#include <vlib/buffer.h>
#include <vnet/ip/format.h>
#include <vnet/ethernet/packet.h>
+#include <vnet/udp/udp_local.h>
#include <vnet/udp/udp_packet.h>
-#include <vnet/udp/udp.h>
#include <vnet/ip/lookup.h>
#include <vnet/ip/icmp46_packet.h>
#include <vnet/ip/ip4.h>
#include <vnet/dpo/receive_dpo.h>
#include <vnet/fib/fib_entry.h>
#include <vnet/fib/fib_table.h>
+#include <vlib/stats/stats.h>
#include <vnet/bfd/bfd_debug.h>
#include <vnet/bfd/bfd_udp.h>
#include <vnet/bfd/bfd_main.h>
vlib_log_class_t log_class;
/* number of active udp4 sessions */
u32 udp4_sessions_count;
+ u32 udp4_sessions_count_stat_seg_entry;
/* number of active udp6 sessions */
u32 udp6_sessions_count;
+ u32 udp6_sessions_count_stat_seg_entry;
} bfd_udp_main_t;
static vlib_node_registration_t bfd_udp4_input_node;
bfd_udp_main_t bfd_udp_main;
+void
+bfd_udp_update_stat_segment_entry (u32 entry, u64 value)
+{
+ vlib_stats_segment_lock ();
+ vlib_stats_set_gauge (entry, value);
+ vlib_stats_segment_unlock ();
+}
+
vnet_api_error_t
bfd_udp_set_echo_source (u32 sw_if_index)
{
}
vnet_api_error_t
-bfd_udp_del_echo_source (u32 sw_if_index)
+bfd_udp_del_echo_source ()
{
bfd_udp_main.echo_source_sw_if_index = ~0;
bfd_udp_main.echo_source_is_set = 0;
}
static void
-bfd_create_frame_to_next_node (vlib_main_t * vm, u32 bi, u32 next_node)
+bfd_create_frame_to_next_node (vlib_main_t *vm, bfd_main_t *bm,
+ const bfd_session_t *bs, u32 bi, u32 next_node,
+ vlib_combined_counter_main_t *tx_counter)
{
vlib_frame_t *f = vlib_get_frame_to_node (vm, next_node);
u32 *to_next = vlib_frame_vector_args (f);
to_next[0] = bi;
f->n_vectors = 1;
vlib_put_frame_to_node (vm, next_node, f);
+ vlib_buffer_t *b = vlib_get_buffer (vm, bi);
+ vlib_increment_combined_counter (tx_counter, vm->thread_index, bs->bs_idx, 1,
+ vlib_buffer_length_in_chain (vm, b));
}
int
}
int
-bfd_transport_udp4 (vlib_main_t * vm, u32 bi, const struct bfd_session_s *bs)
+bfd_transport_udp4 (vlib_main_t *vm, u32 bi, const struct bfd_session_s *bs,
+ int is_echo)
{
u32 next_node;
int rv = bfd_udp_calc_next_node (bs, &next_node);
+ bfd_main_t *bm = bfd_udp_main.bfd_main;
if (rv)
{
- bfd_create_frame_to_next_node (vm, bi, next_node);
+ bfd_create_frame_to_next_node (vm, bm, bs, bi, next_node,
+ is_echo ? &bm->tx_echo_counter :
+ &bm->tx_counter);
}
return rv;
}
int
-bfd_transport_udp6 (vlib_main_t * vm, u32 bi, const struct bfd_session_s *bs)
+bfd_transport_udp6 (vlib_main_t *vm, u32 bi, const struct bfd_session_s *bs,
+ int is_echo)
{
u32 next_node;
int rv = bfd_udp_calc_next_node (bs, &next_node);
+ bfd_main_t *bm = bfd_udp_main.bfd_main;
if (rv)
{
- bfd_create_frame_to_next_node (vm, bi, next_node);
+ bfd_create_frame_to_next_node (
+ vm, bfd_udp_main.bfd_main, bs, bi, next_node,
+ is_echo ? &bm->tx_echo_counter : &bm->tx_counter);
}
return 1;
}
}
bfd_udp_session_t *bus = &bs->udp;
clib_memset (bus, 0, sizeof (*bus));
+ bus->adj_index = ADJ_INDEX_INVALID;
bfd_udp_key_t *key = &bus->key;
bfd_udp_key_init (key, sw_if_index, local_addr, peer_addr);
const bfd_session_t *tmp = bfd_lookup_session (bum, key);
&key->peer_addr, IP46_TYPE_ANY);
vlib_log_info (bum->log_class, "create BFD session: %U",
format_bfd_session, bs);
+ const ip46_address_t *peer =
+ (vnet_sw_interface_is_p2p (vnet_get_main (), key->sw_if_index) ?
+ &zero_addr :
+ &key->peer_addr);
if (BFD_TRANSPORT_UDP4 == t)
{
bus->adj_index = adj_nbr_add_or_lock (FIB_PROTOCOL_IP4, VNET_LINK_IP4,
- &key->peer_addr,
- key->sw_if_index);
+ peer, key->sw_if_index);
BFD_DBG ("adj_nbr_add_or_lock(FIB_PROTOCOL_IP4, VNET_LINK_IP4, %U, %d) "
- "returns %d", format_ip46_address, &key->peer_addr,
- IP46_TYPE_ANY, key->sw_if_index, bus->adj_index);
+ "returns %d",
+ format_ip46_address, peer, IP46_TYPE_ANY, key->sw_if_index,
+ bus->adj_index);
++bum->udp4_sessions_count;
+ bfd_udp_update_stat_segment_entry (
+ bum->udp4_sessions_count_stat_seg_entry, bum->udp4_sessions_count);
if (1 == bum->udp4_sessions_count)
{
udp_register_dst_port (vm, UDP_DST_PORT_bfd4,
else
{
bus->adj_index = adj_nbr_add_or_lock (FIB_PROTOCOL_IP6, VNET_LINK_IP6,
- &key->peer_addr,
- key->sw_if_index);
+ peer, key->sw_if_index);
BFD_DBG ("adj_nbr_add_or_lock(FIB_PROTOCOL_IP6, VNET_LINK_IP6, %U, %d) "
- "returns %d", format_ip46_address, &key->peer_addr,
- IP46_TYPE_ANY, key->sw_if_index, bus->adj_index);
+ "returns %d",
+ format_ip46_address, peer, IP46_TYPE_ANY, key->sw_if_index,
+ bus->adj_index);
++bum->udp6_sessions_count;
+ bfd_udp_update_stat_segment_entry (
+ bum->udp6_sessions_count_stat_seg_entry, bum->udp6_sessions_count);
if (1 == bum->udp6_sessions_count)
{
udp_register_dst_port (vm, UDP_DST_PORT_bfd6,
bfd_udp_main_t *bum = &bfd_udp_main;
vnet_sw_interface_t *sw_if =
vnet_get_sw_interface_or_null (bfd_udp_main.vnet_main, sw_if_index);
- u8 local_ip_valid = 0;
- ip_interface_address_t *ia = NULL;
if (!sw_if)
{
vlib_log_err (bum->log_class,
"IP family mismatch (local is ipv4, peer is ipv6)");
return VNET_API_ERROR_INVALID_ARGUMENT;
}
- ip4_main_t *im = &ip4_main;
-
- /* *INDENT-OFF* */
- foreach_ip_interface_address (
- &im->lookup_main, ia, sw_if_index, 0 /* honor unnumbered */, ({
- ip4_address_t *x =
- ip_interface_address_get_address (&im->lookup_main, ia);
- if (x->as_u32 == local_addr->ip4.as_u32)
- {
- /* valid address for this interface */
- local_ip_valid = 1;
- break;
- }
- }));
- /* *INDENT-ON* */
}
else
{
"IP family mismatch (local is ipv6, peer is ipv4)");
return VNET_API_ERROR_INVALID_ARGUMENT;
}
-
- if (ip6_address_is_link_local_unicast (&local_addr->ip6))
- {
- const ip6_address_t *ll_addr;
- ll_addr = ip6_get_link_local_address (sw_if_index);
- if (ip6_address_is_equal (ll_addr, &local_addr->ip6))
- {
- /* valid address for this interface */
- local_ip_valid = 1;
- }
- }
- else
- {
- ip6_main_t *im = &ip6_main;
- /* *INDENT-OFF* */
- foreach_ip_interface_address (
- &im->lookup_main, ia, sw_if_index, 0 /* honor unnumbered */, ({
- ip6_address_t *x =
- ip_interface_address_get_address (&im->lookup_main, ia);
- if (local_addr->ip6.as_u64[0] == x->as_u64[0] &&
- local_addr->ip6.as_u64[1] == x->as_u64[1])
- {
- /* valid address for this interface */
- local_ip_valid = 1;
- break;
- }
- }));
- /* *INDENT-ON* */
- }
- }
-
- if (!local_ip_valid)
- {
- vlib_log_err (bum->log_class,
- "local address %U not found on interface with index %u",
- format_ip46_address, local_addr, IP46_TYPE_ANY,
- sw_if_index);
- return VNET_API_ERROR_ADDRESS_NOT_FOUND_FOR_INTERFACE;
}
return 0;
static vnet_api_error_t
bfd_api_verify_common (u32 sw_if_index, u32 desired_min_tx_usec,
- u32 required_min_rx_usec, u8 detect_mult,
- const ip46_address_t * local_addr,
- const ip46_address_t * peer_addr)
+ u8 detect_mult, const ip46_address_t *local_addr,
+ const ip46_address_t *peer_addr)
{
bfd_udp_main_t *bum = &bfd_udp_main;
vnet_api_error_t rv =
{
bfd_udp_main_t *bum = &bfd_udp_main;
BFD_DBG ("free bfd-udp session, bs_idx=%d", bs->bs_idx);
+ bfd_session_stop (bum->bfd_main, bs);
mhash_unset (&bum->bfd_session_idx_by_bfd_key, &bs->udp.key, NULL);
adj_unlock (bs->udp.adj_index);
switch (bs->transport)
{
case BFD_TRANSPORT_UDP4:
--bum->udp4_sessions_count;
+ bfd_udp_update_stat_segment_entry (
+ bum->udp4_sessions_count_stat_seg_entry, bum->udp4_sessions_count);
if (!bum->udp4_sessions_count)
{
udp_unregister_dst_port (vm, UDP_DST_PORT_bfd4, 1);
break;
case BFD_TRANSPORT_UDP6:
--bum->udp6_sessions_count;
+ bfd_udp_update_stat_segment_entry (
+ bum->udp6_sessions_count_stat_seg_entry, bum->udp6_sessions_count);
if (!bum->udp6_sessions_count)
{
udp_unregister_dst_port (vm, UDP_DST_PORT_bfd6, 0);
bfd_put_session (bum->bfd_main, bs);
}
-vnet_api_error_t
-bfd_udp_add_session (u32 sw_if_index, const ip46_address_t * local_addr,
- const ip46_address_t * peer_addr,
- u32 desired_min_tx_usec, u32 required_min_rx_usec,
- u8 detect_mult, u8 is_authenticated, u32 conf_key_id,
- u8 bfd_key_id)
+static vnet_api_error_t
+bfd_udp_add_and_start_session (u32 sw_if_index,
+ const ip46_address_t *local_addr,
+ const ip46_address_t *peer_addr,
+ u32 desired_min_tx_usec,
+ u32 required_min_rx_usec, u8 detect_mult,
+ u8 is_authenticated, u32 conf_key_id,
+ u8 bfd_key_id)
{
- bfd_main_t *bm = &bfd_main;
- bfd_lock (bm);
-
- vnet_api_error_t rv =
- bfd_api_verify_common (sw_if_index, desired_min_tx_usec,
- required_min_rx_usec, detect_mult,
- local_addr, peer_addr);
bfd_session_t *bs = NULL;
- if (!rv)
- {
- rv =
- bfd_udp_add_session_internal (vlib_get_main (), &bfd_udp_main,
- sw_if_index, desired_min_tx_usec,
- required_min_rx_usec, detect_mult,
- local_addr, peer_addr, &bs);
- }
+ vnet_api_error_t rv;
+
+ rv = bfd_udp_add_session_internal (
+ vlib_get_main (), &bfd_udp_main, sw_if_index, desired_min_tx_usec,
+ required_min_rx_usec, detect_mult, local_addr, peer_addr, &bs);
+
if (!rv && is_authenticated)
{
-#if WITH_LIBSSL > 0
rv = bfd_auth_activate (bs, conf_key_id, bfd_key_id,
- 0 /* is not delayed */ );
-#else
- vlib_log_err (bfd_udp_main.log_class,
- "SSL missing, cannot add authenticated BFD session");
- rv = VNET_API_ERROR_BFD_NOTSUPP;
-#endif
+ 0 /* is not delayed */);
if (rv)
{
bfd_udp_del_session_internal (vlib_get_main (), bs);
bfd_session_start (bfd_udp_main.bfd_main, bs);
}
- bfd_unlock (bm);
return rv;
}
vnet_api_error_t
-bfd_udp_mod_session (u32 sw_if_index,
- const ip46_address_t * local_addr,
+bfd_udp_add_session (u32 sw_if_index, const ip46_address_t * local_addr,
const ip46_address_t * peer_addr,
- u32 desired_min_tx_usec,
+ u32 desired_min_tx_usec, u32 required_min_rx_usec,
+ u8 detect_mult, u8 is_authenticated, u32 conf_key_id,
+ u8 bfd_key_id)
+{
+ bfd_main_t *bm = &bfd_main;
+ bfd_lock (bm);
+
+ vnet_api_error_t rv = bfd_api_verify_common (
+ sw_if_index, desired_min_tx_usec, detect_mult, local_addr, peer_addr);
+
+ if (!rv)
+ rv = bfd_udp_add_and_start_session (
+ sw_if_index, local_addr, peer_addr, desired_min_tx_usec,
+ required_min_rx_usec, detect_mult, is_authenticated, conf_key_id,
+ bfd_key_id);
+
+ bfd_unlock (bm);
+ return rv;
+}
+
+vnet_api_error_t
+bfd_udp_upd_session (u32 sw_if_index, const ip46_address_t *local_addr,
+ const ip46_address_t *peer_addr, u32 desired_min_tx_usec,
+ u32 required_min_rx_usec, u8 detect_mult,
+ u8 is_authenticated, u32 conf_key_id, u8 bfd_key_id)
+{
+ bfd_main_t *bm = &bfd_main;
+ bfd_lock (bm);
+
+ vnet_api_error_t rv = bfd_api_verify_common (
+ sw_if_index, desired_min_tx_usec, detect_mult, local_addr, peer_addr);
+ if (!rv)
+ {
+ bfd_session_t *bs = NULL;
+
+ rv = bfd_udp_find_session_by_api_input (sw_if_index, local_addr,
+ peer_addr, &bs);
+ if (VNET_API_ERROR_BFD_ENOENT == rv)
+ rv = bfd_udp_add_and_start_session (
+ sw_if_index, local_addr, peer_addr, desired_min_tx_usec,
+ required_min_rx_usec, detect_mult, is_authenticated, conf_key_id,
+ bfd_key_id);
+ else
+ rv = bfd_session_set_params (bfd_udp_main.bfd_main, bs,
+ desired_min_tx_usec, required_min_rx_usec,
+ detect_mult);
+ }
+
+ bfd_unlock (bm);
+ return rv;
+}
+
+vnet_api_error_t
+bfd_udp_mod_session (u32 sw_if_index, const ip46_address_t *local_addr,
+ const ip46_address_t *peer_addr, u32 desired_min_tx_usec,
u32 required_min_rx_usec, u8 detect_mult)
{
bfd_session_t *bs = NULL;
bfd_lock (bm);
vnet_api_error_t error;
-#if WITH_LIBSSL > 0
bfd_session_t *bs = NULL;
vnet_api_error_t rv =
bfd_udp_find_session_by_api_input (sw_if_index, local_addr, peer_addr,
error = bfd_auth_activate (bs, conf_key_id, key_id, is_delayed);
bfd_unlock (bm);
return error;
-#else
- vlib_log_err (bfd_udp_main->log_class,
- "SSL missing, cannot activate BFD authentication");
- bfd_unlock (bm);
- return VNET_API_ERROR_BFD_NOTSUPP;
-#endif
}
vnet_api_error_t
{
/* sanity check first */
const i32 start = vnet_buffer (b)->l3_hdr_offset;
- if (start < 0 && start < sizeof (b->pre_data))
+ if (start < -(signed) sizeof (b->pre_data))
{
BFD_ERR ("Start of ip header is before pre_data, ignoring");
*ip4 = NULL;
}
static bfd_udp_error_t
-bfd_udp4_scan (vlib_main_t * vm, vlib_node_runtime_t * rt,
- vlib_buffer_t * b, bfd_session_t ** bs_out)
+bfd_udp4_scan (vlib_main_t *vm, vlib_buffer_t *b, bfd_session_t **bs_out)
{
const bfd_pkt_t *pkt = vlib_buffer_get_current (b);
if (sizeof (*pkt) > b->current_length)
{
/* sanity check first */
const i32 start = vnet_buffer (b)->l3_hdr_offset;
- if (start < 0 && start < sizeof (b->pre_data))
+ if (start < -(signed) sizeof (b->pre_data))
{
BFD_ERR ("Start of ip header is before pre_data, ignoring");
*ip6 = NULL;
}
static bfd_udp_error_t
-bfd_udp6_scan (vlib_main_t * vm, vlib_node_runtime_t * rt,
- vlib_buffer_t * b, bfd_session_t ** bs_out)
+bfd_udp6_scan (vlib_main_t *vm, vlib_buffer_t *b, bfd_session_t **bs_out)
{
const bfd_pkt_t *pkt = vlib_buffer_get_current (b);
if (sizeof (*pkt) > b->current_length)
/* If this pkt is traced, snapshot the data */
if (b0->flags & VLIB_BUFFER_IS_TRACED)
{
- int len;
+ u64 len;
t0 = vlib_add_trace (vm, rt, b0, sizeof (*t0));
len = (b0->current_length < sizeof (t0->data)) ? b0->current_length
: sizeof (t0->data);
bfd_lock (bm);
if (is_ipv6)
{
- error0 = bfd_udp6_scan (vm, rt, b0, &bs);
+ error0 = bfd_udp6_scan (vm, b0, &bs);
}
else
{
- error0 = bfd_udp4_scan (vm, rt, b0, &bs);
+ error0 = bfd_udp4_scan (vm, b0, &bs);
}
b0->error = rt->errors[error0];
next0 = BFD_UDP_INPUT_NEXT_NORMAL;
if (BFD_UDP_ERROR_NONE == error0)
{
+ vlib_increment_combined_counter (
+ &bm->rx_counter, vm->thread_index, bs->bs_idx, 1,
+ vlib_buffer_length_in_chain (vm, b0));
/*
* if everything went fine, check for poll bit, if present, re-use
* the buffer and based on (now updated) session parameters, send
{
b0->current_data = 0;
b0->current_length = 0;
- bfd_init_final_control_frame (vm, b0, bfd_udp_main.bfd_main, bs,
- 0);
+ bfd_init_final_control_frame (vm, b0, bs);
if (is_ipv6)
{
vlib_node_increment_counter (vm, bfd_udp6_input_node.index,
/* If this pkt is traced, snapshot the data */
if (b0->flags & VLIB_BUFFER_IS_TRACED)
{
- int len;
+ u64 len;
t0 = vlib_add_trace (vm, rt, b0, sizeof (*t0));
len = (b0->current_length < sizeof (t0->data)) ? b0->current_length
: sizeof (t0->data);
clib_memcpy_fast (t0->data, vlib_buffer_get_current (b0), len);
}
+ bfd_session_t *bs = NULL;
bfd_lock (bm);
- if (bfd_consume_echo_pkt (vm, bfd_udp_main.bfd_main, b0))
+ if ((bs = bfd_consume_echo_pkt (vm, bfd_udp_main.bfd_main, b0)))
{
b0->error = rt->errors[BFD_UDP_ERROR_NONE];
next0 = BFD_UDP_ECHO_INPUT_NEXT_NORMAL;
}
bfd_unlock (bm);
+
+ if (bs)
+ {
+ vlib_increment_combined_counter (
+ &bm->rx_echo_counter, vm->thread_index, bs->bs_idx, 1,
+ vlib_buffer_length_in_chain (vm, b0));
+ }
+
vlib_set_next_frame_buffer (vm, rt, next0, bi0);
from += 1;
/* *INDENT-ON* */
static clib_error_t *
-bfd_udp_sw_if_add_del (vnet_main_t * vnm, u32 sw_if_index, u32 is_create)
+bfd_udp_sw_if_add_del (CLIB_UNUSED (vnet_main_t *vnm), u32 sw_if_index,
+ u32 is_create)
{
- bfd_session_t **to_be_freed = NULL;
+ u32 *to_be_freed = NULL;
bfd_udp_main_t *bum = &bfd_udp_main;
BFD_DBG ("sw_if_add_del called, sw_if_index=%u, is_create=%u", sw_if_index,
is_create);
if (!is_create)
{
bfd_session_t *bs;
- pool_foreach (bs, bfd_udp_main.bfd_main->sessions,
- {
- if (bs->transport != BFD_TRANSPORT_UDP4 &&
- bs->transport != BFD_TRANSPORT_UDP6)
- {
- continue;}
- if (bs->udp.key.sw_if_index != sw_if_index)
- {
- continue;}
- vec_add1 (to_be_freed, bs);}
- );
- }
- bfd_session_t **bs;
- vec_foreach (bs, to_be_freed)
- {
- vlib_log_notice (bum->log_class,
- "removal of sw_if_index=%u forces removal of bfd session "
- "with bs_idx=%u", sw_if_index, (*bs)->bs_idx);
- bfd_session_set_flags (vlib_get_main (), *bs, 0);
- bfd_udp_del_session_internal (vlib_get_main (), *bs);
- }
+ pool_foreach (bs, bum->bfd_main->sessions)
+ {
+ if (bs->transport != BFD_TRANSPORT_UDP4 &&
+ bs->transport != BFD_TRANSPORT_UDP6)
+ {
+ continue;
+ }
+ if (bs->udp.key.sw_if_index != sw_if_index)
+ {
+ continue;
+ }
+ vec_add1 (to_be_freed, bs->bs_idx);
+ }
+ }
+ u32 *bs_idx;
+ vec_foreach (bs_idx, to_be_freed)
+ {
+ bfd_session_t *bs = pool_elt_at_index (bum->bfd_main->sessions, *bs_idx);
+ vlib_log_notice (bum->log_class,
+ "removal of sw_if_index=%u forces removal of bfd "
+ "session with bs_idx=%u",
+ sw_if_index, bs->bs_idx);
+ bfd_session_set_flags (vlib_get_main (), bs, 0);
+ bfd_udp_del_session_internal (vlib_get_main (), bs);
+ }
return 0;
}
VNET_SW_INTERFACE_ADD_DEL_FUNCTION (bfd_udp_sw_if_add_del);
+clib_error_t *
+bfd_udp_stats_init (bfd_udp_main_t *bum)
+{
+ const char *name4 = "/bfd/udp4/sessions";
+ bum->udp4_sessions_count_stat_seg_entry = vlib_stats_add_gauge ("%s", name4);
+
+ vlib_stats_set_gauge (bum->udp4_sessions_count_stat_seg_entry, 0);
+ if (~0 == bum->udp4_sessions_count_stat_seg_entry)
+ {
+ return clib_error_return (
+ 0, "Could not create stat segment entry for %s", name4);
+ }
+ const char *name6 = "/bfd/udp6/sessions";
+ bum->udp6_sessions_count_stat_seg_entry = vlib_stats_add_gauge ("%s", name6);
+
+ vlib_stats_set_gauge (bum->udp6_sessions_count_stat_seg_entry, 0);
+ if (~0 == bum->udp6_sessions_count_stat_seg_entry)
+ {
+ return clib_error_return (
+ 0, "Could not create stat segment entry for %s", name6);
+ }
+
+ return 0;
+}
+
/*
* setup function
*/
ASSERT (node);
bfd_udp_main.ip6_midchain_idx = node->index;
+ bfd_udp_stats_init (&bfd_udp_main);
+
bfd_udp_main.log_class = vlib_log_register_class ("bfd", "udp");
vlib_log_debug (bfd_udp_main.log_class, "initialized");
return 0;