diff options
Diffstat (limited to 'src/vnet/ipip')
| -rw-r--r-- | src/vnet/ipip/ipip.api | 5 | ||||
| -rw-r--r-- | src/vnet/ipip/ipip.h | 8 | ||||
| -rw-r--r-- | src/vnet/ipip/ipip_api.c | 54 | ||||
| -rw-r--r-- | src/vnet/ipip/ipip_cli.c | 81 | ||||
| -rw-r--r-- | src/vnet/ipip/sixrd.c | 47 |
5 files changed, 136 insertions, 59 deletions
diff --git a/src/vnet/ipip/ipip.api b/src/vnet/ipip/ipip.api index 95fc48a5962..5cad28f2814 100644 --- a/src/vnet/ipip/ipip.api +++ b/src/vnet/ipip/ipip.api @@ -61,7 +61,7 @@ define ipip_add_tunnel u32 instance; /* If non-~0, specifies a custom dev instance */ u8 src_address[16]; u8 dst_address[16]; - u32 fib_index; + u32 table_id; u8 tc_tos; /* If ~0, the TOS/TC value is copied from inner packet, otherwise set to value */ }; @@ -90,7 +90,8 @@ define ipip_6rd_add_tunnel { u32 client_index; u32 context; - u32 fib_index; + u32 ip6_table_id; + u32 ip4_table_id; u8 ip6_prefix[16]; u8 ip4_prefix[4]; u8 ip4_src[4]; diff --git a/src/vnet/ipip/ipip.h b/src/vnet/ipip/ipip.h index 28833df9755..93930aa3337 100644 --- a/src/vnet/ipip/ipip.h +++ b/src/vnet/ipip/ipip.h @@ -52,10 +52,10 @@ typedef enum typedef struct { - ipip_transport_t transport; - u32 fib_index; ip46_address_t src; ip46_address_t dst; + ipip_transport_t transport; + u32 fib_index; } __attribute__ ((packed)) ipip_tunnel_key_t; typedef enum @@ -100,6 +100,7 @@ typedef struct u8 ip4_prefix_len; u8 shift; bool security_check; + u32 ip6_fib_index; } sixrd; }; } ipip_tunnel_t; @@ -155,7 +156,8 @@ int ipip_del_tunnel (u32 sw_if_index); int sixrd_add_tunnel (ip6_address_t * ip6_prefix, u8 ip6_prefix_len, ip4_address_t * ip4_prefix, u8 ip4_prefix_len, ip4_address_t * ip4_src, bool security_check, - u32 fib_index, u32 * sw_if_index); + u32 ip4_fib_index, u32 ip6_fib_index, + u32 * sw_if_index); int sixrd_del_tunnel (u32 sw_if_index); void ipip_tunnel_db_add (ipip_tunnel_t * t, ipip_tunnel_key_t * key); void ipip_tunnel_db_remove (ipip_tunnel_t * t); diff --git a/src/vnet/ipip/ipip_api.c b/src/vnet/ipip/ipip_api.c index 455792ba133..b3fc0817a85 100644 --- a/src/vnet/ipip/ipip_api.c +++ b/src/vnet/ipip/ipip_api.c @@ -51,7 +51,7 @@ vl_api_ipip_add_tunnel_t_handler (vl_api_ipip_add_tunnel_t * mp) { vl_api_ipip_add_tunnel_reply_t *rmp; int rv = 0; - u32 sw_if_index = ~0; + u32 fib_index, sw_if_index = ~0; ip46_address_t src = ip46_address_initializer, dst = ip46_address_initializer; @@ -67,13 +67,27 @@ vl_api_ipip_add_tunnel_t_handler (vl_api_ipip_add_tunnel_t * mp) clib_memcpy (&dst.ip4, mp->dst_address, 4); } - rv = ipip_add_tunnel (mp->is_ipv6 ? IPIP_TRANSPORT_IP6 : IPIP_TRANSPORT_IP4, - ntohl (mp->instance), &src, &dst, - ntohl (mp->fib_index), mp->tc_tos, &sw_if_index); + fib_index = + fib_table_find (fib_ip_proto (mp->is_ipv6), ntohl (mp->table_id)); + + if (~0 == fib_index) + { + rv = VNET_API_ERROR_NO_SUCH_FIB; + } + else + { + rv = ipip_add_tunnel ((mp->is_ipv6 ? + IPIP_TRANSPORT_IP6 : + IPIP_TRANSPORT_IP4), + ntohl (mp->instance), &src, &dst, + fib_index, mp->tc_tos, &sw_if_index); + } /* *INDENT-OFF* */ REPLY_MACRO2(VL_API_IPIP_ADD_TUNNEL_REPLY, - ({ rmp->sw_if_index = ntohl(sw_if_index); })); + ({ + rmp->sw_if_index = ntohl(sw_if_index); + })); /* *INDENT-ON* */ } @@ -153,21 +167,35 @@ static void vl_api_ipip_6rd_add_tunnel_t_handler (vl_api_ipip_6rd_add_tunnel_t * mp) { vl_api_ipip_6rd_add_tunnel_reply_t *rmp; - u32 sixrd_tunnel_index; + u32 sixrd_tunnel_index, ip4_fib_index, ip6_fib_index; + int rv; + + ip4_fib_index = fib_table_find (FIB_PROTOCOL_IP4, ntohl (mp->ip4_table_id)); + ip6_fib_index = fib_table_find (FIB_PROTOCOL_IP6, ntohl (mp->ip6_table_id)); + + if (~0 == ip4_fib_index || ~0 == ip6_fib_index) - int rv = sixrd_add_tunnel ((ip6_address_t *) & mp->ip6_prefix, + { + rv = VNET_API_ERROR_NO_SUCH_FIB; + } + else + { + rv = sixrd_add_tunnel ((ip6_address_t *) & mp->ip6_prefix, mp->ip6_prefix_len, (ip4_address_t *) & mp->ip4_prefix, mp->ip4_prefix_len, (ip4_address_t *) & mp->ip4_src, mp->security_check, - ntohl (mp->fib_index), &sixrd_tunnel_index); + ip4_fib_index, ip6_fib_index, + &sixrd_tunnel_index); + } - REPLY_MACRO2 (VL_API_IPIP_6RD_ADD_TUNNEL_REPLY, ( - { - rmp->sw_if_index = - htonl - (sixrd_tunnel_index);})); + /* *INDENT-OFF* */ + REPLY_MACRO2 (VL_API_IPIP_6RD_ADD_TUNNEL_REPLY, + ({ + rmp->sw_if_index = htonl (sixrd_tunnel_index); + })); + /* *INDENT-ON* */ } static void diff --git a/src/vnet/ipip/ipip_cli.c b/src/vnet/ipip/ipip_cli.c index 7a68c20319e..5c7dfec8e05 100644 --- a/src/vnet/ipip/ipip_cli.c +++ b/src/vnet/ipip/ipip_cli.c @@ -16,6 +16,7 @@ #include "ipip.h" #include <vppinfra/error.h> #include <vnet/vnet.h> +#include <vnet/fib/fib_table.h> static clib_error_t *create_ipip_tunnel_command_fn(vlib_main_t *vm, unformat_input_t *input, @@ -24,6 +25,7 @@ static clib_error_t *create_ipip_tunnel_command_fn(vlib_main_t *vm, ip46_address_t src = ip46_address_initializer, dst = ip46_address_initializer; u32 instance = ~0; u32 fib_index = 0; + u32 table_id = 0; int rv; u32 num_m_args = 0; u32 sw_if_index; @@ -49,7 +51,7 @@ static clib_error_t *create_ipip_tunnel_command_fn(vlib_main_t *vm, } else if (unformat(line_input, "dst %U", unformat_ip6_address, &dst.ip6)) { num_m_args++; ip6_set = true; - } else if (unformat(line_input, "outer-fib-id %d", &fib_index)) + } else if (unformat(line_input, "outer-table-id %d", &table_id)) ; else { error = clib_error_return(0, "unknown input `%U'", format_unformat_error, @@ -67,15 +69,24 @@ static clib_error_t *create_ipip_tunnel_command_fn(vlib_main_t *vm, goto done; } - rv = ipip_add_tunnel(ip6_set ? IPIP_TRANSPORT_IP6 : IPIP_TRANSPORT_IP4, - instance, - &src, - &dst, - fib_index, - 0, - &sw_if_index); + fib_index = fib_table_find(fib_ip_proto(ip6_set), table_id); - switch (rv) { + if (~0 == fib_index) + { + rv = VNET_API_ERROR_NO_SUCH_FIB; + } + else + { + rv = ipip_add_tunnel(ip6_set ? IPIP_TRANSPORT_IP6 : IPIP_TRANSPORT_IP4, + instance, + &src, + &dst, + fib_index, + 0, + &sw_if_index); + } + + switch (rv) { case 0: vlib_cli_output(vm, "%U\n", format_vnet_sw_if_index_name, vnet_get_main(), sw_if_index); @@ -144,7 +155,7 @@ done: VLIB_CLI_COMMAND(create_ipip_tunnel_command, static) = { .path = "create ipip tunnel", .short_help = "create ipip tunnel src <addr> dst <addr> [instance <n>] " - "[outer-fib-id <fib>]", + "[outer-table-id <ID>]", .function = create_ipip_tunnel_command_fn, }; VLIB_CLI_COMMAND(delete_ipip_tunnel_command, static) = { @@ -158,21 +169,25 @@ static u8 *format_ipip_tunnel(u8 *s, va_list *args) { ipip_tunnel_t *t = va_arg(*args, ipip_tunnel_t *); ip46_type_t type = (t->transport == IPIP_TRANSPORT_IP4) ? IP46_TYPE_IP4 : IP46_TYPE_IP6; + u32 table_id; + + table_id = fib_table_get_table_id(t->fib_index, + fib_proto_from_ip46(type)); switch (t->mode) { case IPIP_MODE_6RD: - s = format(s, "[%d] 6rd src %U ip6-pfx %U/%d fib-idx %d sw-if-idx %d ", + s = format(s, "[%d] 6rd src %U ip6-pfx %U/%d table-ID %d sw-if-idx %d ", t->dev_instance, format_ip46_address, &t->tunnel_src, type, format_ip6_address, &t->sixrd.ip6_prefix, t->sixrd.ip6_prefix_len, - t->fib_index, t->sw_if_index); + table_id, t->sw_if_index); break; case IPIP_MODE_P2P: default: - s = format(s, "[%d] instance %d src %U dst %U fib-idx %d sw-if-idx %d ", + s = format(s, "[%d] instance %d src %U dst %U table-ID %d sw-if-idx %d ", t->dev_instance, t->user_instance, format_ip46_address, &t->tunnel_src, type, format_ip46_address, &t->tunnel_dst, type, - t->fib_index, t->sw_if_index); + table_id, t->sw_if_index); break; } @@ -226,9 +241,11 @@ static clib_error_t *create_sixrd_tunnel_command_fn(vlib_main_t *vm, u32 ip6_prefix_len = 0, ip4_prefix_len = 0, sixrd_tunnel_index; u32 num_m_args = 0; /* Optional arguments */ - u32 fib_index = 0; + u32 ip4_table_id = 0, ip4_fib_index; + u32 ip6_table_id = 0, ip6_fib_index; clib_error_t *error = 0; bool security_check = false; + int rv; /* Get a line of input. */ if (!unformat_user(input, unformat_line_input, line_input)) @@ -244,7 +261,9 @@ static clib_error_t *create_sixrd_tunnel_command_fn(vlib_main_t *vm, num_m_args++; else if (unformat(line_input, "ip4-src %U", unformat_ip4_address, &ip4_src)) num_m_args++; - else if (unformat(line_input, "fib-id %d", &fib_index)) + else if (unformat(line_input, "ip4-table-id %d", &ip4_table_id)) + ; + else if (unformat(line_input, "ip6-table-id %d", &ip6_table_id)) ; else { error = clib_error_return(0, "unknown input `%U'", format_unformat_error, @@ -257,13 +276,31 @@ static clib_error_t *create_sixrd_tunnel_command_fn(vlib_main_t *vm, error = clib_error_return(0, "mandatory argument(s) missing"); goto done; } - int rv = sixrd_add_tunnel(&ip6_prefix, ip6_prefix_len, &ip4_prefix, + ip4_fib_index = fib_table_find(FIB_PROTOCOL_IP4, ip4_table_id); + ip6_fib_index = fib_table_find(FIB_PROTOCOL_IP6, ip6_table_id); + + if (~0 == ip4_fib_index) + { + error = clib_error_return(0, "No such IP4 table %d", ip4_table_id); + rv = VNET_API_ERROR_NO_SUCH_FIB; + } + else if (~0 == ip6_fib_index) + { + error = clib_error_return(0, "No such IP6 table %d", ip6_table_id); + rv = VNET_API_ERROR_NO_SUCH_FIB; + } + else + { + rv = sixrd_add_tunnel(&ip6_prefix, ip6_prefix_len, &ip4_prefix, ip4_prefix_len, &ip4_src, security_check, - fib_index, &sixrd_tunnel_index); - if (rv) - error = clib_error_return(0, "adding tunnel failed %d", rv); + ip4_fib_index, ip6_fib_index, + &sixrd_tunnel_index); - done: + if (rv) + error = clib_error_return(0, "adding tunnel failed %d", rv); + } + +done: unformat_free(line_input); return error; @@ -308,7 +345,7 @@ done: VLIB_CLI_COMMAND(create_sixrd_tunnel_command, static) = { .path = "create 6rd tunnel", .short_help = "create 6rd tunnel ip6-pfx <ip6-pfx> ip4-pfx <ip4-pfx> " - "ip4-src <ip4-addr> [del]", + "ip4-src <ip4-addr> table-id <ID> [del]", .function = create_sixrd_tunnel_command_fn, }; VLIB_CLI_COMMAND(delete_sixrd_tunnel_command, static) = { diff --git a/src/vnet/ipip/sixrd.c b/src/vnet/ipip/sixrd.c index a2609fdcce1..b03572917cc 100644 --- a/src/vnet/ipip/sixrd.c +++ b/src/vnet/ipip/sixrd.c @@ -177,9 +177,9 @@ sixrd_tunnel_stack (adj_index_t ai, u32 fib_index) LOOKUP_UNICAST, LOOKUP_INPUT_DST_ADDR, LOOKUP_TABLE_FROM_CONFIG, &dpo); adj_nbr_midchain_stack (ai, &dpo); + dpo_reset (&dpo); } - static void sixrd_update_adj (vnet_main_t * vnm, u32 sw_if_index, adj_index_t ai) { @@ -272,14 +272,11 @@ int sixrd_add_tunnel (ip6_address_t * ip6_prefix, u8 ip6_prefix_len, ip4_address_t * ip4_prefix, u8 ip4_prefix_len, ip4_address_t * ip4_src, bool security_check, - u32 fib_index, u32 * sw_if_index) + u32 ip4_fib_index, u32 ip6_fib_index, u32 * sw_if_index) { ipip_main_t *gm = &ipip_main; ipip_tunnel_t *t; - if (fib_index == ~0) - return VNET_API_ERROR_NO_SUCH_FIB; - if ((ip6_prefix_len + 32 - ip4_prefix_len) > 64) return VNET_API_ERROR_INVALID_VALUE; @@ -287,8 +284,9 @@ sixrd_add_tunnel (ip6_address_t * ip6_prefix, u8 ip6_prefix_len, ip46_address_t src = ip46_address_initializer, dst = ip46_address_initializer; ip_set (&src, ip4_src, true); - ipip_tunnel_key_t key = {.transport = IPIP_TRANSPORT_IP4, - .fib_index = fib_index, + ipip_tunnel_key_t key = { + .transport = IPIP_TRANSPORT_IP4, + .fib_index = ip4_fib_index, .src = src, .dst = dst }; @@ -308,6 +306,7 @@ sixrd_add_tunnel (ip6_address_t * ip6_prefix, u8 ip6_prefix_len, t->sixrd.ip4_prefix_len = ip4_prefix_len; t->sixrd.ip6_prefix = *ip6_prefix; t->sixrd.ip6_prefix_len = ip6_prefix_len; + t->sixrd.ip6_fib_index = ip6_fib_index; t->tunnel_src = src; t->sixrd.security_check = security_check; t->sixrd.shift = @@ -323,7 +322,7 @@ sixrd_add_tunnel (ip6_address_t * ip6_prefix, u8 ip6_prefix_len, vnet_hw_interface_t *hi = vnet_get_hw_interface (vnet_get_main (), hw_if_index); t->hw_if_index = hw_if_index; - t->fib_index = fib_index; + t->fib_index = ip4_fib_index; t->sw_if_index = hi->sw_if_index; t->dev_instance = t_idx; t->user_instance = t_idx; @@ -340,24 +339,26 @@ sixrd_add_tunnel (ip6_address_t * ip6_prefix, u8 ip6_prefix_len, VNET_HW_INTERFACE_FLAG_LINK_UP); vnet_sw_interface_set_flags (vnet_get_main (), hi->sw_if_index, VNET_SW_INTERFACE_FLAG_ADMIN_UP); - ip6_sw_interface_enable_disable (hi->sw_if_index, true); + ip6_sw_interface_enable_disable (t->sw_if_index, true); /* Create IPv6 route/adjacency */ + /* *INDENT-OFF* */ fib_prefix_t pfx6 = { .fp_proto = FIB_PROTOCOL_IP6, .fp_len = t->sixrd.ip6_prefix_len, .fp_addr = { - .ip6 = t->sixrd.ip6_prefix, - } - , + .ip6 = t->sixrd.ip6_prefix, + }, }; + /* *INDENT-ON* */ - fib_table_entry_update_one_path (fib_index, &pfx6, FIB_SOURCE_CLI, + fib_table_lock (ip6_fib_index, FIB_PROTOCOL_IP6, FIB_SOURCE_6RD); + fib_table_entry_update_one_path (ip6_fib_index, &pfx6, FIB_SOURCE_6RD, FIB_ENTRY_FLAG_ATTACHED, DPO_PROTO_IP6, - &ADJ_BCAST_ADDR, hi->sw_if_index, ~0, 1, + &ADJ_BCAST_ADDR, t->sw_if_index, ~0, 1, NULL, FIB_ROUTE_PATH_FLAG_NONE); - *sw_if_index = hi->sw_if_index; + *sw_if_index = t->sw_if_index; if (!gm->ip4_protocol_registered) { @@ -385,15 +386,23 @@ sixrd_del_tunnel (u32 sw_if_index) return -1; } + /* *INDENT-OFF* */ fib_prefix_t pfx6 = { .fp_proto = FIB_PROTOCOL_IP6, .fp_len = t->sixrd.ip6_prefix_len, .fp_addr = { - .ip6 = t->sixrd.ip6_prefix, - } - , + .ip6 = t->sixrd.ip6_prefix, + }, }; - fib_table_entry_special_remove (0, &pfx6, FIB_SOURCE_CLI); + /* *INDENT-ON* */ + + fib_table_entry_path_remove (t->sixrd.ip6_fib_index, &pfx6, + FIB_SOURCE_6RD, + DPO_PROTO_IP6, + &ADJ_BCAST_ADDR, t->sw_if_index, ~0, 1, + FIB_ROUTE_PATH_FLAG_NONE); + fib_table_unlock (t->sixrd.ip6_fib_index, FIB_PROTOCOL_IP6, FIB_SOURCE_6RD); + vnet_sw_interface_set_flags (vnet_get_main (), t->sw_if_index, 0 /* down */ ); ip6_sw_interface_enable_disable (t->sw_if_index, false); |