2 * Copyright (c) 2017 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
18 #include <vnet/plugin/plugin.h>
19 #include <vpp/app/version.h>
20 #include <vnet/ip/format.h>
21 #include <vnet/ethernet/packet.h>
22 #include <vnet/udp/udp.h>
23 #include <vnet/tcp/tcp.h>
26 static vlib_node_registration_t stn_ip4_punt;
27 static vlib_node_registration_t stn_ip6_punt;
29 static u8 stn_hw_addr_local[6] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x01};
30 static u8 stn_hw_addr_dst[6] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x02};
32 static ethernet_header_t stn_ip4_ethernet_header = {};
33 static ethernet_header_t stn_ip6_ethernet_header = {};
36 clib_bihash_kv_16_8_t kv;
37 } stn_ip46_punt_trace_t;
40 format_stn_rule (u8 * s, va_list * args)
42 stn_rule_t *r = va_arg (*args, stn_rule_t *);
43 stn_main_t *stn = &stn_main;
44 u32 indent = format_get_indent (s);
45 u32 node_index = ip46_address_is_ip4(&r->address)?stn_ip4_punt.index:stn_ip6_punt.index;
46 vlib_node_t *next_node = vlib_get_next_node(vlib_get_main(), node_index, r->next_node_index);
47 s = format (s, "rule_index: %d\n", r - stn->rules);
48 s = format (s, "%Uaddress: %U\n", format_white_space, indent,
49 format_ip46_address, &r->address, IP46_TYPE_ANY);
50 s = format (s, "%Uiface: %U (%d)\n", format_white_space, indent,
51 format_vnet_sw_if_index_name, vnet_get_main(), r->sw_if_index,
53 s = format (s, "%Unext_node: %s (%d)", format_white_space, indent,
54 next_node->name, next_node->index);
58 static_always_inline u8 *
59 format_stn_ip46_punt_trace (u8 * s, va_list * args, u8 is_ipv4)
61 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
62 CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
63 stn_ip46_punt_trace_t *t = va_arg (*args, stn_ip46_punt_trace_t *);
64 u32 indent = format_get_indent (s);
66 format (s, "dst_address: %U\n", format_ip46_address,
67 (ip46_address_t *)&t->kv.key, IP46_TYPE_ANY);
69 if (t->kv.value == ~(0L))
71 s = format (s, "%Urule: none", format_white_space, indent);
75 s = format (s, "%Urule:\n%U%U", format_white_space, indent,
76 format_white_space, indent + 2,
77 format_stn_rule, &stn_main.rules[t->kv.value]);
83 stn_punt_fn (vlib_main_t * vm,
84 vlib_node_runtime_t * node, vlib_frame_t * frame)
86 u32 n_left_from, *from, next_index, *to_next, n_left_to_next;
87 stn_main_t *stn = &stn_main;
89 from = vlib_frame_vector_args (frame);
90 n_left_from = frame->n_vectors;
91 next_index = node->cached_next_index;
93 while (n_left_from > 0)
95 vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
98 while (n_left_from > 0 && n_left_to_next > 0)
104 pi0 = to_next[0] = from[0];
110 p0 = vlib_get_buffer (vm, pi0);
113 * We are not guaranteed any particular layer here.
114 * So we need to reparse from the beginning of the packet.
115 * which may not start from zero with some DPDK drivers.
117 ip4_header_t *ip = vlib_buffer_get_current(p0);
118 if ((ip->ip_version_and_header_length & 0xf0) == 0x40)
121 int ethernet_header_offset = 0; /* to be filled by DPDK */
122 ethernet_header_t *eth = (ethernet_header_t *)(p0->data + ethernet_header_offset);
123 /* ensure the block current data starts at L3 boundary now for the subsequent nodes */
124 vlib_buffer_advance(p0, ethernet_header_offset + sizeof(ethernet_header_t) - p0->current_data);
125 if (clib_net_to_host_u16(eth->type) == ETHERNET_TYPE_IP4)
126 next0 = stn->punt_to_stn_ip4_next_index;
128 next0 = stn->punt_to_stn_ip6_next_index;
130 vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
131 n_left_to_next, pi0, next0);
133 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
141 } stn_ip_punt_next_t;
143 static_always_inline uword
144 stn_ip46_punt_fn (vlib_main_t * vm,
145 vlib_node_runtime_t * node, vlib_frame_t * frame,
148 u32 n_left_from, *from, next_index, *to_next, n_left_to_next;
149 stn_main_t *stn = &stn_main;
151 from = vlib_frame_vector_args (frame);
152 n_left_from = frame->n_vectors;
153 next_index = node->cached_next_index;
155 while (n_left_from > 0)
157 vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
160 while (n_left_from > 0 && n_left_to_next > 0)
164 clib_bihash_kv_16_8_t kv;
165 u32 next0 = STN_IP_PUNT_DROP;
167 pi0 = to_next[0] = from[0];
173 p0 = vlib_get_buffer (vm, pi0);
177 ip4_header_t *hdr = (ip4_header_t *) vlib_buffer_get_current(p0);
178 ip46_address_set_ip4((ip46_address_t *)kv.key, &hdr->dst_address);
182 ip6_header_t *hdr = (ip6_header_t *) vlib_buffer_get_current(p0);
183 kv.key[0] = hdr->dst_address.as_u64[0];
184 kv.key[1] = hdr->dst_address.as_u64[1];
188 clib_bihash_search_inline_16_8 (&stn->rule_by_address_table, &kv);
189 if (kv.value != ~(0L))
191 ethernet_header_t *eth;
192 stn_rule_t *r = &stn->rules[kv.value];
193 vnet_buffer(p0)->sw_if_index[VLIB_TX] = r->sw_if_index;
194 next0 = r->next_node_index;
195 vlib_buffer_advance(p0, -sizeof(*eth));
196 eth = (ethernet_header_t *) vlib_buffer_get_current(p0);
198 clib_memcpy(eth, &stn_ip4_ethernet_header, sizeof(*eth));
200 clib_memcpy(eth, &stn_ip6_ethernet_header, sizeof(*eth));
203 if (PREDICT_FALSE (p0->flags & VLIB_BUFFER_IS_TRACED))
205 stn_ip46_punt_trace_t *tr =
206 vlib_add_trace (vm, node, p0, sizeof (*tr));
210 vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
211 n_left_to_next, pi0, next0);
213 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
216 return frame->n_vectors;
220 #define foreach_stn_ip_punt_error \
224 #define _(sym,str) STN_IP_punt_ERROR_##sym,
225 foreach_stn_ip_punt_error
230 static char *stn_ip_punt_error_strings[] = {
231 #define _(sym,string) string,
232 foreach_stn_ip_punt_error
237 format_stn_ip6_punt_trace (u8 * s, va_list * args)
239 return format_stn_ip46_punt_trace (s, args, 0);
243 stn_ip6_punt_fn (vlib_main_t * vm,
244 vlib_node_runtime_t * node, vlib_frame_t * frame)
246 return stn_ip46_punt_fn(vm, node, frame, 0);
250 VLIB_REGISTER_NODE (stn_ip6_punt, static) =
252 .function = stn_ip6_punt_fn,
253 .name = "stn-ip6-punt",
254 .vector_size = sizeof (u32),
255 .format_trace = format_stn_ip6_punt_trace,
256 .n_errors = STN_IP_PUNT_N_ERROR,
257 .error_strings = stn_ip_punt_error_strings,
258 .n_next_nodes = STN_IP_PUNT_N_NEXT,
261 [STN_IP_PUNT_DROP] = "error-drop"
267 format_stn_ip4_punt_trace (u8 * s, va_list * args)
269 return format_stn_ip46_punt_trace (s, args, 1);
273 stn_ip4_punt_fn (vlib_main_t * vm,
274 vlib_node_runtime_t * node, vlib_frame_t * frame)
276 return stn_ip46_punt_fn(vm, node, frame, 1);
280 VLIB_REGISTER_NODE (stn_ip4_punt, static) =
282 .function = stn_ip4_punt_fn,
283 .name = "stn-ip4-punt",
284 .vector_size = sizeof (u32),
285 .format_trace = format_stn_ip4_punt_trace,
286 .n_errors = STN_IP_PUNT_N_ERROR,
287 .error_strings = stn_ip_punt_error_strings,
288 .n_next_nodes = STN_IP_PUNT_N_NEXT,
291 [STN_IP_PUNT_DROP] = "error-drop",
297 stn_init (vlib_main_t * vm)
299 stn_main_t *stn = &stn_main;
301 clib_bihash_init_16_8(&stn->rule_by_address_table, "stn addresses",
304 clib_memcpy(stn_ip4_ethernet_header.dst_address, stn_hw_addr_dst, 6);
305 clib_memcpy(stn_ip4_ethernet_header.src_address, stn_hw_addr_local, 6);
306 stn_ip4_ethernet_header.type = clib_host_to_net_u16(ETHERNET_TYPE_IP4);
308 clib_memcpy(stn_ip6_ethernet_header.dst_address, stn_hw_addr_dst, 6);
309 clib_memcpy(stn_ip6_ethernet_header.src_address, stn_hw_addr_local, 6);
310 stn_ip6_ethernet_header.type = clib_host_to_net_u16(ETHERNET_TYPE_IP6);
312 u32 punt_node_index = vlib_get_node_by_name(vm, (u8 *)"error-punt")->index;
313 stn->punt_to_stn_ip4_next_index =
314 vlib_node_add_next(vm, punt_node_index, stn_ip4_punt.index);
315 stn->punt_to_stn_ip6_next_index =
316 vlib_node_add_next(vm, punt_node_index, stn_ip6_punt.index);
318 return stn_api_init (vm, stn);
323 VLIB_INIT_FUNCTION (stn_init);
326 VLIB_PLUGIN_REGISTER () = {
327 .version = VPP_BUILD_VER,
328 .description = "VPP Steals the NIC for Container integration",
332 int stn_rule_add_del (stn_rule_add_del_args_t *args)
334 vnet_main_t *vnm = vnet_get_main();
335 vlib_main_t *vm = vlib_get_main();
336 stn_main_t *stn = &stn_main;
338 stn_rule_t *r = NULL;
339 clib_bihash_kv_16_8_t kv;
340 kv.key[0] = args->address.as_u64[0];
341 kv.key[1] = args->address.as_u64[1];
343 if (clib_bihash_search_inline_16_8 (&stn->rule_by_address_table, &kv) == 0)
345 r = &stn->rules[kv.value];
349 pool_get(stn->rules, r);
350 kv.value = r - stn->rules;
351 clib_bihash_add_del_16_8(&stn->rule_by_address_table, &kv, 1);
352 r->address = args->address;
355 if (stn->n_rules == 1)
358 this_vlib_main->os_punt_frame = stn_punt_fn;
360 udp_punt_unknown(vm, 0, 1);
361 udp_punt_unknown(vm, 1, 1);
362 tcp_punt_unknown(vm, 0, 1);
363 tcp_punt_unknown(vm, 1, 1);
369 /* Getting output node and adding it as next */
370 u32 output_node_index =
371 vnet_tx_node_index_for_sw_interface(vnm, args->sw_if_index);
372 u32 node_index = ip46_address_is_ip4(&args->address)?
373 stn_ip4_punt.index : stn_ip6_punt.index;
375 r->sw_if_index = args->sw_if_index;
377 vlib_node_add_next(vm, node_index, output_node_index);
379 /* enabling forwarding on the output node (might not be done since
380 * it is unnumbered) */
381 vnet_feature_enable_disable("ip4-unicast", "ip4-lookup", args->sw_if_index,
383 vnet_feature_enable_disable("ip6-unicast", "ip6-lookup", args->sw_if_index,
385 vnet_feature_enable_disable("ip4-unicast", "ip4-not-enabled",
388 vnet_feature_enable_disable("ip6-unicast", "ip6-not-enabled",
394 clib_bihash_add_del_16_8(&stn->rule_by_address_table, &kv, 0);
395 pool_put(stn->rules, r);
398 if (stn->n_rules == 0)
401 this_vlib_main->os_punt_frame = NULL;
407 return VNET_API_ERROR_NO_SUCH_ENTRY;
413 static clib_error_t *
414 show_stn_rules_fn (vlib_main_t * vm,
415 unformat_input_t * input, vlib_cli_command_t * cmd)
417 stn_main_t *stn = &stn_main;
420 pool_foreach(rule, stn->rules, {
421 s = format (s, "- %U\n", format_stn_rule, rule);
424 vlib_cli_output(vm, "%v", s);
430 VLIB_CLI_COMMAND (show_stn_rules_command, static) =
432 .path = "show stn rules",
434 .function = show_stn_rules_fn,
437 static clib_error_t *
438 stn_rule_fn (vlib_main_t * vm,
439 unformat_input_t * input, vlib_cli_command_t * cmd)
441 unformat_input_t _line_input, *line_input = &_line_input;
442 clib_error_t *error = 0;
443 stn_rule_add_del_args_t args = {};
448 if (!unformat_user (input, unformat_line_input, line_input))
451 while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
453 if (unformat (line_input, "address %U", unformat_ip46_address,
454 &args.address, IP46_TYPE_ANY))
457 (line_input, "interface %U", unformat_vnet_sw_interface,
458 vnet_get_main(), &args.sw_if_index))
460 else if (unformat (line_input, "del"))
464 error = clib_error_return (0, "parse error: '%U'",
465 format_unformat_error, line_input);
472 error = clib_error_return (0, "Missing address");
478 error = clib_error_return (0, "Missing interface");
482 if ((ret = stn_rule_add_del (&args)))
484 error = clib_error_return (0, "stn_rule_add_del returned error %d", ret);
489 unformat_free (line_input);
493 VLIB_CLI_COMMAND (stn_rule_command, static) =
496 .short_help = "address <addr> interface <iface> [del]",
497 .function = stn_rule_fn,