2 * Copyright (c) 2015 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
16 * ip/ip4_forward.c: IP v4 forwarding
18 * Copyright (c) 2008 Eliot Dresselhaus
20 * Permission is hereby granted, free of charge, to any person obtaining
21 * a copy of this software and associated documentation files (the
22 * "Software"), to deal in the Software without restriction, including
23 * without limitation the rights to use, copy, modify, merge, publish,
24 * distribute, sublicense, and/or sell copies of the Software, and to
25 * permit persons to whom the Software is furnished to do so, subject to
26 * the following conditions:
28 * The above copyright notice and this permission notice shall be
29 * included in all copies or substantial portions of the Software.
31 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
32 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
33 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
34 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
35 * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
36 * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
37 * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
40 #include <vnet/vnet.h>
41 #include <vnet/ip/ip.h>
42 #include <vnet/ethernet/ethernet.h> /* for ethernet_header_t */
43 #include <vnet/ethernet/arp_packet.h> /* for ethernet_arp_header_t */
44 #include <vnet/ppp/ppp.h>
45 #include <vnet/srp/srp.h> /* for srp_hw_interface_class */
46 #include <vnet/api_errno.h> /* for API error numbers */
52 /* This is really, really simple but stupid fib. */
54 ip4_fib_lookup_with_table (ip4_main_t * im, u32 fib_index,
56 u32 disable_default_route)
58 ip_lookup_main_t * lm = &im->lookup_main;
59 ip4_fib_t * fib = vec_elt_at_index (im->fibs, fib_index);
60 uword * p, * hash, key;
61 i32 i, i_min, dst_address, ai;
63 i_min = disable_default_route ? 1 : 0;
64 dst_address = clib_mem_unaligned (&dst->data_u32, u32);
65 for (i = ARRAY_LEN (fib->adj_index_by_dst_address) - 1; i >= i_min; i--)
67 hash = fib->adj_index_by_dst_address[i];
71 key = dst_address & im->fib_masks[i];
72 if ((p = hash_get (hash, key)) != 0)
79 /* Nothing matches in table. */
80 ai = lm->miss_adj_index;
87 create_fib_with_table_id (ip4_main_t * im, u32 table_id)
90 hash_set (im->fib_index_by_table_id, table_id, vec_len (im->fibs));
91 vec_add2 (im->fibs, fib, 1);
92 fib->table_id = table_id;
93 fib->index = fib - im->fibs;
94 fib->flow_hash_config = IP_FLOW_HASH_DEFAULT;
95 fib->fwd_classify_table_index = ~0;
96 fib->rev_classify_table_index = ~0;
97 ip4_mtrie_init (&fib->mtrie);
102 find_ip4_fib_by_table_index_or_id (ip4_main_t * im,
103 u32 table_index_or_id, u32 flags)
105 uword * p, fib_index;
107 fib_index = table_index_or_id;
108 if (! (flags & IP4_ROUTE_FLAG_FIB_INDEX))
110 if (table_index_or_id == ~0) {
111 table_index_or_id = 0;
112 while ((p = hash_get (im->fib_index_by_table_id, table_index_or_id))) {
115 return create_fib_with_table_id (im, table_index_or_id);
118 p = hash_get (im->fib_index_by_table_id, table_index_or_id);
120 return create_fib_with_table_id (im, table_index_or_id);
123 return vec_elt_at_index (im->fibs, fib_index);
127 ip4_fib_init_adj_index_by_dst_address (ip_lookup_main_t * lm,
134 ASSERT (lm->fib_result_n_bytes >= sizeof (uword));
135 lm->fib_result_n_words = round_pow2 (lm->fib_result_n_bytes, sizeof (uword)) / sizeof (uword);
137 fib->adj_index_by_dst_address[address_length] =
138 hash_create (32 /* elts */, lm->fib_result_n_words * sizeof (uword));
140 hash_set_flags (fib->adj_index_by_dst_address[address_length],
141 HASH_FLAG_NO_AUTO_SHRINK);
143 h = hash_header (fib->adj_index_by_dst_address[address_length]);
144 max_index = (hash_value_bytes (h) / sizeof (fib->new_hash_values[0])) - 1;
146 /* Initialize new/old hash value vectors. */
147 vec_validate_init_empty (fib->new_hash_values, max_index, ~0);
148 vec_validate_init_empty (fib->old_hash_values, max_index, ~0);
152 ip4_fib_set_adj_index (ip4_main_t * im,
156 u32 dst_address_length,
159 ip_lookup_main_t * lm = &im->lookup_main;
162 if (vec_bytes(fib->old_hash_values))
163 memset (fib->old_hash_values, ~0, vec_bytes (fib->old_hash_values));
164 if (vec_bytes(fib->new_hash_values))
165 memset (fib->new_hash_values, ~0, vec_bytes (fib->new_hash_values));
166 fib->new_hash_values[0] = adj_index;
168 /* Make sure adj index is valid. */
170 (void) ip_get_adjacency (lm, adj_index);
172 hash = fib->adj_index_by_dst_address[dst_address_length];
174 hash = _hash_set3 (hash, dst_address_u32,
175 fib->new_hash_values,
176 fib->old_hash_values);
178 fib->adj_index_by_dst_address[dst_address_length] = hash;
180 if (vec_len (im->add_del_route_callbacks) > 0)
182 ip4_add_del_route_callback_t * cb;
186 d.data_u32 = dst_address_u32;
187 vec_foreach (cb, im->add_del_route_callbacks)
188 if ((flags & cb->required_flags) == cb->required_flags)
189 cb->function (im, cb->function_opaque,
191 &d, dst_address_length,
192 fib->old_hash_values,
193 fib->new_hash_values);
195 p = hash_get (hash, dst_address_u32);
196 clib_memcpy (p, fib->new_hash_values, vec_bytes (fib->new_hash_values));
200 void ip4_add_del_route (ip4_main_t * im, ip4_add_del_route_args_t * a)
202 ip_lookup_main_t * lm = &im->lookup_main;
204 u32 dst_address, dst_address_length, adj_index, old_adj_index;
205 uword * hash, is_del;
206 ip4_add_del_route_callback_t * cb;
208 /* Either create new adjacency or use given one depending on arguments. */
209 if (a->n_add_adj > 0)
211 ip_add_adjacency (lm, a->add_adj, a->n_add_adj, &adj_index);
212 ip_call_add_del_adjacency_callbacks (lm, adj_index, /* is_del */ 0);
215 adj_index = a->adj_index;
217 dst_address = a->dst_address.data_u32;
218 dst_address_length = a->dst_address_length;
219 fib = find_ip4_fib_by_table_index_or_id (im, a->table_index_or_table_id, a->flags);
221 ASSERT (dst_address_length < ARRAY_LEN (im->fib_masks));
222 dst_address &= im->fib_masks[dst_address_length];
224 if (! fib->adj_index_by_dst_address[dst_address_length])
225 ip4_fib_init_adj_index_by_dst_address (lm, fib, dst_address_length);
227 hash = fib->adj_index_by_dst_address[dst_address_length];
229 is_del = (a->flags & IP4_ROUTE_FLAG_DEL) != 0;
233 fib->old_hash_values[0] = ~0;
234 hash = _hash_unset (hash, dst_address, fib->old_hash_values);
235 fib->adj_index_by_dst_address[dst_address_length] = hash;
237 if (vec_len (im->add_del_route_callbacks) > 0
238 && fib->old_hash_values[0] != ~0) /* make sure destination was found in hash */
240 fib->new_hash_values[0] = ~0;
241 vec_foreach (cb, im->add_del_route_callbacks)
242 if ((a->flags & cb->required_flags) == cb->required_flags)
243 cb->function (im, cb->function_opaque,
245 &a->dst_address, dst_address_length,
246 fib->old_hash_values,
247 fib->new_hash_values);
251 ip4_fib_set_adj_index (im, fib, a->flags, dst_address, dst_address_length,
254 old_adj_index = fib->old_hash_values[0];
256 /* Avoid spurious reference count increments */
257 if (old_adj_index == adj_index
259 && !(a->flags & IP4_ROUTE_FLAG_KEEP_OLD_ADJACENCY))
261 ip_adjacency_t * adj = ip_get_adjacency (lm, adj_index);
262 if (adj->share_count > 0)
266 ip4_fib_mtrie_add_del_route (fib, a->dst_address, dst_address_length,
267 is_del ? old_adj_index : adj_index,
270 /* Delete old adjacency index if present and changed. */
271 if (! (a->flags & IP4_ROUTE_FLAG_KEEP_OLD_ADJACENCY)
272 && old_adj_index != ~0
273 && old_adj_index != adj_index)
274 ip_del_adjacency (lm, old_adj_index);
278 ip4_add_del_route_next_hop (ip4_main_t * im,
280 ip4_address_t * dst_address,
281 u32 dst_address_length,
282 ip4_address_t * next_hop,
283 u32 next_hop_sw_if_index,
284 u32 next_hop_weight, u32 adj_index,
285 u32 explicit_fib_index)
287 vnet_main_t * vnm = vnet_get_main();
288 ip_lookup_main_t * lm = &im->lookup_main;
291 u32 dst_address_u32, old_mp_adj_index, new_mp_adj_index;
292 u32 dst_adj_index, nh_adj_index;
293 uword * dst_hash, * dst_result;
294 uword * nh_hash, * nh_result;
295 ip_adjacency_t * dst_adj;
296 ip_multipath_adjacency_t * old_mp, * new_mp;
297 int is_del = (flags & IP4_ROUTE_FLAG_DEL) != 0;
298 int is_interface_next_hop;
299 clib_error_t * error = 0;
301 if (explicit_fib_index == (u32)~0)
302 fib_index = vec_elt (im->fib_index_by_sw_if_index, next_hop_sw_if_index);
304 fib_index = explicit_fib_index;
306 fib = vec_elt_at_index (im->fibs, fib_index);
308 /* Lookup next hop to be added or deleted. */
309 is_interface_next_hop = next_hop->data_u32 == 0;
310 if (adj_index == (u32)~0)
312 if (is_interface_next_hop)
314 nh_result = hash_get (im->interface_route_adj_index_by_sw_if_index, next_hop_sw_if_index);
316 nh_adj_index = *nh_result;
319 ip_adjacency_t * adj;
320 adj = ip_add_adjacency (lm, /* template */ 0, /* block size */ 1,
322 ip4_adjacency_set_interface_route (vnm, adj, next_hop_sw_if_index, /* if_address_index */ ~0);
323 ip_call_add_del_adjacency_callbacks (lm, nh_adj_index, /* is_del */ 0);
324 hash_set (im->interface_route_adj_index_by_sw_if_index, next_hop_sw_if_index, nh_adj_index);
329 nh_hash = fib->adj_index_by_dst_address[32];
330 nh_result = hash_get (nh_hash, next_hop->data_u32);
332 /* Next hop must be known. */
335 ip_adjacency_t * adj;
337 nh_adj_index = ip4_fib_lookup_with_table (im, fib_index,
339 adj = ip_get_adjacency (lm, nh_adj_index);
340 /* if ARP interface adjacencty is present, we need to
341 install ARP adjaceny for specific next hop */
342 if (adj->lookup_next_index == IP_LOOKUP_NEXT_ARP &&
343 adj->arp.next_hop.ip4.as_u32 == 0)
345 nh_adj_index = vnet_arp_glean_add(fib_index, next_hop);
349 /* Next hop is not known, so create indirect adj */
350 ip_adjacency_t add_adj;
351 memset (&add_adj, 0, sizeof(add_adj));
353 add_adj.lookup_next_index = IP_LOOKUP_NEXT_INDIRECT;
354 add_adj.indirect.next_hop.ip4.as_u32 = next_hop->as_u32;
355 add_adj.explicit_fib_index = explicit_fib_index;
356 ip_add_adjacency (lm, &add_adj, 1, &nh_adj_index);
360 nh_adj_index = *nh_result;
365 nh_adj_index = adj_index;
367 ASSERT (dst_address_length < ARRAY_LEN (im->fib_masks));
368 dst_address_u32 = dst_address->data_u32 & im->fib_masks[dst_address_length];
370 dst_hash = fib->adj_index_by_dst_address[dst_address_length];
371 dst_result = hash_get (dst_hash, dst_address_u32);
374 dst_adj_index = dst_result[0];
375 dst_adj = ip_get_adjacency (lm, dst_adj_index);
379 /* For deletes destination must be known. */
382 vnm->api_errno = VNET_API_ERROR_UNKNOWN_DESTINATION;
383 error = clib_error_return (0, "unknown destination %U/%d",
384 format_ip4_address, dst_address,
393 /* Ignore adds of X/32 with next hop of X. */
395 && dst_address_length == 32
396 && dst_address->data_u32 == next_hop->data_u32
397 && adj_index != (u32)~0)
399 vnm->api_errno = VNET_API_ERROR_PREFIX_MATCHES_NEXT_HOP;
400 error = clib_error_return (0, "prefix matches next hop %U/%d",
401 format_ip4_address, dst_address,
406 /* Destination is not known and default weight is set so add route
407 to existing non-multipath adjacency */
408 if (dst_adj_index == ~0 && next_hop_weight == 1 && next_hop_sw_if_index == ~0)
410 /* create / delete additional mapping of existing adjacency */
411 ip4_add_del_route_args_t a;
412 ip_adjacency_t * nh_adj = ip_get_adjacency (lm, nh_adj_index);
414 a.table_index_or_table_id = fib_index;
415 a.flags = ((is_del ? IP4_ROUTE_FLAG_DEL : IP4_ROUTE_FLAG_ADD)
416 | IP4_ROUTE_FLAG_FIB_INDEX
417 | IP4_ROUTE_FLAG_KEEP_OLD_ADJACENCY
418 | (flags & (IP4_ROUTE_FLAG_NO_REDISTRIBUTE
419 | IP4_ROUTE_FLAG_NOT_LAST_IN_GROUP)));
420 a.dst_address = dst_address[0];
421 a.dst_address_length = dst_address_length;
422 a.adj_index = nh_adj_index;
426 ip4_add_del_route (im, &a);
428 /* adjust share count. This cannot be the only use of the adjacency */
429 nh_adj->share_count += is_del ? -1 : 1;
434 old_mp_adj_index = dst_adj ? dst_adj->heap_handle : ~0;
436 if (! ip_multipath_adjacency_add_del_next_hop
443 vnm->api_errno = VNET_API_ERROR_NEXT_HOP_NOT_FOUND_MP;
444 error = clib_error_return (0, "requested deleting next-hop %U not found in multi-path",
445 format_ip4_address, next_hop);
450 if (old_mp_adj_index != ~0)
451 old_mp = vec_elt_at_index (lm->multipath_adjacencies, old_mp_adj_index);
452 if (new_mp_adj_index != ~0)
453 new_mp = vec_elt_at_index (lm->multipath_adjacencies, new_mp_adj_index);
455 if (old_mp != new_mp)
457 ip4_add_del_route_args_t a;
458 ip_adjacency_t * adj;
460 a.table_index_or_table_id = fib_index;
461 a.flags = ((is_del && ! new_mp ? IP4_ROUTE_FLAG_DEL : IP4_ROUTE_FLAG_ADD)
462 | IP4_ROUTE_FLAG_FIB_INDEX
463 | IP4_ROUTE_FLAG_KEEP_OLD_ADJACENCY
464 | (flags & (IP4_ROUTE_FLAG_NO_REDISTRIBUTE | IP4_ROUTE_FLAG_NOT_LAST_IN_GROUP)));
465 a.dst_address = dst_address[0];
466 a.dst_address_length = dst_address_length;
467 a.adj_index = new_mp ? new_mp->adj_index : dst_adj_index;
471 ip4_add_del_route (im, &a);
473 adj = ip_get_adjacency (lm, new_mp ? new_mp->adj_index : dst_adj_index);
475 adj->share_count += is_del ? -1 : 1;
480 clib_error_report (error);
484 ip4_get_route (ip4_main_t * im,
485 u32 table_index_or_table_id,
490 ip4_fib_t * fib = find_ip4_fib_by_table_index_or_id (im, table_index_or_table_id, flags);
491 u32 dst_address = * (u32 *) address;
494 ASSERT (address_length < ARRAY_LEN (im->fib_masks));
495 dst_address &= im->fib_masks[address_length];
497 hash = fib->adj_index_by_dst_address[address_length];
498 p = hash_get (hash, dst_address);
503 ip4_foreach_matching_route (ip4_main_t * im,
504 u32 table_index_or_table_id,
506 ip4_address_t * address,
508 ip4_address_t ** results,
509 u8 ** result_lengths)
511 ip4_fib_t * fib = find_ip4_fib_by_table_index_or_id (im, table_index_or_table_id, flags);
512 u32 dst_address = address->data_u32;
513 u32 this_length = address_length;
516 _vec_len (*results) = 0;
518 _vec_len (*result_lengths) = 0;
520 while (this_length <= 32 && vec_len (results) == 0)
523 hash_foreach (k, v, fib->adj_index_by_dst_address[this_length], ({
524 if (0 == ((k ^ dst_address) & im->fib_masks[address_length]))
528 vec_add1 (*results, a);
529 vec_add1 (*result_lengths, this_length);
537 void ip4_maybe_remap_adjacencies (ip4_main_t * im,
538 u32 table_index_or_table_id,
541 ip4_fib_t * fib = find_ip4_fib_by_table_index_or_id (im, table_index_or_table_id, flags);
542 ip_lookup_main_t * lm = &im->lookup_main;
545 ip4_add_del_route_callback_t * cb;
546 static ip4_address_t * to_delete;
548 if (lm->n_adjacency_remaps == 0)
551 for (l = 0; l <= 32; l++)
554 uword * hash = fib->adj_index_by_dst_address[l];
556 if (hash_elts (hash) == 0)
560 _vec_len (to_delete) = 0;
562 hash_foreach_pair (p, hash, ({
563 u32 adj_index = p->value[0];
564 u32 m = vec_elt (lm->adjacency_remap_table, adj_index);
568 /* Record destination address from hash key. */
571 /* New adjacency points to nothing: so delete prefix. */
573 vec_add1 (to_delete, a);
576 /* Remap to new adjacency. */
577 clib_memcpy (fib->old_hash_values, p->value, vec_bytes (fib->old_hash_values));
579 /* Set new adjacency value. */
580 fib->new_hash_values[0] = p->value[0] = m - 1;
582 vec_foreach (cb, im->add_del_route_callbacks)
583 if ((flags & cb->required_flags) == cb->required_flags)
584 cb->function (im, cb->function_opaque,
585 fib, flags | IP4_ROUTE_FLAG_ADD,
587 fib->old_hash_values,
588 fib->new_hash_values);
593 fib->new_hash_values[0] = ~0;
594 for (i = 0; i < vec_len (to_delete); i++)
596 hash = _hash_unset (hash, to_delete[i].data_u32, fib->old_hash_values);
597 vec_foreach (cb, im->add_del_route_callbacks)
598 if ((flags & cb->required_flags) == cb->required_flags)
599 cb->function (im, cb->function_opaque,
600 fib, flags | IP4_ROUTE_FLAG_DEL,
602 fib->old_hash_values,
603 fib->new_hash_values);
607 /* Also remap adjacencies in mtrie. */
608 ip4_mtrie_maybe_remap_adjacencies (lm, &fib->mtrie);
610 /* Reset mapping table. */
611 vec_zero (lm->adjacency_remap_table);
613 /* All remaps have been performed. */
614 lm->n_adjacency_remaps = 0;
617 void ip4_delete_matching_routes (ip4_main_t * im,
618 u32 table_index_or_table_id,
620 ip4_address_t * address,
623 static ip4_address_t * matching_addresses;
624 static u8 * matching_address_lengths;
626 ip4_add_del_route_args_t a;
628 a.flags = IP4_ROUTE_FLAG_DEL | IP4_ROUTE_FLAG_NO_REDISTRIBUTE | flags;
629 a.table_index_or_table_id = table_index_or_table_id;
634 for (l = address_length + 1; l <= 32; l++)
636 ip4_foreach_matching_route (im, table_index_or_table_id, flags,
640 &matching_address_lengths);
641 for (i = 0; i < vec_len (matching_addresses); i++)
643 a.dst_address = matching_addresses[i];
644 a.dst_address_length = matching_address_lengths[i];
645 ip4_add_del_route (im, &a);
649 ip4_maybe_remap_adjacencies (im, table_index_or_table_id, flags);
653 ip4_forward_next_trace (vlib_main_t * vm,
654 vlib_node_runtime_t * node,
655 vlib_frame_t * frame,
656 vlib_rx_or_tx_t which_adj_index);
659 ip4_lookup_inline (vlib_main_t * vm,
660 vlib_node_runtime_t * node,
661 vlib_frame_t * frame,
662 int lookup_for_responses_to_locally_received_packets,
665 ip4_main_t * im = &ip4_main;
666 ip_lookup_main_t * lm = &im->lookup_main;
667 vlib_combined_counter_main_t * cm = &im->lookup_main.adjacency_counters;
668 u32 n_left_from, n_left_to_next, * from, * to_next;
669 ip_lookup_next_t next;
670 u32 cpu_index = os_get_cpu_number();
672 from = vlib_frame_vector_args (frame);
673 n_left_from = frame->n_vectors;
674 next = node->cached_next_index;
676 while (n_left_from > 0)
678 vlib_get_next_frame (vm, node, next,
679 to_next, n_left_to_next);
681 while (n_left_from >= 4 && n_left_to_next >= 2)
683 vlib_buffer_t * p0, * p1;
684 ip4_header_t * ip0, * ip1;
685 __attribute__((unused)) tcp_header_t * tcp0, * tcp1;
686 ip_lookup_next_t next0, next1;
687 ip_adjacency_t * adj0, * adj1;
688 ip4_fib_mtrie_t * mtrie0, * mtrie1;
689 ip4_fib_mtrie_leaf_t leaf0, leaf1;
690 ip4_address_t * dst_addr0, *dst_addr1;
691 __attribute__((unused)) u32 pi0, fib_index0, adj_index0, is_tcp_udp0;
692 __attribute__((unused)) u32 pi1, fib_index1, adj_index1, is_tcp_udp1;
693 u32 flow_hash_config0, flow_hash_config1;
694 u32 hash_c0, hash_c1;
697 /* Prefetch next iteration. */
699 vlib_buffer_t * p2, * p3;
701 p2 = vlib_get_buffer (vm, from[2]);
702 p3 = vlib_get_buffer (vm, from[3]);
704 vlib_prefetch_buffer_header (p2, LOAD);
705 vlib_prefetch_buffer_header (p3, LOAD);
707 CLIB_PREFETCH (p2->data, sizeof (ip0[0]), LOAD);
708 CLIB_PREFETCH (p3->data, sizeof (ip0[0]), LOAD);
711 pi0 = to_next[0] = from[0];
712 pi1 = to_next[1] = from[1];
714 p0 = vlib_get_buffer (vm, pi0);
715 p1 = vlib_get_buffer (vm, pi1);
717 ip0 = vlib_buffer_get_current (p0);
718 ip1 = vlib_buffer_get_current (p1);
722 ip_adjacency_t * iadj0, * iadj1;
723 iadj0 = ip_get_adjacency (lm, vnet_buffer(p0)->ip.adj_index[VLIB_TX]);
724 iadj1 = ip_get_adjacency (lm, vnet_buffer(p1)->ip.adj_index[VLIB_TX]);
725 dst_addr0 = &iadj0->indirect.next_hop.ip4;
726 dst_addr1 = &iadj1->indirect.next_hop.ip4;
730 dst_addr0 = &ip0->dst_address;
731 dst_addr1 = &ip1->dst_address;
734 fib_index0 = vec_elt (im->fib_index_by_sw_if_index, vnet_buffer (p0)->sw_if_index[VLIB_RX]);
735 fib_index1 = vec_elt (im->fib_index_by_sw_if_index, vnet_buffer (p1)->sw_if_index[VLIB_RX]);
736 fib_index0 = (vnet_buffer(p0)->sw_if_index[VLIB_TX] == (u32)~0) ?
737 fib_index0 : vnet_buffer(p0)->sw_if_index[VLIB_TX];
738 fib_index1 = (vnet_buffer(p1)->sw_if_index[VLIB_TX] == (u32)~0) ?
739 fib_index1 : vnet_buffer(p1)->sw_if_index[VLIB_TX];
742 if (! lookup_for_responses_to_locally_received_packets)
744 mtrie0 = &vec_elt_at_index (im->fibs, fib_index0)->mtrie;
745 mtrie1 = &vec_elt_at_index (im->fibs, fib_index1)->mtrie;
747 leaf0 = leaf1 = IP4_FIB_MTRIE_LEAF_ROOT;
749 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, dst_addr0, 0);
750 leaf1 = ip4_fib_mtrie_lookup_step (mtrie1, leaf1, dst_addr1, 0);
753 tcp0 = (void *) (ip0 + 1);
754 tcp1 = (void *) (ip1 + 1);
756 is_tcp_udp0 = (ip0->protocol == IP_PROTOCOL_TCP
757 || ip0->protocol == IP_PROTOCOL_UDP);
758 is_tcp_udp1 = (ip1->protocol == IP_PROTOCOL_TCP
759 || ip1->protocol == IP_PROTOCOL_UDP);
761 if (! lookup_for_responses_to_locally_received_packets)
763 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, dst_addr0, 1);
764 leaf1 = ip4_fib_mtrie_lookup_step (mtrie1, leaf1, dst_addr1, 1);
767 if (! lookup_for_responses_to_locally_received_packets)
769 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, dst_addr0, 2);
770 leaf1 = ip4_fib_mtrie_lookup_step (mtrie1, leaf1, dst_addr1, 2);
773 if (! lookup_for_responses_to_locally_received_packets)
775 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, dst_addr0, 3);
776 leaf1 = ip4_fib_mtrie_lookup_step (mtrie1, leaf1, dst_addr1, 3);
779 if (lookup_for_responses_to_locally_received_packets)
781 adj_index0 = vnet_buffer (p0)->ip.adj_index[VLIB_RX];
782 adj_index1 = vnet_buffer (p1)->ip.adj_index[VLIB_RX];
786 /* Handle default route. */
787 leaf0 = (leaf0 == IP4_FIB_MTRIE_LEAF_EMPTY ? mtrie0->default_leaf : leaf0);
788 leaf1 = (leaf1 == IP4_FIB_MTRIE_LEAF_EMPTY ? mtrie1->default_leaf : leaf1);
790 adj_index0 = ip4_fib_mtrie_leaf_get_adj_index (leaf0);
791 adj_index1 = ip4_fib_mtrie_leaf_get_adj_index (leaf1);
794 ASSERT (adj_index0 == ip4_fib_lookup_with_table (im, fib_index0,
796 /* no_default_route */ 0));
797 ASSERT (adj_index1 == ip4_fib_lookup_with_table (im, fib_index1,
799 /* no_default_route */ 0));
800 adj0 = ip_get_adjacency (lm, adj_index0);
801 adj1 = ip_get_adjacency (lm, adj_index1);
803 next0 = adj0->lookup_next_index;
804 next1 = adj1->lookup_next_index;
806 /* Use flow hash to compute multipath adjacency. */
807 hash_c0 = vnet_buffer (p0)->ip.flow_hash = 0;
808 hash_c1 = vnet_buffer (p1)->ip.flow_hash = 0;
809 if (PREDICT_FALSE (adj0->n_adj > 1))
812 vec_elt_at_index (im->fibs, fib_index0)->flow_hash_config;
813 hash_c0 = vnet_buffer (p0)->ip.flow_hash =
814 ip4_compute_flow_hash (ip0, flow_hash_config0);
816 if (PREDICT_FALSE(adj1->n_adj > 1))
819 vec_elt_at_index (im->fibs, fib_index1)->flow_hash_config;
820 hash_c1 = vnet_buffer (p1)->ip.flow_hash =
821 ip4_compute_flow_hash (ip1, flow_hash_config1);
824 ASSERT (adj0->n_adj > 0);
825 ASSERT (adj1->n_adj > 0);
826 ASSERT (is_pow2 (adj0->n_adj));
827 ASSERT (is_pow2 (adj1->n_adj));
828 adj_index0 += (hash_c0 & (adj0->n_adj - 1));
829 adj_index1 += (hash_c1 & (adj1->n_adj - 1));
831 vnet_buffer (p0)->ip.adj_index[VLIB_TX] = adj_index0;
832 vnet_buffer (p1)->ip.adj_index[VLIB_TX] = adj_index1;
834 vlib_increment_combined_counter
835 (cm, cpu_index, adj_index0, 1,
836 vlib_buffer_length_in_chain (vm, p0)
837 + sizeof(ethernet_header_t));
838 vlib_increment_combined_counter
839 (cm, cpu_index, adj_index1, 1,
840 vlib_buffer_length_in_chain (vm, p1)
841 + sizeof(ethernet_header_t));
848 wrong_next = (next0 != next) + 2*(next1 != next);
849 if (PREDICT_FALSE (wrong_next != 0))
858 vlib_set_next_frame_buffer (vm, node, next0, pi0);
865 vlib_set_next_frame_buffer (vm, node, next1, pi1);
872 vlib_set_next_frame_buffer (vm, node, next0, pi0);
873 vlib_set_next_frame_buffer (vm, node, next1, pi1);
877 vlib_put_next_frame (vm, node, next, n_left_to_next);
879 vlib_get_next_frame (vm, node, next, to_next, n_left_to_next);
885 while (n_left_from > 0 && n_left_to_next > 0)
889 __attribute__((unused)) tcp_header_t * tcp0;
890 ip_lookup_next_t next0;
891 ip_adjacency_t * adj0;
892 ip4_fib_mtrie_t * mtrie0;
893 ip4_fib_mtrie_leaf_t leaf0;
894 ip4_address_t * dst_addr0;
895 __attribute__((unused)) u32 pi0, fib_index0, adj_index0, is_tcp_udp0;
896 u32 flow_hash_config0, hash_c0;
901 p0 = vlib_get_buffer (vm, pi0);
903 ip0 = vlib_buffer_get_current (p0);
907 ip_adjacency_t * iadj0;
908 iadj0 = ip_get_adjacency (lm, vnet_buffer(p0)->ip.adj_index[VLIB_TX]);
909 dst_addr0 = &iadj0->indirect.next_hop.ip4;
913 dst_addr0 = &ip0->dst_address;
916 fib_index0 = vec_elt (im->fib_index_by_sw_if_index, vnet_buffer (p0)->sw_if_index[VLIB_RX]);
917 fib_index0 = (vnet_buffer(p0)->sw_if_index[VLIB_TX] == (u32)~0) ?
918 fib_index0 : vnet_buffer(p0)->sw_if_index[VLIB_TX];
920 if (! lookup_for_responses_to_locally_received_packets)
922 mtrie0 = &vec_elt_at_index (im->fibs, fib_index0)->mtrie;
924 leaf0 = IP4_FIB_MTRIE_LEAF_ROOT;
926 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, dst_addr0, 0);
929 tcp0 = (void *) (ip0 + 1);
931 is_tcp_udp0 = (ip0->protocol == IP_PROTOCOL_TCP
932 || ip0->protocol == IP_PROTOCOL_UDP);
934 if (! lookup_for_responses_to_locally_received_packets)
935 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, dst_addr0, 1);
937 if (! lookup_for_responses_to_locally_received_packets)
938 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, dst_addr0, 2);
940 if (! lookup_for_responses_to_locally_received_packets)
941 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, dst_addr0, 3);
943 if (lookup_for_responses_to_locally_received_packets)
944 adj_index0 = vnet_buffer (p0)->ip.adj_index[VLIB_RX];
947 /* Handle default route. */
948 leaf0 = (leaf0 == IP4_FIB_MTRIE_LEAF_EMPTY ? mtrie0->default_leaf : leaf0);
949 adj_index0 = ip4_fib_mtrie_leaf_get_adj_index (leaf0);
952 ASSERT (adj_index0 == ip4_fib_lookup_with_table (im, fib_index0,
954 /* no_default_route */ 0));
956 adj0 = ip_get_adjacency (lm, adj_index0);
958 next0 = adj0->lookup_next_index;
960 /* Use flow hash to compute multipath adjacency. */
961 hash_c0 = vnet_buffer (p0)->ip.flow_hash = 0;
962 if (PREDICT_FALSE(adj0->n_adj > 1))
965 vec_elt_at_index (im->fibs, fib_index0)->flow_hash_config;
967 hash_c0 = vnet_buffer (p0)->ip.flow_hash =
968 ip4_compute_flow_hash (ip0, flow_hash_config0);
971 ASSERT (adj0->n_adj > 0);
972 ASSERT (is_pow2 (adj0->n_adj));
973 adj_index0 += (hash_c0 & (adj0->n_adj - 1));
975 vnet_buffer (p0)->ip.adj_index[VLIB_TX] = adj_index0;
977 vlib_increment_combined_counter
978 (cm, cpu_index, adj_index0, 1,
979 vlib_buffer_length_in_chain (vm, p0)
980 + sizeof(ethernet_header_t));
987 if (PREDICT_FALSE (next0 != next))
990 vlib_put_next_frame (vm, node, next, n_left_to_next);
992 vlib_get_next_frame (vm, node, next,
993 to_next, n_left_to_next);
1000 vlib_put_next_frame (vm, node, next, n_left_to_next);
1003 if (node->flags & VLIB_NODE_FLAG_TRACE)
1004 ip4_forward_next_trace(vm, node, frame, VLIB_TX);
1006 return frame->n_vectors;
1009 /** \brief IPv4 lookup node.
1012 This is the main IPv4 lookup dispatch node.
1014 @param vm vlib_main_t corresponding to the current thread
1015 @param node vlib_node_runtime_t
1016 @param frame vlib_frame_t whose contents should be dispatched
1018 @par Graph mechanics: buffer metadata, next index usage
1021 - <code>vnet_buffer(b)->sw_if_index[VLIB_RX]</code>
1022 - Indicates the @c sw_if_index value of the interface that the
1023 packet was received on.
1024 - <code>vnet_buffer(b)->sw_if_index[VLIB_TX]</code>
1025 - When the value is @c ~0 then the node performs a longest prefix
1026 match (LPM) for the packet destination address in the FIB attached
1027 to the receive interface.
1028 - Otherwise perform LPM for the packet destination address in the
1029 indicated FIB. In this case <code>[VLIB_TX]</code> is a FIB index
1030 value (0, 1, ...) and not a VRF id.
1033 - <code>vnet_buffer(b)->ip.adj_index[VLIB_TX]</code>
1034 - The lookup result adjacency index.
1036 <em>Next Index:</em>
1037 - Dispatches the packet to the node index found in
1038 ip_adjacency_t @c adj->lookup_next_index
1039 (where @c adj is the lookup result adjacency).
1042 ip4_lookup (vlib_main_t * vm,
1043 vlib_node_runtime_t * node,
1044 vlib_frame_t * frame)
1046 return ip4_lookup_inline (vm, node, frame,
1047 /* lookup_for_responses_to_locally_received_packets */ 0,
1048 /* is_indirect */ 0);
1052 void ip4_adjacency_set_interface_route (vnet_main_t * vnm,
1053 ip_adjacency_t * adj,
1055 u32 if_address_index)
1057 vnet_hw_interface_t * hw = vnet_get_sup_hw_interface (vnm, sw_if_index);
1059 vnet_l3_packet_type_t packet_type;
1062 if (hw->hw_class_index == ethernet_hw_interface_class.index
1063 || hw->hw_class_index == srp_hw_interface_class.index)
1066 * We have a bit of a problem in this case. ip4-arp uses
1067 * the rewrite_header.next_index to hand pkts to the
1068 * indicated inteface output node. We can end up in
1069 * ip4_rewrite_local, too, which also pays attention to
1070 * rewrite_header.next index. Net result: a hack in
1071 * ip4_rewrite_local...
1073 n = IP_LOOKUP_NEXT_ARP;
1074 node_index = ip4_arp_node.index;
1075 adj->if_address_index = if_address_index;
1076 adj->arp.next_hop.ip4.as_u32 = 0;
1077 ip46_address_reset(&adj->arp.next_hop);
1078 packet_type = VNET_L3_PACKET_TYPE_ARP;
1082 n = IP_LOOKUP_NEXT_REWRITE;
1083 node_index = ip4_rewrite_node.index;
1084 packet_type = VNET_L3_PACKET_TYPE_IP4;
1087 adj->lookup_next_index = n;
1088 vnet_rewrite_for_sw_interface
1093 VNET_REWRITE_FOR_SW_INTERFACE_ADDRESS_BROADCAST,
1094 &adj->rewrite_header,
1095 sizeof (adj->rewrite_data));
1099 ip4_add_interface_routes (u32 sw_if_index,
1100 ip4_main_t * im, u32 fib_index,
1101 ip_interface_address_t * a)
1103 vnet_main_t * vnm = vnet_get_main();
1104 ip_lookup_main_t * lm = &im->lookup_main;
1105 ip_adjacency_t * adj;
1106 ip4_address_t * address = ip_interface_address_get_address (lm, a);
1107 ip4_add_del_route_args_t x;
1108 vnet_hw_interface_t * hw_if = vnet_get_sup_hw_interface (vnm, sw_if_index);
1109 u32 classify_table_index;
1111 /* Add e.g. 1.0.0.0/8 as interface route (arp for Ethernet). */
1112 x.table_index_or_table_id = fib_index;
1113 x.flags = (IP4_ROUTE_FLAG_ADD
1114 | IP4_ROUTE_FLAG_FIB_INDEX
1115 | IP4_ROUTE_FLAG_NO_REDISTRIBUTE);
1116 x.dst_address = address[0];
1117 x.dst_address_length = a->address_length;
1121 a->neighbor_probe_adj_index = ~0;
1122 if (a->address_length < 32)
1124 adj = ip_add_adjacency (lm, /* template */ 0, /* block size */ 1,
1126 ip4_adjacency_set_interface_route (vnm, adj, sw_if_index, a - lm->if_address_pool);
1127 ip_call_add_del_adjacency_callbacks (lm, x.adj_index, /* is_del */ 0);
1128 ip4_add_del_route (im, &x);
1129 a->neighbor_probe_adj_index = x.adj_index;
1132 /* Add e.g. 1.1.1.1/32 as local to this host. */
1133 adj = ip_add_adjacency (lm, /* template */ 0, /* block size */ 1,
1136 classify_table_index = ~0;
1137 if (sw_if_index < vec_len (lm->classify_table_index_by_sw_if_index))
1138 classify_table_index = lm->classify_table_index_by_sw_if_index [sw_if_index];
1139 if (classify_table_index != (u32) ~0)
1141 adj->lookup_next_index = IP_LOOKUP_NEXT_CLASSIFY;
1142 adj->classify.table_index = classify_table_index;
1145 adj->lookup_next_index = IP_LOOKUP_NEXT_LOCAL;
1147 adj->if_address_index = a - lm->if_address_pool;
1148 adj->rewrite_header.sw_if_index = sw_if_index;
1149 adj->rewrite_header.max_l3_packet_bytes = hw_if->max_l3_packet_bytes[VLIB_RX];
1151 * Local adjs are never to be rewritten. Spoofed pkts w/ src = dst = local
1152 * fail an RPF-ish check, but still go thru the rewrite code...
1154 adj->rewrite_header.data_bytes = 0;
1156 ip_call_add_del_adjacency_callbacks (lm, x.adj_index, /* is_del */ 0);
1157 x.dst_address_length = 32;
1158 ip4_add_del_route (im, &x);
1162 ip4_del_interface_routes (ip4_main_t * im, u32 fib_index, ip4_address_t * address, u32 address_length)
1164 ip4_add_del_route_args_t x;
1166 /* Add e.g. 1.0.0.0/8 as interface route (arp for Ethernet). */
1167 x.table_index_or_table_id = fib_index;
1168 x.flags = (IP4_ROUTE_FLAG_DEL
1169 | IP4_ROUTE_FLAG_FIB_INDEX
1170 | IP4_ROUTE_FLAG_NO_REDISTRIBUTE);
1171 x.dst_address = address[0];
1172 x.dst_address_length = address_length;
1177 if (address_length < 32)
1178 ip4_add_del_route (im, &x);
1180 x.dst_address_length = 32;
1181 ip4_add_del_route (im, &x);
1183 ip4_delete_matching_routes (im,
1185 IP4_ROUTE_FLAG_FIB_INDEX,
1192 ip4_address_t address;
1194 } ip4_interface_address_t;
1196 static clib_error_t *
1197 ip4_add_del_interface_address_internal (vlib_main_t * vm,
1199 ip4_address_t * new_address,
1205 static clib_error_t *
1206 ip4_add_del_interface_address_internal (vlib_main_t * vm,
1208 ip4_address_t * address,
1214 vnet_main_t * vnm = vnet_get_main();
1215 ip4_main_t * im = &ip4_main;
1216 ip_lookup_main_t * lm = &im->lookup_main;
1217 clib_error_t * error = 0;
1218 u32 if_address_index, elts_before;
1219 ip4_address_fib_t ip4_af, * addr_fib = 0;
1221 vec_validate (im->fib_index_by_sw_if_index, sw_if_index);
1222 ip4_addr_fib_init (&ip4_af, address,
1223 vec_elt (im->fib_index_by_sw_if_index, sw_if_index));
1224 vec_add1 (addr_fib, ip4_af);
1226 /* When adding an address check that it does not conflict with an existing address. */
1229 ip_interface_address_t * ia;
1230 foreach_ip_interface_address (&im->lookup_main, ia, sw_if_index,
1231 0 /* honor unnumbered */,
1233 ip4_address_t * x = ip_interface_address_get_address (&im->lookup_main, ia);
1235 if (ip4_destination_matches_route (im, address, x, ia->address_length)
1236 || ip4_destination_matches_route (im, x, address, address_length))
1237 return clib_error_create ("failed to add %U which conflicts with %U for interface %U",
1238 format_ip4_address_and_length, address, address_length,
1239 format_ip4_address_and_length, x, ia->address_length,
1240 format_vnet_sw_if_index_name, vnm, sw_if_index);
1244 elts_before = pool_elts (lm->if_address_pool);
1246 error = ip_interface_address_add_del
1256 if (vnet_sw_interface_is_admin_up (vnm, sw_if_index) && insert_routes)
1259 ip4_del_interface_routes (im, ip4_af.fib_index, address,
1263 ip4_add_interface_routes (sw_if_index,
1264 im, ip4_af.fib_index,
1266 (lm->if_address_pool, if_address_index));
1269 /* If pool did not grow/shrink: add duplicate address. */
1270 if (elts_before != pool_elts (lm->if_address_pool))
1272 ip4_add_del_interface_address_callback_t * cb;
1273 vec_foreach (cb, im->add_del_interface_address_callbacks)
1274 cb->function (im, cb->function_opaque, sw_if_index,
1275 address, address_length,
1281 vec_free (addr_fib);
1286 ip4_add_del_interface_address (vlib_main_t * vm, u32 sw_if_index,
1287 ip4_address_t * address, u32 address_length,
1290 return ip4_add_del_interface_address_internal
1291 (vm, sw_if_index, address, address_length,
1292 /* redistribute */ 1,
1293 /* insert_routes */ 1,
1297 static clib_error_t *
1298 ip4_sw_interface_admin_up_down (vnet_main_t * vnm,
1302 ip4_main_t * im = &ip4_main;
1303 ip_interface_address_t * ia;
1305 u32 is_admin_up, fib_index;
1307 /* Fill in lookup tables with default table (0). */
1308 vec_validate (im->fib_index_by_sw_if_index, sw_if_index);
1310 vec_validate_init_empty (im->lookup_main.if_address_pool_index_by_sw_if_index, sw_if_index, ~0);
1312 is_admin_up = (flags & VNET_SW_INTERFACE_FLAG_ADMIN_UP) != 0;
1314 fib_index = vec_elt (im->fib_index_by_sw_if_index, sw_if_index);
1316 foreach_ip_interface_address (&im->lookup_main, ia, sw_if_index,
1317 0 /* honor unnumbered */,
1319 a = ip_interface_address_get_address (&im->lookup_main, ia);
1321 ip4_add_interface_routes (sw_if_index,
1325 ip4_del_interface_routes (im, fib_index,
1326 a, ia->address_length);
1332 VNET_SW_INTERFACE_ADMIN_UP_DOWN_FUNCTION (ip4_sw_interface_admin_up_down);
1334 /* Built-in ip4 unicast rx feature path definition */
1335 VNET_IP4_UNICAST_FEATURE_INIT (ip4_inacl, static) = {
1336 .node_name = "ip4-inacl",
1337 .runs_before = {"ip4-source-check-via-rx", 0},
1338 .feature_index = &ip4_main.ip4_unicast_rx_feature_check_access,
1341 VNET_IP4_UNICAST_FEATURE_INIT (ip4_source_check_1, static) = {
1342 .node_name = "ip4-source-check-via-rx",
1343 .runs_before = {"ip4-source-check-via-any", 0},
1345 &ip4_main.ip4_unicast_rx_feature_source_reachable_via_rx,
1348 VNET_IP4_UNICAST_FEATURE_INIT (ip4_source_check_2, static) = {
1349 .node_name = "ip4-source-check-via-any",
1350 .runs_before = {"ipsec-input-ip4", 0},
1352 &ip4_main.ip4_unicast_rx_feature_source_reachable_via_any,
1355 VNET_IP4_UNICAST_FEATURE_INIT (ip4_ipsec, static) = {
1356 .node_name = "ipsec-input-ip4",
1357 .runs_before = {"vpath-input-ip4", 0},
1358 .feature_index = &ip4_main.ip4_unicast_rx_feature_ipsec,
1361 VNET_IP4_UNICAST_FEATURE_INIT (ip4_vpath, static) = {
1362 .node_name = "vpath-input-ip4",
1363 .runs_before = {"ip4-lookup", 0},
1364 .feature_index = &ip4_main.ip4_unicast_rx_feature_vpath,
1367 VNET_IP4_UNICAST_FEATURE_INIT (ip4_lookup, static) = {
1368 .node_name = "ip4-lookup",
1369 .runs_before = {0}, /* not before any other features */
1370 .feature_index = &ip4_main.ip4_unicast_rx_feature_lookup,
1373 /* Built-in ip4 multicast rx feature path definition */
1374 VNET_IP4_MULTICAST_FEATURE_INIT (ip4_vpath_mc, static) = {
1375 .node_name = "vpath-input-ip4",
1376 .runs_before = {"ip4-lookup-multicast", 0},
1377 .feature_index = &ip4_main.ip4_multicast_rx_feature_vpath,
1380 VNET_IP4_MULTICAST_FEATURE_INIT (ip4_lookup_mc, static) = {
1381 .node_name = "ip4-lookup-multicast",
1382 .runs_before = {0}, /* not before any other features */
1383 .feature_index = &ip4_main.ip4_multicast_rx_feature_lookup,
1386 static char * feature_start_nodes[] =
1387 { "ip4-input", "ip4-input-no-checksum"};
1389 static clib_error_t *
1390 ip4_feature_init (vlib_main_t * vm, ip4_main_t * im)
1392 ip_lookup_main_t * lm = &im->lookup_main;
1393 clib_error_t * error;
1396 for (cast = 0; cast < VNET_N_CAST; cast++)
1398 ip_config_main_t * cm = &lm->rx_config_mains[cast];
1399 vnet_config_main_t * vcm = &cm->config_main;
1401 if ((error = ip_feature_init_cast (vm, cm, vcm,
1402 feature_start_nodes,
1403 ARRAY_LEN(feature_start_nodes),
1411 static clib_error_t *
1412 ip4_sw_interface_add_del (vnet_main_t * vnm,
1416 vlib_main_t * vm = vnm->vlib_main;
1417 ip4_main_t * im = &ip4_main;
1418 ip_lookup_main_t * lm = &im->lookup_main;
1422 for (cast = 0; cast < VNET_N_CAST; cast++)
1424 ip_config_main_t * cm = &lm->rx_config_mains[cast];
1425 vnet_config_main_t * vcm = &cm->config_main;
1427 vec_validate_init_empty (cm->config_index_by_sw_if_index, sw_if_index, ~0);
1428 ci = cm->config_index_by_sw_if_index[sw_if_index];
1430 if (cast == VNET_UNICAST)
1431 feature_index = im->ip4_unicast_rx_feature_lookup;
1433 feature_index = im->ip4_multicast_rx_feature_lookup;
1436 ci = vnet_config_add_feature (vm, vcm,
1439 /* config data */ 0,
1440 /* # bytes of config data */ 0);
1442 ci = vnet_config_del_feature (vm, vcm,
1445 /* config data */ 0,
1446 /* # bytes of config data */ 0);
1448 cm->config_index_by_sw_if_index[sw_if_index] = ci;
1451 return /* no error */ 0;
1454 VNET_SW_INTERFACE_ADD_DEL_FUNCTION (ip4_sw_interface_add_del);
1456 static u8 * format_ip4_lookup_trace (u8 * s, va_list * args);
1458 VLIB_REGISTER_NODE (ip4_lookup_node) = {
1459 .function = ip4_lookup,
1460 .name = "ip4-lookup",
1461 .vector_size = sizeof (u32),
1463 .format_trace = format_ip4_lookup_trace,
1465 .n_next_nodes = IP4_LOOKUP_N_NEXT,
1466 .next_nodes = IP4_LOOKUP_NEXT_NODES,
1469 VLIB_NODE_FUNCTION_MULTIARCH (ip4_lookup_node, ip4_lookup)
1472 ip4_indirect (vlib_main_t * vm,
1473 vlib_node_runtime_t * node,
1474 vlib_frame_t * frame)
1476 return ip4_lookup_inline (vm, node, frame,
1477 /* lookup_for_responses_to_locally_received_packets */ 0,
1478 /* is_indirect */ 1);
1481 VLIB_REGISTER_NODE (ip4_indirect_node) = {
1482 .function = ip4_indirect,
1483 .name = "ip4-indirect",
1484 .vector_size = sizeof (u32),
1485 .sibling_of = "ip4-lookup",
1486 .format_trace = format_ip4_lookup_trace,
1491 VLIB_NODE_FUNCTION_MULTIARCH (ip4_indirect_node, ip4_indirect)
1494 /* Global IP4 main. */
1495 ip4_main_t ip4_main;
1498 ip4_lookup_init (vlib_main_t * vm)
1500 ip4_main_t * im = &ip4_main;
1501 clib_error_t * error;
1504 for (i = 0; i < ARRAY_LEN (im->fib_masks); i++)
1509 m = pow2_mask (i) << (32 - i);
1512 im->fib_masks[i] = clib_host_to_net_u32 (m);
1515 /* Create FIB with index 0 and table id of 0. */
1516 find_ip4_fib_by_table_index_or_id (im, /* table id */ 0, IP4_ROUTE_FLAG_TABLE_ID);
1518 ip_lookup_init (&im->lookup_main, /* is_ip6 */ 0);
1522 pn = pg_get_node (ip4_lookup_node.index);
1523 pn->unformat_edit = unformat_pg_ip4_header;
1527 ethernet_arp_header_t h;
1529 memset (&h, 0, sizeof (h));
1531 /* Set target ethernet address to all zeros. */
1532 memset (h.ip4_over_ethernet[1].ethernet, 0, sizeof (h.ip4_over_ethernet[1].ethernet));
1534 #define _16(f,v) h.f = clib_host_to_net_u16 (v);
1535 #define _8(f,v) h.f = v;
1536 _16 (l2_type, ETHERNET_ARP_HARDWARE_TYPE_ethernet);
1537 _16 (l3_type, ETHERNET_TYPE_IP4);
1538 _8 (n_l2_address_bytes, 6);
1539 _8 (n_l3_address_bytes, 4);
1540 _16 (opcode, ETHERNET_ARP_OPCODE_request);
1544 vlib_packet_template_init (vm,
1545 &im->ip4_arp_request_packet_template,
1548 /* alloc chunk size */ 8,
1552 error = ip4_feature_init (vm, im);
1557 VLIB_INIT_FUNCTION (ip4_lookup_init);
1560 /* Adjacency taken. */
1565 /* Packet data, possibly *after* rewrite. */
1566 u8 packet_data[64 - 1*sizeof(u32)];
1567 } ip4_forward_next_trace_t;
1569 static u8 * format_ip4_forward_next_trace (u8 * s, va_list * args)
1571 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
1572 CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
1573 ip4_forward_next_trace_t * t = va_arg (*args, ip4_forward_next_trace_t *);
1574 uword indent = format_get_indent (s);
1575 s = format (s, "%U%U",
1576 format_white_space, indent,
1577 format_ip4_header, t->packet_data);
1581 static u8 * format_ip4_lookup_trace (u8 * s, va_list * args)
1583 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
1584 CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
1585 ip4_forward_next_trace_t * t = va_arg (*args, ip4_forward_next_trace_t *);
1586 vnet_main_t * vnm = vnet_get_main();
1587 ip4_main_t * im = &ip4_main;
1588 uword indent = format_get_indent (s);
1590 s = format (s, "fib %d adj-idx %d : %U flow hash: 0x%08x",
1591 t->fib_index, t->adj_index, format_ip_adjacency,
1592 vnm, &im->lookup_main, t->adj_index, t->flow_hash);
1593 s = format (s, "\n%U%U",
1594 format_white_space, indent,
1595 format_ip4_header, t->packet_data);
1599 static u8 * format_ip4_rewrite_trace (u8 * s, va_list * args)
1601 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
1602 CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
1603 ip4_forward_next_trace_t * t = va_arg (*args, ip4_forward_next_trace_t *);
1604 vnet_main_t * vnm = vnet_get_main();
1605 ip4_main_t * im = &ip4_main;
1606 uword indent = format_get_indent (s);
1608 s = format (s, "tx_sw_if_index %d adj-idx %d : %U flow hash: 0x%08x",
1609 t->fib_index, t->adj_index, format_ip_adjacency,
1610 vnm, &im->lookup_main, t->adj_index, t->flow_hash);
1611 s = format (s, "\n%U%U",
1612 format_white_space, indent,
1613 format_ip_adjacency_packet_data,
1614 vnm, &im->lookup_main, t->adj_index,
1615 t->packet_data, sizeof (t->packet_data));
1619 /* Common trace function for all ip4-forward next nodes. */
1621 ip4_forward_next_trace (vlib_main_t * vm,
1622 vlib_node_runtime_t * node,
1623 vlib_frame_t * frame,
1624 vlib_rx_or_tx_t which_adj_index)
1627 ip4_main_t * im = &ip4_main;
1629 n_left = frame->n_vectors;
1630 from = vlib_frame_vector_args (frame);
1635 vlib_buffer_t * b0, * b1;
1636 ip4_forward_next_trace_t * t0, * t1;
1638 /* Prefetch next iteration. */
1639 vlib_prefetch_buffer_with_index (vm, from[2], LOAD);
1640 vlib_prefetch_buffer_with_index (vm, from[3], LOAD);
1645 b0 = vlib_get_buffer (vm, bi0);
1646 b1 = vlib_get_buffer (vm, bi1);
1648 if (b0->flags & VLIB_BUFFER_IS_TRACED)
1650 t0 = vlib_add_trace (vm, node, b0, sizeof (t0[0]));
1651 t0->adj_index = vnet_buffer (b0)->ip.adj_index[which_adj_index];
1652 t0->flow_hash = vnet_buffer (b0)->ip.flow_hash;
1653 t0->fib_index = (vnet_buffer(b0)->sw_if_index[VLIB_TX] != (u32)~0) ?
1654 vnet_buffer(b0)->sw_if_index[VLIB_TX] :
1655 vec_elt (im->fib_index_by_sw_if_index,
1656 vnet_buffer(b0)->sw_if_index[VLIB_RX]);
1658 clib_memcpy (t0->packet_data,
1659 vlib_buffer_get_current (b0),
1660 sizeof (t0->packet_data));
1662 if (b1->flags & VLIB_BUFFER_IS_TRACED)
1664 t1 = vlib_add_trace (vm, node, b1, sizeof (t1[0]));
1665 t1->adj_index = vnet_buffer (b1)->ip.adj_index[which_adj_index];
1666 t1->flow_hash = vnet_buffer (b1)->ip.flow_hash;
1667 t1->fib_index = (vnet_buffer(b1)->sw_if_index[VLIB_TX] != (u32)~0) ?
1668 vnet_buffer(b1)->sw_if_index[VLIB_TX] :
1669 vec_elt (im->fib_index_by_sw_if_index,
1670 vnet_buffer(b1)->sw_if_index[VLIB_RX]);
1671 clib_memcpy (t1->packet_data,
1672 vlib_buffer_get_current (b1),
1673 sizeof (t1->packet_data));
1683 ip4_forward_next_trace_t * t0;
1687 b0 = vlib_get_buffer (vm, bi0);
1689 if (b0->flags & VLIB_BUFFER_IS_TRACED)
1691 t0 = vlib_add_trace (vm, node, b0, sizeof (t0[0]));
1692 t0->adj_index = vnet_buffer (b0)->ip.adj_index[which_adj_index];
1693 t0->flow_hash = vnet_buffer (b0)->ip.flow_hash;
1694 t0->fib_index = (vnet_buffer(b0)->sw_if_index[VLIB_TX] != (u32)~0) ?
1695 vnet_buffer(b0)->sw_if_index[VLIB_TX] :
1696 vec_elt (im->fib_index_by_sw_if_index,
1697 vnet_buffer(b0)->sw_if_index[VLIB_RX]);
1698 clib_memcpy (t0->packet_data,
1699 vlib_buffer_get_current (b0),
1700 sizeof (t0->packet_data));
1708 ip4_drop_or_punt (vlib_main_t * vm,
1709 vlib_node_runtime_t * node,
1710 vlib_frame_t * frame,
1711 ip4_error_t error_code)
1713 u32 * buffers = vlib_frame_vector_args (frame);
1714 uword n_packets = frame->n_vectors;
1716 vlib_error_drop_buffers (vm, node,
1721 ip4_input_node.index,
1724 if (node->flags & VLIB_NODE_FLAG_TRACE)
1725 ip4_forward_next_trace (vm, node, frame, VLIB_TX);
1731 ip4_drop (vlib_main_t * vm,
1732 vlib_node_runtime_t * node,
1733 vlib_frame_t * frame)
1734 { return ip4_drop_or_punt (vm, node, frame, IP4_ERROR_ADJACENCY_DROP); }
1737 ip4_punt (vlib_main_t * vm,
1738 vlib_node_runtime_t * node,
1739 vlib_frame_t * frame)
1740 { return ip4_drop_or_punt (vm, node, frame, IP4_ERROR_ADJACENCY_PUNT); }
1743 ip4_miss (vlib_main_t * vm,
1744 vlib_node_runtime_t * node,
1745 vlib_frame_t * frame)
1746 { return ip4_drop_or_punt (vm, node, frame, IP4_ERROR_DST_LOOKUP_MISS); }
1748 VLIB_REGISTER_NODE (ip4_drop_node,static) = {
1749 .function = ip4_drop,
1751 .vector_size = sizeof (u32),
1753 .format_trace = format_ip4_forward_next_trace,
1761 VLIB_NODE_FUNCTION_MULTIARCH (ip4_drop_node, ip4_drop)
1763 VLIB_REGISTER_NODE (ip4_punt_node,static) = {
1764 .function = ip4_punt,
1766 .vector_size = sizeof (u32),
1768 .format_trace = format_ip4_forward_next_trace,
1776 VLIB_NODE_FUNCTION_MULTIARCH (ip4_punt_node, ip4_punt)
1778 VLIB_REGISTER_NODE (ip4_miss_node,static) = {
1779 .function = ip4_miss,
1781 .vector_size = sizeof (u32),
1783 .format_trace = format_ip4_forward_next_trace,
1791 VLIB_NODE_FUNCTION_MULTIARCH (ip4_miss_node, ip4_miss)
1793 /* Compute TCP/UDP/ICMP4 checksum in software. */
1795 ip4_tcp_udp_compute_checksum (vlib_main_t * vm, vlib_buffer_t * p0,
1799 u32 ip_header_length, payload_length_host_byte_order;
1800 u32 n_this_buffer, n_bytes_left;
1802 void * data_this_buffer;
1804 /* Initialize checksum with ip header. */
1805 ip_header_length = ip4_header_bytes (ip0);
1806 payload_length_host_byte_order = clib_net_to_host_u16 (ip0->length) - ip_header_length;
1807 sum0 = clib_host_to_net_u32 (payload_length_host_byte_order + (ip0->protocol << 16));
1809 if (BITS (uword) == 32)
1811 sum0 = ip_csum_with_carry (sum0, clib_mem_unaligned (&ip0->src_address, u32));
1812 sum0 = ip_csum_with_carry (sum0, clib_mem_unaligned (&ip0->dst_address, u32));
1815 sum0 = ip_csum_with_carry (sum0, clib_mem_unaligned (&ip0->src_address, u64));
1817 n_bytes_left = n_this_buffer = payload_length_host_byte_order;
1818 data_this_buffer = (void *) ip0 + ip_header_length;
1819 if (n_this_buffer + ip_header_length > p0->current_length)
1820 n_this_buffer = p0->current_length > ip_header_length ? p0->current_length - ip_header_length : 0;
1823 sum0 = ip_incremental_checksum (sum0, data_this_buffer, n_this_buffer);
1824 n_bytes_left -= n_this_buffer;
1825 if (n_bytes_left == 0)
1828 ASSERT (p0->flags & VLIB_BUFFER_NEXT_PRESENT);
1829 p0 = vlib_get_buffer (vm, p0->next_buffer);
1830 data_this_buffer = vlib_buffer_get_current (p0);
1831 n_this_buffer = p0->current_length;
1834 sum16 = ~ ip_csum_fold (sum0);
1840 ip4_tcp_udp_validate_checksum (vlib_main_t * vm, vlib_buffer_t * p0)
1842 ip4_header_t * ip0 = vlib_buffer_get_current (p0);
1843 udp_header_t * udp0;
1846 ASSERT (ip0->protocol == IP_PROTOCOL_TCP
1847 || ip0->protocol == IP_PROTOCOL_UDP);
1849 udp0 = (void *) (ip0 + 1);
1850 if (ip0->protocol == IP_PROTOCOL_UDP && udp0->checksum == 0)
1852 p0->flags |= (IP_BUFFER_L4_CHECKSUM_COMPUTED
1853 | IP_BUFFER_L4_CHECKSUM_CORRECT);
1857 sum16 = ip4_tcp_udp_compute_checksum (vm, p0, ip0);
1859 p0->flags |= (IP_BUFFER_L4_CHECKSUM_COMPUTED
1860 | ((sum16 == 0) << LOG2_IP_BUFFER_L4_CHECKSUM_CORRECT));
1866 ip4_local (vlib_main_t * vm,
1867 vlib_node_runtime_t * node,
1868 vlib_frame_t * frame)
1870 ip4_main_t * im = &ip4_main;
1871 ip_lookup_main_t * lm = &im->lookup_main;
1872 ip_local_next_t next_index;
1873 u32 * from, * to_next, n_left_from, n_left_to_next;
1874 vlib_node_runtime_t * error_node = vlib_node_get_runtime (vm, ip4_input_node.index);
1876 from = vlib_frame_vector_args (frame);
1877 n_left_from = frame->n_vectors;
1878 next_index = node->cached_next_index;
1880 if (node->flags & VLIB_NODE_FLAG_TRACE)
1881 ip4_forward_next_trace (vm, node, frame, VLIB_TX);
1883 while (n_left_from > 0)
1885 vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
1887 while (n_left_from >= 4 && n_left_to_next >= 2)
1889 vlib_buffer_t * p0, * p1;
1890 ip4_header_t * ip0, * ip1;
1891 udp_header_t * udp0, * udp1;
1892 ip4_fib_mtrie_t * mtrie0, * mtrie1;
1893 ip4_fib_mtrie_leaf_t leaf0, leaf1;
1894 ip_adjacency_t * adj0, * adj1;
1895 u32 pi0, ip_len0, udp_len0, flags0, next0, fib_index0, adj_index0;
1896 u32 pi1, ip_len1, udp_len1, flags1, next1, fib_index1, adj_index1;
1897 i32 len_diff0, len_diff1;
1898 u8 error0, is_udp0, is_tcp_udp0, good_tcp_udp0, proto0;
1899 u8 error1, is_udp1, is_tcp_udp1, good_tcp_udp1, proto1;
1902 pi0 = to_next[0] = from[0];
1903 pi1 = to_next[1] = from[1];
1907 n_left_to_next -= 2;
1909 p0 = vlib_get_buffer (vm, pi0);
1910 p1 = vlib_get_buffer (vm, pi1);
1912 ip0 = vlib_buffer_get_current (p0);
1913 ip1 = vlib_buffer_get_current (p1);
1915 fib_index0 = vec_elt (im->fib_index_by_sw_if_index,
1916 vnet_buffer(p0)->sw_if_index[VLIB_RX]);
1917 fib_index1 = vec_elt (im->fib_index_by_sw_if_index,
1918 vnet_buffer(p1)->sw_if_index[VLIB_RX]);
1920 mtrie0 = &vec_elt_at_index (im->fibs, fib_index0)->mtrie;
1921 mtrie1 = &vec_elt_at_index (im->fibs, fib_index1)->mtrie;
1923 leaf0 = leaf1 = IP4_FIB_MTRIE_LEAF_ROOT;
1925 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, &ip0->src_address, 0);
1926 leaf1 = ip4_fib_mtrie_lookup_step (mtrie1, leaf1, &ip1->src_address, 0);
1928 /* Treat IP frag packets as "experimental" protocol for now
1929 until support of IP frag reassembly is implemented */
1930 proto0 = ip4_is_fragment(ip0) ? 0xfe : ip0->protocol;
1931 proto1 = ip4_is_fragment(ip1) ? 0xfe : ip1->protocol;
1932 is_udp0 = proto0 == IP_PROTOCOL_UDP;
1933 is_udp1 = proto1 == IP_PROTOCOL_UDP;
1934 is_tcp_udp0 = is_udp0 || proto0 == IP_PROTOCOL_TCP;
1935 is_tcp_udp1 = is_udp1 || proto1 == IP_PROTOCOL_TCP;
1940 good_tcp_udp0 = (flags0 & IP_BUFFER_L4_CHECKSUM_CORRECT) != 0;
1941 good_tcp_udp1 = (flags1 & IP_BUFFER_L4_CHECKSUM_CORRECT) != 0;
1943 udp0 = ip4_next_header (ip0);
1944 udp1 = ip4_next_header (ip1);
1946 /* Don't verify UDP checksum for packets with explicit zero checksum. */
1947 good_tcp_udp0 |= is_udp0 && udp0->checksum == 0;
1948 good_tcp_udp1 |= is_udp1 && udp1->checksum == 0;
1950 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, &ip0->src_address, 1);
1951 leaf1 = ip4_fib_mtrie_lookup_step (mtrie1, leaf1, &ip1->src_address, 1);
1953 /* Verify UDP length. */
1954 ip_len0 = clib_net_to_host_u16 (ip0->length);
1955 ip_len1 = clib_net_to_host_u16 (ip1->length);
1956 udp_len0 = clib_net_to_host_u16 (udp0->length);
1957 udp_len1 = clib_net_to_host_u16 (udp1->length);
1959 len_diff0 = ip_len0 - udp_len0;
1960 len_diff1 = ip_len1 - udp_len1;
1962 len_diff0 = is_udp0 ? len_diff0 : 0;
1963 len_diff1 = is_udp1 ? len_diff1 : 0;
1965 if (PREDICT_FALSE (! (is_tcp_udp0 & is_tcp_udp1
1966 & good_tcp_udp0 & good_tcp_udp1)))
1971 && ! (flags0 & IP_BUFFER_L4_CHECKSUM_COMPUTED))
1972 flags0 = ip4_tcp_udp_validate_checksum (vm, p0);
1974 (flags0 & IP_BUFFER_L4_CHECKSUM_CORRECT) != 0;
1975 good_tcp_udp0 |= is_udp0 && udp0->checksum == 0;
1980 && ! (flags1 & IP_BUFFER_L4_CHECKSUM_COMPUTED))
1981 flags1 = ip4_tcp_udp_validate_checksum (vm, p1);
1983 (flags1 & IP_BUFFER_L4_CHECKSUM_CORRECT) != 0;
1984 good_tcp_udp1 |= is_udp1 && udp1->checksum == 0;
1988 good_tcp_udp0 &= len_diff0 >= 0;
1989 good_tcp_udp1 &= len_diff1 >= 0;
1991 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, &ip0->src_address, 2);
1992 leaf1 = ip4_fib_mtrie_lookup_step (mtrie1, leaf1, &ip1->src_address, 2);
1994 error0 = error1 = IP4_ERROR_UNKNOWN_PROTOCOL;
1996 error0 = len_diff0 < 0 ? IP4_ERROR_UDP_LENGTH : error0;
1997 error1 = len_diff1 < 0 ? IP4_ERROR_UDP_LENGTH : error1;
1999 ASSERT (IP4_ERROR_TCP_CHECKSUM + 1 == IP4_ERROR_UDP_CHECKSUM);
2000 error0 = (is_tcp_udp0 && ! good_tcp_udp0
2001 ? IP4_ERROR_TCP_CHECKSUM + is_udp0
2003 error1 = (is_tcp_udp1 && ! good_tcp_udp1
2004 ? IP4_ERROR_TCP_CHECKSUM + is_udp1
2007 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, &ip0->src_address, 3);
2008 leaf1 = ip4_fib_mtrie_lookup_step (mtrie1, leaf1, &ip1->src_address, 3);
2010 vnet_buffer (p0)->ip.adj_index[VLIB_RX] = adj_index0 = ip4_fib_mtrie_leaf_get_adj_index (leaf0);
2011 vnet_buffer (p0)->ip.adj_index[VLIB_TX] = adj_index0;
2013 vnet_buffer (p1)->ip.adj_index[VLIB_RX] = adj_index1 = ip4_fib_mtrie_leaf_get_adj_index (leaf1);
2014 vnet_buffer (p1)->ip.adj_index[VLIB_TX] = adj_index1;
2016 ASSERT (adj_index0 == ip4_fib_lookup_with_table (im, fib_index0,
2018 /* no_default_route */ 1));
2019 ASSERT (adj_index1 == ip4_fib_lookup_with_table (im, fib_index1,
2021 /* no_default_route */ 1));
2023 adj0 = ip_get_adjacency (lm, adj_index0);
2024 adj1 = ip_get_adjacency (lm, adj_index1);
2027 * Must have a route to source otherwise we drop the packet.
2028 * ip4 broadcasts are accepted, e.g. to make dhcp client work
2030 error0 = (error0 == IP4_ERROR_UNKNOWN_PROTOCOL
2031 && adj0->lookup_next_index != IP_LOOKUP_NEXT_REWRITE
2032 && adj0->lookup_next_index != IP_LOOKUP_NEXT_ARP
2033 && adj0->lookup_next_index != IP_LOOKUP_NEXT_LOCAL
2034 && ip0->dst_address.as_u32 != 0xFFFFFFFF
2035 ? IP4_ERROR_SRC_LOOKUP_MISS
2037 error1 = (error1 == IP4_ERROR_UNKNOWN_PROTOCOL
2038 && adj1->lookup_next_index != IP_LOOKUP_NEXT_REWRITE
2039 && adj1->lookup_next_index != IP_LOOKUP_NEXT_ARP
2040 && adj1->lookup_next_index != IP_LOOKUP_NEXT_LOCAL
2041 && ip0->dst_address.as_u32 != 0xFFFFFFFF
2042 ? IP4_ERROR_SRC_LOOKUP_MISS
2045 next0 = lm->local_next_by_ip_protocol[proto0];
2046 next1 = lm->local_next_by_ip_protocol[proto1];
2048 next0 = error0 != IP4_ERROR_UNKNOWN_PROTOCOL ? IP_LOCAL_NEXT_DROP : next0;
2049 next1 = error1 != IP4_ERROR_UNKNOWN_PROTOCOL ? IP_LOCAL_NEXT_DROP : next1;
2051 p0->error = error0 ? error_node->errors[error0] : 0;
2052 p1->error = error1 ? error_node->errors[error1] : 0;
2054 enqueue_code = (next0 != next_index) + 2*(next1 != next_index);
2056 if (PREDICT_FALSE (enqueue_code != 0))
2058 switch (enqueue_code)
2064 n_left_to_next += 1;
2065 vlib_set_next_frame_buffer (vm, node, next0, pi0);
2071 n_left_to_next += 1;
2072 vlib_set_next_frame_buffer (vm, node, next1, pi1);
2076 /* A B B or A B C */
2078 n_left_to_next += 2;
2079 vlib_set_next_frame_buffer (vm, node, next0, pi0);
2080 vlib_set_next_frame_buffer (vm, node, next1, pi1);
2083 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
2085 vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
2092 while (n_left_from > 0 && n_left_to_next > 0)
2096 udp_header_t * udp0;
2097 ip4_fib_mtrie_t * mtrie0;
2098 ip4_fib_mtrie_leaf_t leaf0;
2099 ip_adjacency_t * adj0;
2100 u32 pi0, next0, ip_len0, udp_len0, flags0, fib_index0, adj_index0;
2102 u8 error0, is_udp0, is_tcp_udp0, good_tcp_udp0, proto0;
2104 pi0 = to_next[0] = from[0];
2108 n_left_to_next -= 1;
2110 p0 = vlib_get_buffer (vm, pi0);
2112 ip0 = vlib_buffer_get_current (p0);
2114 fib_index0 = vec_elt (im->fib_index_by_sw_if_index,
2115 vnet_buffer(p0)->sw_if_index[VLIB_RX]);
2117 mtrie0 = &vec_elt_at_index (im->fibs, fib_index0)->mtrie;
2119 leaf0 = IP4_FIB_MTRIE_LEAF_ROOT;
2121 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, &ip0->src_address, 0);
2123 /* Treat IP frag packets as "experimental" protocol for now
2124 until support of IP frag reassembly is implemented */
2125 proto0 = ip4_is_fragment(ip0) ? 0xfe : ip0->protocol;
2126 is_udp0 = proto0 == IP_PROTOCOL_UDP;
2127 is_tcp_udp0 = is_udp0 || proto0 == IP_PROTOCOL_TCP;
2131 good_tcp_udp0 = (flags0 & IP_BUFFER_L4_CHECKSUM_CORRECT) != 0;
2133 udp0 = ip4_next_header (ip0);
2135 /* Don't verify UDP checksum for packets with explicit zero checksum. */
2136 good_tcp_udp0 |= is_udp0 && udp0->checksum == 0;
2138 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, &ip0->src_address, 1);
2140 /* Verify UDP length. */
2141 ip_len0 = clib_net_to_host_u16 (ip0->length);
2142 udp_len0 = clib_net_to_host_u16 (udp0->length);
2144 len_diff0 = ip_len0 - udp_len0;
2146 len_diff0 = is_udp0 ? len_diff0 : 0;
2148 if (PREDICT_FALSE (! (is_tcp_udp0 & good_tcp_udp0)))
2153 && ! (flags0 & IP_BUFFER_L4_CHECKSUM_COMPUTED))
2154 flags0 = ip4_tcp_udp_validate_checksum (vm, p0);
2156 (flags0 & IP_BUFFER_L4_CHECKSUM_CORRECT) != 0;
2157 good_tcp_udp0 |= is_udp0 && udp0->checksum == 0;
2161 good_tcp_udp0 &= len_diff0 >= 0;
2163 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, &ip0->src_address, 2);
2165 error0 = IP4_ERROR_UNKNOWN_PROTOCOL;
2167 error0 = len_diff0 < 0 ? IP4_ERROR_UDP_LENGTH : error0;
2169 ASSERT (IP4_ERROR_TCP_CHECKSUM + 1 == IP4_ERROR_UDP_CHECKSUM);
2170 error0 = (is_tcp_udp0 && ! good_tcp_udp0
2171 ? IP4_ERROR_TCP_CHECKSUM + is_udp0
2174 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, &ip0->src_address, 3);
2176 vnet_buffer (p0)->ip.adj_index[VLIB_RX] = adj_index0 = ip4_fib_mtrie_leaf_get_adj_index (leaf0);
2177 vnet_buffer (p0)->ip.adj_index[VLIB_TX] = adj_index0;
2179 ASSERT (adj_index0 == ip4_fib_lookup_with_table (im, fib_index0,
2181 /* no_default_route */ 1));
2183 adj0 = ip_get_adjacency (lm, adj_index0);
2185 /* Must have a route to source otherwise we drop the packet. */
2186 error0 = (error0 == IP4_ERROR_UNKNOWN_PROTOCOL
2187 && adj0->lookup_next_index != IP_LOOKUP_NEXT_REWRITE
2188 && adj0->lookup_next_index != IP_LOOKUP_NEXT_ARP
2189 && adj0->lookup_next_index != IP_LOOKUP_NEXT_LOCAL
2190 && ip0->dst_address.as_u32 != 0xFFFFFFFF
2191 ? IP4_ERROR_SRC_LOOKUP_MISS
2194 next0 = lm->local_next_by_ip_protocol[proto0];
2196 next0 = error0 != IP4_ERROR_UNKNOWN_PROTOCOL ? IP_LOCAL_NEXT_DROP : next0;
2198 p0->error = error0? error_node->errors[error0] : 0;
2200 if (PREDICT_FALSE (next0 != next_index))
2202 n_left_to_next += 1;
2203 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
2206 vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
2209 n_left_to_next -= 1;
2213 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
2216 return frame->n_vectors;
2219 VLIB_REGISTER_NODE (ip4_local_node,static) = {
2220 .function = ip4_local,
2221 .name = "ip4-local",
2222 .vector_size = sizeof (u32),
2224 .format_trace = format_ip4_forward_next_trace,
2226 .n_next_nodes = IP_LOCAL_N_NEXT,
2228 [IP_LOCAL_NEXT_DROP] = "error-drop",
2229 [IP_LOCAL_NEXT_PUNT] = "error-punt",
2230 [IP_LOCAL_NEXT_UDP_LOOKUP] = "ip4-udp-lookup",
2231 [IP_LOCAL_NEXT_ICMP] = "ip4-icmp-input",
2235 VLIB_NODE_FUNCTION_MULTIARCH (ip4_local_node, ip4_local)
2237 void ip4_register_protocol (u32 protocol, u32 node_index)
2239 vlib_main_t * vm = vlib_get_main();
2240 ip4_main_t * im = &ip4_main;
2241 ip_lookup_main_t * lm = &im->lookup_main;
2243 ASSERT (protocol < ARRAY_LEN (lm->local_next_by_ip_protocol));
2244 lm->local_next_by_ip_protocol[protocol] = vlib_node_add_next (vm, ip4_local_node.index, node_index);
2247 static clib_error_t *
2248 show_ip_local_command_fn (vlib_main_t * vm,
2249 unformat_input_t * input,
2250 vlib_cli_command_t * cmd)
2252 ip4_main_t * im = &ip4_main;
2253 ip_lookup_main_t * lm = &im->lookup_main;
2256 vlib_cli_output (vm, "Protocols handled by ip4_local");
2257 for (i = 0; i < ARRAY_LEN(lm->local_next_by_ip_protocol); i++)
2259 if (lm->local_next_by_ip_protocol[i] != IP_LOCAL_NEXT_PUNT)
2260 vlib_cli_output (vm, "%d", i);
2267 VLIB_CLI_COMMAND (show_ip_local, static) = {
2268 .path = "show ip local",
2269 .function = show_ip_local_command_fn,
2270 .short_help = "Show ip local protocol table",
2274 ip4_arp (vlib_main_t * vm,
2275 vlib_node_runtime_t * node,
2276 vlib_frame_t * frame)
2278 vnet_main_t * vnm = vnet_get_main();
2279 ip4_main_t * im = &ip4_main;
2280 ip_lookup_main_t * lm = &im->lookup_main;
2281 u32 * from, * to_next_drop;
2282 uword n_left_from, n_left_to_next_drop, next_index;
2283 static f64 time_last_seed_change = -1e100;
2284 static u32 hash_seeds[3];
2285 static uword hash_bitmap[256 / BITS (uword)];
2288 if (node->flags & VLIB_NODE_FLAG_TRACE)
2289 ip4_forward_next_trace (vm, node, frame, VLIB_TX);
2291 time_now = vlib_time_now (vm);
2292 if (time_now - time_last_seed_change > 1e-3)
2295 u32 * r = clib_random_buffer_get_data (&vm->random_buffer,
2296 sizeof (hash_seeds));
2297 for (i = 0; i < ARRAY_LEN (hash_seeds); i++)
2298 hash_seeds[i] = r[i];
2300 /* Mark all hash keys as been no-seen before. */
2301 for (i = 0; i < ARRAY_LEN (hash_bitmap); i++)
2304 time_last_seed_change = time_now;
2307 from = vlib_frame_vector_args (frame);
2308 n_left_from = frame->n_vectors;
2309 next_index = node->cached_next_index;
2310 if (next_index == IP4_ARP_NEXT_DROP)
2311 next_index = IP4_ARP_N_NEXT; /* point to first interface */
2313 while (n_left_from > 0)
2315 vlib_get_next_frame (vm, node, IP4_ARP_NEXT_DROP,
2316 to_next_drop, n_left_to_next_drop);
2318 while (n_left_from > 0 && n_left_to_next_drop > 0)
2322 ethernet_header_t * eh0;
2323 u32 pi0, adj_index0, a0, b0, c0, m0, sw_if_index0, drop0;
2325 ip_adjacency_t * adj0;
2329 p0 = vlib_get_buffer (vm, pi0);
2331 adj_index0 = vnet_buffer (p0)->ip.adj_index[VLIB_TX];
2332 adj0 = ip_get_adjacency (lm, adj_index0);
2333 ip0 = vlib_buffer_get_current (p0);
2335 /* If packet destination is not local, send ARP to next hop */
2336 if (adj0->arp.next_hop.ip4.as_u32)
2337 ip0->dst_address.data_u32 = adj0->arp.next_hop.ip4.as_u32;
2340 * if ip4_rewrite_local applied the IP_LOOKUP_NEXT_ARP
2341 * rewrite to this packet, we need to skip it here.
2342 * Note, to distinguish from src IP addr *.8.6.*, we
2343 * check for a bcast eth dest instead of IPv4 version.
2345 eh0 = (ethernet_header_t*)ip0;
2346 if ((ip0->ip_version_and_header_length & 0xF0) != 0x40)
2349 u16 * etype = &eh0->type;
2350 while ((*etype == clib_host_to_net_u16 (0x8100)) //dot1q
2351 || (*etype == clib_host_to_net_u16 (0x88a8)))//dot1ad
2354 etype += 2; //vlan tag also 16 bits, same as etype
2356 if (*etype == clib_host_to_net_u16 (0x0806)) //arp
2358 vlib_buffer_advance (
2359 p0, sizeof(ethernet_header_t) + (4*vlan_num));
2360 ip0 = vlib_buffer_get_current (p0);
2368 sw_if_index0 = adj0->rewrite_header.sw_if_index;
2369 vnet_buffer (p0)->sw_if_index[VLIB_TX] = sw_if_index0;
2371 a0 ^= ip0->dst_address.data_u32;
2374 hash_v3_finalize32 (a0, b0, c0);
2376 c0 &= BITS (hash_bitmap) - 1;
2377 c0 = c0 / BITS (uword);
2378 m0 = (uword) 1 << (c0 % BITS (uword));
2380 bm0 = hash_bitmap[c0];
2381 drop0 = (bm0 & m0) != 0;
2383 /* Mark it as seen. */
2384 hash_bitmap[c0] = bm0 | m0;
2388 to_next_drop[0] = pi0;
2390 n_left_to_next_drop -= 1;
2392 p0->error = node->errors[drop0 ? IP4_ARP_ERROR_DROP : IP4_ARP_ERROR_REQUEST_SENT];
2398 * Can happen if the control-plane is programming tables
2399 * with traffic flowing; at least that's today's lame excuse.
2401 if (adj0->lookup_next_index != IP_LOOKUP_NEXT_ARP)
2403 p0->error = node->errors[IP4_ARP_ERROR_NON_ARP_ADJ];
2406 /* Send ARP request. */
2410 ethernet_arp_header_t * h0;
2411 vnet_hw_interface_t * hw_if0;
2413 h0 = vlib_packet_template_get_packet (vm, &im->ip4_arp_request_packet_template, &bi0);
2415 /* Add rewrite/encap string for ARP packet. */
2416 vnet_rewrite_one_header (adj0[0], h0, sizeof (ethernet_header_t));
2418 hw_if0 = vnet_get_sup_hw_interface (vnm, sw_if_index0);
2420 /* Src ethernet address in ARP header. */
2421 clib_memcpy (h0->ip4_over_ethernet[0].ethernet, hw_if0->hw_address,
2422 sizeof (h0->ip4_over_ethernet[0].ethernet));
2424 if (ip4_src_address_for_packet (im, p0, &h0->ip4_over_ethernet[0].ip4, sw_if_index0)) {
2425 //No source address available
2426 p0->error = node->errors[IP4_ARP_ERROR_NO_SOURCE_ADDRESS];
2427 vlib_buffer_free(vm, &bi0, 1);
2431 /* Copy in destination address we are requesting. */
2432 h0->ip4_over_ethernet[1].ip4.data_u32 = ip0->dst_address.data_u32;
2434 vlib_buffer_copy_trace_flag (vm, p0, bi0);
2435 b0 = vlib_get_buffer (vm, bi0);
2436 vnet_buffer (b0)->sw_if_index[VLIB_TX] = sw_if_index0;
2438 vlib_buffer_advance (b0, -adj0->rewrite_header.data_bytes);
2440 vlib_set_next_frame_buffer (vm, node, adj0->rewrite_header.next_index, bi0);
2444 vlib_put_next_frame (vm, node, IP4_ARP_NEXT_DROP, n_left_to_next_drop);
2447 return frame->n_vectors;
2450 static char * ip4_arp_error_strings[] = {
2451 [IP4_ARP_ERROR_DROP] = "address overflow drops",
2452 [IP4_ARP_ERROR_REQUEST_SENT] = "ARP requests sent",
2453 [IP4_ARP_ERROR_NON_ARP_ADJ] = "ARPs to non-ARP adjacencies",
2454 [IP4_ARP_ERROR_REPLICATE_DROP] = "ARP replication completed",
2455 [IP4_ARP_ERROR_REPLICATE_FAIL] = "ARP replication failed",
2456 [IP4_ARP_ERROR_NO_SOURCE_ADDRESS] = "no source address for ARP request",
2459 VLIB_REGISTER_NODE (ip4_arp_node) = {
2460 .function = ip4_arp,
2462 .vector_size = sizeof (u32),
2464 .format_trace = format_ip4_forward_next_trace,
2466 .n_errors = ARRAY_LEN (ip4_arp_error_strings),
2467 .error_strings = ip4_arp_error_strings,
2469 .n_next_nodes = IP4_ARP_N_NEXT,
2471 [IP4_ARP_NEXT_DROP] = "error-drop",
2475 #define foreach_notrace_ip4_arp_error \
2481 clib_error_t * arp_notrace_init (vlib_main_t * vm)
2483 vlib_node_runtime_t *rt =
2484 vlib_node_get_runtime (vm, ip4_arp_node.index);
2486 /* don't trace ARP request packets */
2488 vnet_pcap_drop_trace_filter_add_del \
2489 (rt->errors[IP4_ARP_ERROR_##a], \
2491 foreach_notrace_ip4_arp_error;
2496 VLIB_INIT_FUNCTION(arp_notrace_init);
2499 /* Send an ARP request to see if given destination is reachable on given interface. */
2501 ip4_probe_neighbor (vlib_main_t * vm, ip4_address_t * dst, u32 sw_if_index)
2503 vnet_main_t * vnm = vnet_get_main();
2504 ip4_main_t * im = &ip4_main;
2505 ethernet_arp_header_t * h;
2506 ip4_address_t * src;
2507 ip_interface_address_t * ia;
2508 ip_adjacency_t * adj;
2509 vnet_hw_interface_t * hi;
2510 vnet_sw_interface_t * si;
2514 si = vnet_get_sw_interface (vnm, sw_if_index);
2516 if (!(si->flags & VNET_SW_INTERFACE_FLAG_ADMIN_UP))
2518 return clib_error_return (0, "%U: interface %U down",
2519 format_ip4_address, dst,
2520 format_vnet_sw_if_index_name, vnm,
2524 src = ip4_interface_address_matching_destination (im, dst, sw_if_index, &ia);
2527 vnm->api_errno = VNET_API_ERROR_NO_MATCHING_INTERFACE;
2528 return clib_error_return
2529 (0, "no matching interface address for destination %U (interface %U)",
2530 format_ip4_address, dst,
2531 format_vnet_sw_if_index_name, vnm, sw_if_index);
2534 adj = ip_get_adjacency (&im->lookup_main, ia->neighbor_probe_adj_index);
2536 h = vlib_packet_template_get_packet (vm, &im->ip4_arp_request_packet_template, &bi);
2538 hi = vnet_get_sup_hw_interface (vnm, sw_if_index);
2540 clib_memcpy (h->ip4_over_ethernet[0].ethernet, hi->hw_address, sizeof (h->ip4_over_ethernet[0].ethernet));
2542 h->ip4_over_ethernet[0].ip4 = src[0];
2543 h->ip4_over_ethernet[1].ip4 = dst[0];
2545 b = vlib_get_buffer (vm, bi);
2546 vnet_buffer (b)->sw_if_index[VLIB_RX] = vnet_buffer (b)->sw_if_index[VLIB_TX] = sw_if_index;
2548 /* Add encapsulation string for software interface (e.g. ethernet header). */
2549 vnet_rewrite_one_header (adj[0], h, sizeof (ethernet_header_t));
2550 vlib_buffer_advance (b, -adj->rewrite_header.data_bytes);
2553 vlib_frame_t * f = vlib_get_frame_to_node (vm, hi->output_node_index);
2554 u32 * to_next = vlib_frame_vector_args (f);
2557 vlib_put_frame_to_node (vm, hi->output_node_index, f);
2560 return /* no error */ 0;
2564 IP4_REWRITE_NEXT_DROP,
2565 IP4_REWRITE_NEXT_ARP,
2566 IP4_REWRITE_NEXT_ICMP_ERROR,
2567 } ip4_rewrite_next_t;
2570 ip4_rewrite_inline (vlib_main_t * vm,
2571 vlib_node_runtime_t * node,
2572 vlib_frame_t * frame,
2573 int rewrite_for_locally_received_packets)
2575 ip_lookup_main_t * lm = &ip4_main.lookup_main;
2576 u32 * from = vlib_frame_vector_args (frame);
2577 u32 n_left_from, n_left_to_next, * to_next, next_index;
2578 vlib_node_runtime_t * error_node = vlib_node_get_runtime (vm, ip4_input_node.index);
2579 vlib_rx_or_tx_t adj_rx_tx = rewrite_for_locally_received_packets ? VLIB_RX : VLIB_TX;
2581 n_left_from = frame->n_vectors;
2582 next_index = node->cached_next_index;
2583 u32 cpu_index = os_get_cpu_number();
2585 while (n_left_from > 0)
2587 vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
2589 while (n_left_from >= 4 && n_left_to_next >= 2)
2591 ip_adjacency_t * adj0, * adj1;
2592 vlib_buffer_t * p0, * p1;
2593 ip4_header_t * ip0, * ip1;
2594 u32 pi0, rw_len0, next0, error0, checksum0, adj_index0;
2595 u32 pi1, rw_len1, next1, error1, checksum1, adj_index1;
2596 u32 next0_override, next1_override;
2598 if (rewrite_for_locally_received_packets)
2599 next0_override = next1_override = 0;
2601 /* Prefetch next iteration. */
2603 vlib_buffer_t * p2, * p3;
2605 p2 = vlib_get_buffer (vm, from[2]);
2606 p3 = vlib_get_buffer (vm, from[3]);
2608 vlib_prefetch_buffer_header (p2, STORE);
2609 vlib_prefetch_buffer_header (p3, STORE);
2611 CLIB_PREFETCH (p2->data, sizeof (ip0[0]), STORE);
2612 CLIB_PREFETCH (p3->data, sizeof (ip0[0]), STORE);
2615 pi0 = to_next[0] = from[0];
2616 pi1 = to_next[1] = from[1];
2621 n_left_to_next -= 2;
2623 p0 = vlib_get_buffer (vm, pi0);
2624 p1 = vlib_get_buffer (vm, pi1);
2626 adj_index0 = vnet_buffer (p0)->ip.adj_index[adj_rx_tx];
2627 adj_index1 = vnet_buffer (p1)->ip.adj_index[adj_rx_tx];
2629 /* We should never rewrite a pkt using the MISS adjacency */
2630 ASSERT(adj_index0 && adj_index1);
2632 ip0 = vlib_buffer_get_current (p0);
2633 ip1 = vlib_buffer_get_current (p1);
2635 error0 = error1 = IP4_ERROR_NONE;
2636 next0 = next1 = IP4_REWRITE_NEXT_DROP;
2638 /* Decrement TTL & update checksum.
2639 Works either endian, so no need for byte swap. */
2640 if (! rewrite_for_locally_received_packets)
2642 i32 ttl0 = ip0->ttl, ttl1 = ip1->ttl;
2644 /* Input node should have reject packets with ttl 0. */
2645 ASSERT (ip0->ttl > 0);
2646 ASSERT (ip1->ttl > 0);
2648 checksum0 = ip0->checksum + clib_host_to_net_u16 (0x0100);
2649 checksum1 = ip1->checksum + clib_host_to_net_u16 (0x0100);
2651 checksum0 += checksum0 >= 0xffff;
2652 checksum1 += checksum1 >= 0xffff;
2654 ip0->checksum = checksum0;
2655 ip1->checksum = checksum1;
2664 * If the ttl drops below 1 when forwarding, generate
2667 if (PREDICT_FALSE(ttl0 <= 0))
2669 error0 = IP4_ERROR_TIME_EXPIRED;
2670 vnet_buffer (p0)->sw_if_index[VLIB_TX] = (u32)~0;
2671 icmp4_error_set_vnet_buffer(p0, ICMP4_time_exceeded,
2672 ICMP4_time_exceeded_ttl_exceeded_in_transit, 0);
2673 next0 = IP4_REWRITE_NEXT_ICMP_ERROR;
2675 if (PREDICT_FALSE(ttl1 <= 0))
2677 error1 = IP4_ERROR_TIME_EXPIRED;
2678 vnet_buffer (p1)->sw_if_index[VLIB_TX] = (u32)~0;
2679 icmp4_error_set_vnet_buffer(p1, ICMP4_time_exceeded,
2680 ICMP4_time_exceeded_ttl_exceeded_in_transit, 0);
2681 next1 = IP4_REWRITE_NEXT_ICMP_ERROR;
2684 /* Verify checksum. */
2685 ASSERT (ip0->checksum == ip4_header_checksum (ip0));
2686 ASSERT (ip1->checksum == ip4_header_checksum (ip1));
2689 /* Rewrite packet header and updates lengths. */
2690 adj0 = ip_get_adjacency (lm, adj_index0);
2691 adj1 = ip_get_adjacency (lm, adj_index1);
2693 if (rewrite_for_locally_received_packets)
2696 * If someone sends e.g. an icmp4 w/ src = dst = interface addr,
2697 * we end up here with a local adjacency in hand
2698 * The local adj rewrite data is 0xfefe on purpose.
2699 * Bad engineer, no donut for you.
2701 if (PREDICT_FALSE(adj0->lookup_next_index
2702 == IP_LOOKUP_NEXT_LOCAL))
2703 error0 = IP4_ERROR_SPOOFED_LOCAL_PACKETS;
2704 if (PREDICT_FALSE(adj0->lookup_next_index
2705 == IP_LOOKUP_NEXT_ARP))
2706 next0_override = IP4_REWRITE_NEXT_ARP;
2707 if (PREDICT_FALSE(adj1->lookup_next_index
2708 == IP_LOOKUP_NEXT_LOCAL))
2709 error1 = IP4_ERROR_SPOOFED_LOCAL_PACKETS;
2710 if (PREDICT_FALSE(adj1->lookup_next_index
2711 == IP_LOOKUP_NEXT_ARP))
2712 next1_override = IP4_REWRITE_NEXT_ARP;
2715 /* Worth pipelining. No guarantee that adj0,1 are hot... */
2716 rw_len0 = adj0[0].rewrite_header.data_bytes;
2717 rw_len1 = adj1[0].rewrite_header.data_bytes;
2719 /* Check MTU of outgoing interface. */
2720 error0 = (vlib_buffer_length_in_chain (vm, p0) > adj0[0].rewrite_header.max_l3_packet_bytes
2721 ? IP4_ERROR_MTU_EXCEEDED
2723 error1 = (vlib_buffer_length_in_chain (vm, p1) > adj1[0].rewrite_header.max_l3_packet_bytes
2724 ? IP4_ERROR_MTU_EXCEEDED
2727 next0 = (error0 == IP4_ERROR_NONE)
2728 ? adj0[0].rewrite_header.next_index : next0;
2730 if (rewrite_for_locally_received_packets)
2731 next0 = next0 && next0_override ? next0_override : next0;
2733 next1 = (error1 == IP4_ERROR_NONE)
2734 ? adj1[0].rewrite_header.next_index : next1;
2736 if (rewrite_for_locally_received_packets)
2737 next1 = next1 && next1_override ? next1_override : next1;
2740 * We've already accounted for an ethernet_header_t elsewhere
2742 if (PREDICT_FALSE (rw_len0 > sizeof(ethernet_header_t)))
2743 vlib_increment_combined_counter
2744 (&lm->adjacency_counters,
2745 cpu_index, adj_index0,
2746 /* packet increment */ 0,
2747 /* byte increment */ rw_len0-sizeof(ethernet_header_t));
2749 if (PREDICT_FALSE (rw_len1 > sizeof(ethernet_header_t)))
2750 vlib_increment_combined_counter
2751 (&lm->adjacency_counters,
2752 cpu_index, adj_index1,
2753 /* packet increment */ 0,
2754 /* byte increment */ rw_len1-sizeof(ethernet_header_t));
2756 /* Don't adjust the buffer for ttl issue; icmp-error node wants
2757 * to see the IP headerr */
2758 if (PREDICT_TRUE(error0 == IP4_ERROR_NONE))
2760 p0->current_data -= rw_len0;
2761 p0->current_length += rw_len0;
2762 p0->error = error_node->errors[error0];
2763 vnet_buffer (p0)->sw_if_index[VLIB_TX] =
2764 adj0[0].rewrite_header.sw_if_index;
2766 if (PREDICT_TRUE(error1 == IP4_ERROR_NONE))
2768 p1->current_data -= rw_len1;
2769 p1->current_length += rw_len1;
2770 p1->error = error_node->errors[error1];
2771 vnet_buffer (p1)->sw_if_index[VLIB_TX] =
2772 adj1[0].rewrite_header.sw_if_index;
2775 /* Guess we are only writing on simple Ethernet header. */
2776 vnet_rewrite_two_headers (adj0[0], adj1[0],
2778 sizeof (ethernet_header_t));
2780 vlib_validate_buffer_enqueue_x2 (vm, node, next_index,
2781 to_next, n_left_to_next,
2782 pi0, pi1, next0, next1);
2785 while (n_left_from > 0 && n_left_to_next > 0)
2787 ip_adjacency_t * adj0;
2790 u32 pi0, rw_len0, adj_index0, next0, error0, checksum0;
2793 if (rewrite_for_locally_received_packets)
2796 pi0 = to_next[0] = from[0];
2798 p0 = vlib_get_buffer (vm, pi0);
2800 adj_index0 = vnet_buffer (p0)->ip.adj_index[adj_rx_tx];
2802 /* We should never rewrite a pkt using the MISS adjacency */
2805 adj0 = ip_get_adjacency (lm, adj_index0);
2807 ip0 = vlib_buffer_get_current (p0);
2809 error0 = IP4_ERROR_NONE;
2810 next0 = IP4_REWRITE_NEXT_DROP; /* drop on error */
2812 /* Decrement TTL & update checksum. */
2813 if (! rewrite_for_locally_received_packets)
2815 i32 ttl0 = ip0->ttl;
2817 checksum0 = ip0->checksum + clib_host_to_net_u16 (0x0100);
2819 checksum0 += checksum0 >= 0xffff;
2821 ip0->checksum = checksum0;
2823 ASSERT (ip0->ttl > 0);
2829 ASSERT (ip0->checksum == ip4_header_checksum (ip0));
2831 if (PREDICT_FALSE(ttl0 <= 0))
2834 * If the ttl drops below 1 when forwarding, generate
2837 error0 = IP4_ERROR_TIME_EXPIRED;
2838 next0 = IP4_REWRITE_NEXT_ICMP_ERROR;
2839 vnet_buffer (p0)->sw_if_index[VLIB_TX] = (u32)~0;
2840 icmp4_error_set_vnet_buffer(p0, ICMP4_time_exceeded,
2841 ICMP4_time_exceeded_ttl_exceeded_in_transit, 0);
2845 if (rewrite_for_locally_received_packets)
2848 * If someone sends e.g. an icmp4 w/ src = dst = interface addr,
2849 * we end up here with a local adjacency in hand
2850 * The local adj rewrite data is 0xfefe on purpose.
2851 * Bad engineer, no donut for you.
2853 if (PREDICT_FALSE(adj0->lookup_next_index
2854 == IP_LOOKUP_NEXT_LOCAL))
2855 error0 = IP4_ERROR_SPOOFED_LOCAL_PACKETS;
2857 * We have to override the next_index in ARP adjacencies,
2858 * because they're set up for ip4-arp, not this node...
2860 if (PREDICT_FALSE(adj0->lookup_next_index
2861 == IP_LOOKUP_NEXT_ARP))
2862 next0_override = IP4_REWRITE_NEXT_ARP;
2865 /* Guess we are only writing on simple Ethernet header. */
2866 vnet_rewrite_one_header (adj0[0], ip0,
2867 sizeof (ethernet_header_t));
2869 /* Update packet buffer attributes/set output interface. */
2870 rw_len0 = adj0[0].rewrite_header.data_bytes;
2872 if (PREDICT_FALSE (rw_len0 > sizeof(ethernet_header_t)))
2873 vlib_increment_combined_counter
2874 (&lm->adjacency_counters,
2875 cpu_index, adj_index0,
2876 /* packet increment */ 0,
2877 /* byte increment */ rw_len0-sizeof(ethernet_header_t));
2879 /* Check MTU of outgoing interface. */
2880 error0 = (vlib_buffer_length_in_chain (vm, p0)
2881 > adj0[0].rewrite_header.max_l3_packet_bytes
2882 ? IP4_ERROR_MTU_EXCEEDED
2885 p0->error = error_node->errors[error0];
2887 /* Don't adjust the buffer for ttl issue; icmp-error node wants
2888 * to see the IP headerr */
2889 if (PREDICT_TRUE(error0 == IP4_ERROR_NONE))
2891 p0->current_data -= rw_len0;
2892 p0->current_length += rw_len0;
2894 vnet_buffer (p0)->sw_if_index[VLIB_TX] =
2895 adj0[0].rewrite_header.sw_if_index;
2896 next0 = adj0[0].rewrite_header.next_index;
2899 if (rewrite_for_locally_received_packets)
2900 next0 = next0 && next0_override ? next0_override : next0;
2905 n_left_to_next -= 1;
2907 vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
2908 to_next, n_left_to_next,
2912 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
2915 /* Need to do trace after rewrites to pick up new packet data. */
2916 if (node->flags & VLIB_NODE_FLAG_TRACE)
2917 ip4_forward_next_trace (vm, node, frame, adj_rx_tx);
2919 return frame->n_vectors;
2923 ip4_rewrite_transit (vlib_main_t * vm,
2924 vlib_node_runtime_t * node,
2925 vlib_frame_t * frame)
2927 return ip4_rewrite_inline (vm, node, frame,
2928 /* rewrite_for_locally_received_packets */ 0);
2932 ip4_rewrite_local (vlib_main_t * vm,
2933 vlib_node_runtime_t * node,
2934 vlib_frame_t * frame)
2936 return ip4_rewrite_inline (vm, node, frame,
2937 /* rewrite_for_locally_received_packets */ 1);
2940 VLIB_REGISTER_NODE (ip4_rewrite_node) = {
2941 .function = ip4_rewrite_transit,
2942 .name = "ip4-rewrite-transit",
2943 .vector_size = sizeof (u32),
2945 .format_trace = format_ip4_rewrite_trace,
2949 [IP4_REWRITE_NEXT_DROP] = "error-drop",
2950 [IP4_REWRITE_NEXT_ARP] = "ip4-arp",
2951 [IP4_REWRITE_NEXT_ICMP_ERROR] = "ip4-icmp-error",
2955 VLIB_NODE_FUNCTION_MULTIARCH (ip4_rewrite_node, ip4_rewrite_transit)
2957 VLIB_REGISTER_NODE (ip4_rewrite_local_node) = {
2958 .function = ip4_rewrite_local,
2959 .name = "ip4-rewrite-local",
2960 .vector_size = sizeof (u32),
2962 .sibling_of = "ip4-rewrite-transit",
2964 .format_trace = format_ip4_rewrite_trace,
2969 VLIB_NODE_FUNCTION_MULTIARCH (ip4_rewrite_local_node, ip4_rewrite_local)
2971 static clib_error_t *
2972 add_del_interface_table (vlib_main_t * vm,
2973 unformat_input_t * input,
2974 vlib_cli_command_t * cmd)
2976 vnet_main_t * vnm = vnet_get_main();
2977 clib_error_t * error = 0;
2978 u32 sw_if_index, table_id;
2982 if (! unformat_user (input, unformat_vnet_sw_interface, vnm, &sw_if_index))
2984 error = clib_error_return (0, "unknown interface `%U'",
2985 format_unformat_error, input);
2989 if (unformat (input, "%d", &table_id))
2993 error = clib_error_return (0, "expected table id `%U'",
2994 format_unformat_error, input);
2999 ip4_main_t * im = &ip4_main;
3000 ip4_fib_t * fib = find_ip4_fib_by_table_index_or_id (im, table_id, IP4_ROUTE_FLAG_TABLE_ID);
3004 vec_validate (im->fib_index_by_sw_if_index, sw_if_index);
3005 im->fib_index_by_sw_if_index[sw_if_index] = fib->index;
3013 VLIB_CLI_COMMAND (set_interface_ip_table_command, static) = {
3014 .path = "set interface ip table",
3015 .function = add_del_interface_table,
3016 .short_help = "Add/delete FIB table id for interface",
3021 ip4_lookup_multicast (vlib_main_t * vm,
3022 vlib_node_runtime_t * node,
3023 vlib_frame_t * frame)
3025 ip4_main_t * im = &ip4_main;
3026 ip_lookup_main_t * lm = &im->lookup_main;
3027 vlib_combined_counter_main_t * cm = &im->lookup_main.adjacency_counters;
3028 u32 n_left_from, n_left_to_next, * from, * to_next;
3029 ip_lookup_next_t next;
3030 u32 cpu_index = os_get_cpu_number();
3032 from = vlib_frame_vector_args (frame);
3033 n_left_from = frame->n_vectors;
3034 next = node->cached_next_index;
3036 while (n_left_from > 0)
3038 vlib_get_next_frame (vm, node, next,
3039 to_next, n_left_to_next);
3041 while (n_left_from >= 4 && n_left_to_next >= 2)
3043 vlib_buffer_t * p0, * p1;
3044 u32 pi0, pi1, adj_index0, adj_index1, wrong_next;
3045 ip_lookup_next_t next0, next1;
3046 ip4_header_t * ip0, * ip1;
3047 ip_adjacency_t * adj0, * adj1;
3048 u32 fib_index0, fib_index1;
3049 u32 flow_hash_config0, flow_hash_config1;
3051 /* Prefetch next iteration. */
3053 vlib_buffer_t * p2, * p3;
3055 p2 = vlib_get_buffer (vm, from[2]);
3056 p3 = vlib_get_buffer (vm, from[3]);
3058 vlib_prefetch_buffer_header (p2, LOAD);
3059 vlib_prefetch_buffer_header (p3, LOAD);
3061 CLIB_PREFETCH (p2->data, sizeof (ip0[0]), LOAD);
3062 CLIB_PREFETCH (p3->data, sizeof (ip0[0]), LOAD);
3065 pi0 = to_next[0] = from[0];
3066 pi1 = to_next[1] = from[1];
3068 p0 = vlib_get_buffer (vm, pi0);
3069 p1 = vlib_get_buffer (vm, pi1);
3071 ip0 = vlib_buffer_get_current (p0);
3072 ip1 = vlib_buffer_get_current (p1);
3074 fib_index0 = vec_elt (im->fib_index_by_sw_if_index, vnet_buffer (p0)->sw_if_index[VLIB_RX]);
3075 fib_index1 = vec_elt (im->fib_index_by_sw_if_index, vnet_buffer (p1)->sw_if_index[VLIB_RX]);
3076 fib_index0 = (vnet_buffer(p0)->sw_if_index[VLIB_TX] == (u32)~0) ?
3077 fib_index0 : vnet_buffer(p0)->sw_if_index[VLIB_TX];
3078 fib_index1 = (vnet_buffer(p1)->sw_if_index[VLIB_TX] == (u32)~0) ?
3079 fib_index1 : vnet_buffer(p1)->sw_if_index[VLIB_TX];
3081 adj_index0 = ip4_fib_lookup_buffer (im, fib_index0,
3082 &ip0->dst_address, p0);
3083 adj_index1 = ip4_fib_lookup_buffer (im, fib_index1,
3084 &ip1->dst_address, p1);
3086 adj0 = ip_get_adjacency (lm, adj_index0);
3087 adj1 = ip_get_adjacency (lm, adj_index1);
3089 next0 = adj0->lookup_next_index;
3090 next1 = adj1->lookup_next_index;
3093 vec_elt_at_index (im->fibs, fib_index0)->flow_hash_config;
3096 vec_elt_at_index (im->fibs, fib_index1)->flow_hash_config;
3098 vnet_buffer (p0)->ip.flow_hash = ip4_compute_flow_hash
3099 (ip0, flow_hash_config0);
3101 vnet_buffer (p1)->ip.flow_hash = ip4_compute_flow_hash
3102 (ip1, flow_hash_config1);
3104 ASSERT (adj0->n_adj > 0);
3105 ASSERT (adj1->n_adj > 0);
3106 ASSERT (is_pow2 (adj0->n_adj));
3107 ASSERT (is_pow2 (adj1->n_adj));
3108 adj_index0 += (vnet_buffer (p0)->ip.flow_hash & (adj0->n_adj - 1));
3109 adj_index1 += (vnet_buffer (p1)->ip.flow_hash & (adj1->n_adj - 1));
3111 vnet_buffer (p0)->ip.adj_index[VLIB_TX] = adj_index0;
3112 vnet_buffer (p1)->ip.adj_index[VLIB_TX] = adj_index1;
3114 if (1) /* $$$$$$ HACK FIXME */
3115 vlib_increment_combined_counter
3116 (cm, cpu_index, adj_index0, 1,
3117 vlib_buffer_length_in_chain (vm, p0));
3118 if (1) /* $$$$$$ HACK FIXME */
3119 vlib_increment_combined_counter
3120 (cm, cpu_index, adj_index1, 1,
3121 vlib_buffer_length_in_chain (vm, p1));
3125 n_left_to_next -= 2;
3128 wrong_next = (next0 != next) + 2*(next1 != next);
3129 if (PREDICT_FALSE (wrong_next != 0))
3137 n_left_to_next += 1;
3138 vlib_set_next_frame_buffer (vm, node, next0, pi0);
3144 n_left_to_next += 1;
3145 vlib_set_next_frame_buffer (vm, node, next1, pi1);
3151 n_left_to_next += 2;
3152 vlib_set_next_frame_buffer (vm, node, next0, pi0);
3153 vlib_set_next_frame_buffer (vm, node, next1, pi1);
3157 vlib_put_next_frame (vm, node, next, n_left_to_next);
3159 vlib_get_next_frame (vm, node, next, to_next, n_left_to_next);
3165 while (n_left_from > 0 && n_left_to_next > 0)
3169 u32 pi0, adj_index0;
3170 ip_lookup_next_t next0;
3171 ip_adjacency_t * adj0;
3173 u32 flow_hash_config0;
3178 p0 = vlib_get_buffer (vm, pi0);
3180 ip0 = vlib_buffer_get_current (p0);
3182 fib_index0 = vec_elt (im->fib_index_by_sw_if_index,
3183 vnet_buffer (p0)->sw_if_index[VLIB_RX]);
3184 fib_index0 = (vnet_buffer(p0)->sw_if_index[VLIB_TX] == (u32)~0) ?
3185 fib_index0 : vnet_buffer(p0)->sw_if_index[VLIB_TX];
3187 adj_index0 = ip4_fib_lookup_buffer (im, fib_index0,
3188 &ip0->dst_address, p0);
3190 adj0 = ip_get_adjacency (lm, adj_index0);
3192 next0 = adj0->lookup_next_index;
3195 vec_elt_at_index (im->fibs, fib_index0)->flow_hash_config;
3197 vnet_buffer (p0)->ip.flow_hash =
3198 ip4_compute_flow_hash (ip0, flow_hash_config0);
3200 ASSERT (adj0->n_adj > 0);
3201 ASSERT (is_pow2 (adj0->n_adj));
3202 adj_index0 += (vnet_buffer (p0)->ip.flow_hash & (adj0->n_adj - 1));
3204 vnet_buffer (p0)->ip.adj_index[VLIB_TX] = adj_index0;
3206 if (1) /* $$$$$$ HACK FIXME */
3207 vlib_increment_combined_counter
3208 (cm, cpu_index, adj_index0, 1,
3209 vlib_buffer_length_in_chain (vm, p0));
3213 n_left_to_next -= 1;
3216 if (PREDICT_FALSE (next0 != next))
3218 n_left_to_next += 1;
3219 vlib_put_next_frame (vm, node, next, n_left_to_next);
3221 vlib_get_next_frame (vm, node, next,
3222 to_next, n_left_to_next);
3225 n_left_to_next -= 1;
3229 vlib_put_next_frame (vm, node, next, n_left_to_next);
3232 if (node->flags & VLIB_NODE_FLAG_TRACE)
3233 ip4_forward_next_trace(vm, node, frame, VLIB_TX);
3235 return frame->n_vectors;
3238 VLIB_REGISTER_NODE (ip4_lookup_multicast_node,static) = {
3239 .function = ip4_lookup_multicast,
3240 .name = "ip4-lookup-multicast",
3241 .vector_size = sizeof (u32),
3242 .sibling_of = "ip4-lookup",
3243 .format_trace = format_ip4_lookup_trace,
3248 VLIB_NODE_FUNCTION_MULTIARCH (ip4_lookup_multicast_node, ip4_lookup_multicast)
3250 VLIB_REGISTER_NODE (ip4_multicast_node,static) = {
3251 .function = ip4_drop,
3252 .name = "ip4-multicast",
3253 .vector_size = sizeof (u32),
3255 .format_trace = format_ip4_forward_next_trace,
3263 int ip4_lookup_validate (ip4_address_t *a, u32 fib_index0)
3265 ip4_main_t * im = &ip4_main;
3266 ip4_fib_mtrie_t * mtrie0;
3267 ip4_fib_mtrie_leaf_t leaf0;
3270 mtrie0 = &vec_elt_at_index (im->fibs, fib_index0)->mtrie;
3272 leaf0 = IP4_FIB_MTRIE_LEAF_ROOT;
3273 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, a, 0);
3274 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, a, 1);
3275 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, a, 2);
3276 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, a, 3);
3278 /* Handle default route. */
3279 leaf0 = (leaf0 == IP4_FIB_MTRIE_LEAF_EMPTY ? mtrie0->default_leaf : leaf0);
3281 adj_index0 = ip4_fib_mtrie_leaf_get_adj_index (leaf0);
3283 return adj_index0 == ip4_fib_lookup_with_table (im, fib_index0,
3285 /* no_default_route */ 0);
3288 static clib_error_t *
3289 test_lookup_command_fn (vlib_main_t * vm,
3290 unformat_input_t * input,
3291 vlib_cli_command_t * cmd)
3297 ip4_address_t ip4_base_address;
3300 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) {
3301 if (unformat (input, "table %d", &table_id))
3303 else if (unformat (input, "count %f", &count))
3306 else if (unformat (input, "%U",
3307 unformat_ip4_address, &ip4_base_address))
3310 return clib_error_return (0, "unknown input `%U'",
3311 format_unformat_error, input);
3316 for (i = 0; i < n; i++)
3318 if (!ip4_lookup_validate (&ip4_base_address, table_id))
3321 ip4_base_address.as_u32 =
3322 clib_host_to_net_u32 (1 +
3323 clib_net_to_host_u32 (ip4_base_address.as_u32));
3327 vlib_cli_output (vm, "%llu errors out of %d lookups\n", errors, n);
3329 vlib_cli_output (vm, "No errors in %d lookups\n", n);
3334 VLIB_CLI_COMMAND (lookup_test_command, static) = {
3335 .path = "test lookup",
3336 .short_help = "test lookup",
3337 .function = test_lookup_command_fn,
3340 int vnet_set_ip4_flow_hash (u32 table_id, u32 flow_hash_config)
3342 ip4_main_t * im4 = &ip4_main;
3344 uword * p = hash_get (im4->fib_index_by_table_id, table_id);
3347 return VNET_API_ERROR_NO_SUCH_FIB;
3349 fib = vec_elt_at_index (im4->fibs, p[0]);
3351 fib->flow_hash_config = flow_hash_config;
3355 static clib_error_t *
3356 set_ip_flow_hash_command_fn (vlib_main_t * vm,
3357 unformat_input_t * input,
3358 vlib_cli_command_t * cmd)
3362 u32 flow_hash_config = 0;
3365 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) {
3366 if (unformat (input, "table %d", &table_id))
3369 else if (unformat (input, #a)) { flow_hash_config |= v; matched=1;}
3370 foreach_flow_hash_bit
3376 return clib_error_return (0, "unknown input `%U'",
3377 format_unformat_error, input);
3379 rv = vnet_set_ip4_flow_hash (table_id, flow_hash_config);
3385 case VNET_API_ERROR_NO_SUCH_FIB:
3386 return clib_error_return (0, "no such FIB table %d", table_id);
3389 clib_warning ("BUG: illegal flow hash config 0x%x", flow_hash_config);
3396 VLIB_CLI_COMMAND (set_ip_flow_hash_command, static) = {
3397 .path = "set ip flow-hash",
3399 "set ip table flow-hash table <fib-id> src dst sport dport proto reverse",
3400 .function = set_ip_flow_hash_command_fn,
3403 int vnet_set_ip4_classify_intfc (vlib_main_t * vm, u32 sw_if_index,
3406 vnet_main_t * vnm = vnet_get_main();
3407 vnet_interface_main_t * im = &vnm->interface_main;
3408 ip4_main_t * ipm = &ip4_main;
3409 ip_lookup_main_t * lm = &ipm->lookup_main;
3410 vnet_classify_main_t * cm = &vnet_classify_main;
3412 if (pool_is_free_index (im->sw_interfaces, sw_if_index))
3413 return VNET_API_ERROR_NO_MATCHING_INTERFACE;
3415 if (table_index != ~0 && pool_is_free_index (cm->tables, table_index))
3416 return VNET_API_ERROR_NO_SUCH_ENTRY;
3418 vec_validate (lm->classify_table_index_by_sw_if_index, sw_if_index);
3419 lm->classify_table_index_by_sw_if_index [sw_if_index] = table_index;
3424 static clib_error_t *
3425 set_ip_classify_command_fn (vlib_main_t * vm,
3426 unformat_input_t * input,
3427 vlib_cli_command_t * cmd)
3429 u32 table_index = ~0;
3430 int table_index_set = 0;
3431 u32 sw_if_index = ~0;
3434 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) {
3435 if (unformat (input, "table-index %d", &table_index))
3436 table_index_set = 1;
3437 else if (unformat (input, "intfc %U", unformat_vnet_sw_interface,
3438 vnet_get_main(), &sw_if_index))
3444 if (table_index_set == 0)
3445 return clib_error_return (0, "classify table-index must be specified");
3447 if (sw_if_index == ~0)
3448 return clib_error_return (0, "interface / subif must be specified");
3450 rv = vnet_set_ip4_classify_intfc (vm, sw_if_index, table_index);
3457 case VNET_API_ERROR_NO_MATCHING_INTERFACE:
3458 return clib_error_return (0, "No such interface");
3460 case VNET_API_ERROR_NO_SUCH_ENTRY:
3461 return clib_error_return (0, "No such classifier table");
3466 VLIB_CLI_COMMAND (set_ip_classify_command, static) = {
3467 .path = "set ip classify",
3469 "set ip classify intfc <int> table-index <index>",
3470 .function = set_ip_classify_command_fn,