diff options
author | Nick Zavaritsky <nick.zavaritsky@emnify.com> | 2020-02-27 15:54:58 +0000 |
---|---|---|
committer | John Lo <loj@cisco.com> | 2020-03-03 16:15:15 +0000 |
commit | 27518c2ffd0ef75e973a64870da0e3339f39ccce (patch) | |
tree | 3fb7afdb06963ae3ef36cc74bfe33e10b8668d5d /src/vnet/vxlan/vxlan.c | |
parent | 297d288ed653abac9d719013c4ead5215230e7da (diff) |
geneve gtpu vxlan vxlan-gpe: VRF-aware bypass node
Bypass node MUST NOT intercept a packet if destination IP doesn’t match
a local address. However IP address interpretation depends on the VRF,
hence bypass node must take that into account.
This patch also factors-out common VTEP management and checking code.
Type: improvement
Signed-off-by: Nick Zavaritsky <nick.zavaritsky@emnify.com>
Change-Id: I5665d94882bbf45d15f8da140c7ada528ec7fa94
Diffstat (limited to 'src/vnet/vxlan/vxlan.c')
-rw-r--r-- | src/vnet/vxlan/vxlan.c | 41 |
1 files changed, 7 insertions, 34 deletions
diff --git a/src/vnet/vxlan/vxlan.c b/src/vnet/vxlan/vxlan.c index 32647496a76..ea1748ce4a8 100644 --- a/src/vnet/vxlan/vxlan.c +++ b/src/vnet/vxlan/vxlan.c @@ -291,35 +291,6 @@ vxlan_decap_next_is_valid (vxlan_main_t * vxm, u32 is_ip6, return decap_next_index < r->n_next_nodes; } -static uword -vtep_addr_ref (ip46_address_t * ip) -{ - uword *vtep = ip46_address_is_ip4 (ip) ? - hash_get (vxlan_main.vtep4, ip->ip4.as_u32) : - hash_get_mem (vxlan_main.vtep6, &ip->ip6); - if (vtep) - return ++(*vtep); - ip46_address_is_ip4 (ip) ? - hash_set (vxlan_main.vtep4, ip->ip4.as_u32, 1) : - hash_set_mem_alloc (&vxlan_main.vtep6, &ip->ip6, 1); - return 1; -} - -static uword -vtep_addr_unref (ip46_address_t * ip) -{ - uword *vtep = ip46_address_is_ip4 (ip) ? - hash_get (vxlan_main.vtep4, ip->ip4.as_u32) : - hash_get_mem (vxlan_main.vtep6, &ip->ip6); - ALWAYS_ASSERT (vtep); - if (--(*vtep) != 0) - return *vtep; - ip46_address_is_ip4 (ip) ? - hash_unset (vxlan_main.vtep4, ip->ip4.as_u32) : - hash_unset_mem_free (&vxlan_main.vtep6, &ip->ip6); - return 0; -} - /* *INDENT-OFF* */ typedef CLIB_PACKED(union { @@ -513,7 +484,7 @@ int vnet_vxlan_add_del_tunnel * when the forwarding for the entry updates, and the tunnel can * re-stack accordingly */ - vtep_addr_ref (&t->src); + vtep_addr_ref (&vxm->vtep_table, t->encap_fib_index, &t->src); t->fib_entry_index = fib_entry_track (t->encap_fib_index, &tun_dst_pfx, FIB_NODE_TYPE_VXLAN_TUNNEL, @@ -530,7 +501,8 @@ int vnet_vxlan_add_del_tunnel */ fib_protocol_t fp = fib_ip_proto (is_ip6); - if (vtep_addr_ref (&t->dst) == 1) + if (vtep_addr_ref (&vxm->vtep_table, + t->encap_fib_index, &t->dst) == 1) { fib_node_index_t mfei; adj_index_t ai; @@ -619,10 +591,11 @@ int vnet_vxlan_add_del_tunnel if (t->flow_index != ~0) vnet_flow_del (vnm, t->flow_index); - vtep_addr_unref (&t->src); + vtep_addr_unref (&vxm->vtep_table, t->encap_fib_index, &t->src); fib_entry_untrack (t->fib_entry_index, t->sibling_index); } - else if (vtep_addr_unref (&t->dst) == 0) + else if (vtep_addr_unref (&vxm->vtep_table, + t->encap_fib_index, &t->dst) == 0) { mcast_shared_remove (&t->dst); } @@ -1261,7 +1234,7 @@ vxlan_init (vlib_main_t * vm) VXLAN_HASH_NUM_BUCKETS, VXLAN_HASH_MEMORY_SIZE); clib_bihash_init_24_8 (&vxm->vxlan6_tunnel_by_key, "vxlan6", VXLAN_HASH_NUM_BUCKETS, VXLAN_HASH_MEMORY_SIZE); - vxm->vtep6 = hash_create_mem (0, sizeof (ip6_address_t), sizeof (uword)); + vxm->vtep_table = vtep_table_create (); vxm->mcast_shared = hash_create_mem (0, sizeof (ip46_address_t), sizeof (mcast_shared_t)); |