2 * Copyright (c) 2015 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
16 * ip/ip4_forward.c: IP v4 forwarding
18 * Copyright (c) 2008 Eliot Dresselhaus
20 * Permission is hereby granted, free of charge, to any person obtaining
21 * a copy of this software and associated documentation files (the
22 * "Software"), to deal in the Software without restriction, including
23 * without limitation the rights to use, copy, modify, merge, publish,
24 * distribute, sublicense, and/or sell copies of the Software, and to
25 * permit persons to whom the Software is furnished to do so, subject to
26 * the following conditions:
28 * The above copyright notice and this permission notice shall be
29 * included in all copies or substantial portions of the Software.
31 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
32 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
33 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
34 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
35 * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
36 * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
37 * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
40 #include <vnet/vnet.h>
41 #include <vnet/ip/ip.h>
42 #include <vnet/ethernet/ethernet.h> /* for ethernet_header_t */
43 #include <vnet/ethernet/arp_packet.h> /* for ethernet_arp_header_t */
44 #include <vnet/ppp/ppp.h>
45 #include <vnet/srp/srp.h> /* for srp_hw_interface_class */
46 #include <vnet/api_errno.h> /* for API error numbers */
48 /* This is really, really simple but stupid fib. */
50 ip4_fib_lookup_with_table (ip4_main_t * im, u32 fib_index,
52 u32 disable_default_route)
54 ip_lookup_main_t * lm = &im->lookup_main;
55 ip4_fib_t * fib = vec_elt_at_index (im->fibs, fib_index);
56 uword * p, * hash, key;
57 i32 i, i_min, dst_address, ai;
59 i_min = disable_default_route ? 1 : 0;
60 dst_address = clib_mem_unaligned (&dst->data_u32, u32);
61 for (i = ARRAY_LEN (fib->adj_index_by_dst_address) - 1; i >= i_min; i--)
63 hash = fib->adj_index_by_dst_address[i];
67 key = dst_address & im->fib_masks[i];
68 if ((p = hash_get (hash, key)) != 0)
75 /* Nothing matches in table. */
76 ai = lm->miss_adj_index;
83 create_fib_with_table_id (ip4_main_t * im, u32 table_id)
86 hash_set (im->fib_index_by_table_id, table_id, vec_len (im->fibs));
87 vec_add2 (im->fibs, fib, 1);
88 fib->table_id = table_id;
89 fib->index = fib - im->fibs;
90 fib->flow_hash_config = IP_FLOW_HASH_DEFAULT;
91 fib->fwd_classify_table_index = ~0;
92 fib->rev_classify_table_index = ~0;
93 ip4_mtrie_init (&fib->mtrie);
98 find_ip4_fib_by_table_index_or_id (ip4_main_t * im,
99 u32 table_index_or_id, u32 flags)
101 uword * p, fib_index;
103 fib_index = table_index_or_id;
104 if (! (flags & IP4_ROUTE_FLAG_FIB_INDEX))
106 if (table_index_or_id == ~0) {
107 table_index_or_id = 0;
108 while ((p = hash_get (im->fib_index_by_table_id, table_index_or_id))) {
111 return create_fib_with_table_id (im, table_index_or_id);
114 p = hash_get (im->fib_index_by_table_id, table_index_or_id);
116 return create_fib_with_table_id (im, table_index_or_id);
119 return vec_elt_at_index (im->fibs, fib_index);
123 ip4_fib_init_adj_index_by_dst_address (ip_lookup_main_t * lm,
130 ASSERT (lm->fib_result_n_bytes >= sizeof (uword));
131 lm->fib_result_n_words = round_pow2 (lm->fib_result_n_bytes, sizeof (uword)) / sizeof (uword);
133 fib->adj_index_by_dst_address[address_length] =
134 hash_create (32 /* elts */, lm->fib_result_n_words * sizeof (uword));
136 hash_set_flags (fib->adj_index_by_dst_address[address_length],
137 HASH_FLAG_NO_AUTO_SHRINK);
139 h = hash_header (fib->adj_index_by_dst_address[address_length]);
140 max_index = (hash_value_bytes (h) / sizeof (fib->new_hash_values[0])) - 1;
142 /* Initialize new/old hash value vectors. */
143 vec_validate_init_empty (fib->new_hash_values, max_index, ~0);
144 vec_validate_init_empty (fib->old_hash_values, max_index, ~0);
148 ip4_fib_set_adj_index (ip4_main_t * im,
152 u32 dst_address_length,
155 ip_lookup_main_t * lm = &im->lookup_main;
158 if (vec_bytes(fib->old_hash_values))
159 memset (fib->old_hash_values, ~0, vec_bytes (fib->old_hash_values));
160 if (vec_bytes(fib->new_hash_values))
161 memset (fib->new_hash_values, ~0, vec_bytes (fib->new_hash_values));
162 fib->new_hash_values[0] = adj_index;
164 /* Make sure adj index is valid. */
166 (void) ip_get_adjacency (lm, adj_index);
168 hash = fib->adj_index_by_dst_address[dst_address_length];
170 hash = _hash_set3 (hash, dst_address_u32,
171 fib->new_hash_values,
172 fib->old_hash_values);
174 fib->adj_index_by_dst_address[dst_address_length] = hash;
176 if (vec_len (im->add_del_route_callbacks) > 0)
178 ip4_add_del_route_callback_t * cb;
182 d.data_u32 = dst_address_u32;
183 vec_foreach (cb, im->add_del_route_callbacks)
184 if ((flags & cb->required_flags) == cb->required_flags)
185 cb->function (im, cb->function_opaque,
187 &d, dst_address_length,
188 fib->old_hash_values,
189 fib->new_hash_values);
191 p = hash_get (hash, dst_address_u32);
192 clib_memcpy (p, fib->new_hash_values, vec_bytes (fib->new_hash_values));
196 void ip4_add_del_route (ip4_main_t * im, ip4_add_del_route_args_t * a)
198 ip_lookup_main_t * lm = &im->lookup_main;
200 u32 dst_address, dst_address_length, adj_index, old_adj_index;
201 uword * hash, is_del;
202 ip4_add_del_route_callback_t * cb;
204 /* Either create new adjacency or use given one depending on arguments. */
205 if (a->n_add_adj > 0)
207 ip_add_adjacency (lm, a->add_adj, a->n_add_adj, &adj_index);
208 ip_call_add_del_adjacency_callbacks (lm, adj_index, /* is_del */ 0);
211 adj_index = a->adj_index;
213 dst_address = a->dst_address.data_u32;
214 dst_address_length = a->dst_address_length;
215 fib = find_ip4_fib_by_table_index_or_id (im, a->table_index_or_table_id, a->flags);
217 ASSERT (dst_address_length < ARRAY_LEN (im->fib_masks));
218 dst_address &= im->fib_masks[dst_address_length];
220 if (! fib->adj_index_by_dst_address[dst_address_length])
221 ip4_fib_init_adj_index_by_dst_address (lm, fib, dst_address_length);
223 hash = fib->adj_index_by_dst_address[dst_address_length];
225 is_del = (a->flags & IP4_ROUTE_FLAG_DEL) != 0;
229 fib->old_hash_values[0] = ~0;
230 hash = _hash_unset (hash, dst_address, fib->old_hash_values);
231 fib->adj_index_by_dst_address[dst_address_length] = hash;
233 if (vec_len (im->add_del_route_callbacks) > 0
234 && fib->old_hash_values[0] != ~0) /* make sure destination was found in hash */
236 fib->new_hash_values[0] = ~0;
237 vec_foreach (cb, im->add_del_route_callbacks)
238 if ((a->flags & cb->required_flags) == cb->required_flags)
239 cb->function (im, cb->function_opaque,
241 &a->dst_address, dst_address_length,
242 fib->old_hash_values,
243 fib->new_hash_values);
247 ip4_fib_set_adj_index (im, fib, a->flags, dst_address, dst_address_length,
250 old_adj_index = fib->old_hash_values[0];
252 /* Avoid spurious reference count increments */
253 if (old_adj_index == adj_index
255 && !(a->flags & IP4_ROUTE_FLAG_KEEP_OLD_ADJACENCY))
257 ip_adjacency_t * adj = ip_get_adjacency (lm, adj_index);
258 if (adj->share_count > 0)
262 ip4_fib_mtrie_add_del_route (fib, a->dst_address, dst_address_length,
263 is_del ? old_adj_index : adj_index,
266 /* Delete old adjacency index if present and changed. */
267 if (! (a->flags & IP4_ROUTE_FLAG_KEEP_OLD_ADJACENCY)
268 && old_adj_index != ~0
269 && old_adj_index != adj_index)
270 ip_del_adjacency (lm, old_adj_index);
274 ip4_add_del_route_next_hop (ip4_main_t * im,
276 ip4_address_t * dst_address,
277 u32 dst_address_length,
278 ip4_address_t * next_hop,
279 u32 next_hop_sw_if_index,
280 u32 next_hop_weight, u32 adj_index,
281 u32 explicit_fib_index)
283 vnet_main_t * vnm = vnet_get_main();
284 ip_lookup_main_t * lm = &im->lookup_main;
287 u32 dst_address_u32, old_mp_adj_index, new_mp_adj_index;
288 u32 dst_adj_index, nh_adj_index;
289 uword * dst_hash, * dst_result;
290 uword * nh_hash, * nh_result;
291 ip_adjacency_t * dst_adj;
292 ip_multipath_adjacency_t * old_mp, * new_mp;
293 int is_del = (flags & IP4_ROUTE_FLAG_DEL) != 0;
294 int is_interface_next_hop;
295 clib_error_t * error = 0;
297 if (explicit_fib_index == (u32)~0)
298 fib_index = vec_elt (im->fib_index_by_sw_if_index, next_hop_sw_if_index);
300 fib_index = explicit_fib_index;
302 fib = vec_elt_at_index (im->fibs, fib_index);
304 /* Lookup next hop to be added or deleted. */
305 is_interface_next_hop = next_hop->data_u32 == 0;
306 if (adj_index == (u32)~0)
308 if (is_interface_next_hop)
310 nh_result = hash_get (im->interface_route_adj_index_by_sw_if_index, next_hop_sw_if_index);
312 nh_adj_index = *nh_result;
315 ip_adjacency_t * adj;
316 adj = ip_add_adjacency (lm, /* template */ 0, /* block size */ 1,
318 ip4_adjacency_set_interface_route (vnm, adj, next_hop_sw_if_index, /* if_address_index */ ~0);
319 ip_call_add_del_adjacency_callbacks (lm, nh_adj_index, /* is_del */ 0);
320 hash_set (im->interface_route_adj_index_by_sw_if_index, next_hop_sw_if_index, nh_adj_index);
325 nh_hash = fib->adj_index_by_dst_address[32];
326 nh_result = hash_get (nh_hash, next_hop->data_u32);
328 /* Next hop must be known. */
331 ip_adjacency_t * adj;
333 nh_adj_index = ip4_fib_lookup_with_table (im, fib_index,
335 adj = ip_get_adjacency (lm, nh_adj_index);
336 /* if ARP interface adjacencty is present, we need to
337 install ARP adjaceny for specific next hop */
338 if (adj->lookup_next_index == IP_LOOKUP_NEXT_ARP &&
339 adj->arp.next_hop.ip4.as_u32 == 0)
341 nh_adj_index = vnet_arp_glean_add(fib_index, next_hop);
345 /* Next hop is not known, so create indirect adj */
346 ip_adjacency_t add_adj;
347 memset (&add_adj, 0, sizeof(add_adj));
349 add_adj.lookup_next_index = IP_LOOKUP_NEXT_INDIRECT;
350 add_adj.indirect.next_hop.ip4.as_u32 = next_hop->as_u32;
351 add_adj.explicit_fib_index = explicit_fib_index;
352 ip_add_adjacency (lm, &add_adj, 1, &nh_adj_index);
356 nh_adj_index = *nh_result;
361 nh_adj_index = adj_index;
363 ASSERT (dst_address_length < ARRAY_LEN (im->fib_masks));
364 dst_address_u32 = dst_address->data_u32 & im->fib_masks[dst_address_length];
366 dst_hash = fib->adj_index_by_dst_address[dst_address_length];
367 dst_result = hash_get (dst_hash, dst_address_u32);
370 dst_adj_index = dst_result[0];
371 dst_adj = ip_get_adjacency (lm, dst_adj_index);
375 /* For deletes destination must be known. */
378 vnm->api_errno = VNET_API_ERROR_UNKNOWN_DESTINATION;
379 error = clib_error_return (0, "unknown destination %U/%d",
380 format_ip4_address, dst_address,
389 /* Ignore adds of X/32 with next hop of X. */
391 && dst_address_length == 32
392 && dst_address->data_u32 == next_hop->data_u32
393 && adj_index != (u32)~0)
395 vnm->api_errno = VNET_API_ERROR_PREFIX_MATCHES_NEXT_HOP;
396 error = clib_error_return (0, "prefix matches next hop %U/%d",
397 format_ip4_address, dst_address,
402 /* Destination is not known and default weight is set so add route
403 to existing non-multipath adjacency */
404 if (dst_adj_index == ~0 && next_hop_weight == 1 && next_hop_sw_if_index == ~0)
406 /* create / delete additional mapping of existing adjacency */
407 ip4_add_del_route_args_t a;
408 ip_adjacency_t * nh_adj = ip_get_adjacency (lm, nh_adj_index);
410 a.table_index_or_table_id = fib_index;
411 a.flags = ((is_del ? IP4_ROUTE_FLAG_DEL : IP4_ROUTE_FLAG_ADD)
412 | IP4_ROUTE_FLAG_FIB_INDEX
413 | IP4_ROUTE_FLAG_KEEP_OLD_ADJACENCY
414 | (flags & (IP4_ROUTE_FLAG_NO_REDISTRIBUTE
415 | IP4_ROUTE_FLAG_NOT_LAST_IN_GROUP)));
416 a.dst_address = dst_address[0];
417 a.dst_address_length = dst_address_length;
418 a.adj_index = nh_adj_index;
422 ip4_add_del_route (im, &a);
424 /* adjust share count. This cannot be the only use of the adjacency */
425 nh_adj->share_count += is_del ? -1 : 1;
430 old_mp_adj_index = dst_adj ? dst_adj->heap_handle : ~0;
432 if (! ip_multipath_adjacency_add_del_next_hop
439 vnm->api_errno = VNET_API_ERROR_NEXT_HOP_NOT_FOUND_MP;
440 error = clib_error_return (0, "requested deleting next-hop %U not found in multi-path",
441 format_ip4_address, next_hop);
446 if (old_mp_adj_index != ~0)
447 old_mp = vec_elt_at_index (lm->multipath_adjacencies, old_mp_adj_index);
448 if (new_mp_adj_index != ~0)
449 new_mp = vec_elt_at_index (lm->multipath_adjacencies, new_mp_adj_index);
451 if (old_mp != new_mp)
453 ip4_add_del_route_args_t a;
454 ip_adjacency_t * adj;
456 a.table_index_or_table_id = fib_index;
457 a.flags = ((is_del && ! new_mp ? IP4_ROUTE_FLAG_DEL : IP4_ROUTE_FLAG_ADD)
458 | IP4_ROUTE_FLAG_FIB_INDEX
459 | IP4_ROUTE_FLAG_KEEP_OLD_ADJACENCY
460 | (flags & (IP4_ROUTE_FLAG_NO_REDISTRIBUTE | IP4_ROUTE_FLAG_NOT_LAST_IN_GROUP)));
461 a.dst_address = dst_address[0];
462 a.dst_address_length = dst_address_length;
463 a.adj_index = new_mp ? new_mp->adj_index : dst_adj_index;
467 ip4_add_del_route (im, &a);
469 adj = ip_get_adjacency (lm, new_mp ? new_mp->adj_index : dst_adj_index);
471 adj->share_count += is_del ? -1 : 1;
476 clib_error_report (error);
480 ip4_get_route (ip4_main_t * im,
481 u32 table_index_or_table_id,
486 ip4_fib_t * fib = find_ip4_fib_by_table_index_or_id (im, table_index_or_table_id, flags);
487 u32 dst_address = * (u32 *) address;
490 ASSERT (address_length < ARRAY_LEN (im->fib_masks));
491 dst_address &= im->fib_masks[address_length];
493 hash = fib->adj_index_by_dst_address[address_length];
494 p = hash_get (hash, dst_address);
499 ip4_foreach_matching_route (ip4_main_t * im,
500 u32 table_index_or_table_id,
502 ip4_address_t * address,
504 ip4_address_t ** results,
505 u8 ** result_lengths)
507 ip4_fib_t * fib = find_ip4_fib_by_table_index_or_id (im, table_index_or_table_id, flags);
508 u32 dst_address = address->data_u32;
509 u32 this_length = address_length;
512 _vec_len (*results) = 0;
514 _vec_len (*result_lengths) = 0;
516 while (this_length <= 32 && vec_len (results) == 0)
519 hash_foreach (k, v, fib->adj_index_by_dst_address[this_length], ({
520 if (0 == ((k ^ dst_address) & im->fib_masks[address_length]))
524 vec_add1 (*results, a);
525 vec_add1 (*result_lengths, this_length);
533 void ip4_maybe_remap_adjacencies (ip4_main_t * im,
534 u32 table_index_or_table_id,
537 ip4_fib_t * fib = find_ip4_fib_by_table_index_or_id (im, table_index_or_table_id, flags);
538 ip_lookup_main_t * lm = &im->lookup_main;
541 ip4_add_del_route_callback_t * cb;
542 static ip4_address_t * to_delete;
544 if (lm->n_adjacency_remaps == 0)
547 for (l = 0; l <= 32; l++)
550 uword * hash = fib->adj_index_by_dst_address[l];
552 if (hash_elts (hash) == 0)
556 _vec_len (to_delete) = 0;
558 hash_foreach_pair (p, hash, ({
559 u32 adj_index = p->value[0];
560 u32 m = vec_elt (lm->adjacency_remap_table, adj_index);
564 /* Record destination address from hash key. */
567 /* New adjacency points to nothing: so delete prefix. */
569 vec_add1 (to_delete, a);
572 /* Remap to new adjacency. */
573 clib_memcpy (fib->old_hash_values, p->value, vec_bytes (fib->old_hash_values));
575 /* Set new adjacency value. */
576 fib->new_hash_values[0] = p->value[0] = m - 1;
578 vec_foreach (cb, im->add_del_route_callbacks)
579 if ((flags & cb->required_flags) == cb->required_flags)
580 cb->function (im, cb->function_opaque,
581 fib, flags | IP4_ROUTE_FLAG_ADD,
583 fib->old_hash_values,
584 fib->new_hash_values);
589 fib->new_hash_values[0] = ~0;
590 for (i = 0; i < vec_len (to_delete); i++)
592 hash = _hash_unset (hash, to_delete[i].data_u32, fib->old_hash_values);
593 vec_foreach (cb, im->add_del_route_callbacks)
594 if ((flags & cb->required_flags) == cb->required_flags)
595 cb->function (im, cb->function_opaque,
596 fib, flags | IP4_ROUTE_FLAG_DEL,
598 fib->old_hash_values,
599 fib->new_hash_values);
603 /* Also remap adjacencies in mtrie. */
604 ip4_mtrie_maybe_remap_adjacencies (lm, &fib->mtrie);
606 /* Reset mapping table. */
607 vec_zero (lm->adjacency_remap_table);
609 /* All remaps have been performed. */
610 lm->n_adjacency_remaps = 0;
613 void ip4_delete_matching_routes (ip4_main_t * im,
614 u32 table_index_or_table_id,
616 ip4_address_t * address,
619 static ip4_address_t * matching_addresses;
620 static u8 * matching_address_lengths;
622 ip4_add_del_route_args_t a;
624 a.flags = IP4_ROUTE_FLAG_DEL | IP4_ROUTE_FLAG_NO_REDISTRIBUTE | flags;
625 a.table_index_or_table_id = table_index_or_table_id;
630 for (l = address_length + 1; l <= 32; l++)
632 ip4_foreach_matching_route (im, table_index_or_table_id, flags,
636 &matching_address_lengths);
637 for (i = 0; i < vec_len (matching_addresses); i++)
639 a.dst_address = matching_addresses[i];
640 a.dst_address_length = matching_address_lengths[i];
641 ip4_add_del_route (im, &a);
645 ip4_maybe_remap_adjacencies (im, table_index_or_table_id, flags);
649 ip4_forward_next_trace (vlib_main_t * vm,
650 vlib_node_runtime_t * node,
651 vlib_frame_t * frame,
652 vlib_rx_or_tx_t which_adj_index);
655 ip4_lookup_inline (vlib_main_t * vm,
656 vlib_node_runtime_t * node,
657 vlib_frame_t * frame,
658 int lookup_for_responses_to_locally_received_packets,
661 ip4_main_t * im = &ip4_main;
662 ip_lookup_main_t * lm = &im->lookup_main;
663 vlib_combined_counter_main_t * cm = &im->lookup_main.adjacency_counters;
664 u32 n_left_from, n_left_to_next, * from, * to_next;
665 ip_lookup_next_t next;
666 u32 cpu_index = os_get_cpu_number();
668 from = vlib_frame_vector_args (frame);
669 n_left_from = frame->n_vectors;
670 next = node->cached_next_index;
672 while (n_left_from > 0)
674 vlib_get_next_frame (vm, node, next,
675 to_next, n_left_to_next);
677 while (n_left_from >= 4 && n_left_to_next >= 2)
679 vlib_buffer_t * p0, * p1;
680 ip4_header_t * ip0, * ip1;
681 __attribute__((unused)) tcp_header_t * tcp0, * tcp1;
682 ip_lookup_next_t next0, next1;
683 ip_adjacency_t * adj0, * adj1;
684 ip4_fib_mtrie_t * mtrie0, * mtrie1;
685 ip4_fib_mtrie_leaf_t leaf0, leaf1;
686 ip4_address_t * dst_addr0, *dst_addr1;
687 __attribute__((unused)) u32 pi0, fib_index0, adj_index0, is_tcp_udp0;
688 __attribute__((unused)) u32 pi1, fib_index1, adj_index1, is_tcp_udp1;
689 u32 flow_hash_config0, flow_hash_config1;
690 u32 hash_c0, hash_c1;
693 /* Prefetch next iteration. */
695 vlib_buffer_t * p2, * p3;
697 p2 = vlib_get_buffer (vm, from[2]);
698 p3 = vlib_get_buffer (vm, from[3]);
700 vlib_prefetch_buffer_header (p2, LOAD);
701 vlib_prefetch_buffer_header (p3, LOAD);
703 CLIB_PREFETCH (p2->data, sizeof (ip0[0]), LOAD);
704 CLIB_PREFETCH (p3->data, sizeof (ip0[0]), LOAD);
707 pi0 = to_next[0] = from[0];
708 pi1 = to_next[1] = from[1];
710 p0 = vlib_get_buffer (vm, pi0);
711 p1 = vlib_get_buffer (vm, pi1);
713 ip0 = vlib_buffer_get_current (p0);
714 ip1 = vlib_buffer_get_current (p1);
718 ip_adjacency_t * iadj0, * iadj1;
719 iadj0 = ip_get_adjacency (lm, vnet_buffer(p0)->ip.adj_index[VLIB_TX]);
720 iadj1 = ip_get_adjacency (lm, vnet_buffer(p1)->ip.adj_index[VLIB_TX]);
721 dst_addr0 = &iadj0->indirect.next_hop.ip4;
722 dst_addr1 = &iadj1->indirect.next_hop.ip4;
726 dst_addr0 = &ip0->dst_address;
727 dst_addr1 = &ip1->dst_address;
730 fib_index0 = vec_elt (im->fib_index_by_sw_if_index, vnet_buffer (p0)->sw_if_index[VLIB_RX]);
731 fib_index1 = vec_elt (im->fib_index_by_sw_if_index, vnet_buffer (p1)->sw_if_index[VLIB_RX]);
732 fib_index0 = (vnet_buffer(p0)->sw_if_index[VLIB_TX] == (u32)~0) ?
733 fib_index0 : vnet_buffer(p0)->sw_if_index[VLIB_TX];
734 fib_index1 = (vnet_buffer(p1)->sw_if_index[VLIB_TX] == (u32)~0) ?
735 fib_index1 : vnet_buffer(p1)->sw_if_index[VLIB_TX];
738 if (! lookup_for_responses_to_locally_received_packets)
740 mtrie0 = &vec_elt_at_index (im->fibs, fib_index0)->mtrie;
741 mtrie1 = &vec_elt_at_index (im->fibs, fib_index1)->mtrie;
743 leaf0 = leaf1 = IP4_FIB_MTRIE_LEAF_ROOT;
745 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, dst_addr0, 0);
746 leaf1 = ip4_fib_mtrie_lookup_step (mtrie1, leaf1, dst_addr1, 0);
749 tcp0 = (void *) (ip0 + 1);
750 tcp1 = (void *) (ip1 + 1);
752 is_tcp_udp0 = (ip0->protocol == IP_PROTOCOL_TCP
753 || ip0->protocol == IP_PROTOCOL_UDP);
754 is_tcp_udp1 = (ip1->protocol == IP_PROTOCOL_TCP
755 || ip1->protocol == IP_PROTOCOL_UDP);
757 if (! lookup_for_responses_to_locally_received_packets)
759 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, dst_addr0, 1);
760 leaf1 = ip4_fib_mtrie_lookup_step (mtrie1, leaf1, dst_addr1, 1);
763 if (! lookup_for_responses_to_locally_received_packets)
765 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, dst_addr0, 2);
766 leaf1 = ip4_fib_mtrie_lookup_step (mtrie1, leaf1, dst_addr1, 2);
769 if (! lookup_for_responses_to_locally_received_packets)
771 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, dst_addr0, 3);
772 leaf1 = ip4_fib_mtrie_lookup_step (mtrie1, leaf1, dst_addr1, 3);
775 if (lookup_for_responses_to_locally_received_packets)
777 adj_index0 = vnet_buffer (p0)->ip.adj_index[VLIB_RX];
778 adj_index1 = vnet_buffer (p1)->ip.adj_index[VLIB_RX];
782 /* Handle default route. */
783 leaf0 = (leaf0 == IP4_FIB_MTRIE_LEAF_EMPTY ? mtrie0->default_leaf : leaf0);
784 leaf1 = (leaf1 == IP4_FIB_MTRIE_LEAF_EMPTY ? mtrie1->default_leaf : leaf1);
786 adj_index0 = ip4_fib_mtrie_leaf_get_adj_index (leaf0);
787 adj_index1 = ip4_fib_mtrie_leaf_get_adj_index (leaf1);
790 ASSERT (adj_index0 == ip4_fib_lookup_with_table (im, fib_index0,
792 /* no_default_route */ 0));
793 ASSERT (adj_index1 == ip4_fib_lookup_with_table (im, fib_index1,
795 /* no_default_route */ 0));
796 adj0 = ip_get_adjacency (lm, adj_index0);
797 adj1 = ip_get_adjacency (lm, adj_index1);
799 next0 = adj0->lookup_next_index;
800 next1 = adj1->lookup_next_index;
802 /* Use flow hash to compute multipath adjacency. */
803 hash_c0 = vnet_buffer (p0)->ip.flow_hash = 0;
804 hash_c1 = vnet_buffer (p1)->ip.flow_hash = 0;
805 if (PREDICT_FALSE (adj0->n_adj > 1))
808 vec_elt_at_index (im->fibs, fib_index0)->flow_hash_config;
809 hash_c0 = vnet_buffer (p0)->ip.flow_hash =
810 ip4_compute_flow_hash (ip0, flow_hash_config0);
812 if (PREDICT_FALSE(adj1->n_adj > 1))
815 vec_elt_at_index (im->fibs, fib_index1)->flow_hash_config;
816 hash_c1 = vnet_buffer (p1)->ip.flow_hash =
817 ip4_compute_flow_hash (ip1, flow_hash_config1);
820 ASSERT (adj0->n_adj > 0);
821 ASSERT (adj1->n_adj > 0);
822 ASSERT (is_pow2 (adj0->n_adj));
823 ASSERT (is_pow2 (adj1->n_adj));
824 adj_index0 += (hash_c0 & (adj0->n_adj - 1));
825 adj_index1 += (hash_c1 & (adj1->n_adj - 1));
827 vnet_buffer (p0)->ip.adj_index[VLIB_TX] = adj_index0;
828 vnet_buffer (p1)->ip.adj_index[VLIB_TX] = adj_index1;
830 vlib_increment_combined_counter
831 (cm, cpu_index, adj_index0, 1,
832 vlib_buffer_length_in_chain (vm, p0)
833 + sizeof(ethernet_header_t));
834 vlib_increment_combined_counter
835 (cm, cpu_index, adj_index1, 1,
836 vlib_buffer_length_in_chain (vm, p1)
837 + sizeof(ethernet_header_t));
844 wrong_next = (next0 != next) + 2*(next1 != next);
845 if (PREDICT_FALSE (wrong_next != 0))
854 vlib_set_next_frame_buffer (vm, node, next0, pi0);
861 vlib_set_next_frame_buffer (vm, node, next1, pi1);
868 vlib_set_next_frame_buffer (vm, node, next0, pi0);
869 vlib_set_next_frame_buffer (vm, node, next1, pi1);
873 vlib_put_next_frame (vm, node, next, n_left_to_next);
875 vlib_get_next_frame (vm, node, next, to_next, n_left_to_next);
881 while (n_left_from > 0 && n_left_to_next > 0)
885 __attribute__((unused)) tcp_header_t * tcp0;
886 ip_lookup_next_t next0;
887 ip_adjacency_t * adj0;
888 ip4_fib_mtrie_t * mtrie0;
889 ip4_fib_mtrie_leaf_t leaf0;
890 ip4_address_t * dst_addr0;
891 __attribute__((unused)) u32 pi0, fib_index0, adj_index0, is_tcp_udp0;
892 u32 flow_hash_config0, hash_c0;
897 p0 = vlib_get_buffer (vm, pi0);
899 ip0 = vlib_buffer_get_current (p0);
903 ip_adjacency_t * iadj0;
904 iadj0 = ip_get_adjacency (lm, vnet_buffer(p0)->ip.adj_index[VLIB_TX]);
905 dst_addr0 = &iadj0->indirect.next_hop.ip4;
909 dst_addr0 = &ip0->dst_address;
912 fib_index0 = vec_elt (im->fib_index_by_sw_if_index, vnet_buffer (p0)->sw_if_index[VLIB_RX]);
913 fib_index0 = (vnet_buffer(p0)->sw_if_index[VLIB_TX] == (u32)~0) ?
914 fib_index0 : vnet_buffer(p0)->sw_if_index[VLIB_TX];
916 if (! lookup_for_responses_to_locally_received_packets)
918 mtrie0 = &vec_elt_at_index (im->fibs, fib_index0)->mtrie;
920 leaf0 = IP4_FIB_MTRIE_LEAF_ROOT;
922 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, dst_addr0, 0);
925 tcp0 = (void *) (ip0 + 1);
927 is_tcp_udp0 = (ip0->protocol == IP_PROTOCOL_TCP
928 || ip0->protocol == IP_PROTOCOL_UDP);
930 if (! lookup_for_responses_to_locally_received_packets)
931 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, dst_addr0, 1);
933 if (! lookup_for_responses_to_locally_received_packets)
934 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, dst_addr0, 2);
936 if (! lookup_for_responses_to_locally_received_packets)
937 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, dst_addr0, 3);
939 if (lookup_for_responses_to_locally_received_packets)
940 adj_index0 = vnet_buffer (p0)->ip.adj_index[VLIB_RX];
943 /* Handle default route. */
944 leaf0 = (leaf0 == IP4_FIB_MTRIE_LEAF_EMPTY ? mtrie0->default_leaf : leaf0);
945 adj_index0 = ip4_fib_mtrie_leaf_get_adj_index (leaf0);
948 ASSERT (adj_index0 == ip4_fib_lookup_with_table (im, fib_index0,
950 /* no_default_route */ 0));
952 adj0 = ip_get_adjacency (lm, adj_index0);
954 next0 = adj0->lookup_next_index;
956 /* Use flow hash to compute multipath adjacency. */
957 hash_c0 = vnet_buffer (p0)->ip.flow_hash = 0;
958 if (PREDICT_FALSE(adj0->n_adj > 1))
961 vec_elt_at_index (im->fibs, fib_index0)->flow_hash_config;
963 hash_c0 = vnet_buffer (p0)->ip.flow_hash =
964 ip4_compute_flow_hash (ip0, flow_hash_config0);
967 ASSERT (adj0->n_adj > 0);
968 ASSERT (is_pow2 (adj0->n_adj));
969 adj_index0 += (hash_c0 & (adj0->n_adj - 1));
971 vnet_buffer (p0)->ip.adj_index[VLIB_TX] = adj_index0;
973 vlib_increment_combined_counter
974 (cm, cpu_index, adj_index0, 1,
975 vlib_buffer_length_in_chain (vm, p0)
976 + sizeof(ethernet_header_t));
983 if (PREDICT_FALSE (next0 != next))
986 vlib_put_next_frame (vm, node, next, n_left_to_next);
988 vlib_get_next_frame (vm, node, next,
989 to_next, n_left_to_next);
996 vlib_put_next_frame (vm, node, next, n_left_to_next);
999 if (node->flags & VLIB_NODE_FLAG_TRACE)
1000 ip4_forward_next_trace(vm, node, frame, VLIB_TX);
1002 return frame->n_vectors;
1006 ip4_lookup (vlib_main_t * vm,
1007 vlib_node_runtime_t * node,
1008 vlib_frame_t * frame)
1010 return ip4_lookup_inline (vm, node, frame,
1011 /* lookup_for_responses_to_locally_received_packets */ 0,
1012 /* is_indirect */ 0);
1016 void ip4_adjacency_set_interface_route (vnet_main_t * vnm,
1017 ip_adjacency_t * adj,
1019 u32 if_address_index)
1021 vnet_hw_interface_t * hw = vnet_get_sup_hw_interface (vnm, sw_if_index);
1023 vnet_l3_packet_type_t packet_type;
1026 if (hw->hw_class_index == ethernet_hw_interface_class.index
1027 || hw->hw_class_index == srp_hw_interface_class.index)
1030 * We have a bit of a problem in this case. ip4-arp uses
1031 * the rewrite_header.next_index to hand pkts to the
1032 * indicated inteface output node. We can end up in
1033 * ip4_rewrite_local, too, which also pays attention to
1034 * rewrite_header.next index. Net result: a hack in
1035 * ip4_rewrite_local...
1037 n = IP_LOOKUP_NEXT_ARP;
1038 node_index = ip4_arp_node.index;
1039 adj->if_address_index = if_address_index;
1040 adj->arp.next_hop.ip4.as_u32 = 0;
1041 ip46_address_reset(&adj->arp.next_hop);
1042 packet_type = VNET_L3_PACKET_TYPE_ARP;
1046 n = IP_LOOKUP_NEXT_REWRITE;
1047 node_index = ip4_rewrite_node.index;
1048 packet_type = VNET_L3_PACKET_TYPE_IP4;
1051 adj->lookup_next_index = n;
1052 vnet_rewrite_for_sw_interface
1057 VNET_REWRITE_FOR_SW_INTERFACE_ADDRESS_BROADCAST,
1058 &adj->rewrite_header,
1059 sizeof (adj->rewrite_data));
1063 ip4_add_interface_routes (u32 sw_if_index,
1064 ip4_main_t * im, u32 fib_index,
1065 ip_interface_address_t * a)
1067 vnet_main_t * vnm = vnet_get_main();
1068 ip_lookup_main_t * lm = &im->lookup_main;
1069 ip_adjacency_t * adj;
1070 ip4_address_t * address = ip_interface_address_get_address (lm, a);
1071 ip4_add_del_route_args_t x;
1072 vnet_hw_interface_t * hw_if = vnet_get_sup_hw_interface (vnm, sw_if_index);
1073 u32 classify_table_index;
1075 /* Add e.g. 1.0.0.0/8 as interface route (arp for Ethernet). */
1076 x.table_index_or_table_id = fib_index;
1077 x.flags = (IP4_ROUTE_FLAG_ADD
1078 | IP4_ROUTE_FLAG_FIB_INDEX
1079 | IP4_ROUTE_FLAG_NO_REDISTRIBUTE);
1080 x.dst_address = address[0];
1081 x.dst_address_length = a->address_length;
1085 a->neighbor_probe_adj_index = ~0;
1086 if (a->address_length < 32)
1088 adj = ip_add_adjacency (lm, /* template */ 0, /* block size */ 1,
1090 ip4_adjacency_set_interface_route (vnm, adj, sw_if_index, a - lm->if_address_pool);
1091 ip_call_add_del_adjacency_callbacks (lm, x.adj_index, /* is_del */ 0);
1092 ip4_add_del_route (im, &x);
1093 a->neighbor_probe_adj_index = x.adj_index;
1096 /* Add e.g. 1.1.1.1/32 as local to this host. */
1097 adj = ip_add_adjacency (lm, /* template */ 0, /* block size */ 1,
1100 classify_table_index = ~0;
1101 if (sw_if_index < vec_len (lm->classify_table_index_by_sw_if_index))
1102 classify_table_index = lm->classify_table_index_by_sw_if_index [sw_if_index];
1103 if (classify_table_index != (u32) ~0)
1105 adj->lookup_next_index = IP_LOOKUP_NEXT_CLASSIFY;
1106 adj->classify.table_index = classify_table_index;
1109 adj->lookup_next_index = IP_LOOKUP_NEXT_LOCAL;
1111 adj->if_address_index = a - lm->if_address_pool;
1112 adj->rewrite_header.sw_if_index = sw_if_index;
1113 adj->rewrite_header.max_l3_packet_bytes = hw_if->max_l3_packet_bytes[VLIB_RX];
1115 * Local adjs are never to be rewritten. Spoofed pkts w/ src = dst = local
1116 * fail an RPF-ish check, but still go thru the rewrite code...
1118 adj->rewrite_header.data_bytes = 0;
1120 ip_call_add_del_adjacency_callbacks (lm, x.adj_index, /* is_del */ 0);
1121 x.dst_address_length = 32;
1122 ip4_add_del_route (im, &x);
1126 ip4_del_interface_routes (ip4_main_t * im, u32 fib_index, ip4_address_t * address, u32 address_length)
1128 ip4_add_del_route_args_t x;
1130 /* Add e.g. 1.0.0.0/8 as interface route (arp for Ethernet). */
1131 x.table_index_or_table_id = fib_index;
1132 x.flags = (IP4_ROUTE_FLAG_DEL
1133 | IP4_ROUTE_FLAG_FIB_INDEX
1134 | IP4_ROUTE_FLAG_NO_REDISTRIBUTE);
1135 x.dst_address = address[0];
1136 x.dst_address_length = address_length;
1141 if (address_length < 32)
1142 ip4_add_del_route (im, &x);
1144 x.dst_address_length = 32;
1145 ip4_add_del_route (im, &x);
1147 ip4_delete_matching_routes (im,
1149 IP4_ROUTE_FLAG_FIB_INDEX,
1156 ip4_address_t address;
1158 } ip4_interface_address_t;
1160 static clib_error_t *
1161 ip4_add_del_interface_address_internal (vlib_main_t * vm,
1163 ip4_address_t * new_address,
1169 static clib_error_t *
1170 ip4_add_del_interface_address_internal (vlib_main_t * vm,
1172 ip4_address_t * address,
1178 vnet_main_t * vnm = vnet_get_main();
1179 ip4_main_t * im = &ip4_main;
1180 ip_lookup_main_t * lm = &im->lookup_main;
1181 clib_error_t * error = 0;
1182 u32 if_address_index, elts_before;
1183 ip4_address_fib_t ip4_af, * addr_fib = 0;
1185 vec_validate (im->fib_index_by_sw_if_index, sw_if_index);
1186 ip4_addr_fib_init (&ip4_af, address,
1187 vec_elt (im->fib_index_by_sw_if_index, sw_if_index));
1188 vec_add1 (addr_fib, ip4_af);
1190 /* When adding an address check that it does not conflict with an existing address. */
1193 ip_interface_address_t * ia;
1194 foreach_ip_interface_address (&im->lookup_main, ia, sw_if_index,
1195 0 /* honor unnumbered */,
1197 ip4_address_t * x = ip_interface_address_get_address (&im->lookup_main, ia);
1199 if (ip4_destination_matches_route (im, address, x, ia->address_length)
1200 || ip4_destination_matches_route (im, x, address, address_length))
1201 return clib_error_create ("failed to add %U which conflicts with %U for interface %U",
1202 format_ip4_address_and_length, address, address_length,
1203 format_ip4_address_and_length, x, ia->address_length,
1204 format_vnet_sw_if_index_name, vnm, sw_if_index);
1208 elts_before = pool_elts (lm->if_address_pool);
1210 error = ip_interface_address_add_del
1220 if (vnet_sw_interface_is_admin_up (vnm, sw_if_index) && insert_routes)
1223 ip4_del_interface_routes (im, ip4_af.fib_index, address,
1227 ip4_add_interface_routes (sw_if_index,
1228 im, ip4_af.fib_index,
1230 (lm->if_address_pool, if_address_index));
1233 /* If pool did not grow/shrink: add duplicate address. */
1234 if (elts_before != pool_elts (lm->if_address_pool))
1236 ip4_add_del_interface_address_callback_t * cb;
1237 vec_foreach (cb, im->add_del_interface_address_callbacks)
1238 cb->function (im, cb->function_opaque, sw_if_index,
1239 address, address_length,
1245 vec_free (addr_fib);
1250 ip4_add_del_interface_address (vlib_main_t * vm, u32 sw_if_index,
1251 ip4_address_t * address, u32 address_length,
1254 return ip4_add_del_interface_address_internal
1255 (vm, sw_if_index, address, address_length,
1256 /* redistribute */ 1,
1257 /* insert_routes */ 1,
1261 static clib_error_t *
1262 ip4_sw_interface_admin_up_down (vnet_main_t * vnm,
1266 ip4_main_t * im = &ip4_main;
1267 ip_interface_address_t * ia;
1269 u32 is_admin_up, fib_index;
1271 /* Fill in lookup tables with default table (0). */
1272 vec_validate (im->fib_index_by_sw_if_index, sw_if_index);
1274 vec_validate_init_empty (im->lookup_main.if_address_pool_index_by_sw_if_index, sw_if_index, ~0);
1276 is_admin_up = (flags & VNET_SW_INTERFACE_FLAG_ADMIN_UP) != 0;
1278 fib_index = vec_elt (im->fib_index_by_sw_if_index, sw_if_index);
1280 foreach_ip_interface_address (&im->lookup_main, ia, sw_if_index,
1281 0 /* honor unnumbered */,
1283 a = ip_interface_address_get_address (&im->lookup_main, ia);
1285 ip4_add_interface_routes (sw_if_index,
1289 ip4_del_interface_routes (im, fib_index,
1290 a, ia->address_length);
1296 VNET_SW_INTERFACE_ADMIN_UP_DOWN_FUNCTION (ip4_sw_interface_admin_up_down);
1298 /* Built-in ip4 unicast rx feature path definition */
1299 VNET_IP4_UNICAST_FEATURE_INIT (ip4_inacl, static) = {
1300 .node_name = "ip4-inacl",
1301 .runs_before = {"ip4-source-check-via-rx", 0},
1302 .feature_index = &ip4_main.ip4_unicast_rx_feature_check_access,
1305 VNET_IP4_UNICAST_FEATURE_INIT (ip4_source_check_1, static) = {
1306 .node_name = "ip4-source-check-via-rx",
1307 .runs_before = {"ip4-source-check-via-any", 0},
1309 &ip4_main.ip4_unicast_rx_feature_source_reachable_via_rx,
1312 VNET_IP4_UNICAST_FEATURE_INIT (ip4_source_check_2, static) = {
1313 .node_name = "ip4-source-check-via-any",
1314 .runs_before = {"ipsec-input-ip4", 0},
1316 &ip4_main.ip4_unicast_rx_feature_source_reachable_via_any,
1319 VNET_IP4_UNICAST_FEATURE_INIT (ip4_ipsec, static) = {
1320 .node_name = "ipsec-input-ip4",
1321 .runs_before = {"vpath-input-ip4", 0},
1322 .feature_index = &ip4_main.ip4_unicast_rx_feature_ipsec,
1325 VNET_IP4_UNICAST_FEATURE_INIT (ip4_vpath, static) = {
1326 .node_name = "vpath-input-ip4",
1327 .runs_before = {"ip4-lookup", 0},
1328 .feature_index = &ip4_main.ip4_unicast_rx_feature_vpath,
1331 VNET_IP4_UNICAST_FEATURE_INIT (ip4_lookup, static) = {
1332 .node_name = "ip4-lookup",
1333 .runs_before = {0}, /* not before any other features */
1334 .feature_index = &ip4_main.ip4_unicast_rx_feature_lookup,
1337 /* Built-in ip4 multicast rx feature path definition */
1338 VNET_IP4_MULTICAST_FEATURE_INIT (ip4_vpath_mc, static) = {
1339 .node_name = "vpath-input-ip4",
1340 .runs_before = {"ip4-lookup-multicast", 0},
1341 .feature_index = &ip4_main.ip4_multicast_rx_feature_vpath,
1344 VNET_IP4_MULTICAST_FEATURE_INIT (ip4_lookup_mc, static) = {
1345 .node_name = "ip4-lookup-multicast",
1346 .runs_before = {0}, /* not before any other features */
1347 .feature_index = &ip4_main.ip4_multicast_rx_feature_lookup,
1350 static char * feature_start_nodes[] =
1351 { "ip4-input", "ip4-input-no-checksum"};
1353 static clib_error_t *
1354 ip4_feature_init (vlib_main_t * vm, ip4_main_t * im)
1356 ip_lookup_main_t * lm = &im->lookup_main;
1357 clib_error_t * error;
1360 for (cast = 0; cast < VNET_N_CAST; cast++)
1362 ip_config_main_t * cm = &lm->rx_config_mains[cast];
1363 vnet_config_main_t * vcm = &cm->config_main;
1365 if ((error = ip_feature_init_cast (vm, cm, vcm,
1366 feature_start_nodes,
1367 ARRAY_LEN(feature_start_nodes),
1375 static clib_error_t *
1376 ip4_sw_interface_add_del (vnet_main_t * vnm,
1380 vlib_main_t * vm = vnm->vlib_main;
1381 ip4_main_t * im = &ip4_main;
1382 ip_lookup_main_t * lm = &im->lookup_main;
1386 for (cast = 0; cast < VNET_N_CAST; cast++)
1388 ip_config_main_t * cm = &lm->rx_config_mains[cast];
1389 vnet_config_main_t * vcm = &cm->config_main;
1391 vec_validate_init_empty (cm->config_index_by_sw_if_index, sw_if_index, ~0);
1392 ci = cm->config_index_by_sw_if_index[sw_if_index];
1394 if (cast == VNET_UNICAST)
1395 feature_index = im->ip4_unicast_rx_feature_lookup;
1397 feature_index = im->ip4_multicast_rx_feature_lookup;
1400 ci = vnet_config_add_feature (vm, vcm,
1403 /* config data */ 0,
1404 /* # bytes of config data */ 0);
1406 ci = vnet_config_del_feature (vm, vcm,
1409 /* config data */ 0,
1410 /* # bytes of config data */ 0);
1412 cm->config_index_by_sw_if_index[sw_if_index] = ci;
1415 return /* no error */ 0;
1418 VNET_SW_INTERFACE_ADD_DEL_FUNCTION (ip4_sw_interface_add_del);
1420 static u8 * format_ip4_lookup_trace (u8 * s, va_list * args);
1422 VLIB_REGISTER_NODE (ip4_lookup_node) = {
1423 .function = ip4_lookup,
1424 .name = "ip4-lookup",
1425 .vector_size = sizeof (u32),
1427 .format_trace = format_ip4_lookup_trace,
1429 .n_next_nodes = IP4_LOOKUP_N_NEXT,
1430 .next_nodes = IP4_LOOKUP_NEXT_NODES,
1433 VLIB_NODE_FUNCTION_MULTIARCH (ip4_lookup_node, ip4_lookup)
1436 ip4_indirect (vlib_main_t * vm,
1437 vlib_node_runtime_t * node,
1438 vlib_frame_t * frame)
1440 return ip4_lookup_inline (vm, node, frame,
1441 /* lookup_for_responses_to_locally_received_packets */ 0,
1442 /* is_indirect */ 1);
1445 VLIB_REGISTER_NODE (ip4_indirect_node) = {
1446 .function = ip4_indirect,
1447 .name = "ip4-indirect",
1448 .vector_size = sizeof (u32),
1449 .sibling_of = "ip4-lookup",
1450 .format_trace = format_ip4_lookup_trace,
1455 VLIB_NODE_FUNCTION_MULTIARCH (ip4_indirect_node, ip4_indirect)
1458 /* Global IP4 main. */
1459 ip4_main_t ip4_main;
1462 ip4_lookup_init (vlib_main_t * vm)
1464 ip4_main_t * im = &ip4_main;
1465 clib_error_t * error;
1468 for (i = 0; i < ARRAY_LEN (im->fib_masks); i++)
1473 m = pow2_mask (i) << (32 - i);
1476 im->fib_masks[i] = clib_host_to_net_u32 (m);
1479 /* Create FIB with index 0 and table id of 0. */
1480 find_ip4_fib_by_table_index_or_id (im, /* table id */ 0, IP4_ROUTE_FLAG_TABLE_ID);
1482 ip_lookup_init (&im->lookup_main, /* is_ip6 */ 0);
1486 pn = pg_get_node (ip4_lookup_node.index);
1487 pn->unformat_edit = unformat_pg_ip4_header;
1491 ethernet_arp_header_t h;
1493 memset (&h, 0, sizeof (h));
1495 /* Set target ethernet address to all zeros. */
1496 memset (h.ip4_over_ethernet[1].ethernet, 0, sizeof (h.ip4_over_ethernet[1].ethernet));
1498 #define _16(f,v) h.f = clib_host_to_net_u16 (v);
1499 #define _8(f,v) h.f = v;
1500 _16 (l2_type, ETHERNET_ARP_HARDWARE_TYPE_ethernet);
1501 _16 (l3_type, ETHERNET_TYPE_IP4);
1502 _8 (n_l2_address_bytes, 6);
1503 _8 (n_l3_address_bytes, 4);
1504 _16 (opcode, ETHERNET_ARP_OPCODE_request);
1508 vlib_packet_template_init (vm,
1509 &im->ip4_arp_request_packet_template,
1512 /* alloc chunk size */ 8,
1516 error = ip4_feature_init (vm, im);
1521 VLIB_INIT_FUNCTION (ip4_lookup_init);
1524 /* Adjacency taken. */
1529 /* Packet data, possibly *after* rewrite. */
1530 u8 packet_data[64 - 1*sizeof(u32)];
1531 } ip4_forward_next_trace_t;
1533 static u8 * format_ip4_forward_next_trace (u8 * s, va_list * args)
1535 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
1536 CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
1537 ip4_forward_next_trace_t * t = va_arg (*args, ip4_forward_next_trace_t *);
1538 uword indent = format_get_indent (s);
1539 s = format (s, "%U%U",
1540 format_white_space, indent,
1541 format_ip4_header, t->packet_data);
1545 static u8 * format_ip4_lookup_trace (u8 * s, va_list * args)
1547 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
1548 CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
1549 ip4_forward_next_trace_t * t = va_arg (*args, ip4_forward_next_trace_t *);
1550 vnet_main_t * vnm = vnet_get_main();
1551 ip4_main_t * im = &ip4_main;
1552 uword indent = format_get_indent (s);
1554 s = format (s, "fib %d adj-idx %d : %U flow hash: 0x%08x",
1555 t->fib_index, t->adj_index, format_ip_adjacency,
1556 vnm, &im->lookup_main, t->adj_index, t->flow_hash);
1557 s = format (s, "\n%U%U",
1558 format_white_space, indent,
1559 format_ip4_header, t->packet_data);
1563 static u8 * format_ip4_rewrite_trace (u8 * s, va_list * args)
1565 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
1566 CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
1567 ip4_forward_next_trace_t * t = va_arg (*args, ip4_forward_next_trace_t *);
1568 vnet_main_t * vnm = vnet_get_main();
1569 ip4_main_t * im = &ip4_main;
1570 uword indent = format_get_indent (s);
1572 s = format (s, "tx_sw_if_index %d adj-idx %d : %U flow hash: 0x%08x",
1573 t->fib_index, t->adj_index, format_ip_adjacency,
1574 vnm, &im->lookup_main, t->adj_index, t->flow_hash);
1575 s = format (s, "\n%U%U",
1576 format_white_space, indent,
1577 format_ip_adjacency_packet_data,
1578 vnm, &im->lookup_main, t->adj_index,
1579 t->packet_data, sizeof (t->packet_data));
1583 /* Common trace function for all ip4-forward next nodes. */
1585 ip4_forward_next_trace (vlib_main_t * vm,
1586 vlib_node_runtime_t * node,
1587 vlib_frame_t * frame,
1588 vlib_rx_or_tx_t which_adj_index)
1591 ip4_main_t * im = &ip4_main;
1593 n_left = frame->n_vectors;
1594 from = vlib_frame_vector_args (frame);
1599 vlib_buffer_t * b0, * b1;
1600 ip4_forward_next_trace_t * t0, * t1;
1602 /* Prefetch next iteration. */
1603 vlib_prefetch_buffer_with_index (vm, from[2], LOAD);
1604 vlib_prefetch_buffer_with_index (vm, from[3], LOAD);
1609 b0 = vlib_get_buffer (vm, bi0);
1610 b1 = vlib_get_buffer (vm, bi1);
1612 if (b0->flags & VLIB_BUFFER_IS_TRACED)
1614 t0 = vlib_add_trace (vm, node, b0, sizeof (t0[0]));
1615 t0->adj_index = vnet_buffer (b0)->ip.adj_index[which_adj_index];
1616 t0->flow_hash = vnet_buffer (b0)->ip.flow_hash;
1617 t0->fib_index = (vnet_buffer(b0)->sw_if_index[VLIB_TX] != (u32)~0) ?
1618 vnet_buffer(b0)->sw_if_index[VLIB_TX] :
1619 vec_elt (im->fib_index_by_sw_if_index,
1620 vnet_buffer(b0)->sw_if_index[VLIB_RX]);
1622 clib_memcpy (t0->packet_data,
1623 vlib_buffer_get_current (b0),
1624 sizeof (t0->packet_data));
1626 if (b1->flags & VLIB_BUFFER_IS_TRACED)
1628 t1 = vlib_add_trace (vm, node, b1, sizeof (t1[0]));
1629 t1->adj_index = vnet_buffer (b1)->ip.adj_index[which_adj_index];
1630 t1->flow_hash = vnet_buffer (b1)->ip.flow_hash;
1631 t1->fib_index = (vnet_buffer(b1)->sw_if_index[VLIB_TX] != (u32)~0) ?
1632 vnet_buffer(b1)->sw_if_index[VLIB_TX] :
1633 vec_elt (im->fib_index_by_sw_if_index,
1634 vnet_buffer(b1)->sw_if_index[VLIB_RX]);
1635 clib_memcpy (t1->packet_data,
1636 vlib_buffer_get_current (b1),
1637 sizeof (t1->packet_data));
1647 ip4_forward_next_trace_t * t0;
1651 b0 = vlib_get_buffer (vm, bi0);
1653 if (b0->flags & VLIB_BUFFER_IS_TRACED)
1655 t0 = vlib_add_trace (vm, node, b0, sizeof (t0[0]));
1656 t0->adj_index = vnet_buffer (b0)->ip.adj_index[which_adj_index];
1657 t0->flow_hash = vnet_buffer (b0)->ip.flow_hash;
1658 t0->fib_index = (vnet_buffer(b0)->sw_if_index[VLIB_TX] != (u32)~0) ?
1659 vnet_buffer(b0)->sw_if_index[VLIB_TX] :
1660 vec_elt (im->fib_index_by_sw_if_index,
1661 vnet_buffer(b0)->sw_if_index[VLIB_RX]);
1662 clib_memcpy (t0->packet_data,
1663 vlib_buffer_get_current (b0),
1664 sizeof (t0->packet_data));
1672 ip4_drop_or_punt (vlib_main_t * vm,
1673 vlib_node_runtime_t * node,
1674 vlib_frame_t * frame,
1675 ip4_error_t error_code)
1677 u32 * buffers = vlib_frame_vector_args (frame);
1678 uword n_packets = frame->n_vectors;
1680 vlib_error_drop_buffers (vm, node,
1685 ip4_input_node.index,
1688 if (node->flags & VLIB_NODE_FLAG_TRACE)
1689 ip4_forward_next_trace (vm, node, frame, VLIB_TX);
1695 ip4_drop (vlib_main_t * vm,
1696 vlib_node_runtime_t * node,
1697 vlib_frame_t * frame)
1698 { return ip4_drop_or_punt (vm, node, frame, IP4_ERROR_ADJACENCY_DROP); }
1701 ip4_punt (vlib_main_t * vm,
1702 vlib_node_runtime_t * node,
1703 vlib_frame_t * frame)
1704 { return ip4_drop_or_punt (vm, node, frame, IP4_ERROR_ADJACENCY_PUNT); }
1707 ip4_miss (vlib_main_t * vm,
1708 vlib_node_runtime_t * node,
1709 vlib_frame_t * frame)
1710 { return ip4_drop_or_punt (vm, node, frame, IP4_ERROR_DST_LOOKUP_MISS); }
1712 VLIB_REGISTER_NODE (ip4_drop_node,static) = {
1713 .function = ip4_drop,
1715 .vector_size = sizeof (u32),
1717 .format_trace = format_ip4_forward_next_trace,
1725 VLIB_NODE_FUNCTION_MULTIARCH (ip4_drop_node, ip4_drop)
1727 VLIB_REGISTER_NODE (ip4_punt_node,static) = {
1728 .function = ip4_punt,
1730 .vector_size = sizeof (u32),
1732 .format_trace = format_ip4_forward_next_trace,
1740 VLIB_NODE_FUNCTION_MULTIARCH (ip4_punt_node, ip4_punt)
1742 VLIB_REGISTER_NODE (ip4_miss_node,static) = {
1743 .function = ip4_miss,
1745 .vector_size = sizeof (u32),
1747 .format_trace = format_ip4_forward_next_trace,
1755 VLIB_NODE_FUNCTION_MULTIARCH (ip4_miss_node, ip4_miss)
1757 /* Compute TCP/UDP/ICMP4 checksum in software. */
1759 ip4_tcp_udp_compute_checksum (vlib_main_t * vm, vlib_buffer_t * p0,
1763 u32 ip_header_length, payload_length_host_byte_order;
1764 u32 n_this_buffer, n_bytes_left;
1766 void * data_this_buffer;
1768 /* Initialize checksum with ip header. */
1769 ip_header_length = ip4_header_bytes (ip0);
1770 payload_length_host_byte_order = clib_net_to_host_u16 (ip0->length) - ip_header_length;
1771 sum0 = clib_host_to_net_u32 (payload_length_host_byte_order + (ip0->protocol << 16));
1773 if (BITS (uword) == 32)
1775 sum0 = ip_csum_with_carry (sum0, clib_mem_unaligned (&ip0->src_address, u32));
1776 sum0 = ip_csum_with_carry (sum0, clib_mem_unaligned (&ip0->dst_address, u32));
1779 sum0 = ip_csum_with_carry (sum0, clib_mem_unaligned (&ip0->src_address, u64));
1781 n_bytes_left = n_this_buffer = payload_length_host_byte_order;
1782 data_this_buffer = (void *) ip0 + ip_header_length;
1783 if (n_this_buffer + ip_header_length > p0->current_length)
1784 n_this_buffer = p0->current_length > ip_header_length ? p0->current_length - ip_header_length : 0;
1787 sum0 = ip_incremental_checksum (sum0, data_this_buffer, n_this_buffer);
1788 n_bytes_left -= n_this_buffer;
1789 if (n_bytes_left == 0)
1792 ASSERT (p0->flags & VLIB_BUFFER_NEXT_PRESENT);
1793 p0 = vlib_get_buffer (vm, p0->next_buffer);
1794 data_this_buffer = vlib_buffer_get_current (p0);
1795 n_this_buffer = p0->current_length;
1798 sum16 = ~ ip_csum_fold (sum0);
1804 ip4_tcp_udp_validate_checksum (vlib_main_t * vm, vlib_buffer_t * p0)
1806 ip4_header_t * ip0 = vlib_buffer_get_current (p0);
1807 udp_header_t * udp0;
1810 ASSERT (ip0->protocol == IP_PROTOCOL_TCP
1811 || ip0->protocol == IP_PROTOCOL_UDP);
1813 udp0 = (void *) (ip0 + 1);
1814 if (ip0->protocol == IP_PROTOCOL_UDP && udp0->checksum == 0)
1816 p0->flags |= (IP_BUFFER_L4_CHECKSUM_COMPUTED
1817 | IP_BUFFER_L4_CHECKSUM_CORRECT);
1821 sum16 = ip4_tcp_udp_compute_checksum (vm, p0, ip0);
1823 p0->flags |= (IP_BUFFER_L4_CHECKSUM_COMPUTED
1824 | ((sum16 == 0) << LOG2_IP_BUFFER_L4_CHECKSUM_CORRECT));
1830 ip4_local (vlib_main_t * vm,
1831 vlib_node_runtime_t * node,
1832 vlib_frame_t * frame)
1834 ip4_main_t * im = &ip4_main;
1835 ip_lookup_main_t * lm = &im->lookup_main;
1836 ip_local_next_t next_index;
1837 u32 * from, * to_next, n_left_from, n_left_to_next;
1838 vlib_node_runtime_t * error_node = vlib_node_get_runtime (vm, ip4_input_node.index);
1840 from = vlib_frame_vector_args (frame);
1841 n_left_from = frame->n_vectors;
1842 next_index = node->cached_next_index;
1844 if (node->flags & VLIB_NODE_FLAG_TRACE)
1845 ip4_forward_next_trace (vm, node, frame, VLIB_TX);
1847 while (n_left_from > 0)
1849 vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
1851 while (n_left_from >= 4 && n_left_to_next >= 2)
1853 vlib_buffer_t * p0, * p1;
1854 ip4_header_t * ip0, * ip1;
1855 udp_header_t * udp0, * udp1;
1856 ip4_fib_mtrie_t * mtrie0, * mtrie1;
1857 ip4_fib_mtrie_leaf_t leaf0, leaf1;
1858 ip_adjacency_t * adj0, * adj1;
1859 u32 pi0, ip_len0, udp_len0, flags0, next0, fib_index0, adj_index0;
1860 u32 pi1, ip_len1, udp_len1, flags1, next1, fib_index1, adj_index1;
1861 i32 len_diff0, len_diff1;
1862 u8 error0, is_udp0, is_tcp_udp0, good_tcp_udp0, proto0;
1863 u8 error1, is_udp1, is_tcp_udp1, good_tcp_udp1, proto1;
1866 pi0 = to_next[0] = from[0];
1867 pi1 = to_next[1] = from[1];
1871 n_left_to_next -= 2;
1873 p0 = vlib_get_buffer (vm, pi0);
1874 p1 = vlib_get_buffer (vm, pi1);
1876 ip0 = vlib_buffer_get_current (p0);
1877 ip1 = vlib_buffer_get_current (p1);
1879 fib_index0 = vec_elt (im->fib_index_by_sw_if_index,
1880 vnet_buffer(p0)->sw_if_index[VLIB_RX]);
1881 fib_index1 = vec_elt (im->fib_index_by_sw_if_index,
1882 vnet_buffer(p1)->sw_if_index[VLIB_RX]);
1884 mtrie0 = &vec_elt_at_index (im->fibs, fib_index0)->mtrie;
1885 mtrie1 = &vec_elt_at_index (im->fibs, fib_index1)->mtrie;
1887 leaf0 = leaf1 = IP4_FIB_MTRIE_LEAF_ROOT;
1889 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, &ip0->src_address, 0);
1890 leaf1 = ip4_fib_mtrie_lookup_step (mtrie1, leaf1, &ip1->src_address, 0);
1892 /* Treat IP frag packets as "experimental" protocol for now
1893 until support of IP frag reassembly is implemented */
1894 proto0 = ip4_is_fragment(ip0) ? 0xfe : ip0->protocol;
1895 proto1 = ip4_is_fragment(ip1) ? 0xfe : ip1->protocol;
1896 is_udp0 = proto0 == IP_PROTOCOL_UDP;
1897 is_udp1 = proto1 == IP_PROTOCOL_UDP;
1898 is_tcp_udp0 = is_udp0 || proto0 == IP_PROTOCOL_TCP;
1899 is_tcp_udp1 = is_udp1 || proto1 == IP_PROTOCOL_TCP;
1904 good_tcp_udp0 = (flags0 & IP_BUFFER_L4_CHECKSUM_CORRECT) != 0;
1905 good_tcp_udp1 = (flags1 & IP_BUFFER_L4_CHECKSUM_CORRECT) != 0;
1907 udp0 = ip4_next_header (ip0);
1908 udp1 = ip4_next_header (ip1);
1910 /* Don't verify UDP checksum for packets with explicit zero checksum. */
1911 good_tcp_udp0 |= is_udp0 && udp0->checksum == 0;
1912 good_tcp_udp1 |= is_udp1 && udp1->checksum == 0;
1914 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, &ip0->src_address, 1);
1915 leaf1 = ip4_fib_mtrie_lookup_step (mtrie1, leaf1, &ip1->src_address, 1);
1917 /* Verify UDP length. */
1918 ip_len0 = clib_net_to_host_u16 (ip0->length);
1919 ip_len1 = clib_net_to_host_u16 (ip1->length);
1920 udp_len0 = clib_net_to_host_u16 (udp0->length);
1921 udp_len1 = clib_net_to_host_u16 (udp1->length);
1923 len_diff0 = ip_len0 - udp_len0;
1924 len_diff1 = ip_len1 - udp_len1;
1926 len_diff0 = is_udp0 ? len_diff0 : 0;
1927 len_diff1 = is_udp1 ? len_diff1 : 0;
1929 if (PREDICT_FALSE (! (is_tcp_udp0 & is_tcp_udp1
1930 & good_tcp_udp0 & good_tcp_udp1)))
1935 && ! (flags0 & IP_BUFFER_L4_CHECKSUM_COMPUTED))
1936 flags0 = ip4_tcp_udp_validate_checksum (vm, p0);
1938 (flags0 & IP_BUFFER_L4_CHECKSUM_CORRECT) != 0;
1939 good_tcp_udp0 |= is_udp0 && udp0->checksum == 0;
1944 && ! (flags1 & IP_BUFFER_L4_CHECKSUM_COMPUTED))
1945 flags1 = ip4_tcp_udp_validate_checksum (vm, p1);
1947 (flags1 & IP_BUFFER_L4_CHECKSUM_CORRECT) != 0;
1948 good_tcp_udp1 |= is_udp1 && udp1->checksum == 0;
1952 good_tcp_udp0 &= len_diff0 >= 0;
1953 good_tcp_udp1 &= len_diff1 >= 0;
1955 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, &ip0->src_address, 2);
1956 leaf1 = ip4_fib_mtrie_lookup_step (mtrie1, leaf1, &ip1->src_address, 2);
1958 error0 = error1 = IP4_ERROR_UNKNOWN_PROTOCOL;
1960 error0 = len_diff0 < 0 ? IP4_ERROR_UDP_LENGTH : error0;
1961 error1 = len_diff1 < 0 ? IP4_ERROR_UDP_LENGTH : error1;
1963 ASSERT (IP4_ERROR_TCP_CHECKSUM + 1 == IP4_ERROR_UDP_CHECKSUM);
1964 error0 = (is_tcp_udp0 && ! good_tcp_udp0
1965 ? IP4_ERROR_TCP_CHECKSUM + is_udp0
1967 error1 = (is_tcp_udp1 && ! good_tcp_udp1
1968 ? IP4_ERROR_TCP_CHECKSUM + is_udp1
1971 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, &ip0->src_address, 3);
1972 leaf1 = ip4_fib_mtrie_lookup_step (mtrie1, leaf1, &ip1->src_address, 3);
1974 vnet_buffer (p0)->ip.adj_index[VLIB_RX] = adj_index0 = ip4_fib_mtrie_leaf_get_adj_index (leaf0);
1975 vnet_buffer (p0)->ip.adj_index[VLIB_TX] = adj_index0;
1977 vnet_buffer (p1)->ip.adj_index[VLIB_RX] = adj_index1 = ip4_fib_mtrie_leaf_get_adj_index (leaf1);
1978 vnet_buffer (p1)->ip.adj_index[VLIB_TX] = adj_index1;
1980 ASSERT (adj_index0 == ip4_fib_lookup_with_table (im, fib_index0,
1982 /* no_default_route */ 1));
1983 ASSERT (adj_index1 == ip4_fib_lookup_with_table (im, fib_index1,
1985 /* no_default_route */ 1));
1987 adj0 = ip_get_adjacency (lm, adj_index0);
1988 adj1 = ip_get_adjacency (lm, adj_index1);
1991 * Must have a route to source otherwise we drop the packet.
1992 * ip4 broadcasts are accepted, e.g. to make dhcp client work
1994 error0 = (error0 == IP4_ERROR_UNKNOWN_PROTOCOL
1995 && adj0->lookup_next_index != IP_LOOKUP_NEXT_REWRITE
1996 && adj0->lookup_next_index != IP_LOOKUP_NEXT_ARP
1997 && adj0->lookup_next_index != IP_LOOKUP_NEXT_LOCAL
1998 && ip0->dst_address.as_u32 != 0xFFFFFFFF
1999 ? IP4_ERROR_SRC_LOOKUP_MISS
2001 error1 = (error1 == IP4_ERROR_UNKNOWN_PROTOCOL
2002 && adj1->lookup_next_index != IP_LOOKUP_NEXT_REWRITE
2003 && adj1->lookup_next_index != IP_LOOKUP_NEXT_ARP
2004 && adj1->lookup_next_index != IP_LOOKUP_NEXT_LOCAL
2005 && ip0->dst_address.as_u32 != 0xFFFFFFFF
2006 ? IP4_ERROR_SRC_LOOKUP_MISS
2009 next0 = lm->local_next_by_ip_protocol[proto0];
2010 next1 = lm->local_next_by_ip_protocol[proto1];
2012 next0 = error0 != IP4_ERROR_UNKNOWN_PROTOCOL ? IP_LOCAL_NEXT_DROP : next0;
2013 next1 = error1 != IP4_ERROR_UNKNOWN_PROTOCOL ? IP_LOCAL_NEXT_DROP : next1;
2015 p0->error = error0 ? error_node->errors[error0] : 0;
2016 p1->error = error1 ? error_node->errors[error1] : 0;
2018 enqueue_code = (next0 != next_index) + 2*(next1 != next_index);
2020 if (PREDICT_FALSE (enqueue_code != 0))
2022 switch (enqueue_code)
2028 n_left_to_next += 1;
2029 vlib_set_next_frame_buffer (vm, node, next0, pi0);
2035 n_left_to_next += 1;
2036 vlib_set_next_frame_buffer (vm, node, next1, pi1);
2040 /* A B B or A B C */
2042 n_left_to_next += 2;
2043 vlib_set_next_frame_buffer (vm, node, next0, pi0);
2044 vlib_set_next_frame_buffer (vm, node, next1, pi1);
2047 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
2049 vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
2056 while (n_left_from > 0 && n_left_to_next > 0)
2060 udp_header_t * udp0;
2061 ip4_fib_mtrie_t * mtrie0;
2062 ip4_fib_mtrie_leaf_t leaf0;
2063 ip_adjacency_t * adj0;
2064 u32 pi0, next0, ip_len0, udp_len0, flags0, fib_index0, adj_index0;
2066 u8 error0, is_udp0, is_tcp_udp0, good_tcp_udp0, proto0;
2068 pi0 = to_next[0] = from[0];
2072 n_left_to_next -= 1;
2074 p0 = vlib_get_buffer (vm, pi0);
2076 ip0 = vlib_buffer_get_current (p0);
2078 fib_index0 = vec_elt (im->fib_index_by_sw_if_index,
2079 vnet_buffer(p0)->sw_if_index[VLIB_RX]);
2081 mtrie0 = &vec_elt_at_index (im->fibs, fib_index0)->mtrie;
2083 leaf0 = IP4_FIB_MTRIE_LEAF_ROOT;
2085 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, &ip0->src_address, 0);
2087 /* Treat IP frag packets as "experimental" protocol for now
2088 until support of IP frag reassembly is implemented */
2089 proto0 = ip4_is_fragment(ip0) ? 0xfe : ip0->protocol;
2090 is_udp0 = proto0 == IP_PROTOCOL_UDP;
2091 is_tcp_udp0 = is_udp0 || proto0 == IP_PROTOCOL_TCP;
2095 good_tcp_udp0 = (flags0 & IP_BUFFER_L4_CHECKSUM_CORRECT) != 0;
2097 udp0 = ip4_next_header (ip0);
2099 /* Don't verify UDP checksum for packets with explicit zero checksum. */
2100 good_tcp_udp0 |= is_udp0 && udp0->checksum == 0;
2102 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, &ip0->src_address, 1);
2104 /* Verify UDP length. */
2105 ip_len0 = clib_net_to_host_u16 (ip0->length);
2106 udp_len0 = clib_net_to_host_u16 (udp0->length);
2108 len_diff0 = ip_len0 - udp_len0;
2110 len_diff0 = is_udp0 ? len_diff0 : 0;
2112 if (PREDICT_FALSE (! (is_tcp_udp0 & good_tcp_udp0)))
2117 && ! (flags0 & IP_BUFFER_L4_CHECKSUM_COMPUTED))
2118 flags0 = ip4_tcp_udp_validate_checksum (vm, p0);
2120 (flags0 & IP_BUFFER_L4_CHECKSUM_CORRECT) != 0;
2121 good_tcp_udp0 |= is_udp0 && udp0->checksum == 0;
2125 good_tcp_udp0 &= len_diff0 >= 0;
2127 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, &ip0->src_address, 2);
2129 error0 = IP4_ERROR_UNKNOWN_PROTOCOL;
2131 error0 = len_diff0 < 0 ? IP4_ERROR_UDP_LENGTH : error0;
2133 ASSERT (IP4_ERROR_TCP_CHECKSUM + 1 == IP4_ERROR_UDP_CHECKSUM);
2134 error0 = (is_tcp_udp0 && ! good_tcp_udp0
2135 ? IP4_ERROR_TCP_CHECKSUM + is_udp0
2138 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, &ip0->src_address, 3);
2140 vnet_buffer (p0)->ip.adj_index[VLIB_RX] = adj_index0 = ip4_fib_mtrie_leaf_get_adj_index (leaf0);
2141 vnet_buffer (p0)->ip.adj_index[VLIB_TX] = adj_index0;
2143 ASSERT (adj_index0 == ip4_fib_lookup_with_table (im, fib_index0,
2145 /* no_default_route */ 1));
2147 adj0 = ip_get_adjacency (lm, adj_index0);
2149 /* Must have a route to source otherwise we drop the packet. */
2150 error0 = (error0 == IP4_ERROR_UNKNOWN_PROTOCOL
2151 && adj0->lookup_next_index != IP_LOOKUP_NEXT_REWRITE
2152 && adj0->lookup_next_index != IP_LOOKUP_NEXT_ARP
2153 && adj0->lookup_next_index != IP_LOOKUP_NEXT_LOCAL
2154 && ip0->dst_address.as_u32 != 0xFFFFFFFF
2155 ? IP4_ERROR_SRC_LOOKUP_MISS
2158 next0 = lm->local_next_by_ip_protocol[proto0];
2160 next0 = error0 != IP4_ERROR_UNKNOWN_PROTOCOL ? IP_LOCAL_NEXT_DROP : next0;
2162 p0->error = error0? error_node->errors[error0] : 0;
2164 if (PREDICT_FALSE (next0 != next_index))
2166 n_left_to_next += 1;
2167 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
2170 vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
2173 n_left_to_next -= 1;
2177 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
2180 return frame->n_vectors;
2183 VLIB_REGISTER_NODE (ip4_local_node,static) = {
2184 .function = ip4_local,
2185 .name = "ip4-local",
2186 .vector_size = sizeof (u32),
2188 .format_trace = format_ip4_forward_next_trace,
2190 .n_next_nodes = IP_LOCAL_N_NEXT,
2192 [IP_LOCAL_NEXT_DROP] = "error-drop",
2193 [IP_LOCAL_NEXT_PUNT] = "error-punt",
2194 [IP_LOCAL_NEXT_UDP_LOOKUP] = "ip4-udp-lookup",
2195 [IP_LOCAL_NEXT_ICMP] = "ip4-icmp-input",
2199 VLIB_NODE_FUNCTION_MULTIARCH (ip4_local_node, ip4_local)
2201 void ip4_register_protocol (u32 protocol, u32 node_index)
2203 vlib_main_t * vm = vlib_get_main();
2204 ip4_main_t * im = &ip4_main;
2205 ip_lookup_main_t * lm = &im->lookup_main;
2207 ASSERT (protocol < ARRAY_LEN (lm->local_next_by_ip_protocol));
2208 lm->local_next_by_ip_protocol[protocol] = vlib_node_add_next (vm, ip4_local_node.index, node_index);
2211 static clib_error_t *
2212 show_ip_local_command_fn (vlib_main_t * vm,
2213 unformat_input_t * input,
2214 vlib_cli_command_t * cmd)
2216 ip4_main_t * im = &ip4_main;
2217 ip_lookup_main_t * lm = &im->lookup_main;
2220 vlib_cli_output (vm, "Protocols handled by ip4_local");
2221 for (i = 0; i < ARRAY_LEN(lm->local_next_by_ip_protocol); i++)
2223 if (lm->local_next_by_ip_protocol[i] != IP_LOCAL_NEXT_PUNT)
2224 vlib_cli_output (vm, "%d", i);
2231 VLIB_CLI_COMMAND (show_ip_local, static) = {
2232 .path = "show ip local",
2233 .function = show_ip_local_command_fn,
2234 .short_help = "Show ip local protocol table",
2238 ip4_arp (vlib_main_t * vm,
2239 vlib_node_runtime_t * node,
2240 vlib_frame_t * frame)
2242 vnet_main_t * vnm = vnet_get_main();
2243 ip4_main_t * im = &ip4_main;
2244 ip_lookup_main_t * lm = &im->lookup_main;
2245 u32 * from, * to_next_drop;
2246 uword n_left_from, n_left_to_next_drop, next_index;
2247 static f64 time_last_seed_change = -1e100;
2248 static u32 hash_seeds[3];
2249 static uword hash_bitmap[256 / BITS (uword)];
2252 if (node->flags & VLIB_NODE_FLAG_TRACE)
2253 ip4_forward_next_trace (vm, node, frame, VLIB_TX);
2255 time_now = vlib_time_now (vm);
2256 if (time_now - time_last_seed_change > 1e-3)
2259 u32 * r = clib_random_buffer_get_data (&vm->random_buffer,
2260 sizeof (hash_seeds));
2261 for (i = 0; i < ARRAY_LEN (hash_seeds); i++)
2262 hash_seeds[i] = r[i];
2264 /* Mark all hash keys as been no-seen before. */
2265 for (i = 0; i < ARRAY_LEN (hash_bitmap); i++)
2268 time_last_seed_change = time_now;
2271 from = vlib_frame_vector_args (frame);
2272 n_left_from = frame->n_vectors;
2273 next_index = node->cached_next_index;
2274 if (next_index == IP4_ARP_NEXT_DROP)
2275 next_index = IP4_ARP_N_NEXT; /* point to first interface */
2277 while (n_left_from > 0)
2279 vlib_get_next_frame (vm, node, IP4_ARP_NEXT_DROP,
2280 to_next_drop, n_left_to_next_drop);
2282 while (n_left_from > 0 && n_left_to_next_drop > 0)
2286 ethernet_header_t * eh0;
2287 u32 pi0, adj_index0, a0, b0, c0, m0, sw_if_index0, drop0;
2289 ip_adjacency_t * adj0;
2293 p0 = vlib_get_buffer (vm, pi0);
2295 adj_index0 = vnet_buffer (p0)->ip.adj_index[VLIB_TX];
2296 adj0 = ip_get_adjacency (lm, adj_index0);
2297 ip0 = vlib_buffer_get_current (p0);
2299 /* If packet destination is not local, send ARP to next hop */
2300 if (adj0->arp.next_hop.ip4.as_u32)
2301 ip0->dst_address.data_u32 = adj0->arp.next_hop.ip4.as_u32;
2304 * if ip4_rewrite_local applied the IP_LOOKUP_NEXT_ARP
2305 * rewrite to this packet, we need to skip it here.
2306 * Note, to distinguish from src IP addr *.8.6.*, we
2307 * check for a bcast eth dest instead of IPv4 version.
2309 eh0 = (ethernet_header_t*)ip0;
2310 if ((ip0->ip_version_and_header_length & 0xF0) != 0x40)
2313 u16 * etype = &eh0->type;
2314 while ((*etype == clib_host_to_net_u16 (0x8100)) //dot1q
2315 || (*etype == clib_host_to_net_u16 (0x88a8)))//dot1ad
2318 etype += 2; //vlan tag also 16 bits, same as etype
2320 if (*etype == clib_host_to_net_u16 (0x0806)) //arp
2322 vlib_buffer_advance (
2323 p0, sizeof(ethernet_header_t) + (4*vlan_num));
2324 ip0 = vlib_buffer_get_current (p0);
2332 sw_if_index0 = adj0->rewrite_header.sw_if_index;
2333 vnet_buffer (p0)->sw_if_index[VLIB_TX] = sw_if_index0;
2335 a0 ^= ip0->dst_address.data_u32;
2338 hash_v3_finalize32 (a0, b0, c0);
2340 c0 &= BITS (hash_bitmap) - 1;
2341 c0 = c0 / BITS (uword);
2342 m0 = (uword) 1 << (c0 % BITS (uword));
2344 bm0 = hash_bitmap[c0];
2345 drop0 = (bm0 & m0) != 0;
2347 /* Mark it as seen. */
2348 hash_bitmap[c0] = bm0 | m0;
2352 to_next_drop[0] = pi0;
2354 n_left_to_next_drop -= 1;
2356 p0->error = node->errors[drop0 ? IP4_ARP_ERROR_DROP : IP4_ARP_ERROR_REQUEST_SENT];
2362 * Can happen if the control-plane is programming tables
2363 * with traffic flowing; at least that's today's lame excuse.
2365 if (adj0->lookup_next_index != IP_LOOKUP_NEXT_ARP)
2367 p0->error = node->errors[IP4_ARP_ERROR_NON_ARP_ADJ];
2370 /* Send ARP request. */
2374 ethernet_arp_header_t * h0;
2375 vnet_hw_interface_t * hw_if0;
2377 h0 = vlib_packet_template_get_packet (vm, &im->ip4_arp_request_packet_template, &bi0);
2379 /* Add rewrite/encap string for ARP packet. */
2380 vnet_rewrite_one_header (adj0[0], h0, sizeof (ethernet_header_t));
2382 hw_if0 = vnet_get_sup_hw_interface (vnm, sw_if_index0);
2384 /* Src ethernet address in ARP header. */
2385 clib_memcpy (h0->ip4_over_ethernet[0].ethernet, hw_if0->hw_address,
2386 sizeof (h0->ip4_over_ethernet[0].ethernet));
2388 if (ip4_src_address_for_packet (im, p0, &h0->ip4_over_ethernet[0].ip4, sw_if_index0)) {
2389 //No source address available
2390 p0->error = node->errors[IP4_ARP_ERROR_NO_SOURCE_ADDRESS];
2391 vlib_buffer_free(vm, &bi0, 1);
2395 /* Copy in destination address we are requesting. */
2396 h0->ip4_over_ethernet[1].ip4.data_u32 = ip0->dst_address.data_u32;
2398 vlib_buffer_copy_trace_flag (vm, p0, bi0);
2399 b0 = vlib_get_buffer (vm, bi0);
2400 vnet_buffer (b0)->sw_if_index[VLIB_TX] = sw_if_index0;
2402 vlib_buffer_advance (b0, -adj0->rewrite_header.data_bytes);
2404 vlib_set_next_frame_buffer (vm, node, adj0->rewrite_header.next_index, bi0);
2408 vlib_put_next_frame (vm, node, IP4_ARP_NEXT_DROP, n_left_to_next_drop);
2411 return frame->n_vectors;
2414 static char * ip4_arp_error_strings[] = {
2415 [IP4_ARP_ERROR_DROP] = "address overflow drops",
2416 [IP4_ARP_ERROR_REQUEST_SENT] = "ARP requests sent",
2417 [IP4_ARP_ERROR_NON_ARP_ADJ] = "ARPs to non-ARP adjacencies",
2418 [IP4_ARP_ERROR_REPLICATE_DROP] = "ARP replication completed",
2419 [IP4_ARP_ERROR_REPLICATE_FAIL] = "ARP replication failed",
2420 [IP4_ARP_ERROR_NO_SOURCE_ADDRESS] = "no source address for ARP request",
2423 VLIB_REGISTER_NODE (ip4_arp_node) = {
2424 .function = ip4_arp,
2426 .vector_size = sizeof (u32),
2428 .format_trace = format_ip4_forward_next_trace,
2430 .n_errors = ARRAY_LEN (ip4_arp_error_strings),
2431 .error_strings = ip4_arp_error_strings,
2433 .n_next_nodes = IP4_ARP_N_NEXT,
2435 [IP4_ARP_NEXT_DROP] = "error-drop",
2439 #define foreach_notrace_ip4_arp_error \
2445 clib_error_t * arp_notrace_init (vlib_main_t * vm)
2447 vlib_node_runtime_t *rt =
2448 vlib_node_get_runtime (vm, ip4_arp_node.index);
2450 /* don't trace ARP request packets */
2452 vnet_pcap_drop_trace_filter_add_del \
2453 (rt->errors[IP4_ARP_ERROR_##a], \
2455 foreach_notrace_ip4_arp_error;
2460 VLIB_INIT_FUNCTION(arp_notrace_init);
2463 /* Send an ARP request to see if given destination is reachable on given interface. */
2465 ip4_probe_neighbor (vlib_main_t * vm, ip4_address_t * dst, u32 sw_if_index)
2467 vnet_main_t * vnm = vnet_get_main();
2468 ip4_main_t * im = &ip4_main;
2469 ethernet_arp_header_t * h;
2470 ip4_address_t * src;
2471 ip_interface_address_t * ia;
2472 ip_adjacency_t * adj;
2473 vnet_hw_interface_t * hi;
2474 vnet_sw_interface_t * si;
2478 si = vnet_get_sw_interface (vnm, sw_if_index);
2480 if (!(si->flags & VNET_SW_INTERFACE_FLAG_ADMIN_UP))
2482 return clib_error_return (0, "%U: interface %U down",
2483 format_ip4_address, dst,
2484 format_vnet_sw_if_index_name, vnm,
2488 src = ip4_interface_address_matching_destination (im, dst, sw_if_index, &ia);
2491 vnm->api_errno = VNET_API_ERROR_NO_MATCHING_INTERFACE;
2492 return clib_error_return
2493 (0, "no matching interface address for destination %U (interface %U)",
2494 format_ip4_address, dst,
2495 format_vnet_sw_if_index_name, vnm, sw_if_index);
2498 adj = ip_get_adjacency (&im->lookup_main, ia->neighbor_probe_adj_index);
2500 h = vlib_packet_template_get_packet (vm, &im->ip4_arp_request_packet_template, &bi);
2502 hi = vnet_get_sup_hw_interface (vnm, sw_if_index);
2504 clib_memcpy (h->ip4_over_ethernet[0].ethernet, hi->hw_address, sizeof (h->ip4_over_ethernet[0].ethernet));
2506 h->ip4_over_ethernet[0].ip4 = src[0];
2507 h->ip4_over_ethernet[1].ip4 = dst[0];
2509 b = vlib_get_buffer (vm, bi);
2510 vnet_buffer (b)->sw_if_index[VLIB_RX] = vnet_buffer (b)->sw_if_index[VLIB_TX] = sw_if_index;
2512 /* Add encapsulation string for software interface (e.g. ethernet header). */
2513 vnet_rewrite_one_header (adj[0], h, sizeof (ethernet_header_t));
2514 vlib_buffer_advance (b, -adj->rewrite_header.data_bytes);
2517 vlib_frame_t * f = vlib_get_frame_to_node (vm, hi->output_node_index);
2518 u32 * to_next = vlib_frame_vector_args (f);
2521 vlib_put_frame_to_node (vm, hi->output_node_index, f);
2524 return /* no error */ 0;
2528 IP4_REWRITE_NEXT_DROP,
2529 IP4_REWRITE_NEXT_ARP,
2530 IP4_REWRITE_NEXT_ICMP_ERROR,
2531 } ip4_rewrite_next_t;
2534 ip4_rewrite_inline (vlib_main_t * vm,
2535 vlib_node_runtime_t * node,
2536 vlib_frame_t * frame,
2537 int rewrite_for_locally_received_packets)
2539 ip_lookup_main_t * lm = &ip4_main.lookup_main;
2540 u32 * from = vlib_frame_vector_args (frame);
2541 u32 n_left_from, n_left_to_next, * to_next, next_index;
2542 vlib_node_runtime_t * error_node = vlib_node_get_runtime (vm, ip4_input_node.index);
2543 vlib_rx_or_tx_t adj_rx_tx = rewrite_for_locally_received_packets ? VLIB_RX : VLIB_TX;
2545 n_left_from = frame->n_vectors;
2546 next_index = node->cached_next_index;
2547 u32 cpu_index = os_get_cpu_number();
2549 while (n_left_from > 0)
2551 vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
2553 while (n_left_from >= 4 && n_left_to_next >= 2)
2555 ip_adjacency_t * adj0, * adj1;
2556 vlib_buffer_t * p0, * p1;
2557 ip4_header_t * ip0, * ip1;
2558 u32 pi0, rw_len0, next0, error0, checksum0, adj_index0;
2559 u32 pi1, rw_len1, next1, error1, checksum1, adj_index1;
2560 u32 next0_override, next1_override;
2562 if (rewrite_for_locally_received_packets)
2563 next0_override = next1_override = 0;
2565 /* Prefetch next iteration. */
2567 vlib_buffer_t * p2, * p3;
2569 p2 = vlib_get_buffer (vm, from[2]);
2570 p3 = vlib_get_buffer (vm, from[3]);
2572 vlib_prefetch_buffer_header (p2, STORE);
2573 vlib_prefetch_buffer_header (p3, STORE);
2575 CLIB_PREFETCH (p2->data, sizeof (ip0[0]), STORE);
2576 CLIB_PREFETCH (p3->data, sizeof (ip0[0]), STORE);
2579 pi0 = to_next[0] = from[0];
2580 pi1 = to_next[1] = from[1];
2585 n_left_to_next -= 2;
2587 p0 = vlib_get_buffer (vm, pi0);
2588 p1 = vlib_get_buffer (vm, pi1);
2590 adj_index0 = vnet_buffer (p0)->ip.adj_index[adj_rx_tx];
2591 adj_index1 = vnet_buffer (p1)->ip.adj_index[adj_rx_tx];
2593 /* We should never rewrite a pkt using the MISS adjacency */
2594 ASSERT(adj_index0 && adj_index1);
2596 ip0 = vlib_buffer_get_current (p0);
2597 ip1 = vlib_buffer_get_current (p1);
2599 error0 = error1 = IP4_ERROR_NONE;
2600 next0 = next1 = IP4_REWRITE_NEXT_DROP;
2602 /* Decrement TTL & update checksum.
2603 Works either endian, so no need for byte swap. */
2604 if (! rewrite_for_locally_received_packets)
2606 i32 ttl0 = ip0->ttl, ttl1 = ip1->ttl;
2608 /* Input node should have reject packets with ttl 0. */
2609 ASSERT (ip0->ttl > 0);
2610 ASSERT (ip1->ttl > 0);
2612 checksum0 = ip0->checksum + clib_host_to_net_u16 (0x0100);
2613 checksum1 = ip1->checksum + clib_host_to_net_u16 (0x0100);
2615 checksum0 += checksum0 >= 0xffff;
2616 checksum1 += checksum1 >= 0xffff;
2618 ip0->checksum = checksum0;
2619 ip1->checksum = checksum1;
2628 * If the ttl drops below 1 when forwarding, generate
2631 if (PREDICT_FALSE(ttl0 <= 0))
2633 error0 = IP4_ERROR_TIME_EXPIRED;
2634 vnet_buffer (p0)->sw_if_index[VLIB_TX] = (u32)~0;
2635 icmp4_error_set_vnet_buffer(p0, ICMP4_time_exceeded,
2636 ICMP4_time_exceeded_ttl_exceeded_in_transit, 0);
2637 next0 = IP4_REWRITE_NEXT_ICMP_ERROR;
2639 if (PREDICT_FALSE(ttl1 <= 0))
2641 error1 = IP4_ERROR_TIME_EXPIRED;
2642 vnet_buffer (p1)->sw_if_index[VLIB_TX] = (u32)~0;
2643 icmp4_error_set_vnet_buffer(p1, ICMP4_time_exceeded,
2644 ICMP4_time_exceeded_ttl_exceeded_in_transit, 0);
2645 next1 = IP4_REWRITE_NEXT_ICMP_ERROR;
2648 /* Verify checksum. */
2649 ASSERT (ip0->checksum == ip4_header_checksum (ip0));
2650 ASSERT (ip1->checksum == ip4_header_checksum (ip1));
2653 /* Rewrite packet header and updates lengths. */
2654 adj0 = ip_get_adjacency (lm, adj_index0);
2655 adj1 = ip_get_adjacency (lm, adj_index1);
2657 if (rewrite_for_locally_received_packets)
2660 * If someone sends e.g. an icmp4 w/ src = dst = interface addr,
2661 * we end up here with a local adjacency in hand
2662 * The local adj rewrite data is 0xfefe on purpose.
2663 * Bad engineer, no donut for you.
2665 if (PREDICT_FALSE(adj0->lookup_next_index
2666 == IP_LOOKUP_NEXT_LOCAL))
2667 error0 = IP4_ERROR_SPOOFED_LOCAL_PACKETS;
2668 if (PREDICT_FALSE(adj0->lookup_next_index
2669 == IP_LOOKUP_NEXT_ARP))
2670 next0_override = IP4_REWRITE_NEXT_ARP;
2671 if (PREDICT_FALSE(adj1->lookup_next_index
2672 == IP_LOOKUP_NEXT_LOCAL))
2673 error1 = IP4_ERROR_SPOOFED_LOCAL_PACKETS;
2674 if (PREDICT_FALSE(adj1->lookup_next_index
2675 == IP_LOOKUP_NEXT_ARP))
2676 next1_override = IP4_REWRITE_NEXT_ARP;
2679 /* Worth pipelining. No guarantee that adj0,1 are hot... */
2680 rw_len0 = adj0[0].rewrite_header.data_bytes;
2681 rw_len1 = adj1[0].rewrite_header.data_bytes;
2683 /* Check MTU of outgoing interface. */
2684 error0 = (vlib_buffer_length_in_chain (vm, p0) > adj0[0].rewrite_header.max_l3_packet_bytes
2685 ? IP4_ERROR_MTU_EXCEEDED
2687 error1 = (vlib_buffer_length_in_chain (vm, p1) > adj1[0].rewrite_header.max_l3_packet_bytes
2688 ? IP4_ERROR_MTU_EXCEEDED
2691 next0 = (error0 == IP4_ERROR_NONE)
2692 ? adj0[0].rewrite_header.next_index : next0;
2694 if (rewrite_for_locally_received_packets)
2695 next0 = next0 && next0_override ? next0_override : next0;
2697 next1 = (error1 == IP4_ERROR_NONE)
2698 ? adj1[0].rewrite_header.next_index : next1;
2700 if (rewrite_for_locally_received_packets)
2701 next1 = next1 && next1_override ? next1_override : next1;
2704 * We've already accounted for an ethernet_header_t elsewhere
2706 if (PREDICT_FALSE (rw_len0 > sizeof(ethernet_header_t)))
2707 vlib_increment_combined_counter
2708 (&lm->adjacency_counters,
2709 cpu_index, adj_index0,
2710 /* packet increment */ 0,
2711 /* byte increment */ rw_len0-sizeof(ethernet_header_t));
2713 if (PREDICT_FALSE (rw_len1 > sizeof(ethernet_header_t)))
2714 vlib_increment_combined_counter
2715 (&lm->adjacency_counters,
2716 cpu_index, adj_index1,
2717 /* packet increment */ 0,
2718 /* byte increment */ rw_len1-sizeof(ethernet_header_t));
2720 /* Don't adjust the buffer for ttl issue; icmp-error node wants
2721 * to see the IP headerr */
2722 if (PREDICT_TRUE(error0 == IP4_ERROR_NONE))
2724 p0->current_data -= rw_len0;
2725 p0->current_length += rw_len0;
2726 p0->error = error_node->errors[error0];
2727 vnet_buffer (p0)->sw_if_index[VLIB_TX] =
2728 adj0[0].rewrite_header.sw_if_index;
2730 if (PREDICT_TRUE(error1 == IP4_ERROR_NONE))
2732 p1->current_data -= rw_len1;
2733 p1->current_length += rw_len1;
2734 p1->error = error_node->errors[error1];
2735 vnet_buffer (p1)->sw_if_index[VLIB_TX] =
2736 adj1[0].rewrite_header.sw_if_index;
2739 /* Guess we are only writing on simple Ethernet header. */
2740 vnet_rewrite_two_headers (adj0[0], adj1[0],
2742 sizeof (ethernet_header_t));
2744 vlib_validate_buffer_enqueue_x2 (vm, node, next_index,
2745 to_next, n_left_to_next,
2746 pi0, pi1, next0, next1);
2749 while (n_left_from > 0 && n_left_to_next > 0)
2751 ip_adjacency_t * adj0;
2754 u32 pi0, rw_len0, adj_index0, next0, error0, checksum0;
2757 if (rewrite_for_locally_received_packets)
2760 pi0 = to_next[0] = from[0];
2762 p0 = vlib_get_buffer (vm, pi0);
2764 adj_index0 = vnet_buffer (p0)->ip.adj_index[adj_rx_tx];
2766 /* We should never rewrite a pkt using the MISS adjacency */
2769 adj0 = ip_get_adjacency (lm, adj_index0);
2771 ip0 = vlib_buffer_get_current (p0);
2773 error0 = IP4_ERROR_NONE;
2774 next0 = IP4_REWRITE_NEXT_DROP; /* drop on error */
2776 /* Decrement TTL & update checksum. */
2777 if (! rewrite_for_locally_received_packets)
2779 i32 ttl0 = ip0->ttl;
2781 checksum0 = ip0->checksum + clib_host_to_net_u16 (0x0100);
2783 checksum0 += checksum0 >= 0xffff;
2785 ip0->checksum = checksum0;
2787 ASSERT (ip0->ttl > 0);
2793 ASSERT (ip0->checksum == ip4_header_checksum (ip0));
2795 if (PREDICT_FALSE(ttl0 <= 0))
2798 * If the ttl drops below 1 when forwarding, generate
2801 error0 = IP4_ERROR_TIME_EXPIRED;
2802 next0 = IP4_REWRITE_NEXT_ICMP_ERROR;
2803 vnet_buffer (p0)->sw_if_index[VLIB_TX] = (u32)~0;
2804 icmp4_error_set_vnet_buffer(p0, ICMP4_time_exceeded,
2805 ICMP4_time_exceeded_ttl_exceeded_in_transit, 0);
2809 if (rewrite_for_locally_received_packets)
2812 * If someone sends e.g. an icmp4 w/ src = dst = interface addr,
2813 * we end up here with a local adjacency in hand
2814 * The local adj rewrite data is 0xfefe on purpose.
2815 * Bad engineer, no donut for you.
2817 if (PREDICT_FALSE(adj0->lookup_next_index
2818 == IP_LOOKUP_NEXT_LOCAL))
2819 error0 = IP4_ERROR_SPOOFED_LOCAL_PACKETS;
2821 * We have to override the next_index in ARP adjacencies,
2822 * because they're set up for ip4-arp, not this node...
2824 if (PREDICT_FALSE(adj0->lookup_next_index
2825 == IP_LOOKUP_NEXT_ARP))
2826 next0_override = IP4_REWRITE_NEXT_ARP;
2829 /* Guess we are only writing on simple Ethernet header. */
2830 vnet_rewrite_one_header (adj0[0], ip0,
2831 sizeof (ethernet_header_t));
2833 /* Update packet buffer attributes/set output interface. */
2834 rw_len0 = adj0[0].rewrite_header.data_bytes;
2836 if (PREDICT_FALSE (rw_len0 > sizeof(ethernet_header_t)))
2837 vlib_increment_combined_counter
2838 (&lm->adjacency_counters,
2839 cpu_index, adj_index0,
2840 /* packet increment */ 0,
2841 /* byte increment */ rw_len0-sizeof(ethernet_header_t));
2843 /* Check MTU of outgoing interface. */
2844 error0 = (vlib_buffer_length_in_chain (vm, p0)
2845 > adj0[0].rewrite_header.max_l3_packet_bytes
2846 ? IP4_ERROR_MTU_EXCEEDED
2849 p0->error = error_node->errors[error0];
2851 /* Don't adjust the buffer for ttl issue; icmp-error node wants
2852 * to see the IP headerr */
2853 if (PREDICT_TRUE(error0 == IP4_ERROR_NONE))
2855 p0->current_data -= rw_len0;
2856 p0->current_length += rw_len0;
2858 vnet_buffer (p0)->sw_if_index[VLIB_TX] =
2859 adj0[0].rewrite_header.sw_if_index;
2860 next0 = adj0[0].rewrite_header.next_index;
2863 if (rewrite_for_locally_received_packets)
2864 next0 = next0 && next0_override ? next0_override : next0;
2869 n_left_to_next -= 1;
2871 vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
2872 to_next, n_left_to_next,
2876 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
2879 /* Need to do trace after rewrites to pick up new packet data. */
2880 if (node->flags & VLIB_NODE_FLAG_TRACE)
2881 ip4_forward_next_trace (vm, node, frame, adj_rx_tx);
2883 return frame->n_vectors;
2887 ip4_rewrite_transit (vlib_main_t * vm,
2888 vlib_node_runtime_t * node,
2889 vlib_frame_t * frame)
2891 return ip4_rewrite_inline (vm, node, frame,
2892 /* rewrite_for_locally_received_packets */ 0);
2896 ip4_rewrite_local (vlib_main_t * vm,
2897 vlib_node_runtime_t * node,
2898 vlib_frame_t * frame)
2900 return ip4_rewrite_inline (vm, node, frame,
2901 /* rewrite_for_locally_received_packets */ 1);
2904 VLIB_REGISTER_NODE (ip4_rewrite_node) = {
2905 .function = ip4_rewrite_transit,
2906 .name = "ip4-rewrite-transit",
2907 .vector_size = sizeof (u32),
2909 .format_trace = format_ip4_rewrite_trace,
2913 [IP4_REWRITE_NEXT_DROP] = "error-drop",
2914 [IP4_REWRITE_NEXT_ARP] = "ip4-arp",
2915 [IP4_REWRITE_NEXT_ICMP_ERROR] = "ip4-icmp-error",
2919 VLIB_NODE_FUNCTION_MULTIARCH (ip4_rewrite_node, ip4_rewrite_transit)
2921 VLIB_REGISTER_NODE (ip4_rewrite_local_node) = {
2922 .function = ip4_rewrite_local,
2923 .name = "ip4-rewrite-local",
2924 .vector_size = sizeof (u32),
2926 .sibling_of = "ip4-rewrite-transit",
2928 .format_trace = format_ip4_rewrite_trace,
2933 VLIB_NODE_FUNCTION_MULTIARCH (ip4_rewrite_local_node, ip4_rewrite_local)
2935 static clib_error_t *
2936 add_del_interface_table (vlib_main_t * vm,
2937 unformat_input_t * input,
2938 vlib_cli_command_t * cmd)
2940 vnet_main_t * vnm = vnet_get_main();
2941 clib_error_t * error = 0;
2942 u32 sw_if_index, table_id;
2946 if (! unformat_user (input, unformat_vnet_sw_interface, vnm, &sw_if_index))
2948 error = clib_error_return (0, "unknown interface `%U'",
2949 format_unformat_error, input);
2953 if (unformat (input, "%d", &table_id))
2957 error = clib_error_return (0, "expected table id `%U'",
2958 format_unformat_error, input);
2963 ip4_main_t * im = &ip4_main;
2964 ip4_fib_t * fib = find_ip4_fib_by_table_index_or_id (im, table_id, IP4_ROUTE_FLAG_TABLE_ID);
2968 vec_validate (im->fib_index_by_sw_if_index, sw_if_index);
2969 im->fib_index_by_sw_if_index[sw_if_index] = fib->index;
2977 VLIB_CLI_COMMAND (set_interface_ip_table_command, static) = {
2978 .path = "set interface ip table",
2979 .function = add_del_interface_table,
2980 .short_help = "Add/delete FIB table id for interface",
2985 ip4_lookup_multicast (vlib_main_t * vm,
2986 vlib_node_runtime_t * node,
2987 vlib_frame_t * frame)
2989 ip4_main_t * im = &ip4_main;
2990 ip_lookup_main_t * lm = &im->lookup_main;
2991 vlib_combined_counter_main_t * cm = &im->lookup_main.adjacency_counters;
2992 u32 n_left_from, n_left_to_next, * from, * to_next;
2993 ip_lookup_next_t next;
2994 u32 cpu_index = os_get_cpu_number();
2996 from = vlib_frame_vector_args (frame);
2997 n_left_from = frame->n_vectors;
2998 next = node->cached_next_index;
3000 while (n_left_from > 0)
3002 vlib_get_next_frame (vm, node, next,
3003 to_next, n_left_to_next);
3005 while (n_left_from >= 4 && n_left_to_next >= 2)
3007 vlib_buffer_t * p0, * p1;
3008 u32 pi0, pi1, adj_index0, adj_index1, wrong_next;
3009 ip_lookup_next_t next0, next1;
3010 ip4_header_t * ip0, * ip1;
3011 ip_adjacency_t * adj0, * adj1;
3012 u32 fib_index0, fib_index1;
3013 u32 flow_hash_config0, flow_hash_config1;
3015 /* Prefetch next iteration. */
3017 vlib_buffer_t * p2, * p3;
3019 p2 = vlib_get_buffer (vm, from[2]);
3020 p3 = vlib_get_buffer (vm, from[3]);
3022 vlib_prefetch_buffer_header (p2, LOAD);
3023 vlib_prefetch_buffer_header (p3, LOAD);
3025 CLIB_PREFETCH (p2->data, sizeof (ip0[0]), LOAD);
3026 CLIB_PREFETCH (p3->data, sizeof (ip0[0]), LOAD);
3029 pi0 = to_next[0] = from[0];
3030 pi1 = to_next[1] = from[1];
3032 p0 = vlib_get_buffer (vm, pi0);
3033 p1 = vlib_get_buffer (vm, pi1);
3035 ip0 = vlib_buffer_get_current (p0);
3036 ip1 = vlib_buffer_get_current (p1);
3038 fib_index0 = vec_elt (im->fib_index_by_sw_if_index, vnet_buffer (p0)->sw_if_index[VLIB_RX]);
3039 fib_index1 = vec_elt (im->fib_index_by_sw_if_index, vnet_buffer (p1)->sw_if_index[VLIB_RX]);
3040 fib_index0 = (vnet_buffer(p0)->sw_if_index[VLIB_TX] == (u32)~0) ?
3041 fib_index0 : vnet_buffer(p0)->sw_if_index[VLIB_TX];
3042 fib_index1 = (vnet_buffer(p1)->sw_if_index[VLIB_TX] == (u32)~0) ?
3043 fib_index1 : vnet_buffer(p1)->sw_if_index[VLIB_TX];
3045 adj_index0 = ip4_fib_lookup_buffer (im, fib_index0,
3046 &ip0->dst_address, p0);
3047 adj_index1 = ip4_fib_lookup_buffer (im, fib_index1,
3048 &ip1->dst_address, p1);
3050 adj0 = ip_get_adjacency (lm, adj_index0);
3051 adj1 = ip_get_adjacency (lm, adj_index1);
3053 next0 = adj0->lookup_next_index;
3054 next1 = adj1->lookup_next_index;
3057 vec_elt_at_index (im->fibs, fib_index0)->flow_hash_config;
3060 vec_elt_at_index (im->fibs, fib_index1)->flow_hash_config;
3062 vnet_buffer (p0)->ip.flow_hash = ip4_compute_flow_hash
3063 (ip0, flow_hash_config0);
3065 vnet_buffer (p1)->ip.flow_hash = ip4_compute_flow_hash
3066 (ip1, flow_hash_config1);
3068 ASSERT (adj0->n_adj > 0);
3069 ASSERT (adj1->n_adj > 0);
3070 ASSERT (is_pow2 (adj0->n_adj));
3071 ASSERT (is_pow2 (adj1->n_adj));
3072 adj_index0 += (vnet_buffer (p0)->ip.flow_hash & (adj0->n_adj - 1));
3073 adj_index1 += (vnet_buffer (p1)->ip.flow_hash & (adj1->n_adj - 1));
3075 vnet_buffer (p0)->ip.adj_index[VLIB_TX] = adj_index0;
3076 vnet_buffer (p1)->ip.adj_index[VLIB_TX] = adj_index1;
3078 if (1) /* $$$$$$ HACK FIXME */
3079 vlib_increment_combined_counter
3080 (cm, cpu_index, adj_index0, 1,
3081 vlib_buffer_length_in_chain (vm, p0));
3082 if (1) /* $$$$$$ HACK FIXME */
3083 vlib_increment_combined_counter
3084 (cm, cpu_index, adj_index1, 1,
3085 vlib_buffer_length_in_chain (vm, p1));
3089 n_left_to_next -= 2;
3092 wrong_next = (next0 != next) + 2*(next1 != next);
3093 if (PREDICT_FALSE (wrong_next != 0))
3101 n_left_to_next += 1;
3102 vlib_set_next_frame_buffer (vm, node, next0, pi0);
3108 n_left_to_next += 1;
3109 vlib_set_next_frame_buffer (vm, node, next1, pi1);
3115 n_left_to_next += 2;
3116 vlib_set_next_frame_buffer (vm, node, next0, pi0);
3117 vlib_set_next_frame_buffer (vm, node, next1, pi1);
3121 vlib_put_next_frame (vm, node, next, n_left_to_next);
3123 vlib_get_next_frame (vm, node, next, to_next, n_left_to_next);
3129 while (n_left_from > 0 && n_left_to_next > 0)
3133 u32 pi0, adj_index0;
3134 ip_lookup_next_t next0;
3135 ip_adjacency_t * adj0;
3137 u32 flow_hash_config0;
3142 p0 = vlib_get_buffer (vm, pi0);
3144 ip0 = vlib_buffer_get_current (p0);
3146 fib_index0 = vec_elt (im->fib_index_by_sw_if_index,
3147 vnet_buffer (p0)->sw_if_index[VLIB_RX]);
3148 fib_index0 = (vnet_buffer(p0)->sw_if_index[VLIB_TX] == (u32)~0) ?
3149 fib_index0 : vnet_buffer(p0)->sw_if_index[VLIB_TX];
3151 adj_index0 = ip4_fib_lookup_buffer (im, fib_index0,
3152 &ip0->dst_address, p0);
3154 adj0 = ip_get_adjacency (lm, adj_index0);
3156 next0 = adj0->lookup_next_index;
3159 vec_elt_at_index (im->fibs, fib_index0)->flow_hash_config;
3161 vnet_buffer (p0)->ip.flow_hash =
3162 ip4_compute_flow_hash (ip0, flow_hash_config0);
3164 ASSERT (adj0->n_adj > 0);
3165 ASSERT (is_pow2 (adj0->n_adj));
3166 adj_index0 += (vnet_buffer (p0)->ip.flow_hash & (adj0->n_adj - 1));
3168 vnet_buffer (p0)->ip.adj_index[VLIB_TX] = adj_index0;
3170 if (1) /* $$$$$$ HACK FIXME */
3171 vlib_increment_combined_counter
3172 (cm, cpu_index, adj_index0, 1,
3173 vlib_buffer_length_in_chain (vm, p0));
3177 n_left_to_next -= 1;
3180 if (PREDICT_FALSE (next0 != next))
3182 n_left_to_next += 1;
3183 vlib_put_next_frame (vm, node, next, n_left_to_next);
3185 vlib_get_next_frame (vm, node, next,
3186 to_next, n_left_to_next);
3189 n_left_to_next -= 1;
3193 vlib_put_next_frame (vm, node, next, n_left_to_next);
3196 if (node->flags & VLIB_NODE_FLAG_TRACE)
3197 ip4_forward_next_trace(vm, node, frame, VLIB_TX);
3199 return frame->n_vectors;
3202 VLIB_REGISTER_NODE (ip4_lookup_multicast_node,static) = {
3203 .function = ip4_lookup_multicast,
3204 .name = "ip4-lookup-multicast",
3205 .vector_size = sizeof (u32),
3206 .sibling_of = "ip4-lookup",
3207 .format_trace = format_ip4_lookup_trace,
3212 VLIB_NODE_FUNCTION_MULTIARCH (ip4_lookup_multicast_node, ip4_lookup_multicast)
3214 VLIB_REGISTER_NODE (ip4_multicast_node,static) = {
3215 .function = ip4_drop,
3216 .name = "ip4-multicast",
3217 .vector_size = sizeof (u32),
3219 .format_trace = format_ip4_forward_next_trace,
3227 int ip4_lookup_validate (ip4_address_t *a, u32 fib_index0)
3229 ip4_main_t * im = &ip4_main;
3230 ip4_fib_mtrie_t * mtrie0;
3231 ip4_fib_mtrie_leaf_t leaf0;
3234 mtrie0 = &vec_elt_at_index (im->fibs, fib_index0)->mtrie;
3236 leaf0 = IP4_FIB_MTRIE_LEAF_ROOT;
3237 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, a, 0);
3238 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, a, 1);
3239 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, a, 2);
3240 leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, a, 3);
3242 /* Handle default route. */
3243 leaf0 = (leaf0 == IP4_FIB_MTRIE_LEAF_EMPTY ? mtrie0->default_leaf : leaf0);
3245 adj_index0 = ip4_fib_mtrie_leaf_get_adj_index (leaf0);
3247 return adj_index0 == ip4_fib_lookup_with_table (im, fib_index0,
3249 /* no_default_route */ 0);
3252 static clib_error_t *
3253 test_lookup_command_fn (vlib_main_t * vm,
3254 unformat_input_t * input,
3255 vlib_cli_command_t * cmd)
3261 ip4_address_t ip4_base_address;
3264 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) {
3265 if (unformat (input, "table %d", &table_id))
3267 else if (unformat (input, "count %f", &count))
3270 else if (unformat (input, "%U",
3271 unformat_ip4_address, &ip4_base_address))
3274 return clib_error_return (0, "unknown input `%U'",
3275 format_unformat_error, input);
3280 for (i = 0; i < n; i++)
3282 if (!ip4_lookup_validate (&ip4_base_address, table_id))
3285 ip4_base_address.as_u32 =
3286 clib_host_to_net_u32 (1 +
3287 clib_net_to_host_u32 (ip4_base_address.as_u32));
3291 vlib_cli_output (vm, "%llu errors out of %d lookups\n", errors, n);
3293 vlib_cli_output (vm, "No errors in %d lookups\n", n);
3298 VLIB_CLI_COMMAND (lookup_test_command, static) = {
3299 .path = "test lookup",
3300 .short_help = "test lookup",
3301 .function = test_lookup_command_fn,
3304 int vnet_set_ip4_flow_hash (u32 table_id, u32 flow_hash_config)
3306 ip4_main_t * im4 = &ip4_main;
3308 uword * p = hash_get (im4->fib_index_by_table_id, table_id);
3311 return VNET_API_ERROR_NO_SUCH_FIB;
3313 fib = vec_elt_at_index (im4->fibs, p[0]);
3315 fib->flow_hash_config = flow_hash_config;
3319 static clib_error_t *
3320 set_ip_flow_hash_command_fn (vlib_main_t * vm,
3321 unformat_input_t * input,
3322 vlib_cli_command_t * cmd)
3326 u32 flow_hash_config = 0;
3329 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) {
3330 if (unformat (input, "table %d", &table_id))
3333 else if (unformat (input, #a)) { flow_hash_config |= v; matched=1;}
3334 foreach_flow_hash_bit
3340 return clib_error_return (0, "unknown input `%U'",
3341 format_unformat_error, input);
3343 rv = vnet_set_ip4_flow_hash (table_id, flow_hash_config);
3349 case VNET_API_ERROR_NO_SUCH_FIB:
3350 return clib_error_return (0, "no such FIB table %d", table_id);
3353 clib_warning ("BUG: illegal flow hash config 0x%x", flow_hash_config);
3360 VLIB_CLI_COMMAND (set_ip_flow_hash_command, static) = {
3361 .path = "set ip flow-hash",
3363 "set ip table flow-hash table <fib-id> src dst sport dport proto reverse",
3364 .function = set_ip_flow_hash_command_fn,
3367 int vnet_set_ip4_classify_intfc (vlib_main_t * vm, u32 sw_if_index,
3370 vnet_main_t * vnm = vnet_get_main();
3371 vnet_interface_main_t * im = &vnm->interface_main;
3372 ip4_main_t * ipm = &ip4_main;
3373 ip_lookup_main_t * lm = &ipm->lookup_main;
3374 vnet_classify_main_t * cm = &vnet_classify_main;
3376 if (pool_is_free_index (im->sw_interfaces, sw_if_index))
3377 return VNET_API_ERROR_NO_MATCHING_INTERFACE;
3379 if (table_index != ~0 && pool_is_free_index (cm->tables, table_index))
3380 return VNET_API_ERROR_NO_SUCH_ENTRY;
3382 vec_validate (lm->classify_table_index_by_sw_if_index, sw_if_index);
3383 lm->classify_table_index_by_sw_if_index [sw_if_index] = table_index;
3388 static clib_error_t *
3389 set_ip_classify_command_fn (vlib_main_t * vm,
3390 unformat_input_t * input,
3391 vlib_cli_command_t * cmd)
3393 u32 table_index = ~0;
3394 int table_index_set = 0;
3395 u32 sw_if_index = ~0;
3398 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) {
3399 if (unformat (input, "table-index %d", &table_index))
3400 table_index_set = 1;
3401 else if (unformat (input, "intfc %U", unformat_vnet_sw_interface,
3402 vnet_get_main(), &sw_if_index))
3408 if (table_index_set == 0)
3409 return clib_error_return (0, "classify table-index must be specified");
3411 if (sw_if_index == ~0)
3412 return clib_error_return (0, "interface / subif must be specified");
3414 rv = vnet_set_ip4_classify_intfc (vm, sw_if_index, table_index);
3421 case VNET_API_ERROR_NO_MATCHING_INTERFACE:
3422 return clib_error_return (0, "No such interface");
3424 case VNET_API_ERROR_NO_SUCH_ENTRY:
3425 return clib_error_return (0, "No such classifier table");
3430 VLIB_CLI_COMMAND (set_ip_classify_command, static) = {
3431 .path = "set ip classify",
3433 "set ip classify intfc <int> table-index <index>",
3434 .function = set_ip_classify_command_fn,
Code Review / vpp.git / blob