2 * Copyright (c) 2016-2019 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
16 #include <vnet/tcp/tcp.h>
17 #include <vnet/tcp/tcp_inlines.h>
19 #include <vnet/ip/ip4_inlines.h>
20 #include <vnet/ip/ip6_inlines.h>
22 typedef enum _tcp_output_next
25 TCP_OUTPUT_NEXT_IP_LOOKUP,
26 TCP_OUTPUT_NEXT_IP_REWRITE,
27 TCP_OUTPUT_NEXT_IP_ARP,
31 #define foreach_tcp4_output_next \
32 _ (DROP, "error-drop") \
33 _ (IP_LOOKUP, "ip4-lookup") \
34 _ (IP_REWRITE, "ip4-rewrite") \
37 #define foreach_tcp6_output_next \
38 _ (DROP, "error-drop") \
39 _ (IP_LOOKUP, "ip6-lookup") \
40 _ (IP_REWRITE, "ip6-rewrite") \
41 _ (IP_ARP, "ip6-discover-neighbor")
43 static vlib_error_desc_t tcp_output_error_counters[] = {
44 #define tcp_error(f, n, s, d) { #n, d, VL_COUNTER_SEVERITY_##s },
45 #include <vnet/tcp/tcp_error.def>
51 tcp_header_t tcp_header;
52 tcp_connection_t tcp_connection;
56 format_tcp_tx_trace (u8 * s, va_list * args)
58 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
59 CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
60 tcp_tx_trace_t *t = va_arg (*args, tcp_tx_trace_t *);
61 tcp_connection_t *tc = &t->tcp_connection;
62 u32 indent = format_get_indent (s);
64 s = format (s, "%U state %U\n%U%U", format_tcp_connection_id, tc,
65 format_tcp_state, tc->state, format_white_space, indent,
66 format_tcp_header, &t->tcp_header, 128);
71 #ifndef CLIB_MARCH_VARIANT
73 tcp_window_compute_scale (u32 window)
76 while (wnd_scale < TCP_MAX_WND_SCALE && (window >> wnd_scale) > TCP_WND_MAX)
82 * TCP's initial window
85 tcp_initial_wnd_unscaled (tcp_connection_t * tc)
87 /* RFC 6928 recommends the value lower. However at the time our connections
88 * are initialized, fifos may not be allocated. Therefore, advertise the
89 * smallest possible unscaled window size and update once fifos are
90 * assigned to the session.
93 tcp_update_rcv_mss (tc);
94 TCP_IW_N_SEGMENTS * tc->mss;
96 return tcp_cfg.min_rx_fifo;
100 * Compute initial window and scale factor. As per RFC1323, window field in
101 * SYN and SYN-ACK segments is never scaled.
104 tcp_initial_window_to_advertise (tcp_connection_t * tc)
106 /* Compute rcv wscale only if peer advertised support for it */
107 if (tc->state != TCP_STATE_SYN_RCVD || tcp_opts_wscale (&tc->rcv_opts))
108 tc->rcv_wscale = tcp_window_compute_scale (tcp_cfg.max_rx_fifo);
110 tc->rcv_wnd = tcp_initial_wnd_unscaled (tc);
112 return clib_min (tc->rcv_wnd, TCP_WND_MAX);
116 tcp_update_rcv_wnd (tcp_connection_t * tc)
118 u32 available_space, wnd;
122 * Figure out how much space we have available
124 available_space = transport_max_rx_enqueue (&tc->connection);
127 * Use the above and what we know about what we've previously advertised
128 * to compute the new window
130 observed_wnd = (i32) tc->rcv_wnd - (tc->rcv_nxt - tc->rcv_las);
132 /* Check if we are about to retract the window. Do the comparison before
133 * rounding to avoid errors. Per RFC7323 sec. 2.4 we could remove this */
134 if (PREDICT_FALSE ((i32) available_space < observed_wnd))
136 wnd = round_down_pow2 (clib_max (observed_wnd, 0), 1 << tc->rcv_wscale);
137 TCP_EVT (TCP_EVT_RCV_WND_SHRUNK, tc, observed_wnd, available_space);
141 /* Make sure we have a multiple of 1 << rcv_wscale. We round down to
142 * avoid advertising a window larger than what can be buffered */
143 wnd = round_down_pow2 (available_space, 1 << tc->rcv_wscale);
146 if (PREDICT_FALSE (wnd < tc->rcv_opts.mss))
149 tc->rcv_wnd = clib_min (wnd, TCP_WND_MAX << tc->rcv_wscale);
153 * Compute and return window to advertise, scaled as per RFC1323
156 tcp_window_to_advertise (tcp_connection_t * tc, tcp_state_t state)
158 if (state < TCP_STATE_ESTABLISHED)
159 return tcp_initial_window_to_advertise (tc);
161 tcp_update_rcv_wnd (tc);
162 return tc->rcv_wnd >> tc->rcv_wscale;
166 tcp_make_syn_options (tcp_connection_t * tc, tcp_options_t * opts)
170 opts->flags |= TCP_OPTS_FLAG_MSS;
172 len += TCP_OPTION_LEN_MSS;
174 opts->flags |= TCP_OPTS_FLAG_WSCALE;
175 opts->wscale = tc->rcv_wscale;
176 len += TCP_OPTION_LEN_WINDOW_SCALE;
178 opts->flags |= TCP_OPTS_FLAG_TSTAMP;
179 opts->tsval = tcp_time_tstamp (tc->c_thread_index);
181 len += TCP_OPTION_LEN_TIMESTAMP;
185 opts->flags |= TCP_OPTS_FLAG_SACK_PERMITTED;
186 len += TCP_OPTION_LEN_SACK_PERMITTED;
189 /* Align to needed boundary */
190 len += (TCP_OPTS_ALIGN - len % TCP_OPTS_ALIGN) % TCP_OPTS_ALIGN;
195 tcp_make_synack_options (tcp_connection_t * tc, tcp_options_t * opts)
199 opts->flags |= TCP_OPTS_FLAG_MSS;
201 len += TCP_OPTION_LEN_MSS;
203 if (tcp_opts_wscale (&tc->rcv_opts))
205 opts->flags |= TCP_OPTS_FLAG_WSCALE;
206 opts->wscale = tc->rcv_wscale;
207 len += TCP_OPTION_LEN_WINDOW_SCALE;
210 if (tcp_opts_tstamp (&tc->rcv_opts))
212 opts->flags |= TCP_OPTS_FLAG_TSTAMP;
213 opts->tsval = tcp_time_tstamp (tc->c_thread_index);
214 opts->tsecr = tc->tsval_recent;
215 len += TCP_OPTION_LEN_TIMESTAMP;
218 if (tcp_opts_sack_permitted (&tc->rcv_opts))
220 opts->flags |= TCP_OPTS_FLAG_SACK_PERMITTED;
221 len += TCP_OPTION_LEN_SACK_PERMITTED;
224 /* Align to needed boundary */
225 len += (TCP_OPTS_ALIGN - len % TCP_OPTS_ALIGN) % TCP_OPTS_ALIGN;
230 tcp_make_established_options (tcp_connection_t * tc, tcp_options_t * opts)
236 if (tcp_opts_tstamp (&tc->rcv_opts))
238 opts->flags |= TCP_OPTS_FLAG_TSTAMP;
239 opts->tsval = tcp_tstamp (tc);
240 opts->tsecr = tc->tsval_recent;
241 len += TCP_OPTION_LEN_TIMESTAMP;
243 if (tcp_opts_sack_permitted (&tc->rcv_opts))
245 if (vec_len (tc->snd_sacks))
247 opts->flags |= TCP_OPTS_FLAG_SACK;
248 if (tc->snd_sack_pos >= vec_len (tc->snd_sacks))
249 tc->snd_sack_pos = 0;
250 opts->sacks = &tc->snd_sacks[tc->snd_sack_pos];
251 opts->n_sack_blocks = vec_len (tc->snd_sacks) - tc->snd_sack_pos;
252 opts->n_sack_blocks = clib_min (opts->n_sack_blocks,
253 TCP_OPTS_MAX_SACK_BLOCKS);
254 tc->snd_sack_pos += opts->n_sack_blocks;
255 len += 2 + TCP_OPTION_LEN_SACK_BLOCK * opts->n_sack_blocks;
259 /* Align to needed boundary */
260 len += (TCP_OPTS_ALIGN - len % TCP_OPTS_ALIGN) % TCP_OPTS_ALIGN;
265 tcp_make_options (tcp_connection_t * tc, tcp_options_t * opts,
270 case TCP_STATE_ESTABLISHED:
271 case TCP_STATE_CLOSE_WAIT:
272 case TCP_STATE_FIN_WAIT_1:
273 case TCP_STATE_LAST_ACK:
274 case TCP_STATE_CLOSING:
275 case TCP_STATE_FIN_WAIT_2:
276 case TCP_STATE_TIME_WAIT:
277 case TCP_STATE_CLOSED:
278 return tcp_make_established_options (tc, opts);
279 case TCP_STATE_SYN_RCVD:
280 return tcp_make_synack_options (tc, opts);
281 case TCP_STATE_SYN_SENT:
282 return tcp_make_syn_options (tc, opts);
284 clib_warning ("State not handled! %d", state);
290 * Update burst send vars
292 * - Updates snd_mss to reflect the effective segment size that we can send
293 * by taking into account all TCP options, including SACKs.
294 * - Cache 'on the wire' options for reuse
295 * - Updates receive window which can be reused for a burst.
297 * This should *only* be called when doing bursts
300 tcp_update_burst_snd_vars (tcp_connection_t * tc)
302 tcp_main_t *tm = &tcp_main;
304 /* Compute options to be used for connection. These may be reused when
305 * sending data or to compute the effective mss (snd_mss) */
306 tc->snd_opts_len = tcp_make_options (tc, &tc->snd_opts,
307 TCP_STATE_ESTABLISHED);
309 /* XXX check if MTU has been updated */
310 tc->snd_mss = clib_min (tc->mss, tc->rcv_opts.mss) - tc->snd_opts_len;
311 ASSERT (tc->snd_mss > 0);
313 tcp_options_write (tm->wrk_ctx[tc->c_thread_index].cached_opts,
316 tcp_update_rcv_wnd (tc);
318 if (tc->cfg_flags & TCP_CFG_F_RATE_SAMPLE)
319 tcp_bt_check_app_limited (tc);
321 if (tc->snd_una == tc->snd_nxt)
323 tcp_cc_event (tc, TCP_CC_EVT_START_TX);
324 tcp_connection_tx_pacer_reset (tc, tc->cwnd, TRANSPORT_PACER_MIN_BURST);
327 if (tc->flags & TCP_CONN_PSH_PENDING)
329 u32 max_deq = transport_max_tx_dequeue (&tc->connection);
330 /* Last byte marked for push */
331 tc->psh_seq = tc->snd_una + max_deq - 1;
336 tcp_init_buffer (vlib_main_t * vm, vlib_buffer_t * b)
338 ASSERT ((b->flags & VLIB_BUFFER_NEXT_PRESENT) == 0);
339 b->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED;
340 b->total_length_not_including_first_buffer = 0;
342 vnet_buffer (b)->tcp.flags = 0;
343 /* Leave enough space for headers */
344 return vlib_buffer_make_headroom (b, TRANSPORT_MAX_HDRS_LEN);
347 /* Compute TCP checksum in software when offloading is disabled for a connection */
349 ip6_tcp_compute_checksum_custom (vlib_main_t * vm, vlib_buffer_t * p0,
350 ip46_address_t * src, ip46_address_t * dst)
353 u16 payload_length_host_byte_order;
356 /* Initialize checksum with ip header. */
357 sum0 = clib_host_to_net_u16 (vlib_buffer_length_in_chain (vm, p0)) +
358 clib_host_to_net_u16 (IP_PROTOCOL_TCP);
359 payload_length_host_byte_order = vlib_buffer_length_in_chain (vm, p0);
361 for (i = 0; i < ARRAY_LEN (src->ip6.as_uword); i++)
363 sum0 = ip_csum_with_carry
364 (sum0, clib_mem_unaligned (&src->ip6.as_uword[i], uword));
365 sum0 = ip_csum_with_carry
366 (sum0, clib_mem_unaligned (&dst->ip6.as_uword[i], uword));
369 return ip_calculate_l4_checksum (vm, p0, sum0,
370 payload_length_host_byte_order, NULL, 0,
375 ip4_tcp_compute_checksum_custom (vlib_main_t * vm, vlib_buffer_t * p0,
376 ip46_address_t * src, ip46_address_t * dst)
379 u32 payload_length_host_byte_order;
381 payload_length_host_byte_order = vlib_buffer_length_in_chain (vm, p0);
383 clib_host_to_net_u32 (payload_length_host_byte_order +
384 (IP_PROTOCOL_TCP << 16));
386 sum0 = ip_csum_with_carry (sum0, clib_mem_unaligned (&src->ip4, u32));
387 sum0 = ip_csum_with_carry (sum0, clib_mem_unaligned (&dst->ip4, u32));
389 return ip_calculate_l4_checksum (vm, p0, sum0,
390 payload_length_host_byte_order, NULL, 0,
395 tcp_compute_checksum (tcp_connection_t * tc, vlib_buffer_t * b)
398 if (PREDICT_FALSE (tc->cfg_flags & TCP_CFG_F_NO_CSUM_OFFLOAD))
400 tcp_worker_ctx_t *wrk = tcp_get_worker (tc->c_thread_index);
401 vlib_main_t *vm = wrk->vm;
404 checksum = ip4_tcp_compute_checksum_custom
405 (vm, b, &tc->c_lcl_ip, &tc->c_rmt_ip);
407 checksum = ip6_tcp_compute_checksum_custom
408 (vm, b, &tc->c_lcl_ip, &tc->c_rmt_ip);
412 vnet_buffer_offload_flags_set (b, VNET_BUFFER_OFFLOAD_F_TCP_CKSUM);
421 tcp_make_ack_i (tcp_connection_t * tc, vlib_buffer_t * b, tcp_state_t state,
424 tcp_options_t _snd_opts, *snd_opts = &_snd_opts;
425 u8 tcp_opts_len, tcp_hdr_opts_len;
429 wnd = tcp_window_to_advertise (tc, state);
431 /* Make and write options */
432 tcp_opts_len = tcp_make_established_options (tc, snd_opts);
433 tcp_hdr_opts_len = tcp_opts_len + sizeof (tcp_header_t);
435 th = vlib_buffer_push_tcp (b, tc->c_lcl_port, tc->c_rmt_port, tc->snd_nxt,
436 tc->rcv_nxt, tcp_hdr_opts_len, flags, wnd);
438 tcp_options_write ((u8 *) (th + 1), snd_opts);
440 th->checksum = tcp_compute_checksum (tc, b);
442 vnet_buffer (b)->tcp.connection_index = tc->c_c_index;
446 transport_rx_fifo_req_deq_ntf (&tc->connection);
447 tcp_zero_rwnd_sent_on (tc);
450 tcp_zero_rwnd_sent_off (tc);
454 * Convert buffer to ACK
457 tcp_make_ack (tcp_connection_t * tc, vlib_buffer_t * b)
459 tcp_make_ack_i (tc, b, TCP_STATE_ESTABLISHED, TCP_FLAG_ACK);
460 TCP_EVT (TCP_EVT_ACK_SENT, tc);
461 tc->rcv_las = tc->rcv_nxt;
465 * Convert buffer to FIN-ACK
468 tcp_make_fin (tcp_connection_t * tc, vlib_buffer_t * b)
470 tcp_make_ack_i (tc, b, TCP_STATE_ESTABLISHED, TCP_FLAG_FIN | TCP_FLAG_ACK);
474 * Convert buffer to SYN
477 tcp_make_syn (tcp_connection_t * tc, vlib_buffer_t * b)
479 u8 tcp_hdr_opts_len, tcp_opts_len;
482 tcp_options_t snd_opts;
484 initial_wnd = tcp_initial_window_to_advertise (tc);
486 /* Make and write options */
487 clib_memset (&snd_opts, 0, sizeof (snd_opts));
488 tcp_opts_len = tcp_make_syn_options (tc, &snd_opts);
489 tcp_hdr_opts_len = tcp_opts_len + sizeof (tcp_header_t);
491 th = vlib_buffer_push_tcp (b, tc->c_lcl_port, tc->c_rmt_port, tc->iss,
492 tc->rcv_nxt, tcp_hdr_opts_len, TCP_FLAG_SYN,
494 vnet_buffer (b)->tcp.connection_index = tc->c_c_index;
495 tcp_options_write ((u8 *) (th + 1), &snd_opts);
496 th->checksum = tcp_compute_checksum (tc, b);
500 * Convert buffer to SYN-ACK
503 tcp_make_synack (tcp_connection_t * tc, vlib_buffer_t * b)
505 tcp_options_t _snd_opts, *snd_opts = &_snd_opts;
506 u8 tcp_opts_len, tcp_hdr_opts_len;
510 clib_memset (snd_opts, 0, sizeof (*snd_opts));
511 initial_wnd = tcp_initial_window_to_advertise (tc);
512 tcp_opts_len = tcp_make_synack_options (tc, snd_opts);
513 tcp_hdr_opts_len = tcp_opts_len + sizeof (tcp_header_t);
515 th = vlib_buffer_push_tcp (b, tc->c_lcl_port, tc->c_rmt_port, tc->iss,
516 tc->rcv_nxt, tcp_hdr_opts_len,
517 TCP_FLAG_SYN | TCP_FLAG_ACK, initial_wnd);
518 tcp_options_write ((u8 *) (th + 1), snd_opts);
520 vnet_buffer (b)->tcp.connection_index = tc->c_c_index;
521 th->checksum = tcp_compute_checksum (tc, b);
525 tcp_enqueue_half_open (tcp_worker_ctx_t *wrk, tcp_connection_t *tc,
526 vlib_buffer_t *b, u32 bi)
528 vlib_main_t *vm = wrk->vm;
530 b->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED;
533 session_add_pending_tx_buffer (vm->thread_index, bi,
534 wrk->tco_next_node[!tc->c_is_ip4]);
536 if (vm->thread_index == 0 && vlib_num_workers ())
537 session_queue_run_on_main_thread (vm);
541 tcp_enqueue_to_output (tcp_worker_ctx_t * wrk, vlib_buffer_t * b, u32 bi,
544 b->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED;
547 session_add_pending_tx_buffer (wrk->vm->thread_index, bi,
548 wrk->tco_next_node[!is_ip4]);
552 tcp_buffer_make_reset (vlib_main_t *vm, vlib_buffer_t *b, u8 is_ip4)
554 ip4_address_t src_ip4 = {}, dst_ip4 = {};
555 ip6_address_t src_ip6, dst_ip6;
556 u16 src_port, dst_port;
557 u32 tmp, len, seq, ack;
564 * Find IP and TCP headers and glean information from them. Assumes
565 * buffer was parsed by something like @ref tcp_input_lookup_buffer
567 th = tcp_buffer_hdr (b);
571 ih4 = vlib_buffer_get_current (b);
572 ASSERT ((ih4->ip_version_and_header_length & 0xF0) == 0x40);
573 src_ip4.as_u32 = ih4->src_address.as_u32;
574 dst_ip4.as_u32 = ih4->dst_address.as_u32;
578 ih6 = vlib_buffer_get_current (b);
579 ASSERT ((ih6->ip_version_traffic_class_and_flow_label & 0xF0) == 0x60);
580 clib_memcpy_fast (&src_ip6, &ih6->src_address, sizeof (ip6_address_t));
581 clib_memcpy_fast (&dst_ip6, &ih6->dst_address, sizeof (ip6_address_t));
584 src_port = th->src_port;
585 dst_port = th->dst_port;
586 flags = TCP_FLAG_RST;
589 * RFC 793. If the ACK bit is off, sequence number zero is used,
590 * <SEQ=0><ACK=SEG.SEQ+SEG.LEN><CTL=RST,ACK>
591 * If the ACK bit is on,
592 * <SEQ=SEG.ACK><CTL=RST>
596 seq = th->ack_number;
601 flags |= TCP_FLAG_ACK;
602 tmp = clib_net_to_host_u32 (th->seq_number);
603 len = vnet_buffer (b)->tcp.data_len + tcp_is_syn (th) + tcp_is_fin (th);
604 ack = clib_host_to_net_u32 (tmp + len);
609 * Clear and reuse current buffer for reset
611 if (b->flags & VLIB_BUFFER_NEXT_PRESENT)
612 vlib_buffer_free_one (vm, b->next_buffer);
614 /* Zero all flags but free list index and trace flag */
615 b->flags &= VLIB_BUFFER_NEXT_PRESENT - 1;
616 /* Make sure new tcp header comes after current ip */
617 b->current_data = ((u8 *) th - b->data) + sizeof (tcp_header_t);
618 b->current_length = 0;
619 b->total_length_not_including_first_buffer = 0;
620 vnet_buffer (b)->tcp.flags = 0;
623 * Add TCP and IP headers
625 th = vlib_buffer_push_tcp_net_order (b, dst_port, src_port, seq, ack,
626 sizeof (tcp_header_t), flags, 0);
630 ih4 = vlib_buffer_push_ip4 (vm, b, &dst_ip4, &src_ip4,
632 th->checksum = ip4_tcp_udp_compute_checksum (vm, b, ih4);
637 ih6 = vlib_buffer_push_ip6 (vm, b, &dst_ip6, &src_ip6, IP_PROTOCOL_TCP);
638 th->checksum = ip6_tcp_udp_icmp_compute_checksum (vm, b, ih6, &bogus);
646 * Send reset without reusing existing buffer
648 * It extracts connection info out of original packet
651 tcp_send_reset_w_pkt (tcp_connection_t * tc, vlib_buffer_t * pkt,
652 u32 thread_index, u8 is_ip4)
654 tcp_worker_ctx_t *wrk = tcp_get_worker (thread_index);
655 vlib_main_t *vm = wrk->vm;
657 u8 tcp_hdr_len, flags = 0;
658 tcp_header_t *th, *pkt_th;
660 ip4_header_t *ih4, *pkt_ih4;
661 ip6_header_t *ih6, *pkt_ih6;
663 if (PREDICT_FALSE (!vlib_buffer_alloc (vm, &bi, 1)))
665 tcp_worker_stats_inc (wrk, no_buffer, 1);
669 b = vlib_get_buffer (vm, bi);
670 tcp_init_buffer (vm, b);
672 /* Make and write options */
673 tcp_hdr_len = sizeof (tcp_header_t);
677 pkt_ih4 = vlib_buffer_get_current (pkt);
678 pkt_th = ip4_next_header (pkt_ih4);
682 pkt_ih6 = vlib_buffer_get_current (pkt);
683 pkt_th = ip6_next_header (pkt_ih6);
686 if (tcp_ack (pkt_th))
688 flags = TCP_FLAG_RST;
689 seq = pkt_th->ack_number;
690 ack = (tc->state >= TCP_STATE_SYN_RCVD) ? tc->rcv_nxt : 0;
691 ack = clib_host_to_net_u32 (ack);
695 flags = TCP_FLAG_RST | TCP_FLAG_ACK;
697 ack = clib_host_to_net_u32 (vnet_buffer (pkt)->tcp.seq_end);
700 th = vlib_buffer_push_tcp_net_order (b, pkt_th->dst_port, pkt_th->src_port,
701 seq, ack, tcp_hdr_len, flags, 0);
703 /* Swap src and dst ip */
706 ASSERT ((pkt_ih4->ip_version_and_header_length & 0xF0) == 0x40);
707 ih4 = vlib_buffer_push_ip4 (vm, b, &pkt_ih4->dst_address,
708 &pkt_ih4->src_address, IP_PROTOCOL_TCP,
709 tcp_csum_offload (tc));
710 th->checksum = ip4_tcp_udp_compute_checksum (vm, b, ih4);
715 ASSERT ((pkt_ih6->ip_version_traffic_class_and_flow_label & 0xF0) ==
717 ih6 = vlib_buffer_push_ip6_custom (vm, b, &pkt_ih6->dst_address,
718 &pkt_ih6->src_address,
720 tc->ipv6_flow_label);
721 th->checksum = ip6_tcp_udp_icmp_compute_checksum (vm, b, ih6, &bogus);
725 tcp_enqueue_half_open (wrk, tc, b, bi);
726 TCP_EVT (TCP_EVT_RST_SENT, tc);
727 vlib_node_increment_counter (vm, tcp_node_index (output, tc->c_is_ip4),
728 TCP_ERROR_RST_SENT, 1);
732 * Build and set reset packet for connection
735 tcp_send_reset (tcp_connection_t * tc)
737 tcp_worker_ctx_t *wrk = tcp_get_worker (tc->c_thread_index);
738 vlib_main_t *vm = wrk->vm;
742 u16 tcp_hdr_opts_len, advertise_wnd, opts_write_len;
745 if (PREDICT_FALSE (!vlib_buffer_alloc (vm, &bi, 1)))
747 tcp_worker_stats_inc (wrk, no_buffer, 1);
750 b = vlib_get_buffer (vm, bi);
751 tcp_init_buffer (vm, b);
753 tc->snd_opts_len = tcp_make_options (tc, &tc->snd_opts, tc->state);
754 tcp_hdr_opts_len = tc->snd_opts_len + sizeof (tcp_header_t);
755 advertise_wnd = tc->rcv_wnd >> tc->rcv_wscale;
756 flags = TCP_FLAG_RST | TCP_FLAG_ACK;
757 th = vlib_buffer_push_tcp (b, tc->c_lcl_port, tc->c_rmt_port, tc->snd_nxt,
758 tc->rcv_nxt, tcp_hdr_opts_len, flags,
760 opts_write_len = tcp_options_write ((u8 *) (th + 1), &tc->snd_opts);
761 th->checksum = tcp_compute_checksum (tc, b);
762 ASSERT (opts_write_len == tc->snd_opts_len);
763 vnet_buffer (b)->tcp.connection_index = tc->c_c_index;
764 tcp_enqueue_to_output (wrk, b, bi, tc->c_is_ip4);
765 TCP_EVT (TCP_EVT_RST_SENT, tc);
766 vlib_node_increment_counter (vm, tcp_node_index (output, tc->c_is_ip4),
767 TCP_ERROR_RST_SENT, 1);
773 * Builds a SYN packet for a half-open connection and sends it to tcp-output.
774 * The packet is handled by main thread and because half-open and established
775 * connections use the same pool the connection can be retrieved without
779 tcp_send_syn (tcp_connection_t * tc)
781 tcp_worker_ctx_t *wrk = tcp_get_worker (tc->c_thread_index);
782 vlib_main_t *vm = wrk->vm;
787 * Setup retransmit and establish timers before requesting buffer
788 * such that we can return if we've ran out.
790 tcp_timer_update (&wrk->timer_wheel, tc, TCP_TIMER_RETRANSMIT_SYN,
791 (u32) tc->rto * TCP_TO_TIMER_TICK);
793 if (PREDICT_FALSE (!vlib_buffer_alloc (vm, &bi, 1)))
795 tcp_timer_update (&wrk->timer_wheel, tc, TCP_TIMER_RETRANSMIT_SYN,
796 tcp_cfg.alloc_err_timeout);
797 tcp_worker_stats_inc (wrk, no_buffer, 1);
801 b = vlib_get_buffer (vm, bi);
802 tcp_init_buffer (vm, b);
803 tcp_make_syn (tc, b);
805 /* Measure RTT with this */
806 tc->rtt_ts = tcp_time_now_us (vlib_num_workers ()? 1 : 0);
807 tc->rtt_seq = tc->snd_nxt;
810 tcp_enqueue_half_open (wrk, tc, b, bi);
811 TCP_EVT (TCP_EVT_SYN_SENT, tc);
815 tcp_send_synack (tcp_connection_t * tc)
817 tcp_worker_ctx_t *wrk = tcp_get_worker (tc->c_thread_index);
818 vlib_main_t *vm = wrk->vm;
822 ASSERT (tc->snd_una != tc->snd_nxt);
823 tcp_retransmit_timer_update (&wrk->timer_wheel, tc);
825 if (PREDICT_FALSE (!vlib_buffer_alloc (vm, &bi, 1)))
827 tcp_timer_update (&wrk->timer_wheel, tc, TCP_TIMER_RETRANSMIT,
828 tcp_cfg.alloc_err_timeout);
829 tcp_worker_stats_inc (wrk, no_buffer, 1);
833 tc->rtt_ts = tcp_time_now_us (tc->c_thread_index);
834 b = vlib_get_buffer (vm, bi);
835 tcp_init_buffer (vm, b);
836 tcp_make_synack (tc, b);
837 tcp_enqueue_to_output (wrk, b, bi, tc->c_is_ip4);
838 TCP_EVT (TCP_EVT_SYNACK_SENT, tc);
845 tcp_send_fin (tcp_connection_t * tc)
847 tcp_worker_ctx_t *wrk = tcp_get_worker (tc->c_thread_index);
848 vlib_main_t *vm = wrk->vm;
853 fin_snt = tc->flags & TCP_CONN_FINSNT;
857 if (PREDICT_FALSE (!vlib_buffer_alloc (vm, &bi, 1)))
859 /* Out of buffers so program fin retransmit ASAP */
860 tcp_timer_update (&wrk->timer_wheel, tc, TCP_TIMER_RETRANSMIT,
861 tcp_cfg.alloc_err_timeout);
865 /* Make sure retransmit retries a fin not data */
866 tc->flags |= TCP_CONN_FINSNT;
867 tcp_worker_stats_inc (wrk, no_buffer, 1);
871 /* If we have non-dupacks programmed, no need to send them */
872 if ((tc->flags & TCP_CONN_SNDACK) && !tc->pending_dupacks)
873 tc->flags &= ~TCP_CONN_SNDACK;
875 b = vlib_get_buffer (vm, bi);
876 tcp_init_buffer (vm, b);
877 tcp_make_fin (tc, b);
878 tcp_enqueue_to_output (wrk, b, bi, tc->c_is_ip4);
879 TCP_EVT (TCP_EVT_FIN_SENT, tc);
880 /* Account for the FIN */
882 tcp_retransmit_timer_update (&wrk->timer_wheel, tc);
885 tc->flags |= TCP_CONN_FINSNT;
886 tc->flags &= ~TCP_CONN_FINPNDG;
891 * Push TCP header and update connection variables. Should only be called
892 * for segments with data, not for 'control' packets.
895 tcp_push_hdr_i (tcp_connection_t * tc, vlib_buffer_t * b, u32 snd_nxt,
896 u8 compute_opts, u8 maybe_burst, u8 update_snd_nxt)
898 u8 tcp_hdr_opts_len, flags = TCP_FLAG_ACK;
899 u32 advertise_wnd, data_len;
900 tcp_main_t *tm = &tcp_main;
903 data_len = b->current_length;
904 if (PREDICT_FALSE (b->flags & VLIB_BUFFER_NEXT_PRESENT))
905 data_len += b->total_length_not_including_first_buffer;
907 vnet_buffer (b)->tcp.flags = 0;
908 vnet_buffer (b)->tcp.connection_index = tc->c_c_index;
911 tc->snd_opts_len = tcp_make_options (tc, &tc->snd_opts, tc->state);
913 tcp_hdr_opts_len = tc->snd_opts_len + sizeof (tcp_header_t);
916 advertise_wnd = tc->rcv_wnd >> tc->rcv_wscale;
918 advertise_wnd = tcp_window_to_advertise (tc, TCP_STATE_ESTABLISHED);
920 if (PREDICT_FALSE (tc->flags & TCP_CONN_PSH_PENDING))
922 if (seq_geq (tc->psh_seq, snd_nxt)
923 && seq_lt (tc->psh_seq, snd_nxt + data_len))
924 flags |= TCP_FLAG_PSH;
926 th = vlib_buffer_push_tcp (b, tc->c_lcl_port, tc->c_rmt_port, snd_nxt,
927 tc->rcv_nxt, tcp_hdr_opts_len, flags,
932 clib_memcpy_fast ((u8 *) (th + 1),
933 tm->wrk_ctx[tc->c_thread_index].cached_opts,
938 u8 len = tcp_options_write ((u8 *) (th + 1), &tc->snd_opts);
939 ASSERT (len == tc->snd_opts_len);
943 * Update connection variables
947 tc->snd_nxt += data_len;
948 tc->rcv_las = tc->rcv_nxt;
950 tc->bytes_out += data_len;
951 tc->data_segs_out += 1;
953 th->checksum = tcp_compute_checksum (tc, b);
955 TCP_EVT (TCP_EVT_PKTIZE, tc);
959 tcp_buffer_len (vlib_buffer_t * b)
961 u32 data_len = b->current_length;
962 if (PREDICT_FALSE (b->flags & VLIB_BUFFER_NEXT_PRESENT))
963 data_len += b->total_length_not_including_first_buffer;
968 tcp_session_push_header (transport_connection_t * tconn, vlib_buffer_t * b)
970 tcp_connection_t *tc = (tcp_connection_t *) tconn;
972 if (tc->cfg_flags & TCP_CFG_F_RATE_SAMPLE)
973 tcp_bt_track_tx (tc, tcp_buffer_len (b));
975 tcp_push_hdr_i (tc, b, tc->snd_nxt, /* compute opts */ 0, /* burst */ 1,
976 /* update_snd_nxt */ 1);
978 tcp_validate_txf_size (tc, tc->snd_nxt - tc->snd_una);
979 /* If not tracking an ACK, start tracking */
980 if (tc->rtt_ts == 0 && !tcp_in_cong_recovery (tc))
982 tc->rtt_ts = tcp_time_now_us (tc->c_thread_index);
983 tc->rtt_seq = tc->snd_nxt;
985 if (PREDICT_FALSE (!tcp_timer_is_active (tc, TCP_TIMER_RETRANSMIT)))
987 tcp_worker_ctx_t *wrk = tcp_get_worker (tc->c_thread_index);
988 tcp_retransmit_timer_set (&wrk->timer_wheel, tc);
995 tcp_send_ack (tcp_connection_t * tc)
997 tcp_worker_ctx_t *wrk = tcp_get_worker (tc->c_thread_index);
998 vlib_main_t *vm = wrk->vm;
1002 if (PREDICT_FALSE (!vlib_buffer_alloc (vm, &bi, 1)))
1004 tcp_update_rcv_wnd (tc);
1005 tcp_worker_stats_inc (wrk, no_buffer, 1);
1008 b = vlib_get_buffer (vm, bi);
1009 tcp_init_buffer (vm, b);
1010 tcp_make_ack (tc, b);
1011 tcp_enqueue_to_output (wrk, b, bi, tc->c_is_ip4);
1015 tcp_program_ack (tcp_connection_t * tc)
1017 if (!(tc->flags & TCP_CONN_SNDACK))
1019 session_add_self_custom_tx_evt (&tc->connection, 1);
1020 tc->flags |= TCP_CONN_SNDACK;
1025 tcp_program_dupack (tcp_connection_t * tc)
1027 if (!(tc->flags & TCP_CONN_SNDACK))
1029 session_add_self_custom_tx_evt (&tc->connection, 1);
1030 tc->flags |= TCP_CONN_SNDACK;
1032 if (tc->pending_dupacks < 255)
1033 tc->pending_dupacks += 1;
1037 tcp_program_retransmit (tcp_connection_t * tc)
1039 if (!(tc->flags & TCP_CONN_RXT_PENDING))
1041 session_add_self_custom_tx_evt (&tc->connection, 0);
1042 tc->flags |= TCP_CONN_RXT_PENDING;
1047 * Send window update ack
1049 * Ensures that it will be sent only once, after a zero rwnd has been
1050 * advertised in a previous ack, and only if rwnd has grown beyond a
1051 * configurable value.
1054 tcp_send_window_update_ack (tcp_connection_t * tc)
1056 if (tcp_zero_rwnd_sent (tc))
1058 tcp_update_rcv_wnd (tc);
1059 if (tc->rcv_wnd >= tcp_cfg.rwnd_min_update_ack * tc->snd_mss)
1061 tcp_zero_rwnd_sent_off (tc);
1062 tcp_program_ack (tc);
1068 * Allocate a new buffer and build a new tcp segment
1070 * @param wrk tcp worker
1071 * @param tc connection for which the segment will be allocated
1072 * @param offset offset of the first byte in the tx fifo
1073 * @param max_deq_byte segment size
1074 * @param[out] b pointer to buffer allocated
1076 * @return the number of bytes in the segment or 0 if buffer cannot be
1077 * allocated or no data available
1080 tcp_prepare_segment (tcp_worker_ctx_t * wrk, tcp_connection_t * tc,
1081 u32 offset, u32 max_deq_bytes, vlib_buffer_t ** b)
1083 u32 bytes_per_buffer = vnet_get_tcp_main ()->bytes_per_buffer;
1084 vlib_main_t *vm = wrk->vm;
1089 seg_size = max_deq_bytes + TRANSPORT_MAX_HDRS_LEN;
1094 tc->snd_opts_len = tcp_make_options (tc, &tc->snd_opts, tc->state);
1097 * Allocate and fill in buffer(s)
1100 /* Easy case, buffer size greater than mss */
1101 if (PREDICT_TRUE (seg_size <= bytes_per_buffer))
1103 if (PREDICT_FALSE (!vlib_buffer_alloc (vm, &bi, 1)))
1105 tcp_worker_stats_inc (wrk, no_buffer, 1);
1108 *b = vlib_get_buffer (vm, bi);
1109 data = tcp_init_buffer (vm, *b);
1110 n_bytes = session_tx_fifo_peek_bytes (&tc->connection, data, offset,
1112 ASSERT (n_bytes == max_deq_bytes);
1113 b[0]->current_length = n_bytes;
1114 tcp_push_hdr_i (tc, *b, tc->snd_una + offset, /* compute opts */ 0,
1115 /* burst */ 0, /* update_snd_nxt */ 0);
1117 /* Split mss into multiple buffers */
1120 u32 chain_bi = ~0, n_bufs_per_seg, n_bufs;
1121 u16 n_peeked, len_to_deq;
1122 vlib_buffer_t *chain_b, *prev_b;
1125 /* Make sure we have enough buffers */
1126 n_bufs_per_seg = ceil ((double) seg_size / bytes_per_buffer);
1127 vec_validate_aligned (wrk->tx_buffers, n_bufs_per_seg - 1,
1128 CLIB_CACHE_LINE_BYTES);
1129 n_bufs = vlib_buffer_alloc (vm, wrk->tx_buffers, n_bufs_per_seg);
1130 if (PREDICT_FALSE (n_bufs != n_bufs_per_seg))
1133 vlib_buffer_free (vm, wrk->tx_buffers, n_bufs);
1134 tcp_worker_stats_inc (wrk, no_buffer, 1);
1138 *b = vlib_get_buffer (vm, wrk->tx_buffers[--n_bufs]);
1139 data = tcp_init_buffer (vm, *b);
1140 n_bytes = session_tx_fifo_peek_bytes (&tc->connection, data, offset,
1142 TRANSPORT_MAX_HDRS_LEN);
1143 b[0]->current_length = n_bytes;
1144 b[0]->flags |= VLIB_BUFFER_TOTAL_LENGTH_VALID;
1145 b[0]->total_length_not_including_first_buffer = 0;
1146 max_deq_bytes -= n_bytes;
1149 for (i = 1; i < n_bufs_per_seg; i++)
1152 len_to_deq = clib_min (max_deq_bytes, bytes_per_buffer);
1153 chain_bi = wrk->tx_buffers[--n_bufs];
1154 chain_b = vlib_get_buffer (vm, chain_bi);
1155 chain_b->current_data = 0;
1156 data = vlib_buffer_get_current (chain_b);
1157 n_peeked = session_tx_fifo_peek_bytes (&tc->connection, data,
1160 ASSERT (n_peeked == len_to_deq);
1161 n_bytes += n_peeked;
1162 chain_b->current_length = n_peeked;
1163 chain_b->next_buffer = 0;
1165 /* update previous buffer */
1166 prev_b->next_buffer = chain_bi;
1167 prev_b->flags |= VLIB_BUFFER_NEXT_PRESENT;
1169 max_deq_bytes -= n_peeked;
1170 b[0]->total_length_not_including_first_buffer += n_peeked;
1173 tcp_push_hdr_i (tc, *b, tc->snd_una + offset, /* compute opts */ 0,
1174 /* burst */ 0, /* update_snd_nxt */ 0);
1176 if (PREDICT_FALSE (n_bufs))
1178 clib_warning ("not all buffers consumed");
1179 vlib_buffer_free (vm, wrk->tx_buffers, n_bufs);
1183 ASSERT (n_bytes > 0);
1184 ASSERT (((*b)->current_data + (*b)->current_length) <= bytes_per_buffer);
1190 * Build a retransmit segment
1192 * @return the number of bytes in the segment or 0 if there's nothing to
1196 tcp_prepare_retransmit_segment (tcp_worker_ctx_t * wrk,
1197 tcp_connection_t * tc, u32 offset,
1198 u32 max_deq_bytes, vlib_buffer_t ** b)
1200 u32 start, available_bytes;
1203 ASSERT (tc->state >= TCP_STATE_ESTABLISHED);
1204 ASSERT (max_deq_bytes != 0);
1207 * Make sure we can retransmit something
1209 available_bytes = transport_max_tx_dequeue (&tc->connection);
1210 ASSERT (available_bytes >= offset);
1211 available_bytes -= offset;
1212 if (!available_bytes)
1215 max_deq_bytes = clib_min (tc->snd_mss, max_deq_bytes);
1216 max_deq_bytes = clib_min (available_bytes, max_deq_bytes);
1218 start = tc->snd_una + offset;
1219 ASSERT (seq_leq (start + max_deq_bytes, tc->snd_nxt));
1221 n_bytes = tcp_prepare_segment (wrk, tc, offset, max_deq_bytes, b);
1225 tc->snd_rxt_bytes += n_bytes;
1227 if (tc->cfg_flags & TCP_CFG_F_RATE_SAMPLE)
1228 tcp_bt_track_rxt (tc, start, start + n_bytes);
1230 tc->bytes_retrans += n_bytes;
1231 tc->segs_retrans += 1;
1232 tcp_worker_stats_inc (wrk, rxt_segs, 1);
1233 TCP_EVT (TCP_EVT_CC_RTX, tc, offset, n_bytes);
1239 tcp_check_sack_reneging (tcp_connection_t * tc)
1241 sack_scoreboard_t *sb = &tc->sack_sb;
1242 sack_scoreboard_hole_t *hole;
1244 hole = scoreboard_first_hole (sb);
1245 if (!sb->is_reneging && (!hole || hole->start == tc->snd_una))
1248 scoreboard_clear_reneging (sb, tc->snd_una, tc->snd_nxt);
1252 * Reset congestion control, switch cwnd to loss window and try again.
1255 tcp_cc_init_rxt_timeout (tcp_connection_t * tc)
1257 TCP_EVT (TCP_EVT_CC_EVT, tc, 6);
1259 tc->prev_ssthresh = tc->ssthresh;
1260 tc->prev_cwnd = tc->cwnd;
1262 /* If we entrered loss without fast recovery, notify cc algo of the
1263 * congestion event such that it can update ssthresh and its state */
1264 if (!tcp_in_fastrecovery (tc))
1265 tcp_cc_congestion (tc);
1267 /* Let cc algo decide loss cwnd and ssthresh post unrecovered loss */
1271 tc->cwnd_acc_bytes = 0;
1272 tc->tr_occurences += 1;
1273 tc->sack_sb.reorder = TCP_DUPACK_THRESHOLD;
1274 tcp_recovery_on (tc);
1278 tcp_timer_retransmit_handler (tcp_connection_t * tc)
1280 tcp_worker_ctx_t *wrk = tcp_get_worker (tc->c_thread_index);
1281 vlib_main_t *vm = wrk->vm;
1282 vlib_buffer_t *b = 0;
1285 tcp_worker_stats_inc (wrk, tr_events, 1);
1287 /* Should be handled by a different handler */
1288 if (PREDICT_FALSE (tc->state == TCP_STATE_SYN_SENT))
1291 /* Wait-close and retransmit could pop at the same time */
1292 if (tc->state == TCP_STATE_CLOSED)
1295 if (tc->state >= TCP_STATE_ESTABLISHED)
1297 TCP_EVT (TCP_EVT_CC_EVT, tc, 2);
1299 /* Lost FIN, retransmit and return */
1300 if (tc->flags & TCP_CONN_FINSNT)
1304 tc->rto = clib_min (tc->rto << 1, TCP_RTO_MAX);
1308 /* Shouldn't be here */
1309 if (tc->snd_una == tc->snd_nxt)
1311 ASSERT (!tcp_in_recovery (tc));
1316 /* We're not in recovery so make sure rto_boff is 0. Can be non 0 due
1317 * to persist timer timeout */
1318 if (!tcp_in_recovery (tc) && tc->rto_boff > 0)
1321 tcp_update_rto (tc);
1324 /* Peer is dead or network connectivity is lost. Close connection.
1325 * RFC 1122 section 4.2.3.5 recommends a value of at least 100s. For
1326 * a min rto of 0.2s we need to retry about 8 times. */
1327 if (tc->rto_boff >= TCP_RTO_BOFF_MAX)
1329 tcp_send_reset (tc);
1330 tcp_connection_set_state (tc, TCP_STATE_CLOSED);
1331 session_transport_closing_notify (&tc->connection);
1332 session_transport_closed_notify (&tc->connection);
1333 tcp_connection_timers_reset (tc);
1334 tcp_program_cleanup (wrk, tc);
1335 tcp_worker_stats_inc (wrk, tr_abort, 1);
1339 if (tcp_opts_sack_permitted (&tc->rcv_opts))
1340 tcp_check_sack_reneging (tc);
1342 /* Update send congestion to make sure that rxt has data to send */
1343 tc->snd_congestion = tc->snd_nxt;
1345 /* Send the first unacked segment. If we're short on buffers, return
1346 * as soon as possible */
1347 n_bytes = clib_min (tc->snd_mss, tc->snd_nxt - tc->snd_una);
1348 n_bytes = tcp_prepare_retransmit_segment (wrk, tc, 0, n_bytes, &b);
1351 tcp_timer_update (&wrk->timer_wheel, tc, TCP_TIMER_RETRANSMIT,
1352 tcp_cfg.alloc_err_timeout);
1356 bi = vlib_get_buffer_index (vm, b);
1357 tcp_enqueue_to_output (wrk, b, bi, tc->c_is_ip4);
1359 tc->rto = clib_min (tc->rto << 1, TCP_RTO_MAX);
1360 tcp_retransmit_timer_update (&wrk->timer_wheel, tc);
1363 if (tc->rto_boff == 1)
1365 tcp_cc_init_rxt_timeout (tc);
1366 /* Record timestamp. Eifel detection algorithm RFC3522 */
1367 tc->snd_rxt_ts = tcp_tstamp (tc);
1370 if (tcp_opts_sack_permitted (&tc->rcv_opts))
1371 scoreboard_init_rxt (&tc->sack_sb, tc->snd_una + n_bytes);
1373 tcp_program_retransmit (tc);
1375 /* Retransmit SYN-ACK */
1376 else if (tc->state == TCP_STATE_SYN_RCVD)
1378 TCP_EVT (TCP_EVT_CC_EVT, tc, 2);
1382 /* Passive open establish timeout */
1383 if (tc->rto > TCP_ESTABLISH_TIME >> 1)
1385 tcp_connection_set_state (tc, TCP_STATE_CLOSED);
1386 tcp_connection_timers_reset (tc);
1387 tcp_program_cleanup (wrk, tc);
1388 tcp_worker_stats_inc (wrk, tr_abort, 1);
1392 if (PREDICT_FALSE (!vlib_buffer_alloc (vm, &bi, 1)))
1394 tcp_timer_update (&wrk->timer_wheel, tc, TCP_TIMER_RETRANSMIT,
1395 tcp_cfg.alloc_err_timeout);
1396 tcp_worker_stats_inc (wrk, no_buffer, 1);
1401 if (tc->rto_boff > TCP_RTO_SYN_RETRIES)
1402 tc->rto = clib_min (tc->rto << 1, TCP_RTO_MAX);
1404 ASSERT (tc->snd_una != tc->snd_nxt);
1405 tcp_retransmit_timer_update (&wrk->timer_wheel, tc);
1407 b = vlib_get_buffer (vm, bi);
1408 tcp_init_buffer (vm, b);
1409 tcp_make_synack (tc, b);
1410 TCP_EVT (TCP_EVT_SYN_RXT, tc, 1);
1412 /* Retransmit timer already updated, just enqueue to output */
1413 tcp_enqueue_to_output (wrk, b, bi, tc->c_is_ip4);
1417 ASSERT (tc->state == TCP_STATE_CLOSED);
1423 * SYN retransmit timer handler. Active open only.
1426 tcp_timer_retransmit_syn_handler (tcp_connection_t * tc)
1428 tcp_worker_ctx_t *wrk = tcp_get_worker (tc->c_thread_index);
1429 vlib_main_t *vm = wrk->vm;
1430 vlib_buffer_t *b = 0;
1433 /* Note: the connection may have transitioned to ESTABLISHED... */
1434 if (PREDICT_FALSE (tc->state != TCP_STATE_SYN_SENT))
1437 /* Half-open connection actually moved to established but we were
1438 * waiting for syn retransmit to pop to call cleanup from the right
1440 if (tc->flags & TCP_CONN_HALF_OPEN_DONE)
1442 if (tcp_half_open_connection_cleanup (tc))
1443 TCP_DBG ("could not remove half-open connection");
1447 TCP_EVT (TCP_EVT_CC_EVT, tc, 2);
1450 /* Active open establish timeout */
1451 if (tc->rto >= TCP_ESTABLISH_TIME >> 1)
1453 session_stream_connect_notify (&tc->connection, SESSION_E_TIMEDOUT);
1454 tcp_connection_cleanup (tc);
1458 if (PREDICT_FALSE (!vlib_buffer_alloc (vm, &bi, 1)))
1460 tcp_timer_update (&wrk->timer_wheel, tc, TCP_TIMER_RETRANSMIT_SYN,
1461 tcp_cfg.alloc_err_timeout);
1462 tcp_worker_stats_inc (wrk, no_buffer, 1);
1466 /* Try without increasing RTO a number of times. If this fails,
1467 * start growing RTO exponentially */
1469 if (tc->rto_boff > TCP_RTO_SYN_RETRIES)
1470 tc->rto = clib_min (tc->rto << 1, TCP_RTO_MAX);
1472 b = vlib_get_buffer (vm, bi);
1473 tcp_init_buffer (vm, b);
1474 tcp_make_syn (tc, b);
1476 TCP_EVT (TCP_EVT_SYN_RXT, tc, 0);
1478 tcp_enqueue_half_open (wrk, tc, b, bi);
1480 tcp_timer_update (&wrk->timer_wheel, tc, TCP_TIMER_RETRANSMIT_SYN,
1481 (u32) tc->rto * TCP_TO_TIMER_TICK);
1485 * Got 0 snd_wnd from peer, try to do something about it.
1489 tcp_timer_persist_handler (tcp_connection_t * tc)
1491 tcp_worker_ctx_t *wrk = tcp_get_worker (tc->c_thread_index);
1492 u32 bi, max_snd_bytes, available_bytes, offset;
1493 tcp_main_t *tm = vnet_get_tcp_main ();
1494 vlib_main_t *vm = wrk->vm;
1499 /* Problem already solved or worse */
1500 if (tc->state == TCP_STATE_CLOSED || tc->snd_wnd > tc->snd_mss
1501 || (tc->flags & TCP_CONN_FINSNT))
1502 goto update_scheduler;
1504 available_bytes = transport_max_tx_dequeue (&tc->connection);
1505 offset = tc->snd_nxt - tc->snd_una;
1507 /* Reprogram persist if no new bytes available to send. We may have data
1509 if (!available_bytes)
1511 tcp_persist_timer_set (&wrk->timer_wheel, tc);
1515 if (available_bytes <= offset)
1516 goto update_scheduler;
1518 /* Increment RTO backoff */
1520 tc->rto = clib_min (tc->rto << 1, TCP_RTO_MAX);
1523 * Try to force the first unsent segment (or buffer)
1525 if (PREDICT_FALSE (!vlib_buffer_alloc (vm, &bi, 1)))
1527 tcp_persist_timer_set (&wrk->timer_wheel, tc);
1528 tcp_worker_stats_inc (wrk, no_buffer, 1);
1532 b = vlib_get_buffer (vm, bi);
1533 data = tcp_init_buffer (vm, b);
1535 tcp_validate_txf_size (tc, offset);
1536 tc->snd_opts_len = tcp_make_options (tc, &tc->snd_opts, tc->state);
1537 max_snd_bytes = clib_min (tc->snd_mss,
1538 tm->bytes_per_buffer - TRANSPORT_MAX_HDRS_LEN);
1539 n_bytes = session_tx_fifo_peek_bytes (&tc->connection, data, offset,
1541 b->current_length = n_bytes;
1542 ASSERT (n_bytes != 0 && (tcp_timer_is_active (tc, TCP_TIMER_RETRANSMIT)
1543 || tc->snd_una == tc->snd_nxt
1544 || tc->rto_boff > 1));
1546 if (tc->cfg_flags & TCP_CFG_F_RATE_SAMPLE)
1548 tcp_bt_check_app_limited (tc);
1549 tcp_bt_track_tx (tc, n_bytes);
1552 tcp_push_hdr_i (tc, b, tc->snd_nxt, /* compute opts */ 0,
1553 /* burst */ 0, /* update_snd_nxt */ 1);
1554 tcp_validate_txf_size (tc, tc->snd_nxt - tc->snd_una);
1555 tcp_enqueue_to_output (wrk, b, bi, tc->c_is_ip4);
1557 /* Just sent new data, enable retransmit */
1558 tcp_retransmit_timer_update (&wrk->timer_wheel, tc);
1564 if (tcp_is_descheduled (tc))
1565 transport_connection_reschedule (&tc->connection);
1569 * Retransmit first unacked segment
1572 tcp_retransmit_first_unacked (tcp_worker_ctx_t * wrk, tcp_connection_t * tc)
1574 vlib_main_t *vm = wrk->vm;
1578 TCP_EVT (TCP_EVT_CC_EVT, tc, 1);
1580 n_bytes = tcp_prepare_retransmit_segment (wrk, tc, 0, tc->snd_mss, &b);
1584 bi = vlib_get_buffer_index (vm, b);
1585 tcp_enqueue_to_output (wrk, b, bi, tc->c_is_ip4);
1591 tcp_transmit_unsent (tcp_worker_ctx_t * wrk, tcp_connection_t * tc,
1594 u32 offset, n_segs = 0, n_written, bi, available_wnd;
1595 vlib_main_t *vm = wrk->vm;
1596 vlib_buffer_t *b = 0;
1598 offset = tc->snd_nxt - tc->snd_una;
1599 available_wnd = tc->snd_wnd - offset;
1600 burst_size = clib_min (burst_size, available_wnd / tc->snd_mss);
1602 if (tc->cfg_flags & TCP_CFG_F_RATE_SAMPLE)
1603 tcp_bt_check_app_limited (tc);
1605 while (n_segs < burst_size)
1607 n_written = tcp_prepare_segment (wrk, tc, offset, tc->snd_mss, &b);
1611 bi = vlib_get_buffer_index (vm, b);
1612 tcp_enqueue_to_output (wrk, b, bi, tc->c_is_ip4);
1613 offset += n_written;
1616 if (tc->cfg_flags & TCP_CFG_F_RATE_SAMPLE)
1617 tcp_bt_track_tx (tc, n_written);
1619 tc->snd_nxt += n_written;
1627 * Estimate send space using proportional rate reduction (RFC6937)
1630 tcp_fastrecovery_prr_snd_space (tcp_connection_t * tc)
1635 pipe = tcp_flight_size (tc);
1636 prr_out = tc->snd_rxt_bytes + (tc->snd_nxt - tc->snd_congestion);
1638 if (pipe > tc->ssthresh)
1640 space = ((int) tc->prr_delivered * ((f64) tc->ssthresh / tc->prev_cwnd))
1646 limit = clib_max ((int) (tc->prr_delivered - prr_out), 0) + tc->snd_mss;
1647 space = clib_min (tc->ssthresh - pipe, limit);
1649 space = clib_max (space, prr_out ? 0 : tc->snd_mss);
1654 tcp_retransmit_should_retry_head (tcp_connection_t * tc,
1655 sack_scoreboard_t * sb)
1657 u32 tx_adv_sack = sb->high_sacked - tc->snd_congestion;
1658 f64 rr = (f64) tc->ssthresh / tc->prev_cwnd;
1660 if (tcp_fastrecovery_first (tc))
1663 return (tx_adv_sack > (tc->snd_una - tc->prr_start) * rr);
1667 tcp_max_tx_deq (tcp_connection_t * tc)
1669 return (transport_max_tx_dequeue (&tc->connection)
1670 - (tc->snd_nxt - tc->snd_una));
1673 #define scoreboard_rescue_rxt_valid(_sb, _tc) \
1674 (seq_geq (_sb->rescue_rxt, _tc->snd_una) \
1675 && seq_leq (_sb->rescue_rxt, _tc->snd_congestion))
1678 * Do retransmit with SACKs
1681 tcp_retransmit_sack (tcp_worker_ctx_t * wrk, tcp_connection_t * tc,
1684 u32 n_written = 0, offset, max_bytes, n_segs = 0;
1685 u8 snd_limited = 0, can_rescue = 0;
1686 u32 bi, max_deq, burst_bytes;
1687 sack_scoreboard_hole_t *hole;
1688 vlib_main_t *vm = wrk->vm;
1689 vlib_buffer_t *b = 0;
1690 sack_scoreboard_t *sb;
1693 ASSERT (tcp_in_cong_recovery (tc));
1695 burst_bytes = transport_connection_tx_pacer_burst (&tc->connection);
1696 burst_size = clib_min (burst_size, burst_bytes / tc->snd_mss);
1699 tcp_program_retransmit (tc);
1703 if (tcp_in_recovery (tc))
1704 snd_space = tcp_available_cc_snd_space (tc);
1706 snd_space = tcp_fastrecovery_prr_snd_space (tc);
1708 if (snd_space < tc->snd_mss)
1713 /* Check if snd_una is a lost retransmit */
1714 if (pool_elts (sb->holes)
1715 && seq_gt (sb->high_sacked, tc->snd_congestion)
1716 && tc->rxt_head != tc->snd_una
1717 && tcp_retransmit_should_retry_head (tc, sb))
1719 max_bytes = clib_min (tc->snd_mss, tc->snd_congestion - tc->snd_una);
1720 n_written = tcp_prepare_retransmit_segment (wrk, tc, 0, max_bytes, &b);
1723 tcp_program_retransmit (tc);
1726 bi = vlib_get_buffer_index (vm, b);
1727 tcp_enqueue_to_output (wrk, b, bi, tc->c_is_ip4);
1730 tc->rxt_head = tc->snd_una;
1731 tc->rxt_delivered += n_written;
1732 tc->prr_delivered += n_written;
1733 ASSERT (tc->rxt_delivered <= tc->snd_rxt_bytes);
1736 tcp_fastrecovery_first_off (tc);
1738 TCP_EVT (TCP_EVT_CC_EVT, tc, 0);
1739 hole = scoreboard_get_hole (sb, sb->cur_rxt_hole);
1741 max_deq = transport_max_tx_dequeue (&tc->connection);
1742 max_deq -= tc->snd_nxt - tc->snd_una;
1744 while (snd_space > 0 && n_segs < burst_size)
1746 hole = scoreboard_next_rxt_hole (sb, hole, max_deq != 0, &can_rescue,
1750 /* We are out of lost holes to retransmit so send some new data. */
1751 if (max_deq > tc->snd_mss)
1756 /* Make sure we don't exceed available window and leave space
1757 * for one more packet, to avoid zero window acks */
1758 av_wnd = (int) tc->snd_wnd - (tc->snd_nxt - tc->snd_una);
1759 av_wnd = clib_max (av_wnd - tc->snd_mss, 0);
1760 snd_space = clib_min (snd_space, av_wnd);
1761 snd_space = clib_min (max_deq, snd_space);
1762 burst_size = clib_min (burst_size - n_segs,
1763 snd_space / tc->snd_mss);
1764 burst_size = clib_min (burst_size, TCP_RXT_MAX_BURST);
1765 n_segs_new = tcp_transmit_unsent (wrk, tc, burst_size);
1766 if (max_deq > n_segs_new * tc->snd_mss)
1767 tcp_program_retransmit (tc);
1769 n_segs += n_segs_new;
1773 if (tcp_in_recovery (tc) || !can_rescue
1774 || scoreboard_rescue_rxt_valid (sb, tc))
1777 /* If rescue rxt undefined or less than snd_una then one segment of
1778 * up to SMSS octets that MUST include the highest outstanding
1779 * unSACKed sequence number SHOULD be returned, and RescueRxt set to
1780 * RecoveryPoint. HighRxt MUST NOT be updated.
1782 hole = scoreboard_last_hole (sb);
1783 max_bytes = clib_min (tc->snd_mss, hole->end - hole->start);
1784 max_bytes = clib_min (max_bytes, snd_space);
1785 offset = hole->end - tc->snd_una - max_bytes;
1786 n_written = tcp_prepare_retransmit_segment (wrk, tc, offset,
1791 sb->rescue_rxt = tc->snd_congestion;
1792 bi = vlib_get_buffer_index (vm, b);
1793 tcp_enqueue_to_output (wrk, b, bi, tc->c_is_ip4);
1798 max_bytes = clib_min (hole->end - sb->high_rxt, snd_space);
1799 max_bytes = snd_limited ? clib_min (max_bytes, tc->snd_mss) : max_bytes;
1803 offset = sb->high_rxt - tc->snd_una;
1804 n_written = tcp_prepare_retransmit_segment (wrk, tc, offset, max_bytes,
1806 ASSERT (n_written <= snd_space);
1808 /* Nothing left to retransmit */
1812 bi = vlib_get_buffer_index (vm, b);
1813 tcp_enqueue_to_output (wrk, b, bi, tc->c_is_ip4);
1815 sb->high_rxt += n_written;
1816 ASSERT (seq_leq (sb->high_rxt, tc->snd_nxt));
1818 snd_space -= n_written;
1823 tcp_program_retransmit (tc);
1827 transport_connection_tx_pacer_reset_bucket (&tc->connection, 0);
1832 * Fast retransmit without SACK info
1835 tcp_retransmit_no_sack (tcp_worker_ctx_t * wrk, tcp_connection_t * tc,
1838 u32 n_written = 0, offset = 0, bi, max_deq, n_segs_now, max_bytes;
1839 u32 burst_bytes, sent_bytes;
1840 vlib_main_t *vm = wrk->vm;
1841 int snd_space, n_segs = 0;
1845 ASSERT (tcp_in_cong_recovery (tc));
1846 TCP_EVT (TCP_EVT_CC_EVT, tc, 0);
1848 burst_bytes = transport_connection_tx_pacer_burst (&tc->connection);
1849 burst_size = clib_min (burst_size, burst_bytes / tc->snd_mss);
1852 tcp_program_retransmit (tc);
1856 snd_space = tcp_available_cc_snd_space (tc);
1857 cc_limited = snd_space < burst_bytes;
1859 if (!tcp_fastrecovery_first (tc))
1862 /* RFC 6582: [If a partial ack], retransmit the first unacknowledged
1864 while (snd_space > 0 && n_segs < burst_size)
1866 max_bytes = clib_min (tc->snd_mss,
1867 tc->snd_congestion - tc->snd_una - offset);
1870 n_written = tcp_prepare_retransmit_segment (wrk, tc, offset, max_bytes,
1873 /* Nothing left to retransmit */
1877 bi = vlib_get_buffer_index (vm, b);
1878 tcp_enqueue_to_output (wrk, b, bi, tc->c_is_ip4);
1879 snd_space -= n_written;
1880 offset += n_written;
1884 if (n_segs == burst_size)
1889 /* RFC 6582: Send a new segment if permitted by the new value of cwnd. */
1890 if (snd_space < tc->snd_mss || tc->snd_mss == 0)
1893 max_deq = transport_max_tx_dequeue (&tc->connection);
1894 max_deq -= tc->snd_nxt - tc->snd_una;
1897 snd_space = clib_min (max_deq, snd_space);
1898 burst_size = clib_min (burst_size - n_segs, snd_space / tc->snd_mss);
1899 n_segs_now = tcp_transmit_unsent (wrk, tc, burst_size);
1900 if (n_segs_now && max_deq > n_segs_now * tc->snd_mss)
1901 tcp_program_retransmit (tc);
1902 n_segs += n_segs_now;
1906 tcp_fastrecovery_first_off (tc);
1908 sent_bytes = clib_min (n_segs * tc->snd_mss, burst_bytes);
1909 sent_bytes = cc_limited ? burst_bytes : sent_bytes;
1910 transport_connection_tx_pacer_update_bytes (&tc->connection, sent_bytes);
1916 tcp_send_acks (tcp_connection_t * tc, u32 max_burst_size)
1920 if (!tc->pending_dupacks)
1922 if (tcp_in_cong_recovery (tc) || !tcp_max_tx_deq (tc)
1923 || tc->state != TCP_STATE_ESTABLISHED)
1931 /* If we're supposed to send dupacks but have no ooo data
1932 * send only one ack */
1933 if (!vec_len (tc->snd_sacks))
1936 tc->dupacks_out += 1;
1937 tc->pending_dupacks = 0;
1941 /* Start with first sack block */
1942 tc->snd_sack_pos = 0;
1944 /* Generate enough dupacks to cover all sack blocks. Do not generate
1945 * more sacks than the number of packets received. But do generate at
1946 * least 3, i.e., the number needed to signal congestion, if needed. */
1947 n_acks = vec_len (tc->snd_sacks) / TCP_OPTS_MAX_SACK_BLOCKS;
1948 n_acks = clib_min (n_acks, tc->pending_dupacks);
1949 n_acks = clib_max (n_acks, clib_min (tc->pending_dupacks, 3));
1950 for (j = 0; j < clib_min (n_acks, max_burst_size); j++)
1953 if (n_acks < max_burst_size)
1955 tc->pending_dupacks = 0;
1956 tc->snd_sack_pos = 0;
1957 tc->dupacks_out += n_acks;
1962 TCP_DBG ("constrained by burst size");
1963 tc->pending_dupacks = n_acks - max_burst_size;
1964 tc->dupacks_out += max_burst_size;
1965 tcp_program_dupack (tc);
1966 return max_burst_size;
1971 tcp_do_retransmit (tcp_connection_t * tc, u32 max_burst_size)
1973 tcp_worker_ctx_t *wrk;
1976 if (PREDICT_FALSE (tc->state == TCP_STATE_CLOSED))
1979 wrk = tcp_get_worker (tc->c_thread_index);
1981 if (tcp_opts_sack_permitted (&tc->rcv_opts))
1982 n_segs = tcp_retransmit_sack (wrk, tc, max_burst_size);
1984 n_segs = tcp_retransmit_no_sack (wrk, tc, max_burst_size);
1990 tcp_session_custom_tx (void *conn, transport_send_params_t * sp)
1992 tcp_connection_t *tc = (tcp_connection_t *) conn;
1995 if (tcp_in_cong_recovery (tc) && (tc->flags & TCP_CONN_RXT_PENDING))
1997 tc->flags &= ~TCP_CONN_RXT_PENDING;
1998 n_segs = tcp_do_retransmit (tc, sp->max_burst_size);
2001 if (!(tc->flags & TCP_CONN_SNDACK))
2004 tc->flags &= ~TCP_CONN_SNDACK;
2006 /* We have retransmitted packets and no dupack */
2007 if (n_segs && !tc->pending_dupacks)
2010 if (sp->max_burst_size <= n_segs)
2012 tcp_program_ack (tc);
2016 n_segs += tcp_send_acks (tc, sp->max_burst_size - n_segs);
2020 #endif /* CLIB_MARCH_VARIANT */
2023 tcp_output_handle_link_local (tcp_connection_t * tc0, vlib_buffer_t * b0,
2024 u16 * next0, u32 * error0)
2026 ip_adjacency_t *adj;
2029 /* Not thread safe but as long as the connection exists the adj should
2031 ai = adj_nbr_find (FIB_PROTOCOL_IP6, VNET_LINK_IP6, &tc0->c_rmt_ip,
2033 if (ai == ADJ_INDEX_INVALID)
2035 vnet_buffer (b0)->sw_if_index[VLIB_TX] = ~0;
2036 *next0 = TCP_OUTPUT_NEXT_DROP;
2037 *error0 = TCP_ERROR_LINK_LOCAL_RW;
2042 if (PREDICT_TRUE (adj->lookup_next_index == IP_LOOKUP_NEXT_REWRITE))
2043 *next0 = TCP_OUTPUT_NEXT_IP_REWRITE;
2044 else if (adj->lookup_next_index == IP_LOOKUP_NEXT_ARP)
2045 *next0 = TCP_OUTPUT_NEXT_IP_ARP;
2048 *next0 = TCP_OUTPUT_NEXT_DROP;
2049 *error0 = TCP_ERROR_LINK_LOCAL_RW;
2051 vnet_buffer (b0)->ip.adj_index[VLIB_TX] = ai;
2055 tcp46_output_trace_frame (vlib_main_t * vm, vlib_node_runtime_t * node,
2056 u32 * to_next, u32 n_bufs)
2058 tcp_connection_t *tc;
2064 for (i = 0; i < n_bufs; i++)
2066 b = vlib_get_buffer (vm, to_next[i]);
2067 if (!(b->flags & VLIB_BUFFER_IS_TRACED))
2069 th = vlib_buffer_get_current (b);
2070 tc = tcp_connection_get (vnet_buffer (b)->tcp.connection_index,
2072 t = vlib_add_trace (vm, node, b, sizeof (*t));
2073 clib_memcpy_fast (&t->tcp_header, th, sizeof (t->tcp_header));
2074 clib_memcpy_fast (&t->tcp_connection, tc, sizeof (t->tcp_connection));
2079 tcp_output_push_ip (vlib_main_t * vm, vlib_buffer_t * b0,
2080 tcp_connection_t * tc0, u8 is_ip4)
2082 TCP_EVT (TCP_EVT_OUTPUT, tc0,
2083 ((tcp_header_t *) vlib_buffer_get_current (b0))->flags,
2084 b0->current_length);
2087 vlib_buffer_push_ip4 (vm, b0, &tc0->c_lcl_ip4, &tc0->c_rmt_ip4,
2088 IP_PROTOCOL_TCP, tcp_csum_offload (tc0));
2090 vlib_buffer_push_ip6_custom (vm, b0, &tc0->c_lcl_ip6, &tc0->c_rmt_ip6,
2091 IP_PROTOCOL_TCP, tc0->ipv6_flow_label);
2095 tcp_check_if_gso (tcp_connection_t * tc, vlib_buffer_t * b)
2097 if (PREDICT_TRUE (!(tc->cfg_flags & TCP_CFG_F_TSO)))
2100 u16 data_len = b->current_length - sizeof (tcp_header_t) - tc->snd_opts_len;
2102 if (PREDICT_FALSE (b->flags & VLIB_BUFFER_TOTAL_LENGTH_VALID))
2103 data_len += b->total_length_not_including_first_buffer;
2105 if (PREDICT_TRUE (data_len <= tc->snd_mss))
2109 ASSERT ((b->flags & VNET_BUFFER_F_L3_HDR_OFFSET_VALID) != 0);
2110 ASSERT ((b->flags & VNET_BUFFER_F_L4_HDR_OFFSET_VALID) != 0);
2111 b->flags |= VNET_BUFFER_F_GSO;
2112 vnet_buffer2 (b)->gso_l4_hdr_sz =
2113 sizeof (tcp_header_t) + tc->snd_opts_len;
2114 vnet_buffer2 (b)->gso_size = tc->snd_mss;
2119 tcp_output_handle_packet (tcp_connection_t * tc0, vlib_buffer_t * b0,
2120 vlib_node_runtime_t * error_node, u16 * next0,
2123 /* If next_index is not drop use it */
2124 if (tc0->next_node_index)
2126 *next0 = tc0->next_node_index;
2127 vnet_buffer (b0)->tcp.next_node_opaque = tc0->next_node_opaque;
2131 *next0 = TCP_OUTPUT_NEXT_IP_LOOKUP;
2134 vnet_buffer (b0)->sw_if_index[VLIB_TX] = tc0->c_fib_index;
2135 vnet_buffer (b0)->sw_if_index[VLIB_RX] = tc0->sw_if_index;
2141 if (PREDICT_FALSE (ip6_address_is_link_local_unicast (&tc0->c_rmt_ip6)))
2142 tcp_output_handle_link_local (tc0, b0, next0, &error0);
2144 if (PREDICT_FALSE (error0))
2146 b0->error = error_node->errors[error0];
2155 tcp46_output_inline (vlib_main_t * vm, vlib_node_runtime_t * node,
2156 vlib_frame_t * frame, int is_ip4)
2158 u32 n_left_from, *from, thread_index = vm->thread_index;
2159 vlib_buffer_t *bufs[VLIB_FRAME_SIZE], **b;
2160 u16 nexts[VLIB_FRAME_SIZE], *next;
2162 from = vlib_frame_vector_args (frame);
2163 n_left_from = frame->n_vectors;
2164 tcp_update_time_now (tcp_get_worker (thread_index));
2166 if (PREDICT_FALSE (node->flags & VLIB_NODE_FLAG_TRACE))
2167 tcp46_output_trace_frame (vm, node, from, n_left_from);
2169 vlib_get_buffers (vm, from, bufs, n_left_from);
2173 while (n_left_from >= 4)
2175 tcp_connection_t *tc0, *tc1;
2178 vlib_prefetch_buffer_header (b[2], STORE);
2179 CLIB_PREFETCH (b[2]->data, 2 * CLIB_CACHE_LINE_BYTES, STORE);
2181 vlib_prefetch_buffer_header (b[3], STORE);
2182 CLIB_PREFETCH (b[3]->data, 2 * CLIB_CACHE_LINE_BYTES, STORE);
2185 tc0 = tcp_connection_get (vnet_buffer (b[0])->tcp.connection_index,
2187 tc1 = tcp_connection_get (vnet_buffer (b[1])->tcp.connection_index,
2190 if (PREDICT_TRUE (!tc0 + !tc1 == 0))
2192 tcp_output_push_ip (vm, b[0], tc0, is_ip4);
2193 tcp_output_push_ip (vm, b[1], tc1, is_ip4);
2195 tcp_check_if_gso (tc0, b[0]);
2196 tcp_check_if_gso (tc1, b[1]);
2198 tcp_output_handle_packet (tc0, b[0], node, &next[0], is_ip4);
2199 tcp_output_handle_packet (tc1, b[1], node, &next[1], is_ip4);
2205 tcp_output_push_ip (vm, b[0], tc0, is_ip4);
2206 tcp_check_if_gso (tc0, b[0]);
2207 tcp_output_handle_packet (tc0, b[0], node, &next[0], is_ip4);
2211 b[0]->error = node->errors[TCP_ERROR_INVALID_CONNECTION];
2212 next[0] = TCP_OUTPUT_NEXT_DROP;
2216 tcp_output_push_ip (vm, b[1], tc1, is_ip4);
2217 tcp_check_if_gso (tc1, b[1]);
2218 tcp_output_handle_packet (tc1, b[1], node, &next[1], is_ip4);
2222 b[1]->error = node->errors[TCP_ERROR_INVALID_CONNECTION];
2223 next[1] = TCP_OUTPUT_NEXT_DROP;
2231 while (n_left_from > 0)
2233 tcp_connection_t *tc0;
2235 if (n_left_from > 1)
2237 vlib_prefetch_buffer_header (b[1], STORE);
2238 CLIB_PREFETCH (b[1]->data, 2 * CLIB_CACHE_LINE_BYTES, STORE);
2241 tc0 = tcp_connection_get (vnet_buffer (b[0])->tcp.connection_index,
2244 if (PREDICT_TRUE (tc0 != 0))
2246 tcp_output_push_ip (vm, b[0], tc0, is_ip4);
2247 tcp_check_if_gso (tc0, b[0]);
2248 tcp_output_handle_packet (tc0, b[0], node, &next[0], is_ip4);
2252 b[0]->error = node->errors[TCP_ERROR_INVALID_CONNECTION];
2253 next[0] = TCP_OUTPUT_NEXT_DROP;
2261 vlib_buffer_enqueue_to_next (vm, node, from, nexts, frame->n_vectors);
2262 vlib_node_increment_counter (vm, tcp_node_index (output, is_ip4),
2263 TCP_ERROR_PKTS_SENT, frame->n_vectors);
2264 return frame->n_vectors;
2267 VLIB_NODE_FN (tcp4_output_node) (vlib_main_t * vm, vlib_node_runtime_t * node,
2268 vlib_frame_t * from_frame)
2270 return tcp46_output_inline (vm, node, from_frame, 1 /* is_ip4 */ );
2273 VLIB_NODE_FN (tcp6_output_node) (vlib_main_t * vm, vlib_node_runtime_t * node,
2274 vlib_frame_t * from_frame)
2276 return tcp46_output_inline (vm, node, from_frame, 0 /* is_ip4 */ );
2280 VLIB_REGISTER_NODE (tcp4_output_node) =
2282 .name = "tcp4-output",
2283 /* Takes a vector of packets. */
2284 .vector_size = sizeof (u32),
2285 .n_errors = TCP_N_ERROR,
2286 .protocol_hint = VLIB_NODE_PROTO_HINT_TCP,
2287 .error_counters = tcp_output_error_counters,
2288 .n_next_nodes = TCP_OUTPUT_N_NEXT,
2290 #define _(s,n) [TCP_OUTPUT_NEXT_##s] = n,
2291 foreach_tcp4_output_next
2294 .format_buffer = format_tcp_header,
2295 .format_trace = format_tcp_tx_trace,
2300 VLIB_REGISTER_NODE (tcp6_output_node) =
2302 .name = "tcp6-output",
2303 /* Takes a vector of packets. */
2304 .vector_size = sizeof (u32),
2305 .n_errors = TCP_N_ERROR,
2306 .protocol_hint = VLIB_NODE_PROTO_HINT_TCP,
2307 .error_counters = tcp_output_error_counters,
2308 .n_next_nodes = TCP_OUTPUT_N_NEXT,
2310 #define _(s,n) [TCP_OUTPUT_NEXT_##s] = n,
2311 foreach_tcp6_output_next
2314 .format_buffer = format_tcp_header,
2315 .format_trace = format_tcp_tx_trace,
2319 typedef enum _tcp_reset_next
2321 TCP_RESET_NEXT_DROP,
2322 TCP_RESET_NEXT_IP_LOOKUP,
2326 #define foreach_tcp4_reset_next \
2327 _(DROP, "error-drop") \
2328 _(IP_LOOKUP, "ip4-lookup")
2330 #define foreach_tcp6_reset_next \
2331 _(DROP, "error-drop") \
2332 _(IP_LOOKUP, "ip6-lookup")
2335 tcp_reset_trace_frame (vlib_main_t *vm, vlib_node_runtime_t *node,
2336 vlib_buffer_t **bs, u32 n_bufs, u8 is_ip4)
2342 for (i = 0; i < n_bufs; i++)
2344 if (bs[i]->flags & VLIB_BUFFER_IS_TRACED)
2346 tcp = vlib_buffer_get_current (bs[i]);
2347 t = vlib_add_trace (vm, node, bs[i], sizeof (*t));
2351 ip4_header_t *ih4 = vlib_buffer_get_current (bs[i]);
2352 tcp = ip4_next_header (ih4);
2353 t->tcp_connection.c_lcl_ip.ip4 = ih4->dst_address;
2354 t->tcp_connection.c_rmt_ip.ip4 = ih4->src_address;
2355 t->tcp_connection.c_is_ip4 = 1;
2359 ip6_header_t *ih6 = vlib_buffer_get_current (bs[i]);
2360 tcp = ip6_next_header (ih6);
2361 t->tcp_connection.c_lcl_ip.ip6 = ih6->dst_address;
2362 t->tcp_connection.c_rmt_ip.ip6 = ih6->src_address;
2364 t->tcp_connection.c_lcl_port = tcp->dst_port;
2365 t->tcp_connection.c_rmt_port = tcp->src_port;
2366 t->tcp_connection.c_proto = TRANSPORT_PROTO_TCP;
2367 clib_memcpy_fast (&t->tcp_header, tcp, sizeof (t->tcp_header));
2373 tcp46_reset_inline (vlib_main_t *vm, vlib_node_runtime_t *node,
2374 vlib_frame_t *frame, u8 is_ip4)
2376 vlib_buffer_t *bufs[VLIB_FRAME_SIZE], **b;
2377 u16 nexts[VLIB_FRAME_SIZE], *next;
2378 u32 n_left_from, *from;
2380 from = vlib_frame_vector_args (frame);
2381 n_left_from = frame->n_vectors;
2382 vlib_get_buffers (vm, from, bufs, n_left_from);
2387 while (n_left_from > 0)
2389 tcp_buffer_make_reset (vm, b[0], is_ip4);
2391 /* IP lookup in fib where it was received. Previous value
2392 * was overwritten by tcp-input */
2393 vnet_buffer (b[0])->sw_if_index[VLIB_TX] =
2394 vec_elt (ip4_main.fib_index_by_sw_if_index,
2395 vnet_buffer (b[0])->sw_if_index[VLIB_RX]);
2397 b[0]->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED;
2398 next[0] = TCP_RESET_NEXT_IP_LOOKUP;
2405 if (PREDICT_FALSE (node->flags & VLIB_NODE_FLAG_TRACE))
2406 tcp_reset_trace_frame (vm, node, bufs, frame->n_vectors, is_ip4);
2408 vlib_buffer_enqueue_to_next (vm, node, from, nexts, frame->n_vectors);
2410 vlib_node_increment_counter (vm, node->node_index, TCP_ERROR_RST_SENT,
2413 return frame->n_vectors;
2416 VLIB_NODE_FN (tcp4_reset_node) (vlib_main_t * vm, vlib_node_runtime_t * node,
2417 vlib_frame_t * from_frame)
2419 return tcp46_reset_inline (vm, node, from_frame, 1);
2422 VLIB_NODE_FN (tcp6_reset_node) (vlib_main_t * vm, vlib_node_runtime_t * node,
2423 vlib_frame_t * from_frame)
2425 return tcp46_reset_inline (vm, node, from_frame, 0);
2429 VLIB_REGISTER_NODE (tcp4_reset_node) = {
2430 .name = "tcp4-reset",
2431 .vector_size = sizeof (u32),
2432 .n_errors = TCP_N_ERROR,
2433 .error_counters = tcp_output_error_counters,
2434 .n_next_nodes = TCP_RESET_N_NEXT,
2436 #define _(s,n) [TCP_RESET_NEXT_##s] = n,
2437 foreach_tcp4_reset_next
2440 .format_trace = format_tcp_tx_trace,
2445 VLIB_REGISTER_NODE (tcp6_reset_node) = {
2446 .name = "tcp6-reset",
2447 .vector_size = sizeof (u32),
2448 .n_errors = TCP_N_ERROR,
2449 .error_counters = tcp_output_error_counters,
2450 .n_next_nodes = TCP_RESET_N_NEXT,
2452 #define _(s,n) [TCP_RESET_NEXT_##s] = n,
2453 foreach_tcp6_reset_next
2456 .format_trace = format_tcp_tx_trace,
2461 * fd.io coding-style-patch-verification: ON
2464 * eval: (c-set-style "gnu")