X-Git-Url: https://gerrit.fd.io/r/gitweb?a=blobdiff_plain;f=src%2Fvnet%2Fip%2Fip4_forward.c;h=919718035a1daac2e34c077078bda74814357294;hb=7b4e52f88fdfd7b785a2741d3b61050040d8561d;hp=b8defc56afd989e0ac041901a6ed08411d1d0d24;hpb=2d18d2ea9f0e3d6c47d365ec135af651b14e8165;p=vpp.git diff --git a/src/vnet/ip/ip4_forward.c b/src/vnet/ip/ip4_forward.c index b8defc56afd..919718035a1 100644 --- a/src/vnet/ip/ip4_forward.c +++ b/src/vnet/ip/ip4_forward.c @@ -49,13 +49,16 @@ #include /* for FIB table and entry creation */ #include /* for FIB uRPF check */ #include +#include #include #include #include #include /* for mFIB table and entry creation */ +#include #include #include +#include /** @brief IPv4 lookup node. @node ip4-lookup @@ -637,6 +640,8 @@ void ip4_sw_interface_enable_disable (u32 sw_if_index, u32 is_enable) { ip4_main_t *im = &ip4_main; + vnet_main_t *vnm = vnet_get_main (); + vnet_hw_interface_t *hi = vnet_get_sup_hw_interface (vnm, sw_if_index); vec_validate_init_empty (im->ip_enabled_by_sw_if_index, sw_if_index, 0); @@ -661,6 +666,11 @@ ip4_sw_interface_enable_disable (u32 sw_if_index, u32 is_enable) vnet_feature_enable_disable ("ip4-multicast", "ip4-not-enabled", sw_if_index, !is_enable, 0, 0); + if (is_enable) + hi->l3_if_count++; + else if (hi->l3_if_count) + hi->l3_if_count--; + { ip4_enable_disable_interface_callback_t *cb; vec_foreach (cb, im->enable_disable_interface_callbacks) @@ -678,7 +688,7 @@ ip4_add_del_interface_address_internal (vlib_main_t * vm, ip4_main_t *im = &ip4_main; ip_lookup_main_t *lm = &im->lookup_main; clib_error_t *error = 0; - u32 if_address_index, elts_before; + u32 if_address_index; ip4_address_fib_t ip4_af, *addr_fib = 0; /* local0 interface doesn't support IP addressing */ @@ -718,6 +728,7 @@ ip4_add_del_interface_address_internal (vlib_main_t * vm, ip4_address_t * x = ip_interface_address_get_address (&im->lookup_main, ia); + if (ip4_destination_matches_route (im, address, x, ia->address_length) || ip4_destination_matches_route (im, @@ -731,11 +742,18 @@ ip4_add_del_interface_address_internal (vlib_main_t * vm, (x->as_u32 != address->as_u32)) continue; + if (ia->flags & IP_INTERFACE_ADDRESS_FLAG_STALE) + /* if the address we're comparing against is stale + * then the CP has not added this one back yet, maybe + * it never will, so we have to assume it won't and + * ignore it. if it does add it back, then it will fail + * because this one is now present */ + continue; + /* error if the length or intf was different */ - vnm->api_errno = VNET_API_ERROR_DUPLICATE_IF_ADDRESS; + vnm->api_errno = VNET_API_ERROR_ADDRESS_IN_USE; - return - clib_error_create + error = clib_error_create ("failed to add %U on %U which conflicts with %U for interface %U", format_ip4_address_and_length, address, address_length, @@ -745,6 +763,7 @@ ip4_add_del_interface_address_internal (vlib_main_t * vm, ia->address_length, format_vnet_sw_if_index_name, vnm, sif->sw_if_index); + goto done; } })); } @@ -752,14 +771,78 @@ ip4_add_del_interface_address_internal (vlib_main_t * vm, } /* *INDENT-ON* */ - elts_before = pool_elts (lm->if_address_pool); + if_address_index = ip_interface_address_find (lm, addr_fib, address_length); + + if (is_del) + { + if (~0 == if_address_index) + { + vnm->api_errno = VNET_API_ERROR_ADDRESS_NOT_FOUND_FOR_INTERFACE; + error = clib_error_create ("%U not found for interface %U", + lm->format_address_and_length, + addr_fib, address_length, + format_vnet_sw_if_index_name, vnm, + sw_if_index); + goto done; + } + + error = ip_interface_address_del (lm, vnm, if_address_index, addr_fib, + address_length, sw_if_index); + if (error) + goto done; + } + else + { + if (~0 != if_address_index) + { + ip_interface_address_t *ia; + + ia = pool_elt_at_index (lm->if_address_pool, if_address_index); + + if (ia->flags & IP_INTERFACE_ADDRESS_FLAG_STALE) + { + if (ia->sw_if_index == sw_if_index) + { + /* re-adding an address during the replace action. + * consdier this the update. clear the flag and + * we're done */ + ia->flags &= ~IP_INTERFACE_ADDRESS_FLAG_STALE; + goto done; + } + else + { + /* The prefix is moving from one interface to another. + * delete the stale and add the new */ + ip4_add_del_interface_address_internal (vm, + ia->sw_if_index, + address, + address_length, 1); + ia = NULL; + error = ip_interface_address_add (lm, sw_if_index, + addr_fib, address_length, + &if_address_index); + } + } + else + { + vnm->api_errno = VNET_API_ERROR_DUPLICATE_IF_ADDRESS; + error = clib_error_create + ("Prefix %U already found on interface %U", + lm->format_address_and_length, addr_fib, address_length, + format_vnet_sw_if_index_name, vnm, ia->sw_if_index); + } + } + else + error = ip_interface_address_add (lm, sw_if_index, + addr_fib, address_length, + &if_address_index); + } - error = ip_interface_address_add_del - (lm, sw_if_index, addr_fib, address_length, is_del, &if_address_index); if (error) goto done; ip4_sw_interface_enable_disable (sw_if_index, !is_del); + ip4_mfib_interface_enable_disable (sw_if_index, !is_del); /* intf addr routes are added/deleted on admin up/down */ if (vnet_sw_interface_is_admin_up (vnm, sw_if_index)) @@ -775,14 +858,10 @@ ip4_add_del_interface_address_internal (vlib_main_t * vm, (lm->if_address_pool, if_address_index)); } - /* If pool did not grow/shrink: add duplicate address. */ - if (elts_before != pool_elts (lm->if_address_pool)) - { - ip4_add_del_interface_address_callback_t *cb; - vec_foreach (cb, im->add_del_interface_address_callbacks) - cb->function (im, cb->function_opaque, sw_if_index, - address, address_length, if_address_index, is_del); - } + ip4_add_del_interface_address_callback_t *cb; + vec_foreach (cb, im->add_del_interface_address_callbacks) + cb->function (im, cb->function_opaque, sw_if_index, + address, address_length, if_address_index, is_del); done: vec_free (addr_fib); @@ -900,20 +979,6 @@ VNET_FEATURE_INIT (ip4_inacl, static) = { .arc_name = "ip4-unicast", .node_name = "ip4-inacl", - .runs_before = VNET_FEATURES ("ip4-source-check-via-rx"), -}; - -VNET_FEATURE_INIT (ip4_source_check_1, static) = -{ - .arc_name = "ip4-unicast", - .node_name = "ip4-source-check-via-rx", - .runs_before = VNET_FEATURES ("ip4-source-check-via-any"), -}; - -VNET_FEATURE_INIT (ip4_source_check_2, static) = -{ - .arc_name = "ip4-unicast", - .node_name = "ip4-source-check-via-any", .runs_before = VNET_FEATURES ("ip4-policer-classify"), }; @@ -1060,6 +1125,7 @@ ip4_sw_interface_add_del (vnet_main_t * vnm, u32 sw_if_index, u32 is_add) ip4_add_del_interface_address(vm, sw_if_index, address, ia->address_length, 1); })); /* *INDENT-ON* */ + ip4_mfib_interface_enable_disable (sw_if_index, 0); } vnet_feature_enable_disable ("ip4-unicast", "ip4-not-enabled", sw_if_index, @@ -1695,7 +1761,7 @@ ip4_local_inline (vlib_main_t * vm, { u32 *from, n_left_from; vlib_node_runtime_t *error_node = - vlib_node_get_runtime (vm, ip4_input_node.index); + vlib_node_get_runtime (vm, ip4_local_node.index); u16 nexts[VLIB_FRAME_SIZE], *next; vlib_buffer_t *bufs[VLIB_FRAME_SIZE], **b; ip4_header_t *ip[2]; @@ -1824,6 +1890,8 @@ VLIB_REGISTER_NODE (ip4_local_node) = .name = "ip4-local", .vector_size = sizeof (u32), .format_trace = format_ip4_forward_next_trace, + .n_errors = IP4_N_ERROR, + .error_strings = ip4_error_strings, .n_next_nodes = IP_LOCAL_N_NEXT, .next_nodes = { @@ -1984,10 +2052,7 @@ ip4_ttl_inc (vlib_buffer_t * b, ip4_header_t * ip) i32 ttl; u32 checksum; if (PREDICT_FALSE (b->flags & VNET_BUFFER_F_LOCALLY_ORIGINATED)) - { - b->flags &= ~VNET_BUFFER_F_LOCALLY_ORIGINATED; - return; - } + return; ttl = ip->ttl; @@ -1998,7 +2063,7 @@ ip4_ttl_inc (vlib_buffer_t * b, ip4_header_t * ip) ttl += 1; ip->ttl = ttl; - ASSERT (ip->checksum == ip4_header_checksum (ip)); + ASSERT (ip4_header_checksum_is_valid (ip)); } /* Decrement TTL & update checksum. @@ -2010,10 +2075,7 @@ ip4_ttl_and_checksum_check (vlib_buffer_t * b, ip4_header_t * ip, u16 * next, i32 ttl; u32 checksum; if (PREDICT_FALSE (b->flags & VNET_BUFFER_F_LOCALLY_ORIGINATED)) - { - b->flags &= ~VNET_BUFFER_F_LOCALLY_ORIGINATED; - return; - } + return; ttl = ip->ttl; @@ -2042,7 +2104,7 @@ ip4_ttl_and_checksum_check (vlib_buffer_t * b, ip4_header_t * ip, u16 * next, } /* Verify checksum. */ - ASSERT ((ip->checksum == ip4_header_checksum (ip)) || + ASSERT (ip4_header_checksum_is_valid (ip) || (b->flags & VNET_BUFFER_F_OFFLOAD_IP_CKSUM)); } @@ -2171,11 +2233,15 @@ ip4_rewrite_inline_with_gso (vlib_main_t * vm, if (PREDICT_FALSE (adj0[0].rewrite_header.flags & VNET_REWRITE_HAS_FEATURES)) - vnet_feature_arc_start (lm->output_feature_arc_index, - tx_sw_if_index0, &next_index, b[0]); + vnet_feature_arc_start_w_cfg_index (lm->output_feature_arc_index, + tx_sw_if_index0, + &next_index, b[0], + adj0->ia_cfg_index); + next[0] = next_index; if (is_midchain) - calc_checksums (vm, b[0]); + vnet_calc_checksums_inline (vm, b[0], 1 /* is_ip4 */ , + 0 /* is_ip6 */ ); } else { @@ -2193,11 +2259,14 @@ ip4_rewrite_inline_with_gso (vlib_main_t * vm, if (PREDICT_FALSE (adj1[0].rewrite_header.flags & VNET_REWRITE_HAS_FEATURES)) - vnet_feature_arc_start (lm->output_feature_arc_index, - tx_sw_if_index1, &next_index, b[1]); + vnet_feature_arc_start_w_cfg_index (lm->output_feature_arc_index, + tx_sw_if_index1, + &next_index, b[1], + adj1->ia_cfg_index); next[1] = next_index; if (is_midchain) - calc_checksums (vm, b[1]); + vnet_calc_checksums_inline (vm, b[1], 1 /* is_ip4 */ , + 0 /* is_ip6 */ ); } else { @@ -2206,9 +2275,14 @@ ip4_rewrite_inline_with_gso (vlib_main_t * vm, ip4_ttl_inc (b[1], ip1); } - /* Guess we are only writing on simple Ethernet header. */ - vnet_rewrite_two_headers (adj0[0], adj1[0], - ip0, ip1, sizeof (ethernet_header_t)); + if (is_midchain) + /* Guess we are only writing on ipv4 header. */ + vnet_rewrite_two_headers (adj0[0], adj1[0], + ip0, ip1, sizeof (ip4_header_t)); + else + /* Guess we are only writing on simple Ethernet header. */ + vnet_rewrite_two_headers (adj0[0], adj1[0], + ip0, ip1, sizeof (ethernet_header_t)); if (do_counters) { @@ -2229,12 +2303,10 @@ ip4_rewrite_inline_with_gso (vlib_main_t * vm, if (is_midchain) { - if (error0 == IP4_ERROR_NONE && adj0->sub_type.midchain.fixup_func) - adj0->sub_type.midchain.fixup_func - (vm, adj0, b[0], adj0->sub_type.midchain.fixup_data); - if (error1 == IP4_ERROR_NONE && adj1->sub_type.midchain.fixup_func) - adj1->sub_type.midchain.fixup_func - (vm, adj1, b[1], adj1->sub_type.midchain.fixup_data); + if (error0 == IP4_ERROR_NONE) + adj_midchain_fixup (vm, adj0, b[0]); + if (error1 == IP4_ERROR_NONE) + adj_midchain_fixup (vm, adj1, b[1]); } if (is_mcast) @@ -2336,15 +2408,24 @@ ip4_rewrite_inline_with_gso (vlib_main_t * vm, if (PREDICT_FALSE (adj0[0].rewrite_header.flags & VNET_REWRITE_HAS_FEATURES)) - vnet_feature_arc_start (lm->output_feature_arc_index, - tx_sw_if_index0, &next_index, b[0]); + vnet_feature_arc_start_w_cfg_index (lm->output_feature_arc_index, + tx_sw_if_index0, + &next_index, b[0], + adj0->ia_cfg_index); next[0] = next_index; if (is_midchain) - calc_checksums (vm, b[0]); + { + vnet_calc_checksums_inline (vm, b[0], 1 /* is_ip4 */ , + 0 /* is_ip6 */ ); - /* Guess we are only writing on simple Ethernet header. */ - vnet_rewrite_one_header (adj0[0], ip0, sizeof (ethernet_header_t)); + /* Guess we are only writing on ipv4 header. */ + vnet_rewrite_one_header (adj0[0], ip0, sizeof (ip4_header_t)); + } + else + /* Guess we are only writing on simple Ethernet header. */ + vnet_rewrite_one_header (adj0[0], ip0, + sizeof (ethernet_header_t)); /* * Bump the per-adjacency counters @@ -2356,9 +2437,8 @@ ip4_rewrite_inline_with_gso (vlib_main_t * vm, adj_index0, 1, vlib_buffer_length_in_chain (vm, b[0]) + rw_len0); - if (is_midchain && adj0->sub_type.midchain.fixup_func) - adj0->sub_type.midchain.fixup_func - (vm, adj0, b[0], adj0->sub_type.midchain.fixup_data); + if (is_midchain) + adj_midchain_fixup (vm, adj0, b[0]); if (is_mcast) /* copy bytes from the IP address into the MAC rewrite */ @@ -2434,16 +2514,25 @@ ip4_rewrite_inline_with_gso (vlib_main_t * vm, if (PREDICT_FALSE (adj0[0].rewrite_header.flags & VNET_REWRITE_HAS_FEATURES)) - vnet_feature_arc_start (lm->output_feature_arc_index, - tx_sw_if_index0, &next_index, b[0]); + vnet_feature_arc_start_w_cfg_index (lm->output_feature_arc_index, + tx_sw_if_index0, + &next_index, b[0], + adj0->ia_cfg_index); next[0] = next_index; if (is_midchain) - /* this acts on the packet that is about to be encapped */ - calc_checksums (vm, b[0]); + { + /* this acts on the packet that is about to be encapped */ + vnet_calc_checksums_inline (vm, b[0], 1 /* is_ip4 */ , + 0 /* is_ip6 */ ); - /* Guess we are only writing on simple Ethernet header. */ - vnet_rewrite_one_header (adj0[0], ip0, sizeof (ethernet_header_t)); + /* Guess we are only writing on ipv4 header. */ + vnet_rewrite_one_header (adj0[0], ip0, sizeof (ip4_header_t)); + } + else + /* Guess we are only writing on simple Ethernet header. */ + vnet_rewrite_one_header (adj0[0], ip0, + sizeof (ethernet_header_t)); if (do_counters) vlib_increment_combined_counter @@ -2998,29 +3087,6 @@ VLIB_CLI_COMMAND (set_ip_classify_command, static) = }; /* *INDENT-ON* */ -static clib_error_t * -ip4_config (vlib_main_t * vm, unformat_input_t * input) -{ - ip4_main_t *im = &ip4_main; - uword heapsize = 0; - - while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) - { - if (unformat (input, "heap-size %U", unformat_memory_size, &heapsize)) - ; - else - return clib_error_return (0, - "invalid heap-size parameter `%U'", - format_unformat_error, input); - } - - im->mtrie_heap_size = heapsize; - - return 0; -} - -VLIB_EARLY_CONFIG_FUNCTION (ip4_config, "ip"); - /* * fd.io coding-style-patch-verification: ON *