diff options
Diffstat (limited to 'src/vnet')
-rw-r--r-- | src/vnet/CMakeLists.txt | 1 | ||||
-rw-r--r-- | src/vnet/fib/fib_node.h | 4 | ||||
-rw-r--r-- | src/vnet/ip/ip4.h | 3 | ||||
-rw-r--r-- | src/vnet/ip/ip4_punt_drop.c | 220 | ||||
-rw-r--r-- | src/vnet/ip/ip6.h | 2 | ||||
-rw-r--r-- | src/vnet/ip/ip6_punt_drop.c | 111 | ||||
-rw-r--r-- | src/vnet/ip/ip_api.c | 91 | ||||
-rw-r--r-- | src/vnet/ip/ip_punt_drop.c | 251 | ||||
-rw-r--r-- | src/vnet/ip/ip_punt_drop.h | 134 |
9 files changed, 433 insertions, 384 deletions
diff --git a/src/vnet/CMakeLists.txt b/src/vnet/CMakeLists.txt index dcbdb73d841..1c85daf84bf 100644 --- a/src/vnet/CMakeLists.txt +++ b/src/vnet/CMakeLists.txt @@ -445,6 +445,7 @@ list(APPEND VNET_SOURCES ip/ip.c ip/ip_init.c ip/ip_in_out_acl.c + ip/ip_punt_drop.c ip/lookup.c ip/ping.c ip/punt_api.c diff --git a/src/vnet/fib/fib_node.h b/src/vnet/fib/fib_node.h index de366f27704..e5a72a16f87 100644 --- a/src/vnet/fib/fib_node.h +++ b/src/vnet/fib/fib_node.h @@ -48,6 +48,7 @@ typedef enum fib_node_type_t_ { FIB_NODE_TYPE_BIER_ENTRY, FIB_NODE_TYPE_VXLAN_GBP_TUNNEL, FIB_NODE_TYPE_IPSEC_SA, + FIB_NODE_TYPE_IP_PUNT_REDIRECT, /** * Marker. New types before this one. leave the test last. */ @@ -75,7 +76,8 @@ typedef enum fib_node_type_t_ { [FIB_NODE_TYPE_BIER_FMASK] = "bier-fmask", \ [FIB_NODE_TYPE_BIER_ENTRY] = "bier-entry", \ [FIB_NODE_TYPE_VXLAN_GBP_TUNNEL] = "vxlan-gbp-tunnel", \ - [FIB_NODE_TYPE_IPSEC_SA] = "ipsec-sa" \ + [FIB_NODE_TYPE_IPSEC_SA] = "ipsec-sa", \ + [FIB_NODE_TYPE_IP_PUNT_REDIRECT] = "ip-punt-redirect" \ } /** diff --git a/src/vnet/ip/ip4.h b/src/vnet/ip/ip4.h index 9f25f43b98e..0ead3faa1b8 100644 --- a/src/vnet/ip/ip4.h +++ b/src/vnet/ip/ip4.h @@ -302,6 +302,9 @@ void ip4_punt_policer_add_del (u8 is_add, u32 policer_index); void ip4_punt_redirect_add (u32 rx_sw_if_index, u32 tx_sw_if_index, ip46_address_t * nh); +void ip4_punt_redirect_add_paths (u32 rx_sw_if_index, + fib_route_path_t * paths); + void ip4_punt_redirect_del (u32 rx_sw_if_index); /* Compute flow hash. We'll use it to select which adjacency to use for this diff --git a/src/vnet/ip/ip4_punt_drop.c b/src/vnet/ip/ip4_punt_drop.c index 85409857f38..4771e8d5b34 100644 --- a/src/vnet/ip/ip4_punt_drop.c +++ b/src/vnet/ip/ip4_punt_drop.c @@ -33,8 +33,6 @@ VNET_FEATURE_ARC_INIT (ip4_drop) = /* *INDENT-ON* */ extern ip_punt_policer_t ip4_punt_policer_cfg; -extern ip_punt_redirect_t ip4_punt_redirect_cfg; -extern ip_punt_redirect_rx_t uninit_rx_redirect; #ifndef CLIB_MARCH_VARIANT u8 * @@ -89,41 +87,6 @@ VNET_FEATURE_INIT (ip4_punt_policer_node) = { }; /* *INDENT-ON* */ -#ifndef CLIB_MARCH_VARIANT -u8 * -format_ip_punt_redirect_trace (u8 * s, va_list * args) -{ - CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *); - CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *); - ip_punt_redirect_trace_t *t = va_arg (*args, ip_punt_redirect_trace_t *); - vnet_main_t *vnm = vnet_get_main (); - vnet_sw_interface_t *si; - - si = vnet_get_sw_interface_safe (vnm, t->redirect.tx_sw_if_index); - - if (NULL != si) - s = format (s, "via %U on %U using adj:%d", - format_ip46_address, &t->redirect.nh, IP46_TYPE_ANY, - format_vnet_sw_interface_name, vnm, si, - t->redirect.adj_index); - else - s = format (s, "via %U on %d using adj:%d", - format_ip46_address, &t->redirect.nh, IP46_TYPE_ANY, - t->redirect.tx_sw_if_index, t->redirect.adj_index); - - return s; -} - -/* *INDENT-OFF* */ -ip_punt_redirect_t ip4_punt_redirect_cfg = { - .any_rx_sw_if_index = { - .tx_sw_if_index = ~0, - .adj_index = ADJ_INDEX_INVALID, - }, -}; -/* *INDENT-ON* */ -#endif /* CLIB_MARCH_VARIANT */ - #define foreach_ip4_punt_redirect_error \ _(DROP, "ip4 punt redirect drop") @@ -148,7 +111,7 @@ VLIB_NODE_FN (ip4_punt_redirect_node) (vlib_main_t * vm, { return (ip_punt_redirect (vm, node, frame, vnet_feat_arc_ip4_punt.feature_arc_index, - &ip4_punt_redirect_cfg)); + FIB_PROTOCOL_IP4)); } /* *INDENT-OFF* */ @@ -327,72 +290,34 @@ VLIB_CLI_COMMAND (ip4_punt_policer_command, static) = /* *INDENT-ON* */ #ifndef CLIB_MARCH_VARIANT -/* - * an uninitalised rx-redirect strcut used to pad the vector - */ -ip_punt_redirect_rx_t uninit_rx_redirect = { - .tx_sw_if_index = ~0, - .adj_index = ADJ_INDEX_INVALID, -}; void -ip_punt_redirect_add (ip_punt_redirect_t * cfg, - u32 rx_sw_if_index, - ip_punt_redirect_rx_t * redirect, - fib_protocol_t fproto, vnet_link_t linkt) +ip4_punt_redirect_add (u32 rx_sw_if_index, + u32 tx_sw_if_index, ip46_address_t * nh) { - ip_punt_redirect_rx_t *new; - - if (~0 == rx_sw_if_index) - { - cfg->any_rx_sw_if_index = *redirect; - new = &cfg->any_rx_sw_if_index; - } - else - { - vec_validate_init_empty (cfg->redirect_by_rx_sw_if_index, - rx_sw_if_index, uninit_rx_redirect); - cfg->redirect_by_rx_sw_if_index[rx_sw_if_index] = *redirect; - new = &cfg->redirect_by_rx_sw_if_index[rx_sw_if_index]; - } + /* *INDENT-OFF* */ + fib_route_path_t *rpaths = NULL, rpath = { + .frp_proto = DPO_PROTO_IP4, + .frp_addr = *nh, + .frp_sw_if_index = tx_sw_if_index, + .frp_weight = 1, + .frp_fib_index = ~0, + }; + /* *INDENT-ON* */ - new->adj_index = adj_nbr_add_or_lock (fproto, linkt, - &redirect->nh, - redirect->tx_sw_if_index); -} + vec_add1 (rpaths, rpath); -void -ip_punt_redirect_del (ip_punt_redirect_t * cfg, u32 rx_sw_if_index) -{ - ip_punt_redirect_rx_t *old; + ip4_punt_redirect_add_paths (rx_sw_if_index, rpaths); - if (~0 == rx_sw_if_index) - { - old = &cfg->any_rx_sw_if_index; - } - else - { - old = &cfg->redirect_by_rx_sw_if_index[rx_sw_if_index]; - } - - if ((old == NULL) || (old->adj_index == ADJ_INDEX_INVALID)) - return; - - adj_unlock (old->adj_index); - *old = uninit_rx_redirect; + vec_free (rpaths); } void -ip4_punt_redirect_add (u32 rx_sw_if_index, - u32 tx_sw_if_index, ip46_address_t * nh) +ip4_punt_redirect_add_paths (u32 rx_sw_if_index, fib_route_path_t * rpaths) { - ip_punt_redirect_rx_t rx = { - .tx_sw_if_index = tx_sw_if_index, - .nh = *nh, - }; - - ip_punt_redirect_add (&ip4_punt_redirect_cfg, - rx_sw_if_index, &rx, FIB_PROTOCOL_IP4, VNET_LINK_IP4); + ip_punt_redirect_add (FIB_PROTOCOL_IP4, + rx_sw_if_index, + FIB_FORW_CHAIN_TYPE_UNICAST_IP4, rpaths); vnet_feature_enable_disable ("ip4-punt", "ip4-punt-redirect", 0, 1, 0, 0); } @@ -402,7 +327,7 @@ ip4_punt_redirect_del (u32 rx_sw_if_index) { vnet_feature_enable_disable ("ip4-punt", "ip4-punt-redirect", 0, 0, 0, 0); - ip_punt_redirect_del (&ip4_punt_redirect_cfg, rx_sw_if_index); + ip_punt_redirect_del (FIB_PROTOCOL_IP4, rx_sw_if_index); } #endif /* CLIB_MARCH_VARIANT */ @@ -412,10 +337,9 @@ ip4_punt_redirect_cmd (vlib_main_t * vm, vlib_cli_command_t * cmd) { unformat_input_t _line_input, *line_input = &_line_input; - ip46_address_t nh = ip46_address_initializer; + fib_route_path_t *rpaths = NULL, rpath; clib_error_t *error = 0; - u32 rx_sw_if_index = 0; - u32 tx_sw_if_index = 0; + u32 rx_sw_if_index = ~0; vnet_main_t *vnm; u8 is_add; @@ -436,14 +360,9 @@ ip4_punt_redirect_cmd (vlib_main_t * vm, else if (unformat (line_input, "rx %U", unformat_vnet_sw_interface, vnm, &rx_sw_if_index)) ; - else if (unformat (line_input, "via %U %U", - unformat_ip4_address, - &nh.ip4, - unformat_vnet_sw_interface, vnm, &tx_sw_if_index)) - ; else if (unformat (line_input, "via %U", - unformat_vnet_sw_interface, vnm, &tx_sw_if_index)) - clib_memset (&nh, 0, sizeof (nh)); + unformat_fib_route_path, &rpath)) + vec_add1 (rpaths, rpath); else { error = unformat_parse_error (line_input); @@ -451,19 +370,20 @@ ip4_punt_redirect_cmd (vlib_main_t * vm, } } + if (~0 == rx_sw_if_index) + { + error = unformat_parse_error (line_input); + goto done; + } + if (is_add) { - if (rx_sw_if_index && tx_sw_if_index) - { - ip4_punt_redirect_add (rx_sw_if_index, tx_sw_if_index, &nh); - } + if (vec_len (rpaths)) + ip4_punt_redirect_add_paths (rx_sw_if_index, rpaths); } else { - if (rx_sw_if_index) - { - ip4_punt_redirect_del (rx_sw_if_index); - } + ip4_punt_redirect_del (rx_sw_if_index); } done: @@ -485,84 +405,12 @@ VLIB_CLI_COMMAND (ip4_punt_redirect_command, static) = }; /* *INDENT-ON* */ -#ifndef CLIB_MARCH_VARIANT -u8 * -format_ip_punt_redirect (u8 * s, va_list * args) -{ - ip_punt_redirect_t *cfg = va_arg (*args, ip_punt_redirect_t *); - ip_punt_redirect_rx_t *rx; - u32 rx_sw_if_index; - vnet_main_t *vnm = vnet_get_main (); - - vec_foreach_index (rx_sw_if_index, cfg->redirect_by_rx_sw_if_index) - { - rx = &cfg->redirect_by_rx_sw_if_index[rx_sw_if_index]; - if (~0 != rx->tx_sw_if_index) - { - s = format (s, " rx %U redirect via %U %U\n", - format_vnet_sw_interface_name, vnm, - vnet_get_sw_interface (vnm, rx_sw_if_index), - format_ip46_address, &rx->nh, IP46_TYPE_ANY, - format_vnet_sw_interface_name, vnm, - vnet_get_sw_interface (vnm, rx->tx_sw_if_index)); - } - } - if (~0 != cfg->any_rx_sw_if_index.tx_sw_if_index) - { - s = format (s, " rx all redirect via %U %U\n", - format_ip46_address, &cfg->any_rx_sw_if_index.nh, - IP46_TYPE_ANY, format_vnet_sw_interface_name, vnm, - vnet_get_sw_interface (vnm, - cfg-> - any_rx_sw_if_index.tx_sw_if_index)); - } - - return (s); -} - -ip_punt_redirect_detail_t * -ip4_punt_redirect_entries (u32 sw_if_index) -{ - ip_punt_redirect_rx_t *pr; - ip_punt_redirect_detail_t *prs = 0; - u32 rx_sw_if_index; - - vec_foreach_index (rx_sw_if_index, - ip4_punt_redirect_cfg.redirect_by_rx_sw_if_index) - { - if (sw_if_index == ~0 || sw_if_index == rx_sw_if_index) - { - pr = - &ip4_punt_redirect_cfg.redirect_by_rx_sw_if_index[rx_sw_if_index]; - if (~0 != pr->tx_sw_if_index) - { - ip_punt_redirect_detail_t detail = {.rx_sw_if_index = - rx_sw_if_index, - .punt_redirect = *pr - }; - vec_add1 (prs, detail); - } - } - } - if (~0 != ip4_punt_redirect_cfg.any_rx_sw_if_index.tx_sw_if_index) - { - pr = &ip4_punt_redirect_cfg.any_rx_sw_if_index; - ip_punt_redirect_detail_t detail = {.rx_sw_if_index = ~0, - .punt_redirect = *pr - }; - vec_add1 (prs, detail); - } - - return prs; -} -#endif /* CLIB_MARCH_VARIANT */ - static clib_error_t * ip4_punt_redirect_show_cmd (vlib_main_t * vm, unformat_input_t * main_input, vlib_cli_command_t * cmd) { - vlib_cli_output (vm, "%U", format_ip_punt_redirect, &ip4_punt_redirect_cfg); + vlib_cli_output (vm, "%U", format_ip_punt_redirect, FIB_PROTOCOL_IP4); return (NULL); } diff --git a/src/vnet/ip/ip6.h b/src/vnet/ip/ip6.h index b511cccbaa7..2cff713ab05 100644 --- a/src/vnet/ip/ip6.h +++ b/src/vnet/ip/ip6.h @@ -468,6 +468,8 @@ u32 ip6_tcp_udp_icmp_validate_checksum (vlib_main_t * vm, vlib_buffer_t * p0); void ip6_punt_policer_add_del (u8 is_add, u32 policer_index); void ip6_punt_redirect_add (u32 rx_sw_if_index, u32 tx_sw_if_index, ip46_address_t * nh); +void ip6_punt_redirect_add_paths (u32 rx_sw_if_index, + fib_route_path_t * paths); void ip6_punt_redirect_del (u32 rx_sw_if_index); int vnet_set_ip6_classify_intfc (vlib_main_t * vm, u32 sw_if_index, diff --git a/src/vnet/ip/ip6_punt_drop.c b/src/vnet/ip/ip6_punt_drop.c index d1145fbf82e..330ef55483f 100644 --- a/src/vnet/ip/ip6_punt_drop.c +++ b/src/vnet/ip/ip6_punt_drop.c @@ -227,16 +227,6 @@ VLIB_CLI_COMMAND (ip6_punt_policer_command, static) = .short_help = "ip6 punt policer [add|del] <index>", }; -extern ip_punt_redirect_t ip6_punt_redirect_cfg; - -#ifndef CLIB_MARCH_VARIANT -ip_punt_redirect_t ip6_punt_redirect_cfg = { - .any_rx_sw_if_index = { - .tx_sw_if_index = ~0, - .adj_index = ADJ_INDEX_INVALID, - }, -}; -#endif /* CLIB_MARCH_VARIANT */ /* *INDENT-ON* */ #define foreach_ip6_punt_redirect_error \ @@ -262,7 +252,7 @@ VLIB_NODE_FN (ip6_punt_redirect_node) (vlib_main_t * vm, { return (ip_punt_redirect (vm, node, frame, vnet_feat_arc_ip6_punt.feature_arc_index, - &ip6_punt_redirect_cfg)); + FIB_PROTOCOL_IP6)); } /* *INDENT-OFF* */ @@ -290,17 +280,33 @@ VNET_FEATURE_INIT (ip6_punt_redirect_node, static) = { /* *INDENT-ON* */ #ifndef CLIB_MARCH_VARIANT + void ip6_punt_redirect_add (u32 rx_sw_if_index, u32 tx_sw_if_index, ip46_address_t * nh) { - ip_punt_redirect_rx_t rx = { - .tx_sw_if_index = tx_sw_if_index, - .nh = *nh, + /* *INDENT-OFF* */ + fib_route_path_t *rpaths = NULL, rpath = { + .frp_proto = DPO_PROTO_IP6, + .frp_addr = *nh, + .frp_sw_if_index = tx_sw_if_index, + .frp_weight = 1, + .frp_fib_index = ~0, }; + /* *INDENT-ON* */ + vec_add1 (rpaths, rpath); - ip_punt_redirect_add (&ip6_punt_redirect_cfg, - rx_sw_if_index, &rx, FIB_PROTOCOL_IP6, VNET_LINK_IP6); + ip6_punt_redirect_add_paths (rx_sw_if_index, rpaths); + + vec_free (rpaths); +} + +void +ip6_punt_redirect_add_paths (u32 rx_sw_if_index, fib_route_path_t * rpaths) +{ + ip_punt_redirect_add (FIB_PROTOCOL_IP6, + rx_sw_if_index, + FIB_FORW_CHAIN_TYPE_UNICAST_IP6, rpaths); vnet_feature_enable_disable ("ip6-punt", "ip6-punt-redirect", 0, 1, 0, 0); } @@ -310,7 +316,7 @@ ip6_punt_redirect_del (u32 rx_sw_if_index) { vnet_feature_enable_disable ("ip6-punt", "ip6-punt-redirect", 0, 0, 0, 0); - ip_punt_redirect_del (&ip6_punt_redirect_cfg, rx_sw_if_index); + ip_punt_redirect_del (FIB_PROTOCOL_IP6, rx_sw_if_index); } #endif /* CLIB_MARCH_VARIANT */ @@ -320,10 +326,9 @@ ip6_punt_redirect_cmd (vlib_main_t * vm, vlib_cli_command_t * cmd) { unformat_input_t _line_input, *line_input = &_line_input; + fib_route_path_t *rpaths = NULL, rpath; clib_error_t *error = 0; - u32 rx_sw_if_index = 0; - u32 tx_sw_if_index = 0; - ip46_address_t nh; + u32 rx_sw_if_index = ~0; vnet_main_t *vnm; u8 is_add; @@ -344,14 +349,9 @@ ip6_punt_redirect_cmd (vlib_main_t * vm, else if (unformat (line_input, "rx %U", unformat_vnet_sw_interface, vnm, &rx_sw_if_index)) ; - else if (unformat (line_input, "via %U %U", - unformat_ip6_address, - &nh.ip6, - unformat_vnet_sw_interface, vnm, &tx_sw_if_index)) - ; else if (unformat (line_input, "via %U", - unformat_vnet_sw_interface, vnm, &tx_sw_if_index)) - clib_memset (&nh, 0, sizeof (nh)); + unformat_fib_route_path, &rpath)) + vec_add1 (rpaths, rpath); else { error = unformat_parse_error (line_input); @@ -359,19 +359,20 @@ ip6_punt_redirect_cmd (vlib_main_t * vm, } } + if (~0 == rx_sw_if_index) + { + error = unformat_parse_error (line_input); + goto done; + } + if (is_add) { - if (rx_sw_if_index && tx_sw_if_index) - { - ip6_punt_redirect_add (rx_sw_if_index, tx_sw_if_index, &nh); - } + if (vec_len (rpaths)) + ip6_punt_redirect_add_paths (rx_sw_if_index, rpaths); } else { - if (rx_sw_if_index) - { - ip6_punt_redirect_del (rx_sw_if_index); - } + ip6_punt_redirect_del (rx_sw_if_index); } done: @@ -394,45 +395,7 @@ VLIB_CLI_COMMAND (ip6_punt_redirect_command, static) = /* *INDENT-ON* */ #ifndef CLIB_MARCH_VARIANT -ip_punt_redirect_detail_t * -ip6_punt_redirect_entries (u32 sw_if_index) -{ - ip_punt_redirect_rx_t *pr; - ip_punt_redirect_detail_t *prs = 0; - u32 rx_sw_if_index; - - vec_foreach_index (rx_sw_if_index, - ip6_punt_redirect_cfg.redirect_by_rx_sw_if_index) - { - if (sw_if_index == ~0 || sw_if_index == rx_sw_if_index) - { - pr = - &ip6_punt_redirect_cfg.redirect_by_rx_sw_if_index[rx_sw_if_index]; - if (NULL != pr && ~0 != pr->tx_sw_if_index) - { - ip_punt_redirect_detail_t detail = {.rx_sw_if_index = - rx_sw_if_index, - .punt_redirect = *pr - }; - vec_add1 (prs, detail); - } - } - } - if (~0 != ip6_punt_redirect_cfg.any_rx_sw_if_index.tx_sw_if_index) - { - pr = &ip6_punt_redirect_cfg.any_rx_sw_if_index; - if (NULL != pr) - { - ip_punt_redirect_detail_t detail = {.rx_sw_if_index = - rx_sw_if_index, - .punt_redirect = *pr - }; - vec_add1 (prs, detail); - } - } - return prs; -} #endif /* CLIB_MARCH_VARIANT */ static clib_error_t * @@ -440,7 +403,7 @@ ip6_punt_redirect_show_cmd (vlib_main_t * vm, unformat_input_t * main_input, vlib_cli_command_t * cmd) { - vlib_cli_output (vm, "%U", format_ip_punt_redirect, &ip6_punt_redirect_cfg); + vlib_cli_output (vm, "%U", format_ip_punt_redirect, FIB_PROTOCOL_IP6); return (NULL); } diff --git a/src/vnet/ip/ip_api.c b/src/vnet/ip/ip_api.c index 06caf111b91..bcbcf5ac8d4 100644 --- a/src/vnet/ip/ip_api.c +++ b/src/vnet/ip/ip_api.c @@ -44,6 +44,7 @@ #include <vnet/ip/ip_source_and_port_range_check.h> #include <vnet/fib/ip4_fib.h> #include <vnet/fib/ip6_fib.h> +#include <vnet/fib/fib_path_list.h> #include <vnet/ip/ip6_hop_by_hop.h> #include <vnet/ip/ip4_reassembly.h> #include <vnet/ip/ip6_reassembly.h> @@ -3358,74 +3359,76 @@ void REPLY_MACRO (VL_API_IP_REASSEMBLY_ENABLE_DISABLE_REPLY); } -void -send_ip_punt_redirect_details (vl_api_registration_t * reg, - u32 context, u32 sw_if_index, - ip_punt_redirect_rx_t * pr, u8 is_ipv6) +typedef struct ip_punt_redirect_walk_ctx_t_ { + vl_api_registration_t *reg; + u32 context; +} ip_punt_redirect_walk_ctx_t; + +static walk_rc_t +send_ip_punt_redirect_details (u32 rx_sw_if_index, + const ip_punt_redirect_rx_t * ipr, void *arg) +{ + fib_route_path_encode_t *api_rpaths = NULL; + ip_punt_redirect_walk_ctx_t *ctx = arg; vl_api_ip_punt_redirect_details_t *mp; mp = vl_msg_api_alloc (sizeof (*mp)); if (!mp) - return; + return (WALK_STOP);; clib_memset (mp, 0, sizeof (*mp)); mp->_vl_msg_id = ntohs (VL_API_IP_PUNT_REDIRECT_DETAILS); - mp->context = context; - mp->punt.rx_sw_if_index = htonl (sw_if_index); - mp->punt.tx_sw_if_index = htonl (pr->tx_sw_if_index); - if (is_ipv6) - { - ip_address_encode (&pr->nh, IP46_TYPE_IP6, &mp->punt.nh); - } - else - { - ip_address_encode (&pr->nh, IP46_TYPE_IP4, &mp->punt.nh); - } + mp->context = ctx->context; - vl_api_send_msg (reg, (u8 *) mp); + fib_path_list_walk_w_ext (ipr->pl, NULL, fib_path_encode, &api_rpaths); + + mp->punt.rx_sw_if_index = htonl (rx_sw_if_index); + mp->punt.tx_sw_if_index = htonl (api_rpaths[0].rpath.frp_sw_if_index); + + ip_address_encode (&api_rpaths[0].rpath.frp_addr, + fib_proto_to_ip46 (ipr->fproto), &mp->punt.nh); + + vl_api_send_msg (ctx->reg, (u8 *) mp); + + vec_free (api_rpaths); + + return (WALK_CONTINUE); } static void vl_api_ip_punt_redirect_dump_t_handler (vl_api_ip_punt_redirect_dump_t * mp) { vl_api_registration_t *reg; - u32 sw_if_index; - int rv __attribute__ ((unused)) = 0; + fib_protocol_t fproto; - sw_if_index = ntohl (mp->sw_if_index); reg = vl_api_client_index_to_registration (mp->client_index); if (!reg) return; - if (~0 != sw_if_index) - VALIDATE_SW_IF_INDEX (mp); + fproto = mp->is_ipv6 ? FIB_PROTOCOL_IP6 : FIB_PROTOCOL_IP4; - ip_punt_redirect_detail_t *pr, *prs; - if (mp->is_ipv6) + ip_punt_redirect_walk_ctx_t ctx = { + .reg = reg, + .context = mp->context, + }; + + if (~0 != mp->sw_if_index) { - prs = ip6_punt_redirect_entries (sw_if_index); - /* *INDENT-OFF* */ - vec_foreach (pr, prs) - { - send_ip_punt_redirect_details (reg, mp->context, pr->rx_sw_if_index, &pr->punt_redirect, 1); - } - /* *INDENT-ON* */ - vec_free (prs); + u32 rx_sw_if_index; + index_t pri; + + rx_sw_if_index = ntohl (mp->sw_if_index); + pri = ip_punt_redirect_find (fproto, rx_sw_if_index); + + if (INDEX_INVALID == pri) + return; + + send_ip_punt_redirect_details (rx_sw_if_index, + ip_punt_redirect_get (pri), &ctx); } else - { - prs = ip4_punt_redirect_entries (sw_if_index); - /* *INDENT-OFF* */ - vec_foreach (pr, prs) - { - send_ip_punt_redirect_details (reg, mp->context, pr->rx_sw_if_index, &pr->punt_redirect, 0); - } - /* *INDENT-ON* */ - vec_free (prs); - } - - BAD_SW_IF_INDEX_LABEL; + ip_punt_redirect_walk (fproto, send_ip_punt_redirect_details, &ctx); } #define vl_msg_name_crc_list diff --git a/src/vnet/ip/ip_punt_drop.c b/src/vnet/ip/ip_punt_drop.c new file mode 100644 index 00000000000..01577a472ce --- /dev/null +++ b/src/vnet/ip/ip_punt_drop.c @@ -0,0 +1,251 @@ +/* + * Copyright (c) 2015 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include <vnet/ip/ip.h> +#include <vnet/ip/ip_punt_drop.h> +#include <vnet/policer/policer.h> +#include <vnet/policer/police_inlines.h> +#include <vnet/fib/fib_path_list.h> + +ip_punt_redirect_cfg_t ip_punt_redirect_cfg; + +u8 * +format_ip_punt_redirect_trace (u8 * s, va_list * args) +{ + CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *); + CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *); + ip_punt_redirect_trace_t *t = va_arg (*args, ip_punt_redirect_trace_t *); + + if (INDEX_INVALID == t->rrxi) + s = format (s, "drop"); + else + s = format (s, "via redirect:%d", t->rrxi); + + return s; +} + +static void +ip_punt_redirect_stack (ip_punt_redirect_rx_t * ipr) +{ + dpo_id_t dpo = DPO_INVALID; + vlib_node_t *pnode; + + fib_path_list_contribute_forwarding (ipr->pl, + ipr->payload_type, + FIB_PATH_LIST_FWD_FLAG_COLLAPSE, &dpo); + + if (FIB_PROTOCOL_IP4 == ipr->fproto) + pnode = + vlib_get_node_by_name (vlib_get_main (), (u8 *) "ip4-punt-redirect"); + else + pnode = + vlib_get_node_by_name (vlib_get_main (), (u8 *) "ip6-punt-redirect"); + + dpo_stack_from_node (pnode->index, &ipr->dpo, &dpo); + dpo_reset (&dpo); +} + +index_t +ip_punt_redirect_find (fib_protocol_t fproto, u32 rx_sw_if_index) +{ + index_t *rxs; + + rxs = ip_punt_redirect_cfg.redirect_by_rx_sw_if_index[fproto]; + + if (vec_len (rxs) <= rx_sw_if_index) + return (INDEX_INVALID); + + return rxs[rx_sw_if_index]; +} + +void +ip_punt_redirect_add (fib_protocol_t fproto, + u32 rx_sw_if_index, + fib_forward_chain_type_t ct, fib_route_path_t * rpaths) +{ + ip_punt_redirect_rx_t *ipr; + index_t ipri; + + if (~0 == rx_sw_if_index) + rx_sw_if_index = 0; + + vec_validate_init_empty (ip_punt_redirect_cfg.redirect_by_rx_sw_if_index + [fproto], rx_sw_if_index, INDEX_INVALID); + + pool_get (ip_punt_redirect_cfg.pool, ipr); + ipri = ipr - ip_punt_redirect_cfg.pool; + + ip_punt_redirect_cfg.redirect_by_rx_sw_if_index[fproto][rx_sw_if_index] = + ipri; + + fib_node_init (&ipr->node, FIB_NODE_TYPE_IP_PUNT_REDIRECT); + ipr->fproto = fproto; + ipr->payload_type = ct; + + ipr->pl = fib_path_list_create (FIB_PATH_LIST_FLAG_NO_URPF, rpaths); + + ipr->sibling = fib_path_list_child_add (ipr->pl, + FIB_NODE_TYPE_IP_PUNT_REDIRECT, + ipri); + + ip_punt_redirect_stack (ipr); +} + +void +ip_punt_redirect_del (fib_protocol_t fproto, u32 rx_sw_if_index) +{ + ip_punt_redirect_rx_t *ipr; + index_t *rxs; + + if (~0 == rx_sw_if_index) + rx_sw_if_index = 0; + + rxs = ip_punt_redirect_cfg.redirect_by_rx_sw_if_index[fproto]; + + if ((vec_len (rxs) <= rx_sw_if_index) || + (INDEX_INVALID == rxs[rx_sw_if_index])) + return; + + ipr = ip_punt_redirect_get (rxs[rx_sw_if_index]); + + fib_path_list_child_remove (ipr->pl, ipr->sibling); + dpo_reset (&ipr->dpo); + pool_put (ip_punt_redirect_cfg.pool, ipr); + + rxs[rx_sw_if_index] = INDEX_INVALID; +} + +u8 * +format_ip_punt_redirect (u8 * s, va_list * args) +{ + fib_protocol_t fproto = va_arg (*args, int); + ip_punt_redirect_rx_t *rx; + index_t *rxs; + u32 rx_sw_if_index; + vnet_main_t *vnm = vnet_get_main (); + + rxs = ip_punt_redirect_cfg.redirect_by_rx_sw_if_index[fproto]; + + vec_foreach_index (rx_sw_if_index, rxs) + { + if (INDEX_INVALID == rxs[rx_sw_if_index]) + continue; + + rx = ip_punt_redirect_get (rxs[rx_sw_if_index]); + + s = format (s, " rx %U via:\n", + format_vnet_sw_interface_name, vnm, + vnet_get_sw_interface (vnm, rx_sw_if_index)); + s = format (s, " %U", format_fib_path_list, rx->pl, 2); + s = format (s, " forwarding\n", format_dpo_id, &rx->dpo, 0); + s = format (s, " %U\n", format_dpo_id, &rx->dpo, 0); + } + + return (s); +} + +void +ip_punt_redirect_walk (fib_protocol_t fproto, + ip_punt_redirect_walk_cb_t cb, void *ctx) +{ + ip_punt_redirect_rx_t *rx; + u32 ii, rx_sw_if_index; + index_t *rxs; + + rxs = ip_punt_redirect_cfg.redirect_by_rx_sw_if_index[fproto]; + + vec_foreach_index (ii, rxs) + { + if (INDEX_INVALID == rxs[ii]) + continue; + + rx = ip_punt_redirect_get (rxs[ii]); + + rx_sw_if_index = (ii == 0 ? ~0 : ii); + cb (rx_sw_if_index, rx, ctx); + } +} + +static fib_node_t * +ip_punt_redirect_get_node (fib_node_index_t index) +{ + ip_punt_redirect_rx_t *ipr = ip_punt_redirect_get (index); + return (&(ipr->node)); +} + +static ip_punt_redirect_rx_t * +ip_punt_redirect_get_from_node (fib_node_t * node) +{ + return ((ip_punt_redirect_rx_t *) (((char *) node) - + STRUCT_OFFSET_OF (ip_punt_redirect_rx_t, + node))); +} + +static void +ip_punt_redirect_last_lock_gone (fib_node_t * node) +{ + /* + * the lifetime of the entry is managed by the table. + */ + ASSERT (0); +} + +/* + * A back walk has reached this BIER entry + */ +static fib_node_back_walk_rc_t +ip_punt_redirect_back_walk_notify (fib_node_t * node, + fib_node_back_walk_ctx_t * ctx) +{ + /* + * re-populate the ECMP tables with new choices + */ + ip_punt_redirect_rx_t *ipr = ip_punt_redirect_get_from_node (node); + + ip_punt_redirect_stack (ipr); + + /* + * no need to propagate further up the graph, since there's nothing there + */ + return (FIB_NODE_BACK_WALK_CONTINUE); +} + +/* + * The BIER fmask's graph node virtual function table + */ +static const fib_node_vft_t ip_punt_redirect_vft = { + .fnv_get = ip_punt_redirect_get_node, + .fnv_last_lock = ip_punt_redirect_last_lock_gone, + .fnv_back_walk = ip_punt_redirect_back_walk_notify, +}; + +static clib_error_t * +ip_punt_drop_init (vlib_main_t * vm) +{ + fib_node_register_type (FIB_NODE_TYPE_IP_PUNT_REDIRECT, + &ip_punt_redirect_vft); + + return (NULL); +} + +VLIB_INIT_FUNCTION (ip_punt_drop_init); + +/* + * fd.io coding-style-patch-verification: ON + * + * Local Variables: + * eval: (c-set-style "gnu") + * End: + */ diff --git a/src/vnet/ip/ip_punt_drop.h b/src/vnet/ip/ip_punt_drop.h index ccf88e593cf..3e2796ee868 100644 --- a/src/vnet/ip/ip_punt_drop.h +++ b/src/vnet/ip/ip_punt_drop.h @@ -194,19 +194,19 @@ ip_punt_policer (vlib_main_t * vm, typedef struct ip_punt_redirect_rx_t_ { /** - * The next-hop to send redirected packets to + * Node linkage into the FIB graph */ - ip46_address_t nh; + fib_node_t node; - /** - * the TX interface to send redirected packets - */ - u32 tx_sw_if_index; + fib_protocol_t fproto; + fib_forward_chain_type_t payload_type; + fib_node_index_t pl; + u32 sibling; /** - * redirect forwarding adjacency + * redirect forwarding */ - adj_index_t adj_index; + dpo_id_t dpo; } ip_punt_redirect_rx_t; /** @@ -214,16 +214,17 @@ typedef struct ip_punt_redirect_rx_t_ */ typedef struct ip_punt_redirect_t_ { - /** - * any RX interface redirect - */ - ip_punt_redirect_rx_t any_rx_sw_if_index; + ip_punt_redirect_rx_t *pool; + + /** + * per-RX interface configuration. + * sw_if_index = 0 (from which packets are never received) is used to + * indicate 'from-any' + */ + index_t *redirect_by_rx_sw_if_index[FIB_PROTOCOL_IP_MAX]; +} ip_punt_redirect_cfg_t; - /** - * per-RX interface configuration - */ - ip_punt_redirect_rx_t *redirect_by_rx_sw_if_index; -} ip_punt_redirect_t; +extern ip_punt_redirect_cfg_t ip_punt_redirect_cfg; /** * IP punt redirect next nodes @@ -241,75 +242,51 @@ typedef enum ip_punt_redirect_next_t_ */ typedef struct ip4_punt_redirect_trace_t_ { - ip_punt_redirect_rx_t redirect; + index_t rrxi; u32 next; } ip_punt_redirect_trace_t; -typedef struct ip_punt_redirect_detail_t_ -{ - /** - * the RX interface - */ - u32 rx_sw_if_index; - /** - * IP punt redirect configuration - */ - ip_punt_redirect_rx_t punt_redirect; -} ip_punt_redirect_detail_t; - /** * Add a punt redirect entry */ -extern void ip_punt_redirect_add (ip_punt_redirect_t * cfg, +extern void ip_punt_redirect_add (fib_protocol_t fproto, u32 rx_sw_if_index, - ip_punt_redirect_rx_t * redirect, - fib_protocol_t fproto, vnet_link_t linkt); -extern void ip_punt_redirect_del (ip_punt_redirect_t * cfg, - u32 rx_sw_if_index); + fib_forward_chain_type_t ct, + fib_route_path_t * rpaths); + +extern void ip_punt_redirect_del (fib_protocol_t fproto, u32 rx_sw_if_index); +extern index_t ip_punt_redirect_find (fib_protocol_t fproto, + u32 rx_sw_if_index); extern u8 *format_ip_punt_redirect (u8 * s, va_list * args); extern u8 *format_ip_punt_redirect_trace (u8 * s, va_list * args); -extern ip_punt_redirect_detail_t *ip4_punt_redirect_entries (u32 sw_if_index); -extern ip_punt_redirect_detail_t *ip6_punt_redirect_entries (u32 sw_if_index); +typedef walk_rc_t (*ip_punt_redirect_walk_cb_t) (u32 rx_sw_if_index, + const ip_punt_redirect_rx_t * + redirect, void *arg); +extern void ip_punt_redirect_walk (fib_protocol_t fproto, + ip_punt_redirect_walk_cb_t cb, void *ctx); -always_inline u32 -ip_punt_redirect_tx_via_adj (vlib_buffer_t * b0, adj_index_t ai) +static_always_inline ip_punt_redirect_rx_t * +ip_punt_redirect_get (index_t rrxi) { - ip_adjacency_t *adj = adj_get (ai); - u32 next0; - - vnet_buffer (b0)->ip.adj_index[VLIB_TX] = ai; - - switch (adj->lookup_next_index) - { - case IP_LOOKUP_NEXT_ARP: - next0 = IP_PUNT_REDIRECT_NEXT_ARP; - break; - case IP_LOOKUP_NEXT_REWRITE: - next0 = IP_PUNT_REDIRECT_NEXT_TX; - break; - default: - next0 = IP_PUNT_REDIRECT_NEXT_DROP; - break; - } - - return (next0); + return (pool_elt_at_index (ip_punt_redirect_cfg.pool, rrxi)); } always_inline uword ip_punt_redirect (vlib_main_t * vm, vlib_node_runtime_t * node, - vlib_frame_t * frame, - u8 arc_index, ip_punt_redirect_t * redirect) + vlib_frame_t * frame, u8 arc_index, fib_protocol_t fproto) { u32 *from, *to_next, n_left_from, n_left_to_next, next_index; vnet_feature_main_t *fm = &feature_main; vnet_feature_config_main_t *cm = &fm->feature_config_mains[arc_index]; + index_t *redirects; from = vlib_frame_vector_args (frame); n_left_from = frame->n_vectors; next_index = node->cached_next_index; + redirects = ip_punt_redirect_cfg.redirect_by_rx_sw_if_index[fproto]; while (n_left_from > 0) { @@ -317,13 +294,13 @@ ip_punt_redirect (vlib_main_t * vm, while (n_left_from > 0 && n_left_to_next > 0) { - u32 rx_sw_if_index0; + u32 rx_sw_if_index0, rrxi0; ip_punt_redirect_rx_t *rrx0; vlib_buffer_t *b0; u32 next0; u32 bi0; - rrx0 = NULL; + rrxi0 = INDEX_INVALID; next0 = 0; bi0 = to_next[0] = from[0]; @@ -339,24 +316,24 @@ ip_punt_redirect (vlib_main_t * vm, rx_sw_if_index0 = vnet_buffer (b0)->sw_if_index[VLIB_RX]; - if (vec_len (redirect->redirect_by_rx_sw_if_index) > - rx_sw_if_index0) + /* + * If config exists for this particular RX interface use it, + * else use the default (at RX = 0) + */ + if (vec_len (redirects) > rx_sw_if_index0) { - rrx0 = &redirect->redirect_by_rx_sw_if_index[rx_sw_if_index0]; - if (~0 != rrx0->tx_sw_if_index) - { - next0 = ip_punt_redirect_tx_via_adj (b0, rrx0->adj_index); - } - else if (~0 != redirect->any_rx_sw_if_index.tx_sw_if_index) - { - rrx0 = &redirect->any_rx_sw_if_index; - next0 = ip_punt_redirect_tx_via_adj (b0, rrx0->adj_index); - } + rrxi0 = redirects[rx_sw_if_index0]; + if (INDEX_INVALID == rrxi0) + rrxi0 = redirects[0]; } - else if (~0 != redirect->any_rx_sw_if_index.tx_sw_if_index) + else if (vec_len (redirects) >= 1) + rrxi0 = redirects[0]; + + if (PREDICT_TRUE (INDEX_INVALID != rrxi0)) { - rrx0 = &redirect->any_rx_sw_if_index; - next0 = ip_punt_redirect_tx_via_adj (b0, rrx0->adj_index); + rrx0 = ip_punt_redirect_get (rrxi0); + vnet_buffer (b0)->ip.adj_index[VLIB_TX] = rrx0->dpo.dpoi_index; + next0 = rrx0->dpo.dpoi_next_node; } if (PREDICT_FALSE (b0->flags & VLIB_BUFFER_IS_TRACED)) @@ -364,8 +341,7 @@ ip_punt_redirect (vlib_main_t * vm, ip_punt_redirect_trace_t *t = vlib_add_trace (vm, node, b0, sizeof (*t)); t->next = next0; - if (rrx0) - t->redirect = *rrx0; + t->rrxi = rrxi0; } vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next, |