2 * Copyright (c) 2015 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
16 * ip/ip6_forward.c: IP v6 forwarding
18 * Copyright (c) 2008 Eliot Dresselhaus
20 * Permission is hereby granted, free of charge, to any person obtaining
21 * a copy of this software and associated documentation files (the
22 * "Software"), to deal in the Software without restriction, including
23 * without limitation the rights to use, copy, modify, merge, publish,
24 * distribute, sublicense, and/or sell copies of the Software, and to
25 * permit persons to whom the Software is furnished to do so, subject to
26 * the following conditions:
28 * The above copyright notice and this permission notice shall be
29 * included in all copies or substantial portions of the Software.
31 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
32 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
33 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
34 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
35 * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
36 * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
37 * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
40 #include <vnet/vnet.h>
41 #include <vnet/ip/ip.h>
42 #include <vnet/ethernet/ethernet.h> /* for ethernet_header_t */
43 #include <vnet/srp/srp.h> /* for srp_hw_interface_class */
44 #include <vppinfra/cache.h>
45 #include <vnet/fib/fib_table.h>
46 #include <vnet/fib/ip6_fib.h>
47 #include <vnet/dpo/load_balance.h>
48 #include <vnet/dpo/classify_dpo.h>
50 #include <vppinfra/bihash_template.c>
54 * @brief IPv6 Forwarding.
56 * This file contains the source code for IPv6 forwarding.
60 ip6_forward_next_trace (vlib_main_t * vm,
61 vlib_node_runtime_t * node,
63 vlib_rx_or_tx_t which_adj_index);
66 ip6_lookup_inline (vlib_main_t * vm,
67 vlib_node_runtime_t * node,
70 ip6_main_t * im = &ip6_main;
71 vlib_combined_counter_main_t * cm = &load_balance_main.lbm_to_counters;
72 u32 n_left_from, n_left_to_next, * from, * to_next;
73 ip_lookup_next_t next;
74 u32 cpu_index = os_get_cpu_number();
76 from = vlib_frame_vector_args (frame);
77 n_left_from = frame->n_vectors;
78 next = node->cached_next_index;
80 while (n_left_from > 0)
82 vlib_get_next_frame (vm, node, next,
83 to_next, n_left_to_next);
85 while (n_left_from >= 4 && n_left_to_next >= 2)
87 vlib_buffer_t * p0, * p1;
88 u32 pi0, pi1, lbi0, lbi1, wrong_next;
89 ip_lookup_next_t next0, next1;
90 ip6_header_t * ip0, * ip1;
91 ip6_address_t * dst_addr0, * dst_addr1;
92 u32 fib_index0, fib_index1;
93 u32 flow_hash_config0, flow_hash_config1;
94 const dpo_id_t *dpo0, *dpo1;
95 const load_balance_t *lb0, *lb1;
97 /* Prefetch next iteration. */
99 vlib_buffer_t * p2, * p3;
101 p2 = vlib_get_buffer (vm, from[2]);
102 p3 = vlib_get_buffer (vm, from[3]);
104 vlib_prefetch_buffer_header (p2, LOAD);
105 vlib_prefetch_buffer_header (p3, LOAD);
106 CLIB_PREFETCH (p2->data, sizeof (ip0[0]), LOAD);
107 CLIB_PREFETCH (p3->data, sizeof (ip0[0]), LOAD);
110 pi0 = to_next[0] = from[0];
111 pi1 = to_next[1] = from[1];
113 p0 = vlib_get_buffer (vm, pi0);
114 p1 = vlib_get_buffer (vm, pi1);
116 ip0 = vlib_buffer_get_current (p0);
117 ip1 = vlib_buffer_get_current (p1);
119 dst_addr0 = &ip0->dst_address;
120 dst_addr1 = &ip1->dst_address;
122 fib_index0 = vec_elt (im->fib_index_by_sw_if_index, vnet_buffer (p0)->sw_if_index[VLIB_RX]);
123 fib_index1 = vec_elt (im->fib_index_by_sw_if_index, vnet_buffer (p1)->sw_if_index[VLIB_RX]);
125 fib_index0 = (vnet_buffer(p0)->sw_if_index[VLIB_TX] == (u32)~0) ?
126 fib_index0 : vnet_buffer(p0)->sw_if_index[VLIB_TX];
127 fib_index1 = (vnet_buffer(p1)->sw_if_index[VLIB_TX] == (u32)~0) ?
128 fib_index1 : vnet_buffer(p1)->sw_if_index[VLIB_TX];
130 lbi0 = ip6_fib_table_fwding_lookup (im, fib_index0, dst_addr0);
131 lbi1 = ip6_fib_table_fwding_lookup (im, fib_index1, dst_addr1);
133 lb0 = load_balance_get (lbi0);
134 lb1 = load_balance_get (lbi1);
136 vnet_buffer (p0)->ip.flow_hash =
137 vnet_buffer(p1)->ip.flow_hash = 0;
139 if (PREDICT_FALSE(lb0->lb_n_buckets > 1))
141 flow_hash_config0 = lb0->lb_hash_config;
142 vnet_buffer (p0)->ip.flow_hash =
143 ip6_compute_flow_hash (ip0, flow_hash_config0);
145 if (PREDICT_FALSE(lb1->lb_n_buckets > 1))
147 flow_hash_config1 = lb1->lb_hash_config;
148 vnet_buffer (p1)->ip.flow_hash =
149 ip6_compute_flow_hash (ip1, flow_hash_config1);
152 ASSERT (lb0->lb_n_buckets > 0);
153 ASSERT (lb1->lb_n_buckets > 0);
154 ASSERT (is_pow2 (lb0->lb_n_buckets));
155 ASSERT (is_pow2 (lb1->lb_n_buckets));
156 dpo0 = load_balance_get_bucket_i(lb0,
157 (vnet_buffer (p0)->ip.flow_hash &
158 lb0->lb_n_buckets_minus_1));
159 dpo1 = load_balance_get_bucket_i(lb1,
160 (vnet_buffer (p1)->ip.flow_hash &
161 lb1->lb_n_buckets_minus_1));
163 next0 = dpo0->dpoi_next_node;
164 next1 = dpo1->dpoi_next_node;
166 /* Only process the HBH Option Header if explicitly configured to do so */
167 next0 = ((ip0->protocol == IP_PROTOCOL_IP6_HOP_BY_HOP_OPTIONS) &&
169 (ip_lookup_next_t) IP6_LOOKUP_NEXT_HOP_BY_HOP :
171 next1 = ((ip1->protocol == IP_PROTOCOL_IP6_HOP_BY_HOP_OPTIONS) &&
173 (ip_lookup_next_t) IP6_LOOKUP_NEXT_HOP_BY_HOP :
176 vnet_buffer (p0)->ip.adj_index[VLIB_TX] = dpo0->dpoi_index;
177 vnet_buffer (p1)->ip.adj_index[VLIB_TX] = dpo1->dpoi_index;
179 vlib_increment_combined_counter
180 (cm, cpu_index, lbi0, 1,
181 vlib_buffer_length_in_chain (vm, p0));
182 vlib_increment_combined_counter
183 (cm, cpu_index, lbi1, 1,
184 vlib_buffer_length_in_chain (vm, p1));
191 wrong_next = (next0 != next) + 2*(next1 != next);
192 if (PREDICT_FALSE (wrong_next != 0))
201 vlib_set_next_frame_buffer (vm, node, next0, pi0);
208 vlib_set_next_frame_buffer (vm, node, next1, pi1);
215 vlib_set_next_frame_buffer (vm, node, next0, pi0);
216 vlib_set_next_frame_buffer (vm, node, next1, pi1);
220 vlib_put_next_frame (vm, node, next, n_left_to_next);
222 vlib_get_next_frame (vm, node, next, to_next, n_left_to_next);
228 while (n_left_from > 0 && n_left_to_next > 0)
233 ip_lookup_next_t next0;
234 load_balance_t * lb0;
235 ip6_address_t * dst_addr0;
236 u32 fib_index0, flow_hash_config0;
237 const dpo_id_t *dpo0;
242 p0 = vlib_get_buffer (vm, pi0);
244 ip0 = vlib_buffer_get_current (p0);
246 dst_addr0 = &ip0->dst_address;
248 fib_index0 = vec_elt (im->fib_index_by_sw_if_index, vnet_buffer (p0)->sw_if_index[VLIB_RX]);
249 fib_index0 = (vnet_buffer(p0)->sw_if_index[VLIB_TX] == (u32)~0) ?
250 fib_index0 : vnet_buffer(p0)->sw_if_index[VLIB_TX];
253 ip6_fib_get (fib_index0)->flow_hash_config;
255 lbi0 = ip6_fib_table_fwding_lookup (im, fib_index0, dst_addr0);
257 lb0 = load_balance_get (lbi0);
259 vnet_buffer (p0)->ip.flow_hash = 0;
261 if (PREDICT_FALSE(lb0->lb_n_buckets > 1))
263 flow_hash_config0 = lb0->lb_hash_config;
264 vnet_buffer (p0)->ip.flow_hash =
265 ip6_compute_flow_hash (ip0, flow_hash_config0);
268 ASSERT (lb0->lb_n_buckets > 0);
269 ASSERT (is_pow2 (lb0->lb_n_buckets));
270 dpo0 = load_balance_get_bucket_i(lb0,
271 (vnet_buffer (p0)->ip.flow_hash &
272 lb0->lb_n_buckets_minus_1));
273 next0 = dpo0->dpoi_next_node;
274 /* Only process the HBH Option Header if explicitly configured to do so */
275 next0 = ((ip0->protocol == IP_PROTOCOL_IP6_HOP_BY_HOP_OPTIONS) &&
277 (ip_lookup_next_t) IP6_LOOKUP_NEXT_HOP_BY_HOP :
280 vnet_buffer (p0)->ip.adj_index[VLIB_TX] = dpo0->dpoi_index;
282 vlib_increment_combined_counter
283 (cm, cpu_index, lbi0, 1,
284 vlib_buffer_length_in_chain (vm, p0));
291 if (PREDICT_FALSE (next0 != next))
294 vlib_put_next_frame (vm, node, next, n_left_to_next);
296 vlib_get_next_frame (vm, node, next,
297 to_next, n_left_to_next);
304 vlib_put_next_frame (vm, node, next, n_left_to_next);
307 if (node->flags & VLIB_NODE_FLAG_TRACE)
308 ip6_forward_next_trace(vm, node, frame, VLIB_TX);
310 return frame->n_vectors;
314 ip6_add_interface_routes (vnet_main_t * vnm, u32 sw_if_index,
315 ip6_main_t * im, u32 fib_index,
316 ip_interface_address_t * a)
318 ip_lookup_main_t * lm = &im->lookup_main;
319 ip6_address_t * address = ip_interface_address_get_address (lm, a);
321 .fp_len = a->address_length,
322 .fp_proto = FIB_PROTOCOL_IP6,
323 .fp_addr.ip6 = *address,
326 a->neighbor_probe_adj_index = ~0;
327 if (a->address_length < 128)
329 fib_node_index_t fei;
331 fei = fib_table_entry_update_one_path(fib_index,
333 FIB_SOURCE_INTERFACE,
334 (FIB_ENTRY_FLAG_CONNECTED |
335 FIB_ENTRY_FLAG_ATTACHED),
337 NULL, /* No next-hop address */
339 ~0, // invalid FIB index
342 FIB_ROUTE_PATH_FLAG_NONE);
343 a->neighbor_probe_adj_index = fib_entry_get_adj(fei);
347 if (sw_if_index < vec_len (lm->classify_table_index_by_sw_if_index))
349 u32 classify_table_index =
350 lm->classify_table_index_by_sw_if_index [sw_if_index];
351 if (classify_table_index != (u32) ~0)
353 dpo_id_t dpo = DPO_INVALID;
358 classify_dpo_create(FIB_PROTOCOL_IP6,
359 classify_table_index));
361 fib_table_entry_special_dpo_add(fib_index,
370 fib_table_entry_update_one_path(fib_index,
372 FIB_SOURCE_INTERFACE,
373 (FIB_ENTRY_FLAG_CONNECTED |
374 FIB_ENTRY_FLAG_LOCAL),
378 ~0, // invalid FIB index
381 FIB_ROUTE_PATH_FLAG_NONE);
385 ip6_del_interface_routes (ip6_main_t * im,
387 ip6_address_t * address,
391 .fp_len = address_length,
392 .fp_proto = FIB_PROTOCOL_IP6,
393 .fp_addr.ip6 = *address,
396 if (pfx.fp_len < 128)
398 fib_table_entry_delete(fib_index,
400 FIB_SOURCE_INTERFACE);
405 fib_table_entry_delete(fib_index,
407 FIB_SOURCE_INTERFACE);
411 ip6_sw_interface_enable_disable (u32 sw_if_index,
414 vlib_main_t * vm = vlib_get_main();
415 ip6_main_t * im = &ip6_main;
416 ip_lookup_main_t * lm = &im->lookup_main;
418 u32 lookup_feature_index;
420 vec_validate_init_empty (im->ip_enabled_by_sw_if_index, sw_if_index, 0);
423 * enable/disable only on the 1<->0 transition
427 if (1 != ++im->ip_enabled_by_sw_if_index[sw_if_index])
432 ASSERT(im->ip_enabled_by_sw_if_index[sw_if_index] > 0);
433 if (0 != --im->ip_enabled_by_sw_if_index[sw_if_index])
437 for (cast = 0; cast <= VNET_IP_RX_MULTICAST_FEAT; cast++)
439 ip_config_main_t * cm = &lm->feature_config_mains[cast];
440 vnet_config_main_t * vcm = &cm->config_main;
442 vec_validate_init_empty (cm->config_index_by_sw_if_index, sw_if_index, ~0);
443 ci = cm->config_index_by_sw_if_index[sw_if_index];
445 if (cast == VNET_IP_RX_UNICAST_FEAT)
446 lookup_feature_index = im->ip6_unicast_rx_feature_lookup;
448 lookup_feature_index = im->ip6_multicast_rx_feature_lookup;
451 ci = vnet_config_add_feature (vm, vcm,
453 lookup_feature_index,
455 /* # bytes of config data */ 0);
457 ci = vnet_config_del_feature (vm, vcm,
459 lookup_feature_index,
461 /* # bytes of config data */ 0);
463 cm->config_index_by_sw_if_index[sw_if_index] = ci;
467 /* get first interface address */
469 ip6_interface_first_address (ip6_main_t * im,
471 ip_interface_address_t ** result_ia)
473 ip_lookup_main_t * lm = &im->lookup_main;
474 ip_interface_address_t * ia = 0;
475 ip6_address_t * result = 0;
477 foreach_ip_interface_address (lm, ia, sw_if_index,
478 1 /* honor unnumbered */,
480 ip6_address_t * a = ip_interface_address_get_address (lm, ia);
485 *result_ia = result ? ia : 0;
490 ip6_add_del_interface_address (vlib_main_t * vm,
492 ip6_address_t * address,
496 vnet_main_t * vnm = vnet_get_main();
497 ip6_main_t * im = &ip6_main;
498 ip_lookup_main_t * lm = &im->lookup_main;
499 clib_error_t * error;
500 u32 if_address_index;
501 ip6_address_fib_t ip6_af, * addr_fib = 0;
503 vec_validate (im->fib_index_by_sw_if_index, sw_if_index);
504 ip6_addr_fib_init (&ip6_af, address,
505 vec_elt (im->fib_index_by_sw_if_index, sw_if_index));
506 vec_add1 (addr_fib, ip6_af);
509 uword elts_before = pool_elts (lm->if_address_pool);
511 error = ip_interface_address_add_del
521 /* Pool did not grow: add duplicate address. */
522 if (elts_before == pool_elts (lm->if_address_pool))
527 ip6_del_interface_routes (im, ip6_af.fib_index, address,
530 ip6_add_interface_routes (vnm, sw_if_index,
531 im, ip6_af.fib_index,
532 pool_elt_at_index (lm->if_address_pool, if_address_index));
535 ip6_add_del_interface_address_callback_t * cb;
536 vec_foreach (cb, im->add_del_interface_address_callbacks)
537 cb->function (im, cb->function_opaque, sw_if_index,
538 address, address_length,
549 ip6_sw_interface_admin_up_down (vnet_main_t * vnm,
553 ip6_main_t * im = &ip6_main;
554 ip_interface_address_t * ia;
556 u32 is_admin_up, fib_index;
558 /* Fill in lookup tables with default table (0). */
559 vec_validate (im->fib_index_by_sw_if_index, sw_if_index);
561 vec_validate_init_empty (im->lookup_main.if_address_pool_index_by_sw_if_index, sw_if_index, ~0);
563 is_admin_up = (flags & VNET_SW_INTERFACE_FLAG_ADMIN_UP) != 0;
565 fib_index = vec_elt (im->fib_index_by_sw_if_index, sw_if_index);
567 foreach_ip_interface_address (&im->lookup_main, ia, sw_if_index,
568 0 /* honor unnumbered */,
570 a = ip_interface_address_get_address (&im->lookup_main, ia);
572 ip6_add_interface_routes (vnm, sw_if_index,
576 ip6_del_interface_routes (im, fib_index,
577 a, ia->address_length);
583 VNET_SW_INTERFACE_ADMIN_UP_DOWN_FUNCTION (ip6_sw_interface_admin_up_down);
585 /* Built-in ip6 unicast rx feature path definition */
586 VNET_IP6_UNICAST_FEATURE_INIT (ip6_flow_classify, static) = {
587 .node_name = "ip6-flow-classify",
588 .runs_before = ORDER_CONSTRAINTS {"ip6-inacl", 0},
589 .feature_index = &ip6_main.ip6_unicast_rx_feature_flow_classify,
592 VNET_IP6_UNICAST_FEATURE_INIT (ip6_inacl, static) = {
593 .node_name = "ip6-inacl",
594 .runs_before = ORDER_CONSTRAINTS {"ip6-policer-classify", 0},
595 .feature_index = &ip6_main.ip6_unicast_rx_feature_check_access,
598 VNET_IP6_UNICAST_FEATURE_INIT (ip6_policer_classify, static) = {
599 .node_name = "ip6-policer-classify",
600 .runs_before = ORDER_CONSTRAINTS {"ipsec-input-ip6", 0},
601 .feature_index = &ip6_main.ip6_unicast_rx_feature_policer_classify,
604 VNET_IP6_UNICAST_FEATURE_INIT (ip6_ipsec, static) = {
605 .node_name = "ipsec-input-ip6",
606 .runs_before = ORDER_CONSTRAINTS {"l2tp-decap", 0},
607 .feature_index = &ip6_main.ip6_unicast_rx_feature_ipsec,
610 VNET_IP6_UNICAST_FEATURE_INIT (ip6_l2tp, static) = {
611 .node_name = "l2tp-decap",
612 .runs_before = ORDER_CONSTRAINTS {"vpath-input-ip6", 0},
613 .feature_index = &ip6_main.ip6_unicast_rx_feature_l2tp_decap,
616 VNET_IP6_UNICAST_FEATURE_INIT (ip6_vpath, static) = {
617 .node_name = "vpath-input-ip6",
618 .runs_before = ORDER_CONSTRAINTS {"ip6-lookup", 0},
619 .feature_index = &ip6_main.ip6_unicast_rx_feature_vpath,
622 VNET_IP6_UNICAST_FEATURE_INIT (ip6_lookup, static) = {
623 .node_name = "ip6-lookup",
624 .runs_before = ORDER_CONSTRAINTS {"ip6-drop", 0},
625 .feature_index = &ip6_main.ip6_unicast_rx_feature_lookup,
628 VNET_IP6_UNICAST_FEATURE_INIT (ip6_drop, static) = {
629 .node_name = "ip6-drop",
630 .runs_before = 0, /*last feature*/
631 .feature_index = &ip6_main.ip6_unicast_rx_feature_drop,
634 /* Built-in ip6 multicast rx feature path definition (none now) */
635 VNET_IP6_MULTICAST_FEATURE_INIT (ip6_vpath_mc, static) = {
636 .node_name = "vpath-input-ip6",
637 .runs_before = ORDER_CONSTRAINTS {"ip6-lookup", 0},
638 .feature_index = &ip6_main.ip6_multicast_rx_feature_vpath,
641 VNET_IP6_MULTICAST_FEATURE_INIT (ip6_lookup, static) = {
642 .node_name = "ip6-lookup",
643 .runs_before = ORDER_CONSTRAINTS {"ip6-drop", 0},
644 .feature_index = &ip6_main.ip6_multicast_rx_feature_lookup,
647 VNET_IP6_MULTICAST_FEATURE_INIT (ip6_drop_mc, static) = {
648 .node_name = "ip6-drop",
649 .runs_before = 0, /* last feature */
650 .feature_index = &ip6_main.ip6_multicast_rx_feature_drop,
653 static char * rx_feature_start_nodes[] =
656 static char * tx_feature_start_nodes[] =
662 /* Built-in ip4 tx feature path definition */
663 VNET_IP6_TX_FEATURE_INIT (interface_output, static) = {
664 .node_name = "interface-output",
665 .runs_before = 0, /* not before any other features */
666 .feature_index = &ip6_main.ip6_tx_feature_interface_output,
669 static clib_error_t *
670 ip6_feature_init (vlib_main_t * vm, ip6_main_t * im)
672 ip_lookup_main_t * lm = &im->lookup_main;
673 clib_error_t * error;
675 ip_config_main_t * cm;
676 vnet_config_main_t * vcm;
677 char **feature_start_nodes;
678 int feature_start_len;
680 for (cast = 0; cast < VNET_N_IP_FEAT; cast++)
682 cm = &lm->feature_config_mains[cast];
683 vcm = &cm->config_main;
685 if (cast < VNET_IP_TX_FEAT)
687 feature_start_nodes = rx_feature_start_nodes;
688 feature_start_len = ARRAY_LEN(rx_feature_start_nodes);
692 feature_start_nodes = tx_feature_start_nodes;
693 feature_start_len = ARRAY_LEN(tx_feature_start_nodes);
696 if ((error = vnet_feature_arc_init (vm, vcm,
699 im->next_feature[cast],
700 &im->feature_nodes[cast])))
707 ip6_sw_interface_add_del (vnet_main_t * vnm,
711 vlib_main_t * vm = vnm->vlib_main;
712 ip6_main_t * im = &ip6_main;
713 ip_lookup_main_t * lm = &im->lookup_main;
717 for (cast = 0; cast < VNET_N_IP_FEAT; cast++)
719 ip_config_main_t * cm = &lm->feature_config_mains[cast];
720 vnet_config_main_t * vcm = &cm->config_main;
722 vec_validate_init_empty (cm->config_index_by_sw_if_index, sw_if_index, ~0);
723 ci = cm->config_index_by_sw_if_index[sw_if_index];
725 if (cast == VNET_IP_RX_UNICAST_FEAT)
726 feature_index = im->ip6_unicast_rx_feature_drop;
727 else if (cast == VNET_IP_RX_MULTICAST_FEAT)
728 feature_index = im->ip6_multicast_rx_feature_drop;
730 feature_index = im->ip6_tx_feature_interface_output;
733 ci = vnet_config_add_feature (vm, vcm,
737 /* # bytes of config data */ 0);
740 ci = vnet_config_del_feature (vm, vcm, ci,
743 /* # bytes of config data */ 0);
744 if (vec_len(im->ip_enabled_by_sw_if_index) > sw_if_index)
745 im->ip_enabled_by_sw_if_index[sw_if_index] = 0;
747 cm->config_index_by_sw_if_index[sw_if_index] = ci;
749 * note: do not update the tx feature count here.
752 return /* no error */ 0;
755 VNET_SW_INTERFACE_ADD_DEL_FUNCTION (ip6_sw_interface_add_del);
758 ip6_lookup (vlib_main_t * vm,
759 vlib_node_runtime_t * node,
760 vlib_frame_t * frame)
762 return ip6_lookup_inline (vm, node, frame);
765 static u8 * format_ip6_lookup_trace (u8 * s, va_list * args);
767 VLIB_REGISTER_NODE (ip6_lookup_node) = {
768 .function = ip6_lookup,
769 .name = "ip6-lookup",
770 .vector_size = sizeof (u32),
772 .format_trace = format_ip6_lookup_trace,
774 .n_next_nodes = IP6_LOOKUP_N_NEXT,
775 .next_nodes = IP6_LOOKUP_NEXT_NODES,
778 VLIB_NODE_FUNCTION_MULTIARCH (ip6_lookup_node, ip6_lookup)
781 ip6_load_balance (vlib_main_t * vm,
782 vlib_node_runtime_t * node,
783 vlib_frame_t * frame)
785 vlib_combined_counter_main_t * cm = &load_balance_main.lbm_via_counters;
786 u32 n_left_from, n_left_to_next, * from, * to_next;
787 ip_lookup_next_t next;
788 u32 cpu_index = os_get_cpu_number();
790 from = vlib_frame_vector_args (frame);
791 n_left_from = frame->n_vectors;
792 next = node->cached_next_index;
794 if (node->flags & VLIB_NODE_FLAG_TRACE)
795 ip6_forward_next_trace(vm, node, frame, VLIB_TX);
797 while (n_left_from > 0)
799 vlib_get_next_frame (vm, node, next,
800 to_next, n_left_to_next);
803 while (n_left_from > 0 && n_left_to_next > 0)
805 ip_lookup_next_t next0;
806 const load_balance_t *lb0;
809 const ip6_header_t *ip0;
810 const dpo_id_t *dpo0;
815 p0 = vlib_get_buffer (vm, pi0);
817 ip0 = vlib_buffer_get_current (p0);
818 lbi0 = vnet_buffer (p0)->ip.adj_index[VLIB_TX];
820 lb0 = load_balance_get(lbi0);
821 hc0 = lb0->lb_hash_config;
822 vnet_buffer(p0)->ip.flow_hash = ip6_compute_flow_hash(ip0, hc0);
824 dpo0 = load_balance_get_bucket_i(lb0,
825 vnet_buffer(p0)->ip.flow_hash &
826 (lb0->lb_n_buckets - 1));
828 next0 = dpo0->dpoi_next_node;
829 vnet_buffer (p0)->ip.adj_index[VLIB_TX] = dpo0->dpoi_index;
831 vlib_increment_combined_counter
832 (cm, cpu_index, lbi0, 1,
833 vlib_buffer_length_in_chain (vm, p0));
840 if (PREDICT_FALSE (next0 != next))
843 vlib_put_next_frame (vm, node, next, n_left_to_next);
845 vlib_get_next_frame (vm, node, next,
846 to_next, n_left_to_next);
853 vlib_put_next_frame (vm, node, next, n_left_to_next);
856 return frame->n_vectors;
859 VLIB_REGISTER_NODE (ip6_load_balance_node) = {
860 .function = ip6_load_balance,
861 .name = "ip6-load-balance",
862 .vector_size = sizeof (u32),
863 .sibling_of = "ip6-lookup",
864 .format_trace = format_ip6_lookup_trace,
868 VLIB_NODE_FUNCTION_MULTIARCH (ip6_load_balance_node, ip6_load_balance)
871 /* Adjacency taken. */
876 /* Packet data, possibly *after* rewrite. */
877 u8 packet_data[128 - 1*sizeof(u32)];
878 } ip6_forward_next_trace_t;
880 static u8 * format_ip6_forward_next_trace (u8 * s, va_list * args)
882 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
883 CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
884 ip6_forward_next_trace_t * t = va_arg (*args, ip6_forward_next_trace_t *);
885 uword indent = format_get_indent (s);
887 s = format(s, "%U%U",
888 format_white_space, indent,
889 format_ip6_header, t->packet_data, sizeof (t->packet_data));
893 static u8 * format_ip6_lookup_trace (u8 * s, va_list * args)
895 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
896 CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
897 ip6_forward_next_trace_t * t = va_arg (*args, ip6_forward_next_trace_t *);
898 uword indent = format_get_indent (s);
900 s = format (s, "fib %d dpo-idx %d flow hash: 0x%08x",
901 t->fib_index, t->adj_index, t->flow_hash);
902 s = format(s, "\n%U%U",
903 format_white_space, indent,
904 format_ip6_header, t->packet_data, sizeof (t->packet_data));
909 static u8 * format_ip6_rewrite_trace (u8 * s, va_list * args)
911 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
912 CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
913 ip6_forward_next_trace_t * t = va_arg (*args, ip6_forward_next_trace_t *);
914 vnet_main_t * vnm = vnet_get_main();
915 uword indent = format_get_indent (s);
917 s = format (s, "tx_sw_if_index %d adj-idx %d : %U flow hash: 0x%08x",
918 t->fib_index, t->adj_index, format_ip_adjacency,
919 t->adj_index, FORMAT_IP_ADJACENCY_NONE,
921 s = format (s, "\n%U%U",
922 format_white_space, indent,
923 format_ip_adjacency_packet_data,
925 t->packet_data, sizeof (t->packet_data));
929 /* Common trace function for all ip6-forward next nodes. */
931 ip6_forward_next_trace (vlib_main_t * vm,
932 vlib_node_runtime_t * node,
933 vlib_frame_t * frame,
934 vlib_rx_or_tx_t which_adj_index)
937 ip6_main_t * im = &ip6_main;
939 n_left = frame->n_vectors;
940 from = vlib_frame_vector_args (frame);
945 vlib_buffer_t * b0, * b1;
946 ip6_forward_next_trace_t * t0, * t1;
948 /* Prefetch next iteration. */
949 vlib_prefetch_buffer_with_index (vm, from[2], LOAD);
950 vlib_prefetch_buffer_with_index (vm, from[3], LOAD);
955 b0 = vlib_get_buffer (vm, bi0);
956 b1 = vlib_get_buffer (vm, bi1);
958 if (b0->flags & VLIB_BUFFER_IS_TRACED)
960 t0 = vlib_add_trace (vm, node, b0, sizeof (t0[0]));
961 t0->adj_index = vnet_buffer (b0)->ip.adj_index[which_adj_index];
962 t0->flow_hash = vnet_buffer (b0)->ip.flow_hash;
963 t0->fib_index = (vnet_buffer(b0)->sw_if_index[VLIB_TX] != (u32)~0) ?
964 vnet_buffer(b0)->sw_if_index[VLIB_TX] :
965 vec_elt (im->fib_index_by_sw_if_index,
966 vnet_buffer(b0)->sw_if_index[VLIB_RX]);
968 clib_memcpy (t0->packet_data,
969 vlib_buffer_get_current (b0),
970 sizeof (t0->packet_data));
972 if (b1->flags & VLIB_BUFFER_IS_TRACED)
974 t1 = vlib_add_trace (vm, node, b1, sizeof (t1[0]));
975 t1->adj_index = vnet_buffer (b1)->ip.adj_index[which_adj_index];
976 t1->flow_hash = vnet_buffer (b1)->ip.flow_hash;
977 t1->fib_index = (vnet_buffer(b1)->sw_if_index[VLIB_TX] != (u32)~0) ?
978 vnet_buffer(b1)->sw_if_index[VLIB_TX] :
979 vec_elt (im->fib_index_by_sw_if_index,
980 vnet_buffer(b1)->sw_if_index[VLIB_RX]);
982 clib_memcpy (t1->packet_data,
983 vlib_buffer_get_current (b1),
984 sizeof (t1->packet_data));
994 ip6_forward_next_trace_t * t0;
998 b0 = vlib_get_buffer (vm, bi0);
1000 if (b0->flags & VLIB_BUFFER_IS_TRACED)
1002 t0 = vlib_add_trace (vm, node, b0, sizeof (t0[0]));
1003 t0->adj_index = vnet_buffer (b0)->ip.adj_index[which_adj_index];
1004 t0->flow_hash = vnet_buffer (b0)->ip.flow_hash;
1005 t0->fib_index = (vnet_buffer(b0)->sw_if_index[VLIB_TX] != (u32)~0) ?
1006 vnet_buffer(b0)->sw_if_index[VLIB_TX] :
1007 vec_elt (im->fib_index_by_sw_if_index,
1008 vnet_buffer(b0)->sw_if_index[VLIB_RX]);
1010 clib_memcpy (t0->packet_data,
1011 vlib_buffer_get_current (b0),
1012 sizeof (t0->packet_data));
1020 ip6_drop_or_punt (vlib_main_t * vm,
1021 vlib_node_runtime_t * node,
1022 vlib_frame_t * frame,
1023 ip6_error_t error_code)
1025 u32 * buffers = vlib_frame_vector_args (frame);
1026 uword n_packets = frame->n_vectors;
1028 vlib_error_drop_buffers (vm, node,
1033 ip6_input_node.index,
1036 if (node->flags & VLIB_NODE_FLAG_TRACE)
1037 ip6_forward_next_trace (vm, node, frame, VLIB_TX);
1043 ip6_drop (vlib_main_t * vm,
1044 vlib_node_runtime_t * node,
1045 vlib_frame_t * frame)
1046 { return ip6_drop_or_punt (vm, node, frame, IP6_ERROR_ADJACENCY_DROP); }
1049 ip6_punt (vlib_main_t * vm,
1050 vlib_node_runtime_t * node,
1051 vlib_frame_t * frame)
1052 { return ip6_drop_or_punt (vm, node, frame, IP6_ERROR_ADJACENCY_PUNT); }
1054 VLIB_REGISTER_NODE (ip6_drop_node,static) = {
1055 .function = ip6_drop,
1057 .vector_size = sizeof (u32),
1059 .format_trace = format_ip6_forward_next_trace,
1067 VLIB_NODE_FUNCTION_MULTIARCH (ip6_drop_node, ip6_drop)
1069 VLIB_REGISTER_NODE (ip6_punt_node,static) = {
1070 .function = ip6_punt,
1072 .vector_size = sizeof (u32),
1074 .format_trace = format_ip6_forward_next_trace,
1082 VLIB_NODE_FUNCTION_MULTIARCH (ip6_punt_node, ip6_punt)
1084 VLIB_REGISTER_NODE (ip6_multicast_node,static) = {
1085 .function = ip6_drop,
1086 .name = "ip6-multicast",
1087 .vector_size = sizeof (u32),
1089 .format_trace = format_ip6_forward_next_trace,
1097 /* Compute TCP/UDP/ICMP6 checksum in software. */
1098 u16 ip6_tcp_udp_icmp_compute_checksum (vlib_main_t * vm, vlib_buffer_t * p0, ip6_header_t * ip0, int *bogus_lengthp)
1101 u16 sum16, payload_length_host_byte_order;
1102 u32 i, n_this_buffer, n_bytes_left;
1103 u32 headers_size = sizeof(ip0[0]);
1104 void * data_this_buffer;
1106 ASSERT(bogus_lengthp);
1109 /* Initialize checksum with ip header. */
1110 sum0 = ip0->payload_length + clib_host_to_net_u16 (ip0->protocol);
1111 payload_length_host_byte_order = clib_net_to_host_u16 (ip0->payload_length);
1112 data_this_buffer = (void *) (ip0 + 1);
1114 for (i = 0; i < ARRAY_LEN (ip0->src_address.as_uword); i++)
1116 sum0 = ip_csum_with_carry (sum0,
1117 clib_mem_unaligned (&ip0->src_address.as_uword[i], uword));
1118 sum0 = ip_csum_with_carry (sum0,
1119 clib_mem_unaligned (&ip0->dst_address.as_uword[i], uword));
1122 /* some icmp packets may come with a "router alert" hop-by-hop extension header (e.g., mldv2 packets) */
1123 if (PREDICT_FALSE (ip0->protocol == IP_PROTOCOL_IP6_HOP_BY_HOP_OPTIONS))
1126 ip6_hop_by_hop_ext_t *ext_hdr = (ip6_hop_by_hop_ext_t *)data_this_buffer;
1128 /* validate really icmp6 next */
1129 ASSERT(ext_hdr->next_hdr == IP_PROTOCOL_ICMP6);
1131 skip_bytes = 8* (1 + ext_hdr->n_data_u64s);
1132 data_this_buffer = (void *)((u8 *)data_this_buffer + skip_bytes);
1134 payload_length_host_byte_order -= skip_bytes;
1135 headers_size += skip_bytes;
1138 n_bytes_left = n_this_buffer = payload_length_host_byte_order;
1140 if (p0 && n_this_buffer + headers_size > p0->current_length)
1142 struct rte_mbuf *mb = rte_mbuf_from_vlib_buffer(p0);
1143 u8 nb_segs = mb->nb_segs;
1145 n_this_buffer = (p0->current_length > headers_size ?
1146 p0->current_length - headers_size : 0);
1147 while (n_bytes_left)
1149 sum0 = ip_incremental_checksum (sum0, data_this_buffer, n_this_buffer);
1150 n_bytes_left -= n_this_buffer;
1154 if ((nb_segs == 0) || (mb == 0))
1157 data_this_buffer = rte_ctrlmbuf_data(mb);
1158 n_this_buffer = mb->data_len;
1160 if (n_bytes_left || nb_segs)
1166 else sum0 = ip_incremental_checksum (sum0, data_this_buffer, n_this_buffer);
1168 if (p0 && n_this_buffer + headers_size > p0->current_length)
1169 n_this_buffer = p0->current_length > headers_size ? p0->current_length - headers_size : 0;
1172 sum0 = ip_incremental_checksum (sum0, data_this_buffer, n_this_buffer);
1173 n_bytes_left -= n_this_buffer;
1174 if (n_bytes_left == 0)
1177 if (!(p0->flags & VLIB_BUFFER_NEXT_PRESENT))
1182 p0 = vlib_get_buffer (vm, p0->next_buffer);
1183 data_this_buffer = vlib_buffer_get_current (p0);
1184 n_this_buffer = p0->current_length;
1188 sum16 = ~ ip_csum_fold (sum0);
1193 u32 ip6_tcp_udp_icmp_validate_checksum (vlib_main_t * vm, vlib_buffer_t * p0)
1195 ip6_header_t * ip0 = vlib_buffer_get_current (p0);
1196 udp_header_t * udp0;
1200 /* some icmp packets may come with a "router alert" hop-by-hop extension header (e.g., mldv2 packets) */
1201 ASSERT (ip0->protocol == IP_PROTOCOL_TCP
1202 || ip0->protocol == IP_PROTOCOL_ICMP6
1203 || ip0->protocol == IP_PROTOCOL_UDP
1204 || ip0->protocol == IP_PROTOCOL_IP6_HOP_BY_HOP_OPTIONS);
1206 udp0 = (void *) (ip0 + 1);
1207 if (ip0->protocol == IP_PROTOCOL_UDP && udp0->checksum == 0)
1209 p0->flags |= (IP_BUFFER_L4_CHECKSUM_COMPUTED
1210 | IP_BUFFER_L4_CHECKSUM_CORRECT);
1214 sum16 = ip6_tcp_udp_icmp_compute_checksum (vm, p0, ip0, &bogus_length);
1216 p0->flags |= (IP_BUFFER_L4_CHECKSUM_COMPUTED
1217 | ((sum16 == 0) << LOG2_IP_BUFFER_L4_CHECKSUM_CORRECT));
1223 ip6_local (vlib_main_t * vm,
1224 vlib_node_runtime_t * node,
1225 vlib_frame_t * frame)
1227 ip6_main_t * im = &ip6_main;
1228 ip_lookup_main_t * lm = &im->lookup_main;
1229 ip_local_next_t next_index;
1230 u32 * from, * to_next, n_left_from, n_left_to_next;
1231 vlib_node_runtime_t * error_node = vlib_node_get_runtime (vm, ip6_input_node.index);
1233 from = vlib_frame_vector_args (frame);
1234 n_left_from = frame->n_vectors;
1235 next_index = node->cached_next_index;
1237 if (node->flags & VLIB_NODE_FLAG_TRACE)
1238 ip6_forward_next_trace (vm, node, frame, VLIB_TX);
1240 while (n_left_from > 0)
1242 vlib_get_next_frame (vm, node, next_index,
1243 to_next, n_left_to_next);
1245 while (n_left_from >= 4 && n_left_to_next >= 2)
1247 vlib_buffer_t * p0, * p1;
1248 ip6_header_t * ip0, * ip1;
1249 udp_header_t * udp0, * udp1;
1250 u32 pi0, ip_len0, udp_len0, flags0, next0;
1251 u32 pi1, ip_len1, udp_len1, flags1, next1;
1252 i32 len_diff0, len_diff1;
1253 u8 error0, type0, good_l4_checksum0;
1254 u8 error1, type1, good_l4_checksum1;
1256 pi0 = to_next[0] = from[0];
1257 pi1 = to_next[1] = from[1];
1261 n_left_to_next -= 2;
1263 p0 = vlib_get_buffer (vm, pi0);
1264 p1 = vlib_get_buffer (vm, pi1);
1266 ip0 = vlib_buffer_get_current (p0);
1267 ip1 = vlib_buffer_get_current (p1);
1269 type0 = lm->builtin_protocol_by_ip_protocol[ip0->protocol];
1270 type1 = lm->builtin_protocol_by_ip_protocol[ip1->protocol];
1272 next0 = lm->local_next_by_ip_protocol[ip0->protocol];
1273 next1 = lm->local_next_by_ip_protocol[ip1->protocol];
1278 good_l4_checksum0 = (flags0 & IP_BUFFER_L4_CHECKSUM_CORRECT) != 0;
1279 good_l4_checksum1 = (flags1 & IP_BUFFER_L4_CHECKSUM_CORRECT) != 0;
1281 udp0 = ip6_next_header (ip0);
1282 udp1 = ip6_next_header (ip1);
1284 /* Don't verify UDP checksum for packets with explicit zero checksum. */
1285 good_l4_checksum0 |= type0 == IP_BUILTIN_PROTOCOL_UDP && udp0->checksum == 0;
1286 good_l4_checksum1 |= type1 == IP_BUILTIN_PROTOCOL_UDP && udp1->checksum == 0;
1288 good_l4_checksum0 |= type0 == IP_BUILTIN_PROTOCOL_UNKNOWN;
1289 good_l4_checksum1 |= type1 == IP_BUILTIN_PROTOCOL_UNKNOWN;
1291 /* Verify UDP length. */
1292 ip_len0 = clib_net_to_host_u16 (ip0->payload_length);
1293 ip_len1 = clib_net_to_host_u16 (ip1->payload_length);
1294 udp_len0 = clib_net_to_host_u16 (udp0->length);
1295 udp_len1 = clib_net_to_host_u16 (udp1->length);
1297 len_diff0 = ip_len0 - udp_len0;
1298 len_diff1 = ip_len1 - udp_len1;
1300 len_diff0 = type0 == IP_BUILTIN_PROTOCOL_UDP ? len_diff0 : 0;
1301 len_diff1 = type1 == IP_BUILTIN_PROTOCOL_UDP ? len_diff1 : 0;
1303 if (PREDICT_FALSE (type0 != IP_BUILTIN_PROTOCOL_UNKNOWN
1304 && ! good_l4_checksum0
1305 && ! (flags0 & IP_BUFFER_L4_CHECKSUM_COMPUTED)))
1307 flags0 = ip6_tcp_udp_icmp_validate_checksum (vm, p0);
1309 (flags0 & IP_BUFFER_L4_CHECKSUM_CORRECT) != 0;
1311 if (PREDICT_FALSE (type1 != IP_BUILTIN_PROTOCOL_UNKNOWN
1312 && ! good_l4_checksum1
1313 && ! (flags1 & IP_BUFFER_L4_CHECKSUM_COMPUTED)))
1315 flags1 = ip6_tcp_udp_icmp_validate_checksum (vm, p1);
1317 (flags1 & IP_BUFFER_L4_CHECKSUM_CORRECT) != 0;
1320 error0 = error1 = IP6_ERROR_UNKNOWN_PROTOCOL;
1322 error0 = len_diff0 < 0 ? IP6_ERROR_UDP_LENGTH : error0;
1323 error1 = len_diff1 < 0 ? IP6_ERROR_UDP_LENGTH : error1;
1325 ASSERT (IP6_ERROR_UDP_CHECKSUM + IP_BUILTIN_PROTOCOL_UDP == IP6_ERROR_UDP_CHECKSUM);
1326 ASSERT (IP6_ERROR_UDP_CHECKSUM + IP_BUILTIN_PROTOCOL_ICMP == IP6_ERROR_ICMP_CHECKSUM);
1327 error0 = (! good_l4_checksum0
1328 ? IP6_ERROR_UDP_CHECKSUM + type0
1330 error1 = (! good_l4_checksum1
1331 ? IP6_ERROR_UDP_CHECKSUM + type1
1334 /* Drop packets from unroutable hosts. */
1335 /* If this is a neighbor solicitation (ICMP), skip source RPF check */
1336 if (error0 == IP6_ERROR_UNKNOWN_PROTOCOL &&
1337 type0 != IP_BUILTIN_PROTOCOL_ICMP &&
1338 !ip6_address_is_link_local_unicast(&ip0->src_address))
1340 u32 src_adj_index0 = ip6_src_lookup_for_packet (im, p0, ip0);
1341 error0 = (ADJ_INDEX_INVALID == src_adj_index0
1342 ? IP6_ERROR_SRC_LOOKUP_MISS
1345 if (error1 == IP6_ERROR_UNKNOWN_PROTOCOL &&
1346 type1 != IP_BUILTIN_PROTOCOL_ICMP &&
1347 !ip6_address_is_link_local_unicast(&ip1->src_address))
1349 u32 src_adj_index1 = ip6_src_lookup_for_packet (im, p1, ip1);
1350 error1 = (ADJ_INDEX_INVALID == src_adj_index1
1351 ? IP6_ERROR_SRC_LOOKUP_MISS
1355 next0 = error0 != IP6_ERROR_UNKNOWN_PROTOCOL ? IP_LOCAL_NEXT_DROP : next0;
1356 next1 = error1 != IP6_ERROR_UNKNOWN_PROTOCOL ? IP_LOCAL_NEXT_DROP : next1;
1358 p0->error = error_node->errors[error0];
1359 p1->error = error_node->errors[error1];
1361 vlib_validate_buffer_enqueue_x2 (vm, node, next_index,
1362 to_next, n_left_to_next,
1363 pi0, pi1, next0, next1);
1366 while (n_left_from > 0 && n_left_to_next > 0)
1370 udp_header_t * udp0;
1371 u32 pi0, ip_len0, udp_len0, flags0, next0;
1373 u8 error0, type0, good_l4_checksum0;
1375 pi0 = to_next[0] = from[0];
1379 n_left_to_next -= 1;
1381 p0 = vlib_get_buffer (vm, pi0);
1383 ip0 = vlib_buffer_get_current (p0);
1385 type0 = lm->builtin_protocol_by_ip_protocol[ip0->protocol];
1386 next0 = lm->local_next_by_ip_protocol[ip0->protocol];
1390 good_l4_checksum0 = (flags0 & IP_BUFFER_L4_CHECKSUM_CORRECT) != 0;
1392 udp0 = ip6_next_header (ip0);
1394 /* Don't verify UDP checksum for packets with explicit zero checksum. */
1395 good_l4_checksum0 |= type0 == IP_BUILTIN_PROTOCOL_UDP && udp0->checksum == 0;
1397 good_l4_checksum0 |= type0 == IP_BUILTIN_PROTOCOL_UNKNOWN;
1399 /* Verify UDP length. */
1400 ip_len0 = clib_net_to_host_u16 (ip0->payload_length);
1401 udp_len0 = clib_net_to_host_u16 (udp0->length);
1403 len_diff0 = ip_len0 - udp_len0;
1405 len_diff0 = type0 == IP_BUILTIN_PROTOCOL_UDP ? len_diff0 : 0;
1407 if (PREDICT_FALSE (type0 != IP_BUILTIN_PROTOCOL_UNKNOWN
1408 && ! good_l4_checksum0
1409 && ! (flags0 & IP_BUFFER_L4_CHECKSUM_COMPUTED)))
1411 flags0 = ip6_tcp_udp_icmp_validate_checksum (vm, p0);
1413 (flags0 & IP_BUFFER_L4_CHECKSUM_CORRECT) != 0;
1416 error0 = IP6_ERROR_UNKNOWN_PROTOCOL;
1418 error0 = len_diff0 < 0 ? IP6_ERROR_UDP_LENGTH : error0;
1420 ASSERT (IP6_ERROR_UDP_CHECKSUM + IP_BUILTIN_PROTOCOL_UDP == IP6_ERROR_UDP_CHECKSUM);
1421 ASSERT (IP6_ERROR_UDP_CHECKSUM + IP_BUILTIN_PROTOCOL_ICMP == IP6_ERROR_ICMP_CHECKSUM);
1422 error0 = (! good_l4_checksum0
1423 ? IP6_ERROR_UDP_CHECKSUM + type0
1426 /* If this is a neighbor solicitation (ICMP), skip source RPF check */
1427 if (error0 == IP6_ERROR_UNKNOWN_PROTOCOL &&
1428 type0 != IP_BUILTIN_PROTOCOL_ICMP &&
1429 !ip6_address_is_link_local_unicast(&ip0->src_address))
1431 u32 src_adj_index0 = ip6_src_lookup_for_packet (im, p0, ip0);
1432 error0 = (ADJ_INDEX_INVALID == src_adj_index0
1433 ? IP6_ERROR_SRC_LOOKUP_MISS
1437 next0 = error0 != IP6_ERROR_UNKNOWN_PROTOCOL ? IP_LOCAL_NEXT_DROP : next0;
1439 p0->error = error_node->errors[error0];
1441 vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
1442 to_next, n_left_to_next,
1446 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
1449 return frame->n_vectors;
1452 VLIB_REGISTER_NODE (ip6_local_node,static) = {
1453 .function = ip6_local,
1454 .name = "ip6-local",
1455 .vector_size = sizeof (u32),
1457 .format_trace = format_ip6_forward_next_trace,
1459 .n_next_nodes = IP_LOCAL_N_NEXT,
1461 [IP_LOCAL_NEXT_DROP] = "error-drop",
1462 [IP_LOCAL_NEXT_PUNT] = "error-punt",
1463 [IP_LOCAL_NEXT_UDP_LOOKUP] = "ip6-udp-lookup",
1464 [IP_LOCAL_NEXT_ICMP] = "ip6-icmp-input",
1468 VLIB_NODE_FUNCTION_MULTIARCH (ip6_local_node, ip6_local)
1470 void ip6_register_protocol (u32 protocol, u32 node_index)
1472 vlib_main_t * vm = vlib_get_main();
1473 ip6_main_t * im = &ip6_main;
1474 ip_lookup_main_t * lm = &im->lookup_main;
1476 ASSERT (protocol < ARRAY_LEN (lm->local_next_by_ip_protocol));
1477 lm->local_next_by_ip_protocol[protocol] = vlib_node_add_next (vm, ip6_local_node.index, node_index);
1481 IP6_DISCOVER_NEIGHBOR_NEXT_DROP,
1482 IP6_DISCOVER_NEIGHBOR_NEXT_REPLY_TX,
1483 IP6_DISCOVER_NEIGHBOR_N_NEXT,
1484 } ip6_discover_neighbor_next_t;
1487 IP6_DISCOVER_NEIGHBOR_ERROR_DROP,
1488 IP6_DISCOVER_NEIGHBOR_ERROR_REQUEST_SENT,
1489 IP6_DISCOVER_NEIGHBOR_ERROR_NO_SOURCE_ADDRESS,
1490 } ip6_discover_neighbor_error_t;
1493 ip6_discover_neighbor_inline (vlib_main_t * vm,
1494 vlib_node_runtime_t * node,
1495 vlib_frame_t * frame,
1498 vnet_main_t * vnm = vnet_get_main();
1499 ip6_main_t * im = &ip6_main;
1500 ip_lookup_main_t * lm = &im->lookup_main;
1501 u32 * from, * to_next_drop;
1502 uword n_left_from, n_left_to_next_drop;
1503 static f64 time_last_seed_change = -1e100;
1504 static u32 hash_seeds[3];
1505 static uword hash_bitmap[256 / BITS (uword)];
1509 if (node->flags & VLIB_NODE_FLAG_TRACE)
1510 ip6_forward_next_trace (vm, node, frame, VLIB_TX);
1512 time_now = vlib_time_now (vm);
1513 if (time_now - time_last_seed_change > 1e-3)
1516 u32 * r = clib_random_buffer_get_data (&vm->random_buffer,
1517 sizeof (hash_seeds));
1518 for (i = 0; i < ARRAY_LEN (hash_seeds); i++)
1519 hash_seeds[i] = r[i];
1521 /* Mark all hash keys as been not-seen before. */
1522 for (i = 0; i < ARRAY_LEN (hash_bitmap); i++)
1525 time_last_seed_change = time_now;
1528 from = vlib_frame_vector_args (frame);
1529 n_left_from = frame->n_vectors;
1531 while (n_left_from > 0)
1533 vlib_get_next_frame (vm, node, IP6_DISCOVER_NEIGHBOR_NEXT_DROP,
1534 to_next_drop, n_left_to_next_drop);
1536 while (n_left_from > 0 && n_left_to_next_drop > 0)
1540 u32 pi0, adj_index0, a0, b0, c0, m0, sw_if_index0, drop0;
1542 ip_adjacency_t * adj0;
1543 vnet_hw_interface_t * hw_if0;
1548 p0 = vlib_get_buffer (vm, pi0);
1550 adj_index0 = vnet_buffer (p0)->ip.adj_index[VLIB_TX];
1552 ip0 = vlib_buffer_get_current (p0);
1554 adj0 = ip_get_adjacency (lm, adj_index0);
1558 ip0->dst_address.as_u64[0] = adj0->sub_type.nbr.next_hop.ip6.as_u64[0];
1559 ip0->dst_address.as_u64[1] = adj0->sub_type.nbr.next_hop.ip6.as_u64[1];
1566 sw_if_index0 = adj0->rewrite_header.sw_if_index;
1567 vnet_buffer (p0)->sw_if_index[VLIB_TX] = sw_if_index0;
1570 b0 ^= ip0->dst_address.as_u32[0];
1571 c0 ^= ip0->dst_address.as_u32[1];
1573 hash_v3_mix32 (a0, b0, c0);
1575 b0 ^= ip0->dst_address.as_u32[2];
1576 c0 ^= ip0->dst_address.as_u32[3];
1578 hash_v3_finalize32 (a0, b0, c0);
1580 c0 &= BITS (hash_bitmap) - 1;
1581 c0 = c0 / BITS (uword);
1582 m0 = (uword) 1 << (c0 % BITS (uword));
1584 bm0 = hash_bitmap[c0];
1585 drop0 = (bm0 & m0) != 0;
1587 /* Mark it as seen. */
1588 hash_bitmap[c0] = bm0 | m0;
1592 to_next_drop[0] = pi0;
1594 n_left_to_next_drop -= 1;
1596 hw_if0 = vnet_get_sup_hw_interface (vnm, sw_if_index0);
1598 /* If the interface is link-down, drop the pkt */
1599 if (!(hw_if0->flags & VNET_HW_INTERFACE_FLAG_LINK_UP))
1603 node->errors[drop0 ? IP6_DISCOVER_NEIGHBOR_ERROR_DROP
1604 : IP6_DISCOVER_NEIGHBOR_ERROR_REQUEST_SENT];
1609 * the adj has been updated to a rewrite but the node the DPO that got
1610 * us here hasn't - yet. no big deal. we'll drop while we wait.
1612 if (IP_LOOKUP_NEXT_REWRITE == adj0->lookup_next_index)
1617 icmp6_neighbor_solicitation_header_t * h0;
1620 h0 = vlib_packet_template_get_packet
1621 (vm, &im->discover_neighbor_packet_template, &bi0);
1624 * Build ethernet header.
1625 * Choose source address based on destination lookup
1628 if (ip6_src_address_for_packet (lm,
1630 &h0->ip.src_address))
1632 /* There is no address on the interface */
1633 p0->error = node->errors[IP6_DISCOVER_NEIGHBOR_ERROR_NO_SOURCE_ADDRESS];
1634 vlib_buffer_free(vm, &bi0, 1);
1639 * Destination address is a solicited node multicast address.
1640 * We need to fill in
1641 * the low 24 bits with low 24 bits of target's address.
1643 h0->ip.dst_address.as_u8[13] = ip0->dst_address.as_u8[13];
1644 h0->ip.dst_address.as_u8[14] = ip0->dst_address.as_u8[14];
1645 h0->ip.dst_address.as_u8[15] = ip0->dst_address.as_u8[15];
1647 h0->neighbor.target_address = ip0->dst_address;
1649 clib_memcpy (h0->link_layer_option.ethernet_address,
1650 hw_if0->hw_address, vec_len (hw_if0->hw_address));
1652 /* $$$$ appears we need this; why is the checksum non-zero? */
1653 h0->neighbor.icmp.checksum = 0;
1654 h0->neighbor.icmp.checksum =
1655 ip6_tcp_udp_icmp_compute_checksum (vm, 0, &h0->ip,
1658 ASSERT (bogus_length == 0);
1660 vlib_buffer_copy_trace_flag (vm, p0, bi0);
1661 b0 = vlib_get_buffer (vm, bi0);
1662 vnet_buffer (b0)->sw_if_index[VLIB_TX]
1663 = vnet_buffer (p0)->sw_if_index[VLIB_TX];
1665 /* Add rewrite/encap string. */
1666 vnet_rewrite_one_header (adj0[0], h0,
1667 sizeof (ethernet_header_t));
1668 vlib_buffer_advance (b0, -adj0->rewrite_header.data_bytes);
1670 next0 = IP6_DISCOVER_NEIGHBOR_NEXT_REPLY_TX;
1672 vlib_set_next_frame_buffer (vm, node, next0, bi0);
1676 vlib_put_next_frame (vm, node, IP6_DISCOVER_NEIGHBOR_NEXT_DROP,
1677 n_left_to_next_drop);
1680 return frame->n_vectors;
1684 ip6_discover_neighbor (vlib_main_t * vm,
1685 vlib_node_runtime_t * node,
1686 vlib_frame_t * frame)
1688 return (ip6_discover_neighbor_inline(vm, node, frame, 0));
1692 ip6_glean (vlib_main_t * vm,
1693 vlib_node_runtime_t * node,
1694 vlib_frame_t * frame)
1696 return (ip6_discover_neighbor_inline(vm, node, frame, 1));
1699 static char * ip6_discover_neighbor_error_strings[] = {
1700 [IP6_DISCOVER_NEIGHBOR_ERROR_DROP] = "address overflow drops",
1701 [IP6_DISCOVER_NEIGHBOR_ERROR_REQUEST_SENT]
1702 = "neighbor solicitations sent",
1703 [IP6_DISCOVER_NEIGHBOR_ERROR_NO_SOURCE_ADDRESS]
1704 = "no source address for ND solicitation",
1707 VLIB_REGISTER_NODE (ip6_discover_neighbor_node) = {
1708 .function = ip6_discover_neighbor,
1709 .name = "ip6-discover-neighbor",
1710 .vector_size = sizeof (u32),
1712 .format_trace = format_ip6_forward_next_trace,
1714 .n_errors = ARRAY_LEN (ip6_discover_neighbor_error_strings),
1715 .error_strings = ip6_discover_neighbor_error_strings,
1717 .n_next_nodes = IP6_DISCOVER_NEIGHBOR_N_NEXT,
1719 [IP6_DISCOVER_NEIGHBOR_NEXT_DROP] = "error-drop",
1720 [IP6_DISCOVER_NEIGHBOR_NEXT_REPLY_TX] = "interface-output",
1724 VLIB_REGISTER_NODE (ip6_glean_node) = {
1725 .function = ip6_glean,
1726 .name = "ip6-glean",
1727 .vector_size = sizeof (u32),
1729 .format_trace = format_ip6_forward_next_trace,
1731 .n_errors = ARRAY_LEN (ip6_discover_neighbor_error_strings),
1732 .error_strings = ip6_discover_neighbor_error_strings,
1734 .n_next_nodes = IP6_DISCOVER_NEIGHBOR_N_NEXT,
1736 [IP6_DISCOVER_NEIGHBOR_NEXT_DROP] = "error-drop",
1737 [IP6_DISCOVER_NEIGHBOR_NEXT_REPLY_TX] = "interface-output",
1742 ip6_probe_neighbor (vlib_main_t * vm, ip6_address_t * dst, u32 sw_if_index)
1744 vnet_main_t * vnm = vnet_get_main();
1745 ip6_main_t * im = &ip6_main;
1746 icmp6_neighbor_solicitation_header_t * h;
1747 ip6_address_t * src;
1748 ip_interface_address_t * ia;
1749 ip_adjacency_t * adj;
1750 vnet_hw_interface_t * hi;
1751 vnet_sw_interface_t * si;
1756 si = vnet_get_sw_interface (vnm, sw_if_index);
1758 if (!(si->flags & VNET_SW_INTERFACE_FLAG_ADMIN_UP))
1760 return clib_error_return (0, "%U: interface %U down",
1761 format_ip6_address, dst,
1762 format_vnet_sw_if_index_name, vnm,
1766 src = ip6_interface_address_matching_destination (im, dst, sw_if_index, &ia);
1769 vnm->api_errno = VNET_API_ERROR_NO_MATCHING_INTERFACE;
1770 return clib_error_return
1771 (0, "no matching interface address for destination %U (interface %U)",
1772 format_ip6_address, dst,
1773 format_vnet_sw_if_index_name, vnm, sw_if_index);
1776 h = vlib_packet_template_get_packet (vm, &im->discover_neighbor_packet_template, &bi);
1778 hi = vnet_get_sup_hw_interface (vnm, sw_if_index);
1780 /* Destination address is a solicited node multicast address. We need to fill in
1781 the low 24 bits with low 24 bits of target's address. */
1782 h->ip.dst_address.as_u8[13] = dst->as_u8[13];
1783 h->ip.dst_address.as_u8[14] = dst->as_u8[14];
1784 h->ip.dst_address.as_u8[15] = dst->as_u8[15];
1786 h->ip.src_address = src[0];
1787 h->neighbor.target_address = dst[0];
1789 clib_memcpy (h->link_layer_option.ethernet_address, hi->hw_address, vec_len (hi->hw_address));
1791 h->neighbor.icmp.checksum =
1792 ip6_tcp_udp_icmp_compute_checksum (vm, 0, &h->ip, &bogus_length);
1793 ASSERT(bogus_length == 0);
1795 b = vlib_get_buffer (vm, bi);
1796 vnet_buffer (b)->sw_if_index[VLIB_RX] = vnet_buffer (b)->sw_if_index[VLIB_TX] = sw_if_index;
1798 /* Add encapsulation string for software interface (e.g. ethernet header). */
1799 adj = ip_get_adjacency (&im->lookup_main, ia->neighbor_probe_adj_index);
1800 vnet_rewrite_one_header (adj[0], h, sizeof (ethernet_header_t));
1801 vlib_buffer_advance (b, -adj->rewrite_header.data_bytes);
1804 vlib_frame_t * f = vlib_get_frame_to_node (vm, hi->output_node_index);
1805 u32 * to_next = vlib_frame_vector_args (f);
1808 vlib_put_frame_to_node (vm, hi->output_node_index, f);
1811 return /* no error */ 0;
1815 IP6_REWRITE_NEXT_DROP,
1816 IP6_REWRITE_NEXT_ICMP_ERROR,
1817 } ip6_rewrite_next_t;
1820 ip6_rewrite_inline (vlib_main_t * vm,
1821 vlib_node_runtime_t * node,
1822 vlib_frame_t * frame,
1823 int rewrite_for_locally_received_packets,
1826 ip_lookup_main_t * lm = &ip6_main.lookup_main;
1827 u32 * from = vlib_frame_vector_args (frame);
1828 u32 n_left_from, n_left_to_next, * to_next, next_index;
1829 vlib_node_runtime_t * error_node = vlib_node_get_runtime (vm, ip6_input_node.index);
1830 vlib_rx_or_tx_t adj_rx_tx = rewrite_for_locally_received_packets ? VLIB_RX : VLIB_TX;
1831 ip_config_main_t * cm = &lm->feature_config_mains[VNET_IP_TX_FEAT];
1833 n_left_from = frame->n_vectors;
1834 next_index = node->cached_next_index;
1835 u32 cpu_index = os_get_cpu_number();
1837 while (n_left_from > 0)
1839 vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
1841 while (n_left_from >= 4 && n_left_to_next >= 2)
1843 ip_adjacency_t * adj0, * adj1;
1844 vlib_buffer_t * p0, * p1;
1845 ip6_header_t * ip0, * ip1;
1846 u32 pi0, rw_len0, next0, error0, adj_index0;
1847 u32 pi1, rw_len1, next1, error1, adj_index1;
1848 u32 tx_sw_if_index0, tx_sw_if_index1;
1850 /* Prefetch next iteration. */
1852 vlib_buffer_t * p2, * p3;
1854 p2 = vlib_get_buffer (vm, from[2]);
1855 p3 = vlib_get_buffer (vm, from[3]);
1857 vlib_prefetch_buffer_header (p2, LOAD);
1858 vlib_prefetch_buffer_header (p3, LOAD);
1860 CLIB_PREFETCH (p2->pre_data, 32, STORE);
1861 CLIB_PREFETCH (p3->pre_data, 32, STORE);
1863 CLIB_PREFETCH (p2->data, sizeof (ip0[0]), STORE);
1864 CLIB_PREFETCH (p3->data, sizeof (ip0[0]), STORE);
1867 pi0 = to_next[0] = from[0];
1868 pi1 = to_next[1] = from[1];
1873 n_left_to_next -= 2;
1875 p0 = vlib_get_buffer (vm, pi0);
1876 p1 = vlib_get_buffer (vm, pi1);
1878 adj_index0 = vnet_buffer (p0)->ip.adj_index[adj_rx_tx];
1879 adj_index1 = vnet_buffer (p1)->ip.adj_index[adj_rx_tx];
1881 /* We should never rewrite a pkt using the MISS adjacency */
1882 ASSERT(adj_index0 && adj_index1);
1884 ip0 = vlib_buffer_get_current (p0);
1885 ip1 = vlib_buffer_get_current (p1);
1887 error0 = error1 = IP6_ERROR_NONE;
1888 next0 = next1 = IP6_REWRITE_NEXT_DROP;
1890 if (! rewrite_for_locally_received_packets)
1892 i32 hop_limit0 = ip0->hop_limit, hop_limit1 = ip1->hop_limit;
1894 /* Input node should have reject packets with hop limit 0. */
1895 ASSERT (ip0->hop_limit > 0);
1896 ASSERT (ip1->hop_limit > 0);
1901 ip0->hop_limit = hop_limit0;
1902 ip1->hop_limit = hop_limit1;
1905 * If the hop count drops below 1 when forwarding, generate
1908 if (PREDICT_FALSE(hop_limit0 <= 0))
1910 error0 = IP6_ERROR_TIME_EXPIRED;
1911 next0 = IP6_REWRITE_NEXT_ICMP_ERROR;
1912 vnet_buffer (p0)->sw_if_index[VLIB_TX] = (u32)~0;
1913 icmp6_error_set_vnet_buffer(p0, ICMP6_time_exceeded,
1914 ICMP6_time_exceeded_ttl_exceeded_in_transit, 0);
1916 if (PREDICT_FALSE(hop_limit1 <= 0))
1918 error1 = IP6_ERROR_TIME_EXPIRED;
1919 next1 = IP6_REWRITE_NEXT_ICMP_ERROR;
1920 vnet_buffer (p1)->sw_if_index[VLIB_TX] = (u32)~0;
1921 icmp6_error_set_vnet_buffer(p1, ICMP6_time_exceeded,
1922 ICMP6_time_exceeded_ttl_exceeded_in_transit, 0);
1926 adj0 = ip_get_adjacency (lm, adj_index0);
1927 adj1 = ip_get_adjacency (lm, adj_index1);
1929 rw_len0 = adj0[0].rewrite_header.data_bytes;
1930 rw_len1 = adj1[0].rewrite_header.data_bytes;
1931 vnet_buffer(p0)->ip.save_rewrite_length = rw_len0;
1932 vnet_buffer(p1)->ip.save_rewrite_length = rw_len1;
1934 vlib_increment_combined_counter (&adjacency_counters,
1937 /* packet increment */ 0,
1938 /* byte increment */ rw_len0);
1939 vlib_increment_combined_counter (&adjacency_counters,
1942 /* packet increment */ 0,
1943 /* byte increment */ rw_len1);
1945 /* Check MTU of outgoing interface. */
1946 error0 = (vlib_buffer_length_in_chain (vm, p0) > adj0[0].rewrite_header.max_l3_packet_bytes
1947 ? IP6_ERROR_MTU_EXCEEDED
1949 error1 = (vlib_buffer_length_in_chain (vm, p1) > adj1[0].rewrite_header.max_l3_packet_bytes
1950 ? IP6_ERROR_MTU_EXCEEDED
1953 /* Don't adjust the buffer for hop count issue; icmp-error node
1954 * wants to see the IP headerr */
1955 if (PREDICT_TRUE(error0 == IP6_ERROR_NONE))
1957 p0->current_data -= rw_len0;
1958 p0->current_length += rw_len0;
1960 tx_sw_if_index0 = adj0[0].rewrite_header.sw_if_index;
1961 vnet_buffer (p0)->sw_if_index[VLIB_TX] =
1963 next0 = adj0[0].rewrite_header.next_index;
1966 (clib_bitmap_get (lm->tx_sw_if_has_ip_output_features,
1969 p0->current_config_index =
1970 vec_elt (cm->config_index_by_sw_if_index,
1972 vnet_get_config_data (&cm->config_main,
1973 &p0->current_config_index,
1975 /* # bytes of config data */ 0);
1978 if (PREDICT_TRUE(error1 == IP6_ERROR_NONE))
1980 p1->current_data -= rw_len1;
1981 p1->current_length += rw_len1;
1983 tx_sw_if_index1 = adj1[0].rewrite_header.sw_if_index;
1984 vnet_buffer (p1)->sw_if_index[VLIB_TX] =
1986 next1 = adj1[0].rewrite_header.next_index;
1989 (clib_bitmap_get (lm->tx_sw_if_has_ip_output_features,
1992 p1->current_config_index =
1993 vec_elt (cm->config_index_by_sw_if_index,
1995 vnet_get_config_data (&cm->config_main,
1996 &p1->current_config_index,
1998 /* # bytes of config data */ 0);
2002 /* Guess we are only writing on simple Ethernet header. */
2003 vnet_rewrite_two_headers (adj0[0], adj1[0],
2005 sizeof (ethernet_header_t));
2009 adj0->sub_type.midchain.fixup_func(vm, adj0, p0);
2010 adj1->sub_type.midchain.fixup_func(vm, adj1, p1);
2013 vlib_validate_buffer_enqueue_x2 (vm, node, next_index,
2014 to_next, n_left_to_next,
2015 pi0, pi1, next0, next1);
2018 while (n_left_from > 0 && n_left_to_next > 0)
2020 ip_adjacency_t * adj0;
2024 u32 adj_index0, next0, error0;
2025 u32 tx_sw_if_index0;
2027 pi0 = to_next[0] = from[0];
2029 p0 = vlib_get_buffer (vm, pi0);
2031 adj_index0 = vnet_buffer (p0)->ip.adj_index[adj_rx_tx];
2033 /* We should never rewrite a pkt using the MISS adjacency */
2036 adj0 = ip_get_adjacency (lm, adj_index0);
2038 ip0 = vlib_buffer_get_current (p0);
2040 error0 = IP6_ERROR_NONE;
2041 next0 = IP6_REWRITE_NEXT_DROP;
2043 /* Check hop limit */
2044 if (! rewrite_for_locally_received_packets)
2046 i32 hop_limit0 = ip0->hop_limit;
2048 ASSERT (ip0->hop_limit > 0);
2052 ip0->hop_limit = hop_limit0;
2054 if (PREDICT_FALSE(hop_limit0 <= 0))
2057 * If the hop count drops below 1 when forwarding, generate
2060 error0 = IP6_ERROR_TIME_EXPIRED;
2061 next0 = IP6_REWRITE_NEXT_ICMP_ERROR;
2062 vnet_buffer (p0)->sw_if_index[VLIB_TX] = (u32)~0;
2063 icmp6_error_set_vnet_buffer(p0, ICMP6_time_exceeded,
2064 ICMP6_time_exceeded_ttl_exceeded_in_transit, 0);
2068 /* Guess we are only writing on simple Ethernet header. */
2069 vnet_rewrite_one_header (adj0[0], ip0, sizeof (ethernet_header_t));
2071 /* Update packet buffer attributes/set output interface. */
2072 rw_len0 = adj0[0].rewrite_header.data_bytes;
2073 vnet_buffer(p0)->ip.save_rewrite_length = rw_len0;
2075 vlib_increment_combined_counter (&adjacency_counters,
2078 /* packet increment */ 0,
2079 /* byte increment */ rw_len0);
2081 /* Check MTU of outgoing interface. */
2082 error0 = (vlib_buffer_length_in_chain (vm, p0) > adj0[0].rewrite_header.max_l3_packet_bytes
2083 ? IP6_ERROR_MTU_EXCEEDED
2086 /* Don't adjust the buffer for hop count issue; icmp-error node
2087 * wants to see the IP headerr */
2088 if (PREDICT_TRUE(error0 == IP6_ERROR_NONE))
2090 p0->current_data -= rw_len0;
2091 p0->current_length += rw_len0;
2093 tx_sw_if_index0 = adj0[0].rewrite_header.sw_if_index;
2095 vnet_buffer (p0)->sw_if_index[VLIB_TX] = tx_sw_if_index0;
2096 next0 = adj0[0].rewrite_header.next_index;
2099 (clib_bitmap_get (lm->tx_sw_if_has_ip_output_features,
2102 p0->current_config_index =
2103 vec_elt (cm->config_index_by_sw_if_index,
2105 vnet_get_config_data (&cm->config_main,
2106 &p0->current_config_index,
2108 /* # bytes of config data */ 0);
2114 adj0->sub_type.midchain.fixup_func(vm, adj0, p0);
2117 p0->error = error_node->errors[error0];
2122 n_left_to_next -= 1;
2124 vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
2125 to_next, n_left_to_next,
2129 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
2132 /* Need to do trace after rewrites to pick up new packet data. */
2133 if (node->flags & VLIB_NODE_FLAG_TRACE)
2134 ip6_forward_next_trace (vm, node, frame, adj_rx_tx);
2136 return frame->n_vectors;
2140 ip6_rewrite_transit (vlib_main_t * vm,
2141 vlib_node_runtime_t * node,
2142 vlib_frame_t * frame)
2144 return ip6_rewrite_inline (vm, node, frame,
2145 /* rewrite_for_locally_received_packets */ 0,
2150 ip6_rewrite_local (vlib_main_t * vm,
2151 vlib_node_runtime_t * node,
2152 vlib_frame_t * frame)
2154 return ip6_rewrite_inline (vm, node, frame,
2155 /* rewrite_for_locally_received_packets */ 1,
2160 ip6_midchain (vlib_main_t * vm,
2161 vlib_node_runtime_t * node,
2162 vlib_frame_t * frame)
2164 return ip6_rewrite_inline (vm, node, frame,
2165 /* rewrite_for_locally_received_packets */ 0,
2169 VLIB_REGISTER_NODE (ip6_midchain_node) = {
2170 .function = ip6_midchain,
2171 .name = "ip6-midchain",
2172 .vector_size = sizeof (u32),
2174 .format_trace = format_ip6_forward_next_trace,
2176 .sibling_of = "ip6-rewrite",
2179 VLIB_NODE_FUNCTION_MULTIARCH (ip6_midchain_node, ip6_midchain)
2181 VLIB_REGISTER_NODE (ip6_rewrite_node) = {
2182 .function = ip6_rewrite_transit,
2183 .name = "ip6-rewrite",
2184 .vector_size = sizeof (u32),
2186 .format_trace = format_ip6_rewrite_trace,
2190 [IP6_REWRITE_NEXT_DROP] = "error-drop",
2191 [IP6_REWRITE_NEXT_ICMP_ERROR] = "ip6-icmp-error",
2195 VLIB_NODE_FUNCTION_MULTIARCH (ip6_rewrite_node, ip6_rewrite_transit);
2197 VLIB_REGISTER_NODE (ip6_rewrite_local_node) = {
2198 .function = ip6_rewrite_local,
2199 .name = "ip6-rewrite-local",
2200 .vector_size = sizeof (u32),
2202 .sibling_of = "ip6-rewrite",
2204 .format_trace = format_ip6_rewrite_trace,
2209 VLIB_NODE_FUNCTION_MULTIARCH (ip6_rewrite_local_node, ip6_rewrite_local);
2212 * Hop-by-Hop handling
2215 ip6_hop_by_hop_main_t ip6_hop_by_hop_main;
2217 #define foreach_ip6_hop_by_hop_error \
2218 _(PROCESSED, "pkts with ip6 hop-by-hop options") \
2219 _(FORMAT, "incorrectly formatted hop-by-hop options") \
2220 _(UNKNOWN_OPTION, "unknown ip6 hop-by-hop options")
2223 #define _(sym,str) IP6_HOP_BY_HOP_ERROR_##sym,
2224 foreach_ip6_hop_by_hop_error
2226 IP6_HOP_BY_HOP_N_ERROR,
2227 } ip6_hop_by_hop_error_t;
2230 * Primary h-b-h handler trace support
2231 * We work pretty hard on the problem for obvious reasons
2236 u8 option_data[256];
2237 } ip6_hop_by_hop_trace_t;
2239 vlib_node_registration_t ip6_hop_by_hop_node;
2241 static char * ip6_hop_by_hop_error_strings[] = {
2242 #define _(sym,string) string,
2243 foreach_ip6_hop_by_hop_error
2248 format_ip6_hop_by_hop_trace (u8 * s, va_list * args)
2250 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
2251 CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
2252 ip6_hop_by_hop_trace_t * t = va_arg (*args, ip6_hop_by_hop_trace_t *);
2253 ip6_hop_by_hop_header_t *hbh0;
2254 ip6_hop_by_hop_option_t *opt0, *limit0;
2255 ip6_hop_by_hop_main_t *hm = &ip6_hop_by_hop_main;
2259 hbh0 = (ip6_hop_by_hop_header_t *)t->option_data;
2261 s = format (s, "IP6_HOP_BY_HOP: next index %d len %d traced %d",
2262 t->next_index, (hbh0->length+1)<<3, t->trace_len);
2264 opt0 = (ip6_hop_by_hop_option_t *) (hbh0+1);
2265 limit0 = (ip6_hop_by_hop_option_t *) ((u8 *)hbh0) + t->trace_len;
2267 while (opt0 < limit0) {
2270 case 0: /* Pad, just stop */
2271 opt0 = (ip6_hop_by_hop_option_t *) ((u8 *)opt0) + 1;
2275 if (hm->trace[type0]) {
2276 s = (*hm->trace[type0])(s, opt0);
2278 s = format (s, "\n unrecognized option %d length %d", type0, opt0->length);
2280 opt0 = (ip6_hop_by_hop_option_t *) (((u8 *)opt0) + opt0->length + sizeof (ip6_hop_by_hop_option_t));
2287 always_inline u8 ip6_scan_hbh_options (
2290 ip6_hop_by_hop_header_t *hbh0,
2291 ip6_hop_by_hop_option_t *opt0,
2292 ip6_hop_by_hop_option_t *limit0,
2295 ip6_hop_by_hop_main_t *hm = &ip6_hop_by_hop_main;
2299 while (opt0 < limit0)
2305 opt0 = (ip6_hop_by_hop_option_t *) ((u8 *)opt0) + 1;
2310 if (hm->options[type0])
2312 if ((*hm->options[type0])(b0, ip0, opt0) < 0)
2314 error0 = IP6_HOP_BY_HOP_ERROR_FORMAT;
2320 /* Unrecognized mandatory option, check the two high order bits */
2321 switch (opt0->type & HBH_OPTION_TYPE_HIGH_ORDER_BITS)
2323 case HBH_OPTION_TYPE_SKIP_UNKNOWN:
2325 case HBH_OPTION_TYPE_DISCARD_UNKNOWN:
2326 error0 = IP6_HOP_BY_HOP_ERROR_UNKNOWN_OPTION;
2327 *next0 = IP_LOOKUP_NEXT_DROP;
2329 case HBH_OPTION_TYPE_DISCARD_UNKNOWN_ICMP:
2330 error0 = IP6_HOP_BY_HOP_ERROR_UNKNOWN_OPTION;
2331 *next0 = IP_LOOKUP_NEXT_ICMP_ERROR;
2332 icmp6_error_set_vnet_buffer(b0, ICMP6_parameter_problem,
2333 ICMP6_parameter_problem_unrecognized_option, (u8 *)opt0 - (u8 *)ip0);
2335 case HBH_OPTION_TYPE_DISCARD_UNKNOWN_ICMP_NOT_MCAST:
2336 error0 = IP6_HOP_BY_HOP_ERROR_UNKNOWN_OPTION;
2337 if (!ip6_address_is_multicast(&ip0->dst_address))
2339 *next0 = IP_LOOKUP_NEXT_ICMP_ERROR;
2340 icmp6_error_set_vnet_buffer(b0, ICMP6_parameter_problem,
2341 ICMP6_parameter_problem_unrecognized_option, (u8 *)opt0 - (u8 *)ip0);
2345 *next0 = IP_LOOKUP_NEXT_DROP;
2352 opt0 = (ip6_hop_by_hop_option_t *) (((u8 *)opt0) + opt0->length + sizeof (ip6_hop_by_hop_option_t));
2358 * Process the Hop-by-Hop Options header
2361 ip6_hop_by_hop (vlib_main_t * vm,
2362 vlib_node_runtime_t * node,
2363 vlib_frame_t * frame)
2365 vlib_node_runtime_t *error_node = vlib_node_get_runtime(vm, ip6_hop_by_hop_node.index);
2366 ip6_hop_by_hop_main_t *hm = &ip6_hop_by_hop_main;
2367 u32 n_left_from, *from, *to_next;
2368 ip_lookup_next_t next_index;
2369 ip6_main_t * im = &ip6_main;
2370 ip_lookup_main_t *lm = &im->lookup_main;
2372 from = vlib_frame_vector_args (frame);
2373 n_left_from = frame->n_vectors;
2374 next_index = node->cached_next_index;
2376 while (n_left_from > 0) {
2379 vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
2381 while (n_left_from >= 4 && n_left_to_next >= 2) {
2383 vlib_buffer_t * b0, *b1;
2385 ip6_header_t * ip0, *ip1;
2386 ip6_hop_by_hop_header_t *hbh0, *hbh1;
2387 ip6_hop_by_hop_option_t *opt0, *limit0, *opt1, *limit1;
2388 u8 error0 = 0, error1 = 0;
2390 /* Prefetch next iteration. */
2392 vlib_buffer_t * p2, * p3;
2394 p2 = vlib_get_buffer (vm, from[2]);
2395 p3 = vlib_get_buffer (vm, from[3]);
2397 vlib_prefetch_buffer_header (p2, LOAD);
2398 vlib_prefetch_buffer_header (p3, LOAD);
2400 CLIB_PREFETCH (p2->data, 2*CLIB_CACHE_LINE_BYTES, LOAD);
2401 CLIB_PREFETCH (p3->data, 2*CLIB_CACHE_LINE_BYTES, LOAD);
2404 /* Speculatively enqueue b0, b1 to the current next frame */
2405 to_next[0] = bi0 = from[0];
2406 to_next[1] = bi1 = from[1];
2410 n_left_to_next -= 2;
2412 b0 = vlib_get_buffer (vm, bi0);
2413 b1 = vlib_get_buffer (vm, bi1);
2414 u32 adj_index0 = vnet_buffer(b0)->ip.adj_index[VLIB_TX];
2415 ip_adjacency_t *adj0 = ip_get_adjacency(lm, adj_index0);
2416 u32 adj_index1 = vnet_buffer(b1)->ip.adj_index[VLIB_TX];
2417 ip_adjacency_t *adj1 = ip_get_adjacency(lm, adj_index1);
2419 /* Default use the next_index from the adjacency. A HBH option rarely redirects to a different node */
2420 next0 = adj0->lookup_next_index;
2421 next1 = adj1->lookup_next_index;
2423 ip0 = vlib_buffer_get_current (b0);
2424 ip1 = vlib_buffer_get_current (b1);
2425 hbh0 = (ip6_hop_by_hop_header_t *)(ip0+1);
2426 hbh1 = (ip6_hop_by_hop_header_t *)(ip1+1);
2427 opt0 = (ip6_hop_by_hop_option_t *)(hbh0+1);
2428 opt1 = (ip6_hop_by_hop_option_t *)(hbh1+1);
2429 limit0 = (ip6_hop_by_hop_option_t *)((u8 *)hbh0 + ((hbh0->length + 1) << 3));
2430 limit1 = (ip6_hop_by_hop_option_t *)((u8 *)hbh1 + ((hbh1->length + 1) << 3));
2433 * Basic validity checks
2435 if ((hbh0->length + 1) << 3 > clib_net_to_host_u16(ip0->payload_length)) {
2436 error0 = IP6_HOP_BY_HOP_ERROR_FORMAT;
2437 next0 = IP_LOOKUP_NEXT_DROP;
2440 /* Scan the set of h-b-h options, process ones that we understand */
2441 error0 = ip6_scan_hbh_options(b0, ip0, hbh0, opt0, limit0, &next0);
2443 if ((hbh1->length + 1) << 3 > clib_net_to_host_u16(ip1->payload_length)) {
2444 error1 = IP6_HOP_BY_HOP_ERROR_FORMAT;
2445 next1 = IP_LOOKUP_NEXT_DROP;
2448 /* Scan the set of h-b-h options, process ones that we understand */
2449 error1 = ip6_scan_hbh_options(b1,ip1,hbh1,opt1,limit1, &next1);
2452 /* Has the classifier flagged this buffer for special treatment? */
2453 if ((error0 == 0) && (vnet_buffer(b0)->l2_classify.opaque_index == OI_DECAP))
2454 next0 = hm->next_override;
2456 /* Has the classifier flagged this buffer for special treatment? */
2457 if ((error1 == 0) && (vnet_buffer(b1)->l2_classify.opaque_index == OI_DECAP))
2458 next1 = hm->next_override;
2460 if (PREDICT_FALSE((node->flags & VLIB_NODE_FLAG_TRACE)))
2462 if (b0->flags & VLIB_BUFFER_IS_TRACED) {
2463 ip6_hop_by_hop_trace_t *t = vlib_add_trace(vm, node, b0, sizeof (*t));
2464 u32 trace_len = (hbh0->length + 1) << 3;
2465 t->next_index = next0;
2466 /* Capture the h-b-h option verbatim */
2467 trace_len = trace_len < ARRAY_LEN(t->option_data) ? trace_len : ARRAY_LEN(t->option_data);
2468 t->trace_len = trace_len;
2469 clib_memcpy(t->option_data, hbh0, trace_len);
2471 if (b1->flags & VLIB_BUFFER_IS_TRACED) {
2472 ip6_hop_by_hop_trace_t *t = vlib_add_trace(vm, node, b1, sizeof (*t));
2473 u32 trace_len = (hbh1->length + 1) << 3;
2474 t->next_index = next1;
2475 /* Capture the h-b-h option verbatim */
2476 trace_len = trace_len < ARRAY_LEN(t->option_data) ? trace_len : ARRAY_LEN(t->option_data);
2477 t->trace_len = trace_len;
2478 clib_memcpy(t->option_data, hbh1, trace_len);
2483 b0->error = error_node->errors[error0];
2484 b1->error = error_node->errors[error1];
2486 /* verify speculative enqueue, maybe switch current next frame */
2487 vlib_validate_buffer_enqueue_x2 (vm, node, next_index, to_next, n_left_to_next, bi0,
2491 while (n_left_from > 0 && n_left_to_next > 0) {
2496 ip6_hop_by_hop_header_t *hbh0;
2497 ip6_hop_by_hop_option_t *opt0, *limit0;
2500 /* Speculatively enqueue b0 to the current next frame */
2506 n_left_to_next -= 1;
2508 b0 = vlib_get_buffer (vm, bi0);
2509 u32 adj_index0 = vnet_buffer(b0)->ip.adj_index[VLIB_TX];
2510 ip_adjacency_t *adj0 = ip_get_adjacency(lm, adj_index0);
2511 /* Default use the next_index from the adjacency. A HBH option rarely redirects to a different node */
2512 next0 = adj0->lookup_next_index;
2514 ip0 = vlib_buffer_get_current (b0);
2515 hbh0 = (ip6_hop_by_hop_header_t *)(ip0+1);
2516 opt0 = (ip6_hop_by_hop_option_t *)(hbh0+1);
2517 limit0 = (ip6_hop_by_hop_option_t *)((u8 *)hbh0 + ((hbh0->length + 1) << 3));
2520 * Basic validity checks
2522 if ((hbh0->length + 1) << 3 > clib_net_to_host_u16(ip0->payload_length)) {
2523 error0 = IP6_HOP_BY_HOP_ERROR_FORMAT;
2524 next0 = IP_LOOKUP_NEXT_DROP;
2528 /* Scan the set of h-b-h options, process ones that we understand */
2529 error0 = ip6_scan_hbh_options(b0, ip0, hbh0, opt0, limit0, &next0);
2532 /* Has the classifier flagged this buffer for special treatment? */
2533 if ((error0 == 0) && (vnet_buffer(b0)->l2_classify.opaque_index == OI_DECAP))
2534 next0 = hm->next_override;
2536 if (PREDICT_FALSE(b0->flags & VLIB_BUFFER_IS_TRACED)) {
2537 ip6_hop_by_hop_trace_t *t = vlib_add_trace(vm, node, b0, sizeof (*t));
2538 u32 trace_len = (hbh0->length + 1) << 3;
2539 t->next_index = next0;
2540 /* Capture the h-b-h option verbatim */
2541 trace_len = trace_len < ARRAY_LEN(t->option_data) ? trace_len : ARRAY_LEN(t->option_data);
2542 t->trace_len = trace_len;
2543 clib_memcpy(t->option_data, hbh0, trace_len);
2546 b0->error = error_node->errors[error0];
2548 /* verify speculative enqueue, maybe switch current next frame */
2549 vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next, n_left_to_next, bi0, next0);
2551 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
2553 return frame->n_vectors;
2556 VLIB_REGISTER_NODE (ip6_hop_by_hop_node) = {
2557 .function = ip6_hop_by_hop,
2558 .name = "ip6-hop-by-hop",
2559 .sibling_of = "ip6-lookup",
2560 .vector_size = sizeof (u32),
2561 .format_trace = format_ip6_hop_by_hop_trace,
2562 .type = VLIB_NODE_TYPE_INTERNAL,
2563 .n_errors = ARRAY_LEN(ip6_hop_by_hop_error_strings),
2564 .error_strings = ip6_hop_by_hop_error_strings,
2568 VLIB_NODE_FUNCTION_MULTIARCH (ip6_hop_by_hop_node, ip6_hop_by_hop);
2570 static clib_error_t *
2571 ip6_hop_by_hop_init (vlib_main_t * vm)
2573 ip6_hop_by_hop_main_t * hm = &ip6_hop_by_hop_main;
2574 memset(hm->options, 0, sizeof(hm->options));
2575 memset(hm->trace, 0, sizeof(hm->trace));
2576 hm->next_override = IP6_LOOKUP_NEXT_POP_HOP_BY_HOP;
2580 VLIB_INIT_FUNCTION (ip6_hop_by_hop_init);
2582 void ip6_hbh_set_next_override (uword next)
2584 ip6_hop_by_hop_main_t * hm = &ip6_hop_by_hop_main;
2586 hm->next_override = next;
2590 ip6_hbh_register_option (u8 option,
2591 int options(vlib_buffer_t *b, ip6_header_t *ip, ip6_hop_by_hop_option_t *opt),
2592 u8 *trace(u8 *s, ip6_hop_by_hop_option_t *opt))
2594 ip6_main_t * im = &ip6_main;
2595 ip6_hop_by_hop_main_t * hm = &ip6_hop_by_hop_main;
2597 ASSERT (option < ARRAY_LEN (hm->options));
2599 /* Already registered */
2600 if (hm->options[option])
2603 hm->options[option] = options;
2604 hm->trace[option] = trace;
2606 /* Set global variable */
2607 im->hbh_enabled = 1;
2613 ip6_hbh_unregister_option (u8 option)
2615 ip6_main_t * im = &ip6_main;
2616 ip6_hop_by_hop_main_t * hm = &ip6_hop_by_hop_main;
2618 ASSERT (option < ARRAY_LEN (hm->options));
2620 /* Not registered */
2621 if (!hm->options[option])
2624 hm->options[option] = NULL;
2625 hm->trace[option] = NULL;
2627 /* Disable global knob if this was the last option configured */
2630 for (i = 0; i < 256; i++) {
2631 if (hm->options[option]) {
2637 im->hbh_enabled = 0;
2642 /* Global IP6 main. */
2643 ip6_main_t ip6_main;
2645 static clib_error_t *
2646 ip6_lookup_init (vlib_main_t * vm)
2648 ip6_main_t * im = &ip6_main;
2649 clib_error_t * error;
2652 for (i = 0; i < ARRAY_LEN (im->fib_masks); i++)
2659 for (j = 0; j < i0; j++)
2660 im->fib_masks[i].as_u32[j] = ~0;
2663 im->fib_masks[i].as_u32[i0] = clib_host_to_net_u32 (pow2_mask (i1) << (32 - i1));
2666 ip_lookup_init (&im->lookup_main, /* is_ip6 */ 1);
2668 if (im->lookup_table_nbuckets == 0)
2669 im->lookup_table_nbuckets = IP6_FIB_DEFAULT_HASH_NUM_BUCKETS;
2671 im->lookup_table_nbuckets = 1<< max_log2 (im->lookup_table_nbuckets);
2673 if (im->lookup_table_size == 0)
2674 im->lookup_table_size = IP6_FIB_DEFAULT_HASH_MEMORY_SIZE;
2676 BV(clib_bihash_init) (&(im->ip6_table[IP6_FIB_TABLE_FWDING].ip6_hash),
2677 "ip6 FIB fwding table",
2678 im->lookup_table_nbuckets,
2679 im->lookup_table_size);
2680 BV(clib_bihash_init) (&im->ip6_table[IP6_FIB_TABLE_NON_FWDING].ip6_hash,
2681 "ip6 FIB non-fwding table",
2682 im->lookup_table_nbuckets,
2683 im->lookup_table_size);
2685 /* Create FIB with index 0 and table id of 0. */
2686 fib_table_find_or_create_and_lock(FIB_PROTOCOL_IP6, 0);
2690 pn = pg_get_node (ip6_lookup_node.index);
2691 pn->unformat_edit = unformat_pg_ip6_header;
2694 /* Unless explicitly configured, don't process HBH options */
2695 im->hbh_enabled = 0;
2698 icmp6_neighbor_solicitation_header_t p;
2700 memset (&p, 0, sizeof (p));
2702 p.ip.ip_version_traffic_class_and_flow_label = clib_host_to_net_u32 (0x6 << 28);
2703 p.ip.payload_length = clib_host_to_net_u16 (sizeof (p)
2704 - STRUCT_OFFSET_OF (icmp6_neighbor_solicitation_header_t, neighbor));
2705 p.ip.protocol = IP_PROTOCOL_ICMP6;
2706 p.ip.hop_limit = 255;
2707 ip6_set_solicited_node_multicast_address (&p.ip.dst_address, 0);
2709 p.neighbor.icmp.type = ICMP6_neighbor_solicitation;
2711 p.link_layer_option.header.type = ICMP6_NEIGHBOR_DISCOVERY_OPTION_source_link_layer_address;
2712 p.link_layer_option.header.n_data_u64s = sizeof (p.link_layer_option) / sizeof (u64);
2714 vlib_packet_template_init (vm,
2715 &im->discover_neighbor_packet_template,
2717 /* alloc chunk size */ 8,
2718 "ip6 neighbor discovery");
2721 error = ip6_feature_init (vm, im);
2726 VLIB_INIT_FUNCTION (ip6_lookup_init);
2728 static clib_error_t *
2729 add_del_ip6_interface_table (vlib_main_t * vm,
2730 unformat_input_t * input,
2731 vlib_cli_command_t * cmd)
2733 vnet_main_t * vnm = vnet_get_main();
2734 clib_error_t * error = 0;
2735 u32 sw_if_index, table_id;
2739 if (! unformat_user (input, unformat_vnet_sw_interface, vnm, &sw_if_index))
2741 error = clib_error_return (0, "unknown interface `%U'",
2742 format_unformat_error, input);
2746 if (unformat (input, "%d", &table_id))
2750 error = clib_error_return (0, "expected table id `%U'",
2751 format_unformat_error, input);
2756 u32 fib_index = fib_table_find_or_create_and_lock(FIB_PROTOCOL_IP6,
2759 vec_validate (ip6_main.fib_index_by_sw_if_index, sw_if_index);
2760 ip6_main.fib_index_by_sw_if_index[sw_if_index] = fib_index;
2769 * Place the indicated interface into the supplied IPv6 FIB table (also known
2770 * as a VRF). If the FIB table does not exist, this command creates it. To
2771 * display the current IPv6 FIB table, use the command '<em>show ip6 fib</em>'.
2772 * FIB table will only be displayed if a route has been added to the table, or
2773 * an IP Address is assigned to an interface in the table (which adds a route
2776 * @note IP addresses added after setting the interface IP table end up in
2777 * the indicated FIB table. If the IP address is added prior to adding the
2778 * interface to the FIB table, it will NOT be part of the FIB table. Predictable
2779 * but potentially counter-intuitive results occur if you provision interface
2780 * addresses in multiple FIBs. Upon RX, packets will be processed in the last
2781 * IP table ID provisioned. It might be marginally useful to evade source RPF
2782 * drops to put an interface address into multiple FIBs.
2785 * Example of how to add an interface to an IPv6 FIB table (where 2 is the table-id):
2786 * @cliexcmd{set interface ip6 table GigabitEthernet2/0/0 2}
2789 VLIB_CLI_COMMAND (set_interface_ip6_table_command, static) = {
2790 .path = "set interface ip6 table",
2791 .function = add_del_ip6_interface_table,
2792 .short_help = "set interface ip6 table <interface> <table-id>"
2797 ip6_link_local_address_from_ethernet_mac_address (ip6_address_t *ip,
2800 ip->as_u64[0] = clib_host_to_net_u64 (0xFE80000000000000ULL);
2801 /* Invert the "u" bit */
2802 ip->as_u8 [8] = mac[0] ^ (1<<1);
2803 ip->as_u8 [9] = mac[1];
2804 ip->as_u8 [10] = mac[2];
2805 ip->as_u8 [11] = 0xFF;
2806 ip->as_u8 [12] = 0xFE;
2807 ip->as_u8 [13] = mac[3];
2808 ip->as_u8 [14] = mac[4];
2809 ip->as_u8 [15] = mac[5];
2813 ip6_ethernet_mac_address_from_link_local_address (u8 *mac,
2816 /* Invert the previously inverted "u" bit */
2817 mac[0] = ip->as_u8 [8] ^ (1<<1);
2818 mac[1] = ip->as_u8 [9];
2819 mac[2] = ip->as_u8 [10];
2820 mac[3] = ip->as_u8 [13];
2821 mac[4] = ip->as_u8 [14];
2822 mac[5] = ip->as_u8 [15];
2825 static clib_error_t *
2826 test_ip6_link_command_fn (vlib_main_t * vm,
2827 unformat_input_t * input,
2828 vlib_cli_command_t * cmd)
2831 ip6_address_t _a, *a = &_a;
2833 if (unformat (input, "%U", unformat_ethernet_address, mac))
2835 ip6_link_local_address_from_ethernet_mac_address (a, mac);
2836 vlib_cli_output (vm, "Link local address: %U",
2837 format_ip6_address, a);
2838 ip6_ethernet_mac_address_from_link_local_address (mac, a);
2839 vlib_cli_output (vm, "Original MAC address: %U",
2840 format_ethernet_address, mac);
2847 * This command converts the given MAC Address into an IPv6 link-local
2851 * Example of how to create an IPv6 link-local address:
2852 * @cliexstart{test ip6 link 16:d9:e0:91:79:86}
2853 * Link local address: fe80::14d9:e0ff:fe91:7986
2854 * Original MAC address: 16:d9:e0:91:79:86
2858 VLIB_CLI_COMMAND (test_link_command, static) = {
2859 .path = "test ip6 link",
2860 .function = test_ip6_link_command_fn,
2861 .short_help = "test ip6 link <mac-address>",
2865 int vnet_set_ip6_flow_hash (u32 table_id, u32 flow_hash_config)
2867 ip6_main_t * im6 = &ip6_main;
2869 uword * p = hash_get (im6->fib_index_by_table_id, table_id);
2874 fib = ip6_fib_get (p[0]);
2876 fib->flow_hash_config = flow_hash_config;
2880 static clib_error_t *
2881 set_ip6_flow_hash_command_fn (vlib_main_t * vm,
2882 unformat_input_t * input,
2883 vlib_cli_command_t * cmd)
2887 u32 flow_hash_config = 0;
2890 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) {
2891 if (unformat (input, "table %d", &table_id))
2894 else if (unformat (input, #a)) { flow_hash_config |= v; matched=1;}
2895 foreach_flow_hash_bit
2901 return clib_error_return (0, "unknown input `%U'",
2902 format_unformat_error, input);
2904 rv = vnet_set_ip6_flow_hash (table_id, flow_hash_config);
2911 return clib_error_return (0, "no such FIB table %d", table_id);
2914 clib_warning ("BUG: illegal flow hash config 0x%x", flow_hash_config);
2922 * Configure the set of IPv6 fields used by the flow hash.
2926 * Example of how to set the flow hash on a given table:
2927 * @cliexcmd{set ip6 flow-hash table 8 dst sport dport proto}
2929 * Example of display the configured flow hash:
2930 * @cliexstart{show ip6 fib}
2931 * ipv6-VRF:0, fib_index 0, flow hash: src dst sport dport proto
2934 * [@0]: dpo-load-balance: [index:5 buckets:1 uRPF:5 to:[0:0]]
2935 * [0] [@0]: dpo-drop ip6
2938 * [@0]: dpo-load-balance: [index:10 buckets:1 uRPF:10 to:[0:0]]
2939 * [0] [@2]: dpo-receive
2942 * [@0]: dpo-load-balance: [index:8 buckets:1 uRPF:8 to:[0:0]]
2943 * [0] [@2]: dpo-receive
2946 * [@0]: dpo-load-balance: [index:7 buckets:1 uRPF:7 to:[0:0]]
2947 * [0] [@2]: dpo-receive
2950 * [@0]: dpo-load-balance: [index:9 buckets:1 uRPF:9 to:[0:0]]
2951 * [0] [@2]: dpo-receive
2952 * ff02::1:ff00:0/104
2954 * [@0]: dpo-load-balance: [index:6 buckets:1 uRPF:6 to:[0:0]]
2955 * [0] [@2]: dpo-receive
2956 * ipv6-VRF:8, fib_index 1, flow hash: dst sport dport proto
2959 * [@0]: dpo-load-balance: [index:21 buckets:1 uRPF:20 to:[0:0]]
2960 * [0] [@0]: dpo-drop ip6
2963 * [@0]: dpo-load-balance: [index:27 buckets:1 uRPF:26 to:[0:0]]
2964 * [0] [@4]: ipv6-glean: af_packet0
2967 * [@0]: dpo-load-balance: [index:28 buckets:1 uRPF:27 to:[0:0]]
2968 * [0] [@2]: dpo-receive: @::a:1:1:0:7 on af_packet0
2971 * [@0]: dpo-load-balance: [index:26 buckets:1 uRPF:25 to:[0:0]]
2972 * [0] [@2]: dpo-receive
2973 * fe80::fe:3eff:fe3e:9222/128
2975 * [@0]: dpo-load-balance: [index:29 buckets:1 uRPF:28 to:[0:0]]
2976 * [0] [@2]: dpo-receive: fe80::fe:3eff:fe3e:9222 on af_packet0
2979 * [@0]: dpo-load-balance: [index:24 buckets:1 uRPF:23 to:[0:0]]
2980 * [0] [@2]: dpo-receive
2983 * [@0]: dpo-load-balance: [index:23 buckets:1 uRPF:22 to:[0:0]]
2984 * [0] [@2]: dpo-receive
2987 * [@0]: dpo-load-balance: [index:25 buckets:1 uRPF:24 to:[0:0]]
2988 * [0] [@2]: dpo-receive
2989 * ff02::1:ff00:0/104
2991 * [@0]: dpo-load-balance: [index:22 buckets:1 uRPF:21 to:[0:0]]
2992 * [0] [@2]: dpo-receive
2997 VLIB_CLI_COMMAND (set_ip6_flow_hash_command, static) = {
2998 .path = "set ip6 flow-hash",
3000 "set ip6 flow-hash table <table-id> [src] [dst] [sport] [dport] [proto] [reverse]",
3001 .function = set_ip6_flow_hash_command_fn,
3005 static clib_error_t *
3006 show_ip6_local_command_fn (vlib_main_t * vm,
3007 unformat_input_t * input,
3008 vlib_cli_command_t * cmd)
3010 ip6_main_t * im = &ip6_main;
3011 ip_lookup_main_t * lm = &im->lookup_main;
3014 vlib_cli_output (vm, "Protocols handled by ip6_local");
3015 for (i = 0; i < ARRAY_LEN(lm->local_next_by_ip_protocol); i++)
3017 if (lm->local_next_by_ip_protocol[i] != IP_LOCAL_NEXT_PUNT)
3018 vlib_cli_output (vm, "%d", i);
3026 * Display the set of protocols handled by the local IPv6 stack.
3029 * Example of how to display local protocol table:
3030 * @cliexstart{show ip6 local}
3031 * Protocols handled by ip6_local
3039 VLIB_CLI_COMMAND (show_ip6_local, static) = {
3040 .path = "show ip6 local",
3041 .function = show_ip6_local_command_fn,
3042 .short_help = "show ip6 local",
3046 int vnet_set_ip6_classify_intfc (vlib_main_t * vm, u32 sw_if_index,
3049 vnet_main_t * vnm = vnet_get_main();
3050 vnet_interface_main_t * im = &vnm->interface_main;
3051 ip6_main_t * ipm = &ip6_main;
3052 ip_lookup_main_t * lm = &ipm->lookup_main;
3053 vnet_classify_main_t * cm = &vnet_classify_main;
3054 ip6_address_t *if_addr;
3056 if (pool_is_free_index (im->sw_interfaces, sw_if_index))
3057 return VNET_API_ERROR_NO_MATCHING_INTERFACE;
3059 if (table_index != ~0 && pool_is_free_index (cm->tables, table_index))
3060 return VNET_API_ERROR_NO_SUCH_ENTRY;
3062 vec_validate (lm->classify_table_index_by_sw_if_index, sw_if_index);
3063 lm->classify_table_index_by_sw_if_index [sw_if_index] = table_index;
3065 if_addr = ip6_interface_first_address (ipm, sw_if_index, NULL);
3067 if (NULL != if_addr)
3069 fib_prefix_t pfx = {
3071 .fp_proto = FIB_PROTOCOL_IP6,
3072 .fp_addr.ip6 = *if_addr,
3076 fib_index = fib_table_get_index_for_sw_if_index(FIB_PROTOCOL_IP4,
3080 if (table_index != (u32) ~0)
3082 dpo_id_t dpo = DPO_INVALID;
3087 classify_dpo_create(FIB_PROTOCOL_IP4,
3090 fib_table_entry_special_dpo_add(fib_index,
3092 FIB_SOURCE_CLASSIFY,
3093 FIB_ENTRY_FLAG_NONE,
3099 fib_table_entry_special_remove(fib_index,
3101 FIB_SOURCE_CLASSIFY);
3108 static clib_error_t *
3109 set_ip6_classify_command_fn (vlib_main_t * vm,
3110 unformat_input_t * input,
3111 vlib_cli_command_t * cmd)
3113 u32 table_index = ~0;
3114 int table_index_set = 0;
3115 u32 sw_if_index = ~0;
3118 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) {
3119 if (unformat (input, "table-index %d", &table_index))
3120 table_index_set = 1;
3121 else if (unformat (input, "intfc %U", unformat_vnet_sw_interface,
3122 vnet_get_main(), &sw_if_index))
3128 if (table_index_set == 0)
3129 return clib_error_return (0, "classify table-index must be specified");
3131 if (sw_if_index == ~0)
3132 return clib_error_return (0, "interface / subif must be specified");
3134 rv = vnet_set_ip6_classify_intfc (vm, sw_if_index, table_index);
3141 case VNET_API_ERROR_NO_MATCHING_INTERFACE:
3142 return clib_error_return (0, "No such interface");
3144 case VNET_API_ERROR_NO_SUCH_ENTRY:
3145 return clib_error_return (0, "No such classifier table");
3151 * Assign a classification table to an interface. The classification
3152 * table is created using the '<em>classify table</em>' and '<em>classify session</em>'
3153 * commands. Once the table is create, use this command to filter packets
3157 * Example of how to assign a classification table to an interface:
3158 * @cliexcmd{set ip6 classify intfc GigabitEthernet2/0/0 table-index 1}
3161 VLIB_CLI_COMMAND (set_ip6_classify_command, static) = {
3162 .path = "set ip6 classify",
3164 "set ip6 classify intfc <interface> table-index <classify-idx>",
3165 .function = set_ip6_classify_command_fn,
3169 static clib_error_t *
3170 ip6_config (vlib_main_t * vm, unformat_input_t * input)
3172 ip6_main_t * im = &ip6_main;
3177 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) {
3178 if (unformat (input, "hash-buckets %d", &tmp))
3180 else if (unformat (input, "heap-size %dm", &tmp))
3181 heapsize = ((u64)tmp) << 20;
3182 else if (unformat (input, "heap-size %dM", &tmp))
3183 heapsize = ((u64)tmp) << 20;
3184 else if (unformat (input, "heap-size %dg", &tmp))
3185 heapsize = ((u64)tmp) << 30;
3186 else if (unformat (input, "heap-size %dG", &tmp))
3187 heapsize = ((u64)tmp) << 30;
3189 return clib_error_return (0, "unknown input '%U'",
3190 format_unformat_error, input);
3193 im->lookup_table_nbuckets = nbuckets;
3194 im->lookup_table_size = heapsize;
3199 VLIB_EARLY_CONFIG_FUNCTION (ip6_config, "ip6");
3204 static clib_error_t *
3205 set_interface_ip6_output_feature_command_fn (vlib_main_t * vm,
3206 unformat_input_t * input,
3207 vlib_cli_command_t * cmd)
3209 vnet_main_t * vnm = vnet_get_main();
3210 u32 sw_if_index = ~0;
3212 ip6_main_t * im = &ip6_main;
3213 ip_lookup_main_t * lm = &im->lookup_main;
3215 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
3217 if (unformat (input, "%U", unformat_vnet_sw_interface, vnm, &sw_if_index))
3219 else if (unformat (input, "del"))
3225 if (sw_if_index == ~0)
3226 return clib_error_return (0, "unknown interface `%U'",
3227 format_unformat_error, input);
3229 lm->tx_sw_if_has_ip_output_features =
3230 clib_bitmap_set (lm->tx_sw_if_has_ip_output_features, sw_if_index, is_add);
3236 * Enable or disable the output feature on an interface.
3238 * @todo Need a more detailed description.
3241 * Example of how to enable the output feature on an interface:
3242 * @cliexcmd{set interface ip6 output feature GigabitEthernet2/0/0}
3243 * Example of how to disable the output feature on an interface:
3244 * @cliexcmd{set interface ip6 output feature GigabitEthernet2/0/0 del}
3247 VLIB_CLI_COMMAND (set_interface_ip6_output_feature, static) = {
3248 .path = "set interface ip6 output feature",
3249 .function = set_interface_ip6_output_feature_command_fn,
3250 .short_help = "set interface ip6 output feature <interface> [del]",
3254 #endif /* TEST_CODE */
Code Review / vpp.git / blob