2 * vrrp.c - vrrp plugin action functions
4 * Copyright 2019-2020 Rubicon Communications, LLC (Netgate)
6 * SPDX-License-Identifier: Apache-2.0
10 #include <vnet/vnet.h>
11 #include <vnet/plugin/plugin.h>
12 #include <vnet/mfib/mfib_entry.h>
13 #include <vnet/mfib/mfib_table.h>
14 #include <vnet/adj/adj.h>
15 #include <vnet/adj/adj_mcast.h>
16 #include <vnet/fib/fib_table.h>
17 #include <vnet/ip/igmp_packet.h>
18 #include <vnet/ip/ip6_link.h>
19 #include <vnet/ethernet/arp_packet.h>
21 #include <vrrp/vrrp.h>
22 #include <vrrp/vrrp_packet.h>
24 #include <vpp/app/version.h>
26 static const u8 vrrp4_dst_mac[6] = { 0x1, 0x0, 0x5e, 0x0, 0x0, 0x12 };
27 static const u8 vrrp6_dst_mac[6] = { 0x33, 0x33, 0x0, 0x0, 0x0, 0x12 };
28 static const u8 vrrp_src_mac_prefix[4] = { 0x0, 0x0, 0x5e, 0x0 };
31 vrrp_adv_l2_build_multicast (vrrp_vr_t * vr, vlib_buffer_t * b)
33 vnet_main_t *vnm = vnet_get_main ();
34 vnet_link_t link_type;
35 ethernet_header_t *eth;
41 eth = vlib_buffer_get_current (b);
43 if (vrrp_vr_is_ipv6 (vr))
45 dst_mac = vrrp6_dst_mac;
46 link_type = VNET_LINK_IP6;
51 dst_mac = vrrp4_dst_mac;
52 link_type = VNET_LINK_IP4;
56 rewrite = ethernet_build_rewrite (vnm, vr->config.sw_if_index, link_type,
58 clib_memcpy (eth, rewrite, vec_len (rewrite));
60 /* change the source mac from the HW addr to the VRRP virtual MAC */
62 (eth->src_address, vrrp_src_mac_prefix, sizeof (vrrp_src_mac_prefix));
63 eth->src_address[4] = mac_byte_ipver;
64 eth->src_address[5] = vr->config.vr_id;
66 n_bytes += vec_len (rewrite);
68 vlib_buffer_chain_increase_length (b, b, n_bytes);
69 vlib_buffer_advance (b, n_bytes);
76 #define VRRP4_MCAST_ADDR_AS_U8 { 224, 0, 0, 18 }
77 #define VRRP6_MCAST_ADDR_AS_U8 \
78 { 0xff, 0x2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0x12 }
80 static const ip46_address_t vrrp4_mcast_addr = {
81 .ip4 = {.as_u8 = VRRP4_MCAST_ADDR_AS_U8,},
84 static const ip46_address_t vrrp6_mcast_addr = {
85 .ip6 = {.as_u8 = VRRP6_MCAST_ADDR_AS_U8,},
88 /* size of static parts of header + (# addrs * addr length) */
90 vrrp_adv_payload_len (vrrp_vr_t * vr)
92 u16 addr_len = vrrp_vr_is_ipv6 (vr) ? 16 : 4;
94 return sizeof (vrrp_header_t) + (vec_len (vr->config.vr_addrs) * addr_len);
98 vrrp_adv_l3_build (vrrp_vr_t * vr, vlib_buffer_t * b,
99 const ip46_address_t * dst)
101 if (!vrrp_vr_is_ipv6 (vr)) /* IPv4 */
103 ip4_header_t *ip4 = vlib_buffer_get_current (b);
105 clib_memset (ip4, 0, sizeof (*ip4));
106 ip4->ip_version_and_header_length = 0x45;
108 ip4->protocol = IP_PROTOCOL_VRRP;
109 clib_memcpy (&ip4->dst_address, &dst->ip4, sizeof (dst->ip4));
110 ip4_src_address_for_packet (&ip4_main.lookup_main,
111 vr->config.sw_if_index, &ip4->src_address);
112 ip4->length = clib_host_to_net_u16 (sizeof (*ip4) +
113 vrrp_adv_payload_len (vr));
114 ip4->checksum = ip4_header_checksum (ip4);
116 vlib_buffer_chain_increase_length (b, b, sizeof (*ip4));
117 vlib_buffer_advance (b, sizeof (*ip4));
119 return sizeof (*ip4);
123 ip6_header_t *ip6 = vlib_buffer_get_current (b);
125 clib_memset (ip6, 0, sizeof (*ip6));
126 ip6->ip_version_traffic_class_and_flow_label = 0x00000060;
127 ip6->hop_limit = 255;
128 ip6->protocol = IP_PROTOCOL_VRRP;
129 clib_memcpy (&ip6->dst_address, &dst->ip6, sizeof (dst->ip6));
130 ip6_address_copy (&ip6->src_address,
131 ip6_get_link_local_address (vr->config.sw_if_index));
132 ip6->payload_length = clib_host_to_net_u16 (vrrp_adv_payload_len (vr));
134 vlib_buffer_chain_increase_length (b, b, sizeof (*ip6));
135 vlib_buffer_advance (b, sizeof (*ip6));
137 return sizeof (*ip6);
143 vrrp_adv_csum (void *l3_hdr, void *payload, u8 is_ipv6, u16 len)
146 u8 proto = IP_PROTOCOL_VRRP;
148 int word_size = sizeof (uword);
155 src_addr = &(((ip6_header_t *) l3_hdr)->src_address);
160 src_addr = &(((ip4_header_t *) l3_hdr)->src_address);
163 for (i = 0; i < (2 * addr_len); i += word_size)
165 if (word_size == sizeof (u64))
167 ip_csum_with_carry (csum, clib_mem_unaligned (src_addr + i, u64));
170 ip_csum_with_carry (csum, clib_mem_unaligned (src_addr + i, u32));
173 csum = ip_csum_with_carry (csum,
174 clib_host_to_net_u32 (len + (proto << 16)));
176 /* now do the payload */
177 csum = ip_incremental_checksum (csum, payload, len);
179 csum = ~ip_csum_fold (csum);
185 vrrp_adv_payload_build (vrrp_vr_t * vr, vlib_buffer_t * b, int shutdown)
187 vrrp_header_t *vrrp = vlib_buffer_get_current (b);
189 ip46_address_t *vr_addr;
195 n_addrs = vec_len (vr->config.vr_addrs);
196 is_ipv6 = vrrp_vr_is_ipv6 (vr);
202 len = sizeof (*vrrp) + n_addrs * sizeof (ip6_address_t);;
203 l3_hdr = vlib_buffer_get_current (b) - sizeof (ip6_header_t);
205 ip6->payload_length = clib_host_to_net_u16 (len);
209 len = sizeof (*vrrp) + n_addrs * sizeof (ip4_address_t);
210 l3_hdr = vlib_buffer_get_current (b) - sizeof (ip4_header_t);
213 vrrp->vrrp_version_and_type = 0x31;
214 vrrp->vr_id = vr->config.vr_id;
215 vrrp->priority = (shutdown) ? 0 : vrrp_vr_priority (vr);
216 vrrp->n_addrs = vec_len (vr->config.vr_addrs);
217 vrrp->rsvd_and_max_adv_int = clib_host_to_net_u16 (vr->config.adv_interval);
220 hdr_addr = (void *) (vrrp + 1);
222 vec_foreach (vr_addr, vr->config.vr_addrs)
226 clib_memcpy (hdr_addr, &vr_addr->ip6, 16);
231 clib_memcpy (hdr_addr, &vr_addr->ip4, 4);
236 vlib_buffer_chain_increase_length (b, b, vrrp_adv_payload_len (vr));
239 vrrp_adv_csum (l3_hdr, vrrp, is_ipv6, vrrp_adv_payload_len (vr));
244 static_always_inline u32
245 vrrp_adv_next_node (vrrp_vr_t * vr)
247 if (vrrp_vr_is_unicast (vr))
249 if (vrrp_vr_is_ipv6 (vr))
250 return ip6_lookup_node.index;
252 return ip4_lookup_node.index;
256 vrrp_main_t *vmp = &vrrp_main;
258 return vmp->intf_output_node_idx;
262 static_always_inline const ip46_address_t *
263 vrrp_adv_mcast_addr (vrrp_vr_t * vr)
265 if (vrrp_vr_is_ipv6 (vr))
266 return &vrrp6_mcast_addr;
268 return &vrrp4_mcast_addr;
272 vrrp_adv_send (vrrp_vr_t * vr, int shutdown)
274 vlib_main_t *vm = vlib_get_main ();
275 vlib_frame_t *to_frame;
276 int i, n_buffers = 1;
277 u32 node_index, *to_next, *bi = 0;
278 u8 is_unicast = vrrp_vr_is_unicast (vr);
280 node_index = vrrp_adv_next_node (vr);
283 n_buffers = vec_len (vr->config.peer_addrs);
285 vec_validate (bi, n_buffers - 1);
286 if (vlib_buffer_alloc (vm, bi, n_buffers) != n_buffers)
288 clib_warning ("Buffer allocation failed for %U", format_vrrp_vr_key,
294 to_frame = vlib_get_frame_to_node (vm, node_index);
295 to_next = vlib_frame_vector_args (to_frame);
297 for (i = 0; i < n_buffers; i++)
301 const ip46_address_t *dst = vrrp_adv_mcast_addr (vr);
303 bi0 = vec_elt (bi, i);
304 b = vlib_get_buffer (vm, bi0);
306 VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b);
307 b->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED;
308 vnet_buffer (b)->sw_if_index[VLIB_RX] = 0;
309 vnet_buffer (b)->sw_if_index[VLIB_TX] = vr->config.sw_if_index;
313 dst = vec_elt_at_index (vr->config.peer_addrs, i);
314 vnet_buffer (b)->sw_if_index[VLIB_TX] = ~0;
317 vrrp_adv_l2_build_multicast (vr, b);
319 vrrp_adv_l3_build (vr, b, dst);
320 vrrp_adv_payload_build (vr, b, shutdown);
322 vlib_buffer_reset (b);
327 to_frame->n_vectors = n_buffers;
329 vlib_put_frame_to_node (vm, node_index, to_frame);
337 vrrp6_na_pkt_build (vrrp_vr_t * vr, vlib_buffer_t * b, ip6_address_t * addr6)
339 vnet_main_t *vnm = vnet_get_main ();
340 vlib_main_t *vm = vlib_get_main ();
341 ethernet_header_t *eth;
343 icmp6_neighbor_solicitation_or_advertisement_header_t *na;
344 icmp6_neighbor_discovery_ethernet_link_layer_address_option_t *ll_opt;
345 int payload_length, bogus_length;
346 int rewrite_bytes = 0;
351 eth = vlib_buffer_get_current (b);
353 ip6_multicast_ethernet_address (dst_mac, IP6_MULTICAST_GROUP_ID_all_hosts);
355 ethernet_build_rewrite (vnm, vr->config.sw_if_index, VNET_LINK_IP6,
357 rewrite_bytes += vec_len (rewrite);
358 clib_memcpy (eth, rewrite, vec_len (rewrite));
361 b->current_length += rewrite_bytes;
362 vlib_buffer_advance (b, rewrite_bytes);
365 ip6 = vlib_buffer_get_current (b);
367 b->current_length += sizeof (*ip6);
368 clib_memset (ip6, 0, sizeof (*ip6));
370 ip6->ip_version_traffic_class_and_flow_label = 0x00000060;
371 ip6->protocol = IP_PROTOCOL_ICMP6;
372 ip6->hop_limit = 255;
373 ip6_set_reserved_multicast_address (&ip6->dst_address,
374 IP6_MULTICAST_SCOPE_link_local,
375 IP6_MULTICAST_GROUP_ID_all_hosts);
376 ip6_address_copy (&ip6->src_address,
377 ip6_get_link_local_address (vr->config.sw_if_index));
381 na = (icmp6_neighbor_solicitation_or_advertisement_header_t *) (ip6 + 1);
383 (icmp6_neighbor_discovery_ethernet_link_layer_address_option_t *) (na +
386 payload_length = sizeof (*na) + sizeof (*ll_opt);
387 b->current_length += payload_length;
388 clib_memset (na, 0, payload_length);
390 na->icmp.type = ICMP6_neighbor_advertisement; /* icmp code, csum are 0 */
391 na->target_address = *addr6;
392 na->advertisement_flags = clib_host_to_net_u32
393 (ICMP6_NEIGHBOR_ADVERTISEMENT_FLAG_OVERRIDE
394 | ICMP6_NEIGHBOR_ADVERTISEMENT_FLAG_ROUTER);
396 ll_opt->header.type =
397 ICMP6_NEIGHBOR_DISCOVERY_OPTION_target_link_layer_address;
398 ll_opt->header.n_data_u64s = 1;
399 clib_memcpy (ll_opt->ethernet_address, vr->runtime.mac.bytes,
400 sizeof (vr->runtime.mac));
402 ip6->payload_length = clib_host_to_net_u16 (payload_length);
404 ip6_tcp_udp_icmp_compute_checksum (vm, b, ip6, &bogus_length);
407 const mac_address_t broadcast_mac = {
408 .bytes = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff,},
412 vrrp4_garp_pkt_build (vrrp_vr_t * vr, vlib_buffer_t * b, ip4_address_t * ip4)
414 vnet_main_t *vnm = vnet_get_main ();
415 ethernet_header_t *eth;
416 ethernet_arp_header_t *arp;
420 eth = vlib_buffer_get_current (b);
423 ethernet_build_rewrite (vnm, vr->config.sw_if_index, VNET_LINK_ARP,
424 broadcast_mac.bytes);
425 rewrite_bytes = vec_len (rewrite);
426 clib_memcpy (eth, rewrite, rewrite_bytes);
429 b->current_length += rewrite_bytes;
430 vlib_buffer_advance (b, rewrite_bytes);
432 arp = vlib_buffer_get_current (b);
433 b->current_length += sizeof (*arp);
435 clib_memset (arp, 0, sizeof (*arp));
437 arp->l2_type = clib_host_to_net_u16 (ETHERNET_ARP_HARDWARE_TYPE_ethernet);
438 arp->l3_type = clib_host_to_net_u16 (ETHERNET_TYPE_IP4);
439 arp->n_l2_address_bytes = 6;
440 arp->n_l3_address_bytes = 4;
441 arp->opcode = clib_host_to_net_u16 (ETHERNET_ARP_OPCODE_request);
442 arp->ip4_over_ethernet[0].mac = vr->runtime.mac;
443 arp->ip4_over_ethernet[0].ip4 = *ip4;
444 arp->ip4_over_ethernet[1].mac = broadcast_mac;
445 arp->ip4_over_ethernet[1].ip4 = *ip4;
449 vrrp_garp_or_na_send (vrrp_vr_t * vr)
451 vlib_main_t *vm = vlib_get_main ();
452 vrrp_main_t *vmp = &vrrp_main;
453 vlib_frame_t *to_frame;
459 if (vec_len (vr->config.peer_addrs))
460 return 0; /* unicast is used in routed environments - don't garp */
462 n_buffers = vec_len (vr->config.vr_addrs);
465 clib_warning ("Unable to send gratuitous ARP for VR %U - no addresses",
466 format_vrrp_vr_key, vr);
470 /* need to send a packet for each VR address */
471 vec_validate (bi, n_buffers - 1);
473 if (vlib_buffer_alloc (vm, bi, n_buffers) != n_buffers)
475 clib_warning ("Buffer allocation failed for %U", format_vrrp_vr_key,
481 to_frame = vlib_get_frame_to_node (vm, vmp->intf_output_node_idx);
482 to_frame->n_vectors = 0;
483 to_next = vlib_frame_vector_args (to_frame);
485 for (i = 0; i < n_buffers; i++)
488 ip46_address_t *addr;
490 addr = vec_elt_at_index (vr->config.vr_addrs, i);
491 b = vlib_get_buffer (vm, bi[i]);
493 VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b);
494 b->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED;
495 vnet_buffer (b)->sw_if_index[VLIB_RX] = 0;
496 vnet_buffer (b)->sw_if_index[VLIB_TX] = vr->config.sw_if_index;
498 if (vrrp_vr_is_ipv6 (vr))
499 vrrp6_na_pkt_build (vr, b, &addr->ip6);
501 vrrp4_garp_pkt_build (vr, b, &addr->ip4);
503 vlib_buffer_reset (b);
506 to_frame->n_vectors++;
509 vlib_put_frame_to_node (vm, vmp->intf_output_node_idx, to_frame);
514 #define IGMP4_MCAST_ADDR_AS_U8 { 224, 0, 0, 22 }
516 static const ip4_header_t igmp_ip4_mcast = {
517 .ip_version_and_header_length = 0x46, /* there's options! */
519 .protocol = IP_PROTOCOL_IGMP,
521 .dst_address = {.as_u8 = IGMP4_MCAST_ADDR_AS_U8,},
525 vrrp_igmp_pkt_build (vrrp_vr_t * vr, vlib_buffer_t * b)
529 igmp_membership_report_v3_t *report;
530 igmp_membership_group_v3_t *group;
532 ip4 = vlib_buffer_get_current (b);
533 clib_memcpy (ip4, &igmp_ip4_mcast, sizeof (*ip4));
534 ip4_src_address_for_packet (&ip4_main.lookup_main, vr->config.sw_if_index,
537 vlib_buffer_chain_increase_length (b, b, sizeof (*ip4));
538 vlib_buffer_advance (b, sizeof (*ip4));
540 ip4_options = (u8 *) (ip4 + 1);
541 ip4_options[0] = 0x94; /* 10010100 == the router alert option */
542 ip4_options[1] = 0x04; /* length == 4 bytes */
543 ip4_options[2] = 0x0; /* value == Router shall examine packet */
544 ip4_options[3] = 0x0; /* reserved */
546 vlib_buffer_chain_increase_length (b, b, 4);
547 vlib_buffer_advance (b, 4);
549 report = vlib_buffer_get_current (b);
551 report->header.type = IGMP_TYPE_membership_report_v3;
552 report->header.code = 0;
553 report->header.checksum = 0;
555 report->n_groups = clib_host_to_net_u16 (1);
557 vlib_buffer_chain_increase_length (b, b, sizeof (*report));
558 vlib_buffer_advance (b, sizeof (*report));
560 group = vlib_buffer_get_current (b);
561 group->type = IGMP_MEMBERSHIP_GROUP_change_to_exclude;
562 group->n_aux_u32s = 0;
563 group->n_src_addresses = 0;
564 group->group_address.as_u32 = clib_host_to_net_u32 (0xe0000012);
566 vlib_buffer_chain_increase_length (b, b, sizeof (*group));
567 vlib_buffer_advance (b, sizeof (*group));
569 ip4->length = clib_host_to_net_u16 (b->current_data);
570 ip4->checksum = ip4_header_checksum (ip4);
572 int payload_len = vlib_buffer_get_current (b) - ((void *) report);
573 report->header.checksum =
574 ~ip_csum_fold (ip_incremental_checksum (0, report, payload_len));
576 vlib_buffer_reset (b);
579 /* multicast listener report packet format for ethernet. */
580 typedef CLIB_PACKED (struct
582 ip6_hop_by_hop_ext_t ext_hdr;
583 ip6_router_alert_option_t alert;
584 ip6_padN_option_t pad;
585 icmp46_header_t icmp;
587 u16 num_addr_records;
588 icmp6_multicast_address_record_t records[0];
589 }) icmp6_multicast_listener_report_header_t;
592 vrrp_icmp6_mlr_pkt_build (vrrp_vr_t * vr, vlib_buffer_t * b)
594 vlib_main_t *vm = vlib_get_main ();
596 icmp6_multicast_listener_report_header_t *rh;
597 icmp6_multicast_address_record_t *rr;
598 ip46_address_t *vr_addr;
599 int bogus_length, n_addrs;
602 n_addrs = vec_len (vr->config.vr_addrs) + 1;
603 payload_length = sizeof (*rh) + (n_addrs * sizeof (*rr));
604 b->current_length = sizeof (*ip6) + payload_length;
605 b->error = ICMP6_ERROR_NONE;
607 ip6 = vlib_buffer_get_current (b);
608 rh = (icmp6_multicast_listener_report_header_t *) (ip6 + 1);
609 rr = (icmp6_multicast_address_record_t *) (rh + 1);
612 clib_memset (ip6, 0, b->current_length);
613 ip6->ip_version_traffic_class_and_flow_label =
614 clib_host_to_net_u32 (0x60000000);
616 ip6->protocol = IP_PROTOCOL_IP6_HOP_BY_HOP_OPTIONS;
617 ip6_set_reserved_multicast_address (&ip6->dst_address,
618 IP6_MULTICAST_SCOPE_link_local,
619 IP6_MULTICAST_GROUP_ID_mldv2_routers);
620 ip6_address_copy (&ip6->src_address,
621 ip6_get_link_local_address (vr->config.sw_if_index));
623 clib_memset (rh, 0, sizeof (*rh));
625 /* v6 hop by hop extension header */
626 rh->ext_hdr.next_hdr = IP_PROTOCOL_ICMP6;
627 rh->ext_hdr.n_data_u64s = 0;
629 rh->alert.type = IP6_MLDP_ALERT_TYPE;
637 rh->icmp.type = ICMP6_multicast_listener_report_v2;
638 rh->icmp.checksum = 0;
641 rh->num_addr_records = clib_host_to_net_u16 (n_addrs);
643 /* group addresses */
645 /* All VRRP routers group */
647 rr->aux_data_len_u32s = 0;
650 (&rr->mcast_addr, &vrrp6_mcast_addr.ip6, sizeof (ip6_address_t));
652 /* solicited node multicast addresses for VR addrs */
653 vec_foreach (vr_addr, vr->config.vr_addrs)
659 rr->aux_data_len_u32s = 0;
662 id = clib_net_to_host_u32 (vr_addr->ip6.as_u32[3]) & 0x00ffffff;
663 ip6_set_solicited_node_multicast_address (&rr->mcast_addr, id);
666 ip6->payload_length = clib_host_to_net_u16 (payload_length);
667 rh->icmp.checksum = ip6_tcp_udp_icmp_compute_checksum (vm, b, ip6,
672 vrrp_vr_multicast_group_join (vrrp_vr_t * vr)
674 vlib_main_t *vm = vlib_get_main ();
677 vnet_main_t *vnm = vnet_get_main ();
679 u32 bi = 0, *to_next;
684 if (!vnet_sw_interface_is_up (vnm, vr->config.sw_if_index))
687 if (vlib_buffer_alloc (vm, &bi, n_buffers) != n_buffers)
689 clib_warning ("Buffer allocation failed for %U", format_vrrp_vr_key,
694 is_ipv6 = vrrp_vr_is_ipv6 (vr);
696 b = vlib_get_buffer (vm, bi);
698 VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b);
699 b->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED;
701 vnet_buffer (b)->sw_if_index[VLIB_RX] = 0;
702 vnet_buffer (b)->sw_if_index[VLIB_TX] = vr->config.sw_if_index;
704 intf = vrrp_intf_get (vr->config.sw_if_index);
705 vnet_buffer (b)->ip.adj_index[VLIB_TX] = intf->mcast_adj_index[is_ipv6];
709 vrrp_icmp6_mlr_pkt_build (vr, b);
710 node_index = ip6_rewrite_mcast_node.index;
714 vrrp_igmp_pkt_build (vr, b);
715 node_index = ip4_rewrite_mcast_node.index;
718 f = vlib_get_frame_to_node (vm, node_index);
719 to_next = vlib_frame_vector_args (f);
723 vlib_put_frame_to_node (vm, node_index, f);
730 * fd.io coding-style-patch-verification: ON
733 * eval: (c-set-style "gnu")