2 * Copyright (c) 2015 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
16 #include <vnet/l2/l2_classify.h>
17 #include <vnet/api_errno.h>
21 * @brief Layer 2 Output Classifier.
23 * @sa @ref vnet/vnet/classify/vnet_classify.c
24 * @sa @ref vnet/vnet/classify/vnet_classify.h
29 /** interface handle for the ith packet */
31 /** graph arc index selected for this packet */
33 /** classifier table which provided the final result */
35 /** offset in classifier heap of the corresponding session */
37 } l2_output_classify_trace_t;
41 /** use-case independent main object pointer */
42 vnet_classify_main_t *vcm;
43 /** l2 input classifier main object pointer */
44 l2_output_classify_main_t *l2cm;
45 } l2_output_classify_runtime_t;
47 /** Packet trace format function. */
49 format_l2_output_classify_trace (u8 * s, va_list * args)
51 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
52 CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
53 l2_output_classify_trace_t *t =
54 va_arg (*args, l2_output_classify_trace_t *);
56 s = format (s, "l2-classify: sw_if_index %d, table %d, offset %x, next %d",
57 t->sw_if_index, t->table_index, t->session_offset,
62 /** l2 output classifier main data structure. */
63 l2_output_classify_main_t l2_output_classify_main;
65 vlib_node_registration_t l2_output_classify_node;
67 #define foreach_l2_output_classify_error \
68 _(MISS, "Classify misses") \
69 _(HIT, "Classify hits") \
70 _(CHAIN_HIT, "Classify hits after chain walk") \
71 _(DROP, "L2 Classify Drops")
75 #define _(sym,str) L2_OUTPUT_CLASSIFY_ERROR_##sym,
76 foreach_l2_output_classify_error
78 L2_OUTPUT_CLASSIFY_N_ERROR,
79 } l2_output_classify_error_t;
81 static char *l2_output_classify_error_strings[] = {
82 #define _(sym,string) string,
83 foreach_l2_output_classify_error
88 * @brief l2 output classifier node.
89 * @node l2-output-classify
91 * This is the l2 output classifier dispatch node
93 * @param vm vlib_main_t corresponding to the current thread.
94 * @param node vlib_node_runtime_t data for this node.
95 * @param frame vlib_frame_t whose contents should be dispatched.
97 * @par Graph mechanics: buffer metadata, next index usage
100 * - <code>(l2_output_classify_runtime_t *)
101 * rt->classify_table_index_by_sw_if_index</code>
102 * Head of the per-interface, perprotocol classifier table chain
103 * for a specific interface. ~0 => send pkts to the next
104 * feature in the L2 feature chain.
105 * - <code>vnet_buffer(b)->sw_if_index[VLIB_TX]</code>
106 * - Indicates the @c sw_if_index value of the interface that the
107 * packet was received on.
108 * - <code>vnet_buffer (b0)->l2.feature_bitmap</code>
109 * - Used to steer packets across l2 features enabled on the interface
110 * - <code>(vnet_classify_entry_t) e0->next_index</code>
111 * - Used to steer traffic when the classifier hits on a session
112 * - <code>(vnet_classify_entry_t) e0->advance</code>
113 * - Signed quantity applied via <code>vlib_buffer_advance</code>
114 * when the classifier hits on a session
115 * - <code>(vnet_classify_table_t) t0->miss_next_index</code>
116 * - Used to steer traffic when the classifier misses
119 * - <code>vnet_buffer (b0)->l2_classify.table_index</code>
120 * - Classifier table index of the first classifier table in
121 * the classifier table chain
122 * - <code>vnet_buffer (b0)->l2_classify.hash</code>
123 * - Bounded-index extensible hash corresponding to the
124 * masked fields in the current packet
125 * - <code>vnet_buffer (b0)->l2.feature_bitmap</code>
126 * - Used to steer packets across l2 features enabled on the interface
127 * - <code>vnet_buffer (b0)->l2_classify.opaque_index</code>
128 * - Copied from the classifier session object upon classifier hit
131 * - <code>L2_OUTPUT_CLASSIFY_ERROR_MISS</code> Classifier misses
132 * - <code>L2_OUTPUT_CLASSIFY_ERROR_HIT</code> Classifier hits
133 * - <code>L2_OUTPUT_CLASSIFY_ERROR_CHAIN_HIT</code>
134 * Classifier hits in other than the first table
138 l2_output_classify_node_fn (vlib_main_t * vm,
139 vlib_node_runtime_t * node, vlib_frame_t * frame)
141 u32 n_left_from, *from, *to_next;
142 l2_output_classify_next_t next_index;
143 l2_output_classify_main_t *cm = &l2_output_classify_main;
144 vnet_classify_main_t *vcm = cm->vnet_classify_main;
145 l2_output_classify_runtime_t *rt =
146 (l2_output_classify_runtime_t *) node->runtime_data;
154 n_next_nodes = node->n_next_nodes;
156 now = vlib_time_now (vm);
158 n_left_from = frame->n_vectors;
159 from = vlib_frame_vector_args (frame);
161 /* First pass: compute hash */
163 while (n_left_from > 2)
165 vlib_buffer_t *b0, *b1;
167 ethernet_header_t *h0, *h1;
168 u32 sw_if_index0, sw_if_index1;
170 int type_index0, type_index1;
171 vnet_classify_table_t *t0, *t1;
172 u32 table_index0, table_index1;
176 /* prefetch next iteration */
178 vlib_buffer_t *p1, *p2;
180 p1 = vlib_get_buffer (vm, from[1]);
181 p2 = vlib_get_buffer (vm, from[2]);
183 vlib_prefetch_buffer_header (p1, STORE);
184 CLIB_PREFETCH (p1->data, CLIB_CACHE_LINE_BYTES, STORE);
185 vlib_prefetch_buffer_header (p2, STORE);
186 CLIB_PREFETCH (p2->data, CLIB_CACHE_LINE_BYTES, STORE);
190 b0 = vlib_get_buffer (vm, bi0);
191 h0 = vlib_buffer_get_current (b0);
194 b1 = vlib_get_buffer (vm, bi1);
195 h1 = vlib_buffer_get_current (b1);
197 sw_if_index0 = vnet_buffer (b0)->sw_if_index[VLIB_TX];
198 vnet_buffer (b0)->l2_classify.table_index = ~0;
200 sw_if_index1 = vnet_buffer (b1)->sw_if_index[VLIB_TX];
201 vnet_buffer (b1)->l2_classify.table_index = ~0;
203 /* Select classifier table based on ethertype */
204 type0 = clib_net_to_host_u16 (h0->type);
205 type1 = clib_net_to_host_u16 (h1->type);
207 type_index0 = (type0 == ETHERNET_TYPE_IP4)
208 ? L2_OUTPUT_CLASSIFY_TABLE_IP4 : L2_OUTPUT_CLASSIFY_TABLE_OTHER;
209 type_index0 = (type0 == ETHERNET_TYPE_IP6)
210 ? L2_OUTPUT_CLASSIFY_TABLE_IP6 : type_index0;
212 type_index1 = (type1 == ETHERNET_TYPE_IP4)
213 ? L2_OUTPUT_CLASSIFY_TABLE_IP4 : L2_OUTPUT_CLASSIFY_TABLE_OTHER;
214 type_index1 = (type1 == ETHERNET_TYPE_IP6)
215 ? L2_OUTPUT_CLASSIFY_TABLE_IP6 : type_index1;
217 vnet_buffer (b0)->l2_classify.table_index =
219 rt->l2cm->classify_table_index_by_sw_if_index
220 [type_index0][sw_if_index0];
222 if (table_index0 != ~0)
224 t0 = pool_elt_at_index (vcm->tables, table_index0);
226 vnet_buffer (b0)->l2_classify.hash = hash0 =
227 vnet_classify_hash_packet (t0, (u8 *) h0);
228 vnet_classify_prefetch_bucket (t0, hash0);
231 vnet_buffer (b1)->l2_classify.table_index =
233 rt->l2cm->classify_table_index_by_sw_if_index
234 [type_index1][sw_if_index1];
236 if (table_index1 != ~0)
238 t1 = pool_elt_at_index (vcm->tables, table_index1);
240 vnet_buffer (b1)->l2_classify.hash = hash1 =
241 vnet_classify_hash_packet (t1, (u8 *) h1);
242 vnet_classify_prefetch_bucket (t1, hash1);
249 while (n_left_from > 0)
253 ethernet_header_t *h0;
256 vnet_classify_table_t *t0;
261 b0 = vlib_get_buffer (vm, bi0);
262 h0 = vlib_buffer_get_current (b0);
264 sw_if_index0 = vnet_buffer (b0)->sw_if_index[VLIB_TX];
265 vnet_buffer (b0)->l2_classify.table_index = ~0;
267 /* Select classifier table based on ethertype */
268 type0 = clib_net_to_host_u16 (h0->type);
270 type_index0 = (type0 == ETHERNET_TYPE_IP4)
271 ? L2_OUTPUT_CLASSIFY_TABLE_IP4 : L2_OUTPUT_CLASSIFY_TABLE_OTHER;
272 type_index0 = (type0 == ETHERNET_TYPE_IP6)
273 ? L2_OUTPUT_CLASSIFY_TABLE_IP6 : type_index0;
275 vnet_buffer (b0)->l2_classify.table_index =
276 table_index0 = rt->l2cm->classify_table_index_by_sw_if_index
277 [type_index0][sw_if_index0];
279 if (table_index0 != ~0)
281 t0 = pool_elt_at_index (vcm->tables, table_index0);
283 vnet_buffer (b0)->l2_classify.hash = hash0 =
284 vnet_classify_hash_packet (t0, (u8 *) h0);
285 vnet_classify_prefetch_bucket (t0, hash0);
291 next_index = node->cached_next_index;
292 from = vlib_frame_vector_args (frame);
293 n_left_from = frame->n_vectors;
295 while (n_left_from > 0)
299 vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
301 /* Not enough load/store slots to dual loop... */
302 while (n_left_from > 0 && n_left_to_next > 0)
307 ethernet_header_t *h0;
310 vnet_classify_table_t *t0;
311 vnet_classify_entry_t *e0;
313 if (PREDICT_TRUE (n_left_from > 2))
315 vlib_buffer_t *p2 = vlib_get_buffer (vm, from[2]);
318 vnet_classify_table_t *tp2;
321 * Prefetch table entry two ahead. Buffer / data
322 * were prefetched above...
324 table_index2 = vnet_buffer (p2)->l2_classify.table_index;
326 if (PREDICT_TRUE (table_index2 != ~0))
328 tp2 = pool_elt_at_index (vcm->tables, table_index2);
329 phash2 = vnet_buffer (p2)->l2_classify.hash;
330 vnet_classify_prefetch_entry (tp2, phash2);
334 /* speculatively enqueue b0 to the current next frame */
342 b0 = vlib_get_buffer (vm, bi0);
343 h0 = vlib_buffer_get_current (b0);
344 table_index0 = vnet_buffer (b0)->l2_classify.table_index;
346 vnet_buffer (b0)->l2_classify.opaque_index = ~0;
348 if (PREDICT_TRUE (table_index0 != ~0))
350 hash0 = vnet_buffer (b0)->l2_classify.hash;
351 t0 = pool_elt_at_index (vcm->tables, table_index0);
353 e0 = vnet_classify_find_entry (t0, (u8 *) h0, hash0, now);
356 vnet_buffer (b0)->l2_classify.opaque_index
358 vlib_buffer_advance (b0, e0->advance);
359 next0 = (e0->next_index < n_next_nodes) ?
360 e0->next_index : next0;
367 if (t0->next_table_index != ~0)
368 t0 = pool_elt_at_index (vcm->tables,
369 t0->next_table_index);
372 next0 = (t0->miss_next_index < n_next_nodes) ?
373 t0->miss_next_index : next0;
378 hash0 = vnet_classify_hash_packet (t0, (u8 *) h0);
380 vnet_classify_find_entry (t0, (u8 *) h0, hash0, now);
383 vnet_buffer (b0)->l2_classify.opaque_index
385 vlib_buffer_advance (b0, e0->advance);
386 next0 = (e0->next_index < n_next_nodes) ?
387 e0->next_index : next0;
396 if (PREDICT_FALSE (next0 == 0))
397 b0->error = node->errors[L2_OUTPUT_CLASSIFY_ERROR_DROP];
399 /* Determine the next node and remove ourself from bitmap */
400 if (PREDICT_FALSE (next0 == ~0))
401 next0 = vnet_l2_feature_next (b0, cm->l2_out_feat_next,
402 L2OUTPUT_FEAT_OUTPUT_CLASSIFY);
404 vnet_buffer (b0)->l2.feature_bitmap &=
405 ~L2OUTPUT_FEAT_OUTPUT_CLASSIFY;
407 if (PREDICT_FALSE ((node->flags & VLIB_NODE_FLAG_TRACE)
408 && (b0->flags & VLIB_BUFFER_IS_TRACED)))
410 l2_output_classify_trace_t *t =
411 vlib_add_trace (vm, node, b0, sizeof (*t));
412 t->sw_if_index = vnet_buffer (b0)->sw_if_index[VLIB_TX];
413 t->table_index = table_index0;
414 t->next_index = next0;
415 t->session_offset = e0 ? vnet_classify_get_offset (t0, e0) : 0;
418 /* verify speculative enqueue, maybe switch current next frame */
419 vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
420 to_next, n_left_to_next,
424 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
427 vlib_node_increment_counter (vm, node->node_index,
428 L2_OUTPUT_CLASSIFY_ERROR_MISS, misses);
429 vlib_node_increment_counter (vm, node->node_index,
430 L2_OUTPUT_CLASSIFY_ERROR_HIT, hits);
431 vlib_node_increment_counter (vm, node->node_index,
432 L2_OUTPUT_CLASSIFY_ERROR_CHAIN_HIT,
434 return frame->n_vectors;
438 VLIB_REGISTER_NODE (l2_output_classify_node) = {
439 .function = l2_output_classify_node_fn,
440 .name = "l2-output-classify",
441 .vector_size = sizeof (u32),
442 .format_trace = format_l2_output_classify_trace,
443 .type = VLIB_NODE_TYPE_INTERNAL,
445 .n_errors = ARRAY_LEN(l2_output_classify_error_strings),
446 .error_strings = l2_output_classify_error_strings,
448 .runtime_data_bytes = sizeof (l2_output_classify_runtime_t),
450 .n_next_nodes = L2_OUTPUT_CLASSIFY_N_NEXT,
452 /* edit / add dispositions here */
454 [L2_OUTPUT_CLASSIFY_NEXT_DROP] = "error-drop",
459 VLIB_NODE_FUNCTION_MULTIARCH (l2_output_classify_node,
460 l2_output_classify_node_fn);
462 /** l2 output classsifier feature initialization. */
464 l2_output_classify_init (vlib_main_t * vm)
466 l2_output_classify_main_t *cm = &l2_output_classify_main;
467 l2_output_classify_runtime_t *rt;
469 rt = vlib_node_get_runtime_data (vm, l2_output_classify_node.index);
472 cm->vnet_main = vnet_get_main ();
473 cm->vnet_classify_main = &vnet_classify_main;
475 /* Initialize the feature next-node indexes */
476 feat_bitmap_init_next_nodes (vm,
477 l2_output_classify_node.index,
479 l2output_get_feat_names (),
480 cm->l2_out_feat_next);
482 rt->vcm = cm->vnet_classify_main;
487 VLIB_INIT_FUNCTION (l2_output_classify_init);
490 l2_output_classify_worker_init (vlib_main_t * vm)
492 l2_output_classify_main_t *cm = &l2_output_classify_main;
493 l2_output_classify_runtime_t *rt;
495 rt = vlib_node_get_runtime_data (vm, l2_output_classify_node.index);
498 rt->vcm = cm->vnet_classify_main;
503 VLIB_WORKER_INIT_FUNCTION (l2_output_classify_worker_init);
505 /** Enable/disable l2 input classification on a specific interface. */
507 vnet_l2_output_classify_enable_disable (u32 sw_if_index, int enable_disable)
510 l2output_intf_bitmap_enable (sw_if_index, L2OUTPUT_FEAT_OUTPUT_CLASSIFY,
511 (u32) enable_disable);
514 /** @brief Set l2 per-protocol, per-interface output classification tables.
516 * @param sw_if_index interface handle
517 * @param ip4_table_index ip4 classification table index, or ~0
518 * @param ip6_table_index ip6 classification table index, or ~0
519 * @param other_table_index non-ip4, non-ip6 classification table index,
521 * @returns 0 on success, VNET_API_ERROR_NO_SUCH_TABLE, TABLE2, TABLE3
522 * if the indicated (non-~0) table does not exist.
526 vnet_l2_output_classify_set_tables (u32 sw_if_index,
529 u32 other_table_index)
531 l2_output_classify_main_t *cm = &l2_output_classify_main;
532 vnet_classify_main_t *vcm = cm->vnet_classify_main;
534 /* Assume that we've validated sw_if_index in the API layer */
536 if (ip4_table_index != ~0 &&
537 pool_is_free_index (vcm->tables, ip4_table_index))
538 return VNET_API_ERROR_NO_SUCH_TABLE;
540 if (ip6_table_index != ~0 &&
541 pool_is_free_index (vcm->tables, ip6_table_index))
542 return VNET_API_ERROR_NO_SUCH_TABLE2;
544 if (other_table_index != ~0 &&
545 pool_is_free_index (vcm->tables, other_table_index))
546 return VNET_API_ERROR_NO_SUCH_TABLE3;
549 (cm->classify_table_index_by_sw_if_index[L2_OUTPUT_CLASSIFY_TABLE_IP4],
553 (cm->classify_table_index_by_sw_if_index[L2_OUTPUT_CLASSIFY_TABLE_IP6],
557 (cm->classify_table_index_by_sw_if_index[L2_OUTPUT_CLASSIFY_TABLE_OTHER],
560 cm->classify_table_index_by_sw_if_index[L2_OUTPUT_CLASSIFY_TABLE_IP4]
561 [sw_if_index] = ip4_table_index;
563 cm->classify_table_index_by_sw_if_index[L2_OUTPUT_CLASSIFY_TABLE_IP6]
564 [sw_if_index] = ip6_table_index;
566 cm->classify_table_index_by_sw_if_index[L2_OUTPUT_CLASSIFY_TABLE_OTHER]
567 [sw_if_index] = other_table_index;
572 static clib_error_t *
573 int_l2_output_classify_command_fn (vlib_main_t * vm,
574 unformat_input_t * input,
575 vlib_cli_command_t * cmd)
577 vnet_main_t *vnm = vnet_get_main ();
578 u32 sw_if_index = ~0;
579 u32 ip4_table_index = ~0;
580 u32 ip6_table_index = ~0;
581 u32 other_table_index = ~0;
584 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
586 if (unformat (input, "intfc %U", unformat_vnet_sw_interface,
589 else if (unformat (input, "ip4-table %d", &ip4_table_index))
591 else if (unformat (input, "ip6-table %d", &ip6_table_index))
593 else if (unformat (input, "other-table %d", &other_table_index))
599 if (sw_if_index == ~0)
600 return clib_error_return (0, "interface must be specified");
603 if (ip4_table_index == ~0 && ip6_table_index == ~0
604 && other_table_index == ~0)
606 vlib_cli_output (vm, "L2 classification disabled");
607 vnet_l2_output_classify_enable_disable (sw_if_index, 0 /* enable */ );
611 rv = vnet_l2_output_classify_set_tables (sw_if_index, ip4_table_index,
617 vnet_l2_output_classify_enable_disable (sw_if_index, 1 /* enable */ );
621 return clib_error_return (0, "vnet_l2_output_classify_set_tables: %d",
630 * Configure Layer 2 output classification.
633 * @cliexstart{set interface l2 output classify intfc <interface-name> [ip4-table <index>] [ip6-table <index>] [other-table <index>]}
635 * @todo This is incomplete. This needs a detailed description and a
639 VLIB_CLI_COMMAND (int_l2_output_classify_cli, static) = {
640 .path = "set interface l2 output classify",
642 "set interface l2 output classify intfc <<interface-name>> [ip4-table <n>]\n"
643 " [ip6-table <n>] [other-table <n>]",
644 .function = int_l2_output_classify_command_fn,
649 * fd.io coding-style-patch-verification: ON
652 * eval: (c-set-style "gnu")