diff options
| author |   Alexander Chernavin <achernavin@netgate.com> | 2022-08-12 13:19:49 +0000 |
|---|---|---|
| committer |   Neale Ranns <neale@graphiant.com> | 2022-08-17 01:53:29 +0000 |
| commit | d5e4e25849be4e58420de5c0d02ab4e244f334b6 (patch) | |
| tree | 20343bac8ab01e7f22da246696e65400c78f38fb /src/vnet | |
| parent | c7f93b321d02c532f612587f939f8188526139ac (diff) | |
fib: support "midchain delegate" removal
Type: improvement
Currently, once an adjacency is stacked on a FIB entry via
adj_midchain_delegate_stack(), "midchain delegate" is created for the
adjacency and the FIB index is stored there. And all further calls to
adj_midchain_delegate_stack() even passing another FIB index will cause
the function to still use the stored one. In other words, there is
currently no way to stack an adjacency on another FIB index if "midchain
delegate" already exists for it.
Being able to stack on another FIB index is needed for the wireguard
plugin. As per the protocol, peers can roam between different external
endpoints. When an authenticated packet is received and it was sent from
a different endpoint than currently stored, the endpoint needs to be
updated and all futher communication needs to happen with that endpoint.
Thus, the corresponding to that peer adjacencies need to be stacked on
the FIB entry that corresponds to the new endpoint.
With this change, add adj_midchain_delegate_remove() that removes
"midchain delegate". When stacking on another FIB entry is needed,
existing "midchain delegate" can be removed and then, a new one created
with a new FIB index via adj_midchain_delegate_stack().
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: Ibc1c99b248a5ef8ef64867f39f494fab627a1741
Diffstat (limited to 'src/vnet')
| -rw-r--r-- | src/vnet/adj/adj_midchain.h | 5 | ||||
| -rw-r--r-- | src/vnet/adj/adj_midchain_delegate.c | 26 |
2 files changed, 31 insertions, 0 deletions
diff --git a/src/vnet/adj/adj_midchain.h b/src/vnet/adj/adj_midchain.h index 85294122f08..eee8c99ae40 100644 --- a/src/vnet/adj/adj_midchain.h +++ b/src/vnet/adj/adj_midchain.h @@ -160,6 +160,11 @@ extern void adj_midchain_delegate_restack(adj_index_t ai); */ extern void adj_midchain_delegate_unstack(adj_index_t ai); +/** + * @brief remove a midchain delegate (this stacks it on a drop) + */ +extern void adj_midchain_delegate_remove (adj_index_t ai); + extern u8 adj_is_midchain (adj_index_t ai); #endif diff --git a/src/vnet/adj/adj_midchain_delegate.c b/src/vnet/adj/adj_midchain_delegate.c index 9e788432640..de57442ac9b 100644 --- a/src/vnet/adj/adj_midchain_delegate.c +++ b/src/vnet/adj/adj_midchain_delegate.c @@ -132,6 +132,32 @@ adj_midchain_delegate_stack (adj_index_t ai, } void +adj_midchain_delegate_remove (adj_index_t ai) +{ + adj_midchain_delegate_t *amd; + ip_adjacency_t *adj; + adj_delegate_t *ad; + + /* + * if there's a delegate, it can be removed + */ + adj = adj_get(ai); + ad = adj_delegate_get(adj, ADJ_DELEGATE_MIDCHAIN); + + if (NULL != ad) + { + adj_nbr_midchain_unstack(ai); + + adj_delegate_remove (ai, ADJ_DELEGATE_MIDCHAIN); + + amd = pool_elt_at_index(amd_pool, ad->ad_index); + fib_entry_untrack(amd->amd_fei, amd->amd_sibling); + + pool_put(amd_pool, amd); + } +} + +void adj_midchain_delegate_unstack (adj_index_t ai) { adj_nbr_midchain_unstack(ai); |