2 * Copyright (c) 2016 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
16 #include <vnet/tcp/tcp.h>
17 #include <vnet/lisp-cp/packets.h>
20 vlib_node_registration_t tcp4_output_node;
21 vlib_node_registration_t tcp6_output_node;
23 typedef enum _tcp_output_next
26 TCP_OUTPUT_NEXT_IP_LOOKUP,
27 TCP_OUTPUT_NEXT_IP_REWRITE,
28 TCP_OUTPUT_NEXT_IP_ARP,
32 #define foreach_tcp4_output_next \
33 _ (DROP, "error-drop") \
34 _ (IP_LOOKUP, "ip4-lookup") \
35 _ (IP_REWRITE, "ip4-rewrite") \
38 #define foreach_tcp6_output_next \
39 _ (DROP, "error-drop") \
40 _ (IP_LOOKUP, "ip6-lookup") \
41 _ (IP_REWRITE, "ip6-rewrite") \
42 _ (IP_ARP, "ip6-discover-neighbor")
44 static char *tcp_error_strings[] = {
45 #define tcp_error(n,s) s,
46 #include <vnet/tcp/tcp_error.def>
52 tcp_header_t tcp_header;
53 tcp_connection_t tcp_connection;
59 format_tcp_tx_trace (u8 * s, va_list * args)
61 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
62 CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
63 tcp_tx_trace_t *t = va_arg (*args, tcp_tx_trace_t *);
64 u32 indent = format_get_indent (s);
66 s = format (s, "%U\n%U%U",
67 format_tcp_header, &t->tcp_header, 128,
68 format_white_space, indent,
69 format_tcp_connection, &t->tcp_connection, 1);
75 tcp_window_compute_scale (u32 window)
78 while (wnd_scale < TCP_MAX_WND_SCALE && (window >> wnd_scale) > TCP_WND_MAX)
84 * Update max segment size we're able to process.
86 * The value is constrained by our interface's MTU and IP options. It is
87 * also what we advertise to our peer.
90 tcp_update_rcv_mss (tcp_connection_t * tc)
92 /* TODO find our iface MTU */
93 tc->mss = dummy_mtu - sizeof (tcp_header_t);
97 * TCP's initial window
100 tcp_initial_wnd_unscaled (tcp_connection_t * tc)
102 /* RFC 6928 recommends the value lower. However at the time our connections
103 * are initialized, fifos may not be allocated. Therefore, advertise the
104 * smallest possible unscaled window size and update once fifos are
105 * assigned to the session.
108 tcp_update_rcv_mss (tc);
109 TCP_IW_N_SEGMENTS * tc->mss;
111 return TCP_MIN_RX_FIFO_SIZE;
115 * Compute initial window and scale factor. As per RFC1323, window field in
116 * SYN and SYN-ACK segments is never scaled.
119 tcp_initial_window_to_advertise (tcp_connection_t * tc)
123 /* Initial wnd for SYN. Fifos are not allocated yet.
124 * Use some predefined value. For SYN-ACK we still want the
125 * scale to be computed in the same way */
126 max_fifo = TCP_MAX_RX_FIFO_SIZE;
128 tc->rcv_wscale = tcp_window_compute_scale (max_fifo);
129 tc->rcv_wnd = tcp_initial_wnd_unscaled (tc);
131 return clib_min (tc->rcv_wnd, TCP_WND_MAX);
135 * Compute and return window to advertise, scaled as per RFC1323
138 tcp_window_to_advertise (tcp_connection_t * tc, tcp_state_t state)
140 if (state < TCP_STATE_ESTABLISHED)
141 return tcp_initial_window_to_advertise (tc);
143 tcp_update_rcv_wnd (tc);
145 if (tc->rcv_wnd == 0)
147 tc->flags |= TCP_CONN_SENT_RCV_WND0;
151 tc->flags &= ~TCP_CONN_SENT_RCV_WND0;
154 return tc->rcv_wnd >> tc->rcv_wscale;
158 tcp_update_rcv_wnd (tcp_connection_t * tc)
161 u32 available_space, max_fifo, wnd;
164 * Figure out how much space we have available
166 available_space = transport_max_rx_enqueue (&tc->connection);
167 max_fifo = transport_rx_fifo_size (&tc->connection);
169 ASSERT (tc->rcv_opts.mss < max_fifo);
170 if (available_space < tc->rcv_opts.mss && available_space < max_fifo >> 3)
174 * Use the above and what we know about what we've previously advertised
175 * to compute the new window
177 observed_wnd = (i32) tc->rcv_wnd - (tc->rcv_nxt - tc->rcv_las);
178 if (observed_wnd < 0)
181 /* Bad. Thou shalt not shrink */
182 if (available_space < observed_wnd)
185 TCP_EVT_DBG (TCP_EVT_RCV_WND_SHRUNK, tc, observed_wnd, available_space);
189 wnd = available_space;
192 /* Make sure we have a multiple of rcv_wscale */
193 if (wnd && tc->rcv_wscale)
195 wnd &= ~(1 << tc->rcv_wscale);
197 wnd = 1 << tc->rcv_wscale;
200 tc->rcv_wnd = clib_min (wnd, TCP_WND_MAX << tc->rcv_wscale);
204 * Write TCP options to segment.
207 tcp_options_write (u8 * data, tcp_options_t * opts)
210 u32 buf, seq_len = 4;
212 if (tcp_opts_mss (opts))
214 *data++ = TCP_OPTION_MSS;
215 *data++ = TCP_OPTION_LEN_MSS;
216 buf = clib_host_to_net_u16 (opts->mss);
217 clib_memcpy (data, &buf, sizeof (opts->mss));
218 data += sizeof (opts->mss);
219 opts_len += TCP_OPTION_LEN_MSS;
222 if (tcp_opts_wscale (opts))
224 *data++ = TCP_OPTION_WINDOW_SCALE;
225 *data++ = TCP_OPTION_LEN_WINDOW_SCALE;
226 *data++ = opts->wscale;
227 opts_len += TCP_OPTION_LEN_WINDOW_SCALE;
230 if (tcp_opts_sack_permitted (opts))
232 *data++ = TCP_OPTION_SACK_PERMITTED;
233 *data++ = TCP_OPTION_LEN_SACK_PERMITTED;
234 opts_len += TCP_OPTION_LEN_SACK_PERMITTED;
237 if (tcp_opts_tstamp (opts))
239 *data++ = TCP_OPTION_TIMESTAMP;
240 *data++ = TCP_OPTION_LEN_TIMESTAMP;
241 buf = clib_host_to_net_u32 (opts->tsval);
242 clib_memcpy (data, &buf, sizeof (opts->tsval));
243 data += sizeof (opts->tsval);
244 buf = clib_host_to_net_u32 (opts->tsecr);
245 clib_memcpy (data, &buf, sizeof (opts->tsecr));
246 data += sizeof (opts->tsecr);
247 opts_len += TCP_OPTION_LEN_TIMESTAMP;
250 if (tcp_opts_sack (opts))
253 u32 n_sack_blocks = clib_min (vec_len (opts->sacks),
254 TCP_OPTS_MAX_SACK_BLOCKS);
256 if (n_sack_blocks != 0)
258 *data++ = TCP_OPTION_SACK_BLOCK;
259 *data++ = 2 + n_sack_blocks * TCP_OPTION_LEN_SACK_BLOCK;
260 for (i = 0; i < n_sack_blocks; i++)
262 buf = clib_host_to_net_u32 (opts->sacks[i].start);
263 clib_memcpy (data, &buf, seq_len);
265 buf = clib_host_to_net_u32 (opts->sacks[i].end);
266 clib_memcpy (data, &buf, seq_len);
269 opts_len += 2 + n_sack_blocks * TCP_OPTION_LEN_SACK_BLOCK;
273 /* Terminate TCP options */
276 *data++ = TCP_OPTION_EOL;
277 opts_len += TCP_OPTION_LEN_EOL;
280 /* Pad with zeroes to a u32 boundary */
283 *data++ = TCP_OPTION_NOOP;
284 opts_len += TCP_OPTION_LEN_NOOP;
290 tcp_make_syn_options (tcp_options_t * opts, u8 wnd_scale)
294 opts->flags |= TCP_OPTS_FLAG_MSS;
295 opts->mss = dummy_mtu; /*XXX discover that */
296 len += TCP_OPTION_LEN_MSS;
298 opts->flags |= TCP_OPTS_FLAG_WSCALE;
299 opts->wscale = wnd_scale;
300 len += TCP_OPTION_LEN_WINDOW_SCALE;
302 opts->flags |= TCP_OPTS_FLAG_TSTAMP;
303 opts->tsval = tcp_time_now ();
305 len += TCP_OPTION_LEN_TIMESTAMP;
309 opts->flags |= TCP_OPTS_FLAG_SACK_PERMITTED;
310 len += TCP_OPTION_LEN_SACK_PERMITTED;
313 /* Align to needed boundary */
314 len += (TCP_OPTS_ALIGN - len % TCP_OPTS_ALIGN) % TCP_OPTS_ALIGN;
319 tcp_make_synack_options (tcp_connection_t * tc, tcp_options_t * opts)
323 opts->flags |= TCP_OPTS_FLAG_MSS;
325 len += TCP_OPTION_LEN_MSS;
327 if (tcp_opts_wscale (&tc->rcv_opts))
329 opts->flags |= TCP_OPTS_FLAG_WSCALE;
330 opts->wscale = tc->rcv_wscale;
331 len += TCP_OPTION_LEN_WINDOW_SCALE;
334 if (tcp_opts_tstamp (&tc->rcv_opts))
336 opts->flags |= TCP_OPTS_FLAG_TSTAMP;
337 opts->tsval = tcp_time_now ();
338 opts->tsecr = tc->tsval_recent;
339 len += TCP_OPTION_LEN_TIMESTAMP;
342 if (tcp_opts_sack_permitted (&tc->rcv_opts))
344 opts->flags |= TCP_OPTS_FLAG_SACK_PERMITTED;
345 len += TCP_OPTION_LEN_SACK_PERMITTED;
348 /* Align to needed boundary */
349 len += (TCP_OPTS_ALIGN - len % TCP_OPTS_ALIGN) % TCP_OPTS_ALIGN;
354 tcp_make_established_options (tcp_connection_t * tc, tcp_options_t * opts)
360 if (tcp_opts_tstamp (&tc->rcv_opts))
362 opts->flags |= TCP_OPTS_FLAG_TSTAMP;
363 opts->tsval = tcp_time_now ();
364 opts->tsecr = tc->tsval_recent;
365 len += TCP_OPTION_LEN_TIMESTAMP;
367 if (tcp_opts_sack_permitted (&tc->rcv_opts))
369 if (vec_len (tc->snd_sacks))
371 opts->flags |= TCP_OPTS_FLAG_SACK;
372 opts->sacks = tc->snd_sacks;
373 opts->n_sack_blocks = clib_min (vec_len (tc->snd_sacks),
374 TCP_OPTS_MAX_SACK_BLOCKS);
375 len += 2 + TCP_OPTION_LEN_SACK_BLOCK * opts->n_sack_blocks;
379 /* Align to needed boundary */
380 len += (TCP_OPTS_ALIGN - len % TCP_OPTS_ALIGN) % TCP_OPTS_ALIGN;
385 tcp_make_options (tcp_connection_t * tc, tcp_options_t * opts,
390 case TCP_STATE_ESTABLISHED:
391 case TCP_STATE_FIN_WAIT_1:
392 case TCP_STATE_CLOSED:
393 return tcp_make_established_options (tc, opts);
394 case TCP_STATE_SYN_RCVD:
395 return tcp_make_synack_options (tc, opts);
396 case TCP_STATE_SYN_SENT:
397 return tcp_make_syn_options (opts, tc->rcv_wscale);
399 clib_warning ("State not handled! %d", state);
405 * Update snd_mss to reflect the effective segment size that we can send
406 * by taking into account all TCP options, including SACKs
409 tcp_update_snd_mss (tcp_connection_t * tc)
411 /* Compute options to be used for connection. These may be reused when
412 * sending data or to compute the effective mss (snd_mss) */
414 tcp_make_options (tc, &tc->snd_opts, TCP_STATE_ESTABLISHED);
416 /* XXX check if MTU has been updated */
417 tc->snd_mss = clib_min (tc->mss, tc->rcv_opts.mss) - tc->snd_opts_len;
418 ASSERT (tc->snd_mss > 0);
422 tcp_init_mss (tcp_connection_t * tc)
424 u16 default_min_mss = 536;
425 tcp_update_rcv_mss (tc);
427 /* TODO cache mss and consider PMTU discovery */
428 tc->snd_mss = clib_min (tc->rcv_opts.mss, tc->mss);
430 if (tc->snd_mss < 45)
432 clib_warning ("snd mss is 0");
433 /* Assume that at least the min default mss works */
434 tc->snd_mss = default_min_mss;
435 tc->rcv_opts.mss = default_min_mss;
438 /* We should have enough space for 40 bytes of options */
439 ASSERT (tc->snd_mss > 45);
441 /* If we use timestamp option, account for it */
442 if (tcp_opts_tstamp (&tc->rcv_opts))
443 tc->snd_mss -= TCP_OPTION_LEN_TIMESTAMP;
447 tcp_alloc_tx_buffers (tcp_main_t * tm, u8 thread_index, u16 * n_bufs,
450 vlib_main_t *vm = vlib_get_main ();
453 ASSERT (wanted > *n_bufs);
454 vec_validate_aligned (tm->tx_buffers[thread_index], wanted - 1,
455 CLIB_CACHE_LINE_BYTES);
456 n_alloc = vlib_buffer_alloc (vm, &tm->tx_buffers[thread_index][*n_bufs],
459 _vec_len (tm->tx_buffers[thread_index]) = *n_bufs;
464 tcp_get_free_buffer_index (tcp_main_t * tm, u32 * bidx)
466 u32 thread_index = vlib_get_thread_index ();
467 u16 n_bufs = vec_len (tm->tx_buffers[thread_index]);
469 TCP_DBG_BUFFER_ALLOC_MAYBE_FAIL (thread_index);
471 if (PREDICT_FALSE (!n_bufs))
473 if (!tcp_alloc_tx_buffers (tm, thread_index, &n_bufs, VLIB_FRAME_SIZE))
479 *bidx = tm->tx_buffers[thread_index][--n_bufs];
480 _vec_len (tm->tx_buffers[thread_index]) = n_bufs;
485 tcp_reuse_buffer (vlib_main_t * vm, vlib_buffer_t * b)
487 if (b->flags & VLIB_BUFFER_NEXT_PRESENT)
488 vlib_buffer_free_one (vm, b->next_buffer);
489 /* Zero all flags but free list index and trace flag */
490 b->flags &= VLIB_BUFFER_NEXT_PRESENT - 1;
492 b->current_length = 0;
493 b->total_length_not_including_first_buffer = 0;
494 vnet_buffer (b)->tcp.flags = 0;
496 /* Leave enough space for headers */
497 return vlib_buffer_make_headroom (b, MAX_HDRS_LEN);
501 tcp_init_buffer (vlib_main_t * vm, vlib_buffer_t * b)
503 ASSERT ((b->flags & VLIB_BUFFER_NEXT_PRESENT) == 0);
504 b->flags &= VLIB_BUFFER_NON_DEFAULT_FREELIST;
505 b->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED;
506 b->total_length_not_including_first_buffer = 0;
508 vnet_buffer (b)->tcp.flags = 0;
509 VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b);
510 /* Leave enough space for headers */
511 return vlib_buffer_make_headroom (b, MAX_HDRS_LEN);
518 tcp_make_ack_i (tcp_connection_t * tc, vlib_buffer_t * b, tcp_state_t state,
521 tcp_options_t _snd_opts, *snd_opts = &_snd_opts;
522 u8 tcp_opts_len, tcp_hdr_opts_len;
526 wnd = tcp_window_to_advertise (tc, state);
528 /* Make and write options */
529 tcp_opts_len = tcp_make_established_options (tc, snd_opts);
530 tcp_hdr_opts_len = tcp_opts_len + sizeof (tcp_header_t);
532 th = vlib_buffer_push_tcp (b, tc->c_lcl_port, tc->c_rmt_port, tc->snd_nxt,
533 tc->rcv_nxt, tcp_hdr_opts_len, flags, wnd);
535 tcp_options_write ((u8 *) (th + 1), snd_opts);
536 vnet_buffer (b)->tcp.connection_index = tc->c_c_index;
540 * Convert buffer to ACK
543 tcp_make_ack (tcp_connection_t * tc, vlib_buffer_t * b)
545 vlib_main_t *vm = vlib_get_main ();
547 tcp_reuse_buffer (vm, b);
548 tcp_make_ack_i (tc, b, TCP_STATE_ESTABLISHED, TCP_FLAG_ACK);
549 TCP_EVT_DBG (TCP_EVT_ACK_SENT, tc);
550 vnet_buffer (b)->tcp.flags = TCP_BUF_FLAG_ACK;
551 tc->rcv_las = tc->rcv_nxt;
555 * Convert buffer to FIN-ACK
558 tcp_make_fin (tcp_connection_t * tc, vlib_buffer_t * b)
560 vlib_main_t *vm = vlib_get_main ();
563 tcp_reuse_buffer (vm, b);
565 flags = TCP_FLAG_FIN | TCP_FLAG_ACK;
566 tcp_make_ack_i (tc, b, TCP_STATE_ESTABLISHED, flags);
568 /* Reset flags, make sure ack is sent */
569 vnet_buffer (b)->tcp.flags &= ~TCP_BUF_FLAG_DUPACK;
573 * Convert buffer to SYN
576 tcp_make_syn (tcp_connection_t * tc, vlib_buffer_t * b)
578 u8 tcp_hdr_opts_len, tcp_opts_len;
581 tcp_options_t snd_opts;
583 initial_wnd = tcp_initial_window_to_advertise (tc);
585 /* Make and write options */
586 memset (&snd_opts, 0, sizeof (snd_opts));
587 tcp_opts_len = tcp_make_syn_options (&snd_opts, tc->rcv_wscale);
588 tcp_hdr_opts_len = tcp_opts_len + sizeof (tcp_header_t);
590 th = vlib_buffer_push_tcp (b, tc->c_lcl_port, tc->c_rmt_port, tc->iss,
591 tc->rcv_nxt, tcp_hdr_opts_len, TCP_FLAG_SYN,
593 vnet_buffer (b)->tcp.connection_index = tc->c_c_index;
594 tcp_options_write ((u8 *) (th + 1), &snd_opts);
598 * Convert buffer to SYN-ACK
601 tcp_make_synack (tcp_connection_t * tc, vlib_buffer_t * b)
603 vlib_main_t *vm = vlib_get_main ();
604 tcp_options_t _snd_opts, *snd_opts = &_snd_opts;
605 u8 tcp_opts_len, tcp_hdr_opts_len;
609 memset (snd_opts, 0, sizeof (*snd_opts));
610 tcp_reuse_buffer (vm, b);
612 initial_wnd = tcp_initial_window_to_advertise (tc);
613 tcp_opts_len = tcp_make_synack_options (tc, snd_opts);
614 tcp_hdr_opts_len = tcp_opts_len + sizeof (tcp_header_t);
616 th = vlib_buffer_push_tcp (b, tc->c_lcl_port, tc->c_rmt_port, tc->iss,
617 tc->rcv_nxt, tcp_hdr_opts_len,
618 TCP_FLAG_SYN | TCP_FLAG_ACK, initial_wnd);
619 tcp_options_write ((u8 *) (th + 1), snd_opts);
621 vnet_buffer (b)->tcp.connection_index = tc->c_c_index;
622 vnet_buffer (b)->tcp.flags = TCP_BUF_FLAG_ACK;
624 /* Init retransmit timer. Use update instead of set because of
626 tcp_retransmit_timer_force_update (tc);
627 TCP_EVT_DBG (TCP_EVT_SYNACK_SENT, tc);
631 tcp_enqueue_to_ip_lookup_i (vlib_main_t * vm, vlib_buffer_t * b, u32 bi,
632 u8 is_ip4, u32 fib_index, u8 flush)
634 tcp_main_t *tm = vnet_get_tcp_main ();
635 u32 thread_index = vlib_get_thread_index ();
636 u32 *to_next, next_index;
639 b->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED;
642 vnet_buffer (b)->sw_if_index[VLIB_TX] = fib_index;
643 vnet_buffer (b)->sw_if_index[VLIB_RX] = 0;
645 /* Send to IP lookup */
646 next_index = is_ip4 ? ip4_lookup_node.index : ip6_lookup_node.index;
647 tcp_trajectory_add_start (b, 1);
649 f = tm->ip_lookup_tx_frames[!is_ip4][thread_index];
652 f = vlib_get_frame_to_node (vm, next_index);
654 tm->ip_lookup_tx_frames[!is_ip4][thread_index] = f;
657 to_next = vlib_frame_vector_args (f);
658 to_next[f->n_vectors] = bi;
660 if (flush || f->n_vectors == VLIB_FRAME_SIZE)
662 vlib_put_frame_to_node (vm, next_index, f);
663 tm->ip_lookup_tx_frames[!is_ip4][thread_index] = 0;
668 tcp_enqueue_to_ip_lookup_now (vlib_main_t * vm, vlib_buffer_t * b, u32 bi,
669 u8 is_ip4, u32 fib_index)
671 tcp_enqueue_to_ip_lookup_i (vm, b, bi, is_ip4, fib_index, 1);
675 tcp_enqueue_to_ip_lookup (vlib_main_t * vm, vlib_buffer_t * b, u32 bi,
676 u8 is_ip4, u32 fib_index)
678 tcp_enqueue_to_ip_lookup_i (vm, b, bi, is_ip4, fib_index, 0);
679 if (vm->thread_index == 0 && vlib_num_workers ())
680 session_flush_frames_main_thread (vm);
684 tcp_enqueue_to_output_i (vlib_main_t * vm, vlib_buffer_t * b, u32 bi,
687 tcp_main_t *tm = vnet_get_tcp_main ();
688 u32 thread_index = vlib_get_thread_index ();
689 u32 *to_next, next_index;
692 b->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED;
695 /* Decide where to send the packet */
696 next_index = is_ip4 ? tcp4_output_node.index : tcp6_output_node.index;
697 tcp_trajectory_add_start (b, 2);
699 /* Get frame to v4/6 output node */
700 f = tm->tx_frames[!is_ip4][thread_index];
703 f = vlib_get_frame_to_node (vm, next_index);
705 tm->tx_frames[!is_ip4][thread_index] = f;
707 to_next = vlib_frame_vector_args (f);
708 to_next[f->n_vectors] = bi;
710 if (flush || f->n_vectors == VLIB_FRAME_SIZE)
712 vlib_put_frame_to_node (vm, next_index, f);
713 tm->tx_frames[!is_ip4][thread_index] = 0;
718 tcp_enqueue_to_output (vlib_main_t * vm, vlib_buffer_t * b, u32 bi, u8 is_ip4)
720 tcp_enqueue_to_output_i (vm, b, bi, is_ip4, 0);
724 tcp_enqueue_to_output_now (vlib_main_t * vm, vlib_buffer_t * b, u32 bi,
727 tcp_enqueue_to_output_i (vm, b, bi, is_ip4, 1);
731 tcp_make_reset_in_place (vlib_main_t * vm, vlib_buffer_t * b0,
732 tcp_state_t state, u8 thread_index, u8 is_ip4)
737 ip4_address_t src_ip40, dst_ip40;
738 ip6_address_t src_ip60, dst_ip60;
739 u16 src_port, dst_port;
744 /* Find IP and TCP headers */
745 th0 = tcp_buffer_hdr (b0);
747 /* Save src and dst ip */
750 ih4 = vlib_buffer_get_current (b0);
751 ASSERT ((ih4->ip_version_and_header_length & 0xF0) == 0x40);
752 src_ip40.as_u32 = ih4->src_address.as_u32;
753 dst_ip40.as_u32 = ih4->dst_address.as_u32;
757 ih6 = vlib_buffer_get_current (b0);
758 ASSERT ((ih6->ip_version_traffic_class_and_flow_label & 0xF0) == 0x60);
759 clib_memcpy (&src_ip60, &ih6->src_address, sizeof (ip6_address_t));
760 clib_memcpy (&dst_ip60, &ih6->dst_address, sizeof (ip6_address_t));
763 src_port = th0->src_port;
764 dst_port = th0->dst_port;
766 /* Try to determine what/why we're actually resetting */
767 if (state == TCP_STATE_CLOSED)
772 tmp = clib_net_to_host_u32 (th0->seq_number);
774 /* Got a SYN for no listener. */
775 flags = TCP_FLAG_RST | TCP_FLAG_ACK;
776 ack = clib_host_to_net_u32 (tmp + 1);
781 flags = TCP_FLAG_RST;
782 seq = th0->ack_number;
786 tcp_reuse_buffer (vm, b0);
787 tcp_trajectory_add_start (b0, 4);
788 th0 = vlib_buffer_push_tcp_net_order (b0, dst_port, src_port, seq, ack,
789 sizeof (tcp_header_t), flags, 0);
793 ih4 = vlib_buffer_push_ip4 (vm, b0, &dst_ip40, &src_ip40,
795 th0->checksum = ip4_tcp_udp_compute_checksum (vm, b0, ih4);
800 ih6 = vlib_buffer_push_ip6 (vm, b0, &dst_ip60, &src_ip60,
802 th0->checksum = ip6_tcp_udp_icmp_compute_checksum (vm, b0, ih6, &bogus);
810 * Send reset without reusing existing buffer
812 * It extracts connection info out of original packet
815 tcp_send_reset_w_pkt (tcp_connection_t * tc, vlib_buffer_t * pkt, u8 is_ip4)
818 u32 bi, sw_if_index, fib_index;
819 tcp_main_t *tm = vnet_get_tcp_main ();
820 vlib_main_t *vm = vlib_get_main ();
821 u8 tcp_hdr_len, flags = 0;
822 tcp_header_t *th, *pkt_th;
824 ip4_header_t *ih4, *pkt_ih4;
825 ip6_header_t *ih6, *pkt_ih6;
826 fib_protocol_t fib_proto;
828 if (PREDICT_FALSE (tcp_get_free_buffer_index (tm, &bi)))
831 b = vlib_get_buffer (vm, bi);
832 sw_if_index = vnet_buffer (pkt)->sw_if_index[VLIB_RX];
833 fib_proto = is_ip4 ? FIB_PROTOCOL_IP4 : FIB_PROTOCOL_IP6;
834 fib_index = fib_table_get_index_for_sw_if_index (fib_proto, sw_if_index);
835 tcp_init_buffer (vm, b);
837 /* Make and write options */
838 tcp_hdr_len = sizeof (tcp_header_t);
842 pkt_ih4 = vlib_buffer_get_current (pkt);
843 pkt_th = ip4_next_header (pkt_ih4);
847 pkt_ih6 = vlib_buffer_get_current (pkt);
848 pkt_th = ip6_next_header (pkt_ih6);
851 if (tcp_ack (pkt_th))
853 flags = TCP_FLAG_RST;
854 seq = pkt_th->ack_number;
855 ack = (tc && tc->state >= TCP_STATE_SYN_RCVD) ? tc->rcv_nxt : 0;
859 flags = TCP_FLAG_RST | TCP_FLAG_ACK;
861 ack = clib_host_to_net_u32 (vnet_buffer (pkt)->tcp.seq_end);
864 th = vlib_buffer_push_tcp_net_order (b, pkt_th->dst_port, pkt_th->src_port,
865 seq, ack, tcp_hdr_len, flags, 0);
867 /* Swap src and dst ip */
870 ASSERT ((pkt_ih4->ip_version_and_header_length & 0xF0) == 0x40);
871 ih4 = vlib_buffer_push_ip4 (vm, b, &pkt_ih4->dst_address,
872 &pkt_ih4->src_address, IP_PROTOCOL_TCP, 1);
873 th->checksum = ip4_tcp_udp_compute_checksum (vm, b, ih4);
878 ASSERT ((pkt_ih6->ip_version_traffic_class_and_flow_label & 0xF0) ==
880 ih6 = vlib_buffer_push_ip6 (vm, b, &pkt_ih6->dst_address,
881 &pkt_ih6->src_address, IP_PROTOCOL_TCP);
882 th->checksum = ip6_tcp_udp_icmp_compute_checksum (vm, b, ih6, &bogus);
886 tcp_enqueue_to_ip_lookup_now (vm, b, bi, is_ip4, fib_index);
887 TCP_EVT_DBG (TCP_EVT_RST_SENT, tc);
891 * Build and set reset packet for connection
894 tcp_send_reset (tcp_connection_t * tc)
896 vlib_main_t *vm = vlib_get_main ();
897 tcp_main_t *tm = vnet_get_tcp_main ();
901 u16 tcp_hdr_opts_len, advertise_wnd, opts_write_len;
904 if (PREDICT_FALSE (tcp_get_free_buffer_index (tm, &bi)))
906 b = vlib_get_buffer (vm, bi);
907 tcp_init_buffer (vm, b);
909 tc->snd_opts_len = tcp_make_options (tc, &tc->snd_opts, tc->state);
910 tcp_hdr_opts_len = tc->snd_opts_len + sizeof (tcp_header_t);
911 advertise_wnd = tcp_window_to_advertise (tc, TCP_STATE_ESTABLISHED);
912 flags = TCP_FLAG_RST;
913 th = vlib_buffer_push_tcp (b, tc->c_lcl_port, tc->c_rmt_port, tc->snd_nxt,
914 tc->rcv_nxt, tcp_hdr_opts_len, flags,
916 opts_write_len = tcp_options_write ((u8 *) (th + 1), &tc->snd_opts);
917 ASSERT (opts_write_len == tc->snd_opts_len);
918 vnet_buffer (b)->tcp.connection_index = tc->c_c_index;
922 ih4 = vlib_buffer_push_ip4 (vm, b, &tc->c_lcl_ip.ip4,
923 &tc->c_rmt_ip.ip4, IP_PROTOCOL_TCP, 0);
924 th->checksum = ip4_tcp_udp_compute_checksum (vm, b, ih4);
930 ih6 = vlib_buffer_push_ip6 (vm, b, &tc->c_lcl_ip.ip6,
931 &tc->c_rmt_ip.ip6, IP_PROTOCOL_TCP);
932 th->checksum = ip6_tcp_udp_icmp_compute_checksum (vm, b, ih6, &bogus);
935 tcp_enqueue_to_ip_lookup_now (vm, b, bi, tc->c_is_ip4, tc->c_fib_index);
936 TCP_EVT_DBG (TCP_EVT_RST_SENT, tc);
940 tcp_push_ip_hdr (tcp_main_t * tm, tcp_connection_t * tc, vlib_buffer_t * b)
942 tcp_header_t *th = vlib_buffer_get_current (b);
943 vlib_main_t *vm = vlib_get_main ();
947 ih = vlib_buffer_push_ip4 (vm, b, &tc->c_lcl_ip4,
948 &tc->c_rmt_ip4, IP_PROTOCOL_TCP, 1);
949 th->checksum = ip4_tcp_udp_compute_checksum (vm, b, ih);
956 ih = vlib_buffer_push_ip6 (vm, b, &tc->c_lcl_ip6,
957 &tc->c_rmt_ip6, IP_PROTOCOL_TCP);
958 th->checksum = ip6_tcp_udp_icmp_compute_checksum (vm, b, ih, &bogus);
966 * Builds a SYN packet for a half-open connection and sends it to ipx_lookup.
967 * The packet is not forwarded through tcpx_output to avoid doing lookups
968 * in the half_open pool.
971 tcp_send_syn (tcp_connection_t * tc)
975 tcp_main_t *tm = vnet_get_tcp_main ();
976 vlib_main_t *vm = vlib_get_main ();
979 * Setup retransmit and establish timers before requesting buffer
980 * such that we can return if we've ran out.
982 tcp_timer_set (tc, TCP_TIMER_ESTABLISH, TCP_ESTABLISH_TIME);
983 tcp_timer_update (tc, TCP_TIMER_RETRANSMIT_SYN,
984 tc->rto * TCP_TO_TIMER_TICK);
986 if (PREDICT_FALSE (tcp_get_free_buffer_index (tm, &bi)))
989 b = vlib_get_buffer (vm, bi);
990 tcp_init_buffer (vm, b);
991 tcp_make_syn (tc, b);
993 /* Measure RTT with this */
994 tc->rtt_ts = tcp_time_now ();
995 tc->rtt_seq = tc->snd_nxt;
998 tcp_push_ip_hdr (tm, tc, b);
999 tcp_enqueue_to_ip_lookup (vm, b, bi, tc->c_is_ip4, tc->c_fib_index);
1000 TCP_EVT_DBG (TCP_EVT_SYN_SENT, tc);
1004 * Flush tx frame populated by retransmits and timer pops
1007 tcp_flush_frame_to_output (vlib_main_t * vm, u8 thread_index, u8 is_ip4)
1009 if (tcp_main.tx_frames[!is_ip4][thread_index])
1012 next_index = is_ip4 ? tcp4_output_node.index : tcp6_output_node.index;
1013 vlib_put_frame_to_node (vm, next_index,
1014 tcp_main.tx_frames[!is_ip4][thread_index]);
1015 tcp_main.tx_frames[!is_ip4][thread_index] = 0;
1020 * Flush ip lookup tx frames populated by timer pops
1023 tcp_flush_frame_to_ip_lookup (vlib_main_t * vm, u8 thread_index, u8 is_ip4)
1025 if (tcp_main.ip_lookup_tx_frames[!is_ip4][thread_index])
1028 next_index = is_ip4 ? ip4_lookup_node.index : ip6_lookup_node.index;
1029 vlib_put_frame_to_node (vm, next_index,
1030 tcp_main.ip_lookup_tx_frames[!is_ip4]
1032 tcp_main.ip_lookup_tx_frames[!is_ip4][thread_index] = 0;
1037 * Flush v4 and v6 tcp and ip-lookup tx frames for thread index
1040 tcp_flush_frames_to_output (u8 thread_index)
1042 vlib_main_t *vm = vlib_get_main ();
1043 tcp_flush_frame_to_output (vm, thread_index, 1);
1044 tcp_flush_frame_to_output (vm, thread_index, 0);
1045 tcp_flush_frame_to_ip_lookup (vm, thread_index, 1);
1046 tcp_flush_frame_to_ip_lookup (vm, thread_index, 0);
1053 tcp_send_fin (tcp_connection_t * tc)
1055 tcp_main_t *tm = vnet_get_tcp_main ();
1056 vlib_main_t *vm = vlib_get_main ();
1061 tcp_retransmit_timer_force_update (tc);
1062 if (PREDICT_FALSE (tcp_get_free_buffer_index (tm, &bi)))
1064 b = vlib_get_buffer (vm, bi);
1065 tcp_init_buffer (vm, b);
1066 fin_snt = tc->flags & TCP_CONN_FINSNT;
1068 tc->snd_nxt = tc->snd_una;
1069 tcp_make_fin (tc, b);
1070 tcp_enqueue_to_output_now (vm, b, bi, tc->c_is_ip4);
1073 tc->flags |= TCP_CONN_FINSNT;
1074 tc->flags &= ~TCP_CONN_FINPNDG;
1075 /* Account for the FIN */
1076 tc->snd_una_max += 1;
1077 tc->snd_nxt = tc->snd_una_max;
1081 tc->snd_nxt = tc->snd_una_max;
1083 TCP_EVT_DBG (TCP_EVT_FIN_SENT, tc);
1087 tcp_make_state_flags (tcp_connection_t * tc, tcp_state_t next_state)
1091 case TCP_STATE_ESTABLISHED:
1092 return TCP_FLAG_ACK;
1093 case TCP_STATE_SYN_RCVD:
1094 return TCP_FLAG_SYN | TCP_FLAG_ACK;
1095 case TCP_STATE_SYN_SENT:
1096 return TCP_FLAG_SYN;
1097 case TCP_STATE_LAST_ACK:
1098 case TCP_STATE_FIN_WAIT_1:
1099 if (tc->snd_nxt + 1 < tc->snd_una_max)
1100 return TCP_FLAG_ACK;
1102 return TCP_FLAG_FIN;
1104 clib_warning ("Shouldn't be here!");
1110 * Push TCP header and update connection variables
1113 tcp_push_hdr_i (tcp_connection_t * tc, vlib_buffer_t * b,
1114 tcp_state_t next_state, u8 compute_opts)
1116 u32 advertise_wnd, data_len;
1117 u8 tcp_hdr_opts_len, opts_write_len, flags;
1120 data_len = b->current_length + b->total_length_not_including_first_buffer;
1121 ASSERT (!b->total_length_not_including_first_buffer
1122 || (b->flags & VLIB_BUFFER_NEXT_PRESENT));
1123 vnet_buffer (b)->tcp.flags = 0;
1126 tc->snd_opts_len = tcp_make_options (tc, &tc->snd_opts, tc->state);
1128 tcp_hdr_opts_len = tc->snd_opts_len + sizeof (tcp_header_t);
1129 advertise_wnd = tcp_window_to_advertise (tc, next_state);
1130 flags = tcp_make_state_flags (tc, next_state);
1132 /* Push header and options */
1133 th = vlib_buffer_push_tcp (b, tc->c_lcl_port, tc->c_rmt_port, tc->snd_nxt,
1134 tc->rcv_nxt, tcp_hdr_opts_len, flags,
1136 opts_write_len = tcp_options_write ((u8 *) (th + 1), &tc->snd_opts);
1138 ASSERT (opts_write_len == tc->snd_opts_len);
1139 vnet_buffer (b)->tcp.connection_index = tc->c_c_index;
1142 * Update connection variables
1145 tc->snd_nxt += data_len;
1146 tc->rcv_las = tc->rcv_nxt;
1148 /* TODO this is updated in output as well ... */
1149 if (seq_gt (tc->snd_nxt, tc->snd_una_max))
1151 tc->snd_una_max = tc->snd_nxt;
1152 tcp_validate_txf_size (tc, tc->snd_una_max - tc->snd_una);
1155 TCP_EVT_DBG (TCP_EVT_PKTIZE, tc);
1159 tcp_send_ack (tcp_connection_t * tc)
1161 tcp_main_t *tm = vnet_get_tcp_main ();
1162 vlib_main_t *vm = vlib_get_main ();
1168 if (PREDICT_FALSE (tcp_get_free_buffer_index (tm, &bi)))
1170 b = vlib_get_buffer (vm, bi);
1171 tcp_init_buffer (vm, b);
1173 /* Fill in the ACK */
1174 tcp_make_ack (tc, b);
1175 tcp_enqueue_to_output (vm, b, bi, tc->c_is_ip4);
1179 * Delayed ack timer handler
1181 * Sends delayed ACK when timer expires
1184 tcp_timer_delack_handler (u32 index)
1186 u32 thread_index = vlib_get_thread_index ();
1187 tcp_connection_t *tc;
1189 tc = tcp_connection_get (index, thread_index);
1190 tc->timers[TCP_TIMER_DELACK] = TCP_TIMER_HANDLE_INVALID;
1195 * Build a retransmit segment
1197 * @return the number of bytes in the segment or 0 if there's nothing to
1201 tcp_prepare_retransmit_segment (tcp_connection_t * tc, u32 offset,
1202 u32 max_deq_bytes, vlib_buffer_t ** b)
1204 tcp_main_t *tm = vnet_get_tcp_main ();
1205 vlib_main_t *vm = vlib_get_main ();
1207 u32 start, bi, available_bytes, seg_size;
1210 ASSERT (tc->state >= TCP_STATE_ESTABLISHED);
1211 ASSERT (max_deq_bytes != 0);
1214 * Make sure we can retransmit something
1216 available_bytes = stream_session_tx_fifo_max_dequeue (&tc->connection);
1217 ASSERT (available_bytes >= offset);
1218 available_bytes -= offset;
1219 if (!available_bytes)
1221 max_deq_bytes = clib_min (tc->snd_mss, max_deq_bytes);
1222 max_deq_bytes = clib_min (available_bytes, max_deq_bytes);
1224 /* Start is beyond snd_congestion */
1225 start = tc->snd_una + offset;
1226 if (seq_geq (start, tc->snd_congestion))
1229 /* Don't overshoot snd_congestion */
1230 if (seq_gt (start + max_deq_bytes, tc->snd_congestion))
1232 max_deq_bytes = tc->snd_congestion - start;
1233 if (max_deq_bytes == 0)
1237 seg_size = max_deq_bytes + MAX_HDRS_LEN;
1242 tc->snd_opts_len = tcp_make_options (tc, &tc->snd_opts, tc->state);
1245 * Allocate and fill in buffer(s)
1248 /* Easy case, buffer size greater than mss */
1249 if (PREDICT_TRUE (seg_size <= tm->bytes_per_buffer))
1251 if (PREDICT_FALSE (tcp_get_free_buffer_index (tm, &bi)))
1253 *b = vlib_get_buffer (vm, bi);
1254 data = tcp_init_buffer (vm, *b);
1255 n_bytes = stream_session_peek_bytes (&tc->connection, data, offset,
1257 ASSERT (n_bytes == max_deq_bytes);
1258 b[0]->current_length = n_bytes;
1259 tcp_push_hdr_i (tc, *b, tc->state, 0);
1261 /* Split mss into multiple buffers */
1264 u32 chain_bi = ~0, n_bufs_per_seg;
1265 u32 thread_index = vlib_get_thread_index ();
1266 u16 n_peeked, len_to_deq, available_bufs;
1267 vlib_buffer_t *chain_b, *prev_b;
1270 /* Make sure we have enough buffers */
1271 n_bufs_per_seg = ceil ((double) seg_size / tm->bytes_per_buffer);
1272 available_bufs = vec_len (tm->tx_buffers[thread_index]);
1273 if (n_bufs_per_seg > available_bufs)
1275 tcp_alloc_tx_buffers (tm, thread_index, &available_bufs,
1278 if (n_bufs_per_seg > available_bufs)
1285 tcp_get_free_buffer_index (tm, &bi);
1286 ASSERT (bi != (u32) ~ 0);
1287 *b = vlib_get_buffer (vm, bi);
1288 data = tcp_init_buffer (vm, *b);
1289 n_bytes = stream_session_peek_bytes (&tc->connection, data, offset,
1290 tm->bytes_per_buffer -
1292 b[0]->current_length = n_bytes;
1293 b[0]->flags |= VLIB_BUFFER_TOTAL_LENGTH_VALID;
1294 b[0]->total_length_not_including_first_buffer = 0;
1295 max_deq_bytes -= n_bytes;
1298 for (i = 1; i < n_bufs_per_seg; i++)
1301 len_to_deq = clib_min (max_deq_bytes, tm->bytes_per_buffer);
1302 tcp_get_free_buffer_index (tm, &chain_bi);
1303 ASSERT (chain_bi != (u32) ~ 0);
1304 chain_b = vlib_get_buffer (vm, chain_bi);
1305 chain_b->current_data = 0;
1306 data = vlib_buffer_get_current (chain_b);
1307 n_peeked = stream_session_peek_bytes (&tc->connection, data,
1308 offset + n_bytes, len_to_deq);
1309 ASSERT (n_peeked == len_to_deq);
1310 n_bytes += n_peeked;
1311 chain_b->current_length = n_peeked;
1312 chain_b->next_buffer = 0;
1314 /* update previous buffer */
1315 prev_b->next_buffer = chain_bi;
1316 prev_b->flags |= VLIB_BUFFER_NEXT_PRESENT;
1318 max_deq_bytes -= n_peeked;
1319 b[0]->total_length_not_including_first_buffer += n_peeked;
1322 tcp_push_hdr_i (tc, *b, tc->state, 0);
1325 ASSERT (n_bytes > 0);
1326 ASSERT (((*b)->current_data + (*b)->current_length) <=
1327 tm->bytes_per_buffer);
1329 if (tcp_in_fastrecovery (tc))
1330 tc->snd_rxt_bytes += n_bytes;
1333 TCP_EVT_DBG (TCP_EVT_CC_RTX, tc, offset, n_bytes);
1338 * Reset congestion control, switch cwnd to loss window and try again.
1341 tcp_rxt_timeout_cc (tcp_connection_t * tc)
1343 TCP_EVT_DBG (TCP_EVT_CC_EVT, tc, 6);
1344 tc->prev_ssthresh = tc->ssthresh;
1345 tc->prev_cwnd = tc->cwnd;
1347 /* Cleanly recover cc (also clears up fast retransmit) */
1348 if (tcp_in_fastrecovery (tc))
1349 tcp_cc_fastrecovery_exit (tc);
1351 /* Start again from the beginning */
1352 tc->cc_algo->congestion (tc);
1353 tc->cwnd = tcp_loss_wnd (tc);
1354 tc->snd_congestion = tc->snd_una_max;
1356 tc->cwnd_acc_bytes = 0;
1358 tcp_recovery_on (tc);
1362 tcp_timer_retransmit_handler_i (u32 index, u8 is_syn)
1364 tcp_main_t *tm = vnet_get_tcp_main ();
1365 vlib_main_t *vm = vlib_get_main ();
1366 u32 thread_index = vlib_get_thread_index ();
1367 tcp_connection_t *tc;
1368 vlib_buffer_t *b = 0;
1373 tc = tcp_half_open_connection_get (index);
1374 /* Note: the connection may have transitioned to ESTABLISHED... */
1375 if (PREDICT_FALSE (tc == 0))
1377 tc->timers[TCP_TIMER_RETRANSMIT_SYN] = TCP_TIMER_HANDLE_INVALID;
1381 tc = tcp_connection_get (index, thread_index);
1382 /* Note: the connection may have been closed and pool_put */
1383 if (PREDICT_FALSE (tc == 0))
1385 tc->timers[TCP_TIMER_RETRANSMIT] = TCP_TIMER_HANDLE_INVALID;
1388 TCP_EVT_DBG (TCP_EVT_CC_EVT, tc, 1);
1390 if (tc->state >= TCP_STATE_ESTABLISHED)
1392 /* Lost FIN, retransmit and return */
1393 if (tcp_is_lost_fin (tc))
1397 tc->rto = clib_min (tc->rto << 1, TCP_RTO_MAX);
1401 /* Shouldn't be here */
1402 if ((tc->rto_boff == 0 && tc->snd_una == tc->snd_una_max)
1403 || (tc->rto_boff > 0 && seq_geq (tc->snd_una, tc->snd_congestion)))
1405 tcp_recovery_off (tc);
1409 /* We're not in recovery so make sure rto_boff is 0 */
1410 if (!tcp_in_recovery (tc) && tc->rto_boff > 0)
1413 tcp_update_rto (tc);
1416 /* Increment RTO backoff (also equal to number of retries) and go back
1417 * to first un-acked byte */
1420 /* First retransmit timeout */
1421 if (tc->rto_boff == 1)
1422 tcp_rxt_timeout_cc (tc);
1424 tc->snd_una_max = tc->snd_nxt = tc->snd_una;
1425 tc->rto = clib_min (tc->rto << 1, TCP_RTO_MAX);
1427 /* Send one segment. Note that n_bytes may be zero due to buffer shortfall */
1428 n_bytes = tcp_prepare_retransmit_segment (tc, 0, tc->snd_mss, &b);
1430 /* TODO be less aggressive about this */
1431 scoreboard_clear (&tc->sack_sb);
1435 tcp_retransmit_timer_set (tc);
1439 bi = vlib_get_buffer_index (vm, b);
1441 /* For first retransmit, record timestamp (Eifel detection RFC3522) */
1442 if (tc->rto_boff == 1)
1443 tc->snd_rxt_ts = tcp_time_now ();
1445 tcp_enqueue_to_output (vm, b, bi, tc->c_is_ip4);
1446 tcp_retransmit_timer_update (tc);
1448 /* Retransmit for SYN */
1449 else if (tc->state == TCP_STATE_SYN_SENT)
1451 /* Half-open connection actually moved to established but we were
1452 * waiting for syn retransmit to pop to call cleanup from the right
1454 if (tc->flags & TCP_CONN_HALF_OPEN_DONE)
1456 if (tcp_half_open_connection_cleanup (tc))
1458 clib_warning ("could not remove half-open connection");
1464 /* Try without increasing RTO a number of times. If this fails,
1465 * start growing RTO exponentially */
1467 if (tc->rto_boff > TCP_RTO_SYN_RETRIES)
1468 tc->rto = clib_min (tc->rto << 1, TCP_RTO_MAX);
1470 tcp_timer_update (tc, TCP_TIMER_RETRANSMIT_SYN,
1471 tc->rto * TCP_TO_TIMER_TICK);
1473 if (PREDICT_FALSE (tcp_get_free_buffer_index (tm, &bi)))
1476 b = vlib_get_buffer (vm, bi);
1477 tcp_init_buffer (vm, b);
1478 tcp_make_syn (tc, b);
1481 TCP_EVT_DBG (TCP_EVT_SYN_RXT, tc, 0);
1483 /* This goes straight to ipx_lookup. Retransmit timer set already */
1484 tcp_push_ip_hdr (tm, tc, b);
1485 tcp_enqueue_to_ip_lookup (vm, b, bi, tc->c_is_ip4, tc->c_fib_index);
1487 /* Retransmit SYN-ACK */
1488 else if (tc->state == TCP_STATE_SYN_RCVD)
1491 if (tc->rto_boff > TCP_RTO_SYN_RETRIES)
1492 tc->rto = clib_min (tc->rto << 1, TCP_RTO_MAX);
1495 if (PREDICT_FALSE (tcp_get_free_buffer_index (tm, &bi)))
1497 tcp_retransmit_timer_force_update (tc);
1501 b = vlib_get_buffer (vm, bi);
1502 tcp_init_buffer (vm, b);
1503 tcp_make_synack (tc, b);
1504 TCP_EVT_DBG (TCP_EVT_SYN_RXT, tc, 1);
1506 /* Retransmit timer already updated, just enqueue to output */
1507 tcp_enqueue_to_output (vm, b, bi, tc->c_is_ip4);
1511 ASSERT (tc->state == TCP_STATE_CLOSED);
1517 tcp_timer_retransmit_handler (u32 index)
1519 tcp_timer_retransmit_handler_i (index, 0);
1523 tcp_timer_retransmit_syn_handler (u32 index)
1525 tcp_timer_retransmit_handler_i (index, 1);
1529 * Got 0 snd_wnd from peer, try to do something about it.
1533 tcp_timer_persist_handler (u32 index)
1535 tcp_main_t *tm = vnet_get_tcp_main ();
1536 vlib_main_t *vm = vlib_get_main ();
1537 u32 thread_index = vlib_get_thread_index ();
1538 tcp_connection_t *tc;
1540 u32 bi, max_snd_bytes, available_bytes, offset;
1544 tc = tcp_connection_get_if_valid (index, thread_index);
1549 /* Make sure timer handle is set to invalid */
1550 tc->timers[TCP_TIMER_PERSIST] = TCP_TIMER_HANDLE_INVALID;
1552 /* Problem already solved or worse */
1553 if (tc->state == TCP_STATE_CLOSED || tc->state > TCP_STATE_ESTABLISHED
1554 || tc->snd_wnd > tc->snd_mss || tcp_in_recovery (tc))
1557 available_bytes = stream_session_tx_fifo_max_dequeue (&tc->connection);
1558 offset = tc->snd_una_max - tc->snd_una;
1560 /* Reprogram persist if no new bytes available to send. We may have data
1562 if (!available_bytes)
1564 tcp_persist_timer_set (tc);
1568 if (available_bytes <= offset)
1570 ASSERT (tcp_timer_is_active (tc, TCP_TIMER_RETRANSMIT));
1574 /* Increment RTO backoff */
1576 tc->rto = clib_min (tc->rto << 1, TCP_RTO_MAX);
1579 * Try to force the first unsent segment (or buffer)
1581 if (PREDICT_FALSE (tcp_get_free_buffer_index (tm, &bi)))
1583 b = vlib_get_buffer (vm, bi);
1584 data = tcp_init_buffer (vm, b);
1586 tcp_validate_txf_size (tc, offset);
1587 tc->snd_opts_len = tcp_make_options (tc, &tc->snd_opts, tc->state);
1588 max_snd_bytes = clib_min (tc->snd_mss, tm->bytes_per_buffer - MAX_HDRS_LEN);
1589 n_bytes = stream_session_peek_bytes (&tc->connection, data, offset,
1591 b->current_length = n_bytes;
1592 ASSERT (n_bytes != 0 && (tcp_timer_is_active (tc, TCP_TIMER_RETRANSMIT)
1593 || tc->snd_nxt == tc->snd_una_max
1594 || tc->rto_boff > 1));
1596 tcp_push_hdr_i (tc, b, tc->state, 0);
1597 tcp_enqueue_to_output (vm, b, bi, tc->c_is_ip4);
1599 /* Just sent new data, enable retransmit */
1600 tcp_retransmit_timer_update (tc);
1604 * Retransmit first unacked segment
1607 tcp_retransmit_first_unacked (tcp_connection_t * tc)
1609 vlib_main_t *vm = vlib_get_main ();
1611 u32 bi, old_snd_nxt, n_bytes;
1613 old_snd_nxt = tc->snd_nxt;
1614 tc->snd_nxt = tc->snd_una;
1616 TCP_EVT_DBG (TCP_EVT_CC_EVT, tc, 2);
1617 n_bytes = tcp_prepare_retransmit_segment (tc, 0, tc->snd_mss, &b);
1620 bi = vlib_get_buffer_index (vm, b);
1621 tcp_enqueue_to_output (vm, b, bi, tc->c_is_ip4);
1623 tc->snd_nxt = old_snd_nxt;
1627 * Do fast retransmit with SACKs
1630 tcp_fast_retransmit_sack (tcp_connection_t * tc)
1632 vlib_main_t *vm = vlib_get_main ();
1633 u32 n_written = 0, offset, max_bytes, n_segs = 0;
1634 vlib_buffer_t *b = 0;
1635 sack_scoreboard_hole_t *hole;
1636 sack_scoreboard_t *sb;
1637 u32 bi, old_snd_nxt;
1639 u8 snd_limited = 0, can_rescue = 0;
1641 ASSERT (tcp_in_fastrecovery (tc));
1643 old_snd_nxt = tc->snd_nxt;
1645 snd_space = tcp_available_cc_snd_space (tc);
1647 if (snd_space < tc->snd_mss)
1650 TCP_EVT_DBG (TCP_EVT_CC_EVT, tc, 0);
1651 hole = scoreboard_get_hole (sb, sb->cur_rxt_hole);
1652 while (hole && snd_space > 0 && n_segs++ < VLIB_FRAME_SIZE)
1654 hole = scoreboard_next_rxt_hole (sb, hole,
1655 tcp_fastrecovery_sent_1_smss (tc),
1656 &can_rescue, &snd_limited);
1659 if (!can_rescue || !(seq_lt (sb->rescue_rxt, tc->snd_una)
1660 || seq_gt (sb->rescue_rxt,
1661 tc->snd_congestion)))
1664 /* If rescue rxt undefined or less than snd_una then one segment of
1665 * up to SMSS octets that MUST include the highest outstanding
1666 * unSACKed sequence number SHOULD be returned, and RescueRxt set to
1667 * RecoveryPoint. HighRxt MUST NOT be updated.
1669 max_bytes = clib_min (tc->snd_mss,
1670 tc->snd_congestion - tc->snd_una);
1671 max_bytes = clib_min (max_bytes, snd_space);
1672 offset = tc->snd_congestion - tc->snd_una - max_bytes;
1673 sb->rescue_rxt = tc->snd_congestion;
1674 tc->snd_nxt = tc->snd_una + offset;
1675 n_written = tcp_prepare_retransmit_segment (tc, offset, max_bytes,
1680 bi = vlib_get_buffer_index (vm, b);
1681 tcp_enqueue_to_output (vm, b, bi, tc->c_is_ip4);
1685 max_bytes = clib_min (hole->end - sb->high_rxt, snd_space);
1686 max_bytes = snd_limited ? clib_min (max_bytes, tc->snd_mss) : max_bytes;
1689 offset = sb->high_rxt - tc->snd_una;
1690 tc->snd_nxt = sb->high_rxt;
1691 n_written = tcp_prepare_retransmit_segment (tc, offset, max_bytes, &b);
1693 /* Nothing left to retransmit */
1697 bi = vlib_get_buffer_index (vm, b);
1698 sb->high_rxt += n_written;
1699 tcp_enqueue_to_output (vm, b, bi, tc->c_is_ip4);
1700 ASSERT (n_written <= snd_space);
1701 snd_space -= n_written;
1705 /* If window allows, send 1 SMSS of new data */
1706 tc->snd_nxt = old_snd_nxt;
1710 * Fast retransmit without SACK info
1713 tcp_fast_retransmit_no_sack (tcp_connection_t * tc)
1715 vlib_main_t *vm = vlib_get_main ();
1716 u32 n_written = 0, offset = 0, bi, old_snd_nxt;
1720 ASSERT (tcp_in_fastrecovery (tc));
1721 TCP_EVT_DBG (TCP_EVT_CC_EVT, tc, 0);
1723 /* Start resending from first un-acked segment */
1724 old_snd_nxt = tc->snd_nxt;
1725 tc->snd_nxt = tc->snd_una;
1726 snd_space = tcp_available_cc_snd_space (tc);
1728 while (snd_space > 0)
1730 offset += n_written;
1731 n_written = tcp_prepare_retransmit_segment (tc, offset, snd_space, &b);
1733 /* Nothing left to retransmit */
1737 bi = vlib_get_buffer_index (vm, b);
1738 tcp_enqueue_to_output (vm, b, bi, tc->c_is_ip4);
1739 snd_space -= n_written;
1742 /* Restore snd_nxt. If window allows, send 1 SMSS of new data */
1743 tc->snd_nxt = old_snd_nxt;
1747 * Do fast retransmit
1750 tcp_fast_retransmit (tcp_connection_t * tc)
1752 if (tcp_opts_sack_permitted (&tc->rcv_opts))
1753 tcp_fast_retransmit_sack (tc);
1755 tcp_fast_retransmit_no_sack (tc);
1759 tcp_session_has_ooo_data (tcp_connection_t * tc)
1761 stream_session_t *s = session_get (tc->c_s_index, tc->c_thread_index);
1762 return svm_fifo_has_ooo_data (s->server_rx_fifo);
1766 tcp_output_handle_link_local (tcp_connection_t * tc0, vlib_buffer_t * b0,
1767 u32 * next0, u32 * error0)
1769 ip_adjacency_t *adj;
1772 /* Not thread safe but as long as the connection exists the adj should
1774 ai = adj_nbr_find (FIB_PROTOCOL_IP6, VNET_LINK_IP6, &tc0->c_rmt_ip,
1776 if (ai == ADJ_INDEX_INVALID)
1778 vnet_buffer (b0)->sw_if_index[VLIB_TX] = ~0;
1779 *next0 = TCP_OUTPUT_NEXT_DROP;
1780 *error0 = TCP_ERROR_LINK_LOCAL_RW;
1785 if (PREDICT_TRUE (adj->lookup_next_index == IP_LOOKUP_NEXT_REWRITE))
1786 *next0 = TCP_OUTPUT_NEXT_IP_REWRITE;
1787 else if (adj->lookup_next_index == IP_LOOKUP_NEXT_ARP)
1788 *next0 = TCP_OUTPUT_NEXT_IP_ARP;
1791 *next0 = TCP_OUTPUT_NEXT_DROP;
1792 *error0 = TCP_ERROR_LINK_LOCAL_RW;
1794 vnet_buffer (b0)->ip.adj_index[VLIB_TX] = ai;
1798 tcp46_output_inline (vlib_main_t * vm,
1799 vlib_node_runtime_t * node,
1800 vlib_frame_t * from_frame, int is_ip4)
1802 u32 n_left_from, next_index, *from, *to_next;
1803 u32 my_thread_index = vm->thread_index;
1805 from = vlib_frame_vector_args (from_frame);
1806 n_left_from = from_frame->n_vectors;
1807 next_index = node->cached_next_index;
1808 tcp_set_time_now (my_thread_index);
1810 while (n_left_from > 0)
1814 vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
1816 while (n_left_from > 0 && n_left_to_next > 0)
1820 tcp_connection_t *tc0;
1822 tcp_header_t *th0 = 0;
1823 u32 error0 = TCP_ERROR_PKTS_SENT, next0 = TCP_OUTPUT_NEXT_IP_LOOKUP;
1825 if (n_left_from > 1)
1828 pb = vlib_get_buffer (vm, from[1]);
1829 vlib_prefetch_buffer_header (pb, STORE);
1830 CLIB_PREFETCH (pb->data, 2 * CLIB_CACHE_LINE_BYTES, STORE);
1838 n_left_to_next -= 1;
1840 b0 = vlib_get_buffer (vm, bi0);
1841 tc0 = tcp_connection_get (vnet_buffer (b0)->tcp.connection_index,
1843 if (PREDICT_FALSE (tc0 == 0 || tc0->state == TCP_STATE_CLOSED))
1845 error0 = TCP_ERROR_INVALID_CONNECTION;
1846 next0 = TCP_OUTPUT_NEXT_DROP;
1850 th0 = vlib_buffer_get_current (b0);
1851 TCP_EVT_DBG (TCP_EVT_OUTPUT, tc0, th0->flags, b0->current_length);
1852 vnet_buffer (b0)->sw_if_index[VLIB_TX] = tc0->c_fib_index;
1853 vnet_buffer (b0)->sw_if_index[VLIB_RX] = 0;
1857 vlib_buffer_push_ip4 (vm, b0, &tc0->c_lcl_ip4, &tc0->c_rmt_ip4,
1858 IP_PROTOCOL_TCP, 1);
1859 b0->flags |= VNET_BUFFER_F_OFFLOAD_TCP_CKSUM;
1860 vnet_buffer (b0)->l4_hdr_offset = (u8 *) th0 - b0->data;
1866 ih0 = vlib_buffer_push_ip6 (vm, b0, &tc0->c_lcl_ip6,
1867 &tc0->c_rmt_ip6, IP_PROTOCOL_TCP);
1868 b0->flags |= VNET_BUFFER_F_OFFLOAD_TCP_CKSUM;
1869 vnet_buffer (b0)->l3_hdr_offset = (u8 *) ih0 - b0->data;
1870 vnet_buffer (b0)->l4_hdr_offset = (u8 *) th0 - b0->data;
1874 (ip6_address_is_link_local_unicast (&tc0->c_rmt_ip6)))
1875 tcp_output_handle_link_local (tc0, b0, &next0, &error0);
1878 /* Filter out DUPACKs if there are no OOO segments left */
1880 (vnet_buffer (b0)->tcp.flags & TCP_BUF_FLAG_DUPACK))
1882 /* N.B. Should not filter burst of dupacks. Two issues:
1883 * 1) dupacks open cwnd on remote peer when congested
1884 * 2) acks leaving should have the latest rcv_wnd since the
1885 * burst may have eaten up all of it, so only the old ones
1886 * could be filtered.
1888 if (!tcp_session_has_ooo_data (tc0))
1890 error0 = TCP_ERROR_FILTERED_DUPACKS;
1891 next0 = TCP_OUTPUT_NEXT_DROP;
1896 /* Stop DELACK timer and fix flags */
1897 tc0->flags &= ~(TCP_CONN_SNDACK);
1898 tcp_timer_reset (tc0, TCP_TIMER_DELACK);
1900 /* If not retransmitting
1901 * 1) update snd_una_max (SYN, SYNACK, FIN)
1902 * 2) If we're not tracking an ACK, start tracking */
1903 if (seq_lt (tc0->snd_una_max, tc0->snd_nxt))
1905 tc0->snd_una_max = tc0->snd_nxt;
1906 if (tc0->rtt_ts == 0)
1908 tc0->rtt_ts = tcp_time_now ();
1909 tc0->rtt_seq = tc0->snd_nxt;
1913 /* Set the retransmit timer if not set already and not
1914 * doing a pure ACK */
1915 if (!tcp_timer_is_active (tc0, TCP_TIMER_RETRANSMIT)
1916 && tc0->snd_nxt != tc0->snd_una)
1918 tcp_retransmit_timer_set (tc0);
1923 /* Make sure we haven't lost route to our peer */
1924 if (PREDICT_FALSE (tc0->last_fib_check
1925 < tc0->snd_opts.tsval + TCP_FIB_RECHECK_PERIOD))
1928 (tc0->c_rmt_fei == tcp_lookup_rmt_in_fib (tc0)))
1930 tc0->last_fib_check = tc0->snd_opts.tsval;
1934 clib_warning ("lost connection to peer");
1935 tcp_connection_reset (tc0);
1940 /* Use pre-computed dpo to set next node */
1941 next0 = tc0->c_rmt_dpo.dpoi_next_node;
1942 vnet_buffer (b0)->ip.adj_index[VLIB_TX] = tc0->c_rmt_dpo.dpoi_index;
1946 b0->error = node->errors[error0];
1947 if (PREDICT_FALSE (b0->flags & VLIB_BUFFER_IS_TRACED))
1949 t0 = vlib_add_trace (vm, node, b0, sizeof (*t0));
1952 clib_memcpy (&t0->tcp_header, th0, sizeof (t0->tcp_header));
1956 memset (&t0->tcp_header, 0, sizeof (t0->tcp_header));
1958 clib_memcpy (&t0->tcp_connection, tc0,
1959 sizeof (t0->tcp_connection));
1962 vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
1963 n_left_to_next, bi0, next0);
1966 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
1969 return from_frame->n_vectors;
1973 tcp4_output (vlib_main_t * vm, vlib_node_runtime_t * node,
1974 vlib_frame_t * from_frame)
1976 return tcp46_output_inline (vm, node, from_frame, 1 /* is_ip4 */ );
1980 tcp6_output (vlib_main_t * vm, vlib_node_runtime_t * node,
1981 vlib_frame_t * from_frame)
1983 return tcp46_output_inline (vm, node, from_frame, 0 /* is_ip4 */ );
1987 VLIB_REGISTER_NODE (tcp4_output_node) =
1989 .function = tcp4_output,.name = "tcp4-output",
1990 /* Takes a vector of packets. */
1991 .vector_size = sizeof (u32),
1992 .n_errors = TCP_N_ERROR,
1993 .error_strings = tcp_error_strings,
1994 .n_next_nodes = TCP_OUTPUT_N_NEXT,
1996 #define _(s,n) [TCP_OUTPUT_NEXT_##s] = n,
1997 foreach_tcp4_output_next
2000 .format_buffer = format_tcp_header,
2001 .format_trace = format_tcp_tx_trace,
2005 VLIB_NODE_FUNCTION_MULTIARCH (tcp4_output_node, tcp4_output);
2008 VLIB_REGISTER_NODE (tcp6_output_node) =
2010 .function = tcp6_output,
2011 .name = "tcp6-output",
2012 /* Takes a vector of packets. */
2013 .vector_size = sizeof (u32),
2014 .n_errors = TCP_N_ERROR,
2015 .error_strings = tcp_error_strings,
2016 .n_next_nodes = TCP_OUTPUT_N_NEXT,
2018 #define _(s,n) [TCP_OUTPUT_NEXT_##s] = n,
2019 foreach_tcp6_output_next
2022 .format_buffer = format_tcp_header,
2023 .format_trace = format_tcp_tx_trace,
2027 VLIB_NODE_FUNCTION_MULTIARCH (tcp6_output_node, tcp6_output);
2030 tcp_push_header (transport_connection_t * tconn, vlib_buffer_t * b)
2032 tcp_connection_t *tc;
2034 tc = (tcp_connection_t *) tconn;
2035 tcp_push_hdr_i (tc, b, TCP_STATE_ESTABLISHED, 0);
2036 ASSERT (seq_leq (tc->snd_una_max, tc->snd_una + tc->snd_wnd));
2038 if (tc->rtt_ts == 0 && !tcp_in_cong_recovery (tc))
2040 tc->rtt_ts = tcp_time_now ();
2041 tc->rtt_seq = tc->snd_nxt;
2043 tcp_trajectory_add_start (b, 3);
2047 typedef enum _tcp_reset_next
2049 TCP_RESET_NEXT_DROP,
2050 TCP_RESET_NEXT_IP_LOOKUP,
2054 #define foreach_tcp4_reset_next \
2055 _(DROP, "error-drop") \
2056 _(IP_LOOKUP, "ip4-lookup")
2058 #define foreach_tcp6_reset_next \
2059 _(DROP, "error-drop") \
2060 _(IP_LOOKUP, "ip6-lookup")
2063 tcp46_send_reset_inline (vlib_main_t * vm, vlib_node_runtime_t * node,
2064 vlib_frame_t * from_frame, u8 is_ip4)
2066 u32 n_left_from, next_index, *from, *to_next;
2067 u32 my_thread_index = vm->thread_index;
2069 from = vlib_frame_vector_args (from_frame);
2070 n_left_from = from_frame->n_vectors;
2072 next_index = node->cached_next_index;
2074 while (n_left_from > 0)
2078 vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
2080 while (n_left_from > 0 && n_left_to_next > 0)
2086 u32 error0 = TCP_ERROR_RST_SENT, next0 = TCP_RESET_NEXT_IP_LOOKUP;
2093 n_left_to_next -= 1;
2095 b0 = vlib_get_buffer (vm, bi0);
2097 if (tcp_make_reset_in_place (vm, b0, vnet_buffer (b0)->tcp.flags,
2098 my_thread_index, is_ip4))
2100 error0 = TCP_ERROR_LOOKUP_DROPS;
2101 next0 = TCP_RESET_NEXT_DROP;
2105 /* Prepare to send to IP lookup */
2106 vnet_buffer (b0)->sw_if_index[VLIB_TX] = ~0;
2107 next0 = TCP_RESET_NEXT_IP_LOOKUP;
2110 b0->error = node->errors[error0];
2111 b0->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED;
2112 if (PREDICT_FALSE (b0->flags & VLIB_BUFFER_IS_TRACED))
2114 th0 = vlib_buffer_get_current (b0);
2116 th0 = ip4_next_header ((ip4_header_t *) th0);
2118 th0 = ip6_next_header ((ip6_header_t *) th0);
2119 t0 = vlib_add_trace (vm, node, b0, sizeof (*t0));
2120 clib_memcpy (&t0->tcp_header, th0, sizeof (t0->tcp_header));
2123 vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
2124 n_left_to_next, bi0, next0);
2126 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
2128 return from_frame->n_vectors;
2132 tcp4_send_reset (vlib_main_t * vm, vlib_node_runtime_t * node,
2133 vlib_frame_t * from_frame)
2135 return tcp46_send_reset_inline (vm, node, from_frame, 1);
2139 tcp6_send_reset (vlib_main_t * vm, vlib_node_runtime_t * node,
2140 vlib_frame_t * from_frame)
2142 return tcp46_send_reset_inline (vm, node, from_frame, 0);
2146 VLIB_REGISTER_NODE (tcp4_reset_node) = {
2147 .function = tcp4_send_reset,
2148 .name = "tcp4-reset",
2149 .vector_size = sizeof (u32),
2150 .n_errors = TCP_N_ERROR,
2151 .error_strings = tcp_error_strings,
2152 .n_next_nodes = TCP_RESET_N_NEXT,
2154 #define _(s,n) [TCP_RESET_NEXT_##s] = n,
2155 foreach_tcp4_reset_next
2158 .format_trace = format_tcp_tx_trace,
2162 VLIB_NODE_FUNCTION_MULTIARCH (tcp4_reset_node, tcp4_send_reset);
2165 VLIB_REGISTER_NODE (tcp6_reset_node) = {
2166 .function = tcp6_send_reset,
2167 .name = "tcp6-reset",
2168 .vector_size = sizeof (u32),
2169 .n_errors = TCP_N_ERROR,
2170 .error_strings = tcp_error_strings,
2171 .n_next_nodes = TCP_RESET_N_NEXT,
2173 #define _(s,n) [TCP_RESET_NEXT_##s] = n,
2174 foreach_tcp6_reset_next
2177 .format_trace = format_tcp_tx_trace,
2181 VLIB_NODE_FUNCTION_MULTIARCH (tcp6_reset_node, tcp6_send_reset);
2184 * fd.io coding-style-patch-verification: ON
2187 * eval: (c-set-style "gnu")