X-Git-Url: https://gerrit.fd.io/r/gitweb?a=blobdiff_plain;f=src%2Fvnet%2Fvxlan-gpe%2Fvxlan_gpe.c;h=8ef94d44337ef805ce32b81de23b7fe09e42ffda;hb=2164f7bf58feacdedce61c5b5790980b533ae5bf;hp=918a982d70de1b0351973882a590b4a2d9bc08b9;hpb=4478d8edc35757c1da66e1c3c108af24940fbdd3;p=vpp.git diff --git a/src/vnet/vxlan-gpe/vxlan_gpe.c b/src/vnet/vxlan-gpe/vxlan_gpe.c index 918a982d70d..8ef94d44337 100644 --- a/src/vnet/vxlan-gpe/vxlan_gpe.c +++ b/src/vnet/vxlan-gpe/vxlan_gpe.c @@ -22,9 +22,11 @@ #include #include #include +#include #include #include #include +#include #include /** @@ -85,11 +87,12 @@ format_vxlan_gpe_tunnel (u8 * s, va_list * args) vxlan_gpe_tunnel_t *t = va_arg (*args, vxlan_gpe_tunnel_t *); vxlan_gpe_main_t *ngm = &vxlan_gpe_main; - s = format (s, "[%d] lcl %U rmt %U vni %d fib-idx %d sw-if-idx %d ", - t - ngm->tunnels, - format_ip46_address, &t->local, IP46_TYPE_ANY, - format_ip46_address, &t->remote, IP46_TYPE_ANY, - t->vni, t->encap_fib_index, t->sw_if_index); + s = format (s, + "[%d] lcl %U rmt %U lcl_port %d rmt_port %d vni %d " + "fib-idx %d sw-if-idx %d ", + t - ngm->tunnels, format_ip46_address, &t->local, IP46_TYPE_ANY, + format_ip46_address, &t->remote, IP46_TYPE_ANY, t->local_port, + t->remote_port, t->vni, t->encap_fib_index, t->sw_if_index); #if 0 /* next_dpo not yet used by vxlan-gpe-encap node */ @@ -120,14 +123,6 @@ format_vxlan_gpe_name (u8 * s, va_list * args) return format (s, "vxlan_gpe_tunnel%d", dev_instance); } -static uword -dummy_interface_tx (vlib_main_t * vm, - vlib_node_runtime_t * node, vlib_frame_t * frame) -{ - clib_warning ("you shouldn't be here, leaking buffers..."); - return frame->n_vectors; -} - /** * @brief CLI function for VXLAN GPE admin up/down * @@ -154,7 +149,6 @@ VNET_DEVICE_CLASS (vxlan_gpe_device_class,static) = { .name = "VXLAN_GPE", .format_device_name = format_vxlan_gpe_name, .format_tx_trace = format_vxlan_gpe_encap_trace, - .tx_function = dummy_interface_tx, .admin_up_down_function = vxlan_gpe_interface_admin_up_down, }; /* *INDENT-ON* */ @@ -255,12 +249,14 @@ const static fib_node_vft_t vxlan_gpe_vft = { .fnv_back_walk = vxlan_gpe_tunnel_back_walk, }; -#define foreach_gpe_copy_field \ -_(vni) \ -_(protocol) \ -_(mcast_sw_if_index) \ -_(encap_fib_index) \ -_(decap_fib_index) +#define foreach_gpe_copy_field \ + _ (vni) \ + _ (protocol) \ + _ (mcast_sw_if_index) \ + _ (encap_fib_index) \ + _ (decap_fib_index) \ + _ (local_port) \ + _ (remote_port) #define foreach_copy_ipv4 { \ _(local.ip4.as_u32) \ @@ -311,8 +307,8 @@ vxlan4_gpe_rewrite (vxlan_gpe_tunnel_t * t, u32 extension_size, ip0->checksum = ip4_header_checksum (ip0); /* UDP header, randomize src port on something, maybe? */ - h0->udp.src_port = clib_host_to_net_u16 (4790); - h0->udp.dst_port = clib_host_to_net_u16 (UDP_DST_PORT_VXLAN_GPE); + h0->udp.src_port = clib_host_to_net_u16 (t->local_port); + h0->udp.dst_port = clib_host_to_net_u16 (t->remote_port); /* VXLAN header. Are we having fun yet? */ h0->vxlan.flags = VXLAN_GPE_FLAGS_I | VXLAN_GPE_FLAGS_P; @@ -370,8 +366,8 @@ vxlan6_gpe_rewrite (vxlan_gpe_tunnel_t * t, u32 extension_size, ip0->dst_address.as_u64[1] = t->remote.ip6.as_u64[1]; /* UDP header, randomize src port on something, maybe? */ - h0->udp.src_port = clib_host_to_net_u16 (4790); - h0->udp.dst_port = clib_host_to_net_u16 (UDP_DST_PORT_VXLAN_GPE); + h0->udp.src_port = clib_host_to_net_u16 (t->local_port); + h0->udp.dst_port = clib_host_to_net_u16 (t->remote_port); /* VXLAN header. Are we having fun yet? */ h0->vxlan.flags = VXLAN_GPE_FLAGS_I | VXLAN_GPE_FLAGS_P; @@ -392,35 +388,6 @@ vxlan6_gpe_rewrite (vxlan_gpe_tunnel_t * t, u32 extension_size, return (0); } -static uword -vtep_addr_ref (ip46_address_t * ip) -{ - uword *vtep = ip46_address_is_ip4 (ip) ? - hash_get (vxlan_gpe_main.vtep4, ip->ip4.as_u32) : - hash_get_mem (vxlan_gpe_main.vtep6, &ip->ip6); - if (vtep) - return ++(*vtep); - ip46_address_is_ip4 (ip) ? - hash_set (vxlan_gpe_main.vtep4, ip->ip4.as_u32, 1) : - hash_set_mem_alloc (&vxlan_gpe_main.vtep6, &ip->ip6, 1); - return 1; -} - -static uword -vtep_addr_unref (ip46_address_t * ip) -{ - uword *vtep = ip46_address_is_ip4 (ip) ? - hash_get (vxlan_gpe_main.vtep4, ip->ip4.as_u32) : - hash_get_mem (vxlan_gpe_main.vtep6, &ip->ip6); - ASSERT (vtep); - if (--(*vtep) != 0) - return *vtep; - ip46_address_is_ip4 (ip) ? - hash_unset (vxlan_gpe_main.vtep4, ip->ip4.as_u32) : - hash_unset_mem_free (&vxlan_gpe_main.vtep6, &ip->ip6); - return 0; -} - /* *INDENT-OFF* */ typedef CLIB_PACKED(union { struct { @@ -436,7 +403,7 @@ mcast_shared_get (ip46_address_t * ip) { ASSERT (ip46_address_is_multicast (ip)); uword *p = hash_get_mem (vxlan_gpe_main.mcast_shared, ip); - ASSERT (p); + ALWAYS_ASSERT (p); return (mcast_shared_t) { .as_u64 = *p}; @@ -465,12 +432,6 @@ mcast_shared_remove (ip46_address_t * remote) hash_unset_mem_free (&vxlan_gpe_main.mcast_shared, remote); } -static inline fib_protocol_t -fib_ip_proto (bool is_ip6) -{ - return (is_ip6) ? FIB_PROTOCOL_IP6 : FIB_PROTOCOL_IP4; -} - /** * @brief Add or Del a VXLAN GPE tunnel * @@ -495,12 +456,19 @@ int vnet_vxlan_gpe_add_del_tunnel vxlan6_gpe_tunnel_key_t key6, *key6_copy; u32 is_ip6 = a->is_ip6; + /* Set udp-ports */ + if (a->local_port == 0) + a->local_port = is_ip6 ? UDP_DST_PORT_VXLAN6_GPE : UDP_DST_PORT_VXLAN_GPE; + + if (a->remote_port == 0) + a->remote_port = is_ip6 ? UDP_DST_PORT_VXLAN6_GPE : UDP_DST_PORT_VXLAN_GPE; + if (!is_ip6) { key4.local = a->local.ip4.as_u32; key4.remote = a->remote.ip4.as_u32; key4.vni = clib_host_to_net_u32 (a->vni << 8); - key4.pad = 0; + key4.port = (u32) clib_host_to_net_u16 (a->local_port); p = hash_get_mem (ngm->vxlan4_gpe_tunnel_by_key, &key4); } @@ -511,6 +479,7 @@ int vnet_vxlan_gpe_add_del_tunnel key6.remote.as_u64[0] = a->remote.ip6.as_u64[0]; key6.remote.as_u64[1] = a->remote.ip6.as_u64[1]; key6.vni = clib_host_to_net_u32 (a->vni << 8); + key6.port = (u32) clib_host_to_net_u16 (a->local_port); p = hash_get_mem (ngm->vxlan6_gpe_tunnel_by_key, &key6); } @@ -524,7 +493,7 @@ int vnet_vxlan_gpe_add_del_tunnel return VNET_API_ERROR_TUNNEL_EXIST; pool_get_aligned (ngm->tunnels, t, CLIB_CACHE_LINE_BYTES); - memset (t, 0, sizeof (*t)); + clib_memset (t, 0, sizeof (*t)); /* copy from arg structure */ /* *INDENT-OFF* */ @@ -558,14 +527,14 @@ int vnet_vxlan_gpe_add_del_tunnel if (!is_ip6) { key4_copy = clib_mem_alloc (sizeof (*key4_copy)); - clib_memcpy (key4_copy, &key4, sizeof (*key4_copy)); + clib_memcpy_fast (key4_copy, &key4, sizeof (*key4_copy)); hash_set_mem (ngm->vxlan4_gpe_tunnel_by_key, key4_copy, t - ngm->tunnels); } else { key6_copy = clib_mem_alloc (sizeof (*key6_copy)); - clib_memcpy (key6_copy, &key6, sizeof (*key6_copy)); + clib_memcpy_fast (key6_copy, &key6, sizeof (*key6_copy)); hash_set_mem (ngm->vxlan6_gpe_tunnel_by_key, key6_copy, t - ngm->tunnels); } @@ -600,9 +569,12 @@ int vnet_vxlan_gpe_add_del_tunnel (vnm, vxlan_gpe_device_class.index, t - ngm->tunnels, vxlan_gpe_hw_class.index, t - ngm->tunnels); hi = vnet_get_hw_interface (vnm, hw_if_index); - hi->output_node_index = vxlan_gpe_encap_node.index; } + /* Set vxlan-gpe tunnel output node */ + u32 encap_index = vxlan_gpe_encap_node.index; + vnet_set_interface_output_node (vnm, hw_if_index, encap_index); + t->hw_if_index = hw_if_index; t->sw_if_index = sw_if_index = hi->sw_if_index; vec_validate_init_empty (ngm->tunnel_index_by_sw_if_index, sw_if_index, @@ -620,7 +592,6 @@ int vnet_vxlan_gpe_add_del_tunnel VNET_SW_INTERFACE_FLAG_ADMIN_UP); fib_node_init (&t->node, FIB_NODE_TYPE_VXLAN_GPE_TUNNEL); fib_prefix_t tun_remote_pfx; - u32 encap_index = vxlan_gpe_encap_node.index; vnet_flood_class_t flood_class = VNET_FLOOD_CLASS_TUNNEL_NORMAL; fib_prefix_from_ip46_addr (&t->remote, &tun_remote_pfx); @@ -632,25 +603,25 @@ int vnet_vxlan_gpe_add_del_tunnel * when the forwarding for the entry updates, and the tunnel can * re-stack accordingly */ - vtep_addr_ref (&t->local); - t->fib_entry_index = fib_table_entry_special_add - (t->encap_fib_index, &tun_remote_pfx, FIB_SOURCE_RR, - FIB_ENTRY_FLAG_NONE); - t->sibling_index = fib_entry_child_add - (t->fib_entry_index, FIB_NODE_TYPE_VXLAN_GPE_TUNNEL, - t - ngm->tunnels); + vtep_addr_ref (&ngm->vtep_table, t->encap_fib_index, &t->local); + t->fib_entry_index = fib_entry_track (t->encap_fib_index, + &tun_remote_pfx, + FIB_NODE_TYPE_VXLAN_GPE_TUNNEL, + t - ngm->tunnels, + &t->sibling_index); vxlan_gpe_tunnel_restack_dpo (t); } else { /* Multicast tunnel - - * as the same mcast group can be used for mutiple mcast tunnels - * with different VNIs, create the output fib adjecency only if + * as the same mcast group can be used for multiple mcast tunnels + * with different VNIs, create the output fib adjacency only if * it does not already exist */ fib_protocol_t fp = fib_ip_proto (is_ip6); - if (vtep_addr_ref (&t->remote) == 1) + if (vtep_addr_ref (&ngm->vtep_table, + t->encap_fib_index, &t->remote) == 1) { fib_node_index_t mfei; adj_index_t ai; @@ -659,8 +630,9 @@ int vnet_vxlan_gpe_add_del_tunnel .frp_addr = zero_addr, .frp_sw_if_index = 0xffffffff, .frp_fib_index = ~0, - .frp_weight = 0, + .frp_weight = 1, .frp_flags = FIB_ROUTE_PATH_LOCAL, + .frp_mitf_flags = MFIB_ITF_FLAG_FORWARD, }; const mfib_prefix_t mpfx = { .fp_proto = fp, @@ -673,18 +645,16 @@ int vnet_vxlan_gpe_add_del_tunnel * - the forwarding interface is for-us * - the accepting interface is that from the API */ - mfib_table_entry_path_update (t->encap_fib_index, - &mpfx, + mfib_table_entry_path_update (t->encap_fib_index, &mpfx, MFIB_SOURCE_VXLAN_GPE, - &path, MFIB_ITF_FLAG_FORWARD); + MFIB_ENTRY_FLAG_NONE, &path); path.frp_sw_if_index = a->mcast_sw_if_index; path.frp_flags = FIB_ROUTE_PATH_FLAG_NONE; - mfei = mfib_table_entry_path_update (t->encap_fib_index, - &mpfx, - MFIB_SOURCE_VXLAN_GPE, - &path, - MFIB_ITF_FLAG_ACCEPT); + path.frp_mitf_flags = MFIB_ITF_FLAG_ACCEPT; + mfei = mfib_table_entry_path_update ( + t->encap_fib_index, &mpfx, MFIB_SOURCE_VXLAN_GPE, + MFIB_ENTRY_FLAG_NONE, &path); /* * Create the mcast adjacency to send traffic to the group @@ -711,9 +681,6 @@ int vnet_vxlan_gpe_add_del_tunnel flood_class = VNET_FLOOD_CLASS_TUNNEL_MASTER; } - /* Set vxlan tunnel output node */ - hi->output_node_index = encap_index; - vnet_get_sw_interface (vnet_get_main (), sw_if_index)->flood_class = flood_class; } @@ -729,8 +696,8 @@ int vnet_vxlan_gpe_add_del_tunnel vnet_sw_interface_set_flags (vnm, t->sw_if_index, 0 /* down */ ); vnet_sw_interface_t *si = vnet_get_sw_interface (vnm, t->sw_if_index); si->flags |= VNET_SW_INTERFACE_FLAG_HIDDEN; - set_int_l2_mode (ngm->vlib_main, vnm, MODE_L3, t->sw_if_index, 0, 0, 0, - 0); + set_int_l2_mode (ngm->vlib_main, vnm, MODE_L3, t->sw_if_index, 0, + L2_BD_PORT_TYPE_NORMAL, 0, 0); vec_add1 (ngm->free_vxlan_gpe_tunnel_hw_if_indices, t->hw_if_index); ngm->tunnel_index_by_sw_if_index[t->sw_if_index] = ~0; @@ -742,11 +709,11 @@ int vnet_vxlan_gpe_add_del_tunnel if (!ip46_address_is_multicast (&t->remote)) { - vtep_addr_unref (&t->local); - fib_entry_child_remove (t->fib_entry_index, t->sibling_index); - fib_table_entry_delete_index (t->fib_entry_index, FIB_SOURCE_RR); + vtep_addr_unref (&ngm->vtep_table, t->encap_fib_index, &t->local); + fib_entry_untrack (t->fib_entry_index, t->sibling_index); } - else if (vtep_addr_unref (&t->remote) == 0) + else if (vtep_addr_unref (&ngm->vtep_table, + t->encap_fib_index, &t->remote) == 0) { mcast_shared_remove (&t->remote); } @@ -759,6 +726,17 @@ int vnet_vxlan_gpe_add_del_tunnel if (sw_if_indexp) *sw_if_indexp = sw_if_index; + if (a->is_add) + { + /* register udp ports */ + if (!is_ip6 && !udp_is_valid_dst_port (a->local_port, 1)) + udp_register_dst_port (ngm->vlib_main, a->local_port, + vxlan4_gpe_input_node.index, 1 /* is_ip4 */); + if (is_ip6 && !udp_is_valid_dst_port (a->remote_port, 0)) + udp_register_dst_port (ngm->vlib_main, a->remote_port, + vxlan6_gpe_input_node.index, 0 /* is_ip4 */); + } + return 0; } @@ -781,6 +759,8 @@ vxlan_gpe_add_del_tunnel_command_fn (vlib_main_t * vm, u8 protocol = VXLAN_GPE_PROTOCOL_IP4; u32 vni; u8 vni_set = 0; + u32 local_port = 0; + u32 remote_port = 0; int rv; u32 tmp; vnet_vxlan_gpe_add_del_tunnel_args_t _a, *a = &_a; @@ -865,6 +845,10 @@ vxlan_gpe_add_del_tunnel_command_fn (vlib_main_t * vm, } else if (unformat (line_input, "vni %d", &vni)) vni_set = 1; + else if (unformat (line_input, "local_port %d", &local_port)) + ; + else if (unformat (line_input, "remote_port %d", &remote_port)) + ; else if (unformat (line_input, "next-ip4")) protocol = VXLAN_GPE_PROTOCOL_IP4; else if (unformat (line_input, "next-ip6")) @@ -930,7 +914,7 @@ vxlan_gpe_add_del_tunnel_command_fn (vlib_main_t * vm, goto done; } - memset (a, 0, sizeof (*a)); + clib_memset (a, 0, sizeof (*a)); a->is_add = is_add; a->is_ip6 = ipv6_set; @@ -988,13 +972,13 @@ done: * center or be separated geographically as long as they are reachable * through the underlay L3 network. * - * You can refer to this kind of L2 overlay bridge domain as a VXLAN-GPE sengment. + * You can refer to this kind of L2 overlay bridge domain as a VXLAN-GPE segment. * * @cliexpar * Example of how to create a VXLAN-GPE Tunnel: - * @cliexcmd{create vxlan-gpe tunnel local 10.0.3.1 local 10.0.3.3 vni 13 encap-vrf-id 7} - * Example of how to delete a VXLAN Tunnel: - * @cliexcmd{create vxlan tunnel src 10.0.3.1 remote 10.0.3.3 vni 13 del} + * @cliexcmd{create vxlan-gpe tunnel local 10.0.3.1 remote 10.0.3.3 vni 13 encap-vrf-id 7} + * Example of how to delete a VXLAN-GPE Tunnel: + * @cliexcmd{create vxlan-gpe tunnel local 10.0.3.1 remote 10.0.3.3 vni 13 del} ?*/ /* *INDENT-OFF* */ VLIB_CLI_COMMAND (create_vxlan_gpe_tunnel_command, static) = { @@ -1030,10 +1014,10 @@ show_vxlan_gpe_tunnel_command_fn (vlib_main_t * vm, vlib_cli_output (vm, "No vxlan-gpe tunnels configured."); /* *INDENT-OFF* */ - pool_foreach (t, ngm->tunnels, - ({ + pool_foreach (t, ngm->tunnels) + { vlib_cli_output (vm, "%U", format_vxlan_gpe_tunnel, t); - })); + } /* *INDENT-ON* */ return 0; @@ -1119,11 +1103,12 @@ set_ip4_vxlan_gpe_bypass (vlib_main_t * vm, } /*? - * This command adds the 'ip4-vxlan-gpe-bypass' graph node for a given interface. - * By adding the IPv4 vxlan-gpe-bypass graph node to an interface, the node checks - * for and validate input vxlan_gpe packet and bypass ip4-lookup, ip4-local, - * ip4-udp-lookup nodes to speedup vxlan_gpe packet forwarding. This node will - * cause extra overhead to for non-vxlan_gpe packets which is kept at a minimum. + * This command adds the 'ip4-vxlan-gpe-bypass' graph node for a given + * interface. By adding the IPv4 vxlan-gpe-bypass graph node to an interface, + * the node checks for and validate input vxlan_gpe packet and bypass + * ip4-lookup, ip4-local, ip4-udp-lookup nodes to speedup vxlan_gpe packet + * forwarding. This node will cause extra overhead to for non-vxlan_gpe + * packets which is kept at a minimum. * * @cliexpar * @parblock @@ -1140,13 +1125,13 @@ set_ip4_vxlan_gpe_bypass (vlib_main_t * vm, * * Example of graph node after ip4-vxlan-gpe-bypass is enabled: * @cliexstart{show vlib graph ip4-vxlan-gpe-bypass} - * Name Next Previous - * ip4-vxlan-gpe-bypass error-drop [0] ip4-input - * vxlan4-gpe-input [1] ip4-input-no-checksum - * ip4-lookup [2] + * Name Next Previous + * ip4-vxlan-gpe-bypass error-drop [0] ip4-input + * vxlan4-gpe-input [1] ip4-input-no-checksum + * ip4-lookup [2] * @cliexend * - * Example of how to display the feature enabed on an interface: + * Example of how to display the feature enabled on an interface: * @cliexstart{show ip interface features GigabitEthernet2/0/0} * IP feature paths configured on GigabitEthernet2/0/0... * ... @@ -1176,11 +1161,12 @@ set_ip6_vxlan_gpe_bypass (vlib_main_t * vm, } /*? - * This command adds the 'ip6-vxlan-gpe-bypass' graph node for a given interface. - * By adding the IPv6 vxlan-gpe-bypass graph node to an interface, the node checks - * for and validate input vxlan_gpe packet and bypass ip6-lookup, ip6-local, - * ip6-udp-lookup nodes to speedup vxlan_gpe packet forwarding. This node will - * cause extra overhead to for non-vxlan_gpe packets which is kept at a minimum. + * This command adds the 'ip6-vxlan-gpe-bypass' graph node for a given + * interface. By adding the IPv6 vxlan-gpe-bypass graph node to an interface, + * the node checks for and validate input vxlan_gpe packet and bypass + * ip6-lookup, ip6-local, ip6-udp-lookup nodes to speedup vxlan_gpe packet + * forwarding. This node will cause extra overhead to for non-vxlan_gpe packets + * which is kept at a minimum. * * @cliexpar * @parblock @@ -1197,13 +1183,13 @@ set_ip6_vxlan_gpe_bypass (vlib_main_t * vm, * * Example of graph node after ip6-vxlan-gpe-bypass is enabled: * @cliexstart{show vlib graph ip6-vxlan-gpe-bypass} - * Name Next Previous - * ip6-vxlan-gpe-bypass error-drop [0] ip6-input - * vxlan6-gpe-input [1] ip4-input-no-checksum - * ip6-lookup [2] + * Name Next Previous + * ip6-vxlan-gpe-bypass error-drop [0] ip6-input + * vxlan6-gpe-input [1] ip4-input-no-checksum + * ip6-lookup [2] * @cliexend * - * Example of how to display the feature enabed on an interface: + * Example of how to display the feature enabled on an interface: * @cliexstart{show ip interface features GigabitEthernet2/0/0} * IP feature paths configured on GigabitEthernet2/0/0... * ... @@ -1221,7 +1207,7 @@ set_ip6_vxlan_gpe_bypass (vlib_main_t * vm, VLIB_CLI_COMMAND (set_interface_ip6_vxlan_gpe_bypass_command, static) = { .path = "set interface ip6 vxlan-gpe-bypass", .function = set_ip6_vxlan_gpe_bypass, - .short_help = "set interface ip vxlan-gpe-bypass [del]", + .short_help = "set interface ip6 vxlan-gpe-bypass [del]", }; /* *INDENT-ON* */ @@ -1267,12 +1253,7 @@ vxlan_gpe_init (vlib_main_t * vm) ngm->mcast_shared = hash_create_mem (0, sizeof (ip46_address_t), sizeof (mcast_shared_t)); - ngm->vtep6 = hash_create_mem (0, sizeof (ip6_address_t), sizeof (uword)); - - udp_register_dst_port (vm, UDP_DST_PORT_VXLAN_GPE, - vxlan4_gpe_input_node.index, 1 /* is_ip4 */ ); - udp_register_dst_port (vm, UDP_DST_PORT_VXLAN6_GPE, - vxlan6_gpe_input_node.index, 0 /* is_ip4 */ ); + ngm->vtep_table = vtep_table_create (); /* Register the list of standard decap protocols supported */ vxlan_gpe_register_decap_protocol (VXLAN_GPE_PROTOCOL_IP4,