2 * Copyright (c) 2015 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
16 * ip/ip6_forward.c: IP v6 forwarding
18 * Copyright (c) 2008 Eliot Dresselhaus
20 * Permission is hereby granted, free of charge, to any person obtaining
21 * a copy of this software and associated documentation files (the
22 * "Software"), to deal in the Software without restriction, including
23 * without limitation the rights to use, copy, modify, merge, publish,
24 * distribute, sublicense, and/or sell copies of the Software, and to
25 * permit persons to whom the Software is furnished to do so, subject to
26 * the following conditions:
28 * The above copyright notice and this permission notice shall be
29 * included in all copies or substantial portions of the Software.
31 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
32 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
33 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
34 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
35 * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
36 * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
37 * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
40 #include <vnet/vnet.h>
41 #include <vnet/ip/ip.h>
42 #include <vnet/ethernet/ethernet.h> /* for ethernet_header_t */
43 #include <vnet/srp/srp.h> /* for srp_hw_interface_class */
44 #include <vppinfra/cache.h>
46 #include <vppinfra/bihash_template.c>
48 static void compute_prefix_lengths_in_search_order (ip6_main_t * im)
51 vec_reset_length (im->prefix_lengths_in_search_order);
52 /* Note: bitmap reversed so this is in fact a longest prefix match */
53 clib_bitmap_foreach (i, im->non_empty_dst_address_length_bitmap,
55 int dst_address_length = 128 - i;
56 vec_add1 (im->prefix_lengths_in_search_order, dst_address_length);
61 ip6_fib_lookup_with_table (ip6_main_t * im, u32 fib_index, ip6_address_t * dst)
63 ip_lookup_main_t * lm = &im->lookup_main;
66 BVT(clib_bihash_kv) kv, value;
69 len = vec_len (im->prefix_lengths_in_search_order);
71 kv.key[0] = dst->as_u64[0];
72 kv.key[1] = dst->as_u64[1];
73 fib = ((u64)((fib_index))<<32);
75 for (i = 0; i < len; i++)
77 int dst_address_length = im->prefix_lengths_in_search_order[i];
78 ip6_address_t * mask = &im->fib_masks[dst_address_length];
80 ASSERT(dst_address_length >= 0 && dst_address_length <= 128);
81 //As lengths are decreasing, masks are increasingly specific.
82 kv.key[0] &= mask->as_u64[0];
83 kv.key[1] &= mask->as_u64[1];
84 kv.key[2] = fib | dst_address_length;
86 rv = BV(clib_bihash_search_inline_2)(&im->ip6_lookup_table, &kv, &value);
91 return lm->miss_adj_index;
94 u32 ip6_fib_lookup (ip6_main_t * im, u32 sw_if_index, ip6_address_t * dst)
96 u32 fib_index = vec_elt (im->fib_index_by_sw_if_index, sw_if_index);
97 return ip6_fib_lookup_with_table (im, fib_index, dst);
101 vnet_ip6_fib_init (ip6_main_t * im, u32 fib_index)
103 ip_lookup_main_t * lm = &im->lookup_main;
104 ip6_add_del_route_args_t a;
105 ip_adjacency_t * adj;
107 memset(&a, 0x0, sizeof(ip6_add_del_route_args_t));
109 a.table_index_or_table_id = fib_index;
110 a.flags = (IP6_ROUTE_FLAG_ADD
111 | IP6_ROUTE_FLAG_FIB_INDEX
112 | IP6_ROUTE_FLAG_KEEP_OLD_ADJACENCY
113 | IP6_ROUTE_FLAG_NO_REDISTRIBUTE);
115 /* Add ff02::1:ff00:0/104 via local route for all tables.
116 This is required for neighbor discovery to work. */
117 adj = ip_add_adjacency (lm, /* template */ 0, /* block size */ 1,
119 adj->lookup_next_index = IP_LOOKUP_NEXT_LOCAL;
120 adj->if_address_index = ~0;
121 adj->rewrite_header.data_bytes = 0;
123 ip6_set_solicited_node_multicast_address (&a.dst_address, 0);
125 a.dst_address_length = 104;
126 ip6_add_del_route (im, &a);
128 /* Add all-routers multicast address via local route for all tables */
129 adj = ip_add_adjacency (lm, /* template */ 0, /* block size */ 1,
131 adj->lookup_next_index = IP_LOOKUP_NEXT_LOCAL;
132 adj->if_address_index = ~0;
133 adj->rewrite_header.data_bytes = 0;
135 ip6_set_reserved_multicast_address (&a.dst_address,
136 IP6_MULTICAST_SCOPE_link_local,
137 IP6_MULTICAST_GROUP_ID_all_routers);
139 a.dst_address_length = 128;
140 ip6_add_del_route (im, &a);
142 /* Add all-nodes multicast address via local route for all tables */
143 adj = ip_add_adjacency (lm, /* template */ 0, /* block size */ 1,
145 adj->lookup_next_index = IP_LOOKUP_NEXT_LOCAL;
146 adj->if_address_index = ~0;
147 adj->rewrite_header.data_bytes = 0;
149 ip6_set_reserved_multicast_address (&a.dst_address,
150 IP6_MULTICAST_SCOPE_link_local,
151 IP6_MULTICAST_GROUP_ID_all_hosts);
153 a.dst_address_length = 128;
154 ip6_add_del_route (im, &a);
156 /* Add all-mldv2 multicast address via local route for all tables */
157 adj = ip_add_adjacency (lm, /* template */ 0, /* block size */ 1,
159 adj->lookup_next_index = IP_LOOKUP_NEXT_LOCAL;
160 adj->if_address_index = ~0;
161 adj->rewrite_header.data_bytes = 0;
163 ip6_set_reserved_multicast_address (&a.dst_address,
164 IP6_MULTICAST_SCOPE_link_local,
165 IP6_MULTICAST_GROUP_ID_mldv2_routers);
167 a.dst_address_length = 128;
168 ip6_add_del_route (im, &a);
172 create_fib_with_table_id (ip6_main_t * im, u32 table_id)
175 hash_set (im->fib_index_by_table_id, table_id, vec_len (im->fibs));
176 vec_add2 (im->fibs, fib, 1);
177 fib->table_id = table_id;
178 fib->index = fib - im->fibs;
179 fib->flow_hash_config = IP_FLOW_HASH_DEFAULT;
180 vnet_ip6_fib_init (im, fib->index);
185 find_ip6_fib_by_table_index_or_id (ip6_main_t * im, u32 table_index_or_id, u32 flags)
187 uword * p, fib_index;
189 fib_index = table_index_or_id;
190 if (! (flags & IP6_ROUTE_FLAG_FIB_INDEX))
192 if (table_index_or_id == ~0) {
193 table_index_or_id = 0;
194 while (hash_get (im->fib_index_by_table_id, table_index_or_id)) {
197 return create_fib_with_table_id (im, table_index_or_id);
200 p = hash_get (im->fib_index_by_table_id, table_index_or_id);
202 return create_fib_with_table_id (im, table_index_or_id);
205 return vec_elt_at_index (im->fibs, fib_index);
208 void ip6_add_del_route (ip6_main_t * im, ip6_add_del_route_args_t * a)
210 ip_lookup_main_t * lm = &im->lookup_main;
212 ip6_address_t dst_address;
213 u32 dst_address_length, adj_index;
215 u32 old_adj_index = ~0;
216 BVT(clib_bihash_kv) kv, value;
218 vlib_smp_unsafe_warning();
220 is_del = (a->flags & IP6_ROUTE_FLAG_DEL) != 0;
222 /* Either create new adjacency or use given one depending on arguments. */
223 if (a->n_add_adj > 0)
225 ip_add_adjacency (lm, a->add_adj, a->n_add_adj, &adj_index);
226 ip_call_add_del_adjacency_callbacks (lm, adj_index, /* is_del */ 0);
229 adj_index = a->adj_index;
231 dst_address = a->dst_address;
232 dst_address_length = a->dst_address_length;
233 fib = find_ip6_fib_by_table_index_or_id (im, a->table_index_or_table_id,
236 ASSERT (dst_address_length < ARRAY_LEN (im->fib_masks));
237 ip6_address_mask (&dst_address, &im->fib_masks[dst_address_length]);
239 /* refcount accounting */
242 ASSERT (im->dst_address_length_refcounts[dst_address_length] > 0);
243 if (--im->dst_address_length_refcounts[dst_address_length] == 0)
245 im->non_empty_dst_address_length_bitmap =
246 clib_bitmap_set (im->non_empty_dst_address_length_bitmap,
247 128 - dst_address_length, 0);
248 compute_prefix_lengths_in_search_order (im);
253 im->dst_address_length_refcounts[dst_address_length]++;
255 im->non_empty_dst_address_length_bitmap =
256 clib_bitmap_set (im->non_empty_dst_address_length_bitmap,
257 128 - dst_address_length, 1);
258 compute_prefix_lengths_in_search_order (im);
261 kv.key[0] = dst_address.as_u64[0];
262 kv.key[1] = dst_address.as_u64[1];
263 kv.key[2] = ((u64)((fib - im->fibs))<<32) | dst_address_length;
265 if (BV(clib_bihash_search)(&im->ip6_lookup_table, &kv, &value) == 0)
266 old_adj_index = value.value;
269 BV(clib_bihash_add_del) (&im->ip6_lookup_table, &kv, 0 /* is_add */);
272 /* Make sure adj index is valid. */
274 (void) ip_get_adjacency (lm, adj_index);
276 kv.value = adj_index;
278 BV(clib_bihash_add_del) (&im->ip6_lookup_table, &kv, 1 /* is_add */);
281 /* Avoid spurious reference count increments */
282 if (old_adj_index == adj_index
284 && !(a->flags & IP6_ROUTE_FLAG_KEEP_OLD_ADJACENCY))
286 ip_adjacency_t * adj = ip_get_adjacency (lm, adj_index);
287 if (adj->share_count > 0)
291 /* Delete old adjacency index if present and changed. */
293 if (! (a->flags & IP6_ROUTE_FLAG_KEEP_OLD_ADJACENCY)
294 && old_adj_index != ~0
295 && old_adj_index != adj_index)
296 ip_del_adjacency (lm, old_adj_index);
301 ip6_add_del_route_next_hop (ip6_main_t * im,
303 ip6_address_t * dst_address,
304 u32 dst_address_length,
305 ip6_address_t * next_hop,
306 u32 next_hop_sw_if_index,
307 u32 next_hop_weight, u32 adj_index,
308 u32 explicit_fib_index)
310 vnet_main_t * vnm = vnet_get_main();
311 ip_lookup_main_t * lm = &im->lookup_main;
314 ip6_address_t masked_dst_address;
315 u32 old_mp_adj_index, new_mp_adj_index;
316 u32 dst_adj_index, nh_adj_index;
318 ip_adjacency_t * dst_adj;
319 ip_multipath_adjacency_t * old_mp, * new_mp;
320 int is_del = (flags & IP6_ROUTE_FLAG_DEL) != 0;
321 int is_interface_next_hop;
322 clib_error_t * error = 0;
324 BVT(clib_bihash_kv) kv, value;
326 vlib_smp_unsafe_warning();
328 if (explicit_fib_index == (u32)~0)
329 fib_index = vec_elt (im->fib_index_by_sw_if_index, next_hop_sw_if_index);
331 fib_index = explicit_fib_index;
333 fib = vec_elt_at_index (im->fibs, fib_index);
335 /* Lookup next hop to be added or deleted. */
336 is_interface_next_hop = ip6_address_is_zero (next_hop);
337 if (adj_index == (u32)~0)
339 if (is_interface_next_hop)
341 nh_result = hash_get (im->interface_route_adj_index_by_sw_if_index,
342 next_hop_sw_if_index);
344 nh_adj_index = *nh_result;
347 ip_adjacency_t * adj;
348 adj = ip_add_adjacency (lm, /* template */ 0, /* block size */ 1,
350 ip6_adjacency_set_interface_route (vnm, adj,
351 next_hop_sw_if_index, ~0);
352 ip_call_add_del_adjacency_callbacks
353 (lm, next_hop_sw_if_index, /* is_del */ 0);
354 hash_set (im->interface_route_adj_index_by_sw_if_index,
355 next_hop_sw_if_index, nh_adj_index);
360 /* Look for the interface /128 route */
361 kv.key[0] = next_hop->as_u64[0];
362 kv.key[1] = next_hop->as_u64[1];
363 kv.key[2] = ((u64)((fib - im->fibs))<<32) | 128;
365 if (BV(clib_bihash_search)(&im->ip6_lookup_table, &kv, &value) < 0)
367 ip_adjacency_t * adj;
368 nh_adj_index = ip6_fib_lookup_with_table (im, fib_index, next_hop);
369 adj = ip_get_adjacency (lm, nh_adj_index);
370 /* if ND interface adjacencty is present, we need to
371 install ND adjaceny for specific next hop */
372 if (adj->lookup_next_index == IP_LOOKUP_NEXT_ARP &&
373 adj->arp.next_hop.ip6.as_u64[0] == 0 &&
374 adj->arp.next_hop.ip6.as_u64[1] == 0)
376 nh_adj_index = vnet_ip6_neighbor_glean_add(fib_index, next_hop);
380 ip_adjacency_t add_adj;
381 add_adj.lookup_next_index = IP_LOOKUP_NEXT_INDIRECT;
382 add_adj.indirect.next_hop.ip6.as_u64[0] = next_hop->as_u64[0];
383 add_adj.indirect.next_hop.ip6.as_u64[1] = next_hop->as_u64[1];
384 add_adj.explicit_fib_index = explicit_fib_index;
385 ip_add_adjacency (lm, &add_adj, 1, &nh_adj_index);
389 nh_adj_index = value.value;
395 /* Look for the interface /128 route */
396 kv.key[0] = next_hop->as_u64[0];
397 kv.key[1] = next_hop->as_u64[1];
398 kv.key[2] = ((u64)((fib - im->fibs))<<32) | 128;
400 if (BV(clib_bihash_search)(&im->ip6_lookup_table, &kv, &value) < 0)
402 vnm->api_errno = VNET_API_ERROR_UNKNOWN_DESTINATION;
403 error = clib_error_return (0, "next-hop %U/128 not in FIB",
404 format_ip6_address, next_hop);
408 nh_adj_index = value.value;
411 ASSERT (dst_address_length < ARRAY_LEN (im->fib_masks));
412 masked_dst_address = dst_address[0];
413 ip6_address_mask (&masked_dst_address, &im->fib_masks[dst_address_length]);
415 kv.key[0] = masked_dst_address.as_u64[0];
416 kv.key[1] = masked_dst_address.as_u64[1];
417 kv.key[2] = ((u64)((fib - im->fibs))<<32) | dst_address_length;
419 rv = BV(clib_bihash_search)(&im->ip6_lookup_table, &kv, &value);
423 dst_adj_index = value.value;
424 dst_adj = ip_get_adjacency (lm, dst_adj_index);
428 /* For deletes destination must be known. */
431 vnm->api_errno = VNET_API_ERROR_UNKNOWN_DESTINATION;
432 error = clib_error_return (0, "unknown destination %U/%d",
433 format_ip6_address, dst_address,
442 /* Ignore adds of X/128 with next hop of X. */
444 && dst_address_length == 128
445 && ip6_address_is_equal (dst_address, next_hop))
447 vnm->api_errno = VNET_API_ERROR_PREFIX_MATCHES_NEXT_HOP;
448 error = clib_error_return (0, "prefix matches next hop %U/%d",
449 format_ip6_address, dst_address,
454 /* Destination is not known and default weight is set so add route
455 to existing non-multipath adjacency */
456 if (dst_adj_index == ~0 && next_hop_weight == 1 && next_hop_sw_if_index == ~0)
458 /* create new adjacency */
459 ip6_add_del_route_args_t a;
460 a.table_index_or_table_id = fib_index;
461 a.flags = ((is_del ? IP6_ROUTE_FLAG_DEL : IP6_ROUTE_FLAG_ADD)
462 | IP6_ROUTE_FLAG_FIB_INDEX
463 | IP6_ROUTE_FLAG_KEEP_OLD_ADJACENCY
464 | (flags & (IP6_ROUTE_FLAG_NO_REDISTRIBUTE
465 | IP6_ROUTE_FLAG_NOT_LAST_IN_GROUP)));
466 a.dst_address = dst_address[0];
467 a.dst_address_length = dst_address_length;
468 a.adj_index = nh_adj_index;
472 ip6_add_del_route (im, &a);
476 old_mp_adj_index = dst_adj ? dst_adj->heap_handle : ~0;
478 if (! ip_multipath_adjacency_add_del_next_hop
480 dst_adj ? dst_adj->heap_handle : ~0,
485 vnm->api_errno = VNET_API_ERROR_NEXT_HOP_NOT_FOUND_MP;
486 error = clib_error_return
487 (0, "requested deleting next-hop %U not found in multi-path",
488 format_ip6_address, next_hop);
493 if (old_mp_adj_index != ~0)
494 old_mp = vec_elt_at_index (lm->multipath_adjacencies, old_mp_adj_index);
495 if (new_mp_adj_index != ~0)
496 new_mp = vec_elt_at_index (lm->multipath_adjacencies, new_mp_adj_index);
498 if (old_mp != new_mp)
500 ip6_add_del_route_args_t a;
501 a.table_index_or_table_id = fib_index;
502 a.flags = ((is_del ? IP6_ROUTE_FLAG_DEL : IP6_ROUTE_FLAG_ADD)
503 | IP6_ROUTE_FLAG_FIB_INDEX
504 | IP6_ROUTE_FLAG_KEEP_OLD_ADJACENCY
505 | (flags & IP6_ROUTE_FLAG_NO_REDISTRIBUTE));
506 a.dst_address = dst_address[0];
507 a.dst_address_length = dst_address_length;
508 a.adj_index = new_mp ? new_mp->adj_index : dst_adj_index;
512 ip6_add_del_route (im, &a);
517 clib_error_report (error);
521 ip6_get_route (ip6_main_t * im,
522 u32 table_index_or_table_id,
524 ip6_address_t * address,
527 ip6_fib_t * fib = find_ip6_fib_by_table_index_or_id (im, table_index_or_table_id, flags);
528 ip6_address_t masked_address;
529 BVT(clib_bihash_kv) kv, value;
531 ASSERT (address_length < ARRAY_LEN (im->fib_masks));
532 clib_memcpy (&masked_address, address, sizeof (masked_address));
533 ip6_address_mask (&masked_address, &im->fib_masks[address_length]);
535 kv.key[0] = masked_address.as_u64[0];
536 kv.key[1] = masked_address.as_u64[1];
537 kv.key[2] = ((u64)((fib - im->fibs))<<32) | address_length;
539 if (BV(clib_bihash_search)(&im->ip6_lookup_table, &kv, &value) == 0)
540 return (value.value);
545 ip6_foreach_matching_route (ip6_main_t * im,
546 u32 table_index_or_table_id,
548 ip6_address_t * dst_address,
550 ip6_address_t ** results,
551 u8 ** result_lengths)
554 find_ip6_fib_by_table_index_or_id (im, table_index_or_table_id, flags);
555 BVT(clib_bihash) * h = &im->ip6_lookup_table;
556 BVT(clib_bihash_value) * v;
557 clib_bihash_bucket_t * b;
561 _vec_len (*results) = 0;
563 _vec_len (*result_lengths) = 0;
565 /* Walk the table looking for routes which match the supplied address */
566 for (i = 0; i < h->nbuckets; i++)
572 v = BV(clib_bihash_get_value) (h, b->offset);
573 for (j = 0; j < (1<<b->log2_pages); j++)
575 for (k = 0; k < BIHASH_KVP_PER_PAGE; k++)
577 if (BV(clib_bihash_is_free)(&v->kvp[k]))
580 if ((v->kvp[k].key[2]
581 == (((u64)((fib - im->fibs))<<32) | address_length))
582 && ip6_destination_matches_route
583 (im, dst_address, (ip6_address_t *) &v->kvp[k],
588 a = (ip6_address_t *)(&v->kvp[k]);
590 vec_add1 (*results, a[0]);
591 vec_add1 (*result_lengths, address_length);
599 void ip6_maybe_remap_adjacencies (ip6_main_t * im,
600 u32 table_index_or_table_id,
605 = find_ip6_fib_by_table_index_or_id (im, table_index_or_table_id, flags);
607 ip_lookup_main_t * lm = &im->lookup_main;
609 if (lm->n_adjacency_remaps == 0)
612 clib_warning ("unimplemented, please report to vpp-dev@cisco.com");
614 /* All remaps have been performed. */
615 lm->n_adjacency_remaps = 0;
618 void ip6_delete_matching_routes (ip6_main_t * im,
619 u32 table_index_or_table_id,
621 ip6_address_t * address,
624 /* $$$$ static may be OK - this should happen only on thread 0 */
625 static ip6_address_t * matching_addresses;
626 static u8 * matching_address_lengths;
628 ip6_add_del_route_args_t a;
630 vlib_smp_unsafe_warning();
632 a.flags = IP6_ROUTE_FLAG_DEL | IP6_ROUTE_FLAG_NO_REDISTRIBUTE | flags;
633 a.table_index_or_table_id = table_index_or_table_id;
638 for (l = address_length + 1; l <= 128; l++)
640 ip6_foreach_matching_route (im, table_index_or_table_id, flags,
644 &matching_address_lengths);
645 for (i = 0; i < vec_len (matching_addresses); i++)
647 a.dst_address = matching_addresses[i];
648 a.dst_address_length = matching_address_lengths[i];
649 ip6_add_del_route (im, &a);
653 ip6_maybe_remap_adjacencies (im, table_index_or_table_id, flags);
657 ip6_lookup_inline (vlib_main_t * vm,
658 vlib_node_runtime_t * node,
659 vlib_frame_t * frame,
662 ip6_main_t * im = &ip6_main;
663 ip_lookup_main_t * lm = &im->lookup_main;
664 vlib_combined_counter_main_t * cm = &im->lookup_main.adjacency_counters;
665 u32 n_left_from, n_left_to_next, * from, * to_next;
666 ip_lookup_next_t next;
667 u32 cpu_index = os_get_cpu_number();
669 from = vlib_frame_vector_args (frame);
670 n_left_from = frame->n_vectors;
671 next = node->cached_next_index;
673 while (n_left_from > 0)
675 vlib_get_next_frame (vm, node, next,
676 to_next, n_left_to_next);
678 while (n_left_from >= 4 && n_left_to_next >= 2)
680 vlib_buffer_t * p0, * p1;
681 u32 pi0, pi1, adj_index0, adj_index1, wrong_next;
682 ip_lookup_next_t next0, next1;
683 ip6_header_t * ip0, * ip1;
684 ip_adjacency_t * adj0, * adj1;
685 ip6_address_t * dst_addr0, * dst_addr1;
686 u32 fib_index0, fib_index1;
687 u32 flow_hash_config0, flow_hash_config1;
689 /* Prefetch next iteration. */
691 vlib_buffer_t * p2, * p3;
693 p2 = vlib_get_buffer (vm, from[2]);
694 p3 = vlib_get_buffer (vm, from[3]);
696 vlib_prefetch_buffer_header (p2, LOAD);
697 vlib_prefetch_buffer_header (p3, LOAD);
698 CLIB_PREFETCH (p2->data, sizeof (ip0[0]), LOAD);
699 CLIB_PREFETCH (p3->data, sizeof (ip0[0]), LOAD);
702 pi0 = to_next[0] = from[0];
703 pi1 = to_next[1] = from[1];
705 p0 = vlib_get_buffer (vm, pi0);
706 p1 = vlib_get_buffer (vm, pi1);
708 ip0 = vlib_buffer_get_current (p0);
709 ip1 = vlib_buffer_get_current (p1);
713 ip_adjacency_t * iadj0, * iadj1;
714 iadj0 = ip_get_adjacency (lm, vnet_buffer(p0)->ip.adj_index[VLIB_TX]);
715 iadj1 = ip_get_adjacency (lm, vnet_buffer(p1)->ip.adj_index[VLIB_TX]);
716 dst_addr0 = &iadj0->indirect.next_hop.ip6;
717 dst_addr1 = &iadj1->indirect.next_hop.ip6;
721 dst_addr0 = &ip0->dst_address;
722 dst_addr1 = &ip1->dst_address;
725 fib_index0 = vec_elt (im->fib_index_by_sw_if_index, vnet_buffer (p0)->sw_if_index[VLIB_RX]);
726 fib_index1 = vec_elt (im->fib_index_by_sw_if_index, vnet_buffer (p1)->sw_if_index[VLIB_RX]);
728 fib_index0 = (vnet_buffer(p0)->sw_if_index[VLIB_TX] == (u32)~0) ?
729 fib_index0 : vnet_buffer(p0)->sw_if_index[VLIB_TX];
730 fib_index1 = (vnet_buffer(p1)->sw_if_index[VLIB_TX] == (u32)~0) ?
731 fib_index1 : vnet_buffer(p1)->sw_if_index[VLIB_TX];
733 adj_index0 = ip6_fib_lookup_with_table (im, fib_index0, dst_addr0);
734 adj_index1 = ip6_fib_lookup_with_table (im, fib_index1, dst_addr1);
736 adj0 = ip_get_adjacency (lm, adj_index0);
737 adj1 = ip_get_adjacency (lm, adj_index1);
739 if (PREDICT_FALSE (adj0->explicit_fib_index != ~0))
741 adj_index0 = ip6_fib_lookup_with_table
742 (im, adj0->explicit_fib_index, dst_addr0);
743 adj0 = ip_get_adjacency (lm, adj_index0);
745 if (PREDICT_FALSE (adj1->explicit_fib_index != ~0))
747 adj_index1 = ip6_fib_lookup_with_table
748 (im, adj1->explicit_fib_index, dst_addr1);
749 adj1 = ip_get_adjacency (lm, adj_index1);
752 next0 = adj0->lookup_next_index;
753 next1 = adj1->lookup_next_index;
755 /* Process hop-by-hop options if present */
756 next0 = (ip0->protocol == IP_PROTOCOL_IP6_HOP_BY_HOP_OPTIONS) ?
757 IP_LOOKUP_NEXT_HOP_BY_HOP : next0;
758 next1 = (ip1->protocol == IP_PROTOCOL_IP6_HOP_BY_HOP_OPTIONS) ?
759 IP_LOOKUP_NEXT_HOP_BY_HOP : next1;
761 vnet_buffer (p0)->ip.flow_hash =
762 vnet_buffer(p1)->ip.flow_hash = 0;
764 if (PREDICT_FALSE(adj0->n_adj > 1))
767 vec_elt_at_index (im->fibs,fib_index0)->flow_hash_config;
768 vnet_buffer (p0)->ip.flow_hash =
769 ip6_compute_flow_hash (ip0, flow_hash_config0);
772 if (PREDICT_FALSE(adj1->n_adj > 1))
775 vec_elt_at_index (im->fibs,fib_index0)->flow_hash_config;
777 vnet_buffer (p1)->ip.flow_hash =
778 ip6_compute_flow_hash (ip1, flow_hash_config1);
781 ASSERT (adj0->n_adj > 0);
782 ASSERT (adj1->n_adj > 0);
783 ASSERT (is_pow2 (adj0->n_adj));
784 ASSERT (is_pow2 (adj1->n_adj));
785 adj_index0 += (vnet_buffer (p0)->ip.flow_hash & (adj0->n_adj - 1));
786 adj_index1 += (vnet_buffer (p1)->ip.flow_hash & (adj1->n_adj - 1));
788 vnet_buffer (p0)->ip.adj_index[VLIB_TX] = adj_index0;
789 vnet_buffer (p1)->ip.adj_index[VLIB_TX] = adj_index1;
791 vlib_increment_combined_counter
792 (cm, cpu_index, adj_index0, 1,
793 vlib_buffer_length_in_chain (vm, p0));
794 vlib_increment_combined_counter
795 (cm, cpu_index, adj_index1, 1,
796 vlib_buffer_length_in_chain (vm, p1));
803 wrong_next = (next0 != next) + 2*(next1 != next);
804 if (PREDICT_FALSE (wrong_next != 0))
813 vlib_set_next_frame_buffer (vm, node, next0, pi0);
820 vlib_set_next_frame_buffer (vm, node, next1, pi1);
827 vlib_set_next_frame_buffer (vm, node, next0, pi0);
828 vlib_set_next_frame_buffer (vm, node, next1, pi1);
832 vlib_put_next_frame (vm, node, next, n_left_to_next);
834 vlib_get_next_frame (vm, node, next, to_next, n_left_to_next);
840 while (n_left_from > 0 && n_left_to_next > 0)
845 ip_lookup_next_t next0;
846 ip_adjacency_t * adj0;
847 ip6_address_t * dst_addr0;
848 u32 fib_index0, flow_hash_config0;
853 p0 = vlib_get_buffer (vm, pi0);
855 ip0 = vlib_buffer_get_current (p0);
859 ip_adjacency_t * iadj0;
860 iadj0 = ip_get_adjacency (lm, vnet_buffer(p0)->ip.adj_index[VLIB_TX]);
861 dst_addr0 = &iadj0->indirect.next_hop.ip6;
865 dst_addr0 = &ip0->dst_address;
868 fib_index0 = vec_elt (im->fib_index_by_sw_if_index, vnet_buffer (p0)->sw_if_index[VLIB_RX]);
869 fib_index0 = (vnet_buffer(p0)->sw_if_index[VLIB_TX] == (u32)~0) ?
870 fib_index0 : vnet_buffer(p0)->sw_if_index[VLIB_TX];
873 vec_elt_at_index (im->fibs,fib_index0)->flow_hash_config;
875 adj_index0 = ip6_fib_lookup_with_table (im, fib_index0, dst_addr0);
877 adj0 = ip_get_adjacency (lm, adj_index0);
879 if (PREDICT_FALSE (adj0->explicit_fib_index != ~0))
881 adj_index0 = ip6_fib_lookup_with_table
882 (im, adj0->explicit_fib_index, dst_addr0);
883 adj0 = ip_get_adjacency (lm, adj_index0);
886 next0 = adj0->lookup_next_index;
887 next0 = (ip0->protocol == IP_PROTOCOL_IP6_HOP_BY_HOP_OPTIONS) ?
888 IP_LOOKUP_NEXT_HOP_BY_HOP : next0;
890 vnet_buffer (p0)->ip.flow_hash = 0;
892 if (PREDICT_FALSE(adj0->n_adj > 1))
895 vec_elt_at_index (im->fibs,fib_index0)->flow_hash_config;
896 vnet_buffer (p0)->ip.flow_hash =
897 ip6_compute_flow_hash (ip0, flow_hash_config0);
900 ASSERT (adj0->n_adj > 0);
901 ASSERT (is_pow2 (adj0->n_adj));
902 adj_index0 += (vnet_buffer (p0)->ip.flow_hash & (adj0->n_adj - 1));
904 vnet_buffer (p0)->ip.adj_index[VLIB_TX] = adj_index0;
906 vlib_increment_combined_counter
907 (cm, cpu_index, adj_index0, 1,
908 vlib_buffer_length_in_chain (vm, p0));
915 if (PREDICT_FALSE (next0 != next))
918 vlib_put_next_frame (vm, node, next, n_left_to_next);
920 vlib_get_next_frame (vm, node, next,
921 to_next, n_left_to_next);
928 vlib_put_next_frame (vm, node, next, n_left_to_next);
931 return frame->n_vectors;
934 void ip6_adjacency_set_interface_route (vnet_main_t * vnm,
935 ip_adjacency_t * adj,
937 u32 if_address_index)
939 vnet_hw_interface_t * hw = vnet_get_sup_hw_interface (vnm, sw_if_index);
943 if (hw->hw_class_index == ethernet_hw_interface_class.index
944 || hw->hw_class_index == srp_hw_interface_class.index)
946 n = IP_LOOKUP_NEXT_ARP;
947 node_index = ip6_discover_neighbor_node.index;
948 adj->if_address_index = if_address_index;
949 adj->arp.next_hop.ip6.as_u64[0] = 0;
950 adj->arp.next_hop.ip6.as_u64[1] = 0;
954 n = IP_LOOKUP_NEXT_REWRITE;
955 node_index = ip6_rewrite_node.index;
958 adj->lookup_next_index = n;
959 adj->explicit_fib_index = ~0;
961 vnet_rewrite_for_sw_interface
963 VNET_L3_PACKET_TYPE_IP6,
966 VNET_REWRITE_FOR_SW_INTERFACE_ADDRESS_BROADCAST,
967 &adj->rewrite_header,
968 sizeof (adj->rewrite_data));
972 ip6_add_interface_routes (vnet_main_t * vnm, u32 sw_if_index,
973 ip6_main_t * im, u32 fib_index,
974 ip_interface_address_t * a)
976 ip_lookup_main_t * lm = &im->lookup_main;
977 ip_adjacency_t * adj;
978 ip6_address_t * address = ip_interface_address_get_address (lm, a);
979 ip6_add_del_route_args_t x;
980 vnet_hw_interface_t * hw_if = vnet_get_sup_hw_interface (vnm, sw_if_index);
981 u32 classify_table_index;
983 /* Add e.g. 1.0.0.0/8 as interface route (arp for Ethernet). */
984 x.table_index_or_table_id = fib_index;
985 x.flags = (IP6_ROUTE_FLAG_ADD
986 | IP6_ROUTE_FLAG_FIB_INDEX
987 | IP6_ROUTE_FLAG_NO_REDISTRIBUTE);
988 x.dst_address = address[0];
989 x.dst_address_length = a->address_length;
993 a->neighbor_probe_adj_index = ~0;
994 if (a->address_length < 128)
996 adj = ip_add_adjacency (lm, /* template */ 0, /* block size */ 1,
998 ip6_adjacency_set_interface_route (vnm, adj, sw_if_index, a - lm->if_address_pool);
999 ip_call_add_del_adjacency_callbacks (lm, x.adj_index, /* is_del */ 0);
1000 ip6_add_del_route (im, &x);
1001 a->neighbor_probe_adj_index = x.adj_index;
1004 /* Add e.g. ::1/128 as local to this host. */
1005 adj = ip_add_adjacency (lm, /* template */ 0, /* block size */ 1,
1008 classify_table_index = ~0;
1009 if (sw_if_index < vec_len (lm->classify_table_index_by_sw_if_index))
1010 classify_table_index = lm->classify_table_index_by_sw_if_index [sw_if_index];
1011 if (classify_table_index != (u32) ~0)
1013 adj->lookup_next_index = IP_LOOKUP_NEXT_CLASSIFY;
1014 adj->classify.table_index = classify_table_index;
1017 adj->lookup_next_index = IP_LOOKUP_NEXT_LOCAL;
1019 adj->if_address_index = a - lm->if_address_pool;
1020 adj->rewrite_header.sw_if_index = sw_if_index;
1021 adj->rewrite_header.max_l3_packet_bytes = hw_if->max_l3_packet_bytes[VLIB_RX];
1022 adj->rewrite_header.data_bytes = 0;
1023 ip_call_add_del_adjacency_callbacks (lm, x.adj_index, /* is_del */ 0);
1024 x.dst_address_length = 128;
1025 ip6_add_del_route (im, &x);
1029 ip6_del_interface_routes (ip6_main_t * im, u32 fib_index,
1030 ip6_address_t * address, u32 address_length)
1032 ip6_add_del_route_args_t x;
1034 /* Add e.g. 1.0.0.0/8 as interface route (arp for Ethernet). */
1035 x.table_index_or_table_id = fib_index;
1036 x.flags = (IP6_ROUTE_FLAG_DEL
1037 | IP6_ROUTE_FLAG_FIB_INDEX
1038 | IP6_ROUTE_FLAG_NO_REDISTRIBUTE);
1039 x.dst_address = address[0];
1040 x.dst_address_length = address_length;
1045 if (address_length < 128)
1047 /* Don't wipe out fe80::0/64 */
1048 if (address_length != 64 ||
1049 address[0].as_u64[0] != clib_net_to_host_u64(0xfe80000000000000ULL))
1050 ip6_add_del_route (im, &x);
1053 x.dst_address_length = 128;
1054 ip6_add_del_route (im, &x);
1056 ip6_delete_matching_routes (im,
1058 IP6_ROUTE_FLAG_FIB_INDEX,
1065 ip6_address_t address;
1067 } ip6_interface_address_t;
1069 static clib_error_t *
1070 ip6_add_del_interface_address_internal (vlib_main_t * vm,
1072 ip6_address_t * new_address,
1078 static clib_error_t *
1079 ip6_add_del_interface_address_internal (vlib_main_t * vm,
1081 ip6_address_t * address,
1087 vnet_main_t * vnm = vnet_get_main();
1088 ip6_main_t * im = &ip6_main;
1089 ip_lookup_main_t * lm = &im->lookup_main;
1090 clib_error_t * error;
1091 u32 if_address_index;
1092 ip6_address_fib_t ip6_af, * addr_fib = 0;
1094 vec_validate (im->fib_index_by_sw_if_index, sw_if_index);
1095 ip6_addr_fib_init (&ip6_af, address,
1096 vec_elt (im->fib_index_by_sw_if_index, sw_if_index));
1097 vec_add1 (addr_fib, ip6_af);
1100 uword elts_before = pool_elts (lm->if_address_pool);
1102 error = ip_interface_address_add_del
1112 /* Pool did not grow: add duplicate address. */
1113 if (elts_before == pool_elts (lm->if_address_pool))
1117 if (vnet_sw_interface_is_admin_up (vnm, sw_if_index) && insert_routes)
1120 ip6_del_interface_routes (im, ip6_af.fib_index, address,
1124 ip6_add_interface_routes (vnm, sw_if_index,
1125 im, ip6_af.fib_index,
1126 pool_elt_at_index (lm->if_address_pool, if_address_index));
1130 ip6_add_del_interface_address_callback_t * cb;
1131 vec_foreach (cb, im->add_del_interface_address_callbacks)
1132 cb->function (im, cb->function_opaque, sw_if_index,
1133 address, address_length,
1139 vec_free (addr_fib);
1144 ip6_add_del_interface_address (vlib_main_t * vm, u32 sw_if_index,
1145 ip6_address_t * address, u32 address_length,
1148 return ip6_add_del_interface_address_internal
1149 (vm, sw_if_index, address, address_length,
1150 /* redistribute */ 1,
1151 /* insert_routes */ 1,
1156 ip6_sw_interface_admin_up_down (vnet_main_t * vnm,
1160 ip6_main_t * im = &ip6_main;
1161 ip_interface_address_t * ia;
1163 u32 is_admin_up, fib_index;
1165 /* Fill in lookup tables with default table (0). */
1166 vec_validate (im->fib_index_by_sw_if_index, sw_if_index);
1168 vec_validate_init_empty (im->lookup_main.if_address_pool_index_by_sw_if_index, sw_if_index, ~0);
1170 is_admin_up = (flags & VNET_SW_INTERFACE_FLAG_ADMIN_UP) != 0;
1172 fib_index = vec_elt (im->fib_index_by_sw_if_index, sw_if_index);
1174 foreach_ip_interface_address (&im->lookup_main, ia, sw_if_index,
1175 0 /* honor unnumbered */,
1177 a = ip_interface_address_get_address (&im->lookup_main, ia);
1179 ip6_add_interface_routes (vnm, sw_if_index,
1183 ip6_del_interface_routes (im, fib_index,
1184 a, ia->address_length);
1190 VNET_SW_INTERFACE_ADMIN_UP_DOWN_FUNCTION (ip6_sw_interface_admin_up_down);
1193 ip6_sw_interface_add_del (vnet_main_t * vnm,
1197 vlib_main_t * vm = vnm->vlib_main;
1198 ip6_main_t * im = &ip6_main;
1199 ip_lookup_main_t * lm = &im->lookup_main;
1202 for (cast = 0; cast < VNET_N_CAST; cast++)
1204 ip_config_main_t * cm = &lm->rx_config_mains[cast];
1205 vnet_config_main_t * vcm = &cm->config_main;
1207 /* FIXME multicast. */
1208 if (! vcm->node_index_by_feature_index)
1210 char * start_nodes[] = { "ip6-input", };
1211 char * feature_nodes[] = {
1212 [IP6_RX_FEATURE_CHECK_ACCESS] = "ip6-inacl",
1213 [IP6_RX_FEATURE_IPSEC] = "ipsec-input-ip6",
1214 [IP6_RX_FEATURE_L2TPV3] = "l2tp-decap",
1215 [IP6_RX_FEATURE_VPATH] = "vpath-input-ip6",
1216 [IP6_RX_FEATURE_LOOKUP] = "ip6-lookup",
1218 vnet_config_init (vm, vcm,
1219 start_nodes, ARRAY_LEN (start_nodes),
1220 feature_nodes, ARRAY_LEN (feature_nodes));
1223 vec_validate_init_empty (cm->config_index_by_sw_if_index, sw_if_index, ~0);
1224 ci = cm->config_index_by_sw_if_index[sw_if_index];
1227 ci = vnet_config_add_feature (vm, vcm,
1229 IP6_RX_FEATURE_LOOKUP,
1230 /* config data */ 0,
1231 /* # bytes of config data */ 0);
1233 ci = vnet_config_del_feature (vm, vcm,
1235 IP6_RX_FEATURE_LOOKUP,
1236 /* config data */ 0,
1237 /* # bytes of config data */ 0);
1239 cm->config_index_by_sw_if_index[sw_if_index] = ci;
1241 return /* no error */ 0;
1244 VNET_SW_INTERFACE_ADD_DEL_FUNCTION (ip6_sw_interface_add_del);
1247 ip6_lookup (vlib_main_t * vm,
1248 vlib_node_runtime_t * node,
1249 vlib_frame_t * frame)
1251 return ip6_lookup_inline (vm, node, frame, /* is_indirect */ 0);
1254 VLIB_REGISTER_NODE (ip6_lookup_node) = {
1255 .function = ip6_lookup,
1256 .name = "ip6-lookup",
1257 .vector_size = sizeof (u32),
1259 .n_next_nodes = IP_LOOKUP_N_NEXT,
1260 .next_nodes = IP6_LOOKUP_NEXT_NODES,
1264 ip6_indirect (vlib_main_t * vm,
1265 vlib_node_runtime_t * node,
1266 vlib_frame_t * frame)
1268 return ip6_lookup_inline (vm, node, frame, /* is_indirect */ 1);
1272 VLIB_REGISTER_NODE (ip6_indirect_node) = {
1273 .function = ip6_indirect,
1274 .name = "ip6-indirect",
1275 .vector_size = sizeof (u32),
1277 .n_next_nodes = IP_LOOKUP_N_NEXT,
1278 .next_nodes = IP6_LOOKUP_NEXT_NODES,
1282 /* Adjacency taken. */
1287 /* Packet data, possibly *after* rewrite. */
1288 u8 packet_data[128 - 1*sizeof(u32)];
1289 } ip6_forward_next_trace_t;
1291 static u8 * format_ip6_forward_next_trace (u8 * s, va_list * args)
1293 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
1294 CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
1295 ip6_forward_next_trace_t * t = va_arg (*args, ip6_forward_next_trace_t *);
1296 vnet_main_t * vnm = vnet_get_main();
1297 ip6_main_t * im = &ip6_main;
1298 ip_adjacency_t * adj;
1299 uword indent = format_get_indent (s);
1301 adj = ip_get_adjacency (&im->lookup_main, t->adj_index);
1302 s = format (s, "fib %d adj-idx %d : %U flow hash: 0x%08x",
1303 t->fib_index, t->adj_index, format_ip_adjacency,
1304 vnm, &im->lookup_main, t->adj_index, t->flow_hash);
1305 switch (adj->lookup_next_index)
1307 case IP_LOOKUP_NEXT_REWRITE:
1308 s = format (s, "\n%U%U",
1309 format_white_space, indent,
1310 format_ip_adjacency_packet_data,
1311 vnm, &im->lookup_main, t->adj_index,
1312 t->packet_data, sizeof (t->packet_data));
1322 /* Common trace function for all ip6-forward next nodes. */
1324 ip6_forward_next_trace (vlib_main_t * vm,
1325 vlib_node_runtime_t * node,
1326 vlib_frame_t * frame,
1327 vlib_rx_or_tx_t which_adj_index)
1330 ip6_main_t * im = &ip6_main;
1332 n_left = frame->n_vectors;
1333 from = vlib_frame_vector_args (frame);
1338 vlib_buffer_t * b0, * b1;
1339 ip6_forward_next_trace_t * t0, * t1;
1341 /* Prefetch next iteration. */
1342 vlib_prefetch_buffer_with_index (vm, from[2], LOAD);
1343 vlib_prefetch_buffer_with_index (vm, from[3], LOAD);
1348 b0 = vlib_get_buffer (vm, bi0);
1349 b1 = vlib_get_buffer (vm, bi1);
1351 if (b0->flags & VLIB_BUFFER_IS_TRACED)
1353 t0 = vlib_add_trace (vm, node, b0, sizeof (t0[0]));
1354 t0->adj_index = vnet_buffer (b0)->ip.adj_index[which_adj_index];
1355 t0->flow_hash = vnet_buffer (b0)->ip.flow_hash;
1356 t0->fib_index = vec_elt (im->fib_index_by_sw_if_index,
1357 vnet_buffer(b0)->sw_if_index[VLIB_RX]);
1358 clib_memcpy (t0->packet_data,
1359 vlib_buffer_get_current (b0),
1360 sizeof (t0->packet_data));
1362 if (b1->flags & VLIB_BUFFER_IS_TRACED)
1364 t1 = vlib_add_trace (vm, node, b1, sizeof (t1[0]));
1365 t1->adj_index = vnet_buffer (b1)->ip.adj_index[which_adj_index];
1366 t1->flow_hash = vnet_buffer (b1)->ip.flow_hash;
1367 t1->fib_index = vec_elt (im->fib_index_by_sw_if_index,
1368 vnet_buffer(b1)->sw_if_index[VLIB_RX]);
1369 clib_memcpy (t1->packet_data,
1370 vlib_buffer_get_current (b1),
1371 sizeof (t1->packet_data));
1381 ip6_forward_next_trace_t * t0;
1385 b0 = vlib_get_buffer (vm, bi0);
1387 if (b0->flags & VLIB_BUFFER_IS_TRACED)
1389 t0 = vlib_add_trace (vm, node, b0, sizeof (t0[0]));
1390 t0->adj_index = vnet_buffer (b0)->ip.adj_index[which_adj_index];
1391 t0->flow_hash = vnet_buffer (b0)->ip.flow_hash;
1392 t0->fib_index = vec_elt (im->fib_index_by_sw_if_index,
1393 vnet_buffer(b0)->sw_if_index[VLIB_RX]);
1394 clib_memcpy (t0->packet_data,
1395 vlib_buffer_get_current (b0),
1396 sizeof (t0->packet_data));
1404 ip6_drop_or_punt (vlib_main_t * vm,
1405 vlib_node_runtime_t * node,
1406 vlib_frame_t * frame,
1407 ip6_error_t error_code)
1409 u32 * buffers = vlib_frame_vector_args (frame);
1410 uword n_packets = frame->n_vectors;
1412 vlib_error_drop_buffers (vm, node,
1417 ip6_input_node.index,
1420 if (node->flags & VLIB_NODE_FLAG_TRACE)
1421 ip6_forward_next_trace (vm, node, frame, VLIB_TX);
1427 ip6_drop (vlib_main_t * vm,
1428 vlib_node_runtime_t * node,
1429 vlib_frame_t * frame)
1430 { return ip6_drop_or_punt (vm, node, frame, IP6_ERROR_ADJACENCY_DROP); }
1433 ip6_punt (vlib_main_t * vm,
1434 vlib_node_runtime_t * node,
1435 vlib_frame_t * frame)
1436 { return ip6_drop_or_punt (vm, node, frame, IP6_ERROR_ADJACENCY_PUNT); }
1439 ip6_miss (vlib_main_t * vm,
1440 vlib_node_runtime_t * node,
1441 vlib_frame_t * frame)
1442 { return ip6_drop_or_punt (vm, node, frame, IP6_ERROR_DST_LOOKUP_MISS); }
1444 VLIB_REGISTER_NODE (ip6_drop_node,static) = {
1445 .function = ip6_drop,
1447 .vector_size = sizeof (u32),
1449 .format_trace = format_ip6_forward_next_trace,
1457 VLIB_REGISTER_NODE (ip6_punt_node,static) = {
1458 .function = ip6_punt,
1460 .vector_size = sizeof (u32),
1462 .format_trace = format_ip6_forward_next_trace,
1470 VLIB_REGISTER_NODE (ip6_miss_node,static) = {
1471 .function = ip6_miss,
1473 .vector_size = sizeof (u32),
1475 .format_trace = format_ip6_forward_next_trace,
1483 VLIB_REGISTER_NODE (ip6_multicast_node,static) = {
1484 .function = ip6_drop,
1485 .name = "ip6-multicast",
1486 .vector_size = sizeof (u32),
1488 .format_trace = format_ip6_forward_next_trace,
1496 /* Compute TCP/UDP/ICMP6 checksum in software. */
1497 u16 ip6_tcp_udp_icmp_compute_checksum (vlib_main_t * vm, vlib_buffer_t * p0, ip6_header_t * ip0, int *bogus_lengthp)
1500 u16 sum16, payload_length_host_byte_order;
1501 u32 i, n_this_buffer, n_bytes_left;
1502 u32 headers_size = sizeof(ip0[0]);
1503 void * data_this_buffer;
1505 ASSERT(bogus_lengthp);
1508 /* Initialize checksum with ip header. */
1509 sum0 = ip0->payload_length + clib_host_to_net_u16 (ip0->protocol);
1510 payload_length_host_byte_order = clib_net_to_host_u16 (ip0->payload_length);
1511 data_this_buffer = (void *) (ip0 + 1);
1513 for (i = 0; i < ARRAY_LEN (ip0->src_address.as_uword); i++)
1515 sum0 = ip_csum_with_carry (sum0,
1516 clib_mem_unaligned (&ip0->src_address.as_uword[i], uword));
1517 sum0 = ip_csum_with_carry (sum0,
1518 clib_mem_unaligned (&ip0->dst_address.as_uword[i], uword));
1521 /* some icmp packets may come with a "router alert" hop-by-hop extension header (e.g., mldv2 packets) */
1522 if (PREDICT_FALSE (ip0->protocol == IP_PROTOCOL_IP6_HOP_BY_HOP_OPTIONS))
1525 ip6_hop_by_hop_ext_t *ext_hdr = (ip6_hop_by_hop_ext_t *)data_this_buffer;
1527 /* validate really icmp6 next */
1528 ASSERT(ext_hdr->next_hdr == IP_PROTOCOL_ICMP6);
1530 skip_bytes = 8* (1 + ext_hdr->n_data_u64s);
1531 data_this_buffer = (void *)((u8 *)data_this_buffer + skip_bytes);
1533 payload_length_host_byte_order -= skip_bytes;
1534 headers_size += skip_bytes;
1537 n_bytes_left = n_this_buffer = payload_length_host_byte_order;
1539 if (p0 && n_this_buffer + headers_size > p0->current_length)
1541 struct rte_mbuf *mb = rte_mbuf_from_vlib_buffer(p0);
1542 u8 nb_segs = mb->nb_segs;
1544 n_this_buffer = (p0->current_length > headers_size ?
1545 p0->current_length - headers_size : 0);
1546 while (n_bytes_left)
1548 sum0 = ip_incremental_checksum (sum0, data_this_buffer, n_this_buffer);
1549 n_bytes_left -= n_this_buffer;
1553 if ((nb_segs == 0) || (mb == 0))
1556 data_this_buffer = rte_ctrlmbuf_data(mb);
1557 n_this_buffer = mb->data_len;
1559 if (n_bytes_left || nb_segs)
1565 else sum0 = ip_incremental_checksum (sum0, data_this_buffer, n_this_buffer);
1567 if (p0 && n_this_buffer + headers_size > p0->current_length)
1568 n_this_buffer = p0->current_length > headers_size ? p0->current_length - headers_size : 0;
1571 sum0 = ip_incremental_checksum (sum0, data_this_buffer, n_this_buffer);
1572 n_bytes_left -= n_this_buffer;
1573 if (n_bytes_left == 0)
1576 if (!(p0->flags & VLIB_BUFFER_NEXT_PRESENT))
1581 p0 = vlib_get_buffer (vm, p0->next_buffer);
1582 data_this_buffer = vlib_buffer_get_current (p0);
1583 n_this_buffer = p0->current_length;
1587 sum16 = ~ ip_csum_fold (sum0);
1592 u32 ip6_tcp_udp_icmp_validate_checksum (vlib_main_t * vm, vlib_buffer_t * p0)
1594 ip6_header_t * ip0 = vlib_buffer_get_current (p0);
1595 udp_header_t * udp0;
1599 /* some icmp packets may come with a "router alert" hop-by-hop extension header (e.g., mldv2 packets) */
1600 ASSERT (ip0->protocol == IP_PROTOCOL_TCP
1601 || ip0->protocol == IP_PROTOCOL_ICMP6
1602 || ip0->protocol == IP_PROTOCOL_UDP
1603 || ip0->protocol == IP_PROTOCOL_IP6_HOP_BY_HOP_OPTIONS);
1605 udp0 = (void *) (ip0 + 1);
1606 if (ip0->protocol == IP_PROTOCOL_UDP && udp0->checksum == 0)
1608 p0->flags |= (IP_BUFFER_L4_CHECKSUM_COMPUTED
1609 | IP_BUFFER_L4_CHECKSUM_CORRECT);
1613 sum16 = ip6_tcp_udp_icmp_compute_checksum (vm, p0, ip0, &bogus_length);
1615 p0->flags |= (IP_BUFFER_L4_CHECKSUM_COMPUTED
1616 | ((sum16 == 0) << LOG2_IP_BUFFER_L4_CHECKSUM_CORRECT));
1622 ip6_local (vlib_main_t * vm,
1623 vlib_node_runtime_t * node,
1624 vlib_frame_t * frame)
1626 ip6_main_t * im = &ip6_main;
1627 ip_lookup_main_t * lm = &im->lookup_main;
1628 ip_local_next_t next_index;
1629 u32 * from, * to_next, n_left_from, n_left_to_next;
1630 vlib_node_runtime_t * error_node = vlib_node_get_runtime (vm, ip6_input_node.index);
1632 from = vlib_frame_vector_args (frame);
1633 n_left_from = frame->n_vectors;
1634 next_index = node->cached_next_index;
1636 if (node->flags & VLIB_NODE_FLAG_TRACE)
1637 ip6_forward_next_trace (vm, node, frame, VLIB_TX);
1639 while (n_left_from > 0)
1641 vlib_get_next_frame (vm, node, next_index,
1642 to_next, n_left_to_next);
1644 while (n_left_from >= 4 && n_left_to_next >= 2)
1646 vlib_buffer_t * p0, * p1;
1647 ip6_header_t * ip0, * ip1;
1648 udp_header_t * udp0, * udp1;
1649 u32 pi0, ip_len0, udp_len0, flags0, next0;
1650 u32 pi1, ip_len1, udp_len1, flags1, next1;
1651 i32 len_diff0, len_diff1;
1652 u8 error0, type0, good_l4_checksum0;
1653 u8 error1, type1, good_l4_checksum1;
1655 pi0 = to_next[0] = from[0];
1656 pi1 = to_next[1] = from[1];
1660 n_left_to_next -= 2;
1662 p0 = vlib_get_buffer (vm, pi0);
1663 p1 = vlib_get_buffer (vm, pi1);
1665 ip0 = vlib_buffer_get_current (p0);
1666 ip1 = vlib_buffer_get_current (p1);
1668 type0 = lm->builtin_protocol_by_ip_protocol[ip0->protocol];
1669 type1 = lm->builtin_protocol_by_ip_protocol[ip1->protocol];
1671 next0 = lm->local_next_by_ip_protocol[ip0->protocol];
1672 next1 = lm->local_next_by_ip_protocol[ip1->protocol];
1677 good_l4_checksum0 = (flags0 & IP_BUFFER_L4_CHECKSUM_CORRECT) != 0;
1678 good_l4_checksum1 = (flags1 & IP_BUFFER_L4_CHECKSUM_CORRECT) != 0;
1680 udp0 = ip6_next_header (ip0);
1681 udp1 = ip6_next_header (ip1);
1683 /* Don't verify UDP checksum for packets with explicit zero checksum. */
1684 good_l4_checksum0 |= type0 == IP_BUILTIN_PROTOCOL_UDP && udp0->checksum == 0;
1685 good_l4_checksum1 |= type1 == IP_BUILTIN_PROTOCOL_UDP && udp1->checksum == 0;
1687 good_l4_checksum0 |= type0 == IP_BUILTIN_PROTOCOL_UNKNOWN;
1688 good_l4_checksum1 |= type1 == IP_BUILTIN_PROTOCOL_UNKNOWN;
1690 /* Verify UDP length. */
1691 ip_len0 = clib_net_to_host_u16 (ip0->payload_length);
1692 ip_len1 = clib_net_to_host_u16 (ip1->payload_length);
1693 udp_len0 = clib_net_to_host_u16 (udp0->length);
1694 udp_len1 = clib_net_to_host_u16 (udp1->length);
1696 len_diff0 = ip_len0 - udp_len0;
1697 len_diff1 = ip_len1 - udp_len1;
1699 len_diff0 = type0 == IP_BUILTIN_PROTOCOL_UDP ? len_diff0 : 0;
1700 len_diff1 = type1 == IP_BUILTIN_PROTOCOL_UDP ? len_diff1 : 0;
1702 if (PREDICT_FALSE (type0 != IP_BUILTIN_PROTOCOL_UNKNOWN
1703 && ! good_l4_checksum0
1704 && ! (flags0 & IP_BUFFER_L4_CHECKSUM_COMPUTED)))
1706 flags0 = ip6_tcp_udp_icmp_validate_checksum (vm, p0);
1708 (flags0 & IP_BUFFER_L4_CHECKSUM_CORRECT) != 0;
1710 if (PREDICT_FALSE (type1 != IP_BUILTIN_PROTOCOL_UNKNOWN
1711 && ! good_l4_checksum1
1712 && ! (flags1 & IP_BUFFER_L4_CHECKSUM_COMPUTED)))
1714 flags1 = ip6_tcp_udp_icmp_validate_checksum (vm, p1);
1716 (flags1 & IP_BUFFER_L4_CHECKSUM_CORRECT) != 0;
1719 error0 = error1 = IP6_ERROR_UNKNOWN_PROTOCOL;
1721 error0 = len_diff0 < 0 ? IP6_ERROR_UDP_LENGTH : error0;
1722 error1 = len_diff1 < 0 ? IP6_ERROR_UDP_LENGTH : error1;
1724 ASSERT (IP6_ERROR_UDP_CHECKSUM + IP_BUILTIN_PROTOCOL_UDP == IP6_ERROR_UDP_CHECKSUM);
1725 ASSERT (IP6_ERROR_UDP_CHECKSUM + IP_BUILTIN_PROTOCOL_ICMP == IP6_ERROR_ICMP_CHECKSUM);
1726 error0 = (! good_l4_checksum0
1727 ? IP6_ERROR_UDP_CHECKSUM + type0
1729 error1 = (! good_l4_checksum1
1730 ? IP6_ERROR_UDP_CHECKSUM + type1
1733 /* Drop packets from unroutable hosts. */
1734 /* If this is a neighbor solicitation (ICMP), skip source RPF check */
1735 if (error0 == IP6_ERROR_UNKNOWN_PROTOCOL && type0 != IP_BUILTIN_PROTOCOL_ICMP)
1737 u32 src_adj_index0 = ip6_src_lookup_for_packet (im, p0, ip0);
1738 error0 = (lm->miss_adj_index == src_adj_index0
1739 ? IP6_ERROR_SRC_LOOKUP_MISS
1742 if (error1 == IP6_ERROR_UNKNOWN_PROTOCOL && type1 != IP_BUILTIN_PROTOCOL_ICMP)
1744 u32 src_adj_index1 = ip6_src_lookup_for_packet (im, p1, ip1);
1745 error1 = (lm->miss_adj_index == src_adj_index1
1746 ? IP6_ERROR_SRC_LOOKUP_MISS
1750 next0 = error0 != IP6_ERROR_UNKNOWN_PROTOCOL ? IP_LOCAL_NEXT_DROP : next0;
1751 next1 = error1 != IP6_ERROR_UNKNOWN_PROTOCOL ? IP_LOCAL_NEXT_DROP : next1;
1753 p0->error = error_node->errors[error0];
1754 p1->error = error_node->errors[error1];
1756 vlib_validate_buffer_enqueue_x2 (vm, node, next_index,
1757 to_next, n_left_to_next,
1758 pi0, pi1, next0, next1);
1761 while (n_left_from > 0 && n_left_to_next > 0)
1765 udp_header_t * udp0;
1766 u32 pi0, ip_len0, udp_len0, flags0, next0;
1768 u8 error0, type0, good_l4_checksum0;
1770 pi0 = to_next[0] = from[0];
1774 n_left_to_next -= 1;
1776 p0 = vlib_get_buffer (vm, pi0);
1778 ip0 = vlib_buffer_get_current (p0);
1780 type0 = lm->builtin_protocol_by_ip_protocol[ip0->protocol];
1781 next0 = lm->local_next_by_ip_protocol[ip0->protocol];
1785 good_l4_checksum0 = (flags0 & IP_BUFFER_L4_CHECKSUM_CORRECT) != 0;
1787 udp0 = ip6_next_header (ip0);
1789 /* Don't verify UDP checksum for packets with explicit zero checksum. */
1790 good_l4_checksum0 |= type0 == IP_BUILTIN_PROTOCOL_UDP && udp0->checksum == 0;
1792 good_l4_checksum0 |= type0 == IP_BUILTIN_PROTOCOL_UNKNOWN;
1794 /* Verify UDP length. */
1795 ip_len0 = clib_net_to_host_u16 (ip0->payload_length);
1796 udp_len0 = clib_net_to_host_u16 (udp0->length);
1798 len_diff0 = ip_len0 - udp_len0;
1800 len_diff0 = type0 == IP_BUILTIN_PROTOCOL_UDP ? len_diff0 : 0;
1802 if (PREDICT_FALSE (type0 != IP_BUILTIN_PROTOCOL_UNKNOWN
1803 && ! good_l4_checksum0
1804 && ! (flags0 & IP_BUFFER_L4_CHECKSUM_COMPUTED)))
1806 flags0 = ip6_tcp_udp_icmp_validate_checksum (vm, p0);
1808 (flags0 & IP_BUFFER_L4_CHECKSUM_CORRECT) != 0;
1811 error0 = IP6_ERROR_UNKNOWN_PROTOCOL;
1813 error0 = len_diff0 < 0 ? IP6_ERROR_UDP_LENGTH : error0;
1815 ASSERT (IP6_ERROR_UDP_CHECKSUM + IP_BUILTIN_PROTOCOL_UDP == IP6_ERROR_UDP_CHECKSUM);
1816 ASSERT (IP6_ERROR_UDP_CHECKSUM + IP_BUILTIN_PROTOCOL_ICMP == IP6_ERROR_ICMP_CHECKSUM);
1817 error0 = (! good_l4_checksum0
1818 ? IP6_ERROR_UDP_CHECKSUM + type0
1821 /* If this is a neighbor solicitation (ICMP), skip source RPF check */
1822 if (error0 == IP6_ERROR_UNKNOWN_PROTOCOL && type0 != IP_BUILTIN_PROTOCOL_ICMP)
1824 u32 src_adj_index0 = ip6_src_lookup_for_packet (im, p0, ip0);
1825 error0 = (lm->miss_adj_index == src_adj_index0
1826 ? IP6_ERROR_SRC_LOOKUP_MISS
1830 next0 = error0 != IP6_ERROR_UNKNOWN_PROTOCOL ? IP_LOCAL_NEXT_DROP : next0;
1832 p0->error = error_node->errors[error0];
1834 vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
1835 to_next, n_left_to_next,
1839 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
1842 return frame->n_vectors;
1845 VLIB_REGISTER_NODE (ip6_local_node,static) = {
1846 .function = ip6_local,
1847 .name = "ip6-local",
1848 .vector_size = sizeof (u32),
1850 .format_trace = format_ip6_forward_next_trace,
1852 .n_next_nodes = IP_LOCAL_N_NEXT,
1854 [IP_LOCAL_NEXT_DROP] = "error-drop",
1855 [IP_LOCAL_NEXT_PUNT] = "error-punt",
1856 [IP_LOCAL_NEXT_UDP_LOOKUP] = "ip6-udp-lookup",
1857 [IP_LOCAL_NEXT_ICMP] = "ip6-icmp-input",
1861 void ip6_register_protocol (u32 protocol, u32 node_index)
1863 vlib_main_t * vm = vlib_get_main();
1864 ip6_main_t * im = &ip6_main;
1865 ip_lookup_main_t * lm = &im->lookup_main;
1867 ASSERT (protocol < ARRAY_LEN (lm->local_next_by_ip_protocol));
1868 lm->local_next_by_ip_protocol[protocol] = vlib_node_add_next (vm, ip6_local_node.index, node_index);
1872 IP6_DISCOVER_NEIGHBOR_NEXT_DROP,
1873 IP6_DISCOVER_NEIGHBOR_NEXT_REPLY_TX,
1874 IP6_DISCOVER_NEIGHBOR_N_NEXT,
1875 } ip6_discover_neighbor_next_t;
1878 IP6_DISCOVER_NEIGHBOR_ERROR_DROP,
1879 IP6_DISCOVER_NEIGHBOR_ERROR_REQUEST_SENT,
1880 } ip6_discover_neighbor_error_t;
1883 ip6_discover_neighbor (vlib_main_t * vm,
1884 vlib_node_runtime_t * node,
1885 vlib_frame_t * frame)
1887 vnet_main_t * vnm = vnet_get_main();
1888 ip6_main_t * im = &ip6_main;
1889 ip_lookup_main_t * lm = &im->lookup_main;
1890 u32 * from, * to_next_drop;
1891 uword n_left_from, n_left_to_next_drop;
1892 static f64 time_last_seed_change = -1e100;
1893 static u32 hash_seeds[3];
1894 static uword hash_bitmap[256 / BITS (uword)];
1898 if (node->flags & VLIB_NODE_FLAG_TRACE)
1899 ip6_forward_next_trace (vm, node, frame, VLIB_TX);
1901 time_now = vlib_time_now (vm);
1902 if (time_now - time_last_seed_change > 1e-3)
1905 u32 * r = clib_random_buffer_get_data (&vm->random_buffer,
1906 sizeof (hash_seeds));
1907 for (i = 0; i < ARRAY_LEN (hash_seeds); i++)
1908 hash_seeds[i] = r[i];
1910 /* Mark all hash keys as been not-seen before. */
1911 for (i = 0; i < ARRAY_LEN (hash_bitmap); i++)
1914 time_last_seed_change = time_now;
1917 from = vlib_frame_vector_args (frame);
1918 n_left_from = frame->n_vectors;
1920 while (n_left_from > 0)
1922 vlib_get_next_frame (vm, node, IP6_DISCOVER_NEIGHBOR_NEXT_DROP,
1923 to_next_drop, n_left_to_next_drop);
1925 while (n_left_from > 0 && n_left_to_next_drop > 0)
1929 u32 pi0, adj_index0, a0, b0, c0, m0, sw_if_index0, drop0;
1931 ip_adjacency_t * adj0;
1932 vnet_hw_interface_t * hw_if0;
1937 p0 = vlib_get_buffer (vm, pi0);
1939 adj_index0 = vnet_buffer (p0)->ip.adj_index[VLIB_TX];
1941 ip0 = vlib_buffer_get_current (p0);
1943 adj0 = ip_get_adjacency (lm, adj_index0);
1945 if (adj0->arp.next_hop.ip6.as_u64[0] ||
1946 adj0->arp.next_hop.ip6.as_u64[1]) {
1947 ip0->dst_address.as_u64[0] = adj0->arp.next_hop.ip6.as_u64[0];
1948 ip0->dst_address.as_u64[1] = adj0->arp.next_hop.ip6.as_u64[1];
1955 sw_if_index0 = adj0->rewrite_header.sw_if_index;
1956 vnet_buffer (p0)->sw_if_index[VLIB_TX] = sw_if_index0;
1959 b0 ^= ip0->dst_address.as_u32[0];
1960 c0 ^= ip0->dst_address.as_u32[1];
1962 hash_v3_mix32 (a0, b0, c0);
1964 b0 ^= ip0->dst_address.as_u32[2];
1965 c0 ^= ip0->dst_address.as_u32[3];
1967 hash_v3_finalize32 (a0, b0, c0);
1969 c0 &= BITS (hash_bitmap) - 1;
1970 c0 = c0 / BITS (uword);
1971 m0 = (uword) 1 << (c0 % BITS (uword));
1973 bm0 = hash_bitmap[c0];
1974 drop0 = (bm0 & m0) != 0;
1976 /* Mark it as seen. */
1977 hash_bitmap[c0] = bm0 | m0;
1981 to_next_drop[0] = pi0;
1983 n_left_to_next_drop -= 1;
1985 hw_if0 = vnet_get_sup_hw_interface (vnm, sw_if_index0);
1987 /* If the interface is link-down, drop the pkt */
1988 if (!(hw_if0->flags & VNET_HW_INTERFACE_FLAG_LINK_UP))
1992 node->errors[drop0 ? IP6_DISCOVER_NEIGHBOR_ERROR_DROP
1993 : IP6_DISCOVER_NEIGHBOR_ERROR_REQUEST_SENT];
1999 icmp6_neighbor_solicitation_header_t * h0;
2002 h0 = vlib_packet_template_get_packet
2003 (vm, &im->discover_neighbor_packet_template, &bi0);
2006 * Build ethernet header.
2007 * Choose source address based on destination lookup
2010 ip6_src_address_for_packet (im, p0, &h0->ip.src_address,
2014 * Destination address is a solicited node multicast address.
2015 * We need to fill in
2016 * the low 24 bits with low 24 bits of target's address.
2018 h0->ip.dst_address.as_u8[13] = ip0->dst_address.as_u8[13];
2019 h0->ip.dst_address.as_u8[14] = ip0->dst_address.as_u8[14];
2020 h0->ip.dst_address.as_u8[15] = ip0->dst_address.as_u8[15];
2022 h0->neighbor.target_address = ip0->dst_address;
2024 clib_memcpy (h0->link_layer_option.ethernet_address,
2025 hw_if0->hw_address, vec_len (hw_if0->hw_address));
2027 /* $$$$ appears we need this; why is the checksum non-zero? */
2028 h0->neighbor.icmp.checksum = 0;
2029 h0->neighbor.icmp.checksum =
2030 ip6_tcp_udp_icmp_compute_checksum (vm, 0, &h0->ip,
2033 ASSERT (bogus_length == 0);
2035 vlib_buffer_copy_trace_flag (vm, p0, bi0);
2036 b0 = vlib_get_buffer (vm, bi0);
2037 vnet_buffer (b0)->sw_if_index[VLIB_TX]
2038 = vnet_buffer (p0)->sw_if_index[VLIB_TX];
2040 /* Add rewrite/encap string. */
2041 vnet_rewrite_one_header (adj0[0], h0,
2042 sizeof (ethernet_header_t));
2043 vlib_buffer_advance (b0, -adj0->rewrite_header.data_bytes);
2045 next0 = IP6_DISCOVER_NEIGHBOR_NEXT_REPLY_TX;
2047 vlib_set_next_frame_buffer (vm, node, next0, bi0);
2051 vlib_put_next_frame (vm, node, IP6_DISCOVER_NEIGHBOR_NEXT_DROP,
2052 n_left_to_next_drop);
2055 return frame->n_vectors;
2058 static char * ip6_discover_neighbor_error_strings[] = {
2059 [IP6_DISCOVER_NEIGHBOR_ERROR_DROP] = "address overflow drops",
2060 [IP6_DISCOVER_NEIGHBOR_ERROR_REQUEST_SENT]
2061 = "neighbor solicitations sent",
2064 VLIB_REGISTER_NODE (ip6_discover_neighbor_node) = {
2065 .function = ip6_discover_neighbor,
2066 .name = "ip6-discover-neighbor",
2067 .vector_size = sizeof (u32),
2069 .format_trace = format_ip6_forward_next_trace,
2071 .n_errors = ARRAY_LEN (ip6_discover_neighbor_error_strings),
2072 .error_strings = ip6_discover_neighbor_error_strings,
2074 .n_next_nodes = IP6_DISCOVER_NEIGHBOR_N_NEXT,
2076 [IP6_DISCOVER_NEIGHBOR_NEXT_DROP] = "error-drop",
2077 [IP6_DISCOVER_NEIGHBOR_NEXT_REPLY_TX] = "interface-output",
2082 ip6_probe_neighbor (vlib_main_t * vm, ip6_address_t * dst, u32 sw_if_index)
2084 vnet_main_t * vnm = vnet_get_main();
2085 ip6_main_t * im = &ip6_main;
2086 icmp6_neighbor_solicitation_header_t * h;
2087 ip6_address_t * src;
2088 ip_interface_address_t * ia;
2089 ip_adjacency_t * adj;
2090 vnet_hw_interface_t * hi;
2091 vnet_sw_interface_t * si;
2096 si = vnet_get_sw_interface (vnm, sw_if_index);
2098 if (!(si->flags & VNET_SW_INTERFACE_FLAG_ADMIN_UP))
2100 return clib_error_return (0, "%U: interface %U down",
2101 format_ip6_address, dst,
2102 format_vnet_sw_if_index_name, vnm,
2106 src = ip6_interface_address_matching_destination (im, dst, sw_if_index, &ia);
2109 vnm->api_errno = VNET_API_ERROR_NO_MATCHING_INTERFACE;
2110 return clib_error_return
2111 (0, "no matching interface address for destination %U (interface %U)",
2112 format_ip6_address, dst,
2113 format_vnet_sw_if_index_name, vnm, sw_if_index);
2116 h = vlib_packet_template_get_packet (vm, &im->discover_neighbor_packet_template, &bi);
2118 hi = vnet_get_sup_hw_interface (vnm, sw_if_index);
2120 /* Destination address is a solicited node multicast address. We need to fill in
2121 the low 24 bits with low 24 bits of target's address. */
2122 h->ip.dst_address.as_u8[13] = dst->as_u8[13];
2123 h->ip.dst_address.as_u8[14] = dst->as_u8[14];
2124 h->ip.dst_address.as_u8[15] = dst->as_u8[15];
2126 h->ip.src_address = src[0];
2127 h->neighbor.target_address = dst[0];
2129 clib_memcpy (h->link_layer_option.ethernet_address, hi->hw_address, vec_len (hi->hw_address));
2131 h->neighbor.icmp.checksum =
2132 ip6_tcp_udp_icmp_compute_checksum (vm, 0, &h->ip, &bogus_length);
2133 ASSERT(bogus_length == 0);
2135 b = vlib_get_buffer (vm, bi);
2136 vnet_buffer (b)->sw_if_index[VLIB_RX] = vnet_buffer (b)->sw_if_index[VLIB_TX] = sw_if_index;
2138 /* Add encapsulation string for software interface (e.g. ethernet header). */
2139 adj = ip_get_adjacency (&im->lookup_main, ia->neighbor_probe_adj_index);
2140 vnet_rewrite_one_header (adj[0], h, sizeof (ethernet_header_t));
2141 vlib_buffer_advance (b, -adj->rewrite_header.data_bytes);
2144 vlib_frame_t * f = vlib_get_frame_to_node (vm, hi->output_node_index);
2145 u32 * to_next = vlib_frame_vector_args (f);
2148 vlib_put_frame_to_node (vm, hi->output_node_index, f);
2151 return /* no error */ 0;
2155 IP6_REWRITE_NEXT_DROP,
2156 } ip6_rewrite_next_t;
2159 ip6_rewrite_inline (vlib_main_t * vm,
2160 vlib_node_runtime_t * node,
2161 vlib_frame_t * frame,
2162 int rewrite_for_locally_received_packets)
2164 ip_lookup_main_t * lm = &ip6_main.lookup_main;
2165 u32 * from = vlib_frame_vector_args (frame);
2166 u32 n_left_from, n_left_to_next, * to_next, next_index;
2167 vlib_node_runtime_t * error_node = vlib_node_get_runtime (vm, ip6_input_node.index);
2168 vlib_rx_or_tx_t adj_rx_tx = rewrite_for_locally_received_packets ? VLIB_RX : VLIB_TX;
2170 n_left_from = frame->n_vectors;
2171 next_index = node->cached_next_index;
2172 u32 cpu_index = os_get_cpu_number();
2174 while (n_left_from > 0)
2176 vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
2178 while (n_left_from >= 4 && n_left_to_next >= 2)
2180 ip_adjacency_t * adj0, * adj1;
2181 vlib_buffer_t * p0, * p1;
2182 ip6_header_t * ip0, * ip1;
2183 u32 pi0, rw_len0, next0, error0, adj_index0;
2184 u32 pi1, rw_len1, next1, error1, adj_index1;
2186 /* Prefetch next iteration. */
2188 vlib_buffer_t * p2, * p3;
2190 p2 = vlib_get_buffer (vm, from[2]);
2191 p3 = vlib_get_buffer (vm, from[3]);
2193 vlib_prefetch_buffer_header (p2, LOAD);
2194 vlib_prefetch_buffer_header (p3, LOAD);
2196 CLIB_PREFETCH (p2->pre_data, 32, STORE);
2197 CLIB_PREFETCH (p3->pre_data, 32, STORE);
2199 CLIB_PREFETCH (p2->data, sizeof (ip0[0]), STORE);
2200 CLIB_PREFETCH (p3->data, sizeof (ip0[0]), STORE);
2203 pi0 = to_next[0] = from[0];
2204 pi1 = to_next[1] = from[1];
2209 n_left_to_next -= 2;
2211 p0 = vlib_get_buffer (vm, pi0);
2212 p1 = vlib_get_buffer (vm, pi1);
2214 adj_index0 = vnet_buffer (p0)->ip.adj_index[adj_rx_tx];
2215 adj_index1 = vnet_buffer (p1)->ip.adj_index[adj_rx_tx];
2217 /* We should never rewrite a pkt using the MISS adjacency */
2218 ASSERT(adj_index0 && adj_index1);
2220 ip0 = vlib_buffer_get_current (p0);
2221 ip1 = vlib_buffer_get_current (p1);
2223 error0 = error1 = IP6_ERROR_NONE;
2225 if (! rewrite_for_locally_received_packets)
2227 i32 hop_limit0 = ip0->hop_limit, hop_limit1 = ip1->hop_limit;
2229 /* Input node should have reject packets with hop limit 0. */
2230 ASSERT (ip0->hop_limit > 0);
2231 ASSERT (ip1->hop_limit > 0);
2236 ip0->hop_limit = hop_limit0;
2237 ip1->hop_limit = hop_limit1;
2239 error0 = hop_limit0 <= 0 ? IP6_ERROR_TIME_EXPIRED : error0;
2240 error1 = hop_limit1 <= 0 ? IP6_ERROR_TIME_EXPIRED : error1;
2243 adj0 = ip_get_adjacency (lm, adj_index0);
2244 adj1 = ip_get_adjacency (lm, adj_index1);
2246 if (rewrite_for_locally_received_packets)
2249 * If someone sends e.g. an icmp6 w/ src = dst = interface addr,
2250 * we end up here with a local adjacency in hand
2252 if (PREDICT_FALSE(adj0->lookup_next_index
2253 == IP_LOOKUP_NEXT_LOCAL))
2254 error0 = IP6_ERROR_SPOOFED_LOCAL_PACKETS;
2255 if (PREDICT_FALSE(adj1->lookup_next_index
2256 == IP_LOOKUP_NEXT_LOCAL))
2257 error1 = IP6_ERROR_SPOOFED_LOCAL_PACKETS;
2260 rw_len0 = adj0[0].rewrite_header.data_bytes;
2261 rw_len1 = adj1[0].rewrite_header.data_bytes;
2263 vlib_increment_combined_counter (&lm->adjacency_counters,
2266 /* packet increment */ 0,
2267 /* byte increment */ rw_len0);
2268 vlib_increment_combined_counter (&lm->adjacency_counters,
2271 /* packet increment */ 0,
2272 /* byte increment */ rw_len1);
2274 /* Check MTU of outgoing interface. */
2275 error0 = (vlib_buffer_length_in_chain (vm, p0) > adj0[0].rewrite_header.max_l3_packet_bytes
2276 ? IP6_ERROR_MTU_EXCEEDED
2278 error1 = (vlib_buffer_length_in_chain (vm, p1) > adj1[0].rewrite_header.max_l3_packet_bytes
2279 ? IP6_ERROR_MTU_EXCEEDED
2282 p0->current_data -= rw_len0;
2283 p1->current_data -= rw_len1;
2285 p0->current_length += rw_len0;
2286 p1->current_length += rw_len1;
2288 vnet_buffer (p0)->sw_if_index[VLIB_TX] = adj0[0].rewrite_header.sw_if_index;
2289 vnet_buffer (p1)->sw_if_index[VLIB_TX] = adj1[0].rewrite_header.sw_if_index;
2291 next0 = (error0 == IP6_ERROR_NONE) ?
2292 adj0[0].rewrite_header.next_index : IP6_REWRITE_NEXT_DROP;
2293 next1 = (error1 == IP6_ERROR_NONE) ?
2294 adj1[0].rewrite_header.next_index : IP6_REWRITE_NEXT_DROP;
2296 /* Guess we are only writing on simple Ethernet header. */
2297 vnet_rewrite_two_headers (adj0[0], adj1[0],
2299 sizeof (ethernet_header_t));
2301 vlib_validate_buffer_enqueue_x2 (vm, node, next_index,
2302 to_next, n_left_to_next,
2303 pi0, pi1, next0, next1);
2306 while (n_left_from > 0 && n_left_to_next > 0)
2308 ip_adjacency_t * adj0;
2312 u32 adj_index0, next0, error0;
2314 pi0 = to_next[0] = from[0];
2316 p0 = vlib_get_buffer (vm, pi0);
2318 adj_index0 = vnet_buffer (p0)->ip.adj_index[adj_rx_tx];
2320 /* We should never rewrite a pkt using the MISS adjacency */
2323 adj0 = ip_get_adjacency (lm, adj_index0);
2325 ip0 = vlib_buffer_get_current (p0);
2327 error0 = IP6_ERROR_NONE;
2329 /* Check hop limit */
2330 if (! rewrite_for_locally_received_packets)
2332 i32 hop_limit0 = ip0->hop_limit;
2334 ASSERT (ip0->hop_limit > 0);
2338 ip0->hop_limit = hop_limit0;
2340 error0 = hop_limit0 <= 0 ? IP6_ERROR_TIME_EXPIRED : error0;
2343 if (rewrite_for_locally_received_packets)
2345 if (PREDICT_FALSE(adj0->lookup_next_index
2346 == IP_LOOKUP_NEXT_LOCAL))
2347 error0 = IP6_ERROR_SPOOFED_LOCAL_PACKETS;
2350 /* Guess we are only writing on simple Ethernet header. */
2351 vnet_rewrite_one_header (adj0[0], ip0, sizeof (ethernet_header_t));
2353 /* Update packet buffer attributes/set output interface. */
2354 rw_len0 = adj0[0].rewrite_header.data_bytes;
2356 vlib_increment_combined_counter (&lm->adjacency_counters,
2359 /* packet increment */ 0,
2360 /* byte increment */ rw_len0);
2362 /* Check MTU of outgoing interface. */
2363 error0 = (vlib_buffer_length_in_chain (vm, p0) > adj0[0].rewrite_header.max_l3_packet_bytes
2364 ? IP6_ERROR_MTU_EXCEEDED
2367 p0->current_data -= rw_len0;
2368 p0->current_length += rw_len0;
2369 vnet_buffer (p0)->sw_if_index[VLIB_TX] = adj0[0].rewrite_header.sw_if_index;
2371 next0 = (error0 == IP6_ERROR_NONE) ?
2372 adj0[0].rewrite_header.next_index : IP6_REWRITE_NEXT_DROP;
2374 p0->error = error_node->errors[error0];
2379 n_left_to_next -= 1;
2381 vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
2382 to_next, n_left_to_next,
2386 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
2389 /* Need to do trace after rewrites to pick up new packet data. */
2390 if (node->flags & VLIB_NODE_FLAG_TRACE)
2391 ip6_forward_next_trace (vm, node, frame, adj_rx_tx);
2393 return frame->n_vectors;
2397 ip6_rewrite_transit (vlib_main_t * vm,
2398 vlib_node_runtime_t * node,
2399 vlib_frame_t * frame)
2401 return ip6_rewrite_inline (vm, node, frame,
2402 /* rewrite_for_locally_received_packets */ 0);
2406 ip6_rewrite_local (vlib_main_t * vm,
2407 vlib_node_runtime_t * node,
2408 vlib_frame_t * frame)
2410 return ip6_rewrite_inline (vm, node, frame,
2411 /* rewrite_for_locally_received_packets */ 1);
2414 VLIB_REGISTER_NODE (ip6_rewrite_node) = {
2415 .function = ip6_rewrite_transit,
2416 .name = "ip6-rewrite",
2417 .vector_size = sizeof (u32),
2419 .format_trace = format_ip6_forward_next_trace,
2423 [IP6_REWRITE_NEXT_DROP] = "error-drop",
2427 VLIB_REGISTER_NODE (ip6_rewrite_local_node,static) = {
2428 .function = ip6_rewrite_local,
2429 .name = "ip6-rewrite-local",
2430 .vector_size = sizeof (u32),
2432 .sibling_of = "ip6-rewrite",
2434 .format_trace = format_ip6_forward_next_trace,
2438 [IP6_REWRITE_NEXT_DROP] = "error-drop",
2442 /* Global IP6 main. */
2443 ip6_main_t ip6_main;
2445 static clib_error_t *
2446 ip6_lookup_init (vlib_main_t * vm)
2448 ip6_main_t * im = &ip6_main;
2451 for (i = 0; i < ARRAY_LEN (im->fib_masks); i++)
2458 for (j = 0; j < i0; j++)
2459 im->fib_masks[i].as_u32[j] = ~0;
2462 im->fib_masks[i].as_u32[i0] = clib_host_to_net_u32 (pow2_mask (i1) << (32 - i1));
2465 ip_lookup_init (&im->lookup_main, /* is_ip6 */ 1);
2467 if (im->lookup_table_nbuckets == 0)
2468 im->lookup_table_nbuckets = IP6_FIB_DEFAULT_HASH_NUM_BUCKETS;
2470 im->lookup_table_nbuckets = 1<< max_log2 (im->lookup_table_nbuckets);
2472 if (im->lookup_table_size == 0)
2473 im->lookup_table_size = IP6_FIB_DEFAULT_HASH_MEMORY_SIZE;
2475 BV(clib_bihash_init) (&im->ip6_lookup_table, "ip6 lookup table",
2476 im->lookup_table_nbuckets,
2477 im->lookup_table_size);
2479 /* Create FIB with index 0 and table id of 0. */
2480 find_ip6_fib_by_table_index_or_id (im, /* table id */ 0, IP6_ROUTE_FLAG_TABLE_ID);
2484 pn = pg_get_node (ip6_lookup_node.index);
2485 pn->unformat_edit = unformat_pg_ip6_header;
2489 icmp6_neighbor_solicitation_header_t p;
2491 memset (&p, 0, sizeof (p));
2493 p.ip.ip_version_traffic_class_and_flow_label = clib_host_to_net_u32 (0x6 << 28);
2494 p.ip.payload_length = clib_host_to_net_u16 (sizeof (p)
2495 - STRUCT_OFFSET_OF (icmp6_neighbor_solicitation_header_t, neighbor));
2496 p.ip.protocol = IP_PROTOCOL_ICMP6;
2497 p.ip.hop_limit = 255;
2498 ip6_set_solicited_node_multicast_address (&p.ip.dst_address, 0);
2500 p.neighbor.icmp.type = ICMP6_neighbor_solicitation;
2502 p.link_layer_option.header.type = ICMP6_NEIGHBOR_DISCOVERY_OPTION_source_link_layer_address;
2503 p.link_layer_option.header.n_data_u64s = sizeof (p.link_layer_option) / sizeof (u64);
2505 vlib_packet_template_init (vm,
2506 &im->discover_neighbor_packet_template,
2508 /* alloc chunk size */ 8,
2509 "ip6 neighbor discovery");
2515 VLIB_INIT_FUNCTION (ip6_lookup_init);
2517 static clib_error_t *
2518 add_del_ip6_interface_table (vlib_main_t * vm,
2519 unformat_input_t * input,
2520 vlib_cli_command_t * cmd)
2522 vnet_main_t * vnm = vnet_get_main();
2523 clib_error_t * error = 0;
2524 u32 sw_if_index, table_id;
2528 if (! unformat_user (input, unformat_vnet_sw_interface, vnm, &sw_if_index))
2530 error = clib_error_return (0, "unknown interface `%U'",
2531 format_unformat_error, input);
2535 if (unformat (input, "%d", &table_id))
2539 error = clib_error_return (0, "expected table id `%U'",
2540 format_unformat_error, input);
2545 ip6_main_t * im = &ip6_main;
2547 find_ip6_fib_by_table_index_or_id (im, table_id, IP6_ROUTE_FLAG_TABLE_ID);
2551 vec_validate (im->fib_index_by_sw_if_index, sw_if_index);
2552 im->fib_index_by_sw_if_index[sw_if_index] = fib->index;
2560 VLIB_CLI_COMMAND (set_interface_ip_table_command, static) = {
2561 .path = "set interface ip6 table",
2562 .function = add_del_ip6_interface_table,
2563 .short_help = "set interface ip6 table <intfc> <table-id>"
2567 ip6_link_local_address_from_ethernet_mac_address (ip6_address_t *ip,
2570 ip->as_u64[0] = clib_host_to_net_u64 (0xFE80000000000000ULL);
2571 /* Invert the "u" bit */
2572 ip->as_u8 [8] = mac[0] ^ (1<<1);
2573 ip->as_u8 [9] = mac[1];
2574 ip->as_u8 [10] = mac[2];
2575 ip->as_u8 [11] = 0xFF;
2576 ip->as_u8 [12] = 0xFE;
2577 ip->as_u8 [13] = mac[3];
2578 ip->as_u8 [14] = mac[4];
2579 ip->as_u8 [15] = mac[5];
2583 ip6_ethernet_mac_address_from_link_local_address (u8 *mac,
2586 /* Invert the previously inverted "u" bit */
2587 mac[0] = ip->as_u8 [8] ^ (1<<1);
2588 mac[1] = ip->as_u8 [9];
2589 mac[2] = ip->as_u8 [10];
2590 mac[3] = ip->as_u8 [13];
2591 mac[4] = ip->as_u8 [14];
2592 mac[5] = ip->as_u8 [15];
2595 static clib_error_t *
2596 test_ip6_link_command_fn (vlib_main_t * vm,
2597 unformat_input_t * input,
2598 vlib_cli_command_t * cmd)
2601 ip6_address_t _a, *a = &_a;
2603 if (unformat (input, "%U", unformat_ethernet_address, mac))
2605 ip6_link_local_address_from_ethernet_mac_address (a, mac);
2606 vlib_cli_output (vm, "Link local address: %U",
2607 format_ip6_address, a);
2608 ip6_ethernet_mac_address_from_link_local_address (mac, a);
2609 vlib_cli_output (vm, "Original MAC address: %U",
2610 format_ethernet_address, mac);
2616 VLIB_CLI_COMMAND (test_link_command, static) = {
2617 .path = "test ip6 link",
2618 .function = test_ip6_link_command_fn,
2619 .short_help = "test ip6 link <mac-address>",
2622 int vnet_set_ip6_flow_hash (u32 table_id, u32 flow_hash_config)
2624 ip6_main_t * im6 = &ip6_main;
2626 uword * p = hash_get (im6->fib_index_by_table_id, table_id);
2631 fib = vec_elt_at_index (im6->fibs, p[0]);
2633 fib->flow_hash_config = flow_hash_config;
2637 static clib_error_t *
2638 set_ip6_flow_hash_command_fn (vlib_main_t * vm,
2639 unformat_input_t * input,
2640 vlib_cli_command_t * cmd)
2644 u32 flow_hash_config = 0;
2647 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) {
2648 if (unformat (input, "table %d", &table_id))
2651 else if (unformat (input, #a)) { flow_hash_config |= v; matched=1;}
2652 foreach_flow_hash_bit
2658 return clib_error_return (0, "unknown input `%U'",
2659 format_unformat_error, input);
2661 rv = vnet_set_ip6_flow_hash (table_id, flow_hash_config);
2668 return clib_error_return (0, "no such FIB table %d", table_id);
2671 clib_warning ("BUG: illegal flow hash config 0x%x", flow_hash_config);
2678 VLIB_CLI_COMMAND (set_ip6_flow_hash_command, static) = {
2679 .path = "set ip6 flow-hash",
2681 "set ip table flow-hash table <fib-id> src dst sport dport proto reverse",
2682 .function = set_ip6_flow_hash_command_fn,
2685 static clib_error_t *
2686 show_ip6_local_command_fn (vlib_main_t * vm,
2687 unformat_input_t * input,
2688 vlib_cli_command_t * cmd)
2690 ip6_main_t * im = &ip6_main;
2691 ip_lookup_main_t * lm = &im->lookup_main;
2694 vlib_cli_output (vm, "Protocols handled by ip6_local");
2695 for (i = 0; i < ARRAY_LEN(lm->local_next_by_ip_protocol); i++)
2697 if (lm->local_next_by_ip_protocol[i] != IP_LOCAL_NEXT_PUNT)
2698 vlib_cli_output (vm, "%d", i);
2705 VLIB_CLI_COMMAND (show_ip_local, static) = {
2706 .path = "show ip6 local",
2707 .function = show_ip6_local_command_fn,
2708 .short_help = "Show ip6 local protocol table",
2711 int vnet_set_ip6_classify_intfc (vlib_main_t * vm, u32 sw_if_index,
2714 vnet_main_t * vnm = vnet_get_main();
2715 vnet_interface_main_t * im = &vnm->interface_main;
2716 ip6_main_t * ipm = &ip6_main;
2717 ip_lookup_main_t * lm = &ipm->lookup_main;
2718 vnet_classify_main_t * cm = &vnet_classify_main;
2720 if (pool_is_free_index (im->sw_interfaces, sw_if_index))
2721 return VNET_API_ERROR_NO_MATCHING_INTERFACE;
2723 if (table_index != ~0 && pool_is_free_index (cm->tables, table_index))
2724 return VNET_API_ERROR_NO_SUCH_ENTRY;
2726 vec_validate (lm->classify_table_index_by_sw_if_index, sw_if_index);
2727 lm->classify_table_index_by_sw_if_index [sw_if_index] = table_index;
2732 static clib_error_t *
2733 set_ip6_classify_command_fn (vlib_main_t * vm,
2734 unformat_input_t * input,
2735 vlib_cli_command_t * cmd)
2737 u32 table_index = ~0;
2738 int table_index_set = 0;
2739 u32 sw_if_index = ~0;
2742 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) {
2743 if (unformat (input, "table-index %d", &table_index))
2744 table_index_set = 1;
2745 else if (unformat (input, "intfc %U", unformat_vnet_sw_interface,
2746 vnet_get_main(), &sw_if_index))
2752 if (table_index_set == 0)
2753 return clib_error_return (0, "classify table-index must be specified");
2755 if (sw_if_index == ~0)
2756 return clib_error_return (0, "interface / subif must be specified");
2758 rv = vnet_set_ip6_classify_intfc (vm, sw_if_index, table_index);
2765 case VNET_API_ERROR_NO_MATCHING_INTERFACE:
2766 return clib_error_return (0, "No such interface");
2768 case VNET_API_ERROR_NO_SUCH_ENTRY:
2769 return clib_error_return (0, "No such classifier table");
2774 VLIB_CLI_COMMAND (set_ip6_classify_command, static) = {
2775 .path = "set ip6 classify",
2777 "set ip6 classify intfc <int> table-index <index>",
2778 .function = set_ip6_classify_command_fn,
2781 static clib_error_t *
2782 ip6_config (vlib_main_t * vm, unformat_input_t * input)
2784 ip6_main_t * im = &ip6_main;
2789 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) {
2790 if (unformat (input, "hash-buckets %d", &tmp))
2792 else if (unformat (input, "heap-size %dm", &tmp))
2793 heapsize = ((u64)tmp) << 20;
2794 else if (unformat (input, "heap-size %dM", &tmp))
2795 heapsize = ((u64)tmp) << 20;
2796 else if (unformat (input, "heap-size %dg", &tmp))
2797 heapsize = ((u64)tmp) << 30;
2798 else if (unformat (input, "heap-size %dG", &tmp))
2799 heapsize = ((u64)tmp) << 30;
2801 return clib_error_return (0, "unknown input '%U'",
2802 format_unformat_error, input);
2805 im->lookup_table_nbuckets = nbuckets;
2806 im->lookup_table_size = heapsize;
2811 VLIB_EARLY_CONFIG_FUNCTION (ip6_config, "ip6");
Code Review / vpp.git / blob