2 * Copyright (c) 2017 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
17 #include <vlibapi/api.h>
18 #include <vlibmemory/api.h>
20 #include <vlib/vlib.h>
21 #include <vnet/vnet.h>
23 /* define message IDs */
24 #include <dns/dns.api_enum.h>
25 #include <dns/dns.api_types.h>
27 #include <vlibapi/api_helper_macros.h>
30 vnet_dns_response_to_reply (u8 * response,
31 vl_api_dns_resolve_name_reply_t * rmp,
34 vnet_dns_response_to_name (u8 * response,
35 vl_api_dns_resolve_ip_reply_t * rmp,
39 resolve_event (vlib_main_t * vm, dns_main_t * dm, f64 now, u8 * reply)
41 dns_pending_request_t *pr;
44 dns_cache_entry_t *ep;
53 d = (dns_header_t *) reply;
54 flags = clib_net_to_host_u16 (d->flags);
55 rcode = flags & DNS_RCODE_MASK;
57 /* $$$ u16 limits cache to 65K entries, fix later multiple dst ports */
58 pool_index = clib_net_to_host_u16 (d->id);
59 dns_cache_lock (dm, 10);
61 if (pool_is_free_index (dm->entries, pool_index))
65 clib_warning ("pool index %d is free", pool_index);
66 vlib_node_increment_counter (vm, dns46_reply_node.index,
67 DNS46_REPLY_ERROR_NO_ELT, 1);
68 dns_cache_unlock (dm);
72 ep = pool_elt_at_index (dm->entries, pool_index);
75 vec_free (ep->dns_response);
77 /* Handle [sic] recursion AKA CNAME indirection */
78 rv = vnet_dns_cname_indirection_nolock (vm, dm, pool_index, reply);
80 /* CNAME found, further resolution pending, we're done here */
83 dns_cache_unlock (dm);
86 /* Server backfire: refused to answer, or sent zero replies */
89 /* Try a different server */
90 if (ep->server_af /* ip6 */ )
93 clib_warning ("Server %U failed to resolve '%s'",
95 dm->ip6_name_servers + ep->server_rotor, ep->name);
96 /* Any more servers to try? */
97 if (ep->server_fails > 1 || vec_len (dm->ip6_name_servers) <= 1)
99 /* No, tell the client to go away */
105 if (ep->server_rotor >= vec_len (dm->ip6_name_servers))
106 ep->server_rotor = 0;
108 clib_warning ("Try server %U", format_ip6_address,
109 dm->ip6_name_servers + ep->server_rotor);
110 vnet_dns_send_dns6_request
111 (vm, dm, ep, dm->ip6_name_servers + ep->server_rotor);
116 clib_warning ("Server %U failed to resolve '%s'",
118 dm->ip4_name_servers + ep->server_rotor, ep->name);
120 if (ep->server_fails > 1 || vec_len (dm->ip4_name_servers) <= 1)
122 /* No, tell the client to go away */
128 if (ep->server_rotor >= vec_len (dm->ip4_name_servers))
129 ep->server_rotor = 0;
131 clib_warning ("Try server %U", format_ip4_address,
132 dm->ip4_name_servers + ep->server_rotor);
133 vnet_dns_send_dns4_request
134 (vm, dm, ep, dm->ip4_name_servers + ep->server_rotor);
136 dns_cache_unlock (dm);
141 /* Save the response */
142 ep->dns_response = reply;
145 * Pick a sensible default cache entry expiration time.
146 * We don't play the 10-second timeout game.
148 ep->expiration_time = now + 600.0;
151 clib_warning ("resolving '%s', was %s valid",
152 ep->name, (ep->flags & DNS_CACHE_ENTRY_FLAG_VALID) ?
155 * The world is a mess. A single DNS request sent to e.g. 8.8.8.8
156 * may yield multiple, subtly different responses - all with the same
157 * DNS protocol-level ID.
159 * Last response wins in terms of what ends up in the cache.
160 * First response wins in terms of the response sent to the client.
163 /* Strong hint that we may not find a pending resolution entry */
164 entry_was_valid = (ep->flags & DNS_CACHE_ENTRY_FLAG_VALID) ? 1 : 0;
166 if (vec_len (ep->dns_response))
167 ep->flags |= DNS_CACHE_ENTRY_FLAG_VALID;
169 /* Most likely, send 1 message */
170 for (i = 0; i < vec_len (ep->pending_requests); i++)
172 vl_api_registration_t *regp;
174 pr = vec_elt_at_index (ep->pending_requests, i);
176 switch (pr->request_type)
178 case DNS_API_PENDING_NAME_TO_IP:
180 vl_api_dns_resolve_name_reply_t *rmp;
181 regp = vl_api_client_index_to_registration (pr->client_index);
185 rmp = vl_msg_api_alloc (sizeof (*rmp));
187 clib_host_to_net_u16 (VL_API_DNS_RESOLVE_NAME_REPLY
189 rmp->context = pr->client_context;
191 rv = vnet_dns_response_to_reply (ep->dns_response, rmp, &min_ttl);
193 ep->expiration_time = now + min_ttl;
194 rmp->retval = clib_host_to_net_u32 (rv);
195 vl_api_send_msg (regp, (u8 *) rmp);
199 case DNS_API_PENDING_IP_TO_NAME:
201 vl_api_dns_resolve_ip_reply_t *rmp;
203 regp = vl_api_client_index_to_registration (pr->client_index);
207 rmp = vl_msg_api_alloc (sizeof (*rmp));
209 clib_host_to_net_u16 (VL_API_DNS_RESOLVE_IP_REPLY
211 rmp->context = pr->client_context;
213 rv = vnet_dns_response_to_name (ep->dns_response, rmp, &min_ttl);
215 ep->expiration_time = now + min_ttl;
216 rmp->retval = clib_host_to_net_u32 (rv);
217 vl_api_send_msg (regp, (u8 *) rmp);
221 case DNS_PEER_PENDING_IP_TO_NAME:
222 case DNS_PEER_PENDING_NAME_TO_IP:
224 vnet_send_dns6_reply (vm, dm, pr, ep, 0 /* allocate a buffer */ );
226 vnet_send_dns4_reply (vm, dm, pr, ep, 0 /* allocate a buffer */ );
229 clib_warning ("request type %d unknown", pr->request_type);
233 vec_free (ep->pending_requests);
236 for (i = 0; i < vec_len (dm->unresolved_entries); i++)
238 if (dm->unresolved_entries[i] == pool_index)
240 vec_delete (dm->unresolved_entries, 1, i);
245 /* See multiple response comment above... */
246 if (remove_count == 0)
248 u32 error_code = entry_was_valid ? DNS46_REPLY_ERROR_MULTIPLE_REPLY :
249 DNS46_REPLY_ERROR_NO_UNRESOLVED_ENTRY;
251 vlib_node_increment_counter (vm, dns46_reply_node.index, error_code, 1);
252 dns_cache_unlock (dm);
256 /* Deal with bogus names, server issues, etc. */
260 case DNS_RCODE_NO_ERROR:
263 case DNS_RCODE_SERVER_FAILURE:
264 case DNS_RCODE_NOT_IMPLEMENTED:
265 case DNS_RCODE_REFUSED:
266 if (ep->server_af == 0)
267 clib_warning ("name server %U can't resolve '%s'",
269 dm->ip4_name_servers + ep->server_rotor, ep->name);
271 clib_warning ("name server %U can't resolve '%s'",
273 dm->ip6_name_servers + ep->server_rotor, ep->name);
275 case DNS_RCODE_NAME_ERROR:
276 case DNS_RCODE_FORMAT_ERROR:
277 /* remove trash from the cache... */
278 vnet_dns_delete_entry_by_index_nolock (dm, ep - dm->entries);
283 dns_cache_unlock (dm);
288 retry_scan (vlib_main_t * vm, dns_main_t * dm, f64 now)
291 dns_cache_entry_t *ep;
293 for (i = 0; i < vec_len (dm->unresolved_entries); i++)
295 dns_cache_lock (dm, 11);
296 ep = pool_elt_at_index (dm->entries, dm->unresolved_entries[i]);
298 ASSERT ((ep->flags & DNS_CACHE_ENTRY_FLAG_VALID) == 0);
299 vnet_send_dns_request (vm, dm, ep);
300 dns_cache_unlock (dm);
305 dns_resolver_process (vlib_main_t * vm,
306 vlib_node_runtime_t * rt, vlib_frame_t * f)
308 dns_main_t *dm = &dns_main;
310 f64 timeout = 1000.0;
311 uword *event_data = 0;
317 vlib_process_wait_for_event_or_clock (vm, timeout);
319 now = vlib_time_now (vm);
321 event_type = vlib_process_get_events (vm, (uword **) & event_data);
325 /* Send one of these when a resolution is pending */
326 case DNS_RESOLVER_EVENT_PENDING:
330 case DNS_RESOLVER_EVENT_RESOLVED:
331 for (i = 0; i < vec_len (event_data); i++)
332 resolve_event (vm, dm, now, (u8 *) event_data[i]);
335 case ~0: /* timeout */
336 retry_scan (vm, dm, now);
339 vec_reset_length (event_data);
341 /* No work? Back to slow timeout mode... */
342 if (vec_len (dm->unresolved_entries) == 0)
345 return 0; /* or not */
349 vnet_dns_create_resolver_process (vlib_main_t * vm, dns_main_t * dm)
351 /* Already created the resolver process? */
352 if (dm->resolver_process_node_index > 0)
355 /* No, create it now and make a note of the node index */
356 dm->resolver_process_node_index = vlib_process_create
357 (vm, "dns-resolver-process",
358 dns_resolver_process, 16 /* log2_n_stack_bytes */ );
362 * fd.io coding-style-patch-verification: ON
365 * eval: (c-set-style "gnu")