summaryrefslogtreecommitdiffstats
path: root/src/vnet/bfd/bfd_main.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/vnet/bfd/bfd_main.h')
-rw-r--r--src/vnet/bfd/bfd_main.h79
1 files changed, 68 insertions, 11 deletions
diff --git a/src/vnet/bfd/bfd_main.h b/src/vnet/bfd/bfd_main.h
index 20da381ac23..b66b79e71a0 100644
--- a/src/vnet/bfd/bfd_main.h
+++ b/src/vnet/bfd/bfd_main.h
@@ -25,7 +25,7 @@
#include <vnet/bfd/bfd_udp.h>
#define foreach_bfd_transport(F) \
- F (UDP4, "ip4-rewrite") \
+ F (UDP4, "ip4-rewrite") \
F (UDP6, "ip6-rewrite")
typedef enum
@@ -48,6 +48,24 @@ typedef enum
typedef struct
{
+ /* global configuration key ID */
+ u32 conf_key_id;
+
+ /* keeps track of how many sessions reference this key */
+ u32 use_count;
+
+ /*
+ * key data directly usable for bfd purposes - already padded with zeroes
+ * (so we don't need the actual length)
+ */
+ u8 key[20];
+
+ /* authentication type for this key */
+ bfd_auth_type_e auth_type;
+} bfd_auth_key_t;
+
+typedef struct
+{
/* index in bfd_main.sessions pool */
u32 bs_idx;
@@ -120,6 +138,40 @@ typedef struct
/* detection time */
u64 detection_time_clocks;
+ /* authentication information */
+ struct
+ {
+ /* current key in use */
+ bfd_auth_key_t *curr_key;
+
+ /*
+ * set to next key to use if delayed switch is enabled - in that case
+ * the key is switched when first incoming packet is signed with next_key
+ */
+ bfd_auth_key_t *next_key;
+
+ /* sequence number incremented occasionally or always (if meticulous) */
+ u32 local_seq_number;
+
+ /* remote sequence number */
+ u32 remote_seq_number;
+
+ /* set to 1 if remote sequence number is known */
+ u8 remote_seq_number_known;
+
+ /* current key ID sent out in bfd packet */
+ u8 curr_bfd_key_id;
+
+ /* key ID to use when switched to next_key */
+ u8 next_bfd_key_id;
+
+ /*
+ * set to 1 if delayed action is pending, which might be activation
+ * of authentication, change of key or deactivation
+ */
+ u8 is_delayed;
+ } auth;
+
/* transport type for this session */
bfd_transport_t transport;
@@ -131,12 +183,6 @@ typedef struct
typedef struct
{
- u32 client_index;
- u32 client_pid;
-} event_subscriber_t;
-
-typedef struct
-{
/* pool of bfd sessions context data */
bfd_session_t *sessions;
@@ -162,6 +208,12 @@ typedef struct
/* for generating random numbers */
u32 random_seed;
+ /* pool of authentication keys */
+ bfd_auth_key_t *auth_keys;
+
+ /* hashmap - index in pool auth_keys by conf_key_id */
+ u32 *auth_key_by_conf_key_id;
+
} bfd_main_t;
extern bfd_main_t bfd_main;
@@ -202,12 +254,17 @@ bfd_session_t *bfd_find_session_by_disc (bfd_main_t * bm, u32 disc);
void bfd_session_start (bfd_main_t * bm, bfd_session_t * bs);
void bfd_consume_pkt (bfd_main_t * bm, const bfd_pkt_t * bfd, u32 bs_idx);
int bfd_verify_pkt_common (const bfd_pkt_t * pkt);
-int bfd_verify_pkt_session (const bfd_pkt_t * pkt, u16 pkt_size,
- const bfd_session_t * bs);
+int bfd_verify_pkt_auth (const bfd_pkt_t * pkt, u16 pkt_size,
+ bfd_session_t * bs);
void bfd_event (bfd_main_t * bm, bfd_session_t * bs);
-void bfd_send_final (vlib_main_t * vm, vlib_buffer_t * b, bfd_session_t * bs);
+void bfd_init_final_control_frame (vlib_main_t * vm, vlib_buffer_t * b,
+ bfd_session_t * bs);
u8 *format_bfd_session (u8 * s, va_list * args);
-
+void bfd_session_set_flags (bfd_session_t * bs, u8 admin_up_down);
+unsigned bfd_auth_type_supported (bfd_auth_type_e auth_type);
+vnet_api_error_t bfd_auth_activate (bfd_session_t * bs, u32 conf_key_id,
+ u8 bfd_key_id, u8 is_delayed);
+vnet_api_error_t bfd_auth_deactivate (bfd_session_t * bs, u8 is_delayed);
#define USEC_PER_MS 1000LL
#define USEC_PER_SECOND (1000 * USEC_PER_MS)