summaryrefslogtreecommitdiffstats
path: root/vnet/vnet/ip/ip4_forward.c
diff options
context:
space:
mode:
Diffstat (limited to 'vnet/vnet/ip/ip4_forward.c')
-rw-r--r--vnet/vnet/ip/ip4_forward.c199
1 files changed, 162 insertions, 37 deletions
diff --git a/vnet/vnet/ip/ip4_forward.c b/vnet/vnet/ip/ip4_forward.c
index 4b019bce8de..dd9fce4592b 100644
--- a/vnet/vnet/ip/ip4_forward.c
+++ b/vnet/vnet/ip/ip4_forward.c
@@ -1387,91 +1387,127 @@ VNET_SW_INTERFACE_ADMIN_UP_DOWN_FUNCTION (ip4_sw_interface_admin_up_down);
/* Built-in ip4 unicast rx feature path definition */
VNET_IP4_UNICAST_FEATURE_INIT (ip4_inacl, static) = {
.node_name = "ip4-inacl",
- .runs_before = {"ip4-source-check-via-rx", 0},
+ .runs_before = ORDER_CONSTRAINTS {"ip4-source-check-via-rx", 0},
.feature_index = &ip4_main.ip4_unicast_rx_feature_check_access,
};
VNET_IP4_UNICAST_FEATURE_INIT (ip4_source_check_1, static) = {
.node_name = "ip4-source-check-via-rx",
- .runs_before = {"ip4-source-check-via-any", 0},
+ .runs_before = ORDER_CONSTRAINTS {"ip4-source-check-via-any", 0},
.feature_index =
&ip4_main.ip4_unicast_rx_feature_source_reachable_via_rx,
};
VNET_IP4_UNICAST_FEATURE_INIT (ip4_source_check_2, static) = {
.node_name = "ip4-source-check-via-any",
- .runs_before = {"ip4-policer-classify", 0},
+ .runs_before = ORDER_CONSTRAINTS {"ip4-policer-classify", 0},
.feature_index =
&ip4_main.ip4_unicast_rx_feature_source_reachable_via_any,
};
-VNET_IP4_UNICAST_FEATURE_INIT (ip4_source_and_port_range_check, static) = {
- .node_name = "ip4-source-and-port-range-check",
- .runs_before = {"ip4-policer-classify", 0},
+VNET_IP4_UNICAST_FEATURE_INIT (ip4_source_and_port_range_check_rx, static) = {
+ .node_name = "ip4-source-and-port-range-check-rx",
+ .runs_before = ORDER_CONSTRAINTS {"ip4-policer-classify", 0},
.feature_index =
&ip4_main.ip4_unicast_rx_feature_source_and_port_range_check,
};
VNET_IP4_UNICAST_FEATURE_INIT (ip4_policer_classify, static) = {
.node_name = "ip4-policer-classify",
- .runs_before = {"ipsec-input-ip4", 0},
+ .runs_before = ORDER_CONSTRAINTS {"ipsec-input-ip4", 0},
.feature_index =
&ip4_main.ip4_unicast_rx_feature_policer_classify,
};
VNET_IP4_UNICAST_FEATURE_INIT (ip4_ipsec, static) = {
.node_name = "ipsec-input-ip4",
- .runs_before = {"vpath-input-ip4", 0},
+ .runs_before = ORDER_CONSTRAINTS {"vpath-input-ip4", 0},
.feature_index = &ip4_main.ip4_unicast_rx_feature_ipsec,
};
VNET_IP4_UNICAST_FEATURE_INIT (ip4_vpath, static) = {
.node_name = "vpath-input-ip4",
- .runs_before = {"ip4-lookup", 0},
+ .runs_before = ORDER_CONSTRAINTS {"ip4-lookup", 0},
.feature_index = &ip4_main.ip4_unicast_rx_feature_vpath,
};
VNET_IP4_UNICAST_FEATURE_INIT (ip4_lookup, static) = {
.node_name = "ip4-lookup",
- .runs_before = {0}, /* not before any other features */
+ .runs_before = 0, /* not before any other features */
.feature_index = &ip4_main.ip4_unicast_rx_feature_lookup,
};
/* Built-in ip4 multicast rx feature path definition */
VNET_IP4_MULTICAST_FEATURE_INIT (ip4_vpath_mc, static) = {
.node_name = "vpath-input-ip4",
- .runs_before = {"ip4-lookup-multicast", 0},
+ .runs_before = ORDER_CONSTRAINTS {"ip4-lookup-multicast", 0},
.feature_index = &ip4_main.ip4_multicast_rx_feature_vpath,
};
VNET_IP4_MULTICAST_FEATURE_INIT (ip4_lookup_mc, static) = {
.node_name = "ip4-lookup-multicast",
- .runs_before = {0}, /* not before any other features */
+ .runs_before = 0, /* not before any other features */
.feature_index = &ip4_main.ip4_multicast_rx_feature_lookup,
};
-static char * feature_start_nodes[] =
+static char * rx_feature_start_nodes[] =
{ "ip4-input", "ip4-input-no-checksum"};
+static char * tx_feature_start_nodes[] =
+{ "ip4-rewrite-transit"};
+
+/* Source and port-range check ip4 tx feature path definition */
+VNET_IP4_TX_FEATURE_INIT (ip4_source_and_port_range_check_tx, static) = {
+ .node_name = "ip4-source-and-port-range-check-tx",
+ .runs_before = ORDER_CONSTRAINTS {"interface-output", 0},
+ .feature_index =
+ &ip4_main.ip4_unicast_tx_feature_source_and_port_range_check,
+
+};
+
+/* Built-in ip4 tx feature path definition */
+VNET_IP4_TX_FEATURE_INIT (interface_output, static) = {
+ .node_name = "interface-output",
+ .runs_before = 0, /* not before any other features */
+ .feature_index = &ip4_main.ip4_tx_feature_interface_output,
+};
+
+
static clib_error_t *
ip4_feature_init (vlib_main_t * vm, ip4_main_t * im)
{
ip_lookup_main_t * lm = &im->lookup_main;
clib_error_t * error;
vnet_cast_t cast;
+ ip_config_main_t * cm;
+ vnet_config_main_t * vcm;
+ char **feature_start_nodes;
+ int feature_start_len;
- for (cast = 0; cast < VNET_N_CAST; cast++)
+ for (cast = 0; cast < VNET_N_IP_FEAT; cast++)
{
- ip_config_main_t * cm = &lm->rx_config_mains[cast];
- vnet_config_main_t * vcm = &cm->config_main;
+ cm = &lm->feature_config_mains[cast];
+ vcm = &cm->config_main;
+ if (cast < VNET_IP_TX_FEAT)
+ {
+ feature_start_nodes = rx_feature_start_nodes;
+ feature_start_len = ARRAY_LEN(rx_feature_start_nodes);
+ }
+ else
+ {
+ feature_start_nodes = tx_feature_start_nodes;
+ feature_start_len = ARRAY_LEN(tx_feature_start_nodes);
+ }
+
if ((error = ip_feature_init_cast (vm, cm, vcm,
feature_start_nodes,
- ARRAY_LEN(feature_start_nodes),
+ feature_start_len,
cast,
1 /* is_ip4 */)))
return error;
}
+
return 0;
}
@@ -1486,21 +1522,23 @@ ip4_sw_interface_add_del (vnet_main_t * vnm,
u32 ci, cast;
u32 feature_index;
- for (cast = 0; cast < VNET_N_CAST; cast++)
+ for (cast = 0; cast < VNET_N_IP_FEAT; cast++)
{
- ip_config_main_t * cm = &lm->rx_config_mains[cast];
+ ip_config_main_t * cm = &lm->feature_config_mains[cast];
vnet_config_main_t * vcm = &cm->config_main;
vec_validate_init_empty (cm->config_index_by_sw_if_index, sw_if_index, ~0);
ci = cm->config_index_by_sw_if_index[sw_if_index];
- if (cast == VNET_UNICAST)
+ if (cast == VNET_IP_RX_UNICAST_FEAT)
feature_index = im->ip4_unicast_rx_feature_lookup;
- else
+ else if (cast == VNET_IP_RX_MULTICAST_FEAT)
feature_index = im->ip4_multicast_rx_feature_lookup;
+ else
+ feature_index = im->ip4_tx_feature_interface_output;
if (is_add)
- ci = vnet_config_add_feature (vm, vcm,
+ ci = vnet_config_add_feature (vm, vcm,
ci,
feature_index,
/* config data */ 0,
@@ -1513,6 +1551,9 @@ ip4_sw_interface_add_del (vnet_main_t * vnm,
/* # bytes of config data */ 0);
cm->config_index_by_sw_if_index[sw_if_index] = ci;
+ /*
+ * note: do not update the tx feature count here.
+ */
}
return /* no error */ 0;
@@ -1533,7 +1574,7 @@ VLIB_REGISTER_NODE (ip4_lookup_node) = {
.next_nodes = IP4_LOOKUP_NEXT_NODES,
};
-VLIB_NODE_FUNCTION_MULTIARCH (ip4_lookup_node, ip4_lookup)
+VLIB_NODE_FUNCTION_MULTIARCH (ip4_lookup_node, ip4_lookup);
static uword
ip4_indirect (vlib_main_t * vm,
@@ -1555,7 +1596,7 @@ VLIB_REGISTER_NODE (ip4_indirect_node) = {
.n_next_nodes = 0,
};
-VLIB_NODE_FUNCTION_MULTIARCH (ip4_indirect_node, ip4_indirect)
+VLIB_NODE_FUNCTION_MULTIARCH (ip4_indirect_node, ip4_indirect);
/* Global IP4 main. */
@@ -1825,7 +1866,7 @@ VLIB_REGISTER_NODE (ip4_drop_node,static) = {
},
};
-VLIB_NODE_FUNCTION_MULTIARCH (ip4_drop_node, ip4_drop)
+VLIB_NODE_FUNCTION_MULTIARCH (ip4_drop_node, ip4_drop);
VLIB_REGISTER_NODE (ip4_punt_node,static) = {
.function = ip4_punt,
@@ -1840,7 +1881,7 @@ VLIB_REGISTER_NODE (ip4_punt_node,static) = {
},
};
-VLIB_NODE_FUNCTION_MULTIARCH (ip4_punt_node, ip4_punt)
+VLIB_NODE_FUNCTION_MULTIARCH (ip4_punt_node, ip4_punt);
VLIB_REGISTER_NODE (ip4_miss_node,static) = {
.function = ip4_miss,
@@ -1855,7 +1896,7 @@ VLIB_REGISTER_NODE (ip4_miss_node,static) = {
},
};
-VLIB_NODE_FUNCTION_MULTIARCH (ip4_miss_node, ip4_miss)
+VLIB_NODE_FUNCTION_MULTIARCH (ip4_miss_node, ip4_miss);
/* Compute TCP/UDP/ICMP4 checksum in software. */
u16
@@ -2299,7 +2340,7 @@ VLIB_REGISTER_NODE (ip4_local_node,static) = {
},
};
-VLIB_NODE_FUNCTION_MULTIARCH (ip4_local_node, ip4_local)
+VLIB_NODE_FUNCTION_MULTIARCH (ip4_local_node, ip4_local);
void ip4_register_protocol (u32 protocol, u32 node_index)
{
@@ -2644,6 +2685,7 @@ ip4_rewrite_inline (vlib_main_t * vm,
u32 n_left_from, n_left_to_next, * to_next, next_index;
vlib_node_runtime_t * error_node = vlib_node_get_runtime (vm, ip4_input_node.index);
vlib_rx_or_tx_t adj_rx_tx = rewrite_for_locally_received_packets ? VLIB_RX : VLIB_TX;
+ ip_config_main_t * cm = &lm->feature_config_mains[VNET_IP_TX_FEAT];
n_left_from = frame->n_vectors;
next_index = node->cached_next_index;
@@ -2661,6 +2703,7 @@ ip4_rewrite_inline (vlib_main_t * vm,
u32 pi0, rw_len0, next0, error0, checksum0, adj_index0;
u32 pi1, rw_len1, next1, error1, checksum1, adj_index1;
u32 next0_override, next1_override;
+ u32 tx_sw_if_index0, tx_sw_if_index1;
if (rewrite_for_locally_received_packets)
next0_override = next1_override = 0;
@@ -2826,17 +2869,44 @@ ip4_rewrite_inline (vlib_main_t * vm,
{
p0->current_data -= rw_len0;
p0->current_length += rw_len0;
- p0->error = error_node->errors[error0];
+ tx_sw_if_index0 = adj0[0].rewrite_header.sw_if_index;
vnet_buffer (p0)->sw_if_index[VLIB_TX] =
- adj0[0].rewrite_header.sw_if_index;
+ tx_sw_if_index0;
+
+ if (PREDICT_FALSE
+ (clib_bitmap_get (lm->tx_sw_if_has_ip_output_features,
+ tx_sw_if_index0)))
+ {
+ p0->current_config_index =
+ vec_elt (cm->config_index_by_sw_if_index,
+ tx_sw_if_index0);
+ vnet_get_config_data (&cm->config_main,
+ &p0->current_config_index,
+ &next0,
+ /* # bytes of config data */ 0);
+ }
}
if (PREDICT_TRUE(error1 == IP4_ERROR_NONE))
{
p1->current_data -= rw_len1;
p1->current_length += rw_len1;
- p1->error = error_node->errors[error1];
+
+ tx_sw_if_index1 = adj1[0].rewrite_header.sw_if_index;
vnet_buffer (p1)->sw_if_index[VLIB_TX] =
- adj1[0].rewrite_header.sw_if_index;
+ tx_sw_if_index1;
+
+ if (PREDICT_FALSE
+ (clib_bitmap_get (lm->tx_sw_if_has_ip_output_features,
+ tx_sw_if_index1)))
+ {
+ p1->current_config_index =
+ vec_elt (cm->config_index_by_sw_if_index,
+ tx_sw_if_index1);
+ vnet_get_config_data (&cm->config_main,
+ &p1->current_config_index,
+ &next1,
+ /* # bytes of config data */ 0);
+ }
}
/* Guess we are only writing on simple Ethernet header. */
@@ -2856,6 +2926,7 @@ ip4_rewrite_inline (vlib_main_t * vm,
ip4_header_t * ip0;
u32 pi0, rw_len0, adj_index0, next0, error0, checksum0;
u32 next0_override;
+ u32 tx_sw_if_index0;
if (rewrite_for_locally_received_packets)
next0_override = 0;
@@ -2957,10 +3028,23 @@ ip4_rewrite_inline (vlib_main_t * vm,
{
p0->current_data -= rw_len0;
p0->current_length += rw_len0;
+ tx_sw_if_index0 = adj0[0].rewrite_header.sw_if_index;
- vnet_buffer (p0)->sw_if_index[VLIB_TX] =
- adj0[0].rewrite_header.sw_if_index;
+ vnet_buffer (p0)->sw_if_index[VLIB_TX] = tx_sw_if_index0;
next0 = adj0[0].rewrite_header.next_index;
+
+ if (PREDICT_FALSE
+ (clib_bitmap_get (lm->tx_sw_if_has_ip_output_features,
+ tx_sw_if_index0)))
+ {
+ p0->current_config_index =
+ vec_elt (cm->config_index_by_sw_if_index,
+ tx_sw_if_index0);
+ vnet_get_config_data (&cm->config_main,
+ &p0->current_config_index,
+ &next0,
+ /* # bytes of config data */ 0);
+ }
}
if (rewrite_for_locally_received_packets)
@@ -3084,7 +3168,7 @@ VLIB_REGISTER_NODE (ip4_rewrite_node) = {
},
};
-VLIB_NODE_FUNCTION_MULTIARCH (ip4_rewrite_node, ip4_rewrite_transit)
+VLIB_NODE_FUNCTION_MULTIARCH (ip4_rewrite_node, ip4_rewrite_transit);
VLIB_REGISTER_NODE (ip4_rewrite_local_node) = {
.function = ip4_rewrite_local,
@@ -3098,7 +3182,7 @@ VLIB_REGISTER_NODE (ip4_rewrite_local_node) = {
.n_next_nodes = 0,
};
-VLIB_NODE_FUNCTION_MULTIARCH (ip4_rewrite_local_node, ip4_rewrite_local)
+VLIB_NODE_FUNCTION_MULTIARCH (ip4_rewrite_local_node, ip4_rewrite_local);
static clib_error_t *
add_del_interface_table (vlib_main_t * vm,
@@ -3377,7 +3461,7 @@ VLIB_REGISTER_NODE (ip4_lookup_multicast_node,static) = {
.n_next_nodes = 0,
};
-VLIB_NODE_FUNCTION_MULTIARCH (ip4_lookup_multicast_node, ip4_lookup_multicast)
+VLIB_NODE_FUNCTION_MULTIARCH (ip4_lookup_multicast_node, ip4_lookup_multicast);
VLIB_REGISTER_NODE (ip4_multicast_node,static) = {
.function = ip4_drop,
@@ -3602,3 +3686,44 @@ VLIB_CLI_COMMAND (set_ip_classify_command, static) = {
.function = set_ip_classify_command_fn,
};
+
+#define TEST_CODE 1
+#if TEST_CODE > 0
+
+static clib_error_t *
+set_interface_output_feature_command_fn (vlib_main_t * vm,
+ unformat_input_t * input,
+ vlib_cli_command_t * cmd)
+{
+ vnet_main_t * vnm = vnet_get_main();
+ u32 sw_if_index = ~0;
+ int is_add = 1;
+ ip4_main_t * im = &ip4_main;
+ ip_lookup_main_t * lm = &im->lookup_main;
+
+ while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
+ {
+ if (unformat (input, "%U", unformat_vnet_sw_interface, vnm, &sw_if_index))
+ ;
+ else if (unformat (input, "del"))
+ is_add = 0;
+ else
+ break;
+ }
+
+ if (sw_if_index == ~0)
+ return clib_error_return (0, "unknown interface `%U'",
+ format_unformat_error, input);
+
+ lm->tx_sw_if_has_ip_output_features =
+ clib_bitmap_set (lm->tx_sw_if_has_ip_output_features, sw_if_index, is_add);
+
+ return 0;
+}
+
+VLIB_CLI_COMMAND (set_interface_output_feature, static) = {
+ .path = "set interface output feature",
+ .function = set_interface_output_feature_command_fn,
+ .short_help = "set interface output feature <intfc>",
+};
+#endif /* TEST_CODE */