From bfa86084af0e4d0cc8ad8ccbeafe999b748a990e Mon Sep 17 00:00:00 2001 From: Nathan Skrzypczak Date: Thu, 9 Sep 2021 18:31:36 +0200 Subject: ip: Add ip46-local node for local swif[rx] Type: improvement This adds a new ip[46]-receive node, sibling of ip[46]-local. Its goal is to set vnet_buffer (b)->ip.rx_sw_if_index to the sw_if_index of the local interface. In dependant nodes further down the line (e.g. hoststack) we then set sw_if_idx[rx] to this value. So that we know which local interface did receive the packet. The TCP issue this fixes is that : On accepts, we were setting tc->sw_if_index to the source sw_if_index. We should use the dest sw_if_index, so that packets coming back on this connection have the right source sw_if_index. And also setting it in the tx-ed packet. Change-Id: I569ed673e15c21e71f365c3ad45439b05bd14a9f Signed-off-by: Nathan Skrzypczak --- src/vnet/buffer.h | 13 ++++++-- src/vnet/dpo/receive_dpo.c | 14 ++++---- src/vnet/ip/ip4_forward.c | 81 ++++++++++++++++++++++++++++++++++------------ src/vnet/ip/ip6_forward.c | 61 ++++++++++++++++++++++++++-------- src/vnet/tcp/tcp_inlines.h | 7 ++++ 5 files changed, 132 insertions(+), 44 deletions(-) (limited to 'src') diff --git a/src/vnet/buffer.h b/src/vnet/buffer.h index cbaf4d84e42..2b3152fbcd6 100644 --- a/src/vnet/buffer.h +++ b/src/vnet/buffer.h @@ -190,8 +190,17 @@ typedef struct /* Rewrite length */ u8 save_rewrite_length; - /* MFIB RPF ID */ - u32 rpf_id; + union + { + /* sw_if_index of the local interface the buffer was received on + * - if hitting a DPO_RECEIVE - it is set in ip[46]-receive. + * This is ~0 if the dpo is not a receive dpo, or if the + * interface is not specified (e.g. route add via local) */ + u32 rx_sw_if_index; + + /* MFIB RPF ID */ + u32 rpf_id; + }; }; /* ICMP */ diff --git a/src/vnet/dpo/receive_dpo.c b/src/vnet/dpo/receive_dpo.c index b12b382ce64..0a97e1d373b 100644 --- a/src/vnet/dpo/receive_dpo.c +++ b/src/vnet/dpo/receive_dpo.c @@ -156,15 +156,13 @@ const static dpo_vft_t receive_vft = { * this means that these graph nodes are ones from which a receive is the * parent object in the DPO-graph. */ -const static char* const receive_ip4_nodes[] = -{ - "ip4-local", - NULL, +const static char *const receive_ip4_nodes[] = { + "ip4-receive", + NULL, }; -const static char* const receive_ip6_nodes[] = -{ - "ip6-local", - NULL, +const static char *const receive_ip6_nodes[] = { + "ip6-receive", + NULL, }; const static char* const * const receive_nodes[DPO_PROTO_NUM] = diff --git a/src/vnet/ip/ip4_forward.c b/src/vnet/ip/ip4_forward.c index 055df637c7f..900a1b4ce8e 100644 --- a/src/vnet/ip/ip4_forward.c +++ b/src/vnet/ip/ip4_forward.c @@ -52,6 +52,7 @@ #include #include #include +#include #include #include /* for mFIB table and entry creation */ #include @@ -1387,10 +1388,9 @@ ip4_tcp_udp_validate_checksum (vlib_main_t * vm, vlib_buffer_t * p0) #endif /* *INDENT-OFF* */ -VNET_FEATURE_ARC_INIT (ip4_local) = -{ - .arc_name = "ip4-local", - .start_nodes = VNET_FEATURES ("ip4-local"), +VNET_FEATURE_ARC_INIT (ip4_local) = { + .arc_name = "ip4-local", + .start_nodes = VNET_FEATURES ("ip4-local", "ip4-receive"), .last_in_arc = "ip4-local-end-of-arc", }; /* *INDENT-ON* */ @@ -1515,8 +1515,9 @@ typedef struct } ip4_local_last_check_t; static inline void -ip4_local_check_src (vlib_buffer_t * b, ip4_header_t * ip0, - ip4_local_last_check_t * last_check, u8 * error0) +ip4_local_check_src (vlib_buffer_t *b, ip4_header_t *ip0, + ip4_local_last_check_t *last_check, u8 *error0, + int is_receive_dpo) { const dpo_id_t *dpo0; load_balance_t *lb0; @@ -1526,6 +1527,15 @@ ip4_local_check_src (vlib_buffer_t * b, ip4_header_t * ip0, vnet_buffer (b)->sw_if_index[VLIB_TX] != ~0 ? vnet_buffer (b)->sw_if_index[VLIB_TX] : vnet_buffer (b)->ip.fib_index; + if (is_receive_dpo) + { + receive_dpo_t *rd; + rd = receive_dpo_get (vnet_buffer (b)->ip.adj_index[VLIB_TX]); + vnet_buffer (b)->ip.rx_sw_if_index = rd->rd_sw_if_index; + } + else + vnet_buffer (b)->ip.rx_sw_if_index = ~0; + /* * vnet_buffer()->ip.adj_index[VLIB_RX] will be set to the index of the * adjacency for the destination address (the local interface address). @@ -1579,8 +1589,9 @@ ip4_local_check_src (vlib_buffer_t * b, ip4_header_t * ip0, } static inline void -ip4_local_check_src_x2 (vlib_buffer_t ** b, ip4_header_t ** ip, - ip4_local_last_check_t * last_check, u8 * error) +ip4_local_check_src_x2 (vlib_buffer_t **b, ip4_header_t **ip, + ip4_local_last_check_t *last_check, u8 *error, + int is_receive_dpo) { const dpo_id_t *dpo[2]; load_balance_t *lb[2]; @@ -1601,6 +1612,20 @@ ip4_local_check_src_x2 (vlib_buffer_t ** b, ip4_header_t ** ip, vnet_buffer (b[1])->sw_if_index[VLIB_TX] : vnet_buffer (b[1])->ip.fib_index; + if (is_receive_dpo) + { + const receive_dpo_t *rd0, *rd1; + rd0 = receive_dpo_get (vnet_buffer (b[0])->ip.adj_index[VLIB_TX]); + rd1 = receive_dpo_get (vnet_buffer (b[1])->ip.adj_index[VLIB_TX]); + vnet_buffer (b[0])->ip.rx_sw_if_index = rd0->rd_sw_if_index; + vnet_buffer (b[1])->ip.rx_sw_if_index = rd1->rd_sw_if_index; + } + else + { + vnet_buffer (b[0])->ip.rx_sw_if_index = ~0; + vnet_buffer (b[1])->ip.rx_sw_if_index = ~0; + } + /* * vnet_buffer()->ip.adj_index[VLIB_RX] will be set to the index of the * adjacency for the destination address (the local interface address). @@ -1697,9 +1722,9 @@ ip4_local_classify (vlib_buffer_t * b, ip4_header_t * ip, u16 * next) } static inline uword -ip4_local_inline (vlib_main_t * vm, - vlib_node_runtime_t * node, - vlib_frame_t * frame, int head_of_feature_arc) +ip4_local_inline (vlib_main_t *vm, vlib_node_runtime_t *node, + vlib_frame_t *frame, int head_of_feature_arc, + int is_receive_dpo) { u32 *from, n_left_from; vlib_node_runtime_t *error_node = @@ -1764,19 +1789,21 @@ ip4_local_inline (vlib_main_t * vm, if (PREDICT_TRUE (not_batch == 0)) { ip4_local_check_l4_csum_x2 (vm, b, ip, error); - ip4_local_check_src_x2 (b, ip, &last_check, error); + ip4_local_check_src_x2 (b, ip, &last_check, error, is_receive_dpo); } else { if (!pt[0]) { ip4_local_check_l4_csum (vm, b[0], ip[0], &error[0]); - ip4_local_check_src (b[0], ip[0], &last_check, &error[0]); + ip4_local_check_src (b[0], ip[0], &last_check, &error[0], + is_receive_dpo); } if (!pt[1]) { ip4_local_check_l4_csum (vm, b[1], ip[1], &error[1]); - ip4_local_check_src (b[1], ip[1], &last_check, &error[1]); + ip4_local_check_src (b[1], ip[1], &last_check, &error[1], + is_receive_dpo); } } @@ -1804,7 +1831,8 @@ ip4_local_inline (vlib_main_t * vm, goto skip_check; ip4_local_check_l4_csum (vm, b[0], ip[0], &error[0]); - ip4_local_check_src (b[0], ip[0], &last_check, &error[0]); + ip4_local_check_src (b[0], ip[0], &last_check, &error[0], + is_receive_dpo); skip_check: @@ -1823,10 +1851,10 @@ ip4_local_inline (vlib_main_t * vm, VLIB_NODE_FN (ip4_local_node) (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame) { - return ip4_local_inline (vm, node, frame, 1 /* head of feature arc */ ); + return ip4_local_inline (vm, node, frame, 1 /* head of feature arc */, + 0 /* is_receive_dpo */); } -/* *INDENT-OFF* */ VLIB_REGISTER_NODE (ip4_local_node) = { .name = "ip4-local", @@ -1844,17 +1872,29 @@ VLIB_REGISTER_NODE (ip4_local_node) = [IP_LOCAL_NEXT_REASSEMBLY] = "ip4-full-reassembly", }, }; -/* *INDENT-ON* */ +VLIB_NODE_FN (ip4_receive_local_node) +(vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *frame) +{ + return ip4_local_inline (vm, node, frame, 1 /* head of feature arc */, + 1 /* is_receive_dpo */); +} + +VLIB_REGISTER_NODE (ip4_receive_local_node) = { + .name = "ip4-receive", + .vector_size = sizeof (u32), + .format_trace = format_ip4_forward_next_trace, + .sibling_of = "ip4-local" +}; VLIB_NODE_FN (ip4_local_end_of_arc_node) (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame) { - return ip4_local_inline (vm, node, frame, 0 /* head of feature arc */ ); + return ip4_local_inline (vm, node, frame, 0 /* head of feature arc */, + 0 /* is_receive_dpo */); } -/* *INDENT-OFF* */ VLIB_REGISTER_NODE (ip4_local_end_of_arc_node) = { .name = "ip4-local-end-of-arc", .vector_size = sizeof (u32), @@ -1868,7 +1908,6 @@ VNET_FEATURE_INIT (ip4_local_end_of_arc, static) = { .node_name = "ip4-local-end-of-arc", .runs_before = 0, /* not before any other features */ }; -/* *INDENT-ON* */ #ifndef CLIB_MARCH_VARIANT void diff --git a/src/vnet/ip/ip6_forward.c b/src/vnet/ip/ip6_forward.c index d9c015f6fb4..b9f9892f929 100644 --- a/src/vnet/ip/ip6_forward.c +++ b/src/vnet/ip/ip6_forward.c @@ -48,6 +48,7 @@ #include #include #include +#include #include #include #include @@ -1228,10 +1229,9 @@ ip6_next_proto_is_tcp_udp (vlib_buffer_t * p0, ip6_header_t * ip0, } /* *INDENT-OFF* */ -VNET_FEATURE_ARC_INIT (ip6_local) = -{ - .arc_name = "ip6-local", - .start_nodes = VNET_FEATURES ("ip6-local"), +VNET_FEATURE_ARC_INIT (ip6_local) = { + .arc_name = "ip6-local", + .start_nodes = VNET_FEATURES ("ip6-local", "ip6-receive"), }; /* *INDENT-ON* */ @@ -1278,10 +1278,10 @@ ip6_tcp_udp_icmp_bad_length (vlib_main_t * vm, vlib_buffer_t * p0) return 1; } - always_inline uword -ip6_local_inline (vlib_main_t * vm, vlib_node_runtime_t * node, - vlib_frame_t * frame, int head_of_feature_arc) +ip6_local_inline (vlib_main_t *vm, vlib_node_runtime_t *node, + vlib_frame_t *frame, int head_of_feature_arc, + int is_receive_dpo) { ip6_main_t *im = &ip6_main; ip_lookup_main_t *lm = &im->lookup_main; @@ -1469,6 +1469,21 @@ ip6_local_inline (vlib_main_t * vm, vlib_node_runtime_t * node, vnet_buffer (b[1])->sw_if_index[VLIB_TX] != ~0 ? vnet_buffer (b[1])->sw_if_index[VLIB_TX] : vnet_buffer (b[1])->ip.fib_index; + if (is_receive_dpo) + { + const receive_dpo_t *rd0, *rd1; + rd0 = + receive_dpo_get (vnet_buffer (b[0])->ip.adj_index[VLIB_TX]); + rd1 = + receive_dpo_get (vnet_buffer (b[1])->ip.adj_index[VLIB_TX]); + vnet_buffer (b[0])->ip.rx_sw_if_index = rd0->rd_sw_if_index; + vnet_buffer (b[1])->ip.rx_sw_if_index = rd1->rd_sw_if_index; + } + else + { + vnet_buffer (b[0])->ip.rx_sw_if_index = ~0; + vnet_buffer (b[1])->ip.rx_sw_if_index = ~0; + } } /* head_of_feature_arc */ next[0] = lm->local_next_by_ip_protocol[ip[0]->protocol]; @@ -1596,6 +1611,14 @@ ip6_local_inline (vlib_main_t * vm, vlib_node_runtime_t * node, vnet_buffer (b[0])->sw_if_index[VLIB_TX] != ~0 ? vnet_buffer (b[0])->sw_if_index[VLIB_TX] : vnet_buffer (b[0])->ip.fib_index; + if (is_receive_dpo) + { + receive_dpo_t *rd; + rd = receive_dpo_get (vnet_buffer (b[0])->ip.adj_index[VLIB_TX]); + vnet_buffer (b[0])->ip.rx_sw_if_index = rd->rd_sw_if_index; + } + else + vnet_buffer (b[0])->ip.rx_sw_if_index = ~0; } /* head_of_feature_arc */ next[0] = lm->local_next_by_ip_protocol[ip->protocol]; @@ -1629,10 +1652,10 @@ ip6_local_inline (vlib_main_t * vm, vlib_node_runtime_t * node, VLIB_NODE_FN (ip6_local_node) (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame) { - return ip6_local_inline (vm, node, frame, 1 /* head of feature arc */ ); + return ip6_local_inline (vm, node, frame, 1 /* head of feature arc */, + 0 /* ip6_local_inline */); } -/* *INDENT-OFF* */ VLIB_REGISTER_NODE (ip6_local_node) = { .name = "ip6-local", @@ -1648,16 +1671,29 @@ VLIB_REGISTER_NODE (ip6_local_node) = [IP_LOCAL_NEXT_REASSEMBLY] = "ip6-full-reassembly", }, }; -/* *INDENT-ON* */ + +VLIB_NODE_FN (ip6_receive_local_node) +(vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *frame) +{ + return ip6_local_inline (vm, node, frame, 1 /* head of feature arc */, + 1 /* is_receive_dpo */); +} + +VLIB_REGISTER_NODE (ip6_receive_local_node) = { + .name = "ip6-receive", + .vector_size = sizeof (u32), + .format_trace = format_ip6_forward_next_trace, + .sibling_of = "ip6-local" +}; VLIB_NODE_FN (ip6_local_end_of_arc_node) (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame) { - return ip6_local_inline (vm, node, frame, 0 /* head of feature arc */ ); + return ip6_local_inline (vm, node, frame, 0 /* head of feature arc */, + 0 /* ip6_local_inline */); } -/* *INDENT-OFF* */ VLIB_REGISTER_NODE (ip6_local_end_of_arc_node) = { .name = "ip6-local-end-of-arc", .vector_size = sizeof (u32), @@ -1671,7 +1707,6 @@ VNET_FEATURE_INIT (ip6_local_end_of_arc, static) = { .node_name = "ip6-local-end-of-arc", .runs_before = 0, /* not before any other features */ }; -/* *INDENT-ON* */ #ifdef CLIB_MARCH_VARIANT extern vlib_node_registration_t ip6_local_node; diff --git a/src/vnet/tcp/tcp_inlines.h b/src/vnet/tcp/tcp_inlines.h index dfdf801d0ab..e82f308d9b8 100644 --- a/src/vnet/tcp/tcp_inlines.h +++ b/src/vnet/tcp/tcp_inlines.h @@ -237,6 +237,13 @@ tcp_input_lookup_buffer (vlib_buffer_t * b, u8 thread_index, u32 * error, tcp_header_t *tcp; u8 result = 0; + /* Set the sw_if_index[VLIB_RX] to the interface we received + * the connection on (the local interface) */ + vnet_buffer (b)->sw_if_index[VLIB_RX] = + vnet_buffer (b)->ip.rx_sw_if_index != ~0 ? + vnet_buffer (b)->ip.rx_sw_if_index : + vnet_buffer (b)->sw_if_index[VLIB_RX]; + if (is_ip4) { ip4_header_t *ip4 = vlib_buffer_get_current (b); -- cgit 1.2.3-korg