From 0f0ff322b11cb4214699ea4468275a54db33f6e9 Mon Sep 17 00:00:00 2001 From: Eyal Bari Date: Thu, 30 Mar 2017 03:05:06 +0300 Subject: BRIDGE-DOMAIN:enable arp term,mac/ip learning on local ints we should not suppress arps on remote interface instead we should flood them to the local one used shg != 0 to identify packets from remote interfaces and disable arp term l2 input feature for them Change-Id: I701537c05df7451a25ccb5bfc9e2b03ea70cff20 Signed-off-by: Eyal Bari (cherry picked from commit a0623f8d26501a230801908cd4bc38d67a35dd23) --- src/vnet/ethernet/arp.c | 15 +++++++-------- src/vnet/ip/ip6.h | 3 +-- src/vnet/ip/ip6_neighbor.c | 8 +++----- 3 files changed, 11 insertions(+), 15 deletions(-) diff --git a/src/vnet/ethernet/arp.c b/src/vnet/ethernet/arp.c index 75c7e20372a..2367014e144 100644 --- a/src/vnet/ethernet/arp.c +++ b/src/vnet/ethernet/arp.c @@ -2220,6 +2220,10 @@ arp_term_l2bd (vlib_main_t * vm, n_left_to_next -= 1; p0 = vlib_get_buffer (vm, pi0); + // Terminate only local (SHG == 0) ARP + if (vnet_buffer (p0)->l2.shg != 0) + goto next_l2_feature; + eth0 = vlib_buffer_get_current (p0); l3h0 = (u8 *) eth0 + vnet_buffer (p0)->l2.l2_len; ethertype0 = clib_net_to_host_u16 (*(u16 *) (l3h0 - 2)); @@ -2271,8 +2275,8 @@ arp_term_l2bd (vlib_main_t * vm, pending_resolution_t *mc; ethernet_arp_main_t *am = ðernet_arp_main; uword *p = hash_get (am->mac_changes_by_address, 0); - if (p && (vnet_buffer (p0)->l2.shg == 0)) - { // Only SHG 0 interface which is more likely local + if (p) + { u32 next_index = p[0]; while (next_index != (u32) ~ 0) { @@ -2333,11 +2337,6 @@ arp_term_l2bd (vlib_main_t * vm, /* Send ARP/ND reply back out input interface through l2-output */ vnet_buffer (p0)->sw_if_index[VLIB_TX] = sw_if_index0; next0 = ARP_TERM_NEXT_L2_OUTPUT; - /* Note that output to VXLAN tunnel will fail due to SHG which - is probably desireable since ARP termination is not intended - for ARP requests from other hosts. If output to VXLAN tunnel is - required, however, can just clear the SHG in packet as follows: - vnet_buffer(p0)->l2.shg = 0; */ vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next, n_left_to_next, pi0, next0); @@ -2355,7 +2354,7 @@ arp_term_l2bd (vlib_main_t * vm, sw_if_index0 = vnet_buffer (p0)->sw_if_index[VLIB_RX]; if (vnet_ip6_nd_term (vm, node, p0, eth0, iph0, sw_if_index0, - vnet_buffer (p0)->l2.bd_index, vnet_buffer (p0)->l2.shg)) + vnet_buffer (p0)->l2.bd_index)) goto output_response; } diff --git a/src/vnet/ip/ip6.h b/src/vnet/ip/ip6.h index f402b0117c0..8fa9a479039 100644 --- a/src/vnet/ip/ip6.h +++ b/src/vnet/ip/ip6.h @@ -373,8 +373,7 @@ int vnet_ip6_nd_term (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_buffer_t * p0, ethernet_header_t * eth, - ip6_header_t * ip, - u32 sw_if_index, u16 bd_index, u8 shg); + ip6_header_t * ip, u32 sw_if_index, u16 bd_index); u8 *format_ip6_forward_next_trace (u8 * s, va_list * args); diff --git a/src/vnet/ip/ip6_neighbor.c b/src/vnet/ip/ip6_neighbor.c index 8d355ab2d2c..92708f14d5b 100644 --- a/src/vnet/ip/ip6_neighbor.c +++ b/src/vnet/ip/ip6_neighbor.c @@ -3986,12 +3986,11 @@ vnet_ip6_nd_term (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_buffer_t * p0, ethernet_header_t * eth, - ip6_header_t * ip, u32 sw_if_index, u16 bd_index, u8 shg) + ip6_header_t * ip, u32 sw_if_index, u16 bd_index) { ip6_neighbor_main_t *nm = &ip6_neighbor_main; icmp6_neighbor_solicitation_or_advertisement_header_t *ndh; pending_resolution_t *mc; - uword *p; ndh = ip6_next_header (ip); if (ndh->icmp.type != ICMP6_neighbor_solicitation && @@ -4007,9 +4006,8 @@ vnet_ip6_nd_term (vlib_main_t * vm, } /* Check if anyone want ND events for L2 BDs */ - p = mhash_get (&nm->mac_changes_by_address, &ip6a_zero); - if (p && shg == 0 && /* Only SHG 0 interface which is more likely local */ - !ip6_address_is_link_local_unicast (&ip->src_address)) + uword *p = mhash_get (&nm->mac_changes_by_address, &ip6a_zero); + if (p && !ip6_address_is_link_local_unicast (&ip->src_address)) { u32 next_index = p[0]; while (next_index != (u32) ~ 0) -- cgit 1.2.3-korg