2 * Copyright (c) 2015 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
16 * ip/ip6_forward.c: IP v6 forwarding
18 * Copyright (c) 2008 Eliot Dresselhaus
20 * Permission is hereby granted, free of charge, to any person obtaining
21 * a copy of this software and associated documentation files (the
22 * "Software"), to deal in the Software without restriction, including
23 * without limitation the rights to use, copy, modify, merge, publish,
24 * distribute, sublicense, and/or sell copies of the Software, and to
25 * permit persons to whom the Software is furnished to do so, subject to
26 * the following conditions:
28 * The above copyright notice and this permission notice shall be
29 * included in all copies or substantial portions of the Software.
31 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
32 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
33 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
34 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
35 * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
36 * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
37 * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
40 #include <vnet/vnet.h>
41 #include <vnet/ip/ip.h>
42 #include <vnet/ethernet/ethernet.h> /* for ethernet_header_t */
43 #include <vnet/srp/srp.h> /* for srp_hw_interface_class */
44 #include <vppinfra/cache.h>
46 #include <vppinfra/bihash_template.c>
48 static void compute_prefix_lengths_in_search_order (ip6_main_t * im)
51 vec_reset_length (im->prefix_lengths_in_search_order);
52 /* Note: bitmap reversed so this is in fact a longest prefix match */
53 clib_bitmap_foreach (i, im->non_empty_dst_address_length_bitmap,
55 int dst_address_length = 128 - i;
56 vec_add1 (im->prefix_lengths_in_search_order, dst_address_length);
61 ip6_fib_lookup_with_table (ip6_main_t * im, u32 fib_index, ip6_address_t * dst)
63 ip_lookup_main_t * lm = &im->lookup_main;
66 BVT(clib_bihash_kv) kv, value;
68 len = vec_len (im->prefix_lengths_in_search_order);
70 for (i = 0; i < len; i++)
72 int dst_address_length = im->prefix_lengths_in_search_order[i];
73 ip6_address_t * mask = &im->fib_masks[dst_address_length];
75 ASSERT(dst_address_length >= 0 && dst_address_length <= 128);
77 kv.key[0] = dst->as_u64[0] & mask->as_u64[0];
78 kv.key[1] = dst->as_u64[1] & mask->as_u64[1];
79 kv.key[2] = ((u64)((fib_index))<<32) | dst_address_length;
81 rv = BV(clib_bihash_search_inline_2)(&im->ip6_lookup_table, &kv, &value);
86 return lm->miss_adj_index;
89 u32 ip6_fib_lookup (ip6_main_t * im, u32 sw_if_index, ip6_address_t * dst)
91 u32 fib_index = vec_elt (im->fib_index_by_sw_if_index, sw_if_index);
92 return ip6_fib_lookup_with_table (im, fib_index, dst);
96 vnet_ip6_fib_init (ip6_main_t * im, u32 fib_index)
98 ip_lookup_main_t * lm = &im->lookup_main;
99 ip6_add_del_route_args_t a;
100 ip_adjacency_t * adj;
102 memset(&a, 0x0, sizeof(ip6_add_del_route_args_t));
104 a.table_index_or_table_id = fib_index;
105 a.flags = (IP6_ROUTE_FLAG_ADD
106 | IP6_ROUTE_FLAG_FIB_INDEX
107 | IP6_ROUTE_FLAG_KEEP_OLD_ADJACENCY
108 | IP6_ROUTE_FLAG_NO_REDISTRIBUTE);
110 /* Add ff02::1:ff00:0/104 via local route for all tables.
111 This is required for neighbor discovery to work. */
112 adj = ip_add_adjacency (lm, /* template */ 0, /* block size */ 1,
114 adj->lookup_next_index = IP_LOOKUP_NEXT_LOCAL;
115 adj->if_address_index = ~0;
116 adj->rewrite_header.data_bytes = 0;
118 ip6_set_solicited_node_multicast_address (&a.dst_address, 0);
120 a.dst_address_length = 104;
121 ip6_add_del_route (im, &a);
123 /* Add all-routers multicast address via local route for all tables */
124 adj = ip_add_adjacency (lm, /* template */ 0, /* block size */ 1,
126 adj->lookup_next_index = IP_LOOKUP_NEXT_LOCAL;
127 adj->if_address_index = ~0;
128 adj->rewrite_header.data_bytes = 0;
130 ip6_set_reserved_multicast_address (&a.dst_address,
131 IP6_MULTICAST_SCOPE_link_local,
132 IP6_MULTICAST_GROUP_ID_all_routers);
134 a.dst_address_length = 128;
135 ip6_add_del_route (im, &a);
137 /* Add all-nodes multicast address via local route for all tables */
138 adj = ip_add_adjacency (lm, /* template */ 0, /* block size */ 1,
140 adj->lookup_next_index = IP_LOOKUP_NEXT_LOCAL;
141 adj->if_address_index = ~0;
142 adj->rewrite_header.data_bytes = 0;
144 ip6_set_reserved_multicast_address (&a.dst_address,
145 IP6_MULTICAST_SCOPE_link_local,
146 IP6_MULTICAST_GROUP_ID_all_hosts);
148 a.dst_address_length = 128;
149 ip6_add_del_route (im, &a);
151 /* Add all-mldv2 multicast address via local route for all tables */
152 adj = ip_add_adjacency (lm, /* template */ 0, /* block size */ 1,
154 adj->lookup_next_index = IP_LOOKUP_NEXT_LOCAL;
155 adj->if_address_index = ~0;
156 adj->rewrite_header.data_bytes = 0;
158 ip6_set_reserved_multicast_address (&a.dst_address,
159 IP6_MULTICAST_SCOPE_link_local,
160 IP6_MULTICAST_GROUP_ID_mldv2_routers);
162 a.dst_address_length = 128;
163 ip6_add_del_route (im, &a);
167 create_fib_with_table_id (ip6_main_t * im, u32 table_id)
170 hash_set (im->fib_index_by_table_id, table_id, vec_len (im->fibs));
171 vec_add2 (im->fibs, fib, 1);
172 fib->table_id = table_id;
173 fib->index = fib - im->fibs;
174 fib->flow_hash_config = IP_FLOW_HASH_DEFAULT;
175 vnet_ip6_fib_init (im, fib->index);
180 find_ip6_fib_by_table_index_or_id (ip6_main_t * im, u32 table_index_or_id, u32 flags)
182 uword * p, fib_index;
184 fib_index = table_index_or_id;
185 if (! (flags & IP6_ROUTE_FLAG_FIB_INDEX))
187 p = hash_get (im->fib_index_by_table_id, table_index_or_id);
189 return create_fib_with_table_id (im, table_index_or_id);
192 return vec_elt_at_index (im->fibs, fib_index);
195 void ip6_add_del_route (ip6_main_t * im, ip6_add_del_route_args_t * a)
197 ip_lookup_main_t * lm = &im->lookup_main;
199 ip6_address_t dst_address;
200 u32 dst_address_length, adj_index;
202 u32 old_adj_index = ~0;
203 BVT(clib_bihash_kv) kv, value;
205 vlib_smp_unsafe_warning();
207 is_del = (a->flags & IP6_ROUTE_FLAG_DEL) != 0;
209 /* Either create new adjacency or use given one depending on arguments. */
210 if (a->n_add_adj > 0)
212 ip_add_adjacency (lm, a->add_adj, a->n_add_adj, &adj_index);
213 ip_call_add_del_adjacency_callbacks (lm, adj_index, /* is_del */ 0);
216 adj_index = a->adj_index;
218 dst_address = a->dst_address;
219 dst_address_length = a->dst_address_length;
220 fib = find_ip6_fib_by_table_index_or_id (im, a->table_index_or_table_id,
223 ASSERT (dst_address_length < ARRAY_LEN (im->fib_masks));
224 ip6_address_mask (&dst_address, &im->fib_masks[dst_address_length]);
226 /* refcount accounting */
229 ASSERT (im->dst_address_length_refcounts[dst_address_length] > 0);
230 if (--im->dst_address_length_refcounts[dst_address_length] == 0)
232 im->non_empty_dst_address_length_bitmap =
233 clib_bitmap_set (im->non_empty_dst_address_length_bitmap,
234 128 - dst_address_length, 0);
235 compute_prefix_lengths_in_search_order (im);
240 im->dst_address_length_refcounts[dst_address_length]++;
242 im->non_empty_dst_address_length_bitmap =
243 clib_bitmap_set (im->non_empty_dst_address_length_bitmap,
244 128 - dst_address_length, 1);
245 compute_prefix_lengths_in_search_order (im);
248 kv.key[0] = dst_address.as_u64[0];
249 kv.key[1] = dst_address.as_u64[1];
250 kv.key[2] = ((u64)((fib - im->fibs))<<32) | dst_address_length;
252 if (BV(clib_bihash_search)(&im->ip6_lookup_table, &kv, &value) == 0)
253 old_adj_index = value.value;
256 BV(clib_bihash_add_del) (&im->ip6_lookup_table, &kv, 0 /* is_add */);
259 /* Make sure adj index is valid. */
261 (void) ip_get_adjacency (lm, adj_index);
263 kv.value = adj_index;
265 BV(clib_bihash_add_del) (&im->ip6_lookup_table, &kv, 1 /* is_add */);
268 /* Delete old adjacency index if present and changed. */
270 if (! (a->flags & IP6_ROUTE_FLAG_KEEP_OLD_ADJACENCY)
271 && old_adj_index != ~0
272 && old_adj_index != adj_index)
273 ip_del_adjacency (lm, old_adj_index);
278 ip6_add_del_route_next_hop (ip6_main_t * im,
280 ip6_address_t * dst_address,
281 u32 dst_address_length,
282 ip6_address_t * next_hop,
283 u32 next_hop_sw_if_index,
284 u32 next_hop_weight, u32 adj_index,
285 u32 explicit_fib_index)
287 vnet_main_t * vnm = vnet_get_main();
288 ip_lookup_main_t * lm = &im->lookup_main;
291 ip6_address_t masked_dst_address;
292 u32 old_mp_adj_index, new_mp_adj_index;
293 u32 dst_adj_index, nh_adj_index;
295 ip_adjacency_t * dst_adj;
296 ip_multipath_adjacency_t * old_mp, * new_mp;
297 int is_del = (flags & IP6_ROUTE_FLAG_DEL) != 0;
298 int is_interface_next_hop;
299 clib_error_t * error = 0;
301 BVT(clib_bihash_kv) kv, value;
303 vlib_smp_unsafe_warning();
305 if (explicit_fib_index == (u32)~0)
306 fib_index = vec_elt (im->fib_index_by_sw_if_index, next_hop_sw_if_index);
308 fib_index = explicit_fib_index;
310 fib = vec_elt_at_index (im->fibs, fib_index);
312 /* Lookup next hop to be added or deleted. */
313 is_interface_next_hop = ip6_address_is_zero (next_hop);
314 if (adj_index == (u32)~0)
316 if (is_interface_next_hop)
318 nh_result = hash_get (im->interface_route_adj_index_by_sw_if_index,
319 next_hop_sw_if_index);
321 nh_adj_index = *nh_result;
324 ip_adjacency_t * adj;
325 adj = ip_add_adjacency (lm, /* template */ 0, /* block size */ 1,
327 ip6_adjacency_set_interface_route (vnm, adj,
328 next_hop_sw_if_index, ~0);
329 ip_call_add_del_adjacency_callbacks
330 (lm, next_hop_sw_if_index, /* is_del */ 0);
331 hash_set (im->interface_route_adj_index_by_sw_if_index,
332 next_hop_sw_if_index, nh_adj_index);
337 /* Look for the interface /128 route */
338 kv.key[0] = next_hop->as_u64[0];
339 kv.key[1] = next_hop->as_u64[1];
340 kv.key[2] = ((u64)((fib - im->fibs))<<32) | 128;
342 if (BV(clib_bihash_search)(&im->ip6_lookup_table, &kv, &value) < 0)
344 vnm->api_errno = VNET_API_ERROR_UNKNOWN_DESTINATION;
345 error = clib_error_return (0, "next-hop %U/128 not in FIB",
346 format_ip6_address, next_hop);
350 nh_adj_index = value.value;
355 /* Look for the interface /128 route */
356 kv.key[0] = next_hop->as_u64[0];
357 kv.key[1] = next_hop->as_u64[1];
358 kv.key[2] = ((u64)((fib - im->fibs))<<32) | 128;
360 if (BV(clib_bihash_search)(&im->ip6_lookup_table, &kv, &value) < 0)
362 vnm->api_errno = VNET_API_ERROR_UNKNOWN_DESTINATION;
363 error = clib_error_return (0, "next-hop %U/128 not in FIB",
364 format_ip6_address, next_hop);
368 nh_adj_index = value.value;
371 ASSERT (dst_address_length < ARRAY_LEN (im->fib_masks));
372 masked_dst_address = dst_address[0];
373 ip6_address_mask (&masked_dst_address, &im->fib_masks[dst_address_length]);
375 kv.key[0] = masked_dst_address.as_u64[0];
376 kv.key[1] = masked_dst_address.as_u64[1];
377 kv.key[2] = ((u64)((fib - im->fibs))<<32) | dst_address_length;
379 rv = BV(clib_bihash_search)(&im->ip6_lookup_table, &kv, &value);
383 dst_adj_index = value.value;
384 dst_adj = ip_get_adjacency (lm, dst_adj_index);
388 /* For deletes destination must be known. */
391 vnm->api_errno = VNET_API_ERROR_UNKNOWN_DESTINATION;
392 error = clib_error_return (0, "unknown destination %U/%d",
393 format_ip6_address, dst_address,
402 /* Ignore adds of X/128 with next hop of X. */
404 && dst_address_length == 128
405 && ip6_address_is_equal (dst_address, next_hop))
407 vnm->api_errno = VNET_API_ERROR_PREFIX_MATCHES_NEXT_HOP;
408 error = clib_error_return (0, "prefix matches next hop %U/%d",
409 format_ip6_address, dst_address,
414 old_mp_adj_index = dst_adj ? dst_adj->heap_handle : ~0;
416 if (! ip_multipath_adjacency_add_del_next_hop
418 dst_adj ? dst_adj->heap_handle : ~0,
423 vnm->api_errno = VNET_API_ERROR_NEXT_HOP_NOT_FOUND_MP;
424 error = clib_error_return
425 (0, "requested deleting next-hop %U not found in multi-path",
426 format_ip6_address, next_hop);
431 if (old_mp_adj_index != ~0)
432 old_mp = vec_elt_at_index (lm->multipath_adjacencies, old_mp_adj_index);
433 if (new_mp_adj_index != ~0)
434 new_mp = vec_elt_at_index (lm->multipath_adjacencies, new_mp_adj_index);
436 if (old_mp != new_mp)
438 ip6_add_del_route_args_t a;
439 a.table_index_or_table_id = fib_index;
440 a.flags = ((is_del ? IP6_ROUTE_FLAG_DEL : IP6_ROUTE_FLAG_ADD)
441 | IP6_ROUTE_FLAG_FIB_INDEX
442 | IP6_ROUTE_FLAG_KEEP_OLD_ADJACENCY
443 | (flags & IP6_ROUTE_FLAG_NO_REDISTRIBUTE));
444 a.dst_address = dst_address[0];
445 a.dst_address_length = dst_address_length;
446 a.adj_index = new_mp ? new_mp->adj_index : dst_adj_index;
450 ip6_add_del_route (im, &a);
455 clib_error_report (error);
459 ip6_get_route (ip6_main_t * im,
460 u32 table_index_or_table_id,
462 ip6_address_t * address,
465 ip6_fib_t * fib = find_ip6_fib_by_table_index_or_id (im, table_index_or_table_id, flags);
466 ip6_address_t masked_address;
467 BVT(clib_bihash_kv) kv, value;
469 ASSERT (address_length < ARRAY_LEN (im->fib_masks));
470 memcpy (&masked_address, address, sizeof (masked_address));
471 ip6_address_mask (&masked_address, &im->fib_masks[address_length]);
473 kv.key[0] = masked_address.as_u64[0];
474 kv.key[1] = masked_address.as_u64[1];
475 kv.key[2] = ((u64)((fib - im->fibs))<<32) | address_length;
477 if (BV(clib_bihash_search)(&im->ip6_lookup_table, &kv, &value) == 0)
478 return (value.value);
483 ip6_foreach_matching_route (ip6_main_t * im,
484 u32 table_index_or_table_id,
486 ip6_address_t * dst_address,
488 ip6_address_t ** results,
489 u8 ** result_lengths)
492 find_ip6_fib_by_table_index_or_id (im, table_index_or_table_id, flags);
493 BVT(clib_bihash) * h = &im->ip6_lookup_table;
494 BVT(clib_bihash_value) * v;
495 clib_bihash_bucket_t * b;
499 _vec_len (*results) = 0;
501 _vec_len (*result_lengths) = 0;
503 /* Walk the table looking for routes which match the supplied address */
504 for (i = 0; i < h->nbuckets; i++)
510 v = BV(clib_bihash_get_value) (h, b->offset);
511 for (j = 0; j < (1<<b->log2_pages); j++)
513 for (k = 0; k < BIHASH_KVP_PER_PAGE; k++)
515 if (BV(clib_bihash_is_free)(&v->kvp[k]))
518 if ((v->kvp[k].key[2]
519 == (((u64)((fib - im->fibs))<<32) | address_length))
520 && ip6_destination_matches_route
521 (im, dst_address, (ip6_address_t *) &v->kvp[k],
526 a = (ip6_address_t *)(&v->kvp[k]);
528 vec_add1 (*results, a[0]);
529 vec_add1 (*result_lengths, address_length);
537 void ip6_maybe_remap_adjacencies (ip6_main_t * im,
538 u32 table_index_or_table_id,
543 = find_ip6_fib_by_table_index_or_id (im, table_index_or_table_id, flags);
545 ip_lookup_main_t * lm = &im->lookup_main;
547 if (lm->n_adjacency_remaps == 0)
550 clib_warning ("unimplemented, please report to vpp-dev@cisco.com");
552 /* All remaps have been performed. */
553 lm->n_adjacency_remaps = 0;
556 void ip6_delete_matching_routes (ip6_main_t * im,
557 u32 table_index_or_table_id,
559 ip6_address_t * address,
562 /* $$$$ static may be OK - this should happen only on thread 0 */
563 static ip6_address_t * matching_addresses;
564 static u8 * matching_address_lengths;
566 ip6_add_del_route_args_t a;
568 vlib_smp_unsafe_warning();
570 a.flags = IP6_ROUTE_FLAG_DEL | IP6_ROUTE_FLAG_NO_REDISTRIBUTE | flags;
571 a.table_index_or_table_id = table_index_or_table_id;
576 for (l = address_length + 1; l <= 128; l++)
578 ip6_foreach_matching_route (im, table_index_or_table_id, flags,
582 &matching_address_lengths);
583 for (i = 0; i < vec_len (matching_addresses); i++)
585 a.dst_address = matching_addresses[i];
586 a.dst_address_length = matching_address_lengths[i];
587 ip6_add_del_route (im, &a);
591 ip6_maybe_remap_adjacencies (im, table_index_or_table_id, flags);
595 ip6_lookup (vlib_main_t * vm,
596 vlib_node_runtime_t * node,
597 vlib_frame_t * frame)
599 ip6_main_t * im = &ip6_main;
600 ip_lookup_main_t * lm = &im->lookup_main;
601 vlib_combined_counter_main_t * cm = &im->lookup_main.adjacency_counters;
602 u32 n_left_from, n_left_to_next, * from, * to_next;
603 ip_lookup_next_t next;
604 u32 cpu_index = os_get_cpu_number();
606 from = vlib_frame_vector_args (frame);
607 n_left_from = frame->n_vectors;
608 next = node->cached_next_index;
610 while (n_left_from > 0)
612 vlib_get_next_frame (vm, node, next,
613 to_next, n_left_to_next);
615 while (n_left_from >= 4 && n_left_to_next >= 2)
617 vlib_buffer_t * p0, * p1;
618 u32 pi0, pi1, adj_index0, adj_index1, wrong_next;
619 ip_lookup_next_t next0, next1;
620 ip6_header_t * ip0, * ip1;
621 ip_adjacency_t * adj0, * adj1;
622 u32 fib_index0, fib_index1;
623 u32 flow_hash_config0, flow_hash_config1;
625 /* Prefetch next iteration. */
627 vlib_buffer_t * p2, * p3;
629 p2 = vlib_get_buffer (vm, from[2]);
630 p3 = vlib_get_buffer (vm, from[3]);
632 vlib_prefetch_buffer_header (p2, LOAD);
633 vlib_prefetch_buffer_header (p3, LOAD);
634 CLIB_PREFETCH (p2->data, sizeof (ip0[0]), LOAD);
635 CLIB_PREFETCH (p3->data, sizeof (ip0[0]), LOAD);
638 pi0 = to_next[0] = from[0];
639 pi1 = to_next[1] = from[1];
641 p0 = vlib_get_buffer (vm, pi0);
642 p1 = vlib_get_buffer (vm, pi1);
644 ip0 = vlib_buffer_get_current (p0);
645 ip1 = vlib_buffer_get_current (p1);
647 fib_index0 = vec_elt (im->fib_index_by_sw_if_index, vnet_buffer (p0)->sw_if_index[VLIB_RX]);
648 fib_index1 = vec_elt (im->fib_index_by_sw_if_index, vnet_buffer (p1)->sw_if_index[VLIB_RX]);
650 fib_index0 = (vnet_buffer(p0)->sw_if_index[VLIB_TX] == (u32)~0) ?
651 fib_index0 : vnet_buffer(p0)->sw_if_index[VLIB_TX];
652 fib_index1 = (vnet_buffer(p1)->sw_if_index[VLIB_TX] == (u32)~0) ?
653 fib_index1 : vnet_buffer(p1)->sw_if_index[VLIB_TX];
655 adj_index0 = ip6_fib_lookup_with_table (im, fib_index0,
657 adj_index1 = ip6_fib_lookup_with_table (im, fib_index1,
660 adj0 = ip_get_adjacency (lm, adj_index0);
661 adj1 = ip_get_adjacency (lm, adj_index1);
663 if (PREDICT_FALSE (adj0->explicit_fib_index != ~0))
665 adj_index0 = ip6_fib_lookup_with_table
666 (im, adj0->explicit_fib_index, &ip0->dst_address);
667 adj0 = ip_get_adjacency (lm, adj_index0);
669 if (PREDICT_FALSE (adj1->explicit_fib_index != ~0))
671 adj_index1 = ip6_fib_lookup_with_table
672 (im, adj1->explicit_fib_index, &ip1->dst_address);
673 adj1 = ip_get_adjacency (lm, adj_index1);
676 next0 = adj0->lookup_next_index;
677 next1 = adj1->lookup_next_index;
679 /* Process hop-by-hop options if present */
680 next0 = (ip0->protocol == IP_PROTOCOL_IP6_HOP_BY_HOP_OPTIONS) ?
681 IP_LOOKUP_NEXT_HOP_BY_HOP : next0;
682 next1 = (ip1->protocol == IP_PROTOCOL_IP6_HOP_BY_HOP_OPTIONS) ?
683 IP_LOOKUP_NEXT_HOP_BY_HOP : next1;
685 vnet_buffer (p0)->ip.flow_hash =
686 vnet_buffer(p1)->ip.flow_hash = 0;
688 if (PREDICT_FALSE(adj0->n_adj > 1))
691 vec_elt_at_index (im->fibs,fib_index0)->flow_hash_config;
692 vnet_buffer (p0)->ip.flow_hash =
693 ip6_compute_flow_hash (ip0, flow_hash_config0);
696 if (PREDICT_FALSE(adj1->n_adj > 1))
699 vec_elt_at_index (im->fibs,fib_index0)->flow_hash_config;
701 vnet_buffer (p1)->ip.flow_hash =
702 ip6_compute_flow_hash (ip1, flow_hash_config1);
705 ASSERT (adj0->n_adj > 0);
706 ASSERT (adj1->n_adj > 0);
707 ASSERT (is_pow2 (adj0->n_adj));
708 ASSERT (is_pow2 (adj1->n_adj));
709 adj_index0 += (vnet_buffer (p0)->ip.flow_hash & (adj0->n_adj - 1));
710 adj_index1 += (vnet_buffer (p1)->ip.flow_hash & (adj1->n_adj - 1));
712 vnet_buffer (p0)->ip.adj_index[VLIB_TX] = adj_index0;
713 vnet_buffer (p1)->ip.adj_index[VLIB_TX] = adj_index1;
715 vlib_increment_combined_counter
716 (cm, cpu_index, adj_index0, 1,
717 vlib_buffer_length_in_chain (vm, p0));
718 vlib_increment_combined_counter
719 (cm, cpu_index, adj_index1, 1,
720 vlib_buffer_length_in_chain (vm, p1));
727 wrong_next = (next0 != next) + 2*(next1 != next);
728 if (PREDICT_FALSE (wrong_next != 0))
737 vlib_set_next_frame_buffer (vm, node, next0, pi0);
744 vlib_set_next_frame_buffer (vm, node, next1, pi1);
751 vlib_set_next_frame_buffer (vm, node, next0, pi0);
752 vlib_set_next_frame_buffer (vm, node, next1, pi1);
756 vlib_put_next_frame (vm, node, next, n_left_to_next);
758 vlib_get_next_frame (vm, node, next, to_next, n_left_to_next);
764 while (n_left_from > 0 && n_left_to_next > 0)
769 ip_lookup_next_t next0;
770 ip_adjacency_t * adj0;
771 u32 fib_index0, flow_hash_config0;
776 p0 = vlib_get_buffer (vm, pi0);
778 ip0 = vlib_buffer_get_current (p0);
780 fib_index0 = vec_elt (im->fib_index_by_sw_if_index, vnet_buffer (p0)->sw_if_index[VLIB_RX]);
781 fib_index0 = (vnet_buffer(p0)->sw_if_index[VLIB_TX] == (u32)~0) ?
782 fib_index0 : vnet_buffer(p0)->sw_if_index[VLIB_TX];
785 vec_elt_at_index (im->fibs,fib_index0)->flow_hash_config;
787 adj_index0 = ip6_fib_lookup_with_table (im, fib_index0,
790 adj0 = ip_get_adjacency (lm, adj_index0);
792 if (PREDICT_FALSE (adj0->explicit_fib_index != ~0))
794 adj_index0 = ip6_fib_lookup_with_table
795 (im, adj0->explicit_fib_index, &ip0->dst_address);
796 adj0 = ip_get_adjacency (lm, adj_index0);
799 next0 = adj0->lookup_next_index;
800 next0 = (ip0->protocol == IP_PROTOCOL_IP6_HOP_BY_HOP_OPTIONS) ?
801 IP_LOOKUP_NEXT_HOP_BY_HOP : next0;
803 vnet_buffer (p0)->ip.flow_hash = 0;
805 if (PREDICT_FALSE(adj0->n_adj > 1))
808 vec_elt_at_index (im->fibs,fib_index0)->flow_hash_config;
809 vnet_buffer (p0)->ip.flow_hash =
810 ip6_compute_flow_hash (ip0, flow_hash_config0);
813 ASSERT (adj0->n_adj > 0);
814 ASSERT (is_pow2 (adj0->n_adj));
815 adj_index0 += (vnet_buffer (p0)->ip.flow_hash & (adj0->n_adj - 1));
817 vnet_buffer (p0)->ip.adj_index[VLIB_TX] = adj_index0;
819 vlib_increment_combined_counter
820 (cm, cpu_index, adj_index0, 1,
821 vlib_buffer_length_in_chain (vm, p0));
828 if (PREDICT_FALSE (next0 != next))
831 vlib_put_next_frame (vm, node, next, n_left_to_next);
833 vlib_get_next_frame (vm, node, next,
834 to_next, n_left_to_next);
841 vlib_put_next_frame (vm, node, next, n_left_to_next);
844 return frame->n_vectors;
847 void ip6_adjacency_set_interface_route (vnet_main_t * vnm,
848 ip_adjacency_t * adj,
850 u32 if_address_index)
852 vnet_hw_interface_t * hw = vnet_get_sup_hw_interface (vnm, sw_if_index);
856 if (hw->hw_class_index == ethernet_hw_interface_class.index
857 || hw->hw_class_index == srp_hw_interface_class.index)
859 n = IP_LOOKUP_NEXT_ARP;
860 node_index = ip6_discover_neighbor_node.index;
861 adj->if_address_index = if_address_index;
865 n = IP_LOOKUP_NEXT_REWRITE;
866 node_index = ip6_rewrite_node.index;
869 adj->lookup_next_index = n;
870 adj->explicit_fib_index = ~0;
872 vnet_rewrite_for_sw_interface
874 VNET_L3_PACKET_TYPE_IP6,
877 VNET_REWRITE_FOR_SW_INTERFACE_ADDRESS_BROADCAST,
878 &adj->rewrite_header,
879 sizeof (adj->rewrite_data));
883 ip6_add_interface_routes (vnet_main_t * vnm, u32 sw_if_index,
884 ip6_main_t * im, u32 fib_index,
885 ip_interface_address_t * a)
887 ip_lookup_main_t * lm = &im->lookup_main;
888 ip_adjacency_t * adj;
889 ip6_address_t * address = ip_interface_address_get_address (lm, a);
890 ip6_add_del_route_args_t x;
891 vnet_hw_interface_t * hw_if = vnet_get_sup_hw_interface (vnm, sw_if_index);
892 u32 classify_table_index;
894 /* Add e.g. 1.0.0.0/8 as interface route (arp for Ethernet). */
895 x.table_index_or_table_id = fib_index;
896 x.flags = (IP6_ROUTE_FLAG_ADD
897 | IP6_ROUTE_FLAG_FIB_INDEX
898 | IP6_ROUTE_FLAG_NO_REDISTRIBUTE);
899 x.dst_address = address[0];
900 x.dst_address_length = a->address_length;
904 a->neighbor_probe_adj_index = ~0;
905 if (a->address_length < 128)
907 adj = ip_add_adjacency (lm, /* template */ 0, /* block size */ 1,
909 ip6_adjacency_set_interface_route (vnm, adj, sw_if_index, a - lm->if_address_pool);
910 ip_call_add_del_adjacency_callbacks (lm, x.adj_index, /* is_del */ 0);
911 ip6_add_del_route (im, &x);
912 a->neighbor_probe_adj_index = x.adj_index;
915 /* Add e.g. ::1/128 as local to this host. */
916 adj = ip_add_adjacency (lm, /* template */ 0, /* block size */ 1,
919 classify_table_index = ~0;
920 if (sw_if_index < vec_len (lm->classify_table_index_by_sw_if_index))
921 classify_table_index = lm->classify_table_index_by_sw_if_index [sw_if_index];
922 if (classify_table_index != (u32) ~0)
924 adj->lookup_next_index = IP_LOOKUP_NEXT_CLASSIFY;
925 adj->classify_table_index = classify_table_index;
928 adj->lookup_next_index = IP_LOOKUP_NEXT_LOCAL;
930 adj->if_address_index = a - lm->if_address_pool;
931 adj->rewrite_header.sw_if_index = sw_if_index;
932 adj->rewrite_header.max_l3_packet_bytes = hw_if->max_l3_packet_bytes[VLIB_RX];
933 adj->rewrite_header.data_bytes = 0;
934 ip_call_add_del_adjacency_callbacks (lm, x.adj_index, /* is_del */ 0);
935 x.dst_address_length = 128;
936 ip6_add_del_route (im, &x);
940 ip6_del_interface_routes (ip6_main_t * im, u32 fib_index,
941 ip6_address_t * address, u32 address_length)
943 ip6_add_del_route_args_t x;
945 /* Add e.g. 1.0.0.0/8 as interface route (arp for Ethernet). */
946 x.table_index_or_table_id = fib_index;
947 x.flags = (IP6_ROUTE_FLAG_DEL
948 | IP6_ROUTE_FLAG_FIB_INDEX
949 | IP6_ROUTE_FLAG_NO_REDISTRIBUTE);
950 x.dst_address = address[0];
951 x.dst_address_length = address_length;
956 if (address_length < 128)
958 /* Don't wipe out fe80::0/64 */
959 if (address_length != 64 ||
960 address[0].as_u64[0] != clib_net_to_host_u64(0xfe80000000000000ULL))
961 ip6_add_del_route (im, &x);
964 x.dst_address_length = 128;
965 ip6_add_del_route (im, &x);
967 ip6_delete_matching_routes (im,
969 IP6_ROUTE_FLAG_FIB_INDEX,
976 ip6_address_t address;
978 } ip6_interface_address_t;
980 static clib_error_t *
981 ip6_add_del_interface_address_internal (vlib_main_t * vm,
983 ip6_address_t * new_address,
989 static clib_error_t *
990 ip6_add_del_interface_address_internal (vlib_main_t * vm,
992 ip6_address_t * address,
998 vnet_main_t * vnm = vnet_get_main();
999 ip6_main_t * im = &ip6_main;
1000 ip_lookup_main_t * lm = &im->lookup_main;
1001 clib_error_t * error;
1002 u32 if_address_index;
1003 ip6_address_fib_t ip6_af, * addr_fib = 0;
1005 vec_validate (im->fib_index_by_sw_if_index, sw_if_index);
1006 ip6_addr_fib_init (&ip6_af, address,
1007 vec_elt (im->fib_index_by_sw_if_index, sw_if_index));
1008 vec_add1 (addr_fib, ip6_af);
1011 uword elts_before = pool_elts (lm->if_address_pool);
1013 error = ip_interface_address_add_del
1023 /* Pool did not grow: add duplicate address. */
1024 if (elts_before == pool_elts (lm->if_address_pool))
1028 if (vnet_sw_interface_is_admin_up (vnm, sw_if_index) && insert_routes)
1031 ip6_del_interface_routes (im, ip6_af.fib_index, address,
1035 ip6_add_interface_routes (vnm, sw_if_index,
1036 im, ip6_af.fib_index,
1037 pool_elt_at_index (lm->if_address_pool, if_address_index));
1041 ip6_add_del_interface_address_callback_t * cb;
1042 vec_foreach (cb, im->add_del_interface_address_callbacks)
1043 cb->function (im, cb->function_opaque, sw_if_index,
1044 address, address_length,
1050 vec_free (addr_fib);
1055 ip6_add_del_interface_address (vlib_main_t * vm, u32 sw_if_index,
1056 ip6_address_t * address, u32 address_length,
1059 return ip6_add_del_interface_address_internal
1060 (vm, sw_if_index, address, address_length,
1061 /* redistribute */ 1,
1062 /* insert_routes */ 1,
1067 ip6_sw_interface_admin_up_down (vnet_main_t * vnm,
1071 ip6_main_t * im = &ip6_main;
1072 ip_interface_address_t * ia;
1074 u32 is_admin_up, fib_index;
1076 /* Fill in lookup tables with default table (0). */
1077 vec_validate (im->fib_index_by_sw_if_index, sw_if_index);
1079 vec_validate_init_empty (im->lookup_main.if_address_pool_index_by_sw_if_index, sw_if_index, ~0);
1081 is_admin_up = (flags & VNET_SW_INTERFACE_FLAG_ADMIN_UP) != 0;
1083 fib_index = vec_elt (im->fib_index_by_sw_if_index, sw_if_index);
1085 foreach_ip_interface_address (&im->lookup_main, ia, sw_if_index,
1086 0 /* honor unnumbered */,
1088 a = ip_interface_address_get_address (&im->lookup_main, ia);
1090 ip6_add_interface_routes (vnm, sw_if_index,
1094 ip6_del_interface_routes (im, fib_index,
1095 a, ia->address_length);
1101 VNET_SW_INTERFACE_ADMIN_UP_DOWN_FUNCTION (ip6_sw_interface_admin_up_down);
1104 ip6_sw_interface_add_del (vnet_main_t * vnm,
1108 vlib_main_t * vm = vnm->vlib_main;
1109 ip6_main_t * im = &ip6_main;
1110 ip_lookup_main_t * lm = &im->lookup_main;
1113 for (cast = 0; cast < VNET_N_CAST; cast++)
1115 ip_config_main_t * cm = &lm->rx_config_mains[cast];
1116 vnet_config_main_t * vcm = &cm->config_main;
1118 /* FIXME multicast. */
1119 if (! vcm->node_index_by_feature_index)
1121 char * start_nodes[] = { "ip6-input", };
1122 char * feature_nodes[] = {
1123 [IP6_RX_FEATURE_CHECK_ACCESS] = "ip6-inacl",
1124 [IP6_RX_FEATURE_IPSEC] = "ipsec-input-ip6",
1125 [IP6_RX_FEATURE_L2TPV3] = "l2tp-decap",
1126 [IP6_RX_FEATURE_VPATH] = "vpath-input-ip6",
1127 [IP6_RX_FEATURE_LOOKUP] = "ip6-lookup",
1129 vnet_config_init (vm, vcm,
1130 start_nodes, ARRAY_LEN (start_nodes),
1131 feature_nodes, ARRAY_LEN (feature_nodes));
1134 vec_validate_init_empty (cm->config_index_by_sw_if_index, sw_if_index, ~0);
1135 ci = cm->config_index_by_sw_if_index[sw_if_index];
1138 ci = vnet_config_add_feature (vm, vcm,
1140 IP6_RX_FEATURE_LOOKUP,
1141 /* config data */ 0,
1142 /* # bytes of config data */ 0);
1144 ci = vnet_config_del_feature (vm, vcm,
1146 IP6_RX_FEATURE_LOOKUP,
1147 /* config data */ 0,
1148 /* # bytes of config data */ 0);
1150 cm->config_index_by_sw_if_index[sw_if_index] = ci;
1152 return /* no error */ 0;
1155 VNET_SW_INTERFACE_ADD_DEL_FUNCTION (ip6_sw_interface_add_del);
1157 VLIB_REGISTER_NODE (ip6_lookup_node) = {
1158 .function = ip6_lookup,
1159 .name = "ip6-lookup",
1160 .vector_size = sizeof (u32),
1162 .n_next_nodes = IP_LOOKUP_N_NEXT,
1164 [IP_LOOKUP_NEXT_MISS] = "ip6-miss",
1165 [IP_LOOKUP_NEXT_DROP] = "ip6-drop",
1166 [IP_LOOKUP_NEXT_PUNT] = "ip6-punt",
1167 [IP_LOOKUP_NEXT_LOCAL] = "ip6-local",
1168 [IP_LOOKUP_NEXT_ARP] = "ip6-discover-neighbor",
1169 [IP_LOOKUP_NEXT_REWRITE] = "ip6-rewrite",
1170 [IP_LOOKUP_NEXT_CLASSIFY] = "ip6-classify",
1171 [IP_LOOKUP_NEXT_MAP] = "ip6-map",
1172 [IP_LOOKUP_NEXT_MAP_T] = "ip6-map-t",
1173 [IP_LOOKUP_NEXT_SIXRD] = "ip6-sixrd",
1174 [IP_LOOKUP_NEXT_HOP_BY_HOP] = "ip6-hop-by-hop",
1175 [IP_LOOKUP_NEXT_ADD_HOP_BY_HOP] = "ip6-add-hop-by-hop",
1176 [IP_LOOKUP_NEXT_POP_HOP_BY_HOP] = "ip6-pop-hop-by-hop",
1181 /* Adjacency taken. */
1186 /* Packet data, possibly *after* rewrite. */
1187 u8 packet_data[64 - 1*sizeof(u32)];
1188 } ip6_forward_next_trace_t;
1190 static u8 * format_ip6_forward_next_trace (u8 * s, va_list * args)
1192 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
1193 CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
1194 ip6_forward_next_trace_t * t = va_arg (*args, ip6_forward_next_trace_t *);
1195 vnet_main_t * vnm = vnet_get_main();
1196 ip6_main_t * im = &ip6_main;
1197 ip_adjacency_t * adj;
1198 uword indent = format_get_indent (s);
1200 adj = ip_get_adjacency (&im->lookup_main, t->adj_index);
1201 s = format (s, "fib %d adj-idx %d : %U flow hash: 0x%08x",
1202 t->fib_index, t->adj_index, format_ip_adjacency,
1203 vnm, &im->lookup_main, t->adj_index, t->flow_hash);
1204 switch (adj->lookup_next_index)
1206 case IP_LOOKUP_NEXT_REWRITE:
1207 s = format (s, "\n%U%U",
1208 format_white_space, indent,
1209 format_ip_adjacency_packet_data,
1210 vnm, &im->lookup_main, t->adj_index,
1211 t->packet_data, sizeof (t->packet_data));
1221 /* Common trace function for all ip6-forward next nodes. */
1223 ip6_forward_next_trace (vlib_main_t * vm,
1224 vlib_node_runtime_t * node,
1225 vlib_frame_t * frame,
1226 vlib_rx_or_tx_t which_adj_index)
1229 ip6_main_t * im = &ip6_main;
1231 n_left = frame->n_vectors;
1232 from = vlib_frame_vector_args (frame);
1237 vlib_buffer_t * b0, * b1;
1238 ip6_forward_next_trace_t * t0, * t1;
1240 /* Prefetch next iteration. */
1241 vlib_prefetch_buffer_with_index (vm, from[2], LOAD);
1242 vlib_prefetch_buffer_with_index (vm, from[3], LOAD);
1247 b0 = vlib_get_buffer (vm, bi0);
1248 b1 = vlib_get_buffer (vm, bi1);
1250 if (b0->flags & VLIB_BUFFER_IS_TRACED)
1252 t0 = vlib_add_trace (vm, node, b0, sizeof (t0[0]));
1253 t0->adj_index = vnet_buffer (b0)->ip.adj_index[which_adj_index];
1254 t0->flow_hash = vnet_buffer (b0)->ip.flow_hash;
1255 t0->fib_index = vec_elt (im->fib_index_by_sw_if_index,
1256 vnet_buffer(b0)->sw_if_index[VLIB_RX]);
1257 memcpy (t0->packet_data,
1258 vlib_buffer_get_current (b0),
1259 sizeof (t0->packet_data));
1261 if (b1->flags & VLIB_BUFFER_IS_TRACED)
1263 t1 = vlib_add_trace (vm, node, b1, sizeof (t1[0]));
1264 t1->adj_index = vnet_buffer (b1)->ip.adj_index[which_adj_index];
1265 t1->flow_hash = vnet_buffer (b1)->ip.flow_hash;
1266 t1->fib_index = vec_elt (im->fib_index_by_sw_if_index,
1267 vnet_buffer(b1)->sw_if_index[VLIB_RX]);
1268 memcpy (t1->packet_data,
1269 vlib_buffer_get_current (b1),
1270 sizeof (t1->packet_data));
1280 ip6_forward_next_trace_t * t0;
1284 b0 = vlib_get_buffer (vm, bi0);
1286 if (b0->flags & VLIB_BUFFER_IS_TRACED)
1288 t0 = vlib_add_trace (vm, node, b0, sizeof (t0[0]));
1289 t0->adj_index = vnet_buffer (b0)->ip.adj_index[which_adj_index];
1290 t0->flow_hash = vnet_buffer (b0)->ip.flow_hash;
1291 t0->fib_index = vec_elt (im->fib_index_by_sw_if_index,
1292 vnet_buffer(b0)->sw_if_index[VLIB_RX]);
1293 memcpy (t0->packet_data,
1294 vlib_buffer_get_current (b0),
1295 sizeof (t0->packet_data));
1303 ip6_drop_or_punt (vlib_main_t * vm,
1304 vlib_node_runtime_t * node,
1305 vlib_frame_t * frame,
1306 ip6_error_t error_code)
1308 u32 * buffers = vlib_frame_vector_args (frame);
1309 uword n_packets = frame->n_vectors;
1311 vlib_error_drop_buffers (vm, node,
1316 ip6_input_node.index,
1319 if (node->flags & VLIB_NODE_FLAG_TRACE)
1320 ip6_forward_next_trace (vm, node, frame, VLIB_TX);
1326 ip6_drop (vlib_main_t * vm,
1327 vlib_node_runtime_t * node,
1328 vlib_frame_t * frame)
1329 { return ip6_drop_or_punt (vm, node, frame, IP6_ERROR_ADJACENCY_DROP); }
1332 ip6_punt (vlib_main_t * vm,
1333 vlib_node_runtime_t * node,
1334 vlib_frame_t * frame)
1335 { return ip6_drop_or_punt (vm, node, frame, IP6_ERROR_ADJACENCY_PUNT); }
1338 ip6_miss (vlib_main_t * vm,
1339 vlib_node_runtime_t * node,
1340 vlib_frame_t * frame)
1341 { return ip6_drop_or_punt (vm, node, frame, IP6_ERROR_DST_LOOKUP_MISS); }
1343 VLIB_REGISTER_NODE (ip6_drop_node,static) = {
1344 .function = ip6_drop,
1346 .vector_size = sizeof (u32),
1348 .format_trace = format_ip6_forward_next_trace,
1356 VLIB_REGISTER_NODE (ip6_punt_node,static) = {
1357 .function = ip6_punt,
1359 .vector_size = sizeof (u32),
1361 .format_trace = format_ip6_forward_next_trace,
1369 VLIB_REGISTER_NODE (ip6_miss_node,static) = {
1370 .function = ip6_miss,
1372 .vector_size = sizeof (u32),
1374 .format_trace = format_ip6_forward_next_trace,
1382 VLIB_REGISTER_NODE (ip6_multicast_node,static) = {
1383 .function = ip6_drop,
1384 .name = "ip6-multicast",
1385 .vector_size = sizeof (u32),
1387 .format_trace = format_ip6_forward_next_trace,
1395 /* Compute TCP/UDP/ICMP6 checksum in software. */
1396 u16 ip6_tcp_udp_icmp_compute_checksum (vlib_main_t * vm, vlib_buffer_t * p0, ip6_header_t * ip0, int *bogus_lengthp)
1399 u16 sum16, payload_length_host_byte_order;
1400 u32 i, n_this_buffer, n_bytes_left;
1401 u32 headers_size = sizeof(ip0[0]);
1402 void * data_this_buffer;
1404 ASSERT(bogus_lengthp);
1407 /* Initialize checksum with ip header. */
1408 sum0 = ip0->payload_length + clib_host_to_net_u16 (ip0->protocol);
1409 payload_length_host_byte_order = clib_net_to_host_u16 (ip0->payload_length);
1410 data_this_buffer = (void *) (ip0 + 1);
1412 for (i = 0; i < ARRAY_LEN (ip0->src_address.as_uword); i++)
1414 sum0 = ip_csum_with_carry (sum0,
1415 clib_mem_unaligned (&ip0->src_address.as_uword[i], uword));
1416 sum0 = ip_csum_with_carry (sum0,
1417 clib_mem_unaligned (&ip0->dst_address.as_uword[i], uword));
1420 /* some icmp packets may come with a "router alert" hop-by-hop extension header (e.g., mldv2 packets) */
1421 if (PREDICT_FALSE (ip0->protocol == IP_PROTOCOL_IP6_HOP_BY_HOP_OPTIONS))
1424 ip6_hop_by_hop_ext_t *ext_hdr = (ip6_hop_by_hop_ext_t *)data_this_buffer;
1426 /* validate really icmp6 next */
1427 ASSERT(ext_hdr->next_hdr == IP_PROTOCOL_ICMP6);
1429 skip_bytes = 8* (1 + ext_hdr->n_data_u64s);
1430 data_this_buffer = (void *)((u8 *)data_this_buffer + skip_bytes);
1432 payload_length_host_byte_order -= skip_bytes;
1433 headers_size += skip_bytes;
1436 n_bytes_left = n_this_buffer = payload_length_host_byte_order;
1440 struct rte_mbuf *mb = ((struct rte_mbuf *)p0)-1;
1441 u8 nb_segs = mb->nb_segs;
1443 n_this_buffer = (p0->current_length > headers_size ?
1444 p0->current_length - headers_size : 0);
1445 while (n_bytes_left)
1447 sum0 = ip_incremental_checksum (sum0, data_this_buffer, n_this_buffer);
1448 n_bytes_left -= n_this_buffer;
1452 if ((nb_segs == 0) || (mb == 0))
1455 data_this_buffer = rte_ctrlmbuf_data(mb);
1456 n_this_buffer = mb->data_len;
1458 if (n_bytes_left || nb_segs)
1464 else sum0 = ip_incremental_checksum (sum0, data_this_buffer, n_this_buffer);
1466 if (p0 && n_this_buffer + headers_size > p0->current_length)
1467 n_this_buffer = p0->current_length > headers_size ? p0->current_length - headers_size : 0;
1470 sum0 = ip_incremental_checksum (sum0, data_this_buffer, n_this_buffer);
1471 n_bytes_left -= n_this_buffer;
1472 if (n_bytes_left == 0)
1475 if (!(p0->flags & VLIB_BUFFER_NEXT_PRESENT))
1480 p0 = vlib_get_buffer (vm, p0->next_buffer);
1481 data_this_buffer = vlib_buffer_get_current (p0);
1482 n_this_buffer = p0->current_length;
1486 sum16 = ~ ip_csum_fold (sum0);
1491 u32 ip6_tcp_udp_icmp_validate_checksum (vlib_main_t * vm, vlib_buffer_t * p0)
1493 ip6_header_t * ip0 = vlib_buffer_get_current (p0);
1494 udp_header_t * udp0;
1498 /* some icmp packets may come with a "router alert" hop-by-hop extension header (e.g., mldv2 packets) */
1499 ASSERT (ip0->protocol == IP_PROTOCOL_TCP
1500 || ip0->protocol == IP_PROTOCOL_ICMP6
1501 || ip0->protocol == IP_PROTOCOL_UDP
1502 || ip0->protocol == IP_PROTOCOL_IP6_HOP_BY_HOP_OPTIONS);
1504 udp0 = (void *) (ip0 + 1);
1505 if (ip0->protocol == IP_PROTOCOL_UDP && udp0->checksum == 0)
1507 p0->flags |= (IP_BUFFER_L4_CHECKSUM_COMPUTED
1508 | IP_BUFFER_L4_CHECKSUM_CORRECT);
1512 sum16 = ip6_tcp_udp_icmp_compute_checksum (vm, p0, ip0, &bogus_length);
1514 p0->flags |= (IP_BUFFER_L4_CHECKSUM_COMPUTED
1515 | ((sum16 == 0) << LOG2_IP_BUFFER_L4_CHECKSUM_CORRECT));
1521 ip6_local (vlib_main_t * vm,
1522 vlib_node_runtime_t * node,
1523 vlib_frame_t * frame)
1525 ip6_main_t * im = &ip6_main;
1526 ip_lookup_main_t * lm = &im->lookup_main;
1527 ip_local_next_t next_index;
1528 u32 * from, * to_next, n_left_from, n_left_to_next;
1529 vlib_node_runtime_t * error_node = vlib_node_get_runtime (vm, ip6_input_node.index);
1531 from = vlib_frame_vector_args (frame);
1532 n_left_from = frame->n_vectors;
1533 next_index = node->cached_next_index;
1535 if (node->flags & VLIB_NODE_FLAG_TRACE)
1536 ip6_forward_next_trace (vm, node, frame, VLIB_TX);
1538 while (n_left_from > 0)
1540 vlib_get_next_frame (vm, node, next_index,
1541 to_next, n_left_to_next);
1543 while (n_left_from >= 4 && n_left_to_next >= 2)
1545 vlib_buffer_t * p0, * p1;
1546 ip6_header_t * ip0, * ip1;
1547 udp_header_t * udp0, * udp1;
1548 u32 pi0, ip_len0, udp_len0, flags0, next0;
1549 u32 pi1, ip_len1, udp_len1, flags1, next1;
1550 i32 len_diff0, len_diff1;
1551 u8 error0, type0, good_l4_checksum0;
1552 u8 error1, type1, good_l4_checksum1;
1554 pi0 = to_next[0] = from[0];
1555 pi1 = to_next[1] = from[1];
1559 n_left_to_next -= 2;
1561 p0 = vlib_get_buffer (vm, pi0);
1562 p1 = vlib_get_buffer (vm, pi1);
1564 ip0 = vlib_buffer_get_current (p0);
1565 ip1 = vlib_buffer_get_current (p1);
1567 type0 = lm->builtin_protocol_by_ip_protocol[ip0->protocol];
1568 type1 = lm->builtin_protocol_by_ip_protocol[ip1->protocol];
1570 next0 = lm->local_next_by_ip_protocol[ip0->protocol];
1571 next1 = lm->local_next_by_ip_protocol[ip1->protocol];
1576 good_l4_checksum0 = (flags0 & IP_BUFFER_L4_CHECKSUM_CORRECT) != 0;
1577 good_l4_checksum1 = (flags1 & IP_BUFFER_L4_CHECKSUM_CORRECT) != 0;
1579 udp0 = ip6_next_header (ip0);
1580 udp1 = ip6_next_header (ip1);
1582 /* Don't verify UDP checksum for packets with explicit zero checksum. */
1583 good_l4_checksum0 |= type0 == IP_BUILTIN_PROTOCOL_UDP && udp0->checksum == 0;
1584 good_l4_checksum1 |= type1 == IP_BUILTIN_PROTOCOL_UDP && udp1->checksum == 0;
1586 good_l4_checksum0 |= type0 == IP_BUILTIN_PROTOCOL_UNKNOWN;
1587 good_l4_checksum1 |= type1 == IP_BUILTIN_PROTOCOL_UNKNOWN;
1589 /* Verify UDP length. */
1590 ip_len0 = clib_net_to_host_u16 (ip0->payload_length);
1591 ip_len1 = clib_net_to_host_u16 (ip1->payload_length);
1592 udp_len0 = clib_net_to_host_u16 (udp0->length);
1593 udp_len1 = clib_net_to_host_u16 (udp1->length);
1595 len_diff0 = ip_len0 - udp_len0;
1596 len_diff1 = ip_len1 - udp_len1;
1598 len_diff0 = type0 == IP_BUILTIN_PROTOCOL_UDP ? len_diff0 : 0;
1599 len_diff1 = type1 == IP_BUILTIN_PROTOCOL_UDP ? len_diff1 : 0;
1601 if (PREDICT_FALSE (type0 != IP_BUILTIN_PROTOCOL_UNKNOWN
1602 && ! good_l4_checksum0
1603 && ! (flags0 & IP_BUFFER_L4_CHECKSUM_COMPUTED)))
1605 flags0 = ip6_tcp_udp_icmp_validate_checksum (vm, p0);
1607 (flags0 & IP_BUFFER_L4_CHECKSUM_CORRECT) != 0;
1609 if (PREDICT_FALSE (type1 != IP_BUILTIN_PROTOCOL_UNKNOWN
1610 && ! good_l4_checksum1
1611 && ! (flags1 & IP_BUFFER_L4_CHECKSUM_COMPUTED)))
1613 flags1 = ip6_tcp_udp_icmp_validate_checksum (vm, p1);
1615 (flags1 & IP_BUFFER_L4_CHECKSUM_CORRECT) != 0;
1618 error0 = error1 = IP6_ERROR_UNKNOWN_PROTOCOL;
1620 error0 = len_diff0 < 0 ? IP6_ERROR_UDP_LENGTH : error0;
1621 error1 = len_diff1 < 0 ? IP6_ERROR_UDP_LENGTH : error1;
1623 ASSERT (IP6_ERROR_UDP_CHECKSUM + IP_BUILTIN_PROTOCOL_UDP == IP6_ERROR_UDP_CHECKSUM);
1624 ASSERT (IP6_ERROR_UDP_CHECKSUM + IP_BUILTIN_PROTOCOL_TCP == IP6_ERROR_TCP_CHECKSUM);
1625 ASSERT (IP6_ERROR_UDP_CHECKSUM + IP_BUILTIN_PROTOCOL_ICMP == IP6_ERROR_ICMP_CHECKSUM);
1626 error0 = (! good_l4_checksum0
1627 ? IP6_ERROR_UDP_CHECKSUM + type0
1629 error1 = (! good_l4_checksum1
1630 ? IP6_ERROR_UDP_CHECKSUM + type1
1633 /* Drop packets from unroutable hosts. */
1634 /* If this is a neighbor solicitation (ICMP), skip source RPF check */
1635 if (error0 == IP6_ERROR_UNKNOWN_PROTOCOL && type0 != IP_BUILTIN_PROTOCOL_ICMP)
1637 u32 src_adj_index0 = ip6_src_lookup_for_packet (im, p0, ip0);
1638 error0 = (lm->miss_adj_index == src_adj_index0
1639 ? IP6_ERROR_SRC_LOOKUP_MISS
1642 if (error1 == IP6_ERROR_UNKNOWN_PROTOCOL && type1 != IP_BUILTIN_PROTOCOL_ICMP)
1644 u32 src_adj_index1 = ip6_src_lookup_for_packet (im, p1, ip1);
1645 error1 = (lm->miss_adj_index == src_adj_index1
1646 ? IP6_ERROR_SRC_LOOKUP_MISS
1650 next0 = error0 != IP6_ERROR_UNKNOWN_PROTOCOL ? IP_LOCAL_NEXT_DROP : next0;
1651 next1 = error1 != IP6_ERROR_UNKNOWN_PROTOCOL ? IP_LOCAL_NEXT_DROP : next1;
1653 p0->error = error_node->errors[error0];
1654 p1->error = error_node->errors[error1];
1656 vlib_validate_buffer_enqueue_x2 (vm, node, next_index,
1657 to_next, n_left_to_next,
1658 pi0, pi1, next0, next1);
1661 while (n_left_from > 0 && n_left_to_next > 0)
1665 udp_header_t * udp0;
1666 u32 pi0, ip_len0, udp_len0, flags0, next0;
1668 u8 error0, type0, good_l4_checksum0;
1670 pi0 = to_next[0] = from[0];
1674 n_left_to_next -= 1;
1676 p0 = vlib_get_buffer (vm, pi0);
1678 ip0 = vlib_buffer_get_current (p0);
1680 type0 = lm->builtin_protocol_by_ip_protocol[ip0->protocol];
1681 next0 = lm->local_next_by_ip_protocol[ip0->protocol];
1685 good_l4_checksum0 = (flags0 & IP_BUFFER_L4_CHECKSUM_CORRECT) != 0;
1687 udp0 = ip6_next_header (ip0);
1689 /* Don't verify UDP checksum for packets with explicit zero checksum. */
1690 good_l4_checksum0 |= type0 == IP_BUILTIN_PROTOCOL_UDP && udp0->checksum == 0;
1692 good_l4_checksum0 |= type0 == IP_BUILTIN_PROTOCOL_UNKNOWN;
1694 /* Verify UDP length. */
1695 ip_len0 = clib_net_to_host_u16 (ip0->payload_length);
1696 udp_len0 = clib_net_to_host_u16 (udp0->length);
1698 len_diff0 = ip_len0 - udp_len0;
1700 len_diff0 = type0 == IP_BUILTIN_PROTOCOL_UDP ? len_diff0 : 0;
1702 if (PREDICT_FALSE (type0 != IP_BUILTIN_PROTOCOL_UNKNOWN
1703 && ! good_l4_checksum0
1704 && ! (flags0 & IP_BUFFER_L4_CHECKSUM_COMPUTED)))
1706 flags0 = ip6_tcp_udp_icmp_validate_checksum (vm, p0);
1708 (flags0 & IP_BUFFER_L4_CHECKSUM_CORRECT) != 0;
1711 error0 = IP6_ERROR_UNKNOWN_PROTOCOL;
1713 error0 = len_diff0 < 0 ? IP6_ERROR_UDP_LENGTH : error0;
1715 ASSERT (IP6_ERROR_UDP_CHECKSUM + IP_BUILTIN_PROTOCOL_UDP == IP6_ERROR_UDP_CHECKSUM);
1716 ASSERT (IP6_ERROR_UDP_CHECKSUM + IP_BUILTIN_PROTOCOL_TCP == IP6_ERROR_TCP_CHECKSUM);
1717 ASSERT (IP6_ERROR_UDP_CHECKSUM + IP_BUILTIN_PROTOCOL_ICMP == IP6_ERROR_ICMP_CHECKSUM);
1718 error0 = (! good_l4_checksum0
1719 ? IP6_ERROR_UDP_CHECKSUM + type0
1722 /* If this is a neighbor solicitation (ICMP), skip source RPF check */
1723 if (error0 == IP6_ERROR_UNKNOWN_PROTOCOL && type0 != IP_BUILTIN_PROTOCOL_ICMP)
1725 u32 src_adj_index0 = ip6_src_lookup_for_packet (im, p0, ip0);
1726 error0 = (lm->miss_adj_index == src_adj_index0
1727 ? IP6_ERROR_SRC_LOOKUP_MISS
1731 next0 = error0 != IP6_ERROR_UNKNOWN_PROTOCOL ? IP_LOCAL_NEXT_DROP : next0;
1733 p0->error = error_node->errors[error0];
1735 vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
1736 to_next, n_left_to_next,
1740 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
1743 return frame->n_vectors;
1746 VLIB_REGISTER_NODE (ip6_local_node,static) = {
1747 .function = ip6_local,
1748 .name = "ip6-local",
1749 .vector_size = sizeof (u32),
1751 .format_trace = format_ip6_forward_next_trace,
1753 .n_next_nodes = IP_LOCAL_N_NEXT,
1755 [IP_LOCAL_NEXT_DROP] = "error-drop",
1756 [IP_LOCAL_NEXT_PUNT] = "error-punt",
1757 // [IP_LOCAL_NEXT_TCP_LOOKUP] = "ip6-tcp-lookup",
1758 [IP_LOCAL_NEXT_UDP_LOOKUP] = "ip6-udp-lookup",
1759 [IP_LOCAL_NEXT_ICMP] = "ip6-icmp-input",
1763 void ip6_register_protocol (u32 protocol, u32 node_index)
1765 vlib_main_t * vm = vlib_get_main();
1766 ip6_main_t * im = &ip6_main;
1767 ip_lookup_main_t * lm = &im->lookup_main;
1769 ASSERT (protocol < ARRAY_LEN (lm->local_next_by_ip_protocol));
1770 lm->local_next_by_ip_protocol[protocol] = vlib_node_add_next (vm, ip6_local_node.index, node_index);
1774 IP6_DISCOVER_NEIGHBOR_NEXT_DROP,
1775 IP6_DISCOVER_NEIGHBOR_N_NEXT,
1776 } ip6_discover_neighbor_next_t;
1779 IP6_DISCOVER_NEIGHBOR_ERROR_DROP,
1780 IP6_DISCOVER_NEIGHBOR_ERROR_REQUEST_SENT,
1781 } ip6_discover_neighbor_error_t;
1784 ip6_discover_neighbor (vlib_main_t * vm,
1785 vlib_node_runtime_t * node,
1786 vlib_frame_t * frame)
1788 vnet_main_t * vnm = vnet_get_main();
1789 ip6_main_t * im = &ip6_main;
1790 ip_lookup_main_t * lm = &im->lookup_main;
1791 u32 * from, * to_next_drop;
1792 uword n_left_from, n_left_to_next_drop;
1793 static f64 time_last_seed_change = -1e100;
1794 static u32 hash_seeds[3];
1795 static uword hash_bitmap[256 / BITS (uword)];
1799 if (node->flags & VLIB_NODE_FLAG_TRACE)
1800 ip6_forward_next_trace (vm, node, frame, VLIB_TX);
1802 time_now = vlib_time_now (vm);
1803 if (time_now - time_last_seed_change > 1e-3)
1806 u32 * r = clib_random_buffer_get_data (&vm->random_buffer,
1807 sizeof (hash_seeds));
1808 for (i = 0; i < ARRAY_LEN (hash_seeds); i++)
1809 hash_seeds[i] = r[i];
1811 /* Mark all hash keys as been not-seen before. */
1812 for (i = 0; i < ARRAY_LEN (hash_bitmap); i++)
1815 time_last_seed_change = time_now;
1818 from = vlib_frame_vector_args (frame);
1819 n_left_from = frame->n_vectors;
1821 while (n_left_from > 0)
1823 vlib_get_next_frame (vm, node, IP6_DISCOVER_NEIGHBOR_NEXT_DROP,
1824 to_next_drop, n_left_to_next_drop);
1826 while (n_left_from > 0 && n_left_to_next_drop > 0)
1830 u32 pi0, adj_index0, a0, b0, c0, m0, sw_if_index0, drop0;
1832 ip_adjacency_t * adj0;
1833 vnet_hw_interface_t * hw_if0;
1838 p0 = vlib_get_buffer (vm, pi0);
1840 adj_index0 = vnet_buffer (p0)->ip.adj_index[VLIB_TX];
1842 ip0 = vlib_buffer_get_current (p0);
1844 adj0 = ip_get_adjacency (lm, adj_index0);
1850 sw_if_index0 = adj0->rewrite_header.sw_if_index;
1851 vnet_buffer (p0)->sw_if_index[VLIB_TX] = sw_if_index0;
1854 b0 ^= ip0->dst_address.as_u32[0];
1855 c0 ^= ip0->dst_address.as_u32[1];
1857 hash_v3_mix32 (a0, b0, c0);
1859 b0 ^= ip0->dst_address.as_u32[2];
1860 c0 ^= ip0->dst_address.as_u32[3];
1862 hash_v3_finalize32 (a0, b0, c0);
1864 c0 &= BITS (hash_bitmap) - 1;
1865 c0 = c0 / BITS (uword);
1866 m0 = (uword) 1 << (c0 % BITS (uword));
1868 bm0 = hash_bitmap[c0];
1869 drop0 = (bm0 & m0) != 0;
1871 /* Mark it as seen. */
1872 hash_bitmap[c0] = bm0 | m0;
1876 to_next_drop[0] = pi0;
1878 n_left_to_next_drop -= 1;
1880 hw_if0 = vnet_get_sup_hw_interface (vnm, sw_if_index0);
1882 /* If the interface is link-down, drop the pkt */
1883 if (!(hw_if0->flags & VNET_HW_INTERFACE_FLAG_LINK_UP))
1887 node->errors[drop0 ? IP6_DISCOVER_NEIGHBOR_ERROR_DROP
1888 : IP6_DISCOVER_NEIGHBOR_ERROR_REQUEST_SENT];
1894 icmp6_neighbor_solicitation_header_t * h0;
1897 h0 = vlib_packet_template_get_packet
1898 (vm, &im->discover_neighbor_packet_template, &bi0);
1901 * Build ethernet header.
1902 * Choose source address based on destination lookup
1905 ip6_src_address_for_packet (im, p0, &h0->ip.src_address,
1909 * Destination address is a solicited node multicast address.
1910 * We need to fill in
1911 * the low 24 bits with low 24 bits of target's address.
1913 h0->ip.dst_address.as_u8[13] = ip0->dst_address.as_u8[13];
1914 h0->ip.dst_address.as_u8[14] = ip0->dst_address.as_u8[14];
1915 h0->ip.dst_address.as_u8[15] = ip0->dst_address.as_u8[15];
1917 h0->neighbor.target_address = ip0->dst_address;
1919 memcpy (h0->link_layer_option.ethernet_address,
1920 hw_if0->hw_address, vec_len (hw_if0->hw_address));
1922 /* $$$$ appears we need this; why is the checksum non-zero? */
1923 h0->neighbor.icmp.checksum = 0;
1924 h0->neighbor.icmp.checksum =
1925 ip6_tcp_udp_icmp_compute_checksum (vm, 0, &h0->ip,
1928 ASSERT (bogus_length == 0);
1930 vlib_buffer_copy_trace_flag (vm, p0, bi0);
1931 b0 = vlib_get_buffer (vm, bi0);
1932 vnet_buffer (b0)->sw_if_index[VLIB_TX]
1933 = vnet_buffer (p0)->sw_if_index[VLIB_TX];
1935 /* Add rewrite/encap string. */
1936 vnet_rewrite_one_header (adj0[0], h0,
1937 sizeof (ethernet_header_t));
1938 vlib_buffer_advance (b0, -adj0->rewrite_header.data_bytes);
1940 /* $$$$ hack in case next0 == 0 */
1941 b0->error = node->errors[IP6_DISCOVER_NEIGHBOR_ERROR_DROP];
1943 vec_elt (im->discover_neighbor_next_index_by_hw_if_index,
1944 hw_if0->hw_if_index);
1946 vlib_set_next_frame_buffer (vm, node, next0, bi0);
1950 vlib_put_next_frame (vm, node, IP6_DISCOVER_NEIGHBOR_NEXT_DROP,
1951 n_left_to_next_drop);
1954 return frame->n_vectors;
1957 static char * ip6_discover_neighbor_error_strings[] = {
1958 [IP6_DISCOVER_NEIGHBOR_ERROR_DROP] = "address overflow drops",
1959 [IP6_DISCOVER_NEIGHBOR_ERROR_REQUEST_SENT]
1960 = "neighbor solicitations sent",
1963 VLIB_REGISTER_NODE (ip6_discover_neighbor_node) = {
1964 .function = ip6_discover_neighbor,
1965 .name = "ip6-discover-neighbor",
1966 .vector_size = sizeof (u32),
1968 .format_trace = format_ip6_forward_next_trace,
1970 .n_errors = ARRAY_LEN (ip6_discover_neighbor_error_strings),
1971 .error_strings = ip6_discover_neighbor_error_strings,
1973 .n_next_nodes = IP6_DISCOVER_NEIGHBOR_N_NEXT,
1975 [IP6_DISCOVER_NEIGHBOR_NEXT_DROP] = "error-drop",
1980 ip6_discover_neighbor_hw_interface_link_up_down (vnet_main_t * vnm,
1984 vlib_main_t * vm = vnm->vlib_main;
1985 ip6_main_t * im = &ip6_main;
1986 vnet_hw_interface_t * hw_if;
1988 hw_if = vnet_get_hw_interface (vnm, hw_if_index);
1990 vec_validate_init_empty
1991 (im->discover_neighbor_next_index_by_hw_if_index, hw_if_index, 0);
1992 im->discover_neighbor_next_index_by_hw_if_index[hw_if_index]
1993 = vlib_node_add_next (vm, ip6_discover_neighbor_node.index,
1994 hw_if->output_node_index);
1998 VNET_HW_INTERFACE_LINK_UP_DOWN_FUNCTION
1999 (ip6_discover_neighbor_hw_interface_link_up_down);
2002 ip6_probe_neighbor (vlib_main_t * vm, ip6_address_t * dst, u32 sw_if_index)
2004 vnet_main_t * vnm = vnet_get_main();
2005 ip6_main_t * im = &ip6_main;
2006 icmp6_neighbor_solicitation_header_t * h;
2007 ip6_address_t * src;
2008 ip_interface_address_t * ia;
2009 ip_adjacency_t * adj;
2010 vnet_hw_interface_t * hi;
2011 vnet_sw_interface_t * si;
2016 si = vnet_get_sw_interface (vnm, sw_if_index);
2018 if (!(si->flags & VNET_SW_INTERFACE_FLAG_ADMIN_UP))
2020 return clib_error_return (0, "%U: interface %U down",
2021 format_ip6_address, dst,
2022 format_vnet_sw_if_index_name, vnm,
2026 src = ip6_interface_address_matching_destination (im, dst, sw_if_index, &ia);
2029 vnm->api_errno = VNET_API_ERROR_NO_MATCHING_INTERFACE;
2030 return clib_error_return
2031 (0, "no matching interface address for destination %U (interface %U)",
2032 format_ip6_address, dst,
2033 format_vnet_sw_if_index_name, vnm, sw_if_index);
2036 h = vlib_packet_template_get_packet (vm, &im->discover_neighbor_packet_template, &bi);
2038 hi = vnet_get_sup_hw_interface (vnm, sw_if_index);
2040 /* Destination address is a solicited node multicast address. We need to fill in
2041 the low 24 bits with low 24 bits of target's address. */
2042 h->ip.dst_address.as_u8[13] = dst->as_u8[13];
2043 h->ip.dst_address.as_u8[14] = dst->as_u8[14];
2044 h->ip.dst_address.as_u8[15] = dst->as_u8[15];
2046 h->ip.src_address = src[0];
2047 h->neighbor.target_address = dst[0];
2049 memcpy (h->link_layer_option.ethernet_address, hi->hw_address, vec_len (hi->hw_address));
2051 h->neighbor.icmp.checksum =
2052 ip6_tcp_udp_icmp_compute_checksum (vm, 0, &h->ip, &bogus_length);
2053 ASSERT(bogus_length == 0);
2055 b = vlib_get_buffer (vm, bi);
2056 vnet_buffer (b)->sw_if_index[VLIB_RX] = vnet_buffer (b)->sw_if_index[VLIB_TX] = sw_if_index;
2058 /* Add encapsulation string for software interface (e.g. ethernet header). */
2059 adj = ip_get_adjacency (&im->lookup_main, ia->neighbor_probe_adj_index);
2060 vnet_rewrite_one_header (adj[0], h, sizeof (ethernet_header_t));
2061 vlib_buffer_advance (b, -adj->rewrite_header.data_bytes);
2064 vlib_frame_t * f = vlib_get_frame_to_node (vm, hi->output_node_index);
2065 u32 * to_next = vlib_frame_vector_args (f);
2068 vlib_put_frame_to_node (vm, hi->output_node_index, f);
2071 return /* no error */ 0;
2075 IP6_REWRITE_NEXT_DROP,
2076 } ip6_rewrite_next_t;
2079 ip6_rewrite_inline (vlib_main_t * vm,
2080 vlib_node_runtime_t * node,
2081 vlib_frame_t * frame,
2082 int rewrite_for_locally_received_packets)
2084 ip_lookup_main_t * lm = &ip6_main.lookup_main;
2085 u32 * from = vlib_frame_vector_args (frame);
2086 u32 n_left_from, n_left_to_next, * to_next, next_index;
2087 vlib_node_runtime_t * error_node = vlib_node_get_runtime (vm, ip6_input_node.index);
2088 vlib_rx_or_tx_t adj_rx_tx = rewrite_for_locally_received_packets ? VLIB_RX : VLIB_TX;
2090 n_left_from = frame->n_vectors;
2091 next_index = node->cached_next_index;
2092 u32 cpu_index = os_get_cpu_number();
2094 while (n_left_from > 0)
2096 vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
2098 while (n_left_from >= 4 && n_left_to_next >= 2)
2100 ip_adjacency_t * adj0, * adj1;
2101 vlib_buffer_t * p0, * p1;
2102 ip6_header_t * ip0, * ip1;
2103 u32 pi0, rw_len0, next0, error0, adj_index0;
2104 u32 pi1, rw_len1, next1, error1, adj_index1;
2106 /* Prefetch next iteration. */
2108 vlib_buffer_t * p2, * p3;
2110 p2 = vlib_get_buffer (vm, from[2]);
2111 p3 = vlib_get_buffer (vm, from[3]);
2113 vlib_prefetch_buffer_header (p2, LOAD);
2114 vlib_prefetch_buffer_header (p3, LOAD);
2116 CLIB_PREFETCH (p2->pre_data, 32, STORE);
2117 CLIB_PREFETCH (p3->pre_data, 32, STORE);
2119 CLIB_PREFETCH (p2->data, sizeof (ip0[0]), STORE);
2120 CLIB_PREFETCH (p3->data, sizeof (ip0[0]), STORE);
2123 pi0 = to_next[0] = from[0];
2124 pi1 = to_next[1] = from[1];
2129 n_left_to_next -= 2;
2131 p0 = vlib_get_buffer (vm, pi0);
2132 p1 = vlib_get_buffer (vm, pi1);
2134 adj_index0 = vnet_buffer (p0)->ip.adj_index[adj_rx_tx];
2135 adj_index1 = vnet_buffer (p1)->ip.adj_index[adj_rx_tx];
2137 /* We should never rewrite a pkt using the MISS adjacency */
2138 ASSERT(adj_index0 && adj_index1);
2140 ip0 = vlib_buffer_get_current (p0);
2141 ip1 = vlib_buffer_get_current (p1);
2143 error0 = error1 = IP6_ERROR_NONE;
2145 if (! rewrite_for_locally_received_packets)
2147 i32 hop_limit0 = ip0->hop_limit, hop_limit1 = ip1->hop_limit;
2149 /* Input node should have reject packets with hop limit 0. */
2150 ASSERT (ip0->hop_limit > 0);
2151 ASSERT (ip1->hop_limit > 0);
2156 ip0->hop_limit = hop_limit0;
2157 ip1->hop_limit = hop_limit1;
2159 error0 = hop_limit0 <= 0 ? IP6_ERROR_TIME_EXPIRED : error0;
2160 error1 = hop_limit1 <= 0 ? IP6_ERROR_TIME_EXPIRED : error1;
2163 adj0 = ip_get_adjacency (lm, adj_index0);
2164 adj1 = ip_get_adjacency (lm, adj_index1);
2166 if (rewrite_for_locally_received_packets)
2169 * If someone sends e.g. an icmp6 w/ src = dst = interface addr,
2170 * we end up here with a local adjacency in hand
2172 if (PREDICT_FALSE(adj0->lookup_next_index
2173 == IP_LOOKUP_NEXT_LOCAL))
2174 error0 = IP6_ERROR_SPOOFED_LOCAL_PACKETS;
2175 if (PREDICT_FALSE(adj1->lookup_next_index
2176 == IP_LOOKUP_NEXT_LOCAL))
2177 error1 = IP6_ERROR_SPOOFED_LOCAL_PACKETS;
2180 rw_len0 = adj0[0].rewrite_header.data_bytes;
2181 rw_len1 = adj1[0].rewrite_header.data_bytes;
2183 vlib_increment_combined_counter (&lm->adjacency_counters,
2186 /* packet increment */ 0,
2187 /* byte increment */ rw_len0);
2188 vlib_increment_combined_counter (&lm->adjacency_counters,
2191 /* packet increment */ 0,
2192 /* byte increment */ rw_len1);
2194 /* Check MTU of outgoing interface. */
2195 error0 = (vlib_buffer_length_in_chain (vm, p0) > adj0[0].rewrite_header.max_l3_packet_bytes
2196 ? IP6_ERROR_MTU_EXCEEDED
2198 error1 = (vlib_buffer_length_in_chain (vm, p1) > adj1[0].rewrite_header.max_l3_packet_bytes
2199 ? IP6_ERROR_MTU_EXCEEDED
2202 p0->current_data -= rw_len0;
2203 p1->current_data -= rw_len1;
2205 p0->current_length += rw_len0;
2206 p1->current_length += rw_len1;
2208 vnet_buffer (p0)->sw_if_index[VLIB_TX] = adj0[0].rewrite_header.sw_if_index;
2209 vnet_buffer (p1)->sw_if_index[VLIB_TX] = adj1[0].rewrite_header.sw_if_index;
2211 next0 = (error0 == IP6_ERROR_NONE) ?
2212 adj0[0].rewrite_header.next_index : IP6_REWRITE_NEXT_DROP;
2213 next1 = (error1 == IP6_ERROR_NONE) ?
2214 adj1[0].rewrite_header.next_index : IP6_REWRITE_NEXT_DROP;
2216 /* Guess we are only writing on simple Ethernet header. */
2217 vnet_rewrite_two_headers (adj0[0], adj1[0],
2219 sizeof (ethernet_header_t));
2221 vlib_validate_buffer_enqueue_x2 (vm, node, next_index,
2222 to_next, n_left_to_next,
2223 pi0, pi1, next0, next1);
2226 while (n_left_from > 0 && n_left_to_next > 0)
2228 ip_adjacency_t * adj0;
2232 u32 adj_index0, next0, error0;
2234 pi0 = to_next[0] = from[0];
2236 p0 = vlib_get_buffer (vm, pi0);
2238 adj_index0 = vnet_buffer (p0)->ip.adj_index[adj_rx_tx];
2240 /* We should never rewrite a pkt using the MISS adjacency */
2243 adj0 = ip_get_adjacency (lm, adj_index0);
2245 ip0 = vlib_buffer_get_current (p0);
2247 error0 = IP6_ERROR_NONE;
2249 /* Check hop limit */
2250 if (! rewrite_for_locally_received_packets)
2252 i32 hop_limit0 = ip0->hop_limit;
2254 ASSERT (ip0->hop_limit > 0);
2258 ip0->hop_limit = hop_limit0;
2260 error0 = hop_limit0 <= 0 ? IP6_ERROR_TIME_EXPIRED : error0;
2263 if (rewrite_for_locally_received_packets)
2265 if (PREDICT_FALSE(adj0->lookup_next_index
2266 == IP_LOOKUP_NEXT_LOCAL))
2267 error0 = IP6_ERROR_SPOOFED_LOCAL_PACKETS;
2270 /* Guess we are only writing on simple Ethernet header. */
2271 vnet_rewrite_one_header (adj0[0], ip0, sizeof (ethernet_header_t));
2273 /* Update packet buffer attributes/set output interface. */
2274 rw_len0 = adj0[0].rewrite_header.data_bytes;
2276 vlib_increment_combined_counter (&lm->adjacency_counters,
2279 /* packet increment */ 0,
2280 /* byte increment */ rw_len0);
2282 /* Check MTU of outgoing interface. */
2283 error0 = (vlib_buffer_length_in_chain (vm, p0) > adj0[0].rewrite_header.max_l3_packet_bytes
2284 ? IP6_ERROR_MTU_EXCEEDED
2287 p0->current_data -= rw_len0;
2288 p0->current_length += rw_len0;
2289 vnet_buffer (p0)->sw_if_index[VLIB_TX] = adj0[0].rewrite_header.sw_if_index;
2291 next0 = (error0 == IP6_ERROR_NONE) ?
2292 adj0[0].rewrite_header.next_index : IP6_REWRITE_NEXT_DROP;
2294 p0->error = error_node->errors[error0];
2299 n_left_to_next -= 1;
2301 vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
2302 to_next, n_left_to_next,
2306 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
2309 /* Need to do trace after rewrites to pick up new packet data. */
2310 if (node->flags & VLIB_NODE_FLAG_TRACE)
2311 ip6_forward_next_trace (vm, node, frame, adj_rx_tx);
2313 return frame->n_vectors;
2317 ip6_rewrite_transit (vlib_main_t * vm,
2318 vlib_node_runtime_t * node,
2319 vlib_frame_t * frame)
2321 return ip6_rewrite_inline (vm, node, frame,
2322 /* rewrite_for_locally_received_packets */ 0);
2326 ip6_rewrite_local (vlib_main_t * vm,
2327 vlib_node_runtime_t * node,
2328 vlib_frame_t * frame)
2330 return ip6_rewrite_inline (vm, node, frame,
2331 /* rewrite_for_locally_received_packets */ 1);
2334 VLIB_REGISTER_NODE (ip6_rewrite_node) = {
2335 .function = ip6_rewrite_transit,
2336 .name = "ip6-rewrite",
2337 .vector_size = sizeof (u32),
2339 .format_trace = format_ip6_forward_next_trace,
2343 [IP6_REWRITE_NEXT_DROP] = "error-drop",
2347 VLIB_REGISTER_NODE (ip6_rewrite_local_node,static) = {
2348 .function = ip6_rewrite_local,
2349 .name = "ip6-rewrite-local",
2350 .vector_size = sizeof (u32),
2352 .sibling_of = "ip6-rewrite",
2354 .format_trace = format_ip6_forward_next_trace,
2358 [IP6_REWRITE_NEXT_DROP] = "error-drop",
2362 /* Global IP6 main. */
2363 ip6_main_t ip6_main;
2365 static clib_error_t *
2366 ip6_lookup_init (vlib_main_t * vm)
2368 ip6_main_t * im = &ip6_main;
2371 for (i = 0; i < ARRAY_LEN (im->fib_masks); i++)
2378 for (j = 0; j < i0; j++)
2379 im->fib_masks[i].as_u32[j] = ~0;
2382 im->fib_masks[i].as_u32[i0] = clib_host_to_net_u32 (pow2_mask (i1) << (32 - i1));
2385 ip_lookup_init (&im->lookup_main, /* is_ip6 */ 1);
2387 if (im->lookup_table_nbuckets == 0)
2388 im->lookup_table_nbuckets = IP6_FIB_DEFAULT_HASH_NUM_BUCKETS;
2390 im->lookup_table_nbuckets = 1<< max_log2 (im->lookup_table_nbuckets);
2392 if (im->lookup_table_size == 0)
2393 im->lookup_table_size = IP6_FIB_DEFAULT_HASH_MEMORY_SIZE;
2395 BV(clib_bihash_init) (&im->ip6_lookup_table, "ip6 lookup table",
2396 im->lookup_table_nbuckets,
2397 im->lookup_table_size);
2399 /* Create FIB with index 0 and table id of 0. */
2400 find_ip6_fib_by_table_index_or_id (im, /* table id */ 0, IP6_ROUTE_FLAG_TABLE_ID);
2404 pn = pg_get_node (ip6_lookup_node.index);
2405 pn->unformat_edit = unformat_pg_ip6_header;
2409 icmp6_neighbor_solicitation_header_t p;
2411 memset (&p, 0, sizeof (p));
2413 p.ip.ip_version_traffic_class_and_flow_label = clib_host_to_net_u32 (0x6 << 28);
2414 p.ip.payload_length = clib_host_to_net_u16 (sizeof (p)
2415 - STRUCT_OFFSET_OF (icmp6_neighbor_solicitation_header_t, neighbor));
2416 p.ip.protocol = IP_PROTOCOL_ICMP6;
2417 p.ip.hop_limit = 255;
2418 ip6_set_solicited_node_multicast_address (&p.ip.dst_address, 0);
2420 p.neighbor.icmp.type = ICMP6_neighbor_solicitation;
2422 p.link_layer_option.header.type = ICMP6_NEIGHBOR_DISCOVERY_OPTION_source_link_layer_address;
2423 p.link_layer_option.header.n_data_u64s = sizeof (p.link_layer_option) / sizeof (u64);
2425 vlib_packet_template_init (vm,
2426 &im->discover_neighbor_packet_template,
2428 /* alloc chunk size */ 8,
2429 "ip6 neighbor discovery");
2435 VLIB_INIT_FUNCTION (ip6_lookup_init);
2437 static clib_error_t *
2438 add_del_ip6_interface_table (vlib_main_t * vm,
2439 unformat_input_t * input,
2440 vlib_cli_command_t * cmd)
2442 vnet_main_t * vnm = vnet_get_main();
2443 clib_error_t * error = 0;
2444 u32 sw_if_index, table_id;
2448 if (! unformat_user (input, unformat_vnet_sw_interface, vnm, &sw_if_index))
2450 error = clib_error_return (0, "unknown interface `%U'",
2451 format_unformat_error, input);
2455 if (unformat (input, "%d", &table_id))
2459 error = clib_error_return (0, "expected table id `%U'",
2460 format_unformat_error, input);
2465 ip6_main_t * im = &ip6_main;
2467 find_ip6_fib_by_table_index_or_id (im, table_id, IP6_ROUTE_FLAG_TABLE_ID);
2471 vec_validate (im->fib_index_by_sw_if_index, sw_if_index);
2472 im->fib_index_by_sw_if_index[sw_if_index] = fib->index;
2480 VLIB_CLI_COMMAND (set_interface_ip_table_command, static) = {
2481 .path = "set interface ip6 table",
2482 .function = add_del_ip6_interface_table,
2483 .short_help = "set interface ip6 table <intfc> <table-id>"
2487 ip6_link_local_address_from_ethernet_mac_address (ip6_address_t *ip,
2490 ip->as_u64[0] = clib_host_to_net_u64 (0xFE80000000000000ULL);
2491 /* Invert the "u" bit */
2492 ip->as_u8 [8] = mac[0] ^ (1<<1);
2493 ip->as_u8 [9] = mac[1];
2494 ip->as_u8 [10] = mac[2];
2495 ip->as_u8 [11] = 0xFF;
2496 ip->as_u8 [12] = 0xFE;
2497 ip->as_u8 [13] = mac[3];
2498 ip->as_u8 [14] = mac[4];
2499 ip->as_u8 [15] = mac[5];
2503 ip6_ethernet_mac_address_from_link_local_address (u8 *mac,
2506 /* Invert the previously inverted "u" bit */
2507 mac[0] = ip->as_u8 [8] ^ (1<<1);
2508 mac[1] = ip->as_u8 [9];
2509 mac[2] = ip->as_u8 [10];
2510 mac[3] = ip->as_u8 [13];
2511 mac[4] = ip->as_u8 [14];
2512 mac[5] = ip->as_u8 [15];
2515 static clib_error_t *
2516 test_ip6_link_command_fn (vlib_main_t * vm,
2517 unformat_input_t * input,
2518 vlib_cli_command_t * cmd)
2521 ip6_address_t _a, *a = &_a;
2523 if (unformat (input, "%U", unformat_ethernet_address, mac))
2525 ip6_link_local_address_from_ethernet_mac_address (a, mac);
2526 vlib_cli_output (vm, "Link local address: %U",
2527 format_ip6_address, a);
2528 ip6_ethernet_mac_address_from_link_local_address (mac, a);
2529 vlib_cli_output (vm, "Original MAC address: %U",
2530 format_ethernet_address, mac);
2536 VLIB_CLI_COMMAND (test_link_command, static) = {
2537 .path = "test ip6 link",
2538 .function = test_ip6_link_command_fn,
2539 .short_help = "test ip6 link <mac-address>",
2542 int vnet_set_ip6_flow_hash (u32 table_id, u32 flow_hash_config)
2544 ip6_main_t * im6 = &ip6_main;
2546 uword * p = hash_get (im6->fib_index_by_table_id, table_id);
2551 fib = vec_elt_at_index (im6->fibs, p[0]);
2553 fib->flow_hash_config = flow_hash_config;
2557 static clib_error_t *
2558 set_ip6_flow_hash_command_fn (vlib_main_t * vm,
2559 unformat_input_t * input,
2560 vlib_cli_command_t * cmd)
2564 u32 flow_hash_config = 0;
2567 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) {
2568 if (unformat (input, "table %d", &table_id))
2571 else if (unformat (input, #a)) { flow_hash_config |= v; matched=1;}
2572 foreach_flow_hash_bit
2578 return clib_error_return (0, "unknown input `%U'",
2579 format_unformat_error, input);
2581 rv = vnet_set_ip6_flow_hash (table_id, flow_hash_config);
2588 return clib_error_return (0, "no such FIB table %d", table_id);
2591 clib_warning ("BUG: illegal flow hash config 0x%x", flow_hash_config);
2598 VLIB_CLI_COMMAND (set_ip6_flow_hash_command, static) = {
2599 .path = "set ip6 flow-hash",
2601 "set ip table flow-hash table <fib-id> src dst sport dport proto reverse",
2602 .function = set_ip6_flow_hash_command_fn,
2605 static clib_error_t *
2606 show_ip6_local_command_fn (vlib_main_t * vm,
2607 unformat_input_t * input,
2608 vlib_cli_command_t * cmd)
2610 ip6_main_t * im = &ip6_main;
2611 ip_lookup_main_t * lm = &im->lookup_main;
2614 vlib_cli_output (vm, "Protocols handled by ip6_local");
2615 for (i = 0; i < ARRAY_LEN(lm->local_next_by_ip_protocol); i++)
2617 if (lm->local_next_by_ip_protocol[i] != IP_LOCAL_NEXT_PUNT)
2618 vlib_cli_output (vm, "%d", i);
2625 VLIB_CLI_COMMAND (show_ip_local, static) = {
2626 .path = "show ip6 local",
2627 .function = show_ip6_local_command_fn,
2628 .short_help = "Show ip6 local protocol table",
2631 int vnet_set_ip6_classify_intfc (vlib_main_t * vm, u32 sw_if_index,
2634 vnet_main_t * vnm = vnet_get_main();
2635 vnet_interface_main_t * im = &vnm->interface_main;
2636 ip6_main_t * ipm = &ip6_main;
2637 ip_lookup_main_t * lm = &ipm->lookup_main;
2638 vnet_classify_main_t * cm = &vnet_classify_main;
2640 if (pool_is_free_index (im->sw_interfaces, sw_if_index))
2641 return VNET_API_ERROR_NO_MATCHING_INTERFACE;
2643 if (table_index != ~0 && pool_is_free_index (cm->tables, table_index))
2644 return VNET_API_ERROR_NO_SUCH_ENTRY;
2646 vec_validate (lm->classify_table_index_by_sw_if_index, sw_if_index);
2647 lm->classify_table_index_by_sw_if_index [sw_if_index] = table_index;
2652 static clib_error_t *
2653 set_ip6_classify_command_fn (vlib_main_t * vm,
2654 unformat_input_t * input,
2655 vlib_cli_command_t * cmd)
2657 u32 table_index = ~0;
2658 int table_index_set = 0;
2659 u32 sw_if_index = ~0;
2662 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) {
2663 if (unformat (input, "table-index %d", &table_index))
2664 table_index_set = 1;
2665 else if (unformat (input, "intfc %U", unformat_vnet_sw_interface,
2666 vnet_get_main(), &sw_if_index))
2672 if (table_index_set == 0)
2673 return clib_error_return (0, "classify table-index must be specified");
2675 if (sw_if_index == ~0)
2676 return clib_error_return (0, "interface / subif must be specified");
2678 rv = vnet_set_ip6_classify_intfc (vm, sw_if_index, table_index);
2685 case VNET_API_ERROR_NO_MATCHING_INTERFACE:
2686 return clib_error_return (0, "No such interface");
2688 case VNET_API_ERROR_NO_SUCH_ENTRY:
2689 return clib_error_return (0, "No such classifier table");
2694 VLIB_CLI_COMMAND (set_ip6_classify_command, static) = {
2695 .path = "set ip6 classify",
2697 "set ip6 classify intfc <int> table-index <index>",
2698 .function = set_ip6_classify_command_fn,
2701 static clib_error_t *
2702 ip6_config (vlib_main_t * vm, unformat_input_t * input)
2704 ip6_main_t * im = &ip6_main;
2709 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) {
2710 if (unformat (input, "hash-buckets %d", &tmp))
2712 else if (unformat (input, "heap-size %dm", &tmp))
2713 heapsize = ((u64)tmp) << 20;
2714 else if (unformat (input, "heap-size %dM", &tmp))
2715 heapsize = ((u64)tmp) << 20;
2716 else if (unformat (input, "heap-size %dg", &tmp))
2717 heapsize = ((u64)tmp) << 30;
2718 else if (unformat (input, "heap-size %dG", &tmp))
2719 heapsize = ((u64)tmp) << 30;
2721 return clib_error_return (0, "unknown input '%U'",
2722 format_unformat_error, input);
2725 im->lookup_table_nbuckets = nbuckets;
2726 im->lookup_table_size = heapsize;
2731 VLIB_EARLY_CONFIG_FUNCTION (ip6_config, "ip6");