2 * Copyright (c) 2019 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
16 #include <vnet/ip/ip6_link.h>
17 #include <vnet/ip/ip6_ll_table.h>
19 #include <vnet/ethernet/ethernet.h>
20 #include <vnet/mfib/ip6_mfib.h>
21 #include <vnet/adj/adj_mcast.h>
23 typedef struct ip6_link_delegate_t_
26 ip6_link_delegate_id_t ild_type;
28 } ip6_link_delegate_t;
30 const static ip6_link_delegate_t ip6_link_delegate_uninit = {
31 .ild_sw_if_index = ~0,
34 typedef struct ip6_link_t_
36 /** interface ip6 is enabled on */
39 /** link-local address - if unset that IP6 is disabled*/
40 ip6_address_t il_ll_addr;
42 /** list of delegates */
43 ip6_link_delegate_t *il_delegates;
45 /** multicast adjacency for this link */
46 adj_index_t il_mcast_adj;
48 /** number of references to IP6 enabled on this link */
52 #define FOREACH_IP6_LINK_DELEGATE(_ild, _il, body) \
55 vec_foreach (_ild, _il->il_delegates) { \
56 if (ip6_link_delegate_is_init(_ild)) \
62 #define FOREACH_IP6_LINK_DELEGATE_ID(_id) \
63 for (_id = 0; _id < il_delegate_id; _id++)
65 /** last used delegate ID */
66 static ip6_link_delegate_id_t il_delegate_id;
68 /** VFT registered per-delegate type */
69 static ip6_link_delegate_vft_t *il_delegate_vfts;
71 /** Per interface configs */
72 static ip6_link_t *ip6_links;
75 static u64 il_randomizer;
78 static vlib_log_class_t ip6_link_logger;
80 #define IP6_LINK_DBG(...) \
81 vlib_log_debug (ip6_link_logger, __VA_ARGS__);
83 #define IP6_LINK_INFO(...) \
84 vlib_log_notice (ip6_link_logger, __VA_ARGS__);
87 ip6_link_delegate_is_init (const ip6_link_delegate_t * ild)
89 return (~0 != ild->ild_sw_if_index);
93 ip6_link_is_enabled_i (const ip6_link_t * il)
95 return (!ip6_address_is_zero (&il->il_ll_addr));
99 ip6_link_local_address_from_mac (ip6_address_t * ip, const u8 * mac)
101 ip->as_u64[0] = clib_host_to_net_u64 (0xFE80000000000000ULL);
102 /* Invert the "u" bit */
103 ip->as_u8[8] = mac[0] ^ (1 << 1);
104 ip->as_u8[9] = mac[1];
105 ip->as_u8[10] = mac[2];
106 ip->as_u8[11] = 0xFF;
107 ip->as_u8[12] = 0xFE;
108 ip->as_u8[13] = mac[3];
109 ip->as_u8[14] = mac[4];
110 ip->as_u8[15] = mac[5];
114 ip6_mac_address_from_link_local (u8 * mac, const ip6_address_t * ip)
116 /* Invert the previously inverted "u" bit */
117 mac[0] = ip->as_u8[8] ^ (1 << 1);
118 mac[1] = ip->as_u8[9];
119 mac[2] = ip->as_u8[10];
120 mac[3] = ip->as_u8[13];
121 mac[4] = ip->as_u8[14];
122 mac[5] = ip->as_u8[15];
126 ip6_link_get (u32 sw_if_index)
130 if (sw_if_index >= vec_len (ip6_links))
133 il = &ip6_links[sw_if_index];
135 if (!ip6_link_is_enabled_i (il))
142 ip6_link_is_enabled (u32 sw_if_index)
144 return (NULL != ip6_link_get (sw_if_index));
149 ip6_link_enable (u32 sw_if_index, const ip6_address_t * link_local_addr)
154 il = ip6_link_get (sw_if_index);
158 const vnet_sw_interface_t *sw, *sw_sup;
159 const ethernet_interface_t *eth;
162 vnm = vnet_get_main ();
164 IP6_LINK_INFO ("enable: %U",
165 format_vnet_sw_if_index_name, vnm, sw_if_index);
167 sw_sup = vnet_get_sup_sw_interface (vnm, sw_if_index);
168 if (sw_sup->type != VNET_SW_INTERFACE_TYPE_HARDWARE)
170 rv = VNET_API_ERROR_UNSUPPORTED;
174 eth = ethernet_get_interface (ðernet_main, sw_sup->hw_if_index);
178 rv = VNET_API_ERROR_UNSUPPORTED;
182 vec_validate (ip6_links, sw_if_index);
184 il = &ip6_links[sw_if_index];
186 il->il_sw_if_index = sw_if_index;
188 sw = vnet_get_sup_sw_interface (vnm, sw_if_index);
190 if (NULL != link_local_addr)
191 ip6_address_copy (&il->il_ll_addr, link_local_addr);
192 else if (sw->type == VNET_SW_INTERFACE_TYPE_SUB ||
193 sw->type == VNET_SW_INTERFACE_TYPE_PIPE ||
194 sw->type == VNET_SW_INTERFACE_TYPE_P2P)
196 il->il_ll_addr.as_u64[0] =
197 clib_host_to_net_u64 (0xFE80000000000000ULL);
199 /* make up an interface id */
200 il->il_ll_addr.as_u64[1] = random_u64 (&il_randomizer);
203 il->il_ll_addr.as_u8[8] &= 0xfd;
207 ip6_link_local_address_from_mac (&il->il_ll_addr,
208 eth->address.mac.bytes);
212 ip6_ll_prefix_t ilp = {
213 .ilp_addr = il->il_ll_addr,
214 .ilp_sw_if_index = sw_if_index,
217 ip6_ll_table_entry_update (&ilp, FIB_ROUTE_PATH_LOCAL);
220 /* essentially "enables" ipv6 on this interface */
221 ip6_mfib_interface_enable_disable (sw_if_index, 1);
222 ip6_sw_interface_enable_disable (sw_if_index, 1);
224 il->il_mcast_adj = adj_mcast_add_or_lock (FIB_PROTOCOL_IP6,
225 VNET_LINK_IP6, sw_if_index);
227 /* inform all register clients */
228 ip6_link_delegate_id_t id;
229 FOREACH_IP6_LINK_DELEGATE_ID (id)
231 if (NULL != il_delegate_vfts[id].ildv_enable)
232 il_delegate_vfts[id].ildv_enable (il->il_sw_if_index);
239 rv = VNET_API_ERROR_VALUE_EXIST;
249 ip6_link_delegate_flush (ip6_link_t * il)
251 ip6_link_delegate_t *ild;
254 FOREACH_IP6_LINK_DELEGATE (ild, il,
256 il_delegate_vfts[ild->ild_type].ildv_disable(ild->ild_index);
260 vec_free (il->il_delegates);
261 il->il_delegates = NULL;
265 ip6_link_last_lock_gone (ip6_link_t * il)
267 ip6_ll_prefix_t ilp = {
268 .ilp_addr = il->il_ll_addr,
269 .ilp_sw_if_index = il->il_sw_if_index,
272 IP6_LINK_INFO ("last-lock: %U",
273 format_vnet_sw_if_index_name,
274 vnet_get_main (), il->il_sw_if_index);
276 ip6_link_delegate_flush (il);
277 ip6_ll_table_entry_delete (&ilp);
279 ip6_mfib_interface_enable_disable (il->il_sw_if_index, 0);
280 ip6_sw_interface_enable_disable (il->il_sw_if_index, 0);
282 ip6_address_set_zero (&il->il_ll_addr);
283 adj_unlock (il->il_mcast_adj);
284 il->il_mcast_adj = ADJ_INDEX_INVALID;
288 ip6_link_unlock (ip6_link_t * il)
295 if (0 == il->il_locks)
296 ip6_link_last_lock_gone (il);
300 ip6_link_disable (u32 sw_if_index)
304 il = ip6_link_get (sw_if_index);
307 return (VNET_API_ERROR_IP6_NOT_ENABLED);
309 IP6_LINK_INFO ("disable: %U",
310 format_vnet_sw_if_index_name, vnet_get_main (), sw_if_index);
312 ip6_link_unlock (il);
317 const ip6_address_t *
318 ip6_get_link_local_address (u32 sw_if_index)
320 const ip6_link_t *il;
322 vec_validate (ip6_links, sw_if_index);
324 il = &ip6_links[sw_if_index];
326 return (&il->il_ll_addr);
330 ip6_link_get_mcast_adj (u32 sw_if_index)
332 const ip6_link_t *il;
334 il = &ip6_links[sw_if_index];
336 return (il->il_mcast_adj);
340 ip6_src_address_for_packet (u32 sw_if_index,
341 const ip6_address_t * dst, ip6_address_t * src)
343 ip_lookup_main_t *lm;
345 lm = &ip6_main.lookup_main;
347 if (ip6_address_is_link_local_unicast (dst))
349 ip6_address_copy (src, ip6_get_link_local_address (sw_if_index));
356 lm->if_address_pool_index_by_sw_if_index[sw_if_index];
357 if (PREDICT_TRUE (if_add_index != ~0))
359 ip_interface_address_t *if_add =
360 pool_elt_at_index (lm->if_address_pool, if_add_index);
361 ip6_address_t *if_ip =
362 ip_interface_address_get_address (lm, if_add);
375 ip6_link_set_local_address (u32 sw_if_index, const ip6_address_t * address)
377 ip6_link_delegate_t *ild;
380 il = ip6_link_get (sw_if_index);
383 return ip6_link_enable (sw_if_index, address);
385 ip6_ll_prefix_t ilp = {
386 .ilp_addr = il->il_ll_addr,
387 .ilp_sw_if_index = sw_if_index,
390 IP6_LINK_INFO ("set-ll: %U -> %U",
391 format_vnet_sw_if_index_name, vnet_get_main (), sw_if_index,
392 format_ip6_address, address);
394 ip6_ll_table_entry_delete (&ilp);
395 ip6_address_copy (&il->il_ll_addr, address);
396 ip6_address_copy (&ilp.ilp_addr, address);
397 ip6_ll_table_entry_update (&ilp, FIB_ROUTE_PATH_LOCAL);
400 FOREACH_IP6_LINK_DELEGATE (ild, il,
402 if (NULL != il_delegate_vfts[ild->ild_type].ildv_ll_change)
403 il_delegate_vfts[ild->ild_type].ildv_ll_change(ild->ild_index,
411 ip6_link_delegate_id_t
412 ip6_link_delegate_register (const ip6_link_delegate_vft_t * vft)
414 ip6_link_delegate_id_t rc = il_delegate_id++;
416 ASSERT (vft->ildv_disable);
418 vec_validate (il_delegate_vfts, rc);
420 il_delegate_vfts[rc] = *vft;
426 ip6_link_delegate_get (u32 sw_if_index, ip6_link_delegate_id_t id)
430 il = ip6_link_get (sw_if_index);
433 return (INDEX_INVALID);
435 vec_validate_init_empty (il->il_delegates, id, ip6_link_delegate_uninit);
437 if (!ip6_link_delegate_is_init (&il->il_delegates[id]))
438 return (INDEX_INVALID);
440 return (il->il_delegates[id].ild_index);
444 ip6_link_delegate_update (u32 sw_if_index,
445 ip6_link_delegate_id_t id, index_t ii)
449 il = ip6_link_get (sw_if_index);
454 vec_validate_init_empty (il->il_delegates, id, ip6_link_delegate_uninit);
456 il->il_delegates[id].ild_sw_if_index = sw_if_index;
457 il->il_delegates[id].ild_type = id;
458 il->il_delegates[id].ild_index = ii;
464 ip6_link_delegate_remove (u32 sw_if_index,
465 ip6_link_delegate_id_t id, index_t ii)
469 il = ip6_link_get (sw_if_index);
473 if (vec_len (il->il_delegates) > id)
475 clib_memcpy (&il->il_delegates[id],
476 &ip6_link_delegate_uninit,
477 sizeof (il->il_delegates[0]));
483 ip6_link_add_del_address (ip6_main_t * im,
486 ip6_address_t * address,
488 u32 if_address_index, u32 is_delete)
490 const ip6_link_delegate_t *ild;
493 if (ip6_address_is_link_local_unicast (address))
494 // only interested in global addresses here
497 IP6_LINK_INFO ("addr-%s: %U -> %U",
498 (is_delete ? "del" : "add"),
499 format_vnet_sw_if_index_name, vnet_get_main (), sw_if_index,
500 format_ip6_address, address);
502 il = ip6_link_get (sw_if_index);
508 FOREACH_IP6_LINK_DELEGATE (ild, il,
512 if (NULL != il_delegate_vfts[ild->ild_type].ildv_addr_del)
513 il_delegate_vfts[ild->ild_type].ildv_addr_del(ild->ild_index,
514 address, address_length);
518 if (NULL != il_delegate_vfts[ild->ild_type].ildv_addr_add)
519 il_delegate_vfts[ild->ild_type].ildv_addr_add(ild->ild_index,
520 address, address_length);
526 static clib_error_t *
527 ip6_link_interface_add_del (vnet_main_t * vnm, u32 sw_if_index, u32 is_add)
533 il = ip6_link_get (sw_if_index);
535 IP6_LINK_DBG ("link-del: %U",
536 format_vnet_sw_if_index_name, vnet_get_main (),
541 ip6_link_last_lock_gone (il);
547 VNET_SW_INTERFACE_ADD_DEL_FUNCTION (ip6_link_interface_add_del);
549 static clib_error_t *
550 ip6_link_init (vlib_main_t * vm)
552 il_randomizer = clib_cpu_time_now ();
553 ip6_link_logger = vlib_log_register_class ("ip6", "link");
556 ip6_add_del_interface_address_callback_t cb = {
557 .function = ip6_link_add_del_address,
559 vec_add1 (ip6_main.add_del_interface_address_callbacks, cb);
564 VLIB_INIT_FUNCTION (ip6_link_init);
567 static clib_error_t *
568 test_ip6_link_command_fn (vlib_main_t * vm,
569 unformat_input_t * input, vlib_cli_command_t * cmd)
572 ip6_address_t _a, *a = &_a;
574 if (unformat (input, "%U", unformat_ethernet_address, mac))
576 ip6_link_local_address_from_mac (a, mac);
577 vlib_cli_output (vm, "Link local address: %U", format_ip6_address, a);
578 ip6_mac_address_from_link_local (mac, a);
579 vlib_cli_output (vm, "Original MAC address: %U",
580 format_ethernet_address, mac);
587 * This command converts the given MAC Address into an IPv6 link-local
591 * Example of how to create an IPv6 link-local address:
592 * @cliexstart{test ip6 link 16:d9:e0:91:79:86}
593 * Link local address: fe80::14d9:e0ff:fe91:7986
594 * Original MAC address: 16:d9:e0:91:79:86
598 VLIB_CLI_COMMAND (test_link_command, static) =
600 .path = "test ip6 link",
601 .function = test_ip6_link_command_fn,
602 .short_help = "test ip6 link <mac-address>",
607 ip6_print_addrs (u8 * s, u32 * addrs)
609 ip_lookup_main_t *lm = &ip6_main.lookup_main;
612 for (i = 0; i < vec_len (addrs); i++)
614 ip_interface_address_t *a =
615 pool_elt_at_index (lm->if_address_pool, addrs[i]);
616 ip6_address_t *address = ip_interface_address_get_address (lm, a);
618 s = format (s, "%U%U/%d\n",
619 format_white_space, 4,
620 format_ip6_address, address, a->address_length);
627 format_ip6_link (u8 * s, va_list * arg)
629 const ip6_link_t *il = va_arg (*arg, ip6_link_t *);
630 ip_lookup_main_t *lm = &ip6_main.lookup_main;
631 vnet_main_t *vnm = vnet_get_main ();
633 if (!ip6_link_is_enabled_i (il))
636 s = format (s, "%U is admin %s\n",
637 format_vnet_sw_interface_name, vnm,
638 vnet_get_sw_interface (vnm, il->il_sw_if_index),
639 (vnet_sw_interface_is_admin_up (vnm, il->il_sw_if_index) ?
643 u32 *link_scope = 0, *global_scope = 0;
644 u32 *local_scope = 0, *unknown_scope = 0;
645 ip_interface_address_t *a;
646 const ip6_link_delegate_t *ild;
648 vec_validate_init_empty (lm->if_address_pool_index_by_sw_if_index,
649 il->il_sw_if_index, ~0);
650 ai = lm->if_address_pool_index_by_sw_if_index[il->il_sw_if_index];
652 while (ai != (u32) ~ 0)
654 a = pool_elt_at_index (lm->if_address_pool, ai);
655 ip6_address_t *address = ip_interface_address_get_address (lm, a);
657 if (ip6_address_is_link_local_unicast (address))
658 vec_add1 (link_scope, ai);
659 else if (ip6_address_is_global_unicast (address))
660 vec_add1 (global_scope, ai);
661 else if (ip6_address_is_local_unicast (address))
662 vec_add1 (local_scope, ai);
664 vec_add1 (unknown_scope, ai);
666 ai = a->next_this_sw_interface;
669 if (vec_len (link_scope))
671 s = format (s, "%ULink-local address(es):\n", format_white_space, 2);
672 s = ip6_print_addrs (s, link_scope);
673 vec_free (link_scope);
676 if (vec_len (local_scope))
678 s = format (s, "%ULocal unicast address(es):\n", format_white_space, 2);
679 s = ip6_print_addrs (s, local_scope);
680 vec_free (local_scope);
683 if (vec_len (global_scope))
685 s = format (s, "%UGlobal unicast address(es):\n",
686 format_white_space, 2);
687 s = ip6_print_addrs (s, global_scope);
688 vec_free (global_scope);
691 if (vec_len (unknown_scope))
693 s = format (s, "%UOther-scope address(es):\n", format_white_space, 2);
694 s = ip6_print_addrs (s, unknown_scope);
695 vec_free (unknown_scope);
698 s = format (s, "%ULink-local address(es):\n", format_white_space, 2);
699 s = format (s, "%U%U\n",
700 format_white_space, 4, format_ip6_address, &il->il_ll_addr);
703 FOREACH_IP6_LINK_DELEGATE(ild, il,
705 s = format (s, "%U", il_delegate_vfts[ild->ild_type].ildv_format,
713 static clib_error_t *
714 ip6_link_show (vlib_main_t * vm,
715 unformat_input_t * input, vlib_cli_command_t * cmd)
717 const ip6_link_t *il;
721 vnm = vnet_get_main ();
724 if (unformat_user (input, unformat_vnet_sw_interface, vnm, &sw_if_index))
726 il = ip6_link_get (sw_if_index);
730 vlib_cli_output (vm, "IP6 disabled");
734 vlib_cli_output (vm, "%U", format_ip6_link, il);
738 vec_foreach (il, ip6_links)
739 vlib_cli_output (vm, "%U", format_ip6_link, il);
746 * This command is used to display various IPv6 attributes on a given
750 * Example of how to display IPv6 settings:
751 * @cliexstart{show ip6 interface GigabitEthernet2/0/0}
752 * GigabitEthernet2/0/0 is admin up
753 * Link-local address(es):
755 * Joined group address(es):
760 * Advertised Prefixes:
761 * prefix fe80::fe:28ff:fe9c:75b3, length 64
763 * ICMP error messages are unlimited
764 * ICMP redirects are disabled
765 * ICMP unreachables are not sent
767 * ND advertised reachable time is 0
768 * ND advertised retransmit interval is 0 (msec)
769 * ND router advertisements are sent every 200 seconds (min interval is 150)
770 * ND router advertisements live for 600 seconds
771 * Hosts use stateless autoconfig for addresses
772 * ND router advertisements sent 19336
773 * ND router solicitations received 0
774 * ND router solicitations dropped 0
776 * Example of output if IPv6 is not enabled on the interface:
777 * @cliexstart{show ip6 interface GigabitEthernet2/0/0}
778 * show ip6 interface: IPv6 not enabled on interface
782 VLIB_CLI_COMMAND (ip6_link_show_command, static) =
784 .path = "show ip6 interface",
785 .function = ip6_link_show,
786 .short_help = "show ip6 interface <interface>",
790 static clib_error_t *
791 enable_ip6_interface_cmd (vlib_main_t * vm,
792 unformat_input_t * input, vlib_cli_command_t * cmd)
794 vnet_main_t *vnm = vnet_get_main ();
795 clib_error_t *error = NULL;
800 if (unformat_user (input, unformat_vnet_sw_interface, vnm, &sw_if_index))
802 if (ip6_link_enable (sw_if_index, NULL))
803 error = clib_error_return (0, "Failed\n");
807 error = clib_error_return (0, "unknown interface\n'",
808 format_unformat_error, input);
815 * This command is used to enable IPv6 on a given interface.
818 * Example of how enable IPv6 on a given interface:
819 * @cliexcmd{enable ip6 interface GigabitEthernet2/0/0}
822 VLIB_CLI_COMMAND (enable_ip6_interface_command, static) =
824 .path = "enable ip6 interface",
825 .function = enable_ip6_interface_cmd,
826 .short_help = "enable ip6 interface <interface>",
830 static clib_error_t *
831 disable_ip6_interface_cmd (vlib_main_t * vm,
832 unformat_input_t * input, vlib_cli_command_t * cmd)
834 vnet_main_t *vnm = vnet_get_main ();
835 clib_error_t *error = NULL;
840 if (unformat_user (input, unformat_vnet_sw_interface, vnm, &sw_if_index))
842 if (ip6_link_disable (sw_if_index))
843 error = clib_error_return (0, "Failed\n");
847 error = clib_error_return (0, "unknown interface\n'",
848 format_unformat_error, input);
855 * This command is used to disable IPv6 on a given interface.
858 * Example of how disable IPv6 on a given interface:
859 * @cliexcmd{disable ip6 interface GigabitEthernet2/0/0}
862 VLIB_CLI_COMMAND (disable_ip6_interface_command, static) =
864 .path = "disable ip6 interface",
865 .function = disable_ip6_interface_cmd,
866 .short_help = "disable ip6 interface <interface>",
871 * fd.io coding-style-patch-verification: ON
874 * eval: (c-set-style "gnu")