diff options
author | Neale Ranns <nranns@cisco.com> | 2020-01-02 04:06:10 +0000 |
---|---|---|
committer | Ole Tr�an <otroan@employees.org> | 2020-11-02 08:49:08 +0000 |
commit | 041add7d12217494934b651e4e38b5eab5216ddc (patch) | |
tree | 42f6ed8c3e4477b7c7cf93b19f227e4fc0afb4cb /src/vnet/tunnel/tunnel_dp.h | |
parent | 62877029aac3e05a1e1db579aeaad42bca5a70a4 (diff) |
ipsec: Tunnel SA DSCP behaviour
Type: feature
- use tunnel_encap_decap_flags to control the copying of DSCP/ECN/etc
during IPSEC tunnel mode encap.
- use DSCP value to have fixed encap value.
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: If4f51fd4c1dcbb0422aac9bd078e5c14af5bf11f
Diffstat (limited to 'src/vnet/tunnel/tunnel_dp.h')
-rw-r--r-- | src/vnet/tunnel/tunnel_dp.h | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/src/vnet/tunnel/tunnel_dp.h b/src/vnet/tunnel/tunnel_dp.h index a00a3b3e222..f84e764f7ea 100644 --- a/src/vnet/tunnel/tunnel_dp.h +++ b/src/vnet/tunnel/tunnel_dp.h @@ -34,6 +34,41 @@ tunnel_encap_fixup_4o4 (tunnel_encap_decap_flags_t flags, } static_always_inline void +tunnel_encap_fixup_4o4_w_chksum (tunnel_encap_decap_flags_t flags, + const ip4_header_t * inner, + ip4_header_t * outer) +{ + if (flags & (TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_DSCP | + TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_ECN)) + { + ip_csum_t sum = outer->checksum; + u8 tos = outer->tos; + + if (flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_DSCP) + ip4_header_set_dscp (outer, ip4_header_get_dscp (inner)); + if (flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_ECN) + ip4_header_set_ecn (outer, ip4_header_get_ecn (inner)); + + sum = + ip_csum_update (outer->checksum, tos, outer->tos, ip4_header_t, tos); + outer->checksum = ip_csum_fold (sum); + } + if ((flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_DF) && + ip4_header_get_df (inner)) + { + ip_csum_t sum = outer->checksum; + u16 tos = outer->flags_and_fragment_offset; + + ip4_header_set_df (outer); + + sum = + ip_csum_update (outer->checksum, tos, outer->tos, ip4_header_t, + flags_and_fragment_offset); + outer->checksum = ip_csum_fold (sum); + } +} + +static_always_inline void tunnel_encap_fixup_6o4 (tunnel_encap_decap_flags_t flags, const ip6_header_t * inner, ip4_header_t * outer) { @@ -44,6 +79,28 @@ tunnel_encap_fixup_6o4 (tunnel_encap_decap_flags_t flags, } static_always_inline void +tunnel_encap_fixup_6o4_w_chksum (tunnel_encap_decap_flags_t flags, + const ip6_header_t * inner, + ip4_header_t * outer) +{ + if (flags & (TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_DSCP | + TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_ECN)) + { + ip_csum_t sum = outer->checksum; + u8 tos = outer->tos; + + if (flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_DSCP) + ip4_header_set_dscp (outer, ip6_dscp_network_order (inner)); + if (flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_ECN) + ip4_header_set_ecn (outer, ip6_ecn_network_order ((inner))); + + sum = + ip_csum_update (outer->checksum, tos, outer->tos, ip4_header_t, tos); + outer->checksum = ip_csum_fold (sum); + } +} + +static_always_inline void tunnel_encap_fixup_6o6 (tunnel_encap_decap_flags_t flags, const ip6_header_t * inner, ip6_header_t * outer) { |