X-Git-Url: https://gerrit.fd.io/r/gitweb?a=blobdiff_plain;f=src%2Fvnet%2Fsession%2Fsession_lookup.c;h=c410dab121fa764684814f069a0f9ad48e5284ed;hb=7c03ed4;hp=68886a09456a2c71994c30461e0eeac4f98b7fa7;hpb=561af9b441c7392cf391dd46399b0b16b876a08a;p=vpp.git diff --git a/src/vnet/session/session_lookup.c b/src/vnet/session/session_lookup.c index 68886a09456..c410dab121f 100644 --- a/src/vnet/session/session_lookup.c +++ b/src/vnet/session/session_lookup.c @@ -86,14 +86,8 @@ always_inline void make_v4_ss_kv (session_kv4_t * kv, ip4_address_t * lcl, ip4_address_t * rmt, u16 lcl_port, u16 rmt_port, u8 proto) { - v4_connection_key_t *key = (v4_connection_key_t *) kv->key; - - key->src.as_u32 = lcl->as_u32; - key->dst.as_u32 = rmt->as_u32; - key->src_port = lcl_port; - key->dst_port = rmt_port; - key->proto = proto; - + kv->key[0] = (u64) rmt->as_u32 << 32 | (u64) lcl->as_u32; + kv->key[1] = (u64) proto << 32 | (u64) rmt_port << 16 | (u64) lcl_port; kv->value = ~0ULL; } @@ -101,28 +95,16 @@ always_inline void make_v4_listener_kv (session_kv4_t * kv, ip4_address_t * lcl, u16 lcl_port, u8 proto) { - v4_connection_key_t *key = (v4_connection_key_t *) kv->key; - - key->src.as_u32 = lcl->as_u32; - key->dst.as_u32 = 0; - key->src_port = lcl_port; - key->dst_port = 0; - key->proto = proto; - + kv->key[0] = (u64) lcl->as_u32; + kv->key[1] = (u64) proto << 32 | (u64) lcl_port; kv->value = ~0ULL; } always_inline void make_v4_proxy_kv (session_kv4_t * kv, ip4_address_t * lcl, u8 proto) { - v4_connection_key_t *key = (v4_connection_key_t *) kv->key; - - key->src.as_u32 = lcl->as_u32; - key->dst.as_u32 = 0; - key->src_port = 0; - key->dst_port = 0; - key->proto = proto; - + kv->key[0] = (u64) lcl->as_u32; + kv->key[1] = (u64) proto << 32; kv->value = ~0ULL; } @@ -137,17 +119,12 @@ always_inline void make_v6_ss_kv (session_kv6_t * kv, ip6_address_t * lcl, ip6_address_t * rmt, u16 lcl_port, u16 rmt_port, u8 proto) { - v6_connection_key_t *key = (v6_connection_key_t *) kv->key; - - key->src.as_u64[0] = lcl->as_u64[0]; - key->src.as_u64[1] = lcl->as_u64[1]; - key->dst.as_u64[0] = rmt->as_u64[0]; - key->dst.as_u64[1] = rmt->as_u64[1]; - key->src_port = lcl_port; - key->dst_port = rmt_port; - key->proto = proto; - key->unused = 0; - + kv->key[0] = lcl->as_u64[0]; + kv->key[1] = lcl->as_u64[1]; + kv->key[2] = rmt->as_u64[0]; + kv->key[3] = rmt->as_u64[1]; + kv->key[4] = (u64) proto << 32 | (u64) rmt_port << 16 | (u64) lcl_port; + kv->key[5] = 0; kv->value = ~0ULL; } @@ -155,34 +132,24 @@ always_inline void make_v6_listener_kv (session_kv6_t * kv, ip6_address_t * lcl, u16 lcl_port, u8 proto) { - v6_connection_key_t *key = (v6_connection_key_t *) kv->key; - - key->src.as_u64[0] = lcl->as_u64[0]; - key->src.as_u64[1] = lcl->as_u64[1]; - key->dst.as_u64[0] = 0; - key->dst.as_u64[1] = 0; - key->src_port = lcl_port; - key->dst_port = 0; - key->proto = proto; - key->unused = 0; - + kv->key[0] = lcl->as_u64[0]; + kv->key[1] = lcl->as_u64[1]; + kv->key[2] = 0; + kv->key[3] = 0; + kv->key[4] = (u64) proto << 32 | (u64) lcl_port; + kv->key[5] = 0; kv->value = ~0ULL; } always_inline void make_v6_proxy_kv (session_kv6_t * kv, ip6_address_t * lcl, u8 proto) { - v6_connection_key_t *key = (v6_connection_key_t *) kv->key; - - key->src.as_u64[0] = lcl->as_u64[0]; - key->src.as_u64[1] = lcl->as_u64[1]; - key->dst.as_u64[0] = 0; - key->dst.as_u64[1] = 0; - key->src_port = 0; - key->dst_port = 0; - key->proto = proto; - key->unused = 0; - + kv->key[0] = lcl->as_u64[0]; + kv->key[1] = lcl->as_u64[1]; + kv->key[2] = 0; + kv->key[3] = 0; + kv->key[4] = (u64) proto << 32; + kv->key[5] = 0; kv->value = ~0ULL; } @@ -205,6 +172,7 @@ session_table_get_or_alloc (u8 fib_proto, u8 fib_index) vec_validate (fib_index_to_table_index[fib_proto], fib_index); fib_index_to_table_index[fib_proto][fib_index] = table_index; st->active_fib_proto = fib_proto; + session_table_init (st, fib_proto); return st; } else @@ -387,17 +355,18 @@ session_lookup_action_index_is_valid (u32 action_index) return 1; } -static u32 -session_lookup_action_to_app_index (u32 action_index) +static u64 +session_lookup_action_to_handle (u32 action_index) { switch (action_index) { case SESSION_RULES_TABLE_ACTION_DROP: - return APP_DROP_INDEX; + return SESSION_DROP_HANDLE; case SESSION_RULES_TABLE_ACTION_ALLOW: case SESSION_RULES_TABLE_INVALID_INDEX: - return APP_INVALID_INDEX; + return SESSION_INVALID_HANDLE; default: + /* application index */ return action_index; } } @@ -411,7 +380,8 @@ session_lookup_app_listen_session (u32 app_index, u8 fib_proto, if (!app) return 0; - return application_first_listener (app, fib_proto, transport_proto); + return app_worker_first_listener (application_get_default_worker (app), + fib_proto, transport_proto); } static stream_session_t * @@ -419,12 +389,13 @@ session_lookup_action_to_session (u32 action_index, u8 fib_proto, u8 transport_proto) { u32 app_index; - app_index = session_lookup_action_to_app_index (action_index); + app_index = session_lookup_action_to_handle (action_index); /* Nothing sophisticated for now, action index is app index */ return session_lookup_app_listen_session (app_index, fib_proto, transport_proto); } +/** UNUSED */ stream_session_t * session_lookup_rules_table_session4 (session_table_t * st, u8 proto, ip4_address_t * lcl, u16 lcl_port, @@ -434,12 +405,13 @@ session_lookup_rules_table_session4 (session_table_t * st, u8 proto, u32 action_index, app_index; action_index = session_rules_table_lookup4 (srt, lcl, rmt, lcl_port, rmt_port); - app_index = session_lookup_action_to_app_index (action_index); + app_index = session_lookup_action_to_handle (action_index); /* Nothing sophisticated for now, action index is app index */ return session_lookup_app_listen_session (app_index, FIB_PROTOCOL_IP4, proto); } +/** UNUSED */ stream_session_t * session_lookup_rules_table_session6 (session_table_t * st, u8 proto, ip6_address_t * lcl, u16 lcl_port, @@ -449,7 +421,7 @@ session_lookup_rules_table_session6 (session_table_t * st, u8 proto, u32 action_index, app_index; action_index = session_rules_table_lookup6 (srt, lcl, rmt, lcl_port, rmt_port); - app_index = session_lookup_action_to_app_index (action_index); + app_index = session_lookup_action_to_handle (action_index); return session_lookup_app_listen_session (app_index, FIB_PROTOCOL_IP6, proto); } @@ -462,7 +434,7 @@ session_lookup_rules_table_session6 (session_table_t * st, u8 proto, * @param use_rules flag that indicates if the session rules of the table * should be used * @return invalid handle if nothing is found, the handle of a valid listener - * or an action_index if a rule is hit + * or an action derived handle if a rule is hit */ u64 session_lookup_endpoint_listener (u32 table_index, session_endpoint_t * sep, @@ -488,12 +460,12 @@ session_lookup_endpoint_listener (u32 table_index, session_endpoint_t * sep, return kv4.value; if (use_rules) { - memset (&lcl4, 0, sizeof (lcl4)); + clib_memset (&lcl4, 0, sizeof (lcl4)); srt = &st->session_rules[sep->transport_proto]; ai = session_rules_table_lookup4 (srt, &lcl4, &sep->ip.ip4, 0, sep->port); if (session_lookup_action_index_is_valid (ai)) - return session_lookup_action_to_app_index (ai); + return session_lookup_action_to_handle (ai); } } else @@ -509,12 +481,12 @@ session_lookup_endpoint_listener (u32 table_index, session_endpoint_t * sep, if (use_rules) { - memset (&lcl6, 0, sizeof (lcl6)); + clib_memset (&lcl6, 0, sizeof (lcl6)); srt = &st->session_rules[sep->transport_proto]; ai = session_rules_table_lookup6 (srt, &lcl6, &sep->ip.ip6, 0, sep->port); if (session_lookup_action_index_is_valid (ai)) - return session_lookup_action_to_app_index (ai); + return session_lookup_action_to_handle (ai); } } return SESSION_INVALID_HANDLE; @@ -534,9 +506,9 @@ session_lookup_endpoint_listener (u32 table_index, session_endpoint_t * sep, * * @param table_index table where the lookup should be done * @param sep session endpoint to be looked up - * @return index that can be interpreted as an app index or drop action. + * @return session handle that can be interpreted as an adjacency */ -u32 +u64 session_lookup_local_endpoint (u32 table_index, session_endpoint_t * sep) { session_rules_table_t *srt; @@ -557,12 +529,12 @@ session_lookup_local_endpoint (u32 table_index, session_endpoint_t * sep) /* * Check if endpoint has special rules associated */ - memset (&lcl4, 0, sizeof (lcl4)); + clib_memset (&lcl4, 0, sizeof (lcl4)); srt = &st->session_rules[sep->transport_proto]; ai = session_rules_table_lookup4 (srt, &lcl4, &sep->ip.ip4, 0, sep->port); if (session_lookup_action_index_is_valid (ai)) - return session_lookup_action_to_app_index (ai); + return session_lookup_action_to_handle (ai); /* * Check if session endpoint is a listener @@ -571,16 +543,23 @@ session_lookup_local_endpoint (u32 table_index, session_endpoint_t * sep) sep->transport_proto); rv = clib_bihash_search_inline_16_8 (&st->v4_session_hash, &kv4); if (rv == 0) - return (u32) kv4.value; + return kv4.value; /* * Zero out the ip. Logic is that connect to local ips, say * 127.0.0.1:port, can match 0.0.0.0:port */ - kv4.key[0] = 0; - rv = clib_bihash_search_inline_16_8 (&st->v4_session_hash, &kv4); - if (rv == 0) - return (u32) kv4.value; + if (ip4_is_local_host (&sep->ip.ip4)) + { + kv4.key[0] = 0; + rv = clib_bihash_search_inline_16_8 (&st->v4_session_hash, &kv4); + if (rv == 0) + return kv4.value; + } + else + { + kv4.key[0] = 0; + } /* * Zero out the port and check if we have proxy @@ -588,33 +567,41 @@ session_lookup_local_endpoint (u32 table_index, session_endpoint_t * sep) kv4.key[1] = 0; rv = clib_bihash_search_inline_16_8 (&st->v4_session_hash, &kv4); if (rv == 0) - return (u32) kv4.value; + return kv4.value; } else { session_kv6_t kv6; ip6_address_t lcl6; - memset (&lcl6, 0, sizeof (lcl6)); + clib_memset (&lcl6, 0, sizeof (lcl6)); srt = &st->session_rules[sep->transport_proto]; ai = session_rules_table_lookup6 (srt, &lcl6, &sep->ip.ip6, 0, sep->port); if (session_lookup_action_index_is_valid (ai)) - return session_lookup_action_to_app_index (ai); + return session_lookup_action_to_handle (ai); make_v6_listener_kv (&kv6, &sep->ip.ip6, sep->port, sep->transport_proto); rv = clib_bihash_search_inline_48_8 (&st->v6_session_hash, &kv6); if (rv == 0) - return (u32) kv6.value; + return kv6.value; /* * Zero out the ip. Same logic as above. */ - kv6.key[0] = kv6.key[1] = 0; - rv = clib_bihash_search_inline_48_8 (&st->v6_session_hash, &kv6); - if (rv == 0) - return (u32) kv6.value; + + if (ip6_is_local_host (&sep->ip.ip6)) + { + kv6.key[0] = kv6.key[1] = 0; + rv = clib_bihash_search_inline_48_8 (&st->v6_session_hash, &kv6); + if (rv == 0) + return kv6.value; + } + else + { + kv6.key[0] = kv6.key[1] = 0; + } /* * Zero out the port. Same logic as above. @@ -622,35 +609,40 @@ session_lookup_local_endpoint (u32 table_index, session_endpoint_t * sep) kv6.key[4] = kv6.key[5] = 0; rv = clib_bihash_search_inline_48_8 (&st->v6_session_hash, &kv6); if (rv == 0) - return (u32) kv6.value; + return kv6.value; } - return APP_INVALID_INDEX; + return SESSION_INVALID_HANDLE; } -static stream_session_t * +static inline stream_session_t * session_lookup_listener4_i (session_table_t * st, ip4_address_t * lcl, - u16 lcl_port, u8 proto) + u16 lcl_port, u8 proto, u8 use_wildcard) { session_kv4_t kv4; int rv; - session_type_t session_type; /* * First, try a fully formed listener */ - session_type = session_type_from_proto_and_ip (proto, 1); make_v4_listener_kv (&kv4, lcl, lcl_port, proto); rv = clib_bihash_search_inline_16_8 (&st->v4_session_hash, &kv4); if (rv == 0) - return session_manager_get_listener (session_type, (u32) kv4.value); + return listen_session_get ((u32) kv4.value); /* * Zero out the lcl ip and check if any 0/0 port binds have been done */ - kv4.key[0] = 0; - rv = clib_bihash_search_inline_16_8 (&st->v4_session_hash, &kv4); - if (rv == 0) - return session_manager_get_listener (session_type, (u32) kv4.value); + if (use_wildcard) + { + kv4.key[0] = 0; + rv = clib_bihash_search_inline_16_8 (&st->v4_session_hash, &kv4); + if (rv == 0) + return listen_session_get ((u32) kv4.value); + } + else + { + kv4.key[0] = 0; + } /* * Zero out port and check if we have a proxy set up for our ip @@ -658,7 +650,7 @@ session_lookup_listener4_i (session_table_t * st, ip4_address_t * lcl, make_v4_proxy_kv (&kv4, lcl, proto); rv = clib_bihash_search_inline_16_8 (&st->v4_session_hash, &kv4); if (rv == 0) - return session_manager_get_listener (session_type, (u32) kv4.value); + return listen_session_get ((u32) kv4.value); return 0; } @@ -671,33 +663,38 @@ session_lookup_listener4 (u32 fib_index, ip4_address_t * lcl, u16 lcl_port, st = session_table_get_for_fib_index (FIB_PROTOCOL_IP4, fib_index); if (!st) return 0; - return session_lookup_listener4_i (st, lcl, lcl_port, proto); + return session_lookup_listener4_i (st, lcl, lcl_port, proto, 0); } static stream_session_t * session_lookup_listener6_i (session_table_t * st, ip6_address_t * lcl, - u16 lcl_port, u8 proto) + u16 lcl_port, u8 proto, u8 ip_wildcard) { session_kv6_t kv6; int rv; - session_type_t session_type; - session_type = session_type_from_proto_and_ip (proto, 0); make_v6_listener_kv (&kv6, lcl, lcl_port, proto); rv = clib_bihash_search_inline_48_8 (&st->v6_session_hash, &kv6); if (rv == 0) - return session_manager_get_listener (session_type, (u32) kv6.value); + return listen_session_get ((u32) kv6.value); /* Zero out the lcl ip */ - kv6.key[0] = kv6.key[1] = 0; - rv = clib_bihash_search_inline_48_8 (&st->v6_session_hash, &kv6); - if (rv == 0) - return session_manager_get_listener (session_type, (u32) kv6.value); + if (ip_wildcard) + { + kv6.key[0] = kv6.key[1] = 0; + rv = clib_bihash_search_inline_48_8 (&st->v6_session_hash, &kv6); + if (rv == 0) + return listen_session_get ((u32) kv6.value); + } + else + { + kv6.key[0] = kv6.key[1] = 0; + } make_v6_proxy_kv (&kv6, lcl, proto); rv = clib_bihash_search_inline_48_8 (&st->v6_session_hash, &kv6); if (rv == 0) - return session_manager_get_listener (session_type, (u32) kv6.value); + return listen_session_get ((u32) kv6.value); return 0; } @@ -709,9 +706,12 @@ session_lookup_listener6 (u32 fib_index, ip6_address_t * lcl, u16 lcl_port, st = session_table_get_for_fib_index (FIB_PROTOCOL_IP6, fib_index); if (!st) return 0; - return session_lookup_listener6_i (st, lcl, lcl_port, proto); + return session_lookup_listener6_i (st, lcl, lcl_port, proto, 1); } +/** + * Lookup listener, exact or proxy (inaddr_any:0) match + */ stream_session_t * session_lookup_listener (u32 table_index, session_endpoint_t * sep) { @@ -721,10 +721,10 @@ session_lookup_listener (u32 table_index, session_endpoint_t * sep) return 0; if (sep->is_ip4) return session_lookup_listener4_i (st, &sep->ip.ip4, sep->port, - sep->transport_proto); + sep->transport_proto, 0); else return session_lookup_listener6_i (st, &sep->ip.ip6, sep->port, - sep->transport_proto); + sep->transport_proto, 0); return 0; } @@ -902,7 +902,7 @@ session_lookup_connection_wt4 (u32 fib_index, ip4_address_t * lcl, /* * If nothing is found, check if any listener is available */ - s = session_lookup_listener4_i (st, lcl, lcl_port, proto); + s = session_lookup_listener4_i (st, lcl, lcl_port, proto, 1); if (s) return tp_vfts[proto].get_listener (s->connection_index); @@ -977,7 +977,7 @@ session_lookup_connection4 (u32 fib_index, ip4_address_t * lcl, /* * If nothing is found, check if any listener is available */ - s = session_lookup_listener4_i (st, lcl, lcl_port, proto); + s = session_lookup_listener4_i (st, lcl, lcl_port, proto, 1); if (s) return tp_vfts[proto].get_listener (s->connection_index); @@ -1035,7 +1035,7 @@ session_lookup_safe4 (u32 fib_index, ip4_address_t * lcl, ip4_address_t * rmt, /* * If nothing is found, check if any listener is available */ - if ((s = session_lookup_listener4_i (st, lcl, lcl_port, proto))) + if ((s = session_lookup_listener4_i (st, lcl, lcl_port, proto, 1))) return s; return 0; @@ -1111,7 +1111,7 @@ session_lookup_connection_wt6 (u32 fib_index, ip6_address_t * lcl, } /* If nothing is found, check if any listener is available */ - s = session_lookup_listener6_i (st, lcl, lcl_port, proto); + s = session_lookup_listener6_i (st, lcl, lcl_port, proto, 1); if (s) return tp_vfts[proto].get_listener (s->connection_index); @@ -1177,7 +1177,7 @@ session_lookup_connection6 (u32 fib_index, ip6_address_t * lcl, } /* If nothing is found, check if any listener is available */ - s = session_lookup_listener6 (fib_index, lcl, lcl_port, proto); + s = session_lookup_listener6_i (st, lcl, lcl_port, proto, 1); if (s) return tp_vfts[proto].get_listener (s->connection_index); @@ -1228,42 +1228,11 @@ session_lookup_safe6 (u32 fib_index, ip6_address_t * lcl, ip6_address_t * rmt, } /* If nothing is found, check if any listener is available */ - if ((s = session_lookup_listener6_i (st, lcl, lcl_port, proto))) + if ((s = session_lookup_listener6_i (st, lcl, lcl_port, proto, 1))) return s; return 0; } -u64 -session_lookup_local_listener_make_handle (session_endpoint_t * sep) -{ - return ((u64) SESSION_LOCAL_TABLE_PREFIX << 32 - | (u32) sep->port << 16 | (u32) sep->transport_proto << 8 - | (u32) sep->is_ip4); -} - -u8 -session_lookup_local_is_handle (u64 handle) -{ - if (handle >> 32 == SESSION_LOCAL_TABLE_PREFIX) - return 1; - return 0; -} - -int -session_lookup_local_listener_parse_handle (u64 handle, - session_endpoint_t * sep) -{ - u32 local_table_handle; - if (handle >> 32 != SESSION_LOCAL_TABLE_PREFIX) - return -1; - local_table_handle = handle & 0xFFFFFFFFULL; - sep->is_ip4 = local_table_handle & 0xff; - local_table_handle >>= 8; - sep->transport_proto = local_table_handle & 0xff; - sep->port = local_table_handle >> 8; - return 0; -} - clib_error_t * vnet_session_rule_add_del (session_rule_add_del_args_t * args) { @@ -1298,7 +1267,7 @@ vnet_session_rule_add_del (session_rule_add_del_args_t * args) } if (args->scope & SESSION_RULE_SCOPE_LOCAL) { - memset (&args->table_args.lcl, 0, sizeof (args->table_args.lcl)); + clib_memset (&args->table_args.lcl, 0, sizeof (args->table_args.lcl)); args->table_args.lcl.fp_proto = args->table_args.rmt.fp_proto; args->table_args.lcl_port = 0; st = app_namespace_get_local_table (app_ns); @@ -1331,15 +1300,18 @@ u8 * format_ip4_session_lookup_kvp (u8 * s, va_list * args) { clib_bihash_kv_16_8_t *kvp = va_arg (*args, clib_bihash_kv_16_8_t *); - u32 is_local = va_arg (*args, u32); - u8 *app_name, *str = 0; - stream_session_t *session; + u32 is_local = va_arg (*args, u32), app_wrk_index, session_index; v4_connection_key_t *key = (v4_connection_key_t *) kvp->key; + stream_session_t *session; + app_worker_t *app_wrk; + const u8 *app_name; + u8 *str = 0; if (!is_local) { session = session_get_from_handle (kvp->value); - app_name = application_name_from_index (session->app_index); + app_wrk = app_worker_get (session->app_wrk_index); + app_name = application_name_from_index (app_wrk->app_index); str = format (0, "[%U] %U:%d->%U:%d", format_transport_proto_short, key->proto, format_ip4_address, &key->src, clib_net_to_host_u16 (key->src_port), format_ip4_address, @@ -1348,13 +1320,14 @@ format_ip4_session_lookup_kvp (u8 * s, va_list * args) } else { - app_name = application_name_from_index (kvp->value); + local_session_parse_handle (kvp->value, &app_wrk_index, &session_index); + app_wrk = app_worker_get (app_wrk_index); + app_name = application_name_from_index (app_wrk->app_index); str = format (0, "[%U] %U:%d", format_transport_proto_short, key->proto, format_ip4_address, &key->src, clib_net_to_host_u16 (key->src_port)); s = format (s, "%-30v%-30v", str, app_name); } - vec_free (app_name); return s; } @@ -1410,8 +1383,8 @@ session_rule_command_fn (vlib_main_t * vm, unformat_input_t * input, app_namespace_t *app_ns; clib_error_t *error; - memset (&lcl_ip, 0, sizeof (lcl_ip)); - memset (&rmt_ip, 0, sizeof (rmt_ip)); + clib_memset (&lcl_ip, 0, sizeof (lcl_ip)); + clib_memset (&rmt_ip, 0, sizeof (rmt_ip)); while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) { if (unformat (input, "del")) @@ -1557,8 +1530,8 @@ show_session_rules_command_fn (vlib_main_t * vm, unformat_input_t * input, session_table_t *st; u8 *ns_id = 0, fib_proto; - memset (&lcl_ip, 0, sizeof (lcl_ip)); - memset (&rmt_ip, 0, sizeof (rmt_ip)); + clib_memset (&lcl_ip, 0, sizeof (lcl_ip)); + clib_memset (&rmt_ip, 0, sizeof (rmt_ip)); while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) { if (unformat (input, "%U", unformat_transport_proto, &transport_proto))