tcp_update_rto (tc);
}
-always_inline u8
-tcp_recovery_no_snd_space (tcp_connection_t * tc)
-{
- return (tcp_in_fastrecovery (tc)
- && tcp_fastrecovery_prr_snd_space (tc) < tc->snd_mss)
- || (tcp_in_recovery (tc)
- && tcp_available_output_snd_space (tc) < tc->snd_mss);
-}
-
/**
* Dequeue bytes for connections that have received acks in last burst
*/
tc = tcp_connection_get (pending_deq_acked[i], thread_index);
tc->flags &= ~TCP_CONN_DEQ_PENDING;
- if (tc->burst_acked)
- {
- /* Dequeue the newly ACKed bytes */
- session_tx_fifo_dequeue_drop (&tc->connection, tc->burst_acked);
- tc->burst_acked = 0;
- tcp_validate_txf_size (tc, tc->snd_una_max - tc->snd_una);
-
- if (PREDICT_FALSE (tc->flags & TCP_CONN_PSH_PENDING))
- {
- if (seq_leq (tc->psh_seq, tc->snd_una))
- tc->flags &= ~TCP_CONN_PSH_PENDING;
- }
+ if (PREDICT_FALSE (!tc->burst_acked))
+ continue;
- /* If everything has been acked, stop retransmit timer
- * otherwise update. */
- tcp_retransmit_timer_update (tc);
+ /* Dequeue the newly ACKed bytes */
+ session_tx_fifo_dequeue_drop (&tc->connection, tc->burst_acked);
+ tcp_validate_txf_size (tc, tc->snd_una_max - tc->snd_una);
- /* Update pacer based on our new cwnd estimate */
- tcp_connection_tx_pacer_update (tc);
+ if (PREDICT_FALSE (tc->flags & TCP_CONN_PSH_PENDING))
+ {
+ if (seq_leq (tc->psh_seq, tc->snd_una))
+ tc->flags &= ~TCP_CONN_PSH_PENDING;
}
- /* Reset the pacer if we've been idle, i.e., no data sent or if
- * we're in recovery and snd space constrained */
- if (tc->data_segs_out == tc->prev_dsegs_out
- || tcp_recovery_no_snd_space (tc))
- transport_connection_tx_pacer_reset_bucket (&tc->connection,
- wrk->vm->clib_time.
- last_cpu_time);
- tc->prev_dsegs_out = tc->data_segs_out;
+ /* If everything has been acked, stop retransmit timer
+ * otherwise update. */
+ tcp_retransmit_timer_update (tc);
+
+ /* Update pacer based on our new cwnd estimate */
+ tcp_connection_tx_pacer_update (tc);
+
+ tc->burst_acked = 0;
}
_vec_len (wrk->pending_deq_acked) = 0;
}
if (!right)
{
sb->sacked_bytes = sb->high_sacked - ack;
+ sb->last_sacked_bytes = sb->sacked_bytes
+ - (old_sacked - sb->last_bytes_delivered);
return;
}
hole = pool_elt_at_index (sb->holes, sb->head);
if (PREDICT_FALSE (sb->is_reneging))
- sb->last_bytes_delivered += hole->start - tc->snd_una;
+ {
+ sb->last_bytes_delivered += clib_min (hole->start - tc->snd_una,
+ ack - tc->snd_una);
+ sb->is_reneging = seq_lt (ack, hole->start);
+ }
while (hole && blk_index < vec_len (rcv_sacks))
{
|| sb->is_reneging || sb->holes[sb->head].start == ack);
ASSERT (sb->last_lost_bytes <= sb->lost_bytes);
ASSERT ((ack - tc->snd_una) + sb->last_sacked_bytes
- - sb->last_bytes_delivered >= sb->rxt_sacked);
+ - sb->last_bytes_delivered >= sb->rxt_sacked || sb->is_reneging);
ASSERT ((ack - tc->snd_una) >= tc->sack_sb.last_bytes_delivered
|| (tc->flags & TCP_CONN_FINSNT));
is_spurious = 1;
}
- tc->rcv_dupacks = 0;
- tc->prr_delivered = 0;
- tc->rxt_delivered = 0;
- tc->snd_rxt_bytes = 0;
- tc->snd_rxt_ts = 0;
- tc->rtt_ts = 0;
- tc->flags &= ~TCP_CONN_RXT_PENDING;
-
tcp_connection_tx_pacer_reset (tc, tc->cwnd, 0 /* start bucket */ );
+ tc->rcv_dupacks = 0;
/* Previous recovery left us congested. Continue sending as part
* of the current recovery event with an updated snd_congestion */
if (tc->sack_sb.sacked_bytes)
{
tc->snd_congestion = tc->snd_nxt;
- tc->snd_rxt_ts = tcp_tstamp (tc);
- tc->prr_start = tc->snd_una;
- scoreboard_init_rxt (&tc->sack_sb, tc->snd_una);
tcp_program_retransmit (tc);
return is_spurious;
}
+ tc->rxt_delivered = 0;
+ tc->snd_rxt_bytes = 0;
+ tc->snd_rxt_ts = 0;
+ tc->prr_delivered = 0;
+ tc->rtt_ts = 0;
+ tc->flags &= ~TCP_CONN_RXT_PENDING;
+
hole = scoreboard_first_hole (&tc->sack_sb);
if (hole && hole->start == tc->snd_una && hole->end == tc->snd_nxt)
scoreboard_clear (&tc->sack_sb);
{
u8 has_sack = tcp_opts_sack_permitted (&tc->rcv_opts);
+ /* If reneging, wait for timer based retransmits */
+ if (PREDICT_FALSE (tcp_is_lost_fin (tc) || tc->sack_sb.is_reneging))
+ return;
+
/*
* If not in recovery, figure out if we should enter
*/
}
/*
- * Already in recovery. See if we can exit and stop retransmitting
+ * Already in recovery
*/
- if (seq_geq (tc->snd_una, tc->snd_congestion))
- {
- /* If spurious return, we've already updated everything */
- if (tcp_cc_recover (tc))
- {
- tc->tsecr_last_ack = tc->rcv_opts.tsecr;
- return;
- }
-
- /* Treat as congestion avoidance ack */
- tcp_cc_rcv_ack (tc, rs);
- return;
- }
-
/*
* Process (re)transmit feedback. Output path uses this to decide how much
* more data to release into the network
*/
if (has_sack)
{
+ if (!tc->bytes_acked && tc->sack_sb.rxt_sacked)
+ tcp_fastrecovery_first_on (tc);
+
tc->rxt_delivered += tc->sack_sb.rxt_sacked;
tc->prr_delivered += tc->bytes_acked + tc->sack_sb.last_sacked_bytes
- tc->sack_sb.last_bytes_delivered;
tc->rxt_delivered = clib_max (tc->rxt_delivered + tc->bytes_acked,
tc->snd_rxt_bytes);
if (is_dack)
- tc->prr_delivered += 1;
+ tc->prr_delivered += clib_min (tc->snd_mss,
+ tc->snd_nxt - tc->snd_una);
else
- tc->prr_delivered += tc->bytes_acked - tc->snd_mss * tc->rcv_dupacks;
+ tc->prr_delivered += tc->bytes_acked - clib_min (tc->bytes_acked,
+ tc->snd_mss *
+ tc->rcv_dupacks);
/* If partial ack, assume that the first un-acked segment was lost */
if (tc->bytes_acked || tc->rcv_dupacks == TCP_DUPACK_THRESHOLD)
tcp_program_retransmit (tc);
}
+ /*
+ * See if we can exit and stop retransmitting
+ */
+ if (seq_geq (tc->snd_una, tc->snd_congestion))
+ {
+ /* If spurious return, we've already updated everything */
+ if (tcp_cc_recover (tc))
+ {
+ tc->tsecr_last_ack = tc->rcv_opts.tsecr;
+ return;
+ }
+
+ /* Treat as congestion avoidance ack */
+ tcp_cc_rcv_ack (tc, rs);
+ return;
+ }
+
/*
* Notify cc of the event
*/
tcp_cc_rcv_cong_ack (tc, TCP_CC_PARTIALACK, rs);
}
+static void
+tcp_handle_old_ack (tcp_connection_t * tc, tcp_rate_sample_t * rs)
+{
+ if (!tcp_in_cong_recovery (tc))
+ return;
+
+ if (tcp_opts_sack_permitted (&tc->rcv_opts))
+ tcp_rcv_sacks (tc, tc->snd_una);
+
+ tc->bytes_acked = 0;
+
+ if (tc->cfg_flags & TCP_CFG_F_RATE_SAMPLE)
+ tcp_bt_sample_delivery_rate (tc, rs);
+
+ tcp_cc_handle_event (tc, rs, 1);
+}
+
/**
* Check if duplicate ack as per RFC5681 Sec. 2
*/
*is_dack = tc->sack_sb.last_sacked_bytes
|| tcp_ack_is_dupack (tc, b, prev_snd_wnd, prev_snd_una);
- /* If reneging, wait for timer based retransmits */
- if (PREDICT_FALSE (tcp_is_lost_fin (tc) || tc->sack_sb.is_reneging))
- return 0;
-
return (*is_dack || tcp_in_cong_recovery (tc));
}
tc->errors.below_ack_wnd += 1;
*error = TCP_ERROR_ACK_OLD;
TCP_EVT (TCP_EVT_ACK_RCV_ERR, tc, 1, vnet_buffer (b)->tcp.ack_number);
- if (tcp_in_fastrecovery (tc) && tc->rcv_dupacks == TCP_DUPACK_THRESHOLD)
- tcp_cc_handle_event (tc, 0, 1);
+
+ if (seq_lt (vnet_buffer (b)->tcp.ack_number, tc->snd_una - tc->rcv_wnd))
+ return -1;
+
+ tcp_handle_old_ack (tc, &rs);
+
/* Don't drop yet */
return 0;
}
if (tc->cfg_flags & TCP_CFG_F_RATE_SAMPLE)
tcp_bt_sample_delivery_rate (tc, &rs);
- tcp_program_dequeue (wrk, tc);
-
if (tc->bytes_acked)
- tcp_update_rtt (tc, &rs, vnet_buffer (b)->tcp.ack_number);
+ {
+ tcp_program_dequeue (wrk, tc);
+ tcp_update_rtt (tc, &rs, vnet_buffer (b)->tcp.ack_number);
+ }
TCP_EVT (TCP_EVT_ACK_RCVD, tc);
static u8
-tcp_lookup_is_valid (tcp_connection_t * tc, tcp_header_t * hdr)
+tcp_lookup_is_valid (tcp_connection_t * tc, vlib_buffer_t * b,
+ tcp_header_t * hdr)
{
transport_connection_t *tmp = 0;
u64 handle;
if (tc->c_lcl_port == 0 && tc->state == TCP_STATE_LISTEN)
return 1;
+ u8 is_ip_valid = 0, val_l, val_r;
+
+ if (tc->connection.is_ip4)
+ {
+ ip4_header_t *ip4_hdr = (ip4_header_t *) vlib_buffer_get_current (b);
+
+ val_l = !ip4_address_compare (&ip4_hdr->dst_address,
+ &tc->connection.lcl_ip.ip4);
+ val_l = val_l || ip_is_zero (&tc->connection.lcl_ip, 1);
+ val_r = !ip4_address_compare (&ip4_hdr->src_address,
+ &tc->connection.rmt_ip.ip4);
+ val_r = val_r || tc->state == TCP_STATE_LISTEN;
+ is_ip_valid = val_l && val_r;
+ }
+ else
+ {
+ ip6_header_t *ip6_hdr = (ip6_header_t *) vlib_buffer_get_current (b);
+
+ val_l = !ip6_address_compare (&ip6_hdr->dst_address,
+ &tc->connection.lcl_ip.ip6);
+ val_l = val_l || ip_is_zero (&tc->connection.lcl_ip, 0);
+ val_r = !ip6_address_compare (&ip6_hdr->src_address,
+ &tc->connection.rmt_ip.ip6);
+ val_r = val_r || tc->state == TCP_STATE_LISTEN;
+ is_ip_valid = val_l && val_r;
+ }
+
u8 is_valid = (tc->c_lcl_port == hdr->dst_port
&& (tc->state == TCP_STATE_LISTEN
- || tc->c_rmt_port == hdr->src_port));
+ || tc->c_rmt_port == hdr->src_port) && is_ip_valid);
if (!is_valid)
{
TRANSPORT_PROTO_TCP,
thread_index, &is_filtered);
tc = tcp_get_connection_from_transport (tconn);
- ASSERT (tcp_lookup_is_valid (tc, tcp));
+ ASSERT (tcp_lookup_is_valid (tc, b, tcp));
}
else
{
TRANSPORT_PROTO_TCP,
thread_index, &is_filtered);
tc = tcp_get_connection_from_transport (tconn);
- ASSERT (tcp_lookup_is_valid (tc, tcp));
+ ASSERT (tcp_lookup_is_valid (tc, b, tcp));
}
return tc;
}
+static tcp_connection_t *
+tcp_lookup_listener (vlib_buffer_t * b, u32 fib_index, int is_ip4)
+{
+ session_t *s;
+
+ if (is_ip4)
+ {
+ ip4_header_t *ip4 = vlib_buffer_get_current (b);
+ tcp_header_t *tcp = tcp_buffer_hdr (b);
+ s = session_lookup_listener4 (fib_index,
+ &ip4->dst_address,
+ tcp->dst_port, TRANSPORT_PROTO_TCP, 1);
+ }
+ else
+ {
+ ip6_header_t *ip6 = vlib_buffer_get_current (b);
+ tcp_header_t *tcp = tcp_buffer_hdr (b);
+ s = session_lookup_listener6 (fib_index,
+ &ip6->dst_address,
+ tcp->dst_port, TRANSPORT_PROTO_TCP, 1);
+
+ }
+ if (PREDICT_TRUE (s != 0))
+ return tcp_get_connection_from_transport (transport_get_listener
+ (TRANSPORT_PROTO_TCP,
+ s->connection_index));
+ else
+ return 0;
+}
+
always_inline void
tcp_check_tx_offload (tcp_connection_t * tc, int is_ipv4)
{
{
u32 n_left_from, *from, n_syns = 0, *first_buffer;
u32 my_thread_index = vm->thread_index;
+ tcp_connection_t *tc0;
from = first_buffer = vlib_frame_vector_args (from_frame);
n_left_from = from_frame->n_vectors;
b0 = vlib_get_buffer (vm, bi0);
lc0 = tcp_listener_get (vnet_buffer (b0)->tcp.connection_index);
+ if (PREDICT_FALSE (lc0 == 0))
+ {
+ tc0 = tcp_connection_get (vnet_buffer (b0)->tcp.connection_index,
+ my_thread_index);
+ if (tc0->state != TCP_STATE_TIME_WAIT)
+ {
+ error0 = TCP_ERROR_CREATE_EXISTS;
+ goto drop;
+ }
+ lc0 = tcp_lookup_listener (b0, tc0->c_fib_index, is_ip4);
+ /* clean up the old session */
+ tcp_connection_del (tc0);
+ }
if (is_ip4)
{
ip40 = vlib_buffer_get_current (b0);
- th0 = ip4_next_header (ip40);
+ th0 = tcp_buffer_hdr (b0);
}
else
{
ip60 = vlib_buffer_get_current (b0);
- th0 = ip6_next_header (ip60);
+ th0 = tcp_buffer_hdr (b0);
}
/* Create child session. For syn-flood protection use filter */
if (PREDICT_TRUE (!tc0 + !tc1 == 0))
{
- ASSERT (tcp_lookup_is_valid (tc0, tcp_buffer_hdr (b[0])));
- ASSERT (tcp_lookup_is_valid (tc1, tcp_buffer_hdr (b[1])));
+ ASSERT (tcp_lookup_is_valid (tc0, b[0], tcp_buffer_hdr (b[0])));
+ ASSERT (tcp_lookup_is_valid (tc1, b[1], tcp_buffer_hdr (b[1])));
vnet_buffer (b[0])->tcp.connection_index = tc0->c_c_index;
vnet_buffer (b[1])->tcp.connection_index = tc1->c_c_index;
{
if (PREDICT_TRUE (tc0 != 0))
{
- ASSERT (tcp_lookup_is_valid (tc0, tcp_buffer_hdr (b[0])));
+ ASSERT (tcp_lookup_is_valid (tc0, b[0], tcp_buffer_hdr (b[0])));
vnet_buffer (b[0])->tcp.connection_index = tc0->c_c_index;
tcp_input_dispatch_buffer (tm, tc0, b[0], &next[0], &error0);
}
if (PREDICT_TRUE (tc1 != 0))
{
- ASSERT (tcp_lookup_is_valid (tc1, tcp_buffer_hdr (b[1])));
+ ASSERT (tcp_lookup_is_valid (tc1, b[1], tcp_buffer_hdr (b[1])));
vnet_buffer (b[1])->tcp.connection_index = tc1->c_c_index;
tcp_input_dispatch_buffer (tm, tc1, b[1], &next[1], &error1);
}
is_nolookup);
if (PREDICT_TRUE (tc0 != 0))
{
- ASSERT (tcp_lookup_is_valid (tc0, tcp_buffer_hdr (b[0])));
+ ASSERT (tcp_lookup_is_valid (tc0, b[0], tcp_buffer_hdr (b[0])));
vnet_buffer (b[0])->tcp.connection_index = tc0->c_c_index;
tcp_input_dispatch_buffer (tm, tc0, b[0], &next[0], &error0);
}
TCP_ERROR_NONE);
_(LAST_ACK, TCP_FLAG_SYN | TCP_FLAG_RST | TCP_FLAG_ACK,
TCP_INPUT_NEXT_RCV_PROCESS, TCP_ERROR_NONE);
- _(TIME_WAIT, TCP_FLAG_SYN, TCP_INPUT_NEXT_RCV_PROCESS, TCP_ERROR_NONE);
+ _(TIME_WAIT, TCP_FLAG_SYN, TCP_INPUT_NEXT_LISTEN, TCP_ERROR_NONE);
_(TIME_WAIT, TCP_FLAG_FIN, TCP_INPUT_NEXT_RCV_PROCESS, TCP_ERROR_NONE);
_(TIME_WAIT, TCP_FLAG_FIN | TCP_FLAG_ACK, TCP_INPUT_NEXT_RCV_PROCESS,
TCP_ERROR_NONE);
Code Review / vpp.git / blobdiff