2 * Copyright (c) 2015 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
16 #include <vnet/ip/ip.h>
17 #include <vnet/ip/ip_punt_drop.h>
18 #include <vnet/policer/policer.h>
19 #include <vnet/policer/police_inlines.h>
21 VNET_FEATURE_ARC_INIT (ip4_punt) =
23 .arc_name = "ip4-punt",
24 .start_nodes = VNET_FEATURES ("ip4-punt"),
27 VNET_FEATURE_ARC_INIT (ip4_drop) =
29 .arc_name = "ip4-drop",
30 .start_nodes = VNET_FEATURES ("ip4-drop", "ip4-not-enabled"),
33 extern ip_punt_policer_t ip4_punt_policer_cfg;
35 #ifndef CLIB_MARCH_VARIANT
37 format_ip_punt_policer_trace (u8 * s, va_list * args)
39 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
40 CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
41 ip_punt_policer_trace_t *t = va_arg (*args, ip_punt_policer_trace_t *);
43 s = format (s, "policer_index %d next %d", t->policer_index, t->next);
47 ip_punt_policer_t ip4_punt_policer_cfg = {
50 #endif /* CLIB_MARCH_VARIANT */
52 static char *ip4_punt_policer_handoff_error_strings[] = { "congestion drop" };
54 VLIB_NODE_FN (ip4_punt_policer_handoff_node)
55 (vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *frame)
57 return policer_handoff (vm, node, frame, ip4_punt_policer_cfg.fq_index,
58 ip4_punt_policer_cfg.policer_index);
61 VLIB_REGISTER_NODE (ip4_punt_policer_handoff_node) = {
62 .name = "ip4-punt-policer-handoff",
63 .vector_size = sizeof (u32),
64 .format_trace = format_policer_handoff_trace,
65 .type = VLIB_NODE_TYPE_INTERNAL,
66 .n_errors = ARRAY_LEN(ip4_punt_policer_handoff_error_strings),
67 .error_strings = ip4_punt_policer_handoff_error_strings,
75 static char *ip4_punt_policer_error_strings[] = {
76 #define _(sym,string) string,
77 foreach_ip_punt_policer_error
81 VLIB_NODE_FN (ip4_punt_policer_node) (vlib_main_t * vm,
82 vlib_node_runtime_t * node,
85 return (ip_punt_policer (vm, node, frame,
86 vnet_feat_arc_ip4_punt.feature_arc_index,
87 ip4_punt_policer_cfg.policer_index));
90 VLIB_REGISTER_NODE (ip4_punt_policer_node) = {
91 .name = "ip4-punt-policer",
92 .vector_size = sizeof (u32),
93 .n_next_nodes = IP_PUNT_POLICER_N_NEXT,
94 .format_trace = format_ip_punt_policer_trace,
95 .n_errors = ARRAY_LEN(ip4_punt_policer_error_strings),
96 .error_strings = ip4_punt_policer_error_strings,
99 [IP_PUNT_POLICER_NEXT_DROP] = "ip4-drop",
100 [IP_PUNT_POLICER_NEXT_HANDOFF] = "ip4-punt-policer-handoff",
104 VNET_FEATURE_INIT (ip4_punt_policer_node) = {
105 .arc_name = "ip4-punt",
106 .node_name = "ip4-punt-policer",
107 .runs_before = VNET_FEATURES("ip4-punt-redirect"),
111 #define foreach_ip4_punt_redirect_error \
112 _(DROP, "ip4 punt redirect drop")
116 #define _(sym,str) IP4_PUNT_REDIRECT_ERROR_##sym,
117 foreach_ip4_punt_redirect_error
119 IP4_PUNT_REDIRECT_N_ERROR,
120 } ip4_punt_redirect_error_t;
122 static char *ip4_punt_redirect_error_strings[] = {
123 #define _(sym,string) string,
124 foreach_ip4_punt_redirect_error
128 VLIB_NODE_FN (ip4_punt_redirect_node) (vlib_main_t * vm,
129 vlib_node_runtime_t * node,
130 vlib_frame_t * frame)
132 return (ip_punt_redirect (vm, node, frame,
133 vnet_feat_arc_ip4_punt.feature_arc_index,
137 VLIB_REGISTER_NODE (ip4_punt_redirect_node) = {
138 .name = "ip4-punt-redirect",
139 .vector_size = sizeof (u32),
140 .n_next_nodes = IP_PUNT_REDIRECT_N_NEXT,
141 .format_trace = format_ip_punt_redirect_trace,
142 .n_errors = ARRAY_LEN(ip4_punt_redirect_error_strings),
143 .error_strings = ip4_punt_redirect_error_strings,
145 /* edit / add dispositions here */
147 [IP_PUNT_REDIRECT_NEXT_DROP] = "ip4-drop",
148 [IP_PUNT_REDIRECT_NEXT_TX] = "ip4-rewrite",
149 [IP_PUNT_REDIRECT_NEXT_ARP] = "ip4-arp",
153 VNET_FEATURE_INIT (ip4_punt_redirect_node, static) = {
154 .arc_name = "ip4-punt",
155 .node_name = "ip4-punt-redirect",
156 .runs_before = VNET_FEATURES("error-punt"),
159 VLIB_NODE_FN (ip4_drop_node) (vlib_main_t * vm, vlib_node_runtime_t * node,
160 vlib_frame_t * frame)
162 if (node->flags & VLIB_NODE_FLAG_TRACE)
163 ip4_forward_next_trace (vm, node, frame, VLIB_TX);
165 return ip_drop_or_punt (vm, node, frame,
166 vnet_feat_arc_ip4_drop.feature_arc_index);
170 VLIB_NODE_FN (ip4_not_enabled_node) (vlib_main_t * vm,
171 vlib_node_runtime_t * node,
172 vlib_frame_t * frame)
174 if (node->flags & VLIB_NODE_FLAG_TRACE)
175 ip4_forward_next_trace (vm, node, frame, VLIB_TX);
177 return ip_drop_or_punt (vm, node, frame,
178 vnet_feat_arc_ip4_drop.feature_arc_index);
182 ip4_punt (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame)
184 if (node->flags & VLIB_NODE_FLAG_TRACE)
185 ip4_forward_next_trace (vm, node, frame, VLIB_TX);
187 return ip_drop_or_punt (vm, node, frame,
188 vnet_feat_arc_ip4_punt.feature_arc_index);
191 VLIB_REGISTER_NODE (ip4_drop_node) =
194 .vector_size = sizeof (u32),
195 .format_trace = format_ip4_forward_next_trace,
202 VLIB_REGISTER_NODE (ip4_not_enabled_node) =
204 .name = "ip4-not-enabled",
205 .vector_size = sizeof (u32),
206 .format_trace = format_ip4_forward_next_trace,
207 .sibling_of = "ip4-drop",
210 VLIB_REGISTER_NODE (ip4_punt_node) =
212 .function = ip4_punt,
214 .vector_size = sizeof (u32),
215 .format_trace = format_ip4_forward_next_trace,
222 VNET_FEATURE_INIT (ip4_punt_end_of_arc, static) = {
223 .arc_name = "ip4-punt",
224 .node_name = "error-punt",
225 .runs_before = 0, /* not before any other features */
228 VNET_FEATURE_INIT (ip4_drop_end_of_arc, static) = {
229 .arc_name = "ip4-drop",
230 .node_name = "error-drop",
231 .runs_before = 0, /* not before any other features */
234 #ifndef CLIB_MARCH_VARIANT
236 ip4_punt_policer_add_del (u8 is_add, u32 policer_index)
238 ip4_punt_policer_cfg.policer_index = policer_index;
240 vnet_feature_enable_disable ("ip4-punt", "ip4-punt-policer",
243 #endif /* CLIB_MARCH_VARIANT */
245 static clib_error_t *
246 ip4_punt_police_cmd (vlib_main_t * vm,
247 unformat_input_t * main_input,
248 vlib_cli_command_t * cmd)
250 unformat_input_t _line_input, *line_input = &_line_input;
251 clib_error_t *error = 0;
257 if (!unformat_user (main_input, unformat_line_input, line_input))
260 while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
262 if (unformat (line_input, "%d", &policer_index))
264 else if (unformat (line_input, "del"))
266 else if (unformat (line_input, "add"))
270 error = unformat_parse_error (line_input);
275 if (is_add && ~0 == policer_index)
277 error = clib_error_return (0, "expected policer index `%U'",
278 format_unformat_error, line_input);
284 ip4_punt_policer_add_del(is_add, policer_index);
287 unformat_free (line_input);
294 * @cliexcmd{set ip punt policer <INDEX>}
296 VLIB_CLI_COMMAND (ip4_punt_policer_command, static) =
298 .path = "ip punt policer",
299 .function = ip4_punt_police_cmd,
300 .short_help = "ip punt policer [add|del] <index>",
303 #ifndef CLIB_MARCH_VARIANT
305 static u32 ip4_punt_redirect_enable_counts;
308 ip4_punt_redirect_add_paths (u32 rx_sw_if_index,
309 const fib_route_path_t *rpaths)
311 ip_punt_redirect_add (FIB_PROTOCOL_IP4,
313 FIB_FORW_CHAIN_TYPE_UNICAST_IP4, rpaths);
315 if (1 == ++ip4_punt_redirect_enable_counts)
316 vnet_feature_enable_disable ("ip4-punt", "ip4-punt-redirect", 0, 1, 0, 0);
320 ip4_punt_redirect_del (u32 rx_sw_if_index)
322 ASSERT (ip4_punt_redirect_enable_counts);
323 if (0 == --ip4_punt_redirect_enable_counts)
324 vnet_feature_enable_disable ("ip4-punt", "ip4-punt-redirect", 0, 0, 0, 0);
326 ip_punt_redirect_del (FIB_PROTOCOL_IP4, rx_sw_if_index);
328 #endif /* CLIB_MARCH_VARIANT */
330 static clib_error_t *
331 ip4_punt_redirect_cmd (vlib_main_t * vm,
332 unformat_input_t * main_input,
333 vlib_cli_command_t * cmd)
335 unformat_input_t _line_input, *line_input = &_line_input;
336 fib_route_path_t *rpaths = NULL, rpath;
337 dpo_proto_t payload_proto = DPO_PROTO_IP4;
338 clib_error_t *error = 0;
339 u32 rx_sw_if_index = ~0;
344 vnm = vnet_get_main ();
346 if (!unformat_user (main_input, unformat_line_input, line_input))
349 while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
351 if (unformat (line_input, "del"))
353 else if (unformat (line_input, "add"))
355 else if (unformat (line_input, "rx all"))
357 else if (unformat (line_input, "rx %U",
358 unformat_vnet_sw_interface, vnm, &rx_sw_if_index))
360 else if (unformat (line_input, "via %U", unformat_fib_route_path, &rpath,
362 vec_add1 (rpaths, rpath);
365 error = unformat_parse_error (line_input);
370 if (~0 == rx_sw_if_index)
372 error = unformat_parse_error (line_input);
378 if (vec_len (rpaths))
379 ip4_punt_redirect_add_paths (rx_sw_if_index, rpaths);
383 ip4_punt_redirect_del (rx_sw_if_index);
388 unformat_free (line_input);
395 * @cliexcmd{set ip punt policer}
397 VLIB_CLI_COMMAND (ip4_punt_redirect_command, static) =
399 .path = "ip punt redirect",
400 .function = ip4_punt_redirect_cmd,
401 .short_help = "ip punt redirect [add|del] rx [<interface>|all] via [<nh>] <tx_interface>",
404 static clib_error_t *
405 ip4_punt_redirect_show_cmd (vlib_main_t * vm,
406 unformat_input_t * main_input,
407 vlib_cli_command_t * cmd)
409 vlib_cli_output (vm, "%U", format_ip_punt_redirect, FIB_PROTOCOL_IP4);
417 * @cliexcmd{set ip punt redierect}
419 VLIB_CLI_COMMAND (show_ip4_punt_redirect_command, static) =
421 .path = "show ip punt redirect",
422 .function = ip4_punt_redirect_show_cmd,
423 .short_help = "show ip punt redirect",
428 * fd.io coding-style-patch-verification: ON
431 * eval: (c-set-style "gnu")