2 * ct6.c - skeleton vpp engine plug-in
4 * Copyright (c) <current-year> <your-organization>
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
18 #include <vnet/vnet.h>
19 #include <vnet/plugin/plugin.h>
22 #include <vlibapi/api.h>
23 #include <vlibmemory/api.h>
24 #include <vpp/app/version.h>
26 /* define message IDs */
27 #include <ct6/ct6_msg_enum.h>
29 /* define message structures */
31 #include <ct6/ct6_all_api_h.h>
34 /* define generated endian-swappers */
36 #include <ct6/ct6_all_api_h.h>
39 /* instantiate all the print functions we know about */
40 #define vl_print(handle, ...) vlib_cli_output (handle, __VA_ARGS__)
42 #include <ct6/ct6_all_api_h.h>
45 /* Get the API version number */
46 #define vl_api_version(n,v) static u32 api_version=(v);
47 #include <ct6/ct6_all_api_h.h>
50 #define REPLY_MSG_ID_BASE cmp->msg_id_base
51 #include <vlibapi/api_helper_macros.h>
55 /* List of message types that this plugin understands */
57 #define foreach_ct6_plugin_api_msg \
58 _(CT6_ENABLE_DISABLE, ct6_enable_disable)
60 /* Action function shared between message handler and debug CLI */
63 ct6_feature_init (ct6_main_t * cmp)
65 u32 nworkers = vlib_num_workers ();
67 if (cmp->feature_initialized)
70 clib_bihash_init_48_8 (&cmp->session_hash, "ct6 session table",
71 cmp->session_hash_buckets, cmp->session_hash_memory);
72 cmp->feature_initialized = 1;
73 vec_validate (cmp->sessions, nworkers);
74 vec_validate_init_empty (cmp->first_index, nworkers, ~0);
75 vec_validate_init_empty (cmp->last_index, nworkers, ~0);
79 ct6_in2out_enable_disable (ct6_main_t * cmp, u32 sw_if_index,
82 vnet_sw_interface_t *sw;
85 ct6_feature_init (cmp);
88 if (pool_is_free_index (cmp->vnet_main->interface_main.sw_interfaces,
90 return VNET_API_ERROR_INVALID_SW_IF_INDEX;
92 /* Not a physical port? */
93 sw = vnet_get_sw_interface (cmp->vnet_main, sw_if_index);
94 if (sw->type != VNET_SW_INTERFACE_TYPE_HARDWARE)
95 return VNET_API_ERROR_INVALID_SW_IF_INDEX;
97 vnet_feature_enable_disable ("interface-output", "ct6-in2out",
98 sw_if_index, enable_disable, 0, 0);
104 ct6_out2in_enable_disable (ct6_main_t * cmp, u32 sw_if_index,
107 vnet_sw_interface_t *sw;
110 ct6_feature_init (cmp);
113 if (pool_is_free_index (cmp->vnet_main->interface_main.sw_interfaces,
115 return VNET_API_ERROR_INVALID_SW_IF_INDEX;
117 /* Not a physical port? */
118 sw = vnet_get_sw_interface (cmp->vnet_main, sw_if_index);
119 if (sw->type != VNET_SW_INTERFACE_TYPE_HARDWARE)
120 return VNET_API_ERROR_INVALID_SW_IF_INDEX;
122 vnet_feature_enable_disable ("ip6-unicast", "ct6-out2in",
123 sw_if_index, enable_disable, 0, 0);
128 static clib_error_t *
129 set_ct6_enable_disable_command_fn (vlib_main_t * vm,
130 unformat_input_t * input,
131 vlib_cli_command_t * cmd)
133 ct6_main_t *cmp = &ct6_main;
134 u32 sw_if_index = ~0;
135 int enable_disable = 1;
139 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
141 if (unformat (input, "disable"))
143 else if (unformat (input, "%U", unformat_vnet_sw_interface,
144 cmp->vnet_main, &sw_if_index))
146 else if (unformat (input, "inside") || unformat (input, "in"))
148 else if (unformat (input, "outside") || unformat (input, "out"))
155 return clib_error_return (0, "Please specify inside or outside");
157 if (sw_if_index == ~0)
158 return clib_error_return (0, "Please specify an interface...");
161 rv = ct6_in2out_enable_disable (cmp, sw_if_index, enable_disable);
163 rv = ct6_out2in_enable_disable (cmp, sw_if_index, enable_disable);
170 case VNET_API_ERROR_INVALID_SW_IF_INDEX:
171 return clib_error_return
172 (0, "Invalid interface, only works on physical ports");
176 return clib_error_return (0, "ct6_enable_disable returned %d", rv);
182 VLIB_CLI_COMMAND (set_ct6_command, static) =
186 "set ct6 [inside|outside] <interface-name> [disable]",
187 .function = set_ct6_enable_disable_command_fn,
191 /* API message handler */
192 static void vl_api_ct6_enable_disable_t_handler
193 (vl_api_ct6_enable_disable_t * mp)
195 vl_api_ct6_enable_disable_reply_t *rmp;
196 ct6_main_t *cmp = &ct6_main;
199 VALIDATE_SW_IF_INDEX (mp);
202 rv = ct6_in2out_enable_disable (cmp, ntohl (mp->sw_if_index),
203 (int) (mp->enable_disable));
205 rv = ct6_out2in_enable_disable (cmp, ntohl (mp->sw_if_index),
206 (int) (mp->enable_disable));
208 BAD_SW_IF_INDEX_LABEL;
209 REPLY_MACRO (VL_API_CT6_ENABLE_DISABLE_REPLY);
212 /* Set up the API message handling tables */
213 static clib_error_t *
214 ct6_plugin_api_hookup (vlib_main_t * vm)
216 ct6_main_t *cmp = &ct6_main;
218 vl_msg_api_set_handlers((VL_API_##N + cmp->msg_id_base), \
220 vl_api_##n##_t_handler, \
222 vl_api_##n##_t_endian, \
223 vl_api_##n##_t_print, \
224 sizeof(vl_api_##n##_t), 1);
225 foreach_ct6_plugin_api_msg;
231 #define vl_msg_name_crc_list
232 #include <ct6/ct6_all_api_h.h>
233 #undef vl_msg_name_crc_list
236 setup_message_id_table (ct6_main_t * cmp, api_main_t * am)
238 #define _(id,n,crc) vl_msg_api_add_msg_name_crc (am, #n "_" #crc, id + cmp->msg_id_base);
239 foreach_vl_msg_name_crc_ct6;
243 static clib_error_t *
244 ct6_init (vlib_main_t * vm)
246 ct6_main_t *cmp = &ct6_main;
247 clib_error_t *error = 0;
251 cmp->vnet_main = vnet_get_main ();
253 name = format (0, "ct6_%08x%c", api_version, 0);
255 /* Ask for a correctly-sized block of API message decode slots */
256 cmp->msg_id_base = vl_msg_api_get_msg_ids
257 ((char *) name, VL_MSG_FIRST_AVAILABLE);
259 error = ct6_plugin_api_hookup (vm);
261 /* Add our API messages to the global name_crc hash table */
262 setup_message_id_table (cmp, &api_main);
267 * Set default parameters...
270 * 2 minute inactivity timer
271 * 10000 concurrent sessions
273 cmp->session_hash_memory = 16ULL << 20;
274 cmp->session_hash_buckets = 64 << 10;
275 cmp->session_timeout_interval = 120.0;
276 cmp->max_sessions_per_worker = 10000;
278 /* ... so the packet generator can feed the in2out node ... */
279 ethernet_setup_node (vm, ct6_in2out_node.index);
283 VLIB_INIT_FUNCTION (ct6_init);
286 VNET_FEATURE_INIT (ct6out2in, static) =
288 .arc_name = "ip6-unicast",
289 .node_name = "ct6-out2in",
290 .runs_before = VNET_FEATURES ("ip6-lookup"),
295 VNET_FEATURE_INIT (ct6in2out, static) =
297 .arc_name = "interface-output",
298 .node_name = "ct6-in2out",
299 .runs_before = VNET_FEATURES ("interface-tx"),
304 VLIB_PLUGIN_REGISTER () =
306 .version = VPP_BUILD_VER,
307 .description = "IPv6 Connection Tracker",
312 format_ct6_session (u8 * s, va_list * args)
314 ct6_main_t *cmp = va_arg (*args, ct6_main_t *);
315 int i = va_arg (*args, int);
316 ct6_session_t *s0 = va_arg (*args, ct6_session_t *);
317 int verbose = va_arg (*args, int);
318 clib_bihash_kv_48_8_t kvp0;
322 s = format (s, "\n%6s%6s%40s%6s%40s%6s",
323 "Sess", "Prot", "Src", "Sport", "Dst", "Dport");
327 s = format (s, "\n%6d%6d%40U%6u%40U%6u",
328 s0 - cmp->sessions[i], s0->key.proto,
329 format_ip6_address, &s0->key.src,
330 clib_net_to_host_u16 (s0->key.sport),
331 format_ip6_address, &s0->key.dst,
332 clib_net_to_host_u16 (s0->key.dport));
334 clib_memcpy_fast (&kvp0, s0, sizeof (ct6_session_key_t));
336 if (clib_bihash_search_48_8 (&cmp->session_hash, &kvp0, &kvp0) < 0)
338 s = format (s, " LOOKUP FAIL!");
342 if (kvp0.value == s0 - cmp->sessions[s0->thread_index])
344 s = format (s, " OK");
347 s = format (s, " next %d prev %d", s0->next_index,
349 s = format (s, " hits %d expires %.2f", s0->hits, s0->expires);
353 s = format (s, " BOGUS LOOKUP RESULT!");
359 static clib_error_t *
360 show_ct6_command_fn_command_fn (vlib_main_t * vm,
361 unformat_input_t * input,
362 vlib_cli_command_t * cmd)
364 ct6_main_t *cmp = &ct6_main;
370 if (!cmp->feature_initialized)
371 return clib_error_return (0, "ip6 connection tracking not enabled...");
373 if (unformat (input, "verbose %d", &verbose))
375 else if (unformat (input, "verbose"))
378 for (i = 0; i < vec_len (cmp->sessions); i++)
380 s = format (s, "Thread %d: %d sessions\n", i,
381 pool_elts (cmp->sessions[i]));
387 format (s, "%U", format_ct6_session, cmp,
388 0 /* pool */ , 0 /* header */ , verbose);
391 pool_foreach (s0, cmp->sessions[i],
393 s = format (s, "%U", format_ct6_session, cmp, i, s0, verbose);
397 vlib_cli_output (cmp->vlib_main, "%v", s);
403 VLIB_CLI_COMMAND (show_ct6_command_fn_command, static) =
405 .path = "show ip6 connection-tracker",
406 .short_help = "show ip6 connection-tracker",
407 .function = show_ct6_command_fn_command_fn,
412 increment_v6_address (ip6_address_t * a)
416 v0 = clib_net_to_host_u64 (a->as_u64[0]);
417 v1 = clib_net_to_host_u64 (a->as_u64[1]);
422 a->as_u64[0] = clib_net_to_host_u64 (v0);
423 a->as_u64[1] = clib_net_to_host_u64 (v1);
427 static clib_error_t *
428 test_ct6_command_fn_command_fn (vlib_main_t * vm,
429 unformat_input_t * input,
430 vlib_cli_command_t * cmd)
432 ct6_main_t *cmp = &ct6_main;
433 clib_bihash_kv_48_8_t kvp0;
434 ct6_session_key_t *key0;
437 u32 recycled = 0, created = 0;
438 int i, num_sessions = 5;
442 cmp->max_sessions_per_worker = 4;
444 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
446 if (unformat (input, "num-sessions %d", &num_sessions))
450 (input, "max-sessions %d", &cmp->max_sessions_per_worker))
456 ct6_feature_init (cmp);
458 /* Set up starting src/dst addresses */
459 memset (src, 0, sizeof (src));
460 memset (dst, 0, sizeof (dst));
469 * See if we know about this flow.
470 * Key set up for the out2in path, the performant case
472 key0 = (ct6_session_key_t *) & kvp0;
473 memset (&kvp0, 0, sizeof (kvp0));
475 for (i = 0; i < num_sessions; i++)
477 clib_memcpy_fast (&key0->src, src, sizeof (src));
478 clib_memcpy_fast (&key0->dst, dst, sizeof (dst));
481 key0->sport = clib_host_to_net_u16 (1234);
482 key0->dport = clib_host_to_net_u16 (4321);
483 key0->proto = 17; /* udp, fwiw */
485 s0 = ct6_create_or_recycle_session
486 (cmp, &kvp0, 3.0 /* now */ , 0 /* thread index */ ,
487 &recycled, &created);
489 s = format (s, "%U (%d, %d)", format_ct6_session, cmp,
490 0 /* thread index */ , s0, 1 /* verbose */ ,
492 vlib_cli_output (vm, "%v", s);
494 increment_v6_address ((ip6_address_t *) src);
500 pool_foreach (s0, cmp->sessions[0],
502 s = format (s, "%U", format_ct6_session, cmp, 0, s0, 1 /* verbose */);
506 vlib_cli_output (vm, "\nEnd state: first index %d last index %d\n%v",
507 cmp->first_index[0], cmp->last_index[0], s);
511 midpt_index = cmp->max_sessions_per_worker / 3;
513 s0 = pool_elt_at_index (cmp->sessions[0], midpt_index);
514 vlib_cli_output (vm, "\nSimulate LRU hit on session %d",
515 s0 - cmp->sessions[0]);
517 ct6_update_session_hit (cmp, s0, 234.0);
520 pool_foreach (s0, cmp->sessions[0],
522 s = format (s, "%U", format_ct6_session, cmp, 0, s0, 1 /* verbose */);
526 vlib_cli_output (vm, "\nEnd state: first index %d last index %d\n%v",
527 cmp->first_index[0], cmp->last_index[0], s);
535 VLIB_CLI_COMMAND (test_ct6_command_fn_command, static) =
537 .path = "test ip6 connection-tracker",
538 .short_help = "test ip6 connection-tracker",
539 .function = test_ct6_command_fn_command_fn,
543 static clib_error_t *
544 ct6_config (vlib_main_t * vm, unformat_input_t * input)
546 ct6_main_t *cmp = &ct6_main;
548 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
550 if (unformat (input, "session-hash-buckets %u",
551 &cmp->session_hash_buckets))
553 else if (unformat (input, "session-hash-memory %U",
554 unformat_memory_size, &cmp->session_hash_memory))
556 else if (unformat (input, "session-timeout %f",
557 &cmp->session_timeout_interval))
561 return clib_error_return (0, "unknown input '%U'",
562 format_unformat_error, input);
568 VLIB_CONFIG_FUNCTION (ct6_config, "ct6");
571 * fd.io coding-style-patch-verification: ON
574 * eval: (c-set-style "gnu")