#include <vnet/ip/format.h>
#include <vnet/fib/fib_entry.h>
#include <vnet/fib/fib_table.h>
+#include <vnet/fib/fib_entry_track.h>
#include <vnet/mfib/mfib_table.h>
#include <vnet/adj/adj_mcast.h>
#include <vnet/adj/rewrite.h>
#include <vnet/interface.h>
+#include <vnet/flow/flow.h>
#include <vlib/vlib.h>
/**
if (PREDICT_FALSE (ip46_address_is_multicast (&t->dst)))
s = format (s, "mcast-sw-if-idx %d ", t->mcast_sw_if_index);
+ if (t->flow_index != ~0)
+ s = format (s, "flow-index %d [%U]", t->flow_index,
+ format_flow_enabled_hw, t->flow_index);
+
return s;
}
vxlan_header_t *vxlan;
/* Fixed portion of the (outer) ip header */
- memset (&h, 0, sizeof (h));
+ clib_memset (&h, 0, sizeof (h));
if (!is_ip6)
{
ip4_header_t *ip = &h.h4.ip4;
(vnet_vxlan_add_del_tunnel_args_t * a, u32 * sw_if_indexp)
{
vxlan_main_t *vxm = &vxlan_main;
- vxlan_tunnel_t *t = 0;
vnet_main_t *vnm = vxm->vnet_main;
- uword *p;
+ vxlan_decap_info_t *p;
u32 sw_if_index = ~0;
vxlan4_tunnel_key_t key4;
vxlan6_tunnel_key_t key6;
u32 is_ip6 = a->is_ip6;
+ int not_found;
if (!is_ip6)
{
- key4.src = a->dst.ip4.as_u32; /* decap src in key is encap dst in config */
- key4.vni = clib_host_to_net_u32 (a->vni << 8);
- p = hash_get (vxm->vxlan4_tunnel_by_key, key4.as_u64);
+ /* ip4 mcast is indexed by mcast addr only */
+ key4.key[0] = ip46_address_is_multicast (&a->dst) ?
+ a->dst.ip4.as_u32 :
+ a->dst.ip4.as_u32 | (((u64) a->src.ip4.as_u32) << 32);
+ key4.key[1] = (((u64) a->encap_fib_index) << 32)
+ | clib_host_to_net_u32 (a->vni << 8);
+ not_found =
+ clib_bihash_search_inline_16_8 (&vxm->vxlan4_tunnel_by_key, &key4);
+ p = (void *) &key4.value;
}
else
{
- key6.src = a->dst.ip6;
- key6.vni = clib_host_to_net_u32 (a->vni << 8);
- p = hash_get_mem (vxm->vxlan6_tunnel_by_key, &key6);
+ key6.key[0] = a->dst.ip6.as_u64[0];
+ key6.key[1] = a->dst.ip6.as_u64[1];
+ key6.key[2] = (((u64) a->encap_fib_index) << 32)
+ | clib_host_to_net_u32 (a->vni << 8);
+ not_found =
+ clib_bihash_search_inline_24_8 (&vxm->vxlan6_tunnel_by_key, &key6);
+ p = (void *) &key6.value;
}
+ if (not_found)
+ p = 0;
+
if (a->is_add)
{
l2input_main_t *l2im = &l2input_main;
if (!vxlan_decap_next_is_valid (vxm, is_ip6, a->decap_next_index))
return VNET_API_ERROR_INVALID_DECAP_NEXT;
+ vxlan_tunnel_t *t;
pool_get_aligned (vxm->tunnels, t, CLIB_CACHE_LINE_BYTES);
- memset (t, 0, sizeof (*t));
+ clib_memset (t, 0, sizeof (*t));
dev_instance = t - vxm->tunnels;
/* copy from arg structure */
t->dev_instance = dev_instance; /* actual */
t->user_instance = user_instance; /* name */
-
- /* copy the key */
- if (is_ip6)
- hash_set_mem_alloc (&vxm->vxlan6_tunnel_by_key, &key6, dev_instance);
- else
- hash_set (vxm->vxlan4_tunnel_by_key, key4.as_u64, dev_instance);
+ t->flow_index = ~0;
t->hw_if_index = vnet_register_interface
(vnm, vxlan_device_class.index, dev_instance,
t->sw_if_index = sw_if_index = hi->sw_if_index;
+ /* copy the key */
+ int add_failed;
+ if (is_ip6)
+ {
+ key6.value = (u64) dev_instance;
+ add_failed = clib_bihash_add_del_24_8 (&vxm->vxlan6_tunnel_by_key,
+ &key6, 1 /*add */ );
+ }
+ else
+ {
+ vxlan_decap_info_t di = {.sw_if_index = t->sw_if_index, };
+ if (ip46_address_is_multicast (&t->dst))
+ di.local_ip = t->src.ip4;
+ else
+ di.next_index = t->decap_next_index;
+ key4.value = di.as_u64;
+ add_failed = clib_bihash_add_del_16_8 (&vxm->vxlan4_tunnel_by_key,
+ &key4, 1 /*add */ );
+ }
+
+ if (add_failed)
+ {
+ vnet_delete_hw_interface (vnm, t->hw_if_index);
+ hash_unset (vxm->instance_used, t->user_instance);
+ pool_put (vxm->tunnels, t);
+ return VNET_API_ERROR_INVALID_REGISTRATION;
+ }
+
vec_validate_init_empty (vxm->tunnel_index_by_sw_if_index, sw_if_index,
~0);
vxm->tunnel_index_by_sw_if_index[sw_if_index] = dev_instance;
* re-stack accordingly
*/
vtep_addr_ref (&t->src);
- t->fib_entry_index = fib_table_entry_special_add
- (t->encap_fib_index, &tun_dst_pfx, FIB_SOURCE_RR,
- FIB_ENTRY_FLAG_NONE);
- t->sibling_index = fib_entry_child_add
- (t->fib_entry_index, FIB_NODE_TYPE_VXLAN_TUNNEL, dev_instance);
+ t->fib_entry_index = fib_entry_track (t->encap_fib_index,
+ &tun_dst_pfx,
+ FIB_NODE_TYPE_VXLAN_TUNNEL,
+ dev_instance,
+ &t->sibling_index);
vxlan_tunnel_restack_dpo (t);
}
else
{
/* Multicast tunnel -
- * as the same mcast group can be used for mutiple mcast tunnels
- * with different VNIs, create the output fib adjecency only if
+ * as the same mcast group can be used for multiple mcast tunnels
+ * with different VNIs, create the output fib adjacency only if
* it does not already exist
*/
fib_protocol_t fp = fib_ip_proto (is_ip6);
.frp_addr = zero_addr,
.frp_sw_if_index = 0xffffffff,
.frp_fib_index = ~0,
- .frp_weight = 0,
+ .frp_weight = 1,
.frp_flags = FIB_ROUTE_PATH_LOCAL,
+ .frp_mitf_flags = MFIB_ITF_FLAG_FORWARD,
};
const mfib_prefix_t mpfx = {
.fp_proto = fp,
* - the accepting interface is that from the API
*/
mfib_table_entry_path_update (t->encap_fib_index,
- &mpfx,
- MFIB_SOURCE_VXLAN,
- &path, MFIB_ITF_FLAG_FORWARD);
+ &mpfx, MFIB_SOURCE_VXLAN, &path);
path.frp_sw_if_index = a->mcast_sw_if_index;
path.frp_flags = FIB_ROUTE_PATH_FLAG_NONE;
+ path.frp_mitf_flags = MFIB_ITF_FLAG_ACCEPT;
mfei = mfib_table_entry_path_update (t->encap_fib_index,
&mpfx,
- MFIB_SOURCE_VXLAN,
- &path,
- MFIB_ITF_FLAG_ACCEPT);
+ MFIB_SOURCE_VXLAN, &path);
/*
* Create the mcast adjacency to send traffic to the group
if (!p)
return VNET_API_ERROR_NO_SUCH_ENTRY;
- u32 instance = p[0];
- t = pool_elt_at_index (vxm->tunnels, instance);
+ u32 instance = is_ip6 ? key6.value :
+ vxm->tunnel_index_by_sw_if_index[p->sw_if_index];
+ vxlan_tunnel_t *t = pool_elt_at_index (vxm->tunnels, instance);
sw_if_index = t->sw_if_index;
vnet_sw_interface_set_flags (vnm, sw_if_index, 0 /* down */ );
vxm->tunnel_index_by_sw_if_index[sw_if_index] = ~0;
if (!is_ip6)
- hash_unset (vxm->vxlan4_tunnel_by_key, key4.as_u64);
+ clib_bihash_add_del_16_8 (&vxm->vxlan4_tunnel_by_key, &key4,
+ 0 /*del */ );
else
- hash_unset_mem_free (&vxm->vxlan6_tunnel_by_key, &key6);
+ clib_bihash_add_del_24_8 (&vxm->vxlan6_tunnel_by_key, &key6,
+ 0 /*del */ );
if (!ip46_address_is_multicast (&t->dst))
{
+ if (t->flow_index != ~0)
+ vnet_flow_del (vnm, t->flow_index);
+
vtep_addr_unref (&t->src);
- fib_entry_child_remove (t->fib_entry_index, t->sibling_index);
- fib_table_entry_delete_index (t->fib_entry_index, FIB_SOURCE_RR);
+ fib_entry_untrack (t->fib_entry_index, t->sibling_index);
}
else if (vtep_addr_unref (&t->dst) == 0)
{
if (sw_if_indexp)
*sw_if_indexp = sw_if_index;
+ if (a->is_add)
+ {
+ /* register udp ports */
+ if (!is_ip6 && !udp_is_valid_dst_port (UDP_DST_PORT_vxlan, 1))
+ udp_register_dst_port (vxm->vlib_main, UDP_DST_PORT_vxlan,
+ vxlan4_input_node.index, 1);
+ if (is_ip6 && !udp_is_valid_dst_port (UDP_DST_PORT_vxlan6, 0))
+ udp_register_dst_port (vxm->vlib_main, UDP_DST_PORT_vxlan6,
+ vxlan6_input_node.index, 0);
+ }
+
return 0;
}
u32 decap_next_index = VXLAN_INPUT_NEXT_L2_INPUT;
u32 vni = 0;
u32 table_id;
- clib_error_t *error = NULL;
+ clib_error_t *parse_error = NULL;
/* Get a line of input. */
if (!unformat_user (input, unformat_line_input, line_input))
{
encap_fib_index =
fib_table_find (fib_ip_proto (ipv6_set), table_id);
- if (encap_fib_index == ~0)
- {
- error =
- clib_error_return (0, "nonexistent encap-vrf-id %d",
- table_id);
- break;
- }
}
else if (unformat (line_input, "decap-next %U", unformat_decap_next,
&decap_next_index, ipv4_set))
;
else
{
- error = clib_error_return (0, "parse error: '%U'",
- format_unformat_error, line_input);
+ parse_error = clib_error_return (0, "parse error: '%U'",
+ format_unformat_error, line_input);
break;
}
}
unformat_free (line_input);
- if (error)
- return error;
+ if (parse_error)
+ return parse_error;
+
+ if (encap_fib_index == ~0)
+ return clib_error_return (0, "nonexistent encap-vrf-id %d", table_id);
if (src_set == 0)
return clib_error_return (0, "tunnel src address not specified");
(0, "vnet_vxlan_add_del_tunnel returned %d", rv);
}
- return error;
+ return 0;
}
/*?
* @cliexcmd{create vxlan tunnel src 10.0.3.1 dst 10.0.3.3 vni 13 encap-vrf-id 7}
* Example of how to create a VXLAN Tunnel with a known name, vxlan_tunnel42:
* @cliexcmd{create vxlan tunnel src 10.0.3.1 dst 10.0.3.3 instance 42}
+ * Example of how to create a multicast VXLAN Tunnel with a known name, vxlan_tunnel23:
+ * @cliexcmd{create vxlan tunnel src 10.0.3.1 group 239.1.1.1 GigabitEthernet0/8/0 instance 23}
* Example of how to delete a VXLAN Tunnel:
* @cliexcmd{create vxlan tunnel src 10.0.3.1 dst 10.0.3.3 vni 13 del}
?*/
{
vxlan_main_t *vxm = &vxlan_main;
vxlan_tunnel_t *t;
+ int raw = 0;
+
+ while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
+ {
+ if (unformat (input, "raw"))
+ raw = 1;
+ else
+ return clib_error_return (0, "parse error: '%U'",
+ format_unformat_error, input);
+ }
if (pool_elts (vxm->tunnels) == 0)
vlib_cli_output (vm, "No vxlan tunnels configured...");
}));
/* *INDENT-ON* */
+ if (raw)
+ {
+ vlib_cli_output (vm, "Raw IPv4 Hash Table:\n%U\n",
+ format_bihash_16_8, &vxm->vxlan4_tunnel_by_key,
+ 1 /* verbose */ );
+ vlib_cli_output (vm, "Raw IPv6 Hash Table:\n%U\n",
+ format_bihash_24_8, &vxm->vxlan6_tunnel_by_key,
+ 1 /* verbose */ );
+ }
+
return 0;
}
/* *INDENT-OFF* */
VLIB_CLI_COMMAND (show_vxlan_tunnel_command, static) = {
.path = "show vxlan tunnel",
- .short_help = "show vxlan tunnel",
+ .short_help = "show vxlan tunnel [raw]",
.function = show_vxlan_tunnel_command_fn,
};
/* *INDENT-ON* */
void
vnet_int_vxlan_bypass_mode (u32 sw_if_index, u8 is_ip6, u8 is_enable)
{
+ vxlan_main_t *vxm = &vxlan_main;
+
+ if (pool_is_free_index (vxm->vnet_main->interface_main.sw_interfaces,
+ sw_if_index))
+ return;
+
+ is_enable = ! !is_enable;
+
if (is_ip6)
- vnet_feature_enable_disable ("ip6-unicast", "ip6-vxlan-bypass",
- sw_if_index, is_enable, 0, 0);
+ {
+ if (clib_bitmap_get (vxm->bm_ip6_bypass_enabled_by_sw_if, sw_if_index)
+ != is_enable)
+ {
+ vnet_feature_enable_disable ("ip6-unicast", "ip6-vxlan-bypass",
+ sw_if_index, is_enable, 0, 0);
+ vxm->bm_ip6_bypass_enabled_by_sw_if =
+ clib_bitmap_set (vxm->bm_ip6_bypass_enabled_by_sw_if,
+ sw_if_index, is_enable);
+ }
+ }
else
- vnet_feature_enable_disable ("ip4-unicast", "ip4-vxlan-bypass",
- sw_if_index, is_enable, 0, 0);
+ {
+ if (clib_bitmap_get (vxm->bm_ip4_bypass_enabled_by_sw_if, sw_if_index)
+ != is_enable)
+ {
+ vnet_feature_enable_disable ("ip4-unicast", "ip4-vxlan-bypass",
+ sw_if_index, is_enable, 0, 0);
+ vxm->bm_ip4_bypass_enabled_by_sw_if =
+ clib_bitmap_set (vxm->bm_ip4_bypass_enabled_by_sw_if,
+ sw_if_index, is_enable);
+ }
+ }
}
* ip4-lookup [2]
* @cliexend
*
- * Example of how to display the feature enabed on an interface:
+ * Example of how to display the feature enabled on an interface:
* @cliexstart{show ip interface features GigabitEthernet2/0/0}
* IP feature paths configured on GigabitEthernet2/0/0...
* ...
* ip6-lookup [2]
* @cliexend
*
- * Example of how to display the feature enabed on an interface:
+ * Example of how to display the feature enabled on an interface:
* @cliexstart{show ip interface features GigabitEthernet2/0/0}
* IP feature paths configured on GigabitEthernet2/0/0...
* ...
};
/* *INDENT-ON* */
+int
+vnet_vxlan_add_del_rx_flow (u32 hw_if_index, u32 t_index, int is_add)
+{
+ vxlan_main_t *vxm = &vxlan_main;
+ vxlan_tunnel_t *t = pool_elt_at_index (vxm->tunnels, t_index);
+ vnet_main_t *vnm = vnet_get_main ();
+ if (is_add)
+ {
+ if (t->flow_index == ~0)
+ {
+ vxlan_main_t *vxm = &vxlan_main;
+ vnet_flow_t flow = {
+ .actions =
+ VNET_FLOW_ACTION_REDIRECT_TO_NODE | VNET_FLOW_ACTION_MARK |
+ VNET_FLOW_ACTION_BUFFER_ADVANCE,
+ .mark_flow_id = t->dev_instance + vxm->flow_id_start,
+ .redirect_node_index = vxlan4_flow_input_node.index,
+ .buffer_advance = sizeof (ethernet_header_t),
+ .type = VNET_FLOW_TYPE_IP4_VXLAN,
+ .ip4_vxlan = {
+ .src_addr = t->dst.ip4,
+ .dst_addr = t->src.ip4,
+ .dst_port = UDP_DST_PORT_vxlan,
+ .vni = t->vni,
+ }
+ ,
+ };
+ vnet_flow_add (vnm, &flow, &t->flow_index);
+ }
+ return vnet_flow_enable (vnm, t->flow_index, hw_if_index);
+ }
+ /* flow index is removed when the tunnel is deleted */
+ return vnet_flow_disable (vnm, t->flow_index, hw_if_index);
+}
+
+u32
+vnet_vxlan_get_tunnel_index (u32 sw_if_index)
+{
+ vxlan_main_t *vxm = &vxlan_main;
+
+ if (sw_if_index >= vec_len (vxm->tunnel_index_by_sw_if_index))
+ return ~0;
+ return vxm->tunnel_index_by_sw_if_index[sw_if_index];
+}
+
+static clib_error_t *
+vxlan_offload_command_fn (vlib_main_t * vm,
+ unformat_input_t * input, vlib_cli_command_t * cmd)
+{
+ unformat_input_t _line_input, *line_input = &_line_input;
+
+ /* Get a line of input. */
+ if (!unformat_user (input, unformat_line_input, line_input))
+ return 0;
+
+ vnet_main_t *vnm = vnet_get_main ();
+ u32 rx_sw_if_index = ~0;
+ u32 hw_if_index = ~0;
+ int is_add = 1;
+
+ while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
+ {
+ if (unformat (line_input, "hw %U", unformat_vnet_hw_interface, vnm,
+ &hw_if_index))
+ continue;
+ if (unformat (line_input, "rx %U", unformat_vnet_sw_interface, vnm,
+ &rx_sw_if_index))
+ continue;
+ if (unformat (line_input, "del"))
+ {
+ is_add = 0;
+ continue;
+ }
+ return clib_error_return (0, "unknown input `%U'",
+ format_unformat_error, line_input);
+ }
+
+ if (rx_sw_if_index == ~0)
+ return clib_error_return (0, "missing rx interface");
+ if (hw_if_index == ~0)
+ return clib_error_return (0, "missing hw interface");
+
+ u32 t_index = vnet_vxlan_get_tunnel_index (rx_sw_if_index);;
+ if (t_index == ~0)
+ return clib_error_return (0, "%U is not a vxlan tunnel",
+ format_vnet_sw_if_index_name, vnm,
+ rx_sw_if_index);
+
+ vxlan_main_t *vxm = &vxlan_main;
+ vxlan_tunnel_t *t = pool_elt_at_index (vxm->tunnels, t_index);
+
+ if (!ip46_address_is_ip4 (&t->dst))
+ return clib_error_return (0, "currently only IPV4 tunnels are supported");
+
+ vnet_hw_interface_t *hw_if = vnet_get_hw_interface (vnm, hw_if_index);
+ ip4_main_t *im = &ip4_main;
+ u32 rx_fib_index =
+ vec_elt (im->fib_index_by_sw_if_index, hw_if->sw_if_index);
+
+ if (t->encap_fib_index != rx_fib_index)
+ return clib_error_return (0, "interface/tunnel fib mismatch");
+
+ if (vnet_vxlan_add_del_rx_flow (hw_if_index, t_index, is_add))
+ return clib_error_return (0, "error %s flow",
+ is_add ? "enabling" : "disabling");
+
+ return 0;
+}
+
+/* *INDENT-OFF* */
+VLIB_CLI_COMMAND (vxlan_offload_command, static) = {
+ .path = "set flow-offload vxlan",
+ .short_help =
+ "set flow-offload vxlan hw <interface-name> rx <tunnel-name> [del]",
+ .function = vxlan_offload_command_fn,
+};
+/* *INDENT-ON* */
+
+#define VXLAN_HASH_NUM_BUCKETS (2 * 1024)
+#define VXLAN_HASH_MEMORY_SIZE (1 << 20)
+
clib_error_t *
vxlan_init (vlib_main_t * vm)
{
vxm->vnet_main = vnet_get_main ();
vxm->vlib_main = vm;
+ vnet_flow_get_range (vxm->vnet_main, "vxlan", 1024 * 1024,
+ &vxm->flow_id_start);
+
+ vxm->bm_ip4_bypass_enabled_by_sw_if = 0;
+ vxm->bm_ip6_bypass_enabled_by_sw_if = 0;
+
/* initialize the ip6 hash */
- vxm->vxlan6_tunnel_by_key = hash_create_mem (0,
- sizeof (vxlan6_tunnel_key_t),
- sizeof (uword));
+ clib_bihash_init_16_8 (&vxm->vxlan4_tunnel_by_key, "vxlan4",
+ VXLAN_HASH_NUM_BUCKETS, VXLAN_HASH_MEMORY_SIZE);
+ clib_bihash_init_24_8 (&vxm->vxlan6_tunnel_by_key, "vxlan6",
+ VXLAN_HASH_NUM_BUCKETS, VXLAN_HASH_MEMORY_SIZE);
vxm->vtep6 = hash_create_mem (0, sizeof (ip6_address_t), sizeof (uword));
vxm->mcast_shared = hash_create_mem (0,
sizeof (ip46_address_t),
sizeof (mcast_shared_t));
- udp_register_dst_port (vm, UDP_DST_PORT_vxlan,
- vxlan4_input_node.index, /* is_ip4 */ 1);
- udp_register_dst_port (vm, UDP_DST_PORT_vxlan6,
- vxlan6_input_node.index, /* is_ip4 */ 0);
-
fib_node_register_type (FIB_NODE_TYPE_VXLAN_TUNNEL, &vxlan_vft);
return 0;