#include <vlib/vlib.h>
#include <vnet/ip/ip.h>
#include <vnet/pg/pg.h>
+#include <vnet/ip/ip_sas.h>
static u8 *
format_ip6_icmp_type_and_code (u8 * s, va_list * args)
typedef enum
{
- ICMP_INPUT_NEXT_DROP,
+ ICMP_INPUT_NEXT_PUNT,
ICMP_INPUT_N_NEXT,
} icmp_input_next_t;
next0 = im->input_next_index_by_type[type0];
error0 =
- next0 == ICMP_INPUT_NEXT_DROP ? ICMP6_ERROR_UNKNOWN_TYPE : error0;
+ next0 == ICMP_INPUT_NEXT_PUNT ? ICMP6_ERROR_UNKNOWN_TYPE : error0;
/* Check code is valid for type. */
error0 =
b0->error = node->errors[error0];
- next0 = error0 != ICMP6_ERROR_NONE ? ICMP_INPUT_NEXT_DROP : next0;
+ next0 = error0 != ICMP6_ERROR_NONE ? ICMP_INPUT_NEXT_PUNT : next0;
vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
to_next, n_left_to_next,
.n_next_nodes = 1,
.next_nodes = {
- [ICMP_INPUT_NEXT_DROP] = "ip6-drop",
+ [ICMP_INPUT_NEXT_PUNT] = "ip6-punt",
},
};
/* *INDENT-ON* */
vnet_buffer (p1)->sw_if_index[VLIB_RX]);
vnet_buffer (p1)->sw_if_index[VLIB_TX] = fib_index1;
+ p0->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED;
+ p1->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED;
+
/* verify speculative enqueues, maybe switch current next frame */
/* if next0==next1==next_index then nothing special needs to be done */
vlib_validate_buffer_enqueue_x2 (vm, node, next_index,
vnet_buffer (p0)->sw_if_index[VLIB_RX]);
vnet_buffer (p0)->sw_if_index[VLIB_TX] = fib_index0;
+ p0->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED;
/* Verify speculative enqueue, maybe switch current next frame */
vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
to_next, n_left_to_next,
u32 *from, *to_next;
uword n_left_from, n_left_to_next;
ip6_icmp_error_next_t next_index;
- ip6_main_t *im = &ip6_main;
- ip_lookup_main_t *lm = &im->lookup_main;
from = vlib_frame_vector_args (frame);
n_left_from = frame->n_vectors;
while (n_left_from > 0 && n_left_to_next > 0)
{
- u32 pi0 = from[0];
+ /*
+ * Duplicate first buffer and free the original chain. Keep
+ * as much of the original packet as possible, within the
+ * minimum MTU. We chat "a little" here by keeping whatever
+ * is available in the first buffer.
+ */
+
+ u32 pi0 = ~0;
+ u32 org_pi0 = from[0];
u32 next0 = IP6_ICMP_ERROR_NEXT_LOOKUP;
u8 error0 = ICMP6_ERROR_NONE;
- vlib_buffer_t *p0;
+ vlib_buffer_t *p0, *org_p0;
ip6_header_t *ip0, *out_ip0;
icmp46_header_t *icmp0;
- u32 sw_if_index0, if_add_index0;
+ u32 sw_if_index0;
int bogus_length;
+ org_p0 = vlib_get_buffer (vm, org_pi0);
+ p0 = vlib_buffer_copy_no_chain (vm, org_p0, &pi0);
+ if (!p0 || pi0 == ~0) /* Out of buffers */
+ continue;
+
/* Speculatively enqueue p0 to the current next frame */
to_next[0] = pi0;
from += 1;
n_left_from -= 1;
n_left_to_next -= 1;
- p0 = vlib_get_buffer (vm, pi0);
ip0 = vlib_buffer_get_current (p0);
sw_if_index0 = vnet_buffer (p0)->sw_if_index[VLIB_RX];
- /* RFC4443 says to keep as much of the original packet as possible
- * within the minimum MTU. We cheat "a little" here by keeping whatever fits
- * in the first buffer, to be more efficient */
- if (PREDICT_FALSE (p0->total_length_not_including_first_buffer))
- { /* clear current_length of all other buffers in chain */
- vlib_buffer_t *b = p0;
- p0->total_length_not_including_first_buffer = 0;
- while (b->flags & VLIB_BUFFER_NEXT_PRESENT)
- {
- b = vlib_get_buffer (vm, b->next_buffer);
- b->current_length = 0;
- // XXX: Buffer leak???
- }
- }
-
/* Add IP header and ICMPv6 header including a 4 byte data field */
- int headroom = sizeof (ip6_header_t) + sizeof (icmp46_header_t) + 4;
+ vlib_buffer_advance (p0,
+ -(sizeof (ip6_header_t) +
+ sizeof (icmp46_header_t) + 4));
- /* Verify that we're not falling off the edge */
- if (p0->current_data - headroom < -VLIB_BUFFER_PRE_DATA_SIZE)
- {
- next0 = IP6_ICMP_ERROR_NEXT_DROP;
- error0 = ICMP6_ERROR_DROP;
- goto error;
- }
-
- vlib_buffer_advance (p0, -headroom);
vnet_buffer (p0)->sw_if_index[VLIB_TX] = ~0;
p0->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED;
p0->current_length =
out_ip0->protocol = IP_PROTOCOL_ICMP6;
out_ip0->hop_limit = 0xff;
out_ip0->dst_address = ip0->src_address;
- if_add_index0 =
- lm->if_address_pool_index_by_sw_if_index[sw_if_index0];
- if (PREDICT_TRUE (if_add_index0 != ~0))
- {
- ip_interface_address_t *if_add =
- pool_elt_at_index (lm->if_address_pool, if_add_index0);
- ip6_address_t *if_ip =
- ip_interface_address_get_address (lm, if_add);
- out_ip0->src_address = *if_ip;
- }
- else /* interface has no IP6 address - should not happen */
- {
+ /* Prefer a source address from "offending interface" */
+ if (!ip6_sas_by_sw_if_index (sw_if_index0, &out_ip0->dst_address,
+ &out_ip0->src_address))
+ { /* interface has no IP6 address - should not happen */
next0 = IP6_ICMP_ERROR_NEXT_DROP;
error0 = ICMP6_ERROR_DROP;
- goto error;
}
/* Fill icmp header fields */
if (error0 == ICMP6_ERROR_NONE)
error0 = icmp6_icmp_type_to_error (icmp0->type);
- error:
vlib_error_count (vm, node->node_index, error0, 1);
/* Verify speculative enqueue, maybe switch current next frame */
vlib_put_next_frame (vm, node, next_index, n_left_to_next);
}
+ /*
+ * push the original buffers to error-drop, so that
+ * they can get the error counters handled, then freed
+ */
+ vlib_buffer_enqueue_to_single_next (vm, node,
+ vlib_frame_vector_args (frame),
+ IP6_ICMP_ERROR_NEXT_DROP,
+ frame->n_vectors);
+
return frame->n_vectors;
}
foreach_icmp6_code;
#undef _
- memset (cm->input_next_index_by_type,
- ICMP_INPUT_NEXT_DROP, sizeof (cm->input_next_index_by_type));
- memset (cm->max_valid_code_by_type, 0, sizeof (cm->max_valid_code_by_type));
+ clib_memset (cm->input_next_index_by_type,
+ ICMP_INPUT_NEXT_PUNT, sizeof (cm->input_next_index_by_type));
+ clib_memset (cm->max_valid_code_by_type, 0,
+ sizeof (cm->max_valid_code_by_type));
#define _(a,n,t) cm->max_valid_code_by_type[ICMP6_##a] = clib_max (cm->max_valid_code_by_type[ICMP6_##a], n);
foreach_icmp6_code;
#undef _
- memset (cm->min_valid_hop_limit_by_type, 0,
- sizeof (cm->min_valid_hop_limit_by_type));
+ clib_memset (cm->min_valid_hop_limit_by_type, 0,
+ sizeof (cm->min_valid_hop_limit_by_type));
cm->min_valid_hop_limit_by_type[ICMP6_router_solicitation] = 255;
cm->min_valid_hop_limit_by_type[ICMP6_router_advertisement] = 255;
cm->min_valid_hop_limit_by_type[ICMP6_neighbor_solicitation] = 255;
cm->min_valid_hop_limit_by_type[ICMP6_neighbor_advertisement] = 255;
cm->min_valid_hop_limit_by_type[ICMP6_redirect] = 255;
- memset (cm->min_valid_length_by_type, sizeof (icmp46_header_t),
- sizeof (cm->min_valid_length_by_type));
+ clib_memset (cm->min_valid_length_by_type, sizeof (icmp46_header_t),
+ sizeof (cm->min_valid_length_by_type));
cm->min_valid_length_by_type[ICMP6_router_solicitation] =
sizeof (icmp6_neighbor_discovery_header_t);
cm->min_valid_length_by_type[ICMP6_router_advertisement] =
icmp6_register_type (vm, ICMP6_echo_request,
ip6_icmp_echo_request_node.index);
- return vlib_call_init_function (vm, ip6_neighbor_init);
+ return (NULL);
}
VLIB_INIT_FUNCTION (icmp6_init);