2 * Copyright (c) 2018 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
17 #include <vnet/vnet.h>
18 #include <vnet/devices/devices.h>
19 #include <vnet/ip/ip.h>
20 #include <vnet/ethernet/ethernet.h>
21 #include <vnet/ethernet/packet.h>
22 #include <vnet/flow/flow.h>
24 static format_function_t format_flow;
27 unformat_ip_port_and_mask (unformat_input_t * input, va_list * args)
29 ip_port_and_mask_t *pm = va_arg (*args, ip_port_and_mask_t *);
30 u32 port = 0, mask = 0;
32 if (unformat (input, "any"))
34 else if (unformat (input, "%u/%u", &port, &mask))
36 else if (unformat (input, "%u/0x%x", &port, &mask))
38 else if (unformat (input, "%u", &port))
43 if (port > 0xffff || mask > 0xffff)
52 format_ip_port_and_mask (u8 * s, va_list * args)
54 ip_port_and_mask_t *pm = va_arg (*args, ip_port_and_mask_t *);
56 if (pm->port == 0 && pm->mask == 0)
57 return format (s, "any");
59 if (pm->mask == 0xffff)
60 return format (s, "%u", pm->port);
62 return format (s, "%u/0x%x", pm->port, pm->mask);
66 unformat_ip_protocol_and_mask (unformat_input_t * input, va_list * args)
68 ip_prot_and_mask_t *pm = va_arg (*args, ip_prot_and_mask_t *);
69 u32 prot = 0, mask = 0;
71 if (unformat (input, "any"))
73 else if (unformat (input, "%U", unformat_ip_protocol, &prot))
75 else if (unformat (input, "%u", &prot))
80 if (prot > 0XFF || mask > 0xFF)
89 format_ip_protocol_and_mask (u8 * s, va_list * args)
91 ip_prot_and_mask_t *pm = va_arg (*args, ip_prot_and_mask_t *);
93 if (pm->prot == 0 && pm->mask == 0)
94 return format (s, "any");
96 return format (s, "%U", format_ip_protocol, pm->prot);
100 format_flow_error (u8 * s, va_list * args)
102 int error = va_arg (*args, int);
105 return format (s, "no error");
107 #define _(v,n,str) if (error == v) return format (s, #str);
111 return format (s, "unknown error (%d)", error);
115 format_flow_actions (u8 * s, va_list * args)
117 u32 actions = va_arg (*args, u32);
120 #define _(a, b, c) if (actions & (1 << a)) \
121 t = format (t, "%s%s", t ? " ":"", c);
124 s = format (s, "%v", t);
130 format_flow_enabled_hw (u8 * s, va_list * args)
132 u32 flow_index = va_arg (*args, u32);
133 vnet_flow_t *f = vnet_get_flow (flow_index);
135 return format (s, "not found");
140 vnet_main_t *vnm = vnet_get_main ();
142 hash_foreach (hw_if_index, private_data, f->private_data,
144 t = format (t, "%s%U", t ? ", " : "",
145 format_vnet_hw_if_index_name, vnm, hw_if_index);
148 s = format (s, "%v", t);
154 format_rss_function (u8 * s, va_list * args)
156 vnet_rss_function_t func = va_arg (*args, vnet_rss_function_t);
162 else if (func == VNET_RSS_FUNC_##f) \
163 return format (s, n);
167 return format (s, "unknown");
171 format_rss_types (u8 * s, va_list * args)
173 u64 type = va_arg (*args, u64);
177 if (type & (1UL<<a)) \
178 s = format (s, "%s ", c);
180 foreach_flow_rss_types
185 static const char *flow_type_strings[] = { 0,
191 static clib_error_t *
192 show_flow_entry (vlib_main_t * vm, unformat_input_t * input,
193 vlib_cli_command_t * cmd_arg)
195 vnet_main_t *vnm = vnet_get_main ();
196 vnet_flow_main_t *fm = &flow_main;
197 unformat_input_t _line_input, *line_input = &_line_input;
198 vnet_hw_interface_t *hi;
199 vnet_device_class_t *dev_class;
202 u32 index = ~0, hw_if_index;
204 if (!unformat_user (input, unformat_line_input, line_input))
207 while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
209 if (unformat (line_input, "index %u", &index))
212 return clib_error_return (0, "parse error: '%U'",
213 format_unformat_error, line_input);
216 unformat_free (line_input);
220 if ((f = vnet_get_flow (index)) == 0)
221 return clib_error_return (0, "no such flow");
223 vlib_cli_output (vm, "%-10s: %u", "index", f->index);
224 vlib_cli_output (vm, "%-10s: %s", "type", flow_type_strings[f->type]);
225 vlib_cli_output (vm, "%-10s: %U", "match", format_flow, f);
227 hash_foreach (hw_if_index, private_data, f->private_data,
229 hi = vnet_get_hw_interface (vnm, hw_if_index);
230 dev_class = vnet_get_device_class (vnm, hi->dev_class_index);
231 vlib_cli_output (vm, "interface %U\n",
232 format_vnet_hw_if_index_name, vnm, hw_if_index);
233 if (dev_class->format_flow)
234 vlib_cli_output (vm, " %U\n", dev_class->format_flow,
235 hi->dev_instance, f->index, private_data);
243 pool_foreach (f, fm->global_flow_pool)
245 vlib_cli_output (vm, "%U\n", format_flow, f);
253 VLIB_CLI_COMMAND (show_flow_entry_command, static) = {
254 .path = "show flow entry",
255 .short_help = "show flow entry [index <index>]",
256 .function = show_flow_entry,
260 static clib_error_t *
261 show_flow_ranges (vlib_main_t * vm, unformat_input_t * input,
262 vlib_cli_command_t * cmd_arg)
264 vnet_flow_main_t *fm = &flow_main;
265 vnet_flow_range_t *r = 0;
267 vlib_cli_output (vm, "%8s %8s %s", "Start", "Count", "Owner");
270 vec_foreach (r, fm->ranges)
272 vlib_cli_output (vm, "%8u %8u %s", r->start, r->count, r->owner);
279 VLIB_CLI_COMMAND (show_flow_ranges_command, static) = {
280 .path = "show flow ranges",
281 .short_help = "show flow ranges",
282 .function = show_flow_ranges,
286 static clib_error_t *
287 show_flow_interface (vlib_main_t * vm, unformat_input_t * input,
288 vlib_cli_command_t * cmd_arg)
290 vnet_main_t *vnm = vnet_get_main ();
291 vnet_hw_interface_t *hi;
292 vnet_device_class_t *dev_class;
293 unformat_input_t _line_input, *line_input = &_line_input;
294 u32 hw_if_index = ~0;
296 if (unformat_user (input, unformat_line_input, line_input))
298 while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
300 if (unformat (line_input, "%U",
301 unformat_vnet_hw_interface, vnm, &hw_if_index))
304 return clib_error_return (0, "parse error: '%U'",
305 format_unformat_error, line_input);
307 unformat_free (line_input);
310 if (hw_if_index == ~0)
311 return clib_error_return (0, "please specify interface");
313 hi = vnet_get_hw_interface (vnm, hw_if_index);
314 dev_class = vnet_get_device_class (vnm, hi->dev_class_index);
315 if (dev_class->format_flow == 0)
316 return clib_error_return (0, "not supported");
318 vlib_cli_output (vm, "%U", dev_class->format_flow, hi->dev_instance, ~0, 0);
323 VLIB_CLI_COMMAND (show_flow_interface_command, static) = {
324 .path = "show flow interface",
325 .short_help = "show flow interface <interface name>",
326 .function = show_flow_interface,
330 static clib_error_t *
331 test_flow (vlib_main_t * vm, unformat_input_t * input,
332 vlib_cli_command_t * cmd_arg)
335 vnet_main_t *vnm = vnet_get_main ();
336 unformat_input_t _line_input, *line_input = &_line_input;
344 } action = FLOW_UNKNOWN_ACTION;
351 } flow_class = FLOW_UNKNOWN_CLASS;
353 u32 hw_if_index = ~0, flow_index = ~0;
355 u32 teid = 0, session_id = 0, spi = 0;
357 vnet_flow_type_t type = VNET_FLOW_TYPE_UNKNOWN;
358 ip4_address_and_mask_t ip4s = { };
359 ip4_address_and_mask_t ip4d = { };
360 ip6_address_and_mask_t ip6s = { };
361 ip6_address_and_mask_t ip6d = { };
362 ip_port_and_mask_t sport = { };
363 ip_port_and_mask_t dport = { };
364 ip_prot_and_mask_t protocol = { };
366 bool tcp_udp_port_set = false;
367 bool gtpc_set = false;
368 bool gtpu_set = false;
369 bool vni_set = false;
370 bool l2tpv3oip_set = false;
371 bool ipsec_esp_set = false, ipsec_ah_set = false;
372 u8 *rss_type[3] = { };
375 clib_memset (&flow, 0, sizeof (vnet_flow_t));
379 if (!unformat_user (input, unformat_line_input, line_input))
382 while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
384 if (unformat (line_input, "add"))
386 else if (unformat (line_input, "del"))
388 else if (unformat (line_input, "enable"))
389 action = FLOW_ENABLE;
390 else if (unformat (line_input, "disable"))
391 action = FLOW_DISABLE;
392 else if (unformat (line_input, "eth-type %U",
393 unformat_ethernet_type_host_byte_order, ð_type))
394 flow_class = FLOW_ETHERNET_CLASS;
395 else if (unformat (line_input, "src-ip %U",
396 unformat_ip4_address_and_mask, &ip4s))
397 flow_class = FLOW_IPV4_CLASS;
398 else if (unformat (line_input, "dst-ip %U",
399 unformat_ip4_address_and_mask, &ip4d))
400 flow_class = FLOW_IPV4_CLASS;
401 else if (unformat (line_input, "ip6-src-ip %U",
402 unformat_ip6_address_and_mask, &ip6s))
403 flow_class = FLOW_IPV6_CLASS;
404 else if (unformat (line_input, "ip6-dst-ip %U",
405 unformat_ip6_address_and_mask, &ip6d))
406 flow_class = FLOW_IPV6_CLASS;
407 else if (unformat (line_input, "src-port %U", unformat_ip_port_and_mask,
409 tcp_udp_port_set = true;
410 else if (unformat (line_input, "dst-port %U", unformat_ip_port_and_mask,
412 tcp_udp_port_set = true;
415 (line_input, "proto %U", unformat_ip_protocol_and_mask,
418 else if (unformat (line_input, "gtpc teid %u", &teid))
420 else if (unformat (line_input, "gtpu teid %u", &teid))
422 else if (unformat (line_input, "vxlan vni %u", &vni))
424 else if (unformat (line_input, "session id %u", &session_id))
426 if (protocol.prot == IP_PROTOCOL_L2TP)
427 l2tpv3oip_set = true;
429 else if (unformat (line_input, "spi %u", &spi))
431 if (protocol.prot == IP_PROTOCOL_IPSEC_ESP)
432 ipsec_esp_set = true;
433 else if (protocol.prot == IP_PROTOCOL_IPSEC_AH)
436 else if (unformat (line_input, "index %u", &flow_index))
438 else if (unformat (line_input, "next-node %U", unformat_vlib_node, vm,
439 &flow.redirect_node_index))
440 flow.actions |= VNET_FLOW_ACTION_REDIRECT_TO_NODE;
441 else if (unformat (line_input, "mark %d", &flow.mark_flow_id))
442 flow.actions |= VNET_FLOW_ACTION_MARK;
443 else if (unformat (line_input, "buffer-advance %d",
444 &flow.buffer_advance))
445 flow.actions |= VNET_FLOW_ACTION_BUFFER_ADVANCE;
446 else if (unformat (line_input, "redirect-to-queue %d",
447 &flow.redirect_queue))
448 flow.actions |= VNET_FLOW_ACTION_REDIRECT_TO_QUEUE;
449 else if (unformat (line_input, "drop"))
450 flow.actions |= VNET_FLOW_ACTION_DROP;
451 else if (unformat (line_input, "rss function"))
457 else if (unformat (line_input, s)) \
458 flow.rss_fun = VNET_RSS_FUNC_##f;
464 return clib_error_return (0, "unknown input `%U'",
465 format_unformat_error, line_input);
468 flow.actions |= VNET_FLOW_ACTION_RSS;
470 else if (unformat (line_input, "rss types"))
477 if (unformat (line_input, "%s use %s and %s",
478 &rss_type[0], &rss_type[1], &rss_type[2]))
481 (line_input, "%s use %s", &rss_type[0], &rss_type[1]))
483 else if (unformat (line_input, "%s", &rss_type[0]))
488 else if (!clib_strcmp(c, (const char *)type_str)) \
489 flow.rss_types |= (1ULL<<a);
491 #define check_rss_types(_str) \
496 foreach_flow_rss_types \
499 return clib_error_return (0, "parse error: '%U'", \
500 format_unformat_error, line_input); \
504 check_rss_types (rss_type[0])
505 check_rss_types (rss_type[1]) check_rss_types (rss_type[2])
507 flow.actions |= VNET_FLOW_ACTION_RSS;
509 else if (unformat (line_input, "%U", unformat_vnet_hw_interface, vnm,
513 return clib_error_return (0, "parse error: '%U'",
514 format_unformat_error, line_input);
517 unformat_free (line_input);
519 if (hw_if_index == ~0 && (action == FLOW_ENABLE || action == FLOW_DISABLE))
520 return clib_error_return (0, "Please specify interface name");
522 if (flow_index == ~0 && (action == FLOW_ENABLE || action == FLOW_DISABLE ||
524 return clib_error_return (0, "Please specify flow index");
529 if (flow.actions == 0)
530 return clib_error_return (0, "Please specify at least one action");
532 /* Adjust the flow type */
535 case FLOW_ETHERNET_CLASS:
536 type = VNET_FLOW_TYPE_ETHERNET;
539 case FLOW_IPV4_CLASS:
542 type = VNET_FLOW_TYPE_IP4_GTPC;
543 protocol.prot = IP_PROTOCOL_UDP;
547 type = VNET_FLOW_TYPE_IP4_GTPU;
548 protocol.prot = IP_PROTOCOL_UDP;
552 type = VNET_FLOW_TYPE_IP4_VXLAN;
553 protocol.prot = IP_PROTOCOL_UDP;
555 else if (l2tpv3oip_set)
556 type = VNET_FLOW_TYPE_IP4_L2TPV3OIP;
557 else if (ipsec_esp_set)
558 type = VNET_FLOW_TYPE_IP4_IPSEC_ESP;
559 else if (ipsec_ah_set)
560 type = VNET_FLOW_TYPE_IP4_IPSEC_AH;
561 else if (tcp_udp_port_set)
562 type = VNET_FLOW_TYPE_IP4_N_TUPLE;
564 type = VNET_FLOW_TYPE_IP4;
566 case FLOW_IPV6_CLASS:
567 if (tcp_udp_port_set)
568 type = VNET_FLOW_TYPE_IP6_N_TUPLE;
570 type = VNET_FLOW_TYPE_IP6_VXLAN;
572 type = VNET_FLOW_TYPE_IP6;
576 return clib_error_return (0,
577 "Please specify a supported flow type");
580 /* Assign specific field values per flow type */
581 if (flow_class == FLOW_ETHERNET_CLASS)
583 flow.ethernet.eth_hdr.type = eth_type;
585 else if (flow_class == FLOW_IPV4_CLASS)
587 vnet_flow_ip4_t *ip4_ptr = &flow.ip4;
589 clib_memcpy (&ip4_ptr->src_addr, &ip4s,
590 sizeof (ip4_address_and_mask_t));
591 clib_memcpy (&ip4_ptr->dst_addr, &ip4d,
592 sizeof (ip4_address_and_mask_t));
593 ip4_ptr->protocol.prot = protocol.prot;
595 /* In this cli, we use the protocol.mask only when the flow type is
596 * VNET_FLOW_TYPE_IP4/IP6. For other cases, the IP protocol is just
597 * used to identify the next layer type: e.g. UDP/TCP or IPSEC_ESP
599 if (type == VNET_FLOW_TYPE_IP4)
600 ip4_ptr->protocol.mask = protocol.mask;
602 switch (protocol.prot)
605 case IP_PROTOCOL_TCP:
606 case IP_PROTOCOL_UDP:
607 flow.ip4_n_tuple.src_port = sport;
608 flow.ip4_n_tuple.dst_port = dport;
610 if (type == VNET_FLOW_TYPE_IP4_GTPC)
611 flow.ip4_gtpc.teid = teid;
612 else if (type == VNET_FLOW_TYPE_IP4_GTPU)
613 flow.ip4_gtpu.teid = teid;
614 else if (type == VNET_FLOW_TYPE_IP4_VXLAN)
615 flow.ip4_vxlan.vni = vni;
617 case IP_PROTOCOL_L2TP:
618 flow.ip4_l2tpv3oip.session_id = session_id;
620 case IP_PROTOCOL_IPSEC_ESP:
621 flow.ip4_ipsec_esp.spi = spi;
623 case IP_PROTOCOL_IPSEC_AH:
624 flow.ip4_ipsec_esp.spi = spi;
630 else if (flow_class == FLOW_IPV6_CLASS)
632 vnet_flow_ip6_t *ip6_ptr = &flow.ip6;
634 clib_memcpy (&flow.ip6_n_tuple.src_addr, &ip6s,
635 sizeof (ip6_address_and_mask_t));
636 clib_memcpy (&flow.ip6_n_tuple.dst_addr, &ip6d,
637 sizeof (ip6_address_and_mask_t));
639 ip6_ptr->protocol.prot = protocol.prot;
641 /* In this cli, we use the protocol.mask only when the flow type is
642 * VNET_FLOW_TYPE_IP4/IP6. For other cases, the IP protocol is just
643 * used to identify the next layer type: e.g. UDP/TCP or IPSEC_ESP
645 if (type == VNET_FLOW_TYPE_IP6)
646 ip6_ptr->protocol.mask = protocol.mask;
648 switch (protocol.prot)
651 case IP_PROTOCOL_TCP:
652 case IP_PROTOCOL_UDP:
653 flow.ip6_n_tuple.src_port = sport;
654 flow.ip6_n_tuple.dst_port = dport;
656 if (type == VNET_FLOW_TYPE_IP6_VXLAN)
657 flow.ip6_vxlan.vni = vni;
665 rv = vnet_flow_add (vnm, &flow, &flow_index);
667 vlib_cli_output (vm, "flow %u added", flow_index);
671 rv = vnet_flow_del (vnm, flow_index);
674 rv = vnet_flow_enable (vnm, flow_index, hw_if_index);
677 rv = vnet_flow_disable (vnm, flow_index, hw_if_index);
680 return clib_error_return (0, "please specify action (add, del, enable,"
685 return clib_error_return (0, "flow error: %U", format_flow_error, rv);
691 VLIB_CLI_COMMAND (test_flow_command, static) = {
693 .short_help = "test flow [add|del|enable|disable] [index <id>] "
694 "[src-ip <ip-addr/mask>] [dst-ip <ip-addr/mask>] "
695 "[ip6-src-ip <ip-addr/mask>] [ip6-dst-ip <ip-addr/mask>] "
696 "[src-port <port/mask>] [dst-port <port/mask>] "
697 "[proto <ip-proto>] "
698 "[gtpc teid <teid>] [gtpu teid <teid>] [vxlan <vni>] "
699 "[session id <session>] [spi <spi>]"
700 "[next-node <node>] [mark <id>] [buffer-advance <len>] "
701 "[redirect-to-queue <queue>] [drop] "
702 "[rss function <name>] [rss types <flow type>]",
703 .function = test_flow,
708 format_flow_match_element (u8 * s, va_list * args)
710 char *type = va_arg (*args, char *);
711 void *ptr = va_arg (*args, void *);
713 if (strncmp (type, "u8", 2) == 0)
714 return format (s, "%d", *(u8 *) ptr);
716 if (strncmp (type, "u16", 3) == 0)
717 return format (s, "%d", *(u16 *) ptr);
719 if (strncmp (type, "u32", 3) == 0)
720 return format (s, "%d", *(u32 *) ptr);
722 if (strncmp (type, "ethernet_header_t", 13) == 0)
724 ethernet_max_header_t m;
725 memset (&m, 0, sizeof (m));
726 m.ethernet = *(ethernet_header_t *) ptr;
727 /* convert the ethernet type to net order */
728 m.ethernet.type = clib_host_to_net_u16 (m.ethernet.type);
729 return format (s, "%U", format_ethernet_header, &m);
732 if (strncmp (type, "ip4_address_t", 13) == 0)
733 return format (s, "%U", format_ip4_address, ptr);
735 if (strncmp (type, "ip4_address_and_mask_t", 13) == 0)
736 return format (s, "%U", format_ip4_address_and_mask, ptr);
738 if (strncmp (type, "ip6_address_t", 13) == 0)
739 return format (s, "%U", format_ip6_address, ptr);
741 if (strncmp (type, "ip6_address_and_mask_t", 13) == 0)
742 return format (s, "%U", format_ip6_address_and_mask, ptr);
744 if (strncmp (type, "ip_prot_and_mask_t", 13) == 0)
745 return format (s, "%U", format_ip_protocol_and_mask, ptr);
747 if (strncmp (type, "ip_port_and_mask_t", 18) == 0)
748 return format (s, "%U", format_ip_port_and_mask, ptr);
750 s = format (s, "unknown type '%s'", type);
754 #define _fe(a,b) s2 = format (s2, "%s%s %U", s2 ? ", ":"", #b, \
755 format_flow_match_element, #a, &f->b);
757 u8 * format_flow_match_##b (u8 * s, va_list * args) \
759 vnet_flow_##b##_t *f = __builtin_va_arg (*args, vnet_flow_##b##_t *); \
761 foreach_flow_entry_##b \
762 s = format (s, "%v", s2);; \
770 format_flow_match (u8 * s, va_list * args)
772 vnet_flow_t *f = va_arg (*args, vnet_flow_t *);
775 if (f->type == VNET_FLOW_TYPE_##a) \
776 return format (s, "%U", format_flow_match_##b, &f->b);
784 format_flow (u8 * s, va_list * args)
786 vlib_main_t *vm = vlib_get_main ();
787 vnet_flow_t *f = va_arg (*args, vnet_flow_t *);
788 u32 indent = format_get_indent (s);
791 s = format (s, "flow-index %u type %s active %u",
792 f->index, flow_type_strings[f->type],
793 hash_elts (f->private_data)),
794 s = format (s, "\n%Umatch: %U", format_white_space, indent + 2,
795 format_flow_match, f);
796 s = format (s, "\n%Uaction: %U", format_white_space, indent + 2,
797 format_flow_actions, f->actions);
799 if (f->actions & VNET_FLOW_ACTION_DROP)
800 t = format (t, "%sdrop", t ? ", " : "");
802 if (f->actions & VNET_FLOW_ACTION_MARK)
803 t = format (t, "%smark %u", t ? ", " : "", f->mark_flow_id);
805 if (f->actions & VNET_FLOW_ACTION_REDIRECT_TO_QUEUE)
807 format (t, "%sredirect-to-queue %u", t ? ", " : "", f->redirect_queue);
809 if (f->actions & VNET_FLOW_ACTION_REDIRECT_TO_NODE)
810 t = format (t, "%snext-node %U", t ? ", " : "",
811 format_vlib_node_name, vm, f->redirect_node_index);
813 if (f->actions & VNET_FLOW_ACTION_BUFFER_ADVANCE)
814 t = format (t, "%sbuffer-advance %d", t ? ", " : "", f->buffer_advance);
816 if (f->actions & VNET_FLOW_ACTION_RSS)
818 t = format (t, "%srss function %U", t ? ", " : "",
819 format_rss_function, f->rss_fun);
820 t = format (t, "%srss types %U", t ? ", " : "",
821 format_rss_types, f->rss_types);
826 s = format (s, "\n%U%v", format_white_space, indent + 4, t);
834 * fd.io coding-style-patch-verification: ON
837 * eval: (c-set-style "gnu")