/* Only process the HBH Option Header if explicitly configured to do so */
next0 = (ip0->protocol == IP_PROTOCOL_IP6_HOP_BY_HOP_OPTIONS) && im->hbh_enabled &&
- adj_index0 ? IP6_LOOKUP_NEXT_HOP_BY_HOP : adj0->lookup_next_index;
+ adj_index0 ? (ip_lookup_next_t) IP6_LOOKUP_NEXT_HOP_BY_HOP : adj0->lookup_next_index;
next1 = (ip1->protocol == IP_PROTOCOL_IP6_HOP_BY_HOP_OPTIONS) && im->hbh_enabled &&
- adj_index1 ? IP6_LOOKUP_NEXT_HOP_BY_HOP : adj1->lookup_next_index;
+ adj_index1 ? (ip_lookup_next_t) IP6_LOOKUP_NEXT_HOP_BY_HOP : adj1->lookup_next_index;
vnet_buffer (p0)->ip.flow_hash =
vnet_buffer(p1)->ip.flow_hash = 0;
/* Only process the HBH Option Header if explicitly configured to do so */
next0 = (ip0->protocol == IP_PROTOCOL_IP6_HOP_BY_HOP_OPTIONS) && im->hbh_enabled &&
- adj_index0 ? IP6_LOOKUP_NEXT_HOP_BY_HOP : adj0->lookup_next_index;
+ adj_index0 ? (ip_lookup_next_t) IP6_LOOKUP_NEXT_HOP_BY_HOP : adj0->lookup_next_index;
vnet_buffer (p0)->ip.flow_hash = 0;
typedef enum {
IP6_DISCOVER_NEIGHBOR_ERROR_DROP,
IP6_DISCOVER_NEIGHBOR_ERROR_REQUEST_SENT,
+ IP6_DISCOVER_NEIGHBOR_ERROR_NO_SOURCE_ADDRESS,
} ip6_discover_neighbor_error_t;
static uword
* Choose source address based on destination lookup
* adjacency.
*/
- ip6_src_address_for_packet (im, p0, &h0->ip.src_address,
- sw_if_index0);
+ if (ip6_src_address_for_packet (im, p0, &h0->ip.src_address,
+ sw_if_index0)) {
+ //There is no address on the interface
+ p0->error = node->errors[IP6_DISCOVER_NEIGHBOR_ERROR_NO_SOURCE_ADDRESS];
+ vlib_buffer_free(vm, &bi0, 1);
+ continue;
+ }
/*
* Destination address is a solicited node multicast address.
[IP6_DISCOVER_NEIGHBOR_ERROR_DROP] = "address overflow drops",
[IP6_DISCOVER_NEIGHBOR_ERROR_REQUEST_SENT]
= "neighbor solicitations sent",
+ [IP6_DISCOVER_NEIGHBOR_ERROR_NO_SOURCE_ADDRESS]
+ = "no source address for ND solicitation",
};
VLIB_REGISTER_NODE (ip6_discover_neighbor_node) = {
typedef enum {
IP6_REWRITE_NEXT_DROP,
+ IP6_REWRITE_NEXT_ICMP_ERROR,
} ip6_rewrite_next_t;
always_inline uword
ip1 = vlib_buffer_get_current (p1);
error0 = error1 = IP6_ERROR_NONE;
+ next0 = next1 = IP6_REWRITE_NEXT_DROP;
if (! rewrite_for_locally_received_packets)
{
ip0->hop_limit = hop_limit0;
ip1->hop_limit = hop_limit1;
- error0 = hop_limit0 <= 0 ? IP6_ERROR_TIME_EXPIRED : error0;
- error1 = hop_limit1 <= 0 ? IP6_ERROR_TIME_EXPIRED : error1;
+ /*
+ * If the hop count drops below 1 when forwarding, generate
+ * an ICMP response.
+ */
+ if (PREDICT_FALSE(hop_limit0 <= 0))
+ {
+ error0 = IP6_ERROR_TIME_EXPIRED;
+ next0 = IP6_REWRITE_NEXT_ICMP_ERROR;
+ vnet_buffer (p0)->sw_if_index[VLIB_TX] = (u32)~0;
+ icmp6_error_set_vnet_buffer(p0, ICMP6_time_exceeded,
+ ICMP6_time_exceeded_ttl_exceeded_in_transit, 0);
+ }
+ if (PREDICT_FALSE(hop_limit1 <= 0))
+ {
+ error1 = IP6_ERROR_TIME_EXPIRED;
+ next1 = IP6_REWRITE_NEXT_ICMP_ERROR;
+ vnet_buffer (p1)->sw_if_index[VLIB_TX] = (u32)~0;
+ icmp6_error_set_vnet_buffer(p1, ICMP6_time_exceeded,
+ ICMP6_time_exceeded_ttl_exceeded_in_transit, 0);
+ }
}
adj0 = ip_get_adjacency (lm, adj_index0);
? IP6_ERROR_MTU_EXCEEDED
: error1);
- p0->current_data -= rw_len0;
- p1->current_data -= rw_len1;
+ /* Don't adjust the buffer for hop count issue; icmp-error node
+ * wants to see the IP headerr */
+ if (PREDICT_TRUE(error0 == IP6_ERROR_NONE))
+ {
+ p0->current_data -= rw_len0;
+ p0->current_length += rw_len0;
- p0->current_length += rw_len0;
- p1->current_length += rw_len1;
+ vnet_buffer (p0)->sw_if_index[VLIB_TX] =
+ adj0[0].rewrite_header.sw_if_index;
+ next0 = adj0[0].rewrite_header.next_index;
+ }
+ if (PREDICT_TRUE(error1 == IP6_ERROR_NONE))
+ {
+ p1->current_data -= rw_len1;
+ p1->current_length += rw_len1;
- vnet_buffer (p0)->sw_if_index[VLIB_TX] = adj0[0].rewrite_header.sw_if_index;
- vnet_buffer (p1)->sw_if_index[VLIB_TX] = adj1[0].rewrite_header.sw_if_index;
-
- next0 = (error0 == IP6_ERROR_NONE) ?
- adj0[0].rewrite_header.next_index : IP6_REWRITE_NEXT_DROP;
- next1 = (error1 == IP6_ERROR_NONE) ?
- adj1[0].rewrite_header.next_index : IP6_REWRITE_NEXT_DROP;
+ vnet_buffer (p1)->sw_if_index[VLIB_TX] =
+ adj1[0].rewrite_header.sw_if_index;
+ next1 = adj1[0].rewrite_header.next_index;
+ }
/* Guess we are only writing on simple Ethernet header. */
vnet_rewrite_two_headers (adj0[0], adj1[0],
ip0 = vlib_buffer_get_current (p0);
error0 = IP6_ERROR_NONE;
+ next0 = IP6_REWRITE_NEXT_DROP;
/* Check hop limit */
if (! rewrite_for_locally_received_packets)
ip0->hop_limit = hop_limit0;
- error0 = hop_limit0 <= 0 ? IP6_ERROR_TIME_EXPIRED : error0;
+ if (PREDICT_FALSE(hop_limit0 <= 0))
+ {
+ /*
+ * If the hop count drops below 1 when forwarding, generate
+ * an ICMP response.
+ */
+ error0 = IP6_ERROR_TIME_EXPIRED;
+ next0 = IP6_REWRITE_NEXT_ICMP_ERROR;
+ vnet_buffer (p0)->sw_if_index[VLIB_TX] = (u32)~0;
+ icmp6_error_set_vnet_buffer(p0, ICMP6_time_exceeded,
+ ICMP6_time_exceeded_ttl_exceeded_in_transit, 0);
+ }
}
if (rewrite_for_locally_received_packets)
? IP6_ERROR_MTU_EXCEEDED
: error0);
- p0->current_data -= rw_len0;
- p0->current_length += rw_len0;
- vnet_buffer (p0)->sw_if_index[VLIB_TX] = adj0[0].rewrite_header.sw_if_index;
-
- next0 = (error0 == IP6_ERROR_NONE) ?
- adj0[0].rewrite_header.next_index : IP6_REWRITE_NEXT_DROP;
+ /* Don't adjust the buffer for hop count issue; icmp-error node
+ * wants to see the IP headerr */
+ if (PREDICT_TRUE(error0 == IP6_ERROR_NONE))
+ {
+ p0->current_data -= rw_len0;
+ p0->current_length += rw_len0;
+
+ vnet_buffer (p0)->sw_if_index[VLIB_TX] =
+ adj0[0].rewrite_header.sw_if_index;
+ next0 = adj0[0].rewrite_header.next_index;
+ }
p0->error = error_node->errors[error0];
.format_trace = format_ip6_rewrite_trace,
- .n_next_nodes = 1,
+ .n_next_nodes = 2,
.next_nodes = {
[IP6_REWRITE_NEXT_DROP] = "error-drop",
+ [IP6_REWRITE_NEXT_ICMP_ERROR] = "ip6-icmp-error",
},
};
ip6_lookup_init (vlib_main_t * vm)
{
ip6_main_t * im = &ip6_main;
+ clib_error_t * error;
uword i;
for (i = 0; i < ARRAY_LEN (im->fib_masks); i++)
"ip6 neighbor discovery");
}
- ip6_feature_init (vm, im);
+ error = ip6_feature_init (vm, im);
- return 0;
+ return error;
}
VLIB_INIT_FUNCTION (ip6_lookup_init);
Code Review / vpp.git / blobdiff