aboutsummaryrefslogtreecommitdiffstats
path: root/src/vnet
diff options
context:
space:
mode:
Diffstat (limited to 'src/vnet')
-rw-r--r--src/vnet/CMakeLists.txt65
-rw-r--r--src/vnet/adj/adj.h4
-rw-r--r--src/vnet/adj/adj_glean.c11
-rw-r--r--src/vnet/adj/adj_internal.h2
-rw-r--r--src/vnet/adj/adj_mcast.c3
-rw-r--r--src/vnet/adj/adj_nbr.c19
-rw-r--r--src/vnet/api_errno.h3
-rw-r--r--src/vnet/arp/arp.api100
-rw-r--r--src/vnet/arp/arp.c934
-rw-r--r--src/vnet/arp/arp.h85
-rw-r--r--src/vnet/arp/arp_api.c190
-rw-r--r--src/vnet/arp/arp_packet.h91
-rw-r--r--src/vnet/arp/arp_proxy.c407
-rw-r--r--src/vnet/arp/arp_test.c168
-rw-r--r--src/vnet/bfd/bfd_api.h2
-rw-r--r--src/vnet/bfd/bfd_udp.c8
-rw-r--r--src/vnet/bonding/device.c5
-rw-r--r--src/vnet/ethernet/arp.c3062
-rw-r--r--src/vnet/ethernet/arp.h123
-rw-r--r--src/vnet/ethernet/arp_packet.c111
-rw-r--r--src/vnet/ethernet/arp_packet.h7
-rw-r--r--src/vnet/ethernet/ethernet.h17
-rw-r--r--src/vnet/ethernet/interface.c89
-rw-r--r--src/vnet/ethernet/mac_address.c10
-rw-r--r--src/vnet/ethernet/mac_address.h1
-rw-r--r--src/vnet/fib/fib_entry.c23
-rw-r--r--src/vnet/fib/fib_path.c4
-rw-r--r--src/vnet/fib/fib_table.h8
-rw-r--r--src/vnet/fib/fib_types.c15
-rw-r--r--src/vnet/fib/fib_types.h4
-rw-r--r--src/vnet/fib/ip4_fib.c5
-rw-r--r--src/vnet/fib/ip6_fib.c6
-rw-r--r--src/vnet/ip-neighbor/ip4_neighbor.c319
-rw-r--r--src/vnet/ip-neighbor/ip4_neighbor.h85
-rw-r--r--src/vnet/ip-neighbor/ip6_neighbor.c338
-rw-r--r--src/vnet/ip-neighbor/ip6_neighbor.h112
-rw-r--r--src/vnet/ip-neighbor/ip_neighbor.api168
-rw-r--r--src/vnet/ip-neighbor/ip_neighbor.c1664
-rw-r--r--src/vnet/ip-neighbor/ip_neighbor.h124
-rw-r--r--src/vnet/ip-neighbor/ip_neighbor_api.c298
-rw-r--r--src/vnet/ip-neighbor/ip_neighbor_dp.c39
-rw-r--r--src/vnet/ip-neighbor/ip_neighbor_dp.h38
-rw-r--r--src/vnet/ip-neighbor/ip_neighbor_types.c83
-rw-r--r--src/vnet/ip-neighbor/ip_neighbor_types.h (renamed from src/vnet/ip/ip_neighbor.h)86
-rw-r--r--src/vnet/ip-neighbor/ip_neighbor_watch.c283
-rw-r--r--src/vnet/ip-neighbor/ip_neighbor_watch.h42
-rw-r--r--src/vnet/ip/format.h2
-rw-r--r--src/vnet/ip/icmp46_packet.h223
-rw-r--r--src/vnet/ip/icmp6.c2
-rw-r--r--src/vnet/ip/ip.api495
-rw-r--r--src/vnet/ip/ip4.h8
-rw-r--r--src/vnet/ip/ip46_address.c76
-rw-r--r--src/vnet/ip/ip46_address.h172
-rw-r--r--src/vnet/ip/ip4_forward.c343
-rw-r--r--src/vnet/ip/ip6.h106
-rw-r--r--src/vnet/ip/ip6_forward.c202
-rw-r--r--src/vnet/ip/ip6_link.c873
-rw-r--r--src/vnet/ip/ip6_link.h82
-rw-r--r--src/vnet/ip/ip6_neighbor.c5034
-rw-r--r--src/vnet/ip/ip6_neighbor.h205
-rw-r--r--src/vnet/ip/ip6_packet.h76
-rw-r--r--src/vnet/ip/ip_api.c1378
-rw-r--r--src/vnet/ip/ip_neighbor.c492
-rw-r--r--src/vnet/ip/lookup.c206
-rw-r--r--src/vnet/ip6-nd/ip6_mld.c541
-rw-r--r--src/vnet/ip6-nd/ip6_nd.api236
-rw-r--r--src/vnet/ip6-nd/ip6_nd.c482
-rw-r--r--src/vnet/ip6-nd/ip6_nd.h35
-rw-r--r--src/vnet/ip6-nd/ip6_nd_api.c382
-rw-r--r--src/vnet/ip6-nd/ip6_nd_proxy.c127
-rw-r--r--src/vnet/ip6-nd/ip6_nd_test.c330
-rw-r--r--src/vnet/ip6-nd/ip6_ra.c2261
-rw-r--r--src/vnet/ip6-nd/ip6_ra.h89
-rw-r--r--src/vnet/ip6-nd/rd_cp.api (renamed from src/vnet/ip/rd_cp.api)0
-rw-r--r--src/vnet/ip6-nd/rd_cp.c (renamed from src/vnet/ip/rd_cp.c)121
-rw-r--r--src/vnet/ip6-nd/rd_cp.h33
-rw-r--r--src/vnet/ip6-nd/rd_cp_api.c73
-rw-r--r--src/vnet/l2/l2.api40
-rw-r--r--src/vnet/l2/l2_api.c167
-rw-r--r--src/vnet/l2/l2_arp_term.c481
-rw-r--r--src/vnet/l2/l2_arp_term.h54
-rw-r--r--src/vnet/l2/l2_bd.h2
-rw-r--r--src/vnet/tcp/tcp.c10
-rw-r--r--src/vnet/vnet_all_api_h.h1
84 files changed, 12715 insertions, 11986 deletions
diff --git a/src/vnet/CMakeLists.txt b/src/vnet/CMakeLists.txt
index dcba3c725db..9867b7cc8c0 100644
--- a/src/vnet/CMakeLists.txt
+++ b/src/vnet/CMakeLists.txt
@@ -128,6 +128,7 @@ list(APPEND VNET_API_FILES cop/cop.api)
# Layer 2 protocol: Ethernet
##############################################################################
list(APPEND VNET_SOURCES
+ ethernet/arp_packet.c
ethernet/ethernet_types_api.c
ethernet/format.c
ethernet/init.c
@@ -154,6 +155,7 @@ list(APPEND VNET_HEADERS
ethernet/types.def
ethernet/sfp.h
ethernet/p2p_ethernet.h
+ ethernet/arp_packet.h
)
list(APPEND VNET_API_FILES
@@ -166,6 +168,7 @@ list(APPEND VNET_API_FILES
list(APPEND VNET_SOURCES
l2/feat_bitmap.c
l2/l2_api.c
+ l2/l2_arp_term.c
l2/l2_bd.c
l2/l2_bvi.c
l2/l2_bvi_node.c
@@ -422,6 +425,7 @@ list(APPEND VNET_SOURCES
ip/icmp6.c
ip/ip46_cli.c
ip/ip_types_api.c
+ ip/ip46_address.c
ip/ip4_format.c
ip/ip4_forward.c
ip/ip4_punt_drop.c
@@ -440,12 +444,10 @@ list(APPEND VNET_SOURCES
ip/ip6_punt_drop.c
ip/ip6_hop_by_hop.c
ip/ip6_input.c
- ip/ip6_neighbor.c
+ ip/ip6_link.c
ip/ip6_pg.c
ip/reass/ip6_full_reass.c
ip/reass/ip6_sv_reass.c
- ip/rd_cp.c
- ip/ip_neighbor.c
ip/ip_api.c
ip/ip_checksum.c
ip/ip_frag.c
@@ -486,16 +488,15 @@ list(APPEND VNET_HEADERS
ip/ip4.h
ip/ip4_mtrie.h
ip/ip4_packet.h
+ ip/ip46_address.h
ip/ip6_error.h
ip/ip6.h
ip/ip6_hop_by_hop.h
ip/ip6_hop_by_hop_packet.h
ip/ip6_packet.h
- ip/ip6_neighbor.h
ip/ip.h
ip/ip_packet.h
ip/ip_source_and_port_range_check.h
- ip/ip_neighbor.h
ip/ip_types.h
ip/lookup.h
ip/ports.def
@@ -506,7 +507,6 @@ list(APPEND VNET_HEADERS
list(APPEND VNET_API_FILES
ip/ip.api
- ip/rd_cp.api
ip/punt.api
)
@@ -517,15 +517,25 @@ list(APPEND VNET_MULTIARCH_SOURCES
)
##############################################################################
-# Layer 2/3 ARP
+# Layer 3 neighbours
##############################################################################
list(APPEND VNET_SOURCES
- ethernet/arp.c
+ ip-neighbor/ip_neighbor.c
+ ip-neighbor/ip_neighbor_api.c
+ ip-neighbor/ip_neighbor_dp.c
+ ip-neighbor/ip_neighbor_types.c
+ ip-neighbor/ip_neighbor_watch.c
+ ip-neighbor/ip4_neighbor.c
+ ip-neighbor/ip6_neighbor.c
)
list(APPEND VNET_HEADERS
- ethernet/arp_packet.h
- ethernet/arp.h
+ ip-neighbor/ip_neighbor.h
+ ip-neighbor/ip_neighbor_types.h
+)
+
+list(APPEND VNET_API_FILES
+ ip-neighbor/ip_neighbor.api
)
##############################################################################
@@ -1513,6 +1523,41 @@ list(APPEND VNET_HEADERS
list(APPEND VNET_API_FILES nhrp/nhrp.api)
##############################################################################
+# ARP/ND
+##############################################################################
+
+list (APPEND VNET_SOURCES
+ arp/arp_api.c
+ arp/arp.c
+ arp/arp_proxy.c
+)
+
+list(APPEND VNET_HEADERS
+ arp/arp.h
+)
+
+list(APPEND VNET_API_FILES arp/arp.api)
+
+list (APPEND VNET_SOURCES
+ ip6-nd/ip6_mld.c
+ ip6-nd/ip6_nd.c
+ ip6-nd/ip6_nd_api.c
+ ip6-nd/ip6_nd_proxy.c
+ ip6-nd/ip6_ra.c
+ ip6-nd/rd_cp.c
+ ip6-nd/rd_cp_api.c
+)
+
+list(APPEND VNET_HEADERS
+ ip6-nd/ip6_nd.h
+)
+
+list(APPEND VNET_API_FILES
+ ip6-nd/ip6_nd.api
+ ip6-nd/rd_cp.api
+)
+
+##############################################################################
# VNET Library
##############################################################################
diff --git a/src/vnet/adj/adj.h b/src/vnet/adj/adj.h
index cd6e8382ba5..1a841ed2892 100644
--- a/src/vnet/adj/adj.h
+++ b/src/vnet/adj/adj.h
@@ -326,6 +326,10 @@ typedef struct ip_adjacency_t_
*/
struct adj_delegate_t_ *ia_delegates;
+ /**
+ * The VLIB node in which this adj is used to forward packets
+ */
+ u32 ia_node_index;
} ip_adjacency_t;
STATIC_ASSERT ((STRUCT_OFFSET_OF (ip_adjacency_t, cacheline0) == 0),
diff --git a/src/vnet/adj/adj_glean.c b/src/vnet/adj/adj_glean.c
index a8a422d30ba..338d7320d53 100644
--- a/src/vnet/adj/adj_glean.c
+++ b/src/vnet/adj/adj_glean.c
@@ -24,19 +24,19 @@
*/
static adj_index_t *adj_gleans[FIB_PROTOCOL_MAX];
-static inline vlib_node_registration_t*
+static inline u32
adj_get_glean_node (fib_protocol_t proto)
{
switch (proto) {
case FIB_PROTOCOL_IP4:
- return (&ip4_glean_node);
+ return (ip4_glean_node.index);
case FIB_PROTOCOL_IP6:
- return (&ip6_glean_node);
+ return (ip6_glean_node.index);
case FIB_PROTOCOL_MPLS:
break;
}
ASSERT(0);
- return (NULL);
+ return (~0);
}
/*
@@ -63,6 +63,7 @@ adj_glean_add_or_lock (fib_protocol_t proto,
adj->lookup_next_index = IP_LOOKUP_NEXT_GLEAN;
adj->ia_nh_proto = proto;
adj->ia_link = linkt;
+ adj->ia_node_index = adj_get_glean_node(proto);
adj_gleans[proto][sw_if_index] = adj_get_index(adj);
if (NULL != nh_addr)
@@ -111,7 +112,7 @@ adj_glean_update_rewrite (adj_index_t adj_index)
vnet_rewrite_for_sw_interface(vnet_get_main(),
adj_fib_proto_2_nd(adj->ia_nh_proto),
adj->rewrite_header.sw_if_index,
- adj_get_glean_node(adj->ia_nh_proto)->index,
+ adj->ia_node_index,
VNET_REWRITE_FOR_SW_INTERFACE_ADDRESS_BROADCAST,
&adj->rewrite_header,
sizeof (adj->rewrite_data));
diff --git a/src/vnet/adj/adj_internal.h b/src/vnet/adj/adj_internal.h
index 2053c69342a..adb7a32375d 100644
--- a/src/vnet/adj/adj_internal.h
+++ b/src/vnet/adj/adj_internal.h
@@ -98,7 +98,7 @@ adj_proto_to_46 (fib_protocol_t proto)
* Get a pointer to an adjacency object from its index
*/
static inline adj_index_t
-adj_get_index (ip_adjacency_t *adj)
+adj_get_index (const ip_adjacency_t *adj)
{
return (adj - adj_pool);
}
diff --git a/src/vnet/adj/adj_mcast.c b/src/vnet/adj/adj_mcast.c
index 4d7172cdb58..590652244e6 100644
--- a/src/vnet/adj/adj_mcast.c
+++ b/src/vnet/adj/adj_mcast.c
@@ -66,11 +66,12 @@ adj_mcast_add_or_lock (fib_protocol_t proto,
adj->lookup_next_index = IP_LOOKUP_NEXT_MCAST;
adj->ia_nh_proto = proto;
adj->ia_link = link_type;
+ adj->ia_node_index = adj_get_mcast_node(proto);
adj_mcasts[proto][sw_if_index] = adj_get_index(adj);
adj_lock(adj_get_index(adj));
vnet_rewrite_init(vnm, sw_if_index, link_type,
- adj_get_mcast_node(proto),
+ adj->ia_node_index,
vnet_tx_node_index_for_sw_interface(vnm, sw_if_index),
&adj->rewrite_header);
diff --git a/src/vnet/adj/adj_nbr.c b/src/vnet/adj/adj_nbr.c
index 28ee53e7d49..f769c56d8ec 100644
--- a/src/vnet/adj/adj_nbr.c
+++ b/src/vnet/adj/adj_nbr.c
@@ -464,6 +464,7 @@ adj_nbr_update_rewrite_internal (ip_adjacency_t *adj,
vlib_worker_thread_barrier_sync(vm);
adj->lookup_next_index = adj_next_index;
+ adj->ia_node_index = this_node;
if (NULL != rewrite)
{
@@ -666,15 +667,17 @@ adj_nbr_walk_nh (u32 sw_if_index,
if (!ADJ_NBR_ITF_OK(adj_nh_proto, sw_if_index))
return;
- vnet_link_t linkt;
- adj_index_t ai;
-
- FOR_EACH_VNET_LINK(linkt)
+ switch (adj_nh_proto)
{
- ai = adj_nbr_find (adj_nh_proto, linkt, nh, sw_if_index);
-
- if (INDEX_INVALID != ai)
- cb(ai, ctx);
+ case FIB_PROTOCOL_IP4:
+ adj_nbr_walk_nh4(sw_if_index, &nh->ip4, cb, ctx);
+ break;
+ case FIB_PROTOCOL_IP6:
+ adj_nbr_walk_nh6(sw_if_index, &nh->ip6, cb, ctx);
+ break;
+ case FIB_PROTOCOL_MPLS:
+ ASSERT(0);
+ break;
}
}
diff --git a/src/vnet/api_errno.h b/src/vnet/api_errno.h
index 2fbedf2eed6..9e261d73763 100644
--- a/src/vnet/api_errno.h
+++ b/src/vnet/api_errno.h
@@ -152,7 +152,8 @@ _(KEY_LENGTH, -156, "invalid Key Length") \
_(FIB_PATH_UNSUPPORTED_NH_PROTO, -157, "Unsupported FIB Path protocol") \
_(API_ENDIAN_FAILED, -159, "Endian mismatch detected") \
_(NO_CHANGE, -160, "No change in table") \
-_(MISSING_CERT_KEY, -161, "Missing certifcate or key")
+_(MISSING_CERT_KEY, -161, "Missing certifcate or key") \
+_(LIMIT_EXCEEDED, -162, "limit exceeded")
typedef enum
{
diff --git a/src/vnet/arp/arp.api b/src/vnet/arp/arp.api
new file mode 100644
index 00000000000..27bfa3b65c6
--- /dev/null
+++ b/src/vnet/arp/arp.api
@@ -0,0 +1,100 @@
+/* Hey Emacs use -*- mode: C -*- */
+/*
+ * Copyright (c) 2019 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/** \file
+ This file defines the vpp control-plane API messages
+ used to control the ABF plugin
+*/
+
+option version = "1.0.0";
+
+import "vnet/ip/ip_types.api";
+import "vnet/ethernet/ethernet_types.api";
+import "vnet/interface_types.api";
+
+/** \brief Proxy ARP configuration type
+ @param table_id - VRF / Fib table ID
+ @param low - Low address of the Proxy ARP range
+ @param hi - High address of the Proxy ARP range
+*/
+typedef proxy_arp
+{
+ u32 table_id;
+ vl_api_ip4_address_t low;
+ vl_api_ip4_address_t hi;
+};
+
+/** \brief Proxy ARP add / del request
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param is_add - 1 if adding the Proxy ARP range, 0 if deleting
+ @param proxy - Proxy configuration
+*/
+autoreply define proxy_arp_add_del
+{
+ u32 client_index;
+ u32 context;
+ bool is_add;
+ vl_api_proxy_arp_t proxy;
+};
+
+/** \brief Proxy ARP dump request
+ */
+define proxy_arp_dump
+{
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief Proxy ARP dump details reply
+ * @param proxy - Same data as used to configure
+ */
+define proxy_arp_details
+{
+ u32 context;
+ vl_api_proxy_arp_t proxy;
+};
+
+/** \brief Proxy ARP add / del interface request
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param sw_if_index - Which interface to enable / disable Proxy Arp on
+ @param enable - 1 to enable Proxy ARP on interface, 0 to disable
+*/
+autoreply define proxy_arp_intfc_enable_disable
+{
+ u32 client_index;
+ u32 context;
+ vl_api_interface_index_t sw_if_index;
+ bool enable;
+};
+
+/** \brief Proxy ARP interface dump request
+ */
+define proxy_arp_intfc_dump
+{
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief Proxy ARP interface dump details reply
+ * @param sw_if_index The interface on which ARP proxy is enabled.
+ */
+define proxy_arp_intfc_details
+{
+ u32 context;
+ u32 sw_if_index;
+};
diff --git a/src/vnet/arp/arp.c b/src/vnet/arp/arp.c
new file mode 100644
index 00000000000..14a1ae97d1e
--- /dev/null
+++ b/src/vnet/arp/arp.c
@@ -0,0 +1,934 @@
+/*
+ * ethernet/arp.c: IP v4 ARP node
+ *
+ * Copyright (c) 2010 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <vnet/arp/arp.h>
+#include <vnet/arp/arp_packet.h>
+
+#include <vnet/fib/ip4_fib.h>
+#include <vnet/fib/fib_entry_src.h>
+#include <vnet/adj/adj_nbr.h>
+#include <vnet/adj/adj_mcast.h>
+
+#include <vnet/ip-neighbor/ip_neighbor.h>
+#include <vnet/ip-neighbor/ip_neighbor_dp.h>
+
+#include <vlibmemory/api.h>
+
+/**
+ * @file
+ * @brief IPv4 ARP.
+ *
+ * This file contains code to manage the IPv4 ARP tables (IP Address
+ * to MAC Address lookup).
+ */
+
+/**
+ * @brief Per-interface ARP configuration and state
+ */
+typedef struct ethernet_arp_interface_t_
+{
+ /**
+ * Is ARP enabled on this interface
+ */
+ u32 enabled;
+} ethernet_arp_interface_t;
+
+typedef struct
+{
+ /* Hash tables mapping name to opcode. */
+ uword *opcode_by_name;
+
+ /** Per interface state */
+ ethernet_arp_interface_t *ethernet_arp_by_sw_if_index;
+
+ /* ARP feature arc index */
+ u8 feature_arc_index;
+} ethernet_arp_main_t;
+
+static ethernet_arp_main_t ethernet_arp_main;
+
+static const u8 vrrp_prefix[] = { 0x00, 0x00, 0x5E, 0x00, 0x01 };
+
+static uword
+unformat_ethernet_arp_opcode_host_byte_order (unformat_input_t * input,
+ va_list * args)
+{
+ int *result = va_arg (*args, int *);
+ ethernet_arp_main_t *am = &ethernet_arp_main;
+ int x, i;
+
+ /* Numeric opcode. */
+ if (unformat (input, "0x%x", &x) || unformat (input, "%d", &x))
+ {
+ if (x >= (1 << 16))
+ return 0;
+ *result = x;
+ return 1;
+ }
+
+ /* Named type. */
+ if (unformat_user (input, unformat_vlib_number_by_name,
+ am->opcode_by_name, &i))
+ {
+ *result = i;
+ return 1;
+ }
+
+ return 0;
+}
+
+static uword
+unformat_ethernet_arp_opcode_net_byte_order (unformat_input_t * input,
+ va_list * args)
+{
+ int *result = va_arg (*args, int *);
+ if (!unformat_user
+ (input, unformat_ethernet_arp_opcode_host_byte_order, result))
+ return 0;
+
+ *result = clib_host_to_net_u16 ((u16) * result);
+ return 1;
+}
+
+typedef struct
+{
+ u8 packet_data[64];
+} ethernet_arp_input_trace_t;
+
+static u8 *
+format_ethernet_arp_input_trace (u8 * s, va_list * va)
+{
+ CLIB_UNUSED (vlib_main_t * vm) = va_arg (*va, vlib_main_t *);
+ CLIB_UNUSED (vlib_node_t * node) = va_arg (*va, vlib_node_t *);
+ ethernet_arp_input_trace_t *t = va_arg (*va, ethernet_arp_input_trace_t *);
+
+ s = format (s, "%U",
+ format_ethernet_arp_header,
+ t->packet_data, sizeof (t->packet_data));
+
+ return s;
+}
+
+static int
+arp_is_enabled (ethernet_arp_main_t * am, u32 sw_if_index)
+{
+ if (vec_len (am->ethernet_arp_by_sw_if_index) <= sw_if_index)
+ return 0;
+
+ return (am->ethernet_arp_by_sw_if_index[sw_if_index].enabled);
+}
+
+static void
+arp_enable (ethernet_arp_main_t * am, u32 sw_if_index)
+{
+ if (arp_is_enabled (am, sw_if_index))
+ return;
+
+ vec_validate (am->ethernet_arp_by_sw_if_index, sw_if_index);
+
+ am->ethernet_arp_by_sw_if_index[sw_if_index].enabled = 1;
+
+ vnet_feature_enable_disable ("arp", "arp-reply", sw_if_index, 1, NULL, 0);
+ vnet_feature_enable_disable ("arp", "arp-disabled", sw_if_index, 0, NULL,
+ 0);
+}
+
+static void
+arp_disable (ethernet_arp_main_t * am, u32 sw_if_index)
+{
+ if (!arp_is_enabled (am, sw_if_index))
+ return;
+
+ vnet_feature_enable_disable ("arp", "arp-disabled", sw_if_index, 1, NULL,
+ 0);
+ vnet_feature_enable_disable ("arp", "arp-reply", sw_if_index, 0, NULL, 0);
+
+ am->ethernet_arp_by_sw_if_index[sw_if_index].enabled = 0;
+}
+
+static int
+arp_unnumbered (vlib_buffer_t * p0,
+ u32 input_sw_if_index, u32 conn_sw_if_index)
+{
+ vnet_main_t *vnm = vnet_get_main ();
+ vnet_interface_main_t *vim = &vnm->interface_main;
+ vnet_sw_interface_t *si;
+
+ /* verify that the input interface is unnumbered to the connected.
+ * the connected interface is the interface on which the subnet is
+ * configured */
+ si = &vim->sw_interfaces[input_sw_if_index];
+
+ if (!(si->flags & VNET_SW_INTERFACE_FLAG_UNNUMBERED &&
+ (si->unnumbered_sw_if_index == conn_sw_if_index)))
+ {
+ /* the input interface is not unnumbered to the interface on which
+ * the sub-net is configured that covers the ARP request.
+ * So this is not the case for unnumbered.. */
+ return 0;
+ }
+
+ return !0;
+}
+
+always_inline u32
+arp_learn (u32 sw_if_index,
+ const ethernet_arp_ip4_over_ethernet_address_t * addr)
+{
+ ip_neighbor_learn_t l = {
+ .ip.ip4 = addr->ip4,
+ .type = IP46_TYPE_IP4,
+ .mac = addr->mac,
+ .sw_if_index = sw_if_index,
+ };
+
+ ip_neighbor_learn_dp (&l);
+
+ return (ETHERNET_ARP_ERROR_l3_src_address_learned);
+}
+
+typedef enum arp_input_next_t_
+{
+ ARP_INPUT_NEXT_DROP,
+ ARP_INPUT_NEXT_DISABLED,
+ ARP_INPUT_N_NEXT,
+} arp_input_next_t;
+
+static uword
+arp_input (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame)
+{
+ u32 n_left_from, next_index, *from, *to_next, n_left_to_next;
+ ethernet_arp_main_t *am = &ethernet_arp_main;
+
+ from = vlib_frame_vector_args (frame);
+ n_left_from = frame->n_vectors;
+ next_index = node->cached_next_index;
+
+ if (node->flags & VLIB_NODE_FLAG_TRACE)
+ vlib_trace_frame_buffers_only (vm, node, from, frame->n_vectors,
+ /* stride */ 1,
+ sizeof (ethernet_arp_input_trace_t));
+
+ while (n_left_from > 0)
+ {
+ vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
+
+ while (n_left_from > 0 && n_left_to_next > 0)
+ {
+ const ethernet_arp_header_t *arp0;
+ arp_input_next_t next0;
+ vlib_buffer_t *p0;
+ u32 pi0, error0;
+
+ pi0 = to_next[0] = from[0];
+ from += 1;
+ to_next += 1;
+ n_left_from -= 1;
+ n_left_to_next -= 1;
+
+ p0 = vlib_get_buffer (vm, pi0);
+ arp0 = vlib_buffer_get_current (p0);
+
+ error0 = ETHERNET_ARP_ERROR_replies_sent;
+ next0 = ARP_INPUT_NEXT_DROP;
+
+ error0 =
+ (arp0->l2_type !=
+ clib_net_to_host_u16 (ETHERNET_ARP_HARDWARE_TYPE_ethernet) ?
+ ETHERNET_ARP_ERROR_l2_type_not_ethernet : error0);
+ error0 =
+ (arp0->l3_type !=
+ clib_net_to_host_u16 (ETHERNET_TYPE_IP4) ?
+ ETHERNET_ARP_ERROR_l3_type_not_ip4 : error0);
+ error0 =
+ (0 == arp0->ip4_over_ethernet[0].ip4.as_u32 ?
+ ETHERNET_ARP_ERROR_l3_dst_address_unset : error0);
+
+ if (ETHERNET_ARP_ERROR_replies_sent == error0)
+ {
+ next0 = ARP_INPUT_NEXT_DISABLED;
+ vnet_feature_arc_start (am->feature_arc_index,
+ vnet_buffer (p0)->sw_if_index[VLIB_RX],
+ &next0, p0);
+ }
+ else
+ p0->error = node->errors[error0];
+
+ vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
+ n_left_to_next, pi0, next0);
+ }
+
+ vlib_put_next_frame (vm, node, next_index, n_left_to_next);
+ }
+
+ return frame->n_vectors;
+}
+
+typedef enum arp_disabled_next_t_
+{
+ ARP_DISABLED_NEXT_DROP,
+ ARP_DISABLED_N_NEXT,
+} arp_disabled_next_t;
+
+#define foreach_arp_disabled_error \
+ _ (DISABLED, "ARP Disabled on this interface") \
+
+typedef enum
+{
+#define _(sym,string) ARP_DISABLED_ERROR_##sym,
+ foreach_arp_disabled_error
+#undef _
+ ARP_DISABLED_N_ERROR,
+} arp_disabled_error_t;
+
+static char *arp_disabled_error_strings[] = {
+#define _(sym,string) string,
+ foreach_arp_disabled_error
+#undef _
+};
+
+static uword
+arp_disabled (vlib_main_t * vm,
+ vlib_node_runtime_t * node, vlib_frame_t * frame)
+{
+ u32 n_left_from, next_index, *from, *to_next, n_left_to_next;
+
+ from = vlib_frame_vector_args (frame);
+ n_left_from = frame->n_vectors;
+ next_index = node->cached_next_index;
+
+ if (node->flags & VLIB_NODE_FLAG_TRACE)
+ vlib_trace_frame_buffers_only (vm, node, from, frame->n_vectors,
+ /* stride */ 1,
+ sizeof (ethernet_arp_input_trace_t));
+
+ while (n_left_from > 0)
+ {
+ vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
+
+ while (n_left_from > 0 && n_left_to_next > 0)
+ {
+ arp_disabled_next_t next0 = ARP_DISABLED_NEXT_DROP;
+ vlib_buffer_t *p0;
+ u32 pi0, error0;
+
+ next0 = ARP_DISABLED_NEXT_DROP;
+ error0 = ARP_DISABLED_ERROR_DISABLED;
+
+ pi0 = to_next[0] = from[0];
+ from += 1;
+ to_next += 1;
+ n_left_from -= 1;
+ n_left_to_next -= 1;
+
+ p0 = vlib_get_buffer (vm, pi0);
+ p0->error = node->errors[error0];
+
+ vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
+ n_left_to_next, pi0, next0);
+ }
+
+ vlib_put_next_frame (vm, node, next_index, n_left_to_next);
+ }
+
+ return frame->n_vectors;
+}
+
+enum arp_dst_fib_type
+{
+ ARP_DST_FIB_NONE,
+ ARP_DST_FIB_ADJ,
+ ARP_DST_FIB_CONN
+};
+
+/*
+ * we're looking for FIB sources that indicate the destination
+ * is attached. There may be interposed DPO prior to the one
+ * we are looking for
+ */
+static enum arp_dst_fib_type
+arp_dst_fib_check (const fib_node_index_t fei, fib_entry_flag_t * flags)
+{
+ const fib_entry_t *entry = fib_entry_get (fei);
+ const fib_entry_src_t *entry_src;
+ fib_source_t src;
+ /* *INDENT-OFF* */
+ FOR_EACH_SRC_ADDED(entry, entry_src, src,
+ ({
+ *flags = fib_entry_get_flags_for_source (fei, src);
+ if (fib_entry_is_sourced (fei, FIB_SOURCE_ADJ))
+ return ARP_DST_FIB_ADJ;
+ else if (FIB_ENTRY_FLAG_CONNECTED & *flags)
+ return ARP_DST_FIB_CONN;
+ }))
+ /* *INDENT-ON* */
+
+ return ARP_DST_FIB_NONE;
+}
+
+static uword
+arp_reply (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame)
+{
+ vnet_main_t *vnm = vnet_get_main ();
+ u32 n_left_from, next_index, *from, *to_next;
+ u32 n_replies_sent = 0;
+
+ from = vlib_frame_vector_args (frame);
+ n_left_from = frame->n_vectors;
+ next_index = node->cached_next_index;
+
+ if (node->flags & VLIB_NODE_FLAG_TRACE)
+ vlib_trace_frame_buffers_only (vm, node, from, frame->n_vectors,
+ /* stride */ 1,
+ sizeof (ethernet_arp_input_trace_t));
+
+ while (n_left_from > 0)
+ {
+ u32 n_left_to_next;
+
+ vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
+
+ while (n_left_from > 0 && n_left_to_next > 0)
+ {
+ vlib_buffer_t *p0;
+ ethernet_arp_header_t *arp0;
+ ethernet_header_t *eth_rx;
+ const ip4_address_t *if_addr0;
+ u32 pi0, error0, next0, sw_if_index0, conn_sw_if_index0, fib_index0;
+ u8 dst_is_local0, is_vrrp_reply0;
+ fib_node_index_t dst_fei, src_fei;
+ const fib_prefix_t *pfx0;
+ fib_entry_flag_t src_flags, dst_flags;
+
+ pi0 = from[0];
+ to_next[0] = pi0;
+ from += 1;
+ to_next += 1;
+ n_left_from -= 1;
+ n_left_to_next -= 1;
+
+ p0 = vlib_get_buffer (vm, pi0);
+ arp0 = vlib_buffer_get_current (p0);
+ /* Fill in ethernet header. */
+ eth_rx = ethernet_buffer_get_header (p0);
+
+ next0 = ARP_REPLY_NEXT_DROP;
+ error0 = ETHERNET_ARP_ERROR_replies_sent;
+ sw_if_index0 = vnet_buffer (p0)->sw_if_index[VLIB_RX];
+
+ /* Check that IP address is local and matches incoming interface. */
+ fib_index0 = ip4_fib_table_get_index_for_sw_if_index (sw_if_index0);
+ if (~0 == fib_index0)
+ {
+ error0 = ETHERNET_ARP_ERROR_interface_no_table;
+ goto drop;
+
+ }
+
+ {
+ /*
+ * we're looking for FIB entries that indicate the source
+ * is attached. There may be more specific non-attached
+ * routes that match the source, but these do not influence
+ * whether we respond to an ARP request, i.e. they do not
+ * influence whether we are the correct way for the sender
+ * to reach us, they only affect how we reach the sender.
+ */
+ fib_entry_t *src_fib_entry;
+ const fib_prefix_t *pfx;
+ fib_entry_src_t *src;
+ fib_source_t source;
+ int attached;
+ int mask;
+
+ mask = 32;
+ attached = 0;
+
+ do
+ {
+ src_fei = ip4_fib_table_lookup (ip4_fib_get (fib_index0),
+ &arp0->
+ ip4_over_ethernet[0].ip4,
+ mask);
+ src_fib_entry = fib_entry_get (src_fei);
+
+ /*
+ * It's possible that the source that provides the
+ * flags we need, or the flags we must not have,
+ * is not the best source, so check then all.
+ */
+ /* *INDENT-OFF* */
+ FOR_EACH_SRC_ADDED(src_fib_entry, src, source,
+ ({
+ src_flags = fib_entry_get_flags_for_source (src_fei, source);
+
+ /* Reject requests/replies with our local interface
+ address. */
+ if (FIB_ENTRY_FLAG_LOCAL & src_flags)
+ {
+ error0 = ETHERNET_ARP_ERROR_l3_src_address_is_local;
+ /*
+ * When VPP has an interface whose address is also
+ * applied to a TAP interface on the host, then VPP's
+ * TAP interface will be unnumbered to the 'real'
+ * interface and do proxy ARP from the host.
+ * The curious aspect of this setup is that ARP requests
+ * from the host will come from the VPP's own address.
+ * So don't drop immediately here, instead go see if this
+ * is a proxy ARP case.
+ */
+ goto next_feature;
+ }
+ /* A Source must also be local to subnet of matching
+ * interface address. */
+ if ((FIB_ENTRY_FLAG_ATTACHED & src_flags) ||
+ (FIB_ENTRY_FLAG_CONNECTED & src_flags))
+ {
+ attached = 1;
+ break;
+ }
+ /*
+ * else
+ * The packet was sent from an address that is not
+ * connected nor attached i.e. it is not from an
+ * address that is covered by a link's sub-net,
+ * nor is it a already learned host resp.
+ */
+ }));
+ /* *INDENT-ON* */
+
+ /*
+ * shorter mask lookup for the next iteration.
+ */
+ pfx = fib_entry_get_prefix (src_fei);
+ mask = pfx->fp_len - 1;
+
+ /*
+ * continue until we hit the default route or we find
+ * the attached we are looking for. The most likely
+ * outcome is we find the attached with the first source
+ * on the first lookup.
+ */
+ }
+ while (!attached &&
+ !fib_entry_is_sourced (src_fei, FIB_SOURCE_DEFAULT_ROUTE));
+
+ if (!attached)
+ {
+ /*
+ * the matching route is a not attached, i.e. it was
+ * added as a result of routing, rather than interface/ARP
+ * configuration. If the matching route is not a host route
+ * (i.e. a /32)
+ */
+ error0 = ETHERNET_ARP_ERROR_l3_src_address_not_local;
+ goto drop;
+ }
+ }
+
+ dst_fei = ip4_fib_table_lookup (ip4_fib_get (fib_index0),
+ &arp0->ip4_over_ethernet[1].ip4,
+ 32);
+ switch (arp_dst_fib_check (dst_fei, &dst_flags))
+ {
+ case ARP_DST_FIB_ADJ:
+ /*
+ * We matched an adj-fib on ths source subnet (a /32 previously
+ * added as a result of ARP). If this request is a gratuitous
+ * ARP, then learn from it.
+ * The check for matching an adj-fib, is to prevent hosts
+ * from spamming us with gratuitous ARPS that might otherwise
+ * blow our ARP cache
+ */
+ if (arp0->ip4_over_ethernet[0].ip4.as_u32 ==
+ arp0->ip4_over_ethernet[1].ip4.as_u32)
+ error0 =
+ arp_learn (sw_if_index0, &arp0->ip4_over_ethernet[0]);
+ goto drop;
+ case ARP_DST_FIB_CONN:
+ /* destination is connected, continue to process */
+ break;
+ case ARP_DST_FIB_NONE:
+ /* destination is not connected, stop here */
+ error0 = ETHERNET_ARP_ERROR_l3_dst_address_not_local;
+ goto next_feature;
+ }
+
+ dst_is_local0 = (FIB_ENTRY_FLAG_LOCAL & dst_flags);
+ pfx0 = fib_entry_get_prefix (dst_fei);
+ if_addr0 = &pfx0->fp_addr.ip4;
+
+ is_vrrp_reply0 =
+ ((arp0->opcode ==
+ clib_host_to_net_u16 (ETHERNET_ARP_OPCODE_reply))
+ &&
+ (!memcmp
+ (arp0->ip4_over_ethernet[0].mac.bytes, vrrp_prefix,
+ sizeof (vrrp_prefix))));
+
+ /* Trash ARP packets whose ARP-level source addresses do not
+ match their L2-frame-level source addresses, unless it's
+ a reply from a VRRP virtual router */
+ if (!ethernet_mac_address_equal
+ (eth_rx->src_address,
+ arp0->ip4_over_ethernet[0].mac.bytes) && !is_vrrp_reply0)
+ {
+ error0 = ETHERNET_ARP_ERROR_l2_address_mismatch;
+ goto drop;
+ }
+
+ /* Learn or update sender's mapping only for replies to addresses
+ * that are local to the subnet */
+ if (arp0->opcode ==
+ clib_host_to_net_u16 (ETHERNET_ARP_OPCODE_reply))
+ {
+ if (dst_is_local0)
+ error0 =
+ arp_learn (sw_if_index0, &arp0->ip4_over_ethernet[0]);
+ else
+ /* a reply for a non-local destination could be a GARP.
+ * GARPs for hosts we know were handled above, so this one
+ * we drop */
+ error0 = ETHERNET_ARP_ERROR_l3_dst_address_not_local;
+
+ goto next_feature;
+ }
+ else if (arp0->opcode ==
+ clib_host_to_net_u16 (ETHERNET_ARP_OPCODE_request) &&
+ (dst_is_local0 == 0))
+ {
+ goto next_feature;
+ }
+
+ /* Honor unnumbered interface, if any */
+ conn_sw_if_index0 = fib_entry_get_resolving_interface (dst_fei);
+ if (sw_if_index0 != conn_sw_if_index0 ||
+ sw_if_index0 != fib_entry_get_resolving_interface (src_fei))
+ {
+ /*
+ * The interface the ARP is sent to or was received on is not the
+ * interface on which the covering prefix is configured.
+ * Maybe this is a case for unnumbered.
+ */
+ if (!arp_unnumbered (p0, sw_if_index0, conn_sw_if_index0))
+ {
+ error0 = ETHERNET_ARP_ERROR_unnumbered_mismatch;
+ goto drop;
+ }
+ }
+ if (arp0->ip4_over_ethernet[0].ip4.as_u32 ==
+ arp0->ip4_over_ethernet[1].ip4.as_u32)
+ {
+ error0 = ETHERNET_ARP_ERROR_gratuitous_arp;
+ goto drop;
+ }
+
+ next0 = arp_mk_reply (vnm, p0, sw_if_index0,
+ if_addr0, arp0, eth_rx);
+
+ /* We are going to reply to this request, so, in the absence of
+ errors, learn the sender */
+ if (!error0)
+ error0 = arp_learn (sw_if_index0, &arp0->ip4_over_ethernet[1]);
+
+ n_replies_sent += 1;
+ goto enqueue;
+
+ next_feature:
+ vnet_feature_next (&next0, p0);
+ goto enqueue;
+
+ drop:
+ p0->error = node->errors[error0];
+
+ enqueue:
+ vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
+ n_left_to_next, pi0, next0);
+ }
+
+ vlib_put_next_frame (vm, node, next_index, n_left_to_next);
+ }
+
+ vlib_error_count (vm, node->node_index,
+ ETHERNET_ARP_ERROR_replies_sent, n_replies_sent);
+
+ return frame->n_vectors;
+}
+
+
+static char *ethernet_arp_error_strings[] = {
+#define _(sym,string) string,
+ foreach_ethernet_arp_error
+#undef _
+};
+
+/* *INDENT-OFF* */
+
+VLIB_REGISTER_NODE (arp_input_node, static) =
+{
+ .function = arp_input,
+ .name = "arp-input",
+ .vector_size = sizeof (u32),
+ .n_errors = ETHERNET_ARP_N_ERROR,
+ .error_strings = ethernet_arp_error_strings,
+ .n_next_nodes = ARP_INPUT_N_NEXT,
+ .next_nodes = {
+ [ARP_INPUT_NEXT_DROP] = "error-drop",
+ [ARP_INPUT_NEXT_DISABLED] = "arp-disabled",
+ },
+ .format_buffer = format_ethernet_arp_header,
+ .format_trace = format_ethernet_arp_input_trace,
+};
+
+VLIB_REGISTER_NODE (arp_disabled_node, static) =
+{
+ .function = arp_disabled,
+ .name = "arp-disabled",
+ .vector_size = sizeof (u32),
+ .n_errors = ARP_DISABLED_N_ERROR,
+ .error_strings = arp_disabled_error_strings,
+ .n_next_nodes = ARP_DISABLED_N_NEXT,
+ .next_nodes = {
+ [ARP_INPUT_NEXT_DROP] = "error-drop",
+ },
+ .format_buffer = format_ethernet_arp_header,
+ .format_trace = format_ethernet_arp_input_trace,
+};
+
+VLIB_REGISTER_NODE (arp_reply_node, static) =
+{
+ .function = arp_reply,
+ .name = "arp-reply",
+ .vector_size = sizeof (u32),
+ .n_errors = ETHERNET_ARP_N_ERROR,
+ .error_strings = ethernet_arp_error_strings,
+ .n_next_nodes = ARP_REPLY_N_NEXT,
+ .next_nodes = {
+ [ARP_REPLY_NEXT_DROP] = "error-drop",
+ [ARP_REPLY_NEXT_REPLY_TX] = "interface-output",
+ },
+ .format_buffer = format_ethernet_arp_header,
+ .format_trace = format_ethernet_arp_input_trace,
+};
+
+/* Built-in ARP rx feature path definition */
+VNET_FEATURE_ARC_INIT (arp_feat, static) =
+{
+ .arc_name = "arp",
+ .start_nodes = VNET_FEATURES ("arp-input"),
+ .last_in_arc = "error-drop",
+ .arc_index_ptr = &ethernet_arp_main.feature_arc_index,
+};
+
+VNET_FEATURE_INIT (arp_reply_feat_node, static) =
+{
+ .arc_name = "arp",
+ .node_name = "arp-reply",
+ .runs_before = VNET_FEATURES ("arp-disabled"),
+};
+
+VNET_FEATURE_INIT (arp_proxy_feat_node, static) =
+{
+ .arc_name = "arp",
+ .node_name = "arp-proxy",
+ .runs_after = VNET_FEATURES ("arp-reply"),
+ .runs_before = VNET_FEATURES ("arp-disabled"),
+};
+
+VNET_FEATURE_INIT (arp_disabled_feat_node, static) =
+{
+ .arc_name = "arp",
+ .node_name = "arp-disabled",
+ .runs_before = VNET_FEATURES ("error-drop"),
+};
+
+VNET_FEATURE_INIT (arp_drop_feat_node, static) =
+{
+ .arc_name = "arp",
+ .node_name = "error-drop",
+ .runs_before = 0, /* last feature */
+};
+
+/* *INDENT-ON* */
+
+typedef struct
+{
+ pg_edit_t l2_type, l3_type;
+ pg_edit_t n_l2_address_bytes, n_l3_address_bytes;
+ pg_edit_t opcode;
+ struct
+ {
+ pg_edit_t mac;
+ pg_edit_t ip4;
+ } ip4_over_ethernet[2];
+} pg_ethernet_arp_header_t;
+
+static inline void
+pg_ethernet_arp_header_init (pg_ethernet_arp_header_t * p)
+{
+ /* Initialize fields that are not bit fields in the IP header. */
+#define _(f) pg_edit_init (&p->f, ethernet_arp_header_t, f);
+ _(l2_type);
+ _(l3_type);
+ _(n_l2_address_bytes);
+ _(n_l3_address_bytes);
+ _(opcode);
+ _(ip4_over_ethernet[0].mac);
+ _(ip4_over_ethernet[0].ip4);
+ _(ip4_over_ethernet[1].mac);
+ _(ip4_over_ethernet[1].ip4);
+#undef _
+}
+
+uword
+unformat_pg_arp_header (unformat_input_t * input, va_list * args)
+{
+ pg_stream_t *s = va_arg (*args, pg_stream_t *);
+ pg_ethernet_arp_header_t *p;
+ u32 group_index;
+
+ p = pg_create_edit_group (s, sizeof (p[0]), sizeof (ethernet_arp_header_t),
+ &group_index);
+ pg_ethernet_arp_header_init (p);
+
+ /* Defaults. */
+ pg_edit_set_fixed (&p->l2_type, ETHERNET_ARP_HARDWARE_TYPE_ethernet);
+ pg_edit_set_fixed (&p->l3_type, ETHERNET_TYPE_IP4);
+ pg_edit_set_fixed (&p->n_l2_address_bytes, 6);
+ pg_edit_set_fixed (&p->n_l3_address_bytes, 4);
+
+ if (!unformat (input, "%U: %U/%U -> %U/%U",
+ unformat_pg_edit,
+ unformat_ethernet_arp_opcode_net_byte_order, &p->opcode,
+ unformat_pg_edit,
+ unformat_mac_address_t, &p->ip4_over_ethernet[0].mac,
+ unformat_pg_edit,
+ unformat_ip4_address, &p->ip4_over_ethernet[0].ip4,
+ unformat_pg_edit,
+ unformat_mac_address_t, &p->ip4_over_ethernet[1].mac,
+ unformat_pg_edit,
+ unformat_ip4_address, &p->ip4_over_ethernet[1].ip4))
+ {
+ /* Free up any edits we may have added. */
+ pg_free_edit_group (s);
+ return 0;
+ }
+ return 1;
+}
+
+/*
+ * callback when an interface address is added or deleted
+ */
+static void
+arp_enable_disable_interface (ip4_main_t * im,
+ uword opaque, u32 sw_if_index, u32 is_enable)
+{
+ ethernet_arp_main_t *am = &ethernet_arp_main;
+
+ if (is_enable)
+ arp_enable (am, sw_if_index);
+ else
+ arp_disable (am, sw_if_index);
+}
+
+/*
+ * Remove any arp entries associated with the specified interface
+ */
+static clib_error_t *
+vnet_arp_add_del_sw_interface (vnet_main_t * vnm, u32 sw_if_index, u32 is_add)
+{
+ ethernet_arp_main_t *am = &ethernet_arp_main;
+
+ if (!is_add && sw_if_index != ~0)
+ {
+ arp_disable (am, sw_if_index);
+ }
+ else if (is_add)
+ {
+ vnet_feature_enable_disable ("arp", "arp-disabled",
+ sw_if_index, 1, NULL, 0);
+ }
+
+ return (NULL);
+}
+
+VNET_SW_INTERFACE_ADD_DEL_FUNCTION (vnet_arp_add_del_sw_interface);
+
+const static ip_neighbor_vft_t arp_vft = {
+ .inv_proxy4_add = arp_proxy_add,
+ .inv_proxy4_del = arp_proxy_del,
+ .inv_proxy4_enable = arp_proxy_disable,
+ .inv_proxy4_disable = arp_proxy_disable,
+};
+
+static clib_error_t *
+ethernet_arp_init (vlib_main_t * vm)
+{
+ ethernet_arp_main_t *am = &ethernet_arp_main;
+ ip4_main_t *im = &ip4_main;
+ pg_node_t *pn;
+
+ ethernet_register_input_type (vm, ETHERNET_TYPE_ARP, arp_input_node.index);
+
+ pn = pg_get_node (arp_input_node.index);
+ pn->unformat_edit = unformat_pg_arp_header;
+
+ am->opcode_by_name = hash_create_string (0, sizeof (uword));
+#define _(o) hash_set_mem (am->opcode_by_name, #o, ETHERNET_ARP_OPCODE_##o);
+ foreach_ethernet_arp_opcode;
+#undef _
+
+ /* don't trace ARP error packets */
+ {
+ vlib_node_runtime_t *rt =
+ vlib_node_get_runtime (vm, arp_input_node.index);
+
+#define _(a,b) \
+ vnet_pcap_drop_trace_filter_add_del \
+ (rt->errors[ETHERNET_ARP_ERROR_##a], \
+ 1 /* is_add */);
+ foreach_ethernet_arp_error
+#undef _
+ }
+
+ {
+ ip4_enable_disable_interface_callback_t cb = {
+ .function = arp_enable_disable_interface,
+ };
+ vec_add1 (im->enable_disable_interface_callbacks, cb);
+ }
+
+ ip_neighbor_register (IP46_TYPE_IP4, &arp_vft);
+
+ return 0;
+}
+
+/* *INDENT-OFF* */
+VLIB_INIT_FUNCTION (ethernet_arp_init) =
+{
+ .runs_after = VLIB_INITS("ethernet_init",
+ "ip_neighbor_init"),
+};
+/* *INDENT-ON* */
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/arp/arp.h b/src/vnet/arp/arp.h
new file mode 100644
index 00000000000..7446564b0cf
--- /dev/null
+++ b/src/vnet/arp/arp.h
@@ -0,0 +1,85 @@
+/*
+ * Copyright (c) 2015 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __ARP_H__
+#define __ARP_H__
+
+#include <vnet/ethernet/ethernet.h>
+#include <vnet/ip/ip.h>
+#include <vnet/ethernet/arp_packet.h>
+
+#define foreach_ethernet_arp_error \
+ _ (replies_sent, "ARP replies sent") \
+ _ (l2_type_not_ethernet, "L2 type not ethernet") \
+ _ (l3_type_not_ip4, "L3 type not IP4") \
+ _ (l3_src_address_not_local, "IP4 source address not local to subnet") \
+ _ (l3_dst_address_not_local, "IP4 destination address not local to subnet") \
+ _ (l3_dst_address_unset, "IP4 destination address is unset") \
+ _ (l3_src_address_is_local, "IP4 source address matches local interface") \
+ _ (l3_src_address_learned, "ARP request IP4 source address learned") \
+ _ (replies_received, "ARP replies received") \
+ _ (opcode_not_request, "ARP opcode not request") \
+ _ (proxy_arp_replies_sent, "Proxy ARP replies sent") \
+ _ (l2_address_mismatch, "ARP hw addr does not match L2 frame src addr") \
+ _ (gratuitous_arp, "ARP probe or announcement dropped") \
+ _ (interface_no_table, "Interface is not mapped to an IP table") \
+ _ (interface_not_ip_enabled, "Interface is not IP enabled") \
+ _ (unnumbered_mismatch, "RX interface is unnumbered to different subnet") \
+
+typedef enum
+{
+#define _(sym,string) ETHERNET_ARP_ERROR_##sym,
+ foreach_ethernet_arp_error
+#undef _
+ ETHERNET_ARP_N_ERROR,
+} ethernet_arp_reply_error_t;
+
+extern int arp_proxy_add (u32 fib_index,
+ const ip4_address_t * lo_addr,
+ const ip4_address_t * hi_addr);
+extern int arp_proxy_del (u32 fib_index,
+ const ip4_address_t * lo_addr,
+ const ip4_address_t * hi_addr);
+
+extern int arp_proxy_enable (u32 sw_if_index);
+extern int arp_proxy_disable (u32 sw_if_index);
+
+/**
+ * call back function when walking the DB of proxy ARPs
+ * @return 0 to stop the walk !0 to continue
+ */
+typedef walk_rc_t (proxy_arp_walk_t) (const ip4_address_t * lo_addr,
+ const ip4_address_t * hi_addr,
+ u32 fib_index, void *dat);
+
+extern void proxy_arp_walk (proxy_arp_walk_t cb, void *data);
+
+/**
+ * call back function when walking the DB of proxy ARP interface
+ * @return 0 to stop the walk !0 to continue
+ */
+typedef walk_rc_t (proxy_arp_intf_walk_t) (u32 sw_if_index, void *data);
+
+extern void proxy_arp_intfc_walk (proxy_arp_intf_walk_t cb, void *data);
+
+#endif
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/arp/arp_api.c b/src/vnet/arp/arp_api.c
new file mode 100644
index 00000000000..170bace2b0a
--- /dev/null
+++ b/src/vnet/arp/arp_api.c
@@ -0,0 +1,190 @@
+/*
+ * Copyright (c) 2016 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <stddef.h>
+
+#include <vnet/arp/arp.h>
+
+#include <vnet/fib/fib_table.h>
+#include <vnet/ip/ip_types_api.h>
+
+#include <vpp/app/version.h>
+
+#include <vlibapi/api.h>
+#include <vlibmemory/api.h>
+
+/* define message IDs */
+#include <vnet/format_fns.h>
+#include <vnet/arp/arp.api_enum.h>
+#include <vnet/arp/arp.api_types.h>
+
+/**
+ * Base message ID fot the plugin
+ */
+static u32 arp_base_msg_id;
+#define REPLY_MSG_ID_BASE arp_base_msg_id
+
+#include <vlibapi/api_helper_macros.h>
+
+static void
+vl_api_proxy_arp_add_del_t_handler (vl_api_proxy_arp_add_del_t * mp)
+{
+ vl_api_proxy_arp_add_del_reply_t *rmp;
+ ip4_address_t lo, hi;
+ u32 fib_index;
+ int rv;
+
+ fib_index = fib_table_find (FIB_PROTOCOL_IP4, ntohl (mp->proxy.table_id));
+
+ if (~0 == fib_index)
+ {
+ rv = VNET_API_ERROR_NO_SUCH_FIB;
+ goto out;
+ }
+
+ ip4_address_decode (mp->proxy.low, &lo);
+ ip4_address_decode (mp->proxy.hi, &hi);
+
+ if (mp->is_add)
+ rv = arp_proxy_add (fib_index, &lo, &hi);
+ else
+ rv = arp_proxy_del (fib_index, &lo, &hi);
+
+out:
+ REPLY_MACRO (VL_API_PROXY_ARP_ADD_DEL_REPLY);
+}
+
+typedef struct proxy_arp_walk_ctx_t_
+{
+ vl_api_registration_t *reg;
+ u32 context;
+} proxy_arp_walk_ctx_t;
+
+static walk_rc_t
+send_proxy_arp_details (const ip4_address_t * lo_addr,
+ const ip4_address_t * hi_addr,
+ u32 fib_index, void *data)
+{
+ vl_api_proxy_arp_details_t *mp;
+ proxy_arp_walk_ctx_t *ctx;
+
+ ctx = data;
+
+ mp = vl_msg_api_alloc (sizeof (*mp));
+ clib_memset (mp, 0, sizeof (*mp));
+ mp->_vl_msg_id = ntohs (VL_API_PROXY_ARP_DETAILS + REPLY_MSG_ID_BASE);
+ mp->context = ctx->context;
+ mp->proxy.table_id = htonl (fib_index);
+
+ ip4_address_encode (lo_addr, mp->proxy.low);
+ ip4_address_encode (hi_addr, mp->proxy.hi);
+
+ vl_api_send_msg (ctx->reg, (u8 *) mp);
+
+ return (WALK_CONTINUE);
+}
+
+static void
+vl_api_proxy_arp_dump_t_handler (vl_api_proxy_arp_dump_t * mp)
+{
+ vl_api_registration_t *reg;
+
+ reg = vl_api_client_index_to_registration (mp->client_index);
+ if (!reg)
+ return;
+
+ proxy_arp_walk_ctx_t wctx = {
+ .reg = reg,
+ .context = mp->context,
+ };
+
+ proxy_arp_walk (send_proxy_arp_details, &wctx);
+}
+
+static walk_rc_t
+send_proxy_arp_intfc_details (u32 sw_if_index, void *data)
+{
+ vl_api_proxy_arp_intfc_details_t *mp;
+ proxy_arp_walk_ctx_t *ctx;
+
+ ctx = data;
+
+ mp = vl_msg_api_alloc (sizeof (*mp));
+ clib_memset (mp, 0, sizeof (*mp));
+ mp->_vl_msg_id = ntohs (VL_API_PROXY_ARP_INTFC_DETAILS + REPLY_MSG_ID_BASE);
+ mp->context = ctx->context;
+ mp->sw_if_index = htonl (sw_if_index);
+
+ vl_api_send_msg (ctx->reg, (u8 *) mp);
+
+ return (WALK_CONTINUE);
+}
+
+static void
+vl_api_proxy_arp_intfc_dump_t_handler (vl_api_proxy_arp_intfc_dump_t * mp)
+{
+ vl_api_registration_t *reg;
+
+ reg = vl_api_client_index_to_registration (mp->client_index);
+ if (!reg)
+ return;
+
+ proxy_arp_walk_ctx_t wctx = {
+ .reg = reg,
+ .context = mp->context,
+ };
+
+ proxy_arp_intfc_walk (send_proxy_arp_intfc_details, &wctx);
+}
+
+static void
+ vl_api_proxy_arp_intfc_enable_disable_t_handler
+ (vl_api_proxy_arp_intfc_enable_disable_t * mp)
+{
+ vl_api_proxy_arp_intfc_enable_disable_reply_t *rmp;
+ int rv;
+
+ VALIDATE_SW_IF_INDEX (mp);
+
+ if (mp->enable)
+ rv = arp_proxy_enable (ntohl (mp->sw_if_index));
+ else
+ rv = arp_proxy_disable (ntohl (mp->sw_if_index));
+
+ BAD_SW_IF_INDEX_LABEL;
+
+ REPLY_MACRO (VL_API_PROXY_ARP_INTFC_ENABLE_DISABLE_REPLY);
+}
+
+#include <vnet/arp/arp.api.c>
+
+static clib_error_t *
+arp_api_init (vlib_main_t * vm)
+{
+ /* Ask for a correctly-sized block of API message decode slots */
+ arp_base_msg_id = setup_message_id_table ();
+
+ return 0;
+}
+
+VLIB_INIT_FUNCTION (arp_api_init);
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/arp/arp_packet.h b/src/vnet/arp/arp_packet.h
new file mode 100644
index 00000000000..a860c258f75
--- /dev/null
+++ b/src/vnet/arp/arp_packet.h
@@ -0,0 +1,91 @@
+/*
+ * ethernet/arp.c: IP v4 ARP node
+ *
+ * Copyright (c) 2010 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __ARP_PACKET_H__
+#define __ARP_PACKET_H__
+
+#include <vnet/arp/arp.h>
+
+/* Either we drop the packet or we send a reply to the sender. */
+typedef enum
+{
+ ARP_REPLY_NEXT_DROP,
+ ARP_REPLY_NEXT_REPLY_TX,
+ ARP_REPLY_N_NEXT,
+} arp_reply_next_t;
+
+static_always_inline u32
+arp_mk_reply (vnet_main_t * vnm,
+ vlib_buffer_t * p0,
+ u32 sw_if_index0,
+ const ip4_address_t * if_addr0,
+ ethernet_arp_header_t * arp0, ethernet_header_t * eth_rx)
+{
+ vnet_hw_interface_t *hw_if0;
+ u8 *rewrite0, rewrite0_len;
+ ethernet_header_t *eth_tx;
+ u32 next0;
+
+ /* Send a reply.
+ An adjacency to the sender is not always present,
+ so we use the interface to build us a rewrite string
+ which will contain all the necessary tags. */
+ rewrite0 = ethernet_build_rewrite (vnm, sw_if_index0,
+ VNET_LINK_ARP, eth_rx->src_address);
+ rewrite0_len = vec_len (rewrite0);
+
+ /* Figure out how much to rewind current data from adjacency. */
+ vlib_buffer_advance (p0, -rewrite0_len);
+ eth_tx = vlib_buffer_get_current (p0);
+
+ vnet_buffer (p0)->sw_if_index[VLIB_TX] = sw_if_index0;
+ hw_if0 = vnet_get_sup_hw_interface (vnm, sw_if_index0);
+
+ /* Send reply back through input interface */
+ vnet_buffer (p0)->sw_if_index[VLIB_TX] = sw_if_index0;
+ next0 = ARP_REPLY_NEXT_REPLY_TX;
+
+ arp0->opcode = clib_host_to_net_u16 (ETHERNET_ARP_OPCODE_reply);
+
+ arp0->ip4_over_ethernet[1] = arp0->ip4_over_ethernet[0];
+
+ mac_address_from_bytes (&arp0->ip4_over_ethernet[0].mac,
+ hw_if0->hw_address);
+ clib_mem_unaligned (&arp0->ip4_over_ethernet[0].ip4.data_u32, u32) =
+ if_addr0->data_u32;
+
+ /* Hardware must be ethernet-like. */
+ ASSERT (vec_len (hw_if0->hw_address) == 6);
+
+ /* the rx nd tx ethernet headers wil overlap in the case
+ * when we received a tagged VLAN=0 packet, but we are sending
+ * back untagged */
+ clib_memcpy_fast (eth_tx, rewrite0, vec_len (rewrite0));
+ vec_free (rewrite0);
+
+ return (next0);
+}
+
+#endif
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/arp/arp_proxy.c b/src/vnet/arp/arp_proxy.c
new file mode 100644
index 00000000000..346a21775f8
--- /dev/null
+++ b/src/vnet/arp/arp_proxy.c
@@ -0,0 +1,407 @@
+/*
+ * ethernet/arp.c: IP v4 ARP node
+ *
+ * Copyright (c) 2010 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <vnet/arp/arp.h>
+#include <vnet/arp/arp_packet.h>
+
+#include <vnet/fib/ip4_fib.h>
+
+typedef struct
+{
+ ip4_address_t lo_addr;
+ ip4_address_t hi_addr;
+ u32 fib_index;
+} ethernet_proxy_arp_t;
+
+typedef struct arp_proxy_main_t_
+{
+ /** Per interface state */
+ bool *enabled_by_sw_if_index;
+
+ /* Proxy arp vector */
+ ethernet_proxy_arp_t *proxy_arps;
+} arp_proxy_main_t;
+
+arp_proxy_main_t arp_proxy_main;
+
+void
+proxy_arp_walk (proxy_arp_walk_t cb, void *data)
+{
+ arp_proxy_main_t *am = &arp_proxy_main;
+ ethernet_proxy_arp_t *pa;
+
+ vec_foreach (pa, am->proxy_arps)
+ {
+ if (!cb (&pa->lo_addr, &pa->hi_addr, pa->fib_index, data))
+ break;
+ }
+}
+
+int
+arp_proxy_disable (u32 sw_if_index)
+{
+ arp_proxy_main_t *am = &arp_proxy_main;
+
+ vec_validate (am->enabled_by_sw_if_index, sw_if_index);
+
+ if (am->enabled_by_sw_if_index[sw_if_index])
+ {
+ vnet_feature_enable_disable ("arp", "arp-proxy",
+ sw_if_index, 0, NULL, 0);
+ }
+ am->enabled_by_sw_if_index[sw_if_index] = false;
+
+ return (0);
+}
+
+int
+arp_proxy_enable (u32 sw_if_index)
+{
+ arp_proxy_main_t *am = &arp_proxy_main;
+
+ vec_validate (am->enabled_by_sw_if_index, sw_if_index);
+
+ if (!am->enabled_by_sw_if_index[sw_if_index])
+ {
+ vnet_feature_enable_disable ("arp", "arp-proxy",
+ sw_if_index, 1, NULL, 0);
+ }
+ am->enabled_by_sw_if_index[sw_if_index] = true;
+
+ return (0);
+}
+
+static int
+vnet_proxy_arp_add_del (const ip4_address_t * lo_addr,
+ const ip4_address_t * hi_addr,
+ u32 fib_index, int is_del)
+{
+ arp_proxy_main_t *am = &arp_proxy_main;
+ ethernet_proxy_arp_t *pa;
+ u32 found_at_index = ~0;
+
+ vec_foreach (pa, am->proxy_arps)
+ {
+ if (pa->lo_addr.as_u32 == lo_addr->as_u32 &&
+ pa->hi_addr.as_u32 == hi_addr->as_u32 && pa->fib_index == fib_index)
+ {
+ found_at_index = pa - am->proxy_arps;
+ break;
+ }
+ }
+
+ if (found_at_index != ~0)
+ {
+ /* Delete, otherwise it's already in the table */
+ if (is_del)
+ vec_delete (am->proxy_arps, 1, found_at_index);
+ return 0;
+ }
+ /* delete, no such entry */
+ if (is_del)
+ return VNET_API_ERROR_NO_SUCH_ENTRY;
+
+ /* add, not in table */
+ vec_add2 (am->proxy_arps, pa, 1);
+ pa->lo_addr.as_u32 = lo_addr->as_u32;
+ pa->hi_addr.as_u32 = hi_addr->as_u32;
+ pa->fib_index = fib_index;
+ return 0;
+}
+
+int
+arp_proxy_add (u32 fib_index,
+ const ip4_address_t * lo, const ip4_address_t * hi)
+{
+ return (vnet_proxy_arp_add_del (lo, hi, fib_index, 0));
+}
+
+int
+arp_proxy_del (u32 fib_index,
+ const ip4_address_t * lo, const ip4_address_t * hi)
+{
+ return (vnet_proxy_arp_add_del (lo, hi, fib_index, 1));
+}
+
+void
+proxy_arp_intfc_walk (proxy_arp_intf_walk_t cb, void *data)
+{
+ arp_proxy_main_t *am = &arp_proxy_main;
+ bool *enabled;
+
+ vec_foreach (enabled, am->enabled_by_sw_if_index)
+ {
+ if (*enabled)
+ cb (enabled - am->enabled_by_sw_if_index, data);
+ }
+}
+
+static clib_error_t *
+set_int_proxy_arp_command_fn (vlib_main_t * vm,
+ unformat_input_t *
+ input, vlib_cli_command_t * cmd)
+{
+ vnet_main_t *vnm = vnet_get_main ();
+ u32 sw_if_index;
+ int enable = 0;
+
+ sw_if_index = ~0;
+
+ while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
+ {
+ if (unformat (input, "%U", unformat_vnet_sw_interface,
+ vnm, &sw_if_index))
+ ;
+ else if (unformat (input, "enable") || unformat (input, "on"))
+ enable = 1;
+ else if (unformat (input, "disable") || unformat (input, "off"))
+ enable = 0;
+ else
+ break;
+ }
+
+ if (~0 == sw_if_index)
+ return clib_error_return (0, "unknown input '%U'",
+ format_unformat_error, input);
+
+ if (enable)
+ arp_proxy_enable (sw_if_index);
+ else
+ arp_proxy_disable (sw_if_index);
+
+ return 0;
+}
+
+/* *INDENT-OFF* */
+/*?
+ * Enable proxy-arp on an interface. The vpp stack will answer ARP
+ * requests for the indicated address range. Multiple proxy-arp
+ * ranges may be provisioned.
+ *
+ * @note Proxy ARP as a technology is infamous for blackholing traffic.
+ * Also, the underlying implementation has not been performance-tuned.
+ * Avoid creating an unnecessarily large set of ranges.
+ *
+ * @cliexpar
+ * To enable proxy arp on a range of addresses, use:
+ * @cliexcmd{set ip arp proxy 6.0.0.1 - 6.0.0.11}
+ * Append 'del' to delete a range of proxy ARP addresses:
+ * @cliexcmd{set ip arp proxy 6.0.0.1 - 6.0.0.11 del}
+ * You must then specifically enable proxy arp on individual interfaces:
+ * @cliexcmd{set interface proxy-arp GigabitEthernet0/8/0 enable}
+ * To disable proxy arp on an individual interface:
+ * @cliexcmd{set interface proxy-arp GigabitEthernet0/8/0 disable}
+ ?*/
+VLIB_CLI_COMMAND (set_int_proxy_enable_command, static) = {
+ .path = "set interface proxy-arp",
+ .short_help =
+ "set interface proxy-arp <intfc> [enable|disable]",
+ .function = set_int_proxy_arp_command_fn,
+};
+/* *INDENT-ON* */
+
+typedef struct
+{
+ u8 packet_data[64];
+} ethernet_arp_input_trace_t;
+
+static u8 *
+format_ethernet_arp_input_trace (u8 * s, va_list * va)
+{
+ CLIB_UNUSED (vlib_main_t * vm) = va_arg (*va, vlib_main_t *);
+ CLIB_UNUSED (vlib_node_t * node) = va_arg (*va, vlib_node_t *);
+ ethernet_arp_input_trace_t *t = va_arg (*va, ethernet_arp_input_trace_t *);
+
+ s = format (s, "%U",
+ format_ethernet_arp_header,
+ t->packet_data, sizeof (t->packet_data));
+
+ return s;
+}
+
+static uword
+arp_proxy (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame)
+{
+ arp_proxy_main_t *am = &arp_proxy_main;
+ vnet_main_t *vnm = vnet_get_main ();
+ u32 n_left_from, next_index, *from, *to_next;
+ u32 n_arp_replies_sent = 0;
+
+ from = vlib_frame_vector_args (frame);
+ n_left_from = frame->n_vectors;
+ next_index = node->cached_next_index;
+
+ if (node->flags & VLIB_NODE_FLAG_TRACE)
+ vlib_trace_frame_buffers_only (vm, node, from, frame->n_vectors,
+ /* stride */ 1,
+ sizeof (ethernet_arp_input_trace_t));
+
+ while (n_left_from > 0)
+ {
+ u32 n_left_to_next;
+
+ vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
+
+ while (n_left_from > 0 && n_left_to_next > 0)
+ {
+ vlib_buffer_t *p0;
+ ethernet_arp_header_t *arp0;
+ ethernet_header_t *eth_rx;
+ ip4_address_t proxy_src;
+ u32 pi0, error0, next0, sw_if_index0, fib_index0;
+ u8 is_request0;
+ ethernet_proxy_arp_t *pa;
+
+ pi0 = from[0];
+ to_next[0] = pi0;
+ from += 1;
+ to_next += 1;
+ n_left_from -= 1;
+ n_left_to_next -= 1;
+
+ p0 = vlib_get_buffer (vm, pi0);
+ arp0 = vlib_buffer_get_current (p0);
+ /* Fill in ethernet header. */
+ eth_rx = ethernet_buffer_get_header (p0);
+
+ is_request0 = arp0->opcode
+ == clib_host_to_net_u16 (ETHERNET_ARP_OPCODE_request);
+
+ error0 = ETHERNET_ARP_ERROR_replies_sent;
+ sw_if_index0 = vnet_buffer (p0)->sw_if_index[VLIB_RX];
+ next0 = ARP_REPLY_NEXT_DROP;
+
+ fib_index0 = ip4_fib_table_get_index_for_sw_if_index (sw_if_index0);
+ if (~0 == fib_index0)
+ {
+ error0 = ETHERNET_ARP_ERROR_interface_no_table;
+ }
+
+ if (0 == error0 && is_request0)
+ {
+ u32 this_addr = clib_net_to_host_u32
+ (arp0->ip4_over_ethernet[1].ip4.as_u32);
+
+ vec_foreach (pa, am->proxy_arps)
+ {
+ u32 lo_addr = clib_net_to_host_u32 (pa->lo_addr.as_u32);
+ u32 hi_addr = clib_net_to_host_u32 (pa->hi_addr.as_u32);
+
+ /* an ARP request hit in the proxy-arp table? */
+ if ((this_addr >= lo_addr && this_addr <= hi_addr) &&
+ (fib_index0 == pa->fib_index))
+ {
+ proxy_src.as_u32 =
+ arp0->ip4_over_ethernet[1].ip4.data_u32;
+
+ /*
+ * change the interface address to the proxied
+ */
+ n_arp_replies_sent++;
+
+ next0 =
+ arp_mk_reply (vnm, p0, sw_if_index0, &proxy_src, arp0,
+ eth_rx);
+ }
+ }
+ }
+ else
+ {
+ p0->error = node->errors[error0];
+ }
+
+ vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
+ n_left_to_next, pi0, next0);
+ }
+
+ vlib_put_next_frame (vm, node, next_index, n_left_to_next);
+ }
+
+ vlib_error_count (vm, node->node_index,
+ ETHERNET_ARP_ERROR_replies_sent, n_arp_replies_sent);
+
+ return frame->n_vectors;
+}
+
+static char *ethernet_arp_error_strings[] = {
+#define _(sym,string) string,
+ foreach_ethernet_arp_error
+#undef _
+};
+
+VLIB_REGISTER_NODE (arp_proxy_node, static) =
+{
+ .function = arp_proxy,.name = "arp-proxy",.vector_size =
+ sizeof (u32),.n_errors = ETHERNET_ARP_N_ERROR,.error_strings =
+ ethernet_arp_error_strings,.n_next_nodes = ARP_REPLY_N_NEXT,.next_nodes =
+ {
+ [ARP_REPLY_NEXT_DROP] = "error-drop",
+ [ARP_REPLY_NEXT_REPLY_TX] = "interface-output",}
+,.format_buffer = format_ethernet_arp_header,.format_trace =
+ format_ethernet_arp_input_trace,};
+
+static clib_error_t *
+show_ip4_arp (vlib_main_t * vm,
+ unformat_input_t * input, vlib_cli_command_t * cmd)
+{
+ arp_proxy_main_t *am = &arp_proxy_main;
+ ethernet_proxy_arp_t *pa;
+
+ if (vec_len (am->proxy_arps))
+ {
+ vlib_cli_output (vm, "Proxy arps enabled for:");
+ vec_foreach (pa, am->proxy_arps)
+ {
+ vlib_cli_output (vm, "Fib_index %d %U - %U ",
+ pa->fib_index,
+ format_ip4_address, &pa->lo_addr,
+ format_ip4_address, &pa->hi_addr);
+ }
+ }
+
+ return (NULL);
+}
+
+/*?
+ * Display all the IPv4 ARP proxy entries.
+ *
+ * @cliexpar
+ * Example of how to display the IPv4 ARP table:
+ * @cliexstart{show ip arp}
+ * Time FIB IP4 Flags Ethernet Interface
+ * 346.3028 0 6.1.1.3 de:ad:be:ef:ba:be GigabitEthernet2/0/0
+ * 3077.4271 0 6.1.1.4 S de:ad:be:ef:ff:ff GigabitEthernet2/0/0
+ * 2998.6409 1 6.2.2.3 de:ad:be:ef:00:01 GigabitEthernet2/0/0
+ * Proxy arps enabled for:
+ * Fib_index 0 6.0.0.1 - 6.0.0.11
+ * @cliexend
+ ?*/
+/* *INDENT-OFF* */
+VLIB_CLI_COMMAND (show_ip4_arp_command, static) = {
+ .path = "show arp proxy",
+ .function = show_ip4_arp,
+ .short_help = "show ip arp",
+};
+/* *INDENT-ON* */
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/arp/arp_test.c b/src/vnet/arp/arp_test.c
new file mode 100644
index 00000000000..861d0739406
--- /dev/null
+++ b/src/vnet/arp/arp_test.c
@@ -0,0 +1,168 @@
+/*
+ *------------------------------------------------------------------
+ * arp_test.c
+ *
+ * Copyright (c) 2019 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *------------------------------------------------------------------
+ */
+
+#include <vat/vat.h>
+#include <vlibapi/api.h>
+#include <vlibmemory/api.h>
+#include <vppinfra/error.h>
+
+#include <vnet/ip/ip_format_fns.h>
+
+#include <vpp/api/types.h>
+
+typedef struct
+{
+ /* API message ID base */
+ u16 msg_id_base;
+ u32 ping_id;
+ vat_main_t *vat_main;
+} arp_test_main_t;
+
+arp_test_main_t arp_test_main;
+
+#define __plugin_msg_base arp_test_main.msg_id_base
+#include <vlibapi/vat_helper_macros.h>
+uword unformat_sw_if_index (unformat_input_t * input, va_list * args);
+
+/* Declare message IDs */
+#include <arp/arp.api_enum.h>
+#include <arp/arp.api_types.h>
+#include <vpp/api/vpe.api_types.h>
+
+static int
+api_proxy_arp_dump (vat_main_t * vam)
+{
+ return -1;
+}
+
+static int
+api_proxy_arp_intfc_dump (vat_main_t * vam)
+{
+ return -1;
+}
+
+static void
+vl_api_proxy_arp_details_t_handler (vl_api_proxy_arp_details_t * mp)
+{
+}
+
+static void
+vl_api_proxy_arp_intfc_details_t_handler (vl_api_proxy_arp_intfc_details_t *
+ mp)
+{
+}
+
+static int
+api_proxy_arp_add_del (vat_main_t * vam)
+{
+ unformat_input_t *i = vam->input;
+ vl_api_proxy_arp_add_del_t *mp;
+ u32 vrf_id = 0;
+ u8 is_add = 1;
+ vl_api_ip4_address_t lo, hi;
+ u8 range_set = 0;
+ int ret;
+
+ while (unformat_check_input (i) != UNFORMAT_END_OF_INPUT)
+ {
+ if (unformat (i, "vrf %d", &vrf_id))
+ ;
+ else if (unformat (i, "%U - %U", unformat_vl_api_ip4_address, &lo,
+ unformat_vl_api_ip4_address, &hi))
+ range_set = 1;
+ else if (unformat (i, "del"))
+ is_add = 0;
+ else
+ {
+ clib_warning ("parse error '%U'", format_unformat_error, i);
+ return -99;
+ }
+ }
+
+ if (range_set == 0)
+ {
+ errmsg ("address range not set");
+ return -99;
+ }
+
+ M (PROXY_ARP_ADD_DEL, mp);
+
+ mp->proxy.table_id = ntohl (vrf_id);
+ mp->is_add = is_add;
+ clib_memcpy (mp->proxy.low, &lo, sizeof (lo));
+ clib_memcpy (mp->proxy.hi, &hi, sizeof (hi));
+
+ S (mp);
+ W (ret);
+ return ret;
+}
+
+static int
+api_proxy_arp_intfc_enable_disable (vat_main_t * vam)
+{
+ unformat_input_t *i = vam->input;
+ vl_api_proxy_arp_intfc_enable_disable_t *mp;
+ u32 sw_if_index;
+ u8 enable = 1;
+ u8 sw_if_index_set = 0;
+ int ret;
+
+ while (unformat_check_input (i) != UNFORMAT_END_OF_INPUT)
+ {
+ if (unformat (i, "%U", unformat_sw_if_index, vam, &sw_if_index))
+ sw_if_index_set = 1;
+ else if (unformat (i, "sw_if_index %d", &sw_if_index))
+ sw_if_index_set = 1;
+ else if (unformat (i, "enable"))
+ enable = 1;
+ else if (unformat (i, "disable"))
+ enable = 0;
+ else
+ {
+ clib_warning ("parse error '%U'", format_unformat_error, i);
+ return -99;
+ }
+ }
+
+ if (sw_if_index_set == 0)
+ {
+ errmsg ("missing interface name or sw_if_index");
+ return -99;
+ }
+
+ M (PROXY_ARP_INTFC_ENABLE_DISABLE, mp);
+
+ mp->sw_if_index = ntohl (sw_if_index);
+ mp->enable = enable;
+
+ S (mp);
+ W (ret);
+ return ret;
+}
+
+#include <arp/arp.api_test.c>
+
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/bfd/bfd_api.h b/src/vnet/bfd/bfd_api.h
index 9f0509d5f73..38d342a2e5b 100644
--- a/src/vnet/bfd/bfd_api.h
+++ b/src/vnet/bfd/bfd_api.h
@@ -21,7 +21,7 @@
#include <vnet/api_errno.h>
#include <vnet/vnet.h>
-#include <vnet/ip/ip6_packet.h>
+#include <vnet/ip/ip46_address.h>
#define foreach_bfd_transport(F) \
F (UDP4, "ip4-rewrite") \
diff --git a/src/vnet/bfd/bfd_udp.c b/src/vnet/bfd/bfd_udp.c
index c545042c978..0a9106e78e5 100644
--- a/src/vnet/bfd/bfd_udp.c
+++ b/src/vnet/bfd/bfd_udp.c
@@ -29,7 +29,7 @@
#include <vnet/ip/ip4.h>
#include <vnet/ip/ip6.h>
#include <vnet/ip/ip6_packet.h>
-#include <vnet/ip/ip6_neighbor.h>
+#include <vnet/ip/ip6_link.h>
#include <vnet/adj/adj.h>
#include <vnet/adj/adj_nbr.h>
#include <vnet/dpo/receive_dpo.h>
@@ -612,9 +612,9 @@ bfd_udp_validate_api_input (u32 sw_if_index,
if (ip6_address_is_link_local_unicast (&local_addr->ip6))
{
- ip6_address_t ll_addr;
- ll_addr = ip6_neighbor_get_link_local_address (sw_if_index);
- if (ip6_address_is_equal (&ll_addr, &local_addr->ip6))
+ const ip6_address_t *ll_addr;
+ ll_addr = ip6_get_link_local_address (sw_if_index);
+ if (ip6_address_is_equal (ll_addr, &local_addr->ip6))
{
/* valid address for this interface */
local_ip_valid = 1;
diff --git a/src/vnet/bonding/device.c b/src/vnet/bonding/device.c
index 57f2806472f..550321b3763 100644
--- a/src/vnet/bonding/device.c
+++ b/src/vnet/bonding/device.c
@@ -24,7 +24,7 @@
#include <vnet/bonding/node.h>
#include <vppinfra/lb_hash_hash.h>
#include <vnet/ip/ip.h>
-#include <vnet/ethernet/arp_packet.h>
+#include <vnet/ip-neighbor/ip_neighbor.h>
#define foreach_bond_tx_error \
_(NONE, "no error") \
@@ -799,8 +799,7 @@ bond_active_interface_switch_cb (vnet_main_t * vnm, u32 sw_if_index,
{
bond_main_t *bm = &bond_main;
- send_ip4_garp (bm->vlib_main, sw_if_index);
- send_ip6_na (bm->vlib_main, sw_if_index);
+ ip_neighbor_advertise (bm->vlib_main, IP46_TYPE_BOTH, NULL, sw_if_index);
return (WALK_CONTINUE);
}
diff --git a/src/vnet/ethernet/arp.c b/src/vnet/ethernet/arp.c
deleted file mode 100644
index 6b1069ecb6d..00000000000
--- a/src/vnet/ethernet/arp.c
+++ /dev/null
@@ -1,3062 +0,0 @@
-/*
- * ethernet/arp.c: IP v4 ARP node
- *
- * Copyright (c) 2010 Cisco and/or its affiliates.
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at:
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <vnet/ip/ip.h>
-#include <vnet/ip/ip_neighbor.h>
-#include <vnet/ip/ip6.h>
-#include <vnet/ethernet/ethernet.h>
-#include <vnet/ethernet/arp.h>
-#include <vnet/l2/l2_input.h>
-#include <vppinfra/mhash.h>
-#include <vnet/fib/ip4_fib.h>
-#include <vnet/fib/fib_entry_src.h>
-#include <vnet/adj/adj_nbr.h>
-#include <vnet/adj/adj_mcast.h>
-#include <vnet/mpls/mpls.h>
-#include <vnet/l2/feat_bitmap.h>
-
-#include <vlibmemory/api.h>
-
-/**
- * @file
- * @brief IPv4 ARP.
- *
- * This file contains code to manage the IPv4 ARP tables (IP Address
- * to MAC Address lookup).
- */
-
-
-/**
- * @brief Per-interface ARP configuration and state
- */
-typedef struct ethernet_arp_interface_t_
-{
- /**
- * Hash table of ARP entries.
- * Since this hash table is per-interface, the key is only the IPv4 address.
- */
- uword *arp_entries;
- /**
- * Is ARP enabled on this interface
- */
- u32 enabled;
- /**
- * Is Proxy ARP enabled on this interface
- */
- u32 proxy_enabled;
-} ethernet_arp_interface_t;
-
-typedef struct
-{
- ip4_address_t lo_addr;
- ip4_address_t hi_addr;
- u32 fib_index;
-} ethernet_proxy_arp_t;
-
-typedef struct
-{
- u32 next_index;
- uword node_index;
- uword type_opaque;
- uword data;
- /* Used for arp event notification only */
- arp_change_event_cb_t data_callback;
- u32 pid;
-} pending_resolution_t;
-
-typedef struct
-{
- /* Hash tables mapping name to opcode. */
- uword *opcode_by_name;
-
- /* lite beer "glean" adjacency handling */
- uword *pending_resolutions_by_address;
- pending_resolution_t *pending_resolutions;
-
- /* Mac address change notification */
- uword *mac_changes_by_address;
- pending_resolution_t *mac_changes;
-
- ethernet_arp_ip4_entry_t *ip4_entry_pool;
-
- /* ARP attack mitigation */
- u32 arp_delete_rotor;
- u32 limit_arp_cache_size;
-
- /** Per interface state */
- ethernet_arp_interface_t *ethernet_arp_by_sw_if_index;
-
- /* Proxy arp vector */
- ethernet_proxy_arp_t *proxy_arps;
-
- uword wc_ip4_arp_publisher_node;
- uword wc_ip4_arp_publisher_et;
-
- /* ARP feature arc index */
- u8 feature_arc_index;
-} ethernet_arp_main_t;
-
-static ethernet_arp_main_t ethernet_arp_main;
-
-typedef struct
-{
- u32 sw_if_index;
- ip4_address_t ip4;
- mac_address_t mac;
- ip_neighbor_flags_t nbr_flags;
- u32 flags;
-#define ETHERNET_ARP_ARGS_REMOVE (1<<0)
-#define ETHERNET_ARP_ARGS_FLUSH (1<<1)
-#define ETHERNET_ARP_ARGS_POPULATE (1<<2)
-#define ETHERNET_ARP_ARGS_WC_PUB (1<<3)
-} vnet_arp_set_ip4_over_ethernet_rpc_args_t;
-
-static const u8 vrrp_prefix[] = { 0x00, 0x00, 0x5E, 0x00, 0x01 };
-
-/* Node index for send_garp_na_process */
-u32 send_garp_na_process_node_index;
-
-static void
-set_ip4_over_ethernet_rpc_callback (vnet_arp_set_ip4_over_ethernet_rpc_args_t
- * a);
-
-static u8 *
-format_ethernet_arp_hardware_type (u8 * s, va_list * va)
-{
- ethernet_arp_hardware_type_t h = va_arg (*va, ethernet_arp_hardware_type_t);
- char *t = 0;
- switch (h)
- {
-#define _(n,f) case n: t = #f; break;
- foreach_ethernet_arp_hardware_type;
-#undef _
-
- default:
- return format (s, "unknown 0x%x", h);
- }
-
- return format (s, "%s", t);
-}
-
-static u8 *
-format_ethernet_arp_opcode (u8 * s, va_list * va)
-{
- ethernet_arp_opcode_t o = va_arg (*va, ethernet_arp_opcode_t);
- char *t = 0;
- switch (o)
- {
-#define _(f) case ETHERNET_ARP_OPCODE_##f: t = #f; break;
- foreach_ethernet_arp_opcode;
-#undef _
-
- default:
- return format (s, "unknown 0x%x", o);
- }
-
- return format (s, "%s", t);
-}
-
-static uword
-unformat_ethernet_arp_opcode_host_byte_order (unformat_input_t * input,
- va_list * args)
-{
- int *result = va_arg (*args, int *);
- ethernet_arp_main_t *am = &ethernet_arp_main;
- int x, i;
-
- /* Numeric opcode. */
- if (unformat (input, "0x%x", &x) || unformat (input, "%d", &x))
- {
- if (x >= (1 << 16))
- return 0;
- *result = x;
- return 1;
- }
-
- /* Named type. */
- if (unformat_user (input, unformat_vlib_number_by_name,
- am->opcode_by_name, &i))
- {
- *result = i;
- return 1;
- }
-
- return 0;
-}
-
-static uword
-unformat_ethernet_arp_opcode_net_byte_order (unformat_input_t * input,
- va_list * args)
-{
- int *result = va_arg (*args, int *);
- if (!unformat_user
- (input, unformat_ethernet_arp_opcode_host_byte_order, result))
- return 0;
-
- *result = clib_host_to_net_u16 ((u16) * result);
- return 1;
-}
-
-static u8 *
-format_ethernet_arp_header (u8 * s, va_list * va)
-{
- ethernet_arp_header_t *a = va_arg (*va, ethernet_arp_header_t *);
- u32 max_header_bytes = va_arg (*va, u32);
- u32 indent;
- u16 l2_type, l3_type;
-
- if (max_header_bytes != 0 && sizeof (a[0]) > max_header_bytes)
- return format (s, "ARP header truncated");
-
- l2_type = clib_net_to_host_u16 (a->l2_type);
- l3_type = clib_net_to_host_u16 (a->l3_type);
-
- indent = format_get_indent (s);
-
- s = format (s, "%U, type %U/%U, address size %d/%d",
- format_ethernet_arp_opcode, clib_net_to_host_u16 (a->opcode),
- format_ethernet_arp_hardware_type, l2_type,
- format_ethernet_type, l3_type,
- a->n_l2_address_bytes, a->n_l3_address_bytes);
-
- if (l2_type == ETHERNET_ARP_HARDWARE_TYPE_ethernet
- && l3_type == ETHERNET_TYPE_IP4)
- {
- s = format (s, "\n%U%U/%U -> %U/%U",
- format_white_space, indent,
- format_mac_address_t, &a->ip4_over_ethernet[0].mac,
- format_ip4_address, &a->ip4_over_ethernet[0].ip4,
- format_mac_address_t, &a->ip4_over_ethernet[1].mac,
- format_ip4_address, &a->ip4_over_ethernet[1].ip4);
- }
- else
- {
- uword n2 = a->n_l2_address_bytes;
- uword n3 = a->n_l3_address_bytes;
- s = format (s, "\n%U%U/%U -> %U/%U",
- format_white_space, indent,
- format_hex_bytes, a->data + 0 * n2 + 0 * n3, n2,
- format_hex_bytes, a->data + 1 * n2 + 0 * n3, n3,
- format_hex_bytes, a->data + 1 * n2 + 1 * n3, n2,
- format_hex_bytes, a->data + 2 * n2 + 1 * n3, n3);
- }
-
- return s;
-}
-
-u8 *
-format_ethernet_arp_ip4_entry (u8 * s, va_list * va)
-{
- vnet_main_t *vnm = va_arg (*va, vnet_main_t *);
- ethernet_arp_ip4_entry_t *e = va_arg (*va, ethernet_arp_ip4_entry_t *);
- vnet_sw_interface_t *si;
-
- if (!e)
- return format (s, "%=12s%=16s%=6s%=20s%=24s", "Time", "IP4",
- "Flags", "Ethernet", "Interface");
-
- si = vnet_get_sw_interface (vnm, e->sw_if_index);
-
- return format (s, "%=12U%=16U%=6U%=20U%U",
- format_vlib_time, vnm->vlib_main, e->time_last_updated,
- format_ip4_address, &e->ip4_address,
- format_ip_neighbor_flags, e->flags,
- format_mac_address_t, &e->mac,
- format_vnet_sw_interface_name, vnm, si);
-}
-
-typedef struct
-{
- u8 packet_data[64];
-} ethernet_arp_input_trace_t;
-
-static u8 *
-format_ethernet_arp_input_trace (u8 * s, va_list * va)
-{
- CLIB_UNUSED (vlib_main_t * vm) = va_arg (*va, vlib_main_t *);
- CLIB_UNUSED (vlib_node_t * node) = va_arg (*va, vlib_node_t *);
- ethernet_arp_input_trace_t *t = va_arg (*va, ethernet_arp_input_trace_t *);
-
- s = format (s, "%U",
- format_ethernet_arp_header,
- t->packet_data, sizeof (t->packet_data));
-
- return s;
-}
-
-static u8 *
-format_arp_term_input_trace (u8 * s, va_list * va)
-{
- CLIB_UNUSED (vlib_main_t * vm) = va_arg (*va, vlib_main_t *);
- CLIB_UNUSED (vlib_node_t * node) = va_arg (*va, vlib_node_t *);
- ethernet_arp_input_trace_t *t = va_arg (*va, ethernet_arp_input_trace_t *);
-
- /* arp-term trace data saved is either arp or ip6/icmp6 packet:
- - for arp, the 1st 16-bit field is hw type of value of 0x0001.
- - for ip6, the first nibble has value of 6. */
- s = format (s, "%U", t->packet_data[0] == 0 ?
- format_ethernet_arp_header : format_ip6_header,
- t->packet_data, sizeof (t->packet_data));
-
- return s;
-}
-
-static void
-arp_nbr_probe (ip_adjacency_t * adj)
-{
- vnet_main_t *vnm = vnet_get_main ();
- ip4_main_t *im = &ip4_main;
- ip_interface_address_t *ia;
- ethernet_arp_header_t *h;
- vnet_hw_interface_t *hi;
- vnet_sw_interface_t *si;
- ip4_address_t *src;
- vlib_buffer_t *b;
- vlib_main_t *vm;
- u32 bi = 0;
-
- vm = vlib_get_main ();
-
- si = vnet_get_sw_interface (vnm, adj->rewrite_header.sw_if_index);
-
- if (!(si->flags & VNET_SW_INTERFACE_FLAG_ADMIN_UP))
- {
- return;
- }
-
- src =
- ip4_interface_address_matching_destination (im,
- &adj->sub_type.nbr.next_hop.
- ip4,
- adj->rewrite_header.
- sw_if_index, &ia);
- if (!src)
- {
- return;
- }
-
- h =
- vlib_packet_template_get_packet (vm, &im->ip4_arp_request_packet_template,
- &bi);
- if (!h)
- return;
-
- hi = vnet_get_sup_hw_interface (vnm, adj->rewrite_header.sw_if_index);
-
- mac_address_from_bytes (&h->ip4_over_ethernet[0].mac, hi->hw_address);
-
- h->ip4_over_ethernet[0].ip4 = src[0];
- h->ip4_over_ethernet[1].ip4 = adj->sub_type.nbr.next_hop.ip4;
-
- b = vlib_get_buffer (vm, bi);
- vnet_buffer (b)->sw_if_index[VLIB_RX] =
- vnet_buffer (b)->sw_if_index[VLIB_TX] = adj->rewrite_header.sw_if_index;
-
- /* Add encapsulation string for software interface (e.g. ethernet header). */
- vnet_rewrite_one_header (adj[0], h, sizeof (ethernet_header_t));
- vlib_buffer_advance (b, -adj->rewrite_header.data_bytes);
-
- {
- vlib_frame_t *f = vlib_get_frame_to_node (vm, hi->output_node_index);
- u32 *to_next = vlib_frame_vector_args (f);
- to_next[0] = bi;
- f->n_vectors = 1;
- vlib_put_frame_to_node (vm, hi->output_node_index, f);
- }
-}
-
-static void
-arp_mk_complete (adj_index_t ai, ethernet_arp_ip4_entry_t * e)
-{
- adj_nbr_update_rewrite
- (ai, ADJ_NBR_REWRITE_FLAG_COMPLETE,
- ethernet_build_rewrite (vnet_get_main (),
- e->sw_if_index,
- adj_get_link_type (ai), &e->mac));
-}
-
-static void
-arp_mk_incomplete (adj_index_t ai)
-{
- ip_adjacency_t *adj = adj_get (ai);
-
- adj_nbr_update_rewrite
- (ai,
- ADJ_NBR_REWRITE_FLAG_INCOMPLETE,
- ethernet_build_rewrite (vnet_get_main (),
- adj->rewrite_header.sw_if_index,
- VNET_LINK_ARP,
- VNET_REWRITE_FOR_SW_INTERFACE_ADDRESS_BROADCAST));
-}
-
-static ethernet_arp_ip4_entry_t *
-arp_entry_find (ethernet_arp_interface_t * eai, const ip4_address_t * addr)
-{
- ethernet_arp_main_t *am = &ethernet_arp_main;
- ethernet_arp_ip4_entry_t *e = NULL;
- uword *p;
-
- if (NULL != eai->arp_entries)
- {
- p = hash_get (eai->arp_entries, addr->as_u32);
- if (!p)
- return (NULL);
-
- e = pool_elt_at_index (am->ip4_entry_pool, p[0]);
- }
-
- return (e);
-}
-
-static adj_walk_rc_t
-arp_mk_complete_walk (adj_index_t ai, void *ctx)
-{
- ethernet_arp_ip4_entry_t *e = ctx;
-
- arp_mk_complete (ai, e);
-
- return (ADJ_WALK_RC_CONTINUE);
-}
-
-static adj_walk_rc_t
-arp_mk_incomplete_walk (adj_index_t ai, void *ctx)
-{
- arp_mk_incomplete (ai);
-
- return (ADJ_WALK_RC_CONTINUE);
-}
-
-static int
-arp_is_enabled (ethernet_arp_main_t * am, u32 sw_if_index)
-{
- if (vec_len (am->ethernet_arp_by_sw_if_index) <= sw_if_index)
- return 0;
-
- return (am->ethernet_arp_by_sw_if_index[sw_if_index].enabled);
-}
-
-static void
-arp_enable (ethernet_arp_main_t * am, u32 sw_if_index)
-{
- if (arp_is_enabled (am, sw_if_index))
- return;
-
- vec_validate (am->ethernet_arp_by_sw_if_index, sw_if_index);
-
- am->ethernet_arp_by_sw_if_index[sw_if_index].enabled = 1;
-
- vnet_feature_enable_disable ("arp", "arp-reply", sw_if_index, 1, NULL, 0);
- vnet_feature_enable_disable ("arp", "arp-disabled", sw_if_index, 0, NULL,
- 0);
-}
-
-static int
-vnet_arp_flush_ip4_over_ethernet_internal (vnet_main_t * vnm,
- vnet_arp_set_ip4_over_ethernet_rpc_args_t
- * args);
-
-static void
-arp_disable (ethernet_arp_main_t * am, u32 sw_if_index)
-{
- ethernet_arp_interface_t *eai;
- ethernet_arp_ip4_entry_t *e;
- u32 i, *to_delete = 0;
- hash_pair_t *pair;
-
- if (!arp_is_enabled (am, sw_if_index))
- return;
-
- vnet_feature_enable_disable ("arp", "arp-disabled", sw_if_index, 1, NULL,
- 0);
- vnet_feature_enable_disable ("arp", "arp-reply", sw_if_index, 0, NULL, 0);
-
- eai = &am->ethernet_arp_by_sw_if_index[sw_if_index];
-
-
- /* *INDENT-OFF* */
- hash_foreach_pair (pair, eai->arp_entries,
- ({
- e = pool_elt_at_index(am->ip4_entry_pool,
- pair->value[0]);
- vec_add1 (to_delete, e - am->ip4_entry_pool);
- }));
- /* *INDENT-ON* */
-
- for (i = 0; i < vec_len (to_delete); i++)
- {
- e = pool_elt_at_index (am->ip4_entry_pool, to_delete[i]);
-
- vnet_arp_set_ip4_over_ethernet_rpc_args_t delme = {
- .ip4.as_u32 = e->ip4_address.as_u32,
- .sw_if_index = e->sw_if_index,
- .flags = ETHERNET_ARP_ARGS_FLUSH,
- };
- mac_address_copy (&delme.mac, &e->mac);
-
- vnet_arp_flush_ip4_over_ethernet_internal (vnet_get_main (), &delme);
- }
-
- vec_free (to_delete);
-
- eai->enabled = 0;
-}
-
-void
-arp_update_adjacency (vnet_main_t * vnm, u32 sw_if_index, u32 ai)
-{
- ethernet_arp_main_t *am = &ethernet_arp_main;
- ethernet_arp_interface_t *arp_int;
- ethernet_arp_ip4_entry_t *e;
- ip_adjacency_t *adj;
-
- adj = adj_get (ai);
-
- arp_enable (am, sw_if_index);
- arp_int = &am->ethernet_arp_by_sw_if_index[sw_if_index];
- e = arp_entry_find (arp_int, &adj->sub_type.nbr.next_hop.ip4);
-
- switch (adj->lookup_next_index)
- {
- case IP_LOOKUP_NEXT_GLEAN:
- adj_glean_update_rewrite (ai);
- break;
- case IP_LOOKUP_NEXT_ARP:
- if (NULL != e)
- {
- adj_nbr_walk_nh4 (sw_if_index,
- &e->ip4_address, arp_mk_complete_walk, e);
- }
- else
- {
- /*
- * no matching ARP entry.
- * construct the rewrite required to for an ARP packet, and stick
- * that in the adj's pipe to smoke.
- */
- adj_nbr_update_rewrite
- (ai,
- ADJ_NBR_REWRITE_FLAG_INCOMPLETE,
- ethernet_build_rewrite
- (vnm,
- sw_if_index,
- VNET_LINK_ARP,
- VNET_REWRITE_FOR_SW_INTERFACE_ADDRESS_BROADCAST));
-
- /*
- * since the FIB has added this adj for a route, it makes sense it
- * may want to forward traffic sometime soon. Let's send a
- * speculative ARP. just one. If we were to do periodically that
- * wouldn't be bad either, but that's more code than i'm prepared to
- * write at this time for relatively little reward.
- */
- arp_nbr_probe (adj);
- }
- break;
- case IP_LOOKUP_NEXT_BCAST:
- adj_nbr_update_rewrite (ai,
- ADJ_NBR_REWRITE_FLAG_COMPLETE,
- ethernet_build_rewrite
- (vnm,
- sw_if_index,
- VNET_LINK_IP4,
- VNET_REWRITE_FOR_SW_INTERFACE_ADDRESS_BROADCAST));
- break;
- case IP_LOOKUP_NEXT_MCAST:
- {
- /*
- * Construct a partial rewrite from the known ethernet mcast dest MAC
- */
- u8 *rewrite;
- u8 offset;
-
- rewrite = ethernet_build_rewrite (vnm,
- sw_if_index,
- adj->ia_link,
- ethernet_ip4_mcast_dst_addr ());
- offset = vec_len (rewrite) - 2;
-
- /*
- * Complete the remaining fields of the adj's rewrite to direct the
- * complete of the rewrite at switch time by copying in the IP
- * dst address's bytes.
- * Offset is 2 bytes into the MAC destination address.
- */
- adj_mcast_update_rewrite (ai, rewrite, offset);
-
- break;
- }
- case IP_LOOKUP_NEXT_DROP:
- case IP_LOOKUP_NEXT_PUNT:
- case IP_LOOKUP_NEXT_LOCAL:
- case IP_LOOKUP_NEXT_REWRITE:
- case IP_LOOKUP_NEXT_MCAST_MIDCHAIN:
- case IP_LOOKUP_NEXT_MIDCHAIN:
- case IP_LOOKUP_NEXT_ICMP_ERROR:
- case IP_LOOKUP_N_NEXT:
- ASSERT (0);
- break;
- }
-}
-
-static void
-arp_adj_fib_add (ethernet_arp_ip4_entry_t * e, u32 fib_index)
-{
- fib_prefix_t pfx = {
- .fp_len = 32,
- .fp_proto = FIB_PROTOCOL_IP4,
- .fp_addr.ip4 = e->ip4_address,
- };
-
- e->fib_entry_index =
- fib_table_entry_path_add (fib_index, &pfx, FIB_SOURCE_ADJ,
- FIB_ENTRY_FLAG_ATTACHED,
- DPO_PROTO_IP4, &pfx.fp_addr,
- e->sw_if_index, ~0, 1, NULL,
- FIB_ROUTE_PATH_FLAG_NONE);
- fib_table_lock (fib_index, FIB_PROTOCOL_IP4, FIB_SOURCE_ADJ);
-}
-
-static void
-arp_adj_fib_remove (ethernet_arp_ip4_entry_t * e, u32 fib_index)
-{
- if (FIB_NODE_INDEX_INVALID != e->fib_entry_index)
- {
- fib_prefix_t pfx = {
- .fp_len = 32,
- .fp_proto = FIB_PROTOCOL_IP4,
- .fp_addr.ip4 = e->ip4_address,
- };
- u32 fib_index;
-
- fib_index = ip4_fib_table_get_index_for_sw_if_index (e->sw_if_index);
-
- fib_table_entry_path_remove (fib_index, &pfx,
- FIB_SOURCE_ADJ,
- DPO_PROTO_IP4,
- &pfx.fp_addr,
- e->sw_if_index, ~0, 1,
- FIB_ROUTE_PATH_FLAG_NONE);
- fib_table_unlock (fib_index, FIB_PROTOCOL_IP4, FIB_SOURCE_ADJ);
- }
-}
-
-static ethernet_arp_ip4_entry_t *
-force_reuse_arp_entry (void)
-{
- ethernet_arp_ip4_entry_t *e;
- ethernet_arp_main_t *am = &ethernet_arp_main;
- u32 count = 0;
- u32 index = pool_next_index (am->ip4_entry_pool, am->arp_delete_rotor);
- if (index == ~0) /* Try again from elt 0 */
- index = pool_next_index (am->ip4_entry_pool, index);
-
- /* Find a non-static random entry to free up for reuse */
- do
- {
- if ((count++ == 100) || (index == ~0))
- return NULL; /* give up after 100 entries */
- e = pool_elt_at_index (am->ip4_entry_pool, index);
- am->arp_delete_rotor = index;
- index = pool_next_index (am->ip4_entry_pool, index);
- }
- while (e->flags & IP_NEIGHBOR_FLAG_STATIC);
-
- /* Remove ARP entry from its interface and update fib */
- hash_unset
- (am->ethernet_arp_by_sw_if_index[e->sw_if_index].arp_entries,
- e->ip4_address.as_u32);
- arp_adj_fib_remove
- (e, ip4_fib_table_get_index_for_sw_if_index (e->sw_if_index));
- adj_nbr_walk_nh4 (e->sw_if_index,
- &e->ip4_address, arp_mk_incomplete_walk, e);
- return e;
-}
-
-static int
-vnet_arp_set_ip4_over_ethernet_internal (vnet_main_t * vnm,
- vnet_arp_set_ip4_over_ethernet_rpc_args_t
- * args)
-{
- ethernet_arp_ip4_entry_t *e = 0;
- ethernet_arp_main_t *am = &ethernet_arp_main;
- vlib_main_t *vm = vlib_get_main ();
- int make_new_arp_cache_entry = 1;
- uword *p;
- pending_resolution_t *pr, *mc;
- ethernet_arp_interface_t *arp_int;
- u32 sw_if_index = args->sw_if_index;
-
- arp_enable (am, sw_if_index);
-
- arp_int = &am->ethernet_arp_by_sw_if_index[sw_if_index];
-
- if (NULL != arp_int->arp_entries)
- {
- p = hash_get (arp_int->arp_entries, args->ip4.as_u32);
- if (p)
- {
- e = pool_elt_at_index (am->ip4_entry_pool, p[0]);
-
- /* Refuse to over-write static arp. */
- if (!(args->nbr_flags & IP_NEIGHBOR_FLAG_STATIC) &&
- (e->flags & IP_NEIGHBOR_FLAG_STATIC))
- {
- /* if MAC address match, still check to send event */
- if (mac_address_equal (&e->mac, &args->mac))
- goto check_customers;
- return -2;
- }
- make_new_arp_cache_entry = 0;
- }
- }
-
- if (make_new_arp_cache_entry)
- {
- if (am->limit_arp_cache_size &&
- pool_elts (am->ip4_entry_pool) >= am->limit_arp_cache_size)
- {
- e = force_reuse_arp_entry ();
- if (NULL == e)
- return -2;
- }
- else
- pool_get (am->ip4_entry_pool, e);
-
- if (NULL == arp_int->arp_entries)
- arp_int->arp_entries = hash_create (0, sizeof (u32));
-
- hash_set (arp_int->arp_entries, args->ip4.as_u32,
- e - am->ip4_entry_pool);
-
- e->sw_if_index = sw_if_index;
- e->ip4_address = args->ip4;
- e->fib_entry_index = FIB_NODE_INDEX_INVALID;
- mac_address_copy (&e->mac, &args->mac);
-
- if (!(args->nbr_flags & IP_NEIGHBOR_FLAG_NO_FIB_ENTRY))
- {
- arp_adj_fib_add (e,
- ip4_fib_table_get_index_for_sw_if_index
- (e->sw_if_index));
- }
- else
- {
- e->flags |= IP_NEIGHBOR_FLAG_NO_FIB_ENTRY;
- }
- }
- else
- {
- /*
- * prevent a DoS attack from the data-plane that
- * spams us with no-op updates to the MAC address
- */
- if (mac_address_equal (&e->mac, &args->mac))
- {
- e->time_last_updated = vlib_time_now (vm);
- goto check_customers;
- }
-
- /* Update ethernet address. */
- mac_address_copy (&e->mac, &args->mac);
- }
-
- /* Update time stamp and flags. */
- e->time_last_updated = vlib_time_now (vm);
- if (args->nbr_flags & IP_NEIGHBOR_FLAG_STATIC)
- {
- e->flags &= ~IP_NEIGHBOR_FLAG_DYNAMIC;
- e->flags |= IP_NEIGHBOR_FLAG_STATIC;
- }
- else
- {
- e->flags &= ~IP_NEIGHBOR_FLAG_STATIC;
- e->flags |= IP_NEIGHBOR_FLAG_DYNAMIC;
- }
-
- adj_nbr_walk_nh4 (sw_if_index, &e->ip4_address, arp_mk_complete_walk, e);
-
-check_customers:
- /* Customer(s) waiting for this address to be resolved? */
- p = hash_get (am->pending_resolutions_by_address, args->ip4.as_u32);
- if (p)
- {
- u32 next_index;
- next_index = p[0];
-
- while (next_index != (u32) ~ 0)
- {
- pr = pool_elt_at_index (am->pending_resolutions, next_index);
- vlib_process_signal_event (vm, pr->node_index,
- pr->type_opaque, pr->data);
- next_index = pr->next_index;
- pool_put (am->pending_resolutions, pr);
- }
-
- hash_unset (am->pending_resolutions_by_address, args->ip4.as_u32);
- }
-
- /* Customer(s) requesting ARP event for this address? */
- p = hash_get (am->mac_changes_by_address, args->ip4.as_u32);
- if (p)
- {
- u32 next_index;
- next_index = p[0];
-
- while (next_index != (u32) ~ 0)
- {
- int rv = 1;
- mc = pool_elt_at_index (am->mac_changes, next_index);
-
- /* Call the user's data callback, return 1 to suppress dup events */
- if (mc->data_callback)
- rv = (mc->data_callback) (mc->data, &args->mac, sw_if_index, 0);
-
- /*
- * Signal the resolver process, as long as the user
- * says they want to be notified
- */
- if (rv == 0)
- vlib_process_signal_event (vm, mc->node_index,
- mc->type_opaque, mc->data);
- next_index = mc->next_index;
- }
- }
-
- return 0;
-}
-
-void
-vnet_register_ip4_arp_resolution_event (vnet_main_t * vnm,
- void *address_arg,
- uword node_index,
- uword type_opaque, uword data)
-{
- ethernet_arp_main_t *am = &ethernet_arp_main;
- ip4_address_t *address = address_arg;
- uword *p;
- pending_resolution_t *pr;
-
- pool_get (am->pending_resolutions, pr);
-
- pr->next_index = ~0;
- pr->node_index = node_index;
- pr->type_opaque = type_opaque;
- pr->data = data;
- pr->data_callback = 0;
-
- p = hash_get (am->pending_resolutions_by_address, address->as_u32);
- if (p)
- {
- /* Insert new resolution at the head of the list */
- pr->next_index = p[0];
- hash_unset (am->pending_resolutions_by_address, address->as_u32);
- }
-
- hash_set (am->pending_resolutions_by_address, address->as_u32,
- pr - am->pending_resolutions);
-}
-
-int
-vnet_add_del_ip4_arp_change_event (vnet_main_t * vnm,
- arp_change_event_cb_t data_callback,
- u32 pid,
- void *address_arg,
- uword node_index,
- uword type_opaque, uword data, int is_add)
-{
- ethernet_arp_main_t *am = &ethernet_arp_main;
- ip4_address_t *address = address_arg;
-
- /* Try to find an existing entry */
- u32 *first = (u32 *) hash_get (am->mac_changes_by_address, address->as_u32);
- u32 *p = first;
- pending_resolution_t *mc;
- while (p && *p != ~0)
- {
- mc = pool_elt_at_index (am->mac_changes, *p);
- if (mc->node_index == node_index && mc->type_opaque == type_opaque
- && mc->pid == pid)
- break;
- p = &mc->next_index;
- }
-
- int found = p && *p != ~0;
- if (is_add)
- {
- if (found)
- return VNET_API_ERROR_ENTRY_ALREADY_EXISTS;
-
- pool_get (am->mac_changes, mc);
- /* *INDENT-OFF* */
- *mc = (pending_resolution_t)
- {
- .next_index = ~0,
- .node_index = node_index,
- .type_opaque = type_opaque,
- .data = data,
- .data_callback = data_callback,
- .pid = pid,
- };
- /* *INDENT-ON* */
-
- /* Insert new resolution at the end of the list */
- u32 new_idx = mc - am->mac_changes;
- if (p)
- p[0] = new_idx;
- else
- hash_set (am->mac_changes_by_address, address->as_u32, new_idx);
- }
- else
- {
- if (!found)
- return VNET_API_ERROR_NO_SUCH_ENTRY;
-
- /* Clients may need to clean up pool entries, too */
- if (data_callback)
- /* no new mac addrs */
- (data_callback) (mc->data, NULL, ~0, NULL);
-
- /* Remove the entry from the list and delete the entry */
- *p = mc->next_index;
- pool_put (am->mac_changes, mc);
-
- /* Remove from hash if we deleted the last entry */
- if (*p == ~0 && p == first)
- hash_unset (am->mac_changes_by_address, address->as_u32);
- }
- return 0;
-}
-
-/* Either we drop the packet or we send a reply to the sender. */
-typedef enum
-{
- ARP_REPLY_NEXT_DROP,
- ARP_REPLY_NEXT_REPLY_TX,
- ARP_REPLY_N_NEXT,
-} arp_reply_next_t;
-
-#define foreach_ethernet_arp_error \
- _ (replies_sent, "ARP replies sent") \
- _ (l2_type_not_ethernet, "L2 type not ethernet") \
- _ (l3_type_not_ip4, "L3 type not IP4") \
- _ (l3_src_address_not_local, "IP4 source address not local to subnet") \
- _ (l3_dst_address_not_local, "IP4 destination address not local to subnet") \
- _ (l3_dst_address_unset, "IP4 destination address is unset") \
- _ (l3_src_address_is_local, "IP4 source address matches local interface") \
- _ (l3_src_address_learned, "ARP request IP4 source address learned") \
- _ (replies_received, "ARP replies received") \
- _ (opcode_not_request, "ARP opcode not request") \
- _ (proxy_arp_replies_sent, "Proxy ARP replies sent") \
- _ (l2_address_mismatch, "ARP hw addr does not match L2 frame src addr") \
- _ (gratuitous_arp, "ARP probe or announcement dropped") \
- _ (interface_no_table, "Interface is not mapped to an IP table") \
- _ (interface_not_ip_enabled, "Interface is not IP enabled") \
- _ (unnumbered_mismatch, "RX interface is unnumbered to different subnet") \
-
-typedef enum
-{
-#define _(sym,string) ETHERNET_ARP_ERROR_##sym,
- foreach_ethernet_arp_error
-#undef _
- ETHERNET_ARP_N_ERROR,
-} ethernet_arp_reply_error_t;
-
-static int
-arp_unnumbered (vlib_buffer_t * p0,
- u32 input_sw_if_index, u32 conn_sw_if_index)
-{
- vnet_main_t *vnm = vnet_get_main ();
- vnet_interface_main_t *vim = &vnm->interface_main;
- vnet_sw_interface_t *si;
-
- /* verify that the input interface is unnumbered to the connected.
- * the connected interface is the interface on which the subnet is
- * configured */
- si = &vim->sw_interfaces[input_sw_if_index];
-
- if (!(si->flags & VNET_SW_INTERFACE_FLAG_UNNUMBERED &&
- (si->unnumbered_sw_if_index == conn_sw_if_index)))
- {
- /* the input interface is not unnumbered to the interface on which
- * the sub-net is configured that covers the ARP request.
- * So this is not the case for unnumbered.. */
- return 0;
- }
-
- return !0;
-}
-
-static u32
-arp_learn (vnet_main_t * vnm,
- ethernet_arp_main_t * am, u32 sw_if_index,
- const ethernet_arp_ip4_over_ethernet_address_t * addr)
-{
- vnet_arp_set_ip4_over_ethernet (vnm, sw_if_index, addr, 0);
- return (ETHERNET_ARP_ERROR_l3_src_address_learned);
-}
-
-typedef enum arp_input_next_t_
-{
- ARP_INPUT_NEXT_DROP,
- ARP_INPUT_NEXT_DISABLED,
- ARP_INPUT_N_NEXT,
-} arp_input_next_t;
-
-static uword
-arp_input (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame)
-{
- u32 n_left_from, next_index, *from, *to_next, n_left_to_next;
- ethernet_arp_main_t *am = &ethernet_arp_main;
-
- from = vlib_frame_vector_args (frame);
- n_left_from = frame->n_vectors;
- next_index = node->cached_next_index;
-
- if (node->flags & VLIB_NODE_FLAG_TRACE)
- vlib_trace_frame_buffers_only (vm, node, from, frame->n_vectors,
- /* stride */ 1,
- sizeof (ethernet_arp_input_trace_t));
-
- while (n_left_from > 0)
- {
- vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
-
- while (n_left_from > 0 && n_left_to_next > 0)
- {
- const ethernet_arp_header_t *arp0;
- arp_input_next_t next0;
- vlib_buffer_t *p0;
- u32 pi0, error0;
-
- pi0 = to_next[0] = from[0];
- from += 1;
- to_next += 1;
- n_left_from -= 1;
- n_left_to_next -= 1;
-
- p0 = vlib_get_buffer (vm, pi0);
- arp0 = vlib_buffer_get_current (p0);
-
- error0 = ETHERNET_ARP_ERROR_replies_sent;
- next0 = ARP_INPUT_NEXT_DROP;
-
- error0 =
- (arp0->l2_type !=
- clib_net_to_host_u16 (ETHERNET_ARP_HARDWARE_TYPE_ethernet) ?
- ETHERNET_ARP_ERROR_l2_type_not_ethernet : error0);
- error0 =
- (arp0->l3_type !=
- clib_net_to_host_u16 (ETHERNET_TYPE_IP4) ?
- ETHERNET_ARP_ERROR_l3_type_not_ip4 : error0);
- error0 =
- (0 == arp0->ip4_over_ethernet[0].ip4.as_u32 ?
- ETHERNET_ARP_ERROR_l3_dst_address_unset : error0);
-
- if (ETHERNET_ARP_ERROR_replies_sent == error0)
- {
- next0 = ARP_INPUT_NEXT_DISABLED;
- vnet_feature_arc_start (am->feature_arc_index,
- vnet_buffer (p0)->sw_if_index[VLIB_RX],
- &next0, p0);
- }
- else
- p0->error = node->errors[error0];
-
- vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
- n_left_to_next, pi0, next0);
- }
-
- vlib_put_next_frame (vm, node, next_index, n_left_to_next);
- }
-
- return frame->n_vectors;
-}
-
-typedef enum arp_disabled_next_t_
-{
- ARP_DISABLED_NEXT_DROP,
- ARP_DISABLED_N_NEXT,
-} arp_disabled_next_t;
-
-#define foreach_arp_disabled_error \
- _ (DISABLED, "ARP Disabled on this interface") \
-
-typedef enum
-{
-#define _(sym,string) ARP_DISABLED_ERROR_##sym,
- foreach_arp_disabled_error
-#undef _
- ARP_DISABLED_N_ERROR,
-} arp_disabled_error_t;
-
-static char *arp_disabled_error_strings[] = {
-#define _(sym,string) string,
- foreach_arp_disabled_error
-#undef _
-};
-
-static uword
-arp_disabled (vlib_main_t * vm,
- vlib_node_runtime_t * node, vlib_frame_t * frame)
-{
- u32 n_left_from, next_index, *from, *to_next, n_left_to_next;
-
- from = vlib_frame_vector_args (frame);
- n_left_from = frame->n_vectors;
- next_index = node->cached_next_index;
-
- if (node->flags & VLIB_NODE_FLAG_TRACE)
- vlib_trace_frame_buffers_only (vm, node, from, frame->n_vectors,
- /* stride */ 1,
- sizeof (ethernet_arp_input_trace_t));
-
- while (n_left_from > 0)
- {
- vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
-
- while (n_left_from > 0 && n_left_to_next > 0)
- {
- arp_disabled_next_t next0 = ARP_DISABLED_NEXT_DROP;
- vlib_buffer_t *p0;
- u32 pi0, error0;
-
- next0 = ARP_DISABLED_NEXT_DROP;
- error0 = ARP_DISABLED_ERROR_DISABLED;
-
- pi0 = to_next[0] = from[0];
- from += 1;
- to_next += 1;
- n_left_from -= 1;
- n_left_to_next -= 1;
-
- p0 = vlib_get_buffer (vm, pi0);
- p0->error = node->errors[error0];
-
- vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
- n_left_to_next, pi0, next0);
- }
-
- vlib_put_next_frame (vm, node, next_index, n_left_to_next);
- }
-
- return frame->n_vectors;
-}
-
-static_always_inline u32
-arp_mk_reply (vnet_main_t * vnm,
- vlib_buffer_t * p0,
- u32 sw_if_index0,
- const ip4_address_t * if_addr0,
- ethernet_arp_header_t * arp0, ethernet_header_t * eth_rx)
-{
- vnet_hw_interface_t *hw_if0;
- u8 *rewrite0, rewrite0_len;
- ethernet_header_t *eth_tx;
- u32 next0;
-
- /* Send a reply.
- An adjacency to the sender is not always present,
- so we use the interface to build us a rewrite string
- which will contain all the necessary tags. */
- rewrite0 = ethernet_build_rewrite (vnm, sw_if_index0,
- VNET_LINK_ARP, eth_rx->src_address);
- rewrite0_len = vec_len (rewrite0);
-
- /* Figure out how much to rewind current data from adjacency. */
- vlib_buffer_advance (p0, -rewrite0_len);
- eth_tx = vlib_buffer_get_current (p0);
-
- vnet_buffer (p0)->sw_if_index[VLIB_TX] = sw_if_index0;
- hw_if0 = vnet_get_sup_hw_interface (vnm, sw_if_index0);
-
- /* Send reply back through input interface */
- vnet_buffer (p0)->sw_if_index[VLIB_TX] = sw_if_index0;
- next0 = ARP_REPLY_NEXT_REPLY_TX;
-
- arp0->opcode = clib_host_to_net_u16 (ETHERNET_ARP_OPCODE_reply);
-
- arp0->ip4_over_ethernet[1] = arp0->ip4_over_ethernet[0];
-
- mac_address_from_bytes (&arp0->ip4_over_ethernet[0].mac,
- hw_if0->hw_address);
- clib_mem_unaligned (&arp0->ip4_over_ethernet[0].ip4.data_u32, u32) =
- if_addr0->data_u32;
-
- /* Hardware must be ethernet-like. */
- ASSERT (vec_len (hw_if0->hw_address) == 6);
-
- /* the rx nd tx ethernet headers wil overlap in the case
- * when we received a tagged VLAN=0 packet, but we are sending
- * back untagged */
- clib_memcpy_fast (eth_tx, rewrite0, vec_len (rewrite0));
- vec_free (rewrite0);
-
- return (next0);
-}
-
-enum arp_dst_fib_type
-{
- ARP_DST_FIB_NONE,
- ARP_DST_FIB_ADJ,
- ARP_DST_FIB_CONN
-};
-
-/*
- * we're looking for FIB sources that indicate the destination
- * is attached. There may be interposed DPO prior to the one
- * we are looking for
- */
-static enum arp_dst_fib_type
-arp_dst_fib_check (const fib_node_index_t fei, fib_entry_flag_t * flags)
-{
- const fib_entry_t *entry = fib_entry_get (fei);
- const fib_entry_src_t *entry_src;
- fib_source_t src;
- /* *INDENT-OFF* */
- FOR_EACH_SRC_ADDED(entry, entry_src, src,
- ({
- *flags = fib_entry_get_flags_for_source (fei, src);
- if (fib_entry_is_sourced (fei, FIB_SOURCE_ADJ))
- return ARP_DST_FIB_ADJ;
- else if (FIB_ENTRY_FLAG_CONNECTED & *flags)
- return ARP_DST_FIB_CONN;
- }))
- /* *INDENT-ON* */
-
- return ARP_DST_FIB_NONE;
-}
-
-static uword
-arp_reply (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame)
-{
- ethernet_arp_main_t *am = &ethernet_arp_main;
- vnet_main_t *vnm = vnet_get_main ();
- u32 n_left_from, next_index, *from, *to_next;
- u32 n_replies_sent = 0;
-
- from = vlib_frame_vector_args (frame);
- n_left_from = frame->n_vectors;
- next_index = node->cached_next_index;
-
- if (node->flags & VLIB_NODE_FLAG_TRACE)
- vlib_trace_frame_buffers_only (vm, node, from, frame->n_vectors,
- /* stride */ 1,
- sizeof (ethernet_arp_input_trace_t));
-
- while (n_left_from > 0)
- {
- u32 n_left_to_next;
-
- vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
-
- while (n_left_from > 0 && n_left_to_next > 0)
- {
- vlib_buffer_t *p0;
- ethernet_arp_header_t *arp0;
- ethernet_header_t *eth_rx;
- const ip4_address_t *if_addr0;
- u32 pi0, error0, next0, sw_if_index0, conn_sw_if_index0, fib_index0;
- u8 dst_is_local0, is_vrrp_reply0;
- fib_node_index_t dst_fei, src_fei;
- const fib_prefix_t *pfx0;
- fib_entry_flag_t src_flags, dst_flags;
-
- pi0 = from[0];
- to_next[0] = pi0;
- from += 1;
- to_next += 1;
- n_left_from -= 1;
- n_left_to_next -= 1;
-
- p0 = vlib_get_buffer (vm, pi0);
- arp0 = vlib_buffer_get_current (p0);
- /* Fill in ethernet header. */
- eth_rx = ethernet_buffer_get_header (p0);
-
- next0 = ARP_REPLY_NEXT_DROP;
- error0 = ETHERNET_ARP_ERROR_replies_sent;
- sw_if_index0 = vnet_buffer (p0)->sw_if_index[VLIB_RX];
-
- /* Check that IP address is local and matches incoming interface. */
- fib_index0 = ip4_fib_table_get_index_for_sw_if_index (sw_if_index0);
- if (~0 == fib_index0)
- {
- error0 = ETHERNET_ARP_ERROR_interface_no_table;
- goto drop;
-
- }
-
- {
- /*
- * we're looking for FIB entries that indicate the source
- * is attached. There may be more specific non-attached
- * routes that match the source, but these do not influence
- * whether we respond to an ARP request, i.e. they do not
- * influence whether we are the correct way for the sender
- * to reach us, they only affect how we reach the sender.
- */
- fib_entry_t *src_fib_entry;
- const fib_prefix_t *pfx;
- fib_entry_src_t *src;
- fib_source_t source;
- int attached;
- int mask;
-
- mask = 32;
- attached = 0;
-
- do
- {
- src_fei = ip4_fib_table_lookup (ip4_fib_get (fib_index0),
- &arp0->
- ip4_over_ethernet[0].ip4,
- mask);
- src_fib_entry = fib_entry_get (src_fei);
-
- /*
- * It's possible that the source that provides the
- * flags we need, or the flags we must not have,
- * is not the best source, so check then all.
- */
- /* *INDENT-OFF* */
- FOR_EACH_SRC_ADDED(src_fib_entry, src, source,
- ({
- src_flags = fib_entry_get_flags_for_source (src_fei, source);
-
- /* Reject requests/replies with our local interface
- address. */
- if (FIB_ENTRY_FLAG_LOCAL & src_flags)
- {
- error0 = ETHERNET_ARP_ERROR_l3_src_address_is_local;
- /*
- * When VPP has an interface whose address is also
- * applied to a TAP interface on the host, then VPP's
- * TAP interface will be unnumbered to the 'real'
- * interface and do proxy ARP from the host.
- * The curious aspect of this setup is that ARP requests
- * from the host will come from the VPP's own address.
- * So don't drop immediately here, instead go see if this
- * is a proxy ARP case.
- */
- goto next_feature;
- }
- /* A Source must also be local to subnet of matching
- * interface address. */
- if ((FIB_ENTRY_FLAG_ATTACHED & src_flags) ||
- (FIB_ENTRY_FLAG_CONNECTED & src_flags))
- {
- attached = 1;
- break;
- }
- /*
- * else
- * The packet was sent from an address that is not
- * connected nor attached i.e. it is not from an
- * address that is covered by a link's sub-net,
- * nor is it a already learned host resp.
- */
- }));
- /* *INDENT-ON* */
-
- /*
- * shorter mask lookup for the next iteration.
- */
- pfx = fib_entry_get_prefix (src_fei);
- mask = pfx->fp_len - 1;
-
- /*
- * continue until we hit the default route or we find
- * the attached we are looking for. The most likely
- * outcome is we find the attached with the first source
- * on the first lookup.
- */
- }
- while (!attached &&
- !fib_entry_is_sourced (src_fei, FIB_SOURCE_DEFAULT_ROUTE));
-
- if (!attached)
- {
- /*
- * the matching route is a not attached, i.e. it was
- * added as a result of routing, rather than interface/ARP
- * configuration. If the matching route is not a host route
- * (i.e. a /32)
- */
- error0 = ETHERNET_ARP_ERROR_l3_src_address_not_local;
- goto drop;
- }
- }
-
- dst_fei = ip4_fib_table_lookup (ip4_fib_get (fib_index0),
- &arp0->ip4_over_ethernet[1].ip4,
- 32);
- switch (arp_dst_fib_check (dst_fei, &dst_flags))
- {
- case ARP_DST_FIB_ADJ:
- /*
- * We matched an adj-fib on ths source subnet (a /32 previously
- * added as a result of ARP). If this request is a gratuitous
- * ARP, then learn from it.
- * The check for matching an adj-fib, is to prevent hosts
- * from spamming us with gratuitous ARPS that might otherwise
- * blow our ARP cache
- */
- if (arp0->ip4_over_ethernet[0].ip4.as_u32 ==
- arp0->ip4_over_ethernet[1].ip4.as_u32)
- error0 = arp_learn (vnm, am, sw_if_index0,
- &arp0->ip4_over_ethernet[0]);
- goto drop;
- case ARP_DST_FIB_CONN:
- /* destination is connected, continue to process */
- break;
- case ARP_DST_FIB_NONE:
- /* destination is not connected, stop here */
- error0 = ETHERNET_ARP_ERROR_l3_dst_address_not_local;
- goto next_feature;
- }
-
- dst_is_local0 = (FIB_ENTRY_FLAG_LOCAL & dst_flags);
- pfx0 = fib_entry_get_prefix (dst_fei);
- if_addr0 = &pfx0->fp_addr.ip4;
-
- is_vrrp_reply0 =
- ((arp0->opcode ==
- clib_host_to_net_u16 (ETHERNET_ARP_OPCODE_reply))
- &&
- (!memcmp
- (arp0->ip4_over_ethernet[0].mac.bytes, vrrp_prefix,
- sizeof (vrrp_prefix))));
-
- /* Trash ARP packets whose ARP-level source addresses do not
- match their L2-frame-level source addresses, unless it's
- a reply from a VRRP virtual router */
- if (!ethernet_mac_address_equal
- (eth_rx->src_address,
- arp0->ip4_over_ethernet[0].mac.bytes) && !is_vrrp_reply0)
- {
- error0 = ETHERNET_ARP_ERROR_l2_address_mismatch;
- goto drop;
- }
-
- /* Learn or update sender's mapping only for replies to addresses
- * that are local to the subnet */
- if (arp0->opcode ==
- clib_host_to_net_u16 (ETHERNET_ARP_OPCODE_reply))
- {
- if (dst_is_local0)
- error0 = arp_learn (vnm, am, sw_if_index0,
- &arp0->ip4_over_ethernet[0]);
- else
- /* a reply for a non-local destination could be a GARP.
- * GARPs for hosts we know were handled above, so this one
- * we drop */
- error0 = ETHERNET_ARP_ERROR_l3_dst_address_not_local;
-
- goto next_feature;
- }
- else if (arp0->opcode ==
- clib_host_to_net_u16 (ETHERNET_ARP_OPCODE_request) &&
- (dst_is_local0 == 0))
- {
- goto next_feature;
- }
-
- /* Honor unnumbered interface, if any */
- conn_sw_if_index0 = fib_entry_get_resolving_interface (dst_fei);
- if (sw_if_index0 != conn_sw_if_index0 ||
- sw_if_index0 != fib_entry_get_resolving_interface (src_fei))
- {
- /*
- * The interface the ARP is sent to or was received on is not the
- * interface on which the covering prefix is configured.
- * Maybe this is a case for unnumbered.
- */
- if (!arp_unnumbered (p0, sw_if_index0, conn_sw_if_index0))
- {
- error0 = ETHERNET_ARP_ERROR_unnumbered_mismatch;
- goto drop;
- }
- }
- if (arp0->ip4_over_ethernet[0].ip4.as_u32 ==
- arp0->ip4_over_ethernet[1].ip4.as_u32)
- {
- error0 = ETHERNET_ARP_ERROR_gratuitous_arp;
- goto drop;
- }
-
- next0 = arp_mk_reply (vnm, p0, sw_if_index0,
- if_addr0, arp0, eth_rx);
-
- /* We are going to reply to this request, so, in the absence of
- errors, learn the sender */
- if (!error0)
- error0 = arp_learn (vnm, am, sw_if_index0,
- &arp0->ip4_over_ethernet[1]);
-
- n_replies_sent += 1;
- goto enqueue;
-
- next_feature:
- vnet_feature_next (&next0, p0);
- goto enqueue;
-
- drop:
- p0->error = node->errors[error0];
-
- enqueue:
- vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
- n_left_to_next, pi0, next0);
- }
-
- vlib_put_next_frame (vm, node, next_index, n_left_to_next);
- }
-
- vlib_error_count (vm, node->node_index,
- ETHERNET_ARP_ERROR_replies_sent, n_replies_sent);
-
- return frame->n_vectors;
-}
-
-static uword
-arp_proxy (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame)
-{
- ethernet_arp_main_t *am = &ethernet_arp_main;
- vnet_main_t *vnm = vnet_get_main ();
- u32 n_left_from, next_index, *from, *to_next;
- u32 n_arp_replies_sent = 0;
-
- from = vlib_frame_vector_args (frame);
- n_left_from = frame->n_vectors;
- next_index = node->cached_next_index;
-
- if (node->flags & VLIB_NODE_FLAG_TRACE)
- vlib_trace_frame_buffers_only (vm, node, from, frame->n_vectors,
- /* stride */ 1,
- sizeof (ethernet_arp_input_trace_t));
-
- while (n_left_from > 0)
- {
- u32 n_left_to_next;
-
- vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
-
- while (n_left_from > 0 && n_left_to_next > 0)
- {
- vlib_buffer_t *p0;
- ethernet_arp_header_t *arp0;
- ethernet_header_t *eth_rx;
- ip4_address_t proxy_src;
- u32 pi0, error0, next0, sw_if_index0, fib_index0;
- u8 is_request0;
- ethernet_proxy_arp_t *pa;
-
- pi0 = from[0];
- to_next[0] = pi0;
- from += 1;
- to_next += 1;
- n_left_from -= 1;
- n_left_to_next -= 1;
-
- p0 = vlib_get_buffer (vm, pi0);
- arp0 = vlib_buffer_get_current (p0);
- /* Fill in ethernet header. */
- eth_rx = ethernet_buffer_get_header (p0);
-
- is_request0 = arp0->opcode
- == clib_host_to_net_u16 (ETHERNET_ARP_OPCODE_request);
-
- error0 = ETHERNET_ARP_ERROR_replies_sent;
- sw_if_index0 = vnet_buffer (p0)->sw_if_index[VLIB_RX];
- next0 = ARP_REPLY_NEXT_DROP;
-
- fib_index0 = ip4_fib_table_get_index_for_sw_if_index (sw_if_index0);
- if (~0 == fib_index0)
- {
- error0 = ETHERNET_ARP_ERROR_interface_no_table;
- }
-
- if (0 == error0 && is_request0)
- {
- u32 this_addr = clib_net_to_host_u32
- (arp0->ip4_over_ethernet[1].ip4.as_u32);
-
- vec_foreach (pa, am->proxy_arps)
- {
- u32 lo_addr = clib_net_to_host_u32 (pa->lo_addr.as_u32);
- u32 hi_addr = clib_net_to_host_u32 (pa->hi_addr.as_u32);
-
- /* an ARP request hit in the proxy-arp table? */
- if ((this_addr >= lo_addr && this_addr <= hi_addr) &&
- (fib_index0 == pa->fib_index))
- {
- proxy_src.as_u32 =
- arp0->ip4_over_ethernet[1].ip4.data_u32;
-
- /*
- * change the interface address to the proxied
- */
- n_arp_replies_sent++;
-
- next0 =
- arp_mk_reply (vnm, p0, sw_if_index0, &proxy_src, arp0,
- eth_rx);
- }
- }
- }
- else
- {
- p0->error = node->errors[error0];
- }
-
- vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
- n_left_to_next, pi0, next0);
- }
-
- vlib_put_next_frame (vm, node, next_index, n_left_to_next);
- }
-
- vlib_error_count (vm, node->node_index,
- ETHERNET_ARP_ERROR_replies_sent, n_arp_replies_sent);
-
- return frame->n_vectors;
-}
-
-static char *ethernet_arp_error_strings[] = {
-#define _(sym,string) string,
- foreach_ethernet_arp_error
-#undef _
-};
-
-/* *INDENT-OFF* */
-
-VLIB_REGISTER_NODE (arp_input_node, static) =
-{
- .function = arp_input,
- .name = "arp-input",
- .vector_size = sizeof (u32),
- .n_errors = ETHERNET_ARP_N_ERROR,
- .error_strings = ethernet_arp_error_strings,
- .n_next_nodes = ARP_INPUT_N_NEXT,
- .next_nodes = {
- [ARP_INPUT_NEXT_DROP] = "error-drop",
- [ARP_INPUT_NEXT_DISABLED] = "arp-disabled",
- },
- .format_buffer = format_ethernet_arp_header,
- .format_trace = format_ethernet_arp_input_trace,
-};
-
-VLIB_REGISTER_NODE (arp_disabled_node, static) =
-{
- .function = arp_disabled,
- .name = "arp-disabled",
- .vector_size = sizeof (u32),
- .n_errors = ARP_DISABLED_N_ERROR,
- .error_strings = arp_disabled_error_strings,
- .n_next_nodes = ARP_DISABLED_N_NEXT,
- .next_nodes = {
- [ARP_INPUT_NEXT_DROP] = "error-drop",
- },
- .format_buffer = format_ethernet_arp_header,
- .format_trace = format_ethernet_arp_input_trace,
-};
-
-VLIB_REGISTER_NODE (arp_reply_node, static) =
-{
- .function = arp_reply,
- .name = "arp-reply",
- .vector_size = sizeof (u32),
- .n_errors = ETHERNET_ARP_N_ERROR,
- .error_strings = ethernet_arp_error_strings,
- .n_next_nodes = ARP_REPLY_N_NEXT,
- .next_nodes = {
- [ARP_REPLY_NEXT_DROP] = "error-drop",
- [ARP_REPLY_NEXT_REPLY_TX] = "interface-output",
- },
- .format_buffer = format_ethernet_arp_header,
- .format_trace = format_ethernet_arp_input_trace,
-};
-
-VLIB_REGISTER_NODE (arp_proxy_node, static) =
-{
- .function = arp_proxy,
- .name = "arp-proxy",
- .vector_size = sizeof (u32),
- .n_errors = ETHERNET_ARP_N_ERROR,
- .error_strings = ethernet_arp_error_strings,
- .n_next_nodes = ARP_REPLY_N_NEXT,
- .next_nodes = {
- [ARP_REPLY_NEXT_DROP] = "error-drop",
- [ARP_REPLY_NEXT_REPLY_TX] = "interface-output",
- },
- .format_buffer = format_ethernet_arp_header,
- .format_trace = format_ethernet_arp_input_trace,
-};
-
-/* Built-in ARP rx feature path definition */
-VNET_FEATURE_ARC_INIT (arp_feat, static) =
-{
- .arc_name = "arp",
- .start_nodes = VNET_FEATURES ("arp-input"),
- .last_in_arc = "error-drop",
- .arc_index_ptr = &ethernet_arp_main.feature_arc_index,
-};
-
-VNET_FEATURE_INIT (arp_reply_feat_node, static) =
-{
- .arc_name = "arp",
- .node_name = "arp-reply",
- .runs_before = VNET_FEATURES ("arp-disabled"),
-};
-
-VNET_FEATURE_INIT (arp_proxy_feat_node, static) =
-{
- .arc_name = "arp",
- .node_name = "arp-proxy",
- .runs_after = VNET_FEATURES ("arp-reply"),
- .runs_before = VNET_FEATURES ("arp-disabled"),
-};
-
-VNET_FEATURE_INIT (arp_disabled_feat_node, static) =
-{
- .arc_name = "arp",
- .node_name = "arp-disabled",
- .runs_before = VNET_FEATURES ("error-drop"),
-};
-
-VNET_FEATURE_INIT (arp_drop_feat_node, static) =
-{
- .arc_name = "arp",
- .node_name = "error-drop",
- .runs_before = 0, /* last feature */
-};
-
-/* *INDENT-ON* */
-
-static int
-ip4_arp_entry_sort (void *a1, void *a2)
-{
- ethernet_arp_ip4_entry_t *e1 = a1;
- ethernet_arp_ip4_entry_t *e2 = a2;
-
- int cmp;
- vnet_main_t *vnm = vnet_get_main ();
-
- cmp = vnet_sw_interface_compare (vnm, e1->sw_if_index, e2->sw_if_index);
- if (!cmp)
- cmp = ip4_address_compare (&e1->ip4_address, &e2->ip4_address);
- return cmp;
-}
-
-ethernet_arp_ip4_entry_t *
-ip4_neighbors_pool (void)
-{
- ethernet_arp_main_t *am = &ethernet_arp_main;
- return am->ip4_entry_pool;
-}
-
-ethernet_arp_ip4_entry_t *
-ip4_neighbor_entries (u32 sw_if_index)
-{
- ethernet_arp_main_t *am = &ethernet_arp_main;
- ethernet_arp_ip4_entry_t *n, *ns = 0;
-
- /* *INDENT-OFF* */
- pool_foreach (n, am->ip4_entry_pool, ({
- if (sw_if_index != ~0 && n->sw_if_index != sw_if_index)
- continue;
- vec_add1 (ns, n[0]);
- }));
- /* *INDENT-ON* */
-
- if (ns)
- vec_sort_with_function (ns, ip4_arp_entry_sort);
- return ns;
-}
-
-static clib_error_t *
-show_ip4_arp (vlib_main_t * vm,
- unformat_input_t * input, vlib_cli_command_t * cmd)
-{
- vnet_main_t *vnm = vnet_get_main ();
- ethernet_arp_main_t *am = &ethernet_arp_main;
- ethernet_arp_ip4_entry_t *e, *es;
- ethernet_proxy_arp_t *pa;
- clib_error_t *error = 0;
- u32 sw_if_index;
-
- /* Filter entries by interface if given. */
- sw_if_index = ~0;
- (void) unformat_user (input, unformat_vnet_sw_interface, vnm, &sw_if_index);
-
- es = ip4_neighbor_entries (sw_if_index);
- if (es)
- {
- vlib_cli_output (vm, "%U", format_ethernet_arp_ip4_entry, vnm, 0);
- vec_foreach (e, es)
- {
- vlib_cli_output (vm, "%U", format_ethernet_arp_ip4_entry, vnm, e);
- }
- vec_free (es);
- }
-
- if (vec_len (am->proxy_arps))
- {
- vlib_cli_output (vm, "Proxy arps enabled for:");
- vec_foreach (pa, am->proxy_arps)
- {
- vlib_cli_output (vm, "Fib_index %d %U - %U ",
- pa->fib_index,
- format_ip4_address, &pa->lo_addr,
- format_ip4_address, &pa->hi_addr);
- }
- }
-
- return error;
-}
-
-/*?
- * Display all the IPv4 ARP entries.
- *
- * @cliexpar
- * Example of how to display the IPv4 ARP table:
- * @cliexstart{show ip arp}
- * Time FIB IP4 Flags Ethernet Interface
- * 346.3028 0 6.1.1.3 de:ad:be:ef:ba:be GigabitEthernet2/0/0
- * 3077.4271 0 6.1.1.4 S de:ad:be:ef:ff:ff GigabitEthernet2/0/0
- * 2998.6409 1 6.2.2.3 de:ad:be:ef:00:01 GigabitEthernet2/0/0
- * Proxy arps enabled for:
- * Fib_index 0 6.0.0.1 - 6.0.0.11
- * @cliexend
- ?*/
-/* *INDENT-OFF* */
-VLIB_CLI_COMMAND (show_ip4_arp_command, static) = {
- .path = "show ip arp",
- .function = show_ip4_arp,
- .short_help = "show ip arp",
-};
-/* *INDENT-ON* */
-
-typedef struct
-{
- pg_edit_t l2_type, l3_type;
- pg_edit_t n_l2_address_bytes, n_l3_address_bytes;
- pg_edit_t opcode;
- struct
- {
- pg_edit_t mac;
- pg_edit_t ip4;
- } ip4_over_ethernet[2];
-} pg_ethernet_arp_header_t;
-
-static inline void
-pg_ethernet_arp_header_init (pg_ethernet_arp_header_t * p)
-{
- /* Initialize fields that are not bit fields in the IP header. */
-#define _(f) pg_edit_init (&p->f, ethernet_arp_header_t, f);
- _(l2_type);
- _(l3_type);
- _(n_l2_address_bytes);
- _(n_l3_address_bytes);
- _(opcode);
- _(ip4_over_ethernet[0].mac);
- _(ip4_over_ethernet[0].ip4);
- _(ip4_over_ethernet[1].mac);
- _(ip4_over_ethernet[1].ip4);
-#undef _
-}
-
-uword
-unformat_pg_arp_header (unformat_input_t * input, va_list * args)
-{
- pg_stream_t *s = va_arg (*args, pg_stream_t *);
- pg_ethernet_arp_header_t *p;
- u32 group_index;
-
- p = pg_create_edit_group (s, sizeof (p[0]), sizeof (ethernet_arp_header_t),
- &group_index);
- pg_ethernet_arp_header_init (p);
-
- /* Defaults. */
- pg_edit_set_fixed (&p->l2_type, ETHERNET_ARP_HARDWARE_TYPE_ethernet);
- pg_edit_set_fixed (&p->l3_type, ETHERNET_TYPE_IP4);
- pg_edit_set_fixed (&p->n_l2_address_bytes, 6);
- pg_edit_set_fixed (&p->n_l3_address_bytes, 4);
-
- if (!unformat (input, "%U: %U/%U -> %U/%U",
- unformat_pg_edit,
- unformat_ethernet_arp_opcode_net_byte_order, &p->opcode,
- unformat_pg_edit,
- unformat_mac_address_t, &p->ip4_over_ethernet[0].mac,
- unformat_pg_edit,
- unformat_ip4_address, &p->ip4_over_ethernet[0].ip4,
- unformat_pg_edit,
- unformat_mac_address_t, &p->ip4_over_ethernet[1].mac,
- unformat_pg_edit,
- unformat_ip4_address, &p->ip4_over_ethernet[1].ip4))
- {
- /* Free up any edits we may have added. */
- pg_free_edit_group (s);
- return 0;
- }
- return 1;
-}
-
-clib_error_t *
-ip4_set_arp_limit (u32 arp_limit)
-{
- ethernet_arp_main_t *am = &ethernet_arp_main;
-
- am->limit_arp_cache_size = arp_limit;
- return 0;
-}
-
-/**
- * @brief Control Plane hook to remove an ARP entry
- */
-int
-vnet_arp_unset_ip4_over_ethernet (vnet_main_t * vnm,
- u32 sw_if_index,
- const
- ethernet_arp_ip4_over_ethernet_address_t *
- a)
-{
- vnet_arp_set_ip4_over_ethernet_rpc_args_t args = {
- .sw_if_index = sw_if_index,
- .flags = ETHERNET_ARP_ARGS_REMOVE,
- .ip4 = a->ip4,
- .mac = a->mac,
- };
-
- vl_api_rpc_call_main_thread (set_ip4_over_ethernet_rpc_callback,
- (u8 *) & args, sizeof (args));
- return 0;
-}
-
-/**
- * @brief publish wildcard arp event
- * @param sw_if_index The interface on which the ARP entries are acted
- */
-static int
-vnet_arp_wc_publish (u32 sw_if_index,
- const ethernet_arp_ip4_over_ethernet_address_t * a)
-{
- vnet_arp_set_ip4_over_ethernet_rpc_args_t args = {
- .flags = ETHERNET_ARP_ARGS_WC_PUB,
- .sw_if_index = sw_if_index,
- .ip4 = a->ip4,
- .mac = a->mac,
- };
-
- vl_api_rpc_call_main_thread (set_ip4_over_ethernet_rpc_callback,
- (u8 *) & args, sizeof (args));
- return 0;
-}
-
-static void
-vnet_arp_wc_publish_internal (vnet_main_t * vnm,
- vnet_arp_set_ip4_over_ethernet_rpc_args_t *
- args)
-{
- vlib_main_t *vm = vlib_get_main ();
- ethernet_arp_main_t *am = &ethernet_arp_main;
- uword ni = am->wc_ip4_arp_publisher_node;
- uword et = am->wc_ip4_arp_publisher_et;
-
- if (ni == (uword) ~ 0)
- return;
- wc_arp_report_t *r =
- vlib_process_signal_event_data (vm, ni, et, 1, sizeof *r);
- r->ip.as_u32 = args->ip4.as_u32;
- r->sw_if_index = args->sw_if_index;
- mac_address_copy (&r->mac, &args->mac);
-}
-
-void
-wc_arp_set_publisher_node (uword node_index, uword event_type)
-{
- ethernet_arp_main_t *am = &ethernet_arp_main;
- am->wc_ip4_arp_publisher_node = node_index;
- am->wc_ip4_arp_publisher_et = event_type;
-}
-
-static void
-arp_entry_free (ethernet_arp_interface_t * eai, ethernet_arp_ip4_entry_t * e);
-
-static int
-vnet_arp_flush_ip4_over_ethernet_internal (vnet_main_t * vnm,
- vnet_arp_set_ip4_over_ethernet_rpc_args_t
- * args)
-{
- ethernet_arp_main_t *am = &ethernet_arp_main;
- ethernet_arp_ip4_entry_t *e;
- ethernet_arp_interface_t *eai;
-
- if (vec_len (am->ethernet_arp_by_sw_if_index) <= args->sw_if_index)
- return 0;
-
- eai = &am->ethernet_arp_by_sw_if_index[args->sw_if_index];
-
- e = arp_entry_find (eai, &args->ip4);
-
- if (NULL != e)
- {
- adj_nbr_walk_nh4 (e->sw_if_index,
- &e->ip4_address, arp_mk_incomplete_walk, e);
-
- /*
- * The difference between flush and unset, is that an unset
- * means delete for static and dynamic entries. A flush
- * means delete only for dynamic. Flushing is what the DP
- * does in response to interface events. unset is only done
- * by the control plane.
- */
- if (e->flags & IP_NEIGHBOR_FLAG_STATIC)
- {
- e->flags &= ~IP_NEIGHBOR_FLAG_DYNAMIC;
- }
- else if (e->flags & IP_NEIGHBOR_FLAG_DYNAMIC)
- {
- arp_entry_free (eai, e);
- }
- }
- return (0);
-}
-
-/*
- * arp_add_del_interface_address
- *
- * callback when an interface address is added or deleted
- */
-static void
-arp_enable_disable_interface (ip4_main_t * im,
- uword opaque, u32 sw_if_index, u32 is_enable)
-{
- ethernet_arp_main_t *am = &ethernet_arp_main;
-
- if (is_enable)
- arp_enable (am, sw_if_index);
- else
- arp_disable (am, sw_if_index);
-}
-
-/*
- * arp_add_del_interface_address
- *
- * callback when an interface address is added or deleted
- */
-static void
-arp_add_del_interface_address (ip4_main_t * im,
- uword opaque,
- u32 sw_if_index,
- ip4_address_t * address,
- u32 address_length,
- u32 if_address_index, u32 is_del)
-{
- /*
- * Flush the ARP cache of all entries covered by the address
- * that is being removed.
- */
- ethernet_arp_main_t *am = &ethernet_arp_main;
- ethernet_arp_ip4_entry_t *e;
-
- if (vec_len (am->ethernet_arp_by_sw_if_index) <= sw_if_index)
- return;
-
- if (is_del)
- {
- ethernet_arp_interface_t *eai;
- u32 i, *to_delete = 0;
- hash_pair_t *pair;
-
- eai = &am->ethernet_arp_by_sw_if_index[sw_if_index];
-
- /* *INDENT-OFF* */
- hash_foreach_pair (pair, eai->arp_entries,
- ({
- e = pool_elt_at_index(am->ip4_entry_pool,
- pair->value[0]);
- if (ip4_destination_matches_route (im, &e->ip4_address,
- address, address_length))
- {
- vec_add1 (to_delete, e - am->ip4_entry_pool);
- }
- }));
- /* *INDENT-ON* */
-
- for (i = 0; i < vec_len (to_delete); i++)
- {
- e = pool_elt_at_index (am->ip4_entry_pool, to_delete[i]);
-
- vnet_arp_set_ip4_over_ethernet_rpc_args_t delme = {
- .ip4.as_u32 = e->ip4_address.as_u32,
- .sw_if_index = e->sw_if_index,
- .flags = ETHERNET_ARP_ARGS_FLUSH,
- };
- mac_address_copy (&delme.mac, &e->mac);
-
- vnet_arp_flush_ip4_over_ethernet_internal (vnet_get_main (),
- &delme);
- }
-
- vec_free (to_delete);
- }
-}
-
-static void
-arp_table_bind (ip4_main_t * im,
- uword opaque,
- u32 sw_if_index, u32 new_fib_index, u32 old_fib_index)
-{
- ethernet_arp_main_t *am = &ethernet_arp_main;
- ethernet_arp_interface_t *eai;
- ethernet_arp_ip4_entry_t *e;
- hash_pair_t *pair;
-
- /*
- * the IP table that the interface is bound to has changed.
- * reinstall all the adj fibs.
- */
-
- if (vec_len (am->ethernet_arp_by_sw_if_index) <= sw_if_index)
- return;
-
- eai = &am->ethernet_arp_by_sw_if_index[sw_if_index];
-
- /* *INDENT-OFF* */
- hash_foreach_pair (pair, eai->arp_entries,
- ({
- e = pool_elt_at_index(am->ip4_entry_pool,
- pair->value[0]);
- /*
- * remove the adj-fib from the old table and add to the new
- */
- arp_adj_fib_remove(e, old_fib_index);
- arp_adj_fib_add(e, new_fib_index);
- }));
- /* *INDENT-ON* */
-
-}
-
-static clib_error_t *
-ethernet_arp_init (vlib_main_t * vm)
-{
- ethernet_arp_main_t *am = &ethernet_arp_main;
- ip4_main_t *im = &ip4_main;
- pg_node_t *pn;
-
- ethernet_register_input_type (vm, ETHERNET_TYPE_ARP, arp_input_node.index);
-
- pn = pg_get_node (arp_input_node.index);
- pn->unformat_edit = unformat_pg_arp_header;
-
- am->opcode_by_name = hash_create_string (0, sizeof (uword));
-#define _(o) hash_set_mem (am->opcode_by_name, #o, ETHERNET_ARP_OPCODE_##o);
- foreach_ethernet_arp_opcode;
-#undef _
-
- /* $$$ configurable */
- am->limit_arp_cache_size = 50000;
-
- am->pending_resolutions_by_address = hash_create (0, sizeof (uword));
- am->mac_changes_by_address = hash_create (0, sizeof (uword));
- am->wc_ip4_arp_publisher_node = (uword) ~ 0;
-
- /* don't trace ARP error packets */
- {
- vlib_node_runtime_t *rt =
- vlib_node_get_runtime (vm, arp_input_node.index);
-
-#define _(a,b) \
- vnet_pcap_drop_trace_filter_add_del \
- (rt->errors[ETHERNET_ARP_ERROR_##a], \
- 1 /* is_add */);
- foreach_ethernet_arp_error
-#undef _
- }
-
- ip4_add_del_interface_address_callback_t cb;
- cb.function = arp_add_del_interface_address;
- cb.function_opaque = 0;
- vec_add1 (im->add_del_interface_address_callbacks, cb);
-
- ip4_enable_disable_interface_callback_t cbe;
- cbe.function = arp_enable_disable_interface;
- cbe.function_opaque = 0;
- vec_add1 (im->enable_disable_interface_callbacks, cbe);
-
- ip4_table_bind_callback_t cbt;
- cbt.function = arp_table_bind;
- cbt.function_opaque = 0;
- vec_add1 (im->table_bind_callbacks, cbt);
-
- return 0;
-}
-/* *INDENT-OFF* */
-VLIB_INIT_FUNCTION (ethernet_arp_init) =
-{
- .runs_after = VLIB_INITS("ethernet_init"),
-};
-/* *INDENT-ON* */
-
-static void
-arp_entry_free (ethernet_arp_interface_t * eai, ethernet_arp_ip4_entry_t * e)
-{
- ethernet_arp_main_t *am = &ethernet_arp_main;
-
- arp_adj_fib_remove
- (e, ip4_fib_table_get_index_for_sw_if_index (e->sw_if_index));
- hash_unset (eai->arp_entries, e->ip4_address.as_u32);
- pool_put (am->ip4_entry_pool, e);
-}
-
-static inline int
-vnet_arp_unset_ip4_over_ethernet_internal (vnet_main_t * vnm,
- vnet_arp_set_ip4_over_ethernet_rpc_args_t
- * args)
-{
- ethernet_arp_main_t *am = &ethernet_arp_main;
- ethernet_arp_ip4_entry_t *e;
- ethernet_arp_interface_t *eai;
-
- if (vec_len (am->ethernet_arp_by_sw_if_index) <= args->sw_if_index)
- return 0;
-
- eai = &am->ethernet_arp_by_sw_if_index[args->sw_if_index];
-
- e = arp_entry_find (eai, &args->ip4);
-
- if (NULL != e)
- {
- adj_nbr_walk_nh4 (e->sw_if_index,
- &e->ip4_address, arp_mk_incomplete_walk, e);
- arp_entry_free (eai, e);
- }
-
- return 0;
-}
-
-
-static int
-vnet_arp_populate_ip4_over_ethernet_internal (vnet_main_t * vnm,
- vnet_arp_set_ip4_over_ethernet_rpc_args_t
- * args)
-{
- ethernet_arp_main_t *am = &ethernet_arp_main;
- ethernet_arp_ip4_entry_t *e;
- ethernet_arp_interface_t *eai;
-
- arp_enable (am, args->sw_if_index);
- eai = &am->ethernet_arp_by_sw_if_index[args->sw_if_index];
-
- e = arp_entry_find (eai, &args->ip4);
-
- if (NULL != e)
- {
- adj_nbr_walk_nh4 (e->sw_if_index,
- &e->ip4_address, arp_mk_complete_walk, e);
- }
- return (0);
-}
-
-static void
-set_ip4_over_ethernet_rpc_callback (vnet_arp_set_ip4_over_ethernet_rpc_args_t
- * a)
-{
- vnet_main_t *vm = vnet_get_main ();
- ASSERT (vlib_get_thread_index () == 0);
-
- if (a->flags & ETHERNET_ARP_ARGS_REMOVE)
- vnet_arp_unset_ip4_over_ethernet_internal (vm, a);
- else if (a->flags & ETHERNET_ARP_ARGS_FLUSH)
- vnet_arp_flush_ip4_over_ethernet_internal (vm, a);
- else if (a->flags & ETHERNET_ARP_ARGS_POPULATE)
- vnet_arp_populate_ip4_over_ethernet_internal (vm, a);
- else if (a->flags & ETHERNET_ARP_ARGS_WC_PUB)
- vnet_arp_wc_publish_internal (vm, a);
- else
- vnet_arp_set_ip4_over_ethernet_internal (vm, a);
-}
-
-/**
- * @brief Invoked when the interface's admin state changes
- */
-static clib_error_t *
-ethernet_arp_sw_interface_up_down (vnet_main_t * vnm,
- u32 sw_if_index, u32 flags)
-{
- ethernet_arp_main_t *am = &ethernet_arp_main;
- ethernet_arp_ip4_entry_t *e;
- u32 i, *to_update = 0;
-
- /* *INDENT-OFF* */
- pool_foreach (e, am->ip4_entry_pool,
- ({
- if (e->sw_if_index == sw_if_index)
- vec_add1 (to_update,
- e - am->ip4_entry_pool);
- }));
- /* *INDENT-ON* */
-
- for (i = 0; i < vec_len (to_update); i++)
- {
- e = pool_elt_at_index (am->ip4_entry_pool, to_update[i]);
-
- vnet_arp_set_ip4_over_ethernet_rpc_args_t update_me = {
- .ip4.as_u32 = e->ip4_address.as_u32,
- .sw_if_index = e->sw_if_index,
- };
- mac_address_copy (&update_me.mac, &e->mac);
-
- if (flags & VNET_SW_INTERFACE_FLAG_ADMIN_UP)
- {
- update_me.flags = ETHERNET_ARP_ARGS_POPULATE;
- vnet_arp_populate_ip4_over_ethernet_internal (vnm, &update_me);
- }
- else
- {
- update_me.flags = ETHERNET_ARP_ARGS_FLUSH;
- vnet_arp_flush_ip4_over_ethernet_internal (vnm, &update_me);
- }
- }
- vec_free (to_update);
-
- return 0;
-}
-
-VNET_SW_INTERFACE_ADMIN_UP_DOWN_FUNCTION (ethernet_arp_sw_interface_up_down);
-
-static void
-increment_ip4_and_mac_address (ethernet_arp_ip4_over_ethernet_address_t * a)
-{
- u8 old;
- int i;
-
- for (i = 3; i >= 0; i--)
- {
- old = a->ip4.as_u8[i];
- a->ip4.as_u8[i] += 1;
- if (old < a->ip4.as_u8[i])
- break;
- }
-
- for (i = 5; i >= 0; i--)
- {
- old = a->mac.bytes[i];
- a->mac.bytes[i] += 1;
- if (old < a->mac.bytes[i])
- break;
- }
-}
-
-int
-vnet_arp_set_ip4_over_ethernet (vnet_main_t * vnm,
- u32 sw_if_index,
- const ethernet_arp_ip4_over_ethernet_address_t
- * a, ip_neighbor_flags_t flags)
-{
- vnet_arp_set_ip4_over_ethernet_rpc_args_t args = {
- .sw_if_index = sw_if_index,
- .nbr_flags = flags,
- .flags = 0,
- .ip4.as_u32 = a->ip4.as_u32,
- .mac = a->mac,
- };
-
- vl_api_rpc_call_main_thread (set_ip4_over_ethernet_rpc_callback,
- (u8 *) & args, sizeof (args));
- return 0;
-}
-
-void
-proxy_arp_walk (proxy_arp_walk_t cb, void *data)
-{
- ethernet_arp_main_t *am = &ethernet_arp_main;
- ethernet_proxy_arp_t *pa;
-
- vec_foreach (pa, am->proxy_arps)
- {
- if (!cb (&pa->lo_addr, &pa->hi_addr, pa->fib_index, data))
- break;
- }
-}
-
-int
-vnet_proxy_arp_enable_disable (vnet_main_t * vnm, u32 sw_if_index, u8 enable)
-{
- ethernet_arp_main_t *am = &ethernet_arp_main;
- ethernet_arp_interface_t *eai;
-
- vec_validate (am->ethernet_arp_by_sw_if_index, sw_if_index);
-
- eai = &am->ethernet_arp_by_sw_if_index[sw_if_index];
-
- if (enable)
- {
- if (!eai->proxy_enabled)
- {
- vnet_feature_enable_disable ("arp", "arp-proxy",
- sw_if_index, 1, NULL, 0);
- }
- eai->proxy_enabled = 1;
- }
- else
- {
- if (eai->proxy_enabled)
- {
- vnet_feature_enable_disable ("arp", "arp-proxy",
- sw_if_index, 0, NULL, 0);
- }
- eai->proxy_enabled = 0;
- }
-
- return (0);
-}
-
-int
-vnet_proxy_arp_add_del (ip4_address_t * lo_addr,
- ip4_address_t * hi_addr, u32 fib_index, int is_del)
-{
- ethernet_arp_main_t *am = &ethernet_arp_main;
- ethernet_proxy_arp_t *pa;
- u32 found_at_index = ~0;
-
- vec_foreach (pa, am->proxy_arps)
- {
- if (pa->lo_addr.as_u32 == lo_addr->as_u32 &&
- pa->hi_addr.as_u32 == hi_addr->as_u32 && pa->fib_index == fib_index)
- {
- found_at_index = pa - am->proxy_arps;
- break;
- }
- }
-
- if (found_at_index != ~0)
- {
- /* Delete, otherwise it's already in the table */
- if (is_del)
- vec_delete (am->proxy_arps, 1, found_at_index);
- return 0;
- }
- /* delete, no such entry */
- if (is_del)
- return VNET_API_ERROR_NO_SUCH_ENTRY;
-
- /* add, not in table */
- vec_add2 (am->proxy_arps, pa, 1);
- pa->lo_addr.as_u32 = lo_addr->as_u32;
- pa->hi_addr.as_u32 = hi_addr->as_u32;
- pa->fib_index = fib_index;
- return 0;
-}
-
-void
-proxy_arp_intfc_walk (proxy_arp_intf_walk_t cb, void *data)
-{
- ethernet_arp_main_t *am = &ethernet_arp_main;
- ethernet_arp_interface_t *eai;
-
- vec_foreach (eai, am->ethernet_arp_by_sw_if_index)
- {
- if (eai->proxy_enabled)
- cb (eai - am->ethernet_arp_by_sw_if_index, data);
- }
-}
-
-static clib_error_t *
-ip_arp_add_del_command_fn (vlib_main_t * vm,
- unformat_input_t * input, vlib_cli_command_t * cmd)
-{
- vnet_main_t *vnm = vnet_get_main ();
- u32 sw_if_index;
- ethernet_arp_ip4_over_ethernet_address_t lo_addr, hi_addr, addr;
- int addr_valid = 0;
- int is_del = 0;
- int count = 1;
- u32 fib_index = 0;
- u32 fib_id;
- int is_proxy = 0;
- ip_neighbor_flags_t flags;
-
- flags = IP_NEIGHBOR_FLAG_NONE;
-
- while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
- {
- /* set ip arp TenGigE1/1/0/1 1.2.3.4 aa:bb:... or aabb.ccdd... */
- if (unformat (input, "%U %U %U",
- unformat_vnet_sw_interface, vnm, &sw_if_index,
- unformat_ip4_address, &addr.ip4,
- unformat_mac_address_t, &addr.mac))
- addr_valid = 1;
-
- else if (unformat (input, "delete") || unformat (input, "del"))
- is_del = 1;
-
- else if (unformat (input, "static"))
- flags |= IP_NEIGHBOR_FLAG_STATIC;
-
- else if (unformat (input, "no-fib-entry"))
- flags |= IP_NEIGHBOR_FLAG_NO_FIB_ENTRY;
-
- else if (unformat (input, "count %d", &count))
- ;
-
- else if (unformat (input, "fib-id %d", &fib_id))
- {
- fib_index = fib_table_find (FIB_PROTOCOL_IP4, fib_id);
-
- if (~0 == fib_index)
- return clib_error_return (0, "fib ID %d doesn't exist\n", fib_id);
- }
-
- else if (unformat (input, "proxy %U - %U",
- unformat_ip4_address, &lo_addr.ip4,
- unformat_ip4_address, &hi_addr.ip4))
- is_proxy = 1;
- else
- break;
- }
-
- if (is_proxy)
- {
- (void) vnet_proxy_arp_add_del (&lo_addr.ip4, &hi_addr.ip4,
- fib_index, is_del);
- return 0;
- }
-
- if (addr_valid)
- {
- int i;
-
- for (i = 0; i < count; i++)
- {
- if (is_del == 0)
- {
- uword event_type, *event_data = 0;
-
- /* Park the debug CLI until the arp entry is installed */
- vnet_register_ip4_arp_resolution_event
- (vnm, &addr.ip4, vlib_current_process (vm),
- 1 /* type */ , 0 /* data */ );
-
- vnet_arp_set_ip4_over_ethernet (vnm, sw_if_index, &addr, flags);
-
- vlib_process_wait_for_event (vm);
- event_type = vlib_process_get_events (vm, &event_data);
- vec_reset_length (event_data);
- if (event_type != 1)
- clib_warning ("event type %d unexpected", event_type);
- }
- else
- vnet_arp_unset_ip4_over_ethernet (vnm, sw_if_index, &addr);
-
- increment_ip4_and_mac_address (&addr);
- }
- }
- else
- {
- return clib_error_return (0, "unknown input `%U'",
- format_unformat_error, input);
- }
-
- return 0;
-}
-
-/* *INDENT-OFF* */
-/*?
- * Add or delete IPv4 ARP cache entries.
- *
- * @note 'set ip arp' options (e.g. delete, static, 'fib-id <id>',
- * 'count <number>', 'interface ip4_addr mac_addr') can be added in
- * any order and combination.
- *
- * @cliexpar
- * @parblock
- * Add or delete IPv4 ARP cache entries as follows. MAC Address can be in
- * either aa:bb:cc:dd:ee:ff format or aabb.ccdd.eeff format.
- * @cliexcmd{set ip arp GigabitEthernet2/0/0 6.0.0.3 dead.beef.babe}
- * @cliexcmd{set ip arp delete GigabitEthernet2/0/0 6.0.0.3 de:ad:be:ef:ba:be}
- *
- * To add or delete an IPv4 ARP cache entry to or from a specific fib
- * table:
- * @cliexcmd{set ip arp fib-id 1 GigabitEthernet2/0/0 6.0.0.3 dead.beef.babe}
- * @cliexcmd{set ip arp fib-id 1 delete GigabitEthernet2/0/0 6.0.0.3 dead.beef.babe}
- *
- * Add or delete IPv4 static ARP cache entries as follows:
- * @cliexcmd{set ip arp static GigabitEthernet2/0/0 6.0.0.3 dead.beef.babe}
- * @cliexcmd{set ip arp static delete GigabitEthernet2/0/0 6.0.0.3 dead.beef.babe}
- *
- * For testing / debugging purposes, the 'set ip arp' command can add or
- * delete multiple entries. Supply the 'count N' parameter:
- * @cliexcmd{set ip arp count 10 GigabitEthernet2/0/0 6.0.0.3 dead.beef.babe}
- * @endparblock
- ?*/
-VLIB_CLI_COMMAND (ip_arp_add_del_command, static) = {
- .path = "set ip arp",
- .short_help =
- "set ip arp [del] <intfc> <ip-address> <mac-address> [static] [no-fib-entry] [count <count>] [fib-id <fib-id>] [proxy <lo-addr> - <hi-addr>]",
- .function = ip_arp_add_del_command_fn,
-};
-/* *INDENT-ON* */
-
-static clib_error_t *
-set_int_proxy_arp_command_fn (vlib_main_t * vm,
- unformat_input_t *
- input, vlib_cli_command_t * cmd)
-{
- vnet_main_t *vnm = vnet_get_main ();
- u32 sw_if_index;
- int enable = 0;
-
- sw_if_index = ~0;
-
- while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
- {
- if (unformat (input, "%U", unformat_vnet_sw_interface,
- vnm, &sw_if_index))
- ;
- else if (unformat (input, "enable") || unformat (input, "on"))
- enable = 1;
- else if (unformat (input, "disable") || unformat (input, "off"))
- enable = 0;
- else
- break;
- }
-
- if (~0 == sw_if_index)
- return clib_error_return (0, "unknown input '%U'",
- format_unformat_error, input);
-
- vnet_proxy_arp_enable_disable (vnm, sw_if_index, enable);
-
- return 0;
-}
-
-/* *INDENT-OFF* */
-/*?
- * Enable proxy-arp on an interface. The vpp stack will answer ARP
- * requests for the indicated address range. Multiple proxy-arp
- * ranges may be provisioned.
- *
- * @note Proxy ARP as a technology is infamous for blackholing traffic.
- * Also, the underlying implementation has not been performance-tuned.
- * Avoid creating an unnecessarily large set of ranges.
- *
- * @cliexpar
- * To enable proxy arp on a range of addresses, use:
- * @cliexcmd{set ip arp proxy 6.0.0.1 - 6.0.0.11}
- * Append 'del' to delete a range of proxy ARP addresses:
- * @cliexcmd{set ip arp proxy 6.0.0.1 - 6.0.0.11 del}
- * You must then specifically enable proxy arp on individual interfaces:
- * @cliexcmd{set interface proxy-arp GigabitEthernet0/8/0 enable}
- * To disable proxy arp on an individual interface:
- * @cliexcmd{set interface proxy-arp GigabitEthernet0/8/0 disable}
- ?*/
-VLIB_CLI_COMMAND (set_int_proxy_enable_command, static) = {
- .path = "set interface proxy-arp",
- .short_help =
- "set interface proxy-arp <intfc> [enable|disable]",
- .function = set_int_proxy_arp_command_fn,
-};
-/* *INDENT-ON* */
-
-
-/*
- * ARP/ND Termination in a L2 Bridge Domain based on IP4/IP6 to MAC
- * hash tables mac_by_ip4 and mac_by_ip6 for each BD.
- */
-typedef enum
-{
- ARP_TERM_NEXT_L2_OUTPUT,
- ARP_TERM_NEXT_DROP,
- ARP_TERM_N_NEXT,
-} arp_term_next_t;
-
-u32 arp_term_next_node_index[32];
-
-static uword
-arp_term_l2bd (vlib_main_t * vm,
- vlib_node_runtime_t * node, vlib_frame_t * frame)
-{
- l2input_main_t *l2im = &l2input_main;
- u32 n_left_from, next_index, *from, *to_next;
- u32 n_replies_sent = 0;
- u16 last_bd_index = ~0;
- l2_bridge_domain_t *last_bd_config = 0;
- l2_input_config_t *cfg0;
-
- from = vlib_frame_vector_args (frame);
- n_left_from = frame->n_vectors;
- next_index = node->cached_next_index;
-
- while (n_left_from > 0)
- {
- u32 n_left_to_next;
-
- vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
-
- while (n_left_from > 0 && n_left_to_next > 0)
- {
- vlib_buffer_t *p0;
- ethernet_header_t *eth0;
- ethernet_arp_header_t *arp0;
- ip6_header_t *iph0;
- u8 *l3h0;
- u32 pi0, error0, next0, sw_if_index0;
- u16 ethertype0;
- u16 bd_index0;
- u32 ip0;
- u8 *macp0;
-
- pi0 = from[0];
- to_next[0] = pi0;
- from += 1;
- to_next += 1;
- n_left_from -= 1;
- n_left_to_next -= 1;
-
- p0 = vlib_get_buffer (vm, pi0);
- // Terminate only local (SHG == 0) ARP
- if (vnet_buffer (p0)->l2.shg != 0)
- goto next_l2_feature;
-
- eth0 = vlib_buffer_get_current (p0);
- l3h0 = (u8 *) eth0 + vnet_buffer (p0)->l2.l2_len;
- ethertype0 = clib_net_to_host_u16 (*(u16 *) (l3h0 - 2));
- arp0 = (ethernet_arp_header_t *) l3h0;
-
- if (ethertype0 != ETHERNET_TYPE_ARP)
- goto check_ip6_nd;
-
- if ((arp0->opcode !=
- clib_host_to_net_u16 (ETHERNET_ARP_OPCODE_request)) &&
- (arp0->opcode !=
- clib_host_to_net_u16 (ETHERNET_ARP_OPCODE_reply)))
- goto check_ip6_nd;
-
- /* Must be ARP request/reply packet here */
- if (PREDICT_FALSE ((node->flags & VLIB_NODE_FLAG_TRACE) &&
- (p0->flags & VLIB_BUFFER_IS_TRACED)))
- {
- u8 *t0 = vlib_add_trace (vm, node, p0,
- sizeof (ethernet_arp_input_trace_t));
- clib_memcpy_fast (t0, l3h0,
- sizeof (ethernet_arp_input_trace_t));
- }
-
- error0 = 0;
- error0 =
- (arp0->l2_type !=
- clib_net_to_host_u16 (ETHERNET_ARP_HARDWARE_TYPE_ethernet)
- ? ETHERNET_ARP_ERROR_l2_type_not_ethernet : error0);
- error0 =
- (arp0->l3_type !=
- clib_net_to_host_u16 (ETHERNET_TYPE_IP4) ?
- ETHERNET_ARP_ERROR_l3_type_not_ip4 : error0);
-
- sw_if_index0 = vnet_buffer (p0)->sw_if_index[VLIB_RX];
-
- if (error0)
- goto drop;
-
- /* Trash ARP packets whose ARP-level source addresses do not
- match, or if requester address is mcast */
- if (PREDICT_FALSE
- (!ethernet_mac_address_equal (eth0->src_address,
- arp0->ip4_over_ethernet[0].
- mac.bytes))
- || ethernet_address_cast (arp0->ip4_over_ethernet[0].mac.bytes))
- {
- /* VRRP virtual MAC may be different to SMAC in ARP reply */
- if (!ethernet_mac_address_equal
- (arp0->ip4_over_ethernet[0].mac.bytes, vrrp_prefix))
- {
- error0 = ETHERNET_ARP_ERROR_l2_address_mismatch;
- goto drop;
- }
- }
- if (PREDICT_FALSE
- (ip4_address_is_multicast (&arp0->ip4_over_ethernet[0].ip4)))
- {
- error0 = ETHERNET_ARP_ERROR_l3_src_address_not_local;
- goto drop;
- }
-
- /* Check if anyone want ARP request events for L2 BDs */
- {
- ethernet_arp_main_t *am = &ethernet_arp_main;
- if (am->wc_ip4_arp_publisher_node != (uword) ~ 0)
- vnet_arp_wc_publish (sw_if_index0, &arp0->ip4_over_ethernet[0]);
- }
-
- /* lookup BD mac_by_ip4 hash table for MAC entry */
- ip0 = arp0->ip4_over_ethernet[1].ip4.as_u32;
- bd_index0 = vnet_buffer (p0)->l2.bd_index;
- if (PREDICT_FALSE ((bd_index0 != last_bd_index)
- || (last_bd_index == (u16) ~ 0)))
- {
- last_bd_index = bd_index0;
- last_bd_config = vec_elt_at_index (l2im->bd_configs, bd_index0);
- }
- macp0 = (u8 *) hash_get (last_bd_config->mac_by_ip4, ip0);
-
- if (PREDICT_FALSE (!macp0))
- goto next_l2_feature; /* MAC not found */
- if (PREDICT_FALSE (arp0->ip4_over_ethernet[0].ip4.as_u32 ==
- arp0->ip4_over_ethernet[1].ip4.as_u32))
- goto next_l2_feature; /* GARP */
-
- /* MAC found, send ARP reply -
- Convert ARP request packet to ARP reply */
- arp0->opcode = clib_host_to_net_u16 (ETHERNET_ARP_OPCODE_reply);
- arp0->ip4_over_ethernet[1] = arp0->ip4_over_ethernet[0];
- arp0->ip4_over_ethernet[0].ip4.as_u32 = ip0;
- mac_address_from_bytes (&arp0->ip4_over_ethernet[0].mac, macp0);
- clib_memcpy_fast (eth0->dst_address, eth0->src_address, 6);
- clib_memcpy_fast (eth0->src_address, macp0, 6);
- n_replies_sent += 1;
-
- output_response:
- /* For BVI, need to use l2-fwd node to send ARP reply as
- l2-output node cannot output packet to BVI properly */
- cfg0 = vec_elt_at_index (l2im->configs, sw_if_index0);
- if (PREDICT_FALSE (cfg0->bvi))
- {
- vnet_buffer (p0)->l2.feature_bitmap |= L2INPUT_FEAT_FWD;
- vnet_buffer (p0)->sw_if_index[VLIB_RX] = 0;
- goto next_l2_feature;
- }
-
- /* Send ARP/ND reply back out input interface through l2-output */
- vnet_buffer (p0)->sw_if_index[VLIB_TX] = sw_if_index0;
- next0 = ARP_TERM_NEXT_L2_OUTPUT;
- vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
- to_next, n_left_to_next, pi0,
- next0);
- continue;
-
- check_ip6_nd:
- /* IP6 ND event notification or solicitation handling to generate
- local response instead of flooding */
- iph0 = (ip6_header_t *) l3h0;
- if (PREDICT_FALSE (ethertype0 == ETHERNET_TYPE_IP6 &&
- iph0->protocol == IP_PROTOCOL_ICMP6 &&
- !ip6_address_is_unspecified
- (&iph0->src_address)))
- {
- sw_if_index0 = vnet_buffer (p0)->sw_if_index[VLIB_RX];
- if (vnet_ip6_nd_term
- (vm, node, p0, eth0, iph0, sw_if_index0,
- vnet_buffer (p0)->l2.bd_index))
- goto output_response;
- }
-
- next_l2_feature:
- {
- next0 = vnet_l2_feature_next (p0, arp_term_next_node_index,
- L2INPUT_FEAT_ARP_TERM);
- vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
- to_next, n_left_to_next,
- pi0, next0);
- continue;
- }
-
- drop:
- if (0 == arp0->ip4_over_ethernet[0].ip4.as_u32 ||
- (arp0->ip4_over_ethernet[0].ip4.as_u32 ==
- arp0->ip4_over_ethernet[1].ip4.as_u32))
- {
- error0 = ETHERNET_ARP_ERROR_gratuitous_arp;
- }
- next0 = ARP_TERM_NEXT_DROP;
- p0->error = node->errors[error0];
-
- vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
- to_next, n_left_to_next, pi0,
- next0);
- }
-
- vlib_put_next_frame (vm, node, next_index, n_left_to_next);
- }
-
- vlib_error_count (vm, node->node_index,
- ETHERNET_ARP_ERROR_replies_sent, n_replies_sent);
- return frame->n_vectors;
-}
-
-/* *INDENT-OFF* */
-VLIB_REGISTER_NODE (arp_term_l2bd_node, static) = {
- .function = arp_term_l2bd,
- .name = "arp-term-l2bd",
- .vector_size = sizeof (u32),
- .n_errors = ETHERNET_ARP_N_ERROR,
- .error_strings = ethernet_arp_error_strings,
- .n_next_nodes = ARP_TERM_N_NEXT,
- .next_nodes = {
- [ARP_TERM_NEXT_L2_OUTPUT] = "l2-output",
- [ARP_TERM_NEXT_DROP] = "error-drop",
- },
- .format_buffer = format_ethernet_arp_header,
- .format_trace = format_arp_term_input_trace,
-};
-/* *INDENT-ON* */
-
-clib_error_t *
-arp_term_init (vlib_main_t * vm)
-{
- // Initialize the feature next-node indexes
- feat_bitmap_init_next_nodes (vm,
- arp_term_l2bd_node.index,
- L2INPUT_N_FEAT,
- l2input_get_feat_names (),
- arp_term_next_node_index);
- return 0;
-}
-
-VLIB_INIT_FUNCTION (arp_term_init);
-
-void
-change_arp_mac (u32 sw_if_index, ethernet_arp_ip4_entry_t * e)
-{
- if (e->sw_if_index == sw_if_index)
- {
- adj_nbr_walk_nh4 (e->sw_if_index,
- &e->ip4_address, arp_mk_complete_walk, e);
- }
-}
-
-void
-ethernet_arp_change_mac (u32 sw_if_index)
-{
- ethernet_arp_main_t *am = &ethernet_arp_main;
- ethernet_arp_ip4_entry_t *e;
- adj_index_t ai;
-
- /* *INDENT-OFF* */
- pool_foreach (e, am->ip4_entry_pool,
- ({
- change_arp_mac (sw_if_index, e);
- }));
- /* *INDENT-ON* */
-
- ai = adj_glean_get (FIB_PROTOCOL_IP4, sw_if_index);
-
- if (ADJ_INDEX_INVALID != ai)
- adj_glean_update_rewrite (ai);
-}
-
-void
-send_ip4_garp (vlib_main_t * vm, u32 sw_if_index)
-{
- ip4_main_t *i4m = &ip4_main;
- ip4_address_t *ip4_addr = ip4_interface_first_address (i4m, sw_if_index, 0);
-
- send_ip4_garp_w_addr (vm, ip4_addr, sw_if_index);
-}
-
-void
-send_ip4_garp_w_addr (vlib_main_t * vm,
- const ip4_address_t * ip4_addr, u32 sw_if_index)
-{
- ip4_main_t *i4m = &ip4_main;
- vnet_main_t *vnm = vnet_get_main ();
- u8 *rewrite, rewrite_len;
- vnet_hw_interface_t *hi = vnet_get_sup_hw_interface (vnm, sw_if_index);
-
- if (ip4_addr)
- {
- clib_warning ("Sending GARP for IP4 address %U on sw_if_idex %d",
- format_ip4_address, ip4_addr, sw_if_index);
-
- /* Form GARP packet for output - Gratuitous ARP is an ARP request packet
- where the interface IP/MAC pair is used for both source and request
- MAC/IP pairs in the request */
- u32 bi = 0;
- ethernet_arp_header_t *h = vlib_packet_template_get_packet
- (vm, &i4m->ip4_arp_request_packet_template, &bi);
-
- if (!h)
- return;
-
- mac_address_from_bytes (&h->ip4_over_ethernet[0].mac, hi->hw_address);
- mac_address_from_bytes (&h->ip4_over_ethernet[1].mac, hi->hw_address);
- h->ip4_over_ethernet[0].ip4 = ip4_addr[0];
- h->ip4_over_ethernet[1].ip4 = ip4_addr[0];
-
- /* Setup MAC header with ARP Etype and broadcast DMAC */
- vlib_buffer_t *b = vlib_get_buffer (vm, bi);
- rewrite =
- ethernet_build_rewrite (vnm, sw_if_index, VNET_LINK_ARP,
- VNET_REWRITE_FOR_SW_INTERFACE_ADDRESS_BROADCAST);
- rewrite_len = vec_len (rewrite);
- vlib_buffer_advance (b, -rewrite_len);
- ethernet_header_t *e = vlib_buffer_get_current (b);
- clib_memcpy_fast (e->dst_address, rewrite, rewrite_len);
- vec_free (rewrite);
-
- /* Send GARP packet out the specified interface */
- vnet_buffer (b)->sw_if_index[VLIB_RX] =
- vnet_buffer (b)->sw_if_index[VLIB_TX] = sw_if_index;
- vlib_frame_t *f = vlib_get_frame_to_node (vm, hi->output_node_index);
- u32 *to_next = vlib_frame_vector_args (f);
- to_next[0] = bi;
- f->n_vectors = 1;
- vlib_put_frame_to_node (vm, hi->output_node_index, f);
- }
-}
-
-/*
- * Remove any arp entries associated with the specified interface
- */
-static clib_error_t *
-vnet_arp_delete_sw_interface (vnet_main_t * vnm, u32 sw_if_index, u32 is_add)
-{
- ethernet_arp_main_t *am = &ethernet_arp_main;
-
- if (!is_add && sw_if_index != ~0)
- {
- ethernet_arp_ip4_entry_t *e;
- /* *INDENT-OFF* */
- pool_foreach (e, am->ip4_entry_pool, ({
- if (e->sw_if_index != sw_if_index)
- continue;
- vnet_arp_set_ip4_over_ethernet_rpc_args_t args = {
- .sw_if_index = sw_if_index,
- .ip4 = e->ip4_address,
- };
- vnet_arp_unset_ip4_over_ethernet_internal (vnm, &args);
- }));
- /* *INDENT-ON* */
- arp_disable (am, sw_if_index);
- }
- else if (is_add)
- {
- vnet_feature_enable_disable ("arp", "arp-disabled",
- sw_if_index, 1, NULL, 0);
- }
-
- return (NULL);
-}
-
-VNET_SW_INTERFACE_ADD_DEL_FUNCTION (vnet_arp_delete_sw_interface);
-
-/*
- * fd.io coding-style-patch-verification: ON
- *
- * Local Variables:
- * eval: (c-set-style "gnu")
- * End:
- */
diff --git a/src/vnet/ethernet/arp.h b/src/vnet/ethernet/arp.h
deleted file mode 100644
index de92c4f419c..00000000000
--- a/src/vnet/ethernet/arp.h
+++ /dev/null
@@ -1,123 +0,0 @@
-/*
- * Copyright (c) 2015 Cisco and/or its affiliates.
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at:
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __ARP_H__
-#define __ARP_H__
-
-#include <vnet/ethernet/ethernet.h>
-#include <vnet/ethernet/arp_packet.h>
-#include <vnet/ip/ip.h>
-#include <vnet/ip/ip_neighbor.h>
-
-typedef struct
-{
- u32 sw_if_index;
- ip4_address_t ip4_address;
-
- mac_address_t mac;
-
- ip_neighbor_flags_t flags;
-
- f64 time_last_updated;
-
- /**
- * The index of the adj-fib entry created
- */
- fib_node_index_t fib_entry_index;
-} ethernet_arp_ip4_entry_t;
-
-extern u8 *format_ethernet_arp_ip4_entry (u8 * s, va_list * va);
-
-ethernet_arp_ip4_entry_t *ip4_neighbors_pool (void);
-ethernet_arp_ip4_entry_t *ip4_neighbor_entries (u32 sw_if_index);
-
-extern int vnet_proxy_arp_add_del (ip4_address_t * lo_addr,
- ip4_address_t * hi_addr,
- u32 fib_index, int is_del);
-
-extern int vnet_proxy_arp_enable_disable (vnet_main_t * vnm,
- u32 sw_if_index, u8 enable);
-
-extern int vnet_arp_set_ip4_over_ethernet (vnet_main_t * vnm,
- u32 sw_if_index,
- const
- ethernet_arp_ip4_over_ethernet_address_t
- * a, ip_neighbor_flags_t flags);
-
-extern int vnet_arp_unset_ip4_over_ethernet (vnet_main_t * vnm,
- u32 sw_if_index,
- const
- ethernet_arp_ip4_over_ethernet_address_t
- * a);
-
-void vnet_register_ip4_arp_resolution_event (vnet_main_t * vnm,
- void *address_arg,
- uword node_index,
- uword type_opaque, uword data);
-
-typedef int (*arp_change_event_cb_t) (u32 pool_index,
- const mac_address_t * mac,
- u32 sw_if_index,
- const ip4_address_t * address);
-
-int vnet_add_del_ip4_arp_change_event (vnet_main_t * vnm,
- arp_change_event_cb_t data_callback,
- u32 pid,
- void *address_arg,
- uword node_index,
- uword type_opaque,
- uword data, int is_add);
-
-void wc_arp_set_publisher_node (uword inode_index, uword event_type);
-
-void ethernet_arp_change_mac (u32 sw_if_index);
-void ethernet_ndp_change_mac (u32 sw_if_index);
-
-void arp_update_adjacency (vnet_main_t * vnm, u32 sw_if_index, u32 ai);
-
-typedef struct
-{
- u32 sw_if_index;
- ip4_address_t ip;
- mac_address_t mac;
-} wc_arp_report_t;
-
-/**
- * call back function when walking the DB of proxy ARPs
- * @return 0 to stop the walk !0 to continue
- */
-typedef walk_rc_t (proxy_arp_walk_t) (const ip4_address_t * lo_addr,
- const ip4_address_t * hi_addr,
- u32 fib_index, void *dat);
-
-extern void proxy_arp_walk (proxy_arp_walk_t cb, void *data);
-
-/**
- * call back function when walking the DB of proxy ARP interface
- * @return 0 to stop the walk !0 to continue
- */
-typedef walk_rc_t (proxy_arp_intf_walk_t) (u32 sw_if_index, void *data);
-
-extern void proxy_arp_intfc_walk (proxy_arp_intf_walk_t cb, void *data);
-
-#endif
-
-/*
- * fd.io coding-style-patch-verification: ON
- *
- * Local Variables:
- * eval: (c-set-style "gnu")
- * End:
- */
diff --git a/src/vnet/ethernet/arp_packet.c b/src/vnet/ethernet/arp_packet.c
new file mode 100644
index 00000000000..c72dab99ad5
--- /dev/null
+++ b/src/vnet/ethernet/arp_packet.c
@@ -0,0 +1,111 @@
+/*
+ * ethernet/arp.c: IP v4 ARP node
+ *
+ * Copyright (c) 2010 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <vnet/ethernet/arp_packet.h>
+#include <vnet/ethernet/ethernet.h>
+#include <vnet/ip/format.h>
+
+u8 *
+format_ethernet_arp_opcode (u8 * s, va_list * va)
+{
+ ethernet_arp_opcode_t o = va_arg (*va, ethernet_arp_opcode_t);
+ char *t = 0;
+ switch (o)
+ {
+#define _(f) case ETHERNET_ARP_OPCODE_##f: t = #f; break;
+ foreach_ethernet_arp_opcode;
+#undef _
+
+ default:
+ return format (s, "unknown 0x%x", o);
+ }
+
+ return format (s, "%s", t);
+}
+
+u8 *
+format_ethernet_arp_hardware_type (u8 * s, va_list * va)
+{
+ ethernet_arp_hardware_type_t h = va_arg (*va, ethernet_arp_hardware_type_t);
+ char *t = 0;
+ switch (h)
+ {
+#define _(n,f) case n: t = #f; break;
+ foreach_ethernet_arp_hardware_type;
+#undef _
+
+ default:
+ return format (s, "unknown 0x%x", h);
+ }
+
+ return format (s, "%s", t);
+}
+
+u8 *
+format_ethernet_arp_header (u8 * s, va_list * va)
+{
+ ethernet_arp_header_t *a = va_arg (*va, ethernet_arp_header_t *);
+ u32 max_header_bytes = va_arg (*va, u32);
+ u32 indent;
+ u16 l2_type, l3_type;
+
+ if (max_header_bytes != 0 && sizeof (a[0]) > max_header_bytes)
+ return format (s, "ARP header truncated");
+
+ l2_type = clib_net_to_host_u16 (a->l2_type);
+ l3_type = clib_net_to_host_u16 (a->l3_type);
+
+ indent = format_get_indent (s);
+
+ s = format (s, "%U, type %U/%U, address size %d/%d",
+ format_ethernet_arp_opcode, clib_net_to_host_u16 (a->opcode),
+ format_ethernet_arp_hardware_type, l2_type,
+ format_ethernet_type, l3_type,
+ a->n_l2_address_bytes, a->n_l3_address_bytes);
+
+ if (l2_type == ETHERNET_ARP_HARDWARE_TYPE_ethernet
+ && l3_type == ETHERNET_TYPE_IP4)
+ {
+ s = format (s, "\n%U%U/%U -> %U/%U",
+ format_white_space, indent,
+ format_mac_address_t, &a->ip4_over_ethernet[0].mac,
+ format_ip4_address, &a->ip4_over_ethernet[0].ip4,
+ format_mac_address_t, &a->ip4_over_ethernet[1].mac,
+ format_ip4_address, &a->ip4_over_ethernet[1].ip4);
+ }
+ else
+ {
+ uword n2 = a->n_l2_address_bytes;
+ uword n3 = a->n_l3_address_bytes;
+ s = format (s, "\n%U%U/%U -> %U/%U",
+ format_white_space, indent,
+ format_hex_bytes, a->data + 0 * n2 + 0 * n3, n2,
+ format_hex_bytes, a->data + 1 * n2 + 0 * n3, n3,
+ format_hex_bytes, a->data + 1 * n2 + 1 * n3, n2,
+ format_hex_bytes, a->data + 2 * n2 + 1 * n3, n3);
+ }
+
+ return s;
+}
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/ethernet/arp_packet.h b/src/vnet/ethernet/arp_packet.h
index b4e021cce19..a35adf17c85 100644
--- a/src/vnet/ethernet/arp_packet.h
+++ b/src/vnet/ethernet/arp_packet.h
@@ -18,6 +18,7 @@
#ifndef included_ethernet_arp_packet_h
#define included_ethernet_arp_packet_h
+#include <vnet/ip/ip4_packet.h>
#include <vnet/ethernet/mac_address.h>
#define foreach_ethernet_arp_hardware_type \
@@ -145,9 +146,9 @@ typedef struct
};
} ethernet_arp_header_t;
-void send_ip4_garp (vlib_main_t * vm, u32 sw_if_index);
-void send_ip4_garp_w_addr (vlib_main_t * vm,
- const ip4_address_t * ip4_addr, u32 sw_if_index);
+extern u8 *format_ethernet_arp_header (u8 * s, va_list * va);
+extern u8 *format_ethernet_arp_opcode (u8 * s, va_list * va);
+extern u8 *format_ethernet_arp_hardware_type (u8 * s, va_list * va);
#endif /* included_ethernet_arp_packet_h */
diff --git a/src/vnet/ethernet/ethernet.h b/src/vnet/ethernet/ethernet.h
index cde6fb90038..2e5209c4423 100644
--- a/src/vnet/ethernet/ethernet.h
+++ b/src/vnet/ethernet/ethernet.h
@@ -257,8 +257,19 @@ typedef struct
u32 input_next_mpls;
} next_by_ethertype_t;
+struct ethernet_main_t_;
+
+typedef void (ethernet_address_change_function_t)
+ (struct ethernet_main_t_ * im, u32 sw_if_index, uword opaque);
+
typedef struct
{
+ ethernet_address_change_function_t *function;
+ uword function_opaque;
+} ethernet_address_change_ctx_t;
+
+typedef struct ethernet_main_t_
+{
vlib_main_t *vlib_main;
/* next node index for the L3 input node of each ethertype */
@@ -300,6 +311,10 @@ typedef struct
/* Allocated loopback instances */
uword *bm_loopback_instances;
+
+ /** Functions to call when interface hw address changes. */
+ ethernet_address_change_ctx_t *address_change_callbacks;
+
} ethernet_main_t;
extern ethernet_main_t ethernet_main;
@@ -552,8 +567,6 @@ void ethernet_update_adjacency (vnet_main_t * vnm, u32 sw_if_index, u32 ai);
u8 *ethernet_build_rewrite (vnet_main_t * vnm,
u32 sw_if_index,
vnet_link_t link_type, const void *dst_address);
-const u8 *ethernet_ip4_mcast_dst_addr (void);
-const u8 *ethernet_ip6_mcast_dst_addr (void);
void ethernet_input_init (vlib_main_t * vm, ethernet_main_t * em);
extern vlib_node_registration_t ethernet_input_node;
diff --git a/src/vnet/ethernet/interface.c b/src/vnet/ethernet/interface.c
index d79669206a9..39e5cfb3cf8 100644
--- a/src/vnet/ethernet/interface.c
+++ b/src/vnet/ethernet/interface.c
@@ -41,10 +41,12 @@
#include <vnet/ip/ip.h>
#include <vnet/pg/pg.h>
#include <vnet/ethernet/ethernet.h>
-#include <vnet/ethernet/arp.h>
+//#include <vnet/ethernet/arp.h>
#include <vnet/l2/l2_input.h>
#include <vnet/l2/l2_bd.h>
#include <vnet/adj/adj.h>
+#include <vnet/adj/adj_mcast.h>
+#include <vnet/ip-neighbor/ip_neighbor.h>
/**
* @file
@@ -53,7 +55,7 @@
* This file contains code to manage loopback interfaces.
*/
-const u8 *
+static const u8 *
ethernet_ip4_mcast_dst_addr (void)
{
const static u8 ethernet_mcast_dst_mac[] = {
@@ -63,7 +65,7 @@ ethernet_ip4_mcast_dst_addr (void)
return (ethernet_mcast_dst_mac);
}
-const u8 *
+static const u8 *
ethernet_ip6_mcast_dst_addr (void)
{
const static u8 ethernet_mcast_dst_mac[] = {
@@ -195,27 +197,74 @@ ethernet_build_rewrite (vnet_main_t * vnm,
void
ethernet_update_adjacency (vnet_main_t * vnm, u32 sw_if_index, u32 ai)
{
- ip_adjacency_t *adj;
-
- adj = adj_get (ai);
-
vnet_sw_interface_t *si = vnet_get_sw_interface (vnm, sw_if_index);
+
if ((si->type == VNET_SW_INTERFACE_TYPE_P2P) ||
(si->type == VNET_SW_INTERFACE_TYPE_PIPE))
{
default_update_adjacency (vnm, sw_if_index, ai);
}
- else if (FIB_PROTOCOL_IP4 == adj->ia_nh_proto)
- {
- arp_update_adjacency (vnm, sw_if_index, ai);
- }
- else if (FIB_PROTOCOL_IP6 == adj->ia_nh_proto)
- {
- ip6_ethernet_update_adjacency (vnm, sw_if_index, ai);
- }
else
{
- ASSERT (0);
+ ip_adjacency_t *adj;
+
+ adj = adj_get (ai);
+
+ switch (adj->lookup_next_index)
+ {
+ case IP_LOOKUP_NEXT_GLEAN:
+ adj_glean_update_rewrite (ai);
+ break;
+ case IP_LOOKUP_NEXT_ARP:
+ ip_neighbor_update (vnm, ai);
+ break;
+ case IP_LOOKUP_NEXT_BCAST:
+ adj_nbr_update_rewrite (ai,
+ ADJ_NBR_REWRITE_FLAG_COMPLETE,
+ ethernet_build_rewrite
+ (vnm,
+ adj->rewrite_header.sw_if_index,
+ adj->ia_link,
+ VNET_REWRITE_FOR_SW_INTERFACE_ADDRESS_BROADCAST));
+ break;
+ case IP_LOOKUP_NEXT_MCAST:
+ {
+ /*
+ * Construct a partial rewrite from the known ethernet mcast dest MAC
+ */
+ u8 *rewrite;
+ u8 offset;
+
+ rewrite = ethernet_build_rewrite
+ (vnm,
+ sw_if_index,
+ adj->ia_link,
+ (adj->ia_nh_proto == FIB_PROTOCOL_IP6 ?
+ ethernet_ip6_mcast_dst_addr () :
+ ethernet_ip4_mcast_dst_addr ()));
+
+ /*
+ * Complete the remaining fields of the adj's rewrite to direct the
+ * complete of the rewrite at switch time by copying in the IP
+ * dst address's bytes.
+ * Ofset is 2 bytes into the destintation address.
+ */
+ offset = vec_len (rewrite) - 2;
+ adj_mcast_update_rewrite (ai, rewrite, offset);
+
+ break;
+ }
+ case IP_LOOKUP_NEXT_DROP:
+ case IP_LOOKUP_NEXT_PUNT:
+ case IP_LOOKUP_NEXT_LOCAL:
+ case IP_LOOKUP_NEXT_REWRITE:
+ case IP_LOOKUP_NEXT_MCAST_MIDCHAIN:
+ case IP_LOOKUP_NEXT_MIDCHAIN:
+ case IP_LOOKUP_NEXT_ICMP_ERROR:
+ case IP_LOOKUP_N_NEXT:
+ ASSERT (0);
+ break;
+ }
}
}
@@ -234,8 +283,12 @@ ethernet_mac_change (vnet_hw_interface_t * hi,
clib_memcpy (hi->hw_address, mac_address, vec_len (hi->hw_address));
clib_memcpy (ei->address, (u8 *) mac_address, sizeof (ei->address));
- ethernet_arp_change_mac (hi->sw_if_index);
- ethernet_ndp_change_mac (hi->sw_if_index);
+
+ {
+ ethernet_address_change_ctx_t *cb;
+ vec_foreach (cb, em->address_change_callbacks)
+ cb->function (em, hi->sw_if_index, cb->function_opaque);
+ }
return (NULL);
}
diff --git a/src/vnet/ethernet/mac_address.c b/src/vnet/ethernet/mac_address.c
index 6f40e50efa2..b7981299700 100644
--- a/src/vnet/ethernet/mac_address.c
+++ b/src/vnet/ethernet/mac_address.c
@@ -61,6 +61,16 @@ unformat_mac_address_t (unformat_input_t * input, va_list * args)
return (0);
}
+void
+mac_address_increment (mac_address_t * mac)
+{
+ u64 a;
+
+ a = mac_address_as_u64 (mac);
+ a++;
+ mac_address_from_u64 (mac, a);
+}
+
/*
* fd.io coding-style-patch-verification: ON
*
diff --git a/src/vnet/ethernet/mac_address.h b/src/vnet/ethernet/mac_address.h
index 01fb76e002b..aa773c5c449 100644
--- a/src/vnet/ethernet/mac_address.h
+++ b/src/vnet/ethernet/mac_address.h
@@ -149,6 +149,7 @@ mac_address_set_zero (mac_address_t * mac)
mac->u.last_2 = 0;
}
+extern void mac_address_increment (mac_address_t * mac);
extern uword unformat_mac_address_t (unformat_input_t * input,
va_list * args);
extern u8 *format_mac_address_t (u8 * s, va_list * args);
diff --git a/src/vnet/fib/fib_entry.c b/src/vnet/fib/fib_entry.c
index 0e5482840bf..d8c57fd1032 100644
--- a/src/vnet/fib/fib_entry.c
+++ b/src/vnet/fib/fib_entry.c
@@ -1713,6 +1713,29 @@ fib_entry_pool_size (void)
return (pool_elts(fib_entry_pool));
}
+#ifdef CLIB_DEBUG
+void
+fib_table_assert_empty (const fib_table_t *fib_table)
+{
+ fib_node_index_t *fei, *feis = NULL;
+ fib_entry_t *fib_entry;
+
+ pool_foreach (fib_entry, fib_entry_pool,
+ ({
+ if (fib_entry->fe_fib_index == fib_table->ft_index)
+ vec_add1 (feis, fib_entry_get_index(fib_entry));
+ }));
+
+ if (vec_len(feis))
+ {
+ vec_foreach (fei, feis)
+ clib_error ("%U", format_fib_entry, *fei, FIB_ENTRY_FORMAT_DETAIL);
+ }
+
+ ASSERT(0);
+}
+#endif
+
static clib_error_t *
show_fib_entry_command (vlib_main_t * vm,
unformat_input_t * input,
diff --git a/src/vnet/fib/fib_path.c b/src/vnet/fib/fib_path.c
index 1eb195d3a52..ef5d58c9e2b 100644
--- a/src/vnet/fib/fib_path.c
+++ b/src/vnet/fib/fib_path.c
@@ -1590,8 +1590,8 @@ fib_path_cmp_i (const fib_path_t *path1,
path2->attached.fp_interface);
break;
case FIB_PATH_TYPE_RECURSIVE:
- res = ip46_address_cmp(&path1->recursive.fp_nh,
- &path2->recursive.fp_nh);
+ res = ip46_address_cmp(&path1->recursive.fp_nh.fp_ip,
+ &path2->recursive.fp_nh.fp_ip);
if (0 == res)
{
diff --git a/src/vnet/fib/fib_table.h b/src/vnet/fib/fib_table.h
index 59ebb0b0161..a11f0560338 100644
--- a/src/vnet/fib/fib_table.h
+++ b/src/vnet/fib/fib_table.h
@@ -957,4 +957,12 @@ extern void fib_table_sub_tree_walk(u32 fib_index,
*/
extern u8 *format_fib_table_memory(u8 *s, va_list *args);
+/**
+ * Debug function
+ */
+#ifdef CLIB_DEBUG
+extern void fib_table_assert_empty(const fib_table_t *fib_table);
+#endif
+
+
#endif
diff --git a/src/vnet/fib/fib_types.c b/src/vnet/fib/fib_types.c
index 3ac5c1d1183..c859913eeff 100644
--- a/src/vnet/fib/fib_types.c
+++ b/src/vnet/fib/fib_types.c
@@ -166,6 +166,21 @@ fib_prefix_is_cover (const fib_prefix_t *p1,
return (0);
}
+u8
+fib_prefix_get_host_length (fib_protocol_t proto)
+{
+ switch (proto)
+ {
+ case FIB_PROTOCOL_IP4:
+ return (32);
+ case FIB_PROTOCOL_IP6:
+ return (128);
+ case FIB_PROTOCOL_MPLS:
+ return (21);
+ }
+ return (0);
+}
+
int
fib_prefix_is_host (const fib_prefix_t *prefix)
{
diff --git a/src/vnet/fib/fib_types.h b/src/vnet/fib/fib_types.h
index 11e5bf4ebae..333b2abd240 100644
--- a/src/vnet/fib/fib_types.h
+++ b/src/vnet/fib/fib_types.h
@@ -18,7 +18,7 @@
#include <stdbool.h>
#include <vlib/vlib.h>
-#include <vnet/ip/ip6_packet.h>
+#include <vnet/ip/ip46_address.h>
#include <vnet/mpls/packet.h>
#include <vnet/dpo/dpo.h>
#include <vnet/bier/bier_types.h>
@@ -265,7 +265,7 @@ extern int fib_prefix_is_cover(const fib_prefix_t *p1,
* \brief Return true is the prefix is a host prefix
*/
extern int fib_prefix_is_host(const fib_prefix_t *p);
-
+extern u8 fib_prefix_get_host_length (fib_protocol_t proto);
/**
* \brief Host prefix from ip
diff --git a/src/vnet/fib/ip4_fib.c b/src/vnet/fib/ip4_fib.c
index e4ff1bf77cc..d4ef698bc9a 100644
--- a/src/vnet/fib/ip4_fib.c
+++ b/src/vnet/fib/ip4_fib.c
@@ -182,7 +182,10 @@ ip4_fib_table_destroy (u32 fib_index)
/*
* validate no more routes.
*/
- ASSERT(0 == fib_table->ft_total_route_counts);
+#ifdef CLIB_DEBUG
+ if (0 != fib_table->ft_total_route_counts)
+ fib_table_assert_empty(fib_table);
+#endif
vec_foreach(n_locks, fib_table->ft_src_route_counts)
{
diff --git a/src/vnet/fib/ip6_fib.c b/src/vnet/fib/ip6_fib.c
index 06160c5a15a..784f52c0460 100644
--- a/src/vnet/fib/ip6_fib.c
+++ b/src/vnet/fib/ip6_fib.c
@@ -154,7 +154,11 @@ ip6_fib_table_destroy (u32 fib_index)
/*
* validate no more routes.
*/
- ASSERT(0 == fib_table->ft_total_route_counts);
+#ifdef CLIB_DEBUG
+ if (0 != fib_table->ft_total_route_counts)
+ fib_table_assert_empty(fib_table);
+#endif
+
vec_foreach_index(source, fib_table->ft_src_route_counts)
{
ASSERT(0 == fib_table->ft_src_route_counts[source]);
diff --git a/src/vnet/ip-neighbor/ip4_neighbor.c b/src/vnet/ip-neighbor/ip4_neighbor.c
new file mode 100644
index 00000000000..2a9e2675a78
--- /dev/null
+++ b/src/vnet/ip-neighbor/ip4_neighbor.c
@@ -0,0 +1,319 @@
+/*
+ * Copyright (c) 2015 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/*
+ * ip/ip4_forward.c: IP v4 forwarding
+ *
+ * Copyright (c) 2008 Eliot Dresselhaus
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining
+ * a copy of this software and associated documentation files (the
+ * "Software"), to deal in the Software without restriction, including
+ * without limitation the rights to use, copy, modify, merge, publish,
+ * distribute, sublicense, and/or sell copies of the Software, and to
+ * permit persons to whom the Software is furnished to do so, subject to
+ * the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be
+ * included in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+ * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+ * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+ * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ */
+
+#include <vnet/ip-neighbor/ip4_neighbor.h>
+#include <vnet/ethernet/ethernet.h>
+
+void
+ip4_neighbor_probe_dst (const ip_adjacency_t * adj, const ip4_address_t * dst)
+{
+ ip_interface_address_t *ia;
+ ip4_address_t *src;
+
+ src = ip4_interface_address_matching_destination
+ (&ip4_main,
+ &adj->sub_type.nbr.next_hop.ip4, adj->rewrite_header.sw_if_index, &ia);
+ if (!src)
+ return;
+
+ ip4_neighbor_probe (vlib_get_main (), vnet_get_main (), adj, src, dst);
+}
+
+void
+ip4_neighbor_advertise (vlib_main_t * vm,
+ vnet_main_t * vnm,
+ u32 sw_if_index, const ip4_address_t * addr)
+{
+ vnet_hw_interface_t *hi = vnet_get_sup_hw_interface (vnm, sw_if_index);
+ ip4_main_t *i4m = &ip4_main;
+ u8 *rewrite, rewrite_len;
+
+ if (NULL == addr)
+ {
+ ip4_main_t *i4m = &ip4_main;
+ addr = ip4_interface_first_address (i4m, sw_if_index, 0);
+ }
+
+ if (addr)
+ {
+ clib_warning ("Sending GARP for IP4 address %U on sw_if_idex %d",
+ format_ip4_address, addr, sw_if_index);
+
+ /* Form GARP packet for output - Gratuitous ARP is an ARP request packet
+ where the interface IP/MAC pair is used for both source and request
+ MAC/IP pairs in the request */
+ u32 bi = 0;
+ ethernet_arp_header_t *h = vlib_packet_template_get_packet
+ (vm, &i4m->ip4_arp_request_packet_template, &bi);
+
+ if (!h)
+ return;
+
+ mac_address_from_bytes (&h->ip4_over_ethernet[0].mac, hi->hw_address);
+ mac_address_from_bytes (&h->ip4_over_ethernet[1].mac, hi->hw_address);
+ h->ip4_over_ethernet[0].ip4 = addr[0];
+ h->ip4_over_ethernet[1].ip4 = addr[0];
+
+ /* Setup MAC header with ARP Etype and broadcast DMAC */
+ vlib_buffer_t *b = vlib_get_buffer (vm, bi);
+ rewrite =
+ ethernet_build_rewrite (vnm, sw_if_index, VNET_LINK_ARP,
+ VNET_REWRITE_FOR_SW_INTERFACE_ADDRESS_BROADCAST);
+ rewrite_len = vec_len (rewrite);
+ vlib_buffer_advance (b, -rewrite_len);
+ ethernet_header_t *e = vlib_buffer_get_current (b);
+ clib_memcpy_fast (e->dst_address, rewrite, rewrite_len);
+ vec_free (rewrite);
+
+ /* Send GARP packet out the specified interface */
+ vnet_buffer (b)->sw_if_index[VLIB_RX] =
+ vnet_buffer (b)->sw_if_index[VLIB_TX] = sw_if_index;
+ vlib_frame_t *f = vlib_get_frame_to_node (vm, hi->output_node_index);
+ u32 *to_next = vlib_frame_vector_args (f);
+ to_next[0] = bi;
+ f->n_vectors = 1;
+ vlib_put_frame_to_node (vm, hi->output_node_index, f);
+ }
+}
+
+always_inline uword
+ip4_arp_inline (vlib_main_t * vm,
+ vlib_node_runtime_t * node,
+ vlib_frame_t * frame, int is_glean)
+{
+ vnet_main_t *vnm = vnet_get_main ();
+ ip4_main_t *im = &ip4_main;
+ ip_lookup_main_t *lm = &im->lookup_main;
+ u32 *from, *to_next_drop;
+ uword n_left_from, n_left_to_next_drop, next_index;
+ u32 thread_index = vm->thread_index;
+ u64 seed;
+
+ if (node->flags & VLIB_NODE_FLAG_TRACE)
+ ip4_forward_next_trace (vm, node, frame, VLIB_TX);
+
+ seed = throttle_seed (&im->arp_throttle, thread_index, vlib_time_now (vm));
+
+ from = vlib_frame_vector_args (frame);
+ n_left_from = frame->n_vectors;
+ next_index = node->cached_next_index;
+ if (next_index == IP4_ARP_NEXT_DROP)
+ next_index = IP4_ARP_N_NEXT; /* point to first interface */
+
+ while (n_left_from > 0)
+ {
+ vlib_get_next_frame (vm, node, IP4_ARP_NEXT_DROP,
+ to_next_drop, n_left_to_next_drop);
+
+ while (n_left_from > 0 && n_left_to_next_drop > 0)
+ {
+ u32 pi0, adj_index0, sw_if_index0;
+ ip4_address_t resolve0, src0;
+ vlib_buffer_t *p0, *b0;
+ ip_adjacency_t *adj0;
+ u64 r0;
+
+ pi0 = from[0];
+ p0 = vlib_get_buffer (vm, pi0);
+
+ from += 1;
+ n_left_from -= 1;
+ to_next_drop[0] = pi0;
+ to_next_drop += 1;
+ n_left_to_next_drop -= 1;
+
+ adj_index0 = vnet_buffer (p0)->ip.adj_index[VLIB_TX];
+ adj0 = adj_get (adj_index0);
+ sw_if_index0 = adj0->rewrite_header.sw_if_index;
+
+ if (is_glean)
+ {
+ /* resolve the packet's destination */
+ ip4_header_t *ip0 = vlib_buffer_get_current (p0);
+ resolve0 = ip0->dst_address;
+ src0 = adj0->sub_type.glean.receive_addr.ip4;
+ }
+ else
+ {
+ /* resolve the incomplete adj */
+ resolve0 = adj0->sub_type.nbr.next_hop.ip4;
+ /* Src IP address in ARP header. */
+ if (ip4_src_address_for_packet (lm, sw_if_index0, &src0))
+ {
+ /* No source address available */
+ p0->error = node->errors[IP4_ARP_ERROR_NO_SOURCE_ADDRESS];
+ continue;
+ }
+ }
+
+ /* combine the address and interface for the hash key */
+ r0 = (u64) resolve0.data_u32 << 32;
+ r0 |= sw_if_index0;
+
+ if (throttle_check (&im->arp_throttle, thread_index, r0, seed))
+ {
+ p0->error = node->errors[IP4_ARP_ERROR_THROTTLED];
+ continue;
+ }
+
+ /*
+ * the adj has been updated to a rewrite but the node the DPO that got
+ * us here hasn't - yet. no big deal. we'll drop while we wait.
+ */
+ if (IP_LOOKUP_NEXT_REWRITE == adj0->lookup_next_index)
+ {
+ p0->error = node->errors[IP4_ARP_ERROR_RESOLVED];
+ continue;
+ }
+
+ /*
+ * Can happen if the control-plane is programming tables
+ * with traffic flowing; at least that's today's lame excuse.
+ */
+ if ((is_glean && adj0->lookup_next_index != IP_LOOKUP_NEXT_GLEAN)
+ || (!is_glean && adj0->lookup_next_index != IP_LOOKUP_NEXT_ARP))
+ {
+ p0->error = node->errors[IP4_ARP_ERROR_NON_ARP_ADJ];
+ continue;
+ }
+
+ /* Send ARP request. */
+ b0 = ip4_neighbor_probe (vm, vnm, adj0, &src0, &resolve0);
+
+ if (PREDICT_TRUE (NULL != b0))
+ {
+ /* copy the persistent fields from the original */
+ clib_memcpy_fast (b0->opaque2, p0->opaque2,
+ sizeof (p0->opaque2));
+ p0->error = node->errors[IP4_ARP_ERROR_REQUEST_SENT];
+ }
+ else
+ {
+ p0->error = node->errors[IP4_ARP_ERROR_NO_BUFFERS];
+ continue;
+ }
+ }
+
+ vlib_put_next_frame (vm, node, IP4_ARP_NEXT_DROP, n_left_to_next_drop);
+ }
+
+ return frame->n_vectors;
+}
+
+VLIB_NODE_FN (ip4_arp_node) (vlib_main_t * vm, vlib_node_runtime_t * node,
+ vlib_frame_t * frame)
+{
+ return (ip4_arp_inline (vm, node, frame, 0));
+}
+
+VLIB_NODE_FN (ip4_glean_node) (vlib_main_t * vm, vlib_node_runtime_t * node,
+ vlib_frame_t * frame)
+{
+ return (ip4_arp_inline (vm, node, frame, 1));
+}
+
+static char *ip4_arp_error_strings[] = {
+ [IP4_ARP_ERROR_THROTTLED] = "ARP requests throttled",
+ [IP4_ARP_ERROR_RESOLVED] = "ARP requests resolved",
+ [IP4_ARP_ERROR_NO_BUFFERS] = "ARP requests out of buffer",
+ [IP4_ARP_ERROR_REQUEST_SENT] = "ARP requests sent",
+ [IP4_ARP_ERROR_NON_ARP_ADJ] = "ARPs to non-ARP adjacencies",
+ [IP4_ARP_ERROR_NO_SOURCE_ADDRESS] = "no source address for ARP request",
+};
+
+/* *INDENT-OFF* */
+VLIB_REGISTER_NODE (ip4_arp_node) =
+{
+ .name = "ip4-arp",
+ .vector_size = sizeof (u32),
+ .format_trace = format_ip4_forward_next_trace,
+ .n_errors = ARRAY_LEN (ip4_arp_error_strings),
+ .error_strings = ip4_arp_error_strings,
+ .n_next_nodes = IP4_ARP_N_NEXT,
+ .next_nodes = {
+ [IP4_ARP_NEXT_DROP] = "ip4-drop",
+ },
+};
+
+VLIB_REGISTER_NODE (ip4_glean_node) =
+{
+ .name = "ip4-glean",
+ .vector_size = sizeof (u32),
+ .format_trace = format_ip4_forward_next_trace,
+ .n_errors = ARRAY_LEN (ip4_arp_error_strings),
+ .error_strings = ip4_arp_error_strings,
+ .n_next_nodes = IP4_ARP_N_NEXT,
+ .next_nodes = {
+ [IP4_ARP_NEXT_DROP] = "ip4-drop",
+ },
+};
+/* *INDENT-ON* */
+
+#define foreach_notrace_ip4_arp_error \
+_(THROTTLED) \
+_(RESOLVED) \
+_(NO_BUFFERS) \
+_(REQUEST_SENT) \
+_(NON_ARP_ADJ) \
+_(NO_SOURCE_ADDRESS)
+
+static clib_error_t *
+arp_notrace_init (vlib_main_t * vm)
+{
+ vlib_node_runtime_t *rt = vlib_node_get_runtime (vm, ip4_arp_node.index);
+
+ /* don't trace ARP request packets */
+#define _(a) \
+ vnet_pcap_drop_trace_filter_add_del \
+ (rt->errors[IP4_ARP_ERROR_##a], \
+ 1 /* is_add */);
+ foreach_notrace_ip4_arp_error;
+#undef _
+ return 0;
+}
+
+VLIB_INIT_FUNCTION (arp_notrace_init);
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/ip-neighbor/ip4_neighbor.h b/src/vnet/ip-neighbor/ip4_neighbor.h
new file mode 100644
index 00000000000..c52e2d446af
--- /dev/null
+++ b/src/vnet/ip-neighbor/ip4_neighbor.h
@@ -0,0 +1,85 @@
+/*
+ * Copyright (c) 2019 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __IP4_NEIGHBOR_H__
+#define __IP4_NEIGHBOR_H__
+
+#include <vnet/ip/ip.h>
+#include <vnet/ethernet/arp_packet.h>
+
+extern void ip4_neighbor_probe_dst (const ip_adjacency_t * adj,
+ const ip4_address_t * dst);
+extern void ip4_neighbor_advertise (vlib_main_t * vm,
+ vnet_main_t * vnm,
+ u32 sw_if_index,
+ const ip4_address_t * addr);
+
+always_inline vlib_buffer_t *
+ip4_neighbor_probe (vlib_main_t * vm,
+ vnet_main_t * vnm,
+ const ip_adjacency_t * adj0,
+ const ip4_address_t * src, const ip4_address_t * dst)
+{
+ vnet_hw_interface_t *hw_if0;
+ ethernet_arp_header_t *h0;
+ vlib_buffer_t *b0;
+ u32 bi0;
+
+ /* Send ARP request. */
+ h0 = vlib_packet_template_get_packet (vm,
+ &ip4_main.ip4_arp_request_packet_template,
+ &bi0);
+ /* Seems we're out of buffers */
+ if (PREDICT_FALSE (!h0))
+ return (NULL);
+
+ b0 = vlib_get_buffer (vm, bi0);
+
+ /* Add rewrite/encap string for ARP packet. */
+ vnet_rewrite_one_header (adj0[0], h0, sizeof (ethernet_header_t));
+
+ hw_if0 = vnet_get_sup_hw_interface (vnm, adj0->rewrite_header.sw_if_index);
+
+ /* Src ethernet address in ARP header. */
+ mac_address_from_bytes (&h0->ip4_over_ethernet[0].mac, hw_if0->hw_address);
+
+ h0->ip4_over_ethernet[0].ip4 = *src;
+ h0->ip4_over_ethernet[1].ip4 = *dst;
+
+ VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b0);
+ vnet_buffer (b0)->sw_if_index[VLIB_TX] = adj0->rewrite_header.sw_if_index;
+
+ vlib_buffer_advance (b0, -adj0->rewrite_header.data_bytes);
+
+ {
+ vlib_frame_t *f = vlib_get_frame_to_node (vm, hw_if0->output_node_index);
+ u32 *to_next = vlib_frame_vector_args (f);
+ to_next[0] = bi0;
+ f->n_vectors = 1;
+ vlib_put_frame_to_node (vm, hw_if0->output_node_index, f);
+ }
+
+ return b0;
+}
+
+#endif
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/ip-neighbor/ip6_neighbor.c b/src/vnet/ip-neighbor/ip6_neighbor.c
new file mode 100644
index 00000000000..325db8c6277
--- /dev/null
+++ b/src/vnet/ip-neighbor/ip6_neighbor.c
@@ -0,0 +1,338 @@
+/*
+ * ip/ip6_neighbor.c: IP6 neighbor handling
+ *
+ * Copyright (c) 2010 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <vnet/ip-neighbor/ip6_neighbor.h>
+
+void
+ip6_neighbor_probe_dst (const ip_adjacency_t * adj, const ip6_address_t * dst)
+{
+ ip_interface_address_t *ia;
+ ip6_address_t *src;
+
+ src = ip6_interface_address_matching_destination
+ (&ip6_main, dst, adj->rewrite_header.sw_if_index, &ia);
+
+ if (!src)
+ return;
+
+ ip6_neighbor_probe (vlib_get_main (), vnet_get_main (), adj, src, dst);
+}
+
+void
+ip6_neighbor_advertise (vlib_main_t * vm,
+ vnet_main_t * vnm,
+ u32 sw_if_index, const ip6_address_t * addr)
+{
+ vnet_hw_interface_t *hi = vnet_get_sup_hw_interface (vnm, sw_if_index);
+ ip6_main_t *i6m = &ip6_main;
+ u8 *rewrite, rewrite_len;
+ u8 dst_address[6];
+
+ if (NULL == addr)
+ addr = ip6_interface_first_address (i6m, sw_if_index);
+
+ if (addr)
+ {
+ clib_warning
+ ("Sending unsolicitated NA IP6 address %U on sw_if_idex %d",
+ format_ip6_address, addr, sw_if_index);
+
+ /* Form unsolicited neighbor advertisement packet from NS pkt template */
+ int bogus_length;
+ u32 bi = 0;
+ icmp6_neighbor_solicitation_header_t *h =
+ vlib_packet_template_get_packet (vm,
+ &ip6_neighbor_packet_template,
+ &bi);
+ if (!h)
+ return;
+
+ ip6_set_reserved_multicast_address (&h->ip.dst_address,
+ IP6_MULTICAST_SCOPE_link_local,
+ IP6_MULTICAST_GROUP_ID_all_hosts);
+ h->ip.src_address = addr[0];
+ h->neighbor.icmp.type = ICMP6_neighbor_advertisement;
+ h->neighbor.target_address = addr[0];
+ h->neighbor.advertisement_flags = clib_host_to_net_u32
+ (ICMP6_NEIGHBOR_ADVERTISEMENT_FLAG_OVERRIDE);
+ h->link_layer_option.header.type =
+ ICMP6_NEIGHBOR_DISCOVERY_OPTION_target_link_layer_address;
+ clib_memcpy (h->link_layer_option.ethernet_address,
+ hi->hw_address, vec_len (hi->hw_address));
+ h->neighbor.icmp.checksum =
+ ip6_tcp_udp_icmp_compute_checksum (vm, 0, &h->ip, &bogus_length);
+ ASSERT (bogus_length == 0);
+
+ /* Setup MAC header with IP6 Etype and mcast DMAC */
+ vlib_buffer_t *b = vlib_get_buffer (vm, bi);
+ ip6_multicast_ethernet_address (dst_address,
+ IP6_MULTICAST_GROUP_ID_all_hosts);
+ rewrite =
+ ethernet_build_rewrite (vnm, sw_if_index, VNET_LINK_IP6, dst_address);
+ rewrite_len = vec_len (rewrite);
+ vlib_buffer_advance (b, -rewrite_len);
+ ethernet_header_t *e = vlib_buffer_get_current (b);
+ clib_memcpy (e->dst_address, rewrite, rewrite_len);
+ vec_free (rewrite);
+
+ /* Send unsolicited ND advertisement packet out the specified interface */
+ vnet_buffer (b)->sw_if_index[VLIB_RX] =
+ vnet_buffer (b)->sw_if_index[VLIB_TX] = sw_if_index;
+ vlib_frame_t *f = vlib_get_frame_to_node (vm, hi->output_node_index);
+ u32 *to_next = vlib_frame_vector_args (f);
+ to_next[0] = bi;
+ f->n_vectors = 1;
+ vlib_put_frame_to_node (vm, hi->output_node_index, f);
+ }
+}
+
+typedef enum
+{
+ IP6_NBR_NEXT_DROP,
+ IP6_NBR_NEXT_REPLY_TX,
+ IP6_NBR_N_NEXT,
+} ip6_discover_neighbor_next_t;
+
+typedef enum
+{
+ IP6_NBR_ERROR_DROP,
+ IP6_NBR_ERROR_REQUEST_SENT,
+ IP6_NBR_ERROR_NO_SOURCE_ADDRESS,
+ IP6_NBR_ERROR_NO_BUFFERS,
+} ip6_discover_neighbor_error_t;
+
+static uword
+ip6_discover_neighbor_inline (vlib_main_t * vm,
+ vlib_node_runtime_t * node,
+ vlib_frame_t * frame, int is_glean)
+{
+ vnet_main_t *vnm = vnet_get_main ();
+ ip6_main_t *im = &ip6_main;
+ u32 *from, *to_next_drop;
+ uword n_left_from, n_left_to_next_drop;
+ u64 seed;
+ u32 thread_index = vm->thread_index;
+
+ if (node->flags & VLIB_NODE_FLAG_TRACE)
+ ip6_forward_next_trace (vm, node, frame, VLIB_TX);
+
+ seed = throttle_seed (&im->nd_throttle, thread_index, vlib_time_now (vm));
+
+ from = vlib_frame_vector_args (frame);
+ n_left_from = frame->n_vectors;
+
+ while (n_left_from > 0)
+ {
+ vlib_get_next_frame (vm, node, IP6_NBR_NEXT_DROP,
+ to_next_drop, n_left_to_next_drop);
+
+ while (n_left_from > 0 && n_left_to_next_drop > 0)
+ {
+ u32 pi0, adj_index0, sw_if_index0, drop0, r0;
+ vnet_hw_interface_t *hw_if0;
+ vlib_buffer_t *p0, *b0;
+ ip_adjacency_t *adj0;
+ ip6_address_t src;
+ ip6_header_t *ip0;
+
+ pi0 = from[0];
+
+ p0 = vlib_get_buffer (vm, pi0);
+
+ adj_index0 = vnet_buffer (p0)->ip.adj_index[VLIB_TX];
+
+ ip0 = vlib_buffer_get_current (p0);
+
+ adj0 = adj_get (adj_index0);
+
+ if (!is_glean)
+ {
+ ip0->dst_address.as_u64[0] =
+ adj0->sub_type.nbr.next_hop.ip6.as_u64[0];
+ ip0->dst_address.as_u64[1] =
+ adj0->sub_type.nbr.next_hop.ip6.as_u64[1];
+ }
+
+ sw_if_index0 = adj0->rewrite_header.sw_if_index;
+ vnet_buffer (p0)->sw_if_index[VLIB_TX] = sw_if_index0;
+
+ /* combine the address and interface for a hash */
+ r0 = ip6_address_hash_to_u64 (&ip0->dst_address) ^ sw_if_index0;
+
+ drop0 = throttle_check (&im->nd_throttle, thread_index, r0, seed);
+
+ from += 1;
+ n_left_from -= 1;
+ to_next_drop[0] = pi0;
+ to_next_drop += 1;
+ n_left_to_next_drop -= 1;
+
+ hw_if0 = vnet_get_sup_hw_interface (vnm, sw_if_index0);
+
+ /* If the interface is link-down, drop the pkt */
+ if (!(hw_if0->flags & VNET_HW_INTERFACE_FLAG_LINK_UP))
+ drop0 = 1;
+
+ if (!ip6_link_is_enabled (sw_if_index0))
+ drop0 = 1;
+
+ /*
+ * the adj has been updated to a rewrite but the node the DPO that got
+ * us here hasn't - yet. no big deal. we'll drop while we wait.
+ */
+ if (IP_LOOKUP_NEXT_REWRITE == adj0->lookup_next_index)
+ drop0 = 1;
+
+ if (drop0)
+ {
+ p0->error = node->errors[IP6_NBR_ERROR_DROP];
+ continue;
+ }
+
+ /*
+ * Choose source address based on destination lookup
+ * adjacency.
+ */
+ if (!ip6_src_address_for_packet (sw_if_index0,
+ &ip0->dst_address, &src))
+ {
+ /* There is no address on the interface */
+ p0->error = node->errors[IP6_NBR_ERROR_NO_SOURCE_ADDRESS];
+ continue;
+ }
+
+ b0 = ip6_neighbor_probe (vm, vnm, adj0, &src, &ip0->dst_address);
+
+ if (PREDICT_TRUE (NULL != b0))
+ {
+ clib_memcpy_fast (b0->opaque2, p0->opaque2,
+ sizeof (p0->opaque2));
+ b0->flags |= p0->flags & VLIB_BUFFER_IS_TRACED;
+ b0->trace_handle = p0->trace_handle;
+ p0->error = node->errors[IP6_NBR_ERROR_REQUEST_SENT];
+ }
+ else
+ {
+ /* There is no address on the interface */
+ p0->error = node->errors[IP6_NBR_ERROR_NO_BUFFERS];
+ continue;
+ }
+ }
+
+ vlib_put_next_frame (vm, node, IP6_NBR_NEXT_DROP, n_left_to_next_drop);
+ }
+
+ return frame->n_vectors;
+}
+
+static uword
+ip6_discover_neighbor (vlib_main_t * vm,
+ vlib_node_runtime_t * node, vlib_frame_t * frame)
+{
+ return (ip6_discover_neighbor_inline (vm, node, frame, 0));
+}
+
+static uword
+ip6_glean (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame)
+{
+ return (ip6_discover_neighbor_inline (vm, node, frame, 1));
+}
+
+static char *ip6_discover_neighbor_error_strings[] = {
+ [IP6_NBR_ERROR_DROP] = "address overflow drops",
+ [IP6_NBR_ERROR_REQUEST_SENT] = "neighbor solicitations sent",
+ [IP6_NBR_ERROR_NO_SOURCE_ADDRESS] = "no source address for ND solicitation",
+ [IP6_NBR_ERROR_NO_BUFFERS] = "no buffers",
+};
+
+/* *INDENT-OFF* */
+VLIB_REGISTER_NODE (ip6_glean_node) =
+{
+ .function = ip6_glean,
+ .name = "ip6-glean",
+ .vector_size = sizeof (u32),
+ .format_trace = format_ip6_forward_next_trace,
+ .n_errors = ARRAY_LEN (ip6_discover_neighbor_error_strings),
+ .error_strings = ip6_discover_neighbor_error_strings,
+ .n_next_nodes = IP6_NBR_N_NEXT,
+ .next_nodes =
+ {
+ [IP6_NBR_NEXT_DROP] = "ip6-drop",
+ [IP6_NBR_NEXT_REPLY_TX] = "ip6-rewrite-mcast",
+ },
+};
+VLIB_REGISTER_NODE (ip6_discover_neighbor_node) =
+{
+ .function = ip6_discover_neighbor,
+ .name = "ip6-discover-neighbor",
+ .vector_size = sizeof (u32),
+ .format_trace = format_ip6_forward_next_trace,
+ .n_errors = ARRAY_LEN (ip6_discover_neighbor_error_strings),
+ .error_strings = ip6_discover_neighbor_error_strings,
+ .n_next_nodes = IP6_NBR_N_NEXT,
+ .next_nodes =
+ {
+ [IP6_NBR_NEXT_DROP] = "ip6-drop",
+ [IP6_NBR_NEXT_REPLY_TX] = "ip6-rewrite-mcast",
+ },
+};
+/* *INDENT-ON* */
+
+/* Template used to generate IP6 neighbor solicitation packets. */
+vlib_packet_template_t ip6_neighbor_packet_template;
+
+static clib_error_t *
+ip6_neighbor_init (vlib_main_t * vm)
+{
+ icmp6_neighbor_solicitation_header_t p;
+
+ clib_memset (&p, 0, sizeof (p));
+
+ p.ip.ip_version_traffic_class_and_flow_label =
+ clib_host_to_net_u32 (0x6 << 28);
+ p.ip.payload_length =
+ clib_host_to_net_u16 (sizeof (p) -
+ STRUCT_OFFSET_OF
+ (icmp6_neighbor_solicitation_header_t, neighbor));
+ p.ip.protocol = IP_PROTOCOL_ICMP6;
+ p.ip.hop_limit = 255;
+ ip6_set_solicited_node_multicast_address (&p.ip.dst_address, 0);
+
+ p.neighbor.icmp.type = ICMP6_neighbor_solicitation;
+
+ p.link_layer_option.header.type =
+ ICMP6_NEIGHBOR_DISCOVERY_OPTION_source_link_layer_address;
+ p.link_layer_option.header.n_data_u64s =
+ sizeof (p.link_layer_option) / sizeof (u64);
+
+ vlib_packet_template_init (vm,
+ &ip6_neighbor_packet_template, &p, sizeof (p),
+ /* alloc chunk size */ 8,
+ "ip6 neighbor discovery");
+
+ return NULL;
+}
+
+VLIB_INIT_FUNCTION (ip6_neighbor_init);
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/ip-neighbor/ip6_neighbor.h b/src/vnet/ip-neighbor/ip6_neighbor.h
new file mode 100644
index 00000000000..934a2885ee1
--- /dev/null
+++ b/src/vnet/ip-neighbor/ip6_neighbor.h
@@ -0,0 +1,112 @@
+/*
+ * ip/ip6_neighbor.h: IP6 NS transmit
+ *
+ * Copyright (c) 2019 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __IP6_NEIGHBOR_H__
+#define __IP6_NEIGHBOR_H__
+
+#include <vlib/vlib.h>
+#include <vnet/ip/format.h>
+#include <vnet/ip/ip6.h>
+#include <vnet/ip/ip6_link.h>
+#include <vnet/ip/icmp46_packet.h>
+#include <vnet/ethernet/ethernet.h>
+#include <vnet/adj/adj_internal.h>
+
+/* Template used to generate IP6 neighbor solicitation packets. */
+extern vlib_packet_template_t ip6_neighbor_packet_template;
+
+extern void ip6_neighbor_advertise (vlib_main_t * vm,
+ vnet_main_t * vnm,
+ u32 sw_if_index,
+ const ip6_address_t * addr);
+
+extern void ip6_neighbor_probe_dst (const ip_adjacency_t * adj,
+ const ip6_address_t * dst);
+
+always_inline vlib_buffer_t *
+ip6_neighbor_probe (vlib_main_t * vm,
+ vnet_main_t * vnm,
+ const ip_adjacency_t * adj,
+ const ip6_address_t * src, const ip6_address_t * dst)
+{
+ icmp6_neighbor_solicitation_header_t *h0;
+ vnet_hw_interface_t *hw_if0;
+ vlib_buffer_t *b0;
+ int bogus_length;
+ u32 bi0 = 0;
+
+ h0 = vlib_packet_template_get_packet
+ (vm, &ip6_neighbor_packet_template, &bi0);
+ if (!h0)
+ return NULL;;
+
+ b0 = vlib_get_buffer (vm, bi0);
+
+ hw_if0 = vnet_get_sup_hw_interface (vnm, adj->rewrite_header.sw_if_index);
+
+ /*
+ * Destination address is a solicited node multicast address.
+ * We need to fill in
+ * the low 24 bits with low 24 bits of target's address.
+ */
+ h0->ip.src_address = *src;
+ h0->ip.dst_address.as_u8[13] = dst->as_u8[13];
+ h0->ip.dst_address.as_u8[14] = dst->as_u8[14];
+ h0->ip.dst_address.as_u8[15] = dst->as_u8[15];
+
+ h0->neighbor.target_address = *dst;
+
+ clib_memcpy (h0->link_layer_option.ethernet_address,
+ hw_if0->hw_address, vec_len (hw_if0->hw_address));
+
+ /* $$$$ appears we need this; why is the checksum non-zero? */
+ h0->neighbor.icmp.checksum = 0;
+ h0->neighbor.icmp.checksum =
+ ip6_tcp_udp_icmp_compute_checksum (vm, 0, &h0->ip, &bogus_length);
+
+ ASSERT (bogus_length == 0);
+ VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b0);
+
+ vnet_buffer (b0)->sw_if_index[VLIB_TX] = adj->rewrite_header.sw_if_index;
+
+ /* Use the link's mcast adj to ship the packet */
+ vnet_buffer (b0)->ip.adj_index[VLIB_TX] =
+ ip6_link_get_mcast_adj (adj->rewrite_header.sw_if_index);
+ adj = adj_get (vnet_buffer (b0)->ip.adj_index[VLIB_TX]);
+
+ b0->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED;
+
+ {
+ vlib_frame_t *f = vlib_get_frame_to_node (vm, adj->ia_node_index);
+ u32 *to_next = vlib_frame_vector_args (f);
+ to_next[0] = bi0;
+ f->n_vectors = 1;
+ vlib_put_frame_to_node (vm, adj->ia_node_index, f);
+ }
+
+ return b0;
+}
+
+#endif
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/ip-neighbor/ip_neighbor.api b/src/vnet/ip-neighbor/ip_neighbor.api
new file mode 100644
index 00000000000..a8fb24a712c
--- /dev/null
+++ b/src/vnet/ip-neighbor/ip_neighbor.api
@@ -0,0 +1,168 @@
+/* Hey Emacs use -*- mode: C -*- */
+/*
+ * Copyright (c) 2018 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/** \file
+
+ This file defines vpp IP neighbor control-plane API messages which are generally
+ called through a shared memory interface.
+*/
+
+option version = "1.0.0";
+
+import "vnet/ip/ip_types.api";
+import "vnet/ethernet/ethernet_types.api";
+import "vnet/interface_types.api";
+
+/** \brief IP neighbor flags
+ @param is_static - A static neighbor Entry - there are not flushed
+ If the interface goes down.
+ @param is_no_fib_entry - Do not create a corresponding entry in the FIB
+ table for the neighbor.
+*/
+enum ip_neighbor_flags: u8
+{
+ IP_API_NEIGHBOR_FLAG_NONE = 0,
+ IP_API_NEIGHBOR_FLAG_STATIC = 0x1,
+ IP_API_NEIGHBOR_FLAG_NO_FIB_ENTRY = 0x2,
+};
+
+/** \brief IP neighbor
+ @param sw_if_index - interface used to reach neighbor
+ @param flags - flags for the nieghbor
+ @param mac_address - l2 address of the neighbor
+ @param ip_address - ip4 or ip6 address of the neighbor
+*/
+typedef ip_neighbor {
+ vl_api_interface_index_t sw_if_index;
+ vl_api_ip_neighbor_flags_t flags;
+ vl_api_mac_address_t mac_address;
+ vl_api_address_t ip_address;
+};
+
+/** \brief IP neighbor add / del request
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param is_add - 1 to add neighbor, 0 to delete
+ @param neighbor - the neighor to add/remove
+*/
+define ip_neighbor_add_del
+{
+ u32 client_index;
+ u32 context;
+ /* 1 = add, 0 = delete */
+ bool is_add;
+ vl_api_ip_neighbor_t neighbor;
+};
+/** \brief IP neighbor add / del reply
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param retval - return value
+ @param stats_index - the index to use for this neighbor in the stats segement
+*/
+define ip_neighbor_add_del_reply
+{
+ u32 context;
+ i32 retval;
+ u32 stats_index;
+};
+
+/** \brief Dump IP neighboors
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param sw_if_index - the interface to dump neighboors, ~0 == all
+ @param af - address family is ipv[6|4]
+*/
+define ip_neighbor_dump
+{
+ u32 client_index;
+ u32 context;
+ vl_api_interface_index_t sw_if_index [default=0xffffffff];
+ vl_api_address_family_t af;
+};
+
+/** \brief IP neighboors dump response
+ @param context - sender context which was passed in the request
+ @param neighbour - the neighbor
+*/
+define ip_neighbor_details {
+ u32 context;
+ vl_api_ip_neighbor_t neighbor;
+};
+
+/** \brief Enable/disable periodic IP neighbor scan
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param af - Address family v4/v6
+ @param max_number - The maximum number of neighbours that will be created.
+ default 50k
+ @param max_age - The maximum age (in seconds) before an inactive neighbour
+ is flushed
+ default 0 => never
+ @param recycle - If max_number of neighbours is reached and new ones need
+ to be created should the oldest neighbour be 'recycled'.
+*/
+autoreply define ip_neighbor_config
+{
+ u32 client_index;
+ u32 context;
+ vl_api_address_family_t af;
+ u32 max_number;
+ u32 max_age;
+ bool recycle;
+};
+
+/** \brief Register for IP4 ARP resolution event on receing ARP reply or
+ MAC/IP info from ARP requests in L2 BDs
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param enable - 1 => register for events, 0 => cancel registration
+ @param pid - sender's pid
+ @param ip - exact IP address of interested neighbor resolution event
+ @param sw_if_index - interface on which the IP address is present.
+*/
+autoreply define want_ip_neighbor_events
+{
+ u32 client_index;
+ u32 context;
+ bool enable;
+ u32 pid;
+ vl_api_address_t ip;
+ vl_api_interface_index_t sw_if_index [default=0xffffffff];
+};
+
+/** \brief Tell client about an IP4 ARP resolution event or
+ MAC/IP info from ARP requests in L2 BDs
+ @param client_index - opaque cookie to identify the sender
+ @param pid - client pid registered to receive notification
+ @param neighbor - new neighbor created
+*/
+define ip_neighbor_event
+{
+ u32 client_index;
+ u32 pid;
+ vl_api_ip_neighbor_t neighbor;
+};
+
+service {
+ rpc want_ip_neighbor_events returns want_ip_neighbor_events_reply
+ events ip_neighbor_event;
+};
+
+/*
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/ip-neighbor/ip_neighbor.c b/src/vnet/ip-neighbor/ip_neighbor.c
new file mode 100644
index 00000000000..11684eb9de5
--- /dev/null
+++ b/src/vnet/ip-neighbor/ip_neighbor.c
@@ -0,0 +1,1664 @@
+/*
+ * src/vnet/ip/ip_neighboor.c: ip neighbor generic handling
+ *
+ * Copyright (c) 2018 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <vppinfra/llist.h>
+
+#include <vnet/ip-neighbor/ip_neighbor.h>
+#include <vnet/ip-neighbor/ip4_neighbor.h>
+#include <vnet/ip-neighbor/ip6_neighbor.h>
+#include <vnet/ip-neighbor/ip_neighbor_watch.h>
+
+#include <vnet/ip/ip6_ll_table.h>
+#include <vnet/fib/fib_table.h>
+#include <vnet/adj/adj_mcast.h>
+
+/** Pool for All IP neighbors */
+static ip_neighbor_t *ip_neighbor_pool;
+
+/** protocol specific lists of time sorted neighbors */
+index_t ip_neighbor_list_head[IP46_N_TYPES];
+
+typedef struct ip_neighbor_elt_t_
+{
+ clib_llist_anchor_t ipne_anchor;
+ index_t ipne_index;
+} ip_neighbor_elt_t;
+
+/** Pool of linked list elemeents */
+ip_neighbor_elt_t *ip_neighbor_elt_pool;
+
+typedef struct ip_neighbor_db_t_
+{
+ /** per interface hash */
+ uword **ipndb_hash;
+ /** per-protocol limit - max number of neighbors*/
+ u32 ipndb_limit;
+ /** max age of a neighbor before it's forcibly evicted */
+ u32 ipndb_age;
+ /** when the limit is reached and new neighbors are created, should
+ * we recycle an old one */
+ bool ipndb_recycle;
+ /** per-protocol number of elements */
+ u32 ipndb_n_elts;
+ /** per-protocol number of elements per-fib-index*/
+ u32 *ipndb_n_elts_per_fib;
+} ip_neighbor_db_t;
+
+static vlib_log_class_t ipn_logger;
+
+/* DBs of neighbours one per AF */
+/* *INDENT-OFF* */
+static ip_neighbor_db_t ip_neighbor_db[IP46_N_TYPES] = {
+ [IP46_TYPE_IP4] = {
+ .ipndb_limit = 50000,
+ /* Default to not aging and not recycling */
+ .ipndb_age = 0,
+ .ipndb_recycle = false,
+ },
+ [IP46_TYPE_IP6] = {
+ .ipndb_limit = 50000,
+ /* Default to not aging and not recycling */
+ .ipndb_age = 0,
+ .ipndb_recycle = false,
+ }
+};
+/* *INDENT-ON* */
+
+#define IP_NEIGHBOR_DBG(...) \
+ vlib_log_debug (ipn_logger, __VA_ARGS__);
+
+#define IP_NEIGHBOR_INFO(...) \
+ vlib_log_notice (ipn_logger, __VA_ARGS__);
+
+ip_neighbor_t *
+ip_neighbor_get (index_t ipni)
+{
+ if (pool_is_free_index (ip_neighbor_pool, ipni))
+ return (NULL);
+
+ return (pool_elt_at_index (ip_neighbor_pool, ipni));
+}
+
+static index_t
+ip_neighbor_get_index (const ip_neighbor_t * ipn)
+{
+ return (ipn - ip_neighbor_pool);
+}
+
+static bool
+ip_neighbor_is_dynamic (const ip_neighbor_t * ipn)
+{
+ return (ipn->ipn_flags & IP_NEIGHBOR_FLAG_DYNAMIC);
+}
+
+const ip46_address_t *
+ip_neighbor_get_ip (const ip_neighbor_t * ipn)
+{
+ return (&ipn->ipn_key->ipnk_ip);
+}
+
+const mac_address_t *
+ip_neighbor_get_mac (const ip_neighbor_t * ipn)
+{
+ return (&ipn->ipn_mac);
+}
+
+const u32
+ip_neighbor_get_sw_if_index (const ip_neighbor_t * ipn)
+{
+ return (ipn->ipn_key->ipnk_sw_if_index);
+}
+
+static void
+ip_neighbor_list_remove (ip_neighbor_t * ipn)
+{
+ /* new neighbours, are added to the head of the list, since the
+ * list is time sorted, newest first */
+ ip_neighbor_elt_t *elt;
+
+ if (~0 != ipn->ipn_elt)
+ {
+ elt = pool_elt_at_index (ip_neighbor_elt_pool, ipn->ipn_elt);
+
+ clib_llist_remove (ip_neighbor_elt_pool, ipne_anchor, elt);
+ }
+}
+
+static void
+ip_neighbor_refresh (ip_neighbor_t * ipn)
+{
+ /* new neighbours, are added to the head of the list, since the
+ * list is time sorted, newest first */
+ ip_neighbor_elt_t *elt, *head;
+
+ ipn->ipn_time_last_updated = vlib_time_now (vlib_get_main ());
+ ipn->ipn_n_probes = 0;
+
+ if (ip_neighbor_is_dynamic (ipn))
+ {
+ if (~0 == ipn->ipn_elt)
+ /* first time insertion */
+ pool_get_zero (ip_neighbor_elt_pool, elt);
+ else
+ {
+ /* already inserted - extract first */
+ elt = pool_elt_at_index (ip_neighbor_elt_pool, ipn->ipn_elt);
+
+ clib_llist_remove (ip_neighbor_elt_pool, ipne_anchor, elt);
+ }
+ head = pool_elt_at_index (ip_neighbor_elt_pool,
+ ip_neighbor_list_head[ipn->
+ ipn_key->ipnk_type]);
+
+ elt->ipne_index = ip_neighbor_get_index (ipn);
+ clib_llist_add (ip_neighbor_elt_pool, ipne_anchor, elt, head);
+ ipn->ipn_elt = elt - ip_neighbor_elt_pool;
+ }
+}
+
+static void
+ip_neighbor_db_add (const ip_neighbor_t * ipn)
+{
+ vec_validate (ip_neighbor_db[ipn->ipn_key->ipnk_type].ipndb_hash,
+ ipn->ipn_key->ipnk_sw_if_index);
+
+ if (!ip_neighbor_db[ipn->ipn_key->ipnk_type].ipndb_hash
+ [ipn->ipn_key->ipnk_sw_if_index])
+ ip_neighbor_db[ipn->ipn_key->ipnk_type].ipndb_hash[ipn->
+ ipn_key->ipnk_sw_if_index]
+ = hash_create_mem (0, sizeof (ip_neighbor_key_t), sizeof (index_t));
+
+ hash_set_mem (ip_neighbor_db[ipn->ipn_key->ipnk_type].ipndb_hash
+ [ipn->ipn_key->ipnk_sw_if_index], ipn->ipn_key,
+ ip_neighbor_get_index (ipn));
+
+ ip_neighbor_db[ipn->ipn_key->ipnk_type].ipndb_n_elts++;
+}
+
+static void
+ip_neighbor_db_remove (const ip_neighbor_key_t * key)
+{
+ vec_validate (ip_neighbor_db[key->ipnk_type].ipndb_hash,
+ key->ipnk_sw_if_index);
+
+ hash_unset_mem (ip_neighbor_db[key->ipnk_type].ipndb_hash
+ [key->ipnk_sw_if_index], key);
+
+ ip_neighbor_db[key->ipnk_type].ipndb_n_elts--;
+}
+
+static ip_neighbor_t *
+ip_neighbor_db_find (const ip_neighbor_key_t * key)
+{
+ uword *p;
+
+ if (key->ipnk_sw_if_index >=
+ vec_len (ip_neighbor_db[key->ipnk_type].ipndb_hash))
+ return NULL;
+
+ p =
+ hash_get_mem (ip_neighbor_db[key->ipnk_type].ipndb_hash
+ [key->ipnk_sw_if_index], key);
+
+ if (p)
+ return ip_neighbor_get (p[0]);
+
+ return (NULL);
+}
+
+static u8
+ip46_type_pfx_len (ip46_type_t type)
+{
+ return (type == IP46_TYPE_IP4 ? 32 : 128);
+}
+
+static void
+ip_neighbor_adj_fib_add (ip_neighbor_t * ipn, u32 fib_index)
+{
+ if (ipn->ipn_key->ipnk_type == IP46_TYPE_IP6 &&
+ ip6_address_is_link_local_unicast (&ipn->ipn_key->ipnk_ip.ip6))
+ {
+ ip6_ll_prefix_t pfx = {
+ .ilp_addr = ipn->ipn_key->ipnk_ip.ip6,
+ .ilp_sw_if_index = ipn->ipn_key->ipnk_sw_if_index,
+ };
+ ipn->ipn_fib_entry_index =
+ ip6_ll_table_entry_update (&pfx, FIB_ROUTE_PATH_FLAG_NONE);
+ }
+ else
+ {
+ fib_protocol_t fproto;
+
+ fproto = fib_proto_from_ip46 (ipn->ipn_key->ipnk_type);
+
+ fib_prefix_t pfx = {
+ .fp_len = ip46_type_pfx_len (ipn->ipn_key->ipnk_type),
+ .fp_proto = fproto,
+ .fp_addr = ipn->ipn_key->ipnk_ip,
+ };
+
+ ipn->ipn_fib_entry_index =
+ fib_table_entry_path_add (fib_index, &pfx, FIB_SOURCE_ADJ,
+ FIB_ENTRY_FLAG_ATTACHED,
+ fib_proto_to_dpo (fproto),
+ &pfx.fp_addr,
+ ipn->ipn_key->ipnk_sw_if_index,
+ ~0, 1, NULL, FIB_ROUTE_PATH_FLAG_NONE);
+
+ vec_validate (ip_neighbor_db
+ [ipn->ipn_key->ipnk_type].ipndb_n_elts_per_fib,
+ fib_index);
+
+ ip_neighbor_db[ipn->ipn_key->
+ ipnk_type].ipndb_n_elts_per_fib[fib_index]++;
+
+ if (1 ==
+ ip_neighbor_db[ipn->ipn_key->
+ ipnk_type].ipndb_n_elts_per_fib[fib_index])
+ fib_table_lock (fib_index, fproto, FIB_SOURCE_ADJ);
+ }
+}
+
+static void
+ip_neighbor_adj_fib_remove (ip_neighbor_t * ipn, u32 fib_index)
+{
+ if (FIB_NODE_INDEX_INVALID != ipn->ipn_fib_entry_index)
+ {
+ if (ipn->ipn_key->ipnk_type == IP46_TYPE_IP6 &&
+ ip6_address_is_link_local_unicast (&ipn->ipn_key->ipnk_ip.ip6))
+ {
+ ip6_ll_prefix_t pfx = {
+ .ilp_addr = ipn->ipn_key->ipnk_ip.ip6,
+ .ilp_sw_if_index = ipn->ipn_key->ipnk_sw_if_index,
+ };
+ ip6_ll_table_entry_delete (&pfx);
+ }
+ else
+ {
+ fib_protocol_t fproto;
+
+ fproto = fib_proto_from_ip46 (ipn->ipn_key->ipnk_type);
+
+ fib_prefix_t pfx = {
+ .fp_len = ip46_type_pfx_len (ipn->ipn_key->ipnk_type),
+ .fp_proto = fproto,
+ .fp_addr = ipn->ipn_key->ipnk_ip,
+ };
+
+ fib_table_entry_path_remove (fib_index,
+ &pfx,
+ FIB_SOURCE_ADJ,
+ fib_proto_to_dpo (fproto),
+ &pfx.fp_addr,
+ ipn->ipn_key->ipnk_sw_if_index,
+ ~0, 1, FIB_ROUTE_PATH_FLAG_NONE);
+
+ ip_neighbor_db[ipn->ipn_key->
+ ipnk_type].ipndb_n_elts_per_fib[fib_index]--;
+
+ if (0 ==
+ ip_neighbor_db[ipn->ipn_key->
+ ipnk_type].ipndb_n_elts_per_fib[fib_index])
+ fib_table_unlock (fib_index, fproto, FIB_SOURCE_ADJ);
+ }
+ }
+}
+
+static void
+ip_neighbor_mk_complete (adj_index_t ai, ip_neighbor_t * ipn)
+{
+ adj_nbr_update_rewrite (ai, ADJ_NBR_REWRITE_FLAG_COMPLETE,
+ ethernet_build_rewrite (vnet_get_main (),
+ ipn->
+ ipn_key->ipnk_sw_if_index,
+ adj_get_link_type (ai),
+ ipn->ipn_mac.bytes));
+}
+
+static void
+ip_neighbor_mk_incomplete (adj_index_t ai)
+{
+ ip_adjacency_t *adj = adj_get (ai);
+
+ adj_nbr_update_rewrite (ai,
+ ADJ_NBR_REWRITE_FLAG_INCOMPLETE,
+ ethernet_build_rewrite (vnet_get_main (),
+ adj->
+ rewrite_header.sw_if_index,
+ adj_get_link_type (ai),
+ VNET_REWRITE_FOR_SW_INTERFACE_ADDRESS_BROADCAST));
+}
+
+static adj_walk_rc_t
+ip_neighbor_mk_complete_walk (adj_index_t ai, void *ctx)
+{
+ ip_neighbor_t *ipn = ctx;
+
+ ip_neighbor_mk_complete (ai, ipn);
+
+ return (ADJ_WALK_RC_CONTINUE);
+}
+
+static adj_walk_rc_t
+ip_neighbor_mk_incomplete_walk (adj_index_t ai, void *ctx)
+{
+ ip_neighbor_mk_incomplete (ai);
+
+ return (ADJ_WALK_RC_CONTINUE);
+}
+
+static void
+ip_neighbor_free (ip_neighbor_t * ipn)
+{
+ IP_NEIGHBOR_DBG ("free: %U", format_ip_neighbor,
+ ip_neighbor_get_index (ipn));
+
+ adj_nbr_walk_nh (ipn->ipn_key->ipnk_sw_if_index,
+ fib_proto_from_ip46 (ipn->ipn_key->ipnk_type),
+ &ipn->ipn_key->ipnk_ip,
+ ip_neighbor_mk_incomplete_walk, ipn);
+ ip_neighbor_adj_fib_remove
+ (ipn,
+ fib_table_get_index_for_sw_if_index
+ (fib_proto_from_ip46 (ipn->ipn_key->ipnk_type),
+ ipn->ipn_key->ipnk_sw_if_index));
+
+ ip_neighbor_list_remove (ipn);
+ ip_neighbor_db_remove (ipn->ipn_key);
+ clib_mem_free (ipn->ipn_key);
+
+ pool_put (ip_neighbor_pool, ipn);
+}
+
+static bool
+ip_neighbor_force_reuse (ip46_type_t type)
+{
+ if (!ip_neighbor_db[type].ipndb_recycle)
+ return false;
+
+ /* pluck the oldest entry, which is the one from the end of the list */
+ ip_neighbor_elt_t *elt, *head;
+
+ head =
+ pool_elt_at_index (ip_neighbor_elt_pool, ip_neighbor_list_head[type]);
+
+ if (clib_llist_is_empty (ip_neighbor_elt_pool, ipne_anchor, head))
+ return (false);
+
+ elt = clib_llist_prev (ip_neighbor_elt_pool, ipne_anchor, head);
+ ip_neighbor_free (ip_neighbor_get (elt->ipne_index));
+
+ return (true);
+}
+
+static ip_neighbor_t *
+ip_neighbor_alloc (const ip_neighbor_key_t * key,
+ const mac_address_t * mac, ip_neighbor_flags_t flags)
+{
+ ip_neighbor_t *ipn;
+
+ if (ip_neighbor_db[key->ipnk_type].ipndb_limit &&
+ (ip_neighbor_db[key->ipnk_type].ipndb_n_elts >=
+ ip_neighbor_db[key->ipnk_type].ipndb_limit))
+ {
+ if (!ip_neighbor_force_reuse (key->ipnk_type))
+ return (NULL);
+ }
+
+ pool_get_zero (ip_neighbor_pool, ipn);
+
+ ipn->ipn_key = clib_mem_alloc (sizeof (*ipn->ipn_key));
+ clib_memcpy (ipn->ipn_key, key, sizeof (*ipn->ipn_key));
+
+ ipn->ipn_fib_entry_index = FIB_NODE_INDEX_INVALID;
+ ipn->ipn_flags = flags;
+ ipn->ipn_elt = ~0;
+
+ mac_address_copy (&ipn->ipn_mac, mac);
+
+ ip_neighbor_db_add (ipn);
+
+ /* create the adj-fib. the entry in the FIB table for the peer's interface */
+ if (!(ipn->ipn_flags & IP_NEIGHBOR_FLAG_NO_FIB_ENTRY))
+ ip_neighbor_adj_fib_add
+ (ipn, fib_table_get_index_for_sw_if_index
+ (fib_proto_from_ip46 (ipn->ipn_key->ipnk_type),
+ ipn->ipn_key->ipnk_sw_if_index));
+
+ return (ipn);
+}
+
+int
+ip_neighbor_add (const ip46_address_t * ip,
+ ip46_type_t type,
+ const mac_address_t * mac,
+ u32 sw_if_index,
+ ip_neighbor_flags_t flags, u32 * stats_index)
+{
+ fib_protocol_t fproto;
+ ip_neighbor_t *ipn;
+
+ /* main thread only */
+ ASSERT (0 == vlib_get_thread_index ());
+
+ fproto = fib_proto_from_ip46 (type);
+
+ const ip_neighbor_key_t key = {
+ .ipnk_ip = *ip,
+ .ipnk_sw_if_index = sw_if_index,
+ .ipnk_type = type,
+ };
+
+ ipn = ip_neighbor_db_find (&key);
+
+ if (ipn)
+ {
+ IP_NEIGHBOR_DBG ("update: %U, %U",
+ format_vnet_sw_if_index_name, vnet_get_main (),
+ sw_if_index, format_ip46_address, ip, type,
+ format_ip_neighbor_flags, flags, format_mac_address_t,
+ mac);
+
+ /* Refuse to over-write static neighbor entry. */
+ if (!(flags & IP_NEIGHBOR_FLAG_STATIC) &&
+ (ipn->ipn_flags & IP_NEIGHBOR_FLAG_STATIC))
+ {
+ /* if MAC address match, still check to send event */
+ if (0 == mac_address_cmp (&ipn->ipn_mac, mac))
+ goto check_customers;
+ return -2;
+ }
+
+ /*
+ * prevent a DoS attack from the data-plane that
+ * spams us with no-op updates to the MAC address
+ */
+ if (0 == mac_address_cmp (&ipn->ipn_mac, mac))
+ {
+ ip_neighbor_refresh (ipn);
+ goto check_customers;
+ }
+
+ mac_address_copy (&ipn->ipn_mac, mac);
+
+ /* A dynamic entry can become static, but not vice-versa.
+ * i.e. since if it was programmed by the CP then it must
+ * be removed by the CP */
+ if ((flags & IP_NEIGHBOR_FLAG_STATIC) &&
+ !(ipn->ipn_flags & IP_NEIGHBOR_FLAG_STATIC))
+ {
+ ip_neighbor_list_remove (ipn);
+ ipn->ipn_flags |= IP_NEIGHBOR_FLAG_STATIC;
+ ipn->ipn_flags &= ~IP_NEIGHBOR_FLAG_DYNAMIC;
+ }
+ }
+ else
+ {
+ IP_NEIGHBOR_INFO ("add: %U, %U",
+ format_vnet_sw_if_index_name, vnet_get_main (),
+ sw_if_index, format_ip46_address, ip, type,
+ format_ip_neighbor_flags, flags, format_mac_address_t,
+ mac);
+
+ ipn = ip_neighbor_alloc (&key, mac, flags);
+
+ if (NULL == ipn)
+ return VNET_API_ERROR_LIMIT_EXCEEDED;
+ }
+
+ /* Update time stamp and flags. */
+ ip_neighbor_refresh (ipn);
+
+ adj_nbr_walk_nh (ipn->ipn_key->ipnk_sw_if_index,
+ fproto, &ipn->ipn_key->ipnk_ip,
+ ip_neighbor_mk_complete_walk, ipn);
+
+check_customers:
+ /* Customer(s) requesting event for this address? */
+ ip_neighbor_publish (ip_neighbor_get_index (ipn));
+
+ if (stats_index)
+ *stats_index = adj_nbr_find (fproto,
+ fib_proto_to_link (fproto),
+ &ipn->ipn_key->ipnk_ip,
+ ipn->ipn_key->ipnk_sw_if_index);
+ return 0;
+}
+
+int
+ip_neighbor_del (const ip46_address_t * ip, ip46_type_t type, u32 sw_if_index)
+{
+ ip_neighbor_t *ipn;
+
+ /* main thread only */
+ ASSERT (0 == vlib_get_thread_index ());
+
+ IP_NEIGHBOR_INFO ("delete: %U, %U",
+ format_vnet_sw_if_index_name, vnet_get_main (),
+ sw_if_index, format_ip46_address, ip, type);
+
+ const ip_neighbor_key_t key = {
+ .ipnk_ip = *ip,
+ .ipnk_sw_if_index = sw_if_index,
+ .ipnk_type = type,
+ };
+
+ ipn = ip_neighbor_db_find (&key);
+
+ if (NULL == ipn)
+ return (VNET_API_ERROR_NO_SUCH_ENTRY);
+
+ ip_neighbor_free (ipn);
+
+ return (0);
+}
+
+void
+ip_neighbor_update (vnet_main_t * vnm, adj_index_t ai)
+{
+ ip_neighbor_t *ipn;
+ ip_adjacency_t *adj;
+
+ adj = adj_get (ai);
+
+ ip_neighbor_key_t key = {
+ .ipnk_ip = adj->sub_type.nbr.next_hop,
+ .ipnk_type = fib_proto_to_ip46 (adj->ia_nh_proto),
+ .ipnk_sw_if_index = adj->rewrite_header.sw_if_index,
+ };
+ ipn = ip_neighbor_db_find (&key);
+
+ switch (adj->lookup_next_index)
+ {
+ case IP_LOOKUP_NEXT_ARP:
+ if (NULL != ipn)
+ {
+ adj_nbr_walk_nh (adj->rewrite_header.sw_if_index,
+ adj->ia_nh_proto,
+ &ipn->ipn_key->ipnk_ip,
+ ip_neighbor_mk_complete_walk, ipn);
+ }
+ else
+ {
+ /*
+ * no matching ARP entry.
+ * construct the rewrite required to for an ARP packet, and stick
+ * that in the adj's pipe to smoke.
+ */
+ adj_nbr_update_rewrite
+ (ai,
+ ADJ_NBR_REWRITE_FLAG_INCOMPLETE,
+ ethernet_build_rewrite
+ (vnm,
+ adj->rewrite_header.sw_if_index,
+ VNET_LINK_ARP,
+ VNET_REWRITE_FOR_SW_INTERFACE_ADDRESS_BROADCAST));
+
+ /*
+ * since the FIB has added this adj for a route, it makes sense it
+ * may want to forward traffic sometime soon. Let's send a
+ * speculative ARP. just one. If we were to do periodically that
+ * wouldn't be bad either, but that's more code than i'm prepared to
+ * write at this time for relatively little reward.
+ */
+ ip_neighbor_probe (adj);
+ }
+ break;
+ case IP_LOOKUP_NEXT_GLEAN:
+ case IP_LOOKUP_NEXT_BCAST:
+ case IP_LOOKUP_NEXT_MCAST:
+ case IP_LOOKUP_NEXT_DROP:
+ case IP_LOOKUP_NEXT_PUNT:
+ case IP_LOOKUP_NEXT_LOCAL:
+ case IP_LOOKUP_NEXT_REWRITE:
+ case IP_LOOKUP_NEXT_MCAST_MIDCHAIN:
+ case IP_LOOKUP_NEXT_MIDCHAIN:
+ case IP_LOOKUP_NEXT_ICMP_ERROR:
+ case IP_LOOKUP_N_NEXT:
+ ASSERT (0);
+ break;
+ }
+}
+
+void
+ip_neighbor_learn (const ip_neighbor_learn_t * l)
+{
+ ip_neighbor_add (&l->ip, l->type, &l->mac, l->sw_if_index,
+ IP_NEIGHBOR_FLAG_DYNAMIC, NULL);
+}
+
+static clib_error_t *
+ip_neighbor_cmd (vlib_main_t * vm,
+ unformat_input_t * input, vlib_cli_command_t * cmd)
+{
+ ip46_address_t ip = ip46_address_initializer;
+ mac_address_t mac = ZERO_MAC_ADDRESS;
+ vnet_main_t *vnm = vnet_get_main ();
+ ip_neighbor_flags_t flags;
+ u32 sw_if_index = ~0;
+ int is_add = 1;
+ int count = 1;
+
+ flags = IP_NEIGHBOR_FLAG_DYNAMIC;
+
+ while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
+ {
+ /* set ip arp TenGigE1/1/0/1 1.2.3.4 aa:bb:... or aabb.ccdd... */
+ if (unformat (input, "%U %U %U",
+ unformat_vnet_sw_interface, vnm, &sw_if_index,
+ unformat_ip46_address, &ip, IP46_TYPE_ANY,
+ unformat_mac_address_t, &mac))
+ ;
+ else if (unformat (input, "delete") || unformat (input, "del"))
+ is_add = 0;
+ else if (unformat (input, "static"))
+ {
+ flags |= IP_NEIGHBOR_FLAG_STATIC;
+ flags &= ~IP_NEIGHBOR_FLAG_DYNAMIC;
+ }
+ else if (unformat (input, "no-fib-entry"))
+ flags |= IP_NEIGHBOR_FLAG_NO_FIB_ENTRY;
+ else if (unformat (input, "count %d", &count))
+ ;
+ else
+ break;
+ }
+
+ if (sw_if_index == ~0 ||
+ ip46_address_is_zero (&ip) || mac_address_is_zero (&mac))
+ return clib_error_return (0,
+ "specify interface, IP address and MAC: `%U'",
+ format_unformat_error, input);
+
+ while (count)
+ {
+ if (is_add)
+ ip_neighbor_add (&ip, ip46_address_get_type (&ip), &mac, sw_if_index,
+ flags, NULL);
+ else
+ ip_neighbor_del (&ip, ip46_address_get_type (&ip), sw_if_index);
+
+ ip46_address_increment (ip46_address_get_type (&ip), &ip);
+ mac_address_increment (&mac);
+
+ --count;
+ }
+
+ return NULL;
+}
+
+/* *INDENT-OFF* */
+/*?
+ * Add or delete IPv4 ARP cache entries.
+ *
+ * @note 'set ip neighbor' options (e.g. delete, static, 'fib-id <id>',
+ * 'count <number>', 'interface ip4_addr mac_addr') can be added in
+ * any order and combination.
+ *
+ * @cliexpar
+ * @parblock
+ * Add or delete IPv4 ARP cache entries as follows. MAC Address can be in
+ * either aa:bb:cc:dd:ee:ff format or aabb.ccdd.eeff format.
+ * @cliexcmd{set ip neighbor GigabitEthernet2/0/0 6.0.0.3 dead.beef.babe}
+ * @cliexcmd{set ip neighbor delete GigabitEthernet2/0/0 6.0.0.3 de:ad:be:ef:ba:be}
+ *
+ * To add or delete an IPv4 ARP cache entry to or from a specific fib
+ * table:
+ * @cliexcmd{set ip neighbor fib-id 1 GigabitEthernet2/0/0 6.0.0.3 dead.beef.babe}
+ * @cliexcmd{set ip neighbor fib-id 1 delete GigabitEthernet2/0/0 6.0.0.3 dead.beef.babe}
+ *
+ * Add or delete IPv4 static ARP cache entries as follows:
+ * @cliexcmd{set ip neighbor static GigabitEthernet2/0/0 6.0.0.3 dead.beef.babe}
+ * @cliexcmd{set ip neighbor static delete GigabitEthernet2/0/0 6.0.0.3 dead.beef.babe}
+ *
+ * For testing / debugging purposes, the 'set ip neighbor' command can add or
+ * delete multiple entries. Supply the 'count N' parameter:
+ * @cliexcmd{set ip neighbor count 10 GigabitEthernet2/0/0 6.0.0.3 dead.beef.babe}
+ * @endparblock
+ ?*/
+VLIB_CLI_COMMAND (ip_neighbor_command, static) = {
+ .path = "set ip neighbor",
+ .short_help =
+ "set ip neighbor [del] <intfc> <ip-address> <mac-address> [static] [no-fib-entry] [count <count>] [fib-id <fib-id>] [proxy <lo-addr> - <hi-addr>]",
+ .function = ip_neighbor_cmd,
+};
+VLIB_CLI_COMMAND (ip_neighbor_command2, static) = {
+ .path = "ip neighbor",
+ .short_help =
+ "ip neighbor [del] <intfc> <ip-address> <mac-address> [static] [no-fib-entry] [count <count>] [fib-id <fib-id>] [proxy <lo-addr> - <hi-addr>]",
+ .function = ip_neighbor_cmd,
+};
+/* *INDENT-ON* */
+
+static int
+ip_neighbor_sort (void *a1, void *a2)
+{
+ index_t *ipni1 = a1, *ipni2 = a2;
+ ip_neighbor_t *ipn1, *ipn2;
+ int cmp;
+
+ ipn1 = ip_neighbor_get (*ipni1);
+ ipn2 = ip_neighbor_get (*ipni2);
+
+ cmp = vnet_sw_interface_compare (vnet_get_main (),
+ ipn1->ipn_key->ipnk_sw_if_index,
+ ipn2->ipn_key->ipnk_sw_if_index);
+ if (!cmp)
+ cmp = ip46_address_cmp (&ipn1->ipn_key->ipnk_ip, &ipn2->ipn_key->ipnk_ip);
+ return cmp;
+}
+
+static index_t *
+ip_neighbor_entries (u32 sw_if_index, ip46_type_t type)
+{
+ index_t *ipnis = NULL;
+ ip_neighbor_t *ipn;
+
+ /* *INDENT-OFF* */
+ pool_foreach (ipn, ip_neighbor_pool,
+ ({
+ if (sw_if_index != ~0 &&
+ ipn->ipn_key->ipnk_sw_if_index != sw_if_index &&
+ (IP46_TYPE_ANY == type ||
+ (ipn->ipn_key->ipnk_type == type)))
+ continue;
+ vec_add1 (ipnis, ip_neighbor_get_index(ipn));
+ }));
+
+ /* *INDENT-ON* */
+
+ if (ipnis)
+ vec_sort_with_function (ipnis, ip_neighbor_sort);
+ return ipnis;
+}
+
+static clib_error_t *
+ip_neighbor_show_sorted_i (vlib_main_t * vm,
+ unformat_input_t * input,
+ vlib_cli_command_t * cmd, ip46_type_t type)
+{
+ ip_neighbor_elt_t *elt, *head;
+
+ head = pool_elt_at_index (ip_neighbor_elt_pool,
+ ip_neighbor_list_head[type]);
+
+
+ vlib_cli_output (vm, "%=12s%=40s%=6s%=20s%=24s", "Time", "IP",
+ "Flags", "Ethernet", "Interface");
+
+ /* *INDENT-OFF*/
+ /* the list is time sorted, newest first, so start from the back
+ * and work forwards. Stop when we get to one that is alive */
+ clib_llist_foreach_reverse(ip_neighbor_elt_pool,
+ ipne_anchor, head, elt,
+ ({
+ vlib_cli_output (vm, "%U", format_ip_neighbor, elt->ipne_index);
+ }));
+ /* *INDENT-ON*/
+
+ return (NULL);
+}
+
+static clib_error_t *
+ip_neighbor_show_i (vlib_main_t * vm,
+ unformat_input_t * input,
+ vlib_cli_command_t * cmd, ip46_type_t type)
+{
+ index_t *ipni, *ipnis = NULL;
+ u32 sw_if_index;
+
+ /* Filter entries by interface if given. */
+ sw_if_index = ~0;
+ (void) unformat_user (input, unformat_vnet_sw_interface, vnet_get_main (),
+ &sw_if_index);
+
+ ipnis = ip_neighbor_entries (sw_if_index, type);
+
+ if (ipnis)
+ vlib_cli_output (vm, "%=12s%=40s%=6s%=20s%=24s", "Time", "IP",
+ "Flags", "Ethernet", "Interface");
+
+ vec_foreach (ipni, ipnis)
+ {
+ vlib_cli_output (vm, "%U", format_ip_neighbor, *ipni);
+ }
+ vec_free (ipnis);
+
+ return (NULL);
+}
+
+static clib_error_t *
+ip_neighbor_show (vlib_main_t * vm,
+ unformat_input_t * input, vlib_cli_command_t * cmd)
+{
+ return (ip_neighbor_show_i (vm, input, cmd, IP46_TYPE_ANY));
+}
+
+static clib_error_t *
+ip6_neighbor_show (vlib_main_t * vm,
+ unformat_input_t * input, vlib_cli_command_t * cmd)
+{
+ return (ip_neighbor_show_i (vm, input, cmd, IP46_TYPE_IP6));
+}
+
+static clib_error_t *
+ip4_neighbor_show (vlib_main_t * vm,
+ unformat_input_t * input, vlib_cli_command_t * cmd)
+{
+ return (ip_neighbor_show_i (vm, input, cmd, IP46_TYPE_IP4));
+}
+
+static clib_error_t *
+ip6_neighbor_show_sorted (vlib_main_t * vm,
+ unformat_input_t * input, vlib_cli_command_t * cmd)
+{
+ return (ip_neighbor_show_sorted_i (vm, input, cmd, IP46_TYPE_IP6));
+}
+
+static clib_error_t *
+ip4_neighbor_show_sorted (vlib_main_t * vm,
+ unformat_input_t * input, vlib_cli_command_t * cmd)
+{
+ return (ip_neighbor_show_sorted_i (vm, input, cmd, IP46_TYPE_IP4));
+}
+
+/*?
+ * Display all the IP neighbor entries.
+ *
+ * @cliexpar
+ * Example of how to display the IPv4 ARP table:
+ * @cliexstart{show ip neighbor}
+ * Time FIB IP4 Flags Ethernet Interface
+ * 346.3028 0 6.1.1.3 de:ad:be:ef:ba:be GigabitEthernet2/0/0
+ * 3077.4271 0 6.1.1.4 S de:ad:be:ef:ff:ff GigabitEthernet2/0/0
+ * 2998.6409 1 6.2.2.3 de:ad:be:ef:00:01 GigabitEthernet2/0/0
+ * Proxy arps enabled for:
+ * Fib_index 0 6.0.0.1 - 6.0.0.11
+ * @cliexend
+ ?*/
+/* *INDENT-OFF* */
+VLIB_CLI_COMMAND (show_ip_neighbors_cmd_node, static) = {
+ .path = "show ip neighbors",
+ .function = ip_neighbor_show,
+ .short_help = "show ip neighbors [interface]",
+};
+VLIB_CLI_COMMAND (show_ip4_neighbors_cmd_node, static) = {
+ .path = "show ip4 neighbors",
+ .function = ip4_neighbor_show,
+ .short_help = "show ip4 neighbors [interface]",
+};
+VLIB_CLI_COMMAND (show_ip6_neighbors_cmd_node, static) = {
+ .path = "show ip6 neighbors",
+ .function = ip6_neighbor_show,
+ .short_help = "show ip6 neighbors [interface]",
+};
+VLIB_CLI_COMMAND (show_ip_neighbor_cmd_node, static) = {
+ .path = "show ip neighbor",
+ .function = ip_neighbor_show,
+ .short_help = "show ip neighbor [interface]",
+};
+VLIB_CLI_COMMAND (show_ip4_neighbor_cmd_node, static) = {
+ .path = "show ip4 neighbor",
+ .function = ip4_neighbor_show,
+ .short_help = "show ip4 neighbor [interface]",
+};
+VLIB_CLI_COMMAND (show_ip6_neighbor_cmd_node, static) = {
+ .path = "show ip6 neighbor",
+ .function = ip6_neighbor_show,
+ .short_help = "show ip6 neighbor [interface]",
+};
+VLIB_CLI_COMMAND (show_ip4_neighbor_sorted_cmd_node, static) = {
+ .path = "show ip4 neighbor-sorted",
+ .function = ip4_neighbor_show_sorted,
+ .short_help = "show ip4 neighbor-sorted",
+};
+VLIB_CLI_COMMAND (show_ip6_neighbor_sorted_cmd_node, static) = {
+ .path = "show ip6 neighbor-sorted",
+ .function = ip6_neighbor_show_sorted,
+ .short_help = "show ip6 neighbor-sorted",
+};
+/* *INDENT-ON* */
+
+static ip_neighbor_vft_t ip_nbr_vfts[IP46_N_TYPES];
+
+void
+ip_neighbor_register (ip46_type_t type, const ip_neighbor_vft_t * vft)
+{
+ ip_nbr_vfts[type] = *vft;
+}
+
+void
+ip_neighbor_probe_dst (const ip_adjacency_t * adj, const ip46_address_t * dst)
+{
+ if (!vnet_sw_interface_is_admin_up (vnet_get_main (),
+ adj->rewrite_header.sw_if_index))
+ return;
+
+ switch (adj->ia_nh_proto)
+ {
+ case FIB_PROTOCOL_IP6:
+ ip6_neighbor_probe_dst (adj, &dst->ip6);
+ break;
+ case FIB_PROTOCOL_IP4:
+ ip4_neighbor_probe_dst (adj, &dst->ip4);
+ break;
+ case FIB_PROTOCOL_MPLS:
+ ASSERT (0);
+ break;
+ }
+}
+
+void
+ip_neighbor_probe (const ip_adjacency_t * adj)
+{
+ ip_neighbor_probe_dst (adj, &adj->sub_type.nbr.next_hop);
+}
+
+void
+ip_neighbor_advertise (vlib_main_t * vm,
+ ip46_type_t type,
+ const ip46_address_t * addr, u32 sw_if_index)
+{
+ vnet_main_t *vnm = vnet_get_main ();
+
+ if (type == IP46_TYPE_IP4 || type == IP46_TYPE_BOTH)
+ ip4_neighbor_advertise (vm, vnm, sw_if_index, &addr->ip4);
+ if (type == IP46_TYPE_IP6 || type == IP46_TYPE_BOTH)
+ ip6_neighbor_advertise (vm, vnm, sw_if_index, &addr->ip6);
+}
+
+void
+ip_neighbor_walk (ip46_type_t type,
+ u32 sw_if_index, ip_neighbor_walk_cb_t cb, void *ctx)
+{
+ ip_neighbor_key_t *key;
+ index_t ipni;
+
+ if (~0 == sw_if_index)
+ {
+ uword **hash;
+
+ vec_foreach (hash, ip_neighbor_db[type].ipndb_hash)
+ {
+ /* *INDENT-OFF* */
+ hash_foreach (key, ipni, *hash,
+ ({
+ cb (ipni, ctx);
+ }));
+ /* *INDENT-ON* */
+ }
+ }
+ else
+ {
+ uword *hash;
+
+ if (vec_len (ip_neighbor_db[type].ipndb_hash) <= sw_if_index)
+ return;
+ hash = ip_neighbor_db[type].ipndb_hash[sw_if_index];
+
+ /* *INDENT-OFF* */
+ hash_foreach (key, ipni, hash,
+ ({
+ cb (ipni, ctx);
+ }));
+ /* *INDENT-ON* */
+ }
+}
+
+int
+ip4_neighbor_proxy_add (u32 fib_index,
+ const ip4_address_t * start,
+ const ip4_address_t * end)
+{
+ if (ip_nbr_vfts[IP46_TYPE_IP4].inv_proxy4_add)
+ {
+ return (ip_nbr_vfts[IP46_TYPE_IP4].inv_proxy4_add
+ (fib_index, start, end));
+ }
+
+ return (-1);
+}
+
+int
+ip4_neighbor_proxy_delete (u32 fib_index,
+ const ip4_address_t * start,
+ const ip4_address_t * end)
+{
+ if (ip_nbr_vfts[IP46_TYPE_IP4].inv_proxy4_del)
+ {
+ return (ip_nbr_vfts[IP46_TYPE_IP4].inv_proxy4_del
+ (fib_index, start, end));
+ }
+ return -1;
+}
+
+int
+ip4_neighbor_proxy_enable (u32 sw_if_index)
+{
+ if (ip_nbr_vfts[IP46_TYPE_IP4].inv_proxy4_enable)
+ {
+ return (ip_nbr_vfts[IP46_TYPE_IP4].inv_proxy4_enable (sw_if_index));
+ }
+ return -1;
+}
+
+int
+ip4_neighbor_proxy_disable (u32 sw_if_index)
+{
+ if (ip_nbr_vfts[IP46_TYPE_IP4].inv_proxy4_disable)
+ {
+ return (ip_nbr_vfts[IP46_TYPE_IP4].inv_proxy4_disable (sw_if_index));
+ }
+ return -1;
+}
+
+int
+ip6_neighbor_proxy_add (u32 sw_if_index, const ip6_address_t * addr)
+{
+ if (ip_nbr_vfts[IP46_TYPE_IP6].inv_proxy6_add)
+ {
+ return (ip_nbr_vfts[IP46_TYPE_IP6].inv_proxy6_add (sw_if_index, addr));
+ }
+ return -1;
+}
+
+int
+ip6_neighbor_proxy_del (u32 sw_if_index, const ip6_address_t * addr)
+{
+ if (ip_nbr_vfts[IP46_TYPE_IP6].inv_proxy6_del)
+ {
+ return (ip_nbr_vfts[IP46_TYPE_IP6].inv_proxy6_del (sw_if_index, addr));
+ }
+ return -1;
+}
+
+static void
+ip_neighbor_ethernet_change_mac (ethernet_main_t * em,
+ u32 sw_if_index, uword opaque)
+{
+ ip_neighbor_t *ipn;
+ adj_index_t ai;
+
+ IP_NEIGHBOR_DBG ("mac-change: %U",
+ format_vnet_sw_if_index_name, vnet_get_main (),
+ sw_if_index);
+
+ /* *INDENT-OFF* */
+ pool_foreach (ipn, ip_neighbor_pool,
+ ({
+ if (ipn->ipn_key->ipnk_sw_if_index == sw_if_index)
+ adj_nbr_walk_nh (ipn->ipn_key->ipnk_sw_if_index,
+ fib_proto_from_ip46(ipn->ipn_key->ipnk_type),
+ &ipn->ipn_key->ipnk_ip,
+ ip_neighbor_mk_complete_walk,
+ ipn);
+ }));
+ /* *INDENT-ON* */
+
+ ai = adj_glean_get (FIB_PROTOCOL_IP4, sw_if_index);
+
+ if (ADJ_INDEX_INVALID != ai)
+ adj_glean_update_rewrite (ai);
+}
+
+void
+ip_neighbor_populate (ip46_type_t type, u32 sw_if_index)
+{
+ index_t *ipnis = NULL, *ipni;
+ ip_neighbor_t *ipn;
+
+ IP_NEIGHBOR_DBG ("populate: %U %U",
+ format_vnet_sw_if_index_name, vnet_get_main (),
+ sw_if_index, format_ip46_type, type);
+
+ /* *INDENT-OFF* */
+ pool_foreach (ipn, ip_neighbor_pool,
+ ({
+ if (ipn->ipn_key->ipnk_type == type &&
+ ipn->ipn_key->ipnk_sw_if_index == sw_if_index)
+ vec_add1 (ipnis, ipn - ip_neighbor_pool);
+ }));
+ /* *INDENT-ON* */
+
+ vec_foreach (ipni, ipnis)
+ {
+ ipn = ip_neighbor_get (*ipni);
+
+ adj_nbr_walk_nh (ipn->ipn_key->ipnk_sw_if_index,
+ fib_proto_from_ip46 (ipn->ipn_key->ipnk_type),
+ &ipn->ipn_key->ipnk_ip,
+ ip_neighbor_mk_complete_walk, ipn);
+ }
+ vec_free (ipnis);
+}
+
+void
+ip_neighbor_flush (ip46_type_t type, u32 sw_if_index)
+{
+ index_t *ipnis = NULL, *ipni;
+ ip_neighbor_t *ipn;
+
+ IP_NEIGHBOR_DBG ("flush: %U %U",
+ format_vnet_sw_if_index_name, vnet_get_main (),
+ sw_if_index, format_ip46_type, type);
+
+ /* *INDENT-OFF* */
+ pool_foreach (ipn, ip_neighbor_pool,
+ ({
+ if (ipn->ipn_key->ipnk_type == type &&
+ ipn->ipn_key->ipnk_sw_if_index == sw_if_index &&
+ ip_neighbor_is_dynamic (ipn))
+ vec_add1 (ipnis, ipn - ip_neighbor_pool);
+ }));
+ /* *INDENT-ON* */
+
+ vec_foreach (ipni, ipnis) ip_neighbor_free (ip_neighbor_get (*ipni));
+ vec_free (ipnis);
+}
+
+/*
+ * Remove any arp entries associated with the specified interface
+ */
+static clib_error_t *
+ip_neighbor_interface_admin_change (vnet_main_t * vnm,
+ u32 sw_if_index, u32 flags)
+{
+ ip46_type_t type;
+
+ IP_NEIGHBOR_DBG ("interface-admin: %U %s",
+ format_vnet_sw_if_index_name, vnet_get_main (),
+ sw_if_index,
+ (flags & VNET_SW_INTERFACE_FLAG_ADMIN_UP ? "up" : "down"));
+
+ if (flags & VNET_SW_INTERFACE_FLAG_ADMIN_UP)
+ {
+ FOREACH_IP46_TYPE (type) ip_neighbor_populate (type, sw_if_index);
+ }
+ else
+ {
+ /* admin down, flush all neighbours */
+ FOREACH_IP46_TYPE (type) ip_neighbor_flush (type, sw_if_index);
+ }
+
+ return (NULL);
+}
+
+VNET_SW_INTERFACE_ADMIN_UP_DOWN_FUNCTION (ip_neighbor_interface_admin_change);
+
+/*
+ * Remove any arp entries associated with the specified interface
+ */
+static clib_error_t *
+ip_neighbor_delete_sw_interface (vnet_main_t * vnm,
+ u32 sw_if_index, u32 is_add)
+{
+ IP_NEIGHBOR_DBG ("interface-change: %U %s",
+ format_vnet_sw_if_index_name, vnet_get_main (),
+ sw_if_index, (is_add ? "add" : "del"));
+
+ if (!is_add && sw_if_index != ~0)
+ {
+ ip46_type_t type;
+
+ FOREACH_IP46_TYPE (type) ip_neighbor_flush (type, sw_if_index);
+ }
+
+ return (NULL);
+}
+
+VNET_SW_INTERFACE_ADD_DEL_FUNCTION (ip_neighbor_delete_sw_interface);
+
+typedef struct ip_neighbor_walk_covered_ctx_t_
+{
+ ip46_type_t type;
+ ip46_address_t addr;
+ u32 length;
+ index_t *ipnis;
+} ip_neighbor_walk_covered_ctx_t;
+
+static walk_rc_t
+ip_neighbor_walk_covered (index_t ipni, void *arg)
+{
+ ip_neighbor_walk_covered_ctx_t *ctx = arg;
+ ip_neighbor_t *ipn;
+
+ ipn = ip_neighbor_get (ipni);
+
+ ASSERT (ipn->ipn_key->ipnk_type == ctx->type);
+
+ if (IP46_TYPE_IP4 == ctx->type)
+ {
+ if (ip4_destination_matches_route (&ip4_main,
+ &ipn->ipn_key->ipnk_ip.ip4,
+ &ctx->addr.ip4,
+ ctx->length) &&
+ ip_neighbor_is_dynamic (ipn))
+ {
+ vec_add1 (ctx->ipnis, ip_neighbor_get_index (ipn));
+ }
+ }
+ return (WALK_CONTINUE);
+}
+
+
+/*
+ * callback when an interface address is added or deleted
+ */
+static void
+ip_neighbor_add_del_interface_address_v4 (ip4_main_t * im,
+ uword opaque,
+ u32 sw_if_index,
+ ip4_address_t * address,
+ u32 address_length,
+ u32 if_address_index, u32 is_del)
+{
+ /*
+ * Flush the ARP cache of all entries covered by the address
+ * that is being removed.
+ */
+ IP_NEIGHBOR_DBG ("addr-%d: %U, %U/%d",
+ (is_del ? "del" : "add"),
+ format_vnet_sw_if_index_name, vnet_get_main (),
+ sw_if_index, format_ip4_address, address, address_length);
+
+ if (is_del)
+ {
+ ip_neighbor_walk_covered_ctx_t ctx = {
+ .addr.ip4 = *address,
+ .type = IP46_TYPE_IP4,
+ .length = address_length,
+ };
+ index_t *ipni;
+
+ ip_neighbor_walk (IP46_TYPE_IP4, sw_if_index,
+ ip_neighbor_walk_covered, &ctx);
+
+ vec_foreach (ipni, ctx.ipnis)
+ ip_neighbor_free (ip_neighbor_get (*ipni));
+
+ vec_free (ctx.ipnis);
+ }
+}
+
+/*
+ * callback when an interface address is added or deleted
+ */
+static void
+ip_neighbor_add_del_interface_address_v6 (ip6_main_t * im,
+ uword opaque,
+ u32 sw_if_index,
+ ip6_address_t * address,
+ u32 address_length,
+ u32 if_address_index, u32 is_del)
+{
+ /*
+ * Flush the ARP cache of all entries covered by the address
+ * that is being removed.
+ */
+ IP_NEIGHBOR_DBG ("addr-change: %U, %U/%d %s",
+ format_vnet_sw_if_index_name, vnet_get_main (),
+ sw_if_index, format_ip6_address, address, address_length,
+ (is_del ? "del" : "add"));
+
+ if (is_del)
+ {
+ ip_neighbor_walk_covered_ctx_t ctx = {
+ .addr.ip6 = *address,
+ .type = IP46_TYPE_IP6,
+ .length = address_length,
+ };
+ index_t *ipni;
+
+ ip_neighbor_walk (IP46_TYPE_IP6, sw_if_index,
+ ip_neighbor_walk_covered, &ctx);
+
+ vec_foreach (ipni, ctx.ipnis)
+ ip_neighbor_free (ip_neighbor_get (*ipni));
+
+ vec_free (ctx.ipnis);
+ }
+}
+
+typedef struct ip_neighbor_table_bind_ctx_t_
+{
+ u32 new_fib_index;
+ u32 old_fib_index;
+} ip_neighbor_table_bind_ctx_t;
+
+static walk_rc_t
+ip_neighbor_walk_table_bind (index_t ipni, void *arg)
+{
+ ip_neighbor_table_bind_ctx_t *ctx = arg;
+ ip_neighbor_t *ipn;
+
+ ipn = ip_neighbor_get (ipni);
+ ip_neighbor_adj_fib_remove (ipn, ctx->old_fib_index);
+ ip_neighbor_adj_fib_add (ipn, ctx->new_fib_index);
+
+ return (WALK_CONTINUE);
+}
+
+static void
+ip_neighbor_table_bind_v4 (ip4_main_t * im,
+ uword opaque,
+ u32 sw_if_index,
+ u32 new_fib_index, u32 old_fib_index)
+{
+ ip_neighbor_table_bind_ctx_t ctx = {
+ .old_fib_index = old_fib_index,
+ .new_fib_index = new_fib_index,
+ };
+
+ ip_neighbor_walk (IP46_TYPE_IP4, sw_if_index,
+ ip_neighbor_walk_table_bind, &ctx);
+}
+
+static void
+ip_neighbor_table_bind_v6 (ip6_main_t * im,
+ uword opaque,
+ u32 sw_if_index,
+ u32 new_fib_index, u32 old_fib_index)
+{
+ ip_neighbor_table_bind_ctx_t ctx = {
+ .old_fib_index = old_fib_index,
+ .new_fib_index = new_fib_index,
+ };
+
+ ip_neighbor_walk (IP46_TYPE_IP6, sw_if_index,
+ ip_neighbor_walk_table_bind, &ctx);
+}
+
+typedef enum ip_neighbor_age_state_t_
+{
+ IP_NEIGHBOR_AGE_ALIVE,
+ IP_NEIGHBOR_AGE_PROBE,
+ IP_NEIGHBOR_AGE_DEAD,
+} ip_neighbor_age_state_t;
+
+#define IP_NEIGHBOR_PROCESS_SLEEP_LONG (0)
+
+static ip_neighbor_age_state_t
+ip_neighbour_age_out (index_t ipni, f64 now, f64 * wait)
+{
+ ip_neighbor_t *ipn;
+ f64 ttl;
+
+ ipn = ip_neighbor_get (ipni);
+ ttl = now - ipn->ipn_time_last_updated;
+ *wait = IP_NEIGHBOR_PROCESS_SLEEP_LONG;
+
+ if (ttl > ip_neighbor_db[ipn->ipn_key->ipnk_type].ipndb_age)
+ {
+ IP_NEIGHBOR_DBG ("aged: %U @%f - %f > %d",
+ format_ip_neighbor, ipni, now,
+ ipn->ipn_time_last_updated,
+ ip_neighbor_db[ipn->ipn_key->ipnk_type].ipndb_age);
+ if (ipn->ipn_n_probes > 2)
+ {
+ /* 3 strikes and yea-re out */
+ IP_NEIGHBOR_DBG ("dead: %U", format_ip_neighbor, ipni);
+ return (IP_NEIGHBOR_AGE_DEAD);
+ }
+ else
+ {
+ adj_index_t ai;
+
+ ai = adj_glean_get (fib_proto_from_ip46 (ipn->ipn_key->ipnk_type),
+ ip_neighbor_get_sw_if_index (ipn));
+
+ if (ADJ_INDEX_INVALID != ai)
+ ip_neighbor_probe_dst (adj_get (ai), ip_neighbor_get_ip (ipn));
+
+ ipn->ipn_n_probes++;
+ *wait = 1;
+ }
+ }
+ else
+ {
+ *wait = ttl;
+ return (IP_NEIGHBOR_AGE_ALIVE);
+ }
+
+ return (IP_NEIGHBOR_AGE_PROBE);
+}
+
+typedef enum ip_neighbor_process_event_t_
+{
+ IP_NEIGHBOR_AGE_PROCESS_WAKEUP,
+} ip_neighbor_process_event_t;
+
+static uword
+ip_neighbor_age_loop (vlib_main_t * vm,
+ vlib_node_runtime_t * rt,
+ vlib_frame_t * f, ip46_type_t type)
+{
+ uword event_type, *event_data = NULL;
+ f64 timeout;
+
+ /* Set the timeout to an effectively infinite value when the process starts */
+ timeout = IP_NEIGHBOR_PROCESS_SLEEP_LONG;
+
+ while (1)
+ {
+ f64 now;
+
+ if (!timeout)
+ vlib_process_wait_for_event (vm);
+ else
+ vlib_process_wait_for_event_or_clock (vm, timeout);
+
+ event_type = vlib_process_get_events (vm, &event_data);
+ vec_reset_length (event_data);
+
+ now = vlib_time_now (vm);
+
+ switch (event_type)
+ {
+ case ~0:
+ {
+ /* timer expired */
+ ip_neighbor_elt_t *elt, *head;
+ f64 wait;
+
+ timeout = 1e5;
+ head = pool_elt_at_index (ip_neighbor_elt_pool,
+ ip_neighbor_list_head[type]);
+
+ /* *INDENT-OFF*/
+ /* the list is time sorted, newest first, so start from the back
+ * and work forwards. Stop when we get to one that is alive */
+ restart:
+ clib_llist_foreach_reverse(ip_neighbor_elt_pool,
+ ipne_anchor, head, elt,
+ ({
+ ip_neighbor_age_state_t res;
+
+ res = ip_neighbour_age_out(elt->ipne_index, now, &wait);
+
+ if (IP_NEIGHBOR_AGE_ALIVE == res) {
+ /* the oldest neighbor has not yet expired, go back to sleep */
+ break;
+ }
+ else if (IP_NEIGHBOR_AGE_DEAD == res) {
+ /* the oldest neighbor is dead, pop it, then restart the walk
+ * again from the back */
+ ip_neighbor_free (ip_neighbor_get(elt->ipne_index));
+ goto restart;
+ }
+
+ timeout = clib_min (wait, timeout);
+ }));
+ /* *INDENT-ON* */
+ break;
+ }
+ case IP_NEIGHBOR_AGE_PROCESS_WAKEUP:
+ {
+
+ if (!ip_neighbor_db[type].ipndb_age)
+ {
+ /* aging has been disabled */
+ timeout = 0;
+ break;
+ }
+ ip_neighbor_elt_t *elt, *head;
+
+ head = pool_elt_at_index (ip_neighbor_elt_pool,
+ ip_neighbor_list_head[type]);
+ elt = clib_llist_prev (ip_neighbor_elt_pool, ipne_anchor, head);
+
+ /* poke the oldset neighbour for aging, which returns how long we sleep for */
+ if (IP_NEIGHBOR_AGE_PROBE ==
+ ip_neighbour_age_out (elt->ipne_index, now, &timeout))
+ /* we probed for the oldest entry, sleep for a short time to get to the next */
+ timeout = 0.01;
+ break;
+ }
+ }
+ }
+ return 0;
+}
+
+static uword
+ip4_neighbor_age_process (vlib_main_t * vm,
+ vlib_node_runtime_t * rt, vlib_frame_t * f)
+{
+ return (ip_neighbor_age_loop (vm, rt, f, IP46_TYPE_IP4));
+}
+
+static uword
+ip6_neighbor_age_process (vlib_main_t * vm,
+ vlib_node_runtime_t * rt, vlib_frame_t * f)
+{
+ return (ip_neighbor_age_loop (vm, rt, f, IP46_TYPE_IP6));
+}
+
+/* *INDENT-OFF* */
+VLIB_REGISTER_NODE (ip4_neighbor_age_process_node,static) = {
+ .function = ip4_neighbor_age_process,
+ .type = VLIB_NODE_TYPE_PROCESS,
+ .name = "ip4-neighbor-age-process",
+};
+VLIB_REGISTER_NODE (ip6_neighbor_age_process_node,static) = {
+ .function = ip6_neighbor_age_process,
+ .type = VLIB_NODE_TYPE_PROCESS,
+ .name = "ip6-neighbor-age-process",
+};
+/* *INDENT-ON* */
+
+int
+ip_neighbor_config (ip46_type_t type, u32 limit, u32 age, bool recycle)
+{
+ ip_neighbor_db[type].ipndb_limit = limit;
+ ip_neighbor_db[type].ipndb_recycle = recycle;
+ ip_neighbor_db[type].ipndb_age = age;
+
+ vlib_process_signal_event (vlib_get_main (),
+ (IP46_TYPE_IP4 == type ?
+ ip4_neighbor_age_process_node.index :
+ ip6_neighbor_age_process_node.index),
+ IP_NEIGHBOR_AGE_PROCESS_WAKEUP, 0);
+
+ return (0);
+}
+
+static clib_error_t *
+ip_neighbor_config_show (vlib_main_t * vm,
+ unformat_input_t * input, vlib_cli_command_t * cmd)
+{
+ ip46_type_t type;
+
+ /* *INDENT-OFF* */
+ FOREACH_IP46_TYPE(type) {
+ vlib_cli_output (vm, "%U:", format_ip46_type, type);
+ vlib_cli_output (vm, " limit:%d, age:%d, recycle:%d",
+ ip_neighbor_db[type].ipndb_limit,
+ ip_neighbor_db[type].ipndb_age,
+ ip_neighbor_db[type].ipndb_recycle);
+ }
+
+ /* *INDENT-ON* */
+ return (NULL);
+}
+
+/* *INDENT-OFF* */
+VLIB_CLI_COMMAND (show_ip_neighbor_cfg_cmd_node, static) = {
+ .path = "show ip neighbor-config",
+ .function = ip_neighbor_config_show,
+ .short_help = "show ip neighbor-config",
+};
+/* *INDENT-ON* */
+
+static clib_error_t *
+ip_neighbor_init (vlib_main_t * vm)
+{
+ {
+ ip4_add_del_interface_address_callback_t cb = {
+ .function = ip_neighbor_add_del_interface_address_v4,
+ };
+ vec_add1 (ip4_main.add_del_interface_address_callbacks, cb);
+ }
+ {
+ ip6_add_del_interface_address_callback_t cb = {
+ .function = ip_neighbor_add_del_interface_address_v6,
+ };
+ vec_add1 (ip6_main.add_del_interface_address_callbacks, cb);
+ }
+ {
+ ip4_table_bind_callback_t cb = {
+ .function = ip_neighbor_table_bind_v4,
+ };
+ vec_add1 (ip4_main.table_bind_callbacks, cb);
+ }
+ {
+ ip6_table_bind_callback_t cb = {
+ .function = ip_neighbor_table_bind_v6,
+ };
+ vec_add1 (ip6_main.table_bind_callbacks, cb);
+ }
+ {
+ ethernet_address_change_ctx_t ctx = {
+ .function = ip_neighbor_ethernet_change_mac,
+ .function_opaque = 0,
+ };
+ vec_add1 (ethernet_main.address_change_callbacks, ctx);
+ }
+
+ ipn_logger = vlib_log_register_class ("ip", "neighbor");
+
+ ip46_type_t type;
+
+ FOREACH_IP46_TYPE (type)
+ ip_neighbor_list_head[type] =
+ clib_llist_make_head (ip_neighbor_elt_pool, ipne_anchor);
+
+ return (NULL);
+}
+
+/* *INDENT-OFF* */
+VLIB_INIT_FUNCTION (ip_neighbor_init) =
+{
+ .runs_after = VLIB_INITS("ip_main_init"),
+};
+/* *INDENT-ON* */
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/ip-neighbor/ip_neighbor.h b/src/vnet/ip-neighbor/ip_neighbor.h
new file mode 100644
index 00000000000..cb384c5e240
--- /dev/null
+++ b/src/vnet/ip-neighbor/ip_neighbor.h
@@ -0,0 +1,124 @@
+/*
+ * ip_neighboor.h: ip neighbor generic services
+ *
+ * Copyright (c) 2018 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __INCLUDE_IP_NEIGHBOR_H__
+#define __INCLUDE_IP_NEIGHBOR_H__
+
+#include <vnet/ip-neighbor/ip_neighbor_types.h>
+
+#include <vnet/adj/adj.h>
+
+void ip_neighbor_scan_enable_disable (ip_neighbor_scan_arg_t * arg);
+
+
+/*****
+ * APIs external modules can invoke on the neighbor subsystem
+ */
+
+extern ip_neighbor_t *ip_neighbor_get (index_t ipni);
+extern int ip_neighbor_add (const ip46_address_t * ip,
+ ip46_type_t type,
+ const mac_address_t * mac,
+ u32 sw_if_index,
+ ip_neighbor_flags_t flags, u32 * stats_index);
+extern int ip_neighbor_del (const ip46_address_t * ip,
+ ip46_type_t type, u32 sw_if_index);
+
+extern int ip_neighbor_config (ip46_type_t type, u32 limit, u32 age,
+ bool recycle);
+
+typedef walk_rc_t (*ip_neighbor_walk_cb_t) (index_t ipni, void *ctx);
+extern void ip_neighbor_walk (ip46_type_t type,
+ u32 sw_if_index,
+ ip_neighbor_walk_cb_t fn, void *ctx);
+
+extern const ip46_address_t *ip_neighbor_get_ip (const ip_neighbor_t * ipn);
+extern const mac_address_t *ip_neighbor_get_mac (const ip_neighbor_t * ipn);
+extern const u32 ip_neighbor_get_sw_if_index (const ip_neighbor_t * ipn);
+
+extern void ip_neighbor_learn (const ip_neighbor_learn_t * l);
+
+extern void ip_neighbor_update (vnet_main_t * vnm, adj_index_t ai);
+
+extern void ip_neighbor_advertise (vlib_main_t * vm,
+ ip46_type_t tyoe,
+ const ip46_address_t * addr,
+ u32 sw_if_index);
+extern void ip_neighbor_probe (const ip_adjacency_t * adj);
+extern void ip_neighbor_probe_dst (const ip_adjacency_t * adj,
+ const ip46_address_t * ip);
+
+/**
+ * From the watcher to the API to publish a new neighbor
+ */
+extern void ip_neighbor_handle_event (const ip_neighbor_event_t * ipne);
+
+/**
+ * The set of function that vnet requires from the IP neighbour module.
+ * Note that an implementation of these functions will not exist
+ * if the ip-neighbour plugin is not loaded. so check the error codes!
+ */
+extern int ip4_neighbor_proxy_add (u32 fib_index,
+ const ip4_address_t * start,
+ const ip4_address_t * end);
+extern int ip4_neighbor_proxy_delete (u32 fib_index,
+ const ip4_address_t * start,
+ const ip4_address_t * end);
+extern int ip4_neighbor_proxy_enable (u32 sw_if_index);
+extern int ip4_neighbor_proxy_disable (u32 sw_if_index);
+extern int ip6_neighbor_proxy_add (u32 sw_if_index,
+ const ip6_address_t * addr);
+extern int ip6_neighbor_proxy_del (u32 sw_if_index,
+ const ip6_address_t * addr);
+
+/**
+ * neighbor protocol implementation registration functions
+ * this are provided by ARP and IP-ND
+ */
+typedef int (*ip4_neighbor_proxy_addr_t) (u32 fib_index,
+ const ip4_address_t * start,
+ const ip4_address_t * end);
+typedef int (*ip4_neighbor_proxy_cfg_t) (u32 sw_if_index);
+typedef int (*ip6_neighbor_proxy_cfg_t) (u32 sw_if_index,
+ const ip6_address_t * addr);
+
+/**
+ * Virtual function Table for neighbor protocol implementations to register
+ */
+typedef struct ip_neighbor_vft_t_
+{
+ ip4_neighbor_proxy_cfg_t inv_proxy4_enable;
+ ip4_neighbor_proxy_cfg_t inv_proxy4_disable;
+ ip4_neighbor_proxy_addr_t inv_proxy4_add;
+ ip4_neighbor_proxy_addr_t inv_proxy4_del;
+ ip6_neighbor_proxy_cfg_t inv_proxy6_add;
+ ip6_neighbor_proxy_cfg_t inv_proxy6_del;
+} ip_neighbor_vft_t;
+
+extern void ip_neighbor_register (ip46_type_t type,
+ const ip_neighbor_vft_t * vft);
+
+
+#endif /* __INCLUDE_IP_NEIGHBOR_H__ */
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/ip-neighbor/ip_neighbor_api.c b/src/vnet/ip-neighbor/ip_neighbor_api.c
new file mode 100644
index 00000000000..b066423afe5
--- /dev/null
+++ b/src/vnet/ip-neighbor/ip_neighbor_api.c
@@ -0,0 +1,298 @@
+/*
+ *------------------------------------------------------------------
+ * ip_api.c - vnet ip api
+ *
+ * Copyright (c) 2016 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *------------------------------------------------------------------
+ */
+
+#include <stddef.h>
+
+#include <vnet/ip-neighbor/ip_neighbor.h>
+#include <vnet/ip-neighbor/ip_neighbor_watch.h>
+#include <vnet/ip/ip_types_api.h>
+#include <vnet/ethernet/ethernet_types_api.h>
+
+#include <vlibapi/api.h>
+#include <vlibmemory/api.h>
+
+#include <vnet/ip-neighbor/ip_neighbor.api_enum.h>
+#include <vnet/ip-neighbor/ip_neighbor.api_types.h>
+
+static u16 msg_id_base;
+#define REPLY_MSG_ID_BASE msg_id_base
+
+#include <vlibapi/api_helper_macros.h>
+
+#include <vnet/format_fns.h>
+
+
+static ip46_type_t
+ip46_type_from_af (ip_address_family_t af)
+{
+ return (AF_IP4 == af ? IP46_TYPE_IP4 : IP46_TYPE_IP6);
+}
+
+static vl_api_ip_neighbor_flags_t
+ip_neighbor_flags_encode (ip_neighbor_flags_t f)
+{
+ vl_api_ip_neighbor_flags_t v = IP_API_NEIGHBOR_FLAG_NONE;
+
+ if (f & IP_NEIGHBOR_FLAG_STATIC)
+ v |= IP_API_NEIGHBOR_FLAG_STATIC;
+ if (f & IP_NEIGHBOR_FLAG_NO_FIB_ENTRY)
+ v |= IP_API_NEIGHBOR_FLAG_NO_FIB_ENTRY;
+
+ return (v);
+}
+
+static void
+ip_neighbor_encode (vl_api_ip_neighbor_t * api, const ip_neighbor_t * ipn)
+{
+ api->sw_if_index = htonl (ipn->ipn_key->ipnk_sw_if_index);
+ api->flags = ip_neighbor_flags_encode (ipn->ipn_flags);
+
+ ip_address_encode (&ipn->ipn_key->ipnk_ip,
+ ipn->ipn_key->ipnk_type, &api->ip_address);
+ mac_address_encode (&ipn->ipn_mac, api->mac_address);
+}
+
+void
+ip_neighbor_handle_event (const ip_neighbor_event_t * ipne)
+{
+ vl_api_ip_neighbor_event_t *mp;
+ vl_api_registration_t *reg;
+ const ip_neighbor_t *ipn;
+
+ ipn = ip_neighbor_get (ipne->ipne_index);
+
+ if (NULL == ipn)
+ /* Client can cancel, die, etc. */
+ return;
+
+ /* Customer(s) requesting event for this neighbor */
+ reg = vl_api_client_index_to_registration (ipne->ipne_watch.ipw_client);
+ if (!reg)
+ return;
+
+ if (vl_api_can_send_msg (reg))
+ {
+ mp = vl_msg_api_alloc (sizeof (*mp));
+ clib_memset (mp, 0, sizeof (*mp));
+ mp->_vl_msg_id = ntohs (VL_API_IP_NEIGHBOR_EVENT + REPLY_MSG_ID_BASE);
+ mp->client_index = ipne->ipne_watch.ipw_client;
+ mp->pid = ipne->ipne_watch.ipw_pid;
+
+ ip_neighbor_encode (&mp->neighbor, ipn);
+
+ vl_api_send_msg (reg, (u8 *) mp);
+ }
+ else
+ {
+ static f64 last_time;
+ /*
+ * Throttle syslog msgs.
+ * It's pretty tempting to just revoke the registration...
+ */
+ if (vlib_time_now (vlib_get_main ()) > last_time + 10.0)
+ {
+ clib_warning ("ip6 nd event for %U to pid %d: queue stuffed!",
+ format_ip46_address, &ipn->ipn_key->ipnk_ip,
+ IP46_TYPE_ANY, ipne->ipne_watch.ipw_pid);
+ last_time = vlib_time_now (vlib_get_main ());
+ }
+ }
+}
+
+typedef struct ip_neighbor_dump_ctx_t_
+{
+ vl_api_registration_t *reg;
+ u32 context;
+} ip_neighbor_dump_ctx_t;
+
+static walk_rc_t
+send_ip_neighbor_details (index_t ipni, void *arg)
+{
+ ip_neighbor_dump_ctx_t *ctx = arg;
+ vl_api_ip_neighbor_details_t *mp;
+ ip_neighbor_t *ipn;
+
+ ipn = ip_neighbor_get (ipni);
+ mp = vl_msg_api_alloc (sizeof (*mp));
+ clib_memset (mp, 0, sizeof (*mp));
+ mp->_vl_msg_id = ntohs (VL_API_IP_NEIGHBOR_DETAILS + REPLY_MSG_ID_BASE);
+ mp->context = ctx->context;
+ ip_neighbor_encode (&mp->neighbor, ipn);
+
+ vl_api_send_msg (ctx->reg, (u8 *) mp);
+
+ return (WALK_CONTINUE);
+}
+
+static void
+vl_api_ip_neighbor_dump_t_handler (vl_api_ip_neighbor_dump_t * mp)
+{
+ vl_api_registration_t *reg;
+ ip_address_family_t af;
+ int rv;
+
+ reg = vl_api_client_index_to_registration (mp->client_index);
+ if (!reg)
+ return;
+
+ u32 sw_if_index = ntohl (mp->sw_if_index);
+
+ rv = ip_address_family_decode (mp->af, &af);
+
+ if (rv)
+ return;
+
+ ip_neighbor_dump_ctx_t ctx = {
+ .reg = reg,
+ .context = mp->context,
+ };
+
+ // walk all neighbours on all interfaces
+ ip_neighbor_walk ((af == AF_IP4 ?
+ IP46_TYPE_IP4 :
+ IP46_TYPE_IP6),
+ sw_if_index, send_ip_neighbor_details, &ctx);
+}
+
+static ip_neighbor_flags_t
+ip_neighbor_flags_decode (vl_api_ip_neighbor_flags_t v)
+{
+ ip_neighbor_flags_t f = IP_NEIGHBOR_FLAG_NONE;
+
+ if (v & IP_API_NEIGHBOR_FLAG_STATIC)
+ f |= IP_NEIGHBOR_FLAG_STATIC;
+ if (v & IP_API_NEIGHBOR_FLAG_NO_FIB_ENTRY)
+ f |= IP_NEIGHBOR_FLAG_NO_FIB_ENTRY;
+
+ return (f);
+}
+
+static void
+vl_api_ip_neighbor_add_del_t_handler (vl_api_ip_neighbor_add_del_t * mp,
+ vlib_main_t * vm)
+{
+ vl_api_ip_neighbor_add_del_reply_t *rmp;
+ ip_neighbor_flags_t flags;
+ u32 stats_index = ~0;
+ ip46_address_t ip = ip46_address_initializer;
+ mac_address_t mac;
+ ip46_type_t type;
+ int rv;
+
+ VALIDATE_SW_IF_INDEX ((&mp->neighbor));
+
+ flags = ip_neighbor_flags_decode (mp->neighbor.flags);
+ type = ip_address_decode (&mp->neighbor.ip_address, &ip);
+ mac_address_decode (mp->neighbor.mac_address, &mac);
+
+ /* must be static or dynamic, default to dynamic */
+ if (!(flags & IP_NEIGHBOR_FLAG_STATIC) &&
+ !(flags & IP_NEIGHBOR_FLAG_DYNAMIC))
+ flags |= IP_NEIGHBOR_FLAG_DYNAMIC;
+
+ /*
+ * there's no validation here of the ND/ARP entry being added.
+ * The expectation is that the FIB will ensure that nothing bad
+ * will come of adding bogus entries.
+ */
+ if (mp->is_add)
+ rv = ip_neighbor_add (&ip, type, &mac,
+ ntohl (mp->neighbor.sw_if_index),
+ flags, &stats_index);
+ else
+ rv = ip_neighbor_del (&ip, type, ntohl (mp->neighbor.sw_if_index));
+
+ BAD_SW_IF_INDEX_LABEL;
+
+ /* *INDENT-OFF* */
+ REPLY_MACRO2 (VL_API_IP_NEIGHBOR_ADD_DEL_REPLY,
+ ({
+ rmp->stats_index = htonl (stats_index);
+ }));
+ /* *INDENT-ON* */
+}
+
+static void
+vl_api_want_ip_neighbor_events_t_handler (vl_api_want_ip_neighbor_events_t *
+ mp)
+{
+ vl_api_want_ip_neighbor_events_reply_t *rmp;
+ ip46_address_t ip;
+ ip46_type_t itype;
+ int rv = 0;
+
+ if (mp->sw_if_index != ~0)
+ VALIDATE_SW_IF_INDEX (mp);
+ itype = ip_address_decode (&mp->ip, &ip);
+
+ ip_neighbor_watcher_t watch = {
+ .ipw_client = mp->client_index,
+ .ipw_pid = mp->pid,
+ };
+
+ if (mp->enable)
+ ip_neighbor_watch (&ip, itype, ntohl (mp->sw_if_index), &watch);
+ else
+ ip_neighbor_unwatch (&ip, itype, ntohl (mp->sw_if_index), &watch);
+
+ BAD_SW_IF_INDEX_LABEL;
+ REPLY_MACRO (VL_API_WANT_IP_NEIGHBOR_EVENTS_REPLY);
+}
+
+static void
+vl_api_ip_neighbor_config_t_handler (vl_api_ip_neighbor_config_t * mp)
+{
+ vl_api_ip_neighbor_config_reply_t *rmp;
+ ip_address_family_t af;
+ int rv;
+
+ rv = ip_address_family_decode (mp->af, &af);
+
+ if (!rv)
+ rv = ip_neighbor_config (ip46_type_from_af (af),
+ ntohl (mp->max_number),
+ ntohl (mp->max_age), mp->recycle);
+
+ REPLY_MACRO (VL_API_IP_NEIGHBOR_CONFIG_REPLY);
+}
+
+#define vl_msg_name_crc_list
+#include <vnet/ip-neighbor/ip_neighbor.api.h>
+#undef vl_msg_name_crc_list
+
+#include <vnet/ip-neighbor/ip_neighbor.api.c>
+
+static clib_error_t *
+ip_neighbor_api_init (vlib_main_t * vm)
+{
+ /* Ask for a correctly-sized block of API message decode slots */
+ msg_id_base = setup_message_id_table ();
+
+ return 0;
+}
+
+VLIB_INIT_FUNCTION (ip_neighbor_api_init);
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/ip-neighbor/ip_neighbor_dp.c b/src/vnet/ip-neighbor/ip_neighbor_dp.c
new file mode 100644
index 00000000000..6219a730af4
--- /dev/null
+++ b/src/vnet/ip-neighbor/ip_neighbor_dp.c
@@ -0,0 +1,39 @@
+/*
+ * ip_neighboor.h: ip neighbor generic services
+ *
+ * Copyright (c) 2018 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <vlibmemory/api.h>
+
+#include <vnet/ip-neighbor/ip_neighbor_dp.h>
+#include <vnet/ip-neighbor/ip_neighbor.h>
+
+/**
+ * APIs invoked by neighbor implementation (i.s. ARP and ND) that can be
+ * called from the DP when the protocol has resolved a neighbor
+ */
+void
+ip_neighbor_learn_dp (const ip_neighbor_learn_t * l)
+{
+ vl_api_rpc_call_main_thread (ip_neighbor_learn, (u8 *) l, sizeof (*l));
+}
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/ip-neighbor/ip_neighbor_dp.h b/src/vnet/ip-neighbor/ip_neighbor_dp.h
new file mode 100644
index 00000000000..b5664c2d195
--- /dev/null
+++ b/src/vnet/ip-neighbor/ip_neighbor_dp.h
@@ -0,0 +1,38 @@
+/*
+ * ip_neighboor.h: ip neighbor generic services
+ *
+ * Copyright (c) 2018 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __INCLUDE_IP_NEIGHBOR_DP_H__
+#define __INCLUDE_IP_NEIGHBOR_DP_H__
+
+#include <vnet/ip-neighbor/ip_neighbor_types.h>
+
+/**
+ * APIs invoked by neighbor implementation (i.s. ARP and ND) that can be
+ * called from the DP when the protocol has resolved a neighbor
+ */
+
+extern void ip_neighbor_learn_dp (const ip_neighbor_learn_t * l);
+
+#endif /* __INCLUDE_IP_NEIGHBOR_H__ */
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/ip-neighbor/ip_neighbor_types.c b/src/vnet/ip-neighbor/ip_neighbor_types.c
new file mode 100644
index 00000000000..27262a5d62c
--- /dev/null
+++ b/src/vnet/ip-neighbor/ip_neighbor_types.c
@@ -0,0 +1,83 @@
+/*
+ * ip_neighboor.h: ip neighbor generic services
+ *
+ * Copyright (c) 2018 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <vnet/ip-neighbor/ip_neighbor_types.h>
+
+u8 *
+format_ip_neighbor_flags (u8 * s, va_list * args)
+{
+ ip_neighbor_flags_t flags = va_arg (*args, int);
+
+ if (flags & IP_NEIGHBOR_FLAG_STATIC)
+ s = format (s, "S");
+
+ if (flags & IP_NEIGHBOR_FLAG_DYNAMIC)
+ s = format (s, "D");
+
+ if (flags & IP_NEIGHBOR_FLAG_NO_FIB_ENTRY)
+ s = format (s, "N");
+
+ return s;
+}
+
+
+u8 *
+format_ip_neighbor_key (u8 * s, va_list * va)
+{
+ ip_neighbor_key_t *key = va_arg (*va, ip_neighbor_key_t *);
+
+ return (format (s, "[%U, %U]",
+ format_vnet_sw_if_index_name, vnet_get_main (),
+ key->ipnk_sw_if_index,
+ format_ip46_address, &key->ipnk_ip, key->ipnk_type));
+}
+
+u8 *
+format_ip_neighbor_watcher (u8 * s, va_list * va)
+{
+ ip_neighbor_watcher_t *watcher = va_arg (*va, ip_neighbor_watcher_t *);
+
+ return (format (s, "[pid:%d, client:%d]",
+ clib_host_to_net_u32 (watcher->ipw_pid),
+ clib_host_to_net_u32 (watcher->ipw_client)));
+}
+
+u8 *
+format_ip_neighbor (u8 * s, va_list * va)
+{
+ index_t ipni = va_arg (*va, index_t);
+ ip_neighbor_t *ipn;
+
+ ipn = ip_neighbor_get (ipni);
+
+ return (format (s, "%=12U%=40U%=6U%=20U%U",
+ format_vlib_time, vlib_get_main (),
+ ipn->ipn_time_last_updated,
+ format_ip46_address, &ipn->ipn_key->ipnk_ip, IP46_TYPE_ANY,
+ format_ip_neighbor_flags, ipn->ipn_flags,
+ format_mac_address_t, &ipn->ipn_mac,
+ format_vnet_sw_if_index_name, vnet_get_main (),
+ ipn->ipn_key->ipnk_sw_if_index));
+}
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/ip/ip_neighbor.h b/src/vnet/ip-neighbor/ip_neighbor_types.h
index d370ddeeee4..c6d4e104e8b 100644
--- a/src/vnet/ip/ip_neighbor.h
+++ b/src/vnet/ip-neighbor/ip_neighbor_types.h
@@ -15,8 +15,12 @@
* limitations under the License.
*/
-#ifndef included_ip_neighbor_h
-#define included_ip_neighbor_h
+#ifndef __INCLUDE_IP_NEIGHBOR_TYPES_H__
+#define __INCLUDE_IP_NEIGHBOR_TYPES_H__
+
+#include <vnet/ip/ip6_packet.h>
+#include <vnet/ethernet/mac_address.h>
+#include <vnet/fib/fib_types.h>
#define IP_SCAN_DISABLED 0
#define IP_SCAN_V4_NEIGHBORS (1 << 0)
@@ -33,28 +37,86 @@ typedef struct
u8 stale_threshold; /* Threshold in minutes to delete nei entry */
} ip_neighbor_scan_arg_t;
-void ip_neighbor_scan_enable_disable (ip_neighbor_scan_arg_t * arg);
-
typedef enum ip_neighbor_flags_t_
{
IP_NEIGHBOR_FLAG_NONE = 0,
IP_NEIGHBOR_FLAG_STATIC = (1 << 0),
IP_NEIGHBOR_FLAG_DYNAMIC = (1 << 1),
IP_NEIGHBOR_FLAG_NO_FIB_ENTRY = (1 << 2),
+ IP_NEIGHBOR_FLAG_PENDING = (1 << 3),
} __attribute__ ((packed)) ip_neighbor_flags_t;
+typedef struct ip_neighbor_watcher_t_
+{
+ u32 ipw_pid;
+ u32 ipw_client;
+} ip_neighbor_watcher_t;
+
+extern u8 *format_ip_neighbor_watcher (u8 * s, va_list * args);
+
+typedef struct ip_neighbor_key_t_
+{
+ ip46_address_t ipnk_ip;
+ ip46_type_t ipnk_type;
+ u32 ipnk_sw_if_index;
+} ip_neighbor_key_t;
+
+/**
+ * A representation of an IP neighbour/peer
+ */
+typedef struct ip_neighbor_t_
+{
+ /**
+ * The idempotent key
+ */
+ ip_neighbor_key_t *ipn_key;
+
+ /**
+ * The learned MAC address of the neighbour
+ */
+ mac_address_t ipn_mac;
+
+ /**
+ * Falgs for this object
+ */
+ ip_neighbor_flags_t ipn_flags;
+
+ /**
+ * Aging related data
+ * - last time the neighbour was probed
+ * - number of probes - 3 and it's dead
+ */
+ f64 ipn_time_last_updated;
+ u8 ipn_n_probes;
+ index_t ipn_elt;
+
+ /**
+ * The index of the adj fib created for this neighbour
+ */
+ fib_node_index_t ipn_fib_entry_index;
+} ip_neighbor_t;
+
extern u8 *format_ip_neighbor_flags (u8 * s, va_list * args);
+extern u8 *format_ip_neighbor_key (u8 * s, va_list * args);
+extern u8 *format_ip_neighbor (u8 * s, va_list * args);
+
+extern ip_neighbor_t *ip_neighbor_get (index_t ipni);
-extern int ip_neighbor_add (const ip46_address_t * ip,
- ip46_type_t type,
- const mac_address_t * mac,
- u32 sw_if_index,
- ip_neighbor_flags_t flags, u32 * stats_index);
+typedef struct ip_neighbor_learn_t_
+{
+ ip46_address_t ip;
+ ip46_type_t type;
+ mac_address_t mac;
+ u32 sw_if_index;
+} ip_neighbor_learn_t;
-extern int ip_neighbor_del (const ip46_address_t * ip,
- ip46_type_t type, u32 sw_if_index);
+typedef struct ip_neighbor_event_t_
+{
+ ip_neighbor_watcher_t ipne_watch;
+ index_t ipne_index;
+} ip_neighbor_event_t;
-#endif /* included_ip_neighbor_h */
+#endif /* __INCLUDE_IP_NEIGHBOR_H__ */
/*
* fd.io coding-style-patch-verification: ON
diff --git a/src/vnet/ip-neighbor/ip_neighbor_watch.c b/src/vnet/ip-neighbor/ip_neighbor_watch.c
new file mode 100644
index 00000000000..7464ee62189
--- /dev/null
+++ b/src/vnet/ip-neighbor/ip_neighbor_watch.c
@@ -0,0 +1,283 @@
+/*
+ * ip_neighboor_watch.c; IP neighbor watching
+ *
+ * Copyright (c) 2019 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <vnet/ip-neighbor/ip_neighbor.h>
+#include <vnet/ip/ip_types_api.h>
+#include <vnet/ethernet/ethernet_types_api.h>
+
+#include <vnet/ip-neighbor/ip_neighbor.api_enum.h>
+#include <vnet/ip-neighbor/ip_neighbor.api_types.h>
+
+#include <vlibmemory/api.h>
+
+/**
+ * Database of registered watchers
+ * The key for a watcher is {type, sw_if_index, addreess}
+ * interface=~0 / address=all-zeros imples any.
+ */
+typedef struct ip_neighbor_watch_db_t_
+{
+ mhash_t ipnwdb_hash;
+} ip_neighbor_watch_db_t;
+
+static ip_neighbor_watch_db_t ipnw_db;
+
+static uword
+ip_neighbor_event_process (vlib_main_t * vm,
+ vlib_node_runtime_t * rt, vlib_frame_t * f)
+{
+ ip_neighbor_event_t *ipne, *ipnes = NULL;
+ uword event_type = ~0;
+
+ while (1)
+ {
+ vlib_process_wait_for_event (vm);
+
+ ipnes = vlib_process_get_event_data (vm, &event_type);
+
+ switch (event_type)
+ {
+ default:
+ vec_foreach (ipne, ipnes) ip_neighbor_handle_event (ipne);
+ break;
+
+ case ~0:
+ /* timeout - */
+ break;
+ }
+
+ vec_reset_length (ipnes);
+ }
+ return 0;
+}
+
+/* *INDENT-OFF* */
+VLIB_REGISTER_NODE (ip_neighbor_event_process_node) = {
+ .function = ip_neighbor_event_process,
+ .type = VLIB_NODE_TYPE_PROCESS,
+ .name = "ip-neighbor-event",
+};
+/* *INDENT-ON* */
+
+
+static clib_error_t *
+want_ip_neighbor_events_reaper (u32 client_index)
+{
+ ip_neighbor_key_t *key, *empty_keys = NULL;
+ ip_neighbor_watcher_t *watchers;
+ uword *v;
+ i32 pos;
+
+ /* walk the entire IP neighbour DB and removes the client's registrations */
+ /* *INDENT-OFF* */
+ mhash_foreach(key, v, &ipnw_db.ipnwdb_hash,
+ ({
+ watchers = (ip_neighbor_watcher_t*) *v;
+
+ vec_foreach_index_backwards (pos, watchers) {
+ if (watchers[pos].ipw_client == client_index)
+ vec_del1(watchers, pos);
+ }
+
+ if (vec_len(watchers) == 0)
+ vec_add1 (empty_keys, *key);
+ }));
+ /* *INDENT-OFF* */
+
+ vec_foreach (key, empty_keys)
+ mhash_unset (&ipnw_db.ipnwdb_hash, key, NULL);
+ vec_free (empty_keys);
+ return (NULL);
+}
+
+VL_MSG_API_REAPER_FUNCTION (want_ip_neighbor_events_reaper);
+
+static int
+ip_neighbor_watch_cmp (const ip_neighbor_watcher_t * w1,
+ const ip_neighbor_watcher_t * w2)
+{
+ return (0 == clib_memcmp (w1, w2, sizeof(*w1)));
+}
+
+void
+ip_neighbor_watch (const ip46_address_t * ip,
+ ip46_type_t type,
+ u32 sw_if_index,
+ const ip_neighbor_watcher_t * watch)
+{
+ ip_neighbor_key_t key = {
+ .ipnk_ip = *ip,
+ .ipnk_sw_if_index = (sw_if_index == 0 ? ~0 : sw_if_index),
+ .ipnk_type = type,
+ };
+ ip_neighbor_watcher_t *ipws = NULL;
+ uword *p;
+
+ p = mhash_get (&ipnw_db.ipnwdb_hash, &key);
+
+ if (p)
+ {
+ ipws = (ip_neighbor_watcher_t*) p[0];
+
+ if (~0 != vec_search_with_function (ipws, watch,
+ ip_neighbor_watch_cmp))
+ /* duplicate */
+ return;
+ }
+
+ vec_add1 (ipws, *watch);
+
+ mhash_set (&ipnw_db.ipnwdb_hash, &key, (uword) ipws, NULL);
+}
+
+void
+ip_neighbor_unwatch (const ip46_address_t * ip,
+ ip46_type_t type,
+ u32 sw_if_index,
+ const ip_neighbor_watcher_t * watch)
+{
+ ip_neighbor_key_t key = {
+ .ipnk_ip = *ip,
+ .ipnk_sw_if_index = (sw_if_index == 0 ? ~0 : sw_if_index),
+ .ipnk_type = type,
+ };
+ ip_neighbor_watcher_t *ipws = NULL;
+ uword *p;
+ u32 pos;
+
+ p = mhash_get (&ipnw_db.ipnwdb_hash, &key);
+
+ if (!p)
+ return;
+
+ ipws = (ip_neighbor_watcher_t*) p[0];
+
+ pos = vec_search_with_function (ipws, watch, ip_neighbor_watch_cmp);
+
+ if (~0 == pos)
+ return;
+
+ vec_del1 (ipws, pos);
+
+ if (vec_len(ipws) == 0)
+ mhash_unset (&ipnw_db.ipnwdb_hash, &key, NULL);
+}
+
+static void
+ip_neighbor_signal (ip_neighbor_watcher_t *watchers, index_t ipni)
+{
+ ip_neighbor_watcher_t *watcher;
+
+ vec_foreach (watcher, watchers) {
+ ip_neighbor_event_t *ipne;
+
+ ipne = vlib_process_signal_event_data (vlib_get_main(),
+ ip_neighbor_event_process_node.index,
+ 0, 1, sizeof(*ipne));
+ ipne->ipne_watch = *watcher;
+ ipne->ipne_index = ipni;
+ }
+}
+
+void
+ip_neighbor_publish (index_t ipni)
+{
+ const ip_neighbor_t *ipn;
+ ip_neighbor_key_t key;
+ uword *p;
+
+ ipn = ip_neighbor_get (ipni);
+
+ clib_memcpy (&key, ipn->ipn_key, sizeof (key));
+
+ /* Search the DB from longest to shortest key */
+ p = mhash_get (&ipnw_db.ipnwdb_hash, &key);
+
+ if (p) {
+ ip_neighbor_signal ((ip_neighbor_watcher_t*) p[0], ipni);
+ }
+
+ ip46_address_reset (&key.ipnk_ip);
+ p = mhash_get (&ipnw_db.ipnwdb_hash, &key);
+
+ if (p) {
+ ip_neighbor_signal ((ip_neighbor_watcher_t*) p[0], ipni);
+ }
+
+ key.ipnk_sw_if_index = ~0;
+ p = mhash_get (&ipnw_db.ipnwdb_hash, &key);
+
+ if (p) {
+ ip_neighbor_signal ((ip_neighbor_watcher_t*) p[0], ipni);
+ }
+}
+
+static clib_error_t *
+ip_neighbor_watchers_show (vlib_main_t * vm,
+ unformat_input_t * input,
+ vlib_cli_command_t * cmd)
+{
+ ip_neighbor_watcher_t *watchers, *watcher;
+ ip_neighbor_key_t *key;
+ uword *v;
+
+ /* *INDENT-OFF* */
+ mhash_foreach(key, v, &ipnw_db.ipnwdb_hash,
+ ({
+ watchers = (ip_neighbor_watcher_t*) *v;
+
+ ASSERT(vec_len(watchers));
+ vlib_cli_output (vm, "Key: %U", format_ip_neighbor_key, key);
+
+ vec_foreach (watcher, watchers)
+ vlib_cli_output (vm, " %U", format_ip_neighbor_watcher, watcher);
+ }));
+ /* *INDENT-ON* */
+ return (NULL);
+}
+
+/* *INDENT-OFF* */
+VLIB_CLI_COMMAND (show_ip_neighbor_watchers_cmd_node, static) = {
+ .path = "show ip neighbor-watcher",
+ .function = ip_neighbor_watchers_show,
+ .short_help = "show ip neighbors-watcher",
+};
+/* *INDENT-ON* */
+
+static clib_error_t *
+ip_neighbor_watch_init (vlib_main_t * vm)
+{
+ mhash_init (&ipnw_db.ipnwdb_hash,
+ sizeof (ip_neighbor_watcher_t *), sizeof (ip_neighbor_key_t));
+ return (NULL);
+}
+
+/* *INDENT-OFF* */
+VLIB_INIT_FUNCTION (ip_neighbor_watch_init) =
+{
+ .runs_after = VLIB_INITS("ip_neighbor_init"),
+};
+/* *INDENT-ON* */
+
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/ip-neighbor/ip_neighbor_watch.h b/src/vnet/ip-neighbor/ip_neighbor_watch.h
new file mode 100644
index 00000000000..91d9f6fe12f
--- /dev/null
+++ b/src/vnet/ip-neighbor/ip_neighbor_watch.h
@@ -0,0 +1,42 @@
+/*
+ * ip_neighboor_watch.h: ip neighbor event handling
+ *
+ * Copyright (c) 2018 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __IP_NEIGHBOR_WATCH_H__
+#define __IP_NEIGHBOR_WATCH_H__
+
+#include <vnet/ip-neighbor/ip_neighbor_types.h>
+
+extern void ip_neighbor_watch (const ip46_address_t * ip,
+ ip46_type_t type,
+ u32 sw_if_index,
+ const ip_neighbor_watcher_t * watch);
+extern void ip_neighbor_unwatch (const ip46_address_t * ip,
+ ip46_type_t type,
+ u32 sw_if_index,
+ const ip_neighbor_watcher_t * watch);
+
+extern void ip_neighbor_publish (index_t ipni);
+
+#endif
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/ip/format.h b/src/vnet/ip/format.h
index 952455c975a..6e9075cc877 100644
--- a/src/vnet/ip/format.h
+++ b/src/vnet/ip/format.h
@@ -58,8 +58,6 @@ typedef enum format_ip_adjacency_flags_t_
format_function_t format_ip_adjacency;
format_function_t format_ip_adjacency_packet_data;
-format_function_t format_ip46_address;
-
/* unformat_ip46_address expects arguments (ip46_address_t *, ip46_type_t)
* The type argument is used to enforce a particular IP version. */
unformat_function_t unformat_ip46_address;
diff --git a/src/vnet/ip/icmp46_packet.h b/src/vnet/ip/icmp46_packet.h
index e761af8bf16..0545046fe60 100644
--- a/src/vnet/ip/icmp46_packet.h
+++ b/src/vnet/ip/icmp46_packet.h
@@ -187,13 +187,15 @@ typedef enum
#undef _
} icmp6_code_t;
+/* *INDENT-OFF* */
typedef CLIB_PACKED (struct
- {
- u8 type;
- u8 code;
- /* IP checksum of icmp header plus data which follows. */
- u16 checksum;
- }) icmp46_header_t;
+{
+ u8 type;
+ u8 code;
+ /* IP checksum of icmp header plus data which follows. */
+ u16 checksum;
+}) icmp46_header_t;
+/* *INDENT-ON* */
/* ip6 neighbor discovery */
#define foreach_icmp6_neighbor_discovery_option \
@@ -236,164 +238,125 @@ typedef enum icmp6_neighbor_discovery_option_type
#undef _
} icmp6_neighbor_discovery_option_type_t;
+/* *INDENT-OFF* */
typedef CLIB_PACKED (struct
- {
- /* Option type. */
- u8 type;
- /* Length of this header plus option data in 8 byte units. */
- u8 n_data_u64s;
- /* Option data follows. */
- u8 data[0];
- }) icmp6_neighbor_discovery_option_header_t;
+{
+ /* Option type. */
+ u8 type;
+ /* Length of this header plus option data in 8 byte units. */
+ u8 n_data_u64s;
+ /* Option data follows. */
+ u8 data[0];
+}) icmp6_neighbor_discovery_option_header_t;
typedef CLIB_PACKED (struct
- {
- icmp6_neighbor_discovery_option_header_t header;
- u8 dst_address_length;
- u8 flags;
+{
+ icmp6_neighbor_discovery_option_header_t header;
+ u8 dst_address_length;
+ u8 flags;
#define ICMP6_NEIGHBOR_DISCOVERY_PREFIX_INFORMATION_FLAG_ON_LINK (1 << 7)
#define ICMP6_NEIGHBOR_DISCOVERY_PREFIX_INFORMATION_AUTO (1 << 6)
- u32 valid_time;
- u32 preferred_time;
- u32 unused; ip6_address_t dst_address;
- }) icmp6_neighbor_discovery_prefix_information_option_t;
+ u32 valid_time;
+ u32 preferred_time;
+ u32 unused; ip6_address_t dst_address;
+}) icmp6_neighbor_discovery_prefix_information_option_t;
typedef CLIB_PACKED (struct
- {
- u8 type;
- u8 aux_data_len_u32s;
- u16 num_sources;
- ip6_address_t mcast_addr; ip6_address_t source_addr[0];
- }) icmp6_multicast_address_record_t;
-
-typedef CLIB_PACKED (struct
- {
- ip6_hop_by_hop_ext_t ext_hdr;
- ip6_router_alert_option_t alert;
- ip6_padN_option_t pad;
- icmp46_header_t icmp;
- u16 rsvd;
- u16 num_addr_records;
- icmp6_multicast_address_record_t records[0];
- }) icmp6_multicast_listener_report_header_t;
+{
+ u8 type;
+ u8 aux_data_len_u32s;
+ u16 num_sources;
+ ip6_address_t mcast_addr; ip6_address_t source_addr[0];
+}) icmp6_multicast_address_record_t;
typedef CLIB_PACKED (struct
- {
- icmp6_neighbor_discovery_option_header_t header;
- u8 reserved[6];
- /* IP6 header plus payload follows. */
- u8 data[0];
- }) icmp6_neighbor_discovery_redirected_header_option_t;
+{
+ icmp6_neighbor_discovery_option_header_t header;
+ u8 reserved[6];
+ /* IP6 header plus payload follows. */
+ u8 data[0];
+}) icmp6_neighbor_discovery_redirected_header_option_t;
typedef CLIB_PACKED (struct
- {
- icmp6_neighbor_discovery_option_header_t header;
- u16 unused; u32 mtu;
- }) icmp6_neighbor_discovery_mtu_option_t;
+{
+ icmp6_neighbor_discovery_option_header_t header;
+ u16 unused; u32 mtu;
+}) icmp6_neighbor_discovery_mtu_option_t;
typedef CLIB_PACKED (struct
- {
- icmp6_neighbor_discovery_option_header_t header;
- u8 ethernet_address[6];
- })
- icmp6_neighbor_discovery_ethernet_link_layer_address_option_t;
+{
+ icmp6_neighbor_discovery_option_header_t header;
+ u8 ethernet_address[6];
+}) icmp6_neighbor_discovery_ethernet_link_layer_address_option_t;
typedef CLIB_PACKED (struct
- {
- icmp6_neighbor_discovery_option_header_t header;
- u8 max_l2_address[6 + 8];
- })
- icmp6_neighbor_discovery_max_link_layer_address_option_t;
+{
+ icmp6_neighbor_discovery_option_header_t header;
+ u8 max_l2_address[6 + 8];
+}) icmp6_neighbor_discovery_max_link_layer_address_option_t;
/* Generic neighbor discover header. Used for router solicitations,
etc. */
typedef CLIB_PACKED (struct
- {
- icmp46_header_t icmp; u32 reserved_must_be_zero;
- }) icmp6_neighbor_discovery_header_t;
+{
+ icmp46_header_t icmp; u32 reserved_must_be_zero;
+}) icmp6_neighbor_discovery_header_t;
/* Router advertisement packet formats. */
typedef CLIB_PACKED (struct
- {
- icmp46_header_t icmp;
- /* Current hop limit to use for outgoing packets. */
- u8 current_hop_limit;
- u8 flags;
+{
+ icmp46_header_t icmp;
+ /* Current hop limit to use for outgoing packets. */
+ u8 current_hop_limit;
+ u8 flags;
#define ICMP6_ROUTER_DISCOVERY_FLAG_ADDRESS_CONFIG_VIA_DHCP (1 << 7)
#define ICMP6_ROUTER_DISCOVERY_FLAG_OTHER_CONFIG_VIA_DHCP (1 << 6)
- /* Zero means unspecified. */
- u16 router_lifetime_in_sec;
- /* Zero means unspecified. */
- u32 neighbor_reachable_time_in_msec;
- /* Zero means unspecified. */
- u32
- time_in_msec_between_retransmitted_neighbor_solicitations;
- /* Options that may follow: source_link_layer_address, mtu, prefix_information. */
- }) icmp6_router_advertisement_header_t;
+ /* Zero means unspecified. */
+ u16 router_lifetime_in_sec;
+ /* Zero means unspecified. */
+ u32 neighbor_reachable_time_in_msec;
+ /* Zero means unspecified. */
+ u32
+ time_in_msec_between_retransmitted_neighbor_solicitations;
+ /* Options that may follow: source_link_layer_address, mtu, prefix_information. */
+}) icmp6_router_advertisement_header_t;
/* Neighbor solicitation/advertisement header. */
typedef CLIB_PACKED (struct
- {
- icmp46_header_t icmp;
- /* Zero for solicitation; flags for advertisement. */
- u32 advertisement_flags;
- /* Set when sent by a router. */
+{
+ icmp46_header_t icmp;
+ /* Zero for solicitation; flags for advertisement. */
+ u32 advertisement_flags;
+ /* Set when sent by a router. */
#define ICMP6_NEIGHBOR_ADVERTISEMENT_FLAG_ROUTER (1 << 31)
- /* Set when response to solicitation. */
+ /* Set when response to solicitation. */
#define ICMP6_NEIGHBOR_ADVERTISEMENT_FLAG_SOLICITED (1 << 30)
#define ICMP6_NEIGHBOR_ADVERTISEMENT_FLAG_OVERRIDE (1 << 29)
- ip6_address_t target_address;
- /* Options that may follow: source_link_layer_address
- (for solicitation) target_link_layer_address (for advertisement). */
- }) icmp6_neighbor_solicitation_or_advertisement_header_t;
+ ip6_address_t target_address;
+ /* Options that may follow: source_link_layer_address
+ (for solicitation) target_link_layer_address (for advertisement). */
+}) icmp6_neighbor_solicitation_or_advertisement_header_t;
typedef CLIB_PACKED (struct
- {
- icmp46_header_t icmp;
- u32 reserved_must_be_zero;
- /* Better next hop to use for given destination. */
- ip6_address_t better_next_hop_address;
- ip6_address_t dst_address;
- /* Options that may follow: target_link_layer_address,
- redirected_header. */
- }) icmp6_redirect_header_t;
+{
+ icmp46_header_t icmp;
+ u32 reserved_must_be_zero;
+ /* Better next hop to use for given destination. */
+ ip6_address_t better_next_hop_address;
+ ip6_address_t dst_address;
+ /* Options that may follow: target_link_layer_address,
+ redirected_header. */
+}) icmp6_redirect_header_t;
/* Solicitation/advertisement packet format for ethernet. */
typedef CLIB_PACKED (struct
- {
- ip6_header_t ip;
- icmp6_neighbor_solicitation_or_advertisement_header_t
- neighbor;
- icmp6_neighbor_discovery_ethernet_link_layer_address_option_t
- link_layer_option;
- }) icmp6_neighbor_solicitation_header_t;
-
-/* Router solicitation packet format for ethernet. */
-typedef CLIB_PACKED (struct
- {
- ip6_header_t ip;
- icmp6_neighbor_discovery_header_t neighbor;
- icmp6_neighbor_discovery_ethernet_link_layer_address_option_t
- link_layer_option;
- }) icmp6_router_solicitation_header_t;
-
-/* router advertisement packet format for ethernet. */
-typedef CLIB_PACKED (struct
- {
- ip6_header_t ip;
- icmp6_router_advertisement_header_t router;
- icmp6_neighbor_discovery_ethernet_link_layer_address_option_t
- link_layer_option;
- icmp6_neighbor_discovery_mtu_option_t mtu_option;
- icmp6_neighbor_discovery_prefix_information_option_t
- prefix[0];
- }) icmp6_router_advertisement_packet_t;
-
-/* multicast listener report packet format for ethernet. */
-typedef CLIB_PACKED (struct
- {
- ip6_header_t ip;
- icmp6_multicast_listener_report_header_t report_hdr;
- }) icmp6_multicast_listener_report_packet_t;
+{
+ ip6_header_t ip;
+ icmp6_neighbor_solicitation_or_advertisement_header_t
+ neighbor;
+ icmp6_neighbor_discovery_ethernet_link_layer_address_option_t
+ link_layer_option;
+}) icmp6_neighbor_solicitation_header_t;
+/* *INDENT-ON* */
#endif /* included_vnet_icmp46_packet_h */
diff --git a/src/vnet/ip/icmp6.c b/src/vnet/ip/icmp6.c
index 95baa71344c..4bba430fadc 100644
--- a/src/vnet/ip/icmp6.c
+++ b/src/vnet/ip/icmp6.c
@@ -816,7 +816,7 @@ icmp6_init (vlib_main_t * vm)
icmp6_register_type (vm, ICMP6_echo_request,
ip6_icmp_echo_request_node.index);
- return vlib_call_init_function (vm, ip6_neighbor_init);
+ return (NULL);
}
VLIB_INIT_FUNCTION (icmp6_init);
diff --git a/src/vnet/ip/ip.api b/src/vnet/ip/ip.api
index 0bdd1529b20..831b38ac53c 100644
--- a/src/vnet/ip/ip.api
+++ b/src/vnet/ip/ip.api
@@ -189,76 +189,6 @@ manual_endian manual_print define ip_route_details
vl_api_ip_route_t route;
};
-/** \brief IP neighbor flags
- @param is_static - A static neighbor Entry - there are not flushed
- If the interface goes down.
- @param is_no_fib_entry - Do not create a corresponding entry in the FIB
- table for the neighbor.
-*/
-enum ip_neighbor_flags
-{
- IP_API_NEIGHBOR_FLAG_NONE = 0,
- IP_API_NEIGHBOR_FLAG_STATIC = 0x1,
- IP_API_NEIGHBOR_FLAG_NO_FIB_ENTRY = 0x2,
-};
-
-/** \brief IP neighbor
- @param sw_if_index - interface used to reach neighbor
- @param mac_address - l2 address of the neighbor
- @param ip_address - ip4 or ip6 address of the neighbor
- @param flags - flags for the nieghbor
-*/
-typedef ip_neighbor {
- vl_api_interface_index_t sw_if_index;
- vl_api_ip_neighbor_flags_t flags;
- vl_api_mac_address_t mac_address;
- vl_api_address_t ip_address;
-};
-
-/** \brief IP neighbor add / del request
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param is_add - 1 to add neighbor, 0 to delete
- @param neighbor - the neighor to add/remove
-*/
-define ip_neighbor_add_del
-{
- u32 client_index;
- u32 context;
- /* 1 = add, 0 = delete */
- bool is_add;
- vl_api_ip_neighbor_t neighbor;
-};
-define ip_neighbor_add_del_reply
-{
- u32 context;
- i32 retval;
- u32 stats_index;
-};
-
-/** \brief Dump IP neighboors
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param sw_if_index - the interface to dump neighboors, ~0 == all
- @param is_ipv6 - [1|0] to indicate if address family is ipv[6|4]
-*/
-define ip_neighbor_dump
-{
- u32 client_index;
- u32 context;
- vl_api_interface_index_t sw_if_index;
- bool is_ipv6;
-};
-
-/** \brief IP neighboors dump response
- @param context - sender context which was passed in the request
- @param neighbour - the neighbor
-*/
-define ip_neighbor_details {
- u32 context;
- vl_api_ip_neighbor_t neighbor;
-};
-
/** \brief Set the ip flow hash config for a fib request
@param client_index - opaque cookie to identify the sender
@param context - sender context, to match reply w/ request
@@ -287,150 +217,6 @@ autoreply define set_ip_flow_hash
u8 symmetric;
};
-/** \brief IPv6 router advertisement config request
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param suppress -
- @param managed -
- @param other -
- @param ll_option -
- @param send_unicast -
- @param cease -
- @param is_no -
- @param default_router -
- @param max_interval -
- @param min_interval -
- @param lifetime -
- @param initial_count -
- @param initial_interval -
-*/
-autoreply define sw_interface_ip6nd_ra_config
-{
- u32 client_index;
- u32 context;
- vl_api_interface_index_t sw_if_index;
- u8 suppress;
- u8 managed;
- u8 other;
- u8 ll_option;
- u8 send_unicast;
- u8 cease;
- bool is_no;
- u8 default_router;
- u32 max_interval;
- u32 min_interval;
- u32 lifetime;
- u32 initial_count;
- u32 initial_interval;
-};
-
-/** \brief IPv6 router advertisement prefix config request
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param sw_if_index - The interface the RA prefix information is for
- @param prefix - The prefix to advertise
- @param use_default - Revert to default settings
- @param no_advertise - Do not advertise this prefix
- @param off_link - The prefix is off link (it is not configured on the interface)
- Configures the L-flag, When set, indicates that this
- prefix can be used for on-link determination.
- @param no_autoconfig - Setting for the A-flag. When
- set indicates that this prefix can be used for
- stateless address configuration.
- @param no_onlink - The prefix is not on link. Make sure this is consistent
- with the off_link parameter else YMMV
- @param is_no - add/delete
- @param val_lifetime - The length of time in
- seconds (relative to the time the packet is sent)
- that the prefix is valid for the purpose of on-link
- determination. A value of all one bits
- (0xffffffff) represents infinity
- @param pref_lifetime - The length of time in
- seconds (relative to the time the packet is sent)
- that addresses generated from the prefix via
- stateless address autoconfiguration remain
- preferred [ADDRCONF]. A value of all one bits
- (0xffffffff) represents infinity.
-*/
-autoreply define sw_interface_ip6nd_ra_prefix
-{
- u32 client_index;
- u32 context;
- vl_api_interface_index_t sw_if_index;
- vl_api_prefix_t prefix;
- bool use_default;
- bool no_advertise;
- bool off_link;
- bool no_autoconfig;
- bool no_onlink;
- bool is_no;
- u32 val_lifetime;
- u32 pref_lifetime;
-};
-
-/** \brief IPv6 ND proxy config
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param sw_if_index - The interface the host is on
- @param address - The address of the host for which to proxy for
- @param is_add - Adding or deleting
-*/
-autoreply define ip6nd_proxy_add_del
-{
- u32 client_index;
- u32 context;
- vl_api_interface_index_t sw_if_index;
- bool is_del;
- vl_api_ip6_address_t ip;
-};
-
-/** \brief IPv6 ND proxy details returned after request
- @param context - sender context, to match reply w/ request
- @param retval - return code for the request
-*/
-define ip6nd_proxy_details
-{
- u32 context;
- vl_api_interface_index_t sw_if_index;
- vl_api_ip6_address_t ip;
-};
-
-/** \brief IPv6 ND proxy dump request
- @param context - sender context, to match reply w/ request
- @param retval - return code for the request
- @param sw_if_index - The interface the host is on
- @param address - The address of the host for which to proxy for
-*/
-define ip6nd_proxy_dump
-{
- u32 client_index;
- u32 context;
-};
-
-/** \brief Start / stop sending router solicitation
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param irt - initial retransmission time
- @param mrt - maximum retransmission time
- @param mrc - maximum retransmission count
- @param mrd - maximum retransmission duration
- @param sw_if_index - software interface index of interface
- for sending router solicitation
- @param stop - if non-zero then stop sending router solicitation,
- otherwise start sending router solicitation
-*/
-autoreply define ip6nd_send_router_solicitation
-{
- u32 client_index;
- u32 context;
- u32 irt;
- u32 mrt;
- u32 mrc;
- u32 mrd;
- u32 sw_if_index;
- bool stop;
-};
-
/** \brief IPv6 interface enable / disable request
@param client_index - opaque cookie to identify the sender
@param context - sender context, to match reply w/ request
@@ -445,20 +231,6 @@ autoreply define sw_interface_ip6_enable_disable
bool enable; /* set to true if enable */
};
-/** \brief IPv6 set link local address on interface request
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param sw_if_index - interface to set link local on
- @param address[] - the new link local address
-*/
-autoreply define sw_interface_ip6_set_link_local_address
-{
- u32 client_index;
- u32 context;
- vl_api_interface_index_t sw_if_index;
- vl_api_ip6_address_t address;
-};
-
/** \brief Dump IP multicast fib table
@param client_index - opaque cookie to identify the sender
*/
@@ -752,279 +524,20 @@ autoreply define ip_source_check_interface_add_del
vl_api_interface_index_t sw_if_index;
};
-/** \brief Enable/disable periodic IP neighbor scan
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param mode - 0: disable, 1: IPv4, 2: IPv6, 3: both IPv4/v6
- @param scan_interval - neighbor scan interval in minutes, 0: default to 1
- @param max_proc_time - max processing time per run in usec, 0: default to 20
- @param max_update - max neighbor probe/delete per run, 0: default to 10
- @param scan_int_delay - delay in msec to resume scan if exceed max proc
- time or update, 0: default to 1
- @param stale_threshold - threshold in minutes for neighbor deletion,
- 0: default to 4*scan_interval
-*/
-autoreply define ip_scan_neighbor_enable_disable
-{
- u32 client_index;
- u32 context;
- u8 mode;
- u8 scan_interval;
- u8 max_proc_time;
- u8 max_update;
- u8 scan_int_delay;
- u8 stale_threshold;
-};
-
-/** \brief IP probe neighbor address on an interface by sending an
- ARP request (for IP4) or ICMP6 Neighbor Solicitation (for IP6)
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param sw_if_index - interface index
- @param dst - target IP address to send IP addr resolution request
-*/
-autoreply define ip_probe_neighbor
-{
- u32 client_index;
- u32 context;
- vl_api_interface_index_t sw_if_index;
- vl_api_address_t dst;
-};
-
-/** \brief Register for IP4 ARP resolution event on receing ARP reply or
- MAC/IP info from ARP requests in L2 BDs
+/** \brief IPv6 set link local address on interface request
@param client_index - opaque cookie to identify the sender
@param context - sender context, to match reply w/ request
- @param enable_disable - 1 => register for events, 0 => cancel registration
- @param pid - sender's pid
- @param ip - exact IP4 address of interested arp resolution event, or
- 0 to get MAC/IP info from ARP requests in BDs
+ @param sw_if_index - interface to set link local on
+ @param ip - the new link local address
*/
-autoreply define want_ip4_arp_events
+autoreply define sw_interface_ip6_set_link_local_address
{
u32 client_index;
u32 context;
- bool enable_disable;
- u32 pid;
- vl_api_ip4_address_t ip;
-};
-
-/** \brief Tell client about an IP4 ARP resolution event or
- MAC/IP info from ARP requests in L2 BDs
- @param client_index - opaque cookie to identify the sender
- @param ip - the exact ip4 address of interest
- @param pid - client pid registered to receive notification
- @param sw_if_index - interface which received ARP packet
- @param mac - the new mac address
- @param mac_ip - 0: ARP resolution event, 1: MAC/IP info from L2 BDs
-*/
-define ip4_arp_event
-{
- u32 client_index;
- vl_api_ip4_address_t ip;
- u32 pid;
vl_api_interface_index_t sw_if_index;
- vl_api_mac_address_t mac;
- u8 mac_ip;
-};
-
-service {
- rpc want_ip4_arp_events returns want_ip4_arp_events_reply
- events ip4_arp_event;
-};
-
-/** \brief Register for IP6 ND resolution event on recieving NA reply
- MAC/IP info from ICMP6 Neighbor Solicitation in L2 BDs
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param enable_disable - 1 => register for events, 0 => cancel registration
- @param pid - sender's pid
- @param ip - the exact IP6 address of interested ND resolution event, or
- 0 to get MAC/IP info from ICMP6 NS in L2 BDs.
-*/
-autoreply define want_ip6_nd_events
-{
- u32 client_index;
- u32 context;
- bool enable_disable;
- u32 pid;
vl_api_ip6_address_t ip;
};
-/** \brief Tell client about an IP6 ND resolution or
- MAC/IP info from ICMP6 Neighbor Solicitation in L2 BDs.
- @param client_index - opaque cookie to identify the sender
- @param pid - client pid registered to receive notification
- @param sw_if_index - interface which received ARP packet
- @param ip - the exact ip6 address of interest
- @param new_mac - the new mac address
- @param mac_ip - 0: ND resolution event, 1: MAC/IP info from L2 BDs
-*/
-define ip6_nd_event
-{
- u32 client_index;
- u32 pid;
- vl_api_interface_index_t sw_if_index;
- vl_api_ip6_address_t ip;
- vl_api_mac_address_t mac;
- u8 mac_ip;
-};
-
-service {
- rpc want_ip6_ra_events returns want_ip6_ra_events_reply
- events ip6_ra_event;
-};
-
-/** \brief Register for ip6 router advertisement events
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param enable_disable - 1 => register for events, 0 => cancel registration
- @param pid - sender's pid
-*/
-autoreply define want_ip6_ra_events
-{
- u32 client_index;
- u32 context;
- bool enable_disable;
- u32 pid;
-};
-
-/** \brief Struct representing RA prefix info
- @param prefix - RA prefix info destination address
- @param flags - RA prefix info flags
- @param valid_time - RA prefix info valid time
- @param preferred_time - RA prefix info preferred time
-*/
-typedef ip6_ra_prefix_info
-{
- vl_api_prefix_t prefix;
- u8 flags;
- u32 valid_time;
- u32 preferred_time;
-};
-
-/** \brief Tell client about a router advertisement event
- @param client_index - opaque cookie to identify the sender
- @param pid - client pid registered to receive notification
- @param current_hop_limit - RA current hop limit
- @param flags - RA flags
- @param router_lifetime_in_sec - RA lifetime in seconds
- @param router_addr - The router's address
- @param neighbor_reachable_time_in_msec - RA neighbor reachable time in msec
- @param time_in_msec_between_retransmitted_neighbor_solicitations -
- time in msec between retransmitted neighbor solicitations
- @param n_prefixes -
- @param prefixes -
-*/
-define ip6_ra_event
-{
- u32 client_index;
- u32 pid;
- vl_api_interface_index_t sw_if_index;
- vl_api_ip6_address_t router_addr;
- u8 current_hop_limit;
- u8 flags;
- u16 router_lifetime_in_sec;
- u32 neighbor_reachable_time_in_msec;
- u32 time_in_msec_between_retransmitted_neighbor_solicitations;
- u32 n_prefixes;
- vl_api_ip6_ra_prefix_info_t prefixes[n_prefixes];
-};
-
-service {
- rpc want_ip6_nd_events returns want_ip6_nd_events_reply
- events ip6_nd_event;
-};
-
-/** \brief Proxy ARP configuration type
- @param table_id - VRF / Fib table ID
- @param low - Low address of the Proxy ARP range
- @param hi - High address of the Proxy ARP range
-*/
-typedef proxy_arp
-{
- u32 table_id;
- vl_api_ip4_address_t low;
- vl_api_ip4_address_t hi;
-};
-
-/** \brief Proxy ARP add / del request
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param is_add - 1 if adding the Proxy ARP range, 0 if deleting
- @param proxy - Proxy configuration
-*/
-autoreply define proxy_arp_add_del
-{
- u32 client_index;
- u32 context;
- bool is_add;
- vl_api_proxy_arp_t proxy;
-};
-
-/** \brief Proxy ARP dump request
- */
-define proxy_arp_dump
-{
- u32 client_index;
- u32 context;
-};
-
-/** \brief Proxy ARP dump details reply
- * @param proxy - Same data as used to configure
- */
-define proxy_arp_details
-{
- u32 context;
- vl_api_proxy_arp_t proxy;
-};
-
-/** \brief Proxy ARP add / del interface request
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param sw_if_index - Which interface to enable / disable Proxy Arp on
- @param enable_disable - 1 to enable Proxy ARP on interface, 0 to disable
-*/
-autoreply define proxy_arp_intfc_enable_disable
-{
- u32 client_index;
- u32 context;
- vl_api_interface_index_t sw_if_index;
- /* 1 = on, 0 = off */
- bool enable_disable;
-};
-
-/** \brief Proxy ARP interface dump request
- */
-define proxy_arp_intfc_dump
-{
- u32 client_index;
- u32 context;
-};
-
-/** \brief Proxy ARP interface dump details reply
- * @param sw_if_index The interface on which ARP proxy is enabled.
- */
-define proxy_arp_intfc_details
-{
- u32 context;
- vl_api_interface_index_t sw_if_index;
-};
-
-/** \brief Set max allowed ARP or ip6 neighbor entries request
- @param client_index - opaque cookie to identify the sender
- @param context - sender context, to match reply w/ request
- @param is_ipv6 - neighbor limit if non-zero, else ARP limit
- @param arp_neighbor_limit - the new limit, defaults are ~ 50k
-*/
-autoreply define set_arp_neighbor_limit
-{
- u32 client_index;
- u32 context;
- bool is_ipv6;
- u32 arp_neighbor_limit;
-};
-
/** \brief IOAM enable : Enable in-band OAM
@param id - profile id
@param seqno - To enable Seqno Processing
diff --git a/src/vnet/ip/ip4.h b/src/vnet/ip/ip4.h
index 339b84b1b62..a7e05a41f75 100644
--- a/src/vnet/ip/ip4.h
+++ b/src/vnet/ip/ip4.h
@@ -230,7 +230,7 @@ ip4_src_address_for_packet (ip_lookup_main_t * lm,
/* Find interface address which matches destination. */
always_inline ip4_address_t *
ip4_interface_address_matching_destination (ip4_main_t * im,
- ip4_address_t * dst,
+ const ip4_address_t * dst,
u32 sw_if_index,
ip_interface_address_t **
result_ia)
@@ -271,12 +271,6 @@ void ip4_sw_interface_enable_disable (u32 sw_if_index, u32 is_enable);
int ip4_address_compare (ip4_address_t * a1, ip4_address_t * a2);
-/* Send an ARP request to see if given destination is reachable on given interface. */
-clib_error_t *ip4_probe_neighbor (vlib_main_t * vm, ip4_address_t * dst,
- u32 sw_if_index, u8 refresh);
-
-clib_error_t *ip4_set_arp_limit (u32 arp_limit);
-
uword
ip4_udp_register_listener (vlib_main_t * vm,
u16 dst_port, u32 next_node_index);
diff --git a/src/vnet/ip/ip46_address.c b/src/vnet/ip/ip46_address.c
new file mode 100644
index 00000000000..184392e036d
--- /dev/null
+++ b/src/vnet/ip/ip46_address.c
@@ -0,0 +1,76 @@
+/*
+ * Copyright (c) 2015-2019 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <vnet/ip/ip46_address.h>
+
+u8 *
+format_ip46_type (u8 * s, va_list * args)
+{
+ ip46_type_t type = va_arg (*args, ip46_type_t);
+
+ switch (type)
+ {
+ case IP46_TYPE_IP4:
+ return (format (s, "ip4"));
+ case IP46_TYPE_IP6:
+ return (format (s, "ip6"));
+ case IP46_TYPE_ANY:
+ return (format (s, "any"));
+ }
+
+ return (format (s, "unknown"));
+}
+
+void
+ip4_address_increment (ip4_address_t * i)
+{
+ u32 t = clib_net_to_host_u32 (i->as_u32);
+ t++;
+ i->as_u32 = clib_net_to_host_u32 (t);
+}
+
+void
+ip6_address_increment (ip6_address_t * i)
+{
+ u64 tmp = clib_net_to_host_u64 (i->as_u64[1]);
+
+ tmp++;
+ i->as_u64[1] = clib_host_to_net_u64 (tmp);
+
+ if (!tmp)
+ {
+ tmp = clib_net_to_host_u64 (i->as_u64[0]);
+ tmp++;
+ i->as_u64[0] = clib_host_to_net_u64 (tmp);
+ }
+}
+
+void
+ip46_address_increment (ip46_type_t type, ip46_address_t * ip)
+{
+ if (IP46_TYPE_IP4 == type ||
+ (IP46_TYPE_ANY == type && ip46_address_is_ip4 (ip)))
+ ip4_address_increment (&ip->ip4);
+ else
+ ip6_address_increment (&ip->ip6);
+}
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/ip/ip46_address.h b/src/vnet/ip/ip46_address.h
new file mode 100644
index 00000000000..f726178ee63
--- /dev/null
+++ b/src/vnet/ip/ip46_address.h
@@ -0,0 +1,172 @@
+/*
+ * Copyright (c) 2015-2019 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef included_ip46_address_h
+#define included_ip46_address_h
+
+#include <vnet/ip/ip6_packet.h>
+#include <vnet/ip/ip4_packet.h>
+
+typedef enum
+{
+ IP46_TYPE_ANY,
+ IP46_TYPE_BOTH = IP46_TYPE_ANY,
+ IP46_TYPE_IP4,
+ IP46_TYPE_IP6
+} ip46_type_t;
+
+#define IP46_N_TYPES (IP46_TYPE_IP6+2)
+
+#define FOREACH_IP46_TYPE(_type) \
+ for (_type = IP46_TYPE_IP4; _type <= IP46_TYPE_IP6; _type++)
+
+extern u8 *format_ip46_type (u8 * s, va_list * args);
+
+/* *INDENT-OFF* */
+typedef CLIB_PACKED (union ip46_address_t_ {
+ struct {
+ u32 pad[3];
+ ip4_address_t ip4;
+ };
+ ip6_address_t ip6;
+ u8 as_u8[16];
+ u64 as_u64[2];
+}) ip46_address_t;
+/* *INDENT-ON* */
+
+
+format_function_t format_ip46_address;
+
+#define ip46_address_initializer {{{ 0 }}}
+
+always_inline u8
+ip46_address_is_ip4 (const ip46_address_t * ip46)
+{
+ return (((ip46)->pad[0] | (ip46)->pad[1] | (ip46)->pad[2]) == 0);
+}
+
+always_inline void
+ip46_address_mask_ip4 (ip46_address_t * ip46)
+{
+ ((ip46)->pad[0] = (ip46)->pad[1] = (ip46)->pad[2] = 0);
+}
+
+always_inline void
+ip46_address_set_ip4 (ip46_address_t * ip46, const ip4_address_t * ip)
+{
+ ip46_address_mask_ip4 (ip46);
+ ip46->ip4 = *ip;
+}
+
+always_inline void
+ip46_address_reset (ip46_address_t * ip46)
+{
+ ip46->as_u64[0] = ip46->as_u64[1] = 0;
+}
+
+always_inline int
+ip46_address_cmp (const ip46_address_t * ip46_1,
+ const ip46_address_t * ip46_2)
+{
+ return (memcmp (ip46_1, ip46_2, sizeof (*ip46_1)));
+}
+
+always_inline u8
+ip46_address_is_zero (const ip46_address_t * ip46)
+{
+ return (ip46->as_u64[0] == 0 && ip46->as_u64[1] == 0);
+}
+
+always_inline u8
+ip46_address_is_equal (const ip46_address_t * ip46_1,
+ const ip46_address_t * ip46_2)
+{
+ return ((ip46_1->as_u64[0] == ip46_2->as_u64[0]) &&
+ (ip46_1->as_u64[1] == ip46_2->as_u64[1]));
+}
+
+static_always_inline int
+ip4_address_is_equal (const ip4_address_t * ip4_1,
+ const ip4_address_t * ip4_2)
+{
+ return (ip4_1->as_u32 == ip4_2->as_u32);
+}
+
+static_always_inline int
+ip46_address_is_equal_v4 (const ip46_address_t * ip46,
+ const ip4_address_t * ip4)
+{
+ return (ip46->ip4.as_u32 == ip4->as_u32);
+}
+
+static_always_inline int
+ip46_address_is_equal_v6 (const ip46_address_t * ip46,
+ const ip6_address_t * ip6)
+{
+ return ((ip46->ip6.as_u64[0] == ip6->as_u64[0]) &&
+ (ip46->ip6.as_u64[1] == ip6->as_u64[1]));
+}
+
+static_always_inline void
+ip46_address_copy (ip46_address_t * dst, const ip46_address_t * src)
+{
+ dst->as_u64[0] = src->as_u64[0];
+ dst->as_u64[1] = src->as_u64[1];
+}
+
+static_always_inline void
+ip46_address_set_ip6 (ip46_address_t * dst, const ip6_address_t * src)
+{
+ dst->as_u64[0] = src->as_u64[0];
+ dst->as_u64[1] = src->as_u64[1];
+}
+
+always_inline ip46_address_t
+to_ip46 (u32 is_ipv6, u8 * buf)
+{
+ ip46_address_t ip;
+ if (is_ipv6)
+ ip.ip6 = *((ip6_address_t *) buf);
+ else
+ ip46_address_set_ip4 (&ip, (ip4_address_t *) buf);
+ return ip;
+}
+
+always_inline ip46_type_t
+ip46_address_get_type (const ip46_address_t * ip)
+{
+ return (ip46_address_is_ip4 (ip) ? IP46_TYPE_IP4 : IP46_TYPE_IP6);
+}
+
+always_inline uword
+ip46_address_is_multicast (const ip46_address_t * a)
+{
+ return ip46_address_is_ip4 (a) ? ip4_address_is_multicast (&a->ip4) :
+ ip6_address_is_multicast (&a->ip6);
+}
+
+extern void ip4_address_increment (ip4_address_t * i);
+extern void ip6_address_increment (ip6_address_t * i);
+extern void ip46_address_increment (ip46_type_t type, ip46_address_t * ip);
+
+#endif /* included_ip46_address_h */
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/ip/ip4_forward.c b/src/vnet/ip/ip4_forward.c
index bb036c8e969..aa554eab5fb 100644
--- a/src/vnet/ip/ip4_forward.c
+++ b/src/vnet/ip/ip4_forward.c
@@ -1930,349 +1930,6 @@ VLIB_CLI_COMMAND (show_ip_local, static) =
};
/* *INDENT-ON* */
-always_inline uword
-ip4_arp_inline (vlib_main_t * vm,
- vlib_node_runtime_t * node,
- vlib_frame_t * frame, int is_glean)
-{
- vnet_main_t *vnm = vnet_get_main ();
- ip4_main_t *im = &ip4_main;
- ip_lookup_main_t *lm = &im->lookup_main;
- u32 *from, *to_next_drop;
- uword n_left_from, n_left_to_next_drop, next_index;
- u32 thread_index = vm->thread_index;
- u64 seed;
-
- if (node->flags & VLIB_NODE_FLAG_TRACE)
- ip4_forward_next_trace (vm, node, frame, VLIB_TX);
-
- seed = throttle_seed (&im->arp_throttle, thread_index, vlib_time_now (vm));
-
- from = vlib_frame_vector_args (frame);
- n_left_from = frame->n_vectors;
- next_index = node->cached_next_index;
- if (next_index == IP4_ARP_NEXT_DROP)
- next_index = IP4_ARP_N_NEXT; /* point to first interface */
-
- while (n_left_from > 0)
- {
- vlib_get_next_frame (vm, node, IP4_ARP_NEXT_DROP,
- to_next_drop, n_left_to_next_drop);
-
- while (n_left_from > 0 && n_left_to_next_drop > 0)
- {
- u32 pi0, bi0, adj_index0, sw_if_index0;
- ip_adjacency_t *adj0;
- vlib_buffer_t *p0, *b0;
- ip4_address_t resolve0;
- ethernet_arp_header_t *h0;
- vnet_hw_interface_t *hw_if0;
- u64 r0;
-
- pi0 = from[0];
- p0 = vlib_get_buffer (vm, pi0);
-
- from += 1;
- n_left_from -= 1;
- to_next_drop[0] = pi0;
- to_next_drop += 1;
- n_left_to_next_drop -= 1;
-
- adj_index0 = vnet_buffer (p0)->ip.adj_index[VLIB_TX];
- adj0 = adj_get (adj_index0);
-
- if (is_glean)
- {
- /* resolve the packet's destination */
- ip4_header_t *ip0 = vlib_buffer_get_current (p0);
- resolve0 = ip0->dst_address;
- }
- else
- {
- /* resolve the incomplete adj */
- resolve0 = adj0->sub_type.nbr.next_hop.ip4;
- }
-
- /* combine the address and interface for the hash key */
- sw_if_index0 = adj0->rewrite_header.sw_if_index;
- r0 = (u64) resolve0.data_u32 << 32;
- r0 |= sw_if_index0;
-
- if (throttle_check (&im->arp_throttle, thread_index, r0, seed))
- {
- p0->error = node->errors[IP4_ARP_ERROR_THROTTLED];
- continue;
- }
-
- /*
- * the adj has been updated to a rewrite but the node the DPO that got
- * us here hasn't - yet. no big deal. we'll drop while we wait.
- */
- if (IP_LOOKUP_NEXT_REWRITE == adj0->lookup_next_index)
- {
- p0->error = node->errors[IP4_ARP_ERROR_RESOLVED];
- continue;
- }
-
- /*
- * Can happen if the control-plane is programming tables
- * with traffic flowing; at least that's today's lame excuse.
- */
- if ((is_glean && adj0->lookup_next_index != IP_LOOKUP_NEXT_GLEAN)
- || (!is_glean && adj0->lookup_next_index != IP_LOOKUP_NEXT_ARP))
- {
- p0->error = node->errors[IP4_ARP_ERROR_NON_ARP_ADJ];
- continue;
- }
- /* Send ARP request. */
- h0 =
- vlib_packet_template_get_packet (vm,
- &im->ip4_arp_request_packet_template,
- &bi0);
- /* Seems we're out of buffers */
- if (PREDICT_FALSE (!h0))
- {
- p0->error = node->errors[IP4_ARP_ERROR_NO_BUFFERS];
- continue;
- }
-
- b0 = vlib_get_buffer (vm, bi0);
-
- /* copy the persistent fields from the original */
- clib_memcpy_fast (b0->opaque2, p0->opaque2, sizeof (p0->opaque2));
-
- /* Add rewrite/encap string for ARP packet. */
- vnet_rewrite_one_header (adj0[0], h0, sizeof (ethernet_header_t));
-
- hw_if0 = vnet_get_sup_hw_interface (vnm, sw_if_index0);
-
- /* Src ethernet address in ARP header. */
- mac_address_from_bytes (&h0->ip4_over_ethernet[0].mac,
- hw_if0->hw_address);
- if (is_glean)
- {
- /* The interface's source address is stashed in the Glean Adj */
- h0->ip4_over_ethernet[0].ip4 =
- adj0->sub_type.glean.receive_addr.ip4;
- }
- else
- {
- /* Src IP address in ARP header. */
- if (ip4_src_address_for_packet (lm, sw_if_index0,
- &h0->ip4_over_ethernet[0].ip4))
- {
- /* No source address available */
- p0->error = node->errors[IP4_ARP_ERROR_NO_SOURCE_ADDRESS];
- vlib_buffer_free (vm, &bi0, 1);
- continue;
- }
- }
- h0->ip4_over_ethernet[1].ip4 = resolve0;
-
- p0->error = node->errors[IP4_ARP_ERROR_REQUEST_SENT];
-
- vlib_buffer_copy_trace_flag (vm, p0, bi0);
- VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b0);
- vnet_buffer (b0)->sw_if_index[VLIB_TX] = sw_if_index0;
-
- vlib_buffer_advance (b0, -adj0->rewrite_header.data_bytes);
-
- vlib_set_next_frame_buffer (vm, node,
- adj0->rewrite_header.next_index, bi0);
- }
-
- vlib_put_next_frame (vm, node, IP4_ARP_NEXT_DROP, n_left_to_next_drop);
- }
-
- return frame->n_vectors;
-}
-
-VLIB_NODE_FN (ip4_arp_node) (vlib_main_t * vm, vlib_node_runtime_t * node,
- vlib_frame_t * frame)
-{
- return (ip4_arp_inline (vm, node, frame, 0));
-}
-
-VLIB_NODE_FN (ip4_glean_node) (vlib_main_t * vm, vlib_node_runtime_t * node,
- vlib_frame_t * frame)
-{
- return (ip4_arp_inline (vm, node, frame, 1));
-}
-
-static char *ip4_arp_error_strings[] = {
- [IP4_ARP_ERROR_THROTTLED] = "ARP requests throttled",
- [IP4_ARP_ERROR_RESOLVED] = "ARP requests resolved",
- [IP4_ARP_ERROR_NO_BUFFERS] = "ARP requests out of buffer",
- [IP4_ARP_ERROR_REQUEST_SENT] = "ARP requests sent",
- [IP4_ARP_ERROR_NON_ARP_ADJ] = "ARPs to non-ARP adjacencies",
- [IP4_ARP_ERROR_NO_SOURCE_ADDRESS] = "no source address for ARP request",
-};
-
-/* *INDENT-OFF* */
-VLIB_REGISTER_NODE (ip4_arp_node) =
-{
- .name = "ip4-arp",
- .vector_size = sizeof (u32),
- .format_trace = format_ip4_forward_next_trace,
- .n_errors = ARRAY_LEN (ip4_arp_error_strings),
- .error_strings = ip4_arp_error_strings,
- .n_next_nodes = IP4_ARP_N_NEXT,
- .next_nodes =
- {
- [IP4_ARP_NEXT_DROP] = "error-drop",
- },
-};
-
-VLIB_REGISTER_NODE (ip4_glean_node) =
-{
- .name = "ip4-glean",
- .vector_size = sizeof (u32),
- .format_trace = format_ip4_forward_next_trace,
- .n_errors = ARRAY_LEN (ip4_arp_error_strings),
- .error_strings = ip4_arp_error_strings,
- .n_next_nodes = IP4_ARP_N_NEXT,
- .next_nodes = {
- [IP4_ARP_NEXT_DROP] = "error-drop",
- },
-};
-/* *INDENT-ON* */
-
-#define foreach_notrace_ip4_arp_error \
-_(THROTTLED) \
-_(RESOLVED) \
-_(NO_BUFFERS) \
-_(REQUEST_SENT) \
-_(NON_ARP_ADJ) \
-_(NO_SOURCE_ADDRESS)
-
-static clib_error_t *
-arp_notrace_init (vlib_main_t * vm)
-{
- vlib_node_runtime_t *rt = vlib_node_get_runtime (vm, ip4_arp_node.index);
-
- /* don't trace ARP request packets */
-#define _(a) \
- vnet_pcap_drop_trace_filter_add_del \
- (rt->errors[IP4_ARP_ERROR_##a], \
- 1 /* is_add */);
- foreach_notrace_ip4_arp_error;
-#undef _
- return 0;
-}
-
-VLIB_INIT_FUNCTION (arp_notrace_init);
-
-
-#ifndef CLIB_MARCH_VARIANT
-/* Send an ARP request to see if given destination is reachable on given interface. */
-clib_error_t *
-ip4_probe_neighbor (vlib_main_t * vm, ip4_address_t * dst, u32 sw_if_index,
- u8 refresh)
-{
- vnet_main_t *vnm = vnet_get_main ();
- ip4_main_t *im = &ip4_main;
- ethernet_arp_header_t *h;
- ip4_address_t *src;
- ip_interface_address_t *ia;
- ip_adjacency_t *adj;
- vnet_hw_interface_t *hi;
- vnet_sw_interface_t *si;
- vlib_buffer_t *b;
- adj_index_t ai;
- u32 bi = 0;
- u8 unicast_rewrite = 0;
-
- si = vnet_get_sw_interface (vnm, sw_if_index);
-
- if (!(si->flags & VNET_SW_INTERFACE_FLAG_ADMIN_UP))
- {
- return clib_error_return (0, "%U: interface %U down",
- format_ip4_address, dst,
- format_vnet_sw_if_index_name, vnm,
- sw_if_index);
- }
-
- src =
- ip4_interface_address_matching_destination (im, dst, sw_if_index, &ia);
- if (!src)
- {
- vnm->api_errno = VNET_API_ERROR_NO_MATCHING_INTERFACE;
- return clib_error_return
- (0,
- "no matching interface address for destination %U (interface %U)",
- format_ip4_address, dst, format_vnet_sw_if_index_name, vnm,
- sw_if_index);
- }
-
- h = vlib_packet_template_get_packet (vm,
- &im->ip4_arp_request_packet_template,
- &bi);
-
- if (!h)
- return clib_error_return (0, "ARP request packet allocation failed");
-
- hi = vnet_get_sup_hw_interface (vnm, sw_if_index);
- if (PREDICT_FALSE (!hi->hw_address))
- {
- return clib_error_return (0, "%U: interface %U do not support ip probe",
- format_ip4_address, dst,
- format_vnet_sw_if_index_name, vnm,
- sw_if_index);
- }
-
- mac_address_from_bytes (&h->ip4_over_ethernet[0].mac, hi->hw_address);
-
- h->ip4_over_ethernet[0].ip4 = src[0];
- h->ip4_over_ethernet[1].ip4 = dst[0];
-
- b = vlib_get_buffer (vm, bi);
- vnet_buffer (b)->sw_if_index[VLIB_RX] =
- vnet_buffer (b)->sw_if_index[VLIB_TX] = sw_if_index;
-
- ip46_address_t nh = {
- .ip4 = *dst,
- };
-
- ai = adj_nbr_add_or_lock (FIB_PROTOCOL_IP4,
- VNET_LINK_IP4, &nh, sw_if_index);
- adj = adj_get (ai);
-
- /* Peer has been previously resolved, retrieve glean adj instead */
- if (adj->lookup_next_index == IP_LOOKUP_NEXT_REWRITE)
- {
- if (refresh)
- unicast_rewrite = 1;
- else
- {
- adj_unlock (ai);
- ai = adj_glean_add_or_lock (FIB_PROTOCOL_IP4,
- VNET_LINK_IP4, sw_if_index, &nh);
- adj = adj_get (ai);
- }
- }
-
- /* Add encapsulation string for software interface (e.g. ethernet header). */
- vnet_rewrite_one_header (adj[0], h, sizeof (ethernet_header_t));
- if (unicast_rewrite)
- {
- u16 *etype = vlib_buffer_get_current (b) - 2;
- etype[0] = clib_host_to_net_u16 (ETHERNET_TYPE_ARP);
- }
- vlib_buffer_advance (b, -adj->rewrite_header.data_bytes);
-
- {
- vlib_frame_t *f = vlib_get_frame_to_node (vm, hi->output_node_index);
- u32 *to_next = vlib_frame_vector_args (f);
- to_next[0] = bi;
- f->n_vectors = 1;
- vlib_put_frame_to_node (vm, hi->output_node_index, f);
- }
-
- adj_unlock (ai);
- return /* no error */ 0;
-}
-#endif
-
typedef enum
{
IP4_REWRITE_NEXT_DROP,
diff --git a/src/vnet/ip/ip6.h b/src/vnet/ip/ip6.h
index 28b1af749f6..575c6a0eec5 100644
--- a/src/vnet/ip/ip6.h
+++ b/src/vnet/ip/ip6.h
@@ -44,6 +44,7 @@
#include <vnet/ethernet/packet.h>
#include <vnet/ethernet/mac_address.h>
#include <vnet/ip/ip6_packet.h>
+#include <vnet/ip/ip46_address.h>
#include <vnet/ip/ip6_hop_by_hop_packet.h>
#include <vnet/ip/lookup.h>
#include <stdbool.h>
@@ -217,9 +218,6 @@ typedef struct ip6_main_t
/** Functions to call when interface to table biding changes. */
ip6_table_bind_callback_t *table_bind_callbacks;
- /* Template used to generate IP6 neighbor solicitation packets. */
- vlib_packet_template_t discover_neighbor_packet_template;
-
/* ip6 lookup table config parameters */
u32 lookup_table_nbuckets;
uword lookup_table_size;
@@ -302,42 +300,10 @@ ip6_unaligned_destination_matches_route (ip6_main_t * im,
return 1;
}
-extern int ip6_get_ll_address (u32 sw_if_index, ip6_address_t * addr);
-
-always_inline int
-ip6_src_address_for_packet (ip_lookup_main_t * lm,
- u32 sw_if_index,
- const ip6_address_t * dst, ip6_address_t * src)
-{
- if (ip6_address_is_link_local_unicast (dst))
- {
- return ip6_get_ll_address (sw_if_index, src);
- }
- else
- {
- u32 if_add_index =
- lm->if_address_pool_index_by_sw_if_index[sw_if_index];
- if (PREDICT_TRUE (if_add_index != ~0))
- {
- ip_interface_address_t *if_add =
- pool_elt_at_index (lm->if_address_pool, if_add_index);
- ip6_address_t *if_ip =
- ip_interface_address_get_address (lm, if_add);
- *src = *if_ip;
- return (!0);
- }
- }
-
- src->as_u64[0] = 0;
- src->as_u64[1] = 0;
-
- return (0);
-}
-
/* Find interface address which matches destination. */
always_inline ip6_address_t *
ip6_interface_address_matching_destination (ip6_main_t * im,
- ip6_address_t * dst,
+ const ip6_address_t * dst,
u32 sw_if_index,
ip_interface_address_t **
result_ia)
@@ -376,9 +342,6 @@ ip6_address_t *ip6_interface_first_address (ip6_main_t * im, u32 sw_if_index);
int ip6_address_compare (ip6_address_t * a1, ip6_address_t * a2);
-clib_error_t *ip6_probe_neighbor (vlib_main_t * vm, ip6_address_t * dst,
- u32 sw_if_index, u8 refresh);
-
uword
ip6_udp_register_listener (vlib_main_t * vm,
u16 dst_port, u32 next_node_index);
@@ -393,74 +356,9 @@ void ip6_local_hop_by_hop_register_protocol (u32 protocol, u32 node_index);
serialize_function_t serialize_vnet_ip6_main, unserialize_vnet_ip6_main;
-void ip6_ethernet_update_adjacency (vnet_main_t * vnm,
- u32 sw_if_index, u32 ai);
-
-always_inline void
-ip6_link_local_address_from_ethernet_mac_address (ip6_address_t * ip,
- u8 * mac)
-{
- ip->as_u64[0] = clib_host_to_net_u64 (0xFE80000000000000ULL);
- /* Invert the "u" bit */
- ip->as_u8[8] = mac[0] ^ (1 << 1);
- ip->as_u8[9] = mac[1];
- ip->as_u8[10] = mac[2];
- ip->as_u8[11] = 0xFF;
- ip->as_u8[12] = 0xFE;
- ip->as_u8[13] = mac[3];
- ip->as_u8[14] = mac[4];
- ip->as_u8[15] = mac[5];
-}
-
-always_inline void
-ip6_ethernet_mac_address_from_link_local_address (u8 * mac,
- ip6_address_t * ip)
-{
- /* Invert the previously inverted "u" bit */
- mac[0] = ip->as_u8[8] ^ (1 << 1);
- mac[1] = ip->as_u8[9];
- mac[2] = ip->as_u8[10];
- mac[3] = ip->as_u8[13];
- mac[4] = ip->as_u8[14];
- mac[5] = ip->as_u8[15];
-}
-
int vnet_set_ip6_flow_hash (u32 table_id,
flow_hash_config_t flow_hash_config);
-clib_error_t *enable_ip6_interface (vlib_main_t * vm, u32 sw_if_index);
-
-clib_error_t *disable_ip6_interface (vlib_main_t * vm, u32 sw_if_index);
-
-int ip6_interface_enabled (vlib_main_t * vm, u32 sw_if_index);
-
-clib_error_t *set_ip6_link_local_address (vlib_main_t * vm,
- u32 sw_if_index,
- ip6_address_t * address);
-
-typedef int (*ip6_nd_change_event_cb_t) (u32 pool_index,
- const mac_address_t * new_mac,
- u32 sw_if_index,
- const ip6_address_t * address);
-
-int vnet_add_del_ip6_nd_change_event (vnet_main_t * vnm,
- ip6_nd_change_event_cb_t data_callback,
- u32 pid,
- void *address_arg,
- uword node_index,
- uword type_opaque,
- uword data, int is_add);
-
-int vnet_ip6_nd_term (vlib_main_t * vm,
- vlib_node_runtime_t * node,
- vlib_buffer_t * p0,
- ethernet_header_t * eth,
- ip6_header_t * ip, u32 sw_if_index, u16 bd_index);
-
-void send_ip6_na (vlib_main_t * vm, u32 sw_if_index);
-void send_ip6_na_w_addr (vlib_main_t * vm,
- const ip6_address_t * addr, u32 sw_if_index);
-
u8 *format_ip6_forward_next_trace (u8 * s, va_list * args);
u32 ip6_tcp_udp_icmp_validate_checksum (vlib_main_t * vm, vlib_buffer_t * p0);
diff --git a/src/vnet/ip/ip6_forward.c b/src/vnet/ip/ip6_forward.c
index 128204f2c2e..4cb7608d0b4 100644
--- a/src/vnet/ip/ip6_forward.c
+++ b/src/vnet/ip/ip6_forward.c
@@ -40,7 +40,7 @@
#include <vnet/vnet.h>
#include <vnet/ip/ip.h>
#include <vnet/ip/ip_frag.h>
-#include <vnet/ip/ip6_neighbor.h>
+#include <vnet/ip/ip6_link.h>
#include <vnet/ethernet/ethernet.h> /* for ethernet_header_t */
#include <vnet/srp/srp.h> /* for srp_hw_interface_class */
#include <vppinfra/cache.h>
@@ -297,7 +297,7 @@ ip6_add_del_interface_address (vlib_main_t * vm,
clib_error_t *error;
u32 if_address_index;
ip6_address_fib_t ip6_af, *addr_fib = 0;
- ip6_address_t ll_addr;
+ const ip6_address_t *ll_addr;
/* local0 interface doesn't support IP addressing */
if (sw_if_index == 0)
@@ -317,13 +317,20 @@ ip6_add_del_interface_address (vlib_main_t * vm,
}
if (!is_del)
{
- return ip6_neighbor_set_link_local_address (vm, sw_if_index,
- address);
+ int rv;
+
+ rv = ip6_set_link_local_address (sw_if_index, address);
+
+ if (rv)
+ {
+ vnm->api_errno = rv;
+ return clib_error_create ("address not assignable");
+ }
}
else
{
- ll_addr = ip6_neighbor_get_link_local_address (sw_if_index);
- if (ip6_address_is_equal (&ll_addr, address))
+ ll_addr = ip6_get_link_local_address (sw_if_index);
+ if (ip6_address_is_equal (ll_addr, address))
{
vnm->api_errno = VNET_API_ERROR_ADDRESS_NOT_DELETABLE;
return clib_error_create ("address not deletable");
@@ -408,6 +415,8 @@ ip6_add_del_interface_address (vlib_main_t * vm,
}
ip6_sw_interface_enable_disable (sw_if_index, !is_del);
+ if (!is_del)
+ ip6_link_enable (sw_if_index);
/* intf addr routes are added/deleted on admin up/down */
if (vnet_sw_interface_is_admin_up (vnm, sw_if_index))
@@ -428,6 +437,8 @@ ip6_add_del_interface_address (vlib_main_t * vm,
cb->function (im, cb->function_opaque, sw_if_index,
address, address_length, if_address_index, is_del);
}
+ if (is_del)
+ ip6_link_disable (sw_if_index);
done:
vec_free (addr_fib);
@@ -620,7 +631,6 @@ ip6_sw_interface_add_del (vnet_main_t * vnm, u32 sw_if_index, u32 is_add)
ip6_address_t *address;
vlib_main_t *vm = vlib_get_main ();
- ip6_neighbor_sw_interface_add_del (vnm, sw_if_index, 0 /* is_add */ );
vnet_sw_interface_update_unnumbered (sw_if_index, ~0, 0);
/* *INDENT-OFF* */
foreach_ip_interface_address (lm6, ia, sw_if_index, 0,
@@ -1564,9 +1574,7 @@ VNET_FEATURE_INIT (ip6_local_end_of_arc, static) = {
#ifdef CLIB_MARCH_VARIANT
extern vlib_node_registration_t ip6_local_node;
-
#else
-
void
ip6_register_protocol (u32 protocol, u32 node_index)
{
@@ -1588,114 +1596,6 @@ ip6_unregister_protocol (u32 protocol)
ASSERT (protocol < ARRAY_LEN (lm->local_next_by_ip_protocol));
lm->local_next_by_ip_protocol[protocol] = IP_LOCAL_NEXT_PUNT;
}
-
-clib_error_t *
-ip6_probe_neighbor (vlib_main_t * vm, ip6_address_t * dst, u32 sw_if_index,
- u8 refresh)
-{
- vnet_main_t *vnm = vnet_get_main ();
- ip6_main_t *im = &ip6_main;
- icmp6_neighbor_solicitation_header_t *h;
- ip6_address_t *src;
- ip_interface_address_t *ia;
- ip_adjacency_t *adj;
- vnet_hw_interface_t *hi;
- vnet_sw_interface_t *si;
- vlib_buffer_t *b;
- adj_index_t ai;
- u32 bi = 0;
- int bogus_length;
-
- si = vnet_get_sw_interface (vnm, sw_if_index);
-
- if (!(si->flags & VNET_SW_INTERFACE_FLAG_ADMIN_UP))
- {
- return clib_error_return (0, "%U: interface %U down",
- format_ip6_address, dst,
- format_vnet_sw_if_index_name, vnm,
- sw_if_index);
- }
-
- src =
- ip6_interface_address_matching_destination (im, dst, sw_if_index, &ia);
- if (!src)
- {
- vnm->api_errno = VNET_API_ERROR_NO_MATCHING_INTERFACE;
- return clib_error_return
- (0, "no matching interface address for destination %U (interface %U)",
- format_ip6_address, dst,
- format_vnet_sw_if_index_name, vnm, sw_if_index);
- }
-
- h =
- vlib_packet_template_get_packet (vm,
- &im->discover_neighbor_packet_template,
- &bi);
- if (!h)
- return clib_error_return (0, "ICMP6 NS packet allocation failed");
-
- hi = vnet_get_sup_hw_interface (vnm, sw_if_index);
-
- /* Destination address is a solicited node multicast address. We need to fill in
- the low 24 bits with low 24 bits of target's address. */
- h->ip.dst_address.as_u8[13] = dst->as_u8[13];
- h->ip.dst_address.as_u8[14] = dst->as_u8[14];
- h->ip.dst_address.as_u8[15] = dst->as_u8[15];
-
- h->ip.src_address = src[0];
- h->neighbor.target_address = dst[0];
-
- if (PREDICT_FALSE (!hi->hw_address))
- {
- return clib_error_return (0, "%U: interface %U do not support ip probe",
- format_ip6_address, dst,
- format_vnet_sw_if_index_name, vnm,
- sw_if_index);
- }
-
- clib_memcpy_fast (h->link_layer_option.ethernet_address, hi->hw_address,
- vec_len (hi->hw_address));
-
- h->neighbor.icmp.checksum =
- ip6_tcp_udp_icmp_compute_checksum (vm, 0, &h->ip, &bogus_length);
- ASSERT (bogus_length == 0);
-
- b = vlib_get_buffer (vm, bi);
- vnet_buffer (b)->sw_if_index[VLIB_RX] =
- vnet_buffer (b)->sw_if_index[VLIB_TX] = sw_if_index;
-
- /* Add encapsulation string for software interface (e.g. ethernet header). */
- ip46_address_t nh = {
- .ip6 = *dst,
- };
-
- ai = adj_nbr_add_or_lock (FIB_PROTOCOL_IP6,
- VNET_LINK_IP6, &nh, sw_if_index);
- adj = adj_get (ai);
-
- /* Peer has been previously resolved, retrieve glean adj instead */
- if (adj->lookup_next_index == IP_LOOKUP_NEXT_REWRITE && refresh == 0)
- {
- adj_unlock (ai);
- ai = adj_glean_add_or_lock (FIB_PROTOCOL_IP6,
- VNET_LINK_IP6, sw_if_index, &nh);
- adj = adj_get (ai);
- }
-
- vnet_rewrite_one_header (adj[0], h, sizeof (ethernet_header_t));
- vlib_buffer_advance (b, -adj->rewrite_header.data_bytes);
-
- {
- vlib_frame_t *f = vlib_get_frame_to_node (vm, hi->output_node_index);
- u32 *to_next = vlib_frame_vector_args (f);
- to_next[0] = bi;
- f->n_vectors = 1;
- vlib_put_frame_to_node (vm, hi->output_node_index, f);
- }
-
- adj_unlock (ai);
- return /* no error */ 0;
-}
#endif
typedef enum
@@ -2852,79 +2752,11 @@ ip6_lookup_init (vlib_main_t * vm)
/* Unless explicitly configured, don't process HBH options */
im->hbh_enabled = 0;
- {
- icmp6_neighbor_solicitation_header_t p;
-
- clib_memset (&p, 0, sizeof (p));
-
- p.ip.ip_version_traffic_class_and_flow_label =
- clib_host_to_net_u32 (0x6 << 28);
- p.ip.payload_length =
- clib_host_to_net_u16 (sizeof (p) -
- STRUCT_OFFSET_OF
- (icmp6_neighbor_solicitation_header_t, neighbor));
- p.ip.protocol = IP_PROTOCOL_ICMP6;
- p.ip.hop_limit = 255;
- ip6_set_solicited_node_multicast_address (&p.ip.dst_address, 0);
-
- p.neighbor.icmp.type = ICMP6_neighbor_solicitation;
-
- p.link_layer_option.header.type =
- ICMP6_NEIGHBOR_DISCOVERY_OPTION_source_link_layer_address;
- p.link_layer_option.header.n_data_u64s =
- sizeof (p.link_layer_option) / sizeof (u64);
-
- vlib_packet_template_init (vm,
- &im->discover_neighbor_packet_template,
- &p, sizeof (p),
- /* alloc chunk size */ 8,
- "ip6 neighbor discovery");
- }
-
return error;
}
VLIB_INIT_FUNCTION (ip6_lookup_init);
-static clib_error_t *
-test_ip6_link_command_fn (vlib_main_t * vm,
- unformat_input_t * input, vlib_cli_command_t * cmd)
-{
- u8 mac[6];
- ip6_address_t _a, *a = &_a;
-
- if (unformat (input, "%U", unformat_ethernet_address, mac))
- {
- ip6_link_local_address_from_ethernet_mac_address (a, mac);
- vlib_cli_output (vm, "Link local address: %U", format_ip6_address, a);
- ip6_ethernet_mac_address_from_link_local_address (mac, a);
- vlib_cli_output (vm, "Original MAC address: %U",
- format_ethernet_address, mac);
- }
-
- return 0;
-}
-
-/*?
- * This command converts the given MAC Address into an IPv6 link-local
- * address.
- *
- * @cliexpar
- * Example of how to create an IPv6 link-local address:
- * @cliexstart{test ip6 link 16:d9:e0:91:79:86}
- * Link local address: fe80::14d9:e0ff:fe91:7986
- * Original MAC address: 16:d9:e0:91:79:86
- * @cliexend
-?*/
-/* *INDENT-OFF* */
-VLIB_CLI_COMMAND (test_link_command, static) =
-{
- .path = "test ip6 link",
- .function = test_ip6_link_command_fn,
- .short_help = "test ip6 link <mac-address>",
-};
-/* *INDENT-ON* */
-
#ifndef CLIB_MARCH_VARIANT
int
vnet_set_ip6_flow_hash (u32 table_id, u32 flow_hash_config)
diff --git a/src/vnet/ip/ip6_link.c b/src/vnet/ip/ip6_link.c
new file mode 100644
index 00000000000..b73fbe2125f
--- /dev/null
+++ b/src/vnet/ip/ip6_link.c
@@ -0,0 +1,873 @@
+/*
+ * Copyright (c) 2019 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <vnet/ip/ip6_link.h>
+#include <vnet/ip/ip6_ll_table.h>
+
+#include <vnet/ethernet/ethernet.h>
+#include <vnet/mfib/ip6_mfib.h>
+#include <vnet/adj/adj_mcast.h>
+
+typedef struct ip6_link_delegate_t_
+{
+ u32 ild_sw_if_index;
+ ip6_link_delegate_id_t ild_type;
+ index_t ild_index;
+} ip6_link_delegate_t;
+
+const static ip6_link_delegate_t ip6_link_delegate_uninit = {
+ .ild_sw_if_index = ~0,
+};
+
+typedef struct ip6_link_t_
+{
+ /** interface ip6 is enabled on */
+ u32 il_sw_if_index;
+
+ /** link-local address - if unset that IP6 is disabled*/
+ ip6_address_t il_ll_addr;
+
+ /** list of delegates */
+ ip6_link_delegate_t *il_delegates;
+
+ /** multicast adjacency for this link */
+ adj_index_t il_mcast_adj;
+
+ /** number of references to IP6 enabled on this link */
+ u32 il_locks;
+} ip6_link_t;
+
+#define FOREACH_IP6_LINK_DELEGATE(_ild, _il, body) \
+{ \
+ if (NULL != _il) { \
+ vec_foreach (_ild, _il->il_delegates) { \
+ if (ip6_link_delegate_is_init(_ild)) \
+ body; \
+ } \
+ } \
+}
+
+#define FOREACH_IP6_LINK_DELEGATE_ID(_id) \
+ for (_id = 0; _id < il_delegate_id; _id++)
+
+/** last used delegate ID */
+static ip6_link_delegate_id_t il_delegate_id;
+
+/** VFT registered per-delegate type */
+static ip6_link_delegate_vft_t *il_delegate_vfts;
+
+/** Per interface configs */
+static ip6_link_t *ip6_links;
+
+/** Randomizer */
+static u64 il_randomizer;
+
+/** Logging */
+static vlib_log_class_t ip6_link_logger;
+
+#define IP6_LINK_DBG(...) \
+ vlib_log_debug (ip6_link_logger, __VA_ARGS__);
+
+#define IP6_LINK_INFO(...) \
+ vlib_log_notice (ip6_link_logger, __VA_ARGS__);
+
+static bool
+ip6_link_delegate_is_init (const ip6_link_delegate_t * ild)
+{
+ return (~0 != ild->ild_sw_if_index);
+}
+
+static bool
+ip6_link_is_enabled_i (const ip6_link_t * il)
+{
+ return (!ip6_address_is_zero (&il->il_ll_addr));
+}
+
+static void
+ip6_link_local_address_from_mac (ip6_address_t * ip, const u8 * mac)
+{
+ ip->as_u64[0] = clib_host_to_net_u64 (0xFE80000000000000ULL);
+ /* Invert the "u" bit */
+ ip->as_u8[8] = mac[0] ^ (1 << 1);
+ ip->as_u8[9] = mac[1];
+ ip->as_u8[10] = mac[2];
+ ip->as_u8[11] = 0xFF;
+ ip->as_u8[12] = 0xFE;
+ ip->as_u8[13] = mac[3];
+ ip->as_u8[14] = mac[4];
+ ip->as_u8[15] = mac[5];
+}
+
+static void
+ip6_mac_address_from_link_local (u8 * mac, const ip6_address_t * ip)
+{
+ /* Invert the previously inverted "u" bit */
+ mac[0] = ip->as_u8[8] ^ (1 << 1);
+ mac[1] = ip->as_u8[9];
+ mac[2] = ip->as_u8[10];
+ mac[3] = ip->as_u8[13];
+ mac[4] = ip->as_u8[14];
+ mac[5] = ip->as_u8[15];
+}
+
+static ip6_link_t *
+ip6_link_get (u32 sw_if_index)
+{
+ ip6_link_t *il;
+
+ if (sw_if_index >= vec_len (ip6_links))
+ return (NULL);
+
+ il = &ip6_links[sw_if_index];
+
+ if (!ip6_link_is_enabled_i (il))
+ return (NULL);
+
+ return (il);
+}
+
+bool
+ip6_link_is_enabled (u32 sw_if_index)
+{
+ return (NULL != ip6_link_get (sw_if_index));
+}
+
+
+int
+ip6_link_enable (u32 sw_if_index)
+{
+ ip6_link_t *il;
+ int rv;
+
+ il = ip6_link_get (sw_if_index);
+
+ if (NULL == il)
+ {
+ const vnet_sw_interface_t *sw, *sw_sup;
+ const ethernet_interface_t *eth;
+ vnet_main_t *vnm;
+
+ vnm = vnet_get_main ();
+
+ IP6_LINK_INFO ("enable: %U",
+ format_vnet_sw_if_index_name, vnm, sw_if_index);
+
+ sw_sup = vnet_get_sup_sw_interface (vnm, sw_if_index);
+ if (sw_sup->type != VNET_SW_INTERFACE_TYPE_HARDWARE)
+ {
+ rv = VNET_API_ERROR_UNSUPPORTED;
+ goto out;
+ }
+
+ eth = ethernet_get_interface (&ethernet_main, sw_sup->hw_if_index);
+
+ if (NULL == eth)
+ {
+ rv = VNET_API_ERROR_UNSUPPORTED;
+ goto out;
+ }
+
+ vec_validate (ip6_links, sw_if_index);
+
+ il = &ip6_links[sw_if_index];
+ il->il_locks = 1;
+ il->il_sw_if_index = sw_if_index;
+
+ sw = vnet_get_sup_sw_interface (vnm, sw_if_index);
+
+ if (sw->type == VNET_SW_INTERFACE_TYPE_SUB ||
+ sw->type == VNET_SW_INTERFACE_TYPE_PIPE ||
+ sw->type == VNET_SW_INTERFACE_TYPE_P2P)
+ {
+ il->il_ll_addr.as_u64[0] =
+ clib_host_to_net_u64 (0xFE80000000000000ULL);
+
+ /* make up an interface id */
+ il->il_ll_addr.as_u64[1] = random_u64 (&il_randomizer);
+
+ /* clear u bit */
+ il->il_ll_addr.as_u8[8] &= 0xfd;
+ }
+ else
+ {
+ ip6_link_local_address_from_mac (&il->il_ll_addr, eth->address);
+ }
+
+ {
+ ip6_ll_prefix_t ilp = {
+ .ilp_addr = il->il_ll_addr,
+ .ilp_sw_if_index = sw_if_index,
+ };
+
+ ip6_ll_table_entry_update (&ilp, FIB_ROUTE_PATH_LOCAL);
+ }
+
+ /* essentially "enables" ipv6 on this interface */
+ ip6_mfib_interface_enable_disable (sw_if_index, 1);
+ ip6_sw_interface_enable_disable (sw_if_index, 1);
+
+ il->il_mcast_adj = adj_mcast_add_or_lock (FIB_PROTOCOL_IP6,
+ VNET_LINK_IP6, sw_if_index);
+
+ /* inform all register clients */
+ ip6_link_delegate_id_t id;
+ FOREACH_IP6_LINK_DELEGATE_ID (id)
+ {
+ if (NULL != il_delegate_vfts[id].ildv_enable)
+ il_delegate_vfts[id].ildv_enable (il->il_sw_if_index);
+ }
+
+ rv = 0;
+ }
+ else
+ {
+ rv = VNET_API_ERROR_VALUE_EXIST;
+ }
+
+out:
+ return (rv);
+}
+
+static void
+ip6_link_delegate_flush (ip6_link_t * il)
+{
+ ip6_link_delegate_t *ild;
+
+ /* *INDET-OFF* */
+ FOREACH_IP6_LINK_DELEGATE (ild, il, (
+ {
+ il_delegate_vfts[ild->
+ ild_type].ildv_disable
+ (ild->ild_index);
+ }));
+ /* *INDET-ON* */
+
+ vec_free (il->il_delegates);
+ il->il_delegates = NULL;
+}
+
+static void
+ip6_link_last_lock_gone (ip6_link_t * il)
+{
+ ip6_ll_prefix_t ilp = {
+ .ilp_addr = il->il_ll_addr,
+ .ilp_sw_if_index = il->il_sw_if_index,
+ };
+
+ IP6_LINK_INFO ("last-lock: %U",
+ format_vnet_sw_if_index_name,
+ vnet_get_main (), il->il_sw_if_index);
+
+ ip6_link_delegate_flush (il);
+ ip6_ll_table_entry_delete (&ilp);
+
+ ip6_mfib_interface_enable_disable (il->il_sw_if_index, 0);
+ ip6_sw_interface_enable_disable (il->il_sw_if_index, 0);
+
+ ip6_address_set_zero (&il->il_ll_addr);
+ adj_unlock (il->il_mcast_adj);
+ il->il_mcast_adj = ADJ_INDEX_INVALID;
+}
+
+static void
+ip6_link_unlock (ip6_link_t * il)
+{
+ if (NULL == il)
+ return;
+
+ il->il_locks--;
+
+ if (0 == il->il_locks)
+ ip6_link_last_lock_gone (il);
+}
+
+int
+ip6_link_disable (u32 sw_if_index)
+{
+ ip6_link_t *il;
+
+ il = ip6_link_get (sw_if_index);
+
+ if (NULL == il)
+ return (VNET_API_ERROR_IP6_NOT_ENABLED);
+
+ IP6_LINK_INFO ("disable: %U",
+ format_vnet_sw_if_index_name, vnet_get_main (), sw_if_index);
+
+ ip6_link_unlock (il);
+
+ return (0);
+}
+
+const ip6_address_t *
+ip6_get_link_local_address (u32 sw_if_index)
+{
+ const ip6_link_t *il;
+
+ vec_validate (ip6_links, sw_if_index);
+
+ il = &ip6_links[sw_if_index];
+
+ return (&il->il_ll_addr);
+}
+
+adj_index_t
+ip6_link_get_mcast_adj (u32 sw_if_index)
+{
+ const ip6_link_t *il;
+
+ il = &ip6_links[sw_if_index];
+
+ return (il->il_mcast_adj);
+}
+
+int
+ip6_src_address_for_packet (u32 sw_if_index,
+ const ip6_address_t * dst, ip6_address_t * src)
+{
+ ip_lookup_main_t *lm;
+
+ lm = &ip6_main.lookup_main;
+
+ if (ip6_address_is_link_local_unicast (dst))
+ {
+ ip6_address_copy (src, ip6_get_link_local_address (sw_if_index));
+
+ return (!0);
+ }
+ else
+ {
+ u32 if_add_index =
+ lm->if_address_pool_index_by_sw_if_index[sw_if_index];
+ if (PREDICT_TRUE (if_add_index != ~0))
+ {
+ ip_interface_address_t *if_add =
+ pool_elt_at_index (lm->if_address_pool, if_add_index);
+ ip6_address_t *if_ip =
+ ip_interface_address_get_address (lm, if_add);
+ *src = *if_ip;
+ return (!0);
+ }
+ }
+
+ src->as_u64[0] = 0;
+ src->as_u64[1] = 0;
+
+ return (0);
+}
+
+int
+ip6_set_link_local_address (u32 sw_if_index, const ip6_address_t * address)
+{
+ ip6_link_delegate_t *ild;
+ ip6_link_t *il;
+
+ il = ip6_link_get (sw_if_index);
+
+ if (NULL == il)
+ return (VNET_API_ERROR_IP6_NOT_ENABLED);
+
+ ip6_ll_prefix_t ilp = {
+ .ilp_addr = il->il_ll_addr,
+ .ilp_sw_if_index = sw_if_index,
+ };
+
+ IP6_LINK_INFO ("set-ll: %U -> %U",
+ format_vnet_sw_if_index_name, vnet_get_main (), sw_if_index,
+ format_ip6_address, address);
+
+ ip6_ll_table_entry_delete (&ilp);
+ ip6_address_copy (&il->il_ll_addr, address);
+ ip6_address_copy (&ilp.ilp_addr, address);
+ ip6_ll_table_entry_update (&ilp, FIB_ROUTE_PATH_LOCAL);
+
+ /* *INDENT-OFF* */
+ FOREACH_IP6_LINK_DELEGATE (ild, il,
+ ({
+ if (NULL != il_delegate_vfts[ild->ild_type].ildv_ll_change)
+ il_delegate_vfts[ild->ild_type].ildv_ll_change(ild->ild_index,
+ &il->il_ll_addr);
+ }));
+ /* *INDENT-ON* */
+
+ return (0);
+}
+
+ip6_link_delegate_id_t
+ip6_link_delegate_register (const ip6_link_delegate_vft_t * vft)
+{
+ ip6_link_delegate_id_t rc = il_delegate_id++;
+
+ ASSERT (vft->ildv_disable);
+
+ vec_validate (il_delegate_vfts, rc);
+
+ il_delegate_vfts[rc] = *vft;
+
+ return (rc);
+}
+
+index_t
+ip6_link_delegate_get (u32 sw_if_index, ip6_link_delegate_id_t id)
+{
+ ip6_link_t *il;
+
+ il = ip6_link_get (sw_if_index);
+
+ if (NULL == il)
+ return (INDEX_INVALID);
+
+ vec_validate_init_empty (il->il_delegates, id, ip6_link_delegate_uninit);
+
+ if (!ip6_link_delegate_is_init (&il->il_delegates[id]))
+ return (INDEX_INVALID);
+
+ return (il->il_delegates[id].ild_index);
+}
+
+bool
+ip6_link_delegate_update (u32 sw_if_index,
+ ip6_link_delegate_id_t id, index_t ii)
+{
+ ip6_link_t *il;
+
+ il = ip6_link_get (sw_if_index);
+
+ if (NULL == il)
+ return (false);
+
+ vec_validate_init_empty (il->il_delegates, id, ip6_link_delegate_uninit);
+
+ il->il_delegates[id].ild_sw_if_index = sw_if_index;
+ il->il_delegates[id].ild_type = id;
+ il->il_delegates[id].ild_index = ii;
+
+ return (true);
+}
+
+void
+ip6_link_delegate_remove (u32 sw_if_index,
+ ip6_link_delegate_id_t id, index_t ii)
+{
+ ip6_link_t *il;
+
+ il = ip6_link_get (sw_if_index);
+
+ if (NULL != il)
+ {
+ if (vec_len (il->il_delegates) > id)
+ {
+ clib_memcpy (&il->il_delegates[id],
+ &ip6_link_delegate_uninit,
+ sizeof (il->il_delegates[0]));
+ }
+ }
+}
+
+static void
+ip6_link_add_del_address (ip6_main_t * im,
+ uword opaque,
+ u32 sw_if_index,
+ ip6_address_t * address,
+ u32 address_length,
+ u32 if_address_index, u32 is_delete)
+{
+ const ip6_link_delegate_t *ild;
+ ip6_link_t *il;
+
+ if (ip6_address_is_link_local_unicast (address))
+ // only interested in global addresses here
+ return;
+
+ IP6_LINK_INFO ("addr-%s: %U -> %U",
+ (is_delete ? "del" : "add"),
+ format_vnet_sw_if_index_name, vnet_get_main (), sw_if_index,
+ format_ip6_address, address);
+
+ il = ip6_link_get (sw_if_index);
+
+ if (NULL == il)
+ return;
+
+ /* *INDENT-OFF* */
+ FOREACH_IP6_LINK_DELEGATE (ild, il,
+ ({
+ if (is_delete)
+ {
+ if (NULL != il_delegate_vfts[ild->ild_type].ildv_addr_del)
+ il_delegate_vfts[ild->ild_type].ildv_addr_del(ild->ild_index,
+ address, address_length);
+ }
+ else
+ {
+ if (NULL != il_delegate_vfts[ild->ild_type].ildv_addr_add)
+ il_delegate_vfts[ild->ild_type].ildv_addr_add(ild->ild_index,
+ address, address_length);
+ }
+ }));
+ /* *INDENT-ON* */
+}
+
+static clib_error_t *
+ip6_link_interface_add_del (vnet_main_t * vnm, u32 sw_if_index, u32 is_add)
+{
+ if (!is_add)
+ {
+ ip6_link_t *il;
+
+ il = ip6_link_get (sw_if_index);
+
+ IP6_LINK_DBG ("link-del: %U",
+ format_vnet_sw_if_index_name, vnet_get_main (),
+ sw_if_index);
+
+ if (NULL != il)
+ /* force cleanup */
+ ip6_link_last_lock_gone (il);
+ }
+
+ return (NULL);
+}
+
+VNET_SW_INTERFACE_ADD_DEL_FUNCTION (ip6_link_interface_add_del);
+
+static clib_error_t *
+ip6_link_init (vlib_main_t * vm)
+{
+ il_randomizer = clib_cpu_time_now ();
+ ip6_link_logger = vlib_log_register_class ("ip6", "link");
+
+ {
+ ip6_add_del_interface_address_callback_t cb = {
+ .function = ip6_link_add_del_address,
+ };
+ vec_add1 (ip6_main.add_del_interface_address_callbacks, cb);
+ }
+ return (NULL);
+}
+
+VLIB_INIT_FUNCTION (ip6_link_init);
+
+
+static clib_error_t *
+test_ip6_link_command_fn (vlib_main_t * vm,
+ unformat_input_t * input, vlib_cli_command_t * cmd)
+{
+ u8 mac[6];
+ ip6_address_t _a, *a = &_a;
+
+ if (unformat (input, "%U", unformat_ethernet_address, mac))
+ {
+ ip6_link_local_address_from_mac (a, mac);
+ vlib_cli_output (vm, "Link local address: %U", format_ip6_address, a);
+ ip6_mac_address_from_link_local (mac, a);
+ vlib_cli_output (vm, "Original MAC address: %U",
+ format_ethernet_address, mac);
+ }
+
+ return 0;
+}
+
+/*?
+ * This command converts the given MAC Address into an IPv6 link-local
+ * address.
+ *
+ * @cliexpar
+ * Example of how to create an IPv6 link-local address:
+ * @cliexstart{test ip6 link 16:d9:e0:91:79:86}
+ * Link local address: fe80::14d9:e0ff:fe91:7986
+ * Original MAC address: 16:d9:e0:91:79:86
+ * @cliexend
+?*/
+/* *INDENT-OFF* */
+VLIB_CLI_COMMAND (test_link_command, static) =
+{
+ .path = "test ip6 link",
+ .function = test_ip6_link_command_fn,
+ .short_help = "test ip6 link <mac-address>",
+};
+/* *INDENT-ON* */
+
+static u8 *
+ip6_print_addrs (u8 * s, u32 * addrs)
+{
+ ip_lookup_main_t *lm = &ip6_main.lookup_main;
+ u32 i;
+
+ for (i = 0; i < vec_len (addrs); i++)
+ {
+ ip_interface_address_t *a =
+ pool_elt_at_index (lm->if_address_pool, addrs[i]);
+ ip6_address_t *address = ip_interface_address_get_address (lm, a);
+
+ s = format (s, "%U%U/%d\n",
+ format_white_space, 4,
+ format_ip6_address, address, a->address_length);
+ }
+
+ return (s);
+}
+
+static u8 *
+format_ip6_link (u8 * s, va_list * arg)
+{
+ const ip6_link_t *il = va_arg (*arg, ip6_link_t *);
+ ip_lookup_main_t *lm = &ip6_main.lookup_main;
+ vnet_main_t *vnm = vnet_get_main ();
+
+ if (!ip6_link_is_enabled_i (il))
+ return (s);
+
+ s = format (s, "%U is admin %s\n",
+ format_vnet_sw_interface_name, vnm,
+ vnet_get_sw_interface (vnm, il->il_sw_if_index),
+ (vnet_sw_interface_is_admin_up (vnm, il->il_sw_if_index) ?
+ "up" : "down"));
+
+ u32 ai;
+ u32 *link_scope = 0, *global_scope = 0;
+ u32 *local_scope = 0, *unknown_scope = 0;
+ ip_interface_address_t *a;
+ const ip6_link_delegate_t *ild;
+
+ vec_validate_init_empty (lm->if_address_pool_index_by_sw_if_index,
+ il->il_sw_if_index, ~0);
+ ai = lm->if_address_pool_index_by_sw_if_index[il->il_sw_if_index];
+
+ while (ai != (u32) ~ 0)
+ {
+ a = pool_elt_at_index (lm->if_address_pool, ai);
+ ip6_address_t *address = ip_interface_address_get_address (lm, a);
+
+ if (ip6_address_is_link_local_unicast (address))
+ vec_add1 (link_scope, ai);
+ else if (ip6_address_is_global_unicast (address))
+ vec_add1 (global_scope, ai);
+ else if (ip6_address_is_local_unicast (address))
+ vec_add1 (local_scope, ai);
+ else
+ vec_add1 (unknown_scope, ai);
+
+ ai = a->next_this_sw_interface;
+ }
+
+ if (vec_len (link_scope))
+ {
+ s = format (s, "%ULink-local address(es):\n", format_white_space, 2);
+ s = ip6_print_addrs (s, link_scope);
+ vec_free (link_scope);
+ }
+
+ if (vec_len (local_scope))
+ {
+ s = format (s, "%ULocal unicast address(es):\n", format_white_space, 2);
+ s = ip6_print_addrs (s, local_scope);
+ vec_free (local_scope);
+ }
+
+ if (vec_len (global_scope))
+ {
+ s = format (s, "%UGlobal unicast address(es):\n",
+ format_white_space, 2);
+ s = ip6_print_addrs (s, global_scope);
+ vec_free (global_scope);
+ }
+
+ if (vec_len (unknown_scope))
+ {
+ s = format (s, "%UOther-scope address(es):\n", format_white_space, 2);
+ s = ip6_print_addrs (s, unknown_scope);
+ vec_free (unknown_scope);
+ }
+
+ s = format (s, "%ULink-local address(es):\n", format_white_space, 2);
+ s = format (s, "%U%U\n",
+ format_white_space, 4, format_ip6_address, &il->il_ll_addr);
+
+ /* *INDENT-OFF* */
+ FOREACH_IP6_LINK_DELEGATE(ild, il,
+ ({
+ s = format (s, "%U", il_delegate_vfts[ild->ild_type].ildv_format,
+ ild->ild_index, 2);
+ }));
+ /* *INDENT-ON* */
+
+ return (s);
+}
+
+static clib_error_t *
+ip6_link_show (vlib_main_t * vm,
+ unformat_input_t * input, vlib_cli_command_t * cmd)
+{
+ const ip6_link_t *il;
+ vnet_main_t *vnm;
+ u32 sw_if_index;
+
+ vnm = vnet_get_main ();
+ sw_if_index = ~0;
+
+ if (unformat_user (input, unformat_vnet_sw_interface, vnm, &sw_if_index))
+ {
+ il = ip6_link_get (sw_if_index);
+
+ if (NULL == il)
+ {
+ vlib_cli_output (vm, "IP6 disabled");
+ return (NULL);
+ }
+ else
+ vlib_cli_output (vm, "%U", format_ip6_link, il);
+ }
+ else
+ {
+ vec_foreach (il, ip6_links)
+ vlib_cli_output (vm, "%U", format_ip6_link, il);
+ }
+
+ return (NULL);
+}
+
+/*?
+ * This command is used to display various IPv6 attributes on a given
+ * interface.
+ *
+ * @cliexpar
+ * Example of how to display IPv6 settings:
+ * @cliexstart{show ip6 interface GigabitEthernet2/0/0}
+ * GigabitEthernet2/0/0 is admin up
+ * Link-local address(es):
+ * fe80::ab8/64
+ * Joined group address(es):
+ * ff02::1
+ * ff02::2
+ * ff02::16
+ * ff02::1:ff00:ab8
+ * Advertised Prefixes:
+ * prefix fe80::fe:28ff:fe9c:75b3, length 64
+ * MTU is 1500
+ * ICMP error messages are unlimited
+ * ICMP redirects are disabled
+ * ICMP unreachables are not sent
+ * ND DAD is disabled
+ * ND advertised reachable time is 0
+ * ND advertised retransmit interval is 0 (msec)
+ * ND router advertisements are sent every 200 seconds (min interval is 150)
+ * ND router advertisements live for 600 seconds
+ * Hosts use stateless autoconfig for addresses
+ * ND router advertisements sent 19336
+ * ND router solicitations received 0
+ * ND router solicitations dropped 0
+ * @cliexend
+ * Example of output if IPv6 is not enabled on the interface:
+ * @cliexstart{show ip6 interface GigabitEthernet2/0/0}
+ * show ip6 interface: IPv6 not enabled on interface
+ * @cliexend
+?*/
+/* *INDENT-OFF* */
+VLIB_CLI_COMMAND (ip6_link_show_command, static) =
+{
+ .path = "show ip6 interface",
+ .function = ip6_link_show,
+ .short_help = "show ip6 interface <interface>",
+};
+/* *INDENT-ON* */
+
+static clib_error_t *
+enable_ip6_interface_cmd (vlib_main_t * vm,
+ unformat_input_t * input, vlib_cli_command_t * cmd)
+{
+ vnet_main_t *vnm = vnet_get_main ();
+ clib_error_t *error = NULL;
+ u32 sw_if_index;
+
+ sw_if_index = ~0;
+
+ if (unformat_user (input, unformat_vnet_sw_interface, vnm, &sw_if_index))
+ {
+ if (ip6_link_enable (sw_if_index))
+ error = clib_error_return (0, "Failed\n");
+ }
+ else
+ {
+ error = clib_error_return (0, "unknown interface\n'",
+ format_unformat_error, input);
+
+ }
+ return error;
+}
+
+/*?
+ * This command is used to enable IPv6 on a given interface.
+ *
+ * @cliexpar
+ * Example of how enable IPv6 on a given interface:
+ * @cliexcmd{enable ip6 interface GigabitEthernet2/0/0}
+?*/
+/* *INDENT-OFF* */
+VLIB_CLI_COMMAND (enable_ip6_interface_command, static) =
+{
+ .path = "enable ip6 interface",
+ .function = enable_ip6_interface_cmd,
+ .short_help = "enable ip6 interface <interface>",
+};
+/* *INDENT-ON* */
+
+static clib_error_t *
+disable_ip6_interface_cmd (vlib_main_t * vm,
+ unformat_input_t * input, vlib_cli_command_t * cmd)
+{
+ vnet_main_t *vnm = vnet_get_main ();
+ clib_error_t *error = NULL;
+ u32 sw_if_index;
+
+ sw_if_index = ~0;
+
+ if (unformat_user (input, unformat_vnet_sw_interface, vnm, &sw_if_index))
+ {
+ if (ip6_link_disable (sw_if_index))
+ error = clib_error_return (0, "Failed\n");
+ }
+ else
+ {
+ error = clib_error_return (0, "unknown interface\n'",
+ format_unformat_error, input);
+
+ }
+ return error;
+}
+
+/*?
+ * This command is used to disable IPv6 on a given interface.
+ *
+ * @cliexpar
+ * Example of how disable IPv6 on a given interface:
+ * @cliexcmd{disable ip6 interface GigabitEthernet2/0/0}
+?*/
+/* *INDENT-OFF* */
+VLIB_CLI_COMMAND (disable_ip6_interface_command, static) =
+{
+ .path = "disable ip6 interface",
+ .function = disable_ip6_interface_cmd,
+ .short_help = "disable ip6 interface <interface>",
+};
+/* *INDENT-ON* */
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/ip/ip6_link.h b/src/vnet/ip/ip6_link.h
new file mode 100644
index 00000000000..01506bb4765
--- /dev/null
+++ b/src/vnet/ip/ip6_link.h
@@ -0,0 +1,82 @@
+/*
+ * Copyright (c) 2019 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <vnet/ip/ip.h>
+
+/**
+ * IPv6 Configuration on an interface
+ */
+
+extern int ip6_link_enable (u32 sw_if_index);
+extern bool ip6_link_is_enabled (u32 sw_if_index);
+extern int ip6_link_disable (u32 sw_if_index);
+
+extern const ip6_address_t *ip6_get_link_local_address (u32 sw_if_index);
+
+extern int ip6_set_link_local_address (u32 sw_if_index,
+ const ip6_address_t * address);
+extern adj_index_t ip6_link_get_mcast_adj (u32 sw_if_index);
+
+extern int
+ip6_src_address_for_packet (u32 sw_if_index,
+ const ip6_address_t * dst, ip6_address_t * src);
+
+/**
+ * Delegates for the interfaces
+ *
+ * delegates are a means for a external component to 'extend' the config
+ * object by adding their own objects (aka delegates).
+ */
+
+/**
+ * Callback functions for handling actions on the link
+ */
+typedef void (*ip6_link_enable_fn_t) (u32 sw_if_index);
+typedef void (*ip6_link_disable_fn_t) (index_t ildi);
+typedef void (*ip6_link_ll_change_fn_t) (u32 ildi, const ip6_address_t * a);
+typedef void (*ip6_link_address_change_fn_t) (u32 ildi,
+ const ip6_address_t * a,
+ u8 address_oength);
+
+typedef struct ip6_link_delegate_vft_t_
+{
+ ip6_link_enable_fn_t ildv_enable;
+ ip6_link_disable_fn_t ildv_disable;
+ ip6_link_ll_change_fn_t ildv_ll_change;
+ ip6_link_address_change_fn_t ildv_addr_add;
+ ip6_link_address_change_fn_t ildv_addr_del;
+ format_function_t *ildv_format;
+} ip6_link_delegate_vft_t;
+
+typedef u32 ip6_link_delegate_id_t;
+
+
+extern ip6_link_delegate_id_t ip6_link_delegate_register (const
+ ip6_link_delegate_vft_t
+ * vft);
+extern index_t ip6_link_delegate_get (u32 sw_if_index,
+ ip6_link_delegate_id_t id);
+extern bool ip6_link_delegate_update (u32 sw_if_index,
+ ip6_link_delegate_id_t id, index_t ii);
+extern void ip6_link_delegate_remove (u32 sw_if_index,
+ ip6_link_delegate_id_t id, index_t ii);
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/ip/ip6_neighbor.c b/src/vnet/ip/ip6_neighbor.c
deleted file mode 100644
index 5b8085d556d..00000000000
--- a/src/vnet/ip/ip6_neighbor.c
+++ /dev/null
@@ -1,5034 +0,0 @@
-/*
- * ip/ip6_neighbor.c: IP6 neighbor handling
- *
- * Copyright (c) 2010 Cisco and/or its affiliates.
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at:
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <vnet/ip/ip.h>
-#include <vnet/ip/ip6_neighbor.h>
-#include <vnet/ethernet/ethernet.h>
-#include <vppinfra/mhash.h>
-#include <vnet/adj/adj.h>
-#include <vnet/adj/adj_mcast.h>
-#include <vnet/fib/fib_table.h>
-#include <vnet/fib/ip6_fib.h>
-#include <vnet/mfib/ip6_mfib.h>
-#include <vnet/ip/ip6_ll_table.h>
-#include <vnet/l2/l2_input.h>
-#include <vlibmemory/api.h>
-
-/**
- * @file
- * @brief IPv6 Neighbor Adjacency and Neighbor Discovery.
- *
- * The files contains the API and CLI code for managing IPv6 neighbor
- * adjacency tables and neighbor discovery logic.
- */
-
-/* can't use sizeof link_layer_address, that's 8 */
-#define ETHER_MAC_ADDR_LEN 6
-
-/* advertised prefix option */
-typedef struct
-{
- /* basic advertised information */
- ip6_address_t prefix;
- u8 prefix_len;
- int adv_on_link_flag;
- int adv_autonomous_flag;
- u32 adv_valid_lifetime_in_secs;
- u32 adv_pref_lifetime_in_secs;
-
- /* advertised values are computed from these times if decrementing */
- f64 valid_lifetime_expires;
- f64 pref_lifetime_expires;
-
- /* local information */
- int enabled;
- int deprecated_prefix_flag;
- int decrement_lifetime_flag;
-
-#define MIN_ADV_VALID_LIFETIME 7203 /* seconds */
-#define DEF_ADV_VALID_LIFETIME 2592000
-#define DEF_ADV_PREF_LIFETIME 604800
-
- /* extensions are added here, mobile, DNS etc.. */
-} ip6_radv_prefix_t;
-
-
-typedef struct
-{
- /* group information */
- u8 type;
- ip6_address_t mcast_address;
- u16 num_sources;
- ip6_address_t *mcast_source_address_pool;
-} ip6_mldp_group_t;
-
-/* configured router advertisement information per ipv6 interface */
-typedef struct
-{
-
- /* advertised config information, zero means unspecified */
- u8 curr_hop_limit;
- int adv_managed_flag;
- int adv_other_flag;
- u16 adv_router_lifetime_in_sec;
- u32 adv_neighbor_reachable_time_in_msec;
- u32 adv_time_in_msec_between_retransmitted_neighbor_solicitations;
-
- /* mtu option */
- u32 adv_link_mtu;
-
- /* source link layer option */
- u8 link_layer_address[8];
- u8 link_layer_addr_len;
-
- /* prefix option */
- ip6_radv_prefix_t *adv_prefixes_pool;
-
- /* Hash table mapping address to index in interface advertised prefix pool. */
- mhash_t address_to_prefix_index;
-
- /* MLDP group information */
- ip6_mldp_group_t *mldp_group_pool;
-
- /* Hash table mapping address to index in mldp address pool. */
- mhash_t address_to_mldp_index;
-
- /* local information */
- u32 sw_if_index;
- int send_radv; /* radv on/off on this interface - set by config */
- int cease_radv; /* we are ceasing to send - set byf config */
- int send_unicast;
- int adv_link_layer_address;
- int prefix_option;
- int failed_device_check;
- int all_routers_mcast;
- u32 seed;
- u64 randomizer;
- int ref_count;
- adj_index_t mcast_adj_index;
-
- /* timing information */
-#define DEF_MAX_RADV_INTERVAL 200
-#define DEF_MIN_RADV_INTERVAL .75 * DEF_MAX_RADV_INTERVAL
-#define DEF_CURR_HOP_LIMIT 64
-#define DEF_DEF_RTR_LIFETIME 3 * DEF_MAX_RADV_INTERVAL
-#define MAX_DEF_RTR_LIFETIME 9000
-
-#define MAX_INITIAL_RTR_ADVERT_INTERVAL 16 /* seconds */
-#define MAX_INITIAL_RTR_ADVERTISEMENTS 3 /*transmissions */
-#define MIN_DELAY_BETWEEN_RAS 3 /* seconds */
-#define MAX_DELAY_BETWEEN_RAS 1800 /* seconds */
-#define MAX_RA_DELAY_TIME .5 /* seconds */
-
- f64 max_radv_interval;
- f64 min_radv_interval;
- f64 min_delay_between_radv;
- f64 max_delay_between_radv;
- f64 max_rtr_default_lifetime;
-
- f64 last_radv_time;
- f64 last_multicast_time;
- f64 next_multicast_time;
-
-
- u32 initial_adverts_count;
- f64 initial_adverts_interval;
- u32 initial_adverts_sent;
-
- /* stats */
- u32 n_advertisements_sent;
- u32 n_solicitations_rcvd;
- u32 n_solicitations_dropped;
-
- /* Link local address to use (defaults to underlying physical for logical interfaces */
- ip6_address_t link_local_address;
-
- /* router solicitations sending state */
- u8 keep_sending_rs; /* when true then next fields are valid */
- icmp6_send_router_solicitation_params_t params;
- f64 sleep_interval;
- f64 due_time;
- u32 n_left;
- f64 start_time;
- vlib_buffer_t *buffer;
-} ip6_radv_t;
-
-typedef struct
-{
- u32 next_index;
- uword node_index;
- uword type_opaque;
- uword data;
- /* Used for nd event notification only */
- ip6_nd_change_event_cb_t data_callback;
- u32 pid;
-} pending_resolution_t;
-
-
-typedef struct
-{
- /* Hash tables mapping name to opcode. */
- uword *opcode_by_name;
-
- /* lite beer "glean" adjacency handling */
- mhash_t pending_resolutions_by_address;
- pending_resolution_t *pending_resolutions;
-
- /* Mac address change notification */
- mhash_t mac_changes_by_address;
- pending_resolution_t *mac_changes;
-
- u32 *neighbor_input_next_index_by_hw_if_index;
-
- ip6_neighbor_t *neighbor_pool;
-
- mhash_t neighbor_index_by_key;
-
- u32 *if_radv_pool_index_by_sw_if_index;
-
- ip6_radv_t *if_radv_pool;
-
- /* Neighbor attack mitigation */
- u32 limit_neighbor_cache_size;
- u32 neighbor_delete_rotor;
-
- /* Wildcard nd report publisher */
- uword wc_ip6_nd_publisher_node;
- uword wc_ip6_nd_publisher_et;
-
- /* Router advertisement report publisher */
- uword ip6_ra_publisher_node;
- uword ip6_ra_publisher_et;
-} ip6_neighbor_main_t;
-
-/* ipv6 neighbor discovery - timer/event types */
-typedef enum
-{
- ICMP6_ND_EVENT_INIT,
-} ip6_icmp_neighbor_discovery_event_type_t;
-
-typedef union
-{
- u32 add_del_swindex;
- struct
- {
- u32 up_down_swindex;
- u32 fib_index;
- } up_down_event;
-} ip6_icmp_neighbor_discovery_event_data_t;
-
-static ip6_neighbor_main_t ip6_neighbor_main;
-ip6_neighbor_public_main_t ip6_neighbor_public_main;
-static ip6_address_t ip6a_zero; /* ip6 address 0 */
-
-static void wc_nd_signal_report (wc_nd_report_t * r);
-static void ra_signal_report (ra_report_t * r);
-
-ip6_address_t
-ip6_neighbor_get_link_local_address (u32 sw_if_index)
-{
- static ip6_address_t empty_address = { {0} };
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
- ip6_radv_t *radv_info;
- u32 ri = ~0;
-
- if (vec_len (nm->if_radv_pool_index_by_sw_if_index) > sw_if_index)
- ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index];
- if (ri == ~0)
- {
- clib_warning ("IPv6 is not enabled for sw_if_index %d", sw_if_index);
- return empty_address;
- }
- radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
- if (radv_info == NULL)
- {
- clib_warning ("Internal error");
- return empty_address;
- }
- return radv_info->link_local_address;
-}
-
-/**
- * @brief publish wildcard arp event
- * @param sw_if_index The interface on which the ARP entries are acted
- */
-static int
-vnet_nd_wc_publish (u32 sw_if_index,
- const mac_address_t * mac, const ip6_address_t * ip6)
-{
- wc_nd_report_t r = {
- .sw_if_index = sw_if_index,
- .ip6 = *ip6,
- .mac = *mac,
- };
-
- vl_api_rpc_call_main_thread (wc_nd_signal_report, (u8 *) & r, sizeof r);
- return 0;
-}
-
-static void
-wc_nd_signal_report (wc_nd_report_t * r)
-{
- vlib_main_t *vm = vlib_get_main ();
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
- uword ni = nm->wc_ip6_nd_publisher_node;
- uword et = nm->wc_ip6_nd_publisher_et;
-
- if (ni == (uword) ~ 0)
- return;
- wc_nd_report_t *q =
- vlib_process_signal_event_data (vm, ni, et, 1, sizeof *q);
-
- *q = *r;
-}
-
-void
-wc_nd_set_publisher_node (uword node_index, uword event_type)
-{
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
- nm->wc_ip6_nd_publisher_node = node_index;
- nm->wc_ip6_nd_publisher_et = event_type;
-}
-
-static int
-ra_publish (ra_report_t * r)
-{
- void vl_api_rpc_call_main_thread (void *fp, u8 * data, u32 data_length);
- vl_api_rpc_call_main_thread (ra_signal_report, (u8 *) r, sizeof *r);
- return 0;
-}
-
-static void
-ra_signal_report (ra_report_t * r)
-{
- vlib_main_t *vm = vlib_get_main ();
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
- uword ni = nm->ip6_ra_publisher_node;
- uword et = nm->ip6_ra_publisher_et;
-
- if (ni == (uword) ~ 0)
- return;
- ra_report_t *q = vlib_process_signal_event_data (vm, ni, et, 1, sizeof *q);
-
- *q = *r;
-}
-
-void
-ra_set_publisher_node (uword node_index, uword event_type)
-{
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
- nm->ip6_ra_publisher_node = node_index;
- nm->ip6_ra_publisher_et = event_type;
-}
-
-static u8 *
-format_ip6_neighbor_ip6_entry (u8 * s, va_list * va)
-{
- vlib_main_t *vm = va_arg (*va, vlib_main_t *);
- ip6_neighbor_t *n = va_arg (*va, ip6_neighbor_t *);
- vnet_main_t *vnm = vnet_get_main ();
- vnet_sw_interface_t *si;
-
- if (!n)
- return format (s, "%=12s%=45s%=6s%=20s%=40s", "Time", "Address", "Flags",
- "Link layer", "Interface");
-
- si = vnet_get_sw_interface (vnm, n->key.sw_if_index);
-
- return format (s, "%=12U%=45U%=6U%=20U%=40U",
- format_vlib_time, vm, n->time_last_updated,
- format_ip6_address, &n->key.ip6_address,
- format_ip_neighbor_flags, n->flags,
- format_mac_address_t, &n->mac,
- format_vnet_sw_interface_name, vnm, si);
-}
-
-static void
-ip6_neighbor_adj_fib_remove (ip6_neighbor_t * n, u32 fib_index)
-{
- if (FIB_NODE_INDEX_INVALID != n->fib_entry_index)
- {
- if (ip6_address_is_link_local_unicast (&n->key.ip6_address))
- {
- ip6_ll_prefix_t pfx = {
- .ilp_addr = n->key.ip6_address,
- .ilp_sw_if_index = n->key.sw_if_index,
- };
- ip6_ll_table_entry_delete (&pfx);
- }
- else
- {
- fib_prefix_t pfx = {
- .fp_len = 128,
- .fp_proto = FIB_PROTOCOL_IP6,
- .fp_addr.ip6 = n->key.ip6_address,
- };
- fib_table_entry_path_remove (fib_index,
- &pfx,
- FIB_SOURCE_ADJ,
- DPO_PROTO_IP6,
- &pfx.fp_addr,
- n->key.sw_if_index, ~0,
- 1, FIB_ROUTE_PATH_FLAG_NONE);
- }
- }
-}
-
-typedef struct
-{
- u8 is_add;
- ip_neighbor_flags_t flags;
- mac_address_t mac;
- u32 sw_if_index;
- ip6_address_t addr;
-} ip6_neighbor_set_unset_rpc_args_t;
-
-static void ip6_neighbor_set_unset_rpc_callback
- (ip6_neighbor_set_unset_rpc_args_t * a);
-
-static void set_unset_ip6_neighbor_rpc
- (vlib_main_t * vm,
- u32 sw_if_index,
- const ip6_address_t * a,
- const mac_address_t * mac, int is_add, ip_neighbor_flags_t flags)
-{
- ip6_neighbor_set_unset_rpc_args_t args;
- void vl_api_rpc_call_main_thread (void *fp, u8 * data, u32 data_length);
-
- args.sw_if_index = sw_if_index;
- args.is_add = is_add;
- args.flags = flags;
- ip6_address_copy (&args.addr, a);
- mac_address_copy (&args.mac, mac);
-
- vl_api_rpc_call_main_thread (ip6_neighbor_set_unset_rpc_callback,
- (u8 *) & args, sizeof (args));
-}
-
-static void
-ip6_nbr_probe (ip_adjacency_t * adj)
-{
- icmp6_neighbor_solicitation_header_t *h;
- vnet_main_t *vnm = vnet_get_main ();
- ip6_main_t *im = &ip6_main;
- ip_interface_address_t *ia;
- ip6_address_t *dst, *src;
- vnet_hw_interface_t *hi;
- vnet_sw_interface_t *si;
- vlib_buffer_t *b;
- int bogus_length;
- vlib_main_t *vm;
- u32 bi = 0;
-
- vm = vlib_get_main ();
-
- si = vnet_get_sw_interface (vnm, adj->rewrite_header.sw_if_index);
- dst = &adj->sub_type.nbr.next_hop.ip6;
-
- if (!(si->flags & VNET_SW_INTERFACE_FLAG_ADMIN_UP))
- {
- return;
- }
- src = ip6_interface_address_matching_destination (im, dst,
- adj->rewrite_header.
- sw_if_index, &ia);
- if (!src)
- {
- return;
- }
-
- h = vlib_packet_template_get_packet (vm,
- &im->discover_neighbor_packet_template,
- &bi);
- if (!h)
- return;
-
- hi = vnet_get_sup_hw_interface (vnm, adj->rewrite_header.sw_if_index);
-
- h->ip.dst_address.as_u8[13] = dst->as_u8[13];
- h->ip.dst_address.as_u8[14] = dst->as_u8[14];
- h->ip.dst_address.as_u8[15] = dst->as_u8[15];
- h->ip.src_address = src[0];
- h->neighbor.target_address = dst[0];
-
- clib_memcpy (h->link_layer_option.ethernet_address,
- hi->hw_address, vec_len (hi->hw_address));
-
- h->neighbor.icmp.checksum =
- ip6_tcp_udp_icmp_compute_checksum (vm, 0, &h->ip, &bogus_length);
- ASSERT (bogus_length == 0);
-
- b = vlib_get_buffer (vm, bi);
- vnet_buffer (b)->sw_if_index[VLIB_RX] =
- vnet_buffer (b)->sw_if_index[VLIB_TX] = adj->rewrite_header.sw_if_index;
-
- /* Add encapsulation string for software interface (e.g. ethernet header). */
- vnet_rewrite_one_header (adj[0], h, sizeof (ethernet_header_t));
- vlib_buffer_advance (b, -adj->rewrite_header.data_bytes);
-
- {
- vlib_frame_t *f = vlib_get_frame_to_node (vm, hi->output_node_index);
- u32 *to_next = vlib_frame_vector_args (f);
- to_next[0] = bi;
- f->n_vectors = 1;
- vlib_put_frame_to_node (vm, hi->output_node_index, f);
- }
-}
-
-static void
-ip6_nd_mk_complete (adj_index_t ai, ip6_neighbor_t * nbr)
-{
- adj_nbr_update_rewrite (ai, ADJ_NBR_REWRITE_FLAG_COMPLETE,
- ethernet_build_rewrite (vnet_get_main (),
- nbr->key.sw_if_index,
- adj_get_link_type (ai),
- nbr->mac.bytes));
-}
-
-static void
-ip6_nd_mk_incomplete (adj_index_t ai)
-{
- ip_adjacency_t *adj = adj_get (ai);
-
- adj_nbr_update_rewrite (ai,
- ADJ_NBR_REWRITE_FLAG_INCOMPLETE,
- ethernet_build_rewrite (vnet_get_main (),
- adj->rewrite_header.
- sw_if_index,
- adj_get_link_type (ai),
- VNET_REWRITE_FOR_SW_INTERFACE_ADDRESS_BROADCAST));
-}
-
-#define IP6_NBR_MK_KEY(k, sw_if_index, addr) \
-{ \
- k.sw_if_index = sw_if_index; \
- k.ip6_address = *addr; \
- k.pad = 0; \
-}
-
-static ip6_neighbor_t *
-ip6_nd_find (u32 sw_if_index, const ip6_address_t * addr)
-{
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
- ip6_neighbor_t *n = NULL;
- ip6_neighbor_key_t k;
- uword *p;
-
- IP6_NBR_MK_KEY (k, sw_if_index, addr);
-
- p = mhash_get (&nm->neighbor_index_by_key, &k);
- if (p)
- {
- n = pool_elt_at_index (nm->neighbor_pool, p[0]);
- }
-
- return (n);
-}
-
-static adj_walk_rc_t
-ip6_nd_mk_complete_walk (adj_index_t ai, void *ctx)
-{
- ip6_neighbor_t *nbr = ctx;
-
- ip6_nd_mk_complete (ai, nbr);
-
- return (ADJ_WALK_RC_CONTINUE);
-}
-
-static adj_walk_rc_t
-ip6_nd_mk_incomplete_walk (adj_index_t ai, void *ctx)
-{
- ip6_nd_mk_incomplete (ai);
-
- return (ADJ_WALK_RC_CONTINUE);
-}
-
-static clib_error_t *
-ip6_neighbor_sw_interface_up_down (vnet_main_t * vnm,
- u32 sw_if_index, u32 flags)
-{
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
- ip6_neighbor_t *n;
- u32 i, *to_delete = 0;
-
- /* *INDENT-OFF* */
- pool_foreach (n, nm->neighbor_pool,
- ({
- if (n->key.sw_if_index == sw_if_index)
- vec_add1 (to_delete, n - nm->neighbor_pool);
- }));
- /* *INDENT-ON* */
-
- if (flags & VNET_SW_INTERFACE_FLAG_ADMIN_UP)
- {
- for (i = 0; i < vec_len (to_delete); i++)
- {
- n = pool_elt_at_index (nm->neighbor_pool, to_delete[i]);
- adj_nbr_walk_nh6 (n->key.sw_if_index, &n->key.ip6_address,
- ip6_nd_mk_complete_walk, n);
- }
- }
- else
- {
- for (i = 0; i < vec_len (to_delete); i++)
- {
- n = pool_elt_at_index (nm->neighbor_pool, to_delete[i]);
- adj_nbr_walk_nh6 (n->key.sw_if_index, &n->key.ip6_address,
- ip6_nd_mk_incomplete_walk, NULL);
- if (n->flags & IP_NEIGHBOR_FLAG_STATIC)
- continue;
- ip6_neighbor_adj_fib_remove (n,
- ip6_fib_table_get_index_for_sw_if_index
- (n->key.sw_if_index));
- mhash_unset (&nm->neighbor_index_by_key, &n->key, 0);
- pool_put (nm->neighbor_pool, n);
- }
- }
-
- vec_free (to_delete);
- return 0;
-}
-
-VNET_SW_INTERFACE_ADMIN_UP_DOWN_FUNCTION (ip6_neighbor_sw_interface_up_down);
-
-void
-ip6_ethernet_update_adjacency (vnet_main_t * vnm, u32 sw_if_index, u32 ai)
-{
- ip6_neighbor_t *nbr;
- ip_adjacency_t *adj;
-
- adj = adj_get (ai);
-
- nbr = ip6_nd_find (sw_if_index, &adj->sub_type.nbr.next_hop.ip6);
-
- switch (adj->lookup_next_index)
- {
- case IP_LOOKUP_NEXT_GLEAN:
- adj_glean_update_rewrite (ai);
- break;
- case IP_LOOKUP_NEXT_ARP:
- if (NULL != nbr)
- {
- adj_nbr_walk_nh6 (sw_if_index, &nbr->key.ip6_address,
- ip6_nd_mk_complete_walk, nbr);
- }
- else
- {
- /*
- * no matching ND entry.
- * construct the rewrite required to for an ND packet, and stick
- * that in the adj's pipe to smoke.
- */
- adj_nbr_update_rewrite (ai,
- ADJ_NBR_REWRITE_FLAG_INCOMPLETE,
- ethernet_build_rewrite (vnm,
- sw_if_index,
- VNET_LINK_IP6,
- VNET_REWRITE_FOR_SW_INTERFACE_ADDRESS_BROADCAST));
-
- /*
- * since the FIB has added this adj for a route, it makes sense it may
- * want to forward traffic sometime soon. Let's send a speculative ND.
- * just one. If we were to do periodically that wouldn't be bad either,
- * but that's more code than i'm prepared to write at this time for
- * relatively little reward.
- */
- ip6_nbr_probe (adj);
- }
- break;
- case IP_LOOKUP_NEXT_BCAST:
- adj_nbr_update_rewrite (ai,
- ADJ_NBR_REWRITE_FLAG_COMPLETE,
- ethernet_build_rewrite (vnm,
- sw_if_index,
- VNET_LINK_IP6,
- VNET_REWRITE_FOR_SW_INTERFACE_ADDRESS_BROADCAST));
- break;
- case IP_LOOKUP_NEXT_MCAST:
- {
- /*
- * Construct a partial rewrite from the known ethernet mcast dest MAC
- */
- u8 *rewrite;
- u8 offset;
-
- rewrite = ethernet_build_rewrite (vnm,
- sw_if_index,
- adj->ia_link,
- ethernet_ip6_mcast_dst_addr ());
-
- /*
- * Complete the remaining fields of the adj's rewrite to direct the
- * complete of the rewrite at switch time by copying in the IP
- * dst address's bytes.
- * Ofset is 2 bytes into the destintation address.
- */
- offset = vec_len (rewrite) - 2;
- adj_mcast_update_rewrite (ai, rewrite, offset);
-
- break;
- }
- case IP_LOOKUP_NEXT_DROP:
- case IP_LOOKUP_NEXT_PUNT:
- case IP_LOOKUP_NEXT_LOCAL:
- case IP_LOOKUP_NEXT_REWRITE:
- case IP_LOOKUP_NEXT_MCAST_MIDCHAIN:
- case IP_LOOKUP_NEXT_MIDCHAIN:
- case IP_LOOKUP_NEXT_ICMP_ERROR:
- case IP_LOOKUP_N_NEXT:
- ASSERT (0);
- break;
- }
-}
-
-
-static void
-ip6_neighbor_adj_fib_add (ip6_neighbor_t * n, u32 fib_index)
-{
- if (ip6_address_is_link_local_unicast (&n->key.ip6_address))
- {
- ip6_ll_prefix_t pfx = {
- .ilp_addr = n->key.ip6_address,
- .ilp_sw_if_index = n->key.sw_if_index,
- };
- n->fib_entry_index =
- ip6_ll_table_entry_update (&pfx, FIB_ROUTE_PATH_FLAG_NONE);
- }
- else
- {
- fib_prefix_t pfx = {
- .fp_len = 128,
- .fp_proto = FIB_PROTOCOL_IP6,
- .fp_addr.ip6 = n->key.ip6_address,
- };
-
- n->fib_entry_index =
- fib_table_entry_path_add (fib_index, &pfx, FIB_SOURCE_ADJ,
- FIB_ENTRY_FLAG_ATTACHED,
- DPO_PROTO_IP6, &pfx.fp_addr,
- n->key.sw_if_index, ~0, 1, NULL,
- FIB_ROUTE_PATH_FLAG_NONE);
- }
-}
-
-static ip6_neighbor_t *
-force_reuse_neighbor_entry (void)
-{
- ip6_neighbor_t *n;
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
- u32 count = 0;
- u32 index = pool_next_index (nm->neighbor_pool, nm->neighbor_delete_rotor);
- if (index == ~0) /* Try again from elt 0 */
- index = pool_next_index (nm->neighbor_pool, index);
-
- /* Find a non-static random entry to free up for reuse */
- do
- {
- if ((count++ == 100) || (index == ~0))
- return NULL; /* give up after 100 entries */
- n = pool_elt_at_index (nm->neighbor_pool, index);
- nm->neighbor_delete_rotor = index;
- index = pool_next_index (nm->neighbor_pool, index);
- }
- while (n->flags & IP_NEIGHBOR_FLAG_STATIC);
-
- /* Remove ARP entry from its interface and update fib */
- adj_nbr_walk_nh6 (n->key.sw_if_index,
- &n->key.ip6_address, ip6_nd_mk_incomplete_walk, NULL);
- ip6_neighbor_adj_fib_remove
- (n, ip6_fib_table_get_index_for_sw_if_index (n->key.sw_if_index));
- mhash_unset (&nm->neighbor_index_by_key, &n->key, 0);
-
- return n;
-}
-
-int
-vnet_set_ip6_ethernet_neighbor (vlib_main_t * vm,
- u32 sw_if_index,
- const ip6_address_t * a,
- const mac_address_t * mac,
- ip_neighbor_flags_t flags)
-{
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
- ip6_neighbor_key_t k;
- ip6_neighbor_t *n = 0;
- int make_new_nd_cache_entry = 1;
- uword *p;
- u32 next_index;
- pending_resolution_t *pr, *mc;
-
- if (vlib_get_thread_index ())
- {
- set_unset_ip6_neighbor_rpc (vm, sw_if_index, a, mac, 1, flags);
- return 0;
- }
-
- k.sw_if_index = sw_if_index;
- k.ip6_address = a[0];
- k.pad = 0;
-
- p = mhash_get (&nm->neighbor_index_by_key, &k);
- if (p)
- {
- n = pool_elt_at_index (nm->neighbor_pool, p[0]);
- /* Refuse to over-write static neighbor entry. */
- if (!(flags & IP_NEIGHBOR_FLAG_STATIC) &&
- (n->flags & IP_NEIGHBOR_FLAG_STATIC))
- {
- /* if MAC address match, still check to send event */
- if (0 == mac_address_cmp (&n->mac, mac))
- goto check_customers;
- return -2;
- }
- make_new_nd_cache_entry = 0;
- }
-
- if (make_new_nd_cache_entry)
- {
- if (nm->limit_neighbor_cache_size &&
- pool_elts (nm->neighbor_pool) >= nm->limit_neighbor_cache_size)
- {
- n = force_reuse_neighbor_entry ();
- if (NULL == n)
- return -2;
- }
- else
- {
- pool_get (nm->neighbor_pool, n);
- memset (n, 0, sizeof (*n));
- }
-
- mhash_set (&nm->neighbor_index_by_key, &k, n - nm->neighbor_pool,
- /* old value */ 0);
- n->key = k;
- n->fib_entry_index = FIB_NODE_INDEX_INVALID;
-
- mac_address_copy (&n->mac, mac);
-
- /*
- * create the adj-fib. the entry in the FIB table for and to the peer.
- */
- if (!(flags & IP_NEIGHBOR_FLAG_NO_FIB_ENTRY))
- {
- ip6_neighbor_adj_fib_add
- (n, ip6_fib_table_get_index_for_sw_if_index (n->key.sw_if_index));
- }
- else
- {
- n->flags |= IP_NEIGHBOR_FLAG_NO_FIB_ENTRY;
- }
- }
- else
- {
- /*
- * prevent a DoS attack from the data-plane that
- * spams us with no-op updates to the MAC address
- */
- if (0 == mac_address_cmp (&n->mac, mac))
- {
- n->time_last_updated = vlib_time_now (vm);
- goto check_customers;
- }
-
- mac_address_copy (&n->mac, mac);
- }
-
- /* Update time stamp and flags. */
- n->time_last_updated = vlib_time_now (vm);
- if (flags & IP_NEIGHBOR_FLAG_STATIC)
- {
- n->flags |= IP_NEIGHBOR_FLAG_STATIC;
- n->flags &= ~IP_NEIGHBOR_FLAG_DYNAMIC;
- }
- else
- {
- n->flags |= IP_NEIGHBOR_FLAG_DYNAMIC;
- n->flags &= ~IP_NEIGHBOR_FLAG_STATIC;
- }
-
- adj_nbr_walk_nh6 (sw_if_index,
- &n->key.ip6_address, ip6_nd_mk_complete_walk, n);
-
-check_customers:
- /* Customer(s) waiting for this address to be resolved? */
- p = mhash_get (&nm->pending_resolutions_by_address, a);
- if (p)
- {
- next_index = p[0];
-
- while (next_index != (u32) ~ 0)
- {
- pr = pool_elt_at_index (nm->pending_resolutions, next_index);
- vlib_process_signal_event (vm, pr->node_index,
- pr->type_opaque, pr->data);
- next_index = pr->next_index;
- pool_put (nm->pending_resolutions, pr);
- }
-
- mhash_unset (&nm->pending_resolutions_by_address, (void *) a, 0);
- }
-
- /* Customer(s) requesting ND event for this address? */
- p = mhash_get (&nm->mac_changes_by_address, a);
- if (p)
- {
- next_index = p[0];
-
- while (next_index != (u32) ~ 0)
- {
- int rv = 1;
-
- mc = pool_elt_at_index (nm->mac_changes, next_index);
-
- /* Call the user's data callback, return 1 to suppress dup events */
- if (mc->data_callback)
- rv = (mc->data_callback) (mc->data, mac, sw_if_index, &ip6a_zero);
- /*
- * Signal the resolver process, as long as the user
- * says they want to be notified
- */
- if (rv == 0)
- vlib_process_signal_event (vm, mc->node_index,
- mc->type_opaque, mc->data);
- next_index = mc->next_index;
- }
- }
-
- return 0;
-}
-
-int
-vnet_unset_ip6_ethernet_neighbor (vlib_main_t * vm,
- u32 sw_if_index, const ip6_address_t * a)
-{
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
- ip6_neighbor_key_t k;
- ip6_neighbor_t *n;
- uword *p;
- int rv = 0;
-
- if (vlib_get_thread_index ())
- {
- set_unset_ip6_neighbor_rpc (vm, sw_if_index, a, NULL, 0,
- IP_NEIGHBOR_FLAG_NONE);
- return 0;
- }
-
- k.sw_if_index = sw_if_index;
- k.ip6_address = a[0];
- k.pad = 0;
-
- p = mhash_get (&nm->neighbor_index_by_key, &k);
- if (p == 0)
- {
- rv = -1;
- goto out;
- }
-
- n = pool_elt_at_index (nm->neighbor_pool, p[0]);
-
- adj_nbr_walk_nh6 (sw_if_index,
- &n->key.ip6_address, ip6_nd_mk_incomplete_walk, NULL);
- ip6_neighbor_adj_fib_remove
- (n, ip6_fib_table_get_index_for_sw_if_index (sw_if_index));
-
- mhash_unset (&nm->neighbor_index_by_key, &n->key, 0);
- pool_put (nm->neighbor_pool, n);
-
-out:
- return rv;
-}
-
-static void ip6_neighbor_set_unset_rpc_callback
- (ip6_neighbor_set_unset_rpc_args_t * a)
-{
- vlib_main_t *vm = vlib_get_main ();
- if (a->is_add)
- vnet_set_ip6_ethernet_neighbor (vm, a->sw_if_index, &a->addr,
- &a->mac, a->flags);
- else
- vnet_unset_ip6_ethernet_neighbor (vm, a->sw_if_index, &a->addr);
-}
-
-static int
-ip6_neighbor_sort (void *a1, void *a2)
-{
- vnet_main_t *vnm = vnet_get_main ();
- ip6_neighbor_t *n1 = a1, *n2 = a2;
- int cmp;
- cmp = vnet_sw_interface_compare (vnm, n1->key.sw_if_index,
- n2->key.sw_if_index);
- if (!cmp)
- cmp = ip6_address_compare (&n1->key.ip6_address, &n2->key.ip6_address);
- return cmp;
-}
-
-ip6_neighbor_t *
-ip6_neighbors_pool (void)
-{
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
- return nm->neighbor_pool;
-}
-
-ip6_neighbor_t *
-ip6_neighbors_entries (u32 sw_if_index)
-{
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
- ip6_neighbor_t *n, *ns = NULL;
-
- /* *INDENT-OFF* */
- pool_foreach (n, nm->neighbor_pool,
- ({
- if (sw_if_index != ~0 && n->key.sw_if_index != sw_if_index)
- continue;
- vec_add1 (ns, n[0]);
- }));
- /* *INDENT-ON* */
-
- if (ns)
- vec_sort_with_function (ns, ip6_neighbor_sort);
- return ns;
-}
-
-static clib_error_t *
-show_ip6_neighbors (vlib_main_t * vm,
- unformat_input_t * input, vlib_cli_command_t * cmd)
-{
- vnet_main_t *vnm = vnet_get_main ();
- ip6_neighbor_t *n, *ns;
- clib_error_t *error = 0;
- u32 sw_if_index;
- int verbose = 0;
-
- if (unformat (input, "verbose"))
- verbose = 1;
-
- /* Filter entries by interface if given. */
- sw_if_index = ~0;
- (void) unformat_user (input, unformat_vnet_sw_interface, vnm, &sw_if_index);
-
- ns = ip6_neighbors_entries (sw_if_index);
- if (ns)
- {
- /*
- * Show the entire table if it's not too big, otherwise just
- * show the size of the table.
- */
- if (vec_len (ns) < 50)
- verbose = 1;
- if (verbose)
- {
- vlib_cli_output (vm, "%U", format_ip6_neighbor_ip6_entry, vm, 0);
- vec_foreach (n, ns)
- {
- vlib_cli_output (vm, "%U", format_ip6_neighbor_ip6_entry, vm, n);
- }
- }
- else
- vlib_cli_output
- (vm, "There are %u ip6 neighbors, "
- "'show ip6 neighbors verbose' to display the entire table...",
- vec_len (ns));
- vec_free (ns);
- }
- else
- vlib_cli_output (vm, "No ip6 neighbors");
-
- return error;
-}
-
-/*?
- * This command is used to display the adjacent IPv6 hosts found via
- * neighbor discovery. Optionally, limit the output to the specified
- * interface.
- *
- * @cliexpar
- * Example of how to display the IPv6 neighbor adjacency table:
- * @cliexstart{show ip6 neighbors}
- * Time Address Flags Link layer Interface
- * 34.0910 ::a:1:1:0:7 02:fe:6a:07:39:6f GigabitEthernet2/0/0
- * 173.2916 ::b:5:1:c:2 02:fe:50:62:3a:94 GigabitEthernet2/0/0
- * 886.6654 ::1:1:c:0:9 S 02:fe:e4:45:27:5b GigabitEthernet3/0/0
- * @cliexend
- * Example of how to display the IPv6 neighbor adjacency table for given interface:
- * @cliexstart{show ip6 neighbors GigabitEthernet2/0/0}
- * Time Address Flags Link layer Interface
- * 34.0910 ::a:1:1:0:7 02:fe:6a:07:39:6f GigabitEthernet2/0/0
- * 173.2916 ::b:5:1:c:2 02:fe:50:62:3a:94 GigabitEthernet2/0/0
- * @cliexend
-?*/
-/* *INDENT-OFF* */
-VLIB_CLI_COMMAND (show_ip6_neighbors_command, static) = {
- .path = "show ip6 neighbors",
- .function = show_ip6_neighbors,
- .short_help = "show ip6 neighbors [<interface>]",
-};
-/* *INDENT-ON* */
-
-static clib_error_t *
-set_ip6_neighbor (vlib_main_t * vm,
- unformat_input_t * input, vlib_cli_command_t * cmd)
-{
- ip_neighbor_flags_t flags = IP_NEIGHBOR_FLAG_NONE;
- vnet_main_t *vnm = vnet_get_main ();
- ip6_address_t addr;
- mac_address_t mac;
- int addr_valid = 0;
- int is_del = 0;
- u32 sw_if_index;
-
- while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
- {
- /* intfc, ip6-address, mac-address */
- if (unformat (input, "%U %U %U",
- unformat_vnet_sw_interface, vnm, &sw_if_index,
- unformat_ip6_address, &addr,
- unformat_mac_address_t, &mac))
- addr_valid = 1;
-
- else if (unformat (input, "delete") || unformat (input, "del"))
- is_del = 1;
- else if (unformat (input, "static"))
- flags |= IP_NEIGHBOR_FLAG_STATIC;
- else if (unformat (input, "no-fib-entry"))
- flags |= IP_NEIGHBOR_FLAG_NO_FIB_ENTRY;
- else
- break;
- }
-
- if (!addr_valid)
- return clib_error_return (0, "Missing interface, ip6 or hw address");
-
- if (!is_del)
- vnet_set_ip6_ethernet_neighbor (vm, sw_if_index, &addr, &mac, flags);
- else
- vnet_unset_ip6_ethernet_neighbor (vm, sw_if_index, &addr);
- return 0;
-}
-
-/*?
- * This command is used to manually add an entry to the IPv6 neighbor
- * adjacency table. Optionally, the entry can be added as static. It is
- * also used to remove an entry from the table. Use the '<em>show ip6
- * neighbors</em>' command to display all learned and manually entered entries.
- *
- * @cliexpar
- * Example of how to add a static entry to the IPv6 neighbor adjacency table:
- * @cliexcmd{set ip6 neighbor GigabitEthernet2/0/0 ::1:1:c:0:9 02:fe:e4:45:27:5b static}
- * Example of how to delete an entry from the IPv6 neighbor adjacency table:
- * @cliexcmd{set ip6 neighbor del GigabitEthernet2/0/0 ::1:1:c:0:9 02:fe:e4:45:27:5b}
-?*/
-/* *INDENT-OFF* */
-VLIB_CLI_COMMAND (set_ip6_neighbor_command, static) =
-{
- .path = "set ip6 neighbor",
- .function = set_ip6_neighbor,
- .short_help = "set ip6 neighbor [del] <interface> <ip6-address> <mac-address> [static]",
-};
-/* *INDENT-ON* */
-
-typedef enum
-{
- ICMP6_NEIGHBOR_SOLICITATION_NEXT_DROP,
- ICMP6_NEIGHBOR_SOLICITATION_NEXT_REPLY,
- ICMP6_NEIGHBOR_SOLICITATION_N_NEXT,
-} icmp6_neighbor_solicitation_or_advertisement_next_t;
-
-static_always_inline uword
-icmp6_neighbor_solicitation_or_advertisement (vlib_main_t * vm,
- vlib_node_runtime_t * node,
- vlib_frame_t * frame,
- uword is_solicitation)
-{
- vnet_main_t *vnm = vnet_get_main ();
- ip6_main_t *im = &ip6_main;
- uword n_packets = frame->n_vectors;
- u32 *from, *to_next;
- u32 n_left_from, n_left_to_next, next_index, n_advertisements_sent;
- icmp6_neighbor_discovery_option_type_t option_type;
- vlib_node_runtime_t *error_node =
- vlib_node_get_runtime (vm, ip6_icmp_input_node.index);
- int bogus_length;
-
- from = vlib_frame_vector_args (frame);
- n_left_from = n_packets;
- next_index = node->cached_next_index;
-
- if (node->flags & VLIB_NODE_FLAG_TRACE)
- vlib_trace_frame_buffers_only (vm, node, from, frame->n_vectors,
- /* stride */ 1,
- sizeof (icmp6_input_trace_t));
-
- option_type =
- (is_solicitation
- ? ICMP6_NEIGHBOR_DISCOVERY_OPTION_source_link_layer_address
- : ICMP6_NEIGHBOR_DISCOVERY_OPTION_target_link_layer_address);
- n_advertisements_sent = 0;
-
- while (n_left_from > 0)
- {
- vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
-
- while (n_left_from > 0 && n_left_to_next > 0)
- {
- vlib_buffer_t *p0;
- ip6_header_t *ip0;
- icmp6_neighbor_solicitation_or_advertisement_header_t *h0;
- icmp6_neighbor_discovery_ethernet_link_layer_address_option_t *o0;
- u32 bi0, options_len0, sw_if_index0, next0, error0;
- u32 ip6_sadd_link_local, ip6_sadd_unspecified;
- int is_rewrite0;
- u32 ni0;
-
- bi0 = to_next[0] = from[0];
-
- from += 1;
- to_next += 1;
- n_left_from -= 1;
- n_left_to_next -= 1;
-
- p0 = vlib_get_buffer (vm, bi0);
- ip0 = vlib_buffer_get_current (p0);
- h0 = ip6_next_header (ip0);
- options_len0 =
- clib_net_to_host_u16 (ip0->payload_length) - sizeof (h0[0]);
-
- error0 = ICMP6_ERROR_NONE;
- sw_if_index0 = vnet_buffer (p0)->sw_if_index[VLIB_RX];
- ip6_sadd_link_local =
- ip6_address_is_link_local_unicast (&ip0->src_address);
- ip6_sadd_unspecified =
- ip6_address_is_unspecified (&ip0->src_address);
-
- /* Check that source address is unspecified, link-local or else on-link. */
- if (!ip6_sadd_unspecified && !ip6_sadd_link_local)
- {
- u32 src_adj_index0 = ip6_src_lookup_for_packet (im, p0, ip0);
-
- if (ADJ_INDEX_INVALID != src_adj_index0)
- {
- ip_adjacency_t *adj0 = adj_get (src_adj_index0);
-
- /* Allow all realistic-looking rewrite adjacencies to pass */
- ni0 = adj0->lookup_next_index;
- is_rewrite0 = (ni0 >= IP_LOOKUP_NEXT_ARP) &&
- (ni0 < IP6_LOOKUP_N_NEXT);
-
- error0 = ((adj0->rewrite_header.sw_if_index != sw_if_index0
- || !is_rewrite0)
- ?
- ICMP6_ERROR_NEIGHBOR_SOLICITATION_SOURCE_NOT_ON_LINK
- : error0);
- }
- else
- {
- error0 =
- ICMP6_ERROR_NEIGHBOR_SOLICITATION_SOURCE_NOT_ON_LINK;
- }
- }
-
- o0 = (void *) (h0 + 1);
- o0 = ((options_len0 == 8 && o0->header.type == option_type
- && o0->header.n_data_u64s == 1) ? o0 : 0);
-
- /* If src address unspecified or link local, donot learn neighbor MAC */
- if (PREDICT_TRUE (error0 == ICMP6_ERROR_NONE && o0 != 0 &&
- !ip6_sadd_unspecified))
- {
- vnet_set_ip6_ethernet_neighbor (vm, sw_if_index0,
- is_solicitation ?
- &ip0->src_address :
- &h0->target_address,
- (mac_address_t *)
- o0->ethernet_address,
- IP_NEIGHBOR_FLAG_NONE);
- }
-
- if (is_solicitation && error0 == ICMP6_ERROR_NONE)
- {
- /* Check that target address is local to this router. */
- fib_node_index_t fei;
- u32 fib_index;
-
- fib_index =
- ip6_fib_table_get_index_for_sw_if_index (sw_if_index0);
-
- if (~0 == fib_index)
- {
- error0 = ICMP6_ERROR_NEIGHBOR_SOLICITATION_SOURCE_UNKNOWN;
- }
- else
- {
- if (ip6_address_is_link_local_unicast (&h0->target_address))
- {
- fei = ip6_fib_table_lookup_exact_match
- (ip6_ll_fib_get (sw_if_index0),
- &h0->target_address, 128);
- }
- else
- {
- fei = ip6_fib_table_lookup_exact_match (fib_index,
- &h0->target_address,
- 128);
- }
-
- if (FIB_NODE_INDEX_INVALID == fei)
- {
- /* The target address is not in the FIB */
- error0 =
- ICMP6_ERROR_NEIGHBOR_SOLICITATION_SOURCE_UNKNOWN;
- }
- else
- {
- if (FIB_ENTRY_FLAG_LOCAL &
- fib_entry_get_flags_for_source (fei,
- FIB_SOURCE_INTERFACE))
- {
- /* It's an address that belongs to one of our interfaces
- * that's good. */
- }
- else
- if (fib_entry_is_sourced
- (fei, FIB_SOURCE_IP6_ND_PROXY) ||
- fib_entry_is_sourced (fei, FIB_SOURCE_IP6_ND))
- {
- /* The address was added by IPv6 Proxy ND config.
- * We should only respond to these if the NS arrived on
- * the link that has a matching covering prefix */
- }
- else
- {
- error0 =
- ICMP6_ERROR_NEIGHBOR_SOLICITATION_SOURCE_UNKNOWN;
- }
- }
- }
- }
-
- if (is_solicitation)
- next0 = (error0 != ICMP6_ERROR_NONE
- ? ICMP6_NEIGHBOR_SOLICITATION_NEXT_DROP
- : ICMP6_NEIGHBOR_SOLICITATION_NEXT_REPLY);
- else
- {
- next0 = 0;
- error0 = error0 == ICMP6_ERROR_NONE ?
- ICMP6_ERROR_NEIGHBOR_ADVERTISEMENTS_RX : error0;
- }
-
- if (is_solicitation && error0 == ICMP6_ERROR_NONE)
- {
- vnet_sw_interface_t *sw_if0;
- ethernet_interface_t *eth_if0;
- ethernet_header_t *eth0;
-
- /* dst address is either source address or the all-nodes mcast addr */
- if (!ip6_sadd_unspecified)
- ip0->dst_address = ip0->src_address;
- else
- ip6_set_reserved_multicast_address (&ip0->dst_address,
- IP6_MULTICAST_SCOPE_link_local,
- IP6_MULTICAST_GROUP_ID_all_hosts);
-
- ip0->src_address = h0->target_address;
- ip0->hop_limit = 255;
- h0->icmp.type = ICMP6_neighbor_advertisement;
-
- sw_if0 = vnet_get_sup_sw_interface (vnm, sw_if_index0);
- ASSERT (sw_if0->type == VNET_SW_INTERFACE_TYPE_HARDWARE);
- eth_if0 =
- ethernet_get_interface (&ethernet_main, sw_if0->hw_if_index);
- if (eth_if0 && o0)
- {
- clib_memcpy (o0->ethernet_address, eth_if0->address, 6);
- o0->header.type =
- ICMP6_NEIGHBOR_DISCOVERY_OPTION_target_link_layer_address;
- }
-
- h0->advertisement_flags = clib_host_to_net_u32
- (ICMP6_NEIGHBOR_ADVERTISEMENT_FLAG_SOLICITED
- | ICMP6_NEIGHBOR_ADVERTISEMENT_FLAG_OVERRIDE);
-
- h0->icmp.checksum = 0;
- h0->icmp.checksum =
- ip6_tcp_udp_icmp_compute_checksum (vm, p0, ip0,
- &bogus_length);
- ASSERT (bogus_length == 0);
-
- /* Reuse current MAC header, copy SMAC to DMAC and
- * interface MAC to SMAC */
- vlib_buffer_advance (p0, -ethernet_buffer_header_size (p0));
- eth0 = vlib_buffer_get_current (p0);
- clib_memcpy (eth0->dst_address, eth0->src_address, 6);
- if (eth_if0)
- clib_memcpy (eth0->src_address, eth_if0->address, 6);
-
- /* Setup input and output sw_if_index for packet */
- ASSERT (vnet_buffer (p0)->sw_if_index[VLIB_RX] == sw_if_index0);
- vnet_buffer (p0)->sw_if_index[VLIB_TX] = sw_if_index0;
- vnet_buffer (p0)->sw_if_index[VLIB_RX] =
- vnet_main.local_interface_sw_if_index;
-
- n_advertisements_sent++;
- }
-
- p0->error = error_node->errors[error0];
-
- vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
- to_next, n_left_to_next,
- bi0, next0);
- }
-
- vlib_put_next_frame (vm, node, next_index, n_left_to_next);
- }
-
- /* Account for advertisements sent. */
- vlib_error_count (vm, error_node->node_index,
- ICMP6_ERROR_NEIGHBOR_ADVERTISEMENTS_TX,
- n_advertisements_sent);
-
- return frame->n_vectors;
-}
-
-/* for "syslogging" - use elog for now */
-#define foreach_log_level \
- _ (DEBUG, "DEBUG") \
- _ (INFO, "INFORMATION") \
- _ (NOTICE, "NOTICE") \
- _ (WARNING, "WARNING") \
- _ (ERR, "ERROR") \
- _ (CRIT, "CRITICAL") \
- _ (ALERT, "ALERT") \
- _ (EMERG, "EMERGENCY")
-
-typedef enum
-{
-#define _(f,s) LOG_##f,
- foreach_log_level
-#undef _
-} log_level_t;
-
-static char *log_level_strings[] = {
-#define _(f,s) s,
- foreach_log_level
-#undef _
-};
-
-static int logmask = 1 << LOG_DEBUG;
-
-static void
-ip6_neighbor_syslog (vlib_main_t * vm, int priority, char *fmt, ...)
-{
- /* just use elog for now */
- u8 *what;
- va_list va;
-
- if ((priority > LOG_EMERG) || !(logmask & (1 << priority)))
- return;
-
- va_start (va, fmt);
- if (fmt)
- {
- what = va_format (0, fmt, &va);
-
- ELOG_TYPE_DECLARE (e) =
- {
- .format = "ip6 nd: (%s): %s",.format_args = "T4T4",};
- struct
- {
- u32 s[2];
- } *ed;
- ed = ELOG_DATA (&vm->elog_main, e);
- ed->s[0] = elog_string (&vm->elog_main, log_level_strings[priority]);
- ed->s[1] = elog_string (&vm->elog_main, (char *) what);
- }
- va_end (va);
- return;
-}
-
-clib_error_t *
-call_ip6_neighbor_callbacks (void *data,
- _vnet_ip6_neighbor_function_list_elt_t * elt)
-{
- clib_error_t *error = 0;
-
- while (elt)
- {
- error = elt->fp (data);
- if (error)
- return error;
- elt = elt->next_ip6_neighbor_function;
- }
-
- return error;
-}
-
-/* ipv6 neighbor discovery - router advertisements */
-typedef enum
-{
- ICMP6_ROUTER_SOLICITATION_NEXT_DROP,
- ICMP6_ROUTER_SOLICITATION_NEXT_REPLY_RW,
- ICMP6_ROUTER_SOLICITATION_NEXT_REPLY_TX,
- ICMP6_ROUTER_SOLICITATION_N_NEXT,
-} icmp6_router_solicitation_or_advertisement_next_t;
-
-static_always_inline uword
-icmp6_router_solicitation (vlib_main_t * vm,
- vlib_node_runtime_t * node, vlib_frame_t * frame)
-{
- vnet_main_t *vnm = vnet_get_main ();
- ip6_main_t *im = &ip6_main;
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
- uword n_packets = frame->n_vectors;
- u32 *from, *to_next;
- u32 n_left_from, n_left_to_next, next_index;
- u32 n_advertisements_sent = 0;
- int bogus_length;
-
- icmp6_neighbor_discovery_option_type_t option_type;
-
- vlib_node_runtime_t *error_node =
- vlib_node_get_runtime (vm, ip6_icmp_input_node.index);
-
- from = vlib_frame_vector_args (frame);
- n_left_from = n_packets;
- next_index = node->cached_next_index;
-
- if (node->flags & VLIB_NODE_FLAG_TRACE)
- vlib_trace_frame_buffers_only (vm, node, from, frame->n_vectors,
- /* stride */ 1,
- sizeof (icmp6_input_trace_t));
-
- /* source may append his LL address */
- option_type = ICMP6_NEIGHBOR_DISCOVERY_OPTION_source_link_layer_address;
-
- while (n_left_from > 0)
- {
- vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
-
- while (n_left_from > 0 && n_left_to_next > 0)
- {
- vlib_buffer_t *p0;
- ip6_header_t *ip0;
- ip6_radv_t *radv_info = 0;
-
- icmp6_neighbor_discovery_header_t *h0;
- icmp6_neighbor_discovery_ethernet_link_layer_address_option_t *o0;
-
- u32 bi0, options_len0, sw_if_index0, next0, error0;
- u32 is_solicitation = 1, is_dropped = 0;
- u32 is_unspecified, is_link_local;
-
- bi0 = to_next[0] = from[0];
-
- from += 1;
- to_next += 1;
- n_left_from -= 1;
- n_left_to_next -= 1;
-
- p0 = vlib_get_buffer (vm, bi0);
- ip0 = vlib_buffer_get_current (p0);
- h0 = ip6_next_header (ip0);
- options_len0 =
- clib_net_to_host_u16 (ip0->payload_length) - sizeof (h0[0]);
- is_unspecified = ip6_address_is_unspecified (&ip0->src_address);
- is_link_local =
- ip6_address_is_link_local_unicast (&ip0->src_address);
-
- error0 = ICMP6_ERROR_NONE;
- sw_if_index0 = vnet_buffer (p0)->sw_if_index[VLIB_RX];
-
- /* check if solicitation (not from nd_timer node) */
- if (ip6_address_is_unspecified (&ip0->dst_address))
- is_solicitation = 0;
-
- /* Check that source address is unspecified, link-local or else on-link. */
- if (!is_unspecified && !is_link_local)
- {
- u32 src_adj_index0 = ip6_src_lookup_for_packet (im, p0, ip0);
-
- if (ADJ_INDEX_INVALID != src_adj_index0)
- {
- ip_adjacency_t *adj0 = adj_get (src_adj_index0);
-
- error0 = (adj0->rewrite_header.sw_if_index != sw_if_index0
- ?
- ICMP6_ERROR_ROUTER_SOLICITATION_SOURCE_NOT_ON_LINK
- : error0);
- }
- else
- {
- error0 = ICMP6_ERROR_ROUTER_SOLICITATION_SOURCE_NOT_ON_LINK;
- }
- }
-
- /* check for source LL option and process */
- o0 = (void *) (h0 + 1);
- o0 = ((options_len0 == 8
- && o0->header.type == option_type
- && o0->header.n_data_u64s == 1) ? o0 : 0);
-
- /* if src address unspecified IGNORE any options */
- if (PREDICT_TRUE (error0 == ICMP6_ERROR_NONE && o0 != 0 &&
- !is_unspecified && !is_link_local))
- {
- vnet_set_ip6_ethernet_neighbor
- (vm, sw_if_index0,
- &ip0->src_address,
- (mac_address_t *) o0->ethernet_address,
- IP_NEIGHBOR_FLAG_NONE);
- }
-
- /* default is to drop */
- next0 = ICMP6_ROUTER_SOLICITATION_NEXT_DROP;
-
- if (error0 == ICMP6_ERROR_NONE)
- {
- vnet_sw_interface_t *sw_if0;
- ethernet_interface_t *eth_if0;
- u32 adj_index0;
-
- sw_if0 = vnet_get_sup_sw_interface (vnm, sw_if_index0);
- ASSERT (sw_if0->type == VNET_SW_INTERFACE_TYPE_HARDWARE);
- eth_if0 =
- ethernet_get_interface (&ethernet_main, sw_if0->hw_if_index);
-
- /* only support ethernet interface type for now */
- error0 =
- (!eth_if0) ? ICMP6_ERROR_ROUTER_SOLICITATION_UNSUPPORTED_INTF
- : error0;
-
- if (error0 == ICMP6_ERROR_NONE)
- {
- u32 ri;
-
- /* adjust the sizeof the buffer to just include the ipv6 header */
- p0->current_length -=
- (options_len0 +
- sizeof (icmp6_neighbor_discovery_header_t));
-
- /* look up the radv_t information for this interface */
- if (vec_len (nm->if_radv_pool_index_by_sw_if_index) >
- sw_if_index0)
- {
- ri =
- nm->if_radv_pool_index_by_sw_if_index[sw_if_index0];
-
- if (ri != ~0)
- radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
- }
-
- error0 =
- ((!radv_info) ?
- ICMP6_ERROR_ROUTER_SOLICITATION_RADV_NOT_CONFIG :
- error0);
-
- if (error0 == ICMP6_ERROR_NONE)
- {
- f64 now = vlib_time_now (vm);
-
- /* for solicited adverts - need to rate limit */
- if (is_solicitation)
- {
- if (0 != radv_info->last_radv_time &&
- (now - radv_info->last_radv_time) <
- MIN_DELAY_BETWEEN_RAS)
- is_dropped = 1;
- else
- radv_info->last_radv_time = now;
- }
-
- /* send now */
- icmp6_router_advertisement_header_t rh;
-
- rh.icmp.type = ICMP6_router_advertisement;
- rh.icmp.code = 0;
- rh.icmp.checksum = 0;
-
- rh.current_hop_limit = radv_info->curr_hop_limit;
- rh.router_lifetime_in_sec =
- clib_host_to_net_u16
- (radv_info->adv_router_lifetime_in_sec);
- rh.
- time_in_msec_between_retransmitted_neighbor_solicitations
- =
- clib_host_to_net_u32 (radv_info->
- adv_time_in_msec_between_retransmitted_neighbor_solicitations);
- rh.neighbor_reachable_time_in_msec =
- clib_host_to_net_u32 (radv_info->
- adv_neighbor_reachable_time_in_msec);
-
- rh.flags =
- (radv_info->adv_managed_flag) ?
- ICMP6_ROUTER_DISCOVERY_FLAG_ADDRESS_CONFIG_VIA_DHCP :
- 0;
- rh.flags |=
- ((radv_info->adv_other_flag) ?
- ICMP6_ROUTER_DISCOVERY_FLAG_OTHER_CONFIG_VIA_DHCP :
- 0);
-
-
- u16 payload_length =
- sizeof (icmp6_router_advertisement_header_t);
-
- if (vlib_buffer_add_data
- (vm, &bi0, (void *) &rh,
- sizeof (icmp6_router_advertisement_header_t)))
- {
- /* buffer allocation failed, drop the pkt */
- error0 = ICMP6_ERROR_ALLOC_FAILURE;
- goto drop0;
- }
-
- if (radv_info->adv_link_layer_address)
- {
- icmp6_neighbor_discovery_ethernet_link_layer_address_option_t
- h;
-
- h.header.type =
- ICMP6_NEIGHBOR_DISCOVERY_OPTION_source_link_layer_address;
- h.header.n_data_u64s = 1;
-
- /* copy ll address */
- clib_memcpy (&h.ethernet_address[0],
- eth_if0->address, 6);
-
- if (vlib_buffer_add_data
- (vm, &bi0, (void *) &h,
- sizeof
- (icmp6_neighbor_discovery_ethernet_link_layer_address_option_t)))
- {
- error0 = ICMP6_ERROR_ALLOC_FAILURE;
- goto drop0;
- }
-
- payload_length +=
- sizeof
- (icmp6_neighbor_discovery_ethernet_link_layer_address_option_t);
- }
-
- /* add MTU option */
- if (radv_info->adv_link_mtu)
- {
- icmp6_neighbor_discovery_mtu_option_t h;
-
- h.unused = 0;
- h.mtu =
- clib_host_to_net_u32 (radv_info->adv_link_mtu);
- h.header.type = ICMP6_NEIGHBOR_DISCOVERY_OPTION_mtu;
- h.header.n_data_u64s = 1;
-
- payload_length +=
- sizeof (icmp6_neighbor_discovery_mtu_option_t);
-
- if (vlib_buffer_add_data
- (vm, &bi0, (void *) &h,
- sizeof
- (icmp6_neighbor_discovery_mtu_option_t)))
- {
- error0 = ICMP6_ERROR_ALLOC_FAILURE;
- goto drop0;
- }
- }
-
- /* add advertised prefix options */
- ip6_radv_prefix_t *pr_info;
-
- /* *INDENT-OFF* */
- pool_foreach (pr_info, radv_info->adv_prefixes_pool,
- ({
- if(pr_info->enabled &&
- (!pr_info->decrement_lifetime_flag
- || (pr_info->pref_lifetime_expires >0)))
- {
- /* advertise this prefix */
- icmp6_neighbor_discovery_prefix_information_option_t h;
-
- h.header.type = ICMP6_NEIGHBOR_DISCOVERY_OPTION_prefix_information;
- h.header.n_data_u64s = (sizeof(icmp6_neighbor_discovery_prefix_information_option_t) >> 3);
-
- h.dst_address_length = pr_info->prefix_len;
-
- h.flags = (pr_info->adv_on_link_flag) ? ICMP6_NEIGHBOR_DISCOVERY_PREFIX_INFORMATION_FLAG_ON_LINK : 0;
- h.flags |= (pr_info->adv_autonomous_flag) ? ICMP6_NEIGHBOR_DISCOVERY_PREFIX_INFORMATION_AUTO : 0;
-
- if(radv_info->cease_radv && pr_info->deprecated_prefix_flag)
- {
- h.valid_time = clib_host_to_net_u32(MIN_ADV_VALID_LIFETIME);
- h.preferred_time = 0;
- }
- else
- {
- if(pr_info->decrement_lifetime_flag)
- {
- pr_info->adv_valid_lifetime_in_secs = ((pr_info->valid_lifetime_expires > now)) ?
- (pr_info->valid_lifetime_expires - now) : 0;
-
- pr_info->adv_pref_lifetime_in_secs = ((pr_info->pref_lifetime_expires > now)) ?
- (pr_info->pref_lifetime_expires - now) : 0;
- }
-
- h.valid_time = clib_host_to_net_u32(pr_info->adv_valid_lifetime_in_secs);
- h.preferred_time = clib_host_to_net_u32(pr_info->adv_pref_lifetime_in_secs) ;
- }
- h.unused = 0;
-
- clib_warning ("Prefix %U valid %u preferred %u",
- format_ip6_address, &pr_info->prefix,
- ntohl(h.valid_time),
- ntohl(h.preferred_time));
-
- if (h.valid_time == 0)
- clib_warning ("WARNING: valid_time 0!!!");
-
- clib_memcpy(&h.dst_address, &pr_info->prefix, sizeof(ip6_address_t));
-
- payload_length += sizeof( icmp6_neighbor_discovery_prefix_information_option_t);
-
- if (vlib_buffer_add_data
- (vm, &bi0, (void *)&h,
- sizeof(icmp6_neighbor_discovery_prefix_information_option_t)))
- {
- error0 = ICMP6_ERROR_ALLOC_FAILURE;
- goto drop0;
- }
-
- }
- }));
- /* *INDENT-ON* */
-
- /* add additional options before here */
-
- /* finish building the router advertisement... */
- if (!is_unspecified && radv_info->send_unicast)
- {
- ip0->dst_address = ip0->src_address;
- }
- else
- {
- /* target address is all-nodes mcast addr */
- ip6_set_reserved_multicast_address
- (&ip0->dst_address,
- IP6_MULTICAST_SCOPE_link_local,
- IP6_MULTICAST_GROUP_ID_all_hosts);
- }
-
- /* source address MUST be the link-local address */
- ip0->src_address = radv_info->link_local_address;
-
- ip0->hop_limit = 255;
- ip0->payload_length =
- clib_host_to_net_u16 (payload_length);
-
- icmp6_router_advertisement_header_t *rh0 =
- (icmp6_router_advertisement_header_t *) (ip0 + 1);
- rh0->icmp.checksum =
- ip6_tcp_udp_icmp_compute_checksum (vm, p0, ip0,
- &bogus_length);
- ASSERT (bogus_length == 0);
-
- /* setup output if and adjacency */
- vnet_buffer (p0)->sw_if_index[VLIB_RX] =
- vnet_main.local_interface_sw_if_index;
-
- if (is_solicitation)
- {
- ethernet_header_t *eth0;
- /* Reuse current MAC header, copy SMAC to DMAC and
- * interface MAC to SMAC */
- vlib_buffer_reset (p0);
- eth0 = vlib_buffer_get_current (p0);
- clib_memcpy (eth0->dst_address, eth0->src_address,
- 6);
- clib_memcpy (eth0->src_address, eth_if0->address,
- 6);
- next0 =
- is_dropped ? next0 :
- ICMP6_ROUTER_SOLICITATION_NEXT_REPLY_TX;
- vnet_buffer (p0)->sw_if_index[VLIB_TX] =
- sw_if_index0;
- }
- else
- {
- adj_index0 = radv_info->mcast_adj_index;
- if (adj_index0 == ADJ_INDEX_INVALID)
- error0 = ICMP6_ERROR_DST_LOOKUP_MISS;
- else
- {
- next0 =
- is_dropped ? next0 :
- ICMP6_ROUTER_SOLICITATION_NEXT_REPLY_RW;
- vnet_buffer (p0)->ip.adj_index[VLIB_TX] =
- adj_index0;
- }
- }
- p0->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED;
-
- radv_info->n_solicitations_dropped += is_dropped;
- radv_info->n_solicitations_rcvd += is_solicitation;
-
- if ((error0 == ICMP6_ERROR_NONE) && !is_dropped)
- {
- radv_info->n_advertisements_sent++;
- n_advertisements_sent++;
- }
- }
- }
- }
-
- drop0:
- p0->error = error_node->errors[error0];
-
- if (error0 != ICMP6_ERROR_NONE)
- vlib_error_count (vm, error_node->node_index, error0, 1);
-
- vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
- to_next, n_left_to_next,
- bi0, next0);
-
- }
-
- vlib_put_next_frame (vm, node, next_index, n_left_to_next);
- }
-
- /* Account for router advertisements sent. */
- vlib_error_count (vm, error_node->node_index,
- ICMP6_ERROR_ROUTER_ADVERTISEMENTS_TX,
- n_advertisements_sent);
-
- return frame->n_vectors;
-}
-
- /* validate advertised info for consistancy (see RFC-4861 section 6.2.7) - log any inconsistencies, packet will always be dropped */
-static_always_inline uword
-icmp6_router_advertisement (vlib_main_t * vm,
- vlib_node_runtime_t * node, vlib_frame_t * frame)
-{
- vnet_main_t *vnm = vnet_get_main ();
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
- uword n_packets = frame->n_vectors;
- u32 *from, *to_next;
- u32 n_left_from, n_left_to_next, next_index;
- u32 n_advertisements_rcvd = 0;
-
- vlib_node_runtime_t *error_node =
- vlib_node_get_runtime (vm, ip6_icmp_input_node.index);
-
- from = vlib_frame_vector_args (frame);
- n_left_from = n_packets;
- next_index = node->cached_next_index;
-
- if (node->flags & VLIB_NODE_FLAG_TRACE)
- vlib_trace_frame_buffers_only (vm, node, from, frame->n_vectors,
- /* stride */ 1,
- sizeof (icmp6_input_trace_t));
-
- while (n_left_from > 0)
- {
- vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
-
- while (n_left_from > 0 && n_left_to_next > 0)
- {
- vlib_buffer_t *p0;
- ip6_header_t *ip0;
- ip6_radv_t *radv_info = 0;
- icmp6_router_advertisement_header_t *h0;
- u32 bi0, options_len0, sw_if_index0, next0, error0;
-
- bi0 = to_next[0] = from[0];
-
- from += 1;
- to_next += 1;
- n_left_from -= 1;
- n_left_to_next -= 1;
-
- p0 = vlib_get_buffer (vm, bi0);
- ip0 = vlib_buffer_get_current (p0);
- h0 = ip6_next_header (ip0);
- options_len0 =
- clib_net_to_host_u16 (ip0->payload_length) - sizeof (h0[0]);
-
- error0 = ICMP6_ERROR_NONE;
- sw_if_index0 = vnet_buffer (p0)->sw_if_index[VLIB_RX];
-
- /* Check that source address is link-local */
- error0 = (!ip6_address_is_link_local_unicast (&ip0->src_address)) ?
- ICMP6_ERROR_ROUTER_ADVERTISEMENT_SOURCE_NOT_LINK_LOCAL : error0;
-
- /* default is to drop */
- next0 = ICMP6_ROUTER_SOLICITATION_NEXT_DROP;
-
- n_advertisements_rcvd++;
-
- if (error0 == ICMP6_ERROR_NONE)
- {
- vnet_sw_interface_t *sw_if0;
- ethernet_interface_t *eth_if0;
-
- sw_if0 = vnet_get_sup_sw_interface (vnm, sw_if_index0);
- ASSERT (sw_if0->type == VNET_SW_INTERFACE_TYPE_HARDWARE);
- eth_if0 =
- ethernet_get_interface (&ethernet_main, sw_if0->hw_if_index);
-
- /* only support ethernet interface type for now */
- error0 =
- (!eth_if0) ? ICMP6_ERROR_ROUTER_SOLICITATION_UNSUPPORTED_INTF
- : error0;
-
- if (error0 == ICMP6_ERROR_NONE)
- {
- u32 ri;
-
- /* look up the radv_t information for this interface */
- if (vec_len (nm->if_radv_pool_index_by_sw_if_index) >
- sw_if_index0)
- {
- ri =
- nm->if_radv_pool_index_by_sw_if_index[sw_if_index0];
-
- if (ri != ~0)
- radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
- }
-
- error0 =
- ((!radv_info) ?
- ICMP6_ERROR_ROUTER_SOLICITATION_RADV_NOT_CONFIG :
- error0);
-
- if (error0 == ICMP6_ERROR_NONE)
- {
- radv_info->keep_sending_rs = 0;
-
- ra_report_t r;
-
- r.sw_if_index = sw_if_index0;
- memcpy (&r.router_address, &ip0->src_address, 16);
- r.current_hop_limit = h0->current_hop_limit;
- r.flags = h0->flags;
- r.router_lifetime_in_sec =
- clib_net_to_host_u16 (h0->router_lifetime_in_sec);
- r.neighbor_reachable_time_in_msec =
- clib_net_to_host_u32
- (h0->neighbor_reachable_time_in_msec);
- r.time_in_msec_between_retransmitted_neighbor_solicitations = clib_net_to_host_u32 (h0->time_in_msec_between_retransmitted_neighbor_solicitations);
- r.prefixes = 0;
-
- /* validate advertised information */
- if ((h0->current_hop_limit && radv_info->curr_hop_limit)
- && (h0->current_hop_limit !=
- radv_info->curr_hop_limit))
- {
- ip6_neighbor_syslog (vm, LOG_WARNING,
- "our AdvCurHopLimit on %U doesn't agree with %U",
- format_vnet_sw_if_index_name,
- vnm, sw_if_index0,
- format_ip6_address,
- &ip0->src_address);
- }
-
- if ((h0->flags &
- ICMP6_ROUTER_DISCOVERY_FLAG_ADDRESS_CONFIG_VIA_DHCP)
- != radv_info->adv_managed_flag)
- {
- ip6_neighbor_syslog (vm, LOG_WARNING,
- "our AdvManagedFlag on %U doesn't agree with %U",
- format_vnet_sw_if_index_name,
- vnm, sw_if_index0,
- format_ip6_address,
- &ip0->src_address);
- }
-
- if ((h0->flags &
- ICMP6_ROUTER_DISCOVERY_FLAG_OTHER_CONFIG_VIA_DHCP)
- != radv_info->adv_other_flag)
- {
- ip6_neighbor_syslog (vm, LOG_WARNING,
- "our AdvOtherConfigFlag on %U doesn't agree with %U",
- format_vnet_sw_if_index_name,
- vnm, sw_if_index0,
- format_ip6_address,
- &ip0->src_address);
- }
-
- if ((h0->
- time_in_msec_between_retransmitted_neighbor_solicitations
- && radv_info->
- adv_time_in_msec_between_retransmitted_neighbor_solicitations)
- && (h0->
- time_in_msec_between_retransmitted_neighbor_solicitations
- !=
- clib_host_to_net_u32 (radv_info->
- adv_time_in_msec_between_retransmitted_neighbor_solicitations)))
- {
- ip6_neighbor_syslog (vm, LOG_WARNING,
- "our AdvRetransTimer on %U doesn't agree with %U",
- format_vnet_sw_if_index_name,
- vnm, sw_if_index0,
- format_ip6_address,
- &ip0->src_address);
- }
-
- if ((h0->neighbor_reachable_time_in_msec &&
- radv_info->adv_neighbor_reachable_time_in_msec) &&
- (h0->neighbor_reachable_time_in_msec !=
- clib_host_to_net_u32
- (radv_info->adv_neighbor_reachable_time_in_msec)))
- {
- ip6_neighbor_syslog (vm, LOG_WARNING,
- "our AdvReachableTime on %U doesn't agree with %U",
- format_vnet_sw_if_index_name,
- vnm, sw_if_index0,
- format_ip6_address,
- &ip0->src_address);
- }
-
- /* check for MTU or prefix options or .. */
- u8 *opt_hdr = (u8 *) (h0 + 1);
- while (options_len0 > 0)
- {
- icmp6_neighbor_discovery_option_header_t *o0 =
- (icmp6_neighbor_discovery_option_header_t *)
- opt_hdr;
- int opt_len = o0->n_data_u64s << 3;
- icmp6_neighbor_discovery_option_type_t option_type =
- o0->type;
-
- if (options_len0 < 2)
- {
- ip6_neighbor_syslog (vm, LOG_ERR,
- "malformed RA packet on %U from %U",
- format_vnet_sw_if_index_name,
- vnm, sw_if_index0,
- format_ip6_address,
- &ip0->src_address);
- break;
- }
-
- if (opt_len == 0)
- {
- ip6_neighbor_syslog (vm, LOG_ERR,
- " zero length option in RA on %U from %U",
- format_vnet_sw_if_index_name,
- vnm, sw_if_index0,
- format_ip6_address,
- &ip0->src_address);
- break;
- }
- else if (opt_len > options_len0)
- {
- ip6_neighbor_syslog (vm, LOG_ERR,
- "option length in RA packet greater than total length on %U from %U",
- format_vnet_sw_if_index_name,
- vnm, sw_if_index0,
- format_ip6_address,
- &ip0->src_address);
- break;
- }
-
- options_len0 -= opt_len;
- opt_hdr += opt_len;
-
- switch (option_type)
- {
- case ICMP6_NEIGHBOR_DISCOVERY_OPTION_source_link_layer_address:
- {
- icmp6_neighbor_discovery_ethernet_link_layer_address_option_t
- * h =
- (icmp6_neighbor_discovery_ethernet_link_layer_address_option_t
- *) (o0);
-
- if (opt_len < sizeof (*h))
- break;
-
- memcpy (r.slla, h->ethernet_address, 6);
- }
- break;
-
- case ICMP6_NEIGHBOR_DISCOVERY_OPTION_mtu:
- {
- icmp6_neighbor_discovery_mtu_option_t *h =
- (icmp6_neighbor_discovery_mtu_option_t
- *) (o0);
-
- if (opt_len < sizeof (*h))
- break;
-
- r.mtu = clib_net_to_host_u32 (h->mtu);
-
- if ((h->mtu && radv_info->adv_link_mtu) &&
- (h->mtu !=
- clib_host_to_net_u32
- (radv_info->adv_link_mtu)))
- {
- ip6_neighbor_syslog (vm, LOG_WARNING,
- "our AdvLinkMTU on %U doesn't agree with %U",
- format_vnet_sw_if_index_name,
- vnm, sw_if_index0,
- format_ip6_address,
- &ip0->src_address);
- }
- }
- break;
-
- case ICMP6_NEIGHBOR_DISCOVERY_OPTION_prefix_information:
- {
- icmp6_neighbor_discovery_prefix_information_option_t
- * h =
- (icmp6_neighbor_discovery_prefix_information_option_t
- *) (o0);
-
- /* validate advertised prefix options */
- ip6_radv_prefix_t *pr_info;
- u32 preferred, valid;
-
- if (opt_len < sizeof (*h))
- break;
-
- vec_validate (r.prefixes,
- vec_len (r.prefixes));
- ra_report_prefix_info_t *prefix =
- vec_elt_at_index (r.prefixes,
- vec_len (r.prefixes) - 1);
-
- preferred =
- clib_net_to_host_u32 (h->preferred_time);
- valid = clib_net_to_host_u32 (h->valid_time);
-
- prefix->preferred_time = preferred;
- prefix->valid_time = valid;
- prefix->flags = h->flags & 0xc0;
- prefix->prefix.fp_len = h->dst_address_length;
- prefix->prefix.fp_addr.ip6 = h->dst_address;
- prefix->prefix.fp_proto = FIB_PROTOCOL_IP6;
-
- /* look for matching prefix - if we our advertising it, it better be consistant */
- /* *INDENT-OFF* */
- pool_foreach (pr_info, radv_info->adv_prefixes_pool,
- ({
-
- ip6_address_t mask;
- ip6_address_mask_from_width(&mask, pr_info->prefix_len);
-
- if(pr_info->enabled &&
- (pr_info->prefix_len == h->dst_address_length) &&
- ip6_address_is_equal_masked (&pr_info->prefix, &h->dst_address, &mask))
- {
- /* found it */
- if(!pr_info->decrement_lifetime_flag &&
- valid != pr_info->adv_valid_lifetime_in_secs)
- {
- ip6_neighbor_syslog(vm, LOG_WARNING,
- "our ADV validlifetime on %U for %U does not agree with %U",
- format_vnet_sw_if_index_name, vnm, sw_if_index0,format_ip6_address, &pr_info->prefix,
- format_ip6_address, &h->dst_address);
- }
- if(!pr_info->decrement_lifetime_flag &&
- preferred != pr_info->adv_pref_lifetime_in_secs)
- {
- ip6_neighbor_syslog(vm, LOG_WARNING,
- "our ADV preferredlifetime on %U for %U does not agree with %U",
- format_vnet_sw_if_index_name, vnm, sw_if_index0,format_ip6_address, &pr_info->prefix,
- format_ip6_address, &h->dst_address);
- }
- }
- break;
- }));
- /* *INDENT-ON* */
- break;
- }
- default:
- /* skip this one */
- break;
- }
- }
- ra_publish (&r);
- }
- }
- }
-
- p0->error = error_node->errors[error0];
-
- if (error0 != ICMP6_ERROR_NONE)
- vlib_error_count (vm, error_node->node_index, error0, 1);
-
- vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
- to_next, n_left_to_next,
- bi0, next0);
- }
-
- vlib_put_next_frame (vm, node, next_index, n_left_to_next);
- }
-
- /* Account for router advertisements received. */
- vlib_error_count (vm, error_node->node_index,
- ICMP6_ERROR_ROUTER_ADVERTISEMENTS_RX,
- n_advertisements_rcvd);
-
- return frame->n_vectors;
-}
-
-static inline f64
-random_f64_from_to (f64 from, f64 to)
-{
- static u32 seed = 0;
- static u8 seed_set = 0;
- if (!seed_set)
- {
- seed = random_default_seed ();
- seed_set = 1;
- }
- return random_f64 (&seed) * (to - from) + from;
-}
-
-static inline u8
-get_mac_address (u32 sw_if_index, u8 * address)
-{
- vnet_main_t *vnm = vnet_get_main ();
- vnet_hw_interface_t *hw_if = vnet_get_sup_hw_interface (vnm, sw_if_index);
- if (!hw_if->hw_address)
- return 1;
- clib_memcpy (address, hw_if->hw_address, 6);
- return 0;
-}
-
-static inline vlib_buffer_t *
-create_buffer_for_rs (vlib_main_t * vm, ip6_radv_t * radv_info)
-{
- u32 bi0;
- vlib_buffer_t *p0;
- icmp6_router_solicitation_header_t *rh;
- u16 payload_length;
- int bogus_length;
- u32 sw_if_index;
-
- sw_if_index = radv_info->sw_if_index;
-
- if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
- {
- clib_warning ("buffer allocation failure");
- return 0;
- }
-
- p0 = vlib_get_buffer (vm, bi0);
- VLIB_BUFFER_TRACE_TRAJECTORY_INIT (p0);
- p0->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED;
-
- vnet_buffer (p0)->sw_if_index[VLIB_RX] = sw_if_index;
- vnet_buffer (p0)->sw_if_index[VLIB_TX] = sw_if_index;
-
- vnet_buffer (p0)->ip.adj_index[VLIB_TX] = radv_info->mcast_adj_index;
-
- rh = vlib_buffer_get_current (p0);
- p0->current_length = sizeof (*rh);
-
- rh->neighbor.icmp.type = ICMP6_router_solicitation;
- rh->neighbor.icmp.code = 0;
- rh->neighbor.icmp.checksum = 0;
- rh->neighbor.reserved_must_be_zero = 0;
-
- rh->link_layer_option.header.type =
- ICMP6_NEIGHBOR_DISCOVERY_OPTION_source_link_layer_address;
- if (0 != get_mac_address (sw_if_index,
- rh->link_layer_option.ethernet_address))
- {
- clib_warning ("interface with sw_if_index %u has no mac address",
- sw_if_index);
- vlib_buffer_free (vm, &bi0, 1);
- return 0;
- }
- rh->link_layer_option.header.n_data_u64s = 1;
-
- payload_length = sizeof (rh->neighbor) + sizeof (u64);
-
- rh->ip.ip_version_traffic_class_and_flow_label =
- clib_host_to_net_u32 (0x6 << 28);
- rh->ip.payload_length = clib_host_to_net_u16 (payload_length);
- rh->ip.protocol = IP_PROTOCOL_ICMP6;
- rh->ip.hop_limit = 255;
- rh->ip.src_address = radv_info->link_local_address;
- /* set address ff02::2 */
- rh->ip.dst_address.as_u64[0] = clib_host_to_net_u64 (0xff02ULL << 48);
- rh->ip.dst_address.as_u64[1] = clib_host_to_net_u64 (2);
-
- rh->neighbor.icmp.checksum = ip6_tcp_udp_icmp_compute_checksum (vm, p0,
- &rh->ip,
- &bogus_length);
-
- return p0;
-}
-
-static inline void
-stop_sending_rs (vlib_main_t * vm, ip6_radv_t * ra)
-{
- u32 bi0;
-
- ra->keep_sending_rs = 0;
- if (ra->buffer)
- {
- bi0 = vlib_get_buffer_index (vm, ra->buffer);
- vlib_buffer_free (vm, &bi0, 1);
- ra->buffer = 0;
- }
-}
-
-static inline bool
-check_send_rs (vlib_main_t * vm, ip6_radv_t * radv_info, f64 current_time,
- f64 * due_time)
-{
- vlib_buffer_t *p0;
- vlib_frame_t *f;
- u32 *to_next;
- u32 next_index;
- vlib_buffer_t *c0;
- u32 ci0;
-
- icmp6_send_router_solicitation_params_t *params;
-
- if (!radv_info->keep_sending_rs)
- return false;
-
- params = &radv_info->params;
-
- if (radv_info->due_time > current_time)
- {
- *due_time = radv_info->due_time;
- return true;
- }
-
- p0 = radv_info->buffer;
-
- next_index = ip6_rewrite_mcast_node.index;
-
- c0 = vlib_buffer_copy (vm, p0);
- ci0 = vlib_get_buffer_index (vm, c0);
-
- f = vlib_get_frame_to_node (vm, next_index);
- to_next = vlib_frame_vector_args (f);
- to_next[0] = ci0;
- f->n_vectors = 1;
- vlib_put_frame_to_node (vm, next_index, f);
-
- if (params->mrc != 0 && --radv_info->n_left == 0)
- stop_sending_rs (vm, radv_info);
- else
- {
- radv_info->sleep_interval =
- (2 + random_f64_from_to (-0.1, 0.1)) * radv_info->sleep_interval;
- if (radv_info->sleep_interval > params->mrt)
- radv_info->sleep_interval =
- (1 + random_f64_from_to (-0.1, 0.1)) * params->mrt;
-
- radv_info->due_time = current_time + radv_info->sleep_interval;
-
- if (params->mrd != 0
- && current_time > radv_info->start_time + params->mrd)
- stop_sending_rs (vm, radv_info);
- else
- *due_time = radv_info->due_time;
- }
-
- return radv_info->keep_sending_rs;
-}
-
-static uword
-send_rs_process (vlib_main_t * vm, vlib_node_runtime_t * rt,
- vlib_frame_t * f0)
-{
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
- ip6_radv_t *radv_info;
- uword *event_data = 0;
- f64 sleep_time = 1e9;
- f64 current_time;
- f64 due_time;
- f64 dt = 0;
-
- while (true)
- {
- vlib_process_wait_for_event_or_clock (vm, sleep_time);
- vlib_process_get_events (vm, &event_data);
- vec_reset_length (event_data);
-
- current_time = vlib_time_now (vm);
- do
- {
- due_time = current_time + 1e9;
- /* *INDENT-OFF* */
- pool_foreach (radv_info, nm->if_radv_pool,
- ({
- if (check_send_rs (vm, radv_info, current_time, &dt)
- && (dt < due_time))
- due_time = dt;
- }));
- /* *INDENT-ON* */
- current_time = vlib_time_now (vm);
- }
- while (due_time < current_time);
-
- sleep_time = due_time - current_time;
- }
-
- return 0;
-}
-
-/* *INDENT-OFF* */
-VLIB_REGISTER_NODE (send_rs_process_node) = {
- .function = send_rs_process,
- .type = VLIB_NODE_TYPE_PROCESS,
- .name = "send-rs-process",
-};
-/* *INDENT-ON* */
-
-void
-icmp6_send_router_solicitation (vlib_main_t * vm, u32 sw_if_index, u8 stop,
- icmp6_send_router_solicitation_params_t *
- params)
-{
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
- u32 rai;
- ip6_radv_t *ra = 0;
-
- ASSERT (~0 != sw_if_index);
-
- rai = nm->if_radv_pool_index_by_sw_if_index[sw_if_index];
- ra = pool_elt_at_index (nm->if_radv_pool, rai);
-
- stop_sending_rs (vm, ra);
-
- if (!stop)
- {
- ra->keep_sending_rs = 1;
- ra->params = *params;
- ra->n_left = params->mrc;
- ra->start_time = vlib_time_now (vm);
- ra->sleep_interval = (1 + random_f64_from_to (-0.1, 0.1)) * params->irt;
- ra->due_time = 0; /* send first packet ASAP */
- ra->buffer = create_buffer_for_rs (vm, ra);
- if (!ra->buffer)
- ra->keep_sending_rs = 0;
- else
- vlib_process_signal_event (vm, send_rs_process_node.index, 1, 0);
- }
-}
-
-/**
- * @brief Add a multicast Address to the advertised MLD set
- */
-static void
-ip6_neighbor_add_mld_prefix (ip6_radv_t * radv_info, ip6_address_t * addr)
-{
- ip6_mldp_group_t *mcast_group_info;
- uword *p;
-
- /* lookup mldp info for this interface */
- p = mhash_get (&radv_info->address_to_mldp_index, addr);
- mcast_group_info =
- p ? pool_elt_at_index (radv_info->mldp_group_pool, p[0]) : 0;
-
- /* add address */
- if (!mcast_group_info)
- {
- /* add */
- u32 mi;
- pool_get (radv_info->mldp_group_pool, mcast_group_info);
- memset (mcast_group_info, 0, sizeof (*mcast_group_info));
-
- mi = mcast_group_info - radv_info->mldp_group_pool;
- mhash_set (&radv_info->address_to_mldp_index, addr, mi, /* old_value */
- 0);
-
- mcast_group_info->type = 4;
- mcast_group_info->mcast_source_address_pool = 0;
- mcast_group_info->num_sources = 0;
- clib_memcpy (&mcast_group_info->mcast_address, addr,
- sizeof (ip6_address_t));
- }
-}
-
-/**
- * @brief Delete a multicast Address from the advertised MLD set
- */
-static void
-ip6_neighbor_del_mld_prefix (ip6_radv_t * radv_info, ip6_address_t * addr)
-{
- ip6_mldp_group_t *mcast_group_info;
- uword *p;
-
- p = mhash_get (&radv_info->address_to_mldp_index, &addr);
- mcast_group_info =
- p ? pool_elt_at_index (radv_info->mldp_group_pool, p[0]) : 0;
-
- if (mcast_group_info)
- {
- mhash_unset (&radv_info->address_to_mldp_index, &addr,
- /* old_value */ 0);
- pool_put (radv_info->mldp_group_pool, mcast_group_info);
- }
-}
-
-/**
- * @brief Add a multicast Address to the advertised MLD set
- */
-static void
-ip6_neighbor_add_mld_grp (ip6_radv_t * a,
- ip6_multicast_address_scope_t scope,
- ip6_multicast_link_local_group_id_t group)
-{
- ip6_address_t addr;
-
- ip6_set_reserved_multicast_address (&addr, scope, group);
-
- ip6_neighbor_add_mld_prefix (a, &addr);
-}
-
-/**
- * @brief create and initialize router advertisement parameters with default
- * values for this intfc
- */
-u32
-ip6_neighbor_sw_interface_add_del (vnet_main_t * vnm,
- u32 sw_if_index, u32 is_add)
-{
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
- ip6_radv_t *a = 0;
- u32 ri = ~0;
- vnet_sw_interface_t *sw_if0;
- ethernet_interface_t *eth_if0 = 0;
-
- /* lookup radv container - ethernet interfaces only */
- sw_if0 = vnet_get_sup_sw_interface (vnm, sw_if_index);
- if (sw_if0->type == VNET_SW_INTERFACE_TYPE_HARDWARE)
- eth_if0 = ethernet_get_interface (&ethernet_main, sw_if0->hw_if_index);
-
- if (!eth_if0)
- return ri;
-
- vec_validate_init_empty (nm->if_radv_pool_index_by_sw_if_index, sw_if_index,
- ~0);
- ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index];
-
- if (ri != ~0)
- {
- a = pool_elt_at_index (nm->if_radv_pool, ri);
-
- if (!is_add)
- {
- ip6_radv_prefix_t *p;
- ip6_mldp_group_t *m;
-
- /* release the lock on the interface's mcast adj */
- adj_unlock (a->mcast_adj_index);
-
- /* clean up prefix and MDP pools */
- /* *INDENT-OFF* */
- pool_flush(p, a->adv_prefixes_pool,
- ({
- mhash_unset (&a->address_to_prefix_index, &p->prefix, 0);
- }));
- pool_flush (m, a->mldp_group_pool,
- ({
- mhash_unset (&a->address_to_mldp_index, &m->mcast_address, 0);
- }));
- /* *INDENT-ON* */
-
- pool_free (a->mldp_group_pool);
- pool_free (a->adv_prefixes_pool);
-
- mhash_free (&a->address_to_prefix_index);
- mhash_free (&a->address_to_mldp_index);
-
- if (a->keep_sending_rs)
- a->keep_sending_rs = 0;
-
- pool_put (nm->if_radv_pool, a);
- nm->if_radv_pool_index_by_sw_if_index[sw_if_index] = ~0;
- ri = ~0;
- }
- }
- else
- {
- if (is_add)
- {
- pool_get (nm->if_radv_pool, a);
- memset (a, 0, sizeof (*a));
-
- ri = a - nm->if_radv_pool;
- nm->if_radv_pool_index_by_sw_if_index[sw_if_index] = ri;
-
- /* initialize default values (most of which are zero) */
- clib_memset (a, 0, sizeof (a[0]));
-
- a->sw_if_index = sw_if_index;
- a->max_radv_interval = DEF_MAX_RADV_INTERVAL;
- a->min_radv_interval = DEF_MIN_RADV_INTERVAL;
- a->curr_hop_limit = DEF_CURR_HOP_LIMIT;
- a->adv_router_lifetime_in_sec = DEF_DEF_RTR_LIFETIME;
-
- /* send ll address source address option */
- a->adv_link_layer_address = 1;
-
- a->min_delay_between_radv = MIN_DELAY_BETWEEN_RAS;
- a->max_delay_between_radv = MAX_DELAY_BETWEEN_RAS;
- a->max_rtr_default_lifetime = MAX_DEF_RTR_LIFETIME;
- a->seed = (u32) clib_cpu_time_now ();
- (void) random_u32 (&a->seed);
- a->randomizer = clib_cpu_time_now ();
- (void) random_u64 (&a->randomizer);
-
- a->initial_adverts_count = MAX_INITIAL_RTR_ADVERTISEMENTS;
- a->initial_adverts_sent = a->initial_adverts_count - 1;
- a->initial_adverts_interval = MAX_INITIAL_RTR_ADVERT_INTERVAL;
-
- /* deafult is to send */
- a->send_radv = 1;
-
- /* fill in radv_info for this interface that will be needed later */
- a->adv_link_mtu =
- vnet_sw_interface_get_mtu (vnm, sw_if_index, VNET_MTU_IP6);
-
- clib_memcpy (a->link_layer_address, eth_if0->address, 6);
-
- /* fill in default link-local address (this may be overridden) */
- ip6_link_local_address_from_ethernet_mac_address
- (&a->link_local_address, eth_if0->address);
-
- mhash_init (&a->address_to_prefix_index, sizeof (uword),
- sizeof (ip6_address_t));
- mhash_init (&a->address_to_mldp_index, sizeof (uword),
- sizeof (ip6_address_t));
-
- a->mcast_adj_index = adj_mcast_add_or_lock (FIB_PROTOCOL_IP6,
- VNET_LINK_IP6,
- sw_if_index);
-
- a->keep_sending_rs = 0;
-
- /* add multicast groups we will always be reporting */
- ip6_neighbor_add_mld_grp (a,
- IP6_MULTICAST_SCOPE_link_local,
- IP6_MULTICAST_GROUP_ID_all_hosts);
- ip6_neighbor_add_mld_grp (a,
- IP6_MULTICAST_SCOPE_link_local,
- IP6_MULTICAST_GROUP_ID_all_routers);
- ip6_neighbor_add_mld_grp (a,
- IP6_MULTICAST_SCOPE_link_local,
- IP6_MULTICAST_GROUP_ID_mldv2_routers);
- }
- }
- return ri;
-}
-
-/* send an mldpv2 report */
-static void
-ip6_neighbor_send_mldpv2_report (u32 sw_if_index)
-{
- vnet_main_t *vnm = vnet_get_main ();
- vlib_main_t *vm = vnm->vlib_main;
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
- vnet_sw_interface_t *sw_if0;
- ethernet_interface_t *eth_if0;
- u32 ri;
- int bogus_length;
-
- ip6_radv_t *radv_info;
- u16 payload_length;
- vlib_buffer_t *b0;
- ip6_header_t *ip0;
- u32 *to_next;
- vlib_frame_t *f;
- u32 bo0;
- u32 n_to_alloc = 1;
- u32 n_allocated;
-
- icmp6_multicast_listener_report_header_t *rh0;
- icmp6_multicast_listener_report_packet_t *rp0;
-
- sw_if0 = vnet_get_sup_sw_interface (vnm, sw_if_index);
- ASSERT (sw_if0->type == VNET_SW_INTERFACE_TYPE_HARDWARE);
- eth_if0 = ethernet_get_interface (&ethernet_main, sw_if0->hw_if_index);
-
- if (!eth_if0 || !vnet_sw_interface_is_admin_up (vnm, sw_if_index))
- return;
-
- /* look up the radv_t information for this interface */
- vec_validate_init_empty (nm->if_radv_pool_index_by_sw_if_index, sw_if_index,
- ~0);
-
- ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index];
-
- if (ri == ~0)
- return;
-
- /* send report now - build a mldpv2 report packet */
- n_allocated = vlib_buffer_alloc (vm, &bo0, n_to_alloc);
- if (PREDICT_FALSE (n_allocated == 0))
- {
- alloc_fail:
- clib_warning ("buffer allocation failure");
- return;
- }
-
- b0 = vlib_get_buffer (vm, bo0);
-
- /* adjust the sizeof the buffer to just include the ipv6 header */
- b0->current_length = sizeof (icmp6_multicast_listener_report_packet_t);
-
- payload_length = sizeof (icmp6_multicast_listener_report_header_t);
-
- b0->error = ICMP6_ERROR_NONE;
-
- rp0 = vlib_buffer_get_current (b0);
- ip0 = (ip6_header_t *) & rp0->ip;
- rh0 = (icmp6_multicast_listener_report_header_t *) & rp0->report_hdr;
-
- clib_memset (rp0, 0x0, sizeof (icmp6_multicast_listener_report_packet_t));
-
- ip0->ip_version_traffic_class_and_flow_label =
- clib_host_to_net_u32 (0x6 << 28);
-
- ip0->protocol = IP_PROTOCOL_IP6_HOP_BY_HOP_OPTIONS;
- /* for DEBUG - vnet driver won't seem to emit router alerts */
- /* ip0->protocol = IP_PROTOCOL_ICMP6; */
- ip0->hop_limit = 1;
-
- rh0->icmp.type = ICMP6_multicast_listener_report_v2;
-
- /* source address MUST be the link-local address */
- radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
- ip0->src_address = radv_info->link_local_address;
-
- /* destination is all mldpv2 routers */
- ip6_set_reserved_multicast_address (&ip0->dst_address,
- IP6_MULTICAST_SCOPE_link_local,
- IP6_MULTICAST_GROUP_ID_mldv2_routers);
-
- /* add reports here */
- ip6_mldp_group_t *m;
- int num_addr_records = 0;
- icmp6_multicast_address_record_t rr;
-
- /* fill in the hop-by-hop extension header (router alert) info */
- rh0->ext_hdr.next_hdr = IP_PROTOCOL_ICMP6;
- rh0->ext_hdr.n_data_u64s = 0;
-
- rh0->alert.type = IP6_MLDP_ALERT_TYPE;
- rh0->alert.len = 2;
- rh0->alert.value = 0;
-
- rh0->pad.type = 1;
- rh0->pad.len = 0;
-
- rh0->icmp.checksum = 0;
-
- /* *INDENT-OFF* */
- pool_foreach (m, radv_info->mldp_group_pool,
- ({
- rr.type = m->type;
- rr.aux_data_len_u32s = 0;
- rr.num_sources = clib_host_to_net_u16 (m->num_sources);
- clib_memcpy(&rr.mcast_addr, &m->mcast_address, sizeof(ip6_address_t));
-
- num_addr_records++;
-
- if(vlib_buffer_add_data (vm, &bo0, (void *)&rr,
- sizeof(icmp6_multicast_address_record_t)))
- {
- vlib_buffer_free (vm, &bo0, 1);
- goto alloc_fail;
- }
-
- payload_length += sizeof( icmp6_multicast_address_record_t);
- }));
- /* *INDENT-ON* */
-
- rh0->rsvd = 0;
- rh0->num_addr_records = clib_host_to_net_u16 (num_addr_records);
-
- /* update lengths */
- ip0->payload_length = clib_host_to_net_u16 (payload_length);
-
- rh0->icmp.checksum = ip6_tcp_udp_icmp_compute_checksum (vm, b0, ip0,
- &bogus_length);
- ASSERT (bogus_length == 0);
-
- /*
- * OK to override w/ no regard for actual FIB, because
- * ip6-rewrite only looks at the adjacency.
- */
- vnet_buffer (b0)->sw_if_index[VLIB_RX] =
- vnet_main.local_interface_sw_if_index;
-
- vnet_buffer (b0)->ip.adj_index[VLIB_TX] = radv_info->mcast_adj_index;
- b0->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED;
-
- vlib_node_t *node = vlib_get_node_by_name (vm, (u8 *) "ip6-rewrite-mcast");
-
- f = vlib_get_frame_to_node (vm, node->index);
- to_next = vlib_frame_vector_args (f);
- to_next[0] = bo0;
- f->n_vectors = 1;
-
- vlib_put_frame_to_node (vm, node->index, f);
- return;
-}
-
-/* *INDENT-OFF* */
-VLIB_REGISTER_NODE (ip6_icmp_router_solicitation_node,static) =
-{
- .function = icmp6_router_solicitation,
- .name = "icmp6-router-solicitation",
-
- .vector_size = sizeof (u32),
-
- .format_trace = format_icmp6_input_trace,
-
- .n_next_nodes = ICMP6_ROUTER_SOLICITATION_N_NEXT,
- .next_nodes = {
- [ICMP6_ROUTER_SOLICITATION_NEXT_DROP] = "ip6-drop",
- [ICMP6_ROUTER_SOLICITATION_NEXT_REPLY_RW] = "ip6-rewrite-mcast",
- [ICMP6_ROUTER_SOLICITATION_NEXT_REPLY_TX] = "interface-output",
- },
-};
-/* *INDENT-ON* */
-
-/* send a RA or update the timer info etc.. */
-static uword
-ip6_neighbor_process_timer_event (vlib_main_t * vm,
- vlib_node_runtime_t * node,
- vlib_frame_t * frame)
-{
- vnet_main_t *vnm = vnet_get_main ();
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
- ip6_radv_t *radv_info;
- vlib_frame_t *f = 0;
- u32 n_this_frame = 0;
- u32 n_left_to_next = 0;
- u32 *to_next = 0;
- u32 bo0;
- icmp6_router_solicitation_header_t *h0;
- vlib_buffer_t *b0;
- f64 now = vlib_time_now (vm);
-
- /* Interface ip6 radv info list */
- /* *INDENT-OFF* */
- pool_foreach (radv_info, nm->if_radv_pool,
- ({
- if( !vnet_sw_interface_is_admin_up (vnm, radv_info->sw_if_index))
- {
- radv_info->initial_adverts_sent = radv_info->initial_adverts_count-1;
- radv_info->next_multicast_time = now;
- radv_info->last_multicast_time = now;
- radv_info->last_radv_time = 0;
- radv_info->all_routers_mcast = 0;
- continue;
- }
-
- /* Make sure that we've joined the all-routers multicast group */
- if(!radv_info->all_routers_mcast)
- {
- /* send MDLP_REPORT_EVENT message */
- ip6_neighbor_send_mldpv2_report(radv_info->sw_if_index);
- radv_info->all_routers_mcast = 1;
- }
-
- /* is it time to send a multicast RA on this interface? */
- if(radv_info->send_radv && (now >= radv_info->next_multicast_time))
- {
- u32 n_to_alloc = 1;
- u32 n_allocated;
-
- f64 rfn = (radv_info->max_radv_interval - radv_info->min_radv_interval) *
- random_f64 (&radv_info->seed) + radv_info->min_radv_interval;
-
- /* multicast send - compute next multicast send time */
- if( radv_info->initial_adverts_sent > 0)
- {
- radv_info->initial_adverts_sent--;
- if(rfn > radv_info-> initial_adverts_interval)
- rfn = radv_info-> initial_adverts_interval;
-
- /* check to see if we are ceasing to send */
- if( radv_info->initial_adverts_sent == 0)
- if(radv_info->cease_radv)
- radv_info->send_radv = 0;
- }
-
- radv_info->next_multicast_time = rfn + now;
- radv_info->last_multicast_time = now;
-
- /* send advert now - build a "solicted" router advert with unspecified source address */
- n_allocated = vlib_buffer_alloc (vm, &bo0, n_to_alloc);
-
- if (PREDICT_FALSE(n_allocated == 0))
- {
- clib_warning ("buffer allocation failure");
- continue;
- }
- b0 = vlib_get_buffer (vm, bo0);
- b0->current_length = sizeof( icmp6_router_solicitation_header_t);
- b0->error = ICMP6_ERROR_NONE;
- vnet_buffer (b0)->sw_if_index[VLIB_RX] = radv_info->sw_if_index;
-
- h0 = vlib_buffer_get_current (b0);
-
- clib_memset (h0, 0, sizeof (icmp6_router_solicitation_header_t));
-
- h0->ip.ip_version_traffic_class_and_flow_label = clib_host_to_net_u32 (0x6 << 28);
- h0->ip.payload_length = clib_host_to_net_u16 (sizeof (icmp6_router_solicitation_header_t)
- - STRUCT_OFFSET_OF (icmp6_router_solicitation_header_t, neighbor));
- h0->ip.protocol = IP_PROTOCOL_ICMP6;
- h0->ip.hop_limit = 255;
-
- /* set src/dst address as "unspecified" this marks this packet as internally generated rather than recieved */
- h0->ip.src_address.as_u64[0] = 0;
- h0->ip.src_address.as_u64[1] = 0;
-
- h0->ip.dst_address.as_u64[0] = 0;
- h0->ip.dst_address.as_u64[1] = 0;
-
- h0->neighbor.icmp.type = ICMP6_router_solicitation;
-
- if (PREDICT_FALSE(f == 0))
- {
- f = vlib_get_frame_to_node (vm, ip6_icmp_router_solicitation_node.index);
- to_next = vlib_frame_vector_args (f);
- n_left_to_next = VLIB_FRAME_SIZE;
- n_this_frame = 0;
- }
-
- n_this_frame++;
- n_left_to_next--;
- to_next[0] = bo0;
- to_next += 1;
-
- if (PREDICT_FALSE(n_left_to_next == 0))
- {
- f->n_vectors = n_this_frame;
- vlib_put_frame_to_node (vm, ip6_icmp_router_solicitation_node.index, f);
- f = 0;
- }
- }
- }));
- /* *INDENT-ON* */
-
- if (f)
- {
- ASSERT (n_this_frame);
- f->n_vectors = n_this_frame;
- vlib_put_frame_to_node (vm, ip6_icmp_router_solicitation_node.index, f);
- }
- return 0;
-}
-
-static uword
-ip6_icmp_neighbor_discovery_event_process (vlib_main_t * vm,
- vlib_node_runtime_t * node,
- vlib_frame_t * frame)
-{
- uword event_type;
- ip6_icmp_neighbor_discovery_event_data_t *event_data;
-
- /* init code here */
-
- while (1)
- {
- vlib_process_wait_for_event_or_clock (vm, 1. /* seconds */ );
-
- event_data = vlib_process_get_event_data (vm, &event_type);
-
- if (!event_data)
- {
- /* No events found: timer expired. */
- /* process interface list and send RAs as appropriate, update timer info */
- ip6_neighbor_process_timer_event (vm, node, frame);
- }
- else
- {
- switch (event_type)
- {
-
- case ICMP6_ND_EVENT_INIT:
- break;
-
- case ~0:
- break;
-
- default:
- ASSERT (0);
- }
-
- if (event_data)
- _vec_len (event_data) = 0;
- }
- }
- return frame->n_vectors;
-}
-
-/* *INDENT-OFF* */
-VLIB_REGISTER_NODE (ip6_icmp_router_advertisement_node,static) =
-{
- .function = icmp6_router_advertisement,
- .name = "icmp6-router-advertisement",
-
- .vector_size = sizeof (u32),
-
- .format_trace = format_icmp6_input_trace,
-
- .n_next_nodes = 1,
- .next_nodes = {
- [0] = "ip6-drop",
- },
-};
-/* *INDENT-ON* */
-
-vlib_node_registration_t ip6_icmp_neighbor_discovery_event_node = {
-
- .function = ip6_icmp_neighbor_discovery_event_process,
- .name = "ip6-icmp-neighbor-discovery-event-process",
- .type = VLIB_NODE_TYPE_PROCESS,
-};
-
-static uword
-icmp6_neighbor_solicitation (vlib_main_t * vm,
- vlib_node_runtime_t * node, vlib_frame_t * frame)
-{
- return icmp6_neighbor_solicitation_or_advertisement (vm, node, frame,
- /* is_solicitation */
- 1);
-}
-
-static uword
-icmp6_neighbor_advertisement (vlib_main_t * vm,
- vlib_node_runtime_t * node,
- vlib_frame_t * frame)
-{
- return icmp6_neighbor_solicitation_or_advertisement (vm, node, frame,
- /* is_solicitation */
- 0);
-}
-
-/* *INDENT-OFF* */
-VLIB_REGISTER_NODE (ip6_icmp_neighbor_solicitation_node,static) =
-{
- .function = icmp6_neighbor_solicitation,
- .name = "icmp6-neighbor-solicitation",
-
- .vector_size = sizeof (u32),
-
- .format_trace = format_icmp6_input_trace,
-
- .n_next_nodes = ICMP6_NEIGHBOR_SOLICITATION_N_NEXT,
- .next_nodes = {
- [ICMP6_NEIGHBOR_SOLICITATION_NEXT_DROP] = "ip6-drop",
- [ICMP6_NEIGHBOR_SOLICITATION_NEXT_REPLY] = "interface-output",
- },
-};
-/* *INDENT-ON* */
-
-/* *INDENT-OFF* */
-VLIB_REGISTER_NODE (ip6_icmp_neighbor_advertisement_node,static) =
-{
- .function = icmp6_neighbor_advertisement,
- .name = "icmp6-neighbor-advertisement",
-
- .vector_size = sizeof (u32),
-
- .format_trace = format_icmp6_input_trace,
-
- .n_next_nodes = 1,
- .next_nodes = {
- [0] = "ip6-drop",
- },
-};
-/* *INDENT-ON* */
-
-typedef enum
-{
- IP6_DISCOVER_NEIGHBOR_NEXT_DROP,
- IP6_DISCOVER_NEIGHBOR_NEXT_REPLY_TX,
- IP6_DISCOVER_NEIGHBOR_N_NEXT,
-} ip6_discover_neighbor_next_t;
-
-typedef enum
-{
- IP6_DISCOVER_NEIGHBOR_ERROR_DROP,
- IP6_DISCOVER_NEIGHBOR_ERROR_REQUEST_SENT,
- IP6_DISCOVER_NEIGHBOR_ERROR_NO_SOURCE_ADDRESS,
-} ip6_discover_neighbor_error_t;
-
-static uword
-ip6_discover_neighbor_inline (vlib_main_t * vm,
- vlib_node_runtime_t * node,
- vlib_frame_t * frame, int is_glean)
-{
- vnet_main_t *vnm = vnet_get_main ();
- ip6_main_t *im = &ip6_main;
- ip_lookup_main_t *lm = &im->lookup_main;
- u32 *from, *to_next_drop;
- uword n_left_from, n_left_to_next_drop;
- u64 seed;
- u32 thread_index = vm->thread_index;
- int bogus_length;
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
-
- if (node->flags & VLIB_NODE_FLAG_TRACE)
- ip6_forward_next_trace (vm, node, frame, VLIB_TX);
-
- seed = throttle_seed (&im->nd_throttle, thread_index, vlib_time_now (vm));
-
- from = vlib_frame_vector_args (frame);
- n_left_from = frame->n_vectors;
-
- while (n_left_from > 0)
- {
- vlib_get_next_frame (vm, node, IP6_DISCOVER_NEIGHBOR_NEXT_DROP,
- to_next_drop, n_left_to_next_drop);
-
- while (n_left_from > 0 && n_left_to_next_drop > 0)
- {
- u32 pi0, adj_index0, sw_if_index0, drop0, r0, next0;
- vnet_hw_interface_t *hw_if0;
- ip6_radv_t *radv_info;
- ip_adjacency_t *adj0;
- vlib_buffer_t *p0;
- ip6_header_t *ip0;
-
- pi0 = from[0];
-
- p0 = vlib_get_buffer (vm, pi0);
-
- adj_index0 = vnet_buffer (p0)->ip.adj_index[VLIB_TX];
-
- ip0 = vlib_buffer_get_current (p0);
-
- adj0 = adj_get (adj_index0);
-
- if (!is_glean)
- {
- ip0->dst_address.as_u64[0] =
- adj0->sub_type.nbr.next_hop.ip6.as_u64[0];
- ip0->dst_address.as_u64[1] =
- adj0->sub_type.nbr.next_hop.ip6.as_u64[1];
- }
-
- sw_if_index0 = adj0->rewrite_header.sw_if_index;
- vnet_buffer (p0)->sw_if_index[VLIB_TX] = sw_if_index0;
-
- /* combine the address and interface for a hash */
- r0 = ip6_address_hash_to_u64 (&ip0->dst_address) ^ sw_if_index0;
-
- drop0 = throttle_check (&im->nd_throttle, thread_index, r0, seed);
-
- from += 1;
- n_left_from -= 1;
- to_next_drop[0] = pi0;
- to_next_drop += 1;
- n_left_to_next_drop -= 1;
-
- hw_if0 = vnet_get_sup_hw_interface (vnm, sw_if_index0);
-
- /* If the interface is link-down, drop the pkt */
- if (!(hw_if0->flags & VNET_HW_INTERFACE_FLAG_LINK_UP))
- drop0 = 1;
-
- if (vec_len (nm->if_radv_pool_index_by_sw_if_index) > sw_if_index0)
- {
- u32 ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index0];
-
- if (ri != ~0)
- radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
- else
- drop0 = 1;
- }
- else
- drop0 = 1;
-
- /*
- * the adj has been updated to a rewrite but the node the DPO that got
- * us here hasn't - yet. no big deal. we'll drop while we wait.
- */
- if (IP_LOOKUP_NEXT_REWRITE == adj0->lookup_next_index)
- drop0 = 1;
-
- p0->error =
- node->errors[drop0 ? IP6_DISCOVER_NEIGHBOR_ERROR_DROP
- : IP6_DISCOVER_NEIGHBOR_ERROR_REQUEST_SENT];
-
- if (drop0)
- continue;
-
- {
- u32 bi0 = 0;
- icmp6_neighbor_solicitation_header_t *h0;
- vlib_buffer_t *b0;
-
- h0 = vlib_packet_template_get_packet
- (vm, &im->discover_neighbor_packet_template, &bi0);
- if (!h0)
- continue;
-
- /* copy the persistent fields from the original */
- b0 = vlib_get_buffer (vm, bi0);
- clib_memcpy_fast (b0->opaque2, p0->opaque2, sizeof (p0->opaque2));
-
- /*
- * Build ethernet header.
- * Choose source address based on destination lookup
- * adjacency.
- */
- if (!ip6_src_address_for_packet (lm,
- sw_if_index0,
- &ip0->dst_address,
- &h0->ip.src_address))
- {
- /* There is no address on the interface */
- p0->error =
- node->errors[IP6_DISCOVER_NEIGHBOR_ERROR_NO_SOURCE_ADDRESS];
- vlib_buffer_free (vm, &bi0, 1);
- continue;
- }
-
- /*
- * Destination address is a solicited node multicast address.
- * We need to fill in
- * the low 24 bits with low 24 bits of target's address.
- */
- h0->ip.dst_address.as_u8[13] = ip0->dst_address.as_u8[13];
- h0->ip.dst_address.as_u8[14] = ip0->dst_address.as_u8[14];
- h0->ip.dst_address.as_u8[15] = ip0->dst_address.as_u8[15];
-
- h0->neighbor.target_address = ip0->dst_address;
-
- clib_memcpy (h0->link_layer_option.ethernet_address,
- hw_if0->hw_address, vec_len (hw_if0->hw_address));
-
- /* $$$$ appears we need this; why is the checksum non-zero? */
- h0->neighbor.icmp.checksum = 0;
- h0->neighbor.icmp.checksum =
- ip6_tcp_udp_icmp_compute_checksum (vm, 0, &h0->ip,
- &bogus_length);
-
- ASSERT (bogus_length == 0);
-
- vlib_buffer_copy_trace_flag (vm, p0, bi0);
- vnet_buffer (b0)->sw_if_index[VLIB_TX]
- = vnet_buffer (p0)->sw_if_index[VLIB_TX];
-
- vnet_buffer (b0)->ip.adj_index[VLIB_TX] =
- radv_info->mcast_adj_index;
-
- b0->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED;
- next0 = IP6_DISCOVER_NEIGHBOR_NEXT_REPLY_TX;
-
- vlib_set_next_frame_buffer (vm, node, next0, bi0);
- }
- }
-
- vlib_put_next_frame (vm, node, IP6_DISCOVER_NEIGHBOR_NEXT_DROP,
- n_left_to_next_drop);
- }
-
- return frame->n_vectors;
-}
-
-static uword
-ip6_discover_neighbor (vlib_main_t * vm,
- vlib_node_runtime_t * node, vlib_frame_t * frame)
-{
- return (ip6_discover_neighbor_inline (vm, node, frame, 0));
-}
-
-static uword
-ip6_glean (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame)
-{
- return (ip6_discover_neighbor_inline (vm, node, frame, 1));
-}
-
-static char *ip6_discover_neighbor_error_strings[] = {
- [IP6_DISCOVER_NEIGHBOR_ERROR_DROP] = "address overflow drops",
- [IP6_DISCOVER_NEIGHBOR_ERROR_REQUEST_SENT] = "neighbor solicitations sent",
- [IP6_DISCOVER_NEIGHBOR_ERROR_NO_SOURCE_ADDRESS]
- = "no source address for ND solicitation",
-};
-
-/* *INDENT-OFF* */
-VLIB_REGISTER_NODE (ip6_glean_node) =
-{
- .function = ip6_glean,
- .name = "ip6-glean",
- .vector_size = sizeof (u32),
- .format_trace = format_ip6_forward_next_trace,
- .n_errors = ARRAY_LEN (ip6_discover_neighbor_error_strings),
- .error_strings = ip6_discover_neighbor_error_strings,
- .n_next_nodes = IP6_DISCOVER_NEIGHBOR_N_NEXT,
- .next_nodes =
- {
- [IP6_DISCOVER_NEIGHBOR_NEXT_DROP] = "ip6-drop",
- [IP6_DISCOVER_NEIGHBOR_NEXT_REPLY_TX] = "ip6-rewrite-mcast",
- },
-};
-VLIB_REGISTER_NODE (ip6_discover_neighbor_node) =
-{
- .function = ip6_discover_neighbor,
- .name = "ip6-discover-neighbor",
- .vector_size = sizeof (u32),
- .format_trace = format_ip6_forward_next_trace,
- .n_errors = ARRAY_LEN (ip6_discover_neighbor_error_strings),
- .error_strings = ip6_discover_neighbor_error_strings,
- .n_next_nodes = IP6_DISCOVER_NEIGHBOR_N_NEXT,
- .next_nodes =
- {
- [IP6_DISCOVER_NEIGHBOR_NEXT_DROP] = "ip6-drop",
- [IP6_DISCOVER_NEIGHBOR_NEXT_REPLY_TX] = "ip6-rewrite-mcast",
- },
-};
-/* *INDENT-ON* */
-
-/* API support functions */
-int
-ip6_neighbor_ra_config (vlib_main_t * vm, u32 sw_if_index,
- u8 suppress, u8 managed, u8 other,
- u8 ll_option, u8 send_unicast, u8 cease,
- u8 use_lifetime, u32 lifetime,
- u32 initial_count, u32 initial_interval,
- u32 max_interval, u32 min_interval, u8 is_no)
-{
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
- int error;
- u32 ri;
-
- /* look up the radv_t information for this interface */
- vec_validate_init_empty (nm->if_radv_pool_index_by_sw_if_index, sw_if_index,
- ~0);
- ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index];
- error = (ri != ~0) ? 0 : VNET_API_ERROR_INVALID_SW_IF_INDEX;
-
- if (!error)
- {
-
- ip6_radv_t *radv_info;
- radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
-
- if ((max_interval != 0) && (min_interval == 0))
- min_interval = .75 * max_interval;
-
- max_interval =
- (max_interval !=
- 0) ? ((is_no) ? DEF_MAX_RADV_INTERVAL : max_interval) :
- radv_info->max_radv_interval;
- min_interval =
- (min_interval !=
- 0) ? ((is_no) ? DEF_MIN_RADV_INTERVAL : min_interval) :
- radv_info->min_radv_interval;
- lifetime =
- (use_lifetime !=
- 0) ? ((is_no) ? DEF_DEF_RTR_LIFETIME : lifetime) :
- radv_info->adv_router_lifetime_in_sec;
-
- if (lifetime)
- {
- if (lifetime > MAX_DEF_RTR_LIFETIME)
- lifetime = MAX_DEF_RTR_LIFETIME;
-
- if (lifetime <= max_interval)
- return VNET_API_ERROR_INVALID_VALUE;
- }
-
- if (min_interval != 0)
- {
- if ((min_interval > .75 * max_interval) || (min_interval < 3))
- return VNET_API_ERROR_INVALID_VALUE;
- }
-
- if ((initial_count > MAX_INITIAL_RTR_ADVERTISEMENTS) ||
- (initial_interval > MAX_INITIAL_RTR_ADVERT_INTERVAL))
- return VNET_API_ERROR_INVALID_VALUE;
-
- /*
- if "flag" is set and is_no is true then restore default value else set value corresponding to "flag"
- if "flag" is clear don't change corresponding value
- */
- radv_info->send_radv =
- (suppress != 0) ? ((is_no != 0) ? 1 : 0) : radv_info->send_radv;
- radv_info->adv_managed_flag =
- (managed != 0) ? ((is_no) ? 0 : 1) : radv_info->adv_managed_flag;
- radv_info->adv_other_flag =
- (other != 0) ? ((is_no) ? 0 : 1) : radv_info->adv_other_flag;
- radv_info->adv_link_layer_address =
- (ll_option !=
- 0) ? ((is_no) ? 1 : 0) : radv_info->adv_link_layer_address;
- radv_info->send_unicast =
- (send_unicast != 0) ? ((is_no) ? 0 : 1) : radv_info->send_unicast;
- radv_info->cease_radv =
- (cease != 0) ? ((is_no) ? 0 : 1) : radv_info->cease_radv;
-
- radv_info->min_radv_interval = min_interval;
- radv_info->max_radv_interval = max_interval;
- radv_info->adv_router_lifetime_in_sec = lifetime;
-
- radv_info->initial_adverts_count =
- (initial_count !=
- 0) ? ((is_no) ? MAX_INITIAL_RTR_ADVERTISEMENTS : initial_count) :
- radv_info->initial_adverts_count;
- radv_info->initial_adverts_interval =
- (initial_interval !=
- 0) ? ((is_no) ? MAX_INITIAL_RTR_ADVERT_INTERVAL : initial_interval) :
- radv_info->initial_adverts_interval;
-
- /* restart */
- if ((cease != 0) && (is_no))
- radv_info->send_radv = 1;
-
- radv_info->initial_adverts_sent = radv_info->initial_adverts_count - 1;
- radv_info->next_multicast_time = vlib_time_now (vm);
- radv_info->last_multicast_time = vlib_time_now (vm);
- radv_info->last_radv_time = 0;
- }
- return (error);
-}
-
-int
-ip6_neighbor_ra_prefix (vlib_main_t * vm, u32 sw_if_index,
- ip6_address_t * prefix_addr, u8 prefix_len,
- u8 use_default, u32 val_lifetime, u32 pref_lifetime,
- u8 no_advertise, u8 off_link, u8 no_autoconfig,
- u8 no_onlink, u8 is_no)
-{
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
- int error;
-
- u32 ri;
-
- /* look up the radv_t information for this interface */
- vec_validate_init_empty (nm->if_radv_pool_index_by_sw_if_index, sw_if_index,
- ~0);
-
- ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index];
-
- error = (ri != ~0) ? 0 : VNET_API_ERROR_INVALID_SW_IF_INDEX;
-
- if (!error)
- {
- f64 now = vlib_time_now (vm);
- ip6_radv_t *radv_info;
- radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
-
- /* prefix info add, delete or update */
- ip6_radv_prefix_t *prefix;
-
- /* lookup prefix info for this address on this interface */
- uword *p = mhash_get (&radv_info->address_to_prefix_index, prefix_addr);
-
- prefix = p ? pool_elt_at_index (radv_info->adv_prefixes_pool, p[0]) : 0;
-
- if (is_no)
- {
- /* delete */
- if (!prefix)
- return VNET_API_ERROR_INVALID_VALUE; /* invalid prefix */
-
- if (prefix->prefix_len != prefix_len)
- return VNET_API_ERROR_INVALID_VALUE_2;
-
- /* FIXME - Should the DP do this or the CP ? */
- /* do specific delete processing here before returning */
- /* try to remove from routing table */
-
- mhash_unset (&radv_info->address_to_prefix_index, prefix_addr,
- /* old_value */ 0);
- pool_put (radv_info->adv_prefixes_pool, prefix);
-
- radv_info->initial_adverts_sent =
- radv_info->initial_adverts_count - 1;
- radv_info->next_multicast_time = vlib_time_now (vm);
- radv_info->last_multicast_time = vlib_time_now (vm);
- radv_info->last_radv_time = 0;
- return (error);
- }
-
- /* adding or changing */
- if (!prefix)
- {
- /* add */
- u32 pi;
- pool_get (radv_info->adv_prefixes_pool, prefix);
- memset (prefix, 0, sizeof (*prefix));
- pi = prefix - radv_info->adv_prefixes_pool;
- mhash_set (&radv_info->address_to_prefix_index, prefix_addr, pi,
- /* old_value */ 0);
-
- clib_memset (prefix, 0x0, sizeof (ip6_radv_prefix_t));
-
- prefix->prefix_len = prefix_len;
- clib_memcpy (&prefix->prefix, prefix_addr, sizeof (ip6_address_t));
-
- /* initialize default values */
- prefix->adv_on_link_flag = 1; /* L bit set */
- prefix->adv_autonomous_flag = 1; /* A bit set */
- prefix->adv_valid_lifetime_in_secs = DEF_ADV_VALID_LIFETIME;
- prefix->adv_pref_lifetime_in_secs = DEF_ADV_PREF_LIFETIME;
- prefix->enabled = 1;
- prefix->decrement_lifetime_flag = 1;
- prefix->deprecated_prefix_flag = 1;
-
- if (off_link == 0)
- {
- /* FIXME - Should the DP do this or the CP ? */
- /* insert prefix into routing table as a connected prefix */
- }
-
- if (use_default)
- goto restart;
- }
- else
- {
-
- if (prefix->prefix_len != prefix_len)
- return VNET_API_ERROR_INVALID_VALUE_2;
-
- if (off_link != 0)
- {
- /* FIXME - Should the DP do this or the CP ? */
- /* remove from routing table if already there */
- }
- }
-
- if ((val_lifetime == ~0) || (pref_lifetime == ~0))
- {
- prefix->adv_valid_lifetime_in_secs = ~0;
- prefix->adv_pref_lifetime_in_secs = ~0;
- prefix->decrement_lifetime_flag = 0;
- }
- else
- {
- prefix->adv_valid_lifetime_in_secs = val_lifetime;;
- prefix->adv_pref_lifetime_in_secs = pref_lifetime;
- }
-
- /* copy remaining */
- prefix->enabled = !(no_advertise != 0);
- prefix->adv_on_link_flag = !((off_link != 0) || (no_onlink != 0));
- prefix->adv_autonomous_flag = !(no_autoconfig != 0);
-
- restart:
- /* restart */
- /* fill in the expiration times */
- prefix->valid_lifetime_expires =
- now + prefix->adv_valid_lifetime_in_secs;
- prefix->pref_lifetime_expires = now + prefix->adv_pref_lifetime_in_secs;
-
- radv_info->initial_adverts_sent = radv_info->initial_adverts_count - 1;
- radv_info->next_multicast_time = vlib_time_now (vm);
- radv_info->last_multicast_time = vlib_time_now (vm);
- radv_info->last_radv_time = 0;
- }
- return (error);
-}
-
-clib_error_t *
-ip6_neighbor_cmd (vlib_main_t * vm, unformat_input_t * main_input,
- vlib_cli_command_t * cmd)
-{
- vnet_main_t *vnm = vnet_get_main ();
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
- clib_error_t *error = 0;
- u8 is_no = 0;
- u8 suppress = 0, managed = 0, other = 0;
- u8 suppress_ll_option = 0, send_unicast = 0, cease = 0;
- u8 use_lifetime = 0;
- u32 sw_if_index, ra_lifetime = 0, ra_initial_count =
- 0, ra_initial_interval = 0;
- u32 ra_max_interval = 0, ra_min_interval = 0;
-
- unformat_input_t _line_input, *line_input = &_line_input;
- vnet_sw_interface_t *sw_if0;
-
- int add_radv_info = 1;
- __attribute__ ((unused)) ip6_radv_t *radv_info = 0;
- ip6_address_t ip6_addr;
- u32 addr_len;
-
-
- /* Get a line of input. */
- if (!unformat_user (main_input, unformat_line_input, line_input))
- return 0;
-
- /* get basic radv info for this interface */
- if (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
- {
-
- if (unformat_user (line_input,
- unformat_vnet_sw_interface, vnm, &sw_if_index))
- {
- u32 ri;
- ethernet_interface_t *eth_if0 = 0;
-
- sw_if0 = vnet_get_sup_sw_interface (vnm, sw_if_index);
- if (sw_if0->type == VNET_SW_INTERFACE_TYPE_HARDWARE)
- eth_if0 =
- ethernet_get_interface (&ethernet_main, sw_if0->hw_if_index);
-
- if (!eth_if0)
- {
- error =
- clib_error_return (0, "Interface must be of ethernet type");
- goto done;
- }
-
- /* look up the radv_t information for this interface */
- vec_validate_init_empty (nm->if_radv_pool_index_by_sw_if_index,
- sw_if_index, ~0);
-
- ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index];
-
- if (ri != ~0)
- {
- radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
- }
- else
- {
- error = clib_error_return (0, "unknown interface %U'",
- format_unformat_error, line_input);
- goto done;
- }
- }
- else
- {
- error = clib_error_return (0, "invalid interface name %U'",
- format_unformat_error, line_input);
- goto done;
- }
- }
-
- /* get the rest of the command */
- while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
- {
- if (unformat (line_input, "no"))
- is_no = 1;
- else if (unformat (line_input, "prefix %U/%d",
- unformat_ip6_address, &ip6_addr, &addr_len))
- {
- add_radv_info = 0;
- break;
- }
- else if (unformat (line_input, "ra-managed-config-flag"))
- {
- managed = 1;
- break;
- }
- else if (unformat (line_input, "ra-other-config-flag"))
- {
- other = 1;
- break;
- }
- else if (unformat (line_input, "ra-suppress") ||
- unformat (line_input, "ra-surpress"))
- {
- suppress = 1;
- break;
- }
- else if (unformat (line_input, "ra-suppress-link-layer") ||
- unformat (line_input, "ra-surpress-link-layer"))
- {
- suppress_ll_option = 1;
- break;
- }
- else if (unformat (line_input, "ra-send-unicast"))
- {
- send_unicast = 1;
- break;
- }
- else if (unformat (line_input, "ra-lifetime"))
- {
- if (!unformat (line_input, "%d", &ra_lifetime))
- {
- error = unformat_parse_error (line_input);
- goto done;
- }
- use_lifetime = 1;
- break;
- }
- else if (unformat (line_input, "ra-initial"))
- {
- if (!unformat
- (line_input, "%d %d", &ra_initial_count, &ra_initial_interval))
- {
- error = unformat_parse_error (line_input);
- goto done;
- }
- break;
- }
- else if (unformat (line_input, "ra-interval"))
- {
- if (!unformat (line_input, "%d", &ra_max_interval))
- {
- error = unformat_parse_error (line_input);
- goto done;
- }
-
- if (!unformat (line_input, "%d", &ra_min_interval))
- ra_min_interval = 0;
- break;
- }
- else if (unformat (line_input, "ra-cease"))
- {
- cease = 1;
- break;
- }
- else
- {
- error = unformat_parse_error (line_input);
- goto done;
- }
- }
-
- if (add_radv_info)
- {
- ip6_neighbor_ra_config (vm, sw_if_index,
- suppress, managed, other,
- suppress_ll_option, send_unicast, cease,
- use_lifetime, ra_lifetime,
- ra_initial_count, ra_initial_interval,
- ra_max_interval, ra_min_interval, is_no);
- }
- else
- {
- u32 valid_lifetime_in_secs = 0;
- u32 pref_lifetime_in_secs = 0;
- u8 use_prefix_default_values = 0;
- u8 no_advertise = 0;
- u8 off_link = 0;
- u8 no_autoconfig = 0;
- u8 no_onlink = 0;
-
- /* get the rest of the command */
- while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
- {
- if (unformat (line_input, "default"))
- {
- use_prefix_default_values = 1;
- break;
- }
- else if (unformat (line_input, "infinite"))
- {
- valid_lifetime_in_secs = ~0;
- pref_lifetime_in_secs = ~0;
- break;
- }
- else if (unformat (line_input, "%d %d", &valid_lifetime_in_secs,
- &pref_lifetime_in_secs))
- break;
- else
- break;
- }
-
-
- /* get the rest of the command */
- while (!use_prefix_default_values &&
- unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
- {
- if (unformat (line_input, "no-advertise"))
- no_advertise = 1;
- else if (unformat (line_input, "off-link"))
- off_link = 1;
- else if (unformat (line_input, "no-autoconfig"))
- no_autoconfig = 1;
- else if (unformat (line_input, "no-onlink"))
- no_onlink = 1;
- else
- {
- error = unformat_parse_error (line_input);
- goto done;
- }
- }
-
- ip6_neighbor_ra_prefix (vm, sw_if_index,
- &ip6_addr, addr_len,
- use_prefix_default_values,
- valid_lifetime_in_secs,
- pref_lifetime_in_secs,
- no_advertise,
- off_link, no_autoconfig, no_onlink, is_no);
- }
-
-done:
- unformat_free (line_input);
-
- return error;
-}
-
-static void
-ip6_print_addrs (vlib_main_t * vm, u32 * addrs)
-{
- ip_lookup_main_t *lm = &ip6_main.lookup_main;
- u32 i;
-
- for (i = 0; i < vec_len (addrs); i++)
- {
- ip_interface_address_t *a =
- pool_elt_at_index (lm->if_address_pool, addrs[i]);
- ip6_address_t *address = ip_interface_address_get_address (lm, a);
-
- vlib_cli_output (vm, "\t\t%U/%d",
- format_ip6_address, address, a->address_length);
- }
-}
-
-static clib_error_t *
-show_ip6_interface_cmd (vlib_main_t * vm,
- unformat_input_t * input, vlib_cli_command_t * cmd)
-{
- vnet_main_t *vnm = vnet_get_main ();
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
- clib_error_t *error = 0;
- u32 sw_if_index;
-
- sw_if_index = ~0;
-
- if (unformat_user (input, unformat_vnet_sw_interface, vnm, &sw_if_index))
- {
- u32 ri;
-
- /* look up the radv_t information for this interface */
- vec_validate_init_empty (nm->if_radv_pool_index_by_sw_if_index,
- sw_if_index, ~0);
-
- ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index];
-
- if (ri != ~0)
- {
- ip_lookup_main_t *lm = &ip6_main.lookup_main;
- ip6_radv_t *radv_info;
- radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
-
- vlib_cli_output (vm, "%U is admin %s\n",
- format_vnet_sw_interface_name, vnm,
- vnet_get_sw_interface (vnm, sw_if_index),
- (vnet_sw_interface_is_admin_up (vnm, sw_if_index) ?
- "up" : "down"));
-
- u32 ai;
- u32 *link_scope = 0, *global_scope = 0;
- u32 *local_scope = 0, *unknown_scope = 0;
- ip_interface_address_t *a;
-
- vec_validate_init_empty (lm->if_address_pool_index_by_sw_if_index,
- sw_if_index, ~0);
- ai = lm->if_address_pool_index_by_sw_if_index[sw_if_index];
-
- while (ai != (u32) ~ 0)
- {
- a = pool_elt_at_index (lm->if_address_pool, ai);
- ip6_address_t *address =
- ip_interface_address_get_address (lm, a);
-
- if (ip6_address_is_link_local_unicast (address))
- vec_add1 (link_scope, ai);
- else if (ip6_address_is_global_unicast (address))
- vec_add1 (global_scope, ai);
- else if (ip6_address_is_local_unicast (address))
- vec_add1 (local_scope, ai);
- else
- vec_add1 (unknown_scope, ai);
-
- ai = a->next_this_sw_interface;
- }
-
- if (vec_len (link_scope))
- {
- vlib_cli_output (vm, "\tLink-local address(es):\n");
- ip6_print_addrs (vm, link_scope);
- vec_free (link_scope);
- }
-
- if (vec_len (local_scope))
- {
- vlib_cli_output (vm, "\tLocal unicast address(es):\n");
- ip6_print_addrs (vm, local_scope);
- vec_free (local_scope);
- }
-
- if (vec_len (global_scope))
- {
- vlib_cli_output (vm, "\tGlobal unicast address(es):\n");
- ip6_print_addrs (vm, global_scope);
- vec_free (global_scope);
- }
-
- if (vec_len (unknown_scope))
- {
- vlib_cli_output (vm, "\tOther-scope address(es):\n");
- ip6_print_addrs (vm, unknown_scope);
- vec_free (unknown_scope);
- }
-
- vlib_cli_output (vm, "\tLink-local address(es):\n");
- vlib_cli_output (vm, "\t\t%U\n", format_ip6_address,
- &radv_info->link_local_address);
-
- vlib_cli_output (vm, "\tJoined group address(es):\n");
- ip6_mldp_group_t *m;
- /* *INDENT-OFF* */
- pool_foreach (m, radv_info->mldp_group_pool,
- ({
- vlib_cli_output (vm, "\t\t%U\n", format_ip6_address,
- &m->mcast_address);
- }));
- /* *INDENT-ON* */
-
- vlib_cli_output (vm, "\tAdvertised Prefixes:\n");
- ip6_radv_prefix_t *p;
- /* *INDENT-OFF* */
- pool_foreach (p, radv_info->adv_prefixes_pool,
- ({
- vlib_cli_output (vm, "\t\tprefix %U, length %d\n",
- format_ip6_address, &p->prefix, p->prefix_len);
- }));
- /* *INDENT-ON* */
-
- vlib_cli_output (vm, "\tMTU is %d\n", radv_info->adv_link_mtu);
- vlib_cli_output (vm, "\tICMP error messages are unlimited\n");
- vlib_cli_output (vm, "\tICMP redirects are disabled\n");
- vlib_cli_output (vm, "\tICMP unreachables are not sent\n");
- vlib_cli_output (vm, "\tND DAD is disabled\n");
- //vlib_cli_output (vm, "\tND reachable time is %d milliseconds\n",);
- vlib_cli_output (vm, "\tND advertised reachable time is %d\n",
- radv_info->adv_neighbor_reachable_time_in_msec);
- vlib_cli_output (vm,
- "\tND advertised retransmit interval is %d (msec)\n",
- radv_info->
- adv_time_in_msec_between_retransmitted_neighbor_solicitations);
-
- u32 ra_interval = radv_info->max_radv_interval;
- u32 ra_interval_min = radv_info->min_radv_interval;
- vlib_cli_output (vm,
- "\tND router advertisements are sent every %d seconds (min interval is %d)\n",
- ra_interval, ra_interval_min);
- vlib_cli_output (vm,
- "\tND router advertisements live for %d seconds\n",
- radv_info->adv_router_lifetime_in_sec);
- vlib_cli_output (vm,
- "\tHosts %s stateless autoconfig for addresses\n",
- (radv_info->adv_managed_flag) ? "use" :
- " don't use");
- vlib_cli_output (vm, "\tND router advertisements sent %d\n",
- radv_info->n_advertisements_sent);
- vlib_cli_output (vm, "\tND router solicitations received %d\n",
- radv_info->n_solicitations_rcvd);
- vlib_cli_output (vm, "\tND router solicitations dropped %d\n",
- radv_info->n_solicitations_dropped);
- }
- else
- {
- error = clib_error_return (0, "IPv6 not enabled on interface",
- format_unformat_error, input);
-
- }
- }
- return error;
-}
-
-/*?
- * This command is used to display various IPv6 attributes on a given
- * interface.
- *
- * @cliexpar
- * Example of how to display IPv6 settings:
- * @cliexstart{show ip6 interface GigabitEthernet2/0/0}
- * GigabitEthernet2/0/0 is admin up
- * Link-local address(es):
- * fe80::ab8/64
- * Joined group address(es):
- * ff02::1
- * ff02::2
- * ff02::16
- * ff02::1:ff00:ab8
- * Advertised Prefixes:
- * prefix fe80::fe:28ff:fe9c:75b3, length 64
- * MTU is 1500
- * ICMP error messages are unlimited
- * ICMP redirects are disabled
- * ICMP unreachables are not sent
- * ND DAD is disabled
- * ND advertised reachable time is 0
- * ND advertised retransmit interval is 0 (msec)
- * ND router advertisements are sent every 200 seconds (min interval is 150)
- * ND router advertisements live for 600 seconds
- * Hosts use stateless autoconfig for addresses
- * ND router advertisements sent 19336
- * ND router solicitations received 0
- * ND router solicitations dropped 0
- * @cliexend
- * Example of output if IPv6 is not enabled on the interface:
- * @cliexstart{show ip6 interface GigabitEthernet2/0/0}
- * show ip6 interface: IPv6 not enabled on interface
- * @cliexend
-?*/
-/* *INDENT-OFF* */
-VLIB_CLI_COMMAND (show_ip6_interface_command, static) =
-{
- .path = "show ip6 interface",
- .function = show_ip6_interface_cmd,
- .short_help = "show ip6 interface <interface>",
-};
-/* *INDENT-ON* */
-
-clib_error_t *
-disable_ip6_interface (vlib_main_t * vm, u32 sw_if_index)
-{
- clib_error_t *error = 0;
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
- u32 ri;
-
- /* look up the radv_t information for this interface */
- vec_validate_init_empty (nm->if_radv_pool_index_by_sw_if_index, sw_if_index,
- ~0);
- ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index];
-
- /* if not created - do nothing */
- if (ri != ~0)
- {
- ip6_radv_t *radv_info;
-
- radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
-
- /* check radv_info ref count for other ip6 addresses on this interface */
- /* This implicitly excludes the link local address */
- if (radv_info->ref_count == 0)
- {
- /* essentially "disables" ipv6 on this interface */
- ip6_ll_prefix_t ilp = {
- .ilp_addr = radv_info->link_local_address,
- .ilp_sw_if_index = sw_if_index,
- };
- ip6_ll_table_entry_delete (&ilp);
- ip6_sw_interface_enable_disable (sw_if_index, 0);
- ip6_mfib_interface_enable_disable (sw_if_index, 0);
- ip6_neighbor_sw_interface_add_del (vnet_get_main (), sw_if_index,
- 0);
- }
- }
- return error;
-}
-
-int
-ip6_interface_enabled (vlib_main_t * vm, u32 sw_if_index)
-{
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
- u32 ri = ~0;
-
- /* look up the radv_t information for this interface */
- vec_validate_init_empty (nm->if_radv_pool_index_by_sw_if_index, sw_if_index,
- ~0);
-
- ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index];
-
- return ri != ~0;
-}
-
-clib_error_t *
-enable_ip6_interface (vlib_main_t * vm, u32 sw_if_index)
-{
- clib_error_t *error = 0;
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
- u32 ri;
- int is_add = 1;
-
- /* look up the radv_t information for this interface */
- vec_validate_init_empty (nm->if_radv_pool_index_by_sw_if_index, sw_if_index,
- ~0);
-
- ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index];
-
- /* if not created yet */
- if (ri == ~0)
- {
- vnet_main_t *vnm = vnet_get_main ();
- vnet_sw_interface_t *sw_if0;
-
- sw_if0 = vnet_get_sup_sw_interface (vnm, sw_if_index);
- if (sw_if0->type == VNET_SW_INTERFACE_TYPE_HARDWARE)
- {
- ethernet_interface_t *eth_if0;
-
- eth_if0 =
- ethernet_get_interface (&ethernet_main, sw_if0->hw_if_index);
- if (eth_if0)
- {
- /* create radv_info. for this interface. This holds all the info needed for router adverts */
- ri =
- ip6_neighbor_sw_interface_add_del (vnm, sw_if_index, is_add);
-
- if (ri != ~0)
- {
- ip6_radv_t *radv_info;
- ip6_address_t link_local_address;
-
- radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
-
- ip6_link_local_address_from_ethernet_mac_address
- (&link_local_address, eth_if0->address);
-
- sw_if0 = vnet_get_sw_interface (vnm, sw_if_index);
- if (sw_if0->type == VNET_SW_INTERFACE_TYPE_SUB ||
- sw_if0->type == VNET_SW_INTERFACE_TYPE_PIPE ||
- sw_if0->type == VNET_SW_INTERFACE_TYPE_P2P)
- {
- /* make up an interface id */
- link_local_address.as_u64[1] =
- random_u64 (&radv_info->randomizer);
-
- link_local_address.as_u64[0] =
- clib_host_to_net_u64 (0xFE80000000000000ULL);
- /* clear u bit */
- link_local_address.as_u8[8] &= 0xfd;
- }
- {
- ip6_ll_prefix_t ilp = {
- .ilp_addr = link_local_address,
- .ilp_sw_if_index = sw_if_index,
- };
-
- ip6_ll_table_entry_update (&ilp, FIB_ROUTE_PATH_LOCAL);
- }
-
- /* essentially "enables" ipv6 on this interface */
- ip6_mfib_interface_enable_disable (sw_if_index, 1);
- ip6_sw_interface_enable_disable (sw_if_index, 1);
-
- if (!error)
- {
- radv_info->link_local_address = link_local_address;
- }
- }
- }
- }
- }
- return error;
-}
-
-int
-ip6_get_ll_address (u32 sw_if_index, ip6_address_t * addr)
-{
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
- ip6_radv_t *radv_info;
- u32 ri;
-
- if (vec_len (nm->if_radv_pool_index_by_sw_if_index) <= sw_if_index)
- return 0;
-
- ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index];
-
- if (ri == ~0)
- return 0;
-
- radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
- *addr = radv_info->link_local_address;
-
- return (!0);
-}
-
-static clib_error_t *
-enable_ip6_interface_cmd (vlib_main_t * vm,
- unformat_input_t * input, vlib_cli_command_t * cmd)
-{
- vnet_main_t *vnm = vnet_get_main ();
- clib_error_t *error = 0;
- u32 sw_if_index;
-
- sw_if_index = ~0;
-
- if (unformat_user (input, unformat_vnet_sw_interface, vnm, &sw_if_index))
- {
- enable_ip6_interface (vm, sw_if_index);
- }
- else
- {
- error = clib_error_return (0, "unknown interface\n'",
- format_unformat_error, input);
-
- }
- return error;
-}
-
-/*?
- * This command is used to enable IPv6 on a given interface.
- *
- * @cliexpar
- * Example of how enable IPv6 on a given interface:
- * @cliexcmd{enable ip6 interface GigabitEthernet2/0/0}
-?*/
-/* *INDENT-OFF* */
-VLIB_CLI_COMMAND (enable_ip6_interface_command, static) =
-{
- .path = "enable ip6 interface",
- .function = enable_ip6_interface_cmd,
- .short_help = "enable ip6 interface <interface>",
-};
-/* *INDENT-ON* */
-
-static clib_error_t *
-disable_ip6_interface_cmd (vlib_main_t * vm,
- unformat_input_t * input, vlib_cli_command_t * cmd)
-{
- vnet_main_t *vnm = vnet_get_main ();
- clib_error_t *error = 0;
- u32 sw_if_index;
-
- sw_if_index = ~0;
-
- if (unformat_user (input, unformat_vnet_sw_interface, vnm, &sw_if_index))
- {
- error = disable_ip6_interface (vm, sw_if_index);
- }
- else
- {
- error = clib_error_return (0, "unknown interface\n'",
- format_unformat_error, input);
-
- }
- return error;
-}
-
-/*?
- * This command is used to disable IPv6 on a given interface.
- *
- * @cliexpar
- * Example of how disable IPv6 on a given interface:
- * @cliexcmd{disable ip6 interface GigabitEthernet2/0/0}
-?*/
-/* *INDENT-OFF* */
-VLIB_CLI_COMMAND (disable_ip6_interface_command, static) =
-{
- .path = "disable ip6 interface",
- .function = disable_ip6_interface_cmd,
- .short_help = "disable ip6 interface <interface>",
-};
-/* *INDENT-ON* */
-
-/*?
- * This command is used to configure the neighbor discovery
- * parameters on a given interface. Use the '<em>show ip6 interface</em>'
- * command to display some of the current neighbor discovery parameters
- * on a given interface. This command has three formats:
- *
- *
- * <b>Format 1 - Router Advertisement Options:</b> (Only one can be entered in a single command)
- *
- * '<em><b>ip6 nd <interface> [no] [ra-managed-config-flag] | [ra-other-config-flag] | [ra-suppress] | [ra-suppress-link-layer] | [ra-send-unicast] | [ra-lifetime <lifetime>] | [ra-initial <cnt> <interval>] | [ra-interval <max-interval> [<min-interval>]] | [ra-cease]</b></em>'
- *
- * Where:
- *
- * <em>[no] ra-managed-config-flag</em> - Advertises in ICMPv6
- * router-advertisement messages to use stateful address
- * auto-configuration to obtain address information (sets the M-bit).
- * Default is the M-bit is not set and the '<em>no</em>' option
- * returns it to this default state.
- *
- * <em>[no] ra-other-config-flag</em> - Indicates in ICMPv6
- * router-advertisement messages that hosts use stateful auto
- * configuration to obtain nonaddress related information (sets
- * the O-bit). Default is the O-bit is not set and the '<em>no</em>'
- * option returns it to this default state.
- *
- * <em>[no] ra-suppress</em> - Disables sending ICMPv6 router-advertisement
- * messages. The '<em>no</em>' option implies to enable sending ICMPv6
- * router-advertisement messages.
- *
- * <em>[no] ra-suppress-link-layer</em> - Indicates not to include the
- * optional source link-layer address in the ICMPv6 router-advertisement
- * messages. Default is to include the optional source link-layer address
- * and the '<em>no</em>' option returns it to this default state.
- *
- * <em>[no] ra-send-unicast</em> - Use the source address of the
- * router-solicitation message if availiable. The default is to use
- * multicast address of all nodes, and the '<em>no</em>' option returns
- * it to this default state.
- *
- * <em>[no] ra-lifetime <lifetime></em> - Advertises the lifetime of a
- * default router in ICMPv6 router-advertisement messages. The range is
- * from 0 to 9000 seconds. '<em><lifetime></em>' must be greater than
- * '<em><max-interval></em>'. The default value is 600 seconds and the
- * '<em>no</em>' option returns it to this default value.
- *
- * <em>[no] ra-initial <cnt> <interval></em> - Number of initial ICMPv6
- * router-advertisement messages sent and the interval between each
- * message. Range for count is 1 - 3 and default is 3. Range for interval
- * is 1 to 16 seconds, and default is 16 seconds. The '<em>no</em>' option
- * returns both to their default value.
- *
- * <em>[no] ra-interval <max-interval> [<min-interval>]</em> - Configures the
- * interval between sending ICMPv6 router-advertisement messages. The
- * range for max-interval is from 4 to 200 seconds. min-interval can not
- * be more than 75% of max-interval. If not set, min-interval will be
- * set to 75% of max-interval. The range for min-interval is from 3 to
- * 150 seconds. The '<em>no</em>' option returns both to their default
- * value.
- *
- * <em>[no] ra-cease</em> - Cease sending ICMPv6 router-advertisement messages.
- * The '<em>no</em>' options implies to start (or restart) sending
- * ICMPv6 router-advertisement messages.
- *
- *
- * <b>Format 2 - Prefix Options:</b>
- *
- * '<em><b>ip6 nd <interface> [no] prefix <ip6-address>/<width> [<valid-lifetime> <pref-lifetime> | infinite] [no-advertise] [off-link] [no-autoconfig] [no-onlink]</b></em>'
- *
- * Where:
- *
- * <em>no</em> - All additional flags are ignored and the prefix is deleted.
- *
- * <em><valid-lifetime> <pref-lifetime></em> - '<em><valid-lifetime></em>' is the
- * length of time in seconds during what the prefix is valid for the purpose of
- * on-link determination. Range is 7203 to 2592000 seconds and default is 2592000
- * seconds (30 days). '<em><pref-lifetime></em>' is the prefered-lifetime and is the
- * length of time in seconds during what addresses generated from the prefix remain
- * preferred. Range is 0 to 604800 seconds and default is 604800 seconds (7 days).
- *
- * <em>infinite</em> - Both '<em><valid-lifetime></em>' and '<em><<pref-lifetime></em>'
- * are inifinte, no timeout.
- *
- * <em>no-advertise</em> - Do not send full router address in prefix
- * advertisement. Default is to advertise (i.e. - This flag is off by default).
- *
- * <em>off-link</em> - Prefix is off-link, clear L-bit in packet. Default is on-link
- * (i.e. - This flag is off and L-bit in packet is set by default and this prefix can
- * be used for on-link determination). '<em>no-onlink</em>' also controls the L-bit.
- *
- * <em>no-autoconfig</em> - Do not use prefix for autoconfiguration, clear A-bit in packet.
- * Default is autoconfig (i.e. - This flag is off and A-bit in packet is set by default.
- *
- * <em>no-onlink</em> - Do not use prefix for onlink determination, clear L-bit in packet.
- * Default is on-link (i.e. - This flag is off and L-bit in packet is set by default and
- * this prefix can be used for on-link determination). '<em>off-link</em>' also controls
- * the L-bit.
- *
- *
- * <b>Format 3: - Default of Prefix:</b>
- *
- * '<em><b>ip6 nd <interface> [no] prefix <ip6-address>/<width> default</b></em>'
- *
- * When a new prefix is added (or existing one is being overwritten) <em>default</em>
- * uses default values for the prefix. If <em>no</em> is used, the <em>default</em>
- * is ignored and the prefix is deleted.
- *
- *
- * @cliexpar
- * Example of how set a router advertisement option:
- * @cliexcmd{ip6 nd GigabitEthernet2/0/0 ra-interval 100 20}
- * Example of how to add a prefix:
- * @cliexcmd{ip6 nd GigabitEthernet2/0/0 prefix fe80::fe:28ff:fe9c:75b3/64 infinite no-advertise}
- * Example of how to delete a prefix:
- * @cliexcmd{ip6 nd GigabitEthernet2/0/0 no prefix fe80::fe:28ff:fe9c:75b3/64}
-?*/
-/* *INDENT-OFF* */
-VLIB_CLI_COMMAND (ip6_nd_command, static) =
-{
- .path = "ip6 nd",
- .short_help = "ip6 nd <interface> ...",
- .function = ip6_neighbor_cmd,
-};
-/* *INDENT-ON* */
-
-clib_error_t *
-ip6_neighbor_set_link_local_address (vlib_main_t * vm, u32 sw_if_index,
- ip6_address_t * address)
-{
- clib_error_t *error = 0;
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
- u32 ri;
- ip6_radv_t *radv_info;
- vnet_main_t *vnm = vnet_get_main ();
- ip6_ll_prefix_t pfx = { 0, };
-
- if (!ip6_address_is_link_local_unicast (address))
- return (error = clib_error_return (0, "address not link-local",
- format_unformat_error));
-
- /* call enable ipv6 */
- enable_ip6_interface (vm, sw_if_index);
-
- ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index];
-
- if (ri != ~0)
- {
- radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
-
- pfx.ilp_sw_if_index = sw_if_index;
-
- pfx.ilp_addr = radv_info->link_local_address;
- ip6_ll_table_entry_delete (&pfx);
-
- pfx.ilp_addr = *address;
- ip6_ll_table_entry_update (&pfx, FIB_ROUTE_PATH_LOCAL);
-
- radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
- radv_info->link_local_address = *address;
- }
- else
- {
- vnm->api_errno = VNET_API_ERROR_IP6_NOT_ENABLED;
- error = clib_error_return (0, "ip6 not enabled for interface",
- format_unformat_error);
- }
- return error;
-}
-
-/**
- * @brief callback when an interface address is added or deleted
- */
-static void
-ip6_neighbor_add_del_interface_address (ip6_main_t * im,
- uword opaque,
- u32 sw_if_index,
- ip6_address_t * address,
- u32 address_length,
- u32 if_address_index, u32 is_delete)
-{
- vnet_main_t *vnm = vnet_get_main ();
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
- u32 ri;
- vlib_main_t *vm = vnm->vlib_main;
- ip6_radv_t *radv_info;
- ip6_address_t a;
-
- /* create solicited node multicast address for this interface address */
- ip6_set_solicited_node_multicast_address (&a, 0);
-
- a.as_u8[0xd] = address->as_u8[0xd];
- a.as_u8[0xe] = address->as_u8[0xe];
- a.as_u8[0xf] = address->as_u8[0xf];
-
- if (!is_delete)
- {
- /* try to create radv_info - does nothing if ipv6 already enabled */
- enable_ip6_interface (vm, sw_if_index);
-
- /* look up the radv_t information for this interface */
- vec_validate_init_empty (nm->if_radv_pool_index_by_sw_if_index,
- sw_if_index, ~0);
- ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index];
- if (ri != ~0)
- {
- /* get radv_info */
- radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
-
- /* add address */
- if (!ip6_address_is_link_local_unicast (address))
- radv_info->ref_count++;
-
- ip6_neighbor_add_mld_prefix (radv_info, &a);
- }
- }
- else
- {
-
- /* delete */
- /* look up the radv_t information for this interface */
- vec_validate_init_empty (nm->if_radv_pool_index_by_sw_if_index,
- sw_if_index, ~0);
- ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index];
-
- if (ri != ~0)
- {
- /* get radv_info */
- radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
-
- ip6_neighbor_del_mld_prefix (radv_info, &a);
-
- /* if interface up send MLDP "report" */
- radv_info->all_routers_mcast = 0;
-
- /* add address */
- if (!ip6_address_is_link_local_unicast (address))
- radv_info->ref_count--;
- }
- /* Ensure that IPv6 is disabled, and LL removed after ref_count reaches 0 */
- disable_ip6_interface (vm, sw_if_index);
- }
-}
-
-clib_error_t *
-ip6_set_neighbor_limit (u32 neighbor_limit)
-{
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
-
- nm->limit_neighbor_cache_size = neighbor_limit;
- return 0;
-}
-
-static void
-ip6_neighbor_table_bind (ip6_main_t * im,
- uword opaque,
- u32 sw_if_index,
- u32 new_fib_index, u32 old_fib_index)
-{
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
- ip6_neighbor_t *n = NULL;
- u32 i, *to_re_add = 0;
-
- /* *INDENT-OFF* */
- pool_foreach (n, nm->neighbor_pool,
- ({
- if (n->key.sw_if_index == sw_if_index)
- vec_add1 (to_re_add, n - nm->neighbor_pool);
- }));
- /* *INDENT-ON* */
-
- for (i = 0; i < vec_len (to_re_add); i++)
- {
- n = pool_elt_at_index (nm->neighbor_pool, to_re_add[i]);
- ip6_neighbor_adj_fib_remove (n, old_fib_index);
- ip6_neighbor_adj_fib_add (n, new_fib_index);
- }
- vec_free (to_re_add);
-}
-
-static clib_error_t *
-ip6_neighbor_init (vlib_main_t * vm)
-{
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
- ip6_main_t *im = &ip6_main;
-
- mhash_init (&nm->neighbor_index_by_key,
- /* value size */ sizeof (uword),
- /* key size */ sizeof (ip6_neighbor_key_t));
-
- icmp6_register_type (vm, ICMP6_neighbor_solicitation,
- ip6_icmp_neighbor_solicitation_node.index);
- icmp6_register_type (vm, ICMP6_neighbor_advertisement,
- ip6_icmp_neighbor_advertisement_node.index);
- icmp6_register_type (vm, ICMP6_router_solicitation,
- ip6_icmp_router_solicitation_node.index);
- icmp6_register_type (vm, ICMP6_router_advertisement,
- ip6_icmp_router_advertisement_node.index);
-
- /* handler node for ip6 neighbor discovery events and timers */
- vlib_register_node (vm, &ip6_icmp_neighbor_discovery_event_node);
-
- /* add call backs */
- ip6_add_del_interface_address_callback_t cb;
- clib_memset (&cb, 0x0, sizeof (ip6_add_del_interface_address_callback_t));
-
- /* when an interface address changes... */
- cb.function = ip6_neighbor_add_del_interface_address;
- cb.function_opaque = 0;
- vec_add1 (im->add_del_interface_address_callbacks, cb);
-
- ip6_table_bind_callback_t cbt;
- cbt.function = ip6_neighbor_table_bind;
- cbt.function_opaque = 0;
- vec_add1 (im->table_bind_callbacks, cbt);
-
- mhash_init (&nm->pending_resolutions_by_address,
- /* value size */ sizeof (uword),
- /* key size */ sizeof (ip6_address_t));
-
- mhash_init (&nm->mac_changes_by_address,
- /* value size */ sizeof (uword),
- /* key size */ sizeof (ip6_address_t));
-
- /* default, configurable */
- nm->limit_neighbor_cache_size = 50000;
-
- nm->wc_ip6_nd_publisher_node = (uword) ~ 0;
-
- nm->ip6_ra_publisher_node = (uword) ~ 0;
-
-#if 0
- /* $$$$ Hack fix for today */
- vec_validate_init_empty
- (im->discover_neighbor_next_index_by_hw_if_index, 32, 0 /* drop */ );
-#endif
-
- return 0;
-}
-
-VLIB_INIT_FUNCTION (ip6_neighbor_init);
-
-
-void
-vnet_register_ip6_neighbor_resolution_event (vnet_main_t * vnm,
- void *address_arg,
- uword node_index,
- uword type_opaque, uword data)
-{
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
- ip6_address_t *address = address_arg;
- uword *p;
- pending_resolution_t *pr;
-
- pool_get (nm->pending_resolutions, pr);
- memset (pr, 0, sizeof (*pr));
-
- pr->next_index = ~0;
- pr->node_index = node_index;
- pr->type_opaque = type_opaque;
- pr->data = data;
-
- p = mhash_get (&nm->pending_resolutions_by_address, address);
- if (p)
- {
- /* Insert new resolution at the head of the list */
- pr->next_index = p[0];
- mhash_unset (&nm->pending_resolutions_by_address, address, 0);
- }
-
- mhash_set (&nm->pending_resolutions_by_address, address,
- pr - nm->pending_resolutions, 0 /* old value */ );
-}
-
-int
-vnet_add_del_ip6_nd_change_event (vnet_main_t * vnm,
- ip6_nd_change_event_cb_t data_callback,
- u32 pid,
- void *address_arg,
- uword node_index,
- uword type_opaque, uword data, int is_add)
-{
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
- ip6_address_t *address = address_arg;
-
- /* Try to find an existing entry */
- u32 *first = (u32 *) mhash_get (&nm->mac_changes_by_address, address);
- u32 *p = first;
- pending_resolution_t *mc;
- while (p && *p != ~0)
- {
- mc = pool_elt_at_index (nm->mac_changes, *p);
- if (mc->node_index == node_index && mc->type_opaque == type_opaque
- && mc->pid == pid)
- break;
- p = &mc->next_index;
- }
-
- int found = p && *p != ~0;
- if (is_add)
- {
- if (found)
- return VNET_API_ERROR_ENTRY_ALREADY_EXISTS;
-
- pool_get (nm->mac_changes, mc);
- memset (mc, 0, sizeof (*mc));
- /* *INDENT-OFF* */
- *mc = (pending_resolution_t)
- {
- .next_index = ~0,
- .node_index = node_index,
- .type_opaque = type_opaque,
- .data = data,
- .data_callback = data_callback,
- .pid = pid,
- };
- /* *INDENT-ON* */
-
- /* Insert new resolution at the end of the list */
- u32 new_idx = mc - nm->mac_changes;
- if (p)
- p[0] = new_idx;
- else
- mhash_set (&nm->mac_changes_by_address, address, new_idx, 0);
- }
- else
- {
- if (!found)
- return VNET_API_ERROR_NO_SUCH_ENTRY;
-
- /* Clients may need to clean up pool entries, too */
- if (data_callback)
- (data_callback) (mc->data, NULL /* no new mac addrs */ , 0, NULL);
-
- /* Remove the entry from the list and delete the entry */
- *p = mc->next_index;
- pool_put (nm->mac_changes, mc);
-
- /* Remove from hash if we deleted the last entry */
- if (*p == ~0 && p == first)
- mhash_unset (&nm->mac_changes_by_address, address, 0);
- }
- return 0;
-}
-
-int
-vnet_ip6_nd_term (vlib_main_t * vm,
- vlib_node_runtime_t * node,
- vlib_buffer_t * p0,
- ethernet_header_t * eth,
- ip6_header_t * ip, u32 sw_if_index, u16 bd_index)
-{
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
- icmp6_neighbor_solicitation_or_advertisement_header_t *ndh;
- mac_address_t mac;
-
- mac_address_from_bytes (&mac, eth->src_address);
- ndh = ip6_next_header (ip);
- if (ndh->icmp.type != ICMP6_neighbor_solicitation &&
- ndh->icmp.type != ICMP6_neighbor_advertisement)
- return 0;
-
- if (PREDICT_FALSE ((node->flags & VLIB_NODE_FLAG_TRACE) &&
- (p0->flags & VLIB_BUFFER_IS_TRACED)))
- {
- u8 *t0 = vlib_add_trace (vm, node, p0,
- sizeof (icmp6_input_trace_t));
- clib_memcpy (t0, ip, sizeof (icmp6_input_trace_t));
- }
-
- /* Check if anyone want ND events for L2 BDs */
- if (PREDICT_FALSE
- (nm->wc_ip6_nd_publisher_node != (uword) ~ 0
- && !ip6_address_is_link_local_unicast (&ip->src_address)))
- {
- vnet_nd_wc_publish (sw_if_index, &mac, &ip->src_address);
- }
-
- /* Check if MAC entry exsist for solicited target IP */
- if (ndh->icmp.type == ICMP6_neighbor_solicitation)
- {
- icmp6_neighbor_discovery_ethernet_link_layer_address_option_t *opt;
- l2_bridge_domain_t *bd_config;
- u8 *macp;
-
- opt = (void *) (ndh + 1);
- if ((opt->header.type !=
- ICMP6_NEIGHBOR_DISCOVERY_OPTION_source_link_layer_address) ||
- (opt->header.n_data_u64s != 1))
- return 0; /* source link layer address option not present */
-
- bd_config = vec_elt_at_index (l2input_main.bd_configs, bd_index);
- macp =
- (u8 *) hash_get_mem (bd_config->mac_by_ip6, &ndh->target_address);
- if (macp)
- { /* found ip-mac entry, generate eighbor advertisement response */
- int bogus_length;
- vlib_node_runtime_t *error_node =
- vlib_node_get_runtime (vm, ip6_icmp_input_node.index);
- ip->dst_address = ip->src_address;
- ip->src_address = ndh->target_address;
- ip->hop_limit = 255;
- opt->header.type =
- ICMP6_NEIGHBOR_DISCOVERY_OPTION_target_link_layer_address;
- clib_memcpy (opt->ethernet_address, macp, 6);
- ndh->icmp.type = ICMP6_neighbor_advertisement;
- ndh->advertisement_flags = clib_host_to_net_u32
- (ICMP6_NEIGHBOR_ADVERTISEMENT_FLAG_SOLICITED |
- ICMP6_NEIGHBOR_ADVERTISEMENT_FLAG_OVERRIDE);
- ndh->icmp.checksum = 0;
- ndh->icmp.checksum =
- ip6_tcp_udp_icmp_compute_checksum (vm, p0, ip, &bogus_length);
- clib_memcpy (eth->dst_address, eth->src_address, 6);
- clib_memcpy (eth->src_address, macp, 6);
- vlib_error_count (vm, error_node->node_index,
- ICMP6_ERROR_NEIGHBOR_ADVERTISEMENTS_TX, 1);
- return 1;
- }
- }
-
- return 0;
-
-}
-
-int
-ip6_neighbor_proxy_add_del (u32 sw_if_index, ip6_address_t * addr, u8 is_del)
-{
- u32 fib_index;
-
- fib_prefix_t pfx = {
- .fp_len = 128,
- .fp_proto = FIB_PROTOCOL_IP6,
- .fp_addr = {
- .ip6 = *addr,
- },
- };
- ip46_address_t nh = {
- .ip6 = *addr,
- };
-
- fib_index = ip6_fib_table_get_index_for_sw_if_index (sw_if_index);
-
- if (~0 == fib_index)
- return VNET_API_ERROR_NO_SUCH_FIB;
-
- if (is_del)
- {
- fib_table_entry_path_remove (fib_index,
- &pfx,
- FIB_SOURCE_IP6_ND_PROXY,
- DPO_PROTO_IP6,
- &nh,
- sw_if_index,
- ~0, 1, FIB_ROUTE_PATH_FLAG_NONE);
- /* flush the ND cache of this address if it's there */
- vnet_unset_ip6_ethernet_neighbor (vlib_get_main (), sw_if_index, addr);
- }
- else
- {
- fib_table_entry_path_add (fib_index,
- &pfx,
- FIB_SOURCE_IP6_ND_PROXY,
- FIB_ENTRY_FLAG_NONE,
- DPO_PROTO_IP6,
- &nh,
- sw_if_index,
- ~0, 1, NULL, FIB_ROUTE_PATH_FLAG_NONE);
- }
- return (0);
-}
-
-static clib_error_t *
-set_ip6_nd_proxy_cmd (vlib_main_t * vm,
- unformat_input_t * input, vlib_cli_command_t * cmd)
-{
- vnet_main_t *vnm = vnet_get_main ();
- clib_error_t *error = 0;
- ip6_address_t addr;
- u32 sw_if_index;
- u8 is_del = 0;
-
- if (unformat_user (input, unformat_vnet_sw_interface, vnm, &sw_if_index))
- {
- /* get the rest of the command */
- while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
- {
- if (unformat (input, "%U", unformat_ip6_address, &addr))
- break;
- else if (unformat (input, "delete") || unformat (input, "del"))
- is_del = 1;
- else
- return (unformat_parse_error (input));
- }
- }
-
- ip6_neighbor_proxy_add_del (sw_if_index, &addr, is_del);
-
- return error;
-}
-
-/* *INDENT-OFF* */
-VLIB_CLI_COMMAND (set_ip6_nd_proxy_command, static) =
-{
- .path = "set ip6 nd proxy",
- .short_help = "set ip6 nd proxy <HOST> <INTERFACE>",
- .function = set_ip6_nd_proxy_cmd,
-};
-/* *INDENT-ON* */
-
-void
-ethernet_ndp_change_mac (u32 sw_if_index)
-{
- ip6_neighbor_main_t *nm = &ip6_neighbor_main;
- ip6_neighbor_t *n;
- adj_index_t ai;
-
- /* *INDENT-OFF* */
- pool_foreach (n, nm->neighbor_pool,
- ({
- if (n->key.sw_if_index == sw_if_index)
- {
- adj_nbr_walk_nh6 (sw_if_index,
- &n->key.ip6_address,
- ip6_nd_mk_complete_walk, n);
- }
- }));
- /* *INDENT-ON* */
-
- ai = adj_glean_get (FIB_PROTOCOL_IP6, sw_if_index);
-
- if (ADJ_INDEX_INVALID != ai)
- adj_glean_update_rewrite (ai);
-}
-
-void
-send_ip6_na (vlib_main_t * vm, u32 sw_if_index)
-{
- ip6_main_t *i6m = &ip6_main;
- ip6_address_t *ip6_addr = ip6_interface_first_address (i6m, sw_if_index);
-
- send_ip6_na_w_addr (vm, ip6_addr, sw_if_index);
-}
-
-void
-send_ip6_na_w_addr (vlib_main_t * vm,
- const ip6_address_t * ip6_addr, u32 sw_if_index)
-{
- ip6_main_t *i6m = &ip6_main;
- vnet_main_t *vnm = vnet_get_main ();
- u8 *rewrite, rewrite_len;
- vnet_hw_interface_t *hi = vnet_get_sup_hw_interface (vnm, sw_if_index);
- u8 dst_address[6];
-
- if (ip6_addr)
- {
- clib_warning
- ("Sending unsolicitated NA IP6 address %U on sw_if_idex %d",
- format_ip6_address, ip6_addr, sw_if_index);
-
- /* Form unsolicited neighbor advertisement packet from NS pkt template */
- int bogus_length;
- u32 bi = 0;
- icmp6_neighbor_solicitation_header_t *h =
- vlib_packet_template_get_packet (vm,
- &i6m->discover_neighbor_packet_template,
- &bi);
- if (!h)
- return;
-
- ip6_set_reserved_multicast_address (&h->ip.dst_address,
- IP6_MULTICAST_SCOPE_link_local,
- IP6_MULTICAST_GROUP_ID_all_hosts);
- h->ip.src_address = ip6_addr[0];
- h->neighbor.icmp.type = ICMP6_neighbor_advertisement;
- h->neighbor.target_address = ip6_addr[0];
- h->neighbor.advertisement_flags = clib_host_to_net_u32
- (ICMP6_NEIGHBOR_ADVERTISEMENT_FLAG_OVERRIDE);
- h->link_layer_option.header.type =
- ICMP6_NEIGHBOR_DISCOVERY_OPTION_target_link_layer_address;
- clib_memcpy (h->link_layer_option.ethernet_address,
- hi->hw_address, vec_len (hi->hw_address));
- h->neighbor.icmp.checksum =
- ip6_tcp_udp_icmp_compute_checksum (vm, 0, &h->ip, &bogus_length);
- ASSERT (bogus_length == 0);
-
- /* Setup MAC header with IP6 Etype and mcast DMAC */
- vlib_buffer_t *b = vlib_get_buffer (vm, bi);
- ip6_multicast_ethernet_address (dst_address,
- IP6_MULTICAST_GROUP_ID_all_hosts);
- rewrite =
- ethernet_build_rewrite (vnm, sw_if_index, VNET_LINK_IP6, dst_address);
- rewrite_len = vec_len (rewrite);
- vlib_buffer_advance (b, -rewrite_len);
- ethernet_header_t *e = vlib_buffer_get_current (b);
- clib_memcpy (e->dst_address, rewrite, rewrite_len);
- vec_free (rewrite);
-
- /* Send unsolicited ND advertisement packet out the specified interface */
- vnet_buffer (b)->sw_if_index[VLIB_RX] =
- vnet_buffer (b)->sw_if_index[VLIB_TX] = sw_if_index;
- vlib_frame_t *f = vlib_get_frame_to_node (vm, hi->output_node_index);
- u32 *to_next = vlib_frame_vector_args (f);
- to_next[0] = bi;
- f->n_vectors = 1;
- vlib_put_frame_to_node (vm, hi->output_node_index, f);
- }
-}
-
-/*
- * fd.io coding-style-patch-verification: ON
- *
- * Local Variables:
- * eval: (c-set-style "gnu")
- * End:
- */
diff --git a/src/vnet/ip/ip6_neighbor.h b/src/vnet/ip/ip6_neighbor.h
deleted file mode 100644
index 0707a2a8d21..00000000000
--- a/src/vnet/ip/ip6_neighbor.h
+++ /dev/null
@@ -1,205 +0,0 @@
-/*
- *
- * ip6_neighboor.h: ip6 neighbor structures
- *
- * Copyright (c) 2016 Cisco and/or its affiliates.
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at:
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef included_ip6_neighbor_h
-#define included_ip6_neighbor_h
-
-#include <vnet/fib/fib_types.h>
-#include <vnet/ethernet/mac_address.h>
-#include <vnet/ip/ip_neighbor.h>
-
-typedef struct
-{
- ip6_address_t ip6_address;
- u32 sw_if_index;
- u32 pad;
-} ip6_neighbor_key_t;
-
-typedef struct
-{
- ip6_neighbor_key_t key;
- mac_address_t mac;
- ip_neighbor_flags_t flags;
- f64 time_last_updated;
- fib_node_index_t fib_entry_index;
-} ip6_neighbor_t;
-
-extern ip6_address_t ip6_neighbor_get_link_local_address (u32 sw_if_index);
-
-extern clib_error_t *ip6_neighbor_set_link_local_address (vlib_main_t * vm,
- u32 sw_if_index,
- ip6_address_t *
- address);
-
-extern ip6_neighbor_t *ip6_neighbors_pool (void);
-
-extern ip6_neighbor_t *ip6_neighbors_entries (u32 sw_if_index);
-
-extern int ip6_neighbor_ra_config (vlib_main_t * vm, u32 sw_if_index,
- u8 suppress, u8 managed, u8 other,
- u8 ll_option, u8 send_unicast, u8 cease,
- u8 use_lifetime, u32 lifetime,
- u32 initial_count, u32 initial_interval,
- u32 max_interval, u32 min_interval,
- u8 is_no);
-
-extern int ip6_neighbor_ra_prefix (vlib_main_t * vm, u32 sw_if_index,
- ip6_address_t * prefix_addr, u8 prefix_len,
- u8 use_default, u32 val_lifetime,
- u32 pref_lifetime, u8 no_advertise,
- u8 off_link, u8 no_autoconfig,
- u8 no_onlink, u8 is_no);
-
-extern clib_error_t *ip6_set_neighbor_limit (u32 neighbor_limit);
-
-extern void vnet_register_ip6_neighbor_resolution_event (vnet_main_t * vnm,
- void *address_arg,
- uword node_index,
- uword type_opaque,
- uword data);
-
-extern int vnet_set_ip6_ethernet_neighbor (vlib_main_t * vm,
- u32 sw_if_index,
- const ip6_address_t * a,
- const mac_address_t * mac,
- ip_neighbor_flags_t flags);
-
-extern int vnet_unset_ip6_ethernet_neighbor (vlib_main_t * vm,
- u32 sw_if_index,
- const ip6_address_t * a);
-
-extern int ip6_neighbor_proxy_add_del (u32 sw_if_index,
- ip6_address_t * addr, u8 is_add);
-
-u32 ip6_neighbor_sw_interface_add_del (vnet_main_t * vnm, u32 sw_if_index,
- u32 is_add);
-typedef struct
-{
- u32 sw_if_index;
- ip6_address_t ip6;
- mac_address_t mac;
-} wc_nd_report_t;
-
-void wc_nd_set_publisher_node (uword node_index, uword event_type);
-
-typedef struct
-{
- u32 irt;
- u32 mrt;
- u32 mrc;
- u32 mrd;
-} icmp6_send_router_solicitation_params_t;
-
-void icmp6_send_router_solicitation (vlib_main_t * vm, u32 sw_if_index,
- u8 stop,
- icmp6_send_router_solicitation_params_t *
- params);
-
-typedef struct
-{
- fib_prefix_t prefix;
- u8 flags;
- u32 valid_time;
- u32 preferred_time;
-} ra_report_prefix_info_t;
-
-typedef struct
-{
- u32 sw_if_index;
- ip6_address_t router_address;
- u8 current_hop_limit;
- u8 flags;
- u16 router_lifetime_in_sec;
- u32 neighbor_reachable_time_in_msec;
- u32 time_in_msec_between_retransmitted_neighbor_solicitations;
- u8 slla[6];
- u32 mtu;
- ra_report_prefix_info_t *prefixes;
-} ra_report_t;
-
-void ra_set_publisher_node (uword node_index, uword event_type);
-
-typedef struct _vnet_ip6_neighbor_function_list_elt
-{
- struct _vnet_ip6_neighbor_function_list_elt *next_ip6_neighbor_function;
- clib_error_t *(*fp) (void *data);
-} _vnet_ip6_neighbor_function_list_elt_t;
-
-typedef struct
-{
- _vnet_ip6_neighbor_function_list_elt_t *ra_report_functions;
-} ip6_neighbor_public_main_t;
-
-extern ip6_neighbor_public_main_t ip6_neighbor_public_main;
-
-#define _VNET_IP6_NEIGHBOR_FUNCTION_DECL(f,tag) \
- \
-static void __vnet_ip6_neighbor_function_init_##tag##_##f (void) \
- __attribute__((__constructor__)) ; \
- \
-static void __vnet_ip6_neighbor_function_init_##tag##_##f (void) \
-{ \
- ip6_neighbor_public_main_t * nm = &ip6_neighbor_public_main; \
- static _vnet_ip6_neighbor_function_list_elt_t init_function; \
- init_function.next_ip6_neighbor_function = nm->tag##_functions; \
- nm->tag##_functions = &init_function; \
- init_function.fp = (void *) &f; \
-} \
- \
-static void __vnet_ip6_neighbor_function_deinit_##tag##_##f (void) \
- __attribute__((__destructor__)) ; \
- \
-static void __vnet_ip6_neighbor_function_deinit_##tag##_##f (void) \
-{ \
- ip6_neighbor_public_main_t * nm = &ip6_neighbor_public_main; \
- _vnet_ip6_neighbor_function_list_elt_t *next; \
- if (nm->tag##_functions->fp == (void *) &f) \
- { \
- nm->tag##_functions = \
- nm->tag##_functions->next_ip6_neighbor_function; \
- return; \
- } \
- next = nm->tag##_functions; \
- while (next->next_ip6_neighbor_function) \
- { \
- if (next->next_ip6_neighbor_function->fp == (void *) &f) \
- { \
- next->next_ip6_neighbor_function = \
- next->next_ip6_neighbor_function->next_ip6_neighbor_function; \
- return; \
- } \
- next = next->next_ip6_neighbor_function; \
- } \
-}
-
-#define VNET_IP6_NEIGHBOR_RA_FUNCTION(f) \
- _VNET_IP6_NEIGHBOR_FUNCTION_DECL(f,ra_report)
-
-clib_error_t *call_ip6_neighbor_callbacks (void *data,
- _vnet_ip6_neighbor_function_list_elt_t
- * elt);
-
-#endif /* included_ip6_neighbor_h */
-
-/*
- * fd.io coding-style-patch-verification: ON
- *
- * Local Variables:
- * eval: (c-set-style "gnu")
- * End:
- */
diff --git a/src/vnet/ip/ip6_packet.h b/src/vnet/ip/ip6_packet.h
index 8c0698440e3..2ba55b75e09 100644
--- a/src/vnet/ip/ip6_packet.h
+++ b/src/vnet/ip/ip6_packet.h
@@ -67,75 +67,6 @@ typedef CLIB_PACKED (struct {
}) ip6_address_fib_t;
/* *INDENT-ON* */
-typedef enum
-{
- IP46_TYPE_ANY,
- IP46_TYPE_IP4,
- IP46_TYPE_IP6
-} ip46_type_t;
-
-/* *INDENT-OFF* */
-typedef CLIB_PACKED (union ip46_address_t_ {
- struct {
- u32 pad[3];
- ip4_address_t ip4;
- };
- ip6_address_t ip6;
- u8 as_u8[16];
- u64 as_u64[2];
-}) ip46_address_t;
-/* *INDENT-ON* */
-#define ip46_address_is_ip4(ip46) (((ip46)->pad[0] | (ip46)->pad[1] | (ip46)->pad[2]) == 0)
-#define ip46_address_mask_ip4(ip46) ((ip46)->pad[0] = (ip46)->pad[1] = (ip46)->pad[2] = 0)
-#define ip46_address_set_ip4(ip46, ip) (ip46_address_mask_ip4(ip46), (ip46)->ip4 = (ip)[0])
-#define ip46_address_reset(ip46) ((ip46)->as_u64[0] = (ip46)->as_u64[1] = 0)
-#define ip46_address_cmp(ip46_1, ip46_2) (memcmp(ip46_1, ip46_2, sizeof(*ip46_1)))
-#define ip46_address_is_zero(ip46) (((ip46)->as_u64[0] == 0) && ((ip46)->as_u64[1] == 0))
-#define ip46_address_is_equal(a1, a2) (((a1)->as_u64[0] == (a2)->as_u64[0]) \
- && ((a1)->as_u64[1] == (a2)->as_u64[1]))
-#define ip46_address_initializer {{{ 0 }}}
-
-static_always_inline int
-ip46_address_is_equal_v4 (const ip46_address_t * ip46,
- const ip4_address_t * ip4)
-{
- return (ip46->ip4.as_u32 == ip4->as_u32);
-}
-
-static_always_inline int
-ip46_address_is_equal_v6 (const ip46_address_t * ip46,
- const ip6_address_t * ip6)
-{
- return ((ip46->ip6.as_u64[0] == ip6->as_u64[0]) &&
- (ip46->ip6.as_u64[1] == ip6->as_u64[1]));
-}
-
-static_always_inline void
-ip46_address_copy (ip46_address_t * dst, const ip46_address_t * src)
-{
- dst->as_u64[0] = src->as_u64[0];
- dst->as_u64[1] = src->as_u64[1];
-}
-
-static_always_inline void
-ip46_address_set_ip6 (ip46_address_t * dst, const ip6_address_t * src)
-{
- dst->as_u64[0] = src->as_u64[0];
- dst->as_u64[1] = src->as_u64[1];
-}
-
-always_inline ip46_address_t
-to_ip46 (u32 is_ipv6, u8 * buf)
-{
- ip46_address_t ip;
- if (is_ipv6)
- ip.ip6 = *((ip6_address_t *) buf);
- else
- ip46_address_set_ip4 (&ip, (ip4_address_t *) buf);
- return ip;
-}
-
-
always_inline void
ip6_addr_fib_init (ip6_address_fib_t * addr_fib,
const ip6_address_t * address, u32 fib_index)
@@ -189,13 +120,6 @@ ip6_address_is_multicast (const ip6_address_t * a)
return a->as_u8[0] == 0xff;
}
-always_inline uword
-ip46_address_is_multicast (const ip46_address_t * a)
-{
- return ip46_address_is_ip4 (a) ? ip4_address_is_multicast (&a->ip4) :
- ip6_address_is_multicast (&a->ip6);
-}
-
always_inline void
ip6_address_copy (ip6_address_t * dst, const ip6_address_t * src)
{
diff --git a/src/vnet/ip/ip_api.c b/src/vnet/ip/ip_api.c
index 6da6ac34d48..4f5b6b9d0a6 100644
--- a/src/vnet/ip/ip_api.c
+++ b/src/vnet/ip/ip_api.c
@@ -25,9 +25,7 @@
#include <vnet/ethernet/ethernet.h>
#include <vnet/ethernet/ethernet_types_api.h>
#include <vnet/ip/ip.h>
-#include <vnet/ip/ip_neighbor.h>
#include <vnet/ip/ip_types_api.h>
-#include <vnet/ip/ip6_neighbor.h>
#include <vnet/ip/ip_punt_drop.h>
#include <vnet/ip/ip_types_api.h>
#include <vnet/fib/fib_table.h>
@@ -43,12 +41,11 @@
#include <vnet/fib/ip6_fib.h>
#include <vnet/fib/fib_path_list.h>
#include <vnet/ip/ip6_hop_by_hop.h>
+#include <vnet/ip/ip6_link.h>
#include <vnet/ip/reass/ip4_sv_reass.h>
#include <vnet/ip/reass/ip4_full_reass.h>
#include <vnet/ip/reass/ip6_sv_reass.h>
#include <vnet/ip/reass/ip6_full_reass.h>
-#include <vnet/ethernet/arp.h>
-#include <vnet/ip/ip_types_api.h>
#include <vnet/vnet_msg_enum.h>
@@ -71,27 +68,16 @@
#include <vnet/format_fns.h>
#define foreach_ip_api_msg \
+_(SW_INTERFACE_IP6_ENABLE_DISABLE, sw_interface_ip6_enable_disable) \
_(IP_TABLE_DUMP, ip_table_dump) \
_(IP_ROUTE_DUMP, ip_route_dump) \
_(IP_MTABLE_DUMP, ip_mtable_dump) \
_(IP_MROUTE_DUMP, ip_mroute_dump) \
-_(IP_NEIGHBOR_DUMP, ip_neighbor_dump) \
_(IP_MROUTE_ADD_DEL, ip_mroute_add_del) \
_(MFIB_SIGNAL_DUMP, mfib_signal_dump) \
_(IP_ADDRESS_DUMP, ip_address_dump) \
_(IP_UNNUMBERED_DUMP, ip_unnumbered_dump) \
_(IP_DUMP, ip_dump) \
-_(IP_NEIGHBOR_ADD_DEL, ip_neighbor_add_del) \
-_(SET_ARP_NEIGHBOR_LIMIT, set_arp_neighbor_limit) \
-_(IP_PROBE_NEIGHBOR, ip_probe_neighbor) \
-_(IP_SCAN_NEIGHBOR_ENABLE_DISABLE, ip_scan_neighbor_enable_disable) \
-_(WANT_IP4_ARP_EVENTS, want_ip4_arp_events) \
-_(WANT_IP6_ND_EVENTS, want_ip6_nd_events) \
-_(WANT_IP6_RA_EVENTS, want_ip6_ra_events) \
-_(PROXY_ARP_ADD_DEL, proxy_arp_add_del) \
-_(PROXY_ARP_DUMP, proxy_arp_dump) \
-_(PROXY_ARP_INTFC_ENABLE_DISABLE, proxy_arp_intfc_enable_disable) \
- _(PROXY_ARP_INTFC_DUMP, proxy_arp_intfc_dump) \
_(IP_TABLE_REPLACE_BEGIN, ip_table_replace_begin) \
_(IP_TABLE_REPLACE_END, ip_table_replace_end) \
_(IP_TABLE_FLUSH, ip_table_flush) \
@@ -100,12 +86,6 @@ _(IP_TABLE_ADD_DEL, ip_table_add_del) \
_(IP_PUNT_POLICE, ip_punt_police) \
_(IP_PUNT_REDIRECT, ip_punt_redirect) \
_(SET_IP_FLOW_HASH,set_ip_flow_hash) \
-_(SW_INTERFACE_IP6ND_RA_CONFIG, sw_interface_ip6nd_ra_config) \
-_(SW_INTERFACE_IP6ND_RA_PREFIX, sw_interface_ip6nd_ra_prefix) \
-_(IP6ND_PROXY_ADD_DEL, ip6nd_proxy_add_del) \
-_(IP6ND_PROXY_DUMP, ip6nd_proxy_dump) \
-_(IP6ND_SEND_ROUTER_SOLICITATION, ip6nd_send_router_solicitation) \
-_(SW_INTERFACE_IP6_ENABLE_DISABLE, sw_interface_ip6_enable_disable ) \
_(IP_CONTAINER_PROXY_ADD_DEL, ip_container_proxy_add_del) \
_(IP_CONTAINER_PROXY_DUMP, ip_container_proxy_dump) \
_(IOAM_ENABLE, ioam_enable) \
@@ -116,100 +96,29 @@ _(IP_SOURCE_AND_PORT_RANGE_CHECK_INTERFACE_ADD_DEL, \
ip_source_and_port_range_check_interface_add_del) \
_(IP_SOURCE_CHECK_INTERFACE_ADD_DEL, \
ip_source_check_interface_add_del) \
+ _(SW_INTERFACE_IP6_SET_LINK_LOCAL_ADDRESS, \
+ sw_interface_ip6_set_link_local_address) \
_(IP_REASSEMBLY_SET, ip_reassembly_set) \
_(IP_REASSEMBLY_GET, ip_reassembly_get) \
_(IP_REASSEMBLY_ENABLE_DISABLE, ip_reassembly_enable_disable) \
_(IP_PUNT_REDIRECT_DUMP, ip_punt_redirect_dump)
-
-static vl_api_ip_neighbor_flags_t
-ip_neighbor_flags_encode (ip_neighbor_flags_t f)
-{
- vl_api_ip_neighbor_flags_t v = IP_API_NEIGHBOR_FLAG_NONE;
-
- if (f & IP_NEIGHBOR_FLAG_STATIC)
- v |= IP_API_NEIGHBOR_FLAG_STATIC;
- if (f & IP_NEIGHBOR_FLAG_NO_FIB_ENTRY)
- v |= IP_API_NEIGHBOR_FLAG_NO_FIB_ENTRY;
-
- return (clib_host_to_net_u32 (v));
-}
-
static void
-send_ip_neighbor_details (u32 sw_if_index,
- const ip46_address_t * ip_address,
- const mac_address_t * mac,
- ip_neighbor_flags_t flags,
- vl_api_registration_t * reg, u32 context)
-{
- vl_api_ip_neighbor_details_t *mp;
-
- mp = vl_msg_api_alloc (sizeof (*mp));
- clib_memset (mp, 0, sizeof (*mp));
- mp->_vl_msg_id = ntohs (VL_API_IP_NEIGHBOR_DETAILS);
- mp->context = context;
- mp->neighbor.sw_if_index = htonl (sw_if_index);
- mp->neighbor.flags = ip_neighbor_flags_encode (flags);
-
- ip_address_encode (ip_address, IP46_TYPE_ANY, &mp->neighbor.ip_address);
- mac_address_encode (mac, mp->neighbor.mac_address);
-
- vl_api_send_msg (reg, (u8 *) mp);
-}
-
-static void
-vl_api_ip_neighbor_dump_t_handler (vl_api_ip_neighbor_dump_t * mp)
+ vl_api_sw_interface_ip6_enable_disable_t_handler
+ (vl_api_sw_interface_ip6_enable_disable_t * mp)
{
- vl_api_registration_t *reg;
-
- reg = vl_api_client_index_to_registration (mp->client_index);
- if (!reg)
- return;
-
- u32 sw_if_index = ntohl (mp->sw_if_index);
+ vl_api_sw_interface_ip6_enable_disable_reply_t *rmp;
+ int rv = 0;
- if (mp->is_ipv6)
- {
- ip6_neighbor_t *n, *ns;
+ VALIDATE_SW_IF_INDEX (mp);
- ns = ip6_neighbors_entries (sw_if_index);
- /* *INDENT-OFF* */
- vec_foreach (n, ns)
- {
- ip46_address_t nh = {
- .ip6 = {
- .as_u64[0] = n->key.ip6_address.as_u64[0],
- .as_u64[1] = n->key.ip6_address.as_u64[1],
- },
- };
- send_ip_neighbor_details (n->key.sw_if_index, &nh,
- &n->mac, n->flags,
- reg, mp->context);
- }
- /* *INDENT-ON* */
- vec_free (ns);
- }
- else
- {
- ethernet_arp_ip4_entry_t *n, *ns;
+ rv = ((mp->enable == 1) ?
+ ip6_link_enable (ntohl (mp->sw_if_index)) :
+ ip6_link_disable (ntohl (mp->sw_if_index)));
- ns = ip4_neighbor_entries (sw_if_index);
- /* *INDENT-OFF* */
- vec_foreach (n, ns)
- {
- ip46_address_t nh = {
- .ip4 = {
- .as_u32 = n->ip4_address.as_u32,
- },
- };
+ BAD_SW_IF_INDEX_LABEL;
- send_ip_neighbor_details (n->sw_if_index, &nh,
- &n->mac, n->flags,
- reg, mp->context);
- }
- /* *INDENT-ON* */
- vec_free (ns);
- }
+ REPLY_MACRO (VL_API_SW_INTERFACE_IP6_ENABLE_DISABLE_REPLY);
}
static void
@@ -544,61 +453,6 @@ vl_api_ip_punt_redirect_t_handler (vl_api_ip_punt_redirect_t * mp,
REPLY_MACRO (VL_API_IP_PUNT_REDIRECT_REPLY);
}
-static ip_neighbor_flags_t
-ip_neighbor_flags_decode (vl_api_ip_neighbor_flags_t v)
-{
- ip_neighbor_flags_t f = IP_NEIGHBOR_FLAG_NONE;
-
- v = clib_net_to_host_u32 (v);
-
- if (v & IP_API_NEIGHBOR_FLAG_STATIC)
- f |= IP_NEIGHBOR_FLAG_STATIC;
- if (v & IP_API_NEIGHBOR_FLAG_NO_FIB_ENTRY)
- f |= IP_NEIGHBOR_FLAG_NO_FIB_ENTRY;
-
- return (f);
-}
-
-static void
-vl_api_ip_neighbor_add_del_t_handler (vl_api_ip_neighbor_add_del_t * mp,
- vlib_main_t * vm)
-{
- vl_api_ip_neighbor_add_del_reply_t *rmp;
- ip_neighbor_flags_t flags;
- u32 stats_index = ~0;
- ip46_address_t ip;
- mac_address_t mac;
- ip46_type_t type;
- int rv;
-
- VALIDATE_SW_IF_INDEX ((&mp->neighbor));
-
- flags = ip_neighbor_flags_decode (mp->neighbor.flags);
- type = ip_address_decode (&mp->neighbor.ip_address, &ip);
- mac_address_decode (mp->neighbor.mac_address, &mac);
-
- /*
- * there's no validation here of the ND/ARP entry being added.
- * The expectation is that the FIB will ensure that nothing bad
- * will come of adding bogus entries.
- */
- if (mp->is_add)
- rv = ip_neighbor_add (&ip, type, &mac,
- ntohl (mp->neighbor.sw_if_index),
- flags, &stats_index);
- else
- rv = ip_neighbor_del (&ip, type, ntohl (mp->neighbor.sw_if_index));
-
- BAD_SW_IF_INDEX_LABEL;
-
- /* *INDENT-OFF* */
- REPLY_MACRO2 (VL_API_IP_NEIGHBOR_ADD_DEL_REPLY,
- ({
- rmp->stats_index = htonl (stats_index);
- }));
- /* *INDENT-ON* */
-}
-
void
ip_table_delete (fib_protocol_t fproto, u32 table_id, u8 is_api)
{
@@ -1024,7 +878,7 @@ vl_api_ip_dump_t_handler (vl_api_ip_dump_t * mp)
{
vpe_api_main_t *am = &vpe_api_main;
vnet_main_t *vnm = vnet_get_main ();
- vlib_main_t *vm = vlib_get_main ();
+ //vlib_main_t *vm = vlib_get_main ();
vnet_interface_main_t *im = &vnm->interface_main;
vl_api_registration_t *reg;
vnet_sw_interface_t *si, *sorted_sis;
@@ -1048,10 +902,10 @@ vl_api_ip_dump_t_handler (vl_api_ip_dump_t * mp)
{
if (!(si->flags & VNET_SW_INTERFACE_FLAG_UNNUMBERED))
{
- if (mp->is_ipv6 && !ip6_interface_enabled (vm, si->sw_if_index))
- {
- continue;
- }
+ /* if (mp->is_ipv6 && !ip6_interface_enabled (vm, si->sw_if_index)) */
+ /* { */
+ /* continue; */
+ /* } */
sw_if_index = si->sw_if_index;
send_ip_details (am, reg, sw_if_index, mp->is_ipv6, mp->context);
}
@@ -1108,225 +962,6 @@ vl_api_set_ip_flow_hash_t_handler (vl_api_set_ip_flow_hash_t * mp)
set_ip6_flow_hash (mp);
}
-static void
- vl_api_sw_interface_ip6nd_ra_config_t_handler
- (vl_api_sw_interface_ip6nd_ra_config_t * mp)
-{
- vl_api_sw_interface_ip6nd_ra_config_reply_t *rmp;
- vlib_main_t *vm = vlib_get_main ();
- int rv = 0;
- u8 is_no, suppress, managed, other, ll_option, send_unicast, cease,
- default_router;
-
- is_no = mp->is_no == 1;
- suppress = mp->suppress == 1;
- managed = mp->managed == 1;
- other = mp->other == 1;
- ll_option = mp->ll_option == 1;
- send_unicast = mp->send_unicast == 1;
- cease = mp->cease == 1;
- default_router = mp->default_router == 1;
-
- VALIDATE_SW_IF_INDEX (mp);
-
- rv = ip6_neighbor_ra_config (vm, ntohl (mp->sw_if_index),
- suppress, managed, other,
- ll_option, send_unicast, cease,
- default_router, ntohl (mp->lifetime),
- ntohl (mp->initial_count),
- ntohl (mp->initial_interval),
- ntohl (mp->max_interval),
- ntohl (mp->min_interval), is_no);
-
- BAD_SW_IF_INDEX_LABEL;
-
- REPLY_MACRO (VL_API_SW_INTERFACE_IP6ND_RA_CONFIG_REPLY);
-}
-
-static void
- vl_api_sw_interface_ip6nd_ra_prefix_t_handler
- (vl_api_sw_interface_ip6nd_ra_prefix_t * mp)
-{
- vlib_main_t *vm = vlib_get_main ();
- vl_api_sw_interface_ip6nd_ra_prefix_reply_t *rmp;
- fib_prefix_t pfx;
- int rv = 0;
- u8 is_no, use_default, no_advertise, off_link, no_autoconfig, no_onlink;
-
- VALIDATE_SW_IF_INDEX (mp);
-
- ip_prefix_decode (&mp->prefix, &pfx);
- is_no = mp->is_no == 1;
- use_default = mp->use_default == 1;
- no_advertise = mp->no_advertise == 1;
- off_link = mp->off_link == 1;
- no_autoconfig = mp->no_autoconfig == 1;
- no_onlink = mp->no_onlink == 1;
-
- rv = ip6_neighbor_ra_prefix (vm, ntohl (mp->sw_if_index),
- &pfx.fp_addr.ip6,
- pfx.fp_len, use_default,
- ntohl (mp->val_lifetime),
- ntohl (mp->pref_lifetime), no_advertise,
- off_link, no_autoconfig, no_onlink, is_no);
-
- BAD_SW_IF_INDEX_LABEL;
- REPLY_MACRO (VL_API_SW_INTERFACE_IP6ND_RA_PREFIX_REPLY);
-}
-
-static void
-send_ip6nd_proxy_details (vl_api_registration_t * reg,
- u32 context,
- const ip46_address_t * addr, u32 sw_if_index)
-{
- vl_api_ip6nd_proxy_details_t *mp;
-
- mp = vl_msg_api_alloc (sizeof (*mp));
- clib_memset (mp, 0, sizeof (*mp));
- mp->_vl_msg_id = ntohs (VL_API_IP6ND_PROXY_DETAILS);
- mp->context = context;
- mp->sw_if_index = htonl (sw_if_index);
-
- ip6_address_encode (&addr->ip6, mp->ip);
-
- vl_api_send_msg (reg, (u8 *) mp);
-}
-
-typedef struct api_ip6nd_proxy_fib_table_walk_ctx_t_
-{
- u32 *indices;
-} api_ip6nd_proxy_fib_table_walk_ctx_t;
-
-static fib_table_walk_rc_t
-api_ip6nd_proxy_fib_table_walk (fib_node_index_t fei, void *arg)
-{
- api_ip6nd_proxy_fib_table_walk_ctx_t *ctx = arg;
-
- if (fib_entry_is_sourced (fei, FIB_SOURCE_IP6_ND_PROXY))
- {
- vec_add1 (ctx->indices, fei);
- }
-
- return (FIB_TABLE_WALK_CONTINUE);
-}
-
-static void
-vl_api_ip6nd_proxy_dump_t_handler (vl_api_ip6nd_proxy_dump_t * mp)
-{
- ip6_main_t *im6 = &ip6_main;
- fib_table_t *fib_table;
- api_ip6nd_proxy_fib_table_walk_ctx_t ctx = {
- .indices = NULL,
- };
- fib_node_index_t *feip;
- const fib_prefix_t *pfx;
- vl_api_registration_t *reg;
-
- reg = vl_api_client_index_to_registration (mp->client_index);
- if (!reg)
- return;
-
- /* *INDENT-OFF* */
- pool_foreach (fib_table, im6->fibs,
- ({
- fib_table_walk(fib_table->ft_index,
- FIB_PROTOCOL_IP6,
- api_ip6nd_proxy_fib_table_walk,
- &ctx);
- }));
- /* *INDENT-ON* */
-
- vec_sort_with_function (ctx.indices, fib_entry_cmp_for_sort);
-
- vec_foreach (feip, ctx.indices)
- {
- pfx = fib_entry_get_prefix (*feip);
-
- send_ip6nd_proxy_details (reg,
- mp->context,
- &pfx->fp_addr,
- fib_entry_get_resolving_interface (*feip));
- }
-
- vec_free (ctx.indices);
-}
-
-static void
-vl_api_ip6nd_proxy_add_del_t_handler (vl_api_ip6nd_proxy_add_del_t * mp)
-{
- vl_api_ip6nd_proxy_add_del_reply_t *rmp;
- ip6_address_t ip6;
- int rv = 0;
-
- VALIDATE_SW_IF_INDEX (mp);
-
- ip6_address_decode (mp->ip, &ip6);
- rv = ip6_neighbor_proxy_add_del (ntohl (mp->sw_if_index), &ip6, mp->is_del);
-
- BAD_SW_IF_INDEX_LABEL;
- REPLY_MACRO (VL_API_IP6ND_PROXY_ADD_DEL_REPLY);
-}
-
-static void
- vl_api_ip6nd_send_router_solicitation_t_handler
- (vl_api_ip6nd_send_router_solicitation_t * mp)
-{
- vl_api_ip6nd_send_router_solicitation_reply_t *rmp;
- icmp6_send_router_solicitation_params_t params;
- vlib_main_t *vm = vlib_get_main ();
- int rv = 0;
-
- VALIDATE_SW_IF_INDEX (mp);
-
- BAD_SW_IF_INDEX_LABEL;
- REPLY_MACRO (VL_API_IP6ND_SEND_ROUTER_SOLICITATION_REPLY);
-
- if (rv != 0)
- return;
-
- params.irt = ntohl (mp->irt);
- params.mrt = ntohl (mp->mrt);
- params.mrc = ntohl (mp->mrc);
- params.mrd = ntohl (mp->mrd);
-
- icmp6_send_router_solicitation (vm, ntohl (mp->sw_if_index), mp->stop,
- &params);
-}
-
-static void
- vl_api_sw_interface_ip6_enable_disable_t_handler
- (vl_api_sw_interface_ip6_enable_disable_t * mp)
-{
- vlib_main_t *vm = vlib_get_main ();
- vl_api_sw_interface_ip6_enable_disable_reply_t *rmp;
- vnet_main_t *vnm = vnet_get_main ();
- int rv = 0;
- clib_error_t *error;
-
- vnm->api_errno = 0;
-
- VALIDATE_SW_IF_INDEX (mp);
-
- error =
- (mp->enable == 1) ? enable_ip6_interface (vm,
- ntohl (mp->sw_if_index)) :
- disable_ip6_interface (vm, ntohl (mp->sw_if_index));
-
- if (error)
- {
- clib_error_report (error);
- rv = VNET_API_ERROR_UNSPECIFIED;
- }
- else
- {
- rv = vnm->api_errno;
- }
-
- BAD_SW_IF_INDEX_LABEL;
-
- REPLY_MACRO (VL_API_SW_INTERFACE_IP6_ENABLE_DISABLE_REPLY);
-}
-
void
vl_mfib_signal_send_one (vl_api_registration_t * reg,
u32 context, const mfib_signal_t * mfs)
@@ -1617,6 +1252,24 @@ reply:
REPLY_MACRO (VL_API_IP_SOURCE_AND_PORT_RANGE_CHECK_INTERFACE_ADD_DEL_REPLY);
}
+static void
+ vl_api_sw_interface_ip6_set_link_local_address_t_handler
+ (vl_api_sw_interface_ip6_set_link_local_address_t * mp)
+{
+ vl_api_sw_interface_ip6_set_link_local_address_reply_t *rmp;
+ ip6_address_t ip;
+ int rv;
+
+ VALIDATE_SW_IF_INDEX (mp);
+
+ ip6_address_decode (mp->ip, &ip);
+
+ rv = ip6_set_link_local_address (ntohl (mp->sw_if_index), &ip);
+
+ BAD_SW_IF_INDEX_LABEL;
+ REPLY_MACRO (VL_API_SW_INTERFACE_IP6_SET_LINK_LOCAL_ADDRESS_REPLY);
+}
+
typedef union
{
u32 fib_index;
@@ -1647,933 +1300,6 @@ static void
REPLY_MACRO (VL_API_IP_SOURCE_CHECK_INTERFACE_ADD_DEL_REPLY);
}
-#define IP4_ARP_EVENT 3
-#define IP6_ND_EVENT 4
-
-static vlib_node_registration_t ip_resolver_process_node;
-
-static int
-arp_change_delete_callback (u32 pool_index,
- const mac_address_t * mac,
- u32 sw_if_index, const ip4_address_t * address)
-{
- vpe_api_main_t *am = &vpe_api_main;
-
- if (pool_is_free_index (am->arp_events, pool_index))
- return 1;
-
- pool_put_index (am->arp_events, pool_index);
- return 0;
-}
-
-static void
-handle_ip4_arp_event (u32 pool_index)
-{
- vpe_api_main_t *vam = &vpe_api_main;
- vnet_main_t *vnm = vam->vnet_main;
- vlib_main_t *vm = vam->vlib_main;
- vl_api_ip4_arp_event_t *event;
- vl_api_ip4_arp_event_t *mp;
- vl_api_registration_t *reg;
-
- /* Client can cancel, die, etc. */
- if (pool_is_free_index (vam->arp_events, pool_index))
- return;
-
- event = pool_elt_at_index (vam->arp_events, pool_index);
-
- reg = vl_api_client_index_to_registration (event->client_index);
- if (!reg)
- {
- (void) vnet_add_del_ip4_arp_change_event
- (vnm, arp_change_delete_callback,
- event->pid, event->ip,
- ip_resolver_process_node.index, IP4_ARP_EVENT,
- ~0 /* pool index, notused */ , 0 /* is_add */ );
- return;
- }
-
- if (vl_api_can_send_msg (reg))
- {
- mp = vl_msg_api_alloc (sizeof (*mp));
- clib_memcpy (mp, event, sizeof (*mp));
- vl_api_send_msg (reg, (u8 *) mp);
- }
- else
- {
- static f64 last_time;
- /*
- * Throttle syslog msgs.
- * It's pretty tempting to just revoke the registration...
- */
- if (vlib_time_now (vm) > last_time + 10.0)
- {
- clib_warning ("arp event for %U to pid %d: queue stuffed!",
- format_ip4_address, event->ip, event->pid);
- last_time = vlib_time_now (vm);
- }
- }
-}
-
-static int
-nd_change_delete_callback (u32 pool_index,
- const mac_address_t * mac,
- u32 sw_if_index, const ip6_address_t * addr)
-{
- vpe_api_main_t *am = &vpe_api_main;
-
- if (pool_is_free_index (am->nd_events, pool_index))
- return 1;
-
- pool_put_index (am->nd_events, pool_index);
- return 0;
-}
-
-static void
-handle_ip6_nd_event (u32 pool_index)
-{
- vpe_api_main_t *vam = &vpe_api_main;
- vnet_main_t *vnm = vam->vnet_main;
- vlib_main_t *vm = vam->vlib_main;
- vl_api_ip6_nd_event_t *event;
- vl_api_ip6_nd_event_t *mp;
- vl_api_registration_t *reg;
-
- /* Client can cancel, die, etc. */
- if (pool_is_free_index (vam->nd_events, pool_index))
- return;
-
- event = pool_elt_at_index (vam->nd_events, pool_index);
-
- reg = vl_api_client_index_to_registration (event->client_index);
- if (!reg)
- {
- (void) vnet_add_del_ip6_nd_change_event
- (vnm, nd_change_delete_callback,
- event->pid, event->ip,
- ip_resolver_process_node.index, IP6_ND_EVENT,
- ~0 /* pool index, notused */ , 0 /* is_add */ );
- return;
- }
-
- if (vl_api_can_send_msg (reg))
- {
- mp = vl_msg_api_alloc (sizeof (*mp));
- clib_memcpy (mp, event, sizeof (*mp));
- vl_api_send_msg (reg, (u8 *) mp);
- }
- else
- {
- static f64 last_time;
- /*
- * Throttle syslog msgs.
- * It's pretty tempting to just revoke the registration...
- */
- if (vlib_time_now (vm) > last_time + 10.0)
- {
- clib_warning ("ip6 nd event for %U to pid %d: queue stuffed!",
- format_ip6_address, event->ip, event->pid);
- last_time = vlib_time_now (vm);
- }
- }
-}
-
-static uword
-resolver_process (vlib_main_t * vm,
- vlib_node_runtime_t * rt, vlib_frame_t * f)
-{
- volatile f64 timeout = 100.0;
- volatile uword *event_data = 0;
-
- while (1)
- {
- vlib_process_wait_for_event_or_clock (vm, timeout);
-
- uword event_type =
- vlib_process_get_events (vm, (uword **) & event_data);
-
- int i;
- switch (event_type)
- {
- case IP4_ARP_EVENT:
- for (i = 0; i < vec_len (event_data); i++)
- handle_ip4_arp_event (event_data[i]);
- break;
-
- case IP6_ND_EVENT:
- for (i = 0; i < vec_len (event_data); i++)
- handle_ip6_nd_event (event_data[i]);
- break;
-
- case ~0: /* timeout */
- break;
- }
-
- vec_reset_length (event_data);
- }
- return 0; /* or not */
-}
-
-/* *INDENT-OFF* */
-VLIB_REGISTER_NODE (ip_resolver_process_node,static) = {
- .function = resolver_process,
- .type = VLIB_NODE_TYPE_PROCESS,
- .name = "ip-route-resolver-process",
-};
-/* *INDENT-ON* */
-
-static int
-nd_change_data_callback (u32 pool_index, const mac_address_t * new_mac,
- u32 sw_if_index, const ip6_address_t * address)
-{
- vpe_api_main_t *am = &vpe_api_main;
- vl_api_ip6_nd_event_t *event;
-
- if (pool_is_free_index (am->nd_events, pool_index))
- return 1;
-
- event = pool_elt_at_index (am->nd_events, pool_index);
- if (ethernet_mac_address_equal (event->mac, new_mac->bytes) &&
- sw_if_index == ntohl (event->sw_if_index))
- {
- return 1;
- }
-
- mac_address_encode (new_mac, event->mac);
- event->sw_if_index = htonl (sw_if_index);
- return 0;
-}
-
-static vlib_node_registration_t wc_arp_process_node;
-
-enum
-{ WC_ARP_REPORT, WC_ND_REPORT, RA_REPORT, REPORT_MAX };
-
-static uword
-wc_arp_process (vlib_main_t * vm, vlib_node_runtime_t * rt, vlib_frame_t * f)
-{
- /* These cross the longjmp boundary (vlib_process_wait_for_event)
- * and need to be volatile - to prevent them from being optimized into
- * a register - which could change during suspension */
-
- volatile wc_arp_report_t arp_prev = { 0 };
- volatile wc_nd_report_t nd_prev = { 0 };
- volatile f64 last_arp = vlib_time_now (vm);
- volatile f64 last_nd = vlib_time_now (vm);
-
- while (1)
- {
- vlib_process_wait_for_event (vm);
- uword event_type = WC_ARP_REPORT;
- void *event_data = vlib_process_get_event_data (vm, &event_type);
-
- f64 now = vlib_time_now (vm);
- int i;
- if (event_type == WC_ARP_REPORT)
- {
- wc_arp_report_t *arp_events = event_data;
- for (i = 0; i < vec_len (arp_events); i++)
- {
- /* discard dup event - cast away volatile */
- if (arp_prev.ip.as_u32 == arp_events[i].ip.as_u32 &&
- mac_address_equal ((const mac_address_t *) &arp_prev.mac,
- &arp_events[i].mac) &&
- arp_prev.sw_if_index == arp_events[i].sw_if_index &&
- (now - last_arp) < 10.0)
- {
- continue;
- }
- arp_prev = arp_events[i];
- last_arp = now;
- vpe_client_registration_t *reg;
- /* *INDENT-OFF* */
- pool_foreach(reg, vpe_api_main.wc_ip4_arp_events_registrations,
- ({
- vl_api_registration_t *vl_reg;
- vl_reg = vl_api_client_index_to_registration (reg->client_index);
- ASSERT (vl_reg != NULL);
- if (reg && vl_api_can_send_msg (vl_reg))
- {
- vl_api_ip4_arp_event_t * event = vl_msg_api_alloc (sizeof *event);
- clib_memset (event, 0, sizeof *event);
- event->_vl_msg_id = htons (VL_API_IP4_ARP_EVENT);
- event->client_index = reg->client_index;
- event->pid = reg->client_pid;
- event->mac_ip = 1;
- ip4_address_encode(&arp_events[i].ip, event->ip);
- event->sw_if_index = htonl(arp_events[i].sw_if_index);
- mac_address_encode(&arp_events[i].mac, event->mac);
- vl_api_send_msg (vl_reg, (u8 *) event);
- }
- }));
- /* *INDENT-ON* */
- }
- }
- else if (event_type == WC_ND_REPORT)
- {
- wc_nd_report_t *nd_events = event_data;
- for (i = 0; i < vec_len (nd_events); i++)
- {
- /* discard dup event - cast away volatile */
- if (ip6_address_is_equal ((const ip6_address_t *) &nd_prev.ip6,
- &nd_events[i].ip6)
- && mac_address_equal ((const mac_address_t *) &nd_prev.mac,
- &nd_events[i].mac)
- && nd_prev.sw_if_index == nd_events[i].sw_if_index
- && (now - last_nd) < 10.0)
- {
- continue;
- }
- nd_prev = nd_events[i];
- last_nd = now;
- vpe_client_registration_t *reg;
- /* *INDENT-OFF* */
- pool_foreach(reg, vpe_api_main.wc_ip6_nd_events_registrations,
- ({
- vl_api_registration_t *vl_reg;
- vl_reg = vl_api_client_index_to_registration (reg->client_index);
- if (vl_reg && vl_api_can_send_msg (vl_reg))
- {
- vl_api_ip6_nd_event_t * event = vl_msg_api_alloc (sizeof *event);
- clib_memset (event, 0, sizeof *event);
- event->_vl_msg_id = htons (VL_API_IP6_ND_EVENT);
- event->client_index = reg->client_index;
- event->pid = reg->client_pid;
- event->mac_ip = 1;
- ip6_address_encode(&nd_events[i].ip6, event->ip);
- event->sw_if_index = htonl(nd_events[i].sw_if_index);
- mac_address_encode(&nd_events[i].mac, event->mac);
- vl_api_send_msg (vl_reg, (u8 *) event);
- }
- }));
- /* *INDENT-ON* */
- }
- }
- else if (event_type == RA_REPORT)
- {
- ra_report_t *ra_events = event_data;
- for (i = 0; i < vec_len (ra_events); i++)
- {
- ip6_neighbor_public_main_t *npm = &ip6_neighbor_public_main;
- call_ip6_neighbor_callbacks (&ra_events[i],
- npm->ra_report_functions);
-
- vpe_client_registration_t *reg;
- /* *INDENT-OFF* */
- pool_foreach(reg, vpe_api_main.ip6_ra_events_registrations,
- ({
- vl_api_registration_t *vl_reg;
- vl_reg =
- vl_api_client_index_to_registration (reg->client_index);
- if (vl_reg && vl_api_can_send_msg (vl_reg))
- {
- u32 event_size =
- sizeof (vl_api_ip6_ra_event_t) +
- vec_len (ra_events[i].prefixes) *
- sizeof (vl_api_ip6_ra_prefix_info_t);
- vl_api_ip6_ra_event_t *event =
- vl_msg_api_alloc (event_size);
- clib_memset (event, 0, event_size);
- event->_vl_msg_id = htons (VL_API_IP6_RA_EVENT);
- event->client_index = reg->client_index;
- event->pid = reg->client_pid;
-
- event->sw_if_index = clib_host_to_net_u32 (ra_events[i].sw_if_index);
-
- ip6_address_encode (&ra_events[i].router_address,
- event->router_addr);
-
- event->current_hop_limit = ra_events[i].current_hop_limit;
- event->flags = ra_events[i].flags;
- event->router_lifetime_in_sec =
- clib_host_to_net_u16 (ra_events
- [i].router_lifetime_in_sec);
- event->neighbor_reachable_time_in_msec =
- clib_host_to_net_u32 (ra_events
- [i].neighbor_reachable_time_in_msec);
- event->time_in_msec_between_retransmitted_neighbor_solicitations
- =
- clib_host_to_net_u32 (ra_events
- [i].time_in_msec_between_retransmitted_neighbor_solicitations);
-
- event->n_prefixes =
- clib_host_to_net_u32 (vec_len (ra_events[i].prefixes));
- vl_api_ip6_ra_prefix_info_t *prefix =
- (typeof (prefix)) event->prefixes;
- u32 j;
- for (j = 0; j < vec_len (ra_events[i].prefixes); j++)
- {
- ra_report_prefix_info_t *info =
- &ra_events[i].prefixes[j];
- ip_prefix_encode(&info->prefix, &prefix->prefix);
- prefix->flags = info->flags;
- prefix->valid_time =
- clib_host_to_net_u32 (info->valid_time);
- prefix->preferred_time =
- clib_host_to_net_u32 (info->preferred_time);
- prefix++;
- }
-
- vl_api_send_msg (vl_reg, (u8 *) event);
- }
- }));
- /* *INDENT-ON* */
- vec_free (ra_events[i].prefixes);
- }
- }
- vlib_process_put_event_data (vm, event_data);
- }
-
- return 0;
-}
-
-/* *INDENT-OFF* */
-VLIB_REGISTER_NODE (wc_arp_process_node,static) = {
- .function = wc_arp_process,
- .type = VLIB_NODE_TYPE_PROCESS,
- .name = "wildcard-ip4-arp-publisher-process",
-};
-/* *INDENT-ON* */
-
-static int
-arp_change_data_callback (u32 pool_index,
- const mac_address_t * mac,
- u32 sw_if_index, const ip4_address_t * address)
-{
- vpe_api_main_t *am = &vpe_api_main;
- vl_api_ip4_arp_event_t *event;
-
- if (pool_is_free_index (am->arp_events, pool_index))
- return 1;
-
- event = pool_elt_at_index (am->arp_events, pool_index);
- if (ethernet_mac_address_equal (event->mac, mac->bytes) &&
- sw_if_index == ntohl (event->sw_if_index))
- {
- return 1;
- }
-
- mac_address_encode (mac, event->mac);
- event->sw_if_index = htonl (sw_if_index);
- return 0;
-}
-
-static void
-vl_api_want_ip4_arp_events_t_handler (vl_api_want_ip4_arp_events_t * mp)
-{
- vpe_api_main_t *am = &vpe_api_main;
- vnet_main_t *vnm = vnet_get_main ();
- vl_api_want_ip4_arp_events_reply_t *rmp;
- ip4_address_t ip;
- int rv = 0;
-
- ip4_address_decode (mp->ip, &ip);
-
- if (ip.as_u32 == 0)
- {
- uword *p =
- hash_get (am->wc_ip4_arp_events_registration_hash, mp->client_index);
- vpe_client_registration_t *rp;
- if (p)
- {
- if (mp->enable_disable)
- {
- clib_warning ("pid %d: already enabled...", mp->pid);
- rv = VNET_API_ERROR_INVALID_REGISTRATION;
- goto reply;
- }
- else
- {
- rp =
- pool_elt_at_index (am->wc_ip4_arp_events_registrations, p[0]);
- pool_put (am->wc_ip4_arp_events_registrations, rp);
- hash_unset (am->wc_ip4_arp_events_registration_hash,
- mp->client_index);
- if (pool_elts (am->wc_ip4_arp_events_registrations) == 0)
- wc_arp_set_publisher_node (~0, REPORT_MAX);
- goto reply;
- }
- }
- if (mp->enable_disable == 0)
- {
- clib_warning ("pid %d: already disabled...", mp->pid);
- rv = VNET_API_ERROR_INVALID_REGISTRATION;
- goto reply;
- }
- pool_get (am->wc_ip4_arp_events_registrations, rp);
- rp->client_index = mp->client_index;
- rp->client_pid = mp->pid;
- hash_set (am->wc_ip4_arp_events_registration_hash, rp->client_index,
- rp - am->wc_ip4_arp_events_registrations);
- wc_arp_set_publisher_node (wc_arp_process_node.index, WC_ARP_REPORT);
- goto reply;
- }
-
- if (mp->enable_disable)
- {
- vl_api_ip4_arp_event_t *event;
- pool_get (am->arp_events, event);
- rv = vnet_add_del_ip4_arp_change_event
- (vnm, arp_change_data_callback,
- mp->pid, mp->ip /* addr, in net byte order */ ,
- ip_resolver_process_node.index,
- IP4_ARP_EVENT, event - am->arp_events, 1 /* is_add */ );
-
- if (rv)
- {
- pool_put (am->arp_events, event);
- goto reply;
- }
- clib_memset (event, 0, sizeof (*event));
-
- /* Python API expects events to have no context */
- event->_vl_msg_id = htons (VL_API_IP4_ARP_EVENT);
- event->client_index = mp->client_index;
- memcpy (event->ip, mp->ip, 4);
- event->pid = mp->pid;
- if (ip.as_u32 == 0)
- event->mac_ip = 1;
- }
- else
- {
- rv = vnet_add_del_ip4_arp_change_event
- (vnm, arp_change_delete_callback,
- mp->pid, mp->ip /* addr, in net byte order */ ,
- ip_resolver_process_node.index,
- IP4_ARP_EVENT, ~0 /* pool index */ , 0 /* is_add */ );
- }
-reply:
- REPLY_MACRO (VL_API_WANT_IP4_ARP_EVENTS_REPLY);
-}
-
-static clib_error_t *
-want_ip4_arp_events_reaper (u32 client_index)
-{
- vpe_client_registration_t *rp;
- vl_api_ip4_arp_event_t *event;
- u32 *to_delete, *event_id;
- vpe_api_main_t *am;
- vnet_main_t *vnm;
- uword *p;
-
- am = &vpe_api_main;
- vnm = vnet_get_main ();
- to_delete = NULL;
-
- /* clear out all of its pending resolutions */
- /* *INDENT-OFF* */
- pool_foreach(event, am->arp_events,
- ({
- if (event->client_index == client_index)
- {
- vec_add1(to_delete, event - am->arp_events);
- }
- }));
- /* *INDENT-ON* */
-
- vec_foreach (event_id, to_delete)
- {
- event = pool_elt_at_index (am->arp_events, *event_id);
- vnet_add_del_ip4_arp_change_event
- (vnm, arp_change_delete_callback,
- event->pid, event->ip,
- ip_resolver_process_node.index, IP4_ARP_EVENT,
- ~0 /* pool index, notused */ , 0 /* is_add */ );
- }
- vec_free (to_delete);
-
- /* remove from the registration hash */
- p = hash_get (am->wc_ip4_arp_events_registration_hash, client_index);
-
- if (p)
- {
- rp = pool_elt_at_index (am->wc_ip4_arp_events_registrations, p[0]);
- pool_put (am->wc_ip4_arp_events_registrations, rp);
- hash_unset (am->wc_ip4_arp_events_registration_hash, client_index);
- if (pool_elts (am->wc_ip4_arp_events_registrations) == 0)
- wc_arp_set_publisher_node (~0, REPORT_MAX);
- }
- return (NULL);
-}
-
-VL_MSG_API_REAPER_FUNCTION (want_ip4_arp_events_reaper);
-
-static void
-vl_api_want_ip6_nd_events_t_handler (vl_api_want_ip6_nd_events_t * mp)
-{
- vpe_api_main_t *am = &vpe_api_main;
- vnet_main_t *vnm = vnet_get_main ();
- vl_api_want_ip6_nd_events_reply_t *rmp;
- ip6_address_t ip6;
- int rv = 0;
-
- ip6_address_decode (mp->ip, &ip6);
-
- if (ip6_address_is_zero (&ip6))
- {
- uword *p =
- hash_get (am->wc_ip6_nd_events_registration_hash, mp->client_index);
- vpe_client_registration_t *rp;
- if (p)
- {
- if (mp->enable_disable)
- {
- clib_warning ("pid %d: already enabled...", mp->pid);
- rv = VNET_API_ERROR_INVALID_REGISTRATION;
- goto reply;
- }
- else
- {
- rp =
- pool_elt_at_index (am->wc_ip6_nd_events_registrations, p[0]);
- pool_put (am->wc_ip6_nd_events_registrations, rp);
- hash_unset (am->wc_ip6_nd_events_registration_hash,
- mp->client_index);
- if (pool_elts (am->wc_ip6_nd_events_registrations) == 0)
- wc_nd_set_publisher_node (~0, REPORT_MAX);
- goto reply;
- }
- }
- if (mp->enable_disable == 0)
- {
- clib_warning ("pid %d: already disabled...", mp->pid);
- rv = VNET_API_ERROR_INVALID_REGISTRATION;
- goto reply;
- }
- pool_get (am->wc_ip6_nd_events_registrations, rp);
- rp->client_index = mp->client_index;
- rp->client_pid = mp->pid;
- hash_set (am->wc_ip6_nd_events_registration_hash, rp->client_index,
- rp - am->wc_ip6_nd_events_registrations);
- wc_nd_set_publisher_node (wc_arp_process_node.index, WC_ND_REPORT);
- goto reply;
- }
-
- if (mp->enable_disable)
- {
- vl_api_ip6_nd_event_t *event;
- pool_get (am->nd_events, event);
-
- rv = vnet_add_del_ip6_nd_change_event
- (vnm, nd_change_data_callback,
- mp->pid, &ip6,
- ip_resolver_process_node.index,
- IP6_ND_EVENT, event - am->nd_events, 1 /* is_add */ );
-
- if (rv)
- {
- pool_put (am->nd_events, event);
- goto reply;
- }
- clib_memset (event, 0, sizeof (*event));
-
- event->_vl_msg_id = ntohs (VL_API_IP6_ND_EVENT);
- event->client_index = mp->client_index;
- ip6_address_encode (&ip6, event->ip);
- event->pid = mp->pid;
- }
- else
- {
- rv = vnet_add_del_ip6_nd_change_event
- (vnm, nd_change_delete_callback,
- mp->pid, &ip6 /* addr, in net byte order */ ,
- ip_resolver_process_node.index,
- IP6_ND_EVENT, ~0 /* pool index */ , 0 /* is_add */ );
- }
-reply:
- REPLY_MACRO (VL_API_WANT_IP6_ND_EVENTS_REPLY);
-}
-
-static clib_error_t *
-want_ip6_nd_events_reaper (u32 client_index)
-{
-
- vpe_client_registration_t *rp;
- vl_api_ip6_nd_event_t *event;
- u32 *to_delete, *event_id;
- vpe_api_main_t *am;
- vnet_main_t *vnm;
- uword *p;
-
- am = &vpe_api_main;
- vnm = vnet_get_main ();
- to_delete = NULL;
-
- /* clear out all of its pending resolutions */
- /* *INDENT-OFF* */
- pool_foreach(event, am->nd_events,
- ({
- if (event->client_index == client_index)
- {
- vec_add1(to_delete, event - am->nd_events);
- }
- }));
- /* *INDENT-ON* */
-
- vec_foreach (event_id, to_delete)
- {
- event = pool_elt_at_index (am->nd_events, *event_id);
- vnet_add_del_ip6_nd_change_event
- (vnm, nd_change_delete_callback,
- event->pid, event->ip,
- ip_resolver_process_node.index, IP6_ND_EVENT,
- ~0 /* pool index, notused */ , 0 /* is_add */ );
- }
- vec_free (to_delete);
-
- /* remove from the registration hash */
- p = hash_get (am->wc_ip6_nd_events_registration_hash, client_index);
-
- if (p)
- {
- rp = pool_elt_at_index (am->wc_ip6_nd_events_registrations, p[0]);
- pool_put (am->wc_ip6_nd_events_registrations, rp);
- hash_unset (am->wc_ip6_nd_events_registration_hash, client_index);
- if (pool_elts (am->wc_ip6_nd_events_registrations) == 0)
- wc_nd_set_publisher_node (~0, REPORT_MAX);
- }
- return (NULL);
-}
-
-VL_MSG_API_REAPER_FUNCTION (want_ip6_nd_events_reaper);
-
-static void
-vl_api_want_ip6_ra_events_t_handler (vl_api_want_ip6_ra_events_t * mp)
-{
- vpe_api_main_t *am = &vpe_api_main;
- vl_api_want_ip6_ra_events_reply_t *rmp;
- int rv = 0;
-
- uword *p = hash_get (am->ip6_ra_events_registration_hash, mp->client_index);
- vpe_client_registration_t *rp;
- if (p)
- {
- if (mp->enable_disable)
- {
- clib_warning ("pid %d: already enabled...", ntohl (mp->pid));
- rv = VNET_API_ERROR_INVALID_REGISTRATION;
- goto reply;
- }
- else
- {
- rp = pool_elt_at_index (am->ip6_ra_events_registrations, p[0]);
- pool_put (am->ip6_ra_events_registrations, rp);
- hash_unset (am->ip6_ra_events_registration_hash, mp->client_index);
- goto reply;
- }
- }
- if (mp->enable_disable == 0)
- {
- clib_warning ("pid %d: already disabled...", ntohl (mp->pid));
- rv = VNET_API_ERROR_INVALID_REGISTRATION;
- goto reply;
- }
- pool_get (am->ip6_ra_events_registrations, rp);
- rp->client_index = mp->client_index;
- rp->client_pid = ntohl (mp->pid);
- hash_set (am->ip6_ra_events_registration_hash, rp->client_index,
- rp - am->ip6_ra_events_registrations);
-
-reply:
- REPLY_MACRO (VL_API_WANT_IP6_RA_EVENTS_REPLY);
-}
-
-static clib_error_t *
-want_ip6_ra_events_reaper (u32 client_index)
-{
- vpe_api_main_t *am = &vpe_api_main;
- vpe_client_registration_t *rp;
- uword *p;
-
- p = hash_get (am->ip6_ra_events_registration_hash, client_index);
-
- if (p)
- {
- rp = pool_elt_at_index (am->ip6_ra_events_registrations, p[0]);
- pool_put (am->ip6_ra_events_registrations, rp);
- hash_unset (am->ip6_ra_events_registration_hash, client_index);
- }
- return (NULL);
-}
-
-VL_MSG_API_REAPER_FUNCTION (want_ip6_ra_events_reaper);
-
-static void
-vl_api_proxy_arp_add_del_t_handler (vl_api_proxy_arp_add_del_t * mp)
-{
- vl_api_proxy_arp_add_del_reply_t *rmp;
- ip4_address_t lo, hi;
- u32 fib_index;
- int rv;
-
- fib_index = fib_table_find (FIB_PROTOCOL_IP4, ntohl (mp->proxy.table_id));
-
- if (~0 == fib_index)
- {
- rv = VNET_API_ERROR_NO_SUCH_FIB;
- goto out;
- }
-
- ip4_address_decode (mp->proxy.low, &lo);
- ip4_address_decode (mp->proxy.hi, &hi);
-
- rv = vnet_proxy_arp_add_del (&lo, &hi, fib_index, mp->is_add == 0);
-
-out:
- REPLY_MACRO (VL_API_PROXY_ARP_ADD_DEL_REPLY);
-}
-
-typedef struct proxy_arp_walk_ctx_t_
-{
- vl_api_registration_t *reg;
- u32 context;
-} proxy_arp_walk_ctx_t;
-
-static walk_rc_t
-send_proxy_arp_details (const ip4_address_t * lo_addr,
- const ip4_address_t * hi_addr,
- u32 fib_index, void *data)
-{
- vl_api_proxy_arp_details_t *mp;
- proxy_arp_walk_ctx_t *ctx;
-
- ctx = data;
-
- mp = vl_msg_api_alloc (sizeof (*mp));
- clib_memset (mp, 0, sizeof (*mp));
- mp->_vl_msg_id = ntohs (VL_API_PROXY_ARP_DETAILS);
- mp->context = ctx->context;
- mp->proxy.table_id = htonl (fib_index);
-
- ip4_address_encode (lo_addr, mp->proxy.low);
- ip4_address_encode (hi_addr, mp->proxy.hi);
-
- vl_api_send_msg (ctx->reg, (u8 *) mp);
-
- return (WALK_CONTINUE);
-}
-
-static void
-vl_api_proxy_arp_dump_t_handler (vl_api_proxy_arp_dump_t * mp)
-{
- vl_api_registration_t *reg;
-
- reg = vl_api_client_index_to_registration (mp->client_index);
- if (!reg)
- return;
-
- proxy_arp_walk_ctx_t wctx = {
- .reg = reg,
- .context = mp->context,
- };
-
- proxy_arp_walk (send_proxy_arp_details, &wctx);
-}
-
-static walk_rc_t
-send_proxy_arp_intfc_details (u32 sw_if_index, void *data)
-{
- vl_api_proxy_arp_intfc_details_t *mp;
- proxy_arp_walk_ctx_t *ctx;
-
- ctx = data;
-
- mp = vl_msg_api_alloc (sizeof (*mp));
- clib_memset (mp, 0, sizeof (*mp));
- mp->_vl_msg_id = ntohs (VL_API_PROXY_ARP_INTFC_DETAILS);
- mp->context = ctx->context;
- mp->sw_if_index = htonl (sw_if_index);
-
- vl_api_send_msg (ctx->reg, (u8 *) mp);
-
- return (WALK_CONTINUE);
-}
-
-static void
-vl_api_proxy_arp_intfc_dump_t_handler (vl_api_proxy_arp_intfc_dump_t * mp)
-{
- vl_api_registration_t *reg;
-
- reg = vl_api_client_index_to_registration (mp->client_index);
- if (!reg)
- return;
-
- proxy_arp_walk_ctx_t wctx = {
- .reg = reg,
- .context = mp->context,
- };
-
- proxy_arp_intfc_walk (send_proxy_arp_intfc_details, &wctx);
-}
-
-static void
- vl_api_proxy_arp_intfc_enable_disable_t_handler
- (vl_api_proxy_arp_intfc_enable_disable_t * mp)
-{
- int rv = 0;
- vnet_main_t *vnm = vnet_get_main ();
- vl_api_proxy_arp_intfc_enable_disable_reply_t *rmp;
-
- VALIDATE_SW_IF_INDEX (mp);
-
- rv = vnet_proxy_arp_enable_disable (vnm,
- ntohl (mp->sw_if_index),
- mp->enable_disable);
-
- BAD_SW_IF_INDEX_LABEL;
-
- REPLY_MACRO (VL_API_PROXY_ARP_INTFC_ENABLE_DISABLE_REPLY);
-}
-
-static void
-vl_api_ip_probe_neighbor_t_handler (vl_api_ip_probe_neighbor_t * mp)
-{
- int rv = 0;
- vlib_main_t *vm = vlib_get_main ();
- vl_api_ip_probe_neighbor_reply_t *rmp;
- clib_error_t *error;
- ip46_address_t dst;
- ip46_type_t itype;
-
- VALIDATE_SW_IF_INDEX (mp);
-
- u32 sw_if_index = ntohl (mp->sw_if_index);
- itype = ip_address_decode (&mp->dst, &dst);
-
- if (IP46_TYPE_IP6 == itype)
- error = ip6_probe_neighbor (vm, &dst.ip6, sw_if_index, 0);
- else
- error = ip4_probe_neighbor (vm, &dst.ip4, sw_if_index, 0);
-
- if (error)
- {
- clib_error_report (error);
- rv = clib_error_get_code (error);
- }
-
- BAD_SW_IF_INDEX_LABEL;
-
- REPLY_MACRO (VL_API_IP_PROBE_NEIGHBOR_REPLY);
-}
-
-static void
- vl_api_ip_scan_neighbor_enable_disable_t_handler
- (vl_api_ip_scan_neighbor_enable_disable_t * mp)
-{
- int rv = 0;
- vl_api_ip_scan_neighbor_enable_disable_reply_t *rmp;
- ip_neighbor_scan_arg_t arg;
-
- arg.mode = mp->mode;
- arg.scan_interval = mp->scan_interval;
- arg.max_proc_time = mp->max_proc_time;
- arg.max_update = mp->max_update;
- arg.scan_int_delay = mp->scan_int_delay;
- arg.stale_threshold = mp->stale_threshold;
- ip_neighbor_scan_enable_disable (&arg);
-
- REPLY_MACRO (VL_API_IP_SCAN_NEIGHBOR_ENABLE_DISABLE_REPLY);
-}
static void
vl_api_ip_table_replace_begin_t_handler (vl_api_ip_table_replace_begin_t * mp)
@@ -2661,34 +1387,6 @@ vl_api_ip_table_flush_t_handler (vl_api_ip_table_flush_t * mp)
REPLY_MACRO (VL_API_IP_TABLE_FLUSH_REPLY);
}
-static void
-vl_api_set_arp_neighbor_limit_t_handler (vl_api_set_arp_neighbor_limit_t * mp)
-{
- int rv;
- vl_api_set_arp_neighbor_limit_reply_t *rmp;
- vnet_main_t *vnm = vnet_get_main ();
- clib_error_t *error;
-
- vnm->api_errno = 0;
-
- if (mp->is_ipv6)
- error = ip6_set_neighbor_limit (ntohl (mp->arp_neighbor_limit));
- else
- error = ip4_set_arp_limit (ntohl (mp->arp_neighbor_limit));
-
- if (error)
- {
- clib_error_report (error);
- rv = VNET_API_ERROR_UNSPECIFIED;
- }
- else
- {
- rv = vnm->api_errno;
- }
-
- REPLY_MACRO (VL_API_SET_ARP_NEIGHBOR_LIMIT_REPLY);
-}
-
void
vl_api_ip_reassembly_set_t_handler (vl_api_ip_reassembly_set_t * mp)
{
@@ -2948,8 +1646,6 @@ ip_api_hookup (vlib_main_t * vm)
*/
setup_message_id_table (am);
- ra_set_publisher_node (wc_arp_process_node.index, RA_REPORT);
-
return 0;
}
diff --git a/src/vnet/ip/ip_neighbor.c b/src/vnet/ip/ip_neighbor.c
deleted file mode 100644
index ef61dde0e05..00000000000
--- a/src/vnet/ip/ip_neighbor.c
+++ /dev/null
@@ -1,492 +0,0 @@
-/*
- * src/vnet/ip/ip_neighbor.c: ip neighbor generic handling
- *
- * Copyright (c) 2018 Cisco and/or its affiliates.
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at:
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include <vnet/vnet.h>
-#include <vnet/ip/ip.h>
-#include <vnet/ip/ip6_neighbor.h>
-#include <vnet/ip/ip_neighbor.h>
-#include <vnet/ethernet/arp.h>
-
-/*
- * IP neighbor scan parameter defaults are as follows:
- * - Scan interval : 60 sec
- * - Max processing allowed per run : 20 usec
- * - Max probe/delete operations per run : 10
- * - Scan interrupt delay to resume scan : 1 msec
- * - Neighbor stale threshold : 4 x scan-interval
- */
-#define IP_NEIGHBOR_DEF_SCAN_INTERVAL (60.0)
-#define IP_NEIGHBOR_DEF_MAX_PROC_TIME (20e-6)
-#define IP_NEIGHBOR_DEF_SCAN_INT_DELAY (1e-3)
-#define IP_NEIGHBOR_DEF_STALE (4*IP_NEIGHBOR_DEF_SCAN_INTERVAL)
-#define IP_NEIGHBOR_DEF_MAX_UPDATE 10
-
-typedef struct
-{
- f64 scan_interval; /* Periodic scan interval */
- f64 max_proc_time; /* Max processing time allowed per run */
- f64 scan_int_delay; /* Scan interrupt delay to resume scan */
- f64 stale_threshold; /* IP neighbor stale threshod */
- u8 max_update; /* Max probe/delete actions allowed per run */
- u8 mode; /* IP neighbor scan mode */
-} ip_neighbor_scan_config_t;
-
-static ip_neighbor_scan_config_t ip_neighbor_scan_conf;
-
-u8 *
-format_ip_neighbor_flags (u8 * s, va_list * args)
-{
- const ip_neighbor_flags_t flags = va_arg (*args, int);
-
- if (flags & IP_NEIGHBOR_FLAG_STATIC)
- s = format (s, "S");
-
- if (flags & IP_NEIGHBOR_FLAG_DYNAMIC)
- s = format (s, "D");
-
- if (flags & IP_NEIGHBOR_FLAG_NO_FIB_ENTRY)
- s = format (s, "N");
-
- return s;
-}
-
-int
-ip_neighbor_add (const ip46_address_t * ip,
- ip46_type_t type,
- const mac_address_t * mac,
- u32 sw_if_index,
- ip_neighbor_flags_t flags, u32 * stats_index)
-{
- fib_protocol_t fproto;
- vnet_link_t linkt;
- int rv;
-
- /*
- * there's no validation here of the ND/ARP entry being added.
- * The expectation is that the FIB will ensure that nothing bad
- * will come of adding bogus entries.
- */
- if (IP46_TYPE_IP6 == type)
- {
- rv = vnet_set_ip6_ethernet_neighbor (vlib_get_main (),
- sw_if_index, &ip->ip6, mac, flags);
- fproto = FIB_PROTOCOL_IP6;
- linkt = VNET_LINK_IP6;
- }
- else
- {
- ethernet_arp_ip4_over_ethernet_address_t a = {
- .ip4 = ip->ip4,
- .mac = *mac,
- };
-
- rv =
- vnet_arp_set_ip4_over_ethernet (vnet_get_main (), sw_if_index, &a,
- flags);
- fproto = FIB_PROTOCOL_IP4;
- linkt = VNET_LINK_IP4;
- }
-
- if (0 == rv && stats_index)
- *stats_index = adj_nbr_find (fproto, linkt, ip, sw_if_index);
-
- return (rv);
-}
-
-int
-ip_neighbor_del (const ip46_address_t * ip, ip46_type_t type, u32 sw_if_index)
-{
- int rv;
-
- if (IP46_TYPE_IP6 == type)
- {
- rv = vnet_unset_ip6_ethernet_neighbor (vlib_get_main (),
- sw_if_index, &ip->ip6);
- }
- else
- {
- ethernet_arp_ip4_over_ethernet_address_t a = {
- .ip4 = ip->ip4,
- };
-
- rv =
- vnet_arp_unset_ip4_over_ethernet (vnet_get_main (), sw_if_index, &a);
- }
-
- return (rv);
-}
-
-void
-ip_neighbor_scan_enable_disable (ip_neighbor_scan_arg_t * arg)
-{
- ip_neighbor_scan_config_t *cfg = &ip_neighbor_scan_conf;
-
- cfg->mode = arg->mode;
-
- if (arg->mode)
- {
- cfg->scan_interval = arg->scan_interval ?
- arg->scan_interval * 60.0 : IP_NEIGHBOR_DEF_SCAN_INTERVAL;
- cfg->max_proc_time = arg->max_proc_time ?
- arg->max_proc_time * 1e-6 : IP_NEIGHBOR_DEF_MAX_PROC_TIME;
- cfg->scan_int_delay = arg->scan_int_delay ?
- arg->scan_int_delay * 1e-3 : IP_NEIGHBOR_DEF_SCAN_INT_DELAY;
- cfg->stale_threshold = arg->stale_threshold ?
- arg->stale_threshold * 60.0 : cfg->scan_interval * 4;
- cfg->max_update = arg->max_update ?
- cfg->max_update : IP_NEIGHBOR_DEF_MAX_UPDATE;
- }
- else
- cfg->scan_interval = IP_NEIGHBOR_DEF_SCAN_INTERVAL;
-}
-
-static_always_inline u32
-ip_neighbor_scan (vlib_main_t * vm, f64 start_time, u32 start_idx,
- u8 is_ip6, u8 delete_stale, u8 * update_count)
-{
- vnet_main_t *vnm = vnet_get_main ();
- ip_neighbor_scan_config_t *cfg = &ip_neighbor_scan_conf;
- ethernet_arp_ip4_entry_t *np4 = ip4_neighbors_pool ();
- ip6_neighbor_t *np6 = ip6_neighbors_pool ();
- ethernet_arp_ip4_entry_t *n4;
- ip6_neighbor_t *n6;
- u32 curr_idx = start_idx;
- u32 loop_count = 0;
- f64 delta, update_time;
-
- if (!is_ip6)
- {
- if (pool_is_free_index (np4, start_idx))
- curr_idx = pool_next_index (np4, start_idx);
- }
- else
- {
- if (pool_is_free_index (np6, start_idx))
- curr_idx = pool_next_index (np6, start_idx);
- }
-
- while (curr_idx != ~0)
- {
- /* allow no more than 10 neighbor updates or 20 usec of scan */
- if ((update_count[0] >= cfg->max_update) ||
- (((loop_count % 100) == 0) &&
- ((vlib_time_now (vm) - start_time) > cfg->max_proc_time)))
- break;
-
- if (!is_ip6)
- {
- n4 = pool_elt_at_index (np4, curr_idx);
- if (n4->flags & IP_NEIGHBOR_FLAG_STATIC)
- goto next_neighbor;
- update_time = n4->time_last_updated;
- }
- else
- {
- n6 = pool_elt_at_index (np6, curr_idx);
- if (n6->flags & IP_NEIGHBOR_FLAG_STATIC)
- goto next_neighbor;
- update_time = n6->time_last_updated;
- }
-
- delta = start_time - update_time;
- if (delete_stale && (delta >= cfg->stale_threshold))
- {
- update_count[0]++;
- /* delete stale neighbor */
- if (!is_ip6)
- {
- ethernet_arp_ip4_over_ethernet_address_t delme = {
- .ip4.as_u32 = n4->ip4_address.as_u32,
- .mac = n4->mac,
- };
-
- vnet_arp_unset_ip4_over_ethernet (vnm, n4->sw_if_index, &delme);
- }
- else
- {
- vnet_unset_ip6_ethernet_neighbor
- (vm, n6->key.sw_if_index, &n6->key.ip6_address);
- }
- }
- else if (delta >= cfg->scan_interval)
- {
- update_count[0]++;
- /* probe neighbor */
- if (!is_ip6)
- ip4_probe_neighbor (vm, &n4->ip4_address, n4->sw_if_index, 1);
- else
- ip6_probe_neighbor (vm, &n6->key.ip6_address,
- n6->key.sw_if_index, 1);
- }
-
- next_neighbor:
- loop_count++;
-
- if (!is_ip6)
- curr_idx = pool_next_index (np4, curr_idx);
- else
- curr_idx = pool_next_index (np6, curr_idx);
- }
-
- return curr_idx;
-}
-
-static uword
-neighbor_scan_process (vlib_main_t * vm,
- vlib_node_runtime_t * rt, vlib_frame_t * f)
-{
- ip_neighbor_scan_config_t *cfg = &ip_neighbor_scan_conf;
- f64 timeout = IP_NEIGHBOR_DEF_SCAN_INTERVAL;
- f64 start, next_scan = CLIB_TIME_MAX;
- u32 ip4_nidx = 0; /* ip4 neighbor pool index */
- u32 ip6_nidx = 0; /* ip6 neighbor pool index */
- uword *event_data = 0;
- u8 purge4 = 0, purge6 = 0; /* flags to purge stale entry during scan */
- u8 update;
-
- cfg->mode = IP_SCAN_DISABLED;
- cfg->scan_interval = IP_NEIGHBOR_DEF_SCAN_INTERVAL;
- cfg->scan_int_delay = IP_NEIGHBOR_DEF_SCAN_INTERVAL;
-
- while (1)
- {
- vlib_process_wait_for_event_or_clock (vm, timeout);
- vlib_process_get_events (vm, &event_data);
- vec_reset_length (event_data);
-
- start = vlib_time_now (vm);
- update = 0;
-
- if ((ip4_nidx == 0) && (ip6_nidx == 0)) /* starting a fresh scan */
- next_scan = start + cfg->scan_interval;
-
- if ((cfg->mode & IP_SCAN_V4_NEIGHBORS) == 0)
- ip4_nidx = ~0; /* disable ip4 neighbor scan */
-
- if ((cfg->mode & IP_SCAN_V6_NEIGHBORS) == 0)
- ip6_nidx = ~0; /* disable ip6 neighbor scan */
-
- if (ip4_nidx != ~0) /* scan ip4 neighbors */
- ip4_nidx = ip_neighbor_scan (vm, start, ip4_nidx, /* ip4 */ 0,
- purge4, &update);
-
- if (ip6_nidx != ~0) /* scan ip6 neighbors */
- ip6_nidx = ip_neighbor_scan (vm, start, ip6_nidx, /* ip6 */ 1,
- purge6, &update);
-
- if ((ip4_nidx == ~0) && (ip6_nidx == ~0))
- { /* scan complete */
- timeout = next_scan - vlib_time_now (vm);
- ip4_nidx = ip6_nidx = 0;
- purge4 = cfg->mode & IP_SCAN_V4_NEIGHBORS;
- purge6 = cfg->mode & IP_SCAN_V6_NEIGHBORS;
- }
- else /* scan incomplete */
- timeout = cfg->scan_int_delay;
-
- if (timeout > cfg->scan_interval)
- timeout = cfg->scan_interval;
- else if (timeout < cfg->scan_int_delay)
- timeout = cfg->scan_int_delay;
-
- }
- return 0;
-}
-
-/* *INDENT-OFF* */
-VLIB_REGISTER_NODE (neighbor_scan_process_node,static) = {
- .function = neighbor_scan_process,
- .type = VLIB_NODE_TYPE_PROCESS,
- .name = "ip-neighbor-scan-process",
-};
-/* *INDENT-ON* */
-
-static clib_error_t *
-ip_neighbor_scan_cli (vlib_main_t * vm, unformat_input_t * input,
- vlib_cli_command_t * cmd)
-{
- unformat_input_t _line_input, *line_input = &_line_input;
- clib_error_t *error = 0;
- u32 interval = 0, time = 0, update = 0, delay = 0, stale = 0;
- ip_neighbor_scan_arg_t arg;
-
- clib_memset (&arg, 0, sizeof (arg));
- arg.mode = IP_SCAN_V46_NEIGHBORS;
-
- /* Get a line of input. */
- if (!unformat_user (input, unformat_line_input, line_input))
- {
- ip_neighbor_scan_enable_disable (&arg);
- return error;
- }
-
- while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
- {
- if (unformat (line_input, "ip4"))
- arg.mode = IP_SCAN_V4_NEIGHBORS;
-
- else if (unformat (line_input, "ip6"))
- arg.mode = IP_SCAN_V6_NEIGHBORS;
-
- else if (unformat (line_input, "both"))
- arg.mode = IP_SCAN_V46_NEIGHBORS;
-
- else if (unformat (line_input, "disable"))
- arg.mode = IP_SCAN_DISABLED;
-
- else if (unformat (line_input, "interval %d", &interval))
- arg.scan_interval = interval;
-
- else if (unformat (line_input, "max-time %d", &time))
- arg.max_proc_time = time;
-
- else if (unformat (line_input, "max-update %d", &update))
- arg.max_update = update;
-
- else if (unformat (line_input, "delay %d", &delay))
- arg.scan_int_delay = delay;
-
- else if (unformat (line_input, "stale %d", &stale))
- arg.stale_threshold = stale;
-
- else
- {
- error = clib_error_return (0, "unknown input '%U'",
- format_unformat_error, line_input);
- goto done;
- }
- }
-
- if (interval > 255)
- {
- error = clib_error_return (0, "interval cannot exceed 255 minutes.");
- goto done;
- }
- if (time > 255)
- {
- error = clib_error_return (0, "max-time cannot exceed 255 usec.");
- goto done;
- }
- if (update > 255)
- {
- error = clib_error_return (0, "max-update cannot exceed 255.");
- goto done;
- }
- if (delay > 255)
- {
- error = clib_error_return (0, "delay cannot exceed 255 msec.");
- goto done;
- }
- if (stale > 255)
- {
- error = clib_error_return (0, "stale cannot exceed 255 minutes.");
- goto done;
- }
-
- ip_neighbor_scan_enable_disable (&arg);
-
-done:
- unformat_free (line_input);
-
- return error;
-}
-
-/*?
- * The '<em>ip scan-neighbor</em>' command can be used to enable and disable
- * periodic IP neighbor scan and change various scan parameters.
- *
- * @note The default parameters used for IP neighbor scan should work fine
- * under normal conditions. They should not be changed from the default unless
- * properly tested to work as desired.
- *
- * @cliexpar
- * Example of enabling IP neighbor scan:
- * @cliexcmd{ip neighbor-scan enable}
-?*/
-/* *INDENT-OFF* */
-VLIB_CLI_COMMAND (ip_scan_neighbor_command, static) = {
- .path = "ip scan-neighbor",
- .function = ip_neighbor_scan_cli,
- .short_help = "ip scan-neighbor [ip4|ip6|both|disable] [interval <n-min>] [max-time <n-usec>] [max-update <n>] [delay <n-msec>] [stale <n-min>]",
- .is_mp_safe = 1,
-};
-/* *INDENT-ON* */
-
-static u8 *
-format_ip_scan_mode (u8 * s, va_list * args)
-{
- u8 mode = va_arg (*args, u32);
- switch (mode)
- {
- case IP_SCAN_V4_NEIGHBORS:
- return format (s, "IPv4");
- case IP_SCAN_V6_NEIGHBORS:
- return format (s, "IPv6");
- case IP_SCAN_V46_NEIGHBORS:
- return format (s, "IPv4 and IPv6");
- }
- return format (s, "unknown");
-}
-
-static clib_error_t *
-show_ip_neighbor_scan (vlib_main_t * vm, unformat_input_t * input,
- vlib_cli_command_t * cmd)
-{
- ip_neighbor_scan_config_t *cfg = &ip_neighbor_scan_conf;
-
- if (cfg->mode == 0)
- vlib_cli_output (vm,
- "IP neighbor scan disabled - current time is %.4f sec",
- vlib_time_now (vm));
- else
- vlib_cli_output (vm, "IP neighbor scan enabled for %U neighbors - "
- "current time is %.4f sec\n "
- "Full_scan_interval: %f min "
- "Stale_purge_threshod: %f min\n "
- "Max_process_time: %f usec Max_updates %d "
- "Delay_to_resume_after_max_limit: %f msec",
- format_ip_scan_mode, cfg->mode,
- vlib_time_now (vm), cfg->scan_interval / 60.0,
- cfg->stale_threshold / 60.0, cfg->max_proc_time / 1e-6,
- cfg->max_update, cfg->scan_int_delay / 1e-3);
- return 0;
-}
-
-/*?
- * The '<em>show ip scan-neighbor</em>' command can be used to show the current
- * periodic IP neighbor scan parameters
- *
- * @cliexpar
- * Example of showing IP neighbor scan current parameters:
- * @cliexcmd{show ip neighbor-scan}
-?*/
-/* *INDENT-OFF* */
-VLIB_CLI_COMMAND (show_ip_scan_neighbor_command, static) = {
- .path = "show ip scan-neighbor",
- .function = show_ip_neighbor_scan,
- .short_help = "show ip scan-neighbor",
- .is_mp_safe = 1,
-};
-/* *INDENT-ON* */
-
-/*
- * fd.io coding-style-patch-verification: ON
- *
- * Local Variables:
- * eval: (c-set-style "gnu")
- * End:
- */
diff --git a/src/vnet/ip/lookup.c b/src/vnet/ip/lookup.c
index c1fbc429b97..3b30fb9ce5e 100644
--- a/src/vnet/ip/lookup.c
+++ b/src/vnet/ip/lookup.c
@@ -50,8 +50,6 @@
#include <vnet/dpo/receive_dpo.h>
#include <vnet/dpo/ip_null_dpo.h>
#include <vnet/dpo/l3_proxy_dpo.h>
-#include <vnet/ip/ip6_neighbor.h>
-#include <vnet/ethernet/arp.h>
/**
* @file
@@ -1029,210 +1027,6 @@ VLIB_CLI_COMMAND (ip_mroute_command, static) =
};
/* *INDENT-ON* */
-/*
- * The next two routines address a longstanding script hemorrhoid.
- * Probing a v4 or v6 neighbor needs to appear to be synchronous,
- * or dependent route-adds will simply fail.
- */
-static clib_error_t *
-ip6_probe_neighbor_wait (vlib_main_t * vm, ip6_address_t * a, u32 sw_if_index,
- int retry_count)
-{
- vnet_main_t *vnm = vnet_get_main ();
- clib_error_t *e;
- int i;
- int resolved = 0;
- uword event_type;
- uword *event_data = 0;
-
- ASSERT (vlib_in_process_context (vm));
-
- if (retry_count > 0)
- vnet_register_ip6_neighbor_resolution_event
- (vnm, a, vlib_get_current_process (vm)->node_runtime.node_index,
- 1 /* event */ , 0 /* data */ );
-
- for (i = 0; i < retry_count; i++)
- {
- /* The interface may be down, etc. */
- e = ip6_probe_neighbor (vm, a, sw_if_index, 0);
-
- if (e)
- return e;
-
- vlib_process_wait_for_event_or_clock (vm, 1.0);
- event_type = vlib_process_get_events (vm, &event_data);
- switch (event_type)
- {
- case 1: /* resolved... */
- vlib_cli_output (vm, "Resolved %U", format_ip6_address, a);
- resolved = 1;
- goto done;
-
- case ~0: /* timeout */
- break;
-
- default:
- clib_warning ("unknown event_type %d", event_type);
- }
- vec_reset_length (event_data);
- }
-
-done:
-
- if (!resolved)
- return clib_error_return (0, "Resolution failed for %U",
- format_ip6_address, a);
- return 0;
-}
-
-static clib_error_t *
-ip4_probe_neighbor_wait (vlib_main_t * vm, ip4_address_t * a, u32 sw_if_index,
- int retry_count)
-{
- vnet_main_t *vnm = vnet_get_main ();
- clib_error_t *e;
- int i;
- int resolved = 0;
- uword event_type;
- uword *event_data = 0;
-
- ASSERT (vlib_in_process_context (vm));
-
- if (retry_count > 0)
- vnet_register_ip4_arp_resolution_event
- (vnm, a, vlib_get_current_process (vm)->node_runtime.node_index,
- 1 /* event */ , 0 /* data */ );
-
- for (i = 0; i < retry_count; i++)
- {
- /* The interface may be down, etc. */
- e = ip4_probe_neighbor (vm, a, sw_if_index, 0);
-
- if (e)
- return e;
-
- vlib_process_wait_for_event_or_clock (vm, 1.0);
- event_type = vlib_process_get_events (vm, &event_data);
- switch (event_type)
- {
- case 1: /* resolved... */
- vlib_cli_output (vm, "Resolved %U", format_ip4_address, a);
- resolved = 1;
- goto done;
-
- case ~0: /* timeout */
- break;
-
- default:
- clib_warning ("unknown event_type %d", event_type);
- }
- vec_reset_length (event_data);
- }
-
-done:
-
- vec_reset_length (event_data);
-
- if (!resolved)
- return clib_error_return (0, "Resolution failed for %U",
- format_ip4_address, a);
- return 0;
-}
-
-static clib_error_t *
-probe_neighbor_address (vlib_main_t * vm,
- unformat_input_t * input, vlib_cli_command_t * cmd)
-{
- vnet_main_t *vnm = vnet_get_main ();
- unformat_input_t _line_input, *line_input = &_line_input;
- ip4_address_t a4;
- ip6_address_t a6;
- clib_error_t *error = 0;
- u32 sw_if_index = ~0;
- int retry_count = 3;
- int is_ip4 = 1;
- int address_set = 0;
-
- /* Get a line of input. */
- if (!unformat_user (input, unformat_line_input, line_input))
- return 0;
-
- while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
- {
- if (unformat_user (line_input, unformat_vnet_sw_interface, vnm,
- &sw_if_index))
- ;
- else if (unformat (line_input, "retry %d", &retry_count))
- ;
-
- else if (unformat (line_input, "%U", unformat_ip4_address, &a4))
- address_set++;
- else if (unformat (line_input, "%U", unformat_ip6_address, &a6))
- {
- address_set++;
- is_ip4 = 0;
- }
- else
- {
- error = clib_error_return (0, "unknown input '%U'",
- format_unformat_error, line_input);
- goto done;
- }
- }
-
- if (sw_if_index == ~0)
- {
- error = clib_error_return (0, "Interface required, not set.");
- goto done;
- }
- if (address_set == 0)
- {
- error = clib_error_return (0, "ip address required, not set.");
- goto done;
- }
- if (address_set > 1)
- {
- error = clib_error_return (0, "Multiple ip addresses not supported.");
- goto done;
- }
-
- if (is_ip4)
- error = ip4_probe_neighbor_wait (vm, &a4, sw_if_index, retry_count);
- else
- error = ip6_probe_neighbor_wait (vm, &a6, sw_if_index, retry_count);
-
-done:
- unformat_free (line_input);
-
- return error;
-}
-
-/*?
- * The '<em>ip probe-neighbor</em>' command ARPs for IPv4 addresses or
- * attempts IPv6 neighbor discovery depending on the supplied IP address
- * format.
- *
- * @note This command will not immediately affect the indicated FIB; it
- * is not suitable for use in establishing a FIB entry prior to adding
- * recursive FIB entries. As in: don't use it in a script to probe a
- * gateway prior to adding a default route. It won't work. Instead,
- * configure a static ARP cache entry [see '<em>set ip arp</em>'], or
- * a static IPv6 neighbor [see '<em>set ip6 neighbor</em>'].
- *
- * @cliexpar
- * Example of probe for an IPv4 address:
- * @cliexcmd{ip probe-neighbor GigabitEthernet2/0/0 172.16.1.2}
-?*/
-/* *INDENT-OFF* */
-VLIB_CLI_COMMAND (ip_probe_neighbor_command, static) = {
- .path = "ip probe-neighbor",
- .function = probe_neighbor_address,
- .short_help = "ip probe-neighbor <interface> <ip4-addr> | <ip6-addr> [retry nn]",
- .is_mp_safe = 1,
-};
-/* *INDENT-ON* */
-
clib_error_t *
vnet_ip_container_proxy_add_del (vnet_ip_container_proxy_args_t * args)
{
diff --git a/src/vnet/ip6-nd/ip6_mld.c b/src/vnet/ip6-nd/ip6_mld.c
new file mode 100644
index 00000000000..bd5f8489b7b
--- /dev/null
+++ b/src/vnet/ip6-nd/ip6_mld.c
@@ -0,0 +1,541 @@
+/*
+ * ip/ip6_neighbor.c: IP6 neighbor handling
+ *
+ * Copyright (c) 2010 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <vnet/ip6-nd/ip6_nd.h>
+
+#include <vnet/ip/ip.h>
+#include <vnet/ip-neighbor/ip_neighbor_dp.h>
+
+#include <vnet/fib/ip6_fib.h>
+#include <vnet/ip/ip6_link.h>
+#include <vnet/ip/ip6_ll_table.h>
+
+/**
+ * @file
+ * @brief IPv6 Neighbor Adjacency and Neighbor Discovery.
+ *
+ * The files contains the API and CLI code for managing IPv6 neighbor
+ * adjacency tables and neighbor discovery logic.
+ */
+
+/* *INDENT-OFF*/
+/* multicast listener report packet format for ethernet. */
+typedef CLIB_PACKED (struct
+{
+ ip6_hop_by_hop_ext_t ext_hdr;
+ ip6_router_alert_option_t alert;
+ ip6_padN_option_t pad;
+ icmp46_header_t icmp;
+ u16 rsvd;
+ u16 num_addr_records;
+ icmp6_multicast_address_record_t records[0];
+}) icmp6_multicast_listener_report_header_t;
+
+typedef CLIB_PACKED (struct
+{
+ ip6_header_t ip;
+ icmp6_multicast_listener_report_header_t report_hdr;
+}) icmp6_multicast_listener_report_packet_t;
+/* *INDENT-ON*/
+
+typedef struct
+{
+ /* group information */
+ u16 num_sources;
+ u8 type;
+ ip6_address_t mcast_address;
+ ip6_address_t *mcast_source_address_pool;
+} ip6_mldp_group_t;
+
+typedef struct ip6_nd_t_
+{
+ /* local information */
+ u32 sw_if_index;
+ int all_routers_mcast;
+
+ /* MLDP group information */
+ ip6_mldp_group_t *mldp_group_pool;
+
+ /* Hash table mapping address to index in mldp address pool. */
+ mhash_t address_to_mldp_index;
+
+} ip6_mld_t;
+
+
+static ip6_link_delegate_id_t ip6_mld_delegate_id;
+static ip6_mld_t *ip6_mld_pool;
+
+/////
+
+static inline ip6_mld_t *
+ip6_mld_get_itf (u32 sw_if_index)
+{
+ index_t imi;
+
+ imi = ip6_link_delegate_get (sw_if_index, ip6_mld_delegate_id);
+
+ if (INDEX_INVALID != imi)
+ return (pool_elt_at_index (ip6_mld_pool, imi));
+
+ return (NULL);
+}
+
+/**
+ * @brief Add a multicast Address to the advertised MLD set
+ */
+static void
+ip6_neighbor_add_mld_prefix (ip6_mld_t * imd, ip6_address_t * addr)
+{
+ ip6_mldp_group_t *mcast_group_info;
+ uword *p;
+
+ /* lookup mldp info for this interface */
+ p = mhash_get (&imd->address_to_mldp_index, addr);
+ mcast_group_info = p ? pool_elt_at_index (imd->mldp_group_pool, p[0]) : 0;
+
+ /* add address */
+ if (!mcast_group_info)
+ {
+ /* add */
+ u32 mi;
+ pool_get_zero (imd->mldp_group_pool, mcast_group_info);
+
+ mi = mcast_group_info - imd->mldp_group_pool;
+ mhash_set (&imd->address_to_mldp_index, addr, mi, /* old_value */
+ 0);
+
+ mcast_group_info->type = 4;
+ mcast_group_info->mcast_source_address_pool = 0;
+ mcast_group_info->num_sources = 0;
+ clib_memcpy (&mcast_group_info->mcast_address, addr,
+ sizeof (ip6_address_t));
+ }
+}
+
+/**
+ * @brief Delete a multicast Address from the advertised MLD set
+ */
+static void
+ip6_neighbor_del_mld_prefix (ip6_mld_t * imd, ip6_address_t * addr)
+{
+ ip6_mldp_group_t *mcast_group_info;
+ uword *p;
+
+ p = mhash_get (&imd->address_to_mldp_index, &addr);
+ mcast_group_info = p ? pool_elt_at_index (imd->mldp_group_pool, p[0]) : 0;
+
+ if (mcast_group_info)
+ {
+ mhash_unset (&imd->address_to_mldp_index, &addr,
+ /* old_value */ 0);
+ pool_put (imd->mldp_group_pool, mcast_group_info);
+ }
+}
+
+/**
+ * @brief Add a multicast Address to the advertised MLD set
+ */
+static void
+ip6_neighbor_add_mld_grp (ip6_mld_t * a,
+ ip6_multicast_address_scope_t scope,
+ ip6_multicast_link_local_group_id_t group)
+{
+ ip6_address_t addr;
+
+ ip6_set_reserved_multicast_address (&addr, scope, group);
+
+ ip6_neighbor_add_mld_prefix (a, &addr);
+}
+
+static const ethernet_interface_t *
+ip6_mld_get_eth_itf (u32 sw_if_index)
+{
+ const vnet_sw_interface_t *sw;
+
+ /* lookup radv container - ethernet interfaces only */
+ sw = vnet_get_sup_sw_interface (vnet_get_main (), sw_if_index);
+ if (sw->type == VNET_SW_INTERFACE_TYPE_HARDWARE)
+ return (ethernet_get_interface (&ethernet_main, sw->hw_if_index));
+
+ return (NULL);
+}
+
+/**
+ * @brief create and initialize router advertisement parameters with default
+ * values for this intfc
+ */
+static void
+ip6_mld_link_enable (u32 sw_if_index)
+{
+ const ethernet_interface_t *eth;
+ ip6_mld_t *imd;
+
+ eth = ip6_mld_get_eth_itf (sw_if_index);
+
+ if (NULL == eth)
+ return;
+
+ ASSERT (INDEX_INVALID == ip6_link_delegate_get (sw_if_index,
+ ip6_mld_delegate_id));
+
+ pool_get_zero (ip6_mld_pool, imd);
+
+ imd->sw_if_index = sw_if_index;
+
+ mhash_init (&imd->address_to_mldp_index, sizeof (uword),
+ sizeof (ip6_address_t));
+
+ /* add multicast groups we will always be reporting */
+ ip6_neighbor_add_mld_grp (imd,
+ IP6_MULTICAST_SCOPE_link_local,
+ IP6_MULTICAST_GROUP_ID_all_hosts);
+ ip6_neighbor_add_mld_grp (imd,
+ IP6_MULTICAST_SCOPE_link_local,
+ IP6_MULTICAST_GROUP_ID_all_routers);
+ ip6_neighbor_add_mld_grp (imd,
+ IP6_MULTICAST_SCOPE_link_local,
+ IP6_MULTICAST_GROUP_ID_mldv2_routers);
+
+ ip6_link_delegate_update (sw_if_index, ip6_mld_delegate_id,
+ imd - ip6_mld_pool);
+}
+
+static void
+ip6_mld_delegate_disable (index_t imdi)
+{
+ ip6_mldp_group_t *m;
+ ip6_mld_t *imd;
+
+ imd = pool_elt_at_index (ip6_mld_pool, imdi);
+
+ /* clean MLD pools */
+ /* *INDENT-OFF* */
+ pool_flush (m, imd->mldp_group_pool,
+ ({
+ mhash_unset (&imd->address_to_mldp_index, &m->mcast_address, 0);
+ }));
+ /* *INDENT-ON* */
+
+ pool_free (imd->mldp_group_pool);
+
+ mhash_free (&imd->address_to_mldp_index);
+
+ pool_put (ip6_mld_pool, imd);
+}
+
+/* send an mldpv2 report */
+static void
+ip6_neighbor_send_mldpv2_report (u32 sw_if_index)
+{
+ vnet_main_t *vnm = vnet_get_main ();
+ vlib_main_t *vm = vnm->vlib_main;
+ int bogus_length;
+
+ ip6_mld_t *imd;
+ u16 payload_length;
+ vlib_buffer_t *b0;
+ ip6_header_t *ip0;
+ u32 *to_next;
+ vlib_frame_t *f;
+ u32 bo0;
+ u32 n_to_alloc = 1;
+
+ icmp6_multicast_listener_report_header_t *rh0;
+ icmp6_multicast_listener_report_packet_t *rp0;
+
+ if (! !vnet_sw_interface_is_admin_up (vnm, sw_if_index))
+ return;
+
+ imd = ip6_mld_get_itf (sw_if_index);
+
+ if (NULL == imd)
+ return;
+
+ /* send report now - build a mldpv2 report packet */
+ if (0 == vlib_buffer_alloc (vm, &bo0, n_to_alloc))
+ {
+ alloc_fail:
+ clib_warning ("buffer allocation failure");
+ return;
+ }
+
+ b0 = vlib_get_buffer (vm, bo0);
+
+ /* adjust the sizeof the buffer to just include the ipv6 header */
+ b0->current_length = sizeof (icmp6_multicast_listener_report_packet_t);
+
+ payload_length = sizeof (icmp6_multicast_listener_report_header_t);
+
+ b0->error = ICMP6_ERROR_NONE;
+
+ rp0 = vlib_buffer_get_current (b0);
+ ip0 = (ip6_header_t *) & rp0->ip;
+ rh0 = (icmp6_multicast_listener_report_header_t *) & rp0->report_hdr;
+
+ clib_memset (rp0, 0x0, sizeof (icmp6_multicast_listener_report_packet_t));
+
+ ip0->ip_version_traffic_class_and_flow_label =
+ clib_host_to_net_u32 (0x6 << 28);
+
+ ip0->protocol = IP_PROTOCOL_IP6_HOP_BY_HOP_OPTIONS;
+ /* for DEBUG - vnet driver won't seem to emit router alerts */
+ /* ip0->protocol = IP_PROTOCOL_ICMP6; */
+ ip0->hop_limit = 1;
+
+ rh0->icmp.type = ICMP6_multicast_listener_report_v2;
+
+ /* source address MUST be the link-local address */
+ ip6_address_copy (&ip0->src_address,
+ ip6_get_link_local_address (sw_if_index));
+
+ /* destination is all mldpv2 routers */
+ ip6_set_reserved_multicast_address (&ip0->dst_address,
+ IP6_MULTICAST_SCOPE_link_local,
+ IP6_MULTICAST_GROUP_ID_mldv2_routers);
+
+ /* add reports here */
+ ip6_mldp_group_t *m;
+ int num_addr_records = 0;
+ icmp6_multicast_address_record_t rr;
+
+ /* fill in the hop-by-hop extension header (router alert) info */
+ rh0->ext_hdr.next_hdr = IP_PROTOCOL_ICMP6;
+ rh0->ext_hdr.n_data_u64s = 0;
+
+ rh0->alert.type = IP6_MLDP_ALERT_TYPE;
+ rh0->alert.len = 2;
+ rh0->alert.value = 0;
+
+ rh0->pad.type = 1;
+ rh0->pad.len = 0;
+
+ rh0->icmp.checksum = 0;
+
+ /* *INDENT-OFF* */
+ pool_foreach (m, imd->mldp_group_pool,
+ ({
+ rr.type = m->type;
+ rr.aux_data_len_u32s = 0;
+ rr.num_sources = clib_host_to_net_u16 (m->num_sources);
+ clib_memcpy(&rr.mcast_addr, &m->mcast_address, sizeof(ip6_address_t));
+
+ num_addr_records++;
+
+ if(vlib_buffer_add_data (vm, &bo0, (void *)&rr,
+ sizeof(icmp6_multicast_address_record_t)))
+ {
+ vlib_buffer_free (vm, &bo0, 1);
+ goto alloc_fail;
+ }
+
+ payload_length += sizeof( icmp6_multicast_address_record_t);
+ }));
+ /* *INDENT-ON* */
+
+ rh0->rsvd = 0;
+ rh0->num_addr_records = clib_host_to_net_u16 (num_addr_records);
+
+ /* update lengths */
+ ip0->payload_length = clib_host_to_net_u16 (payload_length);
+
+ rh0->icmp.checksum = ip6_tcp_udp_icmp_compute_checksum (vm, b0, ip0,
+ &bogus_length);
+ ASSERT (bogus_length == 0);
+
+ /*
+ * OK to override w/ no regard for actual FIB, because
+ * ip6-rewrite only looks at the adjacency.
+ */
+ vnet_buffer (b0)->sw_if_index[VLIB_RX] =
+ vnet_main.local_interface_sw_if_index;
+
+ vnet_buffer (b0)->ip.adj_index[VLIB_TX] =
+ ip6_link_get_mcast_adj (sw_if_index);
+ b0->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED;
+
+ vlib_node_t *node = vlib_get_node_by_name (vm, (u8 *) "ip6-rewrite-mcast");
+
+ f = vlib_get_frame_to_node (vm, node->index);
+ to_next = vlib_frame_vector_args (f);
+ to_next[0] = bo0;
+ f->n_vectors = 1;
+
+ vlib_put_frame_to_node (vm, node->index, f);
+ return;
+}
+
+/* send a RA or update the timer info etc.. */
+static uword
+ip6_mld_timer_event (vlib_main_t * vm,
+ vlib_node_runtime_t * node, vlib_frame_t * frame)
+{
+ vnet_main_t *vnm = vnet_get_main ();
+ ip6_mld_t *imd;
+
+ /* Interface ip6 radv info list */
+ /* *INDENT-OFF* */
+ pool_foreach (imd, ip6_mld_pool,
+ ({
+ if(!vnet_sw_interface_is_admin_up (vnm, imd->sw_if_index))
+ {
+ imd->all_routers_mcast = 0;
+ continue;
+ }
+
+ /* Make sure that we've joined the all-routers multicast group */
+ if(!imd->all_routers_mcast)
+ {
+ /* send MDLP_REPORT_EVENT message */
+ ip6_neighbor_send_mldpv2_report(imd->sw_if_index);
+ imd->all_routers_mcast = 1;
+ }
+ }));
+ /* *INDENT-ON* */
+
+ return 0;
+}
+
+static uword
+ip6_mld_event_process (vlib_main_t * vm,
+ vlib_node_runtime_t * node, vlib_frame_t * frame)
+{
+ uword event_type;
+
+ /* init code here */
+
+ while (1)
+ {
+ vlib_process_wait_for_event_or_clock (vm, 1. /* seconds */ );
+
+ if (!vlib_process_get_event_data (vm, &event_type))
+ {
+ /* No events found: timer expired. */
+ /* process interface list and send RAs as appropriate, update timer info */
+ ip6_mld_timer_event (vm, node, frame);
+ }
+ /* else; no events */
+ }
+ return frame->n_vectors;
+}
+
+/* *INDENT-OFF* */
+VLIB_REGISTER_NODE (ip6_mld_event_process_node) = {
+ .function = ip6_mld_event_process,
+ .name = "ip6-mld-process",
+ .type = VLIB_NODE_TYPE_PROCESS,
+};
+/* *INDENT-ON* */
+
+static u8 *
+format_ip6_mld (u8 * s, va_list * args)
+{
+ index_t imi = va_arg (*args, index_t);
+ u32 indent = va_arg (*args, u32);
+ ip6_mldp_group_t *m;
+ ip6_mld_t *imd;
+
+ imd = pool_elt_at_index (ip6_mld_pool, imi);
+
+ s = format (s, "%UJoined group address(es):\n", format_white_space, indent);
+
+ /* *INDENT-OFF* */
+ pool_foreach (m, imd->mldp_group_pool,
+ ({
+ s = format (s, "%U%U\n",
+ format_white_space, indent+2,
+ format_ip6_address,
+ &m->mcast_address);
+ }));
+ /* *INDENT-ON* */
+
+ return (s);
+}
+
+/**
+ * @brief callback when an interface address is added or deleted
+ */
+static void
+ip6_mld_address_add (u32 imi,
+ const ip6_address_t * address, u8 address_oength)
+{
+ ip6_mld_t *imd;
+ ip6_address_t a;
+
+ imd = pool_elt_at_index (ip6_mld_pool, imi);
+
+ /* create solicited node multicast address for this interface address */
+ ip6_set_solicited_node_multicast_address (&a, 0);
+
+ a.as_u8[0xd] = address->as_u8[0xd];
+ a.as_u8[0xe] = address->as_u8[0xe];
+ a.as_u8[0xf] = address->as_u8[0xf];
+
+ ip6_neighbor_add_mld_prefix (imd, &a);
+}
+
+static void
+ip6_mld_address_del (u32 imi,
+ const ip6_address_t * address, u8 address_oength)
+{
+ ip6_mld_t *imd;
+ ip6_address_t a;
+
+ imd = pool_elt_at_index (ip6_mld_pool, imi);
+
+ /* create solicited node multicast address for this interface address */
+ ip6_set_solicited_node_multicast_address (&a, 0);
+
+ a.as_u8[0xd] = address->as_u8[0xd];
+ a.as_u8[0xe] = address->as_u8[0xe];
+ a.as_u8[0xf] = address->as_u8[0xf];
+
+ ip6_neighbor_del_mld_prefix (imd, &a);
+}
+
+/**
+ * VFT for registering as a delegate to an IP6 link
+ */
+const static ip6_link_delegate_vft_t ip6_mld_delegate_vft = {
+ .ildv_disable = ip6_mld_delegate_disable,
+ .ildv_enable = ip6_mld_link_enable,
+ .ildv_format = format_ip6_mld,
+ .ildv_addr_add = ip6_mld_address_add,
+ .ildv_addr_del = ip6_mld_address_del,
+};
+
+static clib_error_t *
+ip6_mld_init (vlib_main_t * vm)
+{
+ ip6_mld_delegate_id = ip6_link_delegate_register (&ip6_mld_delegate_vft);
+
+ return (NULL);
+}
+
+/* *INDENT-OFF* */
+VLIB_INIT_FUNCTION (ip6_mld_init) =
+{
+ .runs_after = VLIB_INITS("icmp6_init"),
+};
+/* *INDENT-ON* */
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/ip6-nd/ip6_nd.api b/src/vnet/ip6-nd/ip6_nd.api
new file mode 100644
index 00000000000..91b5faf9bdf
--- /dev/null
+++ b/src/vnet/ip6-nd/ip6_nd.api
@@ -0,0 +1,236 @@
+/* Hey Emacs use -*- mode: C -*- */
+/*
+ * Copyright (c) 2018 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/** \file
+
+ This file defines vpp IP control-plane API messages which are generally
+ called through a shared memory interface.
+*/
+
+option version = "1.0.0";
+
+import "vnet/ip/ip_types.api";
+import "vnet/interface_types.api";
+
+/** \brief IPv6 router advertisement config request
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param suppress -
+ @param managed -
+ @param other -
+ @param ll_option -
+ @param send_unicast -
+ @param cease -
+ @param is_no -
+ @param default_router -
+ @param max_interval -
+ @param min_interval -
+ @param lifetime -
+ @param initial_count -
+ @param initial_interval -
+*/
+autoreply define sw_interface_ip6nd_ra_config
+{
+ u32 client_index;
+ u32 context;
+ vl_api_interface_index_t sw_if_index;
+ u8 suppress;
+ u8 managed;
+ u8 other;
+ u8 ll_option;
+ u8 send_unicast;
+ u8 cease;
+ bool is_no;
+ u8 default_router;
+ u32 max_interval;
+ u32 min_interval;
+ u32 lifetime;
+ u32 initial_count;
+ u32 initial_interval;
+};
+
+/** \brief IPv6 router advertisement prefix config request
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param sw_if_index - The interface the RA prefix information is for
+ @param prefix - The prefix to advertise
+ @param use_default - Revert to default settings
+ @param no_advertise - Do not advertise this prefix
+ @param off_link - The prefix is off link (it is not configured on the interface)
+ Configures the L-flag, When set, indicates that this
+ prefix can be used for on-link determination.
+ @param no_autoconfig - Setting for the A-flag. When
+ set indicates that this prefix can be used for
+ stateless address configuration.
+ @param no_onlink - The prefix is not on link. Make sure this is consistent
+ with the off_link parameter else YMMV
+ @param is_no - add/delete
+ @param val_lifetime - The length of time in
+ seconds (relative to the time the packet is sent)
+ that the prefix is valid for the purpose of on-link
+ determination. A value of all one bits
+ (0xffffffff) represents infinity
+ @param pref_lifetime - The length of time in
+ seconds (relative to the time the packet is sent)
+ that addresses generated from the prefix via
+ stateless address autoconfiguration remain
+ preferred [ADDRCONF]. A value of all one bits
+ (0xffffffff) represents infinity.
+*/
+autoreply define sw_interface_ip6nd_ra_prefix
+{
+ u32 client_index;
+ u32 context;
+ vl_api_interface_index_t sw_if_index;
+ vl_api_prefix_t prefix;
+ bool use_default;
+ bool no_advertise;
+ bool off_link;
+ bool no_autoconfig;
+ bool no_onlink;
+ bool is_no;
+ u32 val_lifetime;
+ u32 pref_lifetime;
+};
+
+/** \brief IPv6 ND proxy config
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param sw_if_index - The interface the host is on
+ @param ip - The address of the host for which to proxy for
+ @param is_add - Adding or deleting
+*/
+autoreply define ip6nd_proxy_add_del
+{
+ u32 client_index;
+ u32 context;
+ vl_api_interface_index_t sw_if_index;
+ bool is_add;
+ vl_api_ip6_address_t ip;
+};
+
+/** \brief IPv6 ND proxy details returned after request
+ @param context - sender context, to match reply w/ request
+ @param sw_if_index - The interface the host is on
+ @param ip - The address of the host for which to proxy for
+*/
+define ip6nd_proxy_details
+{
+ u32 context;
+ vl_api_interface_index_t sw_if_index;
+ vl_api_ip6_address_t ip;
+};
+
+/** \brief IPv6 ND proxy dump request
+ @param context - sender context, to match reply w/ request
+*/
+define ip6nd_proxy_dump
+{
+ u32 client_index;
+ u32 context;
+};
+
+/** \brief Start / stop sending router solicitation
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param irt - initial retransmission time
+ @param mrt - maximum retransmission time
+ @param mrc - maximum retransmission count
+ @param mrd - maximum retransmission duration
+ @param sw_if_index - software interface index of interface
+ for sending router solicitation
+ @param stop - if non-zero then stop sending router solicitation,
+ otherwise start sending router solicitation
+*/
+autoreply define ip6nd_send_router_solicitation
+{
+ u32 client_index;
+ u32 context;
+ u32 irt;
+ u32 mrt;
+ u32 mrc;
+ u32 mrd;
+ vl_api_interface_index_t sw_if_index;
+ bool stop;
+};
+
+service {
+ rpc want_ip6_ra_events returns want_ip6_ra_events_reply
+ events ip6_ra_event;
+};
+
+/** \brief Register for ip6 router advertisement events
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param enable - 1 => register for events, 0 => cancel registration
+ @param pid - sender's pid
+*/
+autoreply define want_ip6_ra_events
+{
+ u32 client_index;
+ u32 context;
+ bool enable;
+ u32 pid;
+};
+
+/** \brief Struct representing RA prefix info
+ @param prefix - RA prefix info destination address
+ @param flags - RA prefix info flags
+ @param valid_time - RA prefix info valid time
+ @param preferred_time - RA prefix info preferred time
+*/
+typedef ip6_ra_prefix_info
+{
+ vl_api_prefix_t prefix;
+ u8 flags;
+ u32 valid_time;
+ u32 preferred_time;
+};
+
+/** \brief Tell client about a router advertisement event
+ @param client_index - opaque cookie to identify the sender
+ @param pid - client pid registered to receive notification
+ @param current_hop_limit - RA current hop limit
+ @param flags - RA flags
+ @param router_lifetime_in_sec - RA lifetime in seconds
+ @param router_addr - The router's address
+ @param neighbor_reachable_time_in_msec - RA neighbor reachable time in msec
+ @param time_in_msec_between_retransmitted_neighbor_solicitations -
+ time in msec between retransmitted neighbor solicitations
+ @param n_prefixes -
+ @param prefixes -
+*/
+define ip6_ra_event
+{
+ u32 client_index;
+ u32 pid;
+ vl_api_interface_index_t sw_if_index;
+ vl_api_ip6_address_t router_addr;
+ u8 current_hop_limit;
+ u8 flags;
+ u16 router_lifetime_in_sec;
+ u32 neighbor_reachable_time_in_msec;
+ u32 time_in_msec_between_retransmitted_neighbor_solicitations;
+ u32 n_prefixes;
+ vl_api_ip6_ra_prefix_info_t prefixes[n_prefixes];
+};
+
+
+/*
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/ip6-nd/ip6_nd.c b/src/vnet/ip6-nd/ip6_nd.c
new file mode 100644
index 00000000000..eb89eb817f6
--- /dev/null
+++ b/src/vnet/ip6-nd/ip6_nd.c
@@ -0,0 +1,482 @@
+/*
+ * ip/ip6_neighbor.c: IP6 neighbor handling
+ *
+ * Copyright (c) 2010 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <vnet/ip6-nd/ip6_nd.h>
+
+#include <vnet/ip-neighbor/ip_neighbor.h>
+#include <vnet/ip-neighbor/ip_neighbor_dp.h>
+
+#include <vnet/fib/ip6_fib.h>
+#include <vnet/ip/ip6_link.h>
+#include <vnet/ip/ip6_ll_table.h>
+
+/**
+ * @file
+ * @brief IPv6 Neighbor Adjacency and Neighbor Discovery.
+ *
+ * The files contains the API and CLI code for managing IPv6 neighbor
+ * adjacency tables and neighbor discovery logic.
+ */
+
+#define DEF_MAX_RADV_INTERVAL 200
+#define DEF_MIN_RADV_INTERVAL .75 * DEF_MAX_RADV_INTERVAL
+
+typedef struct ip6_nd_t_
+{
+ /* local information */
+ u32 sw_if_index;
+
+ /* stats */
+ u32 n_solicitations_rcvd;
+ u32 n_solicitations_dropped;
+} ip6_nd_t;
+
+static ip6_link_delegate_id_t ip6_nd_delegate_id;
+static ip6_nd_t *ip6_nd_pool;
+
+
+typedef enum
+{
+ ICMP6_NEIGHBOR_SOLICITATION_NEXT_DROP,
+ ICMP6_NEIGHBOR_SOLICITATION_NEXT_REPLY,
+ ICMP6_NEIGHBOR_SOLICITATION_N_NEXT,
+} icmp6_neighbor_solicitation_or_advertisement_next_t;
+
+static_always_inline uword
+icmp6_neighbor_solicitation_or_advertisement (vlib_main_t * vm,
+ vlib_node_runtime_t * node,
+ vlib_frame_t * frame,
+ uword is_solicitation)
+{
+ vnet_main_t *vnm = vnet_get_main ();
+ ip6_main_t *im = &ip6_main;
+ uword n_packets = frame->n_vectors;
+ u32 *from, *to_next;
+ u32 n_left_from, n_left_to_next, next_index, n_advertisements_sent;
+ icmp6_neighbor_discovery_option_type_t option_type;
+ vlib_node_runtime_t *error_node =
+ vlib_node_get_runtime (vm, ip6_icmp_input_node.index);
+ int bogus_length;
+
+ from = vlib_frame_vector_args (frame);
+ n_left_from = n_packets;
+ next_index = node->cached_next_index;
+
+ if (node->flags & VLIB_NODE_FLAG_TRACE)
+ vlib_trace_frame_buffers_only (vm, node, from, frame->n_vectors,
+ /* stride */ 1,
+ sizeof (icmp6_input_trace_t));
+
+ option_type =
+ (is_solicitation
+ ? ICMP6_NEIGHBOR_DISCOVERY_OPTION_source_link_layer_address
+ : ICMP6_NEIGHBOR_DISCOVERY_OPTION_target_link_layer_address);
+ n_advertisements_sent = 0;
+
+ while (n_left_from > 0)
+ {
+ vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
+
+ while (n_left_from > 0 && n_left_to_next > 0)
+ {
+ vlib_buffer_t *p0;
+ ip6_header_t *ip0;
+ icmp6_neighbor_solicitation_or_advertisement_header_t *h0;
+ icmp6_neighbor_discovery_ethernet_link_layer_address_option_t *o0;
+ u32 bi0, options_len0, sw_if_index0, next0, error0;
+ u32 ip6_sadd_link_local, ip6_sadd_unspecified;
+ int is_rewrite0;
+ u32 ni0;
+
+ bi0 = to_next[0] = from[0];
+
+ from += 1;
+ to_next += 1;
+ n_left_from -= 1;
+ n_left_to_next -= 1;
+
+ p0 = vlib_get_buffer (vm, bi0);
+ ip0 = vlib_buffer_get_current (p0);
+ h0 = ip6_next_header (ip0);
+ options_len0 =
+ clib_net_to_host_u16 (ip0->payload_length) - sizeof (h0[0]);
+
+ error0 = ICMP6_ERROR_NONE;
+ sw_if_index0 = vnet_buffer (p0)->sw_if_index[VLIB_RX];
+ ip6_sadd_link_local =
+ ip6_address_is_link_local_unicast (&ip0->src_address);
+ ip6_sadd_unspecified =
+ ip6_address_is_unspecified (&ip0->src_address);
+
+ /* Check that source address is unspecified, link-local or else on-link. */
+ if (!ip6_sadd_unspecified && !ip6_sadd_link_local)
+ {
+ u32 src_adj_index0 = ip6_src_lookup_for_packet (im, p0, ip0);
+
+ if (ADJ_INDEX_INVALID != src_adj_index0)
+ {
+ ip_adjacency_t *adj0 = adj_get (src_adj_index0);
+
+ /* Allow all realistic-looking rewrite adjacencies to pass */
+ ni0 = adj0->lookup_next_index;
+ is_rewrite0 = (ni0 >= IP_LOOKUP_NEXT_ARP) &&
+ (ni0 < IP6_LOOKUP_N_NEXT);
+
+ error0 = ((adj0->rewrite_header.sw_if_index != sw_if_index0
+ || !is_rewrite0)
+ ?
+ ICMP6_ERROR_NEIGHBOR_SOLICITATION_SOURCE_NOT_ON_LINK
+ : error0);
+ }
+ else
+ {
+ error0 =
+ ICMP6_ERROR_NEIGHBOR_SOLICITATION_SOURCE_NOT_ON_LINK;
+ }
+ }
+
+ o0 = (void *) (h0 + 1);
+ o0 = ((options_len0 == 8 && o0->header.type == option_type
+ && o0->header.n_data_u64s == 1) ? o0 : 0);
+
+ /* If src address unspecified or link local, donot learn neighbor MAC */
+ if (PREDICT_TRUE (error0 == ICMP6_ERROR_NONE && o0 != 0 &&
+ !ip6_sadd_unspecified))
+ {
+ ip_neighbor_learn_t learn = {
+ .sw_if_index = sw_if_index0,
+ .type = IP46_TYPE_IP6,
+ .ip.ip6 = (is_solicitation ?
+ ip0->src_address : h0->target_address),
+ };
+ memcpy (&learn.mac, o0->ethernet_address, sizeof (learn.mac));
+ ip_neighbor_learn_dp (&learn);
+ }
+
+ if (is_solicitation && error0 == ICMP6_ERROR_NONE)
+ {
+ /* Check that target address is local to this router. */
+ fib_node_index_t fei;
+ u32 fib_index;
+
+ fib_index =
+ ip6_fib_table_get_index_for_sw_if_index (sw_if_index0);
+
+ if (~0 == fib_index)
+ {
+ error0 = ICMP6_ERROR_NEIGHBOR_SOLICITATION_SOURCE_UNKNOWN;
+ }
+ else
+ {
+ if (ip6_address_is_link_local_unicast (&h0->target_address))
+ {
+ fei = ip6_fib_table_lookup_exact_match
+ (ip6_ll_fib_get (sw_if_index0),
+ &h0->target_address, 128);
+ }
+ else
+ {
+ fei = ip6_fib_table_lookup_exact_match (fib_index,
+ &h0->target_address,
+ 128);
+ }
+
+ if (FIB_NODE_INDEX_INVALID == fei)
+ {
+ /* The target address is not in the FIB */
+ error0 =
+ ICMP6_ERROR_NEIGHBOR_SOLICITATION_SOURCE_UNKNOWN;
+ }
+ else
+ {
+ if (FIB_ENTRY_FLAG_LOCAL &
+ fib_entry_get_flags_for_source (fei,
+ FIB_SOURCE_INTERFACE))
+ {
+ /* It's an address that belongs to one of our interfaces
+ * that's good. */
+ }
+ else
+ if (fib_entry_is_sourced
+ (fei, FIB_SOURCE_IP6_ND_PROXY) ||
+ fib_entry_is_sourced (fei, FIB_SOURCE_IP6_ND))
+ {
+ /* The address was added by IPv6 Proxy ND config.
+ * We should only respond to these if the NS arrived on
+ * the link that has a matching covering prefix */
+ }
+ else
+ {
+ error0 =
+ ICMP6_ERROR_NEIGHBOR_SOLICITATION_SOURCE_UNKNOWN;
+ }
+ }
+ }
+ }
+
+ if (is_solicitation)
+ next0 = (error0 != ICMP6_ERROR_NONE
+ ? ICMP6_NEIGHBOR_SOLICITATION_NEXT_DROP
+ : ICMP6_NEIGHBOR_SOLICITATION_NEXT_REPLY);
+ else
+ {
+ next0 = 0;
+ error0 = error0 == ICMP6_ERROR_NONE ?
+ ICMP6_ERROR_NEIGHBOR_ADVERTISEMENTS_RX : error0;
+ }
+
+ if (is_solicitation && error0 == ICMP6_ERROR_NONE)
+ {
+ vnet_sw_interface_t *sw_if0;
+ ethernet_interface_t *eth_if0;
+ ethernet_header_t *eth0;
+
+ /* dst address is either source address or the all-nodes mcast addr */
+ if (!ip6_sadd_unspecified)
+ ip0->dst_address = ip0->src_address;
+ else
+ ip6_set_reserved_multicast_address (&ip0->dst_address,
+ IP6_MULTICAST_SCOPE_link_local,
+ IP6_MULTICAST_GROUP_ID_all_hosts);
+
+ ip0->src_address = h0->target_address;
+ ip0->hop_limit = 255;
+ h0->icmp.type = ICMP6_neighbor_advertisement;
+
+ sw_if0 = vnet_get_sup_sw_interface (vnm, sw_if_index0);
+ ASSERT (sw_if0->type == VNET_SW_INTERFACE_TYPE_HARDWARE);
+ eth_if0 =
+ ethernet_get_interface (&ethernet_main, sw_if0->hw_if_index);
+ if (eth_if0 && o0)
+ {
+ clib_memcpy (o0->ethernet_address, eth_if0->address, 6);
+ o0->header.type =
+ ICMP6_NEIGHBOR_DISCOVERY_OPTION_target_link_layer_address;
+ }
+
+ h0->advertisement_flags = clib_host_to_net_u32
+ (ICMP6_NEIGHBOR_ADVERTISEMENT_FLAG_SOLICITED
+ | ICMP6_NEIGHBOR_ADVERTISEMENT_FLAG_OVERRIDE);
+
+ h0->icmp.checksum = 0;
+ h0->icmp.checksum =
+ ip6_tcp_udp_icmp_compute_checksum (vm, p0, ip0,
+ &bogus_length);
+ ASSERT (bogus_length == 0);
+
+ /* Reuse current MAC header, copy SMAC to DMAC and
+ * interface MAC to SMAC */
+ vlib_buffer_advance (p0, -ethernet_buffer_header_size (p0));
+ eth0 = vlib_buffer_get_current (p0);
+ clib_memcpy (eth0->dst_address, eth0->src_address, 6);
+ if (eth_if0)
+ clib_memcpy (eth0->src_address, eth_if0->address, 6);
+
+ /* Setup input and output sw_if_index for packet */
+ ASSERT (vnet_buffer (p0)->sw_if_index[VLIB_RX] == sw_if_index0);
+ vnet_buffer (p0)->sw_if_index[VLIB_TX] = sw_if_index0;
+ vnet_buffer (p0)->sw_if_index[VLIB_RX] =
+ vnet_main.local_interface_sw_if_index;
+
+ n_advertisements_sent++;
+ }
+
+ p0->error = error_node->errors[error0];
+
+ vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
+ to_next, n_left_to_next,
+ bi0, next0);
+ }
+
+ vlib_put_next_frame (vm, node, next_index, n_left_to_next);
+ }
+
+ /* Account for advertisements sent. */
+ vlib_error_count (vm, error_node->node_index,
+ ICMP6_ERROR_NEIGHBOR_ADVERTISEMENTS_TX,
+ n_advertisements_sent);
+
+ return frame->n_vectors;
+}
+
+static const ethernet_interface_t *
+ip6_nd_get_eth_itf (u32 sw_if_index)
+{
+ const vnet_sw_interface_t *sw;
+
+ /* lookup radv container - ethernet interfaces only */
+ sw = vnet_get_sup_sw_interface (vnet_get_main (), sw_if_index);
+ if (sw->type == VNET_SW_INTERFACE_TYPE_HARDWARE)
+ return (ethernet_get_interface (&ethernet_main, sw->hw_if_index));
+
+ return (NULL);
+}
+
+/**
+ * @brief called when IP6 is enabled on a link.
+ * create and initialize router advertisement parameters with default
+ * values for this intfc
+ */
+static void
+ip6_nd_link_enable (u32 sw_if_index)
+{
+ const ethernet_interface_t *eth;
+ ip6_nd_t *ind;
+
+ eth = ip6_nd_get_eth_itf (sw_if_index);
+
+ if (NULL == eth)
+ return;
+
+ ASSERT (INDEX_INVALID == ip6_link_delegate_get (sw_if_index,
+ ip6_nd_delegate_id));
+
+ pool_get_zero (ip6_nd_pool, ind);
+
+ ind->sw_if_index = sw_if_index;
+
+ ip6_link_delegate_update (sw_if_index, ip6_nd_delegate_id,
+ ind - ip6_nd_pool);
+}
+
+static void
+ip6_nd_delegate_disable (index_t indi)
+{
+ ip6_nd_t *ind;
+
+ ind = pool_elt_at_index (ip6_nd_pool, indi);
+
+ pool_put (ip6_nd_pool, ind);
+}
+
+static uword
+icmp6_neighbor_solicitation (vlib_main_t * vm,
+ vlib_node_runtime_t * node, vlib_frame_t * frame)
+{
+ return icmp6_neighbor_solicitation_or_advertisement (vm, node, frame,
+ /* is_solicitation */
+ 1);
+}
+
+static uword
+icmp6_neighbor_advertisement (vlib_main_t * vm,
+ vlib_node_runtime_t * node,
+ vlib_frame_t * frame)
+{
+ return icmp6_neighbor_solicitation_or_advertisement (vm, node, frame,
+ /* is_solicitation */
+ 0);
+}
+
+/* *INDENT-OFF* */
+VLIB_REGISTER_NODE (ip6_icmp_neighbor_solicitation_node,static) =
+{
+ .function = icmp6_neighbor_solicitation,
+ .name = "icmp6-neighbor-solicitation",
+
+ .vector_size = sizeof (u32),
+
+ .format_trace = format_icmp6_input_trace,
+
+ .n_next_nodes = ICMP6_NEIGHBOR_SOLICITATION_N_NEXT,
+ .next_nodes = {
+ [ICMP6_NEIGHBOR_SOLICITATION_NEXT_DROP] = "ip6-drop",
+ [ICMP6_NEIGHBOR_SOLICITATION_NEXT_REPLY] = "interface-output",
+ },
+};
+
+VLIB_REGISTER_NODE (ip6_icmp_neighbor_advertisement_node,static) =
+{
+ .function = icmp6_neighbor_advertisement,
+ .name = "icmp6-neighbor-advertisement",
+
+ .vector_size = sizeof (u32),
+
+ .format_trace = format_icmp6_input_trace,
+
+ .n_next_nodes = 1,
+ .next_nodes = {
+ [0] = "ip6-drop",
+ },
+};
+/* *INDENT-ON* */
+
+static u8 *
+format_ip6_nd (u8 * s, va_list * args)
+{
+ CLIB_UNUSED (index_t indi) = va_arg (*args, index_t);
+ u32 indent = va_arg (*args, u32);
+
+ s = format (s, "%UNeighbor Discovery: enabled\n",
+ format_white_space, indent);
+
+ s = format (s, "%UICMP redirects are disabled\n",
+ format_white_space, indent + 2);
+ s = format (s, "%UICMP unreachables are not sent\n",
+ format_white_space, indent + 2);
+ s = format (s, "%UND DAD is disabled\n", format_white_space, indent + 2);
+ //s = format (s, "%UND reachable time is %d milliseconds\n",);
+
+ return (s);
+}
+
+/**
+ * VFT to act as an implementation of a neighbour protocol
+ */
+const static ip_neighbor_vft_t ip6_nd_impl_vft = {
+ .inv_proxy6_add = ip6_nd_proxy_add,
+ .inv_proxy6_del = ip6_nd_proxy_del,
+};
+
+/**
+ * VFT for registering as a delegate to an IP6 link
+ */
+const static ip6_link_delegate_vft_t ip6_nd_delegate_vft = {
+ .ildv_disable = ip6_nd_delegate_disable,
+ .ildv_enable = ip6_nd_link_enable,
+ .ildv_format = format_ip6_nd,
+};
+
+static clib_error_t *
+ip6_nd_init (vlib_main_t * vm)
+{
+ icmp6_register_type (vm, ICMP6_neighbor_solicitation,
+ ip6_icmp_neighbor_solicitation_node.index);
+ icmp6_register_type (vm, ICMP6_neighbor_advertisement,
+ ip6_icmp_neighbor_advertisement_node.index);
+
+ ip_neighbor_register (IP46_TYPE_IP6, &ip6_nd_impl_vft);
+
+ ip6_nd_delegate_id = ip6_link_delegate_register (&ip6_nd_delegate_vft);
+
+ return 0;
+}
+
+/* *INDENT-OFF* */
+VLIB_INIT_FUNCTION (ip6_nd_init) =
+{
+ .runs_after = VLIB_INITS("icmp6_init"),
+};
+/* *INDENT-ON* */
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/ip6-nd/ip6_nd.h b/src/vnet/ip6-nd/ip6_nd.h
new file mode 100644
index 00000000000..4dab7440b4a
--- /dev/null
+++ b/src/vnet/ip6-nd/ip6_nd.h
@@ -0,0 +1,35 @@
+/*
+ *
+ * ip6_neighboor.h: ip6 neighbor structures
+ *
+ * Copyright (c) 2016 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __IP6_ND_H__
+#define __IP6_ND_H__
+
+#include <vnet/ip/ip6_packet.h>
+
+extern int ip6_nd_proxy_add (u32 sw_if_index, const ip6_address_t * addr);
+extern int ip6_nd_proxy_del (u32 sw_if_index, const ip6_address_t * addr);
+
+#endif /* included_ip6_neighbor_h */
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/ip6-nd/ip6_nd_api.c b/src/vnet/ip6-nd/ip6_nd_api.c
new file mode 100644
index 00000000000..65b3ee381b3
--- /dev/null
+++ b/src/vnet/ip6-nd/ip6_nd_api.c
@@ -0,0 +1,382 @@
+/*
+ *------------------------------------------------------------------
+ * ip_api.c - vnet ip api
+ *
+ * Copyright (c) 2016 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *------------------------------------------------------------------
+ */
+
+#include <stddef.h>
+
+#include <vnet/ip6-nd/ip6_nd.h>
+#include <vnet/ip6-nd/ip6_ra.h>
+
+#include <vnet/fib/fib_table.h>
+#include <vnet/ip/ip_types_api.h>
+
+#include <vpp/app/version.h>
+
+#include <vlibapi/api.h>
+#include <vlibmemory/api.h>
+
+/* define message IDs */
+#include <vnet/format_fns.h>
+#include <vnet/ip6-nd/ip6_nd.api_enum.h>
+#include <vnet/ip6-nd/ip6_nd.api_types.h>
+
+/**
+ * Base message ID fot the plugin
+ */
+static u32 ip6_nd_base_msg_id;
+#define REPLY_MSG_ID_BASE ip6_nd_base_msg_id
+
+#include <vlibapi/api_helper_macros.h>
+
+static void
+send_ip6nd_proxy_details (vl_api_registration_t * reg,
+ u32 context,
+ const ip46_address_t * addr, u32 sw_if_index)
+{
+ vl_api_ip6nd_proxy_details_t *mp;
+
+ mp = vl_msg_api_alloc (sizeof (*mp));
+ clib_memset (mp, 0, sizeof (*mp));
+ mp->_vl_msg_id = ntohs (VL_API_IP6ND_PROXY_DETAILS);
+ mp->context = context;
+ mp->sw_if_index = htonl (sw_if_index);
+
+ ip6_address_encode (&addr->ip6, mp->ip);
+
+ vl_api_send_msg (reg, (u8 *) mp);
+}
+
+typedef struct api_ip6nd_proxy_fib_table_walk_ctx_t_
+{
+ u32 *indices;
+} api_ip6nd_proxy_fib_table_walk_ctx_t;
+
+static fib_table_walk_rc_t
+api_ip6nd_proxy_fib_table_walk (fib_node_index_t fei, void *arg)
+{
+ api_ip6nd_proxy_fib_table_walk_ctx_t *ctx = arg;
+
+ if (fib_entry_is_sourced (fei, FIB_SOURCE_IP6_ND_PROXY))
+ {
+ vec_add1 (ctx->indices, fei);
+ }
+
+ return (FIB_TABLE_WALK_CONTINUE);
+}
+
+static void
+vl_api_ip6nd_proxy_dump_t_handler (vl_api_ip6nd_proxy_dump_t * mp)
+{
+ ip6_main_t *im6 = &ip6_main;
+ fib_table_t *fib_table;
+ api_ip6nd_proxy_fib_table_walk_ctx_t ctx = {
+ .indices = NULL,
+ };
+ fib_node_index_t *feip;
+ const fib_prefix_t *pfx;
+ vl_api_registration_t *reg;
+
+ reg = vl_api_client_index_to_registration (mp->client_index);
+ if (!reg)
+ return;
+
+ /* *INDENT-OFF* */
+ pool_foreach (fib_table, im6->fibs,
+ ({
+ fib_table_walk(fib_table->ft_index,
+ FIB_PROTOCOL_IP6,
+ api_ip6nd_proxy_fib_table_walk,
+ &ctx);
+ }));
+ /* *INDENT-ON* */
+
+ vec_sort_with_function (ctx.indices, fib_entry_cmp_for_sort);
+
+ vec_foreach (feip, ctx.indices)
+ {
+ pfx = fib_entry_get_prefix (*feip);
+
+ send_ip6nd_proxy_details (reg,
+ mp->context,
+ &pfx->fp_addr,
+ fib_entry_get_resolving_interface (*feip));
+ }
+
+ vec_free (ctx.indices);
+}
+
+static void
+vl_api_ip6nd_proxy_add_del_t_handler (vl_api_ip6nd_proxy_add_del_t * mp)
+{
+ vl_api_ip6nd_proxy_add_del_reply_t *rmp;
+ ip6_address_t ip6;
+ int rv = 0;
+
+ VALIDATE_SW_IF_INDEX (mp);
+
+ ip6_address_decode (mp->ip, &ip6);
+ if (mp->is_add)
+ rv = ip6_nd_proxy_add (ntohl (mp->sw_if_index), &ip6);
+ else
+ rv = ip6_nd_proxy_del (ntohl (mp->sw_if_index), &ip6);
+
+ BAD_SW_IF_INDEX_LABEL;
+ REPLY_MACRO (VL_API_IP6ND_PROXY_ADD_DEL_REPLY);
+}
+
+static void
+ vl_api_sw_interface_ip6nd_ra_config_t_handler
+ (vl_api_sw_interface_ip6nd_ra_config_t * mp)
+{
+ vl_api_sw_interface_ip6nd_ra_config_reply_t *rmp;
+ vlib_main_t *vm = vlib_get_main ();
+ int rv = 0;
+ u8 is_no, suppress, managed, other, ll_option, send_unicast, cease,
+ default_router;
+
+ is_no = mp->is_no == 1;
+ suppress = mp->suppress == 1;
+ managed = mp->managed == 1;
+ other = mp->other == 1;
+ ll_option = mp->ll_option == 1;
+ send_unicast = mp->send_unicast == 1;
+ cease = mp->cease == 1;
+ default_router = mp->default_router == 1;
+
+ VALIDATE_SW_IF_INDEX (mp);
+
+ rv = ip6_ra_config (vm, ntohl (mp->sw_if_index),
+ suppress, managed, other,
+ ll_option, send_unicast, cease,
+ default_router, ntohl (mp->lifetime),
+ ntohl (mp->initial_count),
+ ntohl (mp->initial_interval),
+ ntohl (mp->max_interval),
+ ntohl (mp->min_interval), is_no);
+
+ BAD_SW_IF_INDEX_LABEL;
+
+ REPLY_MACRO (VL_API_SW_INTERFACE_IP6ND_RA_CONFIG_REPLY);
+}
+
+static void
+ vl_api_sw_interface_ip6nd_ra_prefix_t_handler
+ (vl_api_sw_interface_ip6nd_ra_prefix_t * mp)
+{
+ vlib_main_t *vm = vlib_get_main ();
+ vl_api_sw_interface_ip6nd_ra_prefix_reply_t *rmp;
+ fib_prefix_t pfx;
+ int rv = 0;
+ u8 is_no, use_default, no_advertise, off_link, no_autoconfig, no_onlink;
+
+ VALIDATE_SW_IF_INDEX (mp);
+
+ ip_prefix_decode (&mp->prefix, &pfx);
+ is_no = mp->is_no == 1;
+ use_default = mp->use_default == 1;
+ no_advertise = mp->no_advertise == 1;
+ off_link = mp->off_link == 1;
+ no_autoconfig = mp->no_autoconfig == 1;
+ no_onlink = mp->no_onlink == 1;
+
+ rv = ip6_ra_prefix (vm, ntohl (mp->sw_if_index),
+ &pfx.fp_addr.ip6,
+ pfx.fp_len, use_default,
+ ntohl (mp->val_lifetime),
+ ntohl (mp->pref_lifetime), no_advertise,
+ off_link, no_autoconfig, no_onlink, is_no);
+
+ BAD_SW_IF_INDEX_LABEL;
+ REPLY_MACRO (VL_API_SW_INTERFACE_IP6ND_RA_PREFIX_REPLY);
+}
+
+static void
+ vl_api_ip6nd_send_router_solicitation_t_handler
+ (vl_api_ip6nd_send_router_solicitation_t * mp)
+{
+ vl_api_ip6nd_send_router_solicitation_reply_t *rmp;
+ icmp6_send_router_solicitation_params_t params;
+ vlib_main_t *vm = vlib_get_main ();
+ int rv = 0;
+
+ VALIDATE_SW_IF_INDEX (mp);
+
+ BAD_SW_IF_INDEX_LABEL;
+ REPLY_MACRO (VL_API_IP6ND_SEND_ROUTER_SOLICITATION_REPLY);
+
+ if (rv != 0)
+ return;
+
+ params.irt = ntohl (mp->irt);
+ params.mrt = ntohl (mp->mrt);
+ params.mrc = ntohl (mp->mrc);
+ params.mrd = ntohl (mp->mrd);
+
+ icmp6_send_router_solicitation (vm, ntohl (mp->sw_if_index), mp->stop,
+ &params);
+}
+
+static void
+ip6_ra_handle_report (const ip6_ra_report_t * rap)
+{
+ /* *INDENT-OFF* */
+ vpe_client_registration_t *rp;
+
+ pool_foreach(rp, vpe_api_main.ip6_ra_events_registrations,
+ ({
+ vl_api_registration_t *vl_reg;
+
+ vl_reg = vl_api_client_index_to_registration (rp->client_index);
+
+ if (vl_reg && vl_api_can_send_msg (vl_reg))
+ {
+ vl_api_ip6_ra_prefix_info_t *prefix;
+ vl_api_ip6_ra_event_t *event;
+
+ u32 event_size = (sizeof (vl_api_ip6_ra_event_t) +
+ vec_len (rap->prefixes) *
+ sizeof (vl_api_ip6_ra_prefix_info_t));
+ event = vl_msg_api_alloc_zero (event_size);
+
+ event->_vl_msg_id = htons (VL_API_IP6_RA_EVENT + REPLY_MSG_ID_BASE);
+ event->client_index = rp->client_index;
+ event->pid = rp->client_pid;
+ event->sw_if_index = clib_host_to_net_u32 (rap->sw_if_index);
+
+ ip6_address_encode (&rap->router_address,
+ event->router_addr);
+
+ event->current_hop_limit = rap->current_hop_limit;
+ event->flags = rap->flags;
+ event->router_lifetime_in_sec =
+ clib_host_to_net_u16 (rap->router_lifetime_in_sec);
+ event->neighbor_reachable_time_in_msec =
+ clib_host_to_net_u32 (rap->neighbor_reachable_time_in_msec);
+ event->time_in_msec_between_retransmitted_neighbor_solicitations =
+ clib_host_to_net_u32 (rap->time_in_msec_between_retransmitted_neighbor_solicitations);
+ event->n_prefixes = clib_host_to_net_u32 (vec_len (rap->prefixes));
+
+ prefix = event->prefixes;
+ // (typeof (prefix)) event->prefixes;
+ u32 j;
+ for (j = 0; j < vec_len (rap->prefixes); j++)
+ {
+ ra_report_prefix_info_t *info = &rap->prefixes[j];
+ ip_prefix_encode(&info->prefix, &prefix->prefix);
+ prefix->flags = info->flags;
+ prefix->valid_time = clib_host_to_net_u32 (info->valid_time);
+ prefix->preferred_time =
+ clib_host_to_net_u32 (info->preferred_time);
+ prefix++;
+ }
+
+ vl_api_send_msg (vl_reg, (u8 *) event);
+ }
+ }));
+ /* *INDENT-ON* */
+}
+
+static void
+vl_api_want_ip6_ra_events_t_handler (vl_api_want_ip6_ra_events_t * mp)
+{
+ vpe_api_main_t *am = &vpe_api_main;
+ vl_api_want_ip6_ra_events_reply_t *rmp;
+ int rv = 0, had_reg, have_reg;
+
+ had_reg = hash_elts (am->ip6_ra_events_registration_hash);
+ uword *p = hash_get (am->ip6_ra_events_registration_hash, mp->client_index);
+ vpe_client_registration_t *rp;
+ if (p)
+ {
+ if (mp->enable)
+ {
+ clib_warning ("pid %d: already enabled...", ntohl (mp->pid));
+ rv = VNET_API_ERROR_INVALID_REGISTRATION;
+ goto reply;
+ }
+ else
+ {
+ rp = pool_elt_at_index (am->ip6_ra_events_registrations, p[0]);
+ pool_put (am->ip6_ra_events_registrations, rp);
+ hash_unset (am->ip6_ra_events_registration_hash, mp->client_index);
+ goto reply;
+ }
+ }
+ if (mp->enable == 0)
+ {
+ clib_warning ("pid %d: already disabled...", ntohl (mp->pid));
+ rv = VNET_API_ERROR_INVALID_REGISTRATION;
+ goto reply;
+ }
+ pool_get (am->ip6_ra_events_registrations, rp);
+ rp->client_index = mp->client_index;
+ rp->client_pid = ntohl (mp->pid);
+ hash_set (am->ip6_ra_events_registration_hash, rp->client_index,
+ rp - am->ip6_ra_events_registrations);
+
+reply:
+ have_reg = hash_elts (am->ip6_ra_events_registration_hash);
+
+ if (!had_reg && have_reg)
+ ip6_ra_report_register (ip6_ra_handle_report);
+ else if (had_reg && !have_reg)
+ ip6_ra_report_unregister (ip6_ra_handle_report);
+
+ REPLY_MACRO (VL_API_WANT_IP6_RA_EVENTS_REPLY);
+}
+
+static clib_error_t *
+want_ip6_ra_events_reaper (u32 client_index)
+{
+ vpe_api_main_t *am = &vpe_api_main;
+ vpe_client_registration_t *rp;
+ uword *p;
+
+ p = hash_get (am->ip6_ra_events_registration_hash, client_index);
+
+ if (p)
+ {
+ rp = pool_elt_at_index (am->ip6_ra_events_registrations, p[0]);
+ pool_put (am->ip6_ra_events_registrations, rp);
+ hash_unset (am->ip6_ra_events_registration_hash, client_index);
+ }
+ return (NULL);
+}
+
+VL_MSG_API_REAPER_FUNCTION (want_ip6_ra_events_reaper);
+
+#include <vnet/ip6-nd/ip6_nd.api.c>
+
+static clib_error_t *
+ip6_nd_api_init (vlib_main_t * vm)
+{
+ /* Ask for a correctly-sized block of API message decode slots */
+ ip6_nd_base_msg_id = setup_message_id_table ();
+
+ return 0;
+}
+
+VLIB_INIT_FUNCTION (ip6_nd_api_init);
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/ip6-nd/ip6_nd_proxy.c b/src/vnet/ip6-nd/ip6_nd_proxy.c
new file mode 100644
index 00000000000..110847fff84
--- /dev/null
+++ b/src/vnet/ip6-nd/ip6_nd_proxy.c
@@ -0,0 +1,127 @@
+/*
+ * ip/ip6_neighbor.c: IP6 neighbor handling
+ *
+ * Copyright (c) 2010 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <vnet/ip6-nd/ip6_nd.h>
+#include <vnet/ip-neighbor/ip_neighbor.h>
+
+#include <vnet/fib/ip6_fib.h>
+
+static int
+ip6_nd_proxy_add_del (u32 sw_if_index, const ip6_address_t * addr, u8 is_del)
+{
+ /* *INDENT-OFF* */
+ u32 fib_index;
+ fib_prefix_t pfx = {
+ .fp_len = 128,
+ .fp_proto = FIB_PROTOCOL_IP6,
+ .fp_addr = {
+ .ip6 = *addr,
+ },
+ };
+ ip46_address_t nh = {
+ .ip6 = *addr,
+ };
+ /* *INDENT-ON* */
+
+ fib_index = ip6_fib_table_get_index_for_sw_if_index (sw_if_index);
+
+ if (~0 == fib_index)
+ return VNET_API_ERROR_NO_SUCH_FIB;
+
+ if (is_del)
+ {
+ fib_table_entry_path_remove (fib_index,
+ &pfx,
+ FIB_SOURCE_IP6_ND_PROXY,
+ DPO_PROTO_IP6,
+ &nh,
+ sw_if_index,
+ ~0, 1, FIB_ROUTE_PATH_FLAG_NONE);
+ /* flush the ND cache of this address if it's there */
+ ip_neighbor_del (&nh, IP46_TYPE_IP6, sw_if_index);
+ }
+ else
+ {
+ fib_table_entry_path_add (fib_index,
+ &pfx,
+ FIB_SOURCE_IP6_ND_PROXY,
+ FIB_ENTRY_FLAG_NONE,
+ DPO_PROTO_IP6,
+ &nh,
+ sw_if_index,
+ ~0, 1, NULL, FIB_ROUTE_PATH_FLAG_NONE);
+ }
+ return (0);
+}
+
+int
+ip6_nd_proxy_add (u32 sw_if_index, const ip6_address_t * addr)
+{
+ return (ip6_nd_proxy_add_del (sw_if_index, addr, 0));
+}
+
+int
+ip6_nd_proxy_del (u32 sw_if_index, const ip6_address_t * addr)
+{
+ return (ip6_nd_proxy_add_del (sw_if_index, addr, 1));
+}
+
+static clib_error_t *
+set_ip6_nd_proxy_cmd (vlib_main_t * vm,
+ unformat_input_t * input, vlib_cli_command_t * cmd)
+{
+ vnet_main_t *vnm = vnet_get_main ();
+ clib_error_t *error = 0;
+ ip6_address_t addr;
+ u32 sw_if_index;
+ u8 is_del = 0;
+
+ if (unformat_user (input, unformat_vnet_sw_interface, vnm, &sw_if_index))
+ {
+ /* get the rest of the command */
+ while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
+ {
+ if (unformat (input, "%U", unformat_ip6_address, &addr))
+ break;
+ else if (unformat (input, "delete") || unformat (input, "del"))
+ is_del = 1;
+ else
+ return (unformat_parse_error (input));
+ }
+ }
+
+ ip6_nd_proxy_add_del (sw_if_index, &addr, is_del);
+
+ return error;
+}
+
+/* *INDENT-OFF* */
+VLIB_CLI_COMMAND (set_ip6_nd_proxy_command, static) =
+{
+ .path = "set ip6 nd proxy",
+ .short_help = "set ip6 nd proxy <HOST> <INTERFACE>",
+ .function = set_ip6_nd_proxy_cmd,
+};
+/* *INDENT-ON* */
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/ip6-nd/ip6_nd_test.c b/src/vnet/ip6-nd/ip6_nd_test.c
new file mode 100644
index 00000000000..5ca37029a76
--- /dev/null
+++ b/src/vnet/ip6-nd/ip6_nd_test.c
@@ -0,0 +1,330 @@
+/*
+ * Copyright (c) 2015 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <vat/vat.h>
+#include <vlibapi/api.h>
+#include <vlibmemory/api.h>
+#include <vppinfra/error.h>
+#include <vpp/api/types.h>
+
+#include <vnet/ip/ip_format_fns.h>
+#include <vnet/ethernet/ethernet_format_fns.h>
+
+/* define message IDs */
+#include <ip6-nd/ip6_nd.api_enum.h>
+#include <ip6-nd/ip6_nd.api_types.h>
+#include <vpp/api/vpe.api_types.h>
+
+typedef struct
+{
+ /* API message ID base */
+ u16 msg_id_base;
+ u32 ping_id;
+ vat_main_t *vat_main;
+} ip6_nd_test_main_t;
+
+ip6_nd_test_main_t ip6_nd_test_main;
+
+#define __plugin_msg_base ip6_nd_test_main.msg_id_base
+#include <vlibapi/vat_helper_macros.h>
+
+static int
+api_want_ip6_ra_events (vat_main_t * vam)
+{
+ return -1;
+}
+
+static int
+api_ip6nd_send_router_solicitation (vat_main_t * vam)
+{
+ return -1;
+}
+
+static int
+api_ip6nd_proxy_add_del (vat_main_t * vam)
+{
+ unformat_input_t *i = vam->input;
+ vl_api_ip6nd_proxy_add_del_t *mp;
+ u32 sw_if_index = ~0;
+ u8 v6_address_set = 0;
+ vl_api_ip6_address_t v6address;
+ u8 is_add = 1;
+ int ret;
+
+ /* Parse args required to build the message */
+ while (unformat_check_input (i) != UNFORMAT_END_OF_INPUT)
+ {
+ if (unformat (i, "%U", unformat_sw_if_index, vam, &sw_if_index))
+ ;
+ else if (unformat (i, "sw_if_index %d", &sw_if_index))
+ ;
+ else if (unformat (i, "%U", unformat_vl_api_ip6_address, &v6address))
+ v6_address_set = 1;
+ if (unformat (i, "del"))
+ is_add = 0;
+ else
+ {
+ clib_warning ("parse error '%U'", format_unformat_error, i);
+ return -99;
+ }
+ }
+
+ if (sw_if_index == ~0)
+ {
+ errmsg ("missing interface name or sw_if_index");
+ return -99;
+ }
+ if (!v6_address_set)
+ {
+ errmsg ("no address set");
+ return -99;
+ }
+
+ /* Construct the API message */
+ M (IP6ND_PROXY_ADD_DEL, mp);
+
+ mp->is_add = is_add;
+ mp->sw_if_index = ntohl (sw_if_index);
+ clib_memcpy (mp->ip, v6address, sizeof (v6address));
+
+ /* send it... */
+ S (mp);
+
+ /* Wait for a reply, return good/bad news */
+ W (ret);
+ return ret;
+}
+
+static int
+api_ip6nd_proxy_dump (vat_main_t * vam)
+{
+ vl_api_ip6nd_proxy_dump_t *mp;
+ vl_api_control_ping_t *mp_ping;
+ int ret;
+
+ M (IP6ND_PROXY_DUMP, mp);
+
+ S (mp);
+
+ /* Use a control ping for synchronization */
+ /* Use a control ping for synchronization */
+ mp_ping = vl_msg_api_alloc_as_if_client (sizeof (*mp_ping));
+ mp_ping->_vl_msg_id = htons (ip6_nd_test_main.ping_id);
+ mp_ping->client_index = vam->my_client_index;
+ vam->result_ready = 0;
+
+ S (mp_ping);
+
+ W (ret);
+ return ret;
+}
+
+static void vl_api_ip6nd_proxy_details_t_handler
+ (vl_api_ip6nd_proxy_details_t * mp)
+{
+ vat_main_t *vam = &vat_main;
+
+ print (vam->ofp, "host %U sw_if_index %d",
+ format_vl_api_ip6_address, mp->ip, ntohl (mp->sw_if_index));
+}
+
+static int
+api_sw_interface_ip6nd_ra_prefix (vat_main_t * vam)
+{
+ unformat_input_t *i = vam->input;
+ vl_api_sw_interface_ip6nd_ra_prefix_t *mp;
+ u32 sw_if_index;
+ u8 sw_if_index_set = 0;
+ u8 v6_address_set = 0;
+ vl_api_prefix_t pfx;
+ u8 use_default = 0;
+ u8 no_advertise = 0;
+ u8 off_link = 0;
+ u8 no_autoconfig = 0;
+ u8 no_onlink = 0;
+ u8 is_no = 0;
+ u32 val_lifetime = 0;
+ u32 pref_lifetime = 0;
+ int ret;
+
+ /* Parse args required to build the message */
+ while (unformat_check_input (i) != UNFORMAT_END_OF_INPUT)
+ {
+ if (unformat (i, "%U", unformat_sw_if_index, vam, &sw_if_index))
+ sw_if_index_set = 1;
+ else if (unformat (i, "sw_if_index %d", &sw_if_index))
+ sw_if_index_set = 1;
+ else if (unformat (i, "%U", unformat_vl_api_prefix, &pfx))
+ v6_address_set = 1;
+ else if (unformat (i, "val_life %d", &val_lifetime))
+ ;
+ else if (unformat (i, "pref_life %d", &pref_lifetime))
+ ;
+ else if (unformat (i, "def"))
+ use_default = 1;
+ else if (unformat (i, "noadv"))
+ no_advertise = 1;
+ else if (unformat (i, "offl"))
+ off_link = 1;
+ else if (unformat (i, "noauto"))
+ no_autoconfig = 1;
+ else if (unformat (i, "nolink"))
+ no_onlink = 1;
+ else if (unformat (i, "isno"))
+ is_no = 1;
+ else
+ {
+ clib_warning ("parse error '%U'", format_unformat_error, i);
+ return -99;
+ }
+ }
+
+ if (sw_if_index_set == 0)
+ {
+ errmsg ("missing interface name or sw_if_index");
+ return -99;
+ }
+ if (!v6_address_set)
+ {
+ errmsg ("no address set");
+ return -99;
+ }
+
+ /* Construct the API message */
+ M (SW_INTERFACE_IP6ND_RA_PREFIX, mp);
+
+ mp->sw_if_index = ntohl (sw_if_index);
+ clib_memcpy (&mp->prefix, &pfx, sizeof (pfx));
+ mp->use_default = use_default;
+ mp->no_advertise = no_advertise;
+ mp->off_link = off_link;
+ mp->no_autoconfig = no_autoconfig;
+ mp->no_onlink = no_onlink;
+ mp->is_no = is_no;
+ mp->val_lifetime = ntohl (val_lifetime);
+ mp->pref_lifetime = ntohl (pref_lifetime);
+
+ /* send it... */
+ S (mp);
+
+ /* Wait for a reply, return good/bad news */
+ W (ret);
+ return ret;
+}
+
+static int
+api_sw_interface_ip6nd_ra_config (vat_main_t * vam)
+{
+ unformat_input_t *i = vam->input;
+ vl_api_sw_interface_ip6nd_ra_config_t *mp;
+ u32 sw_if_index;
+ u8 sw_if_index_set = 0;
+ u8 suppress = 0;
+ u8 managed = 0;
+ u8 other = 0;
+ u8 ll_option = 0;
+ u8 send_unicast = 0;
+ u8 cease = 0;
+ u8 is_no = 0;
+ u8 default_router = 0;
+ u32 max_interval = 0;
+ u32 min_interval = 0;
+ u32 lifetime = 0;
+ u32 initial_count = 0;
+ u32 initial_interval = 0;
+ int ret;
+
+
+ /* Parse args required to build the message */
+ while (unformat_check_input (i) != UNFORMAT_END_OF_INPUT)
+ {
+ if (unformat (i, "%U", unformat_sw_if_index, vam, &sw_if_index))
+ sw_if_index_set = 1;
+ else if (unformat (i, "sw_if_index %d", &sw_if_index))
+ sw_if_index_set = 1;
+ else if (unformat (i, "maxint %d", &max_interval))
+ ;
+ else if (unformat (i, "minint %d", &min_interval))
+ ;
+ else if (unformat (i, "life %d", &lifetime))
+ ;
+ else if (unformat (i, "count %d", &initial_count))
+ ;
+ else if (unformat (i, "interval %d", &initial_interval))
+ ;
+ else if (unformat (i, "suppress") || unformat (i, "surpress"))
+ suppress = 1;
+ else if (unformat (i, "managed"))
+ managed = 1;
+ else if (unformat (i, "other"))
+ other = 1;
+ else if (unformat (i, "ll"))
+ ll_option = 1;
+ else if (unformat (i, "send"))
+ send_unicast = 1;
+ else if (unformat (i, "cease"))
+ cease = 1;
+ else if (unformat (i, "isno"))
+ is_no = 1;
+ else if (unformat (i, "def"))
+ default_router = 1;
+ else
+ {
+ clib_warning ("parse error '%U'", format_unformat_error, i);
+ return -99;
+ }
+ }
+
+ if (sw_if_index_set == 0)
+ {
+ errmsg ("missing interface name or sw_if_index");
+ return -99;
+ }
+
+ /* Construct the API message */
+ M (SW_INTERFACE_IP6ND_RA_CONFIG, mp);
+
+ mp->sw_if_index = ntohl (sw_if_index);
+ mp->max_interval = ntohl (max_interval);
+ mp->min_interval = ntohl (min_interval);
+ mp->lifetime = ntohl (lifetime);
+ mp->initial_count = ntohl (initial_count);
+ mp->initial_interval = ntohl (initial_interval);
+ mp->suppress = suppress;
+ mp->managed = managed;
+ mp->other = other;
+ mp->ll_option = ll_option;
+ mp->send_unicast = send_unicast;
+ mp->cease = cease;
+ mp->is_no = is_no;
+ mp->default_router = default_router;
+
+ /* send it... */
+ S (mp);
+
+ /* Wait for a reply, return good/bad news */
+ W (ret);
+ return ret;
+}
+
+#include <ip6-nd/ip6_nd.api_test.c>
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/ip6-nd/ip6_ra.c b/src/vnet/ip6-nd/ip6_ra.c
new file mode 100644
index 00000000000..ebc2c4be417
--- /dev/null
+++ b/src/vnet/ip6-nd/ip6_ra.c
@@ -0,0 +1,2261 @@
+/*
+ * ip/ip6_neighbor.c: IP6 neighbor handling
+ *
+ * Copyright (c) 2010 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <vnet/ip6-nd/ip6_ra.h>
+
+#include <vnet/ip/ip.h>
+#include <vnet/ip-neighbor/ip_neighbor_dp.h>
+
+#include <vnet/fib/ip6_fib.h>
+#include <vnet/ip/ip6_link.h>
+
+/**
+ * @file
+ * @brief IPv6 Router Advertisements.
+ *
+ * The files contains the API and CLI code for managing IPv6 RAs
+ */
+
+/* *INDENT-OFF* */
+/* Router solicitation packet format for ethernet. */
+typedef CLIB_PACKED (struct
+{
+ ip6_header_t ip;
+ icmp6_neighbor_discovery_header_t neighbor;
+ icmp6_neighbor_discovery_ethernet_link_layer_address_option_t
+ link_layer_option;
+}) icmp6_router_solicitation_header_t;
+
+/* router advertisement packet format for ethernet. */
+typedef CLIB_PACKED (struct
+{
+ ip6_header_t ip;
+ icmp6_router_advertisement_header_t router;
+ icmp6_neighbor_discovery_ethernet_link_layer_address_option_t
+ link_layer_option;
+ icmp6_neighbor_discovery_mtu_option_t mtu_option;
+ icmp6_neighbor_discovery_prefix_information_option_t
+ prefix[0];
+}) icmp6_router_advertisement_packet_t;
+/* *INDENT-ON* */
+
+#define DEF_MAX_RADV_INTERVAL 200
+#define DEF_MIN_RADV_INTERVAL .75 * DEF_MAX_RADV_INTERVAL
+#define DEF_CURR_HOP_LIMIT 64
+#define DEF_DEF_RTR_LIFETIME 3 * DEF_MAX_RADV_INTERVAL
+#define MAX_DEF_RTR_LIFETIME 9000
+
+#define MAX_INITIAL_RTR_ADVERT_INTERVAL 16 /* seconds */
+#define MAX_INITIAL_RTR_ADVERTISEMENTS 3 /*transmissions */
+#define MIN_DELAY_BETWEEN_RAS 3 /* seconds */
+#define MAX_DELAY_BETWEEN_RAS 1800 /* seconds */
+#define MAX_RA_DELAY_TIME .5 /* seconds */
+
+/* advertised prefix option */
+typedef struct
+{
+ /* basic advertised information */
+ ip6_address_t prefix;
+ u8 prefix_len;
+ int adv_on_link_flag;
+ int adv_autonomous_flag;
+ u32 adv_valid_lifetime_in_secs;
+ u32 adv_pref_lifetime_in_secs;
+
+ /* advertised values are computed from these times if decrementing */
+ f64 valid_lifetime_expires;
+ f64 pref_lifetime_expires;
+
+ /* local information */
+ int enabled;
+ int deprecated_prefix_flag;
+ int decrement_lifetime_flag;
+
+#define MIN_ADV_VALID_LIFETIME 7203 /* seconds */
+#define DEF_ADV_VALID_LIFETIME 2592000
+#define DEF_ADV_PREF_LIFETIME 604800
+
+ /* extensions are added here, mobile, DNS etc.. */
+} ip6_radv_prefix_t;
+
+typedef struct ip6_ra_t_
+{
+ /* advertised config information, zero means unspecified */
+ u8 curr_hop_limit;
+ int adv_managed_flag;
+ int adv_other_flag;
+ u16 adv_router_lifetime_in_sec;
+ u32 adv_neighbor_reachable_time_in_msec;
+ u32 adv_time_in_msec_between_retransmitted_neighbor_solicitations;
+
+ /* mtu option */
+ u32 adv_link_mtu;
+
+ /* local information */
+ u32 sw_if_index;
+ int send_radv; /* radv on/off on this interface - set by config */
+ int cease_radv; /* we are ceasing to send - set byf config */
+ int send_unicast;
+ int adv_link_layer_address;
+ int prefix_option;
+ int failed_device_check;
+ int ref_count;
+
+ /* prefix option */
+ ip6_radv_prefix_t *adv_prefixes_pool;
+
+ /* Hash table mapping address to index in interface advertised prefix pool. */
+ mhash_t address_to_prefix_index;
+
+ f64 max_radv_interval;
+ f64 min_radv_interval;
+ f64 min_delay_between_radv;
+ f64 max_delay_between_radv;
+ f64 max_rtr_default_lifetime;
+
+ f64 last_radv_time;
+ f64 last_multicast_time;
+ f64 next_multicast_time;
+
+
+ u32 initial_adverts_count;
+ f64 initial_adverts_interval;
+ u32 initial_adverts_sent;
+
+ /* stats */
+ u32 n_advertisements_sent;
+ u32 n_solicitations_rcvd;
+ u32 n_solicitations_dropped;
+
+ /* router solicitations sending state */
+ u8 keep_sending_rs; /* when true then next fields are valid */
+ icmp6_send_router_solicitation_params_t params;
+ f64 sleep_interval;
+ f64 due_time;
+ u32 n_left;
+ f64 start_time;
+ vlib_buffer_t *buffer;
+
+ u32 seed;
+
+} ip6_ra_t;
+
+static ip6_link_delegate_id_t ip6_ra_delegate_id;
+static ip6_ra_t *ip6_ra_pool;
+
+
+/* vector of registered RA report listeners */
+static ip6_ra_report_notify_t *ip6_ra_listeners;
+
+static int ip6_ra_publish (ip6_ra_report_t * r);
+
+void
+ip6_ra_report_register (ip6_ra_report_notify_t fn)
+{
+ ip6_ra_report_notify_t *listener;
+ vec_foreach (listener, ip6_ra_listeners)
+ {
+ if (*listener == fn)
+ return;
+ }
+
+ vec_add1 (ip6_ra_listeners, fn);
+}
+
+void
+ip6_ra_report_unregister (ip6_ra_report_notify_t fn)
+{
+ u32 ii;
+
+ vec_foreach_index (ii, ip6_ra_listeners)
+ {
+ if (ip6_ra_listeners[ii] == fn)
+ {
+ vec_del1 (ip6_ra_listeners, ii);
+ break;
+ }
+ }
+}
+
+static inline ip6_ra_t *
+ip6_ra_get_itf (u32 sw_if_index)
+{
+ index_t rai;
+
+ rai = ip6_link_delegate_get (sw_if_index, ip6_ra_delegate_id);
+
+ if (INDEX_INVALID != rai)
+ return (pool_elt_at_index (ip6_ra_pool, rai));
+
+ return (NULL);
+}
+
+/* for "syslogging" - use elog for now */
+#define foreach_log_level \
+ _ (DEBUG, "DEBUG") \
+ _ (INFO, "INFORMATION") \
+ _ (NOTICE, "NOTICE") \
+ _ (WARNING, "WARNING") \
+ _ (ERR, "ERROR") \
+ _ (CRIT, "CRITICAL") \
+ _ (ALERT, "ALERT") \
+ _ (EMERG, "EMERGENCY")
+
+typedef enum
+{
+#define _(f,s) LOG_##f,
+ foreach_log_level
+#undef _
+} log_level_t;
+
+static char *log_level_strings[] = {
+#define _(f,s) s,
+ foreach_log_level
+#undef _
+};
+
+static int logmask = 1 << LOG_DEBUG;
+
+static void
+ip6_neighbor_syslog (vlib_main_t * vm, int priority, char *fmt, ...)
+{
+ /* just use elog for now */
+ u8 *what;
+ va_list va;
+
+ if ((priority > LOG_EMERG) || !(logmask & (1 << priority)))
+ return;
+
+ va_start (va, fmt);
+ if (fmt)
+ {
+ what = va_format (0, fmt, &va);
+
+ ELOG_TYPE_DECLARE (e) =
+ {
+ .format = "ip6 nd: (%s): %s",.format_args = "T4T4",};
+ struct
+ {
+ u32 s[2];
+ } *ed;
+ ed = ELOG_DATA (&vm->elog_main, e);
+ ed->s[0] = elog_string (&vm->elog_main, log_level_strings[priority]);
+ ed->s[1] = elog_string (&vm->elog_main, (char *) what);
+ }
+ va_end (va);
+ return;
+}
+
+/* ipv6 neighbor discovery - router advertisements */
+typedef enum
+{
+ ICMP6_ROUTER_SOLICITATION_NEXT_DROP,
+ ICMP6_ROUTER_SOLICITATION_NEXT_REPLY_RW,
+ ICMP6_ROUTER_SOLICITATION_NEXT_REPLY_TX,
+ ICMP6_ROUTER_SOLICITATION_N_NEXT,
+} icmp6_router_solicitation_or_advertisement_next_t;
+
+static_always_inline uword
+icmp6_router_solicitation (vlib_main_t * vm,
+ vlib_node_runtime_t * node, vlib_frame_t * frame)
+{
+ vnet_main_t *vnm = vnet_get_main ();
+ ip6_main_t *im = &ip6_main;
+ uword n_packets = frame->n_vectors;
+ u32 *from, *to_next;
+ u32 n_left_from, n_left_to_next, next_index;
+ u32 n_advertisements_sent = 0;
+ int bogus_length;
+
+ icmp6_neighbor_discovery_option_type_t option_type;
+
+ vlib_node_runtime_t *error_node =
+ vlib_node_get_runtime (vm, ip6_icmp_input_node.index);
+
+ from = vlib_frame_vector_args (frame);
+ n_left_from = n_packets;
+ next_index = node->cached_next_index;
+
+ if (node->flags & VLIB_NODE_FLAG_TRACE)
+ vlib_trace_frame_buffers_only (vm, node, from, frame->n_vectors,
+ /* stride */ 1,
+ sizeof (icmp6_input_trace_t));
+
+ /* source may append his LL address */
+ option_type = ICMP6_NEIGHBOR_DISCOVERY_OPTION_source_link_layer_address;
+
+ while (n_left_from > 0)
+ {
+ vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
+
+ while (n_left_from > 0 && n_left_to_next > 0)
+ {
+ vlib_buffer_t *p0;
+ ip6_header_t *ip0;
+ ip6_ra_t *radv_info = NULL;
+
+ icmp6_neighbor_discovery_header_t *h0;
+ icmp6_neighbor_discovery_ethernet_link_layer_address_option_t *o0;
+
+ u32 bi0, options_len0, sw_if_index0, next0, error0;
+ u32 is_solicitation = 1, is_dropped = 0;
+ u32 is_unspecified, is_link_local;
+
+ bi0 = to_next[0] = from[0];
+
+ from += 1;
+ to_next += 1;
+ n_left_from -= 1;
+ n_left_to_next -= 1;
+
+ p0 = vlib_get_buffer (vm, bi0);
+ ip0 = vlib_buffer_get_current (p0);
+ h0 = ip6_next_header (ip0);
+ options_len0 =
+ clib_net_to_host_u16 (ip0->payload_length) - sizeof (h0[0]);
+ is_unspecified = ip6_address_is_unspecified (&ip0->src_address);
+ is_link_local =
+ ip6_address_is_link_local_unicast (&ip0->src_address);
+
+ error0 = ICMP6_ERROR_NONE;
+ sw_if_index0 = vnet_buffer (p0)->sw_if_index[VLIB_RX];
+
+ /* check if solicitation (not from nd_timer node) */
+ if (ip6_address_is_unspecified (&ip0->dst_address))
+ is_solicitation = 0;
+
+ /* Check that source address is unspecified, link-local or else on-link. */
+ if (!is_unspecified && !is_link_local)
+ {
+ u32 src_adj_index0 = ip6_src_lookup_for_packet (im, p0, ip0);
+
+ if (ADJ_INDEX_INVALID != src_adj_index0)
+ {
+ ip_adjacency_t *adj0 = adj_get (src_adj_index0);
+
+ error0 = (adj0->rewrite_header.sw_if_index != sw_if_index0
+ ?
+ ICMP6_ERROR_ROUTER_SOLICITATION_SOURCE_NOT_ON_LINK
+ : error0);
+ }
+ else
+ {
+ error0 = ICMP6_ERROR_ROUTER_SOLICITATION_SOURCE_NOT_ON_LINK;
+ }
+ }
+
+ /* check for source LL option and process */
+ o0 = (void *) (h0 + 1);
+ o0 = ((options_len0 == 8
+ && o0->header.type == option_type
+ && o0->header.n_data_u64s == 1) ? o0 : 0);
+
+ /* if src address unspecified IGNORE any options */
+ if (PREDICT_TRUE (error0 == ICMP6_ERROR_NONE && o0 != 0 &&
+ !is_unspecified && !is_link_local))
+ {
+ ip_neighbor_learn_t learn = {
+ .type = IP46_TYPE_IP6,
+ .sw_if_index = sw_if_index0,
+ .ip.ip6 = ip0->src_address,
+ };
+ memcpy (&learn.mac, o0->ethernet_address, sizeof (learn.mac));
+ ip_neighbor_learn_dp (&learn);
+ }
+
+ /* default is to drop */
+ next0 = ICMP6_ROUTER_SOLICITATION_NEXT_DROP;
+
+ if (error0 == ICMP6_ERROR_NONE)
+ {
+ vnet_sw_interface_t *sw_if0;
+ ethernet_interface_t *eth_if0;
+ u32 adj_index0;
+
+ sw_if0 = vnet_get_sup_sw_interface (vnm, sw_if_index0);
+ ASSERT (sw_if0->type == VNET_SW_INTERFACE_TYPE_HARDWARE);
+ eth_if0 =
+ ethernet_get_interface (&ethernet_main, sw_if0->hw_if_index);
+
+ /* only support ethernet interface type for now */
+ error0 =
+ (!eth_if0) ? ICMP6_ERROR_ROUTER_SOLICITATION_UNSUPPORTED_INTF
+ : error0;
+
+ if (error0 == ICMP6_ERROR_NONE)
+ {
+ /* adjust the sizeof the buffer to just include the ipv6 header */
+ p0->current_length -=
+ (options_len0 +
+ sizeof (icmp6_neighbor_discovery_header_t));
+
+ radv_info = ip6_ra_get_itf (sw_if_index0);
+
+ error0 = ((!radv_info) ?
+ ICMP6_ERROR_ROUTER_SOLICITATION_RADV_NOT_CONFIG :
+ error0);
+
+ if (error0 == ICMP6_ERROR_NONE)
+ {
+ f64 now = vlib_time_now (vm);
+
+ /* for solicited adverts - need to rate limit */
+ if (is_solicitation)
+ {
+ if (0 != radv_info->last_radv_time &&
+ (now - radv_info->last_radv_time) <
+ MIN_DELAY_BETWEEN_RAS)
+ is_dropped = 1;
+ else
+ radv_info->last_radv_time = now;
+ }
+
+ /* send now */
+ icmp6_router_advertisement_header_t rh;
+
+ rh.icmp.type = ICMP6_router_advertisement;
+ rh.icmp.code = 0;
+ rh.icmp.checksum = 0;
+
+ rh.current_hop_limit = radv_info->curr_hop_limit;
+ rh.router_lifetime_in_sec =
+ clib_host_to_net_u16
+ (radv_info->adv_router_lifetime_in_sec);
+ rh.
+ time_in_msec_between_retransmitted_neighbor_solicitations
+ =
+ clib_host_to_net_u32 (radv_info->
+ adv_time_in_msec_between_retransmitted_neighbor_solicitations);
+ rh.neighbor_reachable_time_in_msec =
+ clib_host_to_net_u32 (radv_info->
+ adv_neighbor_reachable_time_in_msec);
+
+ rh.flags =
+ (radv_info->adv_managed_flag) ?
+ ICMP6_ROUTER_DISCOVERY_FLAG_ADDRESS_CONFIG_VIA_DHCP :
+ 0;
+ rh.flags |=
+ ((radv_info->adv_other_flag) ?
+ ICMP6_ROUTER_DISCOVERY_FLAG_OTHER_CONFIG_VIA_DHCP :
+ 0);
+
+
+ u16 payload_length =
+ sizeof (icmp6_router_advertisement_header_t);
+
+ if (vlib_buffer_add_data
+ (vm, &bi0, (void *) &rh,
+ sizeof (icmp6_router_advertisement_header_t)))
+ {
+ /* buffer allocation failed, drop the pkt */
+ error0 = ICMP6_ERROR_ALLOC_FAILURE;
+ goto drop0;
+ }
+
+ if (radv_info->adv_link_layer_address)
+ {
+ icmp6_neighbor_discovery_ethernet_link_layer_address_option_t
+ h;
+
+ h.header.type =
+ ICMP6_NEIGHBOR_DISCOVERY_OPTION_source_link_layer_address;
+ h.header.n_data_u64s = 1;
+
+ /* copy ll address */
+ clib_memcpy (&h.ethernet_address[0],
+ eth_if0->address, 6);
+
+ if (vlib_buffer_add_data
+ (vm, &bi0, (void *) &h,
+ sizeof
+ (icmp6_neighbor_discovery_ethernet_link_layer_address_option_t)))
+ {
+ error0 = ICMP6_ERROR_ALLOC_FAILURE;
+ goto drop0;
+ }
+
+ payload_length +=
+ sizeof
+ (icmp6_neighbor_discovery_ethernet_link_layer_address_option_t);
+ }
+
+ /* add MTU option */
+ if (radv_info->adv_link_mtu)
+ {
+ icmp6_neighbor_discovery_mtu_option_t h;
+
+ h.unused = 0;
+ h.mtu =
+ clib_host_to_net_u32 (radv_info->adv_link_mtu);
+ h.header.type = ICMP6_NEIGHBOR_DISCOVERY_OPTION_mtu;
+ h.header.n_data_u64s = 1;
+
+ payload_length +=
+ sizeof (icmp6_neighbor_discovery_mtu_option_t);
+
+ if (vlib_buffer_add_data
+ (vm, &bi0, (void *) &h,
+ sizeof
+ (icmp6_neighbor_discovery_mtu_option_t)))
+ {
+ error0 = ICMP6_ERROR_ALLOC_FAILURE;
+ goto drop0;
+ }
+ }
+
+ /* add advertised prefix options */
+ ip6_radv_prefix_t *pr_info;
+
+ /* *INDENT-OFF* */
+ pool_foreach (pr_info, radv_info->adv_prefixes_pool,
+ ({
+ if(pr_info->enabled &&
+ (!pr_info->decrement_lifetime_flag
+ || (pr_info->pref_lifetime_expires >0)))
+ {
+ /* advertise this prefix */
+ icmp6_neighbor_discovery_prefix_information_option_t h;
+
+ h.header.type = ICMP6_NEIGHBOR_DISCOVERY_OPTION_prefix_information;
+ h.header.n_data_u64s = (sizeof(icmp6_neighbor_discovery_prefix_information_option_t) >> 3);
+
+ h.dst_address_length = pr_info->prefix_len;
+
+ h.flags = (pr_info->adv_on_link_flag) ? ICMP6_NEIGHBOR_DISCOVERY_PREFIX_INFORMATION_FLAG_ON_LINK : 0;
+ h.flags |= (pr_info->adv_autonomous_flag) ? ICMP6_NEIGHBOR_DISCOVERY_PREFIX_INFORMATION_AUTO : 0;
+
+ if(radv_info->cease_radv && pr_info->deprecated_prefix_flag)
+ {
+ h.valid_time = clib_host_to_net_u32(MIN_ADV_VALID_LIFETIME);
+ h.preferred_time = 0;
+ }
+ else
+ {
+ if(pr_info->decrement_lifetime_flag)
+ {
+ pr_info->adv_valid_lifetime_in_secs = ((pr_info->valid_lifetime_expires > now)) ?
+ (pr_info->valid_lifetime_expires - now) : 0;
+
+ pr_info->adv_pref_lifetime_in_secs = ((pr_info->pref_lifetime_expires > now)) ?
+ (pr_info->pref_lifetime_expires - now) : 0;
+ }
+
+ h.valid_time = clib_host_to_net_u32(pr_info->adv_valid_lifetime_in_secs);
+ h.preferred_time = clib_host_to_net_u32(pr_info->adv_pref_lifetime_in_secs) ;
+ }
+ h.unused = 0;
+
+ clib_warning ("Prefix %U valid %u preferred %u",
+ format_ip6_address, &pr_info->prefix,
+ clib_net_to_host_u32 (h.valid_time),
+ clib_net_to_host_u32 (h.preferred_time));
+
+ if (h.valid_time == 0)
+ clib_warning ("WARNING: valid_time 0!!!");
+
+ clib_memcpy(&h.dst_address, &pr_info->prefix, sizeof(ip6_address_t));
+
+ payload_length += sizeof( icmp6_neighbor_discovery_prefix_information_option_t);
+
+ if (vlib_buffer_add_data
+ (vm, &bi0, (void *)&h,
+ sizeof(icmp6_neighbor_discovery_prefix_information_option_t)))
+ {
+ error0 = ICMP6_ERROR_ALLOC_FAILURE;
+ goto drop0;
+ }
+
+ }
+ }));
+ /* *INDENT-ON* */
+
+ /* add additional options before here */
+
+ /* finish building the router advertisement... */
+ if (!is_unspecified && radv_info->send_unicast)
+ {
+ ip0->dst_address = ip0->src_address;
+ }
+ else
+ {
+ /* target address is all-nodes mcast addr */
+ ip6_set_reserved_multicast_address
+ (&ip0->dst_address,
+ IP6_MULTICAST_SCOPE_link_local,
+ IP6_MULTICAST_GROUP_ID_all_hosts);
+ }
+
+ /* source address MUST be the link-local address */
+ ip6_address_copy (&ip0->src_address,
+ ip6_get_link_local_address
+ (radv_info->sw_if_index));
+
+ ip0->hop_limit = 255;
+ ip0->payload_length =
+ clib_host_to_net_u16 (payload_length);
+
+ icmp6_router_advertisement_header_t *rh0 =
+ (icmp6_router_advertisement_header_t *) (ip0 + 1);
+ rh0->icmp.checksum =
+ ip6_tcp_udp_icmp_compute_checksum (vm, p0, ip0,
+ &bogus_length);
+ ASSERT (bogus_length == 0);
+
+ /* setup output if and adjacency */
+ vnet_buffer (p0)->sw_if_index[VLIB_RX] =
+ vnet_main.local_interface_sw_if_index;
+
+ if (is_solicitation)
+ {
+ ethernet_header_t *eth0;
+ /* Reuse current MAC header, copy SMAC to DMAC and
+ * interface MAC to SMAC */
+ vlib_buffer_reset (p0);
+ eth0 = vlib_buffer_get_current (p0);
+ clib_memcpy (eth0->dst_address, eth0->src_address,
+ 6);
+ clib_memcpy (eth0->src_address, eth_if0->address,
+ 6);
+ next0 =
+ is_dropped ? next0 :
+ ICMP6_ROUTER_SOLICITATION_NEXT_REPLY_TX;
+ vnet_buffer (p0)->sw_if_index[VLIB_TX] =
+ sw_if_index0;
+ }
+ else
+ {
+ adj_index0 = ip6_link_get_mcast_adj (sw_if_index0);
+ if (adj_index0 == INDEX_INVALID)
+ error0 = ICMP6_ERROR_DST_LOOKUP_MISS;
+ else
+ {
+ next0 =
+ is_dropped ? next0 :
+ ICMP6_ROUTER_SOLICITATION_NEXT_REPLY_RW;
+ vnet_buffer (p0)->ip.adj_index[VLIB_TX] =
+ adj_index0;
+ }
+ }
+ p0->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED;
+
+ radv_info->n_solicitations_dropped += is_dropped;
+ radv_info->n_solicitations_rcvd += is_solicitation;
+
+ if ((error0 == ICMP6_ERROR_NONE) && !is_dropped)
+ {
+ radv_info->n_advertisements_sent++;
+ n_advertisements_sent++;
+ }
+ }
+ }
+ }
+
+ drop0:
+ p0->error = error_node->errors[error0];
+
+ if (error0 != ICMP6_ERROR_NONE)
+ vlib_error_count (vm, error_node->node_index, error0, 1);
+
+ vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
+ to_next, n_left_to_next,
+ bi0, next0);
+
+ }
+
+ vlib_put_next_frame (vm, node, next_index, n_left_to_next);
+ }
+
+ /* Account for router advertisements sent. */
+ vlib_error_count (vm, error_node->node_index,
+ ICMP6_ERROR_ROUTER_ADVERTISEMENTS_TX,
+ n_advertisements_sent);
+
+ return frame->n_vectors;
+}
+
+/* *INDENT-OFF* */
+VLIB_REGISTER_NODE (ip6_icmp_router_solicitation_node,static) =
+{
+ .function = icmp6_router_solicitation,
+ .name = "icmp6-router-solicitation",
+
+ .vector_size = sizeof (u32),
+
+ .format_trace = format_icmp6_input_trace,
+
+ .n_next_nodes = ICMP6_ROUTER_SOLICITATION_N_NEXT,
+ .next_nodes = {
+ [ICMP6_ROUTER_SOLICITATION_NEXT_DROP] = "ip6-drop",
+ [ICMP6_ROUTER_SOLICITATION_NEXT_REPLY_RW] = "ip6-rewrite-mcast",
+ [ICMP6_ROUTER_SOLICITATION_NEXT_REPLY_TX] = "interface-output",
+ },
+};
+/* *INDENT-ON* */
+
+ /* validate advertised info for consistancy (see RFC-4861 section 6.2.7) - log any inconsistencies, packet will always be dropped */
+static_always_inline uword
+icmp6_router_advertisement (vlib_main_t * vm,
+ vlib_node_runtime_t * node, vlib_frame_t * frame)
+{
+ vnet_main_t *vnm = vnet_get_main ();
+ uword n_packets = frame->n_vectors;
+ u32 *from, *to_next;
+ u32 n_left_from, n_left_to_next, next_index;
+ u32 n_advertisements_rcvd = 0;
+
+ vlib_node_runtime_t *error_node =
+ vlib_node_get_runtime (vm, ip6_icmp_input_node.index);
+
+ from = vlib_frame_vector_args (frame);
+ n_left_from = n_packets;
+ next_index = node->cached_next_index;
+
+ if (node->flags & VLIB_NODE_FLAG_TRACE)
+ vlib_trace_frame_buffers_only (vm, node, from, frame->n_vectors,
+ /* stride */ 1,
+ sizeof (icmp6_input_trace_t));
+
+ while (n_left_from > 0)
+ {
+ vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
+
+ while (n_left_from > 0 && n_left_to_next > 0)
+ {
+ vlib_buffer_t *p0;
+ ip6_header_t *ip0;
+ ip6_ra_t *radv_info = 0;
+ icmp6_router_advertisement_header_t *h0;
+ u32 bi0, options_len0, sw_if_index0, next0, error0;
+
+ bi0 = to_next[0] = from[0];
+
+ from += 1;
+ to_next += 1;
+ n_left_from -= 1;
+ n_left_to_next -= 1;
+
+ p0 = vlib_get_buffer (vm, bi0);
+ ip0 = vlib_buffer_get_current (p0);
+ h0 = ip6_next_header (ip0);
+ options_len0 =
+ clib_net_to_host_u16 (ip0->payload_length) - sizeof (h0[0]);
+
+ error0 = ICMP6_ERROR_NONE;
+ sw_if_index0 = vnet_buffer (p0)->sw_if_index[VLIB_RX];
+
+ /* Check that source address is link-local */
+ error0 = (!ip6_address_is_link_local_unicast (&ip0->src_address)) ?
+ ICMP6_ERROR_ROUTER_ADVERTISEMENT_SOURCE_NOT_LINK_LOCAL : error0;
+
+ /* default is to drop */
+ next0 = ICMP6_ROUTER_SOLICITATION_NEXT_DROP;
+
+ n_advertisements_rcvd++;
+
+ if (error0 == ICMP6_ERROR_NONE)
+ {
+ vnet_sw_interface_t *sw_if0;
+ ethernet_interface_t *eth_if0;
+
+ sw_if0 = vnet_get_sup_sw_interface (vnm, sw_if_index0);
+ ASSERT (sw_if0->type == VNET_SW_INTERFACE_TYPE_HARDWARE);
+ eth_if0 =
+ ethernet_get_interface (&ethernet_main, sw_if0->hw_if_index);
+
+ /* only support ethernet interface type for now */
+ error0 =
+ (!eth_if0) ? ICMP6_ERROR_ROUTER_SOLICITATION_UNSUPPORTED_INTF
+ : error0;
+
+ if (error0 == ICMP6_ERROR_NONE)
+ {
+ /* look up the radv_t information for this interface */
+ radv_info = ip6_ra_get_itf (sw_if_index0);
+
+ error0 = ((!radv_info) ?
+ ICMP6_ERROR_ROUTER_SOLICITATION_RADV_NOT_CONFIG :
+ error0);
+
+ if (error0 == ICMP6_ERROR_NONE)
+ {
+ radv_info->keep_sending_rs = 0;
+
+ ip6_ra_report_t r;
+
+ r.sw_if_index = sw_if_index0;
+ memcpy (&r.router_address, &ip0->src_address, 16);
+ r.current_hop_limit = h0->current_hop_limit;
+ r.flags = h0->flags;
+ r.router_lifetime_in_sec =
+ clib_net_to_host_u16 (h0->router_lifetime_in_sec);
+ r.neighbor_reachable_time_in_msec =
+ clib_net_to_host_u32
+ (h0->neighbor_reachable_time_in_msec);
+ r.time_in_msec_between_retransmitted_neighbor_solicitations = clib_net_to_host_u32 (h0->time_in_msec_between_retransmitted_neighbor_solicitations);
+ r.prefixes = 0;
+
+ /* validate advertised information */
+ if ((h0->current_hop_limit && radv_info->curr_hop_limit)
+ && (h0->current_hop_limit !=
+ radv_info->curr_hop_limit))
+ {
+ ip6_neighbor_syslog (vm, LOG_WARNING,
+ "our AdvCurHopLimit on %U doesn't agree with %U",
+ format_vnet_sw_if_index_name,
+ vnm, sw_if_index0,
+ format_ip6_address,
+ &ip0->src_address);
+ }
+
+ if ((h0->flags &
+ ICMP6_ROUTER_DISCOVERY_FLAG_ADDRESS_CONFIG_VIA_DHCP)
+ != radv_info->adv_managed_flag)
+ {
+ ip6_neighbor_syslog (vm, LOG_WARNING,
+ "our AdvManagedFlag on %U doesn't agree with %U",
+ format_vnet_sw_if_index_name,
+ vnm, sw_if_index0,
+ format_ip6_address,
+ &ip0->src_address);
+ }
+
+ if ((h0->flags &
+ ICMP6_ROUTER_DISCOVERY_FLAG_OTHER_CONFIG_VIA_DHCP)
+ != radv_info->adv_other_flag)
+ {
+ ip6_neighbor_syslog (vm, LOG_WARNING,
+ "our AdvOtherConfigFlag on %U doesn't agree with %U",
+ format_vnet_sw_if_index_name,
+ vnm, sw_if_index0,
+ format_ip6_address,
+ &ip0->src_address);
+ }
+
+ if ((h0->
+ time_in_msec_between_retransmitted_neighbor_solicitations
+ && radv_info->
+ adv_time_in_msec_between_retransmitted_neighbor_solicitations)
+ && (h0->
+ time_in_msec_between_retransmitted_neighbor_solicitations
+ !=
+ clib_host_to_net_u32 (radv_info->
+ adv_time_in_msec_between_retransmitted_neighbor_solicitations)))
+ {
+ ip6_neighbor_syslog (vm, LOG_WARNING,
+ "our AdvRetransTimer on %U doesn't agree with %U",
+ format_vnet_sw_if_index_name,
+ vnm, sw_if_index0,
+ format_ip6_address,
+ &ip0->src_address);
+ }
+
+ if ((h0->neighbor_reachable_time_in_msec &&
+ radv_info->adv_neighbor_reachable_time_in_msec) &&
+ (h0->neighbor_reachable_time_in_msec !=
+ clib_host_to_net_u32
+ (radv_info->adv_neighbor_reachable_time_in_msec)))
+ {
+ ip6_neighbor_syslog (vm, LOG_WARNING,
+ "our AdvReachableTime on %U doesn't agree with %U",
+ format_vnet_sw_if_index_name,
+ vnm, sw_if_index0,
+ format_ip6_address,
+ &ip0->src_address);
+ }
+
+ /* check for MTU or prefix options or .. */
+ u8 *opt_hdr = (u8 *) (h0 + 1);
+ while (options_len0 > 0)
+ {
+ icmp6_neighbor_discovery_option_header_t *o0 =
+ (icmp6_neighbor_discovery_option_header_t *)
+ opt_hdr;
+ int opt_len = o0->n_data_u64s << 3;
+ icmp6_neighbor_discovery_option_type_t option_type =
+ o0->type;
+
+ if (options_len0 < 2)
+ {
+ ip6_neighbor_syslog (vm, LOG_ERR,
+ "malformed RA packet on %U from %U",
+ format_vnet_sw_if_index_name,
+ vnm, sw_if_index0,
+ format_ip6_address,
+ &ip0->src_address);
+ break;
+ }
+
+ if (opt_len == 0)
+ {
+ ip6_neighbor_syslog (vm, LOG_ERR,
+ " zero length option in RA on %U from %U",
+ format_vnet_sw_if_index_name,
+ vnm, sw_if_index0,
+ format_ip6_address,
+ &ip0->src_address);
+ break;
+ }
+ else if (opt_len > options_len0)
+ {
+ ip6_neighbor_syslog (vm, LOG_ERR,
+ "option length in RA packet greater than total length on %U from %U",
+ format_vnet_sw_if_index_name,
+ vnm, sw_if_index0,
+ format_ip6_address,
+ &ip0->src_address);
+ break;
+ }
+
+ options_len0 -= opt_len;
+ opt_hdr += opt_len;
+
+ switch (option_type)
+ {
+ case ICMP6_NEIGHBOR_DISCOVERY_OPTION_source_link_layer_address:
+ {
+ icmp6_neighbor_discovery_ethernet_link_layer_address_option_t
+ * h =
+ (icmp6_neighbor_discovery_ethernet_link_layer_address_option_t
+ *) (o0);
+
+ if (opt_len < sizeof (*h))
+ break;
+
+ memcpy (r.slla, h->ethernet_address, 6);
+ }
+ break;
+
+ case ICMP6_NEIGHBOR_DISCOVERY_OPTION_mtu:
+ {
+ icmp6_neighbor_discovery_mtu_option_t *h =
+ (icmp6_neighbor_discovery_mtu_option_t
+ *) (o0);
+
+ if (opt_len < sizeof (*h))
+ break;
+
+ r.mtu = clib_net_to_host_u32 (h->mtu);
+
+ if ((h->mtu && radv_info->adv_link_mtu) &&
+ (h->mtu !=
+ clib_host_to_net_u32
+ (radv_info->adv_link_mtu)))
+ {
+ ip6_neighbor_syslog (vm, LOG_WARNING,
+ "our AdvLinkMTU on %U doesn't agree with %U",
+ format_vnet_sw_if_index_name,
+ vnm, sw_if_index0,
+ format_ip6_address,
+ &ip0->src_address);
+ }
+ }
+ break;
+
+ case ICMP6_NEIGHBOR_DISCOVERY_OPTION_prefix_information:
+ {
+ icmp6_neighbor_discovery_prefix_information_option_t
+ * h =
+ (icmp6_neighbor_discovery_prefix_information_option_t
+ *) (o0);
+
+ /* validate advertised prefix options */
+ ip6_radv_prefix_t *pr_info;
+ u32 preferred, valid;
+
+ if (opt_len < sizeof (*h))
+ break;
+
+ vec_validate (r.prefixes,
+ vec_len (r.prefixes));
+ ra_report_prefix_info_t *prefix =
+ vec_elt_at_index (r.prefixes,
+ vec_len (r.prefixes) - 1);
+
+ preferred =
+ clib_net_to_host_u32 (h->preferred_time);
+ valid = clib_net_to_host_u32 (h->valid_time);
+
+ prefix->preferred_time = preferred;
+ prefix->valid_time = valid;
+ prefix->flags = h->flags & 0xc0;
+ prefix->prefix.fp_len = h->dst_address_length;
+ prefix->prefix.fp_addr.ip6 = h->dst_address;
+ prefix->prefix.fp_proto = FIB_PROTOCOL_IP6;
+
+ /* look for matching prefix - if we our advertising it, it better be consistant */
+ /* *INDENT-OFF* */
+ pool_foreach (pr_info, radv_info->adv_prefixes_pool,
+ ({
+
+ ip6_address_t mask;
+ ip6_address_mask_from_width(&mask, pr_info->prefix_len);
+
+ if(pr_info->enabled &&
+ (pr_info->prefix_len == h->dst_address_length) &&
+ ip6_address_is_equal_masked (&pr_info->prefix, &h->dst_address, &mask))
+ {
+ /* found it */
+ if(!pr_info->decrement_lifetime_flag &&
+ valid != pr_info->adv_valid_lifetime_in_secs)
+ {
+ ip6_neighbor_syslog(vm, LOG_WARNING,
+ "our ADV validlifetime on %U for %U does not agree with %U",
+ format_vnet_sw_if_index_name, vnm, sw_if_index0,format_ip6_address, &pr_info->prefix,
+ format_ip6_address, &h->dst_address);
+ }
+ if(!pr_info->decrement_lifetime_flag &&
+ preferred != pr_info->adv_pref_lifetime_in_secs)
+ {
+ ip6_neighbor_syslog(vm, LOG_WARNING,
+ "our ADV preferredlifetime on %U for %U does not agree with %U",
+ format_vnet_sw_if_index_name, vnm, sw_if_index0,format_ip6_address, &pr_info->prefix,
+ format_ip6_address, &h->dst_address);
+ }
+ }
+ break;
+ }));
+ /* *INDENT-ON* */
+ break;
+ }
+ default:
+ /* skip this one */
+ break;
+ }
+ }
+ ip6_ra_publish (&r);
+ }
+ }
+ }
+
+ p0->error = error_node->errors[error0];
+
+ if (error0 != ICMP6_ERROR_NONE)
+ vlib_error_count (vm, error_node->node_index, error0, 1);
+
+ vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
+ to_next, n_left_to_next,
+ bi0, next0);
+ }
+
+ vlib_put_next_frame (vm, node, next_index, n_left_to_next);
+ }
+
+ /* Account for router advertisements received. */
+ vlib_error_count (vm, error_node->node_index,
+ ICMP6_ERROR_ROUTER_ADVERTISEMENTS_RX,
+ n_advertisements_rcvd);
+
+ return frame->n_vectors;
+}
+
+/* *INDENT-OFF* */
+VLIB_REGISTER_NODE (ip6_icmp_router_advertisement_node,static) =
+{
+ .function = icmp6_router_advertisement,
+ .name = "icmp6-router-advertisement",
+
+ .vector_size = sizeof (u32),
+
+ .format_trace = format_icmp6_input_trace,
+
+ .n_next_nodes = 1,
+ .next_nodes = {
+ [0] = "ip6-drop",
+ },
+};
+/* *INDENT-ON* */
+
+static inline f64
+random_f64_from_to (f64 from, f64 to)
+{
+ static u32 seed = 0;
+ static u8 seed_set = 0;
+ if (!seed_set)
+ {
+ seed = random_default_seed ();
+ seed_set = 1;
+ }
+ return random_f64 (&seed) * (to - from) + from;
+}
+
+static inline u8
+get_mac_address (u32 sw_if_index, u8 * address)
+{
+ vnet_main_t *vnm = vnet_get_main ();
+ vnet_hw_interface_t *hw_if = vnet_get_sup_hw_interface (vnm, sw_if_index);
+ if (!hw_if->hw_address)
+ return 1;
+ clib_memcpy (address, hw_if->hw_address, 6);
+ return 0;
+}
+
+static inline vlib_buffer_t *
+create_buffer_for_rs (vlib_main_t * vm, ip6_ra_t * radv_info)
+{
+ u32 bi0;
+ vlib_buffer_t *p0;
+ icmp6_router_solicitation_header_t *rh;
+ u16 payload_length;
+ int bogus_length;
+ u32 sw_if_index;
+
+ sw_if_index = radv_info->sw_if_index;
+
+ if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
+ {
+ clib_warning ("buffer allocation failure");
+ return 0;
+ }
+
+ p0 = vlib_get_buffer (vm, bi0);
+ VLIB_BUFFER_TRACE_TRAJECTORY_INIT (p0);
+ p0->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED;
+
+ vnet_buffer (p0)->sw_if_index[VLIB_RX] = sw_if_index;
+ vnet_buffer (p0)->sw_if_index[VLIB_TX] = sw_if_index;
+
+ vnet_buffer (p0)->ip.adj_index[VLIB_TX] =
+ ip6_link_get_mcast_adj (sw_if_index);
+
+ rh = vlib_buffer_get_current (p0);
+ p0->current_length = sizeof (*rh);
+
+ rh->neighbor.icmp.type = ICMP6_router_solicitation;
+ rh->neighbor.icmp.code = 0;
+ rh->neighbor.icmp.checksum = 0;
+ rh->neighbor.reserved_must_be_zero = 0;
+
+ rh->link_layer_option.header.type =
+ ICMP6_NEIGHBOR_DISCOVERY_OPTION_source_link_layer_address;
+ if (0 != get_mac_address (sw_if_index,
+ rh->link_layer_option.ethernet_address))
+ {
+ clib_warning ("interface with sw_if_index %u has no mac address",
+ sw_if_index);
+ vlib_buffer_free (vm, &bi0, 1);
+ return 0;
+ }
+ rh->link_layer_option.header.n_data_u64s = 1;
+
+ payload_length = sizeof (rh->neighbor) + sizeof (u64);
+
+ rh->ip.ip_version_traffic_class_and_flow_label =
+ clib_host_to_net_u32 (0x6 << 28);
+ rh->ip.payload_length = clib_host_to_net_u16 (payload_length);
+ rh->ip.protocol = IP_PROTOCOL_ICMP6;
+ rh->ip.hop_limit = 255;
+ ip6_address_copy (&rh->ip.src_address,
+ ip6_get_link_local_address (radv_info->sw_if_index));
+ /* set address ff02::2 */
+ rh->ip.dst_address.as_u64[0] = clib_host_to_net_u64 (0xff02ULL << 48);
+ rh->ip.dst_address.as_u64[1] = clib_host_to_net_u64 (2);
+
+ rh->neighbor.icmp.checksum = ip6_tcp_udp_icmp_compute_checksum (vm, p0,
+ &rh->ip,
+ &bogus_length);
+
+ return p0;
+}
+
+static inline void
+stop_sending_rs (vlib_main_t * vm, ip6_ra_t * ra)
+{
+ u32 bi0;
+
+ ra->keep_sending_rs = 0;
+ if (ra->buffer)
+ {
+ bi0 = vlib_get_buffer_index (vm, ra->buffer);
+ vlib_buffer_free (vm, &bi0, 1);
+ ra->buffer = 0;
+ }
+}
+
+static inline bool
+check_send_rs (vlib_main_t * vm, ip6_ra_t * radv_info, f64 current_time,
+ f64 * due_time)
+{
+ vlib_buffer_t *p0;
+ vlib_frame_t *f;
+ u32 *to_next;
+ u32 next_index;
+ vlib_buffer_t *c0;
+ u32 ci0;
+
+ icmp6_send_router_solicitation_params_t *params;
+
+ if (!radv_info->keep_sending_rs)
+ return false;
+
+ params = &radv_info->params;
+
+ if (radv_info->due_time > current_time)
+ {
+ *due_time = radv_info->due_time;
+ return true;
+ }
+
+ p0 = radv_info->buffer;
+
+ next_index = ip6_rewrite_mcast_node.index;
+
+ c0 = vlib_buffer_copy (vm, p0);
+ ci0 = vlib_get_buffer_index (vm, c0);
+
+ f = vlib_get_frame_to_node (vm, next_index);
+ to_next = vlib_frame_vector_args (f);
+ to_next[0] = ci0;
+ f->n_vectors = 1;
+ vlib_put_frame_to_node (vm, next_index, f);
+
+ if (params->mrc != 0 && --radv_info->n_left == 0)
+ stop_sending_rs (vm, radv_info);
+ else
+ {
+ radv_info->sleep_interval =
+ (2 + random_f64_from_to (-0.1, 0.1)) * radv_info->sleep_interval;
+ if (radv_info->sleep_interval > params->mrt)
+ radv_info->sleep_interval =
+ (1 + random_f64_from_to (-0.1, 0.1)) * params->mrt;
+
+ radv_info->due_time = current_time + radv_info->sleep_interval;
+
+ if (params->mrd != 0
+ && current_time > radv_info->start_time + params->mrd)
+ stop_sending_rs (vm, radv_info);
+ else
+ *due_time = radv_info->due_time;
+ }
+
+ return radv_info->keep_sending_rs;
+}
+
+static uword
+send_rs_process (vlib_main_t * vm, vlib_node_runtime_t * rt,
+ vlib_frame_t * f0)
+{
+ uword *event_data = NULL;
+ f64 sleep_time = 1e9;
+ ip6_ra_t *radv_info;
+ f64 current_time;
+ f64 due_time;
+ f64 dt = 0;
+
+ while (true)
+ {
+ vlib_process_wait_for_event_or_clock (vm, sleep_time);
+ vlib_process_get_events (vm, &event_data);
+ vec_reset_length (event_data);
+
+ current_time = vlib_time_now (vm);
+ do
+ {
+ due_time = current_time + 1e9;
+ /* *INDENT-OFF* */
+ pool_foreach (radv_info, ip6_ra_pool,
+ ({
+ if (check_send_rs (vm, radv_info, current_time, &dt)
+ && (dt < due_time))
+ due_time = dt;
+ }));
+ /* *INDENT-ON* */
+ current_time = vlib_time_now (vm);
+ }
+ while (due_time < current_time);
+
+ sleep_time = due_time - current_time;
+ }
+
+ return 0;
+}
+
+/* *INDENT-OFF* */
+VLIB_REGISTER_NODE (ip6_rs_process_node) = {
+ .function = send_rs_process,
+ .type = VLIB_NODE_TYPE_PROCESS,
+ .name = "ip6-rs-process",
+};
+/* *INDENT-ON* */
+
+void
+icmp6_send_router_solicitation (vlib_main_t * vm, u32 sw_if_index, u8 stop,
+ const icmp6_send_router_solicitation_params_t
+ * params)
+{
+ ip6_ra_t *ra;
+
+ ASSERT (~0 != sw_if_index);
+
+ ra = ip6_ra_get_itf (sw_if_index);
+
+ if (!ra)
+ return;
+
+ stop_sending_rs (vm, ra);
+
+ if (!stop)
+ {
+ ra->keep_sending_rs = 1;
+ ra->params = *params;
+ ra->n_left = params->mrc;
+ ra->start_time = vlib_time_now (vm);
+ ra->sleep_interval = (1 + random_f64_from_to (-0.1, 0.1)) * params->irt;
+ ra->due_time = 0; /* send first packet ASAP */
+ ra->buffer = create_buffer_for_rs (vm, ra);
+ if (!ra->buffer)
+ ra->keep_sending_rs = 0;
+ else
+ vlib_process_signal_event (vm, ip6_rs_process_node.index, 1, 0);
+ }
+}
+
+static const ethernet_interface_t *
+ip6_ra_get_eth_itf (u32 sw_if_index)
+{
+ const vnet_sw_interface_t *sw;
+
+ /* lookup radv container - ethernet interfaces only */
+ sw = vnet_get_sup_sw_interface (vnet_get_main (), sw_if_index);
+ if (sw->type == VNET_SW_INTERFACE_TYPE_HARDWARE)
+ return (ethernet_get_interface (&ethernet_main, sw->hw_if_index));
+
+ return (NULL);
+}
+
+/**
+ * @brief called when IP6 is enabled on an interface
+ *create and initialize router advertisement parameters with default
+ * values for this intfc
+ */
+static void
+ip6_ra_link_enable (u32 sw_if_index)
+{
+ const ethernet_interface_t *eth;
+ ip6_ra_t *radv_info;
+
+ eth = ip6_ra_get_eth_itf (sw_if_index);
+
+ if (NULL == eth)
+ return;
+
+ ASSERT (INDEX_INVALID == ip6_link_delegate_get (sw_if_index,
+ ip6_ra_delegate_id));
+
+ pool_get_zero (ip6_ra_pool, radv_info);
+
+ radv_info->seed = (u32) clib_cpu_time_now ();
+ random_u32 (&radv_info->seed);
+
+ radv_info->sw_if_index = sw_if_index;
+ radv_info->max_radv_interval = DEF_MAX_RADV_INTERVAL;
+ radv_info->min_radv_interval = DEF_MIN_RADV_INTERVAL;
+ radv_info->curr_hop_limit = DEF_CURR_HOP_LIMIT;
+ radv_info->adv_router_lifetime_in_sec = DEF_DEF_RTR_LIFETIME;
+
+ /* send ll address source address option */
+ radv_info->adv_link_layer_address = 1;
+
+ radv_info->min_delay_between_radv = MIN_DELAY_BETWEEN_RAS;
+ radv_info->max_delay_between_radv = MAX_DELAY_BETWEEN_RAS;
+ radv_info->max_rtr_default_lifetime = MAX_DEF_RTR_LIFETIME;
+
+ radv_info->initial_adverts_count = MAX_INITIAL_RTR_ADVERTISEMENTS;
+ radv_info->initial_adverts_sent = radv_info->initial_adverts_count - 1;
+ radv_info->initial_adverts_interval = MAX_INITIAL_RTR_ADVERT_INTERVAL;
+
+ /* deafult is to send */
+ radv_info->send_radv = 1;
+
+ /* fill in delegate for this interface that will be needed later */
+ radv_info->adv_link_mtu =
+ vnet_sw_interface_get_mtu (vnet_get_main (), sw_if_index, VNET_MTU_IP6);
+
+ mhash_init (&radv_info->address_to_prefix_index, sizeof (uword),
+ sizeof (ip6_address_t));
+
+ ip6_link_delegate_update (sw_if_index, ip6_ra_delegate_id,
+ radv_info - ip6_ra_pool);
+}
+
+static void
+ip6_ra_delegate_disable (index_t rai)
+{
+ ip6_radv_prefix_t *p;
+ ip6_ra_t *radv_info;
+
+ radv_info = pool_elt_at_index (ip6_ra_pool, rai);
+
+ /* clean up prefix and MDP pools */
+ /* *INDENT-OFF* */
+ pool_flush(p, radv_info->adv_prefixes_pool,
+ ({
+ mhash_unset (&radv_info->address_to_prefix_index, &p->prefix, 0);
+ }));
+ /* *INDENT-ON* */
+
+ pool_free (radv_info->adv_prefixes_pool);
+
+ mhash_free (&radv_info->address_to_prefix_index);
+
+ pool_put (ip6_ra_pool, radv_info);
+}
+
+/* send a RA or update the timer info etc.. */
+static uword
+ip6_ra_process_timer_event (vlib_main_t * vm,
+ vlib_node_runtime_t * node, vlib_frame_t * frame)
+{
+ vnet_main_t *vnm = vnet_get_main ();
+ ip6_ra_t *radv_info;
+ vlib_frame_t *f = 0;
+ u32 n_this_frame = 0;
+ u32 n_left_to_next = 0;
+ u32 *to_next = 0;
+ u32 bo0;
+ icmp6_router_solicitation_header_t *h0;
+ vlib_buffer_t *b0;
+ f64 now = vlib_time_now (vm);
+
+ /* Interface ip6 radv info list */
+ /* *INDENT-OFF* */
+ pool_foreach (radv_info, ip6_ra_pool,
+ ({
+ if( !vnet_sw_interface_is_admin_up (vnm, radv_info->sw_if_index))
+ {
+ radv_info->initial_adverts_sent = radv_info->initial_adverts_count-1;
+ radv_info->next_multicast_time = now;
+ radv_info->last_multicast_time = now;
+ radv_info->last_radv_time = 0;
+ continue;
+ }
+
+ /* is it time to send a multicast RA on this interface? */
+ if(radv_info->send_radv && (now >= radv_info->next_multicast_time))
+ {
+ u32 n_to_alloc = 1;
+ u32 n_allocated;
+
+ f64 rfn = (radv_info->max_radv_interval - radv_info->min_radv_interval) *
+ random_f64 (&radv_info->seed) + radv_info->min_radv_interval;
+
+ /* multicast send - compute next multicast send time */
+ if( radv_info->initial_adverts_sent > 0)
+ {
+ radv_info->initial_adverts_sent--;
+ if(rfn > radv_info->initial_adverts_interval)
+ rfn = radv_info->initial_adverts_interval;
+
+ /* check to see if we are ceasing to send */
+ if( radv_info->initial_adverts_sent == 0)
+ if(radv_info->cease_radv)
+ radv_info->send_radv = 0;
+ }
+
+ radv_info->next_multicast_time = rfn + now;
+ radv_info->last_multicast_time = now;
+
+ /* send advert now - build a "solicted" router advert with unspecified source address */
+ n_allocated = vlib_buffer_alloc (vm, &bo0, n_to_alloc);
+
+ if (PREDICT_FALSE(n_allocated == 0))
+ {
+ clib_warning ("buffer allocation failure");
+ continue;
+ }
+ b0 = vlib_get_buffer (vm, bo0);
+ b0->current_length = sizeof( icmp6_router_solicitation_header_t);
+ b0->error = ICMP6_ERROR_NONE;
+ vnet_buffer (b0)->sw_if_index[VLIB_RX] = radv_info->sw_if_index;
+
+ h0 = vlib_buffer_get_current (b0);
+
+ clib_memset (h0, 0, sizeof (icmp6_router_solicitation_header_t));
+
+ h0->ip.ip_version_traffic_class_and_flow_label = clib_host_to_net_u32 (0x6 << 28);
+ h0->ip.payload_length = clib_host_to_net_u16 (sizeof (icmp6_router_solicitation_header_t)
+ - STRUCT_OFFSET_OF (icmp6_router_solicitation_header_t, neighbor));
+ h0->ip.protocol = IP_PROTOCOL_ICMP6;
+ h0->ip.hop_limit = 255;
+
+ /* set src/dst address as "unspecified" this marks this packet as internally generated rather than recieved */
+ h0->ip.src_address.as_u64[0] = 0;
+ h0->ip.src_address.as_u64[1] = 0;
+
+ h0->ip.dst_address.as_u64[0] = 0;
+ h0->ip.dst_address.as_u64[1] = 0;
+
+ h0->neighbor.icmp.type = ICMP6_router_solicitation;
+
+ if (PREDICT_FALSE(f == 0))
+ {
+ f = vlib_get_frame_to_node (vm, ip6_icmp_router_solicitation_node.index);
+ to_next = vlib_frame_vector_args (f);
+ n_left_to_next = VLIB_FRAME_SIZE;
+ n_this_frame = 0;
+ }
+
+ n_this_frame++;
+ n_left_to_next--;
+ to_next[0] = bo0;
+ to_next += 1;
+
+ if (PREDICT_FALSE(n_left_to_next == 0))
+ {
+ f->n_vectors = n_this_frame;
+ vlib_put_frame_to_node (vm, ip6_icmp_router_solicitation_node.index, f);
+ f = 0;
+ }
+ }
+ }));
+ /* *INDENT-ON* */
+
+ if (f)
+ {
+ ASSERT (n_this_frame);
+ f->n_vectors = n_this_frame;
+ vlib_put_frame_to_node (vm, ip6_icmp_router_solicitation_node.index, f);
+ }
+ return 0;
+}
+
+static void
+ip6_ra_handle_report (const ip6_ra_report_t * rap)
+{
+ u32 ii;
+
+ vec_foreach_index (ii, ip6_ra_listeners) ip6_ra_listeners[ii] (rap);
+}
+
+static uword
+ip6_ra_event_process (vlib_main_t * vm,
+ vlib_node_runtime_t * node, vlib_frame_t * frame)
+{
+ ip6_ra_report_t *r, *rs;
+ uword event_type;
+
+ /* init code here */
+
+ while (1)
+ {
+ vlib_process_wait_for_event_or_clock (vm, 1. /* seconds */ );
+
+ rs = vlib_process_get_event_data (vm, &event_type);
+
+ if (NULL == rs)
+ {
+ /* No events found: timer expired. */
+ /* process interface list and send RAs as appropriate, update timer info */
+ ip6_ra_process_timer_event (vm, node, frame);
+ }
+ else
+ {
+ vec_foreach (r, rs) ip6_ra_handle_report (r);
+ vec_reset_length (rs);
+ }
+ }
+ return frame->n_vectors;
+}
+
+VLIB_REGISTER_NODE (ip6_ra_process_node) =
+{
+.function = ip6_ra_event_process,.name = "ip6-ra-process",.type =
+ VLIB_NODE_TYPE_PROCESS,};
+
+static void
+ip6_ra_signal_report (ip6_ra_report_t * r)
+{
+ vlib_main_t *vm = vlib_get_main ();
+ ip6_ra_report_t *q;
+
+ if (!vec_len (ip6_ra_listeners))
+ return;
+
+ q = vlib_process_signal_event_data (vm,
+ ip6_ra_process_node.index,
+ 0, 1, sizeof *q);
+ *q = *r;
+}
+
+static int
+ip6_ra_publish (ip6_ra_report_t * r)
+{
+ void vl_api_rpc_call_main_thread (void *fp, u8 * data, u32 data_length);
+ vl_api_rpc_call_main_thread (ip6_ra_signal_report, (u8 *) r, sizeof *r);
+ return 0;
+}
+
+/* API support functions */
+int
+ip6_ra_config (vlib_main_t * vm, u32 sw_if_index,
+ u8 suppress, u8 managed, u8 other,
+ u8 ll_option, u8 send_unicast, u8 cease,
+ u8 use_lifetime, u32 lifetime,
+ u32 initial_count, u32 initial_interval,
+ u32 max_interval, u32 min_interval, u8 is_no)
+{
+ ip6_ra_t *radv_info;
+
+ /* look up the radv_t information for this interface */
+ radv_info = ip6_ra_get_itf (sw_if_index);
+
+ if (!radv_info)
+ return (VNET_API_ERROR_IP6_NOT_ENABLED);
+
+ if ((max_interval != 0) && (min_interval == 0))
+ min_interval = .75 * max_interval;
+
+ max_interval =
+ (max_interval !=
+ 0) ? ((is_no) ? DEF_MAX_RADV_INTERVAL : max_interval) :
+ radv_info->max_radv_interval;
+ min_interval =
+ (min_interval !=
+ 0) ? ((is_no) ? DEF_MIN_RADV_INTERVAL : min_interval) :
+ radv_info->min_radv_interval;
+ lifetime =
+ (use_lifetime !=
+ 0) ? ((is_no) ? DEF_DEF_RTR_LIFETIME : lifetime) :
+ radv_info->adv_router_lifetime_in_sec;
+
+ if (lifetime)
+ {
+ if (lifetime > MAX_DEF_RTR_LIFETIME)
+ lifetime = MAX_DEF_RTR_LIFETIME;
+
+ if (lifetime <= max_interval)
+ return VNET_API_ERROR_INVALID_VALUE;
+ }
+
+ if (min_interval != 0)
+ {
+ if ((min_interval > .75 * max_interval) || (min_interval < 3))
+ return VNET_API_ERROR_INVALID_VALUE;
+ }
+
+ if ((initial_count > MAX_INITIAL_RTR_ADVERTISEMENTS) ||
+ (initial_interval > MAX_INITIAL_RTR_ADVERT_INTERVAL))
+ return VNET_API_ERROR_INVALID_VALUE;
+
+ /*
+ if "flag" is set and is_no is true then restore default value else set value corresponding to "flag"
+ if "flag" is clear don't change corresponding value
+ */
+ radv_info->send_radv =
+ (suppress != 0) ? ((is_no != 0) ? 1 : 0) : radv_info->send_radv;
+ radv_info->adv_managed_flag =
+ (managed != 0) ? ((is_no) ? 0 : 1) : radv_info->adv_managed_flag;
+ radv_info->adv_other_flag =
+ (other != 0) ? ((is_no) ? 0 : 1) : radv_info->adv_other_flag;
+ radv_info->adv_link_layer_address =
+ (ll_option != 0) ? ((is_no) ? 1 : 0) : radv_info->adv_link_layer_address;
+ radv_info->send_unicast =
+ (send_unicast != 0) ? ((is_no) ? 0 : 1) : radv_info->send_unicast;
+ radv_info->cease_radv =
+ (cease != 0) ? ((is_no) ? 0 : 1) : radv_info->cease_radv;
+
+ radv_info->min_radv_interval = min_interval;
+ radv_info->max_radv_interval = max_interval;
+ radv_info->adv_router_lifetime_in_sec = lifetime;
+
+ radv_info->initial_adverts_count =
+ (initial_count !=
+ 0) ? ((is_no) ? MAX_INITIAL_RTR_ADVERTISEMENTS : initial_count) :
+ radv_info->initial_adverts_count;
+ radv_info->initial_adverts_interval =
+ (initial_interval !=
+ 0) ? ((is_no) ? MAX_INITIAL_RTR_ADVERT_INTERVAL : initial_interval) :
+ radv_info->initial_adverts_interval;
+
+ /* restart */
+ if ((cease != 0) && (is_no))
+ radv_info->send_radv = 1;
+
+ radv_info->initial_adverts_sent = radv_info->initial_adverts_count - 1;
+ radv_info->next_multicast_time = vlib_time_now (vm);
+ radv_info->last_multicast_time = vlib_time_now (vm);
+ radv_info->last_radv_time = 0;
+
+ return (0);
+}
+
+
+int
+ip6_ra_prefix (vlib_main_t * vm, u32 sw_if_index,
+ ip6_address_t * prefix_addr, u8 prefix_len,
+ u8 use_default, u32 val_lifetime, u32 pref_lifetime,
+ u8 no_advertise, u8 off_link, u8 no_autoconfig,
+ u8 no_onlink, u8 is_no)
+{
+ ip6_ra_t *radv_info;
+
+ /* look up the radv_t information for this interface */
+ radv_info = ip6_ra_get_itf (sw_if_index);
+
+ if (!radv_info)
+ return (VNET_API_ERROR_IP6_NOT_ENABLED);
+
+ f64 now = vlib_time_now (vm);
+
+ /* prefix info add, delete or update */
+ ip6_radv_prefix_t *prefix;
+
+ /* lookup prefix info for this address on this interface */
+ uword *p = mhash_get (&radv_info->address_to_prefix_index, prefix_addr);
+
+ prefix = p ? pool_elt_at_index (radv_info->adv_prefixes_pool, p[0]) : 0;
+
+ if (is_no)
+ {
+ /* delete */
+ if (!prefix)
+ return VNET_API_ERROR_INVALID_VALUE; /* invalid prefix */
+
+ if (prefix->prefix_len != prefix_len)
+ return VNET_API_ERROR_INVALID_VALUE_2;
+
+ /* FIXME - Should the DP do this or the CP ? */
+ /* do specific delete processing here before returning */
+ /* try to remove from routing table */
+
+ mhash_unset (&radv_info->address_to_prefix_index, prefix_addr,
+ /* old_value */ 0);
+ pool_put (radv_info->adv_prefixes_pool, prefix);
+
+ radv_info->initial_adverts_sent = radv_info->initial_adverts_count - 1;
+ radv_info->next_multicast_time = vlib_time_now (vm);
+ radv_info->last_multicast_time = vlib_time_now (vm);
+ radv_info->last_radv_time = 0;
+ return (0);
+ }
+
+ /* adding or changing */
+ if (!prefix)
+ {
+ /* add */
+ u32 pi;
+ pool_get_zero (radv_info->adv_prefixes_pool, prefix);
+ pi = prefix - radv_info->adv_prefixes_pool;
+ mhash_set (&radv_info->address_to_prefix_index, prefix_addr, pi,
+ /* old_value */ 0);
+
+ clib_memset (prefix, 0x0, sizeof (ip6_radv_prefix_t));
+
+ prefix->prefix_len = prefix_len;
+ clib_memcpy (&prefix->prefix, prefix_addr, sizeof (ip6_address_t));
+
+ /* initialize default values */
+ prefix->adv_on_link_flag = 1; /* L bit set */
+ prefix->adv_autonomous_flag = 1; /* A bit set */
+ prefix->adv_valid_lifetime_in_secs = DEF_ADV_VALID_LIFETIME;
+ prefix->adv_pref_lifetime_in_secs = DEF_ADV_PREF_LIFETIME;
+ prefix->enabled = 1;
+ prefix->decrement_lifetime_flag = 1;
+ prefix->deprecated_prefix_flag = 1;
+
+ if (off_link == 0)
+ {
+ /* FIXME - Should the DP do this or the CP ? */
+ /* insert prefix into routing table as a connected prefix */
+ }
+
+ if (use_default)
+ goto restart;
+ }
+ else
+ {
+
+ if (prefix->prefix_len != prefix_len)
+ return VNET_API_ERROR_INVALID_VALUE_2;
+
+ if (off_link != 0)
+ {
+ /* FIXME - Should the DP do this or the CP ? */
+ /* remove from routing table if already there */
+ }
+ }
+
+ if ((val_lifetime == ~0) || (pref_lifetime == ~0))
+ {
+ prefix->adv_valid_lifetime_in_secs = ~0;
+ prefix->adv_pref_lifetime_in_secs = ~0;
+ prefix->decrement_lifetime_flag = 0;
+ }
+ else
+ {
+ prefix->adv_valid_lifetime_in_secs = val_lifetime;;
+ prefix->adv_pref_lifetime_in_secs = pref_lifetime;
+ }
+
+ /* copy remaining */
+ prefix->enabled = !(no_advertise != 0);
+ prefix->adv_on_link_flag = !((off_link != 0) || (no_onlink != 0));
+ prefix->adv_autonomous_flag = !(no_autoconfig != 0);
+
+restart:
+ /* restart */
+ /* fill in the expiration times */
+ prefix->valid_lifetime_expires = now + prefix->adv_valid_lifetime_in_secs;
+ prefix->pref_lifetime_expires = now + prefix->adv_pref_lifetime_in_secs;
+
+ radv_info->initial_adverts_sent = radv_info->initial_adverts_count - 1;
+ radv_info->next_multicast_time = vlib_time_now (vm);
+ radv_info->last_multicast_time = vlib_time_now (vm);
+ radv_info->last_radv_time = 0;
+
+ return (0);
+}
+
+clib_error_t *
+ip6_ra_cmd (vlib_main_t * vm,
+ unformat_input_t * main_input, vlib_cli_command_t * cmd)
+{
+ vnet_main_t *vnm = vnet_get_main ();
+ clib_error_t *error = 0;
+ u8 is_no = 0;
+ u8 suppress = 0, managed = 0, other = 0;
+ u8 suppress_ll_option = 0, send_unicast = 0, cease = 0;
+ u8 use_lifetime = 0;
+ u32 sw_if_index, ra_lifetime = 0, ra_initial_count =
+ 0, ra_initial_interval = 0;
+ u32 ra_max_interval = 0, ra_min_interval = 0;
+
+ unformat_input_t _line_input, *line_input = &_line_input;
+
+ int add_radv_info = 1;
+ ip6_address_t ip6_addr;
+ u32 addr_len;
+
+
+ /* Get a line of input. */
+ if (!unformat_user (main_input, unformat_line_input, line_input))
+ return 0;
+
+ /* get basic radv info for this interface */
+ if (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
+ {
+
+ if (unformat_user (line_input,
+ unformat_vnet_sw_interface, vnm, &sw_if_index))
+ {
+ if (!ip6_ra_get_eth_itf (sw_if_index))
+ {
+ error =
+ clib_error_return (0, "Interface must be of ethernet type");
+ goto done;
+ }
+
+ if (!ip6_link_is_enabled (sw_if_index))
+ {
+ error = clib_error_return (0, "IP6 nt enabler interface %U'",
+ format_unformat_error, line_input);
+ goto done;
+ }
+ }
+ else
+ {
+ error = clib_error_return (0, "invalid interface name %U'",
+ format_unformat_error, line_input);
+ goto done;
+ }
+ }
+
+ /* get the rest of the command */
+ while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
+ {
+ if (unformat (line_input, "no"))
+ is_no = 1;
+ else if (unformat (line_input, "prefix %U/%d",
+ unformat_ip6_address, &ip6_addr, &addr_len))
+ {
+ add_radv_info = 0;
+ break;
+ }
+ else if (unformat (line_input, "ra-managed-config-flag"))
+ {
+ managed = 1;
+ break;
+ }
+ else if (unformat (line_input, "ra-other-config-flag"))
+ {
+ other = 1;
+ break;
+ }
+ else if (unformat (line_input, "ra-suppress") ||
+ unformat (line_input, "ra-surpress"))
+ {
+ suppress = 1;
+ break;
+ }
+ else if (unformat (line_input, "ra-suppress-link-layer") ||
+ unformat (line_input, "ra-surpress-link-layer"))
+ {
+ suppress_ll_option = 1;
+ break;
+ }
+ else if (unformat (line_input, "ra-send-unicast"))
+ {
+ send_unicast = 1;
+ break;
+ }
+ else if (unformat (line_input, "ra-lifetime"))
+ {
+ if (!unformat (line_input, "%d", &ra_lifetime))
+ {
+ error = unformat_parse_error (line_input);
+ goto done;
+ }
+ use_lifetime = 1;
+ break;
+ }
+ else if (unformat (line_input, "ra-initial"))
+ {
+ if (!unformat
+ (line_input, "%d %d", &ra_initial_count, &ra_initial_interval))
+ {
+ error = unformat_parse_error (line_input);
+ goto done;
+ }
+ break;
+ }
+ else if (unformat (line_input, "ra-interval"))
+ {
+ if (!unformat (line_input, "%d", &ra_max_interval))
+ {
+ error = unformat_parse_error (line_input);
+ goto done;
+ }
+
+ if (!unformat (line_input, "%d", &ra_min_interval))
+ ra_min_interval = 0;
+ break;
+ }
+ else if (unformat (line_input, "ra-cease"))
+ {
+ cease = 1;
+ break;
+ }
+ else
+ {
+ error = unformat_parse_error (line_input);
+ goto done;
+ }
+ }
+
+ if (add_radv_info)
+ {
+ ip6_ra_config (vm, sw_if_index,
+ suppress, managed, other,
+ suppress_ll_option, send_unicast, cease,
+ use_lifetime, ra_lifetime,
+ ra_initial_count, ra_initial_interval,
+ ra_max_interval, ra_min_interval, is_no);
+ }
+ else
+ {
+ u32 valid_lifetime_in_secs = 0;
+ u32 pref_lifetime_in_secs = 0;
+ u8 use_prefix_default_values = 0;
+ u8 no_advertise = 0;
+ u8 off_link = 0;
+ u8 no_autoconfig = 0;
+ u8 no_onlink = 0;
+
+ /* get the rest of the command */
+ while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
+ {
+ if (unformat (line_input, "default"))
+ {
+ use_prefix_default_values = 1;
+ break;
+ }
+ else if (unformat (line_input, "infinite"))
+ {
+ valid_lifetime_in_secs = ~0;
+ pref_lifetime_in_secs = ~0;
+ break;
+ }
+ else if (unformat (line_input, "%d %d", &valid_lifetime_in_secs,
+ &pref_lifetime_in_secs))
+ break;
+ else
+ break;
+ }
+
+
+ /* get the rest of the command */
+ while (!use_prefix_default_values &&
+ unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
+ {
+ if (unformat (line_input, "no-advertise"))
+ no_advertise = 1;
+ else if (unformat (line_input, "off-link"))
+ off_link = 1;
+ else if (unformat (line_input, "no-autoconfig"))
+ no_autoconfig = 1;
+ else if (unformat (line_input, "no-onlink"))
+ no_onlink = 1;
+ else
+ {
+ error = unformat_parse_error (line_input);
+ goto done;
+ }
+ }
+
+ ip6_ra_prefix (vm, sw_if_index,
+ &ip6_addr, addr_len,
+ use_prefix_default_values,
+ valid_lifetime_in_secs,
+ pref_lifetime_in_secs,
+ no_advertise, off_link, no_autoconfig, no_onlink, is_no);
+ }
+
+done:
+ unformat_free (line_input);
+
+ return error;
+}
+
+static u8 *
+format_ip6_ra (u8 * s, va_list * args)
+{
+ index_t rai = va_arg (*args, index_t);
+ u32 indent = va_arg (*args, u32);
+ ip6_radv_prefix_t *p;
+ ip6_ra_t *radv_info;
+
+ radv_info = pool_elt_at_index (ip6_ra_pool, rai);
+
+ s = format (s, "%UAdvertised Prefixes:\n", format_white_space, indent);
+
+ indent += 2;
+
+ /* *INDENT-OFF* */
+ pool_foreach (p, radv_info->adv_prefixes_pool,
+ ({
+ s = format (s, "%Uprefix %U, length %d\n",
+ format_white_space, indent+2,
+ format_ip6_address, &p->prefix, p->prefix_len);
+ }));
+ /* *INDENT-ON* */
+
+ s = format (s, "%UMTU is %d\n",
+ format_white_space, indent, radv_info->adv_link_mtu);
+ s = format (s, "%UICMP error messages are unlimited\n",
+ format_white_space, indent);
+ s = format (s, "%UICMP redirects are disabled\n",
+ format_white_space, indent);
+ s = format (s, "%UICMP unreachables are not sent\n",
+ format_white_space, indent);
+ s = format (s, "%UND DAD is disabled\n", format_white_space, indent);
+ //s = format (s, "%UND reachable time is %d milliseconds\n",);
+ s = format (s, "%UND advertised reachable time is %d\n",
+ format_white_space, indent,
+ radv_info->adv_neighbor_reachable_time_in_msec);
+ s = format (s,
+ "%UND advertised retransmit interval is %d (msec)\n",
+ format_white_space, indent,
+ radv_info->
+ adv_time_in_msec_between_retransmitted_neighbor_solicitations);
+ s =
+ format (s,
+ "%UND router advertisements are sent every %0.1f seconds (min interval is %0.1f)\n",
+ format_white_space, indent, radv_info->max_radv_interval,
+ radv_info->min_radv_interval);
+ s =
+ format (s, "%UND router advertisements live for %d seconds\n",
+ format_white_space, indent,
+ radv_info->adv_router_lifetime_in_sec);
+ s =
+ format (s, "%UHosts %s stateless autoconfig for addresses\n",
+ format_white_space, indent,
+ (radv_info->adv_managed_flag) ? "use" : " don't use");
+ s =
+ format (s, "%UND router advertisements sent %d\n", format_white_space,
+ indent, radv_info->n_advertisements_sent);
+ s =
+ format (s, "%UND router solicitations received %d\n", format_white_space,
+ indent, radv_info->n_solicitations_rcvd);
+ s =
+ format (s, "%UND router solicitations dropped %d\n", format_white_space,
+ indent, radv_info->n_solicitations_dropped);
+
+ return (s);
+}
+
+
+/*?
+ * This command is used to configure the neighbor discovery
+ * parameters on a given interface. Use the '<em>show ip6 interface</em>'
+ * command to display some of the current neighbor discovery parameters
+ * on a given interface. This command has three formats:
+ *
+ *
+ * <b>Format 1 - Router Advertisement Options:</b> (Only one can be entered in a single command)
+ *
+ * '<em><b>ip6 nd <interface> [no] [ra-managed-config-flag] | [ra-other-config-flag] | [ra-suppress] | [ra-suppress-link-layer] | [ra-send-unicast] | [ra-lifetime <lifetime>] | [ra-initial <cnt> <interval>] | [ra-interval <max-interval> [<min-interval>]] | [ra-cease]</b></em>'
+ *
+ * Where:
+ *
+ * <em>[no] ra-managed-config-flag</em> - Advertises in ICMPv6
+ * router-advertisement messages to use stateful address
+ * auto-configuration to obtain address information (sets the M-bit).
+ * Default is the M-bit is not set and the '<em>no</em>' option
+ * returns it to this default state.
+ *
+ * <em>[no] ra-other-config-flag</em> - Indicates in ICMPv6
+ * router-advertisement messages that hosts use stateful auto
+ * configuration to obtain nonaddress related information (sets
+ * the O-bit). Default is the O-bit is not set and the '<em>no</em>'
+ * option returns it to this default state.
+ *
+ * <em>[no] ra-suppress</em> - Disables sending ICMPv6 router-advertisement
+ * messages. The '<em>no</em>' option implies to enable sending ICMPv6
+ * router-advertisement messages.
+ *
+ * <em>[no] ra-suppress-link-layer</em> - Indicates not to include the
+ * optional source link-layer address in the ICMPv6 router-advertisement
+ * messages. Default is to include the optional source link-layer address
+ * and the '<em>no</em>' option returns it to this default state.
+ *
+ * <em>[no] ra-send-unicast</em> - Use the source address of the
+ * router-solicitation message if availiable. The default is to use
+ * multicast address of all nodes, and the '<em>no</em>' option returns
+ * it to this default state.
+ *
+ * <em>[no] ra-lifetime <lifetime></em> - Advertises the lifetime of a
+ * default router in ICMPv6 router-advertisement messages. The range is
+ * from 0 to 9000 seconds. '<em><lifetime></em>' must be greater than
+ * '<em><max-interval></em>'. The default value is 600 seconds and the
+ * '<em>no</em>' option returns it to this default value.
+ *
+ * <em>[no] ra-initial <cnt> <interval></em> - Number of initial ICMPv6
+ * router-advertisement messages sent and the interval between each
+ * message. Range for count is 1 - 3 and default is 3. Range for interval
+ * is 1 to 16 seconds, and default is 16 seconds. The '<em>no</em>' option
+ * returns both to their default value.
+ *
+ * <em>[no] ra-interval <max-interval> [<min-interval>]</em> - Configures the
+ * interval between sending ICMPv6 router-advertisement messages. The
+ * range for max-interval is from 4 to 200 seconds. min-interval can not
+ * be more than 75% of max-interval. If not set, min-interval will be
+ * set to 75% of max-interval. The range for min-interval is from 3 to
+ * 150 seconds. The '<em>no</em>' option returns both to their default
+ * value.
+ *
+ * <em>[no] ra-cease</em> - Cease sending ICMPv6 router-advertisement messages.
+ * The '<em>no</em>' options implies to start (or restart) sending
+ * ICMPv6 router-advertisement messages.
+ *
+ *
+ * <b>Format 2 - Prefix Options:</b>
+ *
+ * '<em><b>ip6 nd <interface> [no] prefix <ip6-address>/<width> [<valid-lifetime> <pref-lifetime> | infinite] [no-advertise] [off-link] [no-autoconfig] [no-onlink]</b></em>'
+ *
+ * Where:
+ *
+ * <em>no</em> - All additional flags are ignored and the prefix is deleted.
+ *
+ * <em><valid-lifetime> <pref-lifetime></em> - '<em><valid-lifetime></em>' is the
+ * length of time in seconds during what the prefix is valid for the purpose of
+ * on-link determination. Range is 7203 to 2592000 seconds and default is 2592000
+ * seconds (30 days). '<em><pref-lifetime></em>' is the prefered-lifetime and is the
+ * length of time in seconds during what addresses generated from the prefix remain
+ * preferred. Range is 0 to 604800 seconds and default is 604800 seconds (7 days).
+ *
+ * <em>infinite</em> - Both '<em><valid-lifetime></em>' and '<em><<pref-lifetime></em>'
+ * are inifinte, no timeout.
+ *
+ * <em>no-advertise</em> - Do not send full router address in prefix
+ * advertisement. Default is to advertise (i.e. - This flag is off by default).
+ *
+ * <em>off-link</em> - Prefix is off-link, clear L-bit in packet. Default is on-link
+ * (i.e. - This flag is off and L-bit in packet is set by default and this prefix can
+ * be used for on-link determination). '<em>no-onlink</em>' also controls the L-bit.
+ *
+ * <em>no-autoconfig</em> - Do not use prefix for autoconfiguration, clear A-bit in packet.
+ * Default is autoconfig (i.e. - This flag is off and A-bit in packet is set by default.
+ *
+ * <em>no-onlink</em> - Do not use prefix for onlink determination, clear L-bit in packet.
+ * Default is on-link (i.e. - This flag is off and L-bit in packet is set by default and
+ * this prefix can be used for on-link determination). '<em>off-link</em>' also controls
+ * the L-bit.
+ *
+ *
+ * <b>Format 3: - Default of Prefix:</b>
+ *
+ * '<em><b>ip6 nd <interface> [no] prefix <ip6-address>/<width> default</b></em>'
+ *
+ * When a new prefix is added (or existing one is being overwritten) <em>default</em>
+ * uses default values for the prefix. If <em>no</em> is used, the <em>default</em>
+ * is ignored and the prefix is deleted.
+ *
+ *
+ * @cliexpar
+ * Example of how set a router advertisement option:
+ * @cliexcmd{ip6 nd GigabitEthernet2/0/0 ra-interval 100 20}
+ * Example of how to add a prefix:
+ * @cliexcmd{ip6 nd GigabitEthernet2/0/0 prefix fe80::fe:28ff:fe9c:75b3/64 infinite no-advertise}
+ * Example of how to delete a prefix:
+ * @cliexcmd{ip6 nd GigabitEthernet2/0/0 no prefix fe80::fe:28ff:fe9c:75b3/64}
+?*/
+/* *INDENT-OFF* */
+VLIB_CLI_COMMAND (ip6_nd_command, static) =
+{
+ .path = "ip6 nd",
+ .short_help = "ip6 nd <interface> ...",
+ .function = ip6_ra_cmd,
+};
+/* *INDENT-ON* */
+
+/**
+ * VFT for registering as a delegate to an IP6 link
+ */
+const static ip6_link_delegate_vft_t ip6_ra_delegate_vft = {
+ .ildv_disable = ip6_ra_delegate_disable,
+ .ildv_enable = ip6_ra_link_enable,
+ .ildv_format = format_ip6_ra,
+};
+
+static clib_error_t *
+ip6_ra_init (vlib_main_t * vm)
+{
+ vlib_call_init_function (vm, icmp6_init);
+
+ icmp6_register_type (vm, ICMP6_router_solicitation,
+ ip6_icmp_router_solicitation_node.index);
+ icmp6_register_type (vm, ICMP6_router_advertisement,
+ ip6_icmp_router_advertisement_node.index);
+
+ ip6_ra_delegate_id = ip6_link_delegate_register (&ip6_ra_delegate_vft);
+
+ return (NULL);
+}
+
+/* *INDENT-OFF* */
+VLIB_INIT_FUNCTION (ip6_ra_init) =
+{
+ .runs_after = VLIB_INITS("icmp6_init"),
+};
+/* *INDENT-ON* */
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/ip6-nd/ip6_ra.h b/src/vnet/ip6-nd/ip6_ra.h
new file mode 100644
index 00000000000..4efd92e6968
--- /dev/null
+++ b/src/vnet/ip6-nd/ip6_ra.h
@@ -0,0 +1,89 @@
+/*
+ *
+ * ip6_neighboor.h: ip6 neighbor structures
+ *
+ * Copyright (c) 2016 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __IP6_RA_H__
+#define __IP6_RA_H__
+
+#include <vnet/fib/fib_types.h>
+
+extern int ip6_ra_config (vlib_main_t * vm, u32 sw_if_index,
+ u8 suppress, u8 managed, u8 other,
+ u8 ll_option, u8 send_unicast, u8 cease,
+ u8 use_lifetime, u32 lifetime,
+ u32 initial_count, u32 initial_interval,
+ u32 max_interval, u32 min_interval, u8 is_no);
+
+extern int ip6_ra_prefix (vlib_main_t * vm, u32 sw_if_index,
+ ip6_address_t * prefix_addr, u8 prefix_len,
+ u8 use_default, u32 val_lifetime,
+ u32 pref_lifetime, u8 no_advertise,
+ u8 off_link, u8 no_autoconfig,
+ u8 no_onlink, u8 is_no);
+
+typedef struct
+{
+ u32 irt;
+ u32 mrt;
+ u32 mrc;
+ u32 mrd;
+} icmp6_send_router_solicitation_params_t;
+
+extern void icmp6_send_router_solicitation (vlib_main_t * vm,
+ u32 sw_if_index,
+ u8 stop,
+ const
+ icmp6_send_router_solicitation_params_t
+ * params);
+
+typedef struct
+{
+ fib_prefix_t prefix;
+ u8 flags;
+ u32 valid_time;
+ u32 preferred_time;
+} ra_report_prefix_info_t;
+
+typedef struct
+{
+ ip6_address_t router_address;
+ u32 sw_if_index;
+ u8 current_hop_limit;
+ u8 flags;
+ u16 router_lifetime_in_sec;
+ u32 neighbor_reachable_time_in_msec;
+ u32 time_in_msec_between_retransmitted_neighbor_solicitations;
+ u8 slla[6];
+ u32 mtu;
+ ra_report_prefix_info_t *prefixes;
+} ip6_ra_report_t;
+
+
+typedef void (*ip6_ra_report_notify_t) (const ip6_ra_report_t * rap);
+
+extern void ip6_ra_report_register (ip6_ra_report_notify_t fn);
+extern void ip6_ra_report_unregister (ip6_ra_report_notify_t fn);
+
+#endif /* included_ip6_neighbor_h */
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/ip/rd_cp.api b/src/vnet/ip6-nd/rd_cp.api
index 58480789d16..58480789d16 100644
--- a/src/vnet/ip/rd_cp.api
+++ b/src/vnet/ip6-nd/rd_cp.api
diff --git a/src/vnet/ip/rd_cp.c b/src/vnet/ip6-nd/rd_cp.c
index c9c387e07c0..ee7c323f8b1 100644
--- a/src/vnet/ip/rd_cp.c
+++ b/src/vnet/ip6-nd/rd_cp.c
@@ -13,29 +13,15 @@
* limitations under the License.
*/
-#include <vnet/vnet.h>
-#include <vlibmemory/api.h>
-#include <vnet/vnet_msg_enum.h>
+#include <vnet/ip6-nd/ip6_ra.h>
+
#include <vnet/ip/ip6.h>
+#include <vnet/ip/ip6_link.h>
#include <vnet/ethernet/ethernet.h>
-#include <vnet/ip/ip6_neighbor.h>
#include <vnet/fib/fib_table.h>
#include <signal.h>
#include <math.h>
-#define vl_typedefs /* define message structures */
-#include <vnet/vnet_all_api_h.h>
-#undef vl_typedefs
-
-#define vl_endianfun /* define message structures */
-#include <vnet/vnet_all_api_h.h>
-#undef vl_endianfun
-
-#include <vlibapi/api_helper_macros.h>
-
-#define foreach_rd_cp_msg \
-_(IP6_ND_ADDRESS_AUTOCONFIG, ip6_nd_address_autoconfig)
-
typedef struct
{
u32 sw_if_index;
@@ -68,7 +54,6 @@ typedef struct
/* binary API client */
u8 api_connected;
- svm_queue_t *vl_input_queue;
u32 my_client_index;
/* logging */
@@ -77,7 +62,6 @@ typedef struct
/* convenience */
vlib_main_t *vlib_main;
vnet_main_t *vnet_main;
- api_main_t *api_main;
u32 node_index;
} rd_cp_main_t;
@@ -110,13 +94,13 @@ static void interrupt_process (void);
static int
add_slaac_address (vlib_main_t * vm, u32 sw_if_index, u8 address_length,
- ip6_address_t * address, f64 due_time)
+ const ip6_address_t * address, f64 due_time)
{
rd_cp_main_t *rm = &rd_cp_main;
slaac_address_t *slaac_address;
clib_error_t *rv = 0;
- pool_get (rm->slaac_address_pool, slaac_address);
+ pool_get_zero (rm->slaac_address_pool, slaac_address);
slaac_address->sw_if_index = sw_if_index;
slaac_address->address_length = address_length;
@@ -132,12 +116,12 @@ add_slaac_address (vlib_main_t * vm, u32 sw_if_index, u8 address_length,
static void
add_default_route (vlib_main_t * vm, u32 sw_if_index,
- ip6_address_t * next_hop_address, f64 due_time)
+ const ip6_address_t * next_hop_address, f64 due_time)
{
rd_cp_main_t *rm = &rd_cp_main;
default_route_t *default_route;
- pool_get (rm->default_route_pool, default_route);
+ pool_get_zero (rm->default_route_pool, default_route);
default_route->sw_if_index = sw_if_index;
default_route->router_address = *next_hop_address;
@@ -232,17 +216,6 @@ get_interface_mac_address (u32 sw_if_index, u8 mac[])
return 0;
}
-static u32
-ip6_enable (u32 sw_if_index)
-{
- rd_cp_main_t *rm = &rd_cp_main;
- clib_error_t *rv;
-
- rv = enable_ip6_interface (rm->vlib_main, sw_if_index);
-
- return rv != 0;
-}
-
static u8
ip6_prefixes_equal (ip6_address_t * prefix1, ip6_address_t * prefix2, u8 len)
{
@@ -261,13 +234,11 @@ ip6_prefixes_equal (ip6_address_t * prefix1, ip6_address_t * prefix2, u8 len)
#define PREFIX_FLAG_A (1 << 6)
#define PREFIX_FLAG_L (1 << 7)
-static clib_error_t *
-ip6_ra_report_handler (void *data)
+static void
+ip6_ra_report_handler (const ip6_ra_report_t * r)
{
rd_cp_main_t *rm = &rd_cp_main;
vlib_main_t *vm = rm->vlib_main;
- clib_error_t *error = 0;
- ra_report_t *r = data;
interface_config_t *if_config;
default_route_t *default_route;
slaac_address_t *slaac_address;
@@ -284,7 +255,7 @@ ip6_ra_report_handler (void *data)
sw_if_index = r->sw_if_index;
if (sw_if_index >= vec_len (rm->config_by_sw_if_index))
- return 0;
+ return;
if_config = &rm->config_by_sw_if_index[sw_if_index];
if (if_config->install_default_routes)
@@ -326,11 +297,11 @@ ip6_ra_report_handler (void *data)
if (get_interface_mac_address (sw_if_index, mac) != 0)
{
vlib_log_warn (rm->log_class, "Error getting MAC address");
- return clib_error_return (0, "Error getting MAC address");
+ return;
}
if (!if_config->enabled)
- return 0;
+ return;
n_prefixes = vec_len (r->prefixes);
for (i = 0; i < n_prefixes; i++)
@@ -413,11 +384,9 @@ ip6_ra_report_handler (void *data)
interrupt_process ();
- return error;
+ return;
}
-VNET_IP6_NEIGHBOR_RA_FUNCTION (ip6_ra_report_handler);
-
static uword
rd_cp_process (vlib_main_t * vm, vlib_node_runtime_t * rt, vlib_frame_t * f)
{
@@ -459,7 +428,7 @@ rd_cp_process (vlib_main_t * vm, vlib_node_runtime_t * rt, vlib_frame_t * f)
u32 sw_if_index = slaac_address->sw_if_index;
remove_slaac_address (vm, slaac_address);
/* make sure ip6 stays enabled */
- ip6_enable (sw_if_index);
+ ip6_link_enable (sw_if_index);
}
}));
pool_foreach_index (index, rm->default_route_pool,
@@ -502,8 +471,9 @@ interrupt_process (void)
RD_CP_EVENT_INTERRUPT, 0);
}
-static int
-set_address_autoconfig (u32 sw_if_index, u8 enable, u8 install_default_routes)
+int
+rd_cp_set_address_autoconfig (u32 sw_if_index,
+ u8 enable, u8 install_default_routes)
{
rd_cp_main_t *rm = &rd_cp_main;
vlib_main_t *vm = rm->vlib_main;
@@ -534,7 +504,7 @@ set_address_autoconfig (u32 sw_if_index, u8 enable, u8 install_default_routes)
if_config = &rm->config_by_sw_if_index[sw_if_index];
if (!if_config->enabled && enable)
- ip6_enable (sw_if_index);
+ ip6_link_enable (sw_if_index);
if ((!if_config->enabled && enable)
|| (!if_config->install_default_routes && install_default_routes))
@@ -593,7 +563,8 @@ ip6_nd_address_autoconfig (vlib_main_t * vm,
if (sw_if_index != ~0)
{
- if (set_address_autoconfig (sw_if_index, enable, default_route) != 0)
+ if (rd_cp_set_address_autoconfig (sw_if_index, enable, default_route) !=
+ 0)
error = clib_error_return (0, "Invalid sw_if_index");
}
else
@@ -625,68 +596,20 @@ VLIB_CLI_COMMAND (ip6_nd_address_autoconfig_command, static) = {
};
/* *INDENT-ON* */
-static void
-vl_api_ip6_nd_address_autoconfig_t_handler (vl_api_ip6_nd_address_autoconfig_t
- * mp)
-{
- vl_api_ip6_nd_address_autoconfig_reply_t *rmp;
- u32 sw_if_index;
- int rv = 0;
-
- VALIDATE_SW_IF_INDEX (mp);
-
- sw_if_index = ntohl (mp->sw_if_index);
-
- rv =
- set_address_autoconfig (sw_if_index, mp->enable,
- mp->install_default_routes);
-
- BAD_SW_IF_INDEX_LABEL;
-
- REPLY_MACRO (VL_API_IP6_ND_ADDRESS_AUTOCONFIG_REPLY);
-}
-
-#define vl_msg_name_crc_list
-#include <vnet/ip/rd_cp.api.h>
-#undef vl_msg_name_crc_list
-
-static void
-setup_message_id_table (api_main_t * am)
-{
-#define _(id,n,crc) vl_msg_api_add_msg_name_crc (am, #n "_" #crc, id);
- foreach_vl_msg_name_crc_rd_cp;
-#undef _
-}
-
static clib_error_t *
rd_cp_init (vlib_main_t * vm)
{
rd_cp_main_t *rm = &rd_cp_main;
- api_main_t *am = vlibapi_get_main ();
rm->vlib_main = vm;
rm->vnet_main = vnet_get_main ();
- rm->api_main = am;
rm->node_index = rd_cp_process_node.index;
rm->log_class = vlib_log_register_class ("rd_cp", 0);
-#define _(N,n) \
- vl_msg_api_set_handlers(VL_API_##N, #n, \
- vl_api_##n##_t_handler, \
- vl_noop_handler, \
- vl_api_##n##_t_endian, \
- vl_api_##n##_t_print, \
- sizeof(vl_api_##n##_t), 0/* do NOT trace! */);
- foreach_rd_cp_msg;
-#undef _
-
- /*
- * Set up the (msg_name, crc, message-id) table
- */
- setup_message_id_table (am);
+ ip6_ra_report_register (ip6_ra_report_handler);
- return 0;
+ return (NULL);
}
VLIB_INIT_FUNCTION (rd_cp_init);
diff --git a/src/vnet/ip6-nd/rd_cp.h b/src/vnet/ip6-nd/rd_cp.h
new file mode 100644
index 00000000000..2fe43da621b
--- /dev/null
+++ b/src/vnet/ip6-nd/rd_cp.h
@@ -0,0 +1,33 @@
+/*
+ * Copyright (c) 2018 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __RD_CP_H__
+#define __RD_CP_H__
+
+#include <vnet/ip6-nd/ip6_nd.h>
+
+extern int rd_cp_set_address_autoconfig (u32 sw_if_index,
+ u8 enable,
+ u8 install_default_routes);
+
+#endif
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/ip6-nd/rd_cp_api.c b/src/vnet/ip6-nd/rd_cp_api.c
new file mode 100644
index 00000000000..1f0d8587970
--- /dev/null
+++ b/src/vnet/ip6-nd/rd_cp_api.c
@@ -0,0 +1,73 @@
+/*
+ * Copyright (c) 2018 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <vnet/ip6-nd/rd_cp.h>
+
+#include <vlibapi/api.h>
+#include <vlibmemory/api.h>
+
+/* define message IDs */
+#include <vnet/format_fns.h>
+#include <vnet/ip6-nd/rd_cp.api_enum.h>
+#include <vnet/ip6-nd/rd_cp.api_types.h>
+
+/**
+ * Base message ID fot the plugin
+ */
+static u32 rd_cp_base_msg_id;
+#define REPLY_MSG_ID_BASE rd_cp_base_msg_id
+
+#include <vlibapi/api_helper_macros.h>
+
+
+static void
+vl_api_ip6_nd_address_autoconfig_t_handler (vl_api_ip6_nd_address_autoconfig_t
+ * mp)
+{
+ vl_api_ip6_nd_address_autoconfig_reply_t *rmp;
+ u32 sw_if_index;
+ int rv = 0;
+
+ VALIDATE_SW_IF_INDEX (mp);
+
+ sw_if_index = ntohl (mp->sw_if_index);
+
+ rv = rd_cp_set_address_autoconfig (sw_if_index,
+ mp->enable, mp->install_default_routes);
+
+ BAD_SW_IF_INDEX_LABEL;
+
+ REPLY_MACRO (VL_API_IP6_ND_ADDRESS_AUTOCONFIG_REPLY);
+}
+
+#include <vnet/ip6-nd/rd_cp.api.c>
+
+static clib_error_t *
+rd_cp_api_init (vlib_main_t * vm)
+{
+ rd_cp_base_msg_id = setup_message_id_table ();
+
+ return (NULL);
+}
+
+VLIB_INIT_FUNCTION (rd_cp_api_init);
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/l2/l2.api b/src/vnet/l2/l2.api
index b0031ba16cc..06663595cf7 100644
--- a/src/vnet/l2/l2.api
+++ b/src/vnet/l2/l2.api
@@ -18,6 +18,7 @@ option version = "2.2.2";
import "vnet/ip/ip_types.api";
import "vnet/ethernet/ethernet_types.api";
+import "vnet/interface_types.api";
/** \brief Reply to l2_xconnect_dump
@param context - sender context which was passed in the request
@@ -154,7 +155,7 @@ autoreply define want_l2_macs_events
u32 learn_limit;
u8 scan_delay;
u8 max_macs_in_event;
- u8 enable_disable;
+ bool enable_disable;
u32 pid;
};
@@ -598,6 +599,43 @@ autoreply define bvi_delete
u32 sw_if_index;
};
+/** \brief Register for IP4 ARP resolution event on receing ARP reply or
+ MAC/IP info from ARP requests in L2 BDs
+ @param client_index - opaque cookie to identify the sender
+ @param context - sender context, to match reply w/ request
+ @param enable - 1 => register for events, 0 => cancel registration
+ @param pid - sender's pid
+*/
+autoreply define want_l2_arp_term_events
+{
+ u32 client_index;
+ u32 context;
+ bool enable;
+ u32 pid;
+};
+
+/** \brief Tell client about an IP4 ARP resolution event or
+ MAC/IP info from ARP requests in L2 BDs
+ @param client_index - opaque cookie to identify the sender
+ @param pid - client pid registered to receive notification
+ @param ip - IP address of new ARP term entry
+ @param sw_if_index - interface of new ARP term entry
+ @param mac - MAC address of new ARP term entry
+*/
+define l2_arp_term_event
+{
+ u32 client_index;
+ u32 pid;
+ vl_api_address_t ip;
+ vl_api_interface_index_t sw_if_index;
+ vl_api_mac_address_t mac;
+};
+
+service {
+ rpc want_l2_arp_term_events returns want_l2_arp_term_events_reply
+ events l2_arp_term_event;
+};
+
/*
* Local Variables:
* eval: (c-set-style "gnu")
diff --git a/src/vnet/l2/l2_api.c b/src/vnet/l2/l2_api.c
index e8b103ac2c7..fa852742f9f 100644
--- a/src/vnet/l2/l2_api.c
+++ b/src/vnet/l2/l2_api.c
@@ -28,6 +28,7 @@
#include <vnet/l2/l2_learn.h>
#include <vnet/l2/l2_bd.h>
#include <vnet/l2/l2_bvi.h>
+#include <vnet/l2/l2_arp_term.h>
#include <vnet/ip/ip_types_api.h>
#include <vnet/ethernet/ethernet_types_api.h>
@@ -77,7 +78,8 @@ _(L2_INTERFACE_PBB_TAG_REWRITE, l2_interface_pbb_tag_rewrite) \
_(BRIDGE_DOMAIN_SET_MAC_AGE, bridge_domain_set_mac_age) \
_(SW_INTERFACE_SET_VPATH, sw_interface_set_vpath) \
_(BVI_CREATE, bvi_create) \
-_(BVI_DELETE, bvi_delete)
+_(BVI_DELETE, bvi_delete) \
+_(WANT_L2_ARP_TERM_EVENTS, want_l2_arp_term_events)
static void
send_l2_xconnect_details (vl_api_registration_t * reg, u32 context,
@@ -1045,6 +1047,169 @@ vl_api_bvi_delete_t_handler (vl_api_bvi_delete_t * mp)
REPLY_MACRO (VL_API_BVI_DELETE_REPLY);
}
+static bool
+l2_arp_term_publish_event_is_equal (const l2_arp_term_publish_event_t * e1,
+ const l2_arp_term_publish_event_t * e2)
+{
+ if (e1 == NULL || e2 == NULL)
+ return false;
+ return (ip46_address_is_equal (&e1->ip, &e2->ip) &&
+ (e1->sw_if_index == e2->sw_if_index) &&
+ (mac_address_equal (&e1->mac, &e2->mac)));
+}
+
+static uword
+l2_arp_term_process (vlib_main_t * vm, vlib_node_runtime_t * rt,
+ vlib_frame_t * f)
+{
+ /* These cross the longjmp boundary (vlib_process_wait_for_event)
+ * and need to be volatile - to prevent them from being optimized into
+ * a register - which could change during suspension */
+ volatile f64 last = vlib_time_now (vm);
+ volatile l2_arp_term_publish_event_t last_event = { };
+
+ l2_arp_term_main_t *l2am = &l2_arp_term_main;
+
+ while (1)
+ {
+ uword event_type = L2_ARP_TERM_EVENT_PUBLISH;
+ vpe_client_registration_t *reg;
+ f64 now;
+
+ vlib_process_wait_for_event (vm);
+
+ vlib_process_get_event_data (vm, &event_type);
+ now = vlib_time_now (vm);
+
+ if (event_type == L2_ARP_TERM_EVENT_PUBLISH)
+ {
+ l2_arp_term_publish_event_t *event;
+
+ vec_foreach (event, l2am->publish_events)
+ {
+ /* dampen duplicate events - cast away volatile */
+ if (l2_arp_term_publish_event_is_equal
+ (event, (l2_arp_term_publish_event_t *) & last_event) &&
+ (now - last) < 10.0)
+ {
+ continue;
+ }
+ last_event = *event;
+ last = now;
+
+ /* *INDENT-OFF* */
+ pool_foreach(reg, vpe_api_main.l2_arp_term_events_registrations,
+ ({
+ vl_api_registration_t *vl_reg;
+ vl_reg = vl_api_client_index_to_registration (reg->client_index);
+ ASSERT (vl_reg != NULL);
+
+ if (reg && vl_api_can_send_msg (vl_reg))
+ {
+ vl_api_l2_arp_term_event_t * vevent;
+ vevent = vl_msg_api_alloc (sizeof *vevent);
+ clib_memset (vevent, 0, sizeof *vevent);
+ vevent->_vl_msg_id = htons (VL_API_L2_ARP_TERM_EVENT);
+ vevent->client_index = reg->client_index;
+ vevent->pid = reg->client_pid;
+ ip_address_encode(&event->ip,
+ event->type,
+ &vevent->ip);
+ vevent->sw_if_index = htonl(event->sw_if_index);
+ mac_address_encode(&event->mac, vevent->mac);
+ vl_api_send_msg (vl_reg, (u8 *) vevent);
+ }
+ }));
+ /* *INDENT-ON* */
+ }
+ vec_reset_length (l2am->publish_events);
+ }
+ }
+
+ return 0;
+}
+
+/* *INDENT-OFF* */
+VLIB_REGISTER_NODE (l2_arp_term_process_node) = {
+ .function = l2_arp_term_process,
+ .type = VLIB_NODE_TYPE_PROCESS,
+ .name = "l2-arp-term-publisher",
+};
+/* *INDENT-ON* */
+
+static void
+vl_api_want_l2_arp_term_events_t_handler (vl_api_want_l2_arp_term_events_t *
+ mp)
+{
+ vl_api_want_l2_arp_term_events_reply_t *rmp;
+ vpe_api_main_t *am = &vpe_api_main;
+ vpe_client_registration_t *rp;
+ int rv = 0;
+ uword *p;
+
+ p = hash_get (am->l2_arp_term_events_registration_hash, mp->client_index);
+
+ if (p)
+ {
+ if (mp->enable)
+ {
+ clib_warning ("pid %d: already enabled...", mp->pid);
+ rv = VNET_API_ERROR_INVALID_REGISTRATION;
+ goto reply;
+ }
+ else
+ {
+ rp = pool_elt_at_index (am->l2_arp_term_events_registrations, p[0]);
+ pool_put (am->l2_arp_term_events_registrations, rp);
+ hash_unset (am->l2_arp_term_events_registration_hash,
+ mp->client_index);
+ if (pool_elts (am->l2_arp_term_events_registrations) == 0)
+ l2_arp_term_set_publisher_node (false);
+ goto reply;
+ }
+ }
+ if (mp->enable == 0)
+ {
+ clib_warning ("pid %d: already disabled...", mp->pid);
+ rv = VNET_API_ERROR_INVALID_REGISTRATION;
+ goto reply;
+ }
+ pool_get (am->l2_arp_term_events_registrations, rp);
+ rp->client_index = mp->client_index;
+ rp->client_pid = mp->pid;
+ hash_set (am->l2_arp_term_events_registration_hash, rp->client_index,
+ rp - am->l2_arp_term_events_registrations);
+ l2_arp_term_set_publisher_node (true);
+
+reply:
+ REPLY_MACRO (VL_API_WANT_L2_ARP_TERM_EVENTS_REPLY);
+}
+
+static clib_error_t *
+want_l2_arp_term_events_reaper (u32 client_index)
+{
+ vpe_client_registration_t *rp;
+ vpe_api_main_t *am;
+ uword *p;
+
+ am = &vpe_api_main;
+
+ /* remove from the registration hash */
+ p = hash_get (am->l2_arp_term_events_registration_hash, client_index);
+
+ if (p)
+ {
+ rp = pool_elt_at_index (am->l2_arp_term_events_registrations, p[0]);
+ pool_put (am->l2_arp_term_events_registrations, rp);
+ hash_unset (am->l2_arp_term_events_registration_hash, client_index);
+ if (pool_elts (am->l2_arp_term_events_registrations) == 0)
+ l2_arp_term_set_publisher_node (false);
+ }
+ return (NULL);
+}
+
+VL_MSG_API_REAPER_FUNCTION (want_l2_arp_term_events_reaper);
+
/*
* l2_api_hookup
* Add vpe's API message handlers to the table.
diff --git a/src/vnet/l2/l2_arp_term.c b/src/vnet/l2/l2_arp_term.c
new file mode 100644
index 00000000000..982fd9f05ea
--- /dev/null
+++ b/src/vnet/l2/l2_arp_term.c
@@ -0,0 +1,481 @@
+/*
+ * l2/l2_arp_term.c: IP v4 ARP L2 BD termination
+ *
+ * Copyright (c) 2010 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <vlibmemory/api.h>
+
+#include <vnet/l2/l2_arp_term.h>
+#include <vnet/l2/l2_input.h>
+#include <vnet/l2/feat_bitmap.h>
+
+#include <vnet/ip/ip4_packet.h>
+#include <vnet/ethernet/arp_packet.h>
+
+static const u8 vrrp_prefix[] = { 0x00, 0x00, 0x5E, 0x00, 0x01 };
+
+l2_arp_term_main_t l2_arp_term_main;
+
+/*
+ * ARP/ND Termination in a L2 Bridge Domain based on IP4/IP6 to MAC
+ * hash tables mac_by_ip4 and mac_by_ip6 for each BD.
+ */
+typedef enum
+{
+ ARP_TERM_NEXT_L2_OUTPUT,
+ ARP_TERM_NEXT_DROP,
+ ARP_TERM_N_NEXT,
+} arp_term_next_t;
+
+u32 arp_term_next_node_index[32];
+
+typedef struct
+{
+ u8 packet_data[64];
+} ethernet_arp_input_trace_t;
+
+#define foreach_ethernet_arp_error \
+ _ (replies_sent, "ARP replies sent") \
+ _ (l2_type_not_ethernet, "L2 type not ethernet") \
+ _ (l3_type_not_ip4, "L3 type not IP4") \
+ _ (l3_src_address_not_local, "IP4 source address not local to subnet") \
+ _ (l3_dst_address_not_local, "IP4 destination address not local to subnet") \
+ _ (l3_dst_address_unset, "IP4 destination address is unset") \
+ _ (l3_src_address_is_local, "IP4 source address matches local interface") \
+ _ (l3_src_address_learned, "ARP request IP4 source address learned") \
+ _ (replies_received, "ARP replies received") \
+ _ (opcode_not_request, "ARP opcode not request") \
+ _ (proxy_arp_replies_sent, "Proxy ARP replies sent") \
+ _ (l2_address_mismatch, "ARP hw addr does not match L2 frame src addr") \
+ _ (gratuitous_arp, "ARP probe or announcement dropped") \
+ _ (interface_no_table, "Interface is not mapped to an IP table") \
+ _ (interface_not_ip_enabled, "Interface is not IP enabled") \
+ _ (unnumbered_mismatch, "RX interface is unnumbered to different subnet") \
+
+typedef enum
+{
+#define _(sym,string) ETHERNET_ARP_ERROR_##sym,
+ foreach_ethernet_arp_error
+#undef _
+ ETHERNET_ARP_N_ERROR,
+} ethernet_arp_reply_error_t;
+
+static char *ethernet_arp_error_strings[] = {
+#define _(sym,string) string,
+ foreach_ethernet_arp_error
+#undef _
+};
+
+static u8 *
+format_arp_term_input_trace (u8 * s, va_list * va)
+{
+ CLIB_UNUSED (vlib_main_t * vm) = va_arg (*va, vlib_main_t *);
+ CLIB_UNUSED (vlib_node_t * node) = va_arg (*va, vlib_node_t *);
+ ethernet_arp_input_trace_t *t = va_arg (*va, ethernet_arp_input_trace_t *);
+
+ /* arp-term trace data saved is either arp or ip6/icmp6 packet:
+ - for arp, the 1st 16-bit field is hw type of value of 0x0001.
+ - for ip6, the first nibble has value of 6. */
+ s = format (s, "%U", t->packet_data[0] == 0 ?
+ format_ethernet_arp_header : format_ip6_header,
+ t->packet_data, sizeof (t->packet_data));
+
+ return s;
+}
+
+void
+l2_arp_term_set_publisher_node (bool on)
+{
+ l2_arp_term_main_t *l2am = &l2_arp_term_main;
+
+ l2am->publish = on;
+}
+
+static int
+l2_arp_term_publish (l2_arp_term_publish_event_t * ctx)
+{
+ l2_arp_term_main_t *l2am = &l2_arp_term_main;
+
+ vec_add1 (l2am->publish_events, *ctx);
+
+ vlib_process_signal_event (vlib_get_main (),
+ l2_arp_term_process_node.index,
+ L2_ARP_TERM_EVENT_PUBLISH, 0);
+
+ return 0;
+}
+
+static inline void
+l2_arp_term_publish_v4_dp (u32 sw_if_index,
+ const ethernet_arp_ip4_over_ethernet_address_t * a)
+{
+ l2_arp_term_main_t *l2am = &l2_arp_term_main;
+
+ if (!l2am->publish)
+ return;
+
+ l2_arp_term_publish_event_t args = {
+ .sw_if_index = sw_if_index,
+ .type = IP46_TYPE_IP4,
+ .ip.ip4 = a->ip4,
+ .mac = a->mac,
+ };
+
+ vl_api_rpc_call_main_thread (l2_arp_term_publish, (u8 *) & args,
+ sizeof (args));
+}
+
+static inline void
+l2_arp_term_publish_v6_dp (u32 sw_if_index,
+ const ip6_address_t * addr,
+ const mac_address_t * mac)
+{
+ l2_arp_term_main_t *l2am = &l2_arp_term_main;
+
+ if (!l2am->publish)
+ return;
+
+ l2_arp_term_publish_event_t args = {
+ .sw_if_index = sw_if_index,
+ .type = IP46_TYPE_IP6,
+ .ip.ip6 = *addr,
+ .mac = *mac,
+ };
+
+ vl_api_rpc_call_main_thread (l2_arp_term_publish, (u8 *) & args,
+ sizeof (args));
+}
+
+static inline int
+vnet_ip6_nd_term (vlib_main_t * vm,
+ vlib_node_runtime_t * node,
+ vlib_buffer_t * p0,
+ ethernet_header_t * eth,
+ ip6_header_t * ip, u32 sw_if_index, u16 bd_index)
+{
+ icmp6_neighbor_solicitation_or_advertisement_header_t *ndh;
+ mac_address_t mac;
+
+ mac_address_from_bytes (&mac, eth->src_address);
+ ndh = ip6_next_header (ip);
+ if (ndh->icmp.type != ICMP6_neighbor_solicitation &&
+ ndh->icmp.type != ICMP6_neighbor_advertisement)
+ return 0;
+
+ if (PREDICT_FALSE ((node->flags & VLIB_NODE_FLAG_TRACE) &&
+ (p0->flags & VLIB_BUFFER_IS_TRACED)))
+ {
+ u8 *t0 = vlib_add_trace (vm, node, p0,
+ sizeof (icmp6_input_trace_t));
+ clib_memcpy (t0, ip, sizeof (icmp6_input_trace_t));
+ }
+
+ /* Check if anyone want ND events for L2 BDs */
+ if (PREDICT_FALSE (!ip6_address_is_link_local_unicast (&ip->src_address)))
+ {
+ l2_arp_term_publish_v6_dp (sw_if_index, &ip->src_address, &mac);
+ }
+
+ /* Check if MAC entry exsist for solicited target IP */
+ if (ndh->icmp.type == ICMP6_neighbor_solicitation)
+ {
+ icmp6_neighbor_discovery_ethernet_link_layer_address_option_t *opt;
+ l2_bridge_domain_t *bd_config;
+ u8 *macp;
+
+ opt = (void *) (ndh + 1);
+ if ((opt->header.type !=
+ ICMP6_NEIGHBOR_DISCOVERY_OPTION_source_link_layer_address) ||
+ (opt->header.n_data_u64s != 1))
+ return 0; /* source link layer address option not present */
+
+ bd_config = vec_elt_at_index (l2input_main.bd_configs, bd_index);
+ macp =
+ (u8 *) hash_get_mem (bd_config->mac_by_ip6, &ndh->target_address);
+ if (macp)
+ { /* found ip-mac entry, generate eighbor advertisement response */
+ int bogus_length;
+ vlib_node_runtime_t *error_node =
+ vlib_node_get_runtime (vm, ip6_icmp_input_node.index);
+ ip->dst_address = ip->src_address;
+ ip->src_address = ndh->target_address;
+ ip->hop_limit = 255;
+ opt->header.type =
+ ICMP6_NEIGHBOR_DISCOVERY_OPTION_target_link_layer_address;
+ clib_memcpy (opt->ethernet_address, macp, 6);
+ ndh->icmp.type = ICMP6_neighbor_advertisement;
+ ndh->advertisement_flags = clib_host_to_net_u32
+ (ICMP6_NEIGHBOR_ADVERTISEMENT_FLAG_SOLICITED |
+ ICMP6_NEIGHBOR_ADVERTISEMENT_FLAG_OVERRIDE);
+ ndh->icmp.checksum = 0;
+ ndh->icmp.checksum =
+ ip6_tcp_udp_icmp_compute_checksum (vm, p0, ip, &bogus_length);
+ clib_memcpy (eth->dst_address, eth->src_address, 6);
+ clib_memcpy (eth->src_address, macp, 6);
+ vlib_error_count (vm, error_node->node_index,
+ ICMP6_ERROR_NEIGHBOR_ADVERTISEMENTS_TX, 1);
+ return 1;
+ }
+ }
+
+ return 0;
+
+}
+
+static uword
+arp_term_l2bd (vlib_main_t * vm,
+ vlib_node_runtime_t * node, vlib_frame_t * frame)
+{
+ l2input_main_t *l2im = &l2input_main;
+ u32 n_left_from, next_index, *from, *to_next;
+ u32 n_replies_sent = 0;
+ u16 last_bd_index = ~0;
+ l2_bridge_domain_t *last_bd_config = 0;
+ l2_input_config_t *cfg0;
+
+ from = vlib_frame_vector_args (frame);
+ n_left_from = frame->n_vectors;
+ next_index = node->cached_next_index;
+
+ while (n_left_from > 0)
+ {
+ u32 n_left_to_next;
+
+ vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
+
+ while (n_left_from > 0 && n_left_to_next > 0)
+ {
+ vlib_buffer_t *p0;
+ ethernet_header_t *eth0;
+ ethernet_arp_header_t *arp0;
+ ip6_header_t *iph0;
+ u8 *l3h0;
+ u32 pi0, error0, next0, sw_if_index0;
+ u16 ethertype0;
+ u16 bd_index0;
+ u32 ip0;
+ u8 *macp0;
+
+ pi0 = from[0];
+ to_next[0] = pi0;
+ from += 1;
+ to_next += 1;
+ n_left_from -= 1;
+ n_left_to_next -= 1;
+
+ p0 = vlib_get_buffer (vm, pi0);
+ // Terminate only local (SHG == 0) ARP
+ if (vnet_buffer (p0)->l2.shg != 0)
+ goto next_l2_feature;
+
+ eth0 = vlib_buffer_get_current (p0);
+ l3h0 = (u8 *) eth0 + vnet_buffer (p0)->l2.l2_len;
+ ethertype0 = clib_net_to_host_u16 (*(u16 *) (l3h0 - 2));
+ arp0 = (ethernet_arp_header_t *) l3h0;
+
+ if (ethertype0 != ETHERNET_TYPE_ARP)
+ goto check_ip6_nd;
+
+ if ((arp0->opcode !=
+ clib_host_to_net_u16 (ETHERNET_ARP_OPCODE_request)) &&
+ (arp0->opcode !=
+ clib_host_to_net_u16 (ETHERNET_ARP_OPCODE_reply)))
+ goto check_ip6_nd;
+
+ /* Must be ARP request/reply packet here */
+ if (PREDICT_FALSE ((node->flags & VLIB_NODE_FLAG_TRACE) &&
+ (p0->flags & VLIB_BUFFER_IS_TRACED)))
+ {
+ u8 *t0 = vlib_add_trace (vm, node, p0,
+ sizeof (ethernet_arp_input_trace_t));
+ clib_memcpy_fast (t0, l3h0,
+ sizeof (ethernet_arp_input_trace_t));
+ }
+
+ error0 = 0;
+ error0 =
+ (arp0->l2_type !=
+ clib_net_to_host_u16 (ETHERNET_ARP_HARDWARE_TYPE_ethernet)
+ ? ETHERNET_ARP_ERROR_l2_type_not_ethernet : error0);
+ error0 =
+ (arp0->l3_type !=
+ clib_net_to_host_u16 (ETHERNET_TYPE_IP4) ?
+ ETHERNET_ARP_ERROR_l3_type_not_ip4 : error0);
+
+ sw_if_index0 = vnet_buffer (p0)->sw_if_index[VLIB_RX];
+
+ if (error0)
+ goto drop;
+
+ /* Trash ARP packets whose ARP-level source addresses do not
+ match, or if requester address is mcast */
+ if (PREDICT_FALSE
+ (!ethernet_mac_address_equal (eth0->src_address,
+ arp0->ip4_over_ethernet[0].
+ mac.bytes))
+ || ethernet_address_cast (arp0->ip4_over_ethernet[0].mac.bytes))
+ {
+ /* VRRP virtual MAC may be different to SMAC in ARP reply */
+ if (!ethernet_mac_address_equal
+ (arp0->ip4_over_ethernet[0].mac.bytes, vrrp_prefix))
+ {
+ error0 = ETHERNET_ARP_ERROR_l2_address_mismatch;
+ goto drop;
+ }
+ }
+ if (PREDICT_FALSE
+ (ip4_address_is_multicast (&arp0->ip4_over_ethernet[0].ip4)))
+ {
+ error0 = ETHERNET_ARP_ERROR_l3_src_address_not_local;
+ goto drop;
+ }
+
+ /* Check if anyone want ARP request events for L2 BDs */
+ l2_arp_term_publish_v4_dp (sw_if_index0,
+ &arp0->ip4_over_ethernet[0]);
+
+ /* lookup BD mac_by_ip4 hash table for MAC entry */
+ ip0 = arp0->ip4_over_ethernet[1].ip4.as_u32;
+ bd_index0 = vnet_buffer (p0)->l2.bd_index;
+ if (PREDICT_FALSE ((bd_index0 != last_bd_index)
+ || (last_bd_index == (u16) ~ 0)))
+ {
+ last_bd_index = bd_index0;
+ last_bd_config = vec_elt_at_index (l2im->bd_configs, bd_index0);
+ }
+ macp0 = (u8 *) hash_get (last_bd_config->mac_by_ip4, ip0);
+
+ if (PREDICT_FALSE (!macp0))
+ goto next_l2_feature; /* MAC not found */
+ if (PREDICT_FALSE (arp0->ip4_over_ethernet[0].ip4.as_u32 ==
+ arp0->ip4_over_ethernet[1].ip4.as_u32))
+ goto next_l2_feature; /* GARP */
+
+ /* MAC found, send ARP reply -
+ Convert ARP request packet to ARP reply */
+ arp0->opcode = clib_host_to_net_u16 (ETHERNET_ARP_OPCODE_reply);
+ arp0->ip4_over_ethernet[1] = arp0->ip4_over_ethernet[0];
+ arp0->ip4_over_ethernet[0].ip4.as_u32 = ip0;
+ mac_address_from_bytes (&arp0->ip4_over_ethernet[0].mac, macp0);
+ clib_memcpy_fast (eth0->dst_address, eth0->src_address, 6);
+ clib_memcpy_fast (eth0->src_address, macp0, 6);
+ n_replies_sent += 1;
+
+ output_response:
+ /* For BVI, need to use l2-fwd node to send ARP reply as
+ l2-output node cannot output packet to BVI properly */
+ cfg0 = vec_elt_at_index (l2im->configs, sw_if_index0);
+ if (PREDICT_FALSE (cfg0->bvi))
+ {
+ vnet_buffer (p0)->l2.feature_bitmap |= L2INPUT_FEAT_FWD;
+ vnet_buffer (p0)->sw_if_index[VLIB_RX] = 0;
+ goto next_l2_feature;
+ }
+
+ /* Send ARP/ND reply back out input interface through l2-output */
+ vnet_buffer (p0)->sw_if_index[VLIB_TX] = sw_if_index0;
+ next0 = ARP_TERM_NEXT_L2_OUTPUT;
+ vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
+ to_next, n_left_to_next, pi0,
+ next0);
+ continue;
+
+ check_ip6_nd:
+ /* IP6 ND event notification or solicitation handling to generate
+ local response instead of flooding */
+ iph0 = (ip6_header_t *) l3h0;
+ if (PREDICT_FALSE (ethertype0 == ETHERNET_TYPE_IP6 &&
+ iph0->protocol == IP_PROTOCOL_ICMP6 &&
+ !ip6_address_is_unspecified
+ (&iph0->src_address)))
+ {
+ sw_if_index0 = vnet_buffer (p0)->sw_if_index[VLIB_RX];
+ if (vnet_ip6_nd_term
+ (vm, node, p0, eth0, iph0, sw_if_index0,
+ vnet_buffer (p0)->l2.bd_index))
+ goto output_response;
+ }
+
+ next_l2_feature:
+ {
+ next0 = vnet_l2_feature_next (p0, arp_term_next_node_index,
+ L2INPUT_FEAT_ARP_TERM);
+ vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
+ to_next, n_left_to_next,
+ pi0, next0);
+ continue;
+ }
+
+ drop:
+ if (0 == arp0->ip4_over_ethernet[0].ip4.as_u32 ||
+ (arp0->ip4_over_ethernet[0].ip4.as_u32 ==
+ arp0->ip4_over_ethernet[1].ip4.as_u32))
+ {
+ error0 = ETHERNET_ARP_ERROR_gratuitous_arp;
+ }
+ next0 = ARP_TERM_NEXT_DROP;
+ p0->error = node->errors[error0];
+
+ vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
+ to_next, n_left_to_next, pi0,
+ next0);
+ }
+
+ vlib_put_next_frame (vm, node, next_index, n_left_to_next);
+ }
+
+ vlib_error_count (vm, node->node_index,
+ ETHERNET_ARP_ERROR_replies_sent, n_replies_sent);
+ return frame->n_vectors;
+}
+
+/* *INDENT-OFF* */
+VLIB_REGISTER_NODE (arp_term_l2bd_node, static) = {
+ .function = arp_term_l2bd,
+ .name = "arp-term-l2bd",
+ .vector_size = sizeof (u32),
+ .n_errors = ETHERNET_ARP_N_ERROR,
+ .error_strings = ethernet_arp_error_strings,
+ .n_next_nodes = ARP_TERM_N_NEXT,
+ .next_nodes = {
+ [ARP_TERM_NEXT_L2_OUTPUT] = "l2-output",
+ [ARP_TERM_NEXT_DROP] = "error-drop",
+ },
+ .format_buffer = format_ethernet_arp_header,
+ .format_trace = format_arp_term_input_trace,
+};
+/* *INDENT-ON* */
+
+clib_error_t *
+arp_term_init (vlib_main_t * vm)
+{
+ // Initialize the feature next-node indexes
+ feat_bitmap_init_next_nodes (vm,
+ arp_term_l2bd_node.index,
+ L2INPUT_N_FEAT,
+ l2input_get_feat_names (),
+ arp_term_next_node_index);
+ return 0;
+}
+
+VLIB_INIT_FUNCTION (arp_term_init);
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/l2/l2_arp_term.h b/src/vnet/l2/l2_arp_term.h
new file mode 100644
index 00000000000..5426d03af69
--- /dev/null
+++ b/src/vnet/l2/l2_arp_term.h
@@ -0,0 +1,54 @@
+/*
+ * l2/l2_arp_term.c: IP v4 ARP L2 BD termination
+ *
+ * Copyright (c) 2010 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <vnet/ip/ip46_address.h>
+#include <vnet/ethernet/arp_packet.h>
+
+typedef struct l2_arp_term_publish_ctx_t_
+{
+ u32 sw_if_index;
+ ip46_type_t type;
+ ip46_address_t ip;
+ mac_address_t mac;
+} l2_arp_term_publish_event_t;
+
+enum
+{
+ L2_ARP_TERM_EVENT_PUBLISH,
+};
+
+typedef struct l2_arp_term_main_t_
+{
+ bool publish;
+
+ l2_arp_term_publish_event_t *publish_events;
+
+} l2_arp_term_main_t;
+
+extern l2_arp_term_main_t l2_arp_term_main;
+extern vlib_node_registration_t l2_arp_term_process_node;
+
+extern void l2_arp_term_set_publisher_node (bool on);
+
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
diff --git a/src/vnet/l2/l2_bd.h b/src/vnet/l2/l2_bd.h
index 360880839ec..35c0e0bf0a1 100644
--- a/src/vnet/l2/l2_bd.h
+++ b/src/vnet/l2/l2_bd.h
@@ -20,7 +20,7 @@
#include <vlib/vlib.h>
#include <vnet/vnet.h>
-#include <vnet/ip/ip6_packet.h>
+#include <vnet/ip/ip46_address.h>
#include <vnet/ethernet/mac_address.h>
typedef enum l2_bd_port_type_t_
diff --git a/src/vnet/tcp/tcp.c b/src/vnet/tcp/tcp.c
index 7dce97ea0c2..915675c11ed 100644
--- a/src/vnet/tcp/tcp.c
+++ b/src/vnet/tcp/tcp.c
@@ -23,9 +23,8 @@
#include <vnet/fib/fib.h>
#include <vnet/dpo/load_balance.h>
#include <vnet/dpo/receive_dpo.h>
-#include <vnet/ip/ip6_neighbor.h>
+#include <vnet/ip-neighbor/ip_neighbor.h>
#include <math.h>
-#include <vnet/ethernet/arp.h>
tcp_main_t tcp_main;
@@ -1863,7 +1862,6 @@ tcp_configure_v4_source_address_range (vlib_main_t * vm,
ip4_address_t * start,
ip4_address_t * end, u32 table_id)
{
- vnet_main_t *vnm = vnet_get_main ();
u32 start_host_byte_order, end_host_byte_order;
fib_prefix_t prefix;
fib_node_index_t fei;
@@ -1899,12 +1897,12 @@ tcp_configure_v4_source_address_range (vlib_main_t * vm,
sw_if_index = fib_entry_get_resolving_interface (fei);
/* Configure proxy arp across the range */
- rv = vnet_proxy_arp_add_del (start, end, fib_index, 0 /* is_del */ );
+ rv = ip4_neighbor_proxy_add (fib_index, start, end);
if (rv)
return rv;
- rv = vnet_proxy_arp_enable_disable (vnm, sw_if_index, 1);
+ rv = ip4_neighbor_proxy_enable (sw_if_index);
if (rv)
return rv;
@@ -1989,7 +1987,7 @@ tcp_configure_v6_source_address_range (vlib_main_t * vm,
return VNET_API_ERROR_NO_MATCHING_INTERFACE;
/* Add a proxy neighbor discovery entry for this address */
- ip6_neighbor_proxy_add_del (sw_if_index, start, 0 /* is_del */ );
+ ip6_neighbor_proxy_add (sw_if_index, start);
/* Add a receive adjacency for this address */
receive_dpo_add_or_lock (DPO_PROTO_IP6, ~0 /* sw_if_index */ ,
diff --git a/src/vnet/vnet_all_api_h.h b/src/vnet/vnet_all_api_h.h
index 7395d1c4756..a0bf8f72d14 100644
--- a/src/vnet/vnet_all_api_h.h
+++ b/src/vnet/vnet_all_api_h.h
@@ -44,7 +44,6 @@
#include <vnet/l2tp/l2tp.api.h>
#include <vnet/span/span.api.h>
#include <vnet/ip/ip.api.h>
-#include <vnet/ip/rd_cp.api.h>
#include <vnet/vxlan/vxlan.api.h>
#include <vnet/geneve/geneve.api.h>
#include <vnet/lldp/lldp.api.h>