2 * Copyright (c) 2018 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
16 #include <plugins/gbp/gbp_vxlan.h>
17 #include <plugins/gbp/gbp_itf.h>
18 #include <plugins/gbp/gbp_learn.h>
19 #include <plugins/gbp/gbp_bridge_domain.h>
20 #include <plugins/gbp/gbp_route_domain.h>
21 #include <plugins/gbp/gbp_sclass.h>
23 #include <vnet/vxlan-gbp/vxlan_gbp.h>
24 #include <vlibmemory/api.h>
25 #include <vnet/fib/fib_table.h>
28 * A reference to a VXLAN-GBP tunnel created as a child/dependent tunnel
29 * of the tempplate GBP-VXLAN tunnel
31 typedef struct vxlan_tunnel_ref_t_
37 gbp_vxlan_tunnel_layer_t vxr_layer;
48 vlib_log_class_t gt_logger;
51 * Pool of template tunnels
53 gbp_vxlan_tunnel_t *gbp_vxlan_tunnel_pool;
56 * Pool of child tunnels
58 vxlan_tunnel_ref_t *vxlan_tunnel_ref_pool;
61 * DB of template interfaces by SW interface index
63 index_t *gbp_vxlan_tunnel_db;
66 * DB of child interfaces by SW interface index
68 index_t *vxlan_tunnel_ref_db;
71 static char *gbp_vxlan_tunnel_layer_strings[] = {
72 #define _(n,s) [GBP_VXLAN_TUN_##n] = s,
73 forecah_gbp_vxlan_tunnel_layer
77 #define GBP_VXLAN_TUN_DBG(...) \
78 vlib_log_debug (gt_logger, __VA_ARGS__);
83 gbp_vxlan_tunnel_get (index_t gti)
85 return (pool_elt_at_index (gbp_vxlan_tunnel_pool, gti));
88 static vxlan_tunnel_ref_t *
89 vxlan_tunnel_ref_get (index_t vxri)
91 return (pool_elt_at_index (vxlan_tunnel_ref_pool, vxri));
95 format_vxlan_tunnel_ref (u8 * s, va_list * args)
97 index_t vxri = va_arg (*args, u32);
98 vxlan_tunnel_ref_t *vxr;
100 vxr = vxlan_tunnel_ref_get (vxri);
102 s = format (s, "[%U locks:%d]", format_vnet_sw_if_index_name,
103 vnet_get_main (), vxr->vxr_sw_if_index, vxr->vxr_locks);
109 gdb_vxlan_dep_add (gbp_vxlan_tunnel_t * gt,
110 const ip46_address_t * src, const ip46_address_t * dst)
112 vnet_vxlan_gbp_tunnel_add_del_args_t args = {
114 .is_ip6 = !ip46_address_is_ip4 (src),
119 .mode = (GBP_VXLAN_TUN_L2 == gt->gt_layer ?
120 VXLAN_GBP_TUNNEL_MODE_L2 : VXLAN_GBP_TUNNEL_MODE_L3),
122 vxlan_tunnel_ref_t *vxr;
128 rv = vnet_vxlan_gbp_tunnel_add_del (&args, &sw_if_index);
130 if (VNET_API_ERROR_TUNNEL_EXIST == rv)
132 vxri = vxlan_tunnel_ref_db[sw_if_index];
134 vxr = vxlan_tunnel_ref_get (vxri);
139 ASSERT (~0 != sw_if_index);
140 GBP_VXLAN_TUN_DBG ("add-dep:%U %U %U %d", format_vnet_sw_if_index_name,
141 vnet_get_main (), sw_if_index,
142 format_ip46_address, src, IP46_TYPE_ANY,
143 format_ip46_address, dst, IP46_TYPE_ANY, gt->gt_vni);
145 pool_get_zero (vxlan_tunnel_ref_pool, vxr);
147 vxri = (vxr - vxlan_tunnel_ref_pool);
148 vxr->vxr_parent = gt - gbp_vxlan_tunnel_pool;
149 vxr->vxr_sw_if_index = sw_if_index;
151 vxr->vxr_layer = gt->gt_layer;
154 * store the child both on the parent's list and the global DB
156 vec_add1 (gt->gt_tuns, vxri);
158 vec_validate_init_empty (vxlan_tunnel_ref_db,
159 vxr->vxr_sw_if_index, INDEX_INVALID);
160 vxlan_tunnel_ref_db[vxr->vxr_sw_if_index] = vxri;
162 if (GBP_VXLAN_TUN_L2 == vxr->vxr_layer)
164 l2output_feat_masks_t ofeat;
165 l2input_feat_masks_t ifeat;
166 gbp_bridge_domain_t *gbd;
168 gbd = gbp_bridge_domain_get (gt->gt_gbd);
169 vxr->vxr_itf = gbp_itf_add_and_lock (vxr->vxr_sw_if_index,
172 ofeat = (L2OUTPUT_FEAT_GBP_POLICY_MAC |
173 L2OUTPUT_FEAT_GBP_ID_2_SCLASS);
174 ifeat = L2INPUT_FEAT_GBP_SCLASS_2_ID;
176 if (!(gbd->gb_flags & GBP_BD_FLAG_DO_NOT_LEARN))
177 ifeat |= L2INPUT_FEAT_GBP_LEARN;
179 gbp_itf_set_l2_output_feature (vxr->vxr_itf,
180 vxr->vxr_sw_if_index, ofeat);
181 gbp_itf_set_l2_input_feature (vxr->vxr_itf,
182 vxr->vxr_sw_if_index, ifeat);
186 const gbp_route_domain_t *grd;
187 fib_protocol_t fproto;
189 grd = gbp_route_domain_get (gt->gt_grd);
191 FOR_EACH_FIB_IP_PROTOCOL (fproto)
192 ip_table_bind (fproto, vxr->vxr_sw_if_index,
193 grd->grd_table_id[fproto], 1);
195 gbp_learn_enable (vxr->vxr_sw_if_index, GBP_LEARN_MODE_L3);
196 gbp_sclass_enable_ip (vxr->vxr_sw_if_index);
200 return (sw_if_index);
204 vxlan_gbp_tunnel_get_parent (u32 sw_if_index)
206 ASSERT ((sw_if_index < vec_len (vxlan_tunnel_ref_db)) &&
207 (INDEX_INVALID != vxlan_tunnel_ref_db[sw_if_index]));
209 gbp_vxlan_tunnel_t *gt;
210 vxlan_tunnel_ref_t *vxr;
212 vxr = vxlan_tunnel_ref_get (vxlan_tunnel_ref_db[sw_if_index]);
213 gt = gbp_vxlan_tunnel_get (vxr->vxr_parent);
215 return (gt->gt_sw_if_index);
218 gbp_vxlan_tunnel_type_t
219 gbp_vxlan_tunnel_get_type (u32 sw_if_index)
221 if (sw_if_index < vec_len (vxlan_tunnel_ref_db) &&
222 INDEX_INVALID != vxlan_tunnel_ref_db[sw_if_index])
224 return (VXLAN_GBP_TUNNEL);
226 else if (sw_if_index < vec_len (gbp_vxlan_tunnel_db) &&
227 INDEX_INVALID != gbp_vxlan_tunnel_db[sw_if_index])
229 return (GBP_VXLAN_TEMPLATE_TUNNEL);
233 return (GBP_VXLAN_TEMPLATE_TUNNEL);
237 gbp_vxlan_tunnel_clone_and_lock (u32 sw_if_index,
238 const ip46_address_t * src,
239 const ip46_address_t * dst)
241 gbp_vxlan_tunnel_t *gt;
244 gti = gbp_vxlan_tunnel_db[sw_if_index];
246 if (INDEX_INVALID == gti)
249 gt = pool_elt_at_index (gbp_vxlan_tunnel_pool, gti);
251 return (gdb_vxlan_dep_add (gt, src, dst));
255 gdb_vxlan_dep_del (index_t vxri)
257 vxlan_tunnel_ref_t *vxr;
258 gbp_vxlan_tunnel_t *gt;
261 vxr = vxlan_tunnel_ref_get (vxri);
262 gt = gbp_vxlan_tunnel_get (vxr->vxr_parent);
264 GBP_VXLAN_TUN_DBG ("del-dep:%U", format_vxlan_tunnel_ref, vxri);
266 vxlan_tunnel_ref_db[vxr->vxr_sw_if_index] = INDEX_INVALID;
267 pos = vec_search (gt->gt_tuns, vxri);
270 vec_del1 (gt->gt_tuns, pos);
272 if (GBP_VXLAN_TUN_L2 == vxr->vxr_layer)
274 gbp_itf_set_l2_output_feature (vxr->vxr_itf, vxr->vxr_sw_if_index,
276 gbp_itf_set_l2_input_feature (vxr->vxr_itf, vxr->vxr_sw_if_index,
278 gbp_itf_unlock (vxr->vxr_itf);
282 fib_protocol_t fproto;
284 FOR_EACH_FIB_IP_PROTOCOL (fproto)
285 ip_table_bind (fproto, vxr->vxr_sw_if_index, 0, 0);
286 gbp_sclass_disable_ip (vxr->vxr_sw_if_index);
287 gbp_learn_disable (vxr->vxr_sw_if_index, GBP_LEARN_MODE_L3);
290 vnet_vxlan_gbp_tunnel_del (vxr->vxr_sw_if_index);
292 pool_put (vxlan_tunnel_ref_pool, vxr);
296 vxlan_gbp_tunnel_unlock (u32 sw_if_index)
298 vxlan_tunnel_ref_t *vxr;
301 vxri = vxlan_tunnel_ref_db[sw_if_index];
303 ASSERT (vxri != INDEX_INVALID);
305 vxr = vxlan_tunnel_ref_get (vxri);
308 if (0 == vxr->vxr_locks)
310 gdb_vxlan_dep_del (vxri);
315 vxlan_gbp_tunnel_lock (u32 sw_if_index)
317 vxlan_tunnel_ref_t *vxr;
320 vxri = vxlan_tunnel_ref_db[sw_if_index];
322 ASSERT (vxri != INDEX_INVALID);
324 vxr = vxlan_tunnel_ref_get (vxri);
329 gbp_vxlan_walk (gbp_vxlan_cb_t cb, void *ctx)
331 gbp_vxlan_tunnel_t *gt;
334 pool_foreach (gt, gbp_vxlan_tunnel_pool,
336 if (WALK_CONTINUE != cb(gt, ctx))
343 gbp_vxlan_tunnel_show_one (gbp_vxlan_tunnel_t * gt, void *ctx)
345 vlib_cli_output (ctx, "%U", format_gbp_vxlan_tunnel,
346 gt - gbp_vxlan_tunnel_pool);
348 return (WALK_CONTINUE);
352 format_gbp_vxlan_tunnel_name (u8 * s, va_list * args)
354 u32 dev_instance = va_arg (*args, u32);
356 return format (s, "gbp-vxlan-%d", dev_instance);
360 format_gbp_vxlan_tunnel_layer (u8 * s, va_list * args)
362 gbp_vxlan_tunnel_layer_t gl = va_arg (*args, gbp_vxlan_tunnel_layer_t);
363 s = format (s, "%s", gbp_vxlan_tunnel_layer_strings[gl]);
369 format_gbp_vxlan_tunnel (u8 * s, va_list * args)
371 u32 dev_instance = va_arg (*args, u32);
372 CLIB_UNUSED (int verbose) = va_arg (*args, int);
373 gbp_vxlan_tunnel_t *gt = gbp_vxlan_tunnel_get (dev_instance);
376 s = format (s, "GBP VXLAN tunnel: hw:%d sw:%d vni:%d %U",
377 gt->gt_hw_if_index, gt->gt_sw_if_index, gt->gt_vni,
378 format_gbp_vxlan_tunnel_layer, gt->gt_layer);
379 if (GBP_VXLAN_TUN_L2 == gt->gt_layer)
380 s = format (s, " BD:%d bd-index:%d", gt->gt_bd_rd_id, gt->gt_bd_index);
382 s = format (s, " RD:%d fib-index:[%d,%d]",
384 gt->gt_fib_index[FIB_PROTOCOL_IP4],
385 gt->gt_fib_index[FIB_PROTOCOL_IP6]);
387 s = format (s, " children:[");
388 vec_foreach (vxri, gt->gt_tuns)
390 s = format (s, "%U, ", format_vxlan_tunnel_ref, *vxri);
397 typedef struct gbp_vxlan_tx_trace_t_
400 } gbp_vxlan_tx_trace_t;
403 format_gbp_vxlan_tx_trace (u8 * s, va_list * args)
405 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
406 CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
407 gbp_vxlan_tx_trace_t *t = va_arg (*args, gbp_vxlan_tx_trace_t *);
409 s = format (s, "GBP-VXLAN: vni:%d", t->vni);
415 gbp_vxlan_interface_admin_up_down (vnet_main_t * vnm,
416 u32 hw_if_index, u32 flags)
418 vnet_hw_interface_t *hi;
421 hi = vnet_get_hw_interface (vnm, hw_if_index);
423 if (NULL == gbp_vxlan_tunnel_db ||
424 hi->sw_if_index >= vec_len (gbp_vxlan_tunnel_db))
427 ti = gbp_vxlan_tunnel_db[hi->sw_if_index];
430 /* not one of ours */
433 if (flags & VNET_SW_INTERFACE_FLAG_ADMIN_UP)
434 vnet_hw_interface_set_flags (vnm, hw_if_index,
435 VNET_HW_INTERFACE_FLAG_LINK_UP);
437 vnet_hw_interface_set_flags (vnm, hw_if_index, 0);
443 gbp_vxlan_interface_tx (vlib_main_t * vm,
444 vlib_node_runtime_t * node, vlib_frame_t * frame)
446 clib_warning ("you shouldn't be here, leaking buffers...");
447 return frame->n_vectors;
451 VNET_DEVICE_CLASS (gbp_vxlan_device_class) = {
452 .name = "GBP VXLAN tunnel-template",
453 .format_device_name = format_gbp_vxlan_tunnel_name,
454 .format_device = format_gbp_vxlan_tunnel,
455 .format_tx_trace = format_gbp_vxlan_tx_trace,
456 .admin_up_down_function = gbp_vxlan_interface_admin_up_down,
457 .tx_function = gbp_vxlan_interface_tx,
460 VNET_HW_INTERFACE_CLASS (gbp_vxlan_hw_interface_class) = {
462 .flags = VNET_HW_INTERFACE_CLASS_FLAG_P2P,
467 gbp_vxlan_tunnel_add (u32 vni, gbp_vxlan_tunnel_layer_t layer,
469 const ip4_address_t * src, u32 * sw_if_indexp)
471 gbp_vxlan_tunnel_t *gt;
477 p = hash_get (gv_db, vni);
479 GBP_VXLAN_TUN_DBG ("add: %d %d %d", vni, layer, bd_rd_id);
483 vnet_sw_interface_t *si;
484 vnet_hw_interface_t *hi;
488 gbi = grdi = INDEX_INVALID;
490 if (layer == GBP_VXLAN_TUN_L2)
492 gbi = gbp_bridge_domain_find_and_lock (bd_rd_id);
494 if (INDEX_INVALID == gbi)
496 return (VNET_API_ERROR_BD_NOT_MODIFIABLE);
501 grdi = gbp_route_domain_find_and_lock (bd_rd_id);
503 if (INDEX_INVALID == grdi)
505 return (VNET_API_ERROR_NO_SUCH_FIB);
509 vnm = vnet_get_main ();
510 pool_get (gbp_vxlan_tunnel_pool, gt);
511 gti = gt - gbp_vxlan_tunnel_pool;
514 gt->gt_layer = layer;
515 gt->gt_bd_rd_id = bd_rd_id;
516 gt->gt_src.ip4.as_u32 = src->as_u32;
517 gt->gt_hw_if_index = vnet_register_interface (vnm,
518 gbp_vxlan_device_class.index,
520 gbp_vxlan_hw_interface_class.index,
523 hi = vnet_get_hw_interface (vnm, gt->gt_hw_if_index);
525 gt->gt_sw_if_index = hi->sw_if_index;
527 /* don't flood packets in a BD to these interfaces */
528 si = vnet_get_sw_interface (vnm, gt->gt_sw_if_index);
529 si->flood_class = VNET_FLOOD_CLASS_NO_FLOOD;
531 if (layer == GBP_VXLAN_TUN_L2)
533 gbp_bridge_domain_t *gb;
535 gb = gbp_bridge_domain_get (gbi);
538 gt->gt_bd_index = gb->gb_bd_index;
540 /* set it up as a GBP interface */
541 gt->gt_itf = gbp_itf_add_and_lock (gt->gt_sw_if_index,
543 gbp_learn_enable (gt->gt_sw_if_index, GBP_LEARN_MODE_L2);
544 gbp_sclass_enable_l2 (gt->gt_sw_if_index);
548 gbp_route_domain_t *grd;
549 fib_protocol_t fproto;
551 grd = gbp_route_domain_get (grdi);
554 grd->grd_vni_sw_if_index = gt->gt_sw_if_index;
556 gbp_learn_enable (gt->gt_sw_if_index, GBP_LEARN_MODE_L3);
557 gbp_sclass_enable_ip (gt->gt_sw_if_index);
559 ip4_sw_interface_enable_disable (gt->gt_sw_if_index, 1);
560 ip6_sw_interface_enable_disable (gt->gt_sw_if_index, 1);
562 FOR_EACH_FIB_IP_PROTOCOL (fproto)
564 gt->gt_fib_index[fproto] = grd->grd_fib_index[fproto];
566 ip_table_bind (fproto, gt->gt_sw_if_index,
567 grd->grd_table_id[fproto], 1);
572 * save the tunnel by VNI and by sw_if_index
574 hash_set (gv_db, vni, gti);
576 vec_validate_init_empty (gbp_vxlan_tunnel_db,
577 gt->gt_sw_if_index, INDEX_INVALID);
578 gbp_vxlan_tunnel_db[gt->gt_sw_if_index] = gti;
581 *sw_if_indexp = gt->gt_sw_if_index;
583 vxlan_gbp_register_udp_ports ();
588 rv = VNET_API_ERROR_IF_ALREADY_EXISTS;
591 GBP_VXLAN_TUN_DBG ("add: %U", format_gbp_vxlan_tunnel, gti);
597 gbp_vxlan_tunnel_del (u32 vni)
599 gbp_vxlan_tunnel_t *gt;
602 p = hash_get (gv_db, vni);
608 vnm = vnet_get_main ();
609 gt = gbp_vxlan_tunnel_get (p[0]);
611 vxlan_gbp_unregister_udp_ports ();
613 GBP_VXLAN_TUN_DBG ("del: %U", format_gbp_vxlan_tunnel,
614 gt - gbp_vxlan_tunnel_pool);
616 gbp_endpoint_flush (GBP_ENDPOINT_SRC_DP, gt->gt_sw_if_index);
617 ASSERT (0 == vec_len (gt->gt_tuns));
618 vec_free (gt->gt_tuns);
620 if (GBP_VXLAN_TUN_L2 == gt->gt_layer)
622 gbp_learn_disable (gt->gt_sw_if_index, GBP_LEARN_MODE_L2);
623 gbp_sclass_disable_l2 (gt->gt_sw_if_index);
624 gbp_itf_unlock (gt->gt_itf);
625 gbp_bridge_domain_unlock (gt->gt_gbd);
629 fib_protocol_t fproto;
631 FOR_EACH_FIB_IP_PROTOCOL (fproto)
632 ip_table_bind (fproto, gt->gt_sw_if_index, 0, 0);
634 ip4_sw_interface_enable_disable (gt->gt_sw_if_index, 0);
635 ip6_sw_interface_enable_disable (gt->gt_sw_if_index, 0);
637 gbp_learn_disable (gt->gt_sw_if_index, GBP_LEARN_MODE_L3);
638 gbp_sclass_disable_ip (gt->gt_sw_if_index);
639 gbp_route_domain_unlock (gt->gt_grd);
642 vnet_sw_interface_set_flags (vnm, gt->gt_sw_if_index, 0);
643 vnet_delete_hw_interface (vnm, gt->gt_hw_if_index);
645 hash_unset (gv_db, vni);
646 gbp_vxlan_tunnel_db[gt->gt_sw_if_index] = INDEX_INVALID;
648 pool_put (gbp_vxlan_tunnel_pool, gt);
651 return VNET_API_ERROR_NO_SUCH_ENTRY;
656 static clib_error_t *
657 gbp_vxlan_show (vlib_main_t * vm,
658 unformat_input_t * input, vlib_cli_command_t * cmd)
660 gbp_vxlan_walk (gbp_vxlan_tunnel_show_one, vm);
666 * Show Group Based Policy VXLAN tunnels
669 * @cliexstart{show gbp vxlan}
673 VLIB_CLI_COMMAND (gbp_vxlan_show_node, static) = {
674 .path = "show gbp vxlan",
675 .short_help = "show gbp vxlan\n",
676 .function = gbp_vxlan_show,
680 static clib_error_t *
681 gbp_vxlan_init (vlib_main_t * vm)
684 vlib_node_t *node = vlib_get_node_by_name (vm, (u8 *) "gbp-vxlan4");
687 * insert ourselves into the VXLAN-GBP arc to collect the no-tunnel
690 slot4 = vlib_node_add_next_with_slot (vm,
691 vxlan4_gbp_input_node.index,
693 VXLAN_GBP_INPUT_NEXT_NO_TUNNEL);
694 ASSERT (slot4 == VXLAN_GBP_INPUT_NEXT_NO_TUNNEL);
696 /* slot6 = vlib_node_add_next_with_slot (vm, */
697 /* vxlan6_gbp_input_node.index, */
698 /* gbp_vxlan6_input_node.index, */
699 /* VXLAN_GBP_INPUT_NEXT_NO_TUNNEL); */
700 /* ASSERT (slot6 == VXLAN_GBP_INPUT_NEXT_NO_TUNNEL); */
702 gt_logger = vlib_log_register_class ("gbp", "tun");
707 VLIB_INIT_FUNCTION (gbp_vxlan_init);
710 * fd.io coding-style-patch-verification: ON
713 * eval: (c-set-style "gnu")