2 * Copyright (c) 2015 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
19 #include <vnet/l2/l2_classify.h>
20 #include <vnet/api_errno.h>
24 * @brief L2 input classifier.
26 * @sa @ref vnet/vnet/classify/vnet_classify.c
27 * @sa @ref vnet/vnet/classify/vnet_classify.h
31 * @brief l2_input_classifier packet trace record.
35 /** interface handle for the ith packet */
37 /** graph arc index selected for this packet */
39 /** classifier table which provided the final result */
41 /** offset in classifier heap of the corresponding session */
43 } l2_input_classify_trace_t;
46 * @brief vlib node runtime.
50 /** use-case independent main object pointer */
51 vnet_classify_main_t *vcm;
52 /** l2 input classifier main object pointer */
53 l2_input_classify_main_t *l2cm;
54 } l2_input_classify_runtime_t;
56 /** Packet trace format function. */
58 format_l2_input_classify_trace (u8 * s, va_list * args)
60 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
61 CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
62 l2_input_classify_trace_t *t = va_arg (*args, l2_input_classify_trace_t *);
64 s = format (s, "l2-classify: sw_if_index %d, table %d, offset %x, next %d",
65 t->sw_if_index, t->table_index, t->session_offset,
70 /** l2 input classifier main data structure. */
71 l2_input_classify_main_t l2_input_classify_main;
73 vlib_node_registration_t l2_input_classify_node;
75 #define foreach_l2_input_classify_error \
76 _(MISS, "Classify misses") \
77 _(HIT, "Classify hits") \
78 _(CHAIN_HIT, "Classify hits after chain walk") \
79 _(DROP, "L2 Classify Drops")
83 #define _(sym,str) L2_INPUT_CLASSIFY_ERROR_##sym,
84 foreach_l2_input_classify_error
86 L2_INPUT_CLASSIFY_N_ERROR,
87 } l2_input_classify_error_t;
89 static char *l2_input_classify_error_strings[] = {
90 #define _(sym,string) string,
91 foreach_l2_input_classify_error
96 * @brief l2 input classifier node.
97 * @node l2-input-classify
99 * This is the l2 input classifier dispatch node
101 * @param vm vlib_main_t corresponding to the current thread.
102 * @param node vlib_node_runtime_t data for this node.
103 * @param frame vlib_frame_t whose contents should be dispatched.
105 * @par Graph mechanics: buffer metadata, next index usage
108 * - <code>(l2_input_classify_runtime_t *)
109 * rt->classify_table_index_by_sw_if_index</code>
110 * - Head of the per-interface, per-protocol classifier table chain
111 * for a specific interface.
112 * - @c ~0 => send pkts to the next feature in the L2 feature chain.
113 * - <code>vnet_buffer(b)->sw_if_index[VLIB_RX]</code>
114 * - Indicates the @c sw_if_index value of the interface that the
115 * packet was received on.
116 * - <code>vnet_buffer(b0)->l2.feature_bitmap</code>
117 * - Used to steer packets across l2 features enabled on the interface
118 * - <code>(vnet_classify_entry_t) e0->next_index</code>
119 * - Used to steer traffic when the classifier hits on a session
120 * - <code>(vnet_classify_entry_t) e0->advance</code>
121 * - Signed quantity applied via <code>vlib_buffer_advance</code>
122 * when the classifier hits on a session
123 * - <code>(vnet_classify_table_t) t0->miss_next_index</code>
124 * - Used to steer traffic when the classifier misses
127 * - <code>vnet_buffer (b0)->l2_classify.table_index</code>
128 * - Classifier table index of the first classifier table in
129 * the classifier table chain
130 * - <code>vnet_buffer (b0)->l2_classify.hash</code>
131 * - Bounded-index extensible hash corresponding to the
132 * masked fields in the current packet
133 * - <code>vnet_buffer (b0)->l2.feature_bitmap</code>
134 * - Used to steer packets across l2 features enabled on the interface
135 * - <code>vnet_buffer (b0)->l2_classify.opaque_index</code>
136 * - Copied from the classifier session object upon classifier hit
139 * - <code>L2_INPUT_CLASSIFY_ERROR_MISS</code> Classifier misses
140 * - <code>L2_INPUT_CLASSIFY_ERROR_HIT</code> Classifier hits
141 * - <code>L2_INPUT_CLASSIFY_ERROR_CHAIN_HIT</code>
142 * Classifier hits in other than the first table
146 l2_input_classify_node_fn (vlib_main_t * vm,
147 vlib_node_runtime_t * node, vlib_frame_t * frame)
149 u32 n_left_from, *from, *to_next;
150 l2_input_classify_next_t next_index;
151 l2_input_classify_main_t *cm = &l2_input_classify_main;
152 vnet_classify_main_t *vcm = cm->vnet_classify_main;
153 l2_input_classify_runtime_t *rt =
154 (l2_input_classify_runtime_t *) node->runtime_data;
161 n_next_nodes = node->n_next_nodes;
163 now = vlib_time_now (vm);
165 n_left_from = frame->n_vectors;
166 from = vlib_frame_vector_args (frame);
168 /* First pass: compute hash */
170 while (n_left_from >= 4)
172 vlib_buffer_t *b0, *b1;
174 ethernet_header_t *h0, *h1;
175 u32 sw_if_index0, sw_if_index1;
177 int type_index0, type_index1;
178 vnet_classify_table_t *t0, *t1;
179 u32 table_index0, table_index1;
183 /* prefetch next iteration */
185 vlib_buffer_t *p2, *p3;
187 p2 = vlib_get_buffer (vm, from[2]);
188 p3 = vlib_get_buffer (vm, from[3]);
190 vlib_prefetch_buffer_header (p2, STORE);
191 CLIB_PREFETCH (p2->data, CLIB_CACHE_LINE_BYTES, STORE);
192 vlib_prefetch_buffer_header (p3, STORE);
193 CLIB_PREFETCH (p3->data, CLIB_CACHE_LINE_BYTES, STORE);
197 b0 = vlib_get_buffer (vm, bi0);
198 h0 = vlib_buffer_get_current (b0);
201 b1 = vlib_get_buffer (vm, bi1);
202 h1 = vlib_buffer_get_current (b1);
204 sw_if_index0 = vnet_buffer (b0)->sw_if_index[VLIB_RX];
205 vnet_buffer (b0)->l2_classify.table_index = ~0;
207 sw_if_index1 = vnet_buffer (b1)->sw_if_index[VLIB_RX];
208 vnet_buffer (b1)->l2_classify.table_index = ~0;
210 /* Select classifier table based on ethertype */
211 type0 = clib_net_to_host_u16 (h0->type);
212 type1 = clib_net_to_host_u16 (h1->type);
214 type_index0 = (type0 == ETHERNET_TYPE_IP4)
215 ? L2_INPUT_CLASSIFY_TABLE_IP4 : L2_INPUT_CLASSIFY_TABLE_OTHER;
216 type_index0 = (type0 == ETHERNET_TYPE_IP6)
217 ? L2_INPUT_CLASSIFY_TABLE_IP6 : type_index0;
219 type_index1 = (type1 == ETHERNET_TYPE_IP4)
220 ? L2_INPUT_CLASSIFY_TABLE_IP4 : L2_INPUT_CLASSIFY_TABLE_OTHER;
221 type_index1 = (type1 == ETHERNET_TYPE_IP6)
222 ? L2_INPUT_CLASSIFY_TABLE_IP6 : type_index1;
224 vnet_buffer (b0)->l2_classify.table_index =
226 rt->l2cm->classify_table_index_by_sw_if_index
227 [type_index0][sw_if_index0];
229 if (table_index0 != ~0)
231 t0 = pool_elt_at_index (vcm->tables, table_index0);
233 vnet_buffer (b0)->l2_classify.hash = hash0 =
234 vnet_classify_hash_packet (t0, (u8 *) h0);
235 vnet_classify_prefetch_bucket (t0, hash0);
238 vnet_buffer (b1)->l2_classify.table_index =
240 rt->l2cm->classify_table_index_by_sw_if_index
241 [type_index1][sw_if_index1];
243 if (table_index1 != ~0)
245 t1 = pool_elt_at_index (vcm->tables, table_index1);
247 vnet_buffer (b1)->l2_classify.hash = hash1 =
248 vnet_classify_hash_packet (t1, (u8 *) h1);
249 vnet_classify_prefetch_bucket (t1, hash1);
256 while (n_left_from > 0)
260 ethernet_header_t *h0;
264 vnet_classify_table_t *t0;
269 b0 = vlib_get_buffer (vm, bi0);
270 h0 = vlib_buffer_get_current (b0);
272 sw_if_index0 = vnet_buffer (b0)->sw_if_index[VLIB_RX];
273 vnet_buffer (b0)->l2_classify.table_index = ~0;
275 /* Select classifier table based on ethertype */
276 type0 = clib_net_to_host_u16 (h0->type);
278 type_index0 = (type0 == ETHERNET_TYPE_IP4)
279 ? L2_INPUT_CLASSIFY_TABLE_IP4 : L2_INPUT_CLASSIFY_TABLE_OTHER;
280 type_index0 = (type0 == ETHERNET_TYPE_IP6)
281 ? L2_INPUT_CLASSIFY_TABLE_IP6 : type_index0;
283 vnet_buffer (b0)->l2_classify.table_index =
284 table_index0 = rt->l2cm->classify_table_index_by_sw_if_index
285 [type_index0][sw_if_index0];
287 if (table_index0 != ~0)
289 t0 = pool_elt_at_index (vcm->tables, table_index0);
291 vnet_buffer (b0)->l2_classify.hash = hash0 =
292 vnet_classify_hash_packet (t0, (u8 *) h0);
293 vnet_classify_prefetch_bucket (t0, hash0);
299 next_index = node->cached_next_index;
300 from = vlib_frame_vector_args (frame);
301 n_left_from = frame->n_vectors;
303 while (n_left_from > 0)
307 vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
309 /* Not enough load/store slots to dual loop... */
310 while (n_left_from > 0 && n_left_to_next > 0)
314 u32 next0 = ~0; /* next l2 input feature, please... */
315 ethernet_header_t *h0;
318 vnet_classify_table_t *t0;
319 vnet_classify_entry_t *e0;
321 if (PREDICT_TRUE (n_left_from > 2))
323 vlib_buffer_t *p2 = vlib_get_buffer (vm, from[2]);
326 vnet_classify_table_t *tp2;
329 * Prefetch table entry two ahead. Buffer / data
330 * were prefetched above...
332 table_index2 = vnet_buffer (p2)->l2_classify.table_index;
334 if (PREDICT_TRUE (table_index2 != ~0))
336 tp2 = pool_elt_at_index (vcm->tables, table_index2);
337 phash2 = vnet_buffer (p2)->l2_classify.hash;
338 vnet_classify_prefetch_entry (tp2, phash2);
342 /* speculatively enqueue b0 to the current next frame */
350 b0 = vlib_get_buffer (vm, bi0);
351 h0 = vlib_buffer_get_current (b0);
352 table_index0 = vnet_buffer (b0)->l2_classify.table_index;
354 vnet_buffer (b0)->l2_classify.opaque_index = ~0;
356 if (PREDICT_TRUE (table_index0 != ~0))
358 hash0 = vnet_buffer (b0)->l2_classify.hash;
359 t0 = pool_elt_at_index (vcm->tables, table_index0);
361 e0 = vnet_classify_find_entry (t0, (u8 *) h0, hash0, now);
364 vnet_buffer (b0)->l2_classify.opaque_index
366 vlib_buffer_advance (b0, e0->advance);
367 next0 = (e0->next_index < n_next_nodes) ?
368 e0->next_index : next0;
375 if (t0->next_table_index != ~0)
376 t0 = pool_elt_at_index (vcm->tables,
377 t0->next_table_index);
380 next0 = (t0->miss_next_index < n_next_nodes) ?
381 t0->miss_next_index : next0;
386 hash0 = vnet_classify_hash_packet (t0, (u8 *) h0);
388 vnet_classify_find_entry (t0, (u8 *) h0, hash0, now);
391 vnet_buffer (b0)->l2_classify.opaque_index
393 vlib_buffer_advance (b0, e0->advance);
394 next0 = (e0->next_index < n_next_nodes) ?
395 e0->next_index : next0;
404 if (PREDICT_FALSE (next0 == 0))
405 b0->error = node->errors[L2_INPUT_CLASSIFY_ERROR_DROP];
407 /* Determine the next node and remove ourself from bitmap */
408 if (PREDICT_TRUE (next0 == ~0))
409 next0 = vnet_l2_feature_next (b0, cm->l2_inp_feat_next,
410 L2INPUT_FEAT_INPUT_CLASSIFY);
412 vnet_buffer (b0)->l2.feature_bitmap &=
413 ~L2INPUT_FEAT_INPUT_CLASSIFY;
415 if (PREDICT_FALSE ((node->flags & VLIB_NODE_FLAG_TRACE)
416 && (b0->flags & VLIB_BUFFER_IS_TRACED)))
418 l2_input_classify_trace_t *t =
419 vlib_add_trace (vm, node, b0, sizeof (*t));
420 t->sw_if_index = vnet_buffer (b0)->sw_if_index[VLIB_RX];
421 t->table_index = table_index0;
422 t->next_index = next0;
423 t->session_offset = e0 ? vnet_classify_get_offset (t0, e0) : 0;
426 /* verify speculative enqueue, maybe switch current next frame */
427 vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
428 to_next, n_left_to_next,
432 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
435 vlib_node_increment_counter (vm, node->node_index,
436 L2_INPUT_CLASSIFY_ERROR_MISS, misses);
437 vlib_node_increment_counter (vm, node->node_index,
438 L2_INPUT_CLASSIFY_ERROR_HIT, hits);
439 vlib_node_increment_counter (vm, node->node_index,
440 L2_INPUT_CLASSIFY_ERROR_CHAIN_HIT, chain_hits);
441 return frame->n_vectors;
445 VLIB_REGISTER_NODE (l2_input_classify_node) = {
446 .function = l2_input_classify_node_fn,
447 .name = "l2-input-classify",
448 .vector_size = sizeof (u32),
449 .format_trace = format_l2_input_classify_trace,
450 .type = VLIB_NODE_TYPE_INTERNAL,
452 .n_errors = ARRAY_LEN(l2_input_classify_error_strings),
453 .error_strings = l2_input_classify_error_strings,
455 .runtime_data_bytes = sizeof (l2_input_classify_runtime_t),
457 .n_next_nodes = L2_INPUT_CLASSIFY_N_NEXT,
459 /* edit / add dispositions here */
461 [L2_INPUT_CLASSIFY_NEXT_DROP] = "error-drop",
462 [L2_INPUT_CLASSIFY_NEXT_ETHERNET_INPUT] = "ethernet-input-not-l2",
463 [L2_INPUT_CLASSIFY_NEXT_IP4_INPUT] = "ip4-input",
464 [L2_INPUT_CLASSIFY_NEXT_IP6_INPUT] = "ip6-input",
465 [L2_INPUT_CLASSIFY_NEXT_LI] = "li-hit",
470 VLIB_NODE_FUNCTION_MULTIARCH (l2_input_classify_node,
471 l2_input_classify_node_fn);
473 /** l2 input classsifier feature initialization. */
475 l2_input_classify_init (vlib_main_t * vm)
477 l2_input_classify_main_t *cm = &l2_input_classify_main;
478 l2_input_classify_runtime_t *rt;
480 rt = vlib_node_get_runtime_data (vm, l2_input_classify_node.index);
483 cm->vnet_main = vnet_get_main ();
484 cm->vnet_classify_main = &vnet_classify_main;
486 /* Initialize the feature next-node indexes */
487 feat_bitmap_init_next_nodes (vm,
488 l2_input_classify_node.index,
490 l2input_get_feat_names (),
491 cm->l2_inp_feat_next);
493 rt->vcm = cm->vnet_classify_main;
498 VLIB_INIT_FUNCTION (l2_input_classify_init);
501 l2_input_classify_worker_init (vlib_main_t * vm)
503 l2_input_classify_main_t *cm = &l2_input_classify_main;
504 l2_input_classify_runtime_t *rt;
506 rt = vlib_node_get_runtime_data (vm, l2_input_classify_node.index);
509 rt->vcm = cm->vnet_classify_main;
514 VLIB_WORKER_INIT_FUNCTION (l2_input_classify_worker_init);
516 /** Enable/disable l2 input classification on a specific interface. */
518 vnet_l2_input_classify_enable_disable (u32 sw_if_index, int enable_disable)
520 l2input_intf_bitmap_enable (sw_if_index, L2INPUT_FEAT_INPUT_CLASSIFY,
521 (u32) enable_disable);
524 /** @brief Set l2 per-protocol, per-interface input classification tables.
526 * @param sw_if_index interface handle
527 * @param ip4_table_index ip4 classification table index, or ~0
528 * @param ip6_table_index ip6 classification table index, or ~0
529 * @param other_table_index non-ip4, non-ip6 classification table index,
531 * @returns 0 on success, VNET_API_ERROR_NO_SUCH_TABLE, TABLE2, TABLE3
532 * if the indicated (non-~0) table does not exist.
536 vnet_l2_input_classify_set_tables (u32 sw_if_index,
538 u32 ip6_table_index, u32 other_table_index)
540 l2_input_classify_main_t *cm = &l2_input_classify_main;
541 vnet_classify_main_t *vcm = cm->vnet_classify_main;
543 /* Assume that we've validated sw_if_index in the API layer */
545 if (ip4_table_index != ~0 &&
546 pool_is_free_index (vcm->tables, ip4_table_index))
547 return VNET_API_ERROR_NO_SUCH_TABLE;
549 if (ip6_table_index != ~0 &&
550 pool_is_free_index (vcm->tables, ip6_table_index))
551 return VNET_API_ERROR_NO_SUCH_TABLE2;
553 if (other_table_index != ~0 &&
554 pool_is_free_index (vcm->tables, other_table_index))
555 return VNET_API_ERROR_NO_SUCH_TABLE3;
558 (cm->classify_table_index_by_sw_if_index[L2_INPUT_CLASSIFY_TABLE_IP4],
562 (cm->classify_table_index_by_sw_if_index[L2_INPUT_CLASSIFY_TABLE_IP6],
566 (cm->classify_table_index_by_sw_if_index[L2_INPUT_CLASSIFY_TABLE_OTHER],
569 cm->classify_table_index_by_sw_if_index[L2_INPUT_CLASSIFY_TABLE_IP4]
570 [sw_if_index] = ip4_table_index;
572 cm->classify_table_index_by_sw_if_index[L2_INPUT_CLASSIFY_TABLE_IP6]
573 [sw_if_index] = ip6_table_index;
575 cm->classify_table_index_by_sw_if_index[L2_INPUT_CLASSIFY_TABLE_OTHER]
576 [sw_if_index] = other_table_index;
581 static clib_error_t *
582 int_l2_input_classify_command_fn (vlib_main_t * vm,
583 unformat_input_t * input,
584 vlib_cli_command_t * cmd)
586 vnet_main_t *vnm = vnet_get_main ();
587 u32 sw_if_index = ~0;
588 u32 ip4_table_index = ~0;
589 u32 ip6_table_index = ~0;
590 u32 other_table_index = ~0;
593 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
595 if (unformat (input, "intfc %U", unformat_vnet_sw_interface,
598 else if (unformat (input, "ip4-table %d", &ip4_table_index))
600 else if (unformat (input, "ip6-table %d", &ip6_table_index))
602 else if (unformat (input, "other-table %d", &other_table_index))
608 if (sw_if_index == ~0)
609 return clib_error_return (0, "interface must be specified");
612 if (ip4_table_index == ~0 && ip6_table_index == ~0
613 && other_table_index == ~0)
615 vlib_cli_output (vm, "L2 classification disabled");
616 vnet_l2_input_classify_enable_disable (sw_if_index, 0 /* enable */ );
620 rv = vnet_l2_input_classify_set_tables (sw_if_index, ip4_table_index,
621 ip6_table_index, other_table_index);
625 vnet_l2_input_classify_enable_disable (sw_if_index, 1 /* enable */ );
629 return clib_error_return (0, "vnet_l2_input_classify_set_tables: %d",
638 * Configure l2 input classification.
641 * @cliexstart{set interface l2 input classify intfc <interface-name> [ip4-table <index>] [ip6-table <index>] [other-table <index>]}
643 * @todo This is incomplete. This needs a detailed description and a
647 VLIB_CLI_COMMAND (int_l2_input_classify_cli, static) = {
648 .path = "set interface l2 input classify",
650 "set interface l2 input classify intfc <interface-name> [ip4-table <n>]\n"
651 " [ip6-table <n>] [other-table <n>]",
652 .function = int_l2_input_classify_command_fn,
657 * fd.io coding-style-patch-verification: ON
660 * eval: (c-set-style "gnu")