2 * Copyright (c) 2015 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
16 * ip/ip6_forward.c: IP v6 forwarding
18 * Copyright (c) 2008 Eliot Dresselhaus
20 * Permission is hereby granted, free of charge, to any person obtaining
21 * a copy of this software and associated documentation files (the
22 * "Software"), to deal in the Software without restriction, including
23 * without limitation the rights to use, copy, modify, merge, publish,
24 * distribute, sublicense, and/or sell copies of the Software, and to
25 * permit persons to whom the Software is furnished to do so, subject to
26 * the following conditions:
28 * The above copyright notice and this permission notice shall be
29 * included in all copies or substantial portions of the Software.
31 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
32 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
33 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
34 * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
35 * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
36 * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
37 * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
40 #include <vnet/vnet.h>
41 #include <vnet/ip/ip.h>
42 #include <vnet/ethernet/ethernet.h> /* for ethernet_header_t */
43 #include <vnet/srp/srp.h> /* for srp_hw_interface_class */
44 #include <vppinfra/cache.h>
46 #include <vppinfra/bihash_template.c>
48 static void compute_prefix_lengths_in_search_order (ip6_main_t * im)
51 vec_reset_length (im->prefix_lengths_in_search_order);
52 /* Note: bitmap reversed so this is in fact a longest prefix match */
53 clib_bitmap_foreach (i, im->non_empty_dst_address_length_bitmap,
55 int dst_address_length = 128 - i;
56 vec_add1 (im->prefix_lengths_in_search_order, dst_address_length);
61 ip6_fib_lookup_with_table (ip6_main_t * im, u32 fib_index, ip6_address_t * dst)
63 ip_lookup_main_t * lm = &im->lookup_main;
66 BVT(clib_bihash_kv) kv, value;
69 len = vec_len (im->prefix_lengths_in_search_order);
71 kv.key[0] = dst->as_u64[0];
72 kv.key[1] = dst->as_u64[1];
73 fib = ((u64)((fib_index))<<32);
75 for (i = 0; i < len; i++)
77 int dst_address_length = im->prefix_lengths_in_search_order[i];
78 ip6_address_t * mask = &im->fib_masks[dst_address_length];
80 ASSERT(dst_address_length >= 0 && dst_address_length <= 128);
81 //As lengths are decreasing, masks are increasingly specific.
82 kv.key[0] &= mask->as_u64[0];
83 kv.key[1] &= mask->as_u64[1];
84 kv.key[2] = fib | dst_address_length;
86 rv = BV(clib_bihash_search_inline_2)(&im->ip6_lookup_table, &kv, &value);
91 return lm->miss_adj_index;
94 u32 ip6_fib_lookup (ip6_main_t * im, u32 sw_if_index, ip6_address_t * dst)
96 u32 fib_index = vec_elt (im->fib_index_by_sw_if_index, sw_if_index);
97 return ip6_fib_lookup_with_table (im, fib_index, dst);
101 vnet_ip6_fib_init (ip6_main_t * im, u32 fib_index)
103 ip_lookup_main_t * lm = &im->lookup_main;
104 ip6_add_del_route_args_t a;
105 ip_adjacency_t * adj;
107 memset(&a, 0x0, sizeof(ip6_add_del_route_args_t));
109 a.table_index_or_table_id = fib_index;
110 a.flags = (IP6_ROUTE_FLAG_ADD
111 | IP6_ROUTE_FLAG_FIB_INDEX
112 | IP6_ROUTE_FLAG_KEEP_OLD_ADJACENCY
113 | IP6_ROUTE_FLAG_NO_REDISTRIBUTE);
115 /* Add ff02::1:ff00:0/104 via local route for all tables.
116 This is required for neighbor discovery to work. */
117 adj = ip_add_adjacency (lm, /* template */ 0, /* block size */ 1,
119 adj->lookup_next_index = IP_LOOKUP_NEXT_LOCAL;
120 adj->if_address_index = ~0;
121 adj->rewrite_header.data_bytes = 0;
123 ip6_set_solicited_node_multicast_address (&a.dst_address, 0);
125 a.dst_address_length = 104;
126 ip6_add_del_route (im, &a);
128 /* Add all-routers multicast address via local route for all tables */
129 adj = ip_add_adjacency (lm, /* template */ 0, /* block size */ 1,
131 adj->lookup_next_index = IP_LOOKUP_NEXT_LOCAL;
132 adj->if_address_index = ~0;
133 adj->rewrite_header.data_bytes = 0;
135 ip6_set_reserved_multicast_address (&a.dst_address,
136 IP6_MULTICAST_SCOPE_link_local,
137 IP6_MULTICAST_GROUP_ID_all_routers);
139 a.dst_address_length = 128;
140 ip6_add_del_route (im, &a);
142 /* Add all-nodes multicast address via local route for all tables */
143 adj = ip_add_adjacency (lm, /* template */ 0, /* block size */ 1,
145 adj->lookup_next_index = IP_LOOKUP_NEXT_LOCAL;
146 adj->if_address_index = ~0;
147 adj->rewrite_header.data_bytes = 0;
149 ip6_set_reserved_multicast_address (&a.dst_address,
150 IP6_MULTICAST_SCOPE_link_local,
151 IP6_MULTICAST_GROUP_ID_all_hosts);
153 a.dst_address_length = 128;
154 ip6_add_del_route (im, &a);
156 /* Add all-mldv2 multicast address via local route for all tables */
157 adj = ip_add_adjacency (lm, /* template */ 0, /* block size */ 1,
159 adj->lookup_next_index = IP_LOOKUP_NEXT_LOCAL;
160 adj->if_address_index = ~0;
161 adj->rewrite_header.data_bytes = 0;
163 ip6_set_reserved_multicast_address (&a.dst_address,
164 IP6_MULTICAST_SCOPE_link_local,
165 IP6_MULTICAST_GROUP_ID_mldv2_routers);
167 a.dst_address_length = 128;
168 ip6_add_del_route (im, &a);
172 create_fib_with_table_id (ip6_main_t * im, u32 table_id)
175 hash_set (im->fib_index_by_table_id, table_id, vec_len (im->fibs));
176 vec_add2 (im->fibs, fib, 1);
177 fib->table_id = table_id;
178 fib->index = fib - im->fibs;
179 fib->flow_hash_config = IP_FLOW_HASH_DEFAULT;
180 vnet_ip6_fib_init (im, fib->index);
185 find_ip6_fib_by_table_index_or_id (ip6_main_t * im, u32 table_index_or_id, u32 flags)
187 uword * p, fib_index;
189 fib_index = table_index_or_id;
190 if (! (flags & IP6_ROUTE_FLAG_FIB_INDEX))
192 if (table_index_or_id == ~0) {
193 table_index_or_id = 0;
194 while (hash_get (im->fib_index_by_table_id, table_index_or_id)) {
197 return create_fib_with_table_id (im, table_index_or_id);
200 p = hash_get (im->fib_index_by_table_id, table_index_or_id);
202 return create_fib_with_table_id (im, table_index_or_id);
205 return vec_elt_at_index (im->fibs, fib_index);
208 void ip6_add_del_route (ip6_main_t * im, ip6_add_del_route_args_t * a)
210 ip_lookup_main_t * lm = &im->lookup_main;
212 ip6_address_t dst_address;
213 u32 dst_address_length, adj_index;
215 u32 old_adj_index = ~0;
216 BVT(clib_bihash_kv) kv, value;
218 vlib_smp_unsafe_warning();
220 is_del = (a->flags & IP6_ROUTE_FLAG_DEL) != 0;
222 /* Either create new adjacency or use given one depending on arguments. */
223 if (a->n_add_adj > 0)
225 ip_add_adjacency (lm, a->add_adj, a->n_add_adj, &adj_index);
226 ip_call_add_del_adjacency_callbacks (lm, adj_index, /* is_del */ 0);
229 adj_index = a->adj_index;
231 dst_address = a->dst_address;
232 dst_address_length = a->dst_address_length;
233 fib = find_ip6_fib_by_table_index_or_id (im, a->table_index_or_table_id,
236 ASSERT (dst_address_length < ARRAY_LEN (im->fib_masks));
237 ip6_address_mask (&dst_address, &im->fib_masks[dst_address_length]);
239 /* refcount accounting */
242 ASSERT (im->dst_address_length_refcounts[dst_address_length] > 0);
243 if (--im->dst_address_length_refcounts[dst_address_length] == 0)
245 im->non_empty_dst_address_length_bitmap =
246 clib_bitmap_set (im->non_empty_dst_address_length_bitmap,
247 128 - dst_address_length, 0);
248 compute_prefix_lengths_in_search_order (im);
253 im->dst_address_length_refcounts[dst_address_length]++;
255 im->non_empty_dst_address_length_bitmap =
256 clib_bitmap_set (im->non_empty_dst_address_length_bitmap,
257 128 - dst_address_length, 1);
258 compute_prefix_lengths_in_search_order (im);
261 kv.key[0] = dst_address.as_u64[0];
262 kv.key[1] = dst_address.as_u64[1];
263 kv.key[2] = ((u64)((fib - im->fibs))<<32) | dst_address_length;
265 if (BV(clib_bihash_search)(&im->ip6_lookup_table, &kv, &value) == 0)
266 old_adj_index = value.value;
269 BV(clib_bihash_add_del) (&im->ip6_lookup_table, &kv, 0 /* is_add */);
272 /* Make sure adj index is valid. */
274 (void) ip_get_adjacency (lm, adj_index);
276 kv.value = adj_index;
278 BV(clib_bihash_add_del) (&im->ip6_lookup_table, &kv, 1 /* is_add */);
281 /* Avoid spurious reference count increments */
282 if (old_adj_index == adj_index
284 && !(a->flags & IP6_ROUTE_FLAG_KEEP_OLD_ADJACENCY))
286 ip_adjacency_t * adj = ip_get_adjacency (lm, adj_index);
287 if (adj->share_count > 0)
291 /* Delete old adjacency index if present and changed. */
293 if (! (a->flags & IP6_ROUTE_FLAG_KEEP_OLD_ADJACENCY)
294 && old_adj_index != ~0
295 && old_adj_index != adj_index)
296 ip_del_adjacency (lm, old_adj_index);
301 ip6_route_get_next_hop_adj (ip6_main_t * im,
303 ip6_address_t *next_hop,
304 u32 next_hop_sw_if_index,
305 u32 explicit_fib_index)
307 ip_lookup_main_t * lm = &im->lookup_main;
308 vnet_main_t * vnm = vnet_get_main();
309 int is_interface_next_hop;
314 fib = vec_elt_at_index (im->fibs, fib_index);
316 is_interface_next_hop = ip6_address_is_zero (next_hop);
318 if (is_interface_next_hop)
320 nh_result = hash_get (im->interface_route_adj_index_by_sw_if_index,
321 next_hop_sw_if_index);
323 nh_adj_index = *nh_result;
326 ip_adjacency_t * adj;
327 adj = ip_add_adjacency (lm, /* template */ 0, /* block size */ 1,
329 ip6_adjacency_set_interface_route (vnm, adj,
330 next_hop_sw_if_index, ~0);
331 ip_call_add_del_adjacency_callbacks
332 (lm, next_hop_sw_if_index, /* is_del */ 0);
333 hash_set (im->interface_route_adj_index_by_sw_if_index,
334 next_hop_sw_if_index, nh_adj_index);
337 else if (next_hop_sw_if_index == ~0)
339 /* next-hop is recursive. we always need a indirect adj
340 * for recursive paths. Any LPM we perform now will give
341 * us a valid adj, but without tracking the next-hop we
342 * have no way to keep it valid.
344 ip_adjacency_t add_adj;
345 memset (&add_adj, 0, sizeof(add_adj));
347 add_adj.lookup_next_index = IP_LOOKUP_NEXT_INDIRECT;
348 add_adj.indirect.next_hop.ip6.as_u64[0] = next_hop->as_u64[0];
349 add_adj.indirect.next_hop.ip6.as_u64[1] = next_hop->as_u64[1];
350 add_adj.explicit_fib_index = explicit_fib_index;
351 ip_add_adjacency (lm, &add_adj, 1, &nh_adj_index);
355 BVT(clib_bihash_kv) kv, value;
357 /* Look for the interface /128 route */
358 kv.key[0] = next_hop->as_u64[0];
359 kv.key[1] = next_hop->as_u64[1];
360 kv.key[2] = ((u64)((fib - im->fibs))<<32) | 128;
362 if (BV(clib_bihash_search)(&im->ip6_lookup_table, &kv, &value) < 0)
364 ip_adjacency_t * adj;
365 nh_adj_index = ip6_fib_lookup_with_table (im, fib_index, next_hop);
366 adj = ip_get_adjacency (lm, nh_adj_index);
367 /* if ND interface adjacencty is present, we need to
368 install ND adjaceny for specific next hop */
369 if (adj->lookup_next_index == IP_LOOKUP_NEXT_ARP &&
370 adj->arp.next_hop.ip6.as_u64[0] == 0 &&
371 adj->arp.next_hop.ip6.as_u64[1] == 0)
373 nh_adj_index = vnet_ip6_neighbor_glean_add(fib_index, next_hop);
375 else if (next_hop->as_u8[0] == 0xfe)
377 //Next hop is link-local. No indirect in this case.
378 //Let's add it as a possible neighbor on this interface
379 ip6_address_t null_addr= {};
380 ip6_add_del_route_next_hop (im, IP6_ROUTE_FLAG_ADD,
382 &null_addr, next_hop_sw_if_index,
389 nh_adj_index = value.value;
393 return (nh_adj_index);
397 ip6_add_del_route_next_hop (ip6_main_t * im,
399 ip6_address_t * dst_address,
400 u32 dst_address_length,
401 ip6_address_t * next_hop,
402 u32 next_hop_sw_if_index,
403 u32 next_hop_weight, u32 adj_index,
404 u32 explicit_fib_index)
406 vnet_main_t * vnm = vnet_get_main();
407 ip_lookup_main_t * lm = &im->lookup_main;
410 ip6_address_t masked_dst_address;
411 u32 old_mp_adj_index, new_mp_adj_index;
412 u32 dst_adj_index, nh_adj_index;
414 ip_adjacency_t * dst_adj;
415 ip_multipath_adjacency_t * old_mp, * new_mp;
416 int is_del = (flags & IP6_ROUTE_FLAG_DEL) != 0;
417 clib_error_t * error = 0;
418 BVT(clib_bihash_kv) kv, value;
420 vlib_smp_unsafe_warning();
422 if (explicit_fib_index == (u32)~0)
423 fib_index = vec_elt (im->fib_index_by_sw_if_index, next_hop_sw_if_index);
425 fib_index = explicit_fib_index;
427 fib = vec_elt_at_index (im->fibs, fib_index);
429 /* Lookup next hop to be added or deleted. */
430 if (adj_index == (u32)~0)
432 nh_adj_index = ip6_route_get_next_hop_adj(im, fib_index,
434 next_hop_sw_if_index,
439 /* Look for the interface /128 route */
440 kv.key[0] = next_hop->as_u64[0];
441 kv.key[1] = next_hop->as_u64[1];
442 kv.key[2] = ((u64)((fib - im->fibs))<<32) | 128;
444 if (BV(clib_bihash_search)(&im->ip6_lookup_table, &kv, &value) < 0)
446 vnm->api_errno = VNET_API_ERROR_UNKNOWN_DESTINATION;
447 error = clib_error_return (0, "next-hop %U/128 not in FIB",
448 format_ip6_address, next_hop);
452 nh_adj_index = value.value;
455 ASSERT (dst_address_length < ARRAY_LEN (im->fib_masks));
456 masked_dst_address = dst_address[0];
457 ip6_address_mask (&masked_dst_address, &im->fib_masks[dst_address_length]);
459 kv.key[0] = masked_dst_address.as_u64[0];
460 kv.key[1] = masked_dst_address.as_u64[1];
461 kv.key[2] = ((u64)((fib - im->fibs))<<32) | dst_address_length;
463 rv = BV(clib_bihash_search)(&im->ip6_lookup_table, &kv, &value);
467 dst_adj_index = value.value;
468 dst_adj = ip_get_adjacency (lm, dst_adj_index);
472 /* For deletes destination must be known. */
475 vnm->api_errno = VNET_API_ERROR_UNKNOWN_DESTINATION;
476 error = clib_error_return (0, "unknown destination %U/%d",
477 format_ip6_address, dst_address,
486 /* Ignore adds of X/128 with next hop of X. */
488 && dst_address_length == 128
489 && ip6_address_is_equal (dst_address, next_hop))
491 vnm->api_errno = VNET_API_ERROR_PREFIX_MATCHES_NEXT_HOP;
492 error = clib_error_return (0, "prefix matches next hop %U/%d",
493 format_ip6_address, dst_address,
498 /* Destination is not known and default weight is set so add route
499 to existing non-multipath adjacency */
500 if (dst_adj_index == ~0 && next_hop_weight == 1 && next_hop_sw_if_index == ~0)
502 /* create / delete additional mapping of existing adjacency */
503 ip6_add_del_route_args_t a;
504 ip_adjacency_t * nh_adj = ip_get_adjacency (lm, nh_adj_index);
506 a.table_index_or_table_id = fib_index;
507 a.flags = ((is_del ? IP6_ROUTE_FLAG_DEL : IP6_ROUTE_FLAG_ADD)
508 | IP6_ROUTE_FLAG_FIB_INDEX
509 | IP6_ROUTE_FLAG_KEEP_OLD_ADJACENCY
510 | (flags & (IP6_ROUTE_FLAG_NO_REDISTRIBUTE
511 | IP6_ROUTE_FLAG_NOT_LAST_IN_GROUP)));
512 a.dst_address = dst_address[0];
513 a.dst_address_length = dst_address_length;
514 a.adj_index = nh_adj_index;
518 ip6_add_del_route (im, &a);
520 /* adjust share count. This cannot be the only use of the adjacency
521 unless next hop is an indiect adj where share count is already
523 if (next_hop_sw_if_index != ~0)
524 nh_adj->share_count += is_del ? -1 : 1;
529 old_mp_adj_index = dst_adj ? dst_adj->heap_handle : ~0;
531 if (! ip_multipath_adjacency_add_del_next_hop
533 dst_adj ? dst_adj->heap_handle : ~0,
538 vnm->api_errno = VNET_API_ERROR_NEXT_HOP_NOT_FOUND_MP;
539 error = clib_error_return
540 (0, "requested deleting next-hop %U not found in multi-path",
541 format_ip6_address, next_hop);
546 if (old_mp_adj_index != ~0)
547 old_mp = vec_elt_at_index (lm->multipath_adjacencies, old_mp_adj_index);
548 if (new_mp_adj_index != ~0)
549 new_mp = vec_elt_at_index (lm->multipath_adjacencies, new_mp_adj_index);
551 if (old_mp != new_mp)
553 ip6_add_del_route_args_t a;
554 ip_adjacency_t * adj;
556 a.table_index_or_table_id = fib_index;
557 a.flags = ((is_del ? IP6_ROUTE_FLAG_DEL : IP6_ROUTE_FLAG_ADD)
558 | IP6_ROUTE_FLAG_FIB_INDEX
559 | IP6_ROUTE_FLAG_KEEP_OLD_ADJACENCY
560 | (flags & IP6_ROUTE_FLAG_NO_REDISTRIBUTE));
561 a.dst_address = dst_address[0];
562 a.dst_address_length = dst_address_length;
563 a.adj_index = new_mp ? new_mp->adj_index : dst_adj_index;
567 ip6_add_del_route (im, &a);
569 adj = ip_get_adjacency (lm, new_mp ? new_mp->adj_index : dst_adj_index);
571 adj->share_count += is_del ? -1 : 1;
576 clib_error_report (error);
580 ip6_get_route (ip6_main_t * im,
581 u32 table_index_or_table_id,
583 ip6_address_t * address,
586 ip6_fib_t * fib = find_ip6_fib_by_table_index_or_id (im, table_index_or_table_id, flags);
587 ip6_address_t masked_address;
588 BVT(clib_bihash_kv) kv, value;
590 ASSERT (address_length < ARRAY_LEN (im->fib_masks));
591 clib_memcpy (&masked_address, address, sizeof (masked_address));
592 ip6_address_mask (&masked_address, &im->fib_masks[address_length]);
594 kv.key[0] = masked_address.as_u64[0];
595 kv.key[1] = masked_address.as_u64[1];
596 kv.key[2] = ((u64)((fib - im->fibs))<<32) | address_length;
598 if (BV(clib_bihash_search)(&im->ip6_lookup_table, &kv, &value) == 0)
599 return (value.value);
604 ip6_foreach_matching_route (ip6_main_t * im,
605 u32 table_index_or_table_id,
607 ip6_address_t * dst_address,
609 ip6_address_t ** results,
610 u8 ** result_lengths)
613 find_ip6_fib_by_table_index_or_id (im, table_index_or_table_id, flags);
614 BVT(clib_bihash) * h = &im->ip6_lookup_table;
615 BVT(clib_bihash_value) * v;
616 clib_bihash_bucket_t * b;
620 _vec_len (*results) = 0;
622 _vec_len (*result_lengths) = 0;
624 /* Walk the table looking for routes which match the supplied address */
625 for (i = 0; i < h->nbuckets; i++)
631 v = BV(clib_bihash_get_value) (h, b->offset);
632 for (j = 0; j < (1<<b->log2_pages); j++)
634 for (k = 0; k < BIHASH_KVP_PER_PAGE; k++)
636 if (BV(clib_bihash_is_free)(&v->kvp[k]))
639 if ((v->kvp[k].key[2]
640 == (((u64)((fib - im->fibs))<<32) | address_length))
641 && ip6_destination_matches_route
642 (im, dst_address, (ip6_address_t *) &v->kvp[k],
647 a = (ip6_address_t *)(&v->kvp[k]);
649 vec_add1 (*results, a[0]);
650 vec_add1 (*result_lengths, address_length);
658 void ip6_maybe_remap_adjacencies (ip6_main_t * im,
659 u32 table_index_or_table_id,
664 = find_ip6_fib_by_table_index_or_id (im, table_index_or_table_id, flags);
666 ip_lookup_main_t * lm = &im->lookup_main;
668 if (lm->n_adjacency_remaps == 0)
671 clib_warning ("unimplemented, please report to vpp-dev@cisco.com");
673 /* All remaps have been performed. */
674 lm->n_adjacency_remaps = 0;
677 void ip6_delete_matching_routes (ip6_main_t * im,
678 u32 table_index_or_table_id,
680 ip6_address_t * address,
683 /* $$$$ static may be OK - this should happen only on thread 0 */
684 static ip6_address_t * matching_addresses;
685 static u8 * matching_address_lengths;
687 ip6_add_del_route_args_t a;
689 vlib_smp_unsafe_warning();
691 a.flags = IP6_ROUTE_FLAG_DEL | IP6_ROUTE_FLAG_NO_REDISTRIBUTE | flags;
692 a.table_index_or_table_id = table_index_or_table_id;
697 for (l = address_length + 1; l <= 128; l++)
699 ip6_foreach_matching_route (im, table_index_or_table_id, flags,
703 &matching_address_lengths);
704 for (i = 0; i < vec_len (matching_addresses); i++)
706 a.dst_address = matching_addresses[i];
707 a.dst_address_length = matching_address_lengths[i];
708 ip6_add_del_route (im, &a);
712 ip6_maybe_remap_adjacencies (im, table_index_or_table_id, flags);
716 ip6_forward_next_trace (vlib_main_t * vm,
717 vlib_node_runtime_t * node,
718 vlib_frame_t * frame,
719 vlib_rx_or_tx_t which_adj_index);
722 ip6_lookup_inline (vlib_main_t * vm,
723 vlib_node_runtime_t * node,
724 vlib_frame_t * frame,
727 ip6_main_t * im = &ip6_main;
728 ip_lookup_main_t * lm = &im->lookup_main;
729 vlib_combined_counter_main_t * cm = &im->lookup_main.adjacency_counters;
730 u32 n_left_from, n_left_to_next, * from, * to_next;
731 ip_lookup_next_t next;
732 u32 cpu_index = os_get_cpu_number();
734 from = vlib_frame_vector_args (frame);
735 n_left_from = frame->n_vectors;
736 next = node->cached_next_index;
738 while (n_left_from > 0)
740 vlib_get_next_frame (vm, node, next,
741 to_next, n_left_to_next);
743 while (n_left_from >= 4 && n_left_to_next >= 2)
745 vlib_buffer_t * p0, * p1;
746 u32 pi0, pi1, adj_index0, adj_index1, wrong_next;
747 ip_lookup_next_t next0, next1;
748 ip6_header_t * ip0, * ip1;
749 ip_adjacency_t * adj0, * adj1;
750 ip6_address_t * dst_addr0, * dst_addr1;
751 u32 fib_index0, fib_index1;
752 u32 flow_hash_config0, flow_hash_config1;
754 /* Prefetch next iteration. */
756 vlib_buffer_t * p2, * p3;
758 p2 = vlib_get_buffer (vm, from[2]);
759 p3 = vlib_get_buffer (vm, from[3]);
761 vlib_prefetch_buffer_header (p2, LOAD);
762 vlib_prefetch_buffer_header (p3, LOAD);
763 CLIB_PREFETCH (p2->data, sizeof (ip0[0]), LOAD);
764 CLIB_PREFETCH (p3->data, sizeof (ip0[0]), LOAD);
767 pi0 = to_next[0] = from[0];
768 pi1 = to_next[1] = from[1];
770 p0 = vlib_get_buffer (vm, pi0);
771 p1 = vlib_get_buffer (vm, pi1);
773 ip0 = vlib_buffer_get_current (p0);
774 ip1 = vlib_buffer_get_current (p1);
778 ip_adjacency_t * iadj0, * iadj1;
779 iadj0 = ip_get_adjacency (lm, vnet_buffer(p0)->ip.adj_index[VLIB_TX]);
780 iadj1 = ip_get_adjacency (lm, vnet_buffer(p1)->ip.adj_index[VLIB_TX]);
781 dst_addr0 = &iadj0->indirect.next_hop.ip6;
782 dst_addr1 = &iadj1->indirect.next_hop.ip6;
786 dst_addr0 = &ip0->dst_address;
787 dst_addr1 = &ip1->dst_address;
790 fib_index0 = vec_elt (im->fib_index_by_sw_if_index, vnet_buffer (p0)->sw_if_index[VLIB_RX]);
791 fib_index1 = vec_elt (im->fib_index_by_sw_if_index, vnet_buffer (p1)->sw_if_index[VLIB_RX]);
793 fib_index0 = (vnet_buffer(p0)->sw_if_index[VLIB_TX] == (u32)~0) ?
794 fib_index0 : vnet_buffer(p0)->sw_if_index[VLIB_TX];
795 fib_index1 = (vnet_buffer(p1)->sw_if_index[VLIB_TX] == (u32)~0) ?
796 fib_index1 : vnet_buffer(p1)->sw_if_index[VLIB_TX];
798 adj_index0 = ip6_fib_lookup_with_table (im, fib_index0, dst_addr0);
799 adj_index1 = ip6_fib_lookup_with_table (im, fib_index1, dst_addr1);
801 adj0 = ip_get_adjacency (lm, adj_index0);
802 adj1 = ip_get_adjacency (lm, adj_index1);
804 if (PREDICT_FALSE (adj0->explicit_fib_index != ~0))
806 adj_index0 = ip6_fib_lookup_with_table
807 (im, adj0->explicit_fib_index, dst_addr0);
808 adj0 = ip_get_adjacency (lm, adj_index0);
810 if (PREDICT_FALSE (adj1->explicit_fib_index != ~0))
812 adj_index1 = ip6_fib_lookup_with_table
813 (im, adj1->explicit_fib_index, dst_addr1);
814 adj1 = ip_get_adjacency (lm, adj_index1);
817 next0 = adj0->lookup_next_index;
818 next1 = adj1->lookup_next_index;
820 /* Only process the HBH Option Header if explicitly configured to do so */
821 next0 = (ip0->protocol == IP_PROTOCOL_IP6_HOP_BY_HOP_OPTIONS) && im->hbh_enabled &&
822 adj_index0 ? (ip_lookup_next_t) IP6_LOOKUP_NEXT_HOP_BY_HOP : adj0->lookup_next_index;
823 next1 = (ip1->protocol == IP_PROTOCOL_IP6_HOP_BY_HOP_OPTIONS) && im->hbh_enabled &&
824 adj_index1 ? (ip_lookup_next_t) IP6_LOOKUP_NEXT_HOP_BY_HOP : adj1->lookup_next_index;
826 vnet_buffer (p0)->ip.flow_hash =
827 vnet_buffer(p1)->ip.flow_hash = 0;
829 if (PREDICT_FALSE(adj0->n_adj > 1))
832 vec_elt_at_index (im->fibs,fib_index0)->flow_hash_config;
833 vnet_buffer (p0)->ip.flow_hash =
834 ip6_compute_flow_hash (ip0, flow_hash_config0);
837 if (PREDICT_FALSE(adj1->n_adj > 1))
840 vec_elt_at_index (im->fibs,fib_index0)->flow_hash_config;
842 vnet_buffer (p1)->ip.flow_hash =
843 ip6_compute_flow_hash (ip1, flow_hash_config1);
846 ASSERT (adj0->n_adj > 0);
847 ASSERT (adj1->n_adj > 0);
848 ASSERT (is_pow2 (adj0->n_adj));
849 ASSERT (is_pow2 (adj1->n_adj));
850 adj_index0 += (vnet_buffer (p0)->ip.flow_hash & (adj0->n_adj - 1));
851 adj_index1 += (vnet_buffer (p1)->ip.flow_hash & (adj1->n_adj - 1));
853 vnet_buffer (p0)->ip.adj_index[VLIB_TX] = adj_index0;
854 vnet_buffer (p1)->ip.adj_index[VLIB_TX] = adj_index1;
856 vlib_increment_combined_counter
857 (cm, cpu_index, adj_index0, 1,
858 vlib_buffer_length_in_chain (vm, p0));
859 vlib_increment_combined_counter
860 (cm, cpu_index, adj_index1, 1,
861 vlib_buffer_length_in_chain (vm, p1));
868 wrong_next = (next0 != next) + 2*(next1 != next);
869 if (PREDICT_FALSE (wrong_next != 0))
878 vlib_set_next_frame_buffer (vm, node, next0, pi0);
885 vlib_set_next_frame_buffer (vm, node, next1, pi1);
892 vlib_set_next_frame_buffer (vm, node, next0, pi0);
893 vlib_set_next_frame_buffer (vm, node, next1, pi1);
897 vlib_put_next_frame (vm, node, next, n_left_to_next);
899 vlib_get_next_frame (vm, node, next, to_next, n_left_to_next);
905 while (n_left_from > 0 && n_left_to_next > 0)
910 ip_lookup_next_t next0;
911 ip_adjacency_t * adj0;
912 ip6_address_t * dst_addr0;
913 u32 fib_index0, flow_hash_config0;
918 p0 = vlib_get_buffer (vm, pi0);
920 ip0 = vlib_buffer_get_current (p0);
924 ip_adjacency_t * iadj0;
925 iadj0 = ip_get_adjacency (lm, vnet_buffer(p0)->ip.adj_index[VLIB_TX]);
926 dst_addr0 = &iadj0->indirect.next_hop.ip6;
930 dst_addr0 = &ip0->dst_address;
933 fib_index0 = vec_elt (im->fib_index_by_sw_if_index, vnet_buffer (p0)->sw_if_index[VLIB_RX]);
934 fib_index0 = (vnet_buffer(p0)->sw_if_index[VLIB_TX] == (u32)~0) ?
935 fib_index0 : vnet_buffer(p0)->sw_if_index[VLIB_TX];
938 vec_elt_at_index (im->fibs,fib_index0)->flow_hash_config;
940 adj_index0 = ip6_fib_lookup_with_table (im, fib_index0, dst_addr0);
942 adj0 = ip_get_adjacency (lm, adj_index0);
944 if (PREDICT_FALSE (adj0->explicit_fib_index != ~0))
946 adj_index0 = ip6_fib_lookup_with_table
947 (im, adj0->explicit_fib_index, dst_addr0);
948 adj0 = ip_get_adjacency (lm, adj_index0);
951 /* Only process the HBH Option Header if explicitly configured to do so */
952 next0 = (ip0->protocol == IP_PROTOCOL_IP6_HOP_BY_HOP_OPTIONS) && im->hbh_enabled &&
953 adj_index0 ? (ip_lookup_next_t) IP6_LOOKUP_NEXT_HOP_BY_HOP : adj0->lookup_next_index;
955 vnet_buffer (p0)->ip.flow_hash = 0;
957 if (PREDICT_FALSE(adj0->n_adj > 1))
960 vec_elt_at_index (im->fibs,fib_index0)->flow_hash_config;
961 vnet_buffer (p0)->ip.flow_hash =
962 ip6_compute_flow_hash (ip0, flow_hash_config0);
965 ASSERT (adj0->n_adj > 0);
966 ASSERT (is_pow2 (adj0->n_adj));
967 adj_index0 += (vnet_buffer (p0)->ip.flow_hash & (adj0->n_adj - 1));
969 vnet_buffer (p0)->ip.adj_index[VLIB_TX] = adj_index0;
971 vlib_increment_combined_counter
972 (cm, cpu_index, adj_index0, 1,
973 vlib_buffer_length_in_chain (vm, p0));
980 if (PREDICT_FALSE (next0 != next))
983 vlib_put_next_frame (vm, node, next, n_left_to_next);
985 vlib_get_next_frame (vm, node, next,
986 to_next, n_left_to_next);
993 vlib_put_next_frame (vm, node, next, n_left_to_next);
996 if (node->flags & VLIB_NODE_FLAG_TRACE)
997 ip6_forward_next_trace(vm, node, frame, VLIB_TX);
999 return frame->n_vectors;
1002 void ip6_adjacency_set_interface_route (vnet_main_t * vnm,
1003 ip_adjacency_t * adj,
1005 u32 if_address_index)
1007 vnet_hw_interface_t * hw = vnet_get_sup_hw_interface (vnm, sw_if_index);
1011 if (hw->hw_class_index == ethernet_hw_interface_class.index
1012 || hw->hw_class_index == srp_hw_interface_class.index)
1014 n = IP_LOOKUP_NEXT_ARP;
1015 node_index = ip6_discover_neighbor_node.index;
1016 adj->if_address_index = if_address_index;
1017 adj->arp.next_hop.ip6.as_u64[0] = 0;
1018 adj->arp.next_hop.ip6.as_u64[1] = 0;
1022 n = IP_LOOKUP_NEXT_REWRITE;
1023 node_index = ip6_rewrite_node.index;
1026 adj->lookup_next_index = n;
1027 adj->explicit_fib_index = ~0;
1029 vnet_rewrite_for_sw_interface
1031 VNET_L3_PACKET_TYPE_IP6,
1034 VNET_REWRITE_FOR_SW_INTERFACE_ADDRESS_BROADCAST,
1035 &adj->rewrite_header,
1036 sizeof (adj->rewrite_data));
1040 ip6_add_interface_routes (vnet_main_t * vnm, u32 sw_if_index,
1041 ip6_main_t * im, u32 fib_index,
1042 ip_interface_address_t * a)
1044 ip_lookup_main_t * lm = &im->lookup_main;
1045 ip_adjacency_t * adj;
1046 ip6_address_t * address = ip_interface_address_get_address (lm, a);
1047 ip6_add_del_route_args_t x;
1048 vnet_hw_interface_t * hw_if = vnet_get_sup_hw_interface (vnm, sw_if_index);
1049 u32 classify_table_index;
1051 /* Add e.g. 1.0.0.0/8 as interface route (arp for Ethernet). */
1052 x.table_index_or_table_id = fib_index;
1053 x.flags = (IP6_ROUTE_FLAG_ADD
1054 | IP6_ROUTE_FLAG_FIB_INDEX
1055 | IP6_ROUTE_FLAG_NO_REDISTRIBUTE);
1056 x.dst_address = address[0];
1057 x.dst_address_length = a->address_length;
1061 a->neighbor_probe_adj_index = ~0;
1062 if (a->address_length < 128)
1064 adj = ip_add_adjacency (lm, /* template */ 0, /* block size */ 1,
1066 ip6_adjacency_set_interface_route (vnm, adj, sw_if_index, a - lm->if_address_pool);
1067 ip_call_add_del_adjacency_callbacks (lm, x.adj_index, /* is_del */ 0);
1068 ip6_add_del_route (im, &x);
1069 a->neighbor_probe_adj_index = x.adj_index;
1072 /* Add e.g. ::1/128 as local to this host. */
1073 adj = ip_add_adjacency (lm, /* template */ 0, /* block size */ 1,
1076 classify_table_index = ~0;
1077 if (sw_if_index < vec_len (lm->classify_table_index_by_sw_if_index))
1078 classify_table_index = lm->classify_table_index_by_sw_if_index [sw_if_index];
1079 if (classify_table_index != (u32) ~0)
1081 adj->lookup_next_index = IP_LOOKUP_NEXT_CLASSIFY;
1082 adj->classify.table_index = classify_table_index;
1085 adj->lookup_next_index = IP_LOOKUP_NEXT_LOCAL;
1087 adj->if_address_index = a - lm->if_address_pool;
1088 adj->rewrite_header.sw_if_index = sw_if_index;
1089 adj->rewrite_header.max_l3_packet_bytes = hw_if->max_l3_packet_bytes[VLIB_RX];
1090 adj->rewrite_header.data_bytes = 0;
1091 ip_call_add_del_adjacency_callbacks (lm, x.adj_index, /* is_del */ 0);
1092 x.dst_address_length = 128;
1093 ip6_add_del_route (im, &x);
1097 ip6_del_interface_routes (ip6_main_t * im, u32 fib_index,
1098 ip6_address_t * address, u32 address_length)
1100 ip6_add_del_route_args_t x;
1102 /* Add e.g. 1.0.0.0/8 as interface route (arp for Ethernet). */
1103 x.table_index_or_table_id = fib_index;
1104 x.flags = (IP6_ROUTE_FLAG_DEL
1105 | IP6_ROUTE_FLAG_FIB_INDEX
1106 | IP6_ROUTE_FLAG_NO_REDISTRIBUTE);
1107 x.dst_address = address[0];
1108 x.dst_address_length = address_length;
1113 if (address_length < 128)
1115 /* Don't wipe out fe80::0/64 */
1116 if (address_length != 64 ||
1117 address[0].as_u64[0] != clib_net_to_host_u64(0xfe80000000000000ULL))
1118 ip6_add_del_route (im, &x);
1121 x.dst_address_length = 128;
1122 ip6_add_del_route (im, &x);
1124 ip6_delete_matching_routes (im,
1126 IP6_ROUTE_FLAG_FIB_INDEX,
1133 ip6_address_t address;
1135 } ip6_interface_address_t;
1137 static clib_error_t *
1138 ip6_add_del_interface_address_internal (vlib_main_t * vm,
1140 ip6_address_t * new_address,
1146 static clib_error_t *
1147 ip6_add_del_interface_address_internal (vlib_main_t * vm,
1149 ip6_address_t * address,
1155 vnet_main_t * vnm = vnet_get_main();
1156 ip6_main_t * im = &ip6_main;
1157 ip_lookup_main_t * lm = &im->lookup_main;
1158 clib_error_t * error;
1159 u32 if_address_index;
1160 ip6_address_fib_t ip6_af, * addr_fib = 0;
1162 vec_validate (im->fib_index_by_sw_if_index, sw_if_index);
1163 ip6_addr_fib_init (&ip6_af, address,
1164 vec_elt (im->fib_index_by_sw_if_index, sw_if_index));
1165 vec_add1 (addr_fib, ip6_af);
1168 uword elts_before = pool_elts (lm->if_address_pool);
1170 error = ip_interface_address_add_del
1180 /* Pool did not grow: add duplicate address. */
1181 if (elts_before == pool_elts (lm->if_address_pool))
1185 if (vnet_sw_interface_is_admin_up (vnm, sw_if_index) && insert_routes)
1188 ip6_del_interface_routes (im, ip6_af.fib_index, address,
1192 ip6_add_interface_routes (vnm, sw_if_index,
1193 im, ip6_af.fib_index,
1194 pool_elt_at_index (lm->if_address_pool, if_address_index));
1198 ip6_add_del_interface_address_callback_t * cb;
1199 vec_foreach (cb, im->add_del_interface_address_callbacks)
1200 cb->function (im, cb->function_opaque, sw_if_index,
1201 address, address_length,
1207 vec_free (addr_fib);
1212 ip6_add_del_interface_address (vlib_main_t * vm, u32 sw_if_index,
1213 ip6_address_t * address, u32 address_length,
1216 return ip6_add_del_interface_address_internal
1217 (vm, sw_if_index, address, address_length,
1218 /* redistribute */ 1,
1219 /* insert_routes */ 1,
1224 ip6_sw_interface_admin_up_down (vnet_main_t * vnm,
1228 ip6_main_t * im = &ip6_main;
1229 ip_interface_address_t * ia;
1231 u32 is_admin_up, fib_index;
1233 /* Fill in lookup tables with default table (0). */
1234 vec_validate (im->fib_index_by_sw_if_index, sw_if_index);
1236 vec_validate_init_empty (im->lookup_main.if_address_pool_index_by_sw_if_index, sw_if_index, ~0);
1238 is_admin_up = (flags & VNET_SW_INTERFACE_FLAG_ADMIN_UP) != 0;
1240 fib_index = vec_elt (im->fib_index_by_sw_if_index, sw_if_index);
1242 foreach_ip_interface_address (&im->lookup_main, ia, sw_if_index,
1243 0 /* honor unnumbered */,
1245 a = ip_interface_address_get_address (&im->lookup_main, ia);
1247 ip6_add_interface_routes (vnm, sw_if_index,
1251 ip6_del_interface_routes (im, fib_index,
1252 a, ia->address_length);
1258 VNET_SW_INTERFACE_ADMIN_UP_DOWN_FUNCTION (ip6_sw_interface_admin_up_down);
1260 /* Built-in ip6 unicast rx feature path definition */
1261 VNET_IP6_UNICAST_FEATURE_INIT (ip6_inacl, static) = {
1262 .node_name = "ip6-inacl",
1263 .runs_before = {"ip6-policer-classify", 0},
1264 .feature_index = &ip6_main.ip6_unicast_rx_feature_check_access,
1267 VNET_IP6_UNICAST_FEATURE_INIT (ip6_policer_classify, static) = {
1268 .node_name = "ip6-policer-classify",
1269 .runs_before = {"ipsec-input-ip6", 0},
1270 .feature_index = &ip6_main.ip6_unicast_rx_feature_policer_classify,
1273 VNET_IP6_UNICAST_FEATURE_INIT (ip6_ipsec, static) = {
1274 .node_name = "ipsec-input-ip6",
1275 .runs_before = {"l2tp-decap", 0},
1276 .feature_index = &ip6_main.ip6_unicast_rx_feature_ipsec,
1279 VNET_IP6_UNICAST_FEATURE_INIT (ip6_l2tp, static) = {
1280 .node_name = "l2tp-decap",
1281 .runs_before = {"vpath-input-ip6", 0},
1282 .feature_index = &ip6_main.ip6_unicast_rx_feature_l2tp_decap,
1285 VNET_IP6_UNICAST_FEATURE_INIT (ip6_vpath, static) = {
1286 .node_name = "vpath-input-ip6",
1287 .runs_before = {"ip6-lookup", 0},
1288 .feature_index = &ip6_main.ip6_unicast_rx_feature_vpath,
1291 VNET_IP6_UNICAST_FEATURE_INIT (ip6_lookup, static) = {
1292 .node_name = "ip6-lookup",
1293 .runs_before = {0}, /* not before any other features */
1294 .feature_index = &ip6_main.ip6_unicast_rx_feature_lookup,
1297 /* Built-in ip6 multicast rx feature path definition (none now) */
1298 VNET_IP6_MULTICAST_FEATURE_INIT (ip4_vpath_mc, static) = {
1299 .node_name = "vpath-input-ip6",
1300 .runs_before = {"ip6-lookup", 0},
1301 .feature_index = &ip6_main.ip6_multicast_rx_feature_vpath,
1304 VNET_IP6_MULTICAST_FEATURE_INIT (ip6_lookup, static) = {
1305 .node_name = "ip6-lookup",
1306 .runs_before = {0}, /* not before any other features */
1307 .feature_index = &ip6_main.ip6_multicast_rx_feature_lookup,
1310 static char * feature_start_nodes[] =
1313 static clib_error_t *
1314 ip6_feature_init (vlib_main_t * vm, ip6_main_t * im)
1316 ip_lookup_main_t * lm = &im->lookup_main;
1317 clib_error_t * error;
1320 for (cast = 0; cast < VNET_N_CAST; cast++)
1322 ip_config_main_t * cm = &lm->rx_config_mains[cast];
1323 vnet_config_main_t * vcm = &cm->config_main;
1325 if ((error = ip_feature_init_cast (vm, cm, vcm,
1326 feature_start_nodes,
1327 ARRAY_LEN(feature_start_nodes),
1336 ip6_sw_interface_add_del (vnet_main_t * vnm,
1340 vlib_main_t * vm = vnm->vlib_main;
1341 ip6_main_t * im = &ip6_main;
1342 ip_lookup_main_t * lm = &im->lookup_main;
1346 for (cast = 0; cast < VNET_N_CAST; cast++)
1348 ip_config_main_t * cm = &lm->rx_config_mains[cast];
1349 vnet_config_main_t * vcm = &cm->config_main;
1351 vec_validate_init_empty (cm->config_index_by_sw_if_index, sw_if_index, ~0);
1352 ci = cm->config_index_by_sw_if_index[sw_if_index];
1354 if (cast == VNET_UNICAST)
1355 feature_index = im->ip6_unicast_rx_feature_lookup;
1357 feature_index = im->ip6_multicast_rx_feature_lookup;
1360 ci = vnet_config_add_feature (vm, vcm,
1363 /* config data */ 0,
1364 /* # bytes of config data */ 0);
1366 ci = vnet_config_del_feature (vm, vcm,
1369 /* config data */ 0,
1370 /* # bytes of config data */ 0);
1372 cm->config_index_by_sw_if_index[sw_if_index] = ci;
1374 return /* no error */ 0;
1377 VNET_SW_INTERFACE_ADD_DEL_FUNCTION (ip6_sw_interface_add_del);
1380 ip6_lookup (vlib_main_t * vm,
1381 vlib_node_runtime_t * node,
1382 vlib_frame_t * frame)
1384 return ip6_lookup_inline (vm, node, frame, /* is_indirect */ 0);
1387 static u8 * format_ip6_lookup_trace (u8 * s, va_list * args);
1389 VLIB_REGISTER_NODE (ip6_lookup_node) = {
1390 .function = ip6_lookup,
1391 .name = "ip6-lookup",
1392 .vector_size = sizeof (u32),
1394 .format_trace = format_ip6_lookup_trace,
1396 .n_next_nodes = IP6_LOOKUP_N_NEXT,
1397 .next_nodes = IP6_LOOKUP_NEXT_NODES,
1400 VLIB_NODE_FUNCTION_MULTIARCH (ip6_lookup_node, ip6_lookup)
1403 ip6_indirect (vlib_main_t * vm,
1404 vlib_node_runtime_t * node,
1405 vlib_frame_t * frame)
1407 return ip6_lookup_inline (vm, node, frame, /* is_indirect */ 1);
1411 VLIB_REGISTER_NODE (ip6_indirect_node) = {
1412 .function = ip6_indirect,
1413 .name = "ip6-indirect",
1414 .vector_size = sizeof (u32),
1415 .sibling_of = "ip6-lookup",
1416 .format_trace = format_ip6_lookup_trace,
1420 VLIB_NODE_FUNCTION_MULTIARCH (ip6_indirect_node, ip6_indirect)
1423 /* Adjacency taken. */
1428 /* Packet data, possibly *after* rewrite. */
1429 u8 packet_data[128 - 1*sizeof(u32)];
1430 } ip6_forward_next_trace_t;
1432 static u8 * format_ip6_forward_next_trace (u8 * s, va_list * args)
1434 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
1435 CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
1436 ip6_forward_next_trace_t * t = va_arg (*args, ip6_forward_next_trace_t *);
1437 uword indent = format_get_indent (s);
1439 s = format(s, "%U%U",
1440 format_white_space, indent,
1441 format_ip6_header, t->packet_data);
1445 static u8 * format_ip6_lookup_trace (u8 * s, va_list * args)
1447 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
1448 CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
1449 ip6_forward_next_trace_t * t = va_arg (*args, ip6_forward_next_trace_t *);
1450 vnet_main_t * vnm = vnet_get_main();
1451 ip6_main_t * im = &ip6_main;
1452 uword indent = format_get_indent (s);
1454 s = format (s, "fib %d adj-idx %d : %U flow hash: 0x%08x",
1455 t->fib_index, t->adj_index, format_ip_adjacency,
1456 vnm, &im->lookup_main, t->adj_index, t->flow_hash);
1457 s = format(s, "\n%U%U",
1458 format_white_space, indent,
1459 format_ip6_header, t->packet_data);
1464 static u8 * format_ip6_rewrite_trace (u8 * s, va_list * args)
1466 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
1467 CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
1468 ip6_forward_next_trace_t * t = va_arg (*args, ip6_forward_next_trace_t *);
1469 vnet_main_t * vnm = vnet_get_main();
1470 ip6_main_t * im = &ip6_main;
1471 uword indent = format_get_indent (s);
1473 s = format (s, "tx_sw_if_index %d adj-idx %d : %U flow hash: 0x%08x",
1474 t->fib_index, t->adj_index, format_ip_adjacency,
1475 vnm, &im->lookup_main, t->adj_index, t->flow_hash);
1476 s = format (s, "\n%U%U",
1477 format_white_space, indent,
1478 format_ip_adjacency_packet_data,
1479 vnm, &im->lookup_main, t->adj_index,
1480 t->packet_data, sizeof (t->packet_data));
1484 /* Common trace function for all ip6-forward next nodes. */
1486 ip6_forward_next_trace (vlib_main_t * vm,
1487 vlib_node_runtime_t * node,
1488 vlib_frame_t * frame,
1489 vlib_rx_or_tx_t which_adj_index)
1492 ip6_main_t * im = &ip6_main;
1494 n_left = frame->n_vectors;
1495 from = vlib_frame_vector_args (frame);
1500 vlib_buffer_t * b0, * b1;
1501 ip6_forward_next_trace_t * t0, * t1;
1503 /* Prefetch next iteration. */
1504 vlib_prefetch_buffer_with_index (vm, from[2], LOAD);
1505 vlib_prefetch_buffer_with_index (vm, from[3], LOAD);
1510 b0 = vlib_get_buffer (vm, bi0);
1511 b1 = vlib_get_buffer (vm, bi1);
1513 if (b0->flags & VLIB_BUFFER_IS_TRACED)
1515 t0 = vlib_add_trace (vm, node, b0, sizeof (t0[0]));
1516 t0->adj_index = vnet_buffer (b0)->ip.adj_index[which_adj_index];
1517 t0->flow_hash = vnet_buffer (b0)->ip.flow_hash;
1518 t0->fib_index = (vnet_buffer(b0)->sw_if_index[VLIB_TX] != (u32)~0) ?
1519 vnet_buffer(b0)->sw_if_index[VLIB_TX] :
1520 vec_elt (im->fib_index_by_sw_if_index,
1521 vnet_buffer(b0)->sw_if_index[VLIB_RX]);
1523 clib_memcpy (t0->packet_data,
1524 vlib_buffer_get_current (b0),
1525 sizeof (t0->packet_data));
1527 if (b1->flags & VLIB_BUFFER_IS_TRACED)
1529 t1 = vlib_add_trace (vm, node, b1, sizeof (t1[0]));
1530 t1->adj_index = vnet_buffer (b1)->ip.adj_index[which_adj_index];
1531 t1->flow_hash = vnet_buffer (b1)->ip.flow_hash;
1532 t1->fib_index = (vnet_buffer(b1)->sw_if_index[VLIB_TX] != (u32)~0) ?
1533 vnet_buffer(b1)->sw_if_index[VLIB_TX] :
1534 vec_elt (im->fib_index_by_sw_if_index,
1535 vnet_buffer(b1)->sw_if_index[VLIB_RX]);
1537 clib_memcpy (t1->packet_data,
1538 vlib_buffer_get_current (b1),
1539 sizeof (t1->packet_data));
1549 ip6_forward_next_trace_t * t0;
1553 b0 = vlib_get_buffer (vm, bi0);
1555 if (b0->flags & VLIB_BUFFER_IS_TRACED)
1557 t0 = vlib_add_trace (vm, node, b0, sizeof (t0[0]));
1558 t0->adj_index = vnet_buffer (b0)->ip.adj_index[which_adj_index];
1559 t0->flow_hash = vnet_buffer (b0)->ip.flow_hash;
1560 t0->fib_index = (vnet_buffer(b0)->sw_if_index[VLIB_TX] != (u32)~0) ?
1561 vnet_buffer(b0)->sw_if_index[VLIB_TX] :
1562 vec_elt (im->fib_index_by_sw_if_index,
1563 vnet_buffer(b0)->sw_if_index[VLIB_RX]);
1565 clib_memcpy (t0->packet_data,
1566 vlib_buffer_get_current (b0),
1567 sizeof (t0->packet_data));
1575 ip6_drop_or_punt (vlib_main_t * vm,
1576 vlib_node_runtime_t * node,
1577 vlib_frame_t * frame,
1578 ip6_error_t error_code)
1580 u32 * buffers = vlib_frame_vector_args (frame);
1581 uword n_packets = frame->n_vectors;
1583 vlib_error_drop_buffers (vm, node,
1588 ip6_input_node.index,
1591 if (node->flags & VLIB_NODE_FLAG_TRACE)
1592 ip6_forward_next_trace (vm, node, frame, VLIB_TX);
1598 ip6_drop (vlib_main_t * vm,
1599 vlib_node_runtime_t * node,
1600 vlib_frame_t * frame)
1601 { return ip6_drop_or_punt (vm, node, frame, IP6_ERROR_ADJACENCY_DROP); }
1604 ip6_punt (vlib_main_t * vm,
1605 vlib_node_runtime_t * node,
1606 vlib_frame_t * frame)
1607 { return ip6_drop_or_punt (vm, node, frame, IP6_ERROR_ADJACENCY_PUNT); }
1610 ip6_miss (vlib_main_t * vm,
1611 vlib_node_runtime_t * node,
1612 vlib_frame_t * frame)
1613 { return ip6_drop_or_punt (vm, node, frame, IP6_ERROR_DST_LOOKUP_MISS); }
1615 VLIB_REGISTER_NODE (ip6_drop_node,static) = {
1616 .function = ip6_drop,
1618 .vector_size = sizeof (u32),
1620 .format_trace = format_ip6_forward_next_trace,
1628 VLIB_NODE_FUNCTION_MULTIARCH (ip6_drop_node, ip6_drop)
1630 VLIB_REGISTER_NODE (ip6_punt_node,static) = {
1631 .function = ip6_punt,
1633 .vector_size = sizeof (u32),
1635 .format_trace = format_ip6_forward_next_trace,
1643 VLIB_NODE_FUNCTION_MULTIARCH (ip6_punt_node, ip6_punt)
1645 VLIB_REGISTER_NODE (ip6_miss_node,static) = {
1646 .function = ip6_miss,
1648 .vector_size = sizeof (u32),
1650 .format_trace = format_ip6_forward_next_trace,
1658 VLIB_NODE_FUNCTION_MULTIARCH (ip6_miss_node, ip6_miss)
1660 VLIB_REGISTER_NODE (ip6_multicast_node,static) = {
1661 .function = ip6_drop,
1662 .name = "ip6-multicast",
1663 .vector_size = sizeof (u32),
1665 .format_trace = format_ip6_forward_next_trace,
1673 /* Compute TCP/UDP/ICMP6 checksum in software. */
1674 u16 ip6_tcp_udp_icmp_compute_checksum (vlib_main_t * vm, vlib_buffer_t * p0, ip6_header_t * ip0, int *bogus_lengthp)
1677 u16 sum16, payload_length_host_byte_order;
1678 u32 i, n_this_buffer, n_bytes_left;
1679 u32 headers_size = sizeof(ip0[0]);
1680 void * data_this_buffer;
1682 ASSERT(bogus_lengthp);
1685 /* Initialize checksum with ip header. */
1686 sum0 = ip0->payload_length + clib_host_to_net_u16 (ip0->protocol);
1687 payload_length_host_byte_order = clib_net_to_host_u16 (ip0->payload_length);
1688 data_this_buffer = (void *) (ip0 + 1);
1690 for (i = 0; i < ARRAY_LEN (ip0->src_address.as_uword); i++)
1692 sum0 = ip_csum_with_carry (sum0,
1693 clib_mem_unaligned (&ip0->src_address.as_uword[i], uword));
1694 sum0 = ip_csum_with_carry (sum0,
1695 clib_mem_unaligned (&ip0->dst_address.as_uword[i], uword));
1698 /* some icmp packets may come with a "router alert" hop-by-hop extension header (e.g., mldv2 packets) */
1699 if (PREDICT_FALSE (ip0->protocol == IP_PROTOCOL_IP6_HOP_BY_HOP_OPTIONS))
1702 ip6_hop_by_hop_ext_t *ext_hdr = (ip6_hop_by_hop_ext_t *)data_this_buffer;
1704 /* validate really icmp6 next */
1705 ASSERT(ext_hdr->next_hdr == IP_PROTOCOL_ICMP6);
1707 skip_bytes = 8* (1 + ext_hdr->n_data_u64s);
1708 data_this_buffer = (void *)((u8 *)data_this_buffer + skip_bytes);
1710 payload_length_host_byte_order -= skip_bytes;
1711 headers_size += skip_bytes;
1714 n_bytes_left = n_this_buffer = payload_length_host_byte_order;
1716 if (p0 && n_this_buffer + headers_size > p0->current_length)
1718 struct rte_mbuf *mb = rte_mbuf_from_vlib_buffer(p0);
1719 u8 nb_segs = mb->nb_segs;
1721 n_this_buffer = (p0->current_length > headers_size ?
1722 p0->current_length - headers_size : 0);
1723 while (n_bytes_left)
1725 sum0 = ip_incremental_checksum (sum0, data_this_buffer, n_this_buffer);
1726 n_bytes_left -= n_this_buffer;
1730 if ((nb_segs == 0) || (mb == 0))
1733 data_this_buffer = rte_ctrlmbuf_data(mb);
1734 n_this_buffer = mb->data_len;
1736 if (n_bytes_left || nb_segs)
1742 else sum0 = ip_incremental_checksum (sum0, data_this_buffer, n_this_buffer);
1744 if (p0 && n_this_buffer + headers_size > p0->current_length)
1745 n_this_buffer = p0->current_length > headers_size ? p0->current_length - headers_size : 0;
1748 sum0 = ip_incremental_checksum (sum0, data_this_buffer, n_this_buffer);
1749 n_bytes_left -= n_this_buffer;
1750 if (n_bytes_left == 0)
1753 if (!(p0->flags & VLIB_BUFFER_NEXT_PRESENT))
1758 p0 = vlib_get_buffer (vm, p0->next_buffer);
1759 data_this_buffer = vlib_buffer_get_current (p0);
1760 n_this_buffer = p0->current_length;
1764 sum16 = ~ ip_csum_fold (sum0);
1769 u32 ip6_tcp_udp_icmp_validate_checksum (vlib_main_t * vm, vlib_buffer_t * p0)
1771 ip6_header_t * ip0 = vlib_buffer_get_current (p0);
1772 udp_header_t * udp0;
1776 /* some icmp packets may come with a "router alert" hop-by-hop extension header (e.g., mldv2 packets) */
1777 ASSERT (ip0->protocol == IP_PROTOCOL_TCP
1778 || ip0->protocol == IP_PROTOCOL_ICMP6
1779 || ip0->protocol == IP_PROTOCOL_UDP
1780 || ip0->protocol == IP_PROTOCOL_IP6_HOP_BY_HOP_OPTIONS);
1782 udp0 = (void *) (ip0 + 1);
1783 if (ip0->protocol == IP_PROTOCOL_UDP && udp0->checksum == 0)
1785 p0->flags |= (IP_BUFFER_L4_CHECKSUM_COMPUTED
1786 | IP_BUFFER_L4_CHECKSUM_CORRECT);
1790 sum16 = ip6_tcp_udp_icmp_compute_checksum (vm, p0, ip0, &bogus_length);
1792 p0->flags |= (IP_BUFFER_L4_CHECKSUM_COMPUTED
1793 | ((sum16 == 0) << LOG2_IP_BUFFER_L4_CHECKSUM_CORRECT));
1799 ip6_local (vlib_main_t * vm,
1800 vlib_node_runtime_t * node,
1801 vlib_frame_t * frame)
1803 ip6_main_t * im = &ip6_main;
1804 ip_lookup_main_t * lm = &im->lookup_main;
1805 ip_local_next_t next_index;
1806 u32 * from, * to_next, n_left_from, n_left_to_next;
1807 vlib_node_runtime_t * error_node = vlib_node_get_runtime (vm, ip6_input_node.index);
1809 from = vlib_frame_vector_args (frame);
1810 n_left_from = frame->n_vectors;
1811 next_index = node->cached_next_index;
1813 if (node->flags & VLIB_NODE_FLAG_TRACE)
1814 ip6_forward_next_trace (vm, node, frame, VLIB_TX);
1816 while (n_left_from > 0)
1818 vlib_get_next_frame (vm, node, next_index,
1819 to_next, n_left_to_next);
1821 while (n_left_from >= 4 && n_left_to_next >= 2)
1823 vlib_buffer_t * p0, * p1;
1824 ip6_header_t * ip0, * ip1;
1825 udp_header_t * udp0, * udp1;
1826 u32 pi0, ip_len0, udp_len0, flags0, next0;
1827 u32 pi1, ip_len1, udp_len1, flags1, next1;
1828 i32 len_diff0, len_diff1;
1829 u8 error0, type0, good_l4_checksum0;
1830 u8 error1, type1, good_l4_checksum1;
1832 pi0 = to_next[0] = from[0];
1833 pi1 = to_next[1] = from[1];
1837 n_left_to_next -= 2;
1839 p0 = vlib_get_buffer (vm, pi0);
1840 p1 = vlib_get_buffer (vm, pi1);
1842 ip0 = vlib_buffer_get_current (p0);
1843 ip1 = vlib_buffer_get_current (p1);
1845 type0 = lm->builtin_protocol_by_ip_protocol[ip0->protocol];
1846 type1 = lm->builtin_protocol_by_ip_protocol[ip1->protocol];
1848 next0 = lm->local_next_by_ip_protocol[ip0->protocol];
1849 next1 = lm->local_next_by_ip_protocol[ip1->protocol];
1854 good_l4_checksum0 = (flags0 & IP_BUFFER_L4_CHECKSUM_CORRECT) != 0;
1855 good_l4_checksum1 = (flags1 & IP_BUFFER_L4_CHECKSUM_CORRECT) != 0;
1857 udp0 = ip6_next_header (ip0);
1858 udp1 = ip6_next_header (ip1);
1860 /* Don't verify UDP checksum for packets with explicit zero checksum. */
1861 good_l4_checksum0 |= type0 == IP_BUILTIN_PROTOCOL_UDP && udp0->checksum == 0;
1862 good_l4_checksum1 |= type1 == IP_BUILTIN_PROTOCOL_UDP && udp1->checksum == 0;
1864 good_l4_checksum0 |= type0 == IP_BUILTIN_PROTOCOL_UNKNOWN;
1865 good_l4_checksum1 |= type1 == IP_BUILTIN_PROTOCOL_UNKNOWN;
1867 /* Verify UDP length. */
1868 ip_len0 = clib_net_to_host_u16 (ip0->payload_length);
1869 ip_len1 = clib_net_to_host_u16 (ip1->payload_length);
1870 udp_len0 = clib_net_to_host_u16 (udp0->length);
1871 udp_len1 = clib_net_to_host_u16 (udp1->length);
1873 len_diff0 = ip_len0 - udp_len0;
1874 len_diff1 = ip_len1 - udp_len1;
1876 len_diff0 = type0 == IP_BUILTIN_PROTOCOL_UDP ? len_diff0 : 0;
1877 len_diff1 = type1 == IP_BUILTIN_PROTOCOL_UDP ? len_diff1 : 0;
1879 if (PREDICT_FALSE (type0 != IP_BUILTIN_PROTOCOL_UNKNOWN
1880 && ! good_l4_checksum0
1881 && ! (flags0 & IP_BUFFER_L4_CHECKSUM_COMPUTED)))
1883 flags0 = ip6_tcp_udp_icmp_validate_checksum (vm, p0);
1885 (flags0 & IP_BUFFER_L4_CHECKSUM_CORRECT) != 0;
1887 if (PREDICT_FALSE (type1 != IP_BUILTIN_PROTOCOL_UNKNOWN
1888 && ! good_l4_checksum1
1889 && ! (flags1 & IP_BUFFER_L4_CHECKSUM_COMPUTED)))
1891 flags1 = ip6_tcp_udp_icmp_validate_checksum (vm, p1);
1893 (flags1 & IP_BUFFER_L4_CHECKSUM_CORRECT) != 0;
1896 error0 = error1 = IP6_ERROR_UNKNOWN_PROTOCOL;
1898 error0 = len_diff0 < 0 ? IP6_ERROR_UDP_LENGTH : error0;
1899 error1 = len_diff1 < 0 ? IP6_ERROR_UDP_LENGTH : error1;
1901 ASSERT (IP6_ERROR_UDP_CHECKSUM + IP_BUILTIN_PROTOCOL_UDP == IP6_ERROR_UDP_CHECKSUM);
1902 ASSERT (IP6_ERROR_UDP_CHECKSUM + IP_BUILTIN_PROTOCOL_ICMP == IP6_ERROR_ICMP_CHECKSUM);
1903 error0 = (! good_l4_checksum0
1904 ? IP6_ERROR_UDP_CHECKSUM + type0
1906 error1 = (! good_l4_checksum1
1907 ? IP6_ERROR_UDP_CHECKSUM + type1
1910 /* Drop packets from unroutable hosts. */
1911 /* If this is a neighbor solicitation (ICMP), skip source RPF check */
1912 if (error0 == IP6_ERROR_UNKNOWN_PROTOCOL && type0 != IP_BUILTIN_PROTOCOL_ICMP)
1914 u32 src_adj_index0 = ip6_src_lookup_for_packet (im, p0, ip0);
1915 error0 = (lm->miss_adj_index == src_adj_index0
1916 ? IP6_ERROR_SRC_LOOKUP_MISS
1919 if (error1 == IP6_ERROR_UNKNOWN_PROTOCOL && type1 != IP_BUILTIN_PROTOCOL_ICMP)
1921 u32 src_adj_index1 = ip6_src_lookup_for_packet (im, p1, ip1);
1922 error1 = (lm->miss_adj_index == src_adj_index1
1923 ? IP6_ERROR_SRC_LOOKUP_MISS
1927 next0 = error0 != IP6_ERROR_UNKNOWN_PROTOCOL ? IP_LOCAL_NEXT_DROP : next0;
1928 next1 = error1 != IP6_ERROR_UNKNOWN_PROTOCOL ? IP_LOCAL_NEXT_DROP : next1;
1930 p0->error = error_node->errors[error0];
1931 p1->error = error_node->errors[error1];
1933 vlib_validate_buffer_enqueue_x2 (vm, node, next_index,
1934 to_next, n_left_to_next,
1935 pi0, pi1, next0, next1);
1938 while (n_left_from > 0 && n_left_to_next > 0)
1942 udp_header_t * udp0;
1943 u32 pi0, ip_len0, udp_len0, flags0, next0;
1945 u8 error0, type0, good_l4_checksum0;
1947 pi0 = to_next[0] = from[0];
1951 n_left_to_next -= 1;
1953 p0 = vlib_get_buffer (vm, pi0);
1955 ip0 = vlib_buffer_get_current (p0);
1957 type0 = lm->builtin_protocol_by_ip_protocol[ip0->protocol];
1958 next0 = lm->local_next_by_ip_protocol[ip0->protocol];
1962 good_l4_checksum0 = (flags0 & IP_BUFFER_L4_CHECKSUM_CORRECT) != 0;
1964 udp0 = ip6_next_header (ip0);
1966 /* Don't verify UDP checksum for packets with explicit zero checksum. */
1967 good_l4_checksum0 |= type0 == IP_BUILTIN_PROTOCOL_UDP && udp0->checksum == 0;
1969 good_l4_checksum0 |= type0 == IP_BUILTIN_PROTOCOL_UNKNOWN;
1971 /* Verify UDP length. */
1972 ip_len0 = clib_net_to_host_u16 (ip0->payload_length);
1973 udp_len0 = clib_net_to_host_u16 (udp0->length);
1975 len_diff0 = ip_len0 - udp_len0;
1977 len_diff0 = type0 == IP_BUILTIN_PROTOCOL_UDP ? len_diff0 : 0;
1979 if (PREDICT_FALSE (type0 != IP_BUILTIN_PROTOCOL_UNKNOWN
1980 && ! good_l4_checksum0
1981 && ! (flags0 & IP_BUFFER_L4_CHECKSUM_COMPUTED)))
1983 flags0 = ip6_tcp_udp_icmp_validate_checksum (vm, p0);
1985 (flags0 & IP_BUFFER_L4_CHECKSUM_CORRECT) != 0;
1988 error0 = IP6_ERROR_UNKNOWN_PROTOCOL;
1990 error0 = len_diff0 < 0 ? IP6_ERROR_UDP_LENGTH : error0;
1992 ASSERT (IP6_ERROR_UDP_CHECKSUM + IP_BUILTIN_PROTOCOL_UDP == IP6_ERROR_UDP_CHECKSUM);
1993 ASSERT (IP6_ERROR_UDP_CHECKSUM + IP_BUILTIN_PROTOCOL_ICMP == IP6_ERROR_ICMP_CHECKSUM);
1994 error0 = (! good_l4_checksum0
1995 ? IP6_ERROR_UDP_CHECKSUM + type0
1998 /* If this is a neighbor solicitation (ICMP), skip source RPF check */
1999 if (error0 == IP6_ERROR_UNKNOWN_PROTOCOL && type0 != IP_BUILTIN_PROTOCOL_ICMP)
2001 u32 src_adj_index0 = ip6_src_lookup_for_packet (im, p0, ip0);
2002 error0 = (lm->miss_adj_index == src_adj_index0
2003 ? IP6_ERROR_SRC_LOOKUP_MISS
2007 next0 = error0 != IP6_ERROR_UNKNOWN_PROTOCOL ? IP_LOCAL_NEXT_DROP : next0;
2009 p0->error = error_node->errors[error0];
2011 vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
2012 to_next, n_left_to_next,
2016 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
2019 return frame->n_vectors;
2022 VLIB_REGISTER_NODE (ip6_local_node,static) = {
2023 .function = ip6_local,
2024 .name = "ip6-local",
2025 .vector_size = sizeof (u32),
2027 .format_trace = format_ip6_forward_next_trace,
2029 .n_next_nodes = IP_LOCAL_N_NEXT,
2031 [IP_LOCAL_NEXT_DROP] = "error-drop",
2032 [IP_LOCAL_NEXT_PUNT] = "error-punt",
2033 [IP_LOCAL_NEXT_UDP_LOOKUP] = "ip6-udp-lookup",
2034 [IP_LOCAL_NEXT_ICMP] = "ip6-icmp-input",
2038 VLIB_NODE_FUNCTION_MULTIARCH (ip6_local_node, ip6_local)
2040 void ip6_register_protocol (u32 protocol, u32 node_index)
2042 vlib_main_t * vm = vlib_get_main();
2043 ip6_main_t * im = &ip6_main;
2044 ip_lookup_main_t * lm = &im->lookup_main;
2046 ASSERT (protocol < ARRAY_LEN (lm->local_next_by_ip_protocol));
2047 lm->local_next_by_ip_protocol[protocol] = vlib_node_add_next (vm, ip6_local_node.index, node_index);
2051 IP6_DISCOVER_NEIGHBOR_NEXT_DROP,
2052 IP6_DISCOVER_NEIGHBOR_NEXT_REPLY_TX,
2053 IP6_DISCOVER_NEIGHBOR_N_NEXT,
2054 } ip6_discover_neighbor_next_t;
2057 IP6_DISCOVER_NEIGHBOR_ERROR_DROP,
2058 IP6_DISCOVER_NEIGHBOR_ERROR_REQUEST_SENT,
2059 IP6_DISCOVER_NEIGHBOR_ERROR_NO_SOURCE_ADDRESS,
2060 } ip6_discover_neighbor_error_t;
2063 ip6_discover_neighbor (vlib_main_t * vm,
2064 vlib_node_runtime_t * node,
2065 vlib_frame_t * frame)
2067 vnet_main_t * vnm = vnet_get_main();
2068 ip6_main_t * im = &ip6_main;
2069 ip_lookup_main_t * lm = &im->lookup_main;
2070 u32 * from, * to_next_drop;
2071 uword n_left_from, n_left_to_next_drop;
2072 static f64 time_last_seed_change = -1e100;
2073 static u32 hash_seeds[3];
2074 static uword hash_bitmap[256 / BITS (uword)];
2078 if (node->flags & VLIB_NODE_FLAG_TRACE)
2079 ip6_forward_next_trace (vm, node, frame, VLIB_TX);
2081 time_now = vlib_time_now (vm);
2082 if (time_now - time_last_seed_change > 1e-3)
2085 u32 * r = clib_random_buffer_get_data (&vm->random_buffer,
2086 sizeof (hash_seeds));
2087 for (i = 0; i < ARRAY_LEN (hash_seeds); i++)
2088 hash_seeds[i] = r[i];
2090 /* Mark all hash keys as been not-seen before. */
2091 for (i = 0; i < ARRAY_LEN (hash_bitmap); i++)
2094 time_last_seed_change = time_now;
2097 from = vlib_frame_vector_args (frame);
2098 n_left_from = frame->n_vectors;
2100 while (n_left_from > 0)
2102 vlib_get_next_frame (vm, node, IP6_DISCOVER_NEIGHBOR_NEXT_DROP,
2103 to_next_drop, n_left_to_next_drop);
2105 while (n_left_from > 0 && n_left_to_next_drop > 0)
2109 u32 pi0, adj_index0, a0, b0, c0, m0, sw_if_index0, drop0;
2111 ip_adjacency_t * adj0;
2112 vnet_hw_interface_t * hw_if0;
2117 p0 = vlib_get_buffer (vm, pi0);
2119 adj_index0 = vnet_buffer (p0)->ip.adj_index[VLIB_TX];
2121 ip0 = vlib_buffer_get_current (p0);
2123 adj0 = ip_get_adjacency (lm, adj_index0);
2125 if (adj0->arp.next_hop.ip6.as_u64[0] ||
2126 adj0->arp.next_hop.ip6.as_u64[1]) {
2127 ip0->dst_address.as_u64[0] = adj0->arp.next_hop.ip6.as_u64[0];
2128 ip0->dst_address.as_u64[1] = adj0->arp.next_hop.ip6.as_u64[1];
2135 sw_if_index0 = adj0->rewrite_header.sw_if_index;
2136 vnet_buffer (p0)->sw_if_index[VLIB_TX] = sw_if_index0;
2139 b0 ^= ip0->dst_address.as_u32[0];
2140 c0 ^= ip0->dst_address.as_u32[1];
2142 hash_v3_mix32 (a0, b0, c0);
2144 b0 ^= ip0->dst_address.as_u32[2];
2145 c0 ^= ip0->dst_address.as_u32[3];
2147 hash_v3_finalize32 (a0, b0, c0);
2149 c0 &= BITS (hash_bitmap) - 1;
2150 c0 = c0 / BITS (uword);
2151 m0 = (uword) 1 << (c0 % BITS (uword));
2153 bm0 = hash_bitmap[c0];
2154 drop0 = (bm0 & m0) != 0;
2156 /* Mark it as seen. */
2157 hash_bitmap[c0] = bm0 | m0;
2161 to_next_drop[0] = pi0;
2163 n_left_to_next_drop -= 1;
2165 hw_if0 = vnet_get_sup_hw_interface (vnm, sw_if_index0);
2167 /* If the interface is link-down, drop the pkt */
2168 if (!(hw_if0->flags & VNET_HW_INTERFACE_FLAG_LINK_UP))
2172 node->errors[drop0 ? IP6_DISCOVER_NEIGHBOR_ERROR_DROP
2173 : IP6_DISCOVER_NEIGHBOR_ERROR_REQUEST_SENT];
2179 icmp6_neighbor_solicitation_header_t * h0;
2182 h0 = vlib_packet_template_get_packet
2183 (vm, &im->discover_neighbor_packet_template, &bi0);
2186 * Build ethernet header.
2187 * Choose source address based on destination lookup
2190 if (ip6_src_address_for_packet (im, p0, &h0->ip.src_address,
2192 //There is no address on the interface
2193 p0->error = node->errors[IP6_DISCOVER_NEIGHBOR_ERROR_NO_SOURCE_ADDRESS];
2194 vlib_buffer_free(vm, &bi0, 1);
2199 * Destination address is a solicited node multicast address.
2200 * We need to fill in
2201 * the low 24 bits with low 24 bits of target's address.
2203 h0->ip.dst_address.as_u8[13] = ip0->dst_address.as_u8[13];
2204 h0->ip.dst_address.as_u8[14] = ip0->dst_address.as_u8[14];
2205 h0->ip.dst_address.as_u8[15] = ip0->dst_address.as_u8[15];
2207 h0->neighbor.target_address = ip0->dst_address;
2209 clib_memcpy (h0->link_layer_option.ethernet_address,
2210 hw_if0->hw_address, vec_len (hw_if0->hw_address));
2212 /* $$$$ appears we need this; why is the checksum non-zero? */
2213 h0->neighbor.icmp.checksum = 0;
2214 h0->neighbor.icmp.checksum =
2215 ip6_tcp_udp_icmp_compute_checksum (vm, 0, &h0->ip,
2218 ASSERT (bogus_length == 0);
2220 vlib_buffer_copy_trace_flag (vm, p0, bi0);
2221 b0 = vlib_get_buffer (vm, bi0);
2222 vnet_buffer (b0)->sw_if_index[VLIB_TX]
2223 = vnet_buffer (p0)->sw_if_index[VLIB_TX];
2225 /* Add rewrite/encap string. */
2226 vnet_rewrite_one_header (adj0[0], h0,
2227 sizeof (ethernet_header_t));
2228 vlib_buffer_advance (b0, -adj0->rewrite_header.data_bytes);
2230 next0 = IP6_DISCOVER_NEIGHBOR_NEXT_REPLY_TX;
2232 vlib_set_next_frame_buffer (vm, node, next0, bi0);
2236 vlib_put_next_frame (vm, node, IP6_DISCOVER_NEIGHBOR_NEXT_DROP,
2237 n_left_to_next_drop);
2240 return frame->n_vectors;
2243 static char * ip6_discover_neighbor_error_strings[] = {
2244 [IP6_DISCOVER_NEIGHBOR_ERROR_DROP] = "address overflow drops",
2245 [IP6_DISCOVER_NEIGHBOR_ERROR_REQUEST_SENT]
2246 = "neighbor solicitations sent",
2247 [IP6_DISCOVER_NEIGHBOR_ERROR_NO_SOURCE_ADDRESS]
2248 = "no source address for ND solicitation",
2251 VLIB_REGISTER_NODE (ip6_discover_neighbor_node) = {
2252 .function = ip6_discover_neighbor,
2253 .name = "ip6-discover-neighbor",
2254 .vector_size = sizeof (u32),
2256 .format_trace = format_ip6_forward_next_trace,
2258 .n_errors = ARRAY_LEN (ip6_discover_neighbor_error_strings),
2259 .error_strings = ip6_discover_neighbor_error_strings,
2261 .n_next_nodes = IP6_DISCOVER_NEIGHBOR_N_NEXT,
2263 [IP6_DISCOVER_NEIGHBOR_NEXT_DROP] = "error-drop",
2264 [IP6_DISCOVER_NEIGHBOR_NEXT_REPLY_TX] = "interface-output",
2269 ip6_probe_neighbor (vlib_main_t * vm, ip6_address_t * dst, u32 sw_if_index)
2271 vnet_main_t * vnm = vnet_get_main();
2272 ip6_main_t * im = &ip6_main;
2273 icmp6_neighbor_solicitation_header_t * h;
2274 ip6_address_t * src;
2275 ip_interface_address_t * ia;
2276 ip_adjacency_t * adj;
2277 vnet_hw_interface_t * hi;
2278 vnet_sw_interface_t * si;
2283 si = vnet_get_sw_interface (vnm, sw_if_index);
2285 if (!(si->flags & VNET_SW_INTERFACE_FLAG_ADMIN_UP))
2287 return clib_error_return (0, "%U: interface %U down",
2288 format_ip6_address, dst,
2289 format_vnet_sw_if_index_name, vnm,
2293 src = ip6_interface_address_matching_destination (im, dst, sw_if_index, &ia);
2296 vnm->api_errno = VNET_API_ERROR_NO_MATCHING_INTERFACE;
2297 return clib_error_return
2298 (0, "no matching interface address for destination %U (interface %U)",
2299 format_ip6_address, dst,
2300 format_vnet_sw_if_index_name, vnm, sw_if_index);
2303 h = vlib_packet_template_get_packet (vm, &im->discover_neighbor_packet_template, &bi);
2305 hi = vnet_get_sup_hw_interface (vnm, sw_if_index);
2307 /* Destination address is a solicited node multicast address. We need to fill in
2308 the low 24 bits with low 24 bits of target's address. */
2309 h->ip.dst_address.as_u8[13] = dst->as_u8[13];
2310 h->ip.dst_address.as_u8[14] = dst->as_u8[14];
2311 h->ip.dst_address.as_u8[15] = dst->as_u8[15];
2313 h->ip.src_address = src[0];
2314 h->neighbor.target_address = dst[0];
2316 clib_memcpy (h->link_layer_option.ethernet_address, hi->hw_address, vec_len (hi->hw_address));
2318 h->neighbor.icmp.checksum =
2319 ip6_tcp_udp_icmp_compute_checksum (vm, 0, &h->ip, &bogus_length);
2320 ASSERT(bogus_length == 0);
2322 b = vlib_get_buffer (vm, bi);
2323 vnet_buffer (b)->sw_if_index[VLIB_RX] = vnet_buffer (b)->sw_if_index[VLIB_TX] = sw_if_index;
2325 /* Add encapsulation string for software interface (e.g. ethernet header). */
2326 adj = ip_get_adjacency (&im->lookup_main, ia->neighbor_probe_adj_index);
2327 vnet_rewrite_one_header (adj[0], h, sizeof (ethernet_header_t));
2328 vlib_buffer_advance (b, -adj->rewrite_header.data_bytes);
2331 vlib_frame_t * f = vlib_get_frame_to_node (vm, hi->output_node_index);
2332 u32 * to_next = vlib_frame_vector_args (f);
2335 vlib_put_frame_to_node (vm, hi->output_node_index, f);
2338 return /* no error */ 0;
2342 IP6_REWRITE_NEXT_DROP,
2343 IP6_REWRITE_NEXT_ICMP_ERROR,
2344 } ip6_rewrite_next_t;
2347 ip6_rewrite_inline (vlib_main_t * vm,
2348 vlib_node_runtime_t * node,
2349 vlib_frame_t * frame,
2350 int rewrite_for_locally_received_packets)
2352 ip_lookup_main_t * lm = &ip6_main.lookup_main;
2353 u32 * from = vlib_frame_vector_args (frame);
2354 u32 n_left_from, n_left_to_next, * to_next, next_index;
2355 vlib_node_runtime_t * error_node = vlib_node_get_runtime (vm, ip6_input_node.index);
2356 vlib_rx_or_tx_t adj_rx_tx = rewrite_for_locally_received_packets ? VLIB_RX : VLIB_TX;
2358 n_left_from = frame->n_vectors;
2359 next_index = node->cached_next_index;
2360 u32 cpu_index = os_get_cpu_number();
2362 while (n_left_from > 0)
2364 vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
2366 while (n_left_from >= 4 && n_left_to_next >= 2)
2368 ip_adjacency_t * adj0, * adj1;
2369 vlib_buffer_t * p0, * p1;
2370 ip6_header_t * ip0, * ip1;
2371 u32 pi0, rw_len0, next0, error0, adj_index0;
2372 u32 pi1, rw_len1, next1, error1, adj_index1;
2374 /* Prefetch next iteration. */
2376 vlib_buffer_t * p2, * p3;
2378 p2 = vlib_get_buffer (vm, from[2]);
2379 p3 = vlib_get_buffer (vm, from[3]);
2381 vlib_prefetch_buffer_header (p2, LOAD);
2382 vlib_prefetch_buffer_header (p3, LOAD);
2384 CLIB_PREFETCH (p2->pre_data, 32, STORE);
2385 CLIB_PREFETCH (p3->pre_data, 32, STORE);
2387 CLIB_PREFETCH (p2->data, sizeof (ip0[0]), STORE);
2388 CLIB_PREFETCH (p3->data, sizeof (ip0[0]), STORE);
2391 pi0 = to_next[0] = from[0];
2392 pi1 = to_next[1] = from[1];
2397 n_left_to_next -= 2;
2399 p0 = vlib_get_buffer (vm, pi0);
2400 p1 = vlib_get_buffer (vm, pi1);
2402 adj_index0 = vnet_buffer (p0)->ip.adj_index[adj_rx_tx];
2403 adj_index1 = vnet_buffer (p1)->ip.adj_index[adj_rx_tx];
2405 /* We should never rewrite a pkt using the MISS adjacency */
2406 ASSERT(adj_index0 && adj_index1);
2408 ip0 = vlib_buffer_get_current (p0);
2409 ip1 = vlib_buffer_get_current (p1);
2411 error0 = error1 = IP6_ERROR_NONE;
2412 next0 = next1 = IP6_REWRITE_NEXT_DROP;
2414 if (! rewrite_for_locally_received_packets)
2416 i32 hop_limit0 = ip0->hop_limit, hop_limit1 = ip1->hop_limit;
2418 /* Input node should have reject packets with hop limit 0. */
2419 ASSERT (ip0->hop_limit > 0);
2420 ASSERT (ip1->hop_limit > 0);
2425 ip0->hop_limit = hop_limit0;
2426 ip1->hop_limit = hop_limit1;
2429 * If the hop count drops below 1 when forwarding, generate
2432 if (PREDICT_FALSE(hop_limit0 <= 0))
2434 error0 = IP6_ERROR_TIME_EXPIRED;
2435 next0 = IP6_REWRITE_NEXT_ICMP_ERROR;
2436 vnet_buffer (p0)->sw_if_index[VLIB_TX] = (u32)~0;
2437 icmp6_error_set_vnet_buffer(p0, ICMP6_time_exceeded,
2438 ICMP6_time_exceeded_ttl_exceeded_in_transit, 0);
2440 if (PREDICT_FALSE(hop_limit1 <= 0))
2442 error1 = IP6_ERROR_TIME_EXPIRED;
2443 next1 = IP6_REWRITE_NEXT_ICMP_ERROR;
2444 vnet_buffer (p1)->sw_if_index[VLIB_TX] = (u32)~0;
2445 icmp6_error_set_vnet_buffer(p1, ICMP6_time_exceeded,
2446 ICMP6_time_exceeded_ttl_exceeded_in_transit, 0);
2450 adj0 = ip_get_adjacency (lm, adj_index0);
2451 adj1 = ip_get_adjacency (lm, adj_index1);
2453 if (rewrite_for_locally_received_packets)
2456 * If someone sends e.g. an icmp6 w/ src = dst = interface addr,
2457 * we end up here with a local adjacency in hand
2459 if (PREDICT_FALSE(adj0->lookup_next_index
2460 == IP_LOOKUP_NEXT_LOCAL))
2461 error0 = IP6_ERROR_SPOOFED_LOCAL_PACKETS;
2462 if (PREDICT_FALSE(adj1->lookup_next_index
2463 == IP_LOOKUP_NEXT_LOCAL))
2464 error1 = IP6_ERROR_SPOOFED_LOCAL_PACKETS;
2467 rw_len0 = adj0[0].rewrite_header.data_bytes;
2468 rw_len1 = adj1[0].rewrite_header.data_bytes;
2470 vlib_increment_combined_counter (&lm->adjacency_counters,
2473 /* packet increment */ 0,
2474 /* byte increment */ rw_len0);
2475 vlib_increment_combined_counter (&lm->adjacency_counters,
2478 /* packet increment */ 0,
2479 /* byte increment */ rw_len1);
2481 /* Check MTU of outgoing interface. */
2482 error0 = (vlib_buffer_length_in_chain (vm, p0) > adj0[0].rewrite_header.max_l3_packet_bytes
2483 ? IP6_ERROR_MTU_EXCEEDED
2485 error1 = (vlib_buffer_length_in_chain (vm, p1) > adj1[0].rewrite_header.max_l3_packet_bytes
2486 ? IP6_ERROR_MTU_EXCEEDED
2489 /* Don't adjust the buffer for hop count issue; icmp-error node
2490 * wants to see the IP headerr */
2491 if (PREDICT_TRUE(error0 == IP6_ERROR_NONE))
2493 p0->current_data -= rw_len0;
2494 p0->current_length += rw_len0;
2496 vnet_buffer (p0)->sw_if_index[VLIB_TX] =
2497 adj0[0].rewrite_header.sw_if_index;
2498 next0 = adj0[0].rewrite_header.next_index;
2500 if (PREDICT_TRUE(error1 == IP6_ERROR_NONE))
2502 p1->current_data -= rw_len1;
2503 p1->current_length += rw_len1;
2505 vnet_buffer (p1)->sw_if_index[VLIB_TX] =
2506 adj1[0].rewrite_header.sw_if_index;
2507 next1 = adj1[0].rewrite_header.next_index;
2510 /* Guess we are only writing on simple Ethernet header. */
2511 vnet_rewrite_two_headers (adj0[0], adj1[0],
2513 sizeof (ethernet_header_t));
2515 vlib_validate_buffer_enqueue_x2 (vm, node, next_index,
2516 to_next, n_left_to_next,
2517 pi0, pi1, next0, next1);
2520 while (n_left_from > 0 && n_left_to_next > 0)
2522 ip_adjacency_t * adj0;
2526 u32 adj_index0, next0, error0;
2528 pi0 = to_next[0] = from[0];
2530 p0 = vlib_get_buffer (vm, pi0);
2532 adj_index0 = vnet_buffer (p0)->ip.adj_index[adj_rx_tx];
2534 /* We should never rewrite a pkt using the MISS adjacency */
2537 adj0 = ip_get_adjacency (lm, adj_index0);
2539 ip0 = vlib_buffer_get_current (p0);
2541 error0 = IP6_ERROR_NONE;
2542 next0 = IP6_REWRITE_NEXT_DROP;
2544 /* Check hop limit */
2545 if (! rewrite_for_locally_received_packets)
2547 i32 hop_limit0 = ip0->hop_limit;
2549 ASSERT (ip0->hop_limit > 0);
2553 ip0->hop_limit = hop_limit0;
2555 if (PREDICT_FALSE(hop_limit0 <= 0))
2558 * If the hop count drops below 1 when forwarding, generate
2561 error0 = IP6_ERROR_TIME_EXPIRED;
2562 next0 = IP6_REWRITE_NEXT_ICMP_ERROR;
2563 vnet_buffer (p0)->sw_if_index[VLIB_TX] = (u32)~0;
2564 icmp6_error_set_vnet_buffer(p0, ICMP6_time_exceeded,
2565 ICMP6_time_exceeded_ttl_exceeded_in_transit, 0);
2569 if (rewrite_for_locally_received_packets)
2571 if (PREDICT_FALSE(adj0->lookup_next_index
2572 == IP_LOOKUP_NEXT_LOCAL))
2573 error0 = IP6_ERROR_SPOOFED_LOCAL_PACKETS;
2576 /* Guess we are only writing on simple Ethernet header. */
2577 vnet_rewrite_one_header (adj0[0], ip0, sizeof (ethernet_header_t));
2579 /* Update packet buffer attributes/set output interface. */
2580 rw_len0 = adj0[0].rewrite_header.data_bytes;
2582 vlib_increment_combined_counter (&lm->adjacency_counters,
2585 /* packet increment */ 0,
2586 /* byte increment */ rw_len0);
2588 /* Check MTU of outgoing interface. */
2589 error0 = (vlib_buffer_length_in_chain (vm, p0) > adj0[0].rewrite_header.max_l3_packet_bytes
2590 ? IP6_ERROR_MTU_EXCEEDED
2593 /* Don't adjust the buffer for hop count issue; icmp-error node
2594 * wants to see the IP headerr */
2595 if (PREDICT_TRUE(error0 == IP6_ERROR_NONE))
2597 p0->current_data -= rw_len0;
2598 p0->current_length += rw_len0;
2600 vnet_buffer (p0)->sw_if_index[VLIB_TX] =
2601 adj0[0].rewrite_header.sw_if_index;
2602 next0 = adj0[0].rewrite_header.next_index;
2605 p0->error = error_node->errors[error0];
2610 n_left_to_next -= 1;
2612 vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
2613 to_next, n_left_to_next,
2617 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
2620 /* Need to do trace after rewrites to pick up new packet data. */
2621 if (node->flags & VLIB_NODE_FLAG_TRACE)
2622 ip6_forward_next_trace (vm, node, frame, adj_rx_tx);
2624 return frame->n_vectors;
2628 ip6_rewrite_transit (vlib_main_t * vm,
2629 vlib_node_runtime_t * node,
2630 vlib_frame_t * frame)
2632 return ip6_rewrite_inline (vm, node, frame,
2633 /* rewrite_for_locally_received_packets */ 0);
2637 ip6_rewrite_local (vlib_main_t * vm,
2638 vlib_node_runtime_t * node,
2639 vlib_frame_t * frame)
2641 return ip6_rewrite_inline (vm, node, frame,
2642 /* rewrite_for_locally_received_packets */ 1);
2645 VLIB_REGISTER_NODE (ip6_rewrite_node) = {
2646 .function = ip6_rewrite_transit,
2647 .name = "ip6-rewrite",
2648 .vector_size = sizeof (u32),
2650 .format_trace = format_ip6_rewrite_trace,
2654 [IP6_REWRITE_NEXT_DROP] = "error-drop",
2655 [IP6_REWRITE_NEXT_ICMP_ERROR] = "ip6-icmp-error",
2659 VLIB_NODE_FUNCTION_MULTIARCH (ip6_rewrite_node, ip6_rewrite_transit)
2661 VLIB_REGISTER_NODE (ip6_rewrite_local_node) = {
2662 .function = ip6_rewrite_local,
2663 .name = "ip6-rewrite-local",
2664 .vector_size = sizeof (u32),
2666 .sibling_of = "ip6-rewrite",
2668 .format_trace = format_ip6_rewrite_trace,
2673 VLIB_NODE_FUNCTION_MULTIARCH (ip6_rewrite_local_node, ip6_rewrite_local)
2676 * Hop-by-Hop handling
2679 ip6_hop_by_hop_main_t ip6_hop_by_hop_main;
2681 #define foreach_ip6_hop_by_hop_error \
2682 _(PROCESSED, "pkts with ip6 hop-by-hop options") \
2683 _(FORMAT, "incorrectly formatted hop-by-hop options") \
2684 _(UNKNOWN_OPTION, "unknown ip6 hop-by-hop options")
2687 #define _(sym,str) IP6_HOP_BY_HOP_ERROR_##sym,
2688 foreach_ip6_hop_by_hop_error
2690 IP6_HOP_BY_HOP_N_ERROR,
2691 } ip6_hop_by_hop_error_t;
2694 * Primary h-b-h handler trace support
2695 * We work pretty hard on the problem for obvious reasons
2700 u8 option_data[256];
2701 } ip6_hop_by_hop_trace_t;
2703 vlib_node_registration_t ip6_hop_by_hop_node;
2705 static char * ip6_hop_by_hop_error_strings[] = {
2706 #define _(sym,string) string,
2707 foreach_ip6_hop_by_hop_error
2712 format_ip6_hop_by_hop_trace (u8 * s, va_list * args)
2714 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
2715 CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
2716 ip6_hop_by_hop_trace_t * t = va_arg (*args, ip6_hop_by_hop_trace_t *);
2717 ip6_hop_by_hop_header_t *hbh0;
2718 ip6_hop_by_hop_option_t *opt0, *limit0;
2719 ip6_hop_by_hop_main_t *hm = &ip6_hop_by_hop_main;
2723 hbh0 = (ip6_hop_by_hop_header_t *)t->option_data;
2725 s = format (s, "IP6_HOP_BY_HOP: next index %d len %d traced %d",
2726 t->next_index, (hbh0->length+1)<<3, t->trace_len);
2728 opt0 = (ip6_hop_by_hop_option_t *) (hbh0+1);
2729 limit0 = (ip6_hop_by_hop_option_t *) ((u8 *)hbh0) + t->trace_len;
2731 while (opt0 < limit0) {
2734 case 0: /* Pad, just stop */
2735 opt0 = (ip6_hop_by_hop_option_t *) ((u8 *)opt0) + 1;
2739 if (hm->trace[type0]) {
2740 s = (*hm->trace[type0])(s, opt0);
2742 s = format (s, "\n unrecognized option %d length %d", type0, opt0->length);
2744 opt0 = (ip6_hop_by_hop_option_t *) (((u8 *)opt0) + opt0->length + sizeof (ip6_hop_by_hop_option_t));
2752 * Process the Hop-by-Hop Options header
2755 ip6_hop_by_hop (vlib_main_t * vm,
2756 vlib_node_runtime_t * node,
2757 vlib_frame_t * frame)
2759 vlib_node_runtime_t *error_node = vlib_node_get_runtime(vm, ip6_hop_by_hop_node.index);
2760 ip6_hop_by_hop_main_t *hm = &ip6_hop_by_hop_main;
2761 u32 n_left_from, *from, *to_next;
2762 ip_lookup_next_t next_index;
2763 ip6_main_t * im = &ip6_main;
2764 ip_lookup_main_t *lm = &im->lookup_main;
2766 from = vlib_frame_vector_args (frame);
2767 n_left_from = frame->n_vectors;
2768 next_index = node->cached_next_index;
2770 while (n_left_from > 0) {
2773 vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
2775 while (n_left_from > 0 && n_left_to_next > 0) {
2780 ip6_hop_by_hop_header_t *hbh0;
2781 ip6_hop_by_hop_option_t *opt0, *limit0;
2785 /* Speculatively enqueue b0 to the current next frame */
2791 n_left_to_next -= 1;
2793 b0 = vlib_get_buffer (vm, bi0);
2794 u32 adj_index0 = vnet_buffer(b0)->ip.adj_index[VLIB_TX];
2795 ip_adjacency_t *adj0 = ip_get_adjacency(lm, adj_index0);
2796 /* Default use the next_index from the adjacency. A HBH option rarely redirects to a different node */
2797 next0 = adj0->lookup_next_index;
2799 ip0 = vlib_buffer_get_current (b0);
2800 hbh0 = (ip6_hop_by_hop_header_t *)(ip0+1);
2801 opt0 = (ip6_hop_by_hop_option_t *)(hbh0+1);
2802 limit0 = (ip6_hop_by_hop_option_t *)((u8 *)hbh0 + ((hbh0->length + 1) << 3));
2805 * Basic validity checks
2807 if ((hbh0->length + 1) << 3 > clib_net_to_host_u16(ip0->payload_length)) {
2808 error0 = IP6_HOP_BY_HOP_ERROR_FORMAT;
2809 next0 = IP_LOOKUP_NEXT_DROP;
2813 /* Scan the set of h-b-h options, process ones that we understand */
2814 while (opt0 < limit0) {
2818 opt0 = (ip6_hop_by_hop_option_t *) ((u8 *)opt0) + 1;
2823 if (hm->options[type0]) {
2824 if ((*hm->options[type0])(b0, ip0, opt0) < 0) {
2825 error0 = IP6_HOP_BY_HOP_ERROR_FORMAT;
2829 /* Unrecognized mandatory option, check the two high order bits */
2830 switch (opt0->type & HBH_OPTION_TYPE_HIGH_ORDER_BITS) {
2831 case HBH_OPTION_TYPE_SKIP_UNKNOWN:
2833 case HBH_OPTION_TYPE_DISCARD_UNKNOWN:
2834 next0 = IP_LOOKUP_NEXT_DROP;
2836 case HBH_OPTION_TYPE_DISCARD_UNKNOWN_ICMP:
2837 next0 = IP_LOOKUP_NEXT_ICMP_ERROR;
2838 icmp6_error_set_vnet_buffer(b0, ICMP6_parameter_problem,
2839 ICMP6_parameter_problem_unrecognized_option, (u8 *)opt0 - (u8 *)ip0);
2841 case HBH_OPTION_TYPE_DISCARD_UNKNOWN_ICMP_NOT_MCAST:
2842 if (!ip6_address_is_multicast(&ip0->dst_address)) {
2843 next0 = IP_LOOKUP_NEXT_ICMP_ERROR;
2844 icmp6_error_set_vnet_buffer(b0, ICMP6_parameter_problem,
2845 ICMP6_parameter_problem_unrecognized_option, (u8 *)opt0 - (u8 *)ip0);
2847 next0 = IP_LOOKUP_NEXT_DROP;
2851 error0 = IP6_HOP_BY_HOP_ERROR_UNKNOWN_OPTION;
2855 opt0 = (ip6_hop_by_hop_option_t *) (((u8 *)opt0) + opt0->length + sizeof (ip6_hop_by_hop_option_t));
2859 /* Has the classifier flagged this buffer for special treatment? */
2860 if ((error0 == 0) && (vnet_buffer(b0)->l2_classify.opaque_index == OI_DECAP))
2861 next0 = IP6_LOOKUP_NEXT_POP_HOP_BY_HOP;
2863 if (PREDICT_FALSE(b0->flags & VLIB_BUFFER_IS_TRACED)) {
2864 ip6_hop_by_hop_trace_t *t = vlib_add_trace(vm, node, b0, sizeof (*t));
2865 u32 trace_len = (hbh0->length + 1) << 3;
2866 t->next_index = next0;
2867 /* Capture the h-b-h option verbatim */
2868 trace_len = trace_len < ARRAY_LEN(t->option_data) ? trace_len : ARRAY_LEN(t->option_data);
2869 t->trace_len = trace_len;
2870 clib_memcpy(t->option_data, hbh0, trace_len);
2873 b0->error = error_node->errors[error0];
2875 /* verify speculative enqueue, maybe switch current next frame */
2876 vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next, n_left_to_next, bi0, next0);
2878 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
2880 return frame->n_vectors;
2883 VLIB_REGISTER_NODE (ip6_hop_by_hop_node) = {
2884 .function = ip6_hop_by_hop,
2885 .name = "ip6-hop-by-hop",
2886 .sibling_of = "ip6-lookup",
2887 .vector_size = sizeof (u32),
2888 .format_trace = format_ip6_hop_by_hop_trace,
2889 .type = VLIB_NODE_TYPE_INTERNAL,
2890 .n_errors = ARRAY_LEN(ip6_hop_by_hop_error_strings),
2891 .error_strings = ip6_hop_by_hop_error_strings,
2895 VLIB_NODE_FUNCTION_MULTIARCH (ip6_hop_by_hop_node, ip6_hop_by_hop)
2897 static clib_error_t *
2898 ip6_hop_by_hop_init (vlib_main_t * vm)
2900 ip6_hop_by_hop_main_t * hm = &ip6_hop_by_hop_main;
2901 memset(hm->options, 0, sizeof(hm->options));
2902 memset(hm->trace, 0, sizeof(hm->trace));
2907 VLIB_INIT_FUNCTION (ip6_hop_by_hop_init);
2910 ip6_hbh_register_option (u8 option,
2911 int options(vlib_buffer_t *b, ip6_header_t *ip, ip6_hop_by_hop_option_t *opt),
2912 u8 *trace(u8 *s, ip6_hop_by_hop_option_t *opt))
2914 ip6_main_t * im = &ip6_main;
2915 ip6_hop_by_hop_main_t * hm = &ip6_hop_by_hop_main;
2917 ASSERT (option < ARRAY_LEN (hm->options));
2919 /* Already registered */
2920 if (hm->options[option])
2923 hm->options[option] = options;
2924 hm->trace[option] = trace;
2926 /* Set global variable */
2927 im->hbh_enabled = 1;
2933 ip6_hbh_unregister_option (u8 option)
2935 ip6_main_t * im = &ip6_main;
2936 ip6_hop_by_hop_main_t * hm = &ip6_hop_by_hop_main;
2938 ASSERT (option < ARRAY_LEN (hm->options));
2940 /* Not registered */
2941 if (!hm->options[option])
2944 hm->options[option] = NULL;
2945 hm->trace[option] = NULL;
2947 /* Disable global knob if this was the last option configured */
2950 for (i = 0; i < 256; i++) {
2951 if (hm->options[option]) {
2957 im->hbh_enabled = 0;
2962 /* Global IP6 main. */
2963 ip6_main_t ip6_main;
2965 static clib_error_t *
2966 ip6_lookup_init (vlib_main_t * vm)
2968 ip6_main_t * im = &ip6_main;
2969 clib_error_t * error;
2972 for (i = 0; i < ARRAY_LEN (im->fib_masks); i++)
2979 for (j = 0; j < i0; j++)
2980 im->fib_masks[i].as_u32[j] = ~0;
2983 im->fib_masks[i].as_u32[i0] = clib_host_to_net_u32 (pow2_mask (i1) << (32 - i1));
2986 ip_lookup_init (&im->lookup_main, /* is_ip6 */ 1);
2988 if (im->lookup_table_nbuckets == 0)
2989 im->lookup_table_nbuckets = IP6_FIB_DEFAULT_HASH_NUM_BUCKETS;
2991 im->lookup_table_nbuckets = 1<< max_log2 (im->lookup_table_nbuckets);
2993 if (im->lookup_table_size == 0)
2994 im->lookup_table_size = IP6_FIB_DEFAULT_HASH_MEMORY_SIZE;
2996 BV(clib_bihash_init) (&im->ip6_lookup_table, "ip6 lookup table",
2997 im->lookup_table_nbuckets,
2998 im->lookup_table_size);
3000 /* Create FIB with index 0 and table id of 0. */
3001 find_ip6_fib_by_table_index_or_id (im, /* table id */ 0, IP6_ROUTE_FLAG_TABLE_ID);
3005 pn = pg_get_node (ip6_lookup_node.index);
3006 pn->unformat_edit = unformat_pg_ip6_header;
3009 /* Unless explicitly configured, don't process HBH options */
3010 im->hbh_enabled = 0;
3013 icmp6_neighbor_solicitation_header_t p;
3015 memset (&p, 0, sizeof (p));
3017 p.ip.ip_version_traffic_class_and_flow_label = clib_host_to_net_u32 (0x6 << 28);
3018 p.ip.payload_length = clib_host_to_net_u16 (sizeof (p)
3019 - STRUCT_OFFSET_OF (icmp6_neighbor_solicitation_header_t, neighbor));
3020 p.ip.protocol = IP_PROTOCOL_ICMP6;
3021 p.ip.hop_limit = 255;
3022 ip6_set_solicited_node_multicast_address (&p.ip.dst_address, 0);
3024 p.neighbor.icmp.type = ICMP6_neighbor_solicitation;
3026 p.link_layer_option.header.type = ICMP6_NEIGHBOR_DISCOVERY_OPTION_source_link_layer_address;
3027 p.link_layer_option.header.n_data_u64s = sizeof (p.link_layer_option) / sizeof (u64);
3029 vlib_packet_template_init (vm,
3030 &im->discover_neighbor_packet_template,
3032 /* alloc chunk size */ 8,
3033 "ip6 neighbor discovery");
3036 error = ip6_feature_init (vm, im);
3041 VLIB_INIT_FUNCTION (ip6_lookup_init);
3043 static clib_error_t *
3044 add_del_ip6_interface_table (vlib_main_t * vm,
3045 unformat_input_t * input,
3046 vlib_cli_command_t * cmd)
3048 vnet_main_t * vnm = vnet_get_main();
3049 clib_error_t * error = 0;
3050 u32 sw_if_index, table_id;
3054 if (! unformat_user (input, unformat_vnet_sw_interface, vnm, &sw_if_index))
3056 error = clib_error_return (0, "unknown interface `%U'",
3057 format_unformat_error, input);
3061 if (unformat (input, "%d", &table_id))
3065 error = clib_error_return (0, "expected table id `%U'",
3066 format_unformat_error, input);
3071 ip6_main_t * im = &ip6_main;
3073 find_ip6_fib_by_table_index_or_id (im, table_id, IP6_ROUTE_FLAG_TABLE_ID);
3077 vec_validate (im->fib_index_by_sw_if_index, sw_if_index);
3078 im->fib_index_by_sw_if_index[sw_if_index] = fib->index;
3086 VLIB_CLI_COMMAND (set_interface_ip_table_command, static) = {
3087 .path = "set interface ip6 table",
3088 .function = add_del_ip6_interface_table,
3089 .short_help = "set interface ip6 table <intfc> <table-id>"
3093 ip6_link_local_address_from_ethernet_mac_address (ip6_address_t *ip,
3096 ip->as_u64[0] = clib_host_to_net_u64 (0xFE80000000000000ULL);
3097 /* Invert the "u" bit */
3098 ip->as_u8 [8] = mac[0] ^ (1<<1);
3099 ip->as_u8 [9] = mac[1];
3100 ip->as_u8 [10] = mac[2];
3101 ip->as_u8 [11] = 0xFF;
3102 ip->as_u8 [12] = 0xFE;
3103 ip->as_u8 [13] = mac[3];
3104 ip->as_u8 [14] = mac[4];
3105 ip->as_u8 [15] = mac[5];
3109 ip6_ethernet_mac_address_from_link_local_address (u8 *mac,
3112 /* Invert the previously inverted "u" bit */
3113 mac[0] = ip->as_u8 [8] ^ (1<<1);
3114 mac[1] = ip->as_u8 [9];
3115 mac[2] = ip->as_u8 [10];
3116 mac[3] = ip->as_u8 [13];
3117 mac[4] = ip->as_u8 [14];
3118 mac[5] = ip->as_u8 [15];
3121 static clib_error_t *
3122 test_ip6_link_command_fn (vlib_main_t * vm,
3123 unformat_input_t * input,
3124 vlib_cli_command_t * cmd)
3127 ip6_address_t _a, *a = &_a;
3129 if (unformat (input, "%U", unformat_ethernet_address, mac))
3131 ip6_link_local_address_from_ethernet_mac_address (a, mac);
3132 vlib_cli_output (vm, "Link local address: %U",
3133 format_ip6_address, a);
3134 ip6_ethernet_mac_address_from_link_local_address (mac, a);
3135 vlib_cli_output (vm, "Original MAC address: %U",
3136 format_ethernet_address, mac);
3142 VLIB_CLI_COMMAND (test_link_command, static) = {
3143 .path = "test ip6 link",
3144 .function = test_ip6_link_command_fn,
3145 .short_help = "test ip6 link <mac-address>",
3148 int vnet_set_ip6_flow_hash (u32 table_id, u32 flow_hash_config)
3150 ip6_main_t * im6 = &ip6_main;
3152 uword * p = hash_get (im6->fib_index_by_table_id, table_id);
3157 fib = vec_elt_at_index (im6->fibs, p[0]);
3159 fib->flow_hash_config = flow_hash_config;
3163 static clib_error_t *
3164 set_ip6_flow_hash_command_fn (vlib_main_t * vm,
3165 unformat_input_t * input,
3166 vlib_cli_command_t * cmd)
3170 u32 flow_hash_config = 0;
3173 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) {
3174 if (unformat (input, "table %d", &table_id))
3177 else if (unformat (input, #a)) { flow_hash_config |= v; matched=1;}
3178 foreach_flow_hash_bit
3184 return clib_error_return (0, "unknown input `%U'",
3185 format_unformat_error, input);
3187 rv = vnet_set_ip6_flow_hash (table_id, flow_hash_config);
3194 return clib_error_return (0, "no such FIB table %d", table_id);
3197 clib_warning ("BUG: illegal flow hash config 0x%x", flow_hash_config);
3204 VLIB_CLI_COMMAND (set_ip6_flow_hash_command, static) = {
3205 .path = "set ip6 flow-hash",
3207 "set ip table flow-hash table <fib-id> src dst sport dport proto reverse",
3208 .function = set_ip6_flow_hash_command_fn,
3211 static clib_error_t *
3212 show_ip6_local_command_fn (vlib_main_t * vm,
3213 unformat_input_t * input,
3214 vlib_cli_command_t * cmd)
3216 ip6_main_t * im = &ip6_main;
3217 ip_lookup_main_t * lm = &im->lookup_main;
3220 vlib_cli_output (vm, "Protocols handled by ip6_local");
3221 for (i = 0; i < ARRAY_LEN(lm->local_next_by_ip_protocol); i++)
3223 if (lm->local_next_by_ip_protocol[i] != IP_LOCAL_NEXT_PUNT)
3224 vlib_cli_output (vm, "%d", i);
3231 VLIB_CLI_COMMAND (show_ip_local, static) = {
3232 .path = "show ip6 local",
3233 .function = show_ip6_local_command_fn,
3234 .short_help = "Show ip6 local protocol table",
3237 int vnet_set_ip6_classify_intfc (vlib_main_t * vm, u32 sw_if_index,
3240 vnet_main_t * vnm = vnet_get_main();
3241 vnet_interface_main_t * im = &vnm->interface_main;
3242 ip6_main_t * ipm = &ip6_main;
3243 ip_lookup_main_t * lm = &ipm->lookup_main;
3244 vnet_classify_main_t * cm = &vnet_classify_main;
3246 if (pool_is_free_index (im->sw_interfaces, sw_if_index))
3247 return VNET_API_ERROR_NO_MATCHING_INTERFACE;
3249 if (table_index != ~0 && pool_is_free_index (cm->tables, table_index))
3250 return VNET_API_ERROR_NO_SUCH_ENTRY;
3252 vec_validate (lm->classify_table_index_by_sw_if_index, sw_if_index);
3253 lm->classify_table_index_by_sw_if_index [sw_if_index] = table_index;
3258 static clib_error_t *
3259 set_ip6_classify_command_fn (vlib_main_t * vm,
3260 unformat_input_t * input,
3261 vlib_cli_command_t * cmd)
3263 u32 table_index = ~0;
3264 int table_index_set = 0;
3265 u32 sw_if_index = ~0;
3268 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) {
3269 if (unformat (input, "table-index %d", &table_index))
3270 table_index_set = 1;
3271 else if (unformat (input, "intfc %U", unformat_vnet_sw_interface,
3272 vnet_get_main(), &sw_if_index))
3278 if (table_index_set == 0)
3279 return clib_error_return (0, "classify table-index must be specified");
3281 if (sw_if_index == ~0)
3282 return clib_error_return (0, "interface / subif must be specified");
3284 rv = vnet_set_ip6_classify_intfc (vm, sw_if_index, table_index);
3291 case VNET_API_ERROR_NO_MATCHING_INTERFACE:
3292 return clib_error_return (0, "No such interface");
3294 case VNET_API_ERROR_NO_SUCH_ENTRY:
3295 return clib_error_return (0, "No such classifier table");
3300 VLIB_CLI_COMMAND (set_ip6_classify_command, static) = {
3301 .path = "set ip6 classify",
3303 "set ip6 classify intfc <int> table-index <index>",
3304 .function = set_ip6_classify_command_fn,
3307 static clib_error_t *
3308 ip6_config (vlib_main_t * vm, unformat_input_t * input)
3310 ip6_main_t * im = &ip6_main;
3315 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) {
3316 if (unformat (input, "hash-buckets %d", &tmp))
3318 else if (unformat (input, "heap-size %dm", &tmp))
3319 heapsize = ((u64)tmp) << 20;
3320 else if (unformat (input, "heap-size %dM", &tmp))
3321 heapsize = ((u64)tmp) << 20;
3322 else if (unformat (input, "heap-size %dg", &tmp))
3323 heapsize = ((u64)tmp) << 30;
3324 else if (unformat (input, "heap-size %dG", &tmp))
3325 heapsize = ((u64)tmp) << 30;
3327 return clib_error_return (0, "unknown input '%U'",
3328 format_unformat_error, input);
3331 im->lookup_table_nbuckets = nbuckets;
3332 im->lookup_table_size = heapsize;
3337 VLIB_EARLY_CONFIG_FUNCTION (ip6_config, "ip6");
Code Review / vpp.git / blob