summaryrefslogtreecommitdiffstats
path: root/src/vnet
diff options
context:
space:
mode:
authorAlexander Chernavin <achernavin@netgate.com>2022-08-12 13:19:49 +0000
committerNeale Ranns <neale@graphiant.com>2022-08-17 01:53:29 +0000
commitd5e4e25849be4e58420de5c0d02ab4e244f334b6 (patch)
tree20343bac8ab01e7f22da246696e65400c78f38fb /src/vnet
parentc7f93b321d02c532f612587f939f8188526139ac (diff)
fib: support "midchain delegate" removal
Type: improvement Currently, once an adjacency is stacked on a FIB entry via adj_midchain_delegate_stack(), "midchain delegate" is created for the adjacency and the FIB index is stored there. And all further calls to adj_midchain_delegate_stack() even passing another FIB index will cause the function to still use the stored one. In other words, there is currently no way to stack an adjacency on another FIB index if "midchain delegate" already exists for it. Being able to stack on another FIB index is needed for the wireguard plugin. As per the protocol, peers can roam between different external endpoints. When an authenticated packet is received and it was sent from a different endpoint than currently stored, the endpoint needs to be updated and all futher communication needs to happen with that endpoint. Thus, the corresponding to that peer adjacencies need to be stacked on the FIB entry that corresponds to the new endpoint. With this change, add adj_midchain_delegate_remove() that removes "midchain delegate". When stacking on another FIB entry is needed, existing "midchain delegate" can be removed and then, a new one created with a new FIB index via adj_midchain_delegate_stack(). Signed-off-by: Alexander Chernavin <achernavin@netgate.com> Change-Id: Ibc1c99b248a5ef8ef64867f39f494fab627a1741
Diffstat (limited to 'src/vnet')
-rw-r--r--src/vnet/adj/adj_midchain.h5
-rw-r--r--src/vnet/adj/adj_midchain_delegate.c26
2 files changed, 31 insertions, 0 deletions
diff --git a/src/vnet/adj/adj_midchain.h b/src/vnet/adj/adj_midchain.h
index 85294122f08..eee8c99ae40 100644
--- a/src/vnet/adj/adj_midchain.h
+++ b/src/vnet/adj/adj_midchain.h
@@ -160,6 +160,11 @@ extern void adj_midchain_delegate_restack(adj_index_t ai);
*/
extern void adj_midchain_delegate_unstack(adj_index_t ai);
+/**
+ * @brief remove a midchain delegate (this stacks it on a drop)
+ */
+extern void adj_midchain_delegate_remove (adj_index_t ai);
+
extern u8 adj_is_midchain (adj_index_t ai);
#endif
diff --git a/src/vnet/adj/adj_midchain_delegate.c b/src/vnet/adj/adj_midchain_delegate.c
index 9e788432640..de57442ac9b 100644
--- a/src/vnet/adj/adj_midchain_delegate.c
+++ b/src/vnet/adj/adj_midchain_delegate.c
@@ -132,6 +132,32 @@ adj_midchain_delegate_stack (adj_index_t ai,
}
void
+adj_midchain_delegate_remove (adj_index_t ai)
+{
+ adj_midchain_delegate_t *amd;
+ ip_adjacency_t *adj;
+ adj_delegate_t *ad;
+
+ /*
+ * if there's a delegate, it can be removed
+ */
+ adj = adj_get(ai);
+ ad = adj_delegate_get(adj, ADJ_DELEGATE_MIDCHAIN);
+
+ if (NULL != ad)
+ {
+ adj_nbr_midchain_unstack(ai);
+
+ adj_delegate_remove (ai, ADJ_DELEGATE_MIDCHAIN);
+
+ amd = pool_elt_at_index(amd_pool, ad->ad_index);
+ fib_entry_untrack(amd->amd_fei, amd->amd_sibling);
+
+ pool_put(amd_pool, amd);
+ }
+}
+
+void
adj_midchain_delegate_unstack (adj_index_t ai)
{
adj_nbr_midchain_unstack(ai);