2 * Copyright (c) 2015 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
15 #include <vppinfra/error.h>
16 #include <vppinfra/hash.h>
17 #include <vnet/vnet.h>
18 #include <vnet/ip/ip.h>
19 #include <vnet/ethernet/ethernet.h>
20 #include <vnet/vxlan/vxlan.h>
22 /* Statistics (not all errors) */
23 #define foreach_vxlan_encap_error \
24 _(ENCAPSULATED, "good packets encapsulated") \
25 _(DEL_TUNNEL, "deleted tunnel packets")
27 static char * vxlan_encap_error_strings[] = {
28 #define _(sym,string) string,
29 foreach_vxlan_encap_error
34 #define _(sym,str) VXLAN_ENCAP_ERROR_##sym,
35 foreach_vxlan_encap_error
38 } vxlan_encap_error_t;
41 VXLAN_ENCAP_NEXT_IP4_LOOKUP,
42 VXLAN_ENCAP_NEXT_DROP,
49 } vxlan_encap_trace_t;
51 u8 * format_vxlan_encap_trace (u8 * s, va_list * args)
53 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
54 CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
55 vxlan_encap_trace_t * t
56 = va_arg (*args, vxlan_encap_trace_t *);
58 s = format (s, "VXLAN-ENCAP: tunnel %d vni %d", t->tunnel_index, t->vni);
62 #define foreach_fixed_header_offset \
66 vxlan_encap (vlib_main_t * vm,
67 vlib_node_runtime_t * node,
68 vlib_frame_t * from_frame)
70 u32 n_left_from, next_index, * from, * to_next;
71 vxlan_main_t * vxm = &vxlan_main;
72 vnet_main_t * vnm = vxm->vnet_main;
73 vnet_interface_main_t * im = &vnm->interface_main;
74 u32 pkts_encapsulated = 0;
75 u16 old_l0 = 0, old_l1 = 0;
76 u32 cpu_index = os_get_cpu_number();
77 u32 stats_sw_if_index, stats_n_packets, stats_n_bytes;
79 from = vlib_frame_vector_args (from_frame);
80 n_left_from = from_frame->n_vectors;
82 next_index = node->cached_next_index;
83 stats_sw_if_index = node->runtime_data[0];
84 stats_n_packets = stats_n_bytes = 0;
86 while (n_left_from > 0)
90 vlib_get_next_frame (vm, node, next_index,
91 to_next, n_left_to_next);
93 while (n_left_from >= 4 && n_left_to_next >= 2)
96 vlib_buffer_t * b0, * b1;
97 u32 flow_hash0, flow_hash1;
98 u32 next0 = VXLAN_ENCAP_NEXT_IP4_LOOKUP;
99 u32 next1 = VXLAN_ENCAP_NEXT_IP4_LOOKUP;
100 u32 sw_if_index0, sw_if_index1, len0, len1;
101 vnet_hw_interface_t * hi0, * hi1;
102 ip4_header_t * ip0, * ip1;
103 udp_header_t * udp0, * udp1;
104 u64 * copy_src0, * copy_dst0;
105 u64 * copy_src1, * copy_dst1;
106 u32 * copy_src_last0, * copy_dst_last0;
107 u32 * copy_src_last1, * copy_dst_last1;
108 vxlan_tunnel_t * t0, * t1;
110 ip_csum_t sum0, sum1;
112 /* Prefetch next iteration. */
114 vlib_buffer_t * p2, * p3;
116 p2 = vlib_get_buffer (vm, from[2]);
117 p3 = vlib_get_buffer (vm, from[3]);
119 vlib_prefetch_buffer_header (p2, LOAD);
120 vlib_prefetch_buffer_header (p3, LOAD);
122 CLIB_PREFETCH (p2->data, 2*CLIB_CACHE_LINE_BYTES, LOAD);
123 CLIB_PREFETCH (p3->data, 2*CLIB_CACHE_LINE_BYTES, LOAD);
135 b0 = vlib_get_buffer (vm, bi0);
136 b1 = vlib_get_buffer (vm, bi1);
138 flow_hash0 = vnet_l2_compute_flow_hash (b0);
139 flow_hash1 = vnet_l2_compute_flow_hash (b1);
142 sw_if_index0 = vnet_buffer(b0)->sw_if_index[VLIB_TX];
143 sw_if_index1 = vnet_buffer(b1)->sw_if_index[VLIB_TX];
144 hi0 = vnet_get_sup_hw_interface (vnm, sw_if_index0);
145 hi1 = vnet_get_sup_hw_interface (vnm, sw_if_index1);
147 t0 = &vxm->tunnels[hi0->dev_instance];
148 t1 = &vxm->tunnels[hi1->dev_instance];
150 /* Check rewrite string and drop packet if tunnel is deleted */
151 if (PREDICT_FALSE(t0->rewrite == vxlan_dummy_rewrite))
153 next0 = VXLAN_ENCAP_NEXT_DROP;
154 b0->error = node->errors[VXLAN_ENCAP_ERROR_DEL_TUNNEL];
155 pkts_encapsulated --;
156 } /* Still go through normal encap with dummy rewrite */
157 if (PREDICT_FALSE(t1->rewrite == vxlan_dummy_rewrite))
159 next1 = VXLAN_ENCAP_NEXT_DROP;
160 b1->error = node->errors[VXLAN_ENCAP_ERROR_DEL_TUNNEL];
161 pkts_encapsulated --;
162 } /* Still go through normal encap with dummy rewrite */
164 /* IP4 VXLAN header sizeof(ip4_vxlan_header_t) should be 36 octects */
165 ASSERT(vec_len(t0->rewrite) == 36);
166 ASSERT(vec_len(t1->rewrite) == 36);
168 /* Apply the rewrite string. $$$$ vnet_rewrite? */
169 vlib_buffer_advance (b0, -(word)_vec_len(t0->rewrite));
170 vlib_buffer_advance (b1, -(word)_vec_len(t1->rewrite));
172 ip0 = vlib_buffer_get_current(b0);
173 ip1 = vlib_buffer_get_current(b1);
174 /* Copy the fixed header */
175 copy_dst0 = (u64 *) ip0;
176 copy_src0 = (u64 *) t0->rewrite;
177 copy_dst1 = (u64 *) ip1;
178 copy_src1 = (u64 *) t1->rewrite;
180 /* Copy first 32 octets 8-bytes at a time */
181 #define _(offs) copy_dst0[offs] = copy_src0[offs];
182 foreach_fixed_header_offset;
184 #define _(offs) copy_dst1[offs] = copy_src1[offs];
185 foreach_fixed_header_offset;
188 /* Last 4 octets. Hopefully gcc will be our friend */
189 copy_dst_last0 = (u32 *)(©_dst0[4]);
190 copy_src_last0 = (u32 *)(©_src0[4]);
191 copy_dst_last1 = (u32 *)(©_dst1[4]);
192 copy_src_last1 = (u32 *)(©_src1[4]);
194 copy_dst_last0[0] = copy_src_last0[0];
195 copy_dst_last1[0] = copy_src_last1[0];
197 /* fix the <bleep>ing outer-IP checksum */
198 sum0 = ip0->checksum;
199 /* old_l0 always 0, see the rewrite setup */
201 clib_host_to_net_u16 (vlib_buffer_length_in_chain (vm, b0));
203 sum0 = ip_csum_update (sum0, old_l0, new_l0, ip4_header_t,
204 length /* changed member */);
205 ip0->checksum = ip_csum_fold (sum0);
206 ip0->length = new_l0;
208 sum1 = ip1->checksum;
209 /* old_l1 always 0, see the rewrite setup */
211 clib_host_to_net_u16 (vlib_buffer_length_in_chain (vm, b1));
213 sum1 = ip_csum_update (sum1, old_l1, new_l1, ip4_header_t,
214 length /* changed member */);
215 ip1->checksum = ip_csum_fold (sum1);
216 ip1->length = new_l1;
219 udp0 = (udp_header_t *)(ip0+1);
220 new_l0 = clib_host_to_net_u16 (vlib_buffer_length_in_chain (vm, b0)
222 udp1 = (udp_header_t *)(ip1+1);
223 new_l1 = clib_host_to_net_u16 (vlib_buffer_length_in_chain (vm, b1)
226 udp0->length = new_l0;
227 udp0->src_port = flow_hash0;
229 udp1->length = new_l1;
230 udp1->src_port = flow_hash1;
232 /* Reset to look up tunnel partner in the configured FIB */
233 vnet_buffer(b0)->sw_if_index[VLIB_TX] = t0->encap_fib_index;
234 vnet_buffer(b1)->sw_if_index[VLIB_TX] = t1->encap_fib_index;
235 vnet_buffer(b0)->sw_if_index[VLIB_RX] = sw_if_index0;
236 vnet_buffer(b1)->sw_if_index[VLIB_RX] = sw_if_index1;
237 pkts_encapsulated += 2;
239 len0 = vlib_buffer_length_in_chain (vm, b0);
240 len1 = vlib_buffer_length_in_chain (vm, b0);
241 stats_n_packets += 2;
242 stats_n_bytes += len0 + len1;
244 /* Batch stats increment on the same vxlan tunnel so counter is not
245 incremented per packet. Note stats are still incremented for deleted
246 and admin-down tunnel where packets are dropped. It is not worthwhile
247 to check for this rare case and affect normal path performance. */
248 if (PREDICT_FALSE ((sw_if_index0 != stats_sw_if_index) ||
249 (sw_if_index0 != stats_sw_if_index)))
251 stats_n_packets -= 2;
252 stats_n_bytes -= len0 + len1;
253 if (sw_if_index0 == sw_if_index1)
256 vlib_increment_combined_counter
257 (im->combined_sw_if_counters + VNET_INTERFACE_COUNTER_TX,
258 cpu_index, stats_sw_if_index,
259 stats_n_packets, stats_n_bytes);
260 stats_sw_if_index = sw_if_index0;
262 stats_n_bytes = len0 + len1;
266 vlib_increment_combined_counter
267 (im->combined_sw_if_counters + VNET_INTERFACE_COUNTER_TX,
268 cpu_index, sw_if_index0, 1, len0);
269 vlib_increment_combined_counter
270 (im->combined_sw_if_counters + VNET_INTERFACE_COUNTER_TX,
271 cpu_index, sw_if_index1, 1, len1);
275 if (PREDICT_FALSE(b0->flags & VLIB_BUFFER_IS_TRACED))
277 vxlan_encap_trace_t *tr =
278 vlib_add_trace (vm, node, b0, sizeof (*tr));
279 tr->tunnel_index = t0 - vxm->tunnels;
283 if (PREDICT_FALSE(b1->flags & VLIB_BUFFER_IS_TRACED))
285 vxlan_encap_trace_t *tr =
286 vlib_add_trace (vm, node, b1, sizeof (*tr));
287 tr->tunnel_index = t1 - vxm->tunnels;
291 vlib_validate_buffer_enqueue_x2 (vm, node, next_index,
292 to_next, n_left_to_next,
293 bi0, bi1, next0, next1);
296 while (n_left_from > 0 && n_left_to_next > 0)
301 u32 next0 = VXLAN_ENCAP_NEXT_IP4_LOOKUP;
302 u32 sw_if_index0, len0;
303 vnet_hw_interface_t * hi0;
306 u64 * copy_src0, * copy_dst0;
307 u32 * copy_src_last0, * copy_dst_last0;
319 b0 = vlib_get_buffer (vm, bi0);
321 flow_hash0 = vnet_l2_compute_flow_hash(b0);
324 sw_if_index0 = vnet_buffer(b0)->sw_if_index[VLIB_TX];
325 hi0 = vnet_get_sup_hw_interface (vnm, sw_if_index0);
327 t0 = &vxm->tunnels[hi0->dev_instance];
329 /* Check rewrite string and drop packet if tunnel is deleted */
330 if (PREDICT_FALSE(t0->rewrite == vxlan_dummy_rewrite))
332 next0 = VXLAN_ENCAP_NEXT_DROP;
333 b0->error = node->errors[VXLAN_ENCAP_ERROR_DEL_TUNNEL];
334 pkts_encapsulated --;
335 } /* Still go through normal encap with dummy rewrite */
337 /* IP4 VXLAN header sizeof(ip4_vxlan_header_t) should be 36 octects */
338 ASSERT(vec_len(t0->rewrite) == 36);
340 /* Apply the rewrite string. $$$$ vnet_rewrite? */
341 vlib_buffer_advance (b0, -(word)_vec_len(t0->rewrite));
343 ip0 = vlib_buffer_get_current(b0);
344 /* Copy the fixed header */
345 copy_dst0 = (u64 *) ip0;
346 copy_src0 = (u64 *) t0->rewrite;
348 /* Copy first 32 octets 8-bytes at a time */
349 #define _(offs) copy_dst0[offs] = copy_src0[offs];
350 foreach_fixed_header_offset;
352 /* Last 4 octets. Hopefully gcc will be our friend */
353 copy_dst_last0 = (u32 *)(©_dst0[4]);
354 copy_src_last0 = (u32 *)(©_src0[4]);
356 copy_dst_last0[0] = copy_src_last0[0];
358 /* fix the <bleep>ing outer-IP checksum */
359 sum0 = ip0->checksum;
360 /* old_l0 always 0, see the rewrite setup */
362 clib_host_to_net_u16 (vlib_buffer_length_in_chain (vm, b0));
364 sum0 = ip_csum_update (sum0, old_l0, new_l0, ip4_header_t,
365 length /* changed member */);
366 ip0->checksum = ip_csum_fold (sum0);
367 ip0->length = new_l0;
370 udp0 = (udp_header_t *)(ip0+1);
371 new_l0 = clib_host_to_net_u16 (vlib_buffer_length_in_chain (vm, b0)
374 udp0->length = new_l0;
375 udp0->src_port = flow_hash0;
377 /* Reset to look up tunnel partner in the configured FIB */
378 vnet_buffer(b0)->sw_if_index[VLIB_TX] = t0->encap_fib_index;
379 vnet_buffer(b0)->sw_if_index[VLIB_RX] = sw_if_index0;
380 pkts_encapsulated ++;
382 len0 = vlib_buffer_length_in_chain (vm, b0);
383 stats_n_packets += 1;
384 stats_n_bytes += len0;
386 /* Batch stats increment on the same vxlan tunnel so counter is not
387 incremented per packet. Note stats are still incremented for deleted
388 and admin-down tunnel where packets are dropped. It is not worthwhile
389 to check for this rare case and affect normal path performance. */
390 if (PREDICT_FALSE (sw_if_index0 != stats_sw_if_index))
392 stats_n_packets -= 1;
393 stats_n_bytes -= len0;
395 vlib_increment_combined_counter
396 (im->combined_sw_if_counters + VNET_INTERFACE_COUNTER_TX,
397 cpu_index, stats_sw_if_index,
398 stats_n_packets, stats_n_bytes);
400 stats_n_bytes = len0;
401 stats_sw_if_index = sw_if_index0;
404 if (PREDICT_FALSE(b0->flags & VLIB_BUFFER_IS_TRACED))
406 vxlan_encap_trace_t *tr =
407 vlib_add_trace (vm, node, b0, sizeof (*tr));
408 tr->tunnel_index = t0 - vxm->tunnels;
411 vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
412 to_next, n_left_to_next,
416 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
419 /* Do we still need this now that tunnel tx stats is kept? */
420 vlib_node_increment_counter (vm, node->node_index,
421 VXLAN_ENCAP_ERROR_ENCAPSULATED,
424 /* Increment any remaining batch stats */
427 vlib_increment_combined_counter
428 (im->combined_sw_if_counters + VNET_INTERFACE_COUNTER_TX,
429 cpu_index, stats_sw_if_index, stats_n_packets, stats_n_bytes);
430 node->runtime_data[0] = stats_sw_if_index;
433 return from_frame->n_vectors;
436 VLIB_REGISTER_NODE (vxlan_encap_node) = {
437 .function = vxlan_encap,
438 .name = "vxlan-encap",
439 .vector_size = sizeof (u32),
440 .format_trace = format_vxlan_encap_trace,
441 .type = VLIB_NODE_TYPE_INTERNAL,
443 .n_errors = ARRAY_LEN(vxlan_encap_error_strings),
444 .error_strings = vxlan_encap_error_strings,
446 .n_next_nodes = VXLAN_ENCAP_N_NEXT,
449 [VXLAN_ENCAP_NEXT_IP4_LOOKUP] = "ip4-lookup",
450 [VXLAN_ENCAP_NEXT_DROP] = "error-drop",