diff options
Diffstat (limited to 'src/vnet/bfd/bfd_udp.c')
-rw-r--r-- | src/vnet/bfd/bfd_udp.c | 555 |
1 files changed, 278 insertions, 277 deletions
diff --git a/src/vnet/bfd/bfd_udp.c b/src/vnet/bfd/bfd_udp.c index 4ad5660fdf6..ec42cda1bc4 100644 --- a/src/vnet/bfd/bfd_udp.c +++ b/src/vnet/bfd/bfd_udp.c @@ -35,10 +35,20 @@ #include <vnet/dpo/receive_dpo.h> #include <vnet/fib/fib_entry.h> #include <vnet/fib/fib_table.h> +#include <vlib/stats/stats.h> #include <vnet/bfd/bfd_debug.h> #include <vnet/bfd/bfd_udp.h> #include <vnet/bfd/bfd_main.h> #include <vnet/bfd/bfd_api.h> +#include <vnet/bfd/bfd.api_enum.h> + +#define F(sym, str) \ + STATIC_ASSERT ((int) BFD_ERROR_##sym == (int) BFD_UDP_ERROR_##sym, \ + "BFD error enums mismatch"); +foreach_bfd_error (F) +#undef F + STATIC_ASSERT ((int) BFD_N_ERROR <= (int) BFD_UDP_N_ERROR, + "BFD error enum sizes mismatch"); typedef struct { @@ -52,24 +62,14 @@ typedef struct int echo_source_is_set; /* loopback interface used to get echo source ip */ u32 echo_source_sw_if_index; - /* node index of "ip4-arp" node */ - u32 ip4_arp_idx; - /* node index of "ip6-discover-neighbor" node */ - u32 ip6_ndp_idx; - /* node index of "ip4-rewrite" node */ - u32 ip4_rewrite_idx; - /* node index of "ip6-rewrite" node */ - u32 ip6_rewrite_idx; - /* node index of "ip4-midchain" node */ - u32 ip4_midchain_idx; - /* node index of "ip6-midchain" node */ - u32 ip6_midchain_idx; /* log class */ vlib_log_class_t log_class; /* number of active udp4 sessions */ u32 udp4_sessions_count; + u32 udp4_sessions_count_stat_seg_entry; /* number of active udp6 sessions */ u32 udp6_sessions_count; + u32 udp6_sessions_count_stat_seg_entry; } bfd_udp_main_t; static vlib_node_registration_t bfd_udp4_input_node; @@ -79,6 +79,14 @@ static vlib_node_registration_t bfd_udp_echo6_input_node; bfd_udp_main_t bfd_udp_main; +void +bfd_udp_update_stat_segment_entry (u32 entry, u64 value) +{ + vlib_stats_segment_lock (); + vlib_stats_set_gauge (entry, value); + vlib_stats_segment_unlock (); +} + vnet_api_error_t bfd_udp_set_echo_source (u32 sw_if_index) { @@ -94,7 +102,7 @@ bfd_udp_set_echo_source (u32 sw_if_index) } vnet_api_error_t -bfd_udp_del_echo_source (u32 sw_if_index) +bfd_udp_del_echo_source () { bfd_udp_main.echo_source_sw_if_index = ~0; bfd_udp_main.echo_source_is_set = 0; @@ -123,7 +131,6 @@ bfd_udp_is_echo_available (bfd_transport_e transport) { ip4_main_t *im = &ip4_main; ip_interface_address_t *ia = NULL; - /* *INDENT-OFF* */ foreach_ip_interface_address (&im->lookup_main, ia, bfd_udp_main.echo_source_sw_if_index, 0 /* honor unnumbered */, ({ @@ -132,13 +139,11 @@ bfd_udp_is_echo_available (bfd_transport_e transport) return 1; } })); - /* *INDENT-ON* */ } else if (BFD_TRANSPORT_UDP6 == transport) { ip6_main_t *im = &ip6_main; ip_interface_address_t *ia = NULL; - /* *INDENT-OFF* */ foreach_ip_interface_address (&im->lookup_main, ia, bfd_udp_main.echo_source_sw_if_index, 0 /* honor unnumbered */, ({ @@ -147,7 +152,6 @@ bfd_udp_is_echo_available (bfd_transport_e transport) return 1; } })); - /* *INDENT-ON* */ } } BFD_DBG ("No usable IP address for UDP echo - echo not available"); @@ -179,7 +183,6 @@ bfd_udp_get_echo_src_ip4 (ip4_address_t * addr) ip_interface_address_t *ia = NULL; ip4_main_t *im = &ip4_main; - /* *INDENT-OFF* */ foreach_ip_interface_address ( &im->lookup_main, ia, bfd_udp_main.echo_source_sw_if_index, 0 /* honor unnumbered */, ({ @@ -197,7 +200,6 @@ bfd_udp_get_echo_src_ip4 (ip4_address_t * addr) return 1; } })); - /* *INDENT-ON* */ BFD_ERR ("cannot find ip4 address, no usable address found"); return 0; } @@ -213,7 +215,6 @@ bfd_udp_get_echo_src_ip6 (ip6_address_t * addr) ip_interface_address_t *ia = NULL; ip6_main_t *im = &ip6_main; - /* *INDENT-OFF* */ foreach_ip_interface_address ( &im->lookup_main, ia, bfd_udp_main.echo_source_sw_if_index, 0 /* honor unnumbered */, ({ @@ -226,7 +227,6 @@ bfd_udp_get_echo_src_ip6 (ip6_address_t * addr) return 1; } })); - /* *INDENT-ON* */ BFD_ERR ("cannot find ip6 address, no usable address found"); return 0; } @@ -372,13 +372,25 @@ bfd_add_udp6_transport (vlib_main_t * vm, u32 bi, const bfd_session_t * bs, } static void -bfd_create_frame_to_next_node (vlib_main_t * vm, u32 bi, u32 next_node) +bfd_create_frame_to_next_node (vlib_main_t *vm, vlib_node_runtime_t *rt, + u32 bi, const bfd_session_t *bs, u32 next, + vlib_combined_counter_main_t *tx_counter) { - vlib_frame_t *f = vlib_get_frame_to_node (vm, next_node); + vlib_buffer_t *b = vlib_get_buffer (vm, bi); + vlib_node_t *from_node = vlib_get_node (vm, rt->node_index); + ASSERT (next < vec_len (from_node->next_nodes)); + u32 to_node_index = from_node->next_nodes[next]; + vlib_frame_t *f = vlib_get_frame_to_node (vm, to_node_index); u32 *to_next = vlib_frame_vector_args (f); to_next[0] = bi; f->n_vectors = 1; - vlib_put_frame_to_node (vm, next_node, f); + if (b->flags & VLIB_BUFFER_IS_TRACED) + { + f->frame_flags |= VLIB_NODE_FLAG_TRACE; + } + vlib_put_frame_to_node (vm, to_node_index, f); + vlib_increment_combined_counter (tx_counter, vm->thread_index, bs->bs_idx, 1, + vlib_buffer_length_in_chain (vm, b)); } int @@ -398,10 +410,10 @@ bfd_udp_calc_next_node (const struct bfd_session_s *bs, u32 * next_node) switch (bs->transport) { case BFD_TRANSPORT_UDP4: - *next_node = bfd_udp_main.ip4_arp_idx; + *next_node = BFD_TX_IP4_ARP; return 1; case BFD_TRANSPORT_UDP6: - *next_node = bfd_udp_main.ip6_ndp_idx; + *next_node = BFD_TX_IP6_NDP; return 1; } break; @@ -409,10 +421,10 @@ bfd_udp_calc_next_node (const struct bfd_session_s *bs, u32 * next_node) switch (bs->transport) { case BFD_TRANSPORT_UDP4: - *next_node = bfd_udp_main.ip4_rewrite_idx; + *next_node = BFD_TX_IP4_REWRITE; return 1; case BFD_TRANSPORT_UDP6: - *next_node = bfd_udp_main.ip6_rewrite_idx; + *next_node = BFD_TX_IP6_REWRITE; return 1; } break; @@ -420,10 +432,10 @@ bfd_udp_calc_next_node (const struct bfd_session_s *bs, u32 * next_node) switch (bs->transport) { case BFD_TRANSPORT_UDP4: - *next_node = bfd_udp_main.ip4_midchain_idx; + *next_node = BFD_TX_IP4_MIDCHAIN; return 1; case BFD_TRANSPORT_UDP6: - *next_node = bfd_udp_main.ip6_midchain_idx; + *next_node = BFD_TX_IP6_MIDCHAIN; return 1; } break; @@ -435,27 +447,35 @@ bfd_udp_calc_next_node (const struct bfd_session_s *bs, u32 * next_node) } int -bfd_transport_udp4 (vlib_main_t * vm, u32 bi, const struct bfd_session_s *bs) +bfd_transport_udp4 (vlib_main_t *vm, vlib_node_runtime_t *rt, u32 bi, + const struct bfd_session_s *bs, int is_echo) { u32 next_node; int rv = bfd_udp_calc_next_node (bs, &next_node); + bfd_main_t *bm = bfd_udp_main.bfd_main; if (rv) { - bfd_create_frame_to_next_node (vm, bi, next_node); + bfd_create_frame_to_next_node (vm, rt, bi, bs, next_node, + is_echo ? &bm->tx_echo_counter : + &bm->tx_counter); } return rv; } int -bfd_transport_udp6 (vlib_main_t * vm, u32 bi, const struct bfd_session_s *bs) +bfd_transport_udp6 (vlib_main_t *vm, vlib_node_runtime_t *rt, u32 bi, + const struct bfd_session_s *bs, int is_echo) { u32 next_node; int rv = bfd_udp_calc_next_node (bs, &next_node); + bfd_main_t *bm = bfd_udp_main.bfd_main; if (rv) { - bfd_create_frame_to_next_node (vm, bi, next_node); + bfd_create_frame_to_next_node (vm, rt, bi, bs, next_node, + is_echo ? &bm->tx_echo_counter : + &bm->tx_counter); } - return 1; + return rv; } static bfd_session_t * @@ -503,6 +523,7 @@ bfd_udp_add_session_internal (vlib_main_t * vm, bfd_udp_main_t * bum, } bfd_udp_session_t *bus = &bs->udp; clib_memset (bus, 0, sizeof (*bus)); + bus->adj_index = ADJ_INDEX_INVALID; bfd_udp_key_t *key = &bus->key; bfd_udp_key_init (key, sw_if_index, local_addr, peer_addr); const bfd_session_t *tmp = bfd_lookup_session (bum, key); @@ -521,15 +542,21 @@ bfd_udp_add_session_internal (vlib_main_t * vm, bfd_udp_main_t * bum, &key->peer_addr, IP46_TYPE_ANY); vlib_log_info (bum->log_class, "create BFD session: %U", format_bfd_session, bs); + const ip46_address_t *peer = + (vnet_sw_interface_is_p2p (vnet_get_main (), key->sw_if_index) ? + &zero_addr : + &key->peer_addr); if (BFD_TRANSPORT_UDP4 == t) { bus->adj_index = adj_nbr_add_or_lock (FIB_PROTOCOL_IP4, VNET_LINK_IP4, - &key->peer_addr, - key->sw_if_index); + peer, key->sw_if_index); BFD_DBG ("adj_nbr_add_or_lock(FIB_PROTOCOL_IP4, VNET_LINK_IP4, %U, %d) " - "returns %d", format_ip46_address, &key->peer_addr, - IP46_TYPE_ANY, key->sw_if_index, bus->adj_index); + "returns %d", + format_ip46_address, peer, IP46_TYPE_ANY, key->sw_if_index, + bus->adj_index); ++bum->udp4_sessions_count; + bfd_udp_update_stat_segment_entry ( + bum->udp4_sessions_count_stat_seg_entry, bum->udp4_sessions_count); if (1 == bum->udp4_sessions_count) { udp_register_dst_port (vm, UDP_DST_PORT_bfd4, @@ -541,12 +568,14 @@ bfd_udp_add_session_internal (vlib_main_t * vm, bfd_udp_main_t * bum, else { bus->adj_index = adj_nbr_add_or_lock (FIB_PROTOCOL_IP6, VNET_LINK_IP6, - &key->peer_addr, - key->sw_if_index); + peer, key->sw_if_index); BFD_DBG ("adj_nbr_add_or_lock(FIB_PROTOCOL_IP6, VNET_LINK_IP6, %U, %d) " - "returns %d", format_ip46_address, &key->peer_addr, - IP46_TYPE_ANY, key->sw_if_index, bus->adj_index); + "returns %d", + format_ip46_address, peer, IP46_TYPE_ANY, key->sw_if_index, + bus->adj_index); ++bum->udp6_sessions_count; + bfd_udp_update_stat_segment_entry ( + bum->udp6_sessions_count_stat_seg_entry, bum->udp6_sessions_count); if (1 == bum->udp6_sessions_count) { udp_register_dst_port (vm, UDP_DST_PORT_bfd6, @@ -568,8 +597,6 @@ bfd_udp_validate_api_input (u32 sw_if_index, bfd_udp_main_t *bum = &bfd_udp_main; vnet_sw_interface_t *sw_if = vnet_get_sw_interface_or_null (bfd_udp_main.vnet_main, sw_if_index); - u8 local_ip_valid = 0; - ip_interface_address_t *ia = NULL; if (!sw_if) { vlib_log_err (bum->log_class, @@ -585,21 +612,6 @@ bfd_udp_validate_api_input (u32 sw_if_index, "IP family mismatch (local is ipv4, peer is ipv6)"); return VNET_API_ERROR_INVALID_ARGUMENT; } - ip4_main_t *im = &ip4_main; - - /* *INDENT-OFF* */ - foreach_ip_interface_address ( - &im->lookup_main, ia, sw_if_index, 0 /* honor unnumbered */, ({ - ip4_address_t *x = - ip_interface_address_get_address (&im->lookup_main, ia); - if (x->as_u32 == local_addr->ip4.as_u32) - { - /* valid address for this interface */ - local_ip_valid = 1; - break; - } - })); - /* *INDENT-ON* */ } else { @@ -609,44 +621,6 @@ bfd_udp_validate_api_input (u32 sw_if_index, "IP family mismatch (local is ipv6, peer is ipv4)"); return VNET_API_ERROR_INVALID_ARGUMENT; } - - if (ip6_address_is_link_local_unicast (&local_addr->ip6)) - { - const ip6_address_t *ll_addr; - ll_addr = ip6_get_link_local_address (sw_if_index); - if (ip6_address_is_equal (ll_addr, &local_addr->ip6)) - { - /* valid address for this interface */ - local_ip_valid = 1; - } - } - else - { - ip6_main_t *im = &ip6_main; - /* *INDENT-OFF* */ - foreach_ip_interface_address ( - &im->lookup_main, ia, sw_if_index, 0 /* honor unnumbered */, ({ - ip6_address_t *x = - ip_interface_address_get_address (&im->lookup_main, ia); - if (local_addr->ip6.as_u64[0] == x->as_u64[0] && - local_addr->ip6.as_u64[1] == x->as_u64[1]) - { - /* valid address for this interface */ - local_ip_valid = 1; - break; - } - })); - /* *INDENT-ON* */ - } - } - - if (!local_ip_valid) - { - vlib_log_err (bum->log_class, - "local address %U not found on interface with index %u", - format_ip46_address, local_addr, IP46_TYPE_ANY, - sw_if_index); - return VNET_API_ERROR_ADDRESS_NOT_FOUND_FOR_INTERFACE; } return 0; @@ -685,9 +659,8 @@ bfd_udp_find_session_by_api_input (u32 sw_if_index, static vnet_api_error_t bfd_api_verify_common (u32 sw_if_index, u32 desired_min_tx_usec, - u32 required_min_rx_usec, u8 detect_mult, - const ip46_address_t * local_addr, - const ip46_address_t * peer_addr) + u8 detect_mult, const ip46_address_t *local_addr, + const ip46_address_t *peer_addr) { bfd_udp_main_t *bum = &bfd_udp_main; vnet_api_error_t rv = @@ -714,12 +687,15 @@ bfd_udp_del_session_internal (vlib_main_t * vm, bfd_session_t * bs) { bfd_udp_main_t *bum = &bfd_udp_main; BFD_DBG ("free bfd-udp session, bs_idx=%d", bs->bs_idx); + bfd_session_stop (bum->bfd_main, bs); mhash_unset (&bum->bfd_session_idx_by_bfd_key, &bs->udp.key, NULL); adj_unlock (bs->udp.adj_index); switch (bs->transport) { case BFD_TRANSPORT_UDP4: --bum->udp4_sessions_count; + bfd_udp_update_stat_segment_entry ( + bum->udp4_sessions_count_stat_seg_entry, bum->udp4_sessions_count); if (!bum->udp4_sessions_count) { udp_unregister_dst_port (vm, UDP_DST_PORT_bfd4, 1); @@ -728,6 +704,8 @@ bfd_udp_del_session_internal (vlib_main_t * vm, bfd_session_t * bs) break; case BFD_TRANSPORT_UDP6: --bum->udp6_sessions_count; + bfd_udp_update_stat_segment_entry ( + bum->udp6_sessions_count_stat_seg_entry, bum->udp6_sessions_count); if (!bum->udp6_sessions_count) { udp_unregister_dst_port (vm, UDP_DST_PORT_bfd6, 0); @@ -738,33 +716,26 @@ bfd_udp_del_session_internal (vlib_main_t * vm, bfd_session_t * bs) bfd_put_session (bum->bfd_main, bs); } -vnet_api_error_t -bfd_udp_add_session (u32 sw_if_index, const ip46_address_t * local_addr, - const ip46_address_t * peer_addr, - u32 desired_min_tx_usec, u32 required_min_rx_usec, - u8 detect_mult, u8 is_authenticated, u32 conf_key_id, - u8 bfd_key_id) +static vnet_api_error_t +bfd_udp_add_and_start_session (u32 sw_if_index, + const ip46_address_t *local_addr, + const ip46_address_t *peer_addr, + u32 desired_min_tx_usec, + u32 required_min_rx_usec, u8 detect_mult, + u8 is_authenticated, u32 conf_key_id, + u8 bfd_key_id) { - bfd_main_t *bm = &bfd_main; - bfd_lock (bm); - - vnet_api_error_t rv = - bfd_api_verify_common (sw_if_index, desired_min_tx_usec, - required_min_rx_usec, detect_mult, - local_addr, peer_addr); bfd_session_t *bs = NULL; - if (!rv) - { - rv = - bfd_udp_add_session_internal (vlib_get_main (), &bfd_udp_main, - sw_if_index, desired_min_tx_usec, - required_min_rx_usec, detect_mult, - local_addr, peer_addr, &bs); - } + vnet_api_error_t rv; + + rv = bfd_udp_add_session_internal ( + vlib_get_main (), &bfd_udp_main, sw_if_index, desired_min_tx_usec, + required_min_rx_usec, detect_mult, local_addr, peer_addr, &bs); + if (!rv && is_authenticated) { rv = bfd_auth_activate (bs, conf_key_id, bfd_key_id, - 0 /* is not delayed */ ); + 0 /* is not delayed */); if (rv) { bfd_udp_del_session_internal (vlib_get_main (), bs); @@ -775,15 +746,67 @@ bfd_udp_add_session (u32 sw_if_index, const ip46_address_t * local_addr, bfd_session_start (bfd_udp_main.bfd_main, bs); } - bfd_unlock (bm); return rv; } vnet_api_error_t -bfd_udp_mod_session (u32 sw_if_index, - const ip46_address_t * local_addr, +bfd_udp_add_session (u32 sw_if_index, const ip46_address_t * local_addr, const ip46_address_t * peer_addr, - u32 desired_min_tx_usec, + u32 desired_min_tx_usec, u32 required_min_rx_usec, + u8 detect_mult, u8 is_authenticated, u32 conf_key_id, + u8 bfd_key_id) +{ + bfd_main_t *bm = &bfd_main; + bfd_lock (bm); + + vnet_api_error_t rv = bfd_api_verify_common ( + sw_if_index, desired_min_tx_usec, detect_mult, local_addr, peer_addr); + + if (!rv) + rv = bfd_udp_add_and_start_session ( + sw_if_index, local_addr, peer_addr, desired_min_tx_usec, + required_min_rx_usec, detect_mult, is_authenticated, conf_key_id, + bfd_key_id); + + bfd_unlock (bm); + return rv; +} + +vnet_api_error_t +bfd_udp_upd_session (u32 sw_if_index, const ip46_address_t *local_addr, + const ip46_address_t *peer_addr, u32 desired_min_tx_usec, + u32 required_min_rx_usec, u8 detect_mult, + u8 is_authenticated, u32 conf_key_id, u8 bfd_key_id) +{ + bfd_main_t *bm = &bfd_main; + bfd_lock (bm); + + vnet_api_error_t rv = bfd_api_verify_common ( + sw_if_index, desired_min_tx_usec, detect_mult, local_addr, peer_addr); + if (!rv) + { + bfd_session_t *bs = NULL; + + rv = bfd_udp_find_session_by_api_input (sw_if_index, local_addr, + peer_addr, &bs); + if (VNET_API_ERROR_BFD_ENOENT == rv) + rv = bfd_udp_add_and_start_session ( + sw_if_index, local_addr, peer_addr, desired_min_tx_usec, + required_min_rx_usec, detect_mult, is_authenticated, conf_key_id, + bfd_key_id); + else + rv = bfd_session_set_params (bfd_udp_main.bfd_main, bs, + desired_min_tx_usec, required_min_rx_usec, + detect_mult); + } + + bfd_unlock (bm); + return rv; +} + +vnet_api_error_t +bfd_udp_mod_session (u32 sw_if_index, const ip46_address_t *local_addr, + const ip46_address_t *peer_addr, u32 desired_min_tx_usec, u32 required_min_rx_usec, u8 detect_mult) { bfd_session_t *bs = NULL; @@ -903,29 +926,6 @@ typedef enum BFD_UDP_INPUT_N_NEXT, } bfd_udp_input_next_t; -/* Packet counters - BFD control frames */ -#define foreach_bfd_udp_error(F) \ - F (NONE, "good bfd packets (processed)") \ - F (BAD, "invalid bfd packets") - -#define F(sym, string) static char BFD_UDP_ERR_##sym##_STR[] = string; -foreach_bfd_udp_error (F); -#undef F - -static char *bfd_udp_error_strings[] = { -#define F(sym, string) BFD_UDP_ERR_##sym##_STR, - foreach_bfd_udp_error (F) -#undef F -}; - -typedef enum -{ -#define F(sym, str) BFD_UDP_ERROR_##sym, - foreach_bfd_udp_error (F) -#undef F - BFD_UDP_N_ERROR, -} bfd_udp_error_t; - typedef enum { BFD_UDP_ECHO_INPUT_NEXT_NORMAL, @@ -934,28 +934,12 @@ typedef enum BFD_UDP_ECHO_INPUT_N_NEXT, } bfd_udp_echo_input_next_t; -/* Packet counters - BFD ECHO packets */ -#define foreach_bfd_udp_echo_error(F) \ - F (NONE, "good bfd echo packets (processed)") \ - F (BAD, "invalid bfd echo packets") - -#define F(sym, string) static char BFD_UDP_ECHO_ERR_##sym##_STR[] = string; -foreach_bfd_udp_echo_error (F); -#undef F - -static char *bfd_udp_echo_error_strings[] = { -#define F(sym, string) BFD_UDP_ECHO_ERR_##sym##_STR, - foreach_bfd_udp_echo_error (F) -#undef F -}; - -typedef enum +static_always_inline vl_counter_bfd_udp_enum_t +bfd_error_to_udp (bfd_error_t e) { -#define F(sym, str) BFD_UDP_ECHO_ERROR_##sym, - foreach_bfd_udp_echo_error (F) -#undef F - BFD_UDP_ECHO_N_ERROR, -} bfd_udp_echo_error_t; + /* The UDP error is a super set of the proto independent errors */ + return ((vl_counter_bfd_udp_enum_t) e); +} static void bfd_udp4_find_headers (vlib_buffer_t * b, ip4_header_t ** ip4, @@ -963,7 +947,7 @@ bfd_udp4_find_headers (vlib_buffer_t * b, ip4_header_t ** ip4, { /* sanity check first */ const i32 start = vnet_buffer (b)->l3_hdr_offset; - if (start < 0 && start < sizeof (b->pre_data)) + if (start < -(signed) sizeof (b->pre_data)) { BFD_ERR ("Start of ip header is before pre_data, ignoring"); *ip4 = NULL; @@ -981,9 +965,9 @@ bfd_udp4_find_headers (vlib_buffer_t * b, ip4_header_t ** ip4, *udp = (udp_header_t *) ((*ip4) + 1); } -static bfd_udp_error_t -bfd_udp4_verify_transport (const ip4_header_t * ip4, - const udp_header_t * udp, const bfd_session_t * bs) +static vl_counter_bfd_udp_enum_t +bfd_udp4_verify_transport (const ip4_header_t *ip4, const udp_header_t *udp, + const bfd_session_t *bs) { const bfd_udp_session_t *bus = &bs->udp; const bfd_udp_key_t *key = &bus->key; @@ -992,21 +976,21 @@ bfd_udp4_verify_transport (const ip4_header_t * ip4, BFD_ERR ("IPv4 src addr mismatch, got %U, expected %U", format_ip4_address, ip4->src_address.as_u8, format_ip4_address, key->peer_addr.ip4.as_u8); - return BFD_UDP_ERROR_BAD; + return BFD_UDP_ERROR_SRC_MISMATCH; } if (ip4->dst_address.as_u32 != key->local_addr.ip4.as_u32) { BFD_ERR ("IPv4 dst addr mismatch, got %U, expected %U", format_ip4_address, ip4->dst_address.as_u8, format_ip4_address, key->local_addr.ip4.as_u8); - return BFD_UDP_ERROR_BAD; + return BFD_UDP_ERROR_DST_MISMATCH; } const u8 expected_ttl = 255; if (ip4->ttl != expected_ttl) { BFD_ERR ("IPv4 unexpected TTL value %u, expected %u", ip4->ttl, expected_ttl); - return BFD_UDP_ERROR_BAD; + return BFD_UDP_ERROR_TTL; } if (clib_net_to_host_u16 (udp->src_port) < 49152) { @@ -1022,18 +1006,20 @@ typedef struct bfd_pkt_t pkt; } bfd_rpc_update_t; -static void -bfd_rpc_update_session (vlib_main_t * vm, u32 bs_idx, const bfd_pkt_t * pkt) +static bfd_error_t +bfd_rpc_update_session (vlib_main_t *vm, u32 bs_idx, const bfd_pkt_t *pkt) { bfd_main_t *bm = &bfd_main; + bfd_error_t err; bfd_lock (bm); - bfd_consume_pkt (vm, bm, pkt, bs_idx); + err = bfd_consume_pkt (vm, bm, pkt, bs_idx); bfd_unlock (bm); + + return err; } -static bfd_udp_error_t -bfd_udp4_scan (vlib_main_t * vm, vlib_node_runtime_t * rt, - vlib_buffer_t * b, bfd_session_t ** bs_out) +static vl_counter_bfd_udp_enum_t +bfd_udp4_scan (vlib_main_t *vm, vlib_buffer_t *b, bfd_session_t **bs_out) { const bfd_pkt_t *pkt = vlib_buffer_get_current (b); if (sizeof (*pkt) > b->current_length) @@ -1057,11 +1043,13 @@ bfd_udp4_scan (vlib_main_t * vm, vlib_node_runtime_t * rt, BFD_ERR ("BFD packet length is larger than udp payload length (%u > %u)", pkt->head.length, udp_payload_length); - return BFD_UDP_ERROR_BAD; + return BFD_UDP_ERROR_LENGTH; } - if (!bfd_verify_pkt_common (pkt)) + vl_counter_bfd_udp_enum_t err; + if (BFD_UDP_ERROR_NONE != + (err = bfd_error_to_udp (bfd_verify_pkt_common (pkt)))) { - return BFD_UDP_ERROR_BAD; + return err; } bfd_session_t *bs = NULL; if (pkt->your_disc) @@ -1086,22 +1074,21 @@ bfd_udp4_scan (vlib_main_t * vm, vlib_node_runtime_t * rt, if (!bs) { BFD_ERR ("BFD session lookup failed - no session matches BFD pkt"); - return BFD_UDP_ERROR_BAD; + return BFD_UDP_ERROR_NO_SESSION; } BFD_DBG ("BFD session found, bs_idx=%u", bs->bs_idx); if (!bfd_verify_pkt_auth (vm, pkt, b->current_length, bs)) { BFD_ERR ("Packet verification failed, dropping packet"); - return BFD_UDP_ERROR_BAD; + return BFD_UDP_ERROR_FAILED_VERIFICATION; } - bfd_udp_error_t err; if (BFD_UDP_ERROR_NONE != (err = bfd_udp4_verify_transport (ip4, udp, bs))) { return err; } - bfd_rpc_update_session (vm, bs->bs_idx, pkt); + err = bfd_error_to_udp (bfd_rpc_update_session (vm, bs->bs_idx, pkt)); *bs_out = bs; - return BFD_UDP_ERROR_NONE; + return err; } static void @@ -1110,7 +1097,7 @@ bfd_udp6_find_headers (vlib_buffer_t * b, ip6_header_t ** ip6, { /* sanity check first */ const i32 start = vnet_buffer (b)->l3_hdr_offset; - if (start < 0 && start < sizeof (b->pre_data)) + if (start < -(signed) sizeof (b->pre_data)) { BFD_ERR ("Start of ip header is before pre_data, ignoring"); *ip6 = NULL; @@ -1136,9 +1123,9 @@ bfd_udp6_find_headers (vlib_buffer_t * b, ip6_header_t ** ip6, *udp = (udp_header_t *) ((*ip6) + 1); } -static bfd_udp_error_t -bfd_udp6_verify_transport (const ip6_header_t * ip6, - const udp_header_t * udp, const bfd_session_t * bs) +static vl_counter_bfd_udp_enum_t +bfd_udp6_verify_transport (const ip6_header_t *ip6, const udp_header_t *udp, + const bfd_session_t *bs) { const bfd_udp_session_t *bus = &bs->udp; const bfd_udp_key_t *key = &bus->key; @@ -1148,7 +1135,7 @@ bfd_udp6_verify_transport (const ip6_header_t * ip6, BFD_ERR ("IP src addr mismatch, got %U, expected %U", format_ip6_address, ip6, format_ip6_address, &key->peer_addr.ip6); - return BFD_UDP_ERROR_BAD; + return BFD_UDP_ERROR_SRC_MISMATCH; } if (ip6->dst_address.as_u64[0] != key->local_addr.ip6.as_u64[0] && ip6->dst_address.as_u64[1] != key->local_addr.ip6.as_u64[1]) @@ -1156,14 +1143,14 @@ bfd_udp6_verify_transport (const ip6_header_t * ip6, BFD_ERR ("IP dst addr mismatch, got %U, expected %U", format_ip6_address, ip6, format_ip6_address, &key->local_addr.ip6); - return BFD_UDP_ERROR_BAD; + return BFD_UDP_ERROR_DST_MISMATCH; } const u8 expected_hop_limit = 255; if (ip6->hop_limit != expected_hop_limit) { BFD_ERR ("IPv6 unexpected hop-limit value %u, expected %u", ip6->hop_limit, expected_hop_limit); - return BFD_UDP_ERROR_BAD; + return BFD_UDP_ERROR_TTL; } if (clib_net_to_host_u16 (udp->src_port) < 49152) { @@ -1173,9 +1160,8 @@ bfd_udp6_verify_transport (const ip6_header_t * ip6, return BFD_UDP_ERROR_NONE; } -static bfd_udp_error_t -bfd_udp6_scan (vlib_main_t * vm, vlib_node_runtime_t * rt, - vlib_buffer_t * b, bfd_session_t ** bs_out) +static vl_counter_bfd_udp_enum_t +bfd_udp6_scan (vlib_main_t *vm, vlib_buffer_t *b, bfd_session_t **bs_out) { const bfd_pkt_t *pkt = vlib_buffer_get_current (b); if (sizeof (*pkt) > b->current_length) @@ -1201,9 +1187,11 @@ bfd_udp6_scan (vlib_main_t * vm, vlib_node_runtime_t * rt, pkt->head.length, udp_payload_length); return BFD_UDP_ERROR_BAD; } - if (!bfd_verify_pkt_common (pkt)) + vl_counter_bfd_udp_enum_t err; + if (BFD_UDP_ERROR_NONE != + (err = bfd_error_to_udp (bfd_verify_pkt_common (pkt)))) { - return BFD_UDP_ERROR_BAD; + return err; } bfd_session_t *bs = NULL; if (pkt->your_disc) @@ -1230,22 +1218,21 @@ bfd_udp6_scan (vlib_main_t * vm, vlib_node_runtime_t * rt, if (!bs) { BFD_ERR ("BFD session lookup failed - no session matches BFD pkt"); - return BFD_UDP_ERROR_BAD; + return BFD_UDP_ERROR_NO_SESSION; } BFD_DBG ("BFD session found, bs_idx=%u", bs->bs_idx); if (!bfd_verify_pkt_auth (vm, pkt, b->current_length, bs)) { BFD_ERR ("Packet verification failed, dropping packet"); - return BFD_UDP_ERROR_BAD; + return BFD_UDP_ERROR_FAILED_VERIFICATION; } - bfd_udp_error_t err; if (BFD_UDP_ERROR_NONE != (err = bfd_udp6_verify_transport (ip6, udp, bs))) { return err; } - bfd_rpc_update_session (vm, bs->bs_idx, pkt); + err = bfd_error_to_udp (bfd_rpc_update_session (vm, bs->bs_idx, pkt)); *bs_out = bs; - return BFD_UDP_ERROR_NONE; + return err; } /* @@ -1277,7 +1264,7 @@ bfd_udp_input (vlib_main_t * vm, vlib_node_runtime_t * rt, /* If this pkt is traced, snapshot the data */ if (b0->flags & VLIB_BUFFER_IS_TRACED) { - int len; + u64 len; t0 = vlib_add_trace (vm, rt, b0, sizeof (*t0)); len = (b0->current_length < sizeof (t0->data)) ? b0->current_length : sizeof (t0->data); @@ -1289,17 +1276,20 @@ bfd_udp_input (vlib_main_t * vm, vlib_node_runtime_t * rt, bfd_lock (bm); if (is_ipv6) { - error0 = bfd_udp6_scan (vm, rt, b0, &bs); + error0 = bfd_udp6_scan (vm, b0, &bs); } else { - error0 = bfd_udp4_scan (vm, rt, b0, &bs); + error0 = bfd_udp4_scan (vm, b0, &bs); } b0->error = rt->errors[error0]; next0 = BFD_UDP_INPUT_NEXT_NORMAL; if (BFD_UDP_ERROR_NONE == error0) { + vlib_increment_combined_counter ( + &bm->rx_counter, vm->thread_index, bs->bs_idx, 1, + vlib_buffer_length_in_chain (vm, b0)); /* * if everything went fine, check for poll bit, if present, re-use * the buffer and based on (now updated) session parameters, send @@ -1310,17 +1300,16 @@ bfd_udp_input (vlib_main_t * vm, vlib_node_runtime_t * rt, { b0->current_data = 0; b0->current_length = 0; - bfd_init_final_control_frame (vm, b0, bfd_udp_main.bfd_main, bs, - 0); + bfd_init_final_control_frame (vm, b0, bs); if (is_ipv6) { vlib_node_increment_counter (vm, bfd_udp6_input_node.index, - b0->error, 1); + error0, 1); } else { vlib_node_increment_counter (vm, bfd_udp4_input_node.index, - b0->error, 1); + error0, 1); } const bfd_udp_session_t *bus = &bs->udp; ip_adjacency_t *adj = adj_get (bus->adj_index); @@ -1360,7 +1349,6 @@ bfd_udp4_input (vlib_main_t * vm, vlib_node_runtime_t * rt, vlib_frame_t * f) /* * bfd input graph node declaration */ -/* *INDENT-OFF* */ VLIB_REGISTER_NODE (bfd_udp4_input_node, static) = { .function = bfd_udp4_input, .name = "bfd-udp4-input", @@ -1368,7 +1356,7 @@ VLIB_REGISTER_NODE (bfd_udp4_input_node, static) = { .type = VLIB_NODE_TYPE_INTERNAL, .n_errors = BFD_UDP_N_ERROR, - .error_strings = bfd_udp_error_strings, + .error_counters = bfd_udp_error_counters, .format_trace = bfd_input_format_trace, @@ -1381,7 +1369,6 @@ VLIB_REGISTER_NODE (bfd_udp4_input_node, static) = { [BFD_UDP_INPUT_NEXT_REPLY_MIDCHAIN] = "ip4-midchain", }, }; -/* *INDENT-ON* */ static uword bfd_udp6_input (vlib_main_t * vm, vlib_node_runtime_t * rt, vlib_frame_t * f) @@ -1389,7 +1376,6 @@ bfd_udp6_input (vlib_main_t * vm, vlib_node_runtime_t * rt, vlib_frame_t * f) return bfd_udp_input (vm, rt, f, 1); } -/* *INDENT-OFF* */ VLIB_REGISTER_NODE (bfd_udp6_input_node, static) = { .function = bfd_udp6_input, .name = "bfd-udp6-input", @@ -1397,7 +1383,7 @@ VLIB_REGISTER_NODE (bfd_udp6_input_node, static) = { .type = VLIB_NODE_TYPE_INTERNAL, .n_errors = BFD_UDP_N_ERROR, - .error_strings = bfd_udp_error_strings, + .error_counters = bfd_udp_error_counters, .format_trace = bfd_input_format_trace, @@ -1410,7 +1396,6 @@ VLIB_REGISTER_NODE (bfd_udp6_input_node, static) = { [BFD_UDP_INPUT_NEXT_REPLY_MIDCHAIN] = "ip6-midchain", }, }; -/* *INDENT-ON* */ /* * Process a frame of bfd echo packets @@ -1439,7 +1424,7 @@ bfd_udp_echo_input (vlib_main_t * vm, vlib_node_runtime_t * rt, /* If this pkt is traced, snapshot the data */ if (b0->flags & VLIB_BUFFER_IS_TRACED) { - int len; + u64 len; t0 = vlib_add_trace (vm, rt, b0, sizeof (*t0)); len = (b0->current_length < sizeof (t0->data)) ? b0->current_length : sizeof (t0->data); @@ -1447,8 +1432,9 @@ bfd_udp_echo_input (vlib_main_t * vm, vlib_node_runtime_t * rt, clib_memcpy_fast (t0->data, vlib_buffer_get_current (b0), len); } + bfd_session_t *bs = NULL; bfd_lock (bm); - if (bfd_consume_echo_pkt (vm, bfd_udp_main.bfd_main, b0)) + if ((bs = bfd_consume_echo_pkt (vm, bfd_udp_main.bfd_main, b0))) { b0->error = rt->errors[BFD_UDP_ERROR_NONE]; next0 = BFD_UDP_ECHO_INPUT_NEXT_NORMAL; @@ -1460,17 +1446,25 @@ bfd_udp_echo_input (vlib_main_t * vm, vlib_node_runtime_t * rt, if (is_ipv6) { vlib_node_increment_counter (vm, bfd_udp_echo6_input_node.index, - b0->error, 1); + BFD_UDP_ERROR_NONE, 1); } else { vlib_node_increment_counter (vm, bfd_udp_echo4_input_node.index, - b0->error, 1); + BFD_UDP_ERROR_NONE, 1); } next0 = BFD_UDP_ECHO_INPUT_NEXT_REPLY_REWRITE; } bfd_unlock (bm); + + if (bs) + { + vlib_increment_combined_counter ( + &bm->rx_echo_counter, vm->thread_index, bs->bs_idx, 1, + vlib_buffer_length_in_chain (vm, b0)); + } + vlib_set_next_frame_buffer (vm, rt, next0, bi0); from += 1; @@ -1506,15 +1500,14 @@ bfd_echo_input_format_trace (u8 * s, va_list * args) /* * bfd input graph node declaration */ -/* *INDENT-OFF* */ VLIB_REGISTER_NODE (bfd_udp_echo4_input_node, static) = { .function = bfd_udp_echo4_input, .name = "bfd-udp-echo4-input", .vector_size = sizeof (u32), .type = VLIB_NODE_TYPE_INTERNAL, - .n_errors = BFD_UDP_ECHO_N_ERROR, - .error_strings = bfd_udp_error_strings, + .n_errors = BFD_UDP_N_ERROR, + .error_counters = bfd_udp_error_counters, .format_trace = bfd_echo_input_format_trace, @@ -1526,7 +1519,6 @@ VLIB_REGISTER_NODE (bfd_udp_echo4_input_node, static) = { [BFD_UDP_ECHO_INPUT_NEXT_REPLY_REWRITE] = "ip4-lookup", }, }; -/* *INDENT-ON* */ static uword bfd_udp_echo6_input (vlib_main_t * vm, vlib_node_runtime_t * rt, @@ -1535,15 +1527,14 @@ bfd_udp_echo6_input (vlib_main_t * vm, vlib_node_runtime_t * rt, return bfd_udp_echo_input (vm, rt, f, 1); } -/* *INDENT-OFF* */ VLIB_REGISTER_NODE (bfd_udp_echo6_input_node, static) = { .function = bfd_udp_echo6_input, .name = "bfd-udp-echo6-input", .vector_size = sizeof (u32), .type = VLIB_NODE_TYPE_INTERNAL, - .n_errors = BFD_UDP_ECHO_N_ERROR, - .error_strings = bfd_udp_echo_error_strings, + .n_errors = BFD_UDP_N_ERROR, + .error_counters = bfd_udp_error_counters, .format_trace = bfd_echo_input_format_trace, @@ -1556,46 +1547,73 @@ VLIB_REGISTER_NODE (bfd_udp_echo6_input_node, static) = { }, }; -/* *INDENT-ON* */ static clib_error_t * -bfd_udp_sw_if_add_del (vnet_main_t * vnm, u32 sw_if_index, u32 is_create) +bfd_udp_sw_if_add_del (CLIB_UNUSED (vnet_main_t *vnm), u32 sw_if_index, + u32 is_create) { - bfd_session_t **to_be_freed = NULL; + u32 *to_be_freed = NULL; bfd_udp_main_t *bum = &bfd_udp_main; BFD_DBG ("sw_if_add_del called, sw_if_index=%u, is_create=%u", sw_if_index, is_create); if (!is_create) { bfd_session_t *bs; - pool_foreach (bs, bfd_udp_main.bfd_main->sessions) - { - if (bs->transport != BFD_TRANSPORT_UDP4 && - bs->transport != BFD_TRANSPORT_UDP6) - { - continue; - } - if (bs->udp.key.sw_if_index != sw_if_index) - { - continue; - } - vec_add1 (to_be_freed, bs); - } - } - bfd_session_t **bs; - vec_foreach (bs, to_be_freed) - { - vlib_log_notice (bum->log_class, - "removal of sw_if_index=%u forces removal of bfd session " - "with bs_idx=%u", sw_if_index, (*bs)->bs_idx); - bfd_session_set_flags (vlib_get_main (), *bs, 0); - bfd_udp_del_session_internal (vlib_get_main (), *bs); - } + pool_foreach (bs, bum->bfd_main->sessions) + { + if (bs->transport != BFD_TRANSPORT_UDP4 && + bs->transport != BFD_TRANSPORT_UDP6) + { + continue; + } + if (bs->udp.key.sw_if_index != sw_if_index) + { + continue; + } + vec_add1 (to_be_freed, bs->bs_idx); + } + } + u32 *bs_idx; + vec_foreach (bs_idx, to_be_freed) + { + bfd_session_t *bs = pool_elt_at_index (bum->bfd_main->sessions, *bs_idx); + vlib_log_notice (bum->log_class, + "removal of sw_if_index=%u forces removal of bfd " + "session with bs_idx=%u", + sw_if_index, bs->bs_idx); + bfd_session_set_flags (vlib_get_main (), bs, 0); + bfd_udp_del_session_internal (vlib_get_main (), bs); + } return 0; } VNET_SW_INTERFACE_ADD_DEL_FUNCTION (bfd_udp_sw_if_add_del); +clib_error_t * +bfd_udp_stats_init (bfd_udp_main_t *bum) +{ + const char *name4 = "/bfd/udp4/sessions"; + bum->udp4_sessions_count_stat_seg_entry = vlib_stats_add_gauge ("%s", name4); + + vlib_stats_set_gauge (bum->udp4_sessions_count_stat_seg_entry, 0); + if (~0 == bum->udp4_sessions_count_stat_seg_entry) + { + return clib_error_return ( + 0, "Could not create stat segment entry for %s", name4); + } + const char *name6 = "/bfd/udp6/sessions"; + bum->udp6_sessions_count_stat_seg_entry = vlib_stats_add_gauge ("%s", name6); + + vlib_stats_set_gauge (bum->udp6_sessions_count_stat_seg_entry, 0); + if (~0 == bum->udp6_sessions_count_stat_seg_entry) + { + return clib_error_return ( + 0, "Could not create stat segment entry for %s", name6); + } + + return 0; +} + /* * setup function */ @@ -1608,24 +1626,7 @@ bfd_udp_init (vlib_main_t * vm) sizeof (bfd_udp_key_t)); bfd_udp_main.bfd_main = &bfd_main; bfd_udp_main.vnet_main = vnet_get_main (); - vlib_node_t *node = vlib_get_node_by_name (vm, (u8 *) "ip4-arp"); - ASSERT (node); - bfd_udp_main.ip4_arp_idx = node->index; - node = vlib_get_node_by_name (vm, (u8 *) "ip6-discover-neighbor"); - ASSERT (node); - bfd_udp_main.ip6_ndp_idx = node->index; - node = vlib_get_node_by_name (vm, (u8 *) "ip4-rewrite"); - ASSERT (node); - bfd_udp_main.ip4_rewrite_idx = node->index; - node = vlib_get_node_by_name (vm, (u8 *) "ip6-rewrite"); - ASSERT (node); - bfd_udp_main.ip6_rewrite_idx = node->index; - node = vlib_get_node_by_name (vm, (u8 *) "ip4-midchain"); - ASSERT (node); - bfd_udp_main.ip4_midchain_idx = node->index; - node = vlib_get_node_by_name (vm, (u8 *) "ip6-midchain"); - ASSERT (node); - bfd_udp_main.ip6_midchain_idx = node->index; + bfd_udp_stats_init (&bfd_udp_main); bfd_udp_main.log_class = vlib_log_register_class ("bfd", "udp"); vlib_log_debug (bfd_udp_main.log_class, "initialized"); |