From 53da221b13225695516ec7469ca29d82bb10e594 Mon Sep 17 00:00:00 2001 From: Neale Ranns Date: Sat, 24 Feb 2018 02:11:19 -0800 Subject: IP6 link-local table - IPv6 link local table is a per-SW interface array of IPv6 unicast FIBs - the per-interface ocst is sizeof(fib_table_t) which is small, w.r.t. the cost of an interface - FE80::/10 in the 'global' table points to a DPO that performs a lookup in the input interface's LL fib. Change-Id: Ice834b25ebeeacb2e929d7c864d7ec8c09918cbe Signed-off-by: Neale Ranns --- src/vnet.am | 3 + src/vnet/dpo/dpo.c | 2 + src/vnet/dpo/dpo.h | 2 + src/vnet/dpo/ip6_ll_dpo.c | 203 +++++++++++++++++++ src/vnet/dpo/ip6_ll_dpo.h | 38 ++++ src/vnet/fib/fib_entry.h | 11 ++ src/vnet/fib/fib_entry_src.c | 8 +- src/vnet/fib/fib_entry_src_api.c | 1 + src/vnet/fib/fib_entry_src_special.c | 11 ++ src/vnet/fib/fib_table.c | 2 +- src/vnet/fib/fib_table.h | 39 ++++ src/vnet/fib/ip6_fib.c | 104 ++++------ src/vnet/fib/ip6_fib.h | 4 +- src/vnet/ip/icmp6.c | 89 ++------- src/vnet/ip/ip6.h | 33 ++-- src/vnet/ip/ip6_forward.c | 7 +- src/vnet/ip/ip6_ll_table.c | 372 +++++++++++++++++++++++++++++++++++ src/vnet/ip/ip6_ll_table.h | 104 ++++++++++ src/vnet/ip/ip6_ll_types.c | 40 ++++ src/vnet/ip/ip6_ll_types.h | 47 +++++ src/vnet/ip/ip6_neighbor.c | 162 ++++++++++----- src/vnet/ip/ip6_packet.h | 2 +- src/vnet/ip/ping.c | 7 +- 23 files changed, 1071 insertions(+), 220 deletions(-) create mode 100644 src/vnet/dpo/ip6_ll_dpo.c create mode 100644 src/vnet/dpo/ip6_ll_dpo.h create mode 100644 src/vnet/ip/ip6_ll_table.c create mode 100644 src/vnet/ip/ip6_ll_table.h create mode 100644 src/vnet/ip/ip6_ll_types.c create mode 100644 src/vnet/ip/ip6_ll_types.h diff --git a/src/vnet.am b/src/vnet.am index c787eb37703..e1e69b1827c 100644 --- a/src/vnet.am +++ b/src/vnet.am @@ -349,6 +349,8 @@ libvnet_la_SOURCES += \ vnet/ip/ip4_reassembly.c \ vnet/ip/ip6_format.c \ vnet/ip/ip6_forward.c \ + vnet/ip/ip6_ll_table.c \ + vnet/ip/ip6_ll_types.c \ vnet/ip/ip6_punt_drop.c \ vnet/ip/ip6_hop_by_hop.c \ vnet/ip/ip6_input.c \ @@ -1130,6 +1132,7 @@ libvnet_la_SOURCES += \ vnet/dpo/dpo.c \ vnet/dpo/drop_dpo.c \ vnet/dpo/ip_null_dpo.c \ + vnet/dpo/ip6_ll_dpo.c \ vnet/dpo/punt_dpo.c \ vnet/dpo/receive_dpo.c \ vnet/dpo/load_balance.c \ diff --git a/src/vnet/dpo/dpo.c b/src/vnet/dpo/dpo.c index 51adbc3d55a..f4e7fab7bcd 100644 --- a/src/vnet/dpo/dpo.c +++ b/src/vnet/dpo/dpo.c @@ -42,6 +42,7 @@ #include #include #include +#include /** * Array of char* names for the DPO types and protos @@ -533,6 +534,7 @@ dpo_module_init (vlib_main_t * vm) classify_dpo_module_init(); lookup_dpo_module_init(); ip_null_dpo_module_init(); + ip6_ll_dpo_module_init(); replicate_module_init(); interface_rx_dpo_module_init(); interface_tx_dpo_module_init(); diff --git a/src/vnet/dpo/dpo.h b/src/vnet/dpo/dpo.h index 3290a5d239e..afee458c02f 100644 --- a/src/vnet/dpo/dpo.h +++ b/src/vnet/dpo/dpo.h @@ -123,6 +123,7 @@ typedef enum dpo_type_t_ { DPO_BIER_IMP, DPO_BIER_DISP_TABLE, DPO_BIER_DISP_ENTRY, + DPO_IP6_LL, DPO_LAST, } __attribute__((packed)) dpo_type_t; @@ -157,6 +158,7 @@ typedef enum dpo_type_t_ { [DPO_BIER_IMP] = "bier-imposition", \ [DPO_BIER_DISP_ENTRY] = "bier-disp-entry", \ [DPO_BIER_DISP_TABLE] = "bier-disp-table", \ + [DPO_IP6_LL] = "ip6-link-local", \ } /** diff --git a/src/vnet/dpo/ip6_ll_dpo.c b/src/vnet/dpo/ip6_ll_dpo.c new file mode 100644 index 00000000000..f86472c16c5 --- /dev/null +++ b/src/vnet/dpo/ip6_ll_dpo.c @@ -0,0 +1,203 @@ +/* + * Copyright (c) 2018 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * @brief + * The data-path object representing performing a lookup in the IPv6 + * link local table + */ + +#include +#include + +/** + * @brief the IP6 link-local DPO is global + */ +static dpo_id_t ip6_ll_dpo = { + .dpoi_type = DPO_IP6_LL, + .dpoi_proto = DPO_PROTO_IP6, + .dpoi_index = 0, +}; + +const dpo_id_t * +ip6_ll_dpo_get (void) +{ + return (&ip6_ll_dpo); +} + +static void +ip6_ll_dpo_lock (dpo_id_t * dpo) +{ + /* + * not maintaining a lock count on the ip6_ll, they are const global and + * never die. + */ +} + +static void +ip6_ll_dpo_unlock (dpo_id_t * dpo) +{ +} + +static u8 * +format_ip6_ll_dpo (u8 * s, va_list * ap) +{ + CLIB_UNUSED (index_t index) = va_arg (*ap, index_t); + CLIB_UNUSED (u32 indent) = va_arg (*ap, u32); + + return (format (s, "ip6-link-local")); +} + +const static dpo_vft_t ip6_ll_vft = { + .dv_lock = ip6_ll_dpo_lock, + .dv_unlock = ip6_ll_dpo_unlock, + .dv_format = format_ip6_ll_dpo, +}; + +/** + * @brief The per-protocol VLIB graph nodes that are assigned to a ip6_ll + * object. + * + * this means that these graph nodes are ones from which a ip6_ll is the + * parent object in the DPO-graph. + */ +const static char *const ip6_null_nodes[] = { + "ip6-link-local", + NULL, +}; + +const static char *const *const ip6_ll_nodes[DPO_PROTO_NUM] = { + [DPO_PROTO_IP6] = ip6_null_nodes, +}; + +typedef struct ip6_ll_dpo_trace_t_ +{ + u32 fib_index; + u32 sw_if_index; +} ip6_ll_dpo_trace_t; + +/** + * @brief Exit nodes from a IP6_LL + */ +typedef enum ip6_ll_next_t_ +{ + IP6_LL_NEXT_DROP, + IP6_LL_NEXT_LOOKUP, + IP6_LL_NEXT_NUM, +} ip6_ll_next_t; + +always_inline uword +ip6_ll_dpo_inline (vlib_main_t * vm, + vlib_node_runtime_t * node, vlib_frame_t * frame) +{ + u32 n_left_from, next_index, *from, *to_next; + + from = vlib_frame_vector_args (frame); + n_left_from = frame->n_vectors; + next_index = node->cached_next_index; + + while (n_left_from > 0) + { + u32 n_left_to_next; + + vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next); + + while (n_left_from > 0 && n_left_to_next > 0) + { + u32 bi0, fib_index0, next0; + vlib_buffer_t *p0; + + bi0 = from[0]; + to_next[0] = bi0; + from += 1; + to_next += 1; + n_left_from -= 1; + n_left_to_next -= 1; + next0 = IP6_LL_NEXT_LOOKUP; + + p0 = vlib_get_buffer (vm, bi0); + + /* use the packet's RX interface to pick the link-local FIB */ + fib_index0 = + ip6_ll_fib_get (vnet_buffer (p0)->sw_if_index[VLIB_RX]); + /* write that fib index into the packet so it's used in the + * lookup node next */ + vnet_buffer (p0)->sw_if_index[VLIB_TX] = fib_index0; + + if (PREDICT_FALSE (p0->flags & VLIB_BUFFER_IS_TRACED)) + { + ip6_ll_dpo_trace_t *tr = vlib_add_trace (vm, node, p0, + sizeof (*tr)); + tr->sw_if_index = vnet_buffer (p0)->sw_if_index[VLIB_RX]; + tr->fib_index = fib_index0; + } + vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next, + n_left_to_next, bi0, next0); + } + + vlib_put_next_frame (vm, node, next_index, n_left_to_next); + } + + return frame->n_vectors; +} + +static u8 * +format_ip6_ll_dpo_trace (u8 * s, va_list * args) +{ + CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *); + CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *); + ip6_ll_dpo_trace_t *t = va_arg (*args, ip6_ll_dpo_trace_t *); + + s = format (s, "sw_if_index:%d fib_index:%d", t->sw_if_index, t->fib_index); + return s; +} + +static uword +ip6_ll_dpo_switch (vlib_main_t * vm, + vlib_node_runtime_t * node, vlib_frame_t * frame) +{ + return (ip6_ll_dpo_inline (vm, node, frame)); +} + +/** + * @brief + */ +/* *INDENT-OFF* */ +VLIB_REGISTER_NODE (ip6_ll_dpo_node) = +{ + .function = ip6_ll_dpo_switch, + .name = "ip6-link-local", + .vector_size = sizeof (u32), + .format_trace = format_ip6_ll_dpo_trace, + .n_next_nodes = IP6_LL_NEXT_NUM, + .next_nodes = { + [IP6_LL_NEXT_DROP] = "ip6-drop", + [IP6_LL_NEXT_LOOKUP] = "ip6-lookup", + }, +}; +/* *INDENT-ON* */ + +void +ip6_ll_dpo_module_init (void) +{ + dpo_register (DPO_IP6_LL, &ip6_ll_vft, ip6_ll_nodes); +} + +/* + * fd.io coding-style-patch-verification: ON + * + * Local Variables: + * eval: (c-set-style "gnu") + * End: + */ diff --git a/src/vnet/dpo/ip6_ll_dpo.h b/src/vnet/dpo/ip6_ll_dpo.h new file mode 100644 index 00000000000..3a1fc9563e8 --- /dev/null +++ b/src/vnet/dpo/ip6_ll_dpo.h @@ -0,0 +1,38 @@ +/* + * Copyright (c) 2018 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +/** + * @brief + * The IP6 link-local DPO represents the lookup of a packet in the link-local + * IPv6 FIB + */ + +#ifndef __IP6_LL_DPO_H__ +#define __IP6_LL_DPO_H__ + +#include + +extern const dpo_id_t *ip6_ll_dpo_get (void); + +extern void ip6_ll_dpo_module_init (void); + +/* + * fd.io coding-style-patch-verification: ON + * + * Local Variables: + * eval: (c-set-style "gnu") + * End: + */ + +#endif diff --git a/src/vnet/fib/fib_entry.h b/src/vnet/fib/fib_entry.h index d905a839c48..3fde97add32 100644 --- a/src/vnet/fib/fib_entry.h +++ b/src/vnet/fib/fib_entry.h @@ -88,6 +88,10 @@ typedef enum fib_source_t_ { * IPv6 Proxy ND */ FIB_SOURCE_IP6_ND_PROXY, + /** + * IPv6 ND (seen in the link-local tables) + */ + FIB_SOURCE_IP6_ND, /** * Adjacency source. * routes created as a result of ARP/ND entries. This is lower priority @@ -151,6 +155,7 @@ STATIC_ASSERT (sizeof(fib_source_t) == 1, [FIB_SOURCE_CLASSIFY] = "classify", \ [FIB_SOURCE_DHCP] = "DHCP", \ [FIB_SOURCE_IP6_ND_PROXY] = "IPv6-proxy-nd", \ + [FIB_SOURCE_IP6_ND] = "IPv6-nd", \ [FIB_SOURCE_RR] = "recursive-resolution", \ [FIB_SOURCE_AE] = "attached_export", \ [FIB_SOURCE_MPLS] = "mpls", \ @@ -207,6 +212,10 @@ typedef enum fib_entry_attribute_t_ { * To be used with caution */ FIB_ENTRY_ATTRIBUTE_URPF_EXEMPT, + /** + * The prefix/address exempted from attached export + */ + FIB_ENTRY_ATTRIBUTE_NO_ATTACHED_EXPORT, /** * This FIB entry imposes its source information on all prefixes * that is covers @@ -227,6 +236,7 @@ typedef enum fib_entry_attribute_t_ { [FIB_ENTRY_ATTRIBUTE_LOCAL] = "local", \ [FIB_ENTRY_ATTRIBUTE_URPF_EXEMPT] = "uRPF-exempt", \ [FIB_ENTRY_ATTRIBUTE_MULTICAST] = "multicast", \ + [FIB_ENTRY_ATTRIBUTE_NO_ATTACHED_EXPORT] = "no-attached-export", \ [FIB_ENTRY_ATTRIBUTE_COVERED_INHERIT] = "covered-inherit", \ } @@ -243,6 +253,7 @@ typedef enum fib_entry_flag_t_ { FIB_ENTRY_FLAG_EXCLUSIVE = (1 << FIB_ENTRY_ATTRIBUTE_EXCLUSIVE), FIB_ENTRY_FLAG_LOCAL = (1 << FIB_ENTRY_ATTRIBUTE_LOCAL), FIB_ENTRY_FLAG_IMPORT = (1 << FIB_ENTRY_ATTRIBUTE_IMPORT), + FIB_ENTRY_FLAG_NO_ATTACHED_EXPORT = (1 << FIB_ENTRY_ATTRIBUTE_NO_ATTACHED_EXPORT), FIB_ENTRY_FLAG_LOOSE_URPF_EXEMPT = (1 << FIB_ENTRY_ATTRIBUTE_URPF_EXEMPT), FIB_ENTRY_FLAG_MULTICAST = (1 << FIB_ENTRY_ATTRIBUTE_MULTICAST), FIB_ENTRY_FLAG_COVERED_INHERIT = (1 << FIB_ENTRY_ATTRIBUTE_COVERED_INHERIT), diff --git a/src/vnet/fib/fib_entry_src.c b/src/vnet/fib/fib_entry_src.c index 616d77e8b0a..6dc0c73a305 100644 --- a/src/vnet/fib/fib_entry_src.c +++ b/src/vnet/fib/fib_entry_src.c @@ -1352,10 +1352,7 @@ fib_route_attached_cross_table (const fib_entry_t *fib_entry, } /* - * fib_route_attached_cross_table - * - * Return true the the route is attached via an interface that - * is not in the same table as the route + * Return true if the path is attached */ static inline int fib_path_is_attached (const fib_route_path_t *rpath) @@ -1419,7 +1416,8 @@ fib_entry_flags_update (const fib_entry_t *fib_entry, esrc->fes_entry_flags |= FIB_ENTRY_FLAG_LOOSE_URPF_EXEMPT; } } - if (fib_route_attached_cross_table(fib_entry, rpath)) + if (fib_route_attached_cross_table(fib_entry, rpath) && + !(esrc->fes_entry_flags & FIB_ENTRY_FLAG_NO_ATTACHED_EXPORT)) { esrc->fes_entry_flags |= FIB_ENTRY_FLAG_IMPORT; } diff --git a/src/vnet/fib/fib_entry_src_api.c b/src/vnet/fib/fib_entry_src_api.c index 1cdcfbde850..4558d65d523 100644 --- a/src/vnet/fib/fib_entry_src_api.c +++ b/src/vnet/fib/fib_entry_src_api.c @@ -167,5 +167,6 @@ fib_entry_src_api_register (void) fib_entry_src_register(FIB_SOURCE_CLI, &api_src_vft); fib_entry_src_register(FIB_SOURCE_DHCP, &api_src_vft); fib_entry_src_register(FIB_SOURCE_IP6_ND_PROXY, &api_src_vft); + fib_entry_src_register(FIB_SOURCE_IP6_ND, &api_src_vft); fib_entry_src_register(FIB_SOURCE_SR, &api_src_vft); } diff --git a/src/vnet/fib/fib_entry_src_special.c b/src/vnet/fib/fib_entry_src_special.c index a2899161c8f..c976da9327a 100644 --- a/src/vnet/fib/fib_entry_src_special.c +++ b/src/vnet/fib/fib_entry_src_special.c @@ -52,11 +52,22 @@ fib_entry_src_special_add (fib_entry_src_t *src, dpo); } +static void +fib_entry_src_special_path_swap (fib_entry_src_t *src, + const fib_entry_t *entry, + fib_path_list_flags_t pl_flags, + const fib_route_path_t *rpaths) +{ + src->fes_pl = fib_path_list_create((FIB_PATH_LIST_FLAG_SHARED | pl_flags), + rpaths); +} + const static fib_entry_src_vft_t special_src_vft = { .fesv_init = fib_entry_src_special_init, .fesv_deinit = fib_entry_src_special_deinit, .fesv_add = fib_entry_src_special_add, .fesv_remove = fib_entry_src_special_remove, + .fesv_path_swap = fib_entry_src_special_path_swap, }; void diff --git a/src/vnet/fib/fib_table.c b/src/vnet/fib/fib_table.c index c20bb255ddf..e9173484dec 100644 --- a/src/vnet/fib/fib_table.c +++ b/src/vnet/fib/fib_table.c @@ -1129,7 +1129,7 @@ fib_table_create_and_lock (fib_protocol_t proto, fi = ip4_fib_table_create_and_lock(src); break; case FIB_PROTOCOL_IP6: - fi = ip6_fib_table_create_and_lock(src); + fi = ip6_fib_table_create_and_lock(src, FIB_TABLE_FLAG_NONE, NULL); break; case FIB_PROTOCOL_MPLS: fi = mpls_fib_table_create_and_lock(src); diff --git a/src/vnet/fib/fib_table.h b/src/vnet/fib/fib_table.h index 14ac7054059..ddc00e537c2 100644 --- a/src/vnet/fib/fib_table.h +++ b/src/vnet/fib/fib_table.h @@ -28,6 +28,40 @@ #define FIB_TABLE_N_LOCKS (FIB_SOURCE_MAX+1) #define FIB_TABLE_TOTAL_LOCKS FIB_SOURCE_MAX +/** + * Flags for the source data + */ +typedef enum fib_table_attribute_t_ { + /** + * Marker. Add new values after this one. + */ + FIB_TABLE_ATTRIBUTE_FIRST, + /** + * the table is for IP6 link local addresses + */ + FIB_TABLE_ATTRIBUTE_IP6_LL = FIB_TABLE_ATTRIBUTE_FIRST, + /** + * Marker. add new entries before this one. + */ + FIB_TABLE_ATTRIBUTE_LAST = FIB_TABLE_ATTRIBUTE_IP6_LL, +} fib_table_attribute_t; + +#define FIB_TABLE_ATTRIBUTE_MAX (FIB_TABLE_ATTRIBUTE_LAST+1) + +#define FIB_TABLE_ATTRIBUTES { \ + [FIB_TABLE_ATTRIBUTE_IP6_LL] = "ip6-ll", \ +} + +#define FOR_EACH_FIB_TABLE_ATTRIBUTE(_item) \ + for (_item = FIB_TABLE_ATTRIBUTE_FIRST; \ + _item < FIB_TABLE_ATTRIBUTE_MAX; \ + _item++) + +typedef enum fib_table_flags_t_ { + FIB_TABLE_FLAG_NONE = 0, + FIB_TABLE_FLAG_IP6_LL = (1 << FIB_TABLE_ATTRIBUTE_IP6_LL), +} __attribute__ ((packed)) fib_table_flags_t; + /** * @brief * A protocol Independent FIB table @@ -39,6 +73,11 @@ typedef struct fib_table_t_ */ fib_protocol_t ft_proto; + /** + * Table flags + */ + fib_table_flags_t ft_flags; + /** * per-source number of locks on the table */ diff --git a/src/vnet/fib/ip6_fib.c b/src/vnet/fib/ip6_fib.c index 9f58e4b6a9e..fa9eb112986 100644 --- a/src/vnet/fib/ip6_fib.c +++ b/src/vnet/fib/ip6_fib.c @@ -15,6 +15,7 @@ #include #include +#include static void vnet_ip6_fib_init (u32 fib_index) @@ -38,20 +39,23 @@ vnet_ip6_fib_init (u32 fib_index) FIB_ENTRY_FLAG_DROP); /* - * all link local for us + * all link local via the link local lookup DPO */ pfx.fp_addr.ip6.as_u64[0] = clib_host_to_net_u64 (0xFE80000000000000ULL); pfx.fp_addr.ip6.as_u64[1] = 0; pfx.fp_len = 10; - fib_table_entry_special_add(fib_index, - &pfx, - FIB_SOURCE_SPECIAL, - FIB_ENTRY_FLAG_LOCAL); + fib_table_entry_special_dpo_add(fib_index, + &pfx, + FIB_SOURCE_SPECIAL, + FIB_ENTRY_FLAG_NONE, + ip6_ll_dpo_get()); } static u32 create_fib_with_table_id (u32 table_id, - fib_source_t src) + fib_source_t src, + fib_table_flags_t flags, + u8 *desc) { fib_table_t *fib_table; ip6_fib_t *v6_fib; @@ -76,6 +80,8 @@ create_fib_with_table_id (u32 table_id, v6_fib->table_id = table_id; fib_table->ft_flow_hash_config = IP_FLOW_HASH_DEFAULT; + fib_table->ft_flags = flags; + fib_table->ft_desc = desc; vnet_ip6_fib_init(fib_table->ft_index); fib_table_lock(fib_table->ft_index, FIB_PROTOCOL_IP6, src); @@ -91,95 +97,57 @@ ip6_fib_table_find_or_create_and_lock (u32 table_id, p = hash_get (ip6_main.fib_index_by_table_id, table_id); if (NULL == p) - return create_fib_with_table_id(table_id, src); - + return create_fib_with_table_id(table_id, src, + FIB_TABLE_FLAG_NONE, + NULL); + fib_table_lock(p[0], FIB_PROTOCOL_IP6, src); return (p[0]); } u32 -ip6_fib_table_create_and_lock (fib_source_t src) +ip6_fib_table_create_and_lock (fib_source_t src, + fib_table_flags_t flags, + u8 *desc) { - return (create_fib_with_table_id(~0, src)); + return (create_fib_with_table_id(~0, src, flags, desc)); } void ip6_fib_table_destroy (u32 fib_index) { + /* + * all link local first ... + */ fib_prefix_t pfx = { .fp_proto = FIB_PROTOCOL_IP6, - .fp_len = 0, + .fp_len = 10, .fp_addr = { .ip6 = { - { 0, 0, }, + .as_u8 = { + [0] = 0xFE, + [1] = 0x80, + }, }, } }; + fib_table_entry_delete(fib_index, + &pfx, + FIB_SOURCE_SPECIAL); /* - * the default route. + * ... then the default route. */ + pfx.fp_addr.ip6.as_u64[0] = 0; + pfx.fp_len = 00; fib_table_entry_special_remove(fib_index, &pfx, FIB_SOURCE_DEFAULT_ROUTE); - - /* - * ff02::1:ff00:0/104 - */ - ip6_set_solicited_node_multicast_address(&pfx.fp_addr.ip6, 0); - pfx.fp_len = 104; - fib_table_entry_special_remove(fib_index, - &pfx, - FIB_SOURCE_SPECIAL); - - /* - * all-routers multicast address - */ - ip6_set_reserved_multicast_address (&pfx.fp_addr.ip6, - IP6_MULTICAST_SCOPE_link_local, - IP6_MULTICAST_GROUP_ID_all_routers); - pfx.fp_len = 128; - fib_table_entry_special_remove(fib_index, - &pfx, - FIB_SOURCE_SPECIAL); - - /* - * all-nodes multicast address - */ - ip6_set_reserved_multicast_address (&pfx.fp_addr.ip6, - IP6_MULTICAST_SCOPE_link_local, - IP6_MULTICAST_GROUP_ID_all_hosts); - pfx.fp_len = 128; - fib_table_entry_special_remove(fib_index, - &pfx, - FIB_SOURCE_SPECIAL); - - /* - * all-mldv2 multicast address - */ - ip6_set_reserved_multicast_address (&pfx.fp_addr.ip6, - IP6_MULTICAST_SCOPE_link_local, - IP6_MULTICAST_GROUP_ID_mldv2_routers); - pfx.fp_len = 128; - fib_table_entry_special_remove(fib_index, - &pfx, - FIB_SOURCE_SPECIAL); - - /* - * all link local - */ - pfx.fp_addr.ip6.as_u64[0] = clib_host_to_net_u64 (0xFE80000000000000ULL); - pfx.fp_addr.ip6.as_u64[1] = 0; - pfx.fp_len = 10; - fib_table_entry_special_remove(fib_index, - &pfx, - FIB_SOURCE_SPECIAL); - fib_table_t *fib_table = fib_table_get(fib_index, FIB_PROTOCOL_IP6); fib_source_t source; - + /* * validate no more routes. */ @@ -691,6 +659,8 @@ ip6_show_fib (vlib_main_t * vm, continue; if (fib_index != ~0 && fib_index != (int)fib->index) continue; + if (fib_table->ft_flags & FIB_TABLE_FLAG_IP6_LL) + continue; s = format(s, "%U, fib_index:%d, flow hash:[%U] locks:[", format_fib_table_name, fib->index, diff --git a/src/vnet/fib/ip6_fib.h b/src/vnet/fib/ip6_fib.h index dcd6c301bec..10ae75ce6f9 100644 --- a/src/vnet/fib/ip6_fib.h +++ b/src/vnet/fib/ip6_fib.h @@ -156,7 +156,9 @@ ip6_src_lookup_for_packet (ip6_main_t * im, */ extern u32 ip6_fib_table_find_or_create_and_lock(u32 table_id, fib_source_t src); -extern u32 ip6_fib_table_create_and_lock(fib_source_t src); +extern u32 ip6_fib_table_create_and_lock(fib_source_t src, + fib_table_flags_t flags, + u8* desc); extern u8 *format_ip6_fib_table_memory(u8 * s, va_list * args); diff --git a/src/vnet/ip/icmp6.c b/src/vnet/ip/icmp6.c index ab871b3a969..fd5d0ecba38 100644 --- a/src/vnet/ip/icmp6.c +++ b/src/vnet/ip/icmp6.c @@ -341,58 +341,14 @@ ip6_icmp_echo_request (vlib_main_t * vm, ip0->hop_limit = im->host_config.ttl; ip1->hop_limit = im->host_config.ttl; - if (ip6_address_is_link_local_unicast (&ip0->dst_address)) - { - ethernet_header_t *eth0; - u8 tmp_mac[6]; - /* For link local, reuse current MAC header by sawpping - * SMAC to DMAC instead of IP6 lookup since link local - * is not in the IP6 FIB */ - vlib_buffer_reset (p0); - eth0 = vlib_buffer_get_current (p0); - clib_memcpy (tmp_mac, eth0->dst_address, 6); - clib_memcpy (eth0->dst_address, eth0->src_address, 6); - clib_memcpy (eth0->src_address, tmp_mac, 6); - vnet_buffer (p0)->sw_if_index[VLIB_TX] = - vnet_buffer (p0)->sw_if_index[VLIB_RX]; - next0 = ICMP6_ECHO_REQUEST_NEXT_OUTPUT; - } - else - { - /* Determine the correct lookup fib indices... */ - fib_index0 = vec_elt (im->fib_index_by_sw_if_index, - vnet_buffer (p0)->sw_if_index[VLIB_RX]); - vnet_buffer (p0)->sw_if_index[VLIB_TX] = fib_index0; - } - - if (ip6_address_is_link_local_unicast (&ip1->dst_address)) - { - ethernet_header_t *eth1; - u8 tmp_mac[6]; - /* For link local, reuse current MAC header by sawpping - * SMAC to DMAC instead of IP6 lookup since link local - * is not in the IP6 FIB */ - vlib_buffer_reset (p1); - eth1 = vlib_buffer_get_current (p1); - clib_memcpy (tmp_mac, eth1->dst_address, 6); - clib_memcpy (eth1->dst_address, eth1->src_address, 6); - clib_memcpy (eth1->src_address, tmp_mac, 6); - vnet_buffer (p1)->sw_if_index[VLIB_TX] = - vnet_buffer (p1)->sw_if_index[VLIB_RX]; - next1 = ICMP6_ECHO_REQUEST_NEXT_OUTPUT; - } - else - { - /* Determine the correct lookup fib indices... */ - fib_index1 = vec_elt (im->fib_index_by_sw_if_index, - vnet_buffer (p1)->sw_if_index[VLIB_RX]); - vnet_buffer (p1)->sw_if_index[VLIB_TX] = fib_index1; - } - - vnet_buffer (p0)->sw_if_index[VLIB_RX] - = vnet_main.local_interface_sw_if_index; - vnet_buffer (p1)->sw_if_index[VLIB_RX] - = vnet_main.local_interface_sw_if_index; + /* Determine the correct lookup fib indices... */ + fib_index0 = vec_elt (im->fib_index_by_sw_if_index, + vnet_buffer (p0)->sw_if_index[VLIB_RX]); + vnet_buffer (p0)->sw_if_index[VLIB_TX] = fib_index0; + /* Determine the correct lookup fib indices... */ + fib_index1 = vec_elt (im->fib_index_by_sw_if_index, + vnet_buffer (p1)->sw_if_index[VLIB_RX]); + vnet_buffer (p1)->sw_if_index[VLIB_TX] = fib_index1; /* verify speculative enqueues, maybe switch current next frame */ /* if next0==next1==next_index then nothing special needs to be done */ @@ -441,30 +397,11 @@ ip6_icmp_echo_request (vlib_main_t * vm, ip0->hop_limit = im->host_config.ttl; - if (ip6_address_is_link_local_unicast (&ip0->dst_address)) - { - ethernet_header_t *eth0; - u8 tmp_mac[6]; - /* For link local, reuse current MAC header by sawpping - * SMAC to DMAC instead of IP6 lookup since link local - * is not in the IP6 FIB */ - vlib_buffer_reset (p0); - eth0 = vlib_buffer_get_current (p0); - clib_memcpy (tmp_mac, eth0->dst_address, 6); - clib_memcpy (eth0->dst_address, eth0->src_address, 6); - clib_memcpy (eth0->src_address, tmp_mac, 6); - vnet_buffer (p0)->sw_if_index[VLIB_TX] = - vnet_buffer (p0)->sw_if_index[VLIB_RX]; - next0 = ICMP6_ECHO_REQUEST_NEXT_OUTPUT; - } - else - { - fib_index0 = vec_elt (im->fib_index_by_sw_if_index, - vnet_buffer (p0)->sw_if_index[VLIB_RX]); - vnet_buffer (p0)->sw_if_index[VLIB_TX] = fib_index0; - } - vnet_buffer (p0)->sw_if_index[VLIB_RX] - = vnet_main.local_interface_sw_if_index; + /* if the packet is link local, we'll bounce through the link-local + * table with the RX interface correctly set */ + fib_index0 = vec_elt (im->fib_index_by_sw_if_index, + vnet_buffer (p0)->sw_if_index[VLIB_RX]); + vnet_buffer (p0)->sw_if_index[VLIB_TX] = fib_index0; /* Verify speculative enqueue, maybe switch current next frame */ vlib_validate_buffer_enqueue_x1 (vm, node, next_index, diff --git a/src/vnet/ip/ip6.h b/src/vnet/ip/ip6.h index 033ecfc43b8..959d72c0fad 100644 --- a/src/vnet/ip/ip6.h +++ b/src/vnet/ip/ip6.h @@ -276,25 +276,36 @@ ip6_unaligned_destination_matches_route (ip6_main_t * im, return 1; } +extern int ip6_get_ll_address (u32 sw_if_index, ip6_address_t * addr); + always_inline int ip6_src_address_for_packet (ip_lookup_main_t * lm, - u32 sw_if_index, ip6_address_t * src) + u32 sw_if_index, + const ip6_address_t * dst, ip6_address_t * src) { - u32 if_add_index = lm->if_address_pool_index_by_sw_if_index[sw_if_index]; - if (PREDICT_TRUE (if_add_index != ~0)) + if (ip6_address_is_link_local_unicast (dst)) { - ip_interface_address_t *if_add = - pool_elt_at_index (lm->if_address_pool, if_add_index); - ip6_address_t *if_ip = ip_interface_address_get_address (lm, if_add); - *src = *if_ip; - return (0); + return ip6_get_ll_address (sw_if_index, src); } else { - src->as_u64[0] = 0; - src->as_u64[1] = 0; + u32 if_add_index = + lm->if_address_pool_index_by_sw_if_index[sw_if_index]; + if (PREDICT_TRUE (if_add_index != ~0)) + { + ip_interface_address_t *if_add = + pool_elt_at_index (lm->if_address_pool, if_add_index); + ip6_address_t *if_ip = + ip_interface_address_get_address (lm, if_add); + *src = *if_ip; + return (!0); + } } - return (!0); + + src->as_u64[0] = 0; + src->as_u64[1] = 0; + + return (0); } /* Find interface address which matches destination. */ diff --git a/src/vnet/ip/ip6_forward.c b/src/vnet/ip/ip6_forward.c index 30b717f5545..eb7667b0148 100644 --- a/src/vnet/ip/ip6_forward.c +++ b/src/vnet/ip/ip6_forward.c @@ -1548,9 +1548,10 @@ ip6_discover_neighbor_inline (vlib_main_t * vm, * Choose source address based on destination lookup * adjacency. */ - if (ip6_src_address_for_packet (lm, - sw_if_index0, - &h0->ip.src_address)) + if (!ip6_src_address_for_packet (lm, + sw_if_index0, + &ip0->dst_address, + &h0->ip.src_address)) { /* There is no address on the interface */ p0->error = diff --git a/src/vnet/ip/ip6_ll_table.c b/src/vnet/ip/ip6_ll_table.c new file mode 100644 index 00000000000..67d05ed390f --- /dev/null +++ b/src/vnet/ip/ip6_ll_table.c @@ -0,0 +1,372 @@ +/* + * Copyright (c) 2018 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include +#include +#include + +#include + +/** + * There's only one IP6 link local table + */ +static ip6_ll_table_t ip6_ll_table; + +u32 +ip6_ll_fib_get (u32 sw_if_index) +{ + ASSERT (vec_len (ip6_ll_table.ilt_fibs) > sw_if_index); + + return (ip6_ll_table.ilt_fibs[sw_if_index]); +} + +fib_node_index_t +ip6_ll_table_lookup (const ip6_ll_prefix_t * prefix) +{ + return (ip6_fib_table_lookup (ip6_ll_fib_get (prefix->ilp_sw_if_index), + &prefix->ilp_addr, 128)); +} + +fib_node_index_t +ip6_ll_table_lookup_exact_match (const ip6_ll_prefix_t * prefix) +{ + return (ip6_fib_table_lookup_exact_match + (ip6_ll_fib_get (prefix->ilp_sw_if_index), &prefix->ilp_addr, 128)); +} + +static void +ip6_ll_fib_create (u32 sw_if_index) +{ + vnet_main_t *vnm = vnet_get_main (); + u8 *desc; + + desc = format (NULL, "IP6-link-local:%U", + format_vnet_sw_interface_name, + vnm, vnet_get_sw_interface (vnm, sw_if_index)); + + ip6_ll_table.ilt_fibs[sw_if_index] = + ip6_fib_table_create_and_lock (FIB_SOURCE_IP6_ND, + FIB_TABLE_FLAG_IP6_LL, desc); + + /* + * leave the default route as a drop, but fix fe::/10 to be a glean + * via the interface. + */ + /* *INDENT-OFF* */ + fib_prefix_t pfx = { + .fp_proto = FIB_PROTOCOL_IP6, + .fp_len = 10, + .fp_addr = { + .ip6 = { + .as_u8 = { + [0] = 0xFE, + [1] = 0x80, + } + }, + } + }; + fib_table_entry_update_one_path( + ip6_ll_table.ilt_fibs[sw_if_index], + &pfx, + FIB_SOURCE_SPECIAL, + (FIB_ENTRY_FLAG_ATTACHED | + FIB_ENTRY_FLAG_NO_ATTACHED_EXPORT), + DPO_PROTO_IP6, + NULL, + sw_if_index, + ~0, + 1, + NULL, + FIB_ROUTE_PATH_FLAG_NONE); + /* *INDENT-ON* */ +} + +static void +ip6_ll_prefix_to_fib (const ip6_ll_prefix_t * ilp, fib_prefix_t * fp) +{ + fp->fp_proto = FIB_PROTOCOL_IP6; + fp->fp_len = 128; + fp->fp_addr.ip6 = ilp->ilp_addr; +} + +fib_node_index_t +ip6_ll_table_entry_update (const ip6_ll_prefix_t * ilp, + fib_route_path_flags_t flags) +{ + fib_node_index_t ip6_ll_entry_index; + fib_route_path_t *rpaths, rpath = { + .frp_flags = flags, + .frp_sw_if_index = ilp->ilp_sw_if_index, + .frp_proto = DPO_PROTO_IP6, + }; + fib_prefix_t fp; + + vec_validate (ip6_ll_table.ilt_fibs, ilp->ilp_sw_if_index); + + if (0 == ip6_ll_fib_get (ilp->ilp_sw_if_index)) + { + ip6_ll_fib_create (ilp->ilp_sw_if_index); + } + + rpaths = NULL; + vec_add1 (rpaths, rpath); + + ip6_ll_prefix_to_fib (ilp, &fp); + ip6_ll_entry_index = + fib_table_entry_update (ip6_ll_fib_get (ilp->ilp_sw_if_index), &fp, + FIB_SOURCE_IP6_ND, + (flags & FIB_ROUTE_PATH_LOCAL ? + FIB_ENTRY_FLAG_LOCAL : FIB_ENTRY_FLAG_NONE), + rpaths); + vec_free (rpaths); + + return (ip6_ll_entry_index); +} + +void +ip6_ll_table_entry_delete (const ip6_ll_prefix_t * ilp) +{ + fib_node_index_t ip6_ll_entry_index; + u32 fib_index; + + ip6_ll_entry_index = ip6_ll_table_lookup_exact_match (ilp); + + if (FIB_NODE_INDEX_INVALID != ip6_ll_entry_index) + fib_table_entry_delete_index (ip6_ll_entry_index, FIB_SOURCE_IP6_ND); + + /* + * if there are no ND sourced prefixes left, then we can clean up this FIB + */ + fib_index = ip6_ll_fib_get (ilp->ilp_sw_if_index); + if (0 == fib_table_get_num_entries (fib_index, + FIB_PROTOCOL_IP6, FIB_SOURCE_IP6_ND)) + { + fib_table_unlock (fib_index, FIB_PROTOCOL_IP6, FIB_SOURCE_IP6_ND); + ip6_ll_table.ilt_fibs[ilp->ilp_sw_if_index] = 0; + } +} + +static void +ip6_ll_table_show_one (vlib_main_t * vm, ip6_ll_prefix_t * ilp, int detail) +{ + vlib_cli_output (vm, "%U", + format_fib_entry, + ip6_ll_table_lookup (ilp), + (detail ? + FIB_ENTRY_FORMAT_DETAIL2 : FIB_ENTRY_FORMAT_DETAIL)); +} + +typedef struct ip6_ll_show_ctx_t_ +{ + fib_node_index_t *entries; +} ip6_ll_show_ctx_t; + +static fib_table_walk_rc_t +ip6_ll_table_show_walk (fib_node_index_t fib_entry_index, void *arg) +{ + ip6_ll_show_ctx_t *ctx = arg; + + vec_add1 (ctx->entries, fib_entry_index); + + return (FIB_TABLE_WALK_CONTINUE); +} + +static void +ip6_ll_table_show_all (vlib_main_t * vm, u32 fib_index) +{ + fib_node_index_t *fib_entry_index; + ip6_ll_show_ctx_t ctx = { + .entries = NULL, + }; + + fib_table_walk (fib_index, FIB_PROTOCOL_IP6, ip6_ll_table_show_walk, &ctx); + vec_sort_with_function (ctx.entries, fib_entry_cmp_for_sort); + + vec_foreach (fib_entry_index, ctx.entries) + { + vlib_cli_output (vm, "%U", + format_fib_entry, + *fib_entry_index, FIB_ENTRY_FORMAT_BRIEF); + } + + vec_free (ctx.entries); +} + +typedef struct +{ + u32 fib_index; + u64 count_by_prefix_length[129]; +} count_routes_in_fib_at_prefix_length_arg_t; + +static void +count_routes_in_fib_at_prefix_length (BVT (clib_bihash_kv) * kvp, void *arg) +{ + count_routes_in_fib_at_prefix_length_arg_t *ap = arg; + int mask_width; + + if ((kvp->key[2] >> 32) != ap->fib_index) + return; + + mask_width = kvp->key[2] & 0xFF; + + ap->count_by_prefix_length[mask_width]++; +} + +static clib_error_t * +ip6_ll_show_fib (vlib_main_t * vm, + unformat_input_t * input, vlib_cli_command_t * cmd) +{ + count_routes_in_fib_at_prefix_length_arg_t _ca, *ca = &_ca; + ip6_main_t *im6 = &ip6_main; + fib_table_t *fib_table; + int verbose, matching; + ip6_address_t matching_address; + u32 mask_len = 128; + u32 sw_if_index = ~0; + int detail = 0; + vnet_main_t *vnm = vnet_get_main (); + u32 fib_index; + + verbose = 1; + matching = 0; + + while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) + { + if (unformat (input, "brief") || + unformat (input, "summary") || unformat (input, "sum")) + verbose = 0; + + else if (unformat (input, "detail") || unformat (input, "det")) + detail = 1; + + else if (unformat (input, "%U/%d", + unformat_ip6_address, &matching_address, &mask_len)) + matching = 1; + + else + if (unformat (input, "%U", unformat_ip6_address, &matching_address)) + matching = 1; + else if (unformat (input, "%U", + unformat_vnet_sw_interface, vnm, &sw_if_index)) + ; + else + break; + } + + vec_foreach_index (sw_if_index, ip6_ll_table.ilt_fibs) + { + fib_source_t source; + u8 *s = NULL; + + fib_index = ip6_ll_table.ilt_fibs[sw_if_index]; + + if (0 == fib_index) + continue; + + fib_table = fib_table_get (fib_index, FIB_PROTOCOL_IP6); + + if (!(fib_table->ft_flags & FIB_TABLE_FLAG_IP6_LL)) + continue; + + s = format (s, "%U, fib_index:%d, locks:[", + format_fib_table_name, fib_index, + FIB_PROTOCOL_IP6, fib_index); + FOR_EACH_FIB_SOURCE (source) + { + if (0 != fib_table->ft_locks[source]) + { + s = format (s, "%U:%d, ", + format_fib_source, source, fib_table->ft_locks[source]); + } + } + s = format (s, "]"); + vlib_cli_output (vm, "%v", s); + vec_free (s); + + /* Show summary? */ + if (!verbose) + { + BVT (clib_bihash) * h = + &im6->ip6_table[IP6_FIB_TABLE_NON_FWDING].ip6_hash; + int len; + + vlib_cli_output (vm, "%=20s%=16s", "Prefix length", "Count"); + + memset (ca, 0, sizeof (*ca)); + ca->fib_index = fib_index; + + BV (clib_bihash_foreach_key_value_pair) + (h, count_routes_in_fib_at_prefix_length, ca); + + for (len = 128; len >= 0; len--) + { + if (ca->count_by_prefix_length[len]) + vlib_cli_output (vm, "%=20d%=16lld", + len, ca->count_by_prefix_length[len]); + } + continue; + } + + if (!matching) + { + ip6_ll_table_show_all (vm, fib_index); + } + else + { + if (~0 == sw_if_index) + { + vlib_cli_output (vm, "specify the interface"); + } + else + { + ip6_ll_prefix_t ilp = { + .ilp_addr = matching_address, + .ilp_sw_if_index = sw_if_index, + }; + ip6_ll_table_show_one (vm, &ilp, detail); + } + } + }; + + return 0; +} + +/* *INDENT-OFF* */ +VLIB_CLI_COMMAND (ip6_show_fib_command, static) = { + .path = "show ip6-ll", + .short_help = "show ip6-ll [summary] [interface] [[/]] [detail]", + .function = ip6_ll_show_fib, +}; +/* *INDENT-ON* */ + +static clib_error_t * +ip6_ll_module_init (vlib_main_t * vm) +{ + clib_error_t *error; + + error = vlib_call_init_function (vm, ip6_lookup_init); + + return (error); +} + +VLIB_INIT_FUNCTION (ip6_ll_module_init); + +/* + * fd.io coding-style-patch-verification: ON + * + * Local Variables: + * eval: (c-set-style "gnu") + * End: + */ diff --git a/src/vnet/ip/ip6_ll_table.h b/src/vnet/ip/ip6_ll_table.h new file mode 100644 index 00000000000..0667cf99128 --- /dev/null +++ b/src/vnet/ip/ip6_ll_table.h @@ -0,0 +1,104 @@ +/* + * Copyright (c) 2018 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __IP6_LL_TABLE_H__ +#define __IP6_LL_TABLE_H__ + +#include + +#include + +/** + * @brief + * A protocol Independent IP multicast FIB table + */ +typedef struct ip6_ll_table_t_ +{ + /** + * A vector, indexed by sw_if_index, of unicast IPv6 FIBs + */ + u32 *ilt_fibs; + + /** + * Total route counters + */ + u32 ilt_total_route_counts; + +} ip6_ll_table_t; + +/** + * @brief + * Perfom a longest prefix match in the non-forwarding table + * + * @param prefix + * The prefix to lookup + * + * @return + * The index of the fib_entry_t for the best match, which may be the default route + */ +extern fib_node_index_t ip6_ll_table_lookup (const ip6_ll_prefix_t * prefix); + +/** + * @brief + * Perfom an exact match in the non-forwarding table + * + * @param prefix + * The prefix to lookup + * + * @return + * The index of the fib_entry_t for the exact match, or INVALID + * is there is no match. + */ +extern fib_node_index_t ip6_ll_table_lookup_exact_match + (const ip6_ll_prefix_t * prefix); + +/** + * @brief + * Update an entry in the table. The falgs determine if the entry is + * LOCAL, in which case it's a receive, or not, in which case the entry + * will link to an adjacency. + * + * @param prefix + * The prefix for the entry to add + * + * @return + * the index of the fib_entry_t that is created (or existed already). + */ +extern fib_node_index_t ip6_ll_table_entry_update + (const ip6_ll_prefix_t * prefix, fib_route_path_flags_t flags); + +/** + * @brief + * Delete a IP6 link-local entry. + * + * @param prefix + * The prefix for the entry to remove + */ +extern void ip6_ll_table_entry_delete (const ip6_ll_prefix_t * prefix); + +/** + * @brief For use in the data plane. Get the underlying ip6 FIB + */ +extern u32 ip6_ll_fib_get (u32 sw_if_index); + +/* + * fd.io coding-style-patch-verification: ON + * + * Local Variables: + * eval: (c-set-style "gnu") + * End: + */ + +#endif diff --git a/src/vnet/ip/ip6_ll_types.c b/src/vnet/ip/ip6_ll_types.c new file mode 100644 index 00000000000..a7ac164b05a --- /dev/null +++ b/src/vnet/ip/ip6_ll_types.c @@ -0,0 +1,40 @@ + /* + * Copyright (c) 2018 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include + +#include + +u8 * +format_ip6_ll_prefix (u8 * s, va_list * args) +{ + ip6_ll_prefix_t *ilp = va_arg (*args, ip6_ll_prefix_t *); + vnet_main_t *vnm = vnet_get_main (); + + s = format (s, "(%U, %U)", + format_ip6_address, &ilp->ilp_addr, + format_vnet_sw_interface_name, + vnm, vnet_get_sw_interface (vnm, ilp->ilp_sw_if_index)); + + return (s); +} + +/* + * fd.io coding-style-patch-verification: ON + * + * Local Variables: + * eval: (c-set-style "gnu") + * End: + */ diff --git a/src/vnet/ip/ip6_ll_types.h b/src/vnet/ip/ip6_ll_types.h new file mode 100644 index 00000000000..3c7e100b724 --- /dev/null +++ b/src/vnet/ip/ip6_ll_types.h @@ -0,0 +1,47 @@ + /* + * Copyright (c) 2018 Cisco and/or its affiliates. + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at: + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __IP6_LL_TYPES_H__ +#define __IP6_LL_TYPES_H__ + +#include + +/** + * Aggregrate type for a prefix in the IPv6 Link-local table + */ +typedef struct ip6_ll_prefix_t_ +{ + /** + * The interface + */ + u32 ilp_sw_if_index; + + /** + * the IP6 address + */ + ip6_address_t ilp_addr; +} ip6_ll_prefix_t; + +extern u8 *format_ip6_ll_prefix (u8 * s, va_list * args); + +/* + * fd.io coding-style-patch-verification: ON + * + * Local Variables: + * eval: (c-set-style "gnu") + * End: + */ + +#endif diff --git a/src/vnet/ip/ip6_neighbor.c b/src/vnet/ip/ip6_neighbor.c index 22f640c8543..d63796636b1 100644 --- a/src/vnet/ip/ip6_neighbor.c +++ b/src/vnet/ip/ip6_neighbor.c @@ -25,6 +25,7 @@ #include #include #include +#include /** * @file @@ -273,7 +274,7 @@ format_ip6_neighbor_ip6_entry (u8 * s, va_list * va) u8 *flags = 0; if (!n) - return format (s, "%=12s%=20s%=6s%=20s%=40s", "Time", "Address", "Flags", + return format (s, "%=12s%=25s%=6s%=20s%=40s", "Time", "Address", "Flags", "Link layer", "Interface"); if (n->flags & IP6_NEIGHBOR_FLAG_DYNAMIC) @@ -286,7 +287,7 @@ format_ip6_neighbor_ip6_entry (u8 * s, va_list * va) flags = format (flags, "N"); si = vnet_get_sw_interface (vnm, n->key.sw_if_index); - s = format (s, "%=12U%=20U%=6s%=20U%=40U", + s = format (s, "%=12U%=25U%=6s%=20U%=40U", format_vlib_cpu_time, vm, n->cpu_time_last_updated, format_ip6_address, &n->key.ip6_address, flags ? (char *) flags : "", @@ -302,18 +303,29 @@ ip6_neighbor_adj_fib_remove (ip6_neighbor_t * n, u32 fib_index) { if (FIB_NODE_INDEX_INVALID != n->fib_entry_index) { - fib_prefix_t pfx = { - .fp_len = 128, - .fp_proto = FIB_PROTOCOL_IP6, - .fp_addr.ip6 = n->key.ip6_address, - }; - fib_table_entry_path_remove (fib_index, - &pfx, - FIB_SOURCE_ADJ, - DPO_PROTO_IP6, - &pfx.fp_addr, - n->key.sw_if_index, ~0, - 1, FIB_ROUTE_PATH_FLAG_NONE); + if (ip6_address_is_link_local_unicast (&n->key.ip6_address)) + { + ip6_ll_prefix_t pfx = { + .ilp_addr = n->key.ip6_address, + .ilp_sw_if_index = n->key.sw_if_index, + }; + ip6_ll_table_entry_delete (&pfx); + } + else + { + fib_prefix_t pfx = { + .fp_len = 128, + .fp_proto = FIB_PROTOCOL_IP6, + .fp_addr.ip6 = n->key.ip6_address, + }; + fib_table_entry_path_remove (fib_index, + &pfx, + FIB_SOURCE_ADJ, + DPO_PROTO_IP6, + &pfx.fp_addr, + n->key.sw_if_index, ~0, + 1, FIB_ROUTE_PATH_FLAG_NONE); + } } } @@ -640,18 +652,30 @@ ip6_ethernet_update_adjacency (vnet_main_t * vnm, u32 sw_if_index, u32 ai) static void ip6_neighbor_adj_fib_add (ip6_neighbor_t * n, u32 fib_index) { - fib_prefix_t pfx = { - .fp_len = 128, - .fp_proto = FIB_PROTOCOL_IP6, - .fp_addr.ip6 = n->key.ip6_address, - }; + if (ip6_address_is_link_local_unicast (&n->key.ip6_address)) + { + ip6_ll_prefix_t pfx = { + .ilp_addr = n->key.ip6_address, + .ilp_sw_if_index = n->key.sw_if_index, + }; + n->fib_entry_index = + ip6_ll_table_entry_update (&pfx, FIB_ROUTE_PATH_FLAG_NONE); + } + else + { + fib_prefix_t pfx = { + .fp_len = 128, + .fp_proto = FIB_PROTOCOL_IP6, + .fp_addr.ip6 = n->key.ip6_address, + }; - n->fib_entry_index = - fib_table_entry_path_add (fib_index, &pfx, FIB_SOURCE_ADJ, - FIB_ENTRY_FLAG_ATTACHED, - DPO_PROTO_IP6, &pfx.fp_addr, - n->key.sw_if_index, ~0, 1, NULL, - FIB_ROUTE_PATH_FLAG_NONE); + n->fib_entry_index = + fib_table_entry_path_add (fib_index, &pfx, FIB_SOURCE_ADJ, + FIB_ENTRY_FLAG_ATTACHED, + DPO_PROTO_IP6, &pfx.fp_addr, + n->key.sw_if_index, ~0, 1, NULL, + FIB_ROUTE_PATH_FLAG_NONE); + } } int @@ -708,9 +732,8 @@ vnet_set_ip6_ethernet_neighbor (vlib_main_t * vm, */ if (!is_no_fib_entry) { - ip6_neighbor_adj_fib_add (n, - ip6_fib_table_get_index_for_sw_if_index - (n->key.sw_if_index)); + ip6_neighbor_adj_fib_add + (n, ip6_fib_table_get_index_for_sw_if_index (n->key.sw_if_index)); } else { @@ -1135,7 +1158,7 @@ icmp6_neighbor_solicitation_or_advertisement (vlib_main_t * vm, &h0->target_address, o0->ethernet_address, sizeof (o0->ethernet_address), - 0, ip6_sadd_link_local); + 0, 0); } if (is_solicitation && error0 == ICMP6_ERROR_NONE) @@ -1153,9 +1176,18 @@ icmp6_neighbor_solicitation_or_advertisement (vlib_main_t * vm, } else { - fei = ip6_fib_table_lookup_exact_match (fib_index, - &h0->target_address, - 128); + if (ip6_address_is_link_local_unicast (&h0->target_address)) + { + fei = ip6_fib_table_lookup_exact_match + (ip6_ll_fib_get (sw_if_index0), + &h0->target_address, 128); + } + else + { + fei = ip6_fib_table_lookup_exact_match (fib_index, + &h0->target_address, + 128); + } if (FIB_NODE_INDEX_INVALID == fei) { @@ -1174,7 +1206,8 @@ icmp6_neighbor_solicitation_or_advertisement (vlib_main_t * vm, } else if (fib_entry_is_sourced - (fei, FIB_SOURCE_IP6_ND_PROXY)) + (fei, FIB_SOURCE_IP6_ND_PROXY) || + fib_entry_is_sourced (fei, FIB_SOURCE_IP6_ND)) { /* The address was added by IPv6 Proxy ND config. * We should only respond to these if the NS arrived on @@ -3273,6 +3306,10 @@ show_ip6_interface_cmd (vlib_main_t * vm, vec_free (unknown_scope); } + vlib_cli_output (vm, "\tLink-local address(es):\n"); + vlib_cli_output (vm, "\t\t%U\n", format_ip6_address, + &radv_info->link_local_address); + vlib_cli_output (vm, "\tJoined group address(es):\n"); ip6_mldp_group_t *m; /* *INDENT-OFF* */ @@ -3395,7 +3432,6 @@ disable_ip6_interface (vlib_main_t * vm, u32 sw_if_index) /* if not created - do nothing */ if (ri != ~0) { - vnet_main_t *vnm = vnet_get_main (); ip6_radv_t *radv_info; radv_info = pool_elt_at_index (nm->if_radv_pool, ri); @@ -3405,14 +3441,15 @@ disable_ip6_interface (vlib_main_t * vm, u32 sw_if_index) if (radv_info->ref_count == 0) { /* essentially "disables" ipv6 on this interface */ - error = ip6_add_del_interface_address (vm, sw_if_index, - &radv_info-> - link_local_address, 128, - 1 /* is_del */ ); - - ip6_neighbor_sw_interface_add_del (vnm, sw_if_index, - 0 /* is_add */ ); + ip6_ll_prefix_t ilp = { + .ilp_addr = radv_info->link_local_address, + .ilp_sw_if_index = sw_if_index, + }; + ip6_ll_table_entry_delete (&ilp); + ip6_sw_interface_enable_disable (sw_if_index, 0); ip6_mfib_interface_enable_disable (sw_if_index, 0); + ip6_neighbor_sw_interface_add_del (vnet_get_main (), sw_if_index, + 0); } } return error; @@ -3499,20 +3536,20 @@ enable_ip6_interface (vlib_main_t * vm, u32 sw_if_index) /* clear u bit */ link_local_address.as_u8[8] &= 0xfd; } + { + ip6_ll_prefix_t ilp = { + .ilp_addr = link_local_address, + .ilp_sw_if_index = sw_if_index, + }; - ip6_mfib_interface_enable_disable (sw_if_index, 1); + ip6_ll_table_entry_update (&ilp, FIB_ROUTE_PATH_LOCAL); + } /* essentially "enables" ipv6 on this interface */ - error = ip6_add_del_interface_address (vm, sw_if_index, - &link_local_address, - 128 - /* address width */ , - 0 /* is_del */ ); - - if (error) - ip6_neighbor_sw_interface_add_del (vnm, sw_if_index, - !is_add); - else + ip6_mfib_interface_enable_disable (sw_if_index, 1); + ip6_sw_interface_enable_disable (sw_if_index, 1); + + if (!error) { radv_info->link_local_address = link_local_address; } @@ -3523,6 +3560,27 @@ enable_ip6_interface (vlib_main_t * vm, u32 sw_if_index) return error; } +int +ip6_get_ll_address (u32 sw_if_index, ip6_address_t * addr) +{ + ip6_neighbor_main_t *nm = &ip6_neighbor_main; + ip6_radv_t *radv_info; + u32 ri; + + if (vec_len (nm->if_radv_pool_index_by_sw_if_index) < sw_if_index) + return 0; + + ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index]; + + if (ri == ~0) + return 0; + + radv_info = pool_elt_at_index (nm->if_radv_pool, ri); + *addr = radv_info->link_local_address; + + return (!0); +} + static clib_error_t * enable_ip6_interface_cmd (vlib_main_t * vm, unformat_input_t * input, vlib_cli_command_t * cmd) diff --git a/src/vnet/ip/ip6_packet.h b/src/vnet/ip/ip6_packet.h index 6b724370e76..76e3c1f93f0 100644 --- a/src/vnet/ip/ip6_packet.h +++ b/src/vnet/ip/ip6_packet.h @@ -293,7 +293,7 @@ ip6_address_is_loopback (ip6_address_t * a) /* Check for link local unicast fe80::/10. */ always_inline uword -ip6_address_is_link_local_unicast (ip6_address_t * a) +ip6_address_is_link_local_unicast (const ip6_address_t * a) { return a->as_u8[0] == 0xfe && (a->as_u8[1] & 0xc0) == 0x80; } diff --git a/src/vnet/ip/ping.c b/src/vnet/ip/ping.c index a142754bdf7..a929a0cdf00 100755 --- a/src/vnet/ip/ping.c +++ b/src/vnet/ip/ping.c @@ -314,13 +314,14 @@ send_ip6_ping (vlib_main_t * vm, ip6_main_t * im, h0->ip6.src_address = *pa6; /* Fill in the correct source now */ - ip6_address_t *a = ip6_interface_first_address (im, sw_if_index); - if (!a) + if (!ip6_src_address_for_packet (&im->lookup_main, + sw_if_index, + &h0->ip6.dst_address, + &h0->ip6.src_address)) { vlib_buffer_free (vm, &bi0, 1); return SEND_PING_NO_SRC_ADDRESS; } - h0->ip6.src_address = a[0]; /* Fill in icmp fields */ h0->icmp.type = ICMP6_echo_request; -- cgit 1.2.3-korg