2 * Copyright (c) 2016-2019 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
18 * @brief TCP host stack utilities
21 #include <vnet/tcp/tcp.h>
22 #include <vnet/tcp/tcp_inlines.h>
23 #include <vnet/session/session.h>
24 #include <vnet/fib/fib.h>
25 #include <vnet/dpo/load_balance.h>
32 fib_protocol_t nh_proto;
33 vnet_link_t link_type;
37 } tcp_add_del_adj_args_t;
40 tcp_add_del_adj_cb (tcp_add_del_adj_args_t * args)
45 adj_nbr_add_or_lock (args->nh_proto, args->link_type, &args->ip,
50 ai = adj_nbr_find (FIB_PROTOCOL_IP6, VNET_LINK_IP6, &args->ip,
52 if (ai != ADJ_INDEX_INVALID)
58 tcp_add_del_adjacency (tcp_connection_t * tc, u8 is_add)
60 tcp_add_del_adj_args_t args = {
61 .nh_proto = FIB_PROTOCOL_IP6,
62 .link_type = VNET_LINK_IP6,
64 .sw_if_index = tc->sw_if_index,
67 vlib_rpc_call_main_thread (tcp_add_del_adj_cb, (u8 *) & args,
72 tcp_cc_init (tcp_connection_t * tc)
74 tc->cc_algo->init (tc);
78 tcp_cc_cleanup (tcp_connection_t * tc)
80 if (tc->cc_algo->cleanup)
81 tc->cc_algo->cleanup (tc);
85 tcp_cc_algo_register (tcp_cc_algorithm_type_e type,
86 const tcp_cc_algorithm_t * vft)
88 tcp_main_t *tm = vnet_get_tcp_main ();
89 vec_validate (tm->cc_algos, type);
91 tm->cc_algos[type] = *vft;
92 hash_set_mem (tm->cc_algo_by_name, vft->name, type);
96 tcp_cc_algo_get (tcp_cc_algorithm_type_e type)
98 tcp_main_t *tm = vnet_get_tcp_main ();
99 return &tm->cc_algos[type];
102 tcp_cc_algorithm_type_e
103 tcp_cc_algo_new_type (const tcp_cc_algorithm_t * vft)
105 tcp_main_t *tm = vnet_get_tcp_main ();
106 tcp_cc_algo_register (++tm->cc_last_type, vft);
107 return tm->cc_last_type;
111 tcp_connection_bind (u32 session_index, transport_endpoint_t * lcl)
113 tcp_main_t *tm = &tcp_main;
114 tcp_connection_t *listener;
117 pool_get (tm->listener_pool, listener);
118 clib_memset (listener, 0, sizeof (*listener));
120 listener->c_c_index = listener - tm->listener_pool;
121 listener->c_lcl_port = lcl->port;
123 /* If we are provided a sw_if_index, bind using one of its ips */
124 if (ip_is_zero (&lcl->ip, 1) && lcl->sw_if_index != ENDPOINT_INVALID_INDEX)
126 if ((iface_ip = ip_interface_get_first_ip (lcl->sw_if_index,
128 ip_set (&lcl->ip, iface_ip, lcl->is_ip4);
130 ip_copy (&listener->c_lcl_ip, &lcl->ip, lcl->is_ip4);
131 listener->c_is_ip4 = lcl->is_ip4;
132 listener->c_proto = TRANSPORT_PROTO_TCP;
133 listener->c_s_index = session_index;
134 listener->c_fib_index = lcl->fib_index;
135 listener->state = TCP_STATE_LISTEN;
136 listener->cc_algo = tcp_cc_algo_get (tcp_cfg.cc_algo);
138 tcp_connection_timers_init (listener);
140 TCP_EVT (TCP_EVT_BIND, listener);
142 return listener->c_c_index;
146 tcp_session_bind (u32 session_index, transport_endpoint_t * tep)
148 return tcp_connection_bind (session_index, tep);
152 tcp_connection_unbind (u32 listener_index)
154 tcp_main_t *tm = vnet_get_tcp_main ();
155 tcp_connection_t *tc;
157 tc = pool_elt_at_index (tm->listener_pool, listener_index);
159 TCP_EVT (TCP_EVT_UNBIND, tc);
161 /* Poison the entry */
163 clib_memset (tc, 0xFA, sizeof (*tc));
165 pool_put_index (tm->listener_pool, listener_index);
169 tcp_session_unbind (u32 listener_index)
171 tcp_connection_unbind (listener_index);
175 static transport_connection_t *
176 tcp_session_get_listener (u32 listener_index)
178 tcp_main_t *tm = vnet_get_tcp_main ();
179 tcp_connection_t *tc;
180 tc = pool_elt_at_index (tm->listener_pool, listener_index);
181 return &tc->connection;
185 * Cleanup half-open connection
189 tcp_half_open_connection_free (tcp_connection_t * tc)
191 tcp_main_t *tm = vnet_get_tcp_main ();
192 clib_spinlock_lock_if_init (&tm->half_open_lock);
194 clib_memset (tc, 0xFA, sizeof (*tc));
195 pool_put (tm->half_open_connections, tc);
196 clib_spinlock_unlock_if_init (&tm->half_open_lock);
200 * Try to cleanup half-open connection
202 * If called from a thread that doesn't own tc, the call won't have any
205 * @param tc - connection to be cleaned up
206 * @return non-zero if cleanup failed.
209 tcp_half_open_connection_cleanup (tcp_connection_t * tc)
211 tcp_worker_ctx_t *wrk;
213 /* Make sure this is the owning thread */
214 if (tc->c_thread_index != vlib_get_thread_index ())
217 session_half_open_delete_notify (TRANSPORT_PROTO_TCP, tc->c_s_ho_handle);
218 wrk = tcp_get_worker (tc->c_thread_index);
219 tcp_timer_reset (&wrk->timer_wheel, tc, TCP_TIMER_RETRANSMIT_SYN);
220 tcp_half_open_connection_free (tc);
224 static tcp_connection_t *
225 tcp_half_open_connection_new (void)
227 tcp_main_t *tm = vnet_get_tcp_main ();
228 tcp_connection_t *tc = 0;
229 ASSERT (vlib_get_thread_index () == 0);
230 pool_get (tm->half_open_connections, tc);
231 clib_memset (tc, 0, sizeof (*tc));
232 tc->c_c_index = tc - tm->half_open_connections;
237 * Cleans up connection state.
242 tcp_connection_cleanup (tcp_connection_t * tc)
244 TCP_EVT (TCP_EVT_DELETE, tc);
246 /* Cleanup local endpoint if this was an active connect */
247 if (!(tc->cfg_flags & TCP_CFG_F_NO_ENDPOINT))
248 transport_endpoint_cleanup (TRANSPORT_PROTO_TCP, &tc->c_lcl_ip,
251 /* Check if connection is not yet fully established */
252 if (tc->state == TCP_STATE_SYN_SENT)
254 /* Try to remove the half-open connection. If this is not the owning
255 * thread, tc won't be removed. Retransmit or establish timers will
256 * eventually expire and call again cleanup on the right thread. */
257 if (tcp_half_open_connection_cleanup (tc))
258 tc->flags |= TCP_CONN_HALF_OPEN_DONE;
262 /* Make sure all timers are cleared */
263 tcp_connection_timers_reset (tc);
265 if (!tc->c_is_ip4 && ip6_address_is_link_local_unicast (&tc->c_rmt_ip6))
266 tcp_add_del_adjacency (tc, 0);
269 vec_free (tc->snd_sacks);
270 vec_free (tc->snd_sacks_fl);
271 vec_free (tc->rcv_opts.sacks);
272 pool_free (tc->sack_sb.holes);
274 if (tc->cfg_flags & TCP_CFG_F_RATE_SAMPLE)
277 tcp_connection_free (tc);
282 * Connection removal.
284 * This should be called only once connection enters CLOSED state. Note
285 * that it notifies the session of the removal event, so if the goal is to
286 * just remove the connection, call tcp_connection_cleanup instead.
289 tcp_connection_del (tcp_connection_t * tc)
291 session_transport_delete_notify (&tc->connection);
292 tcp_connection_cleanup (tc);
296 tcp_connection_alloc (u8 thread_index)
298 tcp_worker_ctx_t *wrk = tcp_get_worker (thread_index);
299 tcp_connection_t *tc;
301 pool_get (wrk->connections, tc);
302 clib_memset (tc, 0, sizeof (*tc));
303 tc->c_c_index = tc - wrk->connections;
304 tc->c_thread_index = thread_index;
309 tcp_connection_alloc_w_base (u8 thread_index, tcp_connection_t * base)
311 tcp_worker_ctx_t *wrk = tcp_get_worker (thread_index);
312 tcp_connection_t *tc;
314 pool_get (wrk->connections, tc);
315 clib_memcpy_fast (tc, base, sizeof (*tc));
316 tc->c_c_index = tc - wrk->connections;
317 tc->c_thread_index = thread_index;
322 tcp_connection_free (tcp_connection_t * tc)
324 tcp_worker_ctx_t *wrk = tcp_get_worker (tc->c_thread_index);
327 clib_memset (tc, 0xFA, sizeof (*tc));
328 pool_put (wrk->connections, tc);
331 pool_put (wrk->connections, tc);
335 tcp_program_cleanup (tcp_worker_ctx_t * wrk, tcp_connection_t * tc)
337 tcp_cleanup_req_t *req;
338 clib_time_type_t now;
340 now = transport_time_now (tc->c_thread_index);
341 clib_fifo_add2 (wrk->pending_cleanups, req);
342 req->connection_index = tc->c_c_index;
343 req->free_time = now + tcp_cfg.cleanup_time;
347 * Begin connection closing procedure.
349 * If at the end the connection is not in CLOSED state, it is not removed.
350 * Instead, we rely on on TCP to advance through state machine to either
351 * 1) LAST_ACK (passive close) whereby when the last ACK is received
352 * tcp_connection_del is called. This notifies session of the delete and
354 * 2) TIME_WAIT (active close) whereby after 2MSL the 2MSL timer triggers
355 * and cleanup is called.
357 * N.B. Half-close connections are not supported
360 tcp_connection_close (tcp_connection_t * tc)
362 tcp_worker_ctx_t *wrk = tcp_get_worker (tc->c_thread_index);
364 TCP_EVT (TCP_EVT_CLOSE, tc);
366 /* Send/Program FIN if needed and switch state */
369 case TCP_STATE_SYN_SENT:
370 /* Try to cleanup. If not on the right thread, mark as half-open done.
371 * Connection will be cleaned up when establish timer pops */
372 tcp_connection_cleanup (tc);
374 case TCP_STATE_SYN_RCVD:
375 tcp_connection_timers_reset (tc);
377 tcp_connection_set_state (tc, TCP_STATE_FIN_WAIT_1);
378 tcp_timer_update (&wrk->timer_wheel, tc, TCP_TIMER_WAITCLOSE,
379 tcp_cfg.finwait1_time);
381 case TCP_STATE_ESTABLISHED:
382 /* If closing with unread data, reset the connection */
383 if (transport_max_rx_dequeue (&tc->connection))
386 tcp_connection_timers_reset (tc);
387 tcp_connection_set_state (tc, TCP_STATE_CLOSED);
388 session_transport_closed_notify (&tc->connection);
389 tcp_program_cleanup (tcp_get_worker (tc->c_thread_index), tc);
390 tcp_worker_stats_inc (wrk, rst_unread, 1);
393 if (!transport_max_tx_dequeue (&tc->connection))
396 tc->flags |= TCP_CONN_FINPNDG;
397 tcp_connection_set_state (tc, TCP_STATE_FIN_WAIT_1);
398 /* Set a timer in case the peer stops responding. Otherwise the
399 * connection will be stuck here forever. */
400 ASSERT (tc->timers[TCP_TIMER_WAITCLOSE] == TCP_TIMER_HANDLE_INVALID);
401 tcp_timer_set (&wrk->timer_wheel, tc, TCP_TIMER_WAITCLOSE,
402 tcp_cfg.finwait1_time);
404 case TCP_STATE_CLOSE_WAIT:
405 if (!transport_max_tx_dequeue (&tc->connection))
408 tcp_connection_timers_reset (tc);
409 tcp_connection_set_state (tc, TCP_STATE_LAST_ACK);
410 tcp_timer_update (&wrk->timer_wheel, tc, TCP_TIMER_WAITCLOSE,
411 tcp_cfg.lastack_time);
414 tc->flags |= TCP_CONN_FINPNDG;
416 case TCP_STATE_FIN_WAIT_1:
417 tcp_timer_update (&wrk->timer_wheel, tc, TCP_TIMER_WAITCLOSE,
418 tcp_cfg.finwait1_time);
420 case TCP_STATE_CLOSED:
421 /* Cleanup should've been programmed already */
424 TCP_DBG ("state: %u", tc->state);
429 tcp_session_close (u32 conn_index, u32 thread_index)
431 tcp_connection_t *tc;
432 tc = tcp_connection_get (conn_index, thread_index);
433 tcp_connection_close (tc);
437 tcp_session_cleanup (u32 conn_index, u32 thread_index)
439 tcp_connection_t *tc;
440 tc = tcp_connection_get (conn_index, thread_index);
443 tcp_connection_set_state (tc, TCP_STATE_CLOSED);
444 tcp_connection_cleanup (tc);
448 tcp_session_cleanup_ho (u32 conn_index)
450 tcp_worker_ctx_t *wrk;
451 tcp_connection_t *tc;
453 tc = tcp_half_open_connection_get (conn_index);
454 wrk = tcp_get_worker (tc->c_thread_index);
455 tcp_timer_reset (&wrk->timer_wheel, tc, TCP_TIMER_RETRANSMIT_SYN);
456 tcp_half_open_connection_free (tc);
460 tcp_session_reset (u32 conn_index, u32 thread_index)
462 tcp_connection_t *tc;
463 tc = tcp_connection_get (conn_index, thread_index);
465 tcp_connection_timers_reset (tc);
466 tcp_cong_recovery_off (tc);
467 tcp_connection_set_state (tc, TCP_STATE_CLOSED);
468 session_transport_closed_notify (&tc->connection);
469 tcp_program_cleanup (tcp_get_worker (thread_index), tc);
473 * Initialize all connection timers as invalid
476 tcp_connection_timers_init (tcp_connection_t * tc)
480 /* Set all to invalid */
481 for (i = 0; i < TCP_N_TIMERS; i++)
483 tc->timers[i] = TCP_TIMER_HANDLE_INVALID;
486 tc->rto = TCP_RTO_INIT;
490 * Stop all connection timers
493 tcp_connection_timers_reset (tcp_connection_t * tc)
495 tcp_worker_ctx_t *wrk = tcp_get_worker (tc->c_thread_index);
498 for (i = 0; i < TCP_N_TIMERS; i++)
499 tcp_timer_reset (&wrk->timer_wheel, tc, i);
503 typedef struct ip4_tcp_hdr
509 typedef struct ip6_tcp_hdr
516 tcp_connection_select_lb_bucket (tcp_connection_t * tc, const dpo_id_t * dpo,
519 const dpo_id_t *choice;
523 lb = load_balance_get (dpo->dpoi_index);
527 clib_memset (&hdr, 0, sizeof (hdr));
528 hdr.ip.protocol = IP_PROTOCOL_TCP;
529 hdr.ip.address_pair.src.as_u32 = tc->c_lcl_ip.ip4.as_u32;
530 hdr.ip.address_pair.dst.as_u32 = tc->c_rmt_ip.ip4.as_u32;
531 hdr.tcp.src_port = tc->c_lcl_port;
532 hdr.tcp.dst_port = tc->c_rmt_port;
533 hash = ip4_compute_flow_hash (&hdr.ip, lb->lb_hash_config);
538 clib_memset (&hdr, 0, sizeof (hdr));
539 hdr.ip.protocol = IP_PROTOCOL_TCP;
540 clib_memcpy_fast (&hdr.ip.src_address, &tc->c_lcl_ip.ip6,
541 sizeof (ip6_address_t));
542 clib_memcpy_fast (&hdr.ip.dst_address, &tc->c_rmt_ip.ip6,
543 sizeof (ip6_address_t));
544 hdr.tcp.src_port = tc->c_lcl_port;
545 hdr.tcp.dst_port = tc->c_rmt_port;
546 hash = ip6_compute_flow_hash (&hdr.ip, lb->lb_hash_config);
548 choice = load_balance_get_bucket_i (lb, hash & lb->lb_n_buckets_minus_1);
549 dpo_copy (result, choice);
553 tcp_lookup_rmt_in_fib (tcp_connection_t * tc)
558 clib_memcpy_fast (&prefix.fp_addr, &tc->c_rmt_ip, sizeof (prefix.fp_addr));
559 prefix.fp_proto = tc->c_is_ip4 ? FIB_PROTOCOL_IP4 : FIB_PROTOCOL_IP6;
560 prefix.fp_len = tc->c_is_ip4 ? 32 : 128;
561 fib_index = fib_table_find (prefix.fp_proto, tc->c_fib_index);
562 return fib_table_lookup (fib_index, &prefix);
566 tcp_connection_stack_on_fib_entry (tcp_connection_t * tc)
568 dpo_id_t choice = DPO_INVALID;
569 u32 output_node_index;
572 fe = fib_entry_get (tc->c_rmt_fei);
573 if (fe->fe_lb.dpoi_type != DPO_LOAD_BALANCE)
576 tcp_connection_select_lb_bucket (tc, &fe->fe_lb, &choice);
579 tc->c_is_ip4 ? tcp4_output_node.index : tcp6_output_node.index;
580 dpo_stack_from_node (output_node_index, &tc->c_rmt_dpo, &choice);
584 /** Stack tcp connection on peer's fib entry.
586 * This ultimately populates the dpo the connection will use to send packets.
589 tcp_connection_fib_attach (tcp_connection_t * tc)
591 tc->c_rmt_fei = tcp_lookup_rmt_in_fib (tc);
593 ASSERT (tc->c_rmt_fei != FIB_NODE_INDEX_INVALID);
595 tcp_connection_stack_on_fib_entry (tc);
600 * Generate random iss as per rfc6528
603 tcp_generate_random_iss (tcp_connection_t * tc)
605 tcp_main_t *tm = &tcp_main;
609 tmp = (u64) tc->c_lcl_ip.ip4.as_u32 << 32 | (u64) tc->c_rmt_ip.ip4.as_u32;
611 tmp = tc->c_lcl_ip.ip6.as_u64[0] ^ tc->c_lcl_ip.ip6.as_u64[1]
612 ^ tc->c_rmt_ip.ip6.as_u64[0] ^ tc->c_rmt_ip.ip6.as_u64[1];
614 tmp ^= tm->iss_seed.first | ((u64) tc->c_lcl_port << 16 | tc->c_rmt_port);
615 tmp ^= tm->iss_seed.second;
616 tmp = clib_xxhash (tmp) + clib_cpu_time_now ();
617 return ((tmp >> 32) ^ (tmp & 0xffffffff));
621 * Initialize max segment size we're able to process.
623 * The value is constrained by the output interface's MTU and by the size
624 * of the IP and TCP headers (see RFC6691). It is also what we advertise
628 tcp_init_rcv_mss (tcp_connection_t * tc)
632 /* Already provided at connection init time */
636 ip_hdr_len = tc->c_is_ip4 ? sizeof (ip4_header_t) : sizeof (ip6_header_t);
637 tc->mss = tcp_cfg.default_mtu - sizeof (tcp_header_t) - ip_hdr_len;
641 tcp_init_mss (tcp_connection_t * tc)
643 u16 default_min_mss = 536;
645 tcp_init_rcv_mss (tc);
647 /* TODO consider PMTU discovery */
648 tc->snd_mss = clib_min (tc->rcv_opts.mss, tc->mss);
650 if (tc->snd_mss < 45)
652 /* Assume that at least the min default mss works */
653 tc->snd_mss = default_min_mss;
654 tc->rcv_opts.mss = default_min_mss;
657 /* We should have enough space for 40 bytes of options */
658 ASSERT (tc->snd_mss > 45);
660 /* If we use timestamp option, account for it */
661 if (tcp_opts_tstamp (&tc->rcv_opts))
662 tc->snd_mss -= TCP_OPTION_LEN_TIMESTAMP;
666 * Initialize connection send variables.
669 tcp_init_snd_vars (tcp_connection_t * tc)
672 * We use the time to randomize iss and for setting up the initial
673 * timestamp. Make sure it's updated otherwise syn and ack in the
674 * handshake may make it look as if time has flown in the opposite
677 tcp_set_time_now (tcp_get_worker (vlib_get_thread_index ()));
679 tcp_init_rcv_mss (tc);
680 tc->iss = tcp_generate_random_iss (tc);
681 tc->snd_una = tc->iss;
682 tc->snd_nxt = tc->iss + 1;
683 tc->srtt = 0.1 * THZ; /* 100 ms */
685 if (!tcp_cfg.csum_offload)
686 tc->cfg_flags |= TCP_CFG_F_NO_CSUM_OFFLOAD;
690 tcp_enable_pacing (tcp_connection_t * tc)
693 byte_rate = tc->cwnd / (tc->srtt * TCP_TICK);
694 transport_connection_tx_pacer_init (&tc->connection, byte_rate, tc->cwnd);
695 tc->mrtt_us = (u32) ~ 0;
698 /** Initialize tcp connection variables
700 * Should be called after having received a msg from the peer, i.e., a SYN or
701 * a SYNACK, such that connection options have already been exchanged. */
703 tcp_connection_init_vars (tcp_connection_t * tc)
705 tcp_connection_timers_init (tc);
707 scoreboard_init (&tc->sack_sb);
708 if (tc->state == TCP_STATE_SYN_RCVD)
709 tcp_init_snd_vars (tc);
713 if (!tc->c_is_ip4 && ip6_address_is_link_local_unicast (&tc->c_rmt_ip6))
714 tcp_add_del_adjacency (tc, 1);
716 /* tcp_connection_fib_attach (tc); */
718 if (transport_connection_is_tx_paced (&tc->connection)
719 || tcp_cfg.enable_tx_pacing)
720 tcp_enable_pacing (tc);
722 if (tc->cfg_flags & TCP_CFG_F_RATE_SAMPLE)
725 if (!tcp_cfg.allow_tso)
726 tc->cfg_flags |= TCP_CFG_F_NO_TSO;
728 tc->start_ts = tcp_time_now_us (tc->c_thread_index);
732 tcp_alloc_custom_local_endpoint (tcp_main_t * tm, ip46_address_t * lcl_addr,
733 u16 * lcl_port, u8 is_ip4)
738 index = tm->last_v4_addr_rotor++;
739 if (tm->last_v4_addr_rotor >= vec_len (tcp_cfg.ip4_src_addrs))
740 tm->last_v4_addr_rotor = 0;
741 lcl_addr->ip4.as_u32 = tcp_cfg.ip4_src_addrs[index].as_u32;
745 index = tm->last_v6_addr_rotor++;
746 if (tm->last_v6_addr_rotor >= vec_len (tcp_cfg.ip6_src_addrs))
747 tm->last_v6_addr_rotor = 0;
748 clib_memcpy_fast (&lcl_addr->ip6, &tcp_cfg.ip6_src_addrs[index],
749 sizeof (ip6_address_t));
751 port = transport_alloc_local_port (TRANSPORT_PROTO_TCP, lcl_addr);
753 return SESSION_E_NOPORT;
759 tcp_session_open (transport_endpoint_cfg_t * rmt)
761 tcp_main_t *tm = vnet_get_tcp_main ();
762 tcp_connection_t *tc;
763 ip46_address_t lcl_addr;
768 * Allocate local endpoint
770 if ((rmt->is_ip4 && vec_len (tcp_cfg.ip4_src_addrs))
771 || (!rmt->is_ip4 && vec_len (tcp_cfg.ip6_src_addrs)))
772 rv = tcp_alloc_custom_local_endpoint (tm, &lcl_addr, &lcl_port,
775 rv = transport_alloc_local_endpoint (TRANSPORT_PROTO_TCP,
776 rmt, &lcl_addr, &lcl_port);
780 if (rv != SESSION_E_PORTINUSE)
783 if (session_lookup_connection (rmt->fib_index, &lcl_addr, &rmt->ip,
784 lcl_port, rmt->port, TRANSPORT_PROTO_UDP,
786 return SESSION_E_PORTINUSE;
788 /* 5-tuple is available so increase lcl endpoint refcount and proceed
789 * with connection allocation */
790 transport_share_local_endpoint (TRANSPORT_PROTO_UDP, &lcl_addr,
795 * Create connection and send SYN
797 clib_spinlock_lock_if_init (&tm->half_open_lock);
798 tc = tcp_half_open_connection_new ();
799 ip_copy (&tc->c_rmt_ip, &rmt->ip, rmt->is_ip4);
800 ip_copy (&tc->c_lcl_ip, &lcl_addr, rmt->is_ip4);
801 tc->c_rmt_port = rmt->port;
802 tc->c_lcl_port = clib_host_to_net_u16 (lcl_port);
803 tc->c_is_ip4 = rmt->is_ip4;
804 tc->c_proto = TRANSPORT_PROTO_TCP;
805 tc->c_fib_index = rmt->fib_index;
806 tc->cc_algo = tcp_cc_algo_get (tcp_cfg.cc_algo);
807 /* The other connection vars will be initialized after SYN ACK */
808 tcp_connection_timers_init (tc);
811 TCP_EVT (TCP_EVT_OPEN, tc);
812 tc->state = TCP_STATE_SYN_SENT;
813 tcp_init_snd_vars (tc);
815 clib_spinlock_unlock_if_init (&tm->half_open_lock);
817 return tc->c_c_index;
821 format_tcp_session (u8 * s, va_list * args)
823 u32 tci = va_arg (*args, u32);
824 u32 thread_index = va_arg (*args, u32);
825 u32 verbose = va_arg (*args, u32);
826 tcp_connection_t *tc;
828 tc = tcp_connection_get (tci, thread_index);
830 s = format (s, "%U", format_tcp_connection, tc, verbose);
832 s = format (s, "empty\n");
837 format_tcp_listener_session (u8 * s, va_list * args)
839 u32 tci = va_arg (*args, u32);
840 u32 __clib_unused thread_index = va_arg (*args, u32);
841 u32 verbose = va_arg (*args, u32);
842 tcp_connection_t *tc = tcp_listener_get (tci);
843 s = format (s, "%-" SESSION_CLI_ID_LEN "U", format_tcp_connection_id, tc);
845 s = format (s, "%-" SESSION_CLI_STATE_LEN "U", format_tcp_state,
851 format_tcp_half_open_session (u8 * s, va_list * args)
853 u32 tci = va_arg (*args, u32);
854 u32 __clib_unused thread_index = va_arg (*args, u32);
855 tcp_connection_t *tc = tcp_half_open_connection_get (tci);
856 return format (s, "%U", format_tcp_connection_id, tc);
859 static transport_connection_t *
860 tcp_session_get_transport (u32 conn_index, u32 thread_index)
862 tcp_connection_t *tc = tcp_connection_get (conn_index, thread_index);
863 if (PREDICT_FALSE (!tc))
865 return &tc->connection;
868 static transport_connection_t *
869 tcp_half_open_session_get_transport (u32 conn_index)
871 tcp_connection_t *tc = tcp_half_open_connection_get (conn_index);
872 return &tc->connection;
876 tcp_session_cal_goal_size (tcp_connection_t * tc)
878 u16 goal_size = tc->snd_mss;
880 goal_size = tcp_cfg.max_gso_size - tc->snd_mss % tcp_cfg.max_gso_size;
881 goal_size = clib_min (goal_size, tc->snd_wnd / 2);
883 return goal_size > tc->snd_mss ? goal_size : tc->snd_mss;
887 tcp_round_snd_space (tcp_connection_t * tc, u32 snd_space)
889 if (PREDICT_FALSE (tc->snd_wnd < tc->snd_mss))
891 return tc->snd_wnd <= snd_space ? tc->snd_wnd : 0;
894 /* If not snd_wnd constrained and we can't write at least a segment,
895 * don't try at all */
896 if (PREDICT_FALSE (snd_space < tc->snd_mss))
897 return snd_space < tc->cwnd ? 0 : snd_space;
899 /* round down to mss multiple */
900 return snd_space - (snd_space % tc->snd_mss);
904 * Compute tx window session is allowed to fill.
906 * Takes into account available send space, snd_mss and the congestion
907 * state of the connection. If possible, the value returned is a multiple
910 * @param tc tcp connection
911 * @return number of bytes session is allowed to write
914 tcp_snd_space_inline (tcp_connection_t * tc)
918 /* Fast path is disabled when recovery is on. @ref tcp_session_custom_tx
919 * controls both retransmits and the sending of new data while congested
921 if (PREDICT_FALSE (tcp_in_cong_recovery (tc)
922 || tc->state == TCP_STATE_CLOSED))
925 snd_space = tcp_available_output_snd_space (tc);
927 /* If we got dupacks or sacked bytes but we're not yet in recovery, try
928 * to force the peer to send enough dupacks to start retransmitting as
929 * per Limited Transmit (RFC3042)
931 if (PREDICT_FALSE (tc->rcv_dupacks || tc->sack_sb.sacked_bytes))
933 int snt_limited, n_pkts;
935 n_pkts = tcp_opts_sack_permitted (&tc->rcv_opts)
936 ? tc->sack_sb.reorder - 1 : 2;
938 if ((seq_lt (tc->limited_transmit, tc->snd_nxt - n_pkts * tc->snd_mss)
939 || seq_gt (tc->limited_transmit, tc->snd_nxt)))
940 tc->limited_transmit = tc->snd_nxt;
942 ASSERT (seq_leq (tc->limited_transmit, tc->snd_nxt));
944 snt_limited = tc->snd_nxt - tc->limited_transmit;
945 snd_space = clib_max (n_pkts * tc->snd_mss - snt_limited, 0);
947 return tcp_round_snd_space (tc, snd_space);
951 tcp_snd_space (tcp_connection_t * tc)
953 return tcp_snd_space_inline (tc);
957 tcp_session_send_params (transport_connection_t * trans_conn,
958 transport_send_params_t * sp)
960 tcp_connection_t *tc = (tcp_connection_t *) trans_conn;
962 /* Ensure snd_mss does accurately reflect the amount of data we can push
963 * in a segment. This also makes sure that options are updated according to
964 * the current state of the connection. */
965 tcp_update_burst_snd_vars (tc);
967 if (PREDICT_FALSE (tc->cfg_flags & TCP_CFG_F_TSO))
968 sp->snd_mss = tcp_session_cal_goal_size (tc);
970 sp->snd_mss = tc->snd_mss;
972 sp->snd_space = clib_min (tcp_snd_space_inline (tc),
973 tc->snd_wnd - (tc->snd_nxt - tc->snd_una));
975 ASSERT (seq_geq (tc->snd_nxt, tc->snd_una));
976 /* This still works if fast retransmit is on */
977 sp->tx_offset = tc->snd_nxt - tc->snd_una;
979 sp->flags = sp->snd_space ? 0 : TRANSPORT_SND_F_DESCHED;
985 tcp_timer_waitclose_handler (tcp_connection_t * tc)
987 tcp_worker_ctx_t *wrk = tcp_get_worker (tc->c_thread_index);
991 case TCP_STATE_CLOSE_WAIT:
992 tcp_connection_timers_reset (tc);
993 /* App never returned with a close */
994 if (!(tc->flags & TCP_CONN_FINPNDG))
996 tcp_connection_set_state (tc, TCP_STATE_CLOSED);
997 session_transport_closed_notify (&tc->connection);
998 tcp_program_cleanup (wrk, tc);
999 tcp_worker_stats_inc (wrk, to_closewait, 1);
1003 /* Send FIN either way and switch to LAST_ACK. */
1004 tcp_cong_recovery_off (tc);
1005 /* Make sure we don't try to send unsent data */
1006 tc->snd_nxt = tc->snd_una;
1008 tcp_connection_set_state (tc, TCP_STATE_LAST_ACK);
1009 session_transport_closed_notify (&tc->connection);
1011 /* Make sure we don't wait in LAST ACK forever */
1012 tcp_timer_set (&wrk->timer_wheel, tc, TCP_TIMER_WAITCLOSE,
1013 tcp_cfg.lastack_time);
1014 tcp_worker_stats_inc (wrk, to_closewait2, 1);
1016 /* Don't delete the connection yet */
1018 case TCP_STATE_FIN_WAIT_1:
1019 tcp_connection_timers_reset (tc);
1020 if (tc->flags & TCP_CONN_FINPNDG)
1022 /* If FIN pending, we haven't sent everything, but we did try.
1023 * Notify session layer that transport is closed. */
1024 tcp_connection_set_state (tc, TCP_STATE_CLOSED);
1025 tcp_send_reset (tc);
1026 tcp_program_cleanup (wrk, tc);
1030 /* We've sent the fin but no progress. Close the connection and
1031 * to make sure everything is flushed, setup a cleanup timer */
1032 tcp_connection_set_state (tc, TCP_STATE_CLOSED);
1033 tcp_program_cleanup (wrk, tc);
1035 session_transport_closed_notify (&tc->connection);
1036 tcp_worker_stats_inc (wrk, to_finwait1, 1);
1038 case TCP_STATE_LAST_ACK:
1039 tcp_connection_timers_reset (tc);
1040 tcp_connection_set_state (tc, TCP_STATE_CLOSED);
1041 session_transport_closed_notify (&tc->connection);
1042 tcp_program_cleanup (wrk, tc);
1043 tcp_worker_stats_inc (wrk, to_lastack, 1);
1045 case TCP_STATE_CLOSING:
1046 tcp_connection_timers_reset (tc);
1047 tcp_connection_set_state (tc, TCP_STATE_CLOSED);
1048 session_transport_closed_notify (&tc->connection);
1049 tcp_program_cleanup (wrk, tc);
1050 tcp_worker_stats_inc (wrk, to_closing, 1);
1052 case TCP_STATE_FIN_WAIT_2:
1053 tcp_send_reset (tc);
1054 tcp_connection_timers_reset (tc);
1055 tcp_connection_set_state (tc, TCP_STATE_CLOSED);
1056 session_transport_closed_notify (&tc->connection);
1057 tcp_program_cleanup (wrk, tc);
1058 tcp_worker_stats_inc (wrk, to_finwait2, 1);
1060 case TCP_STATE_TIME_WAIT:
1061 tcp_connection_set_state (tc, TCP_STATE_CLOSED);
1062 tcp_program_cleanup (wrk, tc);
1065 clib_warning ("waitclose in state: %U", format_tcp_state, tc->state);
1071 static timer_expiration_handler *timer_expiration_handlers[TCP_N_TIMERS] =
1073 tcp_timer_retransmit_handler,
1074 tcp_timer_persist_handler,
1075 tcp_timer_waitclose_handler,
1076 tcp_timer_retransmit_syn_handler,
1081 tcp_dispatch_pending_timers (tcp_worker_ctx_t * wrk)
1083 u32 n_timers, connection_index, timer_id, thread_index, timer_handle;
1084 tcp_connection_t *tc;
1087 if (!(n_timers = clib_fifo_elts (wrk->pending_timers)))
1090 thread_index = wrk->vm->thread_index;
1091 for (i = 0; i < clib_min (n_timers, wrk->max_timers_per_loop); i++)
1093 clib_fifo_sub1 (wrk->pending_timers, timer_handle);
1094 connection_index = timer_handle & 0x0FFFFFFF;
1095 timer_id = timer_handle >> 28;
1097 if (PREDICT_TRUE (timer_id != TCP_TIMER_RETRANSMIT_SYN))
1098 tc = tcp_connection_get (connection_index, thread_index);
1100 tc = tcp_half_open_connection_get (connection_index);
1102 if (PREDICT_FALSE (!tc))
1105 /* Skip if the timer is not pending. Probably it was reset while
1106 * waiting for dispatch */
1107 if (PREDICT_FALSE (!(tc->pending_timers & (1 << timer_id))))
1110 tc->pending_timers &= ~(1 << timer_id);
1112 /* Skip timer if it was rearmed while pending dispatch */
1113 if (PREDICT_FALSE (tc->timers[timer_id] != TCP_TIMER_HANDLE_INVALID))
1116 (*timer_expiration_handlers[timer_id]) (tc);
1119 if (thread_index == 0 && clib_fifo_elts (wrk->pending_timers))
1120 session_queue_run_on_main_thread (wrk->vm);
1124 tcp_handle_cleanups (tcp_worker_ctx_t * wrk, clib_time_type_t now)
1126 u32 thread_index = wrk->vm->thread_index;
1127 tcp_cleanup_req_t *req;
1128 tcp_connection_t *tc;
1130 while (clib_fifo_elts (wrk->pending_cleanups))
1132 req = clib_fifo_head (wrk->pending_cleanups);
1133 if (req->free_time > now)
1135 clib_fifo_sub2 (wrk->pending_cleanups, req);
1136 tc = tcp_connection_get (req->connection_index, thread_index);
1137 if (PREDICT_FALSE (!tc))
1139 session_transport_delete_notify (&tc->connection);
1140 tcp_connection_cleanup (tc);
1145 tcp_update_time (f64 now, u8 thread_index)
1147 tcp_worker_ctx_t *wrk = tcp_get_worker (thread_index);
1149 tcp_set_time_now (wrk);
1150 tcp_handle_cleanups (wrk, now);
1151 tcp_timer_expire_timers (&wrk->timer_wheel, now);
1152 tcp_dispatch_pending_timers (wrk);
1156 tcp_session_flush_data (transport_connection_t * tconn)
1158 tcp_connection_t *tc = (tcp_connection_t *) tconn;
1159 if (tc->flags & TCP_CONN_PSH_PENDING)
1161 tc->flags |= TCP_CONN_PSH_PENDING;
1162 tc->psh_seq = tc->snd_una + transport_max_tx_dequeue (tconn) - 1;
1166 const static transport_proto_vft_t tcp_proto = {
1167 .enable = vnet_tcp_enable_disable,
1168 .start_listen = tcp_session_bind,
1169 .stop_listen = tcp_session_unbind,
1170 .push_header = tcp_session_push_header,
1171 .get_connection = tcp_session_get_transport,
1172 .get_listener = tcp_session_get_listener,
1173 .get_half_open = tcp_half_open_session_get_transport,
1174 .connect = tcp_session_open,
1175 .close = tcp_session_close,
1176 .cleanup = tcp_session_cleanup,
1177 .cleanup_ho = tcp_session_cleanup_ho,
1178 .reset = tcp_session_reset,
1179 .send_params = tcp_session_send_params,
1180 .update_time = tcp_update_time,
1181 .flush_data = tcp_session_flush_data,
1182 .custom_tx = tcp_session_custom_tx,
1183 .format_connection = format_tcp_session,
1184 .format_listener = format_tcp_listener_session,
1185 .format_half_open = format_tcp_half_open_session,
1186 .transport_options = {
1189 .tx_type = TRANSPORT_TX_PEEK,
1190 .service_type = TRANSPORT_SERVICE_VC,
1196 tcp_connection_tx_pacer_update (tcp_connection_t * tc)
1198 if (!transport_connection_is_tx_paced (&tc->connection))
1201 f64 srtt = clib_min ((f64) tc->srtt * TCP_TICK, tc->mrtt_us);
1203 transport_connection_tx_pacer_update (&tc->connection,
1204 tcp_cc_get_pacing_rate (tc),
1205 srtt * CLIB_US_TIME_FREQ);
1209 tcp_connection_tx_pacer_reset (tcp_connection_t * tc, u32 window,
1212 f64 srtt = clib_min ((f64) tc->srtt * TCP_TICK, tc->mrtt_us);
1213 transport_connection_tx_pacer_reset (&tc->connection,
1214 tcp_cc_get_pacing_rate (tc),
1216 srtt * CLIB_US_TIME_FREQ);
1220 tcp_reschedule (tcp_connection_t * tc)
1222 if (tcp_in_cong_recovery (tc) || tcp_snd_space_inline (tc))
1223 transport_connection_reschedule (&tc->connection);
1227 tcp_expired_timers_dispatch (u32 * expired_timers)
1229 u32 thread_index = vlib_get_thread_index (), n_left, max_per_loop;
1230 u32 connection_index, timer_id, n_expired, max_loops;
1231 tcp_worker_ctx_t *wrk;
1232 tcp_connection_t *tc;
1235 wrk = tcp_get_worker (thread_index);
1236 n_expired = vec_len (expired_timers);
1237 tcp_worker_stats_inc (wrk, timer_expirations, n_expired);
1238 n_left = clib_fifo_elts (wrk->pending_timers);
1241 * Invalidate all timer handles before dispatching. This avoids dangling
1242 * index references to timer wheel pool entries that have been freed.
1244 for (i = 0; i < n_expired; i++)
1246 connection_index = expired_timers[i] & 0x0FFFFFFF;
1247 timer_id = expired_timers[i] >> 28;
1249 if (timer_id != TCP_TIMER_RETRANSMIT_SYN)
1250 tc = tcp_connection_get (connection_index, thread_index);
1252 tc = tcp_half_open_connection_get (connection_index);
1254 TCP_EVT (TCP_EVT_TIMER_POP, connection_index, timer_id);
1256 tc->timers[timer_id] = TCP_TIMER_HANDLE_INVALID;
1257 tc->pending_timers |= (1 << timer_id);
1260 clib_fifo_add (wrk->pending_timers, expired_timers, n_expired);
1262 max_loops = clib_max (1, 0.5 * TCP_TIMER_TICK * wrk->vm->loops_per_second);
1263 max_per_loop = clib_max ((n_left + n_expired) / max_loops, 10);
1264 max_per_loop = clib_min (max_per_loop, VLIB_FRAME_SIZE);
1265 wrk->max_timers_per_loop = clib_max (n_left ? wrk->max_timers_per_loop : 0,
1268 if (thread_index == 0)
1269 session_queue_run_on_main_thread (wrk->vm);
1273 tcp_initialize_iss_seed (tcp_main_t * tm)
1275 u32 default_seed = random_default_seed ();
1276 u64 time_now = clib_cpu_time_now ();
1278 tm->iss_seed.first = (u64) random_u32 (&default_seed) << 32;
1279 tm->iss_seed.second = random_u64 (&time_now);
1282 static clib_error_t *
1283 tcp_main_enable (vlib_main_t * vm)
1285 vlib_thread_main_t *vtm = vlib_get_thread_main ();
1286 u32 num_threads, n_workers, prealloc_conn_per_wrk;
1287 tcp_connection_t *tc __attribute__ ((unused));
1288 tcp_main_t *tm = vnet_get_tcp_main ();
1289 tcp_worker_ctx_t *wrk;
1290 clib_error_t *error = 0;
1293 if ((error = vlib_call_init_function (vm, ip_main_init)))
1295 if ((error = vlib_call_init_function (vm, ip4_lookup_init)))
1297 if ((error = vlib_call_init_function (vm, ip6_lookup_init)))
1304 ip4_register_protocol (IP_PROTOCOL_TCP, tcp4_input_node.index);
1305 ip6_register_protocol (IP_PROTOCOL_TCP, tcp6_input_node.index);
1308 * Initialize data structures
1311 num_threads = 1 /* main thread */ + vtm->n_threads;
1312 vec_validate (tm->wrk_ctx, num_threads - 1);
1313 n_workers = num_threads == 1 ? 1 : vtm->n_threads;
1314 prealloc_conn_per_wrk = tcp_cfg.preallocated_connections / n_workers;
1316 wrk = &tm->wrk_ctx[0];
1317 wrk->tco_next_node[0] = vlib_node_get_next (vm, session_queue_node.index,
1318 tcp4_output_node.index);
1319 wrk->tco_next_node[1] = vlib_node_get_next (vm, session_queue_node.index,
1320 tcp6_output_node.index);
1322 for (thread = 0; thread < num_threads; thread++)
1324 wrk = &tm->wrk_ctx[thread];
1326 vec_validate (wrk->pending_deq_acked, 255);
1327 vec_validate (wrk->pending_disconnects, 255);
1328 vec_validate (wrk->pending_resets, 255);
1329 vec_reset_length (wrk->pending_deq_acked);
1330 vec_reset_length (wrk->pending_disconnects);
1331 vec_reset_length (wrk->pending_resets);
1332 wrk->vm = vlib_mains[thread];
1333 wrk->max_timers_per_loop = 10;
1337 wrk->tco_next_node[0] = tm->wrk_ctx[0].tco_next_node[0];
1338 wrk->tco_next_node[1] = tm->wrk_ctx[0].tco_next_node[1];
1342 * Preallocate connections. Assume that thread 0 won't
1343 * use preallocated threads when running multi-core
1345 if ((thread > 0 || num_threads == 1) && prealloc_conn_per_wrk)
1346 pool_init_fixed (wrk->connections, prealloc_conn_per_wrk);
1348 tcp_timer_initialize_wheel (&wrk->timer_wheel,
1349 tcp_expired_timers_dispatch,
1350 vlib_time_now (vm));
1354 * Use a preallocated half-open connection pool?
1356 if (tcp_cfg.preallocated_half_open_connections)
1357 pool_init_fixed (tm->half_open_connections,
1358 tcp_cfg.preallocated_half_open_connections);
1360 if (num_threads > 1)
1362 clib_spinlock_init (&tm->half_open_lock);
1365 tcp_initialize_iss_seed (tm);
1367 tm->bytes_per_buffer = vlib_buffer_get_default_data_size (vm);
1368 tm->cc_last_type = TCP_CC_LAST;
1370 tm->ipl_next_node[0] = vlib_node_get_next (vm, session_queue_node.index,
1371 ip4_lookup_node.index);
1372 tm->ipl_next_node[1] = vlib_node_get_next (vm, session_queue_node.index,
1373 ip6_lookup_node.index);
1378 vnet_tcp_enable_disable (vlib_main_t * vm, u8 is_en)
1382 if (tcp_main.is_enabled)
1385 return tcp_main_enable (vm);
1389 tcp_main.is_enabled = 0;
1396 tcp_punt_unknown (vlib_main_t * vm, u8 is_ip4, u8 is_add)
1398 tcp_main_t *tm = &tcp_main;
1400 tm->punt_unknown4 = is_add;
1402 tm->punt_unknown6 = is_add;
1406 * Initialize default values for tcp parameters
1409 tcp_configuration_init (void)
1411 /* Initial wnd for SYN. Fifos are not allocated at that point so use some
1412 * predefined value. For SYN-ACK we still want the scale to be computed in
1414 tcp_cfg.max_rx_fifo = 32 << 20;
1415 tcp_cfg.min_rx_fifo = 4 << 10;
1417 tcp_cfg.default_mtu = 1500;
1418 tcp_cfg.initial_cwnd_multiplier = 0;
1419 tcp_cfg.enable_tx_pacing = 1;
1420 tcp_cfg.allow_tso = 0;
1421 tcp_cfg.csum_offload = 1;
1422 tcp_cfg.cc_algo = TCP_CC_CUBIC;
1423 tcp_cfg.rwnd_min_update_ack = 1;
1424 tcp_cfg.max_gso_size = TCP_MAX_GSO_SZ;
1426 /* Time constants defined as timer tick (100us) multiples */
1427 tcp_cfg.closewait_time = 20000; /* 2s */
1428 tcp_cfg.timewait_time = 100000; /* 10s */
1429 tcp_cfg.finwait1_time = 600000; /* 60s */
1430 tcp_cfg.lastack_time = 300000; /* 30s */
1431 tcp_cfg.finwait2_time = 300000; /* 30s */
1432 tcp_cfg.closing_time = 300000; /* 30s */
1434 /* This value is seconds */
1435 tcp_cfg.cleanup_time = 0.1; /* 100ms */
1438 static clib_error_t *
1439 tcp_init (vlib_main_t * vm)
1441 tcp_main_t *tm = vnet_get_tcp_main ();
1442 ip_main_t *im = &ip_main;
1443 ip_protocol_info_t *pi;
1445 /* Session layer, and by implication tcp, are disabled by default */
1448 /* Register with IP for header parsing */
1449 pi = ip_get_protocol_info (im, IP_PROTOCOL_TCP);
1451 return clib_error_return (0, "TCP protocol info AWOL");
1452 pi->format_header = format_tcp_header;
1453 pi->unformat_pg_edit = unformat_pg_tcp_header;
1455 /* Register as transport with session layer */
1456 transport_register_protocol (TRANSPORT_PROTO_TCP, &tcp_proto,
1457 FIB_PROTOCOL_IP4, tcp4_output_node.index);
1458 transport_register_protocol (TRANSPORT_PROTO_TCP, &tcp_proto,
1459 FIB_PROTOCOL_IP6, tcp6_output_node.index);
1461 tcp_configuration_init ();
1463 tm->cc_algo_by_name = hash_create_string (0, sizeof (uword));
1468 VLIB_INIT_FUNCTION (tcp_init);
1471 * fd.io coding-style-patch-verification: ON
1474 * eval: (c-set-style "gnu")