X-Git-Url: https://gerrit.fd.io/r/gitweb?a=blobdiff_plain;f=src%2Fvnet%2Fip%2Fip4_forward.c;h=3ddf6dfa7839ceec0144d7b0464ef943bdc16c71;hb=8269d3dbe70adaae60806d5d84e35f25d23193c5;hp=64e5e8e829c0e566964d2a3a007c3eec790462f1;hpb=d3c008d108aa2187d1a2afe2833b4de25ca2c2ab;p=vpp.git
diff --git a/src/vnet/ip/ip4_forward.c b/src/vnet/ip/ip4_forward.c
index 64e5e8e829c..3ddf6dfa783 100755
--- a/src/vnet/ip/ip4_forward.c
+++ b/src/vnet/ip/ip4_forward.c
@@ -60,12 +60,6 @@
* This file contains the source code for IPv4 forwarding.
*/
-void
-ip4_forward_next_trace (vlib_main_t * vm,
- vlib_node_runtime_t * node,
- vlib_frame_t * frame,
- vlib_rx_or_tx_t which_adj_index);
-
always_inline uword
ip4_lookup_inline (vlib_main_t * vm,
vlib_node_runtime_t * node,
@@ -476,11 +470,17 @@ ip4_lookup (vlib_main_t * vm,
static u8 *format_ip4_lookup_trace (u8 * s, va_list * args);
+/* *INDENT-OFF* */
VLIB_REGISTER_NODE (ip4_lookup_node) =
{
-.function = ip4_lookup,.name = "ip4-lookup",.vector_size =
- sizeof (u32),.format_trace = format_ip4_lookup_trace,.n_next_nodes =
- IP_LOOKUP_N_NEXT,.next_nodes = IP4_LOOKUP_NEXT_NODES,};
+ .function = ip4_lookup,
+ .name = "ip4-lookup",
+ .vector_size = sizeof (u32),
+ .format_trace = format_ip4_lookup_trace,
+ .n_next_nodes = IP_LOOKUP_N_NEXT,
+ .next_nodes = IP4_LOOKUP_NEXT_NODES,
+};
+/* *INDENT-ON* */
VLIB_NODE_FUNCTION_MULTIARCH (ip4_lookup_node, ip4_lookup);
@@ -671,11 +671,17 @@ ip4_load_balance (vlib_main_t * vm,
return frame->n_vectors;
}
+/* *INDENT-OFF* */
VLIB_REGISTER_NODE (ip4_load_balance_node) =
{
-.function = ip4_load_balance,.name = "ip4-load-balance",.vector_size =
- sizeof (u32),.sibling_of = "ip4-lookup",.format_trace =
- format_ip4_lookup_trace,};
+ .function = ip4_load_balance,
+ .name = "ip4-load-balance",
+ .vector_size = sizeof (u32),
+ .sibling_of = "ip4-lookup",
+ .format_trace =
+ format_ip4_lookup_trace,
+};
+/* *INDENT-ON* */
VLIB_NODE_FUNCTION_MULTIARCH (ip4_load_balance_node, ip4_load_balance);
@@ -877,11 +883,11 @@ ip4_sw_interface_enable_disable (u32 sw_if_index, u32 is_enable)
if (0 != --im->ip_enabled_by_sw_if_index[sw_if_index])
return;
}
- vnet_feature_enable_disable ("ip4-unicast", "ip4-drop", sw_if_index,
+ vnet_feature_enable_disable ("ip4-unicast", "ip4-not-enabled", sw_if_index,
!is_enable, 0, 0);
- vnet_feature_enable_disable ("ip4-multicast", "ip4-drop",
+ vnet_feature_enable_disable ("ip4-multicast", "ip4-not-enabled",
sw_if_index, !is_enable, 0, 0);
}
@@ -1060,10 +1066,10 @@ VNET_FEATURE_INIT (ip4_vxlan_bypass, static) =
.runs_before = VNET_FEATURES ("ip4-lookup"),
};
-VNET_FEATURE_INIT (ip4_drop, static) =
+VNET_FEATURE_INIT (ip4_not_enabled, static) =
{
.arc_name = "ip4-unicast",
- .node_name = "ip4-drop",
+ .node_name = "ip4-not-enabled",
.runs_before = VNET_FEATURES ("ip4-lookup"),
};
@@ -1089,10 +1095,10 @@ VNET_FEATURE_INIT (ip4_vpath_mc, static) =
.runs_before = VNET_FEATURES ("ip4-mfib-forward-lookup"),
};
-VNET_FEATURE_INIT (ip4_mc_drop, static) =
+VNET_FEATURE_INIT (ip4_mc_not_enabled, static) =
{
.arc_name = "ip4-multicast",
- .node_name = "ip4-drop",
+ .node_name = "ip4-not-enabled",
.runs_before = VNET_FEATURES ("ip4-mfib-forward-lookup"),
};
@@ -1107,7 +1113,7 @@ VNET_FEATURE_INIT (ip4_lookup_mc, static) =
VNET_FEATURE_ARC_INIT (ip4_output, static) =
{
.arc_name = "ip4-output",
- .start_nodes = VNET_FEATURES ("ip4-rewrite", "ip4-midchain"),
+ .start_nodes = VNET_FEATURES ("ip4-rewrite", "ip4-midchain", "ip4-dvr-dpo"),
.arc_index_ptr = &ip4_main.lookup_main.output_feature_arc_index,
};
@@ -1160,11 +1166,11 @@ ip4_sw_interface_add_del (vnet_main_t * vnm, u32 sw_if_index, u32 is_add)
/* *INDENT-ON* */
}
- vnet_feature_enable_disable ("ip4-unicast", "ip4-drop", sw_if_index,
+ vnet_feature_enable_disable ("ip4-unicast", "ip4-not-enabled", sw_if_index,
is_add, 0, 0);
- vnet_feature_enable_disable ("ip4-multicast", "ip4-drop", sw_if_index,
- is_add, 0, 0);
+ vnet_feature_enable_disable ("ip4-multicast", "ip4-not-enabled",
+ sw_if_index, is_add, 0, 0);
return /* no error */ 0;
}
@@ -1183,6 +1189,12 @@ ip4_lookup_init (vlib_main_t * vm)
if ((error = vlib_call_init_function (vm, vnet_feature_init)))
return error;
+ if ((error = vlib_call_init_function (vm, ip4_mtrie_module_init)))
+ return (error);
+ if ((error = vlib_call_init_function (vm, fib_module_init)))
+ return error;
+ if ((error = vlib_call_init_function (vm, mfib_module_init)))
+ return error;
for (i = 0; i < ARRAY_LEN (im->fib_masks); i++)
{
@@ -1387,68 +1399,6 @@ ip4_forward_next_trace (vlib_main_t * vm,
}
}
-static uword
-ip4_drop_or_punt (vlib_main_t * vm,
- vlib_node_runtime_t * node,
- vlib_frame_t * frame, ip4_error_t error_code)
-{
- u32 *buffers = vlib_frame_vector_args (frame);
- uword n_packets = frame->n_vectors;
-
- vlib_error_drop_buffers (vm, node, buffers,
- /* stride */ 1,
- n_packets,
- /* next */ 0,
- ip4_input_node.index, error_code);
-
- if (node->flags & VLIB_NODE_FLAG_TRACE)
- ip4_forward_next_trace (vm, node, frame, VLIB_TX);
-
- return n_packets;
-}
-
-static uword
-ip4_drop (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame)
-{
- return ip4_drop_or_punt (vm, node, frame, IP4_ERROR_ADJACENCY_DROP);
-}
-
-static uword
-ip4_punt (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame)
-{
- return ip4_drop_or_punt (vm, node, frame, IP4_ERROR_ADJACENCY_PUNT);
-}
-
-/* *INDENT-OFF* */
-VLIB_REGISTER_NODE (ip4_drop_node, static) =
-{
- .function = ip4_drop,
- .name = "ip4-drop",
- .vector_size = sizeof (u32),
- .format_trace = format_ip4_forward_next_trace,
- .n_next_nodes = 1,
- .next_nodes = {
- [0] = "error-drop",
- },
-};
-
-VLIB_NODE_FUNCTION_MULTIARCH (ip4_drop_node, ip4_drop);
-
-VLIB_REGISTER_NODE (ip4_punt_node, static) =
-{
- .function = ip4_punt,
- .name = "ip4-punt",
- .vector_size = sizeof (u32),
- .format_trace = format_ip4_forward_next_trace,
- .n_next_nodes = 1,
- .next_nodes = {
- [0] = "error-punt",
- },
-};
-
-VLIB_NODE_FUNCTION_MULTIARCH (ip4_punt_node, ip4_punt);
-/* *INDENT-ON */
-
/* Compute TCP/UDP/ICMP4 checksum in software. */
u16
ip4_tcp_udp_compute_checksum (vlib_main_t * vm, vlib_buffer_t * p0,
@@ -1483,11 +1433,12 @@ ip4_tcp_udp_compute_checksum (vlib_main_t * vm, vlib_buffer_t * p0,
n_bytes_left = n_this_buffer = payload_length_host_byte_order;
data_this_buffer = (void *) ip0 + ip_header_length;
- n_ip_bytes_this_buffer = p0->current_length - (((u8 *) ip0 - p0->data) - p0->current_data);
+ n_ip_bytes_this_buffer =
+ p0->current_length - (((u8 *) ip0 - p0->data) - p0->current_data);
if (n_this_buffer + ip_header_length > n_ip_bytes_this_buffer)
{
n_this_buffer = n_ip_bytes_this_buffer > ip_header_length ?
- n_ip_bytes_this_buffer - ip_header_length : 0;
+ n_ip_bytes_this_buffer - ip_header_length : 0;
}
while (1)
{
@@ -1565,7 +1516,9 @@ ip4_local_validate_l4 (vlib_main_t * vm, vlib_buffer_t * p, ip4_header_t * ip,
}
#define ip4_local_do_l4_check(is_tcp_udp, flags) \
- (is_tcp_udp && !(flags & VNET_BUFFER_F_L4_CHECKSUM_COMPUTED))
+ (is_tcp_udp && !(flags & VNET_BUFFER_F_L4_CHECKSUM_COMPUTED \
+ || flags & VNET_BUFFER_F_OFFLOAD_TCP_CKSUM \
+ || flags & VNET_BUFFER_F_OFFLOAD_UDP_CKSUM))
static inline uword
ip4_local_inline (vlib_main_t * vm,
@@ -1641,9 +1594,13 @@ ip4_local_inline (vlib_main_t * vm,
is_tcp_udp1 = is_udp1 || proto1 == IP_PROTOCOL_TCP;
good_tcp_udp0 =
- (p0->flags & VNET_BUFFER_F_L4_CHECKSUM_CORRECT) != 0;
- good_tcp_udp1 =
- (p1->flags & VNET_BUFFER_F_L4_CHECKSUM_CORRECT) != 0;
+ (p0->flags & VNET_BUFFER_F_L4_CHECKSUM_CORRECT
+ || (p0->flags & VNET_BUFFER_F_OFFLOAD_TCP_CKSUM
+ || p0->flags & VNET_BUFFER_F_OFFLOAD_UDP_CKSUM)) != 0;
+ good_tcp_udp1 = (p1->flags & VNET_BUFFER_F_L4_CHECKSUM_CORRECT
+ || (p1->flags & VNET_BUFFER_F_OFFLOAD_TCP_CKSUM
+ || p1->flags &
+ VNET_BUFFER_F_OFFLOAD_UDP_CKSUM)) != 0;
if (PREDICT_FALSE (ip4_local_do_l4_check (is_tcp_udp0, p0->flags)
|| ip4_local_do_l4_check (is_tcp_udp1,
@@ -1673,6 +1630,10 @@ ip4_local_inline (vlib_main_t * vm,
(vnet_buffer (p1)->sw_if_index[VLIB_TX] ==
(u32) ~ 0) ? fib_index1 : vnet_buffer (p1)->sw_if_index[VLIB_TX];
+ /* TODO maybe move to lookup? */
+ vnet_buffer (p0)->ip.fib_index = fib_index0;
+ vnet_buffer (p1)->ip.fib_index = fib_index1;
+
mtrie0 = &ip4_fib_get (fib_index0)->mtrie;
mtrie1 = &ip4_fib_get (fib_index1)->mtrie;
@@ -1710,6 +1671,9 @@ ip4_local_inline (vlib_main_t * vm,
* - uRPF check for any route to source - accept if passes.
* - allow packets destined to the broadcast address from unknown sources
*/
+ if (p0->flags & VNET_BUFFER_F_IS_NATED)
+ goto skip_check0;
+
error0 = ((error0 == IP4_ERROR_UNKNOWN_PROTOCOL &&
dpo0->dpoi_type == DPO_RECEIVE) ?
IP4_ERROR_SPOOFED_LOCAL_PACKETS : error0);
@@ -1717,6 +1681,11 @@ ip4_local_inline (vlib_main_t * vm,
!fib_urpf_check_size (lb0->lb_urpf) &&
ip0->dst_address.as_u32 != 0xFFFFFFFF)
? IP4_ERROR_SRC_LOOKUP_MISS : error0);
+
+ skip_check0:
+ if (p1->flags & VNET_BUFFER_F_IS_NATED)
+ goto skip_checks;
+
error1 = ((error1 == IP4_ERROR_UNKNOWN_PROTOCOL &&
dpo1->dpoi_type == DPO_RECEIVE) ?
IP4_ERROR_SPOOFED_LOCAL_PACKETS : error1);
@@ -1781,13 +1750,16 @@ ip4_local_inline (vlib_main_t * vm,
until support of IP frag reassembly is implemented */
proto0 = ip4_is_fragment (ip0) ? 0xfe : ip0->protocol;
- if (head_of_feature_arc == 0)
+ if (head_of_feature_arc == 0 || p0->flags & VNET_BUFFER_F_IS_NATED)
goto skip_check;
is_udp0 = proto0 == IP_PROTOCOL_UDP;
is_tcp_udp0 = is_udp0 || proto0 == IP_PROTOCOL_TCP;
+
good_tcp_udp0 =
- (p0->flags & VNET_BUFFER_F_L4_CHECKSUM_CORRECT) != 0;
+ (p0->flags & VNET_BUFFER_F_L4_CHECKSUM_CORRECT
+ || (p0->flags & VNET_BUFFER_F_OFFLOAD_TCP_CKSUM
+ || p0->flags & VNET_BUFFER_F_OFFLOAD_UDP_CKSUM)) != 0;
if (PREDICT_FALSE (ip4_local_do_l4_check (is_tcp_udp0, p0->flags)))
{
@@ -1803,6 +1775,7 @@ ip4_local_inline (vlib_main_t * vm,
fib_index0 =
(vnet_buffer (p0)->sw_if_index[VLIB_TX] ==
(u32) ~ 0) ? fib_index0 : vnet_buffer (p0)->sw_if_index[VLIB_TX];
+ vnet_buffer (p0)->ip.fib_index = fib_index0;
mtrie0 = &ip4_fib_get (fib_index0)->mtrie;
leaf0 = ip4_fib_mtrie_lookup_step_one (mtrie0, &ip0->src_address);
leaf0 = ip4_fib_mtrie_lookup_step (mtrie0, leaf0, &ip0->src_address,
@@ -1862,8 +1835,8 @@ VLIB_REGISTER_NODE (ip4_local_node) =
.n_next_nodes = IP_LOCAL_N_NEXT,
.next_nodes =
{
- [IP_LOCAL_NEXT_DROP] = "error-drop",
- [IP_LOCAL_NEXT_PUNT] = "error-punt",
+ [IP_LOCAL_NEXT_DROP] = "ip4-drop",
+ [IP_LOCAL_NEXT_PUNT] = "ip4-punt",
[IP_LOCAL_NEXT_UDP_LOOKUP] = "ip4-udp-lookup",
[IP_LOCAL_NEXT_ICMP] = "ip4-icmp-input",
},
@@ -2093,6 +2066,10 @@ ip4_arp_inline (vlib_main_t * vm,
&im->ip4_arp_request_packet_template,
&bi0);
+ /* Seems we're out of buffers */
+ if (PREDICT_FALSE (!h0))
+ continue;
+
/* Add rewrite/encap string for ARP packet. */
vnet_rewrite_one_header (adj0[0], h0,
sizeof (ethernet_header_t));
@@ -2175,25 +2152,36 @@ static char *ip4_arp_error_strings[] = {
[IP4_ARP_ERROR_NO_SOURCE_ADDRESS] = "no source address for ARP request",
};
+/* *INDENT-OFF* */
VLIB_REGISTER_NODE (ip4_arp_node) =
{
- .function = ip4_arp,.name = "ip4-arp",.vector_size =
- sizeof (u32),.format_trace = format_ip4_forward_next_trace,.n_errors =
- ARRAY_LEN (ip4_arp_error_strings),.error_strings =
- ip4_arp_error_strings,.n_next_nodes = IP4_ARP_N_NEXT,.next_nodes =
+ .function = ip4_arp,
+ .name = "ip4-arp",
+ .vector_size = sizeof (u32),
+ .format_trace = format_ip4_forward_next_trace,
+ .n_errors = ARRAY_LEN (ip4_arp_error_strings),
+ .error_strings = ip4_arp_error_strings,
+ .n_next_nodes = IP4_ARP_N_NEXT,
+ .next_nodes =
{
- [IP4_ARP_NEXT_DROP] = "error-drop",}
-,};
+ [IP4_ARP_NEXT_DROP] = "error-drop",
+ },
+};
VLIB_REGISTER_NODE (ip4_glean_node) =
{
- .function = ip4_glean,.name = "ip4-glean",.vector_size =
- sizeof (u32),.format_trace = format_ip4_forward_next_trace,.n_errors =
- ARRAY_LEN (ip4_arp_error_strings),.error_strings =
- ip4_arp_error_strings,.n_next_nodes = IP4_ARP_N_NEXT,.next_nodes =
- {
- [IP4_ARP_NEXT_DROP] = "error-drop",}
-,};
+ .function = ip4_glean,
+ .name = "ip4-glean",
+ .vector_size = sizeof (u32),
+ .format_trace = format_ip4_forward_next_trace,
+ .n_errors = ARRAY_LEN (ip4_arp_error_strings),
+ .error_strings = ip4_arp_error_strings,
+ .n_next_nodes = IP4_ARP_N_NEXT,
+ .next_nodes = {
+ [IP4_ARP_NEXT_DROP] = "error-drop",
+ },
+};
+/* *INDENT-ON* */
#define foreach_notrace_ip4_arp_error \
_(DROP) \
@@ -2489,6 +2477,16 @@ ip4_rewrite_inline (vlib_main_t * vm,
rewrite_header.max_l3_packet_bytes ? IP4_ERROR_MTU_EXCEEDED :
error1);
+ if (is_mcast)
+ {
+ error0 = ((adj0[0].rewrite_header.sw_if_index ==
+ vnet_buffer (p0)->sw_if_index[VLIB_RX]) ?
+ IP4_ERROR_SAME_INTERFACE : error0);
+ error1 = ((adj1[0].rewrite_header.sw_if_index ==
+ vnet_buffer (p1)->sw_if_index[VLIB_RX]) ?
+ IP4_ERROR_SAME_INTERFACE : error1);
+ }
+
/* Don't adjust the buffer for ttl issue; icmp-error node wants
* to see the IP headerr */
if (PREDICT_TRUE (error0 == IP4_ERROR_NONE))
@@ -2543,8 +2541,10 @@ ip4_rewrite_inline (vlib_main_t * vm,
if (is_midchain)
{
- adj0->sub_type.midchain.fixup_func (vm, adj0, p0);
- adj1->sub_type.midchain.fixup_func (vm, adj1, p1);
+ adj0->sub_type.midchain.fixup_func
+ (vm, adj0, p0, adj0->sub_type.midchain.fixup_data);
+ adj1->sub_type.midchain.fixup_func
+ (vm, adj1, p1, adj0->sub_type.midchain.fixup_data);
}
if (is_mcast)
{
@@ -2648,7 +2648,12 @@ ip4_rewrite_inline (vlib_main_t * vm,
error0 = (vlib_buffer_length_in_chain (vm, p0)
> adj0[0].rewrite_header.max_l3_packet_bytes
? IP4_ERROR_MTU_EXCEEDED : error0);
-
+ if (is_mcast)
+ {
+ error0 = ((adj0[0].rewrite_header.sw_if_index ==
+ vnet_buffer (p0)->sw_if_index[VLIB_RX]) ?
+ IP4_ERROR_SAME_INTERFACE : error0);
+ }
p0->error = error_node->errors[error0];
/* Don't adjust the buffer for ttl issue; icmp-error node wants
@@ -2664,7 +2669,8 @@ ip4_rewrite_inline (vlib_main_t * vm,
if (is_midchain)
{
- adj0->sub_type.midchain.fixup_func (vm, adj0, p0);
+ adj0->sub_type.midchain.fixup_func
+ (vm, adj0, p0, adj0->sub_type.midchain.fixup_data);
}
if (PREDICT_FALSE
@@ -2724,7 +2730,7 @@ ip4_rewrite_inline (vlib_main_t * vm,
Next Indices:
- adj->rewrite_header.next_index
- or @c error-drop
+ or @c ip4-drop
*/
static uword
ip4_rewrite (vlib_main_t * vm,
@@ -2776,7 +2782,7 @@ VLIB_REGISTER_NODE (ip4_rewrite_node) = {
.n_next_nodes = 2,
.next_nodes = {
- [IP4_REWRITE_NEXT_DROP] = "error-drop",
+ [IP4_REWRITE_NEXT_DROP] = "ip4-drop",
[IP4_REWRITE_NEXT_ICMP_ERROR] = "ip4-icmp-error",
},
};
@@ -3184,6 +3190,29 @@ VLIB_CLI_COMMAND (set_ip_classify_command, static) =
};
/* *INDENT-ON* */
+static clib_error_t *
+ip4_config (vlib_main_t * vm, unformat_input_t * input)
+{
+ ip4_main_t *im = &ip4_main;
+ uword heapsize = 0;
+
+ while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
+ {
+ if (unformat (input, "heap-size %U", unformat_memory_size, &heapsize))
+ ;
+ else
+ return clib_error_return (0,
+ "invalid heap-size parameter `%U'",
+ format_unformat_error, input);
+ }
+
+ im->mtrie_heap_size = heapsize;
+
+ return 0;
+}
+
+VLIB_EARLY_CONFIG_FUNCTION (ip4_config, "ip");
+
/*
* fd.io coding-style-patch-verification: ON
*