aboutsummaryrefslogtreecommitdiffstats
path: root/vnet
diff options
context:
space:
mode:
authorHongjun Ni <hongjun.ni@intel.com>2016-11-25 00:03:46 +0800
committerJohn Lo <loj@cisco.com>2016-12-02 14:16:02 +0000
commitbeb4bf7df82658e556a20891cfa04ce375ddb435 (patch)
tree7e04260a644c06beb0bc52d9bb587f8baa46182b /vnet
parentdce0545441cec7242f3eacc8b163c521395f4c3e (diff)
Augment Vxlan to support NSH-Proxy
PatchSet 9: add range check for decap_next_index PatchSet 6: delete runtime range check Change-Id: I415e156d05d09d2ff34f6578924f0b243058f464 Signed-off-by: Hongjun Ni <hongjun.ni@intel.com>
Diffstat (limited to 'vnet')
-rw-r--r--vnet/vnet/vxlan-gpe/encap.c2
-rw-r--r--vnet/vnet/vxlan/decap.c6
-rw-r--r--vnet/vnet/vxlan/vxlan.c85
-rw-r--r--vnet/vnet/vxlan/vxlan.h2
4 files changed, 85 insertions, 10 deletions
diff --git a/vnet/vnet/vxlan-gpe/encap.c b/vnet/vnet/vxlan-gpe/encap.c
index 3f6f43c564c..9cd2c722aa1 100644
--- a/vnet/vnet/vxlan-gpe/encap.c
+++ b/vnet/vnet/vxlan-gpe/encap.c
@@ -407,7 +407,7 @@ VLIB_REGISTER_NODE (vxlan_gpe_encap_node) = {
.next_nodes = {
[VXLAN_GPE_ENCAP_NEXT_IP4_LOOKUP] = "ip4-lookup",
- [VXLAN_GPE_ENCAP_NEXT_IP6_LOOKUP] = "ip6-lookup",
+ [VXLAN_GPE_ENCAP_NEXT_IP6_LOOKUP] = "ip6-lookup",
[VXLAN_GPE_ENCAP_NEXT_DROP] = "error-drop",
},
};
diff --git a/vnet/vnet/vxlan/decap.c b/vnet/vnet/vxlan/decap.c
index 05565504669..22f2f85b2bc 100644
--- a/vnet/vnet/vxlan/decap.c
+++ b/vnet/vnet/vxlan/decap.c
@@ -217,7 +217,7 @@ vxlan_input (vlib_main_t * vm,
}
t0 = pool_elt_at_index (vxm->tunnels, tunnel_index0);
-
+ next0 = t0->decap_next_index;
sw_if_index0 = t0->sw_if_index;
len0 = vlib_buffer_length_in_chain (vm, b0);
@@ -312,7 +312,7 @@ vxlan_input (vlib_main_t * vm,
}
t1 = pool_elt_at_index (vxm->tunnels, tunnel_index1);
-
+ next1 = t1->decap_next_index;
sw_if_index1 = t1->sw_if_index;
len1 = vlib_buffer_length_in_chain (vm, b1);
@@ -464,7 +464,7 @@ vxlan_input (vlib_main_t * vm,
}
t0 = pool_elt_at_index (vxm->tunnels, tunnel_index0);
-
+ next0 = t0->decap_next_index;
sw_if_index0 = t0->sw_if_index;
len0 = vlib_buffer_length_in_chain (vm, b0);
diff --git a/vnet/vnet/vxlan/vxlan.c b/vnet/vnet/vxlan/vxlan.c
index bda0bbc968a..a2b89208116 100644
--- a/vnet/vnet/vxlan/vxlan.c
+++ b/vnet/vnet/vxlan/vxlan.c
@@ -17,6 +17,7 @@
#include <vnet/fib/fib_entry.h>
#include <vnet/fib/fib_table.h>
#include <vnet/dpo/receive_dpo.h>
+#include <vlib/vlib.h>
/**
* @file
@@ -37,6 +38,22 @@
vxlan_main_t vxlan_main;
+static u8 * format_decap_next (u8 * s, va_list * args)
+{
+ u32 next_index = va_arg (*args, u32);
+
+ switch (next_index)
+ {
+ case VXLAN_INPUT_NEXT_DROP:
+ return format (s, "drop");
+ case VXLAN_INPUT_NEXT_L2_INPUT:
+ return format (s, "l2");
+ default:
+ return format (s, "next-index %d", next_index);
+ }
+ return s;
+}
+
u8 * format_vxlan_tunnel (u8 * s, va_list * args)
{
vxlan_tunnel_t * t = va_arg (*args, vxlan_tunnel_t *);
@@ -44,11 +61,12 @@ u8 * format_vxlan_tunnel (u8 * s, va_list * args)
s = format (s,
"[%d] src %U dst %U vni %d encap_fib_index %d sw_if_index %d "
- "fib_entry_index %d\n",
+ "fib_entry_index %d",
t - ngm->tunnels,
format_ip46_address, &t->src, IP46_TYPE_ANY,
format_ip46_address, &t->dst, IP46_TYPE_ANY,
t->vni, t->encap_fib_index, t->sw_if_index, t->fib_entry_index);
+ s = format (s, " decap_next %U\n", format_decap_next, t->decap_next_index);
return s;
}
@@ -176,6 +194,7 @@ const static fib_node_vft_t vxlan_vft = {
_(vni) \
_(mcast_sw_if_index) \
_(encap_fib_index) \
+_(decap_next_index) \
_(src) \
_(dst)
@@ -245,6 +264,27 @@ static int vxlan6_rewrite (vxlan_tunnel_t * t)
return (0);
}
+static int vxlan_check_decap_next(vxlan_main_t * vxm, u32 is_ip6, u32 decap_next_index)
+{
+ vlib_main_t * vm = vxm->vlib_main;
+ vlib_node_runtime_t *r;
+
+ if(!is_ip6)
+ {
+ r = vlib_node_get_runtime (vm, vxlan4_input_node.index);
+ if(decap_next_index >= r->n_next_nodes)
+ return 1;
+ }
+ else
+ {
+ r = vlib_node_get_runtime (vm, vxlan6_input_node.index);
+ if(decap_next_index >= r->n_next_nodes)
+ return 1;
+ }
+
+ return 0;
+}
+
int vnet_vxlan_add_del_tunnel
(vnet_vxlan_add_del_tunnel_args_t *a, u32 * sw_if_indexp)
{
@@ -283,6 +323,12 @@ int vnet_vxlan_add_del_tunnel
if (p)
return VNET_API_ERROR_TUNNEL_EXIST;
+ /*if not set explicitly, default to l2 */
+ if(a->decap_next_index == ~0)
+ a->decap_next_index = VXLAN_INPUT_NEXT_L2_INPUT;
+ if (vxlan_check_decap_next(vxm, is_ip6, a->decap_next_index))
+ return VNET_API_ERROR_INVALID_DECAP_NEXT;
+
pool_get_aligned (vxm->tunnels, t, CLIB_CACHE_LINE_BYTES);
memset (t, 0, sizeof (*t));
@@ -496,13 +542,37 @@ static u32 fib6_index_from_fib_id (u32 fib_id)
return p[0];
}
+static uword get_decap_next_for_node(u32 node_index, u32 ipv4_set)
+{
+ vxlan_main_t * vxm = &vxlan_main;
+ vlib_main_t * vm = vxm->vlib_main;
+ uword next_index = ~0;
+
+ if (ipv4_set)
+ {
+ next_index = vlib_node_add_next (vm, vxlan4_input_node.index, node_index);
+ }
+ else
+ {
+ next_index = vlib_node_add_next (vm, vxlan6_input_node.index, node_index);
+ }
+
+ return next_index;
+}
+
static uword unformat_decap_next (unformat_input_t * input, va_list * args)
{
u32 * result = va_arg (*args, u32 *);
+ u32 ipv4_set = va_arg (*args, int);
+ vxlan_main_t * vxm = &vxlan_main;
+ vlib_main_t * vm = vxm->vlib_main;
+ u32 node_index;
u32 tmp;
-
+
if (unformat (input, "l2"))
*result = VXLAN_INPUT_NEXT_L2_INPUT;
+ else if (unformat (input, "node %U", unformat_vlib_node, vm, &node_index))
+ *result = get_decap_next_for_node(node_index, ipv4_set);
else if (unformat (input, "%d", &tmp))
*result = tmp;
else
@@ -525,7 +595,7 @@ vxlan_add_del_tunnel_command_fn (vlib_main_t * vm,
u8 ipv6_set = 0;
u32 encap_fib_index = 0;
u32 mcast_sw_if_index = ~0;
- u32 decap_next_index = ~0;
+ u32 decap_next_index = VXLAN_INPUT_NEXT_L2_INPUT;
u32 vni = 0;
u32 tmp;
int rv;
@@ -595,7 +665,7 @@ vxlan_add_del_tunnel_command_fn (vlib_main_t * vm,
return clib_error_return (0, "nonexistent encap-vrf-id %d", tmp);
}
else if (unformat (line_input, "decap-next %U", unformat_decap_next,
- &decap_next_index))
+ &decap_next_index, ipv4_set))
;
else if (unformat (line_input, "vni %d", &vni))
{
@@ -627,6 +697,9 @@ vxlan_add_del_tunnel_command_fn (vlib_main_t * vm,
if (ip46_address_cmp(&src, &dst) == 0)
return clib_error_return (0, "src and dst addresses are identical");
+ if (decap_next_index == ~0)
+ return clib_error_return (0, "next node not found");
+
if (vni == 0)
return clib_error_return (0, "vni not specified");
@@ -689,7 +762,7 @@ VLIB_CLI_COMMAND (create_vxlan_tunnel_command, static) = {
.short_help =
"create vxlan tunnel src <local-vtep-addr>"
" {dst <remote-vtep-addr>|group <mcast-vtep-addr> <intf-name>} vni <nn>"
- " [encap-vrf-id <nn>]",
+ " [encap-vrf-id <nn>] [decap-next [l2|node <name>]] [del]",
.function = vxlan_add_del_tunnel_command_fn,
};
/* *INDENT-ON* */
@@ -719,7 +792,7 @@ show_vxlan_tunnel_command_fn (vlib_main_t * vm,
* @cliexpar
* Example of how to display the VXLAN Tunnel entries:
* @cliexstart{show vxlan tunnel}
- * [0] src 10.0.3.1 dst 10.0.3.3 vni 13 encap_fib_index 0 sw_if_index 5
+ * [0] src 10.0.3.1 dst 10.0.3.3 vni 13 encap_fib_index 0 sw_if_index 5 decap_next l2
* @cliexend
?*/
/* *INDENT-OFF* */
diff --git a/vnet/vnet/vxlan/vxlan.h b/vnet/vnet/vxlan/vxlan.h
index 3041df27dcc..fe31ce160b8 100644
--- a/vnet/vnet/vxlan/vxlan.h
+++ b/vnet/vnet/vxlan/vxlan.h
@@ -86,6 +86,8 @@ typedef struct {
ip46_address_t dst;
u32 mcast_sw_if_index;
+ /* decap next index */
+ u32 decap_next_index;
/* The FIB index for src/dst addresses */
u32 encap_fib_index;