next_index, f);
+}
+
+/**
+ * Send FIN
+ */
+void
+tcp_send_fin (tcp_connection_t * tc)
+{
+ vlib_buffer_t *b;
+ u32 bi;
+ tcp_main_t *tm = vnet_get_tcp_main ();
+ vlib_main_t *vm = tm->vlib_main;
+
+ tcp_get_free_buffer_index (tm, &bi);
+ b = vlib_get_buffer (vm, bi);
+
+ /* Leave enough space for headers */
+ vlib_buffer_make_headroom (b, MAX_HDRS_LEN);
+
+ tcp_make_finack (tc, b);
+
+ tcp_enqueue_to_output (vm, b, bi, tc->c_is_ip4);
+}
+
+always_inline u8
+tcp_make_state_flags (tcp_state_t next_state)
+{
+ switch (next_state)
+ {
+ case TCP_STATE_ESTABLISHED:
+ return TCP_FLAG_ACK;
+ case TCP_STATE_SYN_RCVD:
+ return TCP_FLAG_SYN | TCP_FLAG_ACK;
+ case TCP_STATE_SYN_SENT:
+ return TCP_FLAG_SYN;
+ case TCP_STATE_LAST_ACK:
+ case TCP_STATE_FIN_WAIT_1:
+ return TCP_FLAG_FIN;
+ default:
+ clib_warning ("Shouldn't be here!");
+ }
+ return 0;
+}
+
+/**
+ * Push TCP header and update connection variables
+ */
+static void
+tcp_push_hdr_i (tcp_connection_t * tc, vlib_buffer_t * b,
+ tcp_state_t next_state)
+{
+ u32 advertise_wnd, data_len;
+ u8 tcp_opts_len, tcp_hdr_opts_len, opts_write_len, flags;
+ tcp_options_t _snd_opts, *snd_opts = &_snd_opts;
+ tcp_header_t *th;
+
+ data_len = b->current_length;
+ vnet_buffer (b)->tcp.flags = 0;
+
+ /* Make and write options */
+ memset (snd_opts, 0, sizeof (*snd_opts));
+ tcp_opts_len = tcp_make_options (tc, snd_opts, next_state);
+ tcp_hdr_opts_len = tcp_opts_len + sizeof (tcp_header_t);
+
+ /* Get rcv window to advertise */
+ advertise_wnd = tcp_window_to_advertise (tc, next_state);
+ flags = tcp_make_state_flags (next_state);
+
+ /* Push header and options */
+ th = vlib_buffer_push_tcp (b, tc->c_lcl_port, tc->c_rmt_port, tc->snd_nxt,
+ tc->rcv_nxt, tcp_hdr_opts_len, flags,
+ advertise_wnd);
+
+ opts_write_len = tcp_options_write ((u8 *) (th + 1), snd_opts);
+
+ ASSERT (opts_write_len == tcp_opts_len);
+
+ /* Tag the buffer with the connection index */
+ vnet_buffer (b)->tcp.connection_index = tc->c_c_index;
+
+ tc->snd_nxt += data_len;
+}
+
+/* Send delayed ACK when timer expires */
+void
+tcp_timer_delack_handler (u32 index)
+{
+ tcp_main_t *tm = vnet_get_tcp_main ();
+ vlib_main_t *vm = tm->vlib_main;
+ u32 thread_index = os_get_cpu_number ();
+ tcp_connection_t *tc;
+ vlib_buffer_t *b;
+ u32 bi;
+
+ tc = tcp_connection_get (index, thread_index);
+
+ /* Get buffer */
+ tcp_get_free_buffer_index (tm, &bi);
+ b = vlib_get_buffer (vm, bi);
+
+ /* Fill in the ACK */
+ tcp_make_ack (tc, b);
+
+ tc->timers[TCP_TIMER_DELACK] = TCP_TIMER_HANDLE_INVALID;
+ tc->flags &= ~TCP_CONN_DELACK;
+
+ tcp_enqueue_to_output (vm, b, bi, tc->c_is_ip4);
+}
+
+/** Build a retransmit segment
+ *
+ * @return the number of bytes in the segment or 0 if there's nothing to
+ * retransmit
+ * */
+u32
+tcp_prepare_retransmit_segment (tcp_connection_t * tc, vlib_buffer_t * b,
+ u32 max_bytes)
+{
+ tcp_main_t *tm = vnet_get_tcp_main ();
+ vlib_main_t *vm = tm->vlib_main;
+ u32 n_bytes, offset = 0;
+ sack_scoreboard_hole_t *hole;
+ u32 hole_size;
+
+ tcp_reuse_buffer (vm, b);
+
+ ASSERT (tc->state == TCP_STATE_ESTABLISHED);
+ ASSERT (max_bytes != 0);
+
+ if (tcp_opts_sack_permitted (&tc->opt))
+ {
+ /* XXX get first hole not retransmitted yet */
+ hole = scoreboard_first_hole (&tc->sack_sb);
+ if (!hole)
+ return 0;
+
+ offset = hole->start - tc->snd_una;
+ hole_size = hole->end - hole->start;
+
+ ASSERT (hole_size);
+
+ if (hole_size < max_bytes)
+ max_bytes = hole_size;
+ }
+ else
+ {
+ if (seq_geq (tc->snd_nxt, tc->snd_una_max))
+ return 0;
+ }
+
+ n_bytes = stream_session_peek_bytes (&tc->connection,
+ vlib_buffer_get_current (b), offset,
+ max_bytes);
+ ASSERT (n_bytes != 0);
+
+ tc->snd_nxt += n_bytes;
+ tcp_push_hdr_i (tc, b, tc->state);
+
+ return n_bytes;
+}
+
+static void
+tcp_timer_retransmit_handler_i (u32 index, u8 is_syn)
+{
+ tcp_main_t *tm = vnet_get_tcp_main ();
+ vlib_main_t *vm = tm->vlib_main;
+ u32 thread_index = os_get_cpu_number ();
+ tcp_connection_t *tc;
+ vlib_buffer_t *b;
+ u32 bi, max_bytes, snd_space;
+
+ if (is_syn)
+ {
+ tc = tcp_half_open_connection_get (index);
+ }
+ else
+ {
+ tc = tcp_connection_get (index, thread_index);
+ }
+
+ /* Make sure timer handle is set to invalid */
+ tc->timers[TCP_TIMER_RETRANSMIT] = TCP_TIMER_HANDLE_INVALID;
+
+ /* Increment RTO backoff (also equal to number of retries) */
+ tc->rto_boff += 1;
+
+ /* Go back to first un-acked byte */
+ tc->snd_nxt = tc->snd_una;
+
+ /* Get buffer */
+ tcp_get_free_buffer_index (tm, &bi);
+ b = vlib_get_buffer (vm, bi);
+
+ if (tc->state == TCP_STATE_ESTABLISHED)
+ {
+ tcp_fastrecovery_off (tc);
+
+ /* Exponential backoff */
+ tc->rto = clib_min (tc->rto << 1, TCP_RTO_MAX);
+
+ /* Figure out what and how many bytes we can send */
+ snd_space = tcp_available_snd_space (tc);
+ max_bytes = clib_min (tc->snd_mss, snd_space);
+ tcp_prepare_retransmit_segment (tc, b, max_bytes);
+
+ tc->rtx_bytes += max_bytes;
+
+ /* No fancy recovery for now! */
+ scoreboard_clear (&tc->sack_sb);
+ }
+ else
+ {
+ /* Retransmit for SYN/SYNACK */
+ ASSERT (tc->state == TCP_STATE_SYN_RCVD
+ || tc->state == TCP_STATE_SYN_SENT);
+
+ /* Try without increasing RTO a number of times. If this fails,
+ * start growing RTO exponentially */
+ if (tc->rto_boff > TCP_RTO_SYN_RETRIES)
+ tc->rto = clib_min (tc->rto << 1, TCP_RTO_MAX);
+
+ vlib_buffer_make_headroom (b, MAX_HDRS_LEN);
+ tcp_push_hdr_i (tc, b, tc->state);
+ }
+
+ if (!is_syn)
+ {
+ tcp_enqueue_to_output (vm, b, bi, tc->c_is_ip4);
+
+ /* Re-enable retransmit timer */
+ tcp_retransmit_timer_set (tm, tc);
+ }
+ else
+ {
+ ASSERT (tc->state == TCP_STATE_SYN_SENT);
+
+ /* This goes straight to ipx_lookup */
+ tcp_push_ip_hdr (tm, tc, b);
+ tcp_enqueue_to_ip_lookup (vm, b, bi, tc->c_is_ip4);
+
+ /* Re-enable retransmit timer */
+ tcp_timer_set (tc, TCP_TIMER_RETRANSMIT_SYN,
+ tc->rto * TCP_TO_TIMER_TICK);
+ }
+}
+
+void
+tcp_timer_retransmit_handler (u32 index)
+{
+ tcp_timer_retransmit_handler_i (index, 0);
+}
+
+void
+tcp_timer_retransmit_syn_handler (u32 index)
+{
+ tcp_timer_retransmit_handler_i (index, 1);
+}
+
+/**
+ * Retansmit first unacked segment */
+void
+tcp_retransmit_first_unacked (tcp_connection_t * tc)
+{
+ tcp_main_t *tm = vnet_get_tcp_main ();
+ u32 snd_nxt = tc->snd_nxt;
+ vlib_buffer_t *b;
+ u32 bi;
+
+ tc->snd_nxt = tc->snd_una;
+
+ /* Get buffer */
+ tcp_get_free_buffer_index (tm, &bi);
+ b = vlib_get_buffer (tm->vlib_main, bi);
+
+ tcp_prepare_retransmit_segment (tc, b, tc->snd_mss);
+ tcp_enqueue_to_output (tm->vlib_main, b, bi, tc->c_is_ip4);
+
+ tc->snd_nxt = snd_nxt;
+ tc->rtx_bytes += tc->snd_mss;
+}
+
+void
+tcp_fast_retransmit (tcp_connection_t * tc)
+{
+ tcp_main_t *tm = vnet_get_tcp_main ();
+ u32 snd_space, max_bytes, n_bytes, bi;
+ vlib_buffer_t *b;
+
+ ASSERT (tcp_in_fastrecovery (tc));
+
+ clib_warning ("fast retransmit!");
+
+ /* Start resending from first un-acked segment */
+ tc->snd_nxt = tc->snd_una;
+
+ snd_space = tcp_available_snd_space (tc);
+
+ while (snd_space)
+ {
+ tcp_get_free_buffer_index (tm, &bi);
+ b = vlib_get_buffer (tm->vlib_main, bi);
+
+ max_bytes = clib_min (tc->snd_mss, snd_space);
+ n_bytes = tcp_prepare_retransmit_segment (tc, b, max_bytes);
+
+ /* Nothing left to retransmit */
+ if (n_bytes == 0)
+ return;
+
+ tcp_enqueue_to_output (tm->vlib_main, b, bi, tc->c_is_ip4);
+
+ snd_space -= n_bytes;
+ }
+
+ /* If window allows, send new data */
+ tc->snd_nxt = tc->snd_una_max;
+}
+
+always_inline u32
+tcp_session_has_ooo_data (tcp_connection_t * tc)
+{
+ stream_session_t *s =
+ stream_session_get (tc->c_s_index, tc->c_thread_index);
+ return svm_fifo_has_ooo_data (s->server_rx_fifo);
+}
+
+always_inline uword
+tcp46_output_inline (vlib_main_t * vm,
+ vlib_node_runtime_t * node,
+ vlib_frame_t * from_frame, int is_ip4)
+{
+ tcp_main_t *tm = vnet_get_tcp_main ();
+ u32 n_left_from, next_index, *from, *to_next;
+ u32 my_thread_index = vm->cpu_index;
+
+ from = vlib_frame_vector_args (from_frame);
+ n_left_from = from_frame->n_vectors;
+
+ next_index = node->cached_next_index;
+
+ while (n_left_from > 0)
+ {
+ u32 n_left_to_next;
+
+ vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
+
+ while (n_left_from > 0 && n_left_to_next > 0)
+ {
+ u32 bi0;
+ vlib_buffer_t *b0;
+ tcp_connection_t *tc0;
+ tcp_header_t *th0;
+ u32 error0 = TCP_ERROR_PKTS_SENT, next0 = TCP_OUTPUT_NEXT_IP_LOOKUP;
+
+ bi0 = from[0];
+ to_next[0] = bi0;
+ from += 1;
+ to_next += 1;
+ n_left_from -= 1;
+ n_left_to_next -= 1;
+
+ b0 = vlib_get_buffer (vm, bi0);
+ tc0 = tcp_connection_get (vnet_buffer (b0)->tcp.connection_index,
+ my_thread_index);
+ th0 = vlib_buffer_get_current (b0);
+
+ if (is_ip4)
+ {
+ ip4_header_t *ih0;
+ ih0 = vlib_buffer_push_ip4 (vm, b0, &tc0->c_lcl_ip4,
+ &tc0->c_rmt_ip4, IP_PROTOCOL_TCP);
+ th0->checksum = ip4_tcp_udp_compute_checksum (vm, b0, ih0);
+ }
+ else
+ {
+ ip6_header_t *ih0;
+ int bogus = ~0;
+
+ ih0 = vlib_buffer_push_ip6 (vm, b0, &tc0->c_lcl_ip6,
+ &tc0->c_rmt_ip6, IP_PROTOCOL_TCP);
+ th0->checksum = ip6_tcp_udp_icmp_compute_checksum (vm, b0, ih0,
+ &bogus);
+ ASSERT (!bogus);
+ }
+
+ /* Filter out DUPACKs if there are no OOO segments left */
+ if (PREDICT_FALSE
+ (vnet_buffer (b0)->tcp.flags & TCP_BUF_FLAG_DUPACK))
+ {
+ tc0->snt_dupacks--;
+ ASSERT (tc0->snt_dupacks >= 0);
+ if (!tcp_session_has_ooo_data (tc0))
+ {
+ error0 = TCP_ERROR_FILTERED_DUPACKS;
+ next0 = TCP_OUTPUT_NEXT_DROP;
+ goto done;
+ }
+ }
+
+ /* Retransmitted SYNs do reach this but it should be harmless */
+ tc0->rcv_las = tc0->rcv_nxt;
+
+ /* Stop DELACK timer and fix flags */
+ tc0->flags &=
+ ~(TCP_CONN_SNDACK | TCP_CONN_DELACK | TCP_CONN_BURSTACK);
+ if (tcp_timer_is_active (tc0, TCP_TIMER_DELACK))
+ {
+ tcp_timer_reset (tc0, TCP_TIMER_DELACK);
+ }
+
+ /* If not retransmitting
+ * 1) update snd_una_max (SYN, SYNACK, new data, FIN)
+ * 2) If we're not tracking an ACK, start tracking */
+ if (seq_lt (tc0->snd_una_max, tc0->snd_nxt))
+ {
+ tc0->snd_una_max = tc0->snd_nxt;
+ if (tc0->rtt_ts == 0)
+ {
+ tc0->rtt_ts = tcp_time_now ();
+ tc0->rtt_seq = tc0->snd_nxt;
+ }
+ }
+
+ /* Set the retransmit timer if not set already and not
+ * doing a pure ACK */
+ if (!tcp_timer_is_active (tc0, TCP_TIMER_RETRANSMIT)
+ && tc0->snd_nxt != tc0->snd_una)
+ {
+ tcp_retransmit_timer_set (tm, tc0);
+ tc0->rto_boff = 0;
+ }
+
+ /* set fib index to default and lookup node */
+ /* XXX network virtualization (vrf/vni) */
+ vnet_buffer (b0)->sw_if_index[VLIB_RX] = 0;
+ vnet_buffer (b0)->sw_if_index[VLIB_TX] = (u32) ~ 0;
+
+ b0->flags |= VNET_BUFFER_LOCALLY_ORIGINATED;
+
+ done:
+ b0->error = error0 != 0 ? node->errors[error0] : 0;
+ if (PREDICT_FALSE (b0->flags & VLIB_BUFFER_IS_TRACED))
+ {
+
+ }
+
+ vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
+ n_left_to_next, bi0, next0);
+ }
+
+ vlib_put_next_frame (vm, node, next_index, n_left_to_next);
+ }
+
+ return from_frame->n_vectors;
+}
+
+static uword
+tcp4_output (vlib_main_t * vm, vlib_node_runtime_t * node,
+ vlib_frame_t * from_frame)
+{
+ return tcp46_output_inline (vm, node, from_frame, 1 /* is_ip4 */ );
+}
+
+static uword
+tcp6_output (vlib_main_t * vm, vlib_node_runtime_t * node,
+ vlib_frame_t * from_frame)
+{
+ return tcp46_output_inline (vm, node, from_frame, 0 /* is_ip4 */ );
+}
+
+VLIB_REGISTER_NODE (tcp4_output_node) =
+{
+ .function = tcp4_output,.name = "tcp4-output",
+ /* Takes a vector of packets. */
+ .vector_size = sizeof (u32),.n_errors = TCP_N_ERROR,.error_strings =
+ tcp_error_strings,.n_next_nodes = TCP_OUTPUT_N_NEXT,.next_nodes =
+ {
+#define _(s,n) [TCP_OUTPUT_NEXT_##s] = n,
+ foreach_tcp4_output_next
+#undef _
+ }
+,.format_buffer = format_tcp_header,.format_trace = format_tcp_tx_trace,};
+
+VLIB_NODE_FUNCTION_MULTIARCH (tcp4_output_node, tcp4_output)
+VLIB_REGISTER_NODE (tcp6_output_node) =
+{
+ .function = tcp6_output,.name = "tcp6-output",
+ /* Takes a vector of packets. */
+ .vector_size = sizeof (u32),.n_errors = TCP_N_ERROR,.error_strings =
+ tcp_error_strings,.n_next_nodes = TCP_OUTPUT_N_NEXT,.next_nodes =
+ {
+#define _(s,n) [TCP_OUTPUT_NEXT_##s] = n,
+ foreach_tcp6_output_next
+#undef _
+ }
+,.format_buffer = format_tcp_header,.format_trace = format_tcp_tx_trace,};
+
+VLIB_NODE_FUNCTION_MULTIARCH (tcp6_output_node, tcp6_output) u32
+tcp_push_header (transport_connection_t * tconn, vlib_buffer_t * b)
+{
+ tcp_connection_t *tc;
+
+ tc = (tcp_connection_t *) tconn;
+ tcp_push_hdr_i (tc, b, TCP_STATE_ESTABLISHED);
+ return 0;
+}
+
+typedef enum _tcp_reset_next
+{
+ TCP_RESET_NEXT_DROP,
+ TCP_RESET_NEXT_IP_LOOKUP,
+ TCP_RESET_N_NEXT
+} tcp_reset_next_t;
+
+#define foreach_tcp4_reset_next \
+ _(DROP, "error-drop") \
+ _(IP_LOOKUP, "ip4-lookup")
+
+#define foreach_tcp6_reset_next \
+ _(DROP, "error-drop") \
+ _(IP_LOOKUP, "ip6-lookup")
+
+static uword
+tcp46_send_reset_inline (vlib_main_t * vm, vlib_node_runtime_t * node,
+ vlib_frame_t * from_frame, u8 is_ip4)
+{
+ u32 n_left_from, next_index, *from, *to_next;
+ u32 my_thread_index = vm->cpu_index;
+
+ from = vlib_frame_vector_args (from_frame);
+ n_left_from = from_frame->n_vectors;
+
+ next_index = node->cached_next_index;
+
+ while (n_left_from > 0)
+ {
+ u32 n_left_to_next;
+
+ vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
+
+ while (n_left_from > 0 && n_left_to_next > 0)
+ {
+ u32 bi0;
+ vlib_buffer_t *b0;
+ u32 error0 = TCP_ERROR_RST_SENT, next0 = TCP_RESET_NEXT_IP_LOOKUP;
+
+ bi0 = from[0];
+ to_next[0] = bi0;
+ from += 1;
+ to_next += 1;
+ n_left_from -= 1;
+ n_left_to_next -= 1;
+
+ b0 = vlib_get_buffer (vm, bi0);
+
+ if (tcp_make_reset_in_place (vm, b0, vnet_buffer (b0)->tcp.flags,
+ my_thread_index, is_ip4))
+ {
+ error0 = TCP_ERROR_LOOKUP_DROPS;
+ next0 = TCP_RESET_NEXT_DROP;
+ goto done;
+ }
+
+ /* Prepare to send to IP lookup */
+ vnet_buffer (b0)->sw_if_index[VLIB_TX] = 0;
+ next0 = TCP_RESET_NEXT_IP_LOOKUP;
+
+ done:
+ b0->error = error0 != 0 ? node->errors[error0] : 0;
+ b0->flags |= VNET_BUFFER_LOCALLY_ORIGINATED;
+ if (PREDICT_FALSE (b0->flags & VLIB_BUFFER_IS_TRACED))
+ {
+
+ }
+
+ vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
+ n_left_to_next, bi0, next0);
+ }
+ vlib_put_next_frame (vm, node, next_index, n_left_to_next);
+ }
+ return from_frame->n_vectors;
+}
+
+static uword
+tcp4_send_reset (vlib_main_t * vm, vlib_node_runtime_t * node,
+ vlib_frame_t * from_frame)
+{
+ return tcp46_send_reset_inline (vm, node, from_frame, 1);
+}
+
+static uword
+tcp6_send_reset (vlib_main_t * vm, vlib_node_runtime_t * node,
+ vlib_frame_t * from_frame)
+{
+ return tcp46_send_reset_inline (vm, node, from_frame, 0);
+}
+
+/* *INDENT-OFF* */
+VLIB_REGISTER_NODE (tcp4_reset_node) = {
+ .function = tcp4_send_reset,
+ .name = "tcp4-reset",
+ .vector_size = sizeof (u32),
+ .n_errors = TCP_N_ERROR,
+ .error_strings = tcp_error_strings,
+ .n_next_nodes = TCP_RESET_N_NEXT,
+ .next_nodes = {
+#define _(s,n) [TCP_RESET_NEXT_##s] = n,
+ foreach_tcp4_reset_next
+#undef _
+ },
+};
+/* *INDENT-ON* */
+
+/* *INDENT-OFF* */
+VLIB_REGISTER_NODE (tcp6_reset_node) = {
+ .function = tcp6_send_reset,
+ .name = "tcp6-reset",
+ .vector_size = sizeof (u32),
+ .n_errors = TCP_N_ERROR,
+ .error_strings = tcp_error_strings,
+ .n_next_nodes = TCP_RESET_N_NEXT,
+ .next_nodes = {
+#define _(s,n) [TCP_RESET_NEXT_##s] = n,
+ foreach_tcp6_reset_next
+#undef _
+ },
+};
+/* *INDENT-ON* */
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */