return bm->cpu_cps * ((f64) us / USEC_PER_SECOND);
}
-static u32
+u32
bfd_clocks_to_usec (const bfd_main_t * bm, u64 clocks)
{
return (clocks / bm->cpu_cps) * USEC_PER_SECOND;
static vlib_node_registration_t bfd_process_node;
-/* set to 0 here, real values filled at startup */
-static u32 bfd_node_index_by_transport[] = {
-#define F(t, n) [BFD_TRANSPORT_##t] = 0,
- foreach_bfd_transport (F)
-#undef F
-};
-
-static u8 *
+u8 *
format_bfd_auth_key (u8 * s, va_list * args)
{
const bfd_auth_key_t *key = va_arg (*args, bfd_auth_key_t *);
bs->local_diag = BFD_DIAG_CODE_no_diag;
bs->remote_state = BFD_STATE_down;
bs->remote_discr = 0;
+ bs->hop_type = BFD_HOP_TYPE_SINGLE;
bs->config_desired_min_tx_usec = BFD_DEFAULT_DESIRED_MIN_TX_USEC;
bs->config_desired_min_tx_clocks = bm->default_desired_min_tx_clocks;
bs->effective_desired_min_tx_clocks = bm->default_desired_min_tx_clocks;
}
}
-static const char *
+const char *
bfd_poll_state_string (bfd_poll_state_e state)
{
switch (state)
static void
bfd_recalc_detection_time (bfd_main_t * bm, bfd_session_t * bs)
{
- bs->detection_time_clocks =
- bs->remote_detect_mult * clib_max (bs->effective_required_min_rx_clocks,
- bs->remote_desired_min_tx_clocks);
- BFD_DBG ("Recalculated detection time %lu clocks/%.2fs",
- bs->detection_time_clocks,
- bs->detection_time_clocks / bm->cpu_cps);
+ if (bs->local_state == BFD_STATE_init || bs->local_state == BFD_STATE_up)
+ {
+ bs->detection_time_clocks =
+ bs->remote_detect_mult *
+ clib_max (bs->effective_required_min_rx_clocks,
+ bs->remote_desired_min_tx_clocks);
+ BFD_DBG ("Recalculated detection time %lu clocks/%.2fs",
+ bs->detection_time_clocks,
+ bs->detection_time_clocks / bm->cpu_cps);
+ }
}
static void
{
rx_timeout = bs->last_rx_clocks + bs->detection_time_clocks;
}
- if (BFD_STATE_up != bs->local_state || !bs->remote_demand ||
+ if (BFD_STATE_up != bs->local_state ||
+ (!bs->remote_demand && bs->remote_min_rx_usec) ||
BFD_POLL_NOT_NEEDED != bs->poll_state)
{
tx_timeout = bs->tx_timeout_clocks;
static void
bfd_set_effective_required_min_rx (bfd_main_t * bm,
- bfd_session_t * bs, u64 now,
+ bfd_session_t * bs,
u64 required_min_rx_clocks)
{
bs->effective_required_min_rx_clocks = required_min_rx_clocks;
}
}
+static void
+bfd_notify_listeners (bfd_main_t * bm,
+ bfd_listen_event_e event, const bfd_session_t * bs)
+{
+ bfd_notify_fn_t *fn;
+ vec_foreach (fn, bm->listeners)
+ {
+ (*fn) (event, bs);
+ }
+}
+
void
bfd_session_start (bfd_main_t * bm, bfd_session_t * bs)
{
BFD_DBG ("\nStarting session: %U", format_bfd_session, bs);
+ bfd_set_effective_required_min_rx (bm, bs,
+ bs->config_required_min_rx_clocks);
bfd_recalc_tx_interval (bm, bs);
vlib_process_signal_event (bm->vlib_main, bm->bfd_process_node_index,
BFD_EVENT_NEW_SESSION, bs->bs_idx);
-}
-
-vnet_api_error_t
-bfd_del_session (uword bs_idx)
-{
- const bfd_main_t *bm = &bfd_main;
- if (!pool_is_free_index (bm->sessions, bs_idx))
- {
- bfd_session_t *bs = pool_elt_at_index (bm->sessions, bs_idx);
- pool_put (bm->sessions, bs);
- return 0;
- }
- else
- {
- BFD_ERR ("no such session");
- return VNET_API_ERROR_BFD_ENOENT;
- }
- return 0;
+ bfd_notify_listeners (bm, BFD_LISTEN_EVENT_CREATE, bs);
}
void
bfd_session_set_flags (bfd_session_t * bs, u8 admin_up_down)
{
bfd_main_t *bm = &bfd_main;
+ u64 now = clib_cpu_time_now ();
if (admin_up_down)
{
BFD_DBG ("Session set admin-up, bs-idx=%u", bs->bs_idx);
bfd_set_state (bm, bs, BFD_STATE_down, 0);
bfd_set_diag (bs, BFD_DIAG_CODE_no_diag);
+ bfd_calc_next_tx (bm, bs, now);
+ bfd_set_timer (bm, bs, now, 0);
}
else
{
BFD_DBG ("Session set admin-down, bs-idx=%u", bs->bs_idx);
bfd_set_diag (bs, BFD_DIAG_CODE_admin_down);
bfd_set_state (bm, bs, BFD_STATE_admin_down, 0);
+ bfd_calc_next_tx (bm, bs, now);
+ bfd_set_timer (bm, bs, now, 0);
}
}
clib_max
(bs->config_desired_min_tx_clocks,
bm->default_desired_min_tx_clocks));
- bfd_set_effective_required_min_rx (bm, bs, now,
+ bfd_set_effective_required_min_rx (bm, bs,
bs->config_required_min_rx_clocks);
bfd_set_timer (bm, bs, now, handling_wakeup);
break;
clib_max
(bs->config_desired_min_tx_clocks,
bm->default_desired_min_tx_clocks));
- bfd_set_effective_required_min_rx (bm, bs, now,
+ bfd_set_effective_required_min_rx (bm, bs,
bs->config_required_min_rx_clocks);
bfd_set_timer (bm, bs, now, handling_wakeup);
break;
bs->config_desired_min_tx_clocks);
if (BFD_POLL_NOT_NEEDED == bs->poll_state)
{
- bfd_set_effective_required_min_rx (bm, bs, now,
+ bfd_set_effective_required_min_rx (bm, bs,
bs->config_required_min_rx_clocks);
}
bfd_set_timer (bm, bs, now, handling_wakeup);
break;
}
+ bfd_notify_listeners (bm, BFD_LISTEN_EVENT_UPDATE, bs);
}
static void
}
static void
-bfd_add_transport_layer (vlib_main_t * vm, vlib_buffer_t * b,
- bfd_session_t * bs)
+bfd_add_transport_layer (vlib_main_t * vm, u32 bi, bfd_session_t * bs)
{
switch (bs->transport)
{
case BFD_TRANSPORT_UDP4:
BFD_DBG ("Transport bfd via udp4, bs_idx=%u", bs->bs_idx);
- bfd_add_udp4_transport (vm, b, bs, 0 /* is_echo */ );
+ bfd_add_udp4_transport (vm, bi, bs, 0 /* is_echo */ );
break;
case BFD_TRANSPORT_UDP6:
BFD_DBG ("Transport bfd via udp6, bs_idx=%u", bs->bs_idx);
- bfd_add_udp6_transport (vm, b, bs, 0 /* is_echo */ );
+ bfd_add_udp6_transport (vm, bi, bs, 0 /* is_echo */ );
break;
}
}
static int
-bfd_echo_add_transport_layer (vlib_main_t * vm, vlib_buffer_t * b,
- bfd_session_t * bs)
+bfd_transport_control_frame (vlib_main_t * vm, u32 bi, bfd_session_t * bs)
+{
+ switch (bs->transport)
+ {
+ case BFD_TRANSPORT_UDP4:
+ BFD_DBG ("Transport bfd via udp4, bs_idx=%u", bs->bs_idx);
+ return bfd_transport_udp4 (vm, bi, bs);
+ break;
+ case BFD_TRANSPORT_UDP6:
+ BFD_DBG ("Transport bfd via udp6, bs_idx=%u", bs->bs_idx);
+ return bfd_transport_udp6 (vm, bi, bs);
+ break;
+ }
+ return 0;
+}
+
+static int
+bfd_echo_add_transport_layer (vlib_main_t * vm, u32 bi, bfd_session_t * bs)
{
switch (bs->transport)
{
case BFD_TRANSPORT_UDP4:
BFD_DBG ("Transport bfd echo via udp4, bs_idx=%u", bs->bs_idx);
- return bfd_add_udp4_transport (vm, b, bs, 1 /* is_echo */ );
+ return bfd_add_udp4_transport (vm, bi, bs, 1 /* is_echo */ );
break;
case BFD_TRANSPORT_UDP6:
BFD_DBG ("Transport bfd echo via udp6, bs_idx=%u", bs->bs_idx);
- return bfd_add_udp6_transport (vm, b, bs, 1 /* is_echo */ );
+ return bfd_add_udp6_transport (vm, bi, bs, 1 /* is_echo */ );
break;
}
return 0;
}
-static void
-bfd_create_frame_to_next_node (vlib_main_t * vm, bfd_session_t * bs, u32 bi)
+static int
+bfd_transport_echo (vlib_main_t * vm, u32 bi, bfd_session_t * bs)
{
-
- vlib_frame_t *f =
- vlib_get_frame_to_node (vm, bfd_node_index_by_transport[bs->transport]);
-
- u32 *to_next = vlib_frame_vector_args (f);
- to_next[0] = bi;
- f->n_vectors = 1;
- vlib_put_frame_to_node (vm, bfd_node_index_by_transport[bs->transport], f);
+ switch (bs->transport)
+ {
+ case BFD_TRANSPORT_UDP4:
+ BFD_DBG ("Transport bfd echo via udp4, bs_idx=%u", bs->bs_idx);
+ return bfd_transport_udp4 (vm, bi, bs);
+ break;
+ case BFD_TRANSPORT_UDP6:
+ BFD_DBG ("Transport bfd echo via udp6, bs_idx=%u", bs->bs_idx);
+ return bfd_transport_udp6 (vm, bi, bs);
+ break;
+ }
+ return 0;
}
#if WITH_LIBSSL > 0
bfd_pkt_set_diag_code (pkt, bs->local_diag);
bfd_pkt_set_state (pkt, bs->local_state);
pkt->head.detect_mult = bs->local_detect_mult;
- pkt->head.length = clib_host_to_net_u32 (bfd_length);
+ pkt->head.length = bfd_length;
pkt->my_disc = bs->local_discr;
pkt->your_disc = bs->remote_discr;
pkt->des_min_tx = clib_host_to_net_u32 (bs->config_desired_min_tx_usec);
static void
bfd_send_echo (vlib_main_t * vm, vlib_node_runtime_t * rt,
- bfd_main_t * bm, bfd_session_t * bs, u64 now,
- int handling_wakeup)
+ bfd_main_t * bm, bfd_session_t * bs, u64 now)
{
if (!bfd_is_echo_possible (bs))
{
bs->echo = 0;
return;
}
- /* sometimes the wheel expires an event a bit sooner than requested, account
+ /* sometimes the wheel expires an event a bit sooner than requested,
+ account
for that here */
if (now + bm->wheel_inaccuracy >= bs->echo_tx_timeout_clocks)
{
}
vlib_buffer_t *b = vlib_get_buffer (vm, bi);
ASSERT (b->current_data == 0);
+ memset (vnet_buffer (b), 0, sizeof (*vnet_buffer (b)));
+ VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b);
bfd_echo_pkt_t *pkt = vlib_buffer_get_current (b);
memset (pkt, 0, sizeof (*pkt));
pkt->discriminator = bs->local_discr;
bfd_calc_echo_checksum (bs->local_discr, pkt->expire_time_clocks,
bs->echo_secret);
b->current_length = sizeof (*pkt);
- if (!bfd_echo_add_transport_layer (vm, b, bs))
+ if (!bfd_echo_add_transport_layer (vm, bi, bs))
+ {
+ BFD_ERR ("cannot send echo packet out, turning echo off");
+ bs->echo = 0;
+ vlib_buffer_free_one (vm, bi);
+ return;
+ }
+ if (!bfd_transport_echo (vm, bi, bs))
{
BFD_ERR ("cannot send echo packet out, turning echo off");
bs->echo = 0;
}
bs->echo_last_tx_clocks = now;
bfd_calc_next_echo_tx (bm, bs, now);
- bfd_create_frame_to_next_node (vm, bs, bi);
}
else
{
static void
bfd_send_periodic (vlib_main_t * vm, vlib_node_runtime_t * rt,
- bfd_main_t * bm, bfd_session_t * bs, u64 now,
- int handling_wakeup)
+ bfd_main_t * bm, bfd_session_t * bs, u64 now)
{
if (!bs->remote_min_rx_usec && BFD_POLL_NOT_NEEDED == bs->poll_state)
{
BFD_DBG ("Remote demand is set, not sending periodic control frame");
return;
}
- /* sometimes the wheel expires an event a bit sooner than requested, account
- for that here */
+ /*
+ * sometimes the wheel expires an event a bit sooner than requested, account
+ * for that here
+ */
if (now + bm->wheel_inaccuracy >= bs->tx_timeout_clocks)
{
BFD_DBG ("\nSending periodic control frame: %U", format_bfd_session,
}
vlib_buffer_t *b = vlib_get_buffer (vm, bi);
ASSERT (b->current_data == 0);
+ memset (vnet_buffer (b), 0, sizeof (*vnet_buffer (b)));
+ VLIB_BUFFER_TRACE_TRAJECTORY_INIT (b);
bfd_init_control_frame (bm, bs, b);
switch (bs->poll_state)
{
break;
}
bfd_add_auth_section (b, bs);
- bfd_add_transport_layer (vm, b, bs);
+ bfd_add_transport_layer (vm, bi, bs);
+ if (!bfd_transport_control_frame (vm, bi, bs))
+ {
+ vlib_buffer_free_one (vm, bi);
+ }
bs->last_tx_clocks = now;
bfd_calc_next_tx (bm, bs, now);
- bfd_create_frame_to_next_node (vm, bs, bi);
}
else
{
void
bfd_init_final_control_frame (vlib_main_t * vm, vlib_buffer_t * b,
- bfd_main_t * bm, bfd_session_t * bs)
+ bfd_main_t * bm, bfd_session_t * bs,
+ int is_local)
{
BFD_DBG ("Send final control frame for bs_idx=%lu", bs->bs_idx);
bfd_init_control_frame (bm, bs, b);
bfd_pkt_set_final (vlib_buffer_get_current (b));
bfd_add_auth_section (b, bs);
- bfd_add_transport_layer (vm, b, bs);
+ u32 bi = vlib_get_buffer_index (vm, b);
+ bfd_add_transport_layer (vm, bi, bs);
bs->last_tx_clocks = clib_cpu_time_now ();
/*
* RFC allows to include changes in final frame, so if there were any
bfd_check_rx_timeout (bfd_main_t * bm, bfd_session_t * bs, u64 now,
int handling_wakeup)
{
- /* sometimes the wheel expires an event a bit sooner than requested, account
- for that here */
+ /*
+ * sometimes the wheel expires an event a bit sooner than requested, account
+ * for that here
+ */
if (bs->last_rx_clocks + bs->detection_time_clocks <=
now + bm->wheel_inaccuracy)
{
switch (bs->local_state)
{
case BFD_STATE_admin_down:
- bfd_send_periodic (vm, rt, bm, bs, now, 1);
+ bfd_send_periodic (vm, rt, bm, bs, now);
break;
case BFD_STATE_down:
- bfd_send_periodic (vm, rt, bm, bs, now, 1);
+ bfd_send_periodic (vm, rt, bm, bs, now);
break;
case BFD_STATE_init:
bfd_check_rx_timeout (bm, bs, now, 1);
- bfd_send_periodic (vm, rt, bm, bs, now, 1);
+ bfd_send_periodic (vm, rt, bm, bs, now);
break;
case BFD_STATE_up:
bfd_check_rx_timeout (bm, bs, now, 1);
bs->echo = 1;
bs->echo_last_rx_clocks = now;
bs->echo_tx_timeout_clocks = now;
- bfd_set_effective_required_min_rx (bm, bs, now,
+ bfd_set_effective_required_min_rx (bm, bs,
clib_max
(bm->min_required_min_rx_while_echo_clocks,
bs->config_required_min_rx_clocks));
bfd_set_poll_state (bs, BFD_POLL_NEEDED);
}
- bfd_send_periodic (vm, rt, bm, bs, now, 1);
+ bfd_send_periodic (vm, rt, bm, bs, now);
if (bs->echo)
{
- bfd_send_echo (vm, rt, bm, bs, now, 1);
+ bfd_send_echo (vm, rt, bm, bs, now);
}
break;
}
{
bfd_session_t *bs =
pool_elt_at_index (bm->sessions, *event_data);
- bfd_send_periodic (vm, rt, bm, bs, now, 1);
+ bfd_send_periodic (vm, rt, bm, bs, now);
+ bfd_set_timer (bm, bs, now, 1);
}
else
{
VNET_HW_INTERFACE_LINK_UP_DOWN_FUNCTION (bfd_hw_interface_up_down);
+void
+bfd_register_listener (bfd_notify_fn_t fn)
+{
+ bfd_main_t *bm = &bfd_main;
+
+ vec_add1 (bm->listeners, fn);
+}
+
/*
* setup function
*/
const u64 now = clib_cpu_time_now ();
timing_wheel_init (&bm->wheel, now, bm->cpu_cps);
bm->wheel_inaccuracy = 2 << bm->wheel.log2_clocks_per_bin;
-
- vlib_node_t *node = NULL;
-#define F(t, n) \
- node = vlib_get_node_by_name (vm, (u8 *)n); \
- bfd_node_index_by_transport[BFD_TRANSPORT_##t] = node->index; \
- BFD_DBG ("node '%s' has index %u", n, node->index);
- foreach_bfd_transport (F);
-#undef F
return 0;
}
void
bfd_put_session (bfd_main_t * bm, bfd_session_t * bs)
{
+ bfd_notify_listeners (bm, BFD_LISTEN_EVENT_DELETE, bs);
if (bs->auth.curr_key)
{
--bs->auth.curr_key->use_count;
bfd_consume_pkt (bfd_main_t * bm, const bfd_pkt_t * pkt, u32 bs_idx)
{
bfd_session_t *bs = bfd_find_session_by_idx (bm, bs_idx);
- if (!bs)
+ if (!bs || (pkt->your_disc && pkt->your_disc != bs->local_discr))
{
return;
}
bs->remote_discr = pkt->my_disc;
bs->remote_state = bfd_pkt_get_state (pkt);
bs->remote_demand = bfd_pkt_get_demand (pkt);
+ bs->remote_diag = bfd_pkt_get_diag_code (pkt);
u64 now = clib_cpu_time_now ();
bs->last_rx_clocks = now;
if (bfd_pkt_get_auth_present (pkt))
bfd_set_remote_required_min_echo_rx (bm, bs, now,
clib_net_to_host_u32
(pkt->req_min_echo_rx));
- /* FIXME 6.8.2 */
- /* FIXME 6.8.4 */
if (bfd_pkt_get_final (pkt))
{
if (BFD_POLL_IN_PROGRESS == bs->poll_state)
bfd_set_poll_state (bs, BFD_POLL_NOT_NEEDED);
if (BFD_STATE_up == bs->local_state)
{
- bfd_set_effective_required_min_rx (bm, bs, now,
+ bfd_set_effective_required_min_rx (bm, bs,
clib_max (bs->echo *
bm->min_required_min_rx_while_echo_clocks,
bs->config_required_min_rx_clocks));
{
if (BFD_STATE_down == bs->remote_state)
{
+ bfd_set_diag (bs, BFD_DIAG_CODE_no_diag);
bfd_set_state (bm, bs, BFD_STATE_init, 0);
}
else if (BFD_STATE_init == bs->remote_state)
{
+ bfd_set_diag (bs, BFD_DIAG_CODE_no_diag);
bfd_set_state (bm, bs, BFD_STATE_up, 0);
}
}
if (BFD_STATE_up == bs->remote_state ||
BFD_STATE_init == bs->remote_state)
{
+ bfd_set_diag (bs, BFD_DIAG_CODE_no_diag);
bfd_set_state (bm, bs, BFD_STATE_up, 0);
}
}
return 0;
}
+vnet_api_error_t
+bfd_auth_set_key (u32 conf_key_id, u8 auth_type, u8 key_len,
+ const u8 * key_data)
+{
+#if WITH_LIBSSL > 0
+ bfd_auth_key_t *auth_key = NULL;
+ if (!key_len || key_len > bfd_max_key_len_for_auth_type (auth_type))
+ {
+ clib_warning ("Invalid authentication key length for auth_type=%d:%s "
+ "(key_len=%u, must be "
+ "non-zero, expected max=%u)",
+ auth_type, bfd_auth_type_str (auth_type), key_len,
+ (u32) bfd_max_key_len_for_auth_type (auth_type));
+ return VNET_API_ERROR_INVALID_VALUE;
+ }
+ if (!bfd_auth_type_supported (auth_type))
+ {
+ clib_warning ("Unsupported auth type=%d:%s", auth_type,
+ bfd_auth_type_str (auth_type));
+ return VNET_API_ERROR_BFD_NOTSUPP;
+ }
+ bfd_main_t *bm = &bfd_main;
+ uword *key_idx_p = hash_get (bm->auth_key_by_conf_key_id, conf_key_id);
+ if (key_idx_p)
+ {
+ /* modifying existing key - must not be used */
+ const uword key_idx = *key_idx_p;
+ auth_key = pool_elt_at_index (bm->auth_keys, key_idx);
+ if (auth_key->use_count > 0)
+ {
+ clib_warning ("Authentication key with conf ID %u in use by %u BFD "
+ "session(s) - cannot modify",
+ conf_key_id, auth_key->use_count);
+ return VNET_API_ERROR_BFD_EINUSE;
+ }
+ }
+ else
+ {
+ /* adding new key */
+ pool_get (bm->auth_keys, auth_key);
+ auth_key->conf_key_id = conf_key_id;
+ hash_set (bm->auth_key_by_conf_key_id, conf_key_id,
+ auth_key - bm->auth_keys);
+ }
+ auth_key->auth_type = auth_type;
+ memset (auth_key->key, 0, sizeof (auth_key->key));
+ clib_memcpy (auth_key->key, key_data, key_len);
+ return 0;
+#else
+ clib_warning ("SSL missing, cannot manipulate authentication keys");
+ return VNET_API_ERROR_BFD_NOTSUPP;
+#endif
+}
+
+vnet_api_error_t
+bfd_auth_del_key (u32 conf_key_id)
+{
+#if WITH_LIBSSL > 0
+ bfd_auth_key_t *auth_key = NULL;
+ bfd_main_t *bm = &bfd_main;
+ uword *key_idx_p = hash_get (bm->auth_key_by_conf_key_id, conf_key_id);
+ if (key_idx_p)
+ {
+ /* deleting existing key - must not be used */
+ const uword key_idx = *key_idx_p;
+ auth_key = pool_elt_at_index (bm->auth_keys, key_idx);
+ if (auth_key->use_count > 0)
+ {
+ clib_warning ("Authentication key with conf ID %u in use by %u BFD "
+ "session(s) - cannot delete",
+ conf_key_id, auth_key->use_count);
+ return VNET_API_ERROR_BFD_EINUSE;
+ }
+ hash_unset (bm->auth_key_by_conf_key_id, conf_key_id);
+ memset (auth_key, 0, sizeof (*auth_key));
+ pool_put (bm->auth_keys, auth_key);
+ }
+ else
+ {
+ /* no such key */
+ clib_warning ("Authentication key with conf ID %u does not exist",
+ conf_key_id);
+ return VNET_API_ERROR_BFD_ENOENT;
+ }
+ return 0;
+#else
+ clib_warning ("SSL missing, cannot manipulate authentication keys");
+ return VNET_API_ERROR_BFD_NOTSUPP;
+#endif
+}
+
bfd_main_t bfd_main;
/*