X-Git-Url: https://gerrit.fd.io/r/gitweb?a=blobdiff_plain;f=src%2Fvnet%2Flisp-cp%2Fcontrol.c;h=0eb7b1d7eeda41b325f79faef6a389ea2da9e9b8;hb=101fc278c3b7009c42574a25b96c4fb7fcd15e39;hp=72af525b1117b1ca86f6cac46434ebf8db05cf22;hpb=7048ff1e3af7a3979a9134cbbb8157df8e1a8a53;p=vpp.git diff --git a/src/vnet/lisp-cp/control.c b/src/vnet/lisp-cp/control.c index 72af525b111..0eb7b1d7eed 100644 --- a/src/vnet/lisp-cp/control.c +++ b/src/vnet/lisp-cp/control.c @@ -26,13 +26,18 @@ #include #include -#include +#include #define MAX_VALUE_U24 0xffffff +/* mapping timer control constants (in seconds) */ +#define TIME_UNTIL_REFETCH_OR_DELETE 20 +#define MAPPING_TIMEOUT (((m->ttl) * 60) - TIME_UNTIL_REFETCH_OR_DELETE) + lisp_cp_main_t lisp_control_main; u8 *format_lisp_cp_input_trace (u8 * s, va_list * args); +static void *send_map_request_thread_fn (void *arg); typedef enum { @@ -71,22 +76,6 @@ auth_data_len_by_key_id (lisp_key_type_t key_id) return (u16) ~ 0; } -static const EVP_MD * -get_encrypt_fcn (lisp_key_type_t key_id) -{ - switch (key_id) - { - case HMAC_SHA_1_96: - return EVP_sha1 (); - case HMAC_SHA_256_128: - return EVP_sha256 (); - default: - clib_warning ("unsupported encryption key type: %d!", key_id); - break; - } - return 0; -} - static int queue_map_request (gid_address_t * seid, gid_address_t * deid, u8 smr_invoked, u8 is_resend); @@ -125,7 +114,7 @@ ip_interface_get_first_ip_address (lisp_cp_main_t * lcm, u32 sw_if_index, ip_lookup_main_t *lm; void *addr; - lm = (version == IP4) ? &lcm->im4->lookup_main : &lcm->im6->lookup_main; + lm = (version == AF_IP4) ? &lcm->im4->lookup_main : &lcm->im6->lookup_main; addr = ip_interface_get_first_address (lm, sw_if_index, version); if (!addr) return 0; @@ -140,19 +129,22 @@ ip_interface_get_first_ip_address (lisp_cp_main_t * lcm, u32 sw_if_index, void ip_address_to_fib_prefix (const ip_address_t * addr, fib_prefix_t * prefix) { - if (addr->version == IP4) + if (addr->version == AF_IP4) { prefix->fp_len = 32; prefix->fp_proto = FIB_PROTOCOL_IP4; - memset (&prefix->fp_addr.pad, 0, sizeof (prefix->fp_addr.pad)); - memcpy (&prefix->fp_addr.ip4, &addr->ip, sizeof (prefix->fp_addr.ip4)); + clib_memset (&prefix->fp_addr.pad, 0, sizeof (prefix->fp_addr.pad)); + memcpy (&prefix->fp_addr.ip4, &addr->ip.ip4, + sizeof (prefix->fp_addr.ip4)); } else { prefix->fp_len = 128; prefix->fp_proto = FIB_PROTOCOL_IP6; - memcpy (&prefix->fp_addr.ip6, &addr->ip, sizeof (prefix->fp_addr.ip6)); + memcpy (&prefix->fp_addr.ip6, &addr->ip.ip6, + sizeof (prefix->fp_addr.ip6)); } + prefix->___fp___pad = 0; } /** @@ -200,7 +192,7 @@ ip_fib_get_first_egress_ip_for_dst (lisp_cp_main_t * lcm, ip_address_t * dst, ipver = ip_addr_version (dst); - lm = (ipver == IP4) ? &lcm->im4->lookup_main : &lcm->im6->lookup_main; + lm = (ipver == AF_IP4) ? &lcm->im4->lookup_main : &lcm->im6->lookup_main; si = ip_fib_get_egress_iface_for_dst (lcm, dst); if ((u32) ~ 0 == si) @@ -216,7 +208,8 @@ ip_fib_get_first_egress_ip_for_dst (lisp_cp_main_t * lcm, ip_address_t * dst, } static int -dp_add_del_iface (lisp_cp_main_t * lcm, u32 vni, u8 is_l2, u8 is_add) +dp_add_del_iface (lisp_cp_main_t * lcm, u32 vni, u8 is_l2, u8 is_add, + u8 with_default_route) { uword *dp_table; @@ -246,7 +239,8 @@ dp_add_del_iface (lisp_cp_main_t * lcm, u32 vni, u8 is_l2, u8 is_add) if (is_l2) lisp_gpe_tenant_l2_iface_add_or_lock (vni, dp_table[0]); else - lisp_gpe_tenant_l3_iface_add_or_lock (vni, dp_table[0]); + lisp_gpe_tenant_l3_iface_add_or_lock (vni, dp_table[0], + with_default_route); } else { @@ -260,12 +254,12 @@ dp_add_del_iface (lisp_cp_main_t * lcm, u32 vni, u8 is_l2, u8 is_add) } static void -dp_del_fwd_entry (lisp_cp_main_t * lcm, u32 src_map_index, u32 dst_map_index) +dp_del_fwd_entry (lisp_cp_main_t * lcm, u32 dst_map_index) { vnet_lisp_gpe_add_del_fwd_entry_args_t _a, *a = &_a; fwd_entry_t *fe = 0; uword *feip = 0; - memset (a, 0, sizeof (*a)); + clib_memset (a, 0, sizeof (*a)); feip = hash_get (lcm->fwd_entry_by_mapping_index, dst_map_index); if (!feip) @@ -370,7 +364,7 @@ get_locator_pairs (lisp_cp_main_t * lcm, mapping_t * lcl_map, lcl_addr)) continue; - memset (&pair, 0, sizeof (pair)); + clib_memset (&pair, 0, sizeof (pair)); ip_address_copy (&pair.rmt_loc, &gid_address_ip (&rmt->address)); ip_address_copy (&pair.lcl_loc, lcl_addr); @@ -433,24 +427,32 @@ dp_add_fwd_entry (lisp_cp_main_t * lcm, u32 src_map_index, u32 dst_map_index) vnet_lisp_gpe_add_del_fwd_entry_args_t _a, *a = &_a; gid_address_t *rmt_eid, *lcl_eid; mapping_t *lcl_map, *rmt_map; - u32 sw_if_index; - uword *feip = 0, *dpid; + u32 sw_if_index, **rmts, rmts_idx; + uword *feip = 0, *dpid, *rmts_stored_idxp = 0; fwd_entry_t *fe; u8 type, is_src_dst = 0; int rv; - memset (a, 0, sizeof (*a)); + clib_memset (a, 0, sizeof (*a)); /* remove entry if it already exists */ feip = hash_get (lcm->fwd_entry_by_mapping_index, dst_map_index); if (feip) - dp_del_fwd_entry (lcm, src_map_index, dst_map_index); + dp_del_fwd_entry (lcm, dst_map_index); /* * Determine local mapping and eid */ - if (lcm->lisp_pitr) - lcl_map = pool_elt_at_index (lcm->mapping_pool, lcm->pitr_map_index); + if (lcm->flags & LISP_FLAG_PITR_MODE) + { + if (lcm->pitr_map_index != ~0) + lcl_map = pool_elt_at_index (lcm->mapping_pool, lcm->pitr_map_index); + else + { + clib_warning ("no PITR mapping configured!"); + return; + } + } else lcl_map = pool_elt_at_index (lcm->mapping_pool, src_map_index); lcl_eid = &lcl_map->eid; @@ -552,6 +554,23 @@ dp_add_fwd_entry (lisp_cp_main_t * lcm, u32 src_map_index, u32 dst_map_index) fe->is_src_dst = is_src_dst; hash_set (lcm->fwd_entry_by_mapping_index, dst_map_index, fe - lcm->fwd_entry_pool); + + /* Add rmt mapping to the vector of adjacent mappings to lcl mapping */ + rmts_stored_idxp = + hash_get (lcm->lcl_to_rmt_adjs_by_lcl_idx, src_map_index); + if (!rmts_stored_idxp) + { + pool_get (lcm->lcl_to_rmt_adjacencies, rmts); + clib_memset (rmts, 0, sizeof (*rmts)); + rmts_idx = rmts - lcm->lcl_to_rmt_adjacencies; + hash_set (lcm->lcl_to_rmt_adjs_by_lcl_idx, src_map_index, rmts_idx); + } + else + { + rmts_idx = (u32) (*rmts_stored_idxp); + rmts = pool_elt_at_index (lcm->lcl_to_rmt_adjacencies, rmts_idx); + } + vec_add1 (rmts[0], dst_map_index); } typedef struct @@ -574,7 +593,7 @@ dp_add_fwd_entry_from_mt (u32 si, u32 di) { fwd_entry_mt_arg_t a; - memset (&a, 0, sizeof (a)); + clib_memset (&a, 0, sizeof (a)); a.si = si; a.di = di; @@ -667,7 +686,7 @@ vnet_lisp_add_del_map_server (ip_address_t * addr, u8 is_add) return -1; } - memset (ms, 0, sizeof (*ms)); + clib_memset (ms, 0, sizeof (*ms)); ip_address_copy (&ms->address, addr); vec_add1 (lcm->map_servers, ms[0]); @@ -702,6 +721,8 @@ vnet_lisp_map_cache_add_del (vnet_lisp_add_del_mapping_args_t * a, { lisp_cp_main_t *lcm = vnet_lisp_cp_get_main (); u32 mi, *map_indexp, map_index, i; + u32 **rmts = 0, *remote_idxp, rmts_itr, remote_idx; + uword *rmts_idxp; mapping_t *m, *old_map; u32 **eid_indexes; @@ -740,6 +761,7 @@ vnet_lisp_map_cache_add_del (vnet_lisp_add_del_mapping_args_t * a, m->is_static = a->is_static; m->key = vec_dup (a->key); m->key_id = a->key_id; + m->authoritative = a->authoritative; map_index = m - lcm->mapping_pool; gid_dictionary_add_del (&lcm->mapping_index_by_gid, &a->eid, map_index, @@ -789,6 +811,21 @@ vnet_lisp_map_cache_add_del (vnet_lisp_add_del_mapping_args_t * a, m = pool_elt_at_index (lcm->mapping_pool, mi); if (m->local) { + /* Remove adjacencies associated with the local mapping */ + rmts_idxp = hash_get (lcm->lcl_to_rmt_adjs_by_lcl_idx, mi); + if (rmts_idxp) + { + rmts = + pool_elt_at_index (lcm->lcl_to_rmt_adjacencies, rmts_idxp[0]); + vec_foreach (remote_idxp, rmts[0]) + { + dp_del_fwd_entry (lcm, remote_idxp[0]); + } + vec_free (rmts[0]); + pool_put (lcm->lcl_to_rmt_adjacencies, rmts); + hash_unset (lcm->lcl_to_rmt_adjs_by_lcl_idx, mi); + } + u32 k, *lm_indexp; for (k = 0; k < vec_len (lcm->local_mappings_indexes); k++) { @@ -798,6 +835,26 @@ vnet_lisp_map_cache_add_del (vnet_lisp_add_del_mapping_args_t * a, } vec_del1 (lcm->local_mappings_indexes, k); } + else + { + /* Remove remote (if present) from the vectors of lcl-to-rmts + * TODO: Address this in a more efficient way. + */ + /* *INDENT-OFF* */ + pool_foreach (rmts, lcm->lcl_to_rmt_adjacencies, + ({ + vec_foreach_index (rmts_itr, rmts[0]) + { + remote_idx = vec_elt (rmts[0], rmts_itr); + if (mi == remote_idx) + { + vec_del1 (rmts[0], rmts_itr); + break; + } + } + })); + /* *INDENT-ON* */ + } /* remove mapping from dictionary */ gid_dictionary_add_del (&lcm->mapping_index_by_gid, &a->eid, 0, 0); @@ -845,12 +902,17 @@ vnet_lisp_add_del_local_mapping (vnet_lisp_add_del_mapping_args_t * a, return vnet_lisp_map_cache_add_del (a, map_index_result); } -static void +static int add_l2_arp_bd (BVT (clib_bihash_kv) * kvp, void *arg) { u32 **ht = arg; - u32 bd = (u32) kvp->key[0]; + u32 version = (u32) kvp->key[0]; + if (AF_IP6 == version) + return (BIHASH_WALK_CONTINUE); + + u32 bd = (u32) (kvp->key[0] >> 32); hash_set (ht[0], bd, 0); + return (BIHASH_WALK_CONTINUE); } u32 * @@ -859,8 +921,32 @@ vnet_lisp_l2_arp_bds_get (void) lisp_cp_main_t *lcm = vnet_lisp_cp_get_main (); u32 *bds = 0; - gid_dict_foreach_l2_arp_entry (&lcm->mapping_index_by_gid, - add_l2_arp_bd, &bds); + gid_dict_foreach_l2_arp_ndp_entry (&lcm->mapping_index_by_gid, + add_l2_arp_bd, &bds); + return bds; +} + +static int +add_ndp_bd (BVT (clib_bihash_kv) * kvp, void *arg) +{ + u32 **ht = arg; + u32 version = (u32) kvp->key[0]; + if (AF_IP4 == version) + return (BIHASH_WALK_CONTINUE); + + u32 bd = (u32) (kvp->key[0] >> 32); + hash_set (ht[0], bd, 0); + return (BIHASH_WALK_CONTINUE); +} + +u32 * +vnet_lisp_ndp_bds_get (void) +{ + lisp_cp_main_t *lcm = vnet_lisp_cp_get_main (); + u32 *bds = 0; + + gid_dict_foreach_l2_arp_ndp_entry (&lcm->mapping_index_by_gid, + add_ndp_bd, &bds); return bds; } @@ -868,20 +954,27 @@ typedef struct { void *vector; u32 bd; -} lisp_add_l2_arp_args_t; +} lisp_add_l2_arp_ndp_args_t; -static void +static int add_l2_arp_entry (BVT (clib_bihash_kv) * kvp, void *arg) { - lisp_add_l2_arp_args_t *a = arg; + lisp_add_l2_arp_ndp_args_t *a = arg; lisp_api_l2_arp_entry_t **vector = a->vector, e; - if ((u32) kvp->key[0] == a->bd) + u32 version = (u32) kvp->key[0]; + if (AF_IP6 == version) + return (BIHASH_WALK_CONTINUE); + + u32 bd = (u32) (kvp->key[0] >> 32); + + if (bd == a->bd) { mac_copy (e.mac, (void *) &kvp->value); e.ip4 = (u32) kvp->key[1]; vec_add1 (vector[0], e); } + return (BIHASH_WALK_CONTINUE); } lisp_api_l2_arp_entry_t * @@ -889,18 +982,54 @@ vnet_lisp_l2_arp_entries_get_by_bd (u32 bd) { lisp_api_l2_arp_entry_t *entries = 0; lisp_cp_main_t *lcm = vnet_lisp_cp_get_main (); - lisp_add_l2_arp_args_t a; + lisp_add_l2_arp_ndp_args_t a; + + a.vector = &entries; + a.bd = bd; + + gid_dict_foreach_l2_arp_ndp_entry (&lcm->mapping_index_by_gid, + add_l2_arp_entry, &a); + return entries; +} + +static int +add_ndp_entry (BVT (clib_bihash_kv) * kvp, void *arg) +{ + lisp_add_l2_arp_ndp_args_t *a = arg; + lisp_api_ndp_entry_t **vector = a->vector, e; + + u32 version = (u32) kvp->key[0]; + if (AF_IP4 == version) + return (BIHASH_WALK_CONTINUE); + + u32 bd = (u32) (kvp->key[0] >> 32); + + if (bd == a->bd) + { + mac_copy (e.mac, (void *) &kvp->value); + clib_memcpy (e.ip6, &kvp->key[1], 16); + vec_add1 (vector[0], e); + } + return (BIHASH_WALK_CONTINUE); +} + +lisp_api_ndp_entry_t * +vnet_lisp_ndp_entries_get_by_bd (u32 bd) +{ + lisp_api_ndp_entry_t *entries = 0; + lisp_cp_main_t *lcm = vnet_lisp_cp_get_main (); + lisp_add_l2_arp_ndp_args_t a; a.vector = &entries; a.bd = bd; - gid_dict_foreach_l2_arp_entry (&lcm->mapping_index_by_gid, - add_l2_arp_entry, &a); + gid_dict_foreach_l2_arp_ndp_entry (&lcm->mapping_index_by_gid, + add_ndp_entry, &a); return entries; } int -vnet_lisp_add_del_l2_arp_entry (gid_address_t * key, u8 * mac, u8 is_add) +vnet_lisp_add_del_l2_arp_ndp_entry (gid_address_t * key, u8 * mac, u8 is_add) { if (vnet_lisp_enable_disable_status () == 0) { @@ -927,7 +1056,7 @@ vnet_lisp_add_del_l2_arp_entry (gid_address_t * key, u8 * mac, u8 is_add) { if (res == GID_LOOKUP_MISS_L2) { - clib_warning ("ONE ARP entry %U not found - cannot delete!", + clib_warning ("ONE entry %U not found - cannot delete!", format_gid_address, key); return -1; } @@ -974,7 +1103,8 @@ vnet_lisp_eid_table_map (u32 vni, u32 dp_id, u8 is_l2, u8 is_add) hash_set (vni_by_dp_table[0], dp_id, vni); /* create dp iface */ - dp_add_del_iface (lcm, vni, is_l2, 1); + dp_add_del_iface (lcm, vni, is_l2, 1 /* is_add */ , + 1 /* with_default_route */ ); } else { @@ -985,7 +1115,7 @@ vnet_lisp_eid_table_map (u32 vni, u32 dp_id, u8 is_l2, u8 is_add) return -1; } /* remove dp iface */ - dp_add_del_iface (lcm, vni, is_l2, 0); + dp_add_del_iface (lcm, vni, is_l2, 0 /* is_add */ , 0 /* unused */ ); hash_unset (dp_table_by_vni[0], vni); hash_unset (vni_by_dp_table[0], dp_id); @@ -1075,7 +1205,7 @@ remove_overlapping_sub_prefixes (lisp_cp_main_t * lcm, gid_address_t * eid, gid_address_t *e; remove_mapping_args_t a; - memset (&a, 0, sizeof (a)); + clib_memset (&a, 0, sizeof (a)); /* do this only in src/dst mode ... */ if (MR_MODE_SRC_DST != lcm->map_request_mode) @@ -1096,13 +1226,13 @@ remove_overlapping_sub_prefixes (lisp_cp_main_t * lcm, gid_address_t * eid, { vnet_lisp_add_del_adjacency_args_t _adj_args, *adj_args = &_adj_args; - memset (adj_args, 0, sizeof (adj_args[0])); + clib_memset (adj_args, 0, sizeof (adj_args[0])); gid_address_copy (&adj_args->reid, e); adj_args->is_add = 0; if (vnet_lisp_add_del_adjacency (adj_args)) clib_warning ("failed to del adjacency!"); - vnet_lisp_add_del_mapping (e, 0, 0, 0, 0, 0 /* is add */ , 0, 0); + vnet_lisp_del_mapping (e, NULL); } vec_free (a.eids_to_be_deleted); @@ -1129,24 +1259,19 @@ is_local_ip (lisp_cp_main_t * lcm, ip_address_t * addr) } /** - * Adds/removes/updates mapping. Does not program forwarding. + * Adds/updates mapping. Does not program forwarding. * - * @param eid end-host identifier + * @param a parameters of the new mapping * @param rlocs vector of remote locators - * @param action action for negative map-reply - * @param is_add add mapping if non-zero, delete otherwise - * @param res_map_index the map-index that was created/updated/removed. It is - * set to ~0 if no action is taken. - * @param is_static used for distinguishing between statically learned - remote mappings and mappings obtained from MR + * @param res_map_index index of the newly created mapping + * @param locators_changed indicator if locators were updated in the mapping * @return return code */ int -vnet_lisp_add_del_mapping (gid_address_t * eid, locator_t * rlocs, u8 action, - u8 authoritative, u32 ttl, u8 is_add, u8 is_static, - u32 * res_map_index) +vnet_lisp_add_mapping (vnet_lisp_add_del_mapping_args_t * a, + locator_t * rlocs, + u32 * res_map_index, u8 * is_updated) { - vnet_lisp_add_del_mapping_args_t _m_args, *m_args = &_m_args; vnet_lisp_add_del_locator_set_args_t _ls_args, *ls_args = &_ls_args; lisp_cp_main_t *lcm = vnet_lisp_cp_get_main (); u32 mi, ls_index = 0, dst_map_index; @@ -1161,115 +1286,141 @@ vnet_lisp_add_del_mapping (gid_address_t * eid, locator_t * rlocs, u8 action, if (res_map_index) res_map_index[0] = ~0; + if (is_updated) + is_updated[0] = 0; - memset (m_args, 0, sizeof (m_args[0])); - memset (ls_args, 0, sizeof (ls_args[0])); + clib_memset (ls_args, 0, sizeof (ls_args[0])); ls_args->locators = rlocs; - - mi = gid_dictionary_lookup (&lcm->mapping_index_by_gid, eid); + mi = gid_dictionary_lookup (&lcm->mapping_index_by_gid, &a->eid); old_map = ((u32) ~ 0 != mi) ? pool_elt_at_index (lcm->mapping_pool, mi) : 0; - if (is_add) - { - /* check if none of the locators match localy configured address */ - vec_foreach (loc, rlocs) + /* check if none of the locators match locally configured address */ + vec_foreach (loc, rlocs) + { + ip_prefix_t *p = &gid_address_ippref (&loc->address); + if (is_local_ip (lcm, &ip_prefix_addr (p))) { - ip_prefix_t *p = &gid_address_ippref (&loc->address); - if (is_local_ip (lcm, &ip_prefix_addr (p))) - { - clib_warning ("RLOC %U matches a local address!", - format_gid_address, &loc->address); - return VNET_API_ERROR_LISP_RLOC_LOCAL; - } + clib_warning ("RLOC %U matches a local address!", + format_gid_address, &loc->address); + return VNET_API_ERROR_LISP_RLOC_LOCAL; } + } - /* overwrite: if mapping already exists, decide if locators should be - * updated and be done */ - if (old_map && gid_address_cmp (&old_map->eid, eid) == 0) + /* overwrite: if mapping already exists, decide if locators should be + * updated and be done */ + if (old_map && gid_address_cmp (&old_map->eid, &a->eid) == 0) + { + if (!a->is_static && (old_map->is_static || old_map->local)) { - if (!is_static && (old_map->is_static || old_map->local)) - { - /* do not overwrite local or static remote mappings */ - clib_warning ("mapping %U rejected due to collision with local " - "or static remote mapping!", format_gid_address, - eid); - return 0; - } - - locator_set_t *old_ls; - - /* update mapping attributes */ - old_map->action = action; - old_map->authoritative = authoritative; - old_map->ttl = ttl; - - old_ls = pool_elt_at_index (lcm->locator_set_pool, - old_map->locator_set_index); - if (compare_locators (lcm, old_ls->locator_indices, - ls_args->locators)) - { - /* set locator-set index to overwrite */ - ls_args->is_add = 1; - ls_args->index = old_map->locator_set_index; - vnet_lisp_add_del_locator_set (ls_args, 0); - if (res_map_index) - res_map_index[0] = mi; - } + /* do not overwrite local or static remote mappings */ + clib_warning ("mapping %U rejected due to collision with local " + "or static remote mapping!", format_gid_address, + &a->eid); + return 0; } - /* new mapping */ - else - { - remove_overlapping_sub_prefixes (lcm, eid, 0 == ls_args->locators); - ls_args->is_add = 1; - ls_args->index = ~0; + locator_set_t *old_ls; - vnet_lisp_add_del_locator_set (ls_args, &ls_index); + /* update mapping attributes */ + old_map->action = a->action; + if (old_map->action != a->action && NULL != is_updated) + is_updated[0] = 1; - /* add mapping */ - gid_address_copy (&m_args->eid, eid); - m_args->is_add = 1; - m_args->action = action; - m_args->locator_set_index = ls_index; - m_args->is_static = is_static; - m_args->ttl = ttl; - vnet_lisp_map_cache_add_del (m_args, &dst_map_index); + old_map->authoritative = a->authoritative; + old_map->ttl = a->ttl; - if (res_map_index) - res_map_index[0] = dst_map_index; + old_ls = pool_elt_at_index (lcm->locator_set_pool, + old_map->locator_set_index); + if (compare_locators (lcm, old_ls->locator_indices, ls_args->locators)) + { + /* set locator-set index to overwrite */ + ls_args->is_add = 1; + ls_args->index = old_map->locator_set_index; + vnet_lisp_add_del_locator_set (ls_args, 0); + if (is_updated) + is_updated[0] = 1; } + if (res_map_index) + res_map_index[0] = mi; } + /* new mapping */ else { - if (old_map == 0 || gid_address_cmp (&old_map->eid, eid) != 0) - { - clib_warning ("cannot delete mapping for eid %U", - format_gid_address, eid); - return -1; - } - - m_args->is_add = 0; - gid_address_copy (&m_args->eid, eid); - m_args->locator_set_index = old_map->locator_set_index; + if (is_updated) + is_updated[0] = 1; + remove_overlapping_sub_prefixes (lcm, &a->eid, 0 == ls_args->locators); - /* delete mapping associated from map-cache */ - vnet_lisp_map_cache_add_del (m_args, 0); + ls_args->is_add = 1; + ls_args->index = ~0; - ls_args->is_add = 0; - ls_args->index = old_map->locator_set_index; - /* delete locator set */ - vnet_lisp_add_del_locator_set (ls_args, 0); + vnet_lisp_add_del_locator_set (ls_args, &ls_index); - /* delete timer associated to the mapping if any */ - if (old_map->timer_set) - mapping_delete_timer (lcm, mi); + /* add mapping */ + a->is_add = 1; + a->locator_set_index = ls_index; + vnet_lisp_map_cache_add_del (a, &dst_map_index); - /* return old mapping index */ if (res_map_index) - res_map_index[0] = mi; + res_map_index[0] = dst_map_index; + } + + /* success */ + return 0; +} + +/** + * Removes a mapping. Does not program forwarding. + * + * @param eid end-host identifier + * @param res_map_index index of the removed mapping + * @return return code + */ +int +vnet_lisp_del_mapping (gid_address_t * eid, u32 * res_map_index) +{ + lisp_cp_main_t *lcm = vnet_lisp_cp_get_main (); + vnet_lisp_add_del_mapping_args_t _m_args, *m_args = &_m_args; + vnet_lisp_add_del_locator_set_args_t _ls_args, *ls_args = &_ls_args; + mapping_t *old_map; + u32 mi; + + clib_memset (ls_args, 0, sizeof (ls_args[0])); + clib_memset (m_args, 0, sizeof (m_args[0])); + if (res_map_index) + res_map_index[0] = ~0; + + mi = gid_dictionary_lookup (&lcm->mapping_index_by_gid, eid); + old_map = ((u32) ~ 0 != mi) ? pool_elt_at_index (lcm->mapping_pool, mi) : 0; + + if (old_map == 0 || gid_address_cmp (&old_map->eid, eid) != 0) + { + clib_warning ("cannot delete mapping for eid %U", + format_gid_address, eid); + return -1; } + m_args->is_add = 0; + gid_address_copy (&m_args->eid, eid); + m_args->locator_set_index = old_map->locator_set_index; + + ls_args->is_add = 0; + ls_args->index = old_map->locator_set_index; + + /* delete timer associated to the mapping if any */ + if (old_map->timer_set) + mapping_delete_timer (lcm, mi); + + /* delete locator set */ + vnet_lisp_add_del_locator_set (ls_args, 0); + + /* delete mapping associated from map-cache */ + vnet_lisp_map_cache_add_del (m_args, 0); + + /* return old mapping index */ + if (res_map_index) + res_map_index[0] = mi; + /* success */ return 0; } @@ -1295,7 +1446,7 @@ vnet_lisp_clear_all_remote_adjacencies (void) mapping_t *map = pool_elt_at_index (lcm->mapping_pool, map_indexp[0]); if (!map->local) { - dp_del_fwd_entry (lcm, 0, map_indexp[0]); + dp_del_fwd_entry (lcm, map_indexp[0]); dm_args->is_add = 0; gid_address_copy (&dm_args->eid, &map->eid); @@ -1351,8 +1502,18 @@ vnet_lisp_add_del_adjacency (vnet_lisp_add_del_adjacency_args_t * a) { /* check if source eid has an associated mapping. If pitr mode is on, * just use the pitr's mapping */ - if (lcm->lisp_pitr) - local_mi = lcm->pitr_map_index; + if (lcm->flags & LISP_FLAG_PITR_MODE) + { + if (lcm->pitr_map_index != ~0) + { + local_mi = lcm->pitr_map_index; + } + else + { + /* PITR mode is on, but no mapping is configured */ + return -1; + } + } else { if (gid_address_type (&a->reid) == GID_ADDR_NSH) @@ -1381,7 +1542,7 @@ vnet_lisp_add_del_adjacency (vnet_lisp_add_del_adjacency_args_t * a) dp_add_fwd_entry (lcm, local_mi, remote_mi); } else - dp_del_fwd_entry (lcm, 0, remote_mi); + dp_del_fwd_entry (lcm, remote_mi); return 0; } @@ -1435,7 +1596,7 @@ vnet_lisp_nsh_set_locator_set (u8 * locator_set_name, u8 is_add) locator_set_index = p[0]; pool_get (lcm->mapping_pool, m); - memset (m, 0, sizeof *m); + clib_memset (m, 0, sizeof *m); m->locator_set_index = locator_set_index; m->local = 1; m->nsh_set = 1; @@ -1487,17 +1648,12 @@ vnet_lisp_pitr_set_locator_set (u8 * locator_set_name, u8 is_add) m->local = 1; m->pitr_set = 1; lcm->pitr_map_index = m - lcm->mapping_pool; - - /* enable pitr mode */ - lcm->lisp_pitr = 1; } else { /* remove pitr mapping */ pool_put_index (lcm->mapping_pool, lcm->pitr_map_index); - - /* disable pitr mode */ - lcm->lisp_pitr = 0; + lcm->pitr_map_index = ~0; } return 0; } @@ -1545,12 +1701,12 @@ vnet_lisp_use_petr (ip_address_t * ip, u8 is_add) return VNET_API_ERROR_LISP_DISABLED; } - memset (ls_args, 0, sizeof (*ls_args)); + clib_memset (ls_args, 0, sizeof (*ls_args)); if (is_add) { /* Create dummy petr locator-set */ - memset (&loc, 0, sizeof (loc)); + clib_memset (&loc, 0, sizeof (loc)); gid_address_from_ip (&loc.address, ip); loc.priority = 1; loc.state = loc.weight = 1; @@ -1583,6 +1739,7 @@ vnet_lisp_use_petr (ip_address_t * ip, u8 is_add) /* Disable use-petr */ lcm->flags &= ~LISP_FLAG_USE_PETR; + lcm->petr_map_index = ~0; } return 0; } @@ -1639,6 +1796,7 @@ get_locator_set_index (vnet_lisp_add_del_locator_set_args_t * a, uword * p) /* find locator-set */ if (a->local) { + ASSERT (a->name); p = hash_get_mem (lcm->locator_set_index_by_name, a->name); } else @@ -1674,39 +1832,70 @@ is_locator_in_locator_set (lisp_cp_main_t * lcm, locator_set_t * ls, } static void -update_adjacencies_by_map_index (lisp_cp_main_t * lcm, u8 is_local, +update_adjacencies_by_map_index (lisp_cp_main_t * lcm, u32 mapping_index, u8 remove_only) { fwd_entry_t *fwd; mapping_t *map; + uword *fei = 0, *rmts_idxp = 0; + u32 **rmts = 0, *remote_idxp = 0, *rmts_copy = 0; vnet_lisp_add_del_adjacency_args_t _a, *a = &_a; + clib_memset (a, 0, sizeof (*a)); map = pool_elt_at_index (lcm->mapping_pool, mapping_index); - /* *INDENT-OFF* */ - pool_foreach(fwd, lcm->fwd_entry_pool, - ({ - if ((is_local && 0 == gid_address_cmp (&map->eid, &fwd->leid)) || - (!is_local && 0 == gid_address_cmp (&map->eid, &fwd->reid))) - { - a->is_add = 0; - gid_address_copy (&a->leid, &fwd->leid); - gid_address_copy (&a->reid, &fwd->reid); + if (map->local) + { + rmts_idxp = hash_get (lcm->lcl_to_rmt_adjs_by_lcl_idx, mapping_index); + if (rmts_idxp) + { + rmts = + pool_elt_at_index (lcm->lcl_to_rmt_adjacencies, rmts_idxp[0]); + rmts_copy = vec_dup (rmts[0]); - vnet_lisp_add_del_adjacency (a); + vec_foreach (remote_idxp, rmts_copy) + { + fei = hash_get (lcm->fwd_entry_by_mapping_index, remote_idxp[0]); + if (!fei) + continue; - if (!remove_only) - { - a->is_add = 1; - vnet_lisp_add_del_adjacency (a); - } - } - })); - /* *INDENT-ON* */ + fwd = pool_elt_at_index (lcm->fwd_entry_pool, fei[0]); + a->is_add = 0; + gid_address_copy (&a->leid, &fwd->leid); + gid_address_copy (&a->reid, &fwd->reid); + vnet_lisp_add_del_adjacency (a); + + if (!remove_only) + { + a->is_add = 1; + vnet_lisp_add_del_adjacency (a); + } + } + vec_free (rmts_copy); + } + } + else + { + fei = hash_get (lcm->fwd_entry_by_mapping_index, mapping_index); + if (!fei) + return; + + fwd = pool_elt_at_index (lcm->fwd_entry_pool, fei[0]); + a->is_add = 0; + gid_address_copy (&a->leid, &fwd->leid); + gid_address_copy (&a->reid, &fwd->reid); + vnet_lisp_add_del_adjacency (a); + + if (!remove_only) + { + a->is_add = 1; + vnet_lisp_add_del_adjacency (a); + } + } } static void -update_fwd_entries_by_locator_set (lisp_cp_main_t * lcm, u8 is_local, +update_fwd_entries_by_locator_set (lisp_cp_main_t * lcm, u32 ls_index, u8 remove_only) { u32 i, *map_indexp; @@ -1720,8 +1909,7 @@ update_fwd_entries_by_locator_set (lisp_cp_main_t * lcm, u8 is_local, for (i = 0; i < vec_len (eid_indexes[0]); i++) { map_indexp = vec_elt_at_index (eid_indexes[0], i); - update_adjacencies_by_map_index (lcm, is_local, map_indexp[0], - remove_only); + update_adjacencies_by_map_index (lcm, map_indexp[0], remove_only); } } @@ -1822,8 +2010,8 @@ vnet_lisp_add_del_locator (vnet_lisp_add_del_locator_set_args_t * a, removed = 1; remove_locator_from_locator_set (ls, locit, ls_index, loc_id); } - if (0 == loc->local && - !gid_address_cmp (&loc->address, &itloc->address)) + else if (0 == loc->local && + !gid_address_cmp (&loc->address, &itloc->address)) { removed = 1; remove_locator_from_locator_set (ls, locit, ls_index, loc_id); @@ -1832,7 +2020,7 @@ vnet_lisp_add_del_locator (vnet_lisp_add_del_locator_set_args_t * a, if (removed) { /* update fwd entries using this locator in DP */ - update_fwd_entries_by_locator_set (lcm, loc->local, ls_index, + update_fwd_entries_by_locator_set (lcm, ls_index, vec_len (ls->locator_indices) == 0); } @@ -1893,7 +2081,7 @@ vnet_lisp_add_del_locator_set (vnet_lisp_add_del_locator_set_args_t * a, else { pool_get (lcm->locator_set_pool, ls); - memset (ls, 0, sizeof (*ls)); + clib_memset (ls, 0, sizeof (*ls)); ls_index = ls - lcm->locator_set_pool; if (a->local) @@ -2003,10 +2191,66 @@ vnet_lisp_map_register_enable_disable (u8 is_enable) return 0; } +static void +lisp_cp_register_dst_port (vlib_main_t * vm) +{ + udp_register_dst_port (vm, UDP_DST_PORT_lisp_cp, + lisp_cp_input_node.index, 1 /* is_ip4 */ ); + udp_register_dst_port (vm, UDP_DST_PORT_lisp_cp6, + lisp_cp_input_node.index, 0 /* is_ip4 */ ); +} + +static void +lisp_cp_unregister_dst_port (vlib_main_t * vm) +{ + udp_unregister_dst_port (vm, UDP_DST_PORT_lisp_cp, 0 /* is_ip4 */ ); + udp_unregister_dst_port (vm, UDP_DST_PORT_lisp_cp6, 1 /* is_ip4 */ ); +} + +/** + * lisp_cp_enable_l2_l3_ifaces + * + * Enable all l2 and l3 ifaces + */ +static void +lisp_cp_enable_l2_l3_ifaces (lisp_cp_main_t * lcm, u8 with_default_route) +{ + u32 vni, dp_table; + + /* *INDENT-OFF* */ + hash_foreach(vni, dp_table, lcm->table_id_by_vni, ({ + dp_add_del_iface(lcm, vni, /* is_l2 */ 0, /* is_add */1, + with_default_route); + })); + hash_foreach(vni, dp_table, lcm->bd_id_by_vni, ({ + dp_add_del_iface(lcm, vni, /* is_l2 */ 1, 1, + with_default_route); + })); + /* *INDENT-ON* */ +} + +static void +lisp_cp_disable_l2_l3_ifaces (lisp_cp_main_t * lcm) +{ + u32 **rmts; + + /* clear interface table */ + hash_free (lcm->fwd_entry_by_mapping_index); + pool_free (lcm->fwd_entry_pool); + /* Clear state tracking rmt-lcl fwd entries */ + /* *INDENT-OFF* */ + pool_foreach(rmts, lcm->lcl_to_rmt_adjacencies, + { + vec_free(rmts[0]); + }); + /* *INDENT-ON* */ + hash_free (lcm->lcl_to_rmt_adjs_by_lcl_idx); + pool_free (lcm->lcl_to_rmt_adjacencies); +} + clib_error_t * vnet_lisp_enable_disable (u8 is_enable) { - u32 vni, dp_table; clib_error_t *error = 0; lisp_cp_main_t *lcm = vnet_lisp_cp_get_main (); vnet_lisp_gpe_enable_disable_args_t _a, *a = &_a; @@ -2019,26 +2263,50 @@ vnet_lisp_enable_disable (u8 is_enable) a->is_en ? "enable" : "disable"); } - if (is_enable) + /* decide what to do based on mode */ + + if (lcm->flags & LISP_FLAG_XTR_MODE) { - /* enable all l2 and l3 ifaces */ + if (is_enable) + { + lisp_cp_register_dst_port (lcm->vlib_main); + lisp_cp_enable_l2_l3_ifaces (lcm, 1 /* with_default_route */ ); + } + else + { + lisp_cp_unregister_dst_port (lcm->vlib_main); + lisp_cp_disable_l2_l3_ifaces (lcm); + } + } - /* *INDENT-OFF* */ - hash_foreach(vni, dp_table, lcm->table_id_by_vni, ({ - dp_add_del_iface(lcm, vni, 0, 1); - })); - hash_foreach(vni, dp_table, lcm->bd_id_by_vni, ({ - dp_add_del_iface(lcm, vni, /* is_l2 */ 1, 1); - })); - /* *INDENT-ON* */ + if (lcm->flags & LISP_FLAG_PETR_MODE) + { + /* if in xTR mode, the LISP ports were already (un)registered above */ + if (!(lcm->flags & LISP_FLAG_XTR_MODE)) + { + if (is_enable) + lisp_cp_register_dst_port (lcm->vlib_main); + else + lisp_cp_unregister_dst_port (lcm->vlib_main); + } } - else + + if (lcm->flags & LISP_FLAG_PITR_MODE) { - /* clear interface table */ - hash_free (lcm->fwd_entry_by_mapping_index); - pool_free (lcm->fwd_entry_pool); + if (is_enable) + { + /* install interfaces, but no default routes */ + lisp_cp_enable_l2_l3_ifaces (lcm, 0 /* with_default_route */ ); + } + else + { + lisp_cp_disable_l2_l3_ifaces (lcm); + } } + if (is_enable) + vnet_lisp_create_retry_process (lcm); + /* update global flag */ lcm->is_enabled = is_enable; @@ -2075,7 +2343,7 @@ vnet_lisp_add_del_map_resolver (vnet_lisp_add_del_map_resolver_args_t * a) return -1; } - memset (mr, 0, sizeof (*mr)); + clib_memset (mr, 0, sizeof (*mr)); ip_address_copy (&mr->address, &a->address); vec_add1 (lcm->map_resolvers, *mr); @@ -2150,7 +2418,9 @@ vnet_lisp_add_del_mreq_itr_rlocs (vnet_lisp_add_del_mreq_itr_rloc_args_t * a) #define foreach_lisp_cp_lookup_error \ _(DROP, "drop") \ _(MAP_REQUESTS_SENT, "map-request sent") \ -_(ARP_REPLY_TX, "ARP replies sent") +_(ARP_REPLY_TX, "ARP replies sent") \ +_(NDP_NEIGHBOR_ADVERTISEMENT_TX, \ + "neighbor advertisement sent") static char *lisp_cp_lookup_error_strings[] = { #define _(sym,string) string, @@ -2169,7 +2439,7 @@ typedef enum typedef enum { LISP_CP_LOOKUP_NEXT_DROP, - LISP_CP_LOOKUP_NEXT_ARP_REPLY_TX, + LISP_CP_LOOKUP_NEXT_ARP_NDP_REPLY_TX, LISP_CP_LOOKUP_N_NEXT, } lisp_cp_lookup_next_t; @@ -2236,7 +2506,7 @@ build_itr_rloc_list (lisp_cp_main_t * lcm, locator_set_t * loc_set) ip_prefix_t *ippref = &gid_address_ippref (gid); ip_address_t *rloc = &ip_prefix_addr (ippref); - memset (gid, 0, sizeof (gid[0])); + clib_memset (gid, 0, sizeof (gid[0])); gid_address_type (gid) = GID_ADDR_IP_PREFIX; for (i = 0; i < vec_len (loc_set->locator_indices); i++) { @@ -2250,7 +2520,7 @@ build_itr_rloc_list (lisp_cp_main_t * lcm, locator_set_t * loc_set) loc->sw_if_index, 1 /* unnumbered */, ({ addr = ip_interface_address_get_address (&lcm->im4->lookup_main, ia); - ip_address_set (rloc, addr, IP4); + ip_address_set (rloc, addr, AF_IP4); ip_prefix_len (ippref) = 32; ip_prefix_normalize (ippref); vec_add1 (rlocs, gid[0]); @@ -2261,7 +2531,7 @@ build_itr_rloc_list (lisp_cp_main_t * lcm, locator_set_t * loc_set) loc->sw_if_index, 1 /* unnumbered */, ({ addr = ip_interface_address_get_address (&lcm->im6->lookup_main, ia); - ip_address_set (rloc, addr, IP6); + ip_address_set (rloc, addr, AF_IP6); ip_prefix_len (ippref) = 128; ip_prefix_normalize (ippref); vec_add1 (rlocs, gid[0]); @@ -2336,7 +2606,7 @@ build_encapsulated_map_request (lisp_cp_main_t * lcm, && GID_ADDR_SRC_DST != gid_address_type (deid)) { gid_address_t sd; - memset (&sd, 0, sizeof (sd)); + clib_memset (&sd, 0, sizeof (sd)); build_src_dst (&sd, seid, deid); lisp_msg_put_mreq (lcm, b, seid, &sd, rlocs, is_smr_invoked, 0 /* rloc probe */ , nonce_res); @@ -2424,7 +2694,7 @@ add_locators (lisp_cp_main_t * lcm, mapping_t * m, u32 locator_set_index, ({ addr = ip_interface_address_get_address (&lcm->im4->lookup_main, ia); - ip_address_set (new_ip, addr, IP4); + ip_address_set (new_ip, addr, AF_IP4); })); /* Add ipv6 locators */ @@ -2433,7 +2703,7 @@ add_locators (lisp_cp_main_t * lcm, mapping_t * m, u32 locator_set_index, ({ addr = ip_interface_address_get_address (&lcm->im6->lookup_main, ia); - ip_address_set (new_ip, addr, IP6); + ip_address_set (new_ip, addr, AF_IP6); })); /* *INDENT-ON* */ @@ -2465,18 +2735,64 @@ build_map_register_record_list (lisp_cp_main_t * lcm) return recs; } +static vnet_crypto_alg_t +lisp_key_type_to_crypto_alg (lisp_key_type_t key_id) +{ + switch (key_id) + { + case HMAC_SHA_1_96: + return VNET_CRYPTO_ALG_HMAC_SHA1; + case HMAC_SHA_256_128: + return VNET_CRYPTO_ALG_HMAC_SHA256; + default: + clib_warning ("unsupported encryption key type: %d!", key_id); + break; + } + return VNET_CRYPTO_ALG_NONE; +} + +static vnet_crypto_op_id_t +lisp_key_type_to_crypto_op (lisp_key_type_t key_id) +{ + switch (key_id) + { + case HMAC_SHA_1_96: + return VNET_CRYPTO_OP_SHA1_HMAC; + case HMAC_SHA_256_128: + return VNET_CRYPTO_OP_SHA256_HMAC; + default: + clib_warning ("unsupported encryption key type: %d!", key_id); + break; + } + return VNET_CRYPTO_OP_NONE; +} + static int update_map_register_auth_data (map_register_hdr_t * map_reg_hdr, lisp_key_type_t key_id, u8 * key, u16 auth_data_len, u32 msg_len) { + lisp_cp_main_t *lcm = vnet_lisp_cp_get_main (); MREG_KEY_ID (map_reg_hdr) = clib_host_to_net_u16 (key_id); MREG_AUTH_DATA_LEN (map_reg_hdr) = clib_host_to_net_u16 (auth_data_len); + vnet_crypto_op_t _op, *op = &_op; + vnet_crypto_key_index_t ki; + + vnet_crypto_op_init (op, lisp_key_type_to_crypto_op (key_id)); + op->len = msg_len; + op->digest = MREG_DATA (map_reg_hdr); + op->src = (u8 *) map_reg_hdr; + op->digest_len = 0; + op->iv = 0; + + ki = vnet_crypto_key_add (lcm->vlib_main, + lisp_key_type_to_crypto_alg (key_id), key, + vec_len (key)); - unsigned char *result = HMAC (get_encrypt_fcn (key_id), key, vec_len (key), - (unsigned char *) map_reg_hdr, msg_len, NULL, - NULL); - clib_memcpy (MREG_DATA (map_reg_hdr), result, auth_data_len); + op->key_index = ki; + + vnet_crypto_process_ops (lcm->vlib_main, op, 1); + vnet_crypto_key_del (lcm->vlib_main, ki); return 0; } @@ -2544,6 +2860,7 @@ foreach_msmr /* CP output statistics */ #define foreach_lisp_cp_output_error \ _(MAP_REGISTERS_SENT, "map-registers sent") \ +_(MAP_REQUESTS_SENT, "map-requests sent") \ _(RLOC_PROBES_SENT, "rloc-probes sent") static char *lisp_cp_output_error_strings[] = { #define _(sym,string) string, @@ -2609,7 +2926,7 @@ send_rloc_probe (lisp_cp_main_t * lcm, gid_address_t * deid, vnet_buffer (b)->sw_if_index[VLIB_TX] = 0; - next_index = (ip_addr_version (rloc) == IP4) ? + next_index = (ip_addr_version (rloc) == AF_IP4) ? ip4_lookup_node.index : ip6_lookup_node.index; f = vlib_get_frame_to_node (lcm->vlib_main, next_index); @@ -2721,7 +3038,7 @@ send_map_register (lisp_cp_main_t * lcm, u8 want_map_notif) vnet_buffer (b)->sw_if_index[VLIB_TX] = 0; - next_index = (ip_addr_version (&lcm->active_map_server) == IP4) ? + next_index = (ip_addr_version (&lcm->active_map_server) == AF_IP4) ? ip4_lookup_node.index : ip6_lookup_node.index; f = vlib_get_frame_to_node (lcm->vlib_main, next_index); @@ -2734,7 +3051,7 @@ send_map_register (lisp_cp_main_t * lcm, u8 want_map_notif) map_registers_sent++; pool_get (lcm->pending_map_registers_pool, pmr); - memset (pmr, 0, sizeof (*pmr)); + clib_memset (pmr, 0, sizeof (*pmr)); pmr->time_to_expire = PENDING_MREG_EXPIRATION_TIME; hash_set (lcm->map_register_messages_by_nonce, nonce, pmr - lcm->pending_map_registers_pool); @@ -2789,8 +3106,10 @@ _send_encapsulated_map_request (lisp_cp_main_t * lcm, return 0; } + u8 pitr_mode = lcm->flags & LISP_FLAG_PITR_MODE; + /* get locator-set for seid */ - if (!lcm->lisp_pitr && gid_address_type (deid) != GID_ADDR_NSH) + if (!pitr_mode && gid_address_type (deid) != GID_ADDR_NSH) { map_index = gid_dictionary_lookup (&lcm->mapping_index_by_gid, seid); if (map_index == ~0) @@ -2813,10 +3132,18 @@ _send_encapsulated_map_request (lisp_cp_main_t * lcm, } else { - if (lcm->lisp_pitr) + if (pitr_mode) { - map = pool_elt_at_index (lcm->mapping_pool, lcm->pitr_map_index); - ls_index = map->locator_set_index; + if (lcm->pitr_map_index != ~0) + { + map = + pool_elt_at_index (lcm->mapping_pool, lcm->pitr_map_index); + ls_index = map->locator_set_index; + } + else + { + return -1; + } } else { @@ -2858,7 +3185,7 @@ _send_encapsulated_map_request (lisp_cp_main_t * lcm, /* set fib index to default and lookup node */ vnet_buffer (b)->sw_if_index[VLIB_TX] = 0; - next_index = (ip_addr_version (&lcm->active_map_resolver) == IP4) ? + next_index = (ip_addr_version (&lcm->active_map_resolver) == AF_IP4) ? ip4_lookup_node.index : ip6_lookup_node.index; f = vlib_get_frame_to_node (lcm->vlib_main, next_index); @@ -2869,6 +3196,9 @@ _send_encapsulated_map_request (lisp_cp_main_t * lcm, f->n_vectors = 1; vlib_put_frame_to_node (lcm->vlib_main, next_index, f); + vlib_node_increment_counter (vlib_get_main (), lisp_cp_output_node.index, + LISP_CP_OUTPUT_ERROR_MAP_REQUESTS_SENT, 1); + if (duplicate_pmr) /* if there is a pending request already update it */ { @@ -2889,7 +3219,7 @@ _send_encapsulated_map_request (lisp_cp_main_t * lcm, { /* add map-request to pending requests table */ pool_get (lcm->pending_map_requests_pool, pmr); - memset (pmr, 0, sizeof (*pmr)); + clib_memset (pmr, 0, sizeof (*pmr)); gid_address_copy (&pmr->src, seid); gid_address_copy (&pmr->dst, deid); clib_fifo_add1 (pmr->nonces, nonce); @@ -2910,14 +3240,14 @@ get_src_and_dst_ip (void *hdr, ip_address_t * src, ip_address_t * dst) if ((ip4->ip_version_and_header_length & 0xF0) == 0x40) { - ip_address_set (src, &ip4->src_address, IP4); - ip_address_set (dst, &ip4->dst_address, IP4); + ip_address_set (src, &ip4->src_address, AF_IP4); + ip_address_set (dst, &ip4->dst_address, AF_IP4); } else { ip6 = hdr; - ip_address_set (src, &ip6->src_address, IP6); - ip_address_set (dst, &ip6->dst_address, IP6); + ip_address_set (src, &ip6->src_address, AF_IP6); + ip_address_set (dst, &ip6->dst_address, AF_IP6); } } @@ -2929,7 +3259,8 @@ lisp_get_vni_from_buffer_ip (lisp_cp_main_t * lcm, vlib_buffer_t * b, u32 vni = ~0, table_id = ~0; table_id = fib_table_get_table_id_for_sw_if_index ((version == - IP4 ? FIB_PROTOCOL_IP4 : + AF_IP4 ? + FIB_PROTOCOL_IP4 : FIB_PROTOCOL_IP6), vnet_buffer (b)->sw_if_index @@ -2983,9 +3314,10 @@ get_src_and_dst_eids_from_buffer (lisp_cp_main_t * lcm, vlib_buffer_t * b, { ethernet_header_t *eh; u32 vni = 0; + icmp6_neighbor_discovery_ethernet_link_layer_address_option_t *opt; - memset (src, 0, sizeof (*src)); - memset (dst, 0, sizeof (*dst)); + clib_memset (src, 0, sizeof (*src)); + clib_memset (dst, 0, sizeof (*dst)); gid_address_type (dst) = GID_ADDR_NO_ADDRESS; gid_address_type (src) = GID_ADDR_NO_ADDRESS; @@ -3019,17 +3351,61 @@ get_src_and_dst_eids_from_buffer (lisp_cp_main_t * lcm, vlib_buffer_t * b, if (clib_net_to_host_u16 (eh->type) == ETHERNET_TYPE_ARP) { ah = (ethernet_arp_header_t *) (((u8 *) eh) + sizeof (*eh)); + gid_address_type (dst) = GID_ADDR_ARP; + if (clib_net_to_host_u16 (ah->opcode) != ETHERNET_ARP_OPCODE_request) - return; + { + clib_memset (&gid_address_arp_ndp_ip (dst), 0, + sizeof (ip_address_t)); + ip_addr_version (&gid_address_arp_ndp_ip (dst)) = AF_IP4; + gid_address_arp_ndp_bd (dst) = ~0; + return; + } - gid_address_type (dst) = GID_ADDR_ARP; gid_address_arp_bd (dst) = lisp_get_bd_from_buffer_eth (b); clib_memcpy (&gid_address_arp_ip4 (dst), &ah->ip4_over_ethernet[1].ip4, 4); } else { + if (clib_net_to_host_u16 (eh->type) == ETHERNET_TYPE_IP6) + { + ip6_header_t *ip; + ip = (ip6_header_t *) (eh + 1); + + if (IP_PROTOCOL_ICMP6 == ip->protocol) + { + icmp6_neighbor_solicitation_or_advertisement_header_t *ndh; + ndh = ip6_next_header (ip); + if (ndh->icmp.type == ICMP6_neighbor_solicitation) + { + gid_address_type (dst) = GID_ADDR_NDP; + + /* check that source link layer address option is present */ + opt = (void *) (ndh + 1); + if ((opt->header.type != + ICMP6_NEIGHBOR_DISCOVERY_OPTION_source_link_layer_address) + || (opt->header.n_data_u64s != 1)) + { + clib_memset (&gid_address_arp_ndp_ip (dst), 0, + sizeof (ip_address_t)); + ip_addr_version (&gid_address_arp_ndp_ip (dst)) = + AF_IP6; + gid_address_arp_ndp_bd (dst) = ~0; + gid_address_type (src) = GID_ADDR_NO_ADDRESS; + return; + } + + gid_address_ndp_bd (dst) = + lisp_get_bd_from_buffer_eth (b); + ip_address_set (&gid_address_arp_ndp_ip (dst), + &ndh->target_address, AF_IP6); + return; + } + } + } + gid_address_type (src) = GID_ADDR_MAC; gid_address_type (dst) = GID_ADDR_MAC; mac_copy (&gid_address_mac (src), eh->src_address); @@ -3056,6 +3432,7 @@ get_src_and_dst_eids_from_buffer (lisp_cp_main_t * lcm, vlib_buffer_t * b, gid_address_nsh_si (dst) = si; gid_address_type (dst) = GID_ADDR_NSH; + gid_address_type (src) = GID_ADDR_NSH; } } } @@ -3065,9 +3442,10 @@ lisp_cp_lookup_inline (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * from_frame, int overlay) { + icmp6_neighbor_discovery_ethernet_link_layer_address_option_t *opt; u32 *from, *to_next, di, si; lisp_cp_main_t *lcm = vnet_lisp_cp_get_main (); - u32 pkts_mapped = 0, next_index; + u32 next_index; uword n_left_from, n_left_to_next; vnet_main_t *vnm = vnet_get_main (); @@ -3088,6 +3466,9 @@ lisp_cp_lookup_inline (vlib_main_t * vm, ethernet_arp_header_t *arp0; ethernet_header_t *eth0; vnet_hw_interface_t *hw_if0; + ethernet_header_t *eh0; + icmp6_neighbor_solicitation_or_advertisement_header_t *ndh; + ip6_header_t *ip0; pi0 = from[0]; from += 1; @@ -3104,43 +3485,72 @@ lisp_cp_lookup_inline (vlib_main_t * vm, if (gid_address_type (&dst) == GID_ADDR_ARP) { mac0 = gid_dictionary_lookup (&lcm->mapping_index_by_gid, &dst); - if (GID_LOOKUP_MISS_L2 != mac0) - { - /* send ARP reply */ - - sw_if_index0 = vnet_buffer (b0)->sw_if_index[VLIB_RX]; - vnet_buffer (b0)->sw_if_index[VLIB_TX] = sw_if_index0; - - hw_if0 = vnet_get_sup_hw_interface (vnm, sw_if_index0); - - eth0 = vlib_buffer_get_current (b0); - arp0 = (ethernet_arp_header_t *) (((u8 *) eth0) - + sizeof (*eth0)); - arp0->opcode = - clib_host_to_net_u16 (ETHERNET_ARP_OPCODE_reply); - arp0->ip4_over_ethernet[1] = arp0->ip4_over_ethernet[0]; - clib_memcpy (arp0->ip4_over_ethernet[0].ethernet, - (u8 *) & mac0, 6); - clib_memcpy (&arp0->ip4_over_ethernet[0].ip4, - &gid_address_arp_ip4 (&dst), 4); - - /* Hardware must be ethernet-like. */ - ASSERT (vec_len (hw_if0->hw_address) == 6); - - clib_memcpy (eth0->dst_address, eth0->src_address, 6); - clib_memcpy (eth0->src_address, hw_if0->hw_address, 6); - - b0->error = node->errors[LISP_CP_LOOKUP_ERROR_ARP_REPLY_TX]; - next0 = LISP_CP_LOOKUP_NEXT_ARP_REPLY_TX; - vlib_validate_buffer_enqueue_x1 (vm, node, next_index, - to_next, - n_left_to_next, pi0, - next0); - } - continue; + if (GID_LOOKUP_MISS_L2 == mac0) + goto drop; + + /* send ARP reply */ + sw_if_index0 = vnet_buffer (b0)->sw_if_index[VLIB_RX]; + vnet_buffer (b0)->sw_if_index[VLIB_TX] = sw_if_index0; + + hw_if0 = vnet_get_sup_hw_interface (vnm, sw_if_index0); + + eth0 = vlib_buffer_get_current (b0); + arp0 = (ethernet_arp_header_t *) (((u8 *) eth0) + + sizeof (*eth0)); + arp0->opcode = clib_host_to_net_u16 (ETHERNET_ARP_OPCODE_reply); + arp0->ip4_over_ethernet[1] = arp0->ip4_over_ethernet[0]; + mac_address_from_u64 (&arp0->ip4_over_ethernet[0].mac, mac0); + clib_memcpy (&arp0->ip4_over_ethernet[0].ip4, + &gid_address_arp_ip4 (&dst), 4); + + /* Hardware must be ethernet-like. */ + ASSERT (vec_len (hw_if0->hw_address) == 6); + + clib_memcpy (eth0->dst_address, eth0->src_address, 6); + clib_memcpy (eth0->src_address, hw_if0->hw_address, 6); + + b0->error = node->errors[LISP_CP_LOOKUP_ERROR_ARP_REPLY_TX]; + next0 = LISP_CP_LOOKUP_NEXT_ARP_NDP_REPLY_TX; + goto enqueue; + } + else if (gid_address_type (&dst) == GID_ADDR_NDP) + { + mac0 = gid_dictionary_lookup (&lcm->mapping_index_by_gid, &dst); + if (GID_LOOKUP_MISS_L2 == mac0) + goto drop; + + sw_if_index0 = vnet_buffer (b0)->sw_if_index[VLIB_RX]; + vnet_buffer (b0)->sw_if_index[VLIB_TX] = sw_if_index0; + + eh0 = vlib_buffer_get_current (b0); + ip0 = (ip6_header_t *) (eh0 + 1); + ndh = ip6_next_header (ip0); + int bogus_length; + ip0->dst_address = ip0->src_address; + ip0->src_address = ndh->target_address; + ip0->hop_limit = 255; + opt = (void *) (ndh + 1); + opt->header.type = + ICMP6_NEIGHBOR_DISCOVERY_OPTION_target_link_layer_address; + clib_memcpy (opt->ethernet_address, (u8 *) & mac0, 6); + ndh->icmp.type = ICMP6_neighbor_advertisement; + ndh->advertisement_flags = clib_host_to_net_u32 + (ICMP6_NEIGHBOR_ADVERTISEMENT_FLAG_SOLICITED | + ICMP6_NEIGHBOR_ADVERTISEMENT_FLAG_OVERRIDE); + ndh->icmp.checksum = 0; + ndh->icmp.checksum = + ip6_tcp_udp_icmp_compute_checksum (vm, b0, ip0, + &bogus_length); + clib_memcpy (eh0->dst_address, eh0->src_address, 6); + clib_memcpy (eh0->src_address, (u8 *) & mac0, 6); + b0->error = + node->errors + [LISP_CP_LOOKUP_ERROR_NDP_NEIGHBOR_ADVERTISEMENT_TX]; + next0 = LISP_CP_LOOKUP_NEXT_ARP_NDP_REPLY_TX; + goto enqueue; } - /* if we have remote mapping for destination already in map-chache + /* if we have remote mapping for destination already in map-cache add forwarding tunnel directly. If not send a map-request */ di = gid_dictionary_sd_lookup (&lcm->mapping_index_by_gid, &dst, &src); @@ -3154,7 +3564,6 @@ lisp_cp_lookup_inline (vlib_main_t * vm, /* send map-request */ queue_map_request (&src, &dst, 0 /* smr_invoked */ , 0 /* is_resend */ ); - pkts_mapped++; } else { @@ -3177,23 +3586,24 @@ lisp_cp_lookup_inline (vlib_main_t * vm, /* send map-request */ queue_map_request (&src, &dst, 0 /* smr_invoked */ , 0 /* is_resend */ ); - pkts_mapped++; } + drop: b0->error = node->errors[LISP_CP_LOOKUP_ERROR_DROP]; + next0 = LISP_CP_LOOKUP_NEXT_DROP; + enqueue: if (PREDICT_FALSE (b0->flags & VLIB_BUFFER_IS_TRACED)) { lisp_cp_lookup_trace_t *tr = vlib_add_trace (vm, node, b0, sizeof (*tr)); - memset (tr, 0, sizeof (*tr)); + clib_memset (tr, 0, sizeof (*tr)); gid_address_copy (&tr->dst_eid, &dst); ip_address_copy (&tr->map_resolver_ip, &lcm->active_map_resolver); } gid_address_free (&dst); gid_address_free (&src); - next0 = LISP_CP_LOOKUP_NEXT_DROP; vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next, n_left_to_next, pi0, next0); @@ -3201,9 +3611,6 @@ lisp_cp_lookup_inline (vlib_main_t * vm, vlib_put_next_frame (vm, node, next_index, n_left_to_next); } - vlib_node_increment_counter (vm, node->node_index, - LISP_CP_LOOKUP_ERROR_MAP_REQUESTS_SENT, - pkts_mapped); return from_frame->n_vectors; } @@ -3251,7 +3658,7 @@ VLIB_REGISTER_NODE (lisp_cp_lookup_ip4_node) = { .next_nodes = { [LISP_CP_LOOKUP_NEXT_DROP] = "error-drop", - [LISP_CP_LOOKUP_NEXT_ARP_REPLY_TX] = "interface-output", + [LISP_CP_LOOKUP_NEXT_ARP_NDP_REPLY_TX] = "interface-output", }, }; /* *INDENT-ON* */ @@ -3271,7 +3678,7 @@ VLIB_REGISTER_NODE (lisp_cp_lookup_ip6_node) = { .next_nodes = { [LISP_CP_LOOKUP_NEXT_DROP] = "error-drop", - [LISP_CP_LOOKUP_NEXT_ARP_REPLY_TX] = "interface-output", + [LISP_CP_LOOKUP_NEXT_ARP_NDP_REPLY_TX] = "interface-output", }, }; /* *INDENT-ON* */ @@ -3291,7 +3698,7 @@ VLIB_REGISTER_NODE (lisp_cp_lookup_l2_node) = { .next_nodes = { [LISP_CP_LOOKUP_NEXT_DROP] = "error-drop", - [LISP_CP_LOOKUP_NEXT_ARP_REPLY_TX] = "interface-output", + [LISP_CP_LOOKUP_NEXT_ARP_NDP_REPLY_TX] = "interface-output", }, }; /* *INDENT-ON* */ @@ -3311,7 +3718,7 @@ VLIB_REGISTER_NODE (lisp_cp_lookup_nsh_node) = { .next_nodes = { [LISP_CP_LOOKUP_NEXT_DROP] = "error-drop", - [LISP_CP_LOOKUP_NEXT_ARP_REPLY_TX] = "interface-output", + [LISP_CP_LOOKUP_NEXT_ARP_NDP_REPLY_TX] = "interface-output", }, }; /* *INDENT-ON* */ @@ -3361,7 +3768,7 @@ remove_expired_mapping (lisp_cp_main_t * lcm, u32 mi) { mapping_t *m; vnet_lisp_add_del_adjacency_args_t _adj_args, *adj_args = &_adj_args; - memset (adj_args, 0, sizeof (adj_args[0])); + clib_memset (adj_args, 0, sizeof (adj_args[0])); m = pool_elt_at_index (lcm->mapping_pool, mi); @@ -3370,8 +3777,7 @@ remove_expired_mapping (lisp_cp_main_t * lcm, u32 mi) if (vnet_lisp_add_del_adjacency (adj_args)) clib_warning ("failed to del adjacency!"); - vnet_lisp_add_del_mapping (&m->eid, 0, 0, 0, ~0, 0 /* is_add */ , - 0 /* is_static */ , 0); + vnet_lisp_del_mapping (&m->eid, NULL); mapping_delete_timer (lcm, mi); } @@ -3390,6 +3796,73 @@ mapping_start_expiration_timer (lisp_cp_main_t * lcm, u32 mi, timing_wheel_insert (&lcm->wheel, exp_clock_time, mi); } +static void +process_expired_mapping (lisp_cp_main_t * lcm, u32 mi) +{ + int rv; + vnet_lisp_gpe_add_del_fwd_entry_args_t _a, *a = &_a; + mapping_t *m = pool_elt_at_index (lcm->mapping_pool, mi); + uword *fei; + fwd_entry_t *fe; + vlib_counter_t c; + u8 have_stats = 0; + + if (m->delete_after_expiration) + { + remove_expired_mapping (lcm, mi); + return; + } + + fei = hash_get (lcm->fwd_entry_by_mapping_index, mi); + if (!fei) + return; + + fe = pool_elt_at_index (lcm->fwd_entry_pool, fei[0]); + + clib_memset (a, 0, sizeof (*a)); + a->rmt_eid = fe->reid; + if (fe->is_src_dst) + a->lcl_eid = fe->leid; + a->vni = gid_address_vni (&fe->reid); + + rv = vnet_lisp_gpe_get_fwd_stats (a, &c); + if (0 == rv) + have_stats = 1; + + if (m->almost_expired) + { + m->almost_expired = 0; /* reset flag */ + if (have_stats) + { + if (m->packets != c.packets) + { + /* mapping is in use, re-fetch */ + map_request_args_t mr_args; + clib_memset (&mr_args, 0, sizeof (mr_args)); + mr_args.seid = fe->leid; + mr_args.deid = fe->reid; + + send_map_request_thread_fn (&mr_args); + } + else + remove_expired_mapping (lcm, mi); + } + else + remove_expired_mapping (lcm, mi); + } + else + { + m->almost_expired = 1; + mapping_start_expiration_timer (lcm, mi, TIME_UNTIL_REFETCH_OR_DELETE); + + if (have_stats) + /* save counter */ + m->packets = c.packets; + else + m->delete_after_expiration = 1; + } +} + static void map_records_arg_free (map_records_arg_t * a) { @@ -3412,6 +3885,7 @@ process_map_reply (map_records_arg_t * a) pending_map_request_t *pmr; u64 *noncep; uword *pmr_index; + u8 is_changed = 0; if (a->is_rloc_probe) goto done; @@ -3427,26 +3901,37 @@ process_map_reply (map_records_arg_t * a) vec_foreach (m, a->mappings) { + vnet_lisp_add_del_mapping_args_t _m_args, *m_args = &_m_args; + clib_memset (m_args, 0, sizeof (m_args[0])); + gid_address_copy (&m_args->eid, &m->eid); + m_args->action = m->action; + m_args->authoritative = m->authoritative; + m_args->ttl = m->ttl; + m_args->is_static = 0; + /* insert/update mappings cache */ - vnet_lisp_add_del_mapping (&m->eid, m->locators, m->action, - m->authoritative, m->ttl, - 1, 0 /* is_static */ , &dst_map_index); + vnet_lisp_add_mapping (m_args, m->locators, &dst_map_index, &is_changed); if (dst_map_index == (u32) ~ 0) continue; - /* try to program forwarding only if mapping saved or updated */ - vnet_lisp_add_del_adjacency_args_t _adj_args, *adj_args = &_adj_args; - memset (adj_args, 0, sizeof (adj_args[0])); + if (is_changed) + { + /* try to program forwarding only if mapping saved or updated */ + vnet_lisp_add_del_adjacency_args_t _adj_args, *adj_args = &_adj_args; + clib_memset (adj_args, 0, sizeof (adj_args[0])); - gid_address_copy (&adj_args->leid, &pmr->src); - gid_address_copy (&adj_args->reid, &m->eid); - adj_args->is_add = 1; - if (vnet_lisp_add_del_adjacency (adj_args)) - clib_warning ("failed to add adjacency!"); + gid_address_copy (&adj_args->leid, &pmr->src); + gid_address_copy (&adj_args->reid, &m->eid); + adj_args->is_add = 1; + + if (vnet_lisp_add_del_adjacency (adj_args)) + clib_warning ("failed to add adjacency!"); + } if ((u32) ~ 0 != m->ttl) - mapping_start_expiration_timer (lcm, dst_map_index, m->ttl * 60); + mapping_start_expiration_timer (lcm, dst_map_index, + (m->ttl == 0) ? 0 : MAPPING_TIMEOUT); } /* remove pending map request entry */ @@ -3469,9 +3954,13 @@ static int is_auth_data_valid (map_notify_hdr_t * h, u32 msg_len, lisp_key_type_t key_id, u8 * key) { + lisp_cp_main_t *lcm = vnet_lisp_cp_get_main (); u8 *auth_data = 0; u16 auth_data_len; int result; + vnet_crypto_op_t _op, *op = &_op; + vnet_crypto_key_index_t ki; + u8 out[EVP_MAX_MD_SIZE] = { 0, }; auth_data_len = auth_data_len_by_key_id (key_id); if ((u16) ~ 0 == auth_data_len) @@ -3485,13 +3974,25 @@ is_auth_data_valid (map_notify_hdr_t * h, u32 msg_len, clib_memcpy (auth_data, MNOTIFY_DATA (h), auth_data_len); /* clear auth data */ - memset (MNOTIFY_DATA (h), 0, auth_data_len); + clib_memset (MNOTIFY_DATA (h), 0, auth_data_len); + + vnet_crypto_op_init (op, lisp_key_type_to_crypto_op (key_id)); + op->len = msg_len; + op->digest = out; + op->src = (u8 *) h; + op->digest_len = 0; + op->iv = 0; - /* get hash of the message */ - unsigned char *code = HMAC (get_encrypt_fcn (key_id), key, vec_len (key), - (unsigned char *) h, msg_len, NULL, NULL); + ki = vnet_crypto_key_add (lcm->vlib_main, + lisp_key_type_to_crypto_alg (key_id), key, + vec_len (key)); - result = memcmp (code, auth_data, auth_data_len); + op->key_index = ki; + + vnet_crypto_process_ops (lcm->vlib_main, op, 1); + vnet_crypto_key_del (lcm->vlib_main, ki); + + result = memcmp (out, auth_data, auth_data_len); vec_free (auth_data); @@ -3578,7 +4079,7 @@ parse_map_records (vlib_buffer_t * b, map_records_arg_t * a, u8 count) mapping_t m; locator_t *loc; - memset (&m, 0, sizeof (m)); + clib_memset (&m, 0, sizeof (m)); /* parse record eid */ for (i = 0; i < count; i++) @@ -3633,10 +4134,10 @@ parse_map_notify (vlib_buffer_t * b) map_records_arg_t *a; a = map_record_args_get (); - memset (a, 0, sizeof (*a)); + clib_memset (a, 0, sizeof (*a)); mnotif_hdr = vlib_buffer_get_current (b); vlib_buffer_pull (b, sizeof (*mnotif_hdr)); - memset (&deid, 0, sizeof (deid)); + clib_memset (&deid, 0, sizeof (deid)); a->nonce = MNOTIFY_NONCE (mnotif_hdr); key_id = clib_net_to_host_u16 (MNOTIFY_KEY_ID (mnotif_hdr)); @@ -3719,11 +4220,11 @@ send_map_reply (lisp_cp_main_t * lcm, u32 mi, ip_address_t * dst, vec_add1 (records, m[0]); add_locators (lcm, &records[0], m->locator_set_index, probed_loc); - memset (&src, 0, sizeof (src)); + clib_memset (&src, 0, sizeof (src)); if (!ip_fib_get_first_egress_ip_for_dst (lcm, dst, &src)) { - clib_warning ("can't find inteface address for %U", format_ip_address, + clib_warning ("can't find interface address for %U", format_ip_address, dst); return -1; } @@ -3735,7 +4236,7 @@ send_map_reply (lisp_cp_main_t * lcm, u32 mi, ip_address_t * dst, free_map_register_records (records); vnet_buffer (b)->sw_if_index[VLIB_TX] = 0; - next_index = (ip_addr_version (&lcm->active_map_resolver) == IP4) ? + next_index = (ip_addr_version (&lcm->active_map_resolver) == AF_IP4) ? ip4_lookup_node.index : ip6_lookup_node.index; f = vlib_get_frame_to_node (lcm->vlib_main, next_index); @@ -3800,7 +4301,7 @@ process_map_request (vlib_main_t * vm, vlib_node_runtime_t * node, /* parse eid records and send SMR-invoked map-requests */ for (i = 0; i < MREQ_REC_COUNT (mreq_hdr); i++) { - memset (&dst, 0, sizeof (dst)); + clib_memset (&dst, 0, sizeof (dst)); len = lisp_msg_parse_eid_rec (b, &dst); if (len == ~0) { @@ -3822,7 +4323,7 @@ process_map_request (vlib_main_t * vm, vlib_node_runtime_t * node, goto done; } rloc_probe_recv++; - memset (&m, 0, sizeof (m)); + clib_memset (&m, 0, sizeof (m)); u32 mi = gid_dictionary_lookup (&lcm->mapping_index_by_gid, &dst); // TODO: select best locator; for now use the first one @@ -3858,7 +4359,7 @@ parse_map_reply (vlib_buffer_t * b) map_records_arg_t *a; a = map_record_args_get (); - memset (a, 0, sizeof (*a)); + clib_memset (a, 0, sizeof (*a)); locator_t *locators; @@ -3867,14 +4368,14 @@ parse_map_reply (vlib_buffer_t * b) a->is_rloc_probe = MREP_RLOC_PROBE (mrep_hdr); if (!vlib_buffer_has_space (b, sizeof (*mrep_hdr))) { - clib_mem_free (a); + map_records_arg_free (a); return 0; } vlib_buffer_pull (b, sizeof (*mrep_hdr)); for (i = 0; i < MREP_REC_COUNT (mrep_hdr); i++) { - memset (&m, 0, sizeof (m)); + clib_memset (&m, 0, sizeof (m)); locators = 0; h = vlib_buffer_get_current (b); @@ -4026,10 +4527,12 @@ lisp_cp_init (vlib_main_t * vm) lcm->vlib_main = vm; lcm->vnet_main = vnet_get_main (); lcm->mreq_itr_rlocs = ~0; - lcm->lisp_pitr = 0; lcm->flags = 0; - memset (&lcm->active_map_resolver, 0, sizeof (lcm->active_map_resolver)); - memset (&lcm->active_map_server, 0, sizeof (lcm->active_map_server)); + lcm->pitr_map_index = ~0; + lcm->petr_map_index = ~0; + clib_memset (&lcm->active_map_resolver, 0, + sizeof (lcm->active_map_resolver)); + clib_memset (&lcm->active_map_server, 0, sizeof (lcm->active_map_server)); gid_dictionary_init (&lcm->mapping_index_by_gid); lcm->do_map_resolver_election = 1; @@ -4043,17 +4546,14 @@ lisp_cp_init (vlib_main_t * vm) hash_set (lcm->table_id_by_vni, 0, 0); hash_set (lcm->vni_by_table_id, 0, 0); - udp_register_dst_port (vm, UDP_DST_PORT_lisp_cp, - lisp_cp_input_node.index, 1 /* is_ip4 */ ); - udp_register_dst_port (vm, UDP_DST_PORT_lisp_cp6, - lisp_cp_input_node.index, 0 /* is_ip4 */ ); - u64 now = clib_cpu_time_now (); timing_wheel_init (&lcm->wheel, now, vm->clib_time.clocks_per_second); lcm->nsh_map_index = ~0; lcm->map_register_ttl = MAP_REGISTER_DEFAULT_TTL; lcm->max_expired_map_registers = MAX_EXPIRED_MAP_REGISTERS_DEFAULT; lcm->expired_map_registers = 0; + lcm->transport_protocol = LISP_TRANSPORT_PROTOCOL_UDP; + lcm->flags |= LISP_FLAG_XTR_MODE; return 0; } @@ -4068,8 +4568,8 @@ lisp_stats_api_fill (lisp_cp_main_t * lcm, lisp_gpe_main_t * lgm, const lisp_gpe_tunnel_t *lgt; fwd_entry_t *fe; - memset (stat, 0, sizeof (*stat)); - memset (&fwd_key, 0, sizeof (fwd_key)); + clib_memset (stat, 0, sizeof (*stat)); + clib_memset (&fwd_key, 0, sizeof (fwd_key)); fe = pool_elt_at_index (lcm->fwd_entry_pool, key->fwd_entry_index); ASSERT (fe != 0); @@ -4377,7 +4877,7 @@ send_map_resolver_service (vlib_main_t * vm, u32 *mi = 0; vec_foreach (mi, expired) { - remove_expired_mapping (lcm, mi[0]); + process_expired_mapping (lcm, mi[0]); } _vec_len (expired) = 0; } @@ -4414,14 +4914,155 @@ vnet_lisp_stats_enable_disable_state (void) return lcm->flags & LISP_FLAG_STATS_ENABLED; } -/* *INDENT-OFF* */ -VLIB_REGISTER_NODE (lisp_retry_service_node,static) = { - .function = send_map_resolver_service, - .type = VLIB_NODE_TYPE_PROCESS, - .name = "lisp-retry-service", - .process_log2_n_stack_bytes = 16, -}; -/* *INDENT-ON* */ +void +vnet_lisp_create_retry_process (lisp_cp_main_t * lcm) +{ + if (lcm->retry_service_index) + return; + + lcm->retry_service_index = vlib_process_create (vlib_get_main (), + "lisp-retry-service", + send_map_resolver_service, + 16 /* stack_bytes */ ); +} + +u32 +vnet_lisp_set_transport_protocol (u8 protocol) +{ + lisp_cp_main_t *lcm = vnet_lisp_cp_get_main (); + + if (protocol < LISP_TRANSPORT_PROTOCOL_UDP || + protocol > LISP_TRANSPORT_PROTOCOL_API) + return VNET_API_ERROR_INVALID_ARGUMENT; + + lcm->transport_protocol = protocol; + return 0; +} + +lisp_transport_protocol_t +vnet_lisp_get_transport_protocol (void) +{ + lisp_cp_main_t *lcm = vnet_lisp_cp_get_main (); + return lcm->transport_protocol; +} + +int +vnet_lisp_enable_disable_xtr_mode (u8 is_enabled) +{ + lisp_cp_main_t *lcm = vnet_lisp_cp_get_main (); + u8 pitr_mode = lcm->flags & LISP_FLAG_PITR_MODE; + u8 xtr_mode = lcm->flags & LISP_FLAG_XTR_MODE; + u8 petr_mode = lcm->flags & LISP_FLAG_PETR_MODE; + + if (pitr_mode && is_enabled) + return VNET_API_ERROR_INVALID_ARGUMENT; + + if (is_enabled && xtr_mode) + return 0; + if (!is_enabled && !xtr_mode) + return 0; + + if (is_enabled) + { + if (!petr_mode) + { + lisp_cp_register_dst_port (lcm->vlib_main); + } + lisp_cp_enable_l2_l3_ifaces (lcm, 1 /* with_default_route */ ); + lcm->flags |= LISP_FLAG_XTR_MODE; + } + else + { + if (!petr_mode) + { + lisp_cp_unregister_dst_port (lcm->vlib_main); + } + lisp_cp_disable_l2_l3_ifaces (lcm); + lcm->flags &= ~LISP_FLAG_XTR_MODE; + } + return 0; +} + +int +vnet_lisp_enable_disable_pitr_mode (u8 is_enabled) +{ + lisp_cp_main_t *lcm = vnet_lisp_cp_get_main (); + u8 xtr_mode = lcm->flags & LISP_FLAG_XTR_MODE; + u8 pitr_mode = lcm->flags & LISP_FLAG_PITR_MODE; + + if (xtr_mode && is_enabled) + return VNET_API_ERROR_INVALID_VALUE; + + if (is_enabled && pitr_mode) + return 0; + if (!is_enabled && !pitr_mode) + return 0; + + if (is_enabled) + { + /* create iface, no default route */ + lisp_cp_enable_l2_l3_ifaces (lcm, 0 /* with_default_route */ ); + lcm->flags |= LISP_FLAG_PITR_MODE; + } + else + { + lisp_cp_disable_l2_l3_ifaces (lcm); + lcm->flags &= ~LISP_FLAG_PITR_MODE; + } + return 0; +} + +int +vnet_lisp_enable_disable_petr_mode (u8 is_enabled) +{ + lisp_cp_main_t *lcm = vnet_lisp_cp_get_main (); + u8 xtr_mode = lcm->flags & LISP_FLAG_XTR_MODE; + u8 petr_mode = lcm->flags & LISP_FLAG_PETR_MODE; + + if (is_enabled && petr_mode) + return 0; + if (!is_enabled && !petr_mode) + return 0; + + if (is_enabled) + { + if (!xtr_mode) + { + lisp_cp_register_dst_port (lcm->vlib_main); + } + lcm->flags |= LISP_FLAG_PETR_MODE; + } + else + { + if (!xtr_mode) + { + lisp_cp_unregister_dst_port (lcm->vlib_main); + } + lcm->flags &= ~LISP_FLAG_PETR_MODE; + } + return 0; +} + +u8 +vnet_lisp_get_xtr_mode (void) +{ + lisp_cp_main_t *lcm = vnet_lisp_cp_get_main (); + return (lcm->flags & LISP_FLAG_XTR_MODE); +} + +u8 +vnet_lisp_get_pitr_mode (void) +{ + lisp_cp_main_t *lcm = vnet_lisp_cp_get_main (); + return (lcm->flags & LISP_FLAG_PITR_MODE); +} + +u8 +vnet_lisp_get_petr_mode (void) +{ + lisp_cp_main_t *lcm = vnet_lisp_cp_get_main (); + return (lcm->flags & LISP_FLAG_PETR_MODE); +} VLIB_INIT_FUNCTION (lisp_cp_init);