summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorNeale Ranns <nranns@cisco.com>2017-08-02 05:15:07 -0700
committerKeith Burns <alagalah@gmail.com>2017-08-03 17:00:31 +0000
commit808c5b21c2759564689933d004223052b7895a42 (patch)
tree2d1720692195ad876f0611cd694f721adc211e82 /src
parent8d00fff8dff4e449767601645422e03df92a83af (diff)
DHCP Client: receive unicast ACKs
despite VPP DHCP client setting neither ciaddr nor giaddr and setting the broadcast bit (see RFC 2131 section 4.1) some DHCP servers will still send a unicast DCHPACK. So as not to drop this VPP must have both 1) a receive FIB entry for the OFFERED IP adress and 2) a 'don't drop me because of uRPF' FIB entry for the DHCP server's address. Change-Id: I167d858deb45629318cbdccf5bf67d971730a42f Signed-off-by: Neale Ranns <nranns@cisco.com>
Diffstat (limited to 'src')
-rw-r--r--src/vnet/dhcp/client.c79
-rw-r--r--src/vnet/fib/fib_entry.h9
2 files changed, 80 insertions, 8 deletions
diff --git a/src/vnet/dhcp/client.c b/src/vnet/dhcp/client.c
index 25ab3176ae5..cfe62a6f45b 100644
--- a/src/vnet/dhcp/client.c
+++ b/src/vnet/dhcp/client.c
@@ -22,6 +22,70 @@ static u8 * format_dhcp_client_state (u8 * s, va_list * va);
static vlib_node_registration_t dhcp_client_process_node;
static void
+dhcp_client_add_rx_address (dhcp_client_main_t * dcm, dhcp_client_t * c)
+{
+ /* Install a local entry for the offered address */
+ fib_prefix_t rx =
+ {
+ .fp_len = 32,
+ .fp_addr.ip4 = c->leased_address,
+ .fp_proto = FIB_PROTOCOL_IP4,
+ };
+
+ fib_table_entry_special_add(fib_table_get_index_for_sw_if_index(
+ FIB_PROTOCOL_IP4,
+ c->sw_if_index),
+ &rx,
+ FIB_SOURCE_DHCP,
+ (FIB_ENTRY_FLAG_LOCAL));
+
+ /* And add the server's address as uRPF exempt so we can accept
+ * local packets from it */
+ fib_prefix_t server =
+ {
+ .fp_len = 32,
+ .fp_addr.ip4 = c->dhcp_server,
+ .fp_proto = FIB_PROTOCOL_IP4,
+ };
+
+ fib_table_entry_special_add(fib_table_get_index_for_sw_if_index(
+ FIB_PROTOCOL_IP4,
+ c->sw_if_index),
+ &server,
+ FIB_SOURCE_URPF_EXEMPT,
+ (FIB_ENTRY_FLAG_DROP));
+}
+
+static void
+dhcp_client_remove_rx_address (dhcp_client_main_t * dcm, dhcp_client_t * c)
+{
+ fib_prefix_t rx =
+ {
+ .fp_len = 32,
+ .fp_addr.ip4 = c->leased_address,
+ .fp_proto = FIB_PROTOCOL_IP4,
+ };
+
+ fib_table_entry_special_remove(fib_table_get_index_for_sw_if_index(
+ FIB_PROTOCOL_IP4,
+ c->sw_if_index),
+ &rx,
+ FIB_SOURCE_DHCP);
+ fib_prefix_t server =
+ {
+ .fp_len = 32,
+ .fp_addr.ip4 = c->dhcp_server,
+ .fp_proto = FIB_PROTOCOL_IP4,
+ };
+
+ fib_table_entry_special_remove(fib_table_get_index_for_sw_if_index(
+ FIB_PROTOCOL_IP4,
+ c->sw_if_index),
+ &server,
+ FIB_SOURCE_URPF_EXEMPT);
+}
+
+static void
dhcp_client_acquire_address (dhcp_client_main_t * dcm, dhcp_client_t * c)
{
/*
@@ -95,7 +159,9 @@ int dhcp_client_for_us (u32 bi, vlib_buffer_t * b,
/* parse through the packet, learn what we can */
if (dhcp->your_ip_address.as_u32)
c->leased_address.as_u32 = dhcp->your_ip_address.as_u32;
-
+
+ c->dhcp_server.as_u32 = dhcp->server_ip_address.as_u32;
+
o = (dhcp_option_t *) dhcp->options;
while (o->option != 0xFF /* end of options */ &&
@@ -172,6 +238,14 @@ int dhcp_client_for_us (u32 bi, vlib_buffer_t * b,
c->next_transmit = now + 5.0;
break;
}
+ /*
+ * in order to accept unicasted ACKs we need to configure the offered
+ * address on the interface. However, at this point we may not know the
+ * subnet-mask (an OFFER may not contain it). So add a temporary receice
+ * and uRPF excempt entry
+ */
+ dhcp_client_add_rx_address (dcm, c);
+
/* Received an offer, go send a request */
c->state = DHCP_REQUEST;
c->retry_count = 0;
@@ -196,6 +270,8 @@ int dhcp_client_for_us (u32 bi, vlib_buffer_t * b,
{
void (*fp)(u32, u32, u8 *, u8, u8, u8 *, u8 *, u8 *) = c->event_callback;
+ /* replace the temporary RX address with the correct subnet */
+ dhcp_client_remove_rx_address (dcm, c);
dhcp_client_acquire_address (dcm, c);
/*
@@ -831,6 +907,7 @@ int dhcp_client_add_del (dhcp_client_add_del_args_t * a)
1,
FIB_ROUTE_PATH_FLAG_NONE);
}
+ dhcp_client_remove_rx_address (dcm, c);
dhcp_client_release_address (dcm, c);
ip4_sw_interface_enable_disable (c->sw_if_index, 0);
diff --git a/src/vnet/fib/fib_entry.h b/src/vnet/fib/fib_entry.h
index 5f6ff31297e..93b8016d44f 100644
--- a/src/vnet/fib/fib_entry.h
+++ b/src/vnet/fib/fib_entry.h
@@ -205,14 +205,9 @@ typedef enum fib_entry_attribute_t_ {
/**
* Marker. add new entries before this one.
*/
- FIB_ENTRY_ATTRIBUTE_LAST = FIB_ENTRY_ATTRIBUTE_MULTICAST,
+ FIB_ENTRY_ATTRIBUTE_LAST = FIB_ENTRY_ATTRIBUTE_URPF_EXEMPT,
} fib_entry_attribute_t;
-/**
- * The maximum number of sources
- */
-#define FIB_ENTRY_ATTRIBUTE_MAX (FIB_ENTRY_ATTRIBUTE_LAST+1)
-
#define FIB_ENTRY_ATTRIBUTES { \
[FIB_ENTRY_ATTRIBUTE_CONNECTED] = "connected", \
[FIB_ENTRY_ATTRIBUTE_ATTACHED] = "attached", \
@@ -226,7 +221,7 @@ typedef enum fib_entry_attribute_t_ {
#define FOR_EACH_FIB_ATTRIBUTE(_item) \
for (_item = FIB_ENTRY_ATTRIBUTE_FIRST; \
- _item < FIB_ENTRY_ATTRIBUTE_MAX; \
+ _item <= FIB_ENTRY_ATTRIBUTE_LAST; \
_item++)
typedef enum fib_entry_flag_t_ {