/* * l2_input.c : layer 2 input packet processing * * Copyright (c) 2013 Cisco and/or its affiliates. * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at: * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include /** * @file * @brief Interface Input Mode (Layer 2 Cross-Connect or Bridge / Layer 3). * * This file contains the CLI Commands that modify the input mode of an * interface. For interfaces in a Layer 2 cross-connect, all packets * received on one interface will be transmitted to the other. For * interfaces in a bridge-domain, packets will be forwarded to other * interfaces in the same bridge-domain based on destination mac address. * For interfaces in Layer 3 mode, the packets will be routed. */ typedef struct { /* per-pkt trace data */ u8 dst_and_src[12]; u32 sw_if_index; u32 feat_mask; } l2input_trace_t; /* packet trace format function */ static u8 * format_l2input_trace (u8 * s, va_list * args) { CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *); CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *); l2input_trace_t *t = va_arg (*args, l2input_trace_t *); s = format (s, "l2-input: sw_if_index %d dst %U src %U [%U]", t->sw_if_index, format_ethernet_address, t->dst_and_src, format_ethernet_address, t->dst_and_src + 6, format_l2_input_feature_bitmap, t->feat_mask, 0); return s; } extern l2input_main_t l2input_main; #ifndef CLIB_MARCH_VARIANT l2input_main_t l2input_main; #endif /* CLIB_MARCH_VARIANT */ #define foreach_l2input_error \ _(L2INPUT, "L2 input packets") \ _(DROP, "L2 input drops") typedef enum { #define _(sym,str) L2INPUT_ERROR_##sym, foreach_l2input_error #undef _ L2INPUT_N_ERROR, } l2input_error_t; static char *l2input_error_strings[] = { #define _(sym,string) string, foreach_l2input_error #undef _ }; typedef enum { /* */ L2INPUT_NEXT_LEARN, L2INPUT_NEXT_FWD, L2INPUT_NEXT_DROP, L2INPUT_N_NEXT, } l2input_next_t; static_always_inline void classify_and_dispatch (l2input_main_t * msm, vlib_buffer_t * b0, u16 * next0) { /* * Load L2 input feature struct * Load bridge domain struct * Parse ethernet header to determine unicast/mcast/broadcast * take L2 input stat * classify packet as IP/UDP/TCP, control, other * mask feature bitmap * go to first node in bitmap * Later: optimize VTM * * For L2XC, * set tx sw-if-handle */ u32 feat_mask = ~0; u32 sw_if_index0 = vnet_buffer (b0)->sw_if_index[VLIB_RX]; ethernet_header_t *h0 = vlib_buffer_get_current (b0); /* Get config for the input interface */ l2_input_config_t *config = vec_elt_at_index (msm->configs, sw_if_index0); /* Save split horizon group */ vnet_buffer (b0)->l2.shg = config->shg; /* determine layer2 kind for stat and mask */ if (PREDICT_FALSE (ethernet_address_cast (h0->dst_address))) { u8 *l3h0 = (u8 *) h0 + vnet_buffer (b0)->l2.l2_len; #define get_u16(addr) ( *((u16 *)(addr)) ) u16 ethertype = clib_net_to_host_u16 (get_u16 (l3h0 - 2)); u8 protocol = ((ip6_header_t *) l3h0)->protocol; /* Disable bridge forwarding (flooding will execute instead if not xconnect) */ feat_mask &= ~(L2INPUT_FEAT_FWD | L2INPUT_FEAT_UU_FLOOD | L2INPUT_FEAT_UU_FWD); if (ethertype != ETHERNET_TYPE_ARP) feat_mask &= ~(L2INPUT_FEAT_ARP_UFWD); /* Disable ARP-term for non-ARP and non-ICMP6 packet */ if (ethertype != ETHERNET_TYPE_ARP && (ethertype != ETHERNET_TYPE_IP6 || protocol != IP_PROTOCOL_ICMP6)) feat_mask &= ~(L2INPUT_FEAT_ARP_TERM); /* * For packet from BVI - set SHG of ARP request or ICMPv6 neighbor * solicitation packet from BVI to 0 so it can also flood to VXLAN * tunnels or other ports with the same SHG as that of the BVI. */ else if (PREDICT_FALSE (vnet_buffer (b0)->sw_if_index[VLIB_TX] == L2INPUT_BVI)) { if (ethertype == ETHERNET_TYPE_ARP) { ethernet_arp_header_t *arp0 = (ethernet_arp_header_t *) l3h0; if (arp0->opcode == clib_host_to_net_u16 (ETHERNET_ARP_OPCODE_request)) vnet_buffer (b0)->l2.shg = 0; } else /* must be ICMPv6 */ { ip6_header_t *iph0 = (ip6_header_t *) l3h0; icmp6_neighbor_solicitation_or_advertisement_header_t *ndh0; ndh0 = ip6_next_header (iph0); if (ndh0->icmp.type == ICMP6_neighbor_solicitation) vnet_buffer (b0)->l2.shg = 0; } } } else { /* * For packet from BVI - set SHG of unicast packet from BVI to 0 so it * is not dropped on output to VXLAN tunnels or other ports with the * same SHG as that of the BVI. */ if (PREDICT_FALSE (vnet_buffer (b0)->sw_if_index[VLIB_TX] == L2INPUT_BVI)) vnet_buffer (b0)->l2.shg = 0; } if (l2_input_is_bridge (config)) { /* Do bridge-domain processing */ /* save BD ID for next feature graph nodes */ vnet_buffer (b0)->l2.bd_index = config->bd_index; /* Save bridge domain and interface seq_num */ vnet_buffer (b0)->l2.l2fib_sn = l2_fib_mk_seq_num (confi