2 * ct6.c - skeleton vpp engine plug-in
4 * Copyright (c) <current-year> <your-organization>
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
18 #include <vnet/vnet.h>
19 #include <vnet/plugin/plugin.h>
22 #include <vlibapi/api.h>
23 #include <vlibmemory/api.h>
24 #include <vpp/app/version.h>
26 /* define message IDs */
27 #include <ct6/ct6.api_enum.h>
28 #include <ct6/ct6.api_types.h>
30 #define REPLY_MSG_ID_BASE cmp->msg_id_base
31 #include <vlibapi/api_helper_macros.h>
35 /* Action function shared between message handler and debug CLI */
38 ct6_feature_init (ct6_main_t * cmp)
40 u32 nworkers = vlib_num_workers ();
42 if (cmp->feature_initialized)
45 clib_bihash_init_48_8 (&cmp->session_hash, "ct6 session table",
46 cmp->session_hash_buckets, cmp->session_hash_memory);
47 cmp->feature_initialized = 1;
48 vec_validate (cmp->sessions, nworkers);
49 vec_validate_init_empty (cmp->first_index, nworkers, ~0);
50 vec_validate_init_empty (cmp->last_index, nworkers, ~0);
54 ct6_in2out_enable_disable (ct6_main_t * cmp, u32 sw_if_index,
57 vnet_sw_interface_t *sw;
60 ct6_feature_init (cmp);
63 if (pool_is_free_index (cmp->vnet_main->interface_main.sw_interfaces,
65 return VNET_API_ERROR_INVALID_SW_IF_INDEX;
67 /* Not a physical port? */
68 sw = vnet_get_sw_interface (cmp->vnet_main, sw_if_index);
69 if (sw->type != VNET_SW_INTERFACE_TYPE_HARDWARE)
70 return VNET_API_ERROR_INVALID_SW_IF_INDEX;
72 vnet_feature_enable_disable ("interface-output", "ct6-in2out",
73 sw_if_index, enable_disable, 0, 0);
79 ct6_out2in_enable_disable (ct6_main_t * cmp, u32 sw_if_index,
82 vnet_sw_interface_t *sw;
85 ct6_feature_init (cmp);
88 if (pool_is_free_index (cmp->vnet_main->interface_main.sw_interfaces,
90 return VNET_API_ERROR_INVALID_SW_IF_INDEX;
92 /* Not a physical port? */
93 sw = vnet_get_sw_interface (cmp->vnet_main, sw_if_index);
94 if (sw->type != VNET_SW_INTERFACE_TYPE_HARDWARE)
95 return VNET_API_ERROR_INVALID_SW_IF_INDEX;
97 vnet_feature_enable_disable ("ip6-unicast", "ct6-out2in",
98 sw_if_index, enable_disable, 0, 0);
103 static clib_error_t *
104 set_ct6_enable_disable_command_fn (vlib_main_t * vm,
105 unformat_input_t * input,
106 vlib_cli_command_t * cmd)
108 ct6_main_t *cmp = &ct6_main;
109 u32 sw_if_index = ~0;
110 int enable_disable = 1;
114 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
116 if (unformat (input, "disable"))
118 else if (unformat (input, "%U", unformat_vnet_sw_interface,
119 cmp->vnet_main, &sw_if_index))
121 else if (unformat (input, "inside") || unformat (input, "in"))
123 else if (unformat (input, "outside") || unformat (input, "out"))
130 return clib_error_return (0, "Please specify inside or outside");
132 if (sw_if_index == ~0)
133 return clib_error_return (0, "Please specify an interface...");
136 rv = ct6_in2out_enable_disable (cmp, sw_if_index, enable_disable);
138 rv = ct6_out2in_enable_disable (cmp, sw_if_index, enable_disable);
145 case VNET_API_ERROR_INVALID_SW_IF_INDEX:
146 return clib_error_return
147 (0, "Invalid interface, only works on physical ports");
151 return clib_error_return (0, "ct6_enable_disable returned %d", rv);
156 VLIB_CLI_COMMAND (set_ct6_command, static) =
160 "set ct6 [inside|outside] <interface-name> [disable]",
161 .function = set_ct6_enable_disable_command_fn,
164 /* API message handler */
165 static void vl_api_ct6_enable_disable_t_handler
166 (vl_api_ct6_enable_disable_t * mp)
168 vl_api_ct6_enable_disable_reply_t *rmp;
169 ct6_main_t *cmp = &ct6_main;
172 VALIDATE_SW_IF_INDEX (mp);
175 rv = ct6_in2out_enable_disable (cmp, ntohl (mp->sw_if_index),
176 (int) (mp->enable_disable));
178 rv = ct6_out2in_enable_disable (cmp, ntohl (mp->sw_if_index),
179 (int) (mp->enable_disable));
181 BAD_SW_IF_INDEX_LABEL;
182 REPLY_MACRO (VL_API_CT6_ENABLE_DISABLE_REPLY);
185 #include <ct6/ct6.api.c>
186 static clib_error_t *
187 ct6_init (vlib_main_t * vm)
189 ct6_main_t *cmp = &ct6_main;
190 clib_error_t *error = 0;
193 cmp->vnet_main = vnet_get_main ();
195 /* Ask for a correctly-sized block of API message decode slots */
196 cmp->msg_id_base = setup_message_id_table ();
199 * Set default parameters...
202 * 2 minute inactivity timer
203 * 10000 concurrent sessions
205 cmp->session_hash_memory = 16ULL << 20;
206 cmp->session_hash_buckets = 64 << 10;
207 cmp->session_timeout_interval = 120.0;
208 cmp->max_sessions_per_worker = 10000;
210 /* ... so the packet generator can feed the in2out node ... */
211 ethernet_setup_node (vm, ct6_in2out_node.index);
215 VLIB_INIT_FUNCTION (ct6_init);
217 VNET_FEATURE_INIT (ct6out2in, static) =
219 .arc_name = "ip6-unicast",
220 .node_name = "ct6-out2in",
221 .runs_before = VNET_FEATURES ("ip6-lookup"),
224 VNET_FEATURE_INIT (ct6in2out, static) = {
225 .arc_name = "interface-output",
226 .node_name = "ct6-in2out",
227 .runs_before = VNET_FEATURES ("interface-output-arc-end"),
230 VLIB_PLUGIN_REGISTER () =
232 .version = VPP_BUILD_VER,
233 .description = "IPv6 Connection Tracker",
237 format_ct6_session (u8 * s, va_list * args)
239 ct6_main_t *cmp = va_arg (*args, ct6_main_t *);
240 int i = va_arg (*args, int);
241 ct6_session_t *s0 = va_arg (*args, ct6_session_t *);
242 int verbose = va_arg (*args, int);
243 clib_bihash_kv_48_8_t kvp0;
247 s = format (s, "\n%6s%6s%40s%6s%40s%6s",
248 "Sess", "Prot", "Src", "Sport", "Dst", "Dport");
252 s = format (s, "\n%6d%6d%40U%6u%40U%6u",
253 s0 - cmp->sessions[i], s0->key.proto,
254 format_ip6_address, &s0->key.src,
255 clib_net_to_host_u16 (s0->key.sport),
256 format_ip6_address, &s0->key.dst,
257 clib_net_to_host_u16 (s0->key.dport));
259 clib_memcpy_fast (&kvp0, s0, sizeof (ct6_session_key_t));
261 if (clib_bihash_search_48_8 (&cmp->session_hash, &kvp0, &kvp0) < 0)
263 s = format (s, " LOOKUP FAIL!");
267 if (kvp0.value == s0 - cmp->sessions[s0->thread_index])
269 s = format (s, " OK");
272 s = format (s, " next %d prev %d", s0->next_index,
274 s = format (s, " hits %d expires %.2f", s0->hits, s0->expires);
278 s = format (s, " BOGUS LOOKUP RESULT!");
284 static clib_error_t *
285 show_ct6_command_fn_command_fn (vlib_main_t * vm,
286 unformat_input_t * input,
287 vlib_cli_command_t * cmd)
289 ct6_main_t *cmp = &ct6_main;
295 if (!cmp->feature_initialized)
296 return clib_error_return (0, "ip6 connection tracking not enabled...");
298 if (unformat (input, "verbose %d", &verbose))
300 else if (unformat (input, "verbose"))
303 for (i = 0; i < vec_len (cmp->sessions); i++)
305 s = format (s, "Thread %d: %d sessions\n", i,
306 pool_elts (cmp->sessions[i]));
312 format (s, "%U", format_ct6_session, cmp,
313 0 /* pool */ , 0 /* header */ , verbose);
315 pool_foreach (s0, cmp->sessions[i])
317 s = format (s, "%U", format_ct6_session, cmp, i, s0, verbose);
320 vlib_cli_output (cmp->vlib_main, "%v", s);
325 VLIB_CLI_COMMAND (show_ct6_command_fn_command, static) =
327 .path = "show ip6 connection-tracker",
328 .short_help = "show ip6 connection-tracker",
329 .function = show_ct6_command_fn_command_fn,
333 increment_v6_address (ip6_address_t * a)
337 v0 = clib_net_to_host_u64 (a->as_u64[0]);
338 v1 = clib_net_to_host_u64 (a->as_u64[1]);
343 a->as_u64[0] = clib_net_to_host_u64 (v0);
344 a->as_u64[1] = clib_net_to_host_u64 (v1);
348 static clib_error_t *
349 test_ct6_command_fn_command_fn (vlib_main_t * vm,
350 unformat_input_t * input,
351 vlib_cli_command_t * cmd)
353 ct6_main_t *cmp = &ct6_main;
354 clib_bihash_kv_48_8_t kvp0;
355 ct6_session_key_t *key0;
358 u32 recycled = 0, created = 0;
359 int i, num_sessions = 5;
363 cmp->max_sessions_per_worker = 4;
365 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
367 if (unformat (input, "num-sessions %d", &num_sessions))
371 (input, "max-sessions %d", &cmp->max_sessions_per_worker))
377 ct6_feature_init (cmp);
379 /* Set up starting src/dst addresses */
380 memset (src, 0, sizeof (src));
381 memset (dst, 0, sizeof (dst));
390 * See if we know about this flow.
391 * Key set up for the out2in path, the performant case
393 key0 = (ct6_session_key_t *) & kvp0;
394 memset (&kvp0, 0, sizeof (kvp0));
396 for (i = 0; i < num_sessions; i++)
398 clib_memcpy_fast (&key0->src, src, sizeof (src));
399 clib_memcpy_fast (&key0->dst, dst, sizeof (dst));
402 key0->sport = clib_host_to_net_u16 (1234);
403 key0->dport = clib_host_to_net_u16 (4321);
404 key0->proto = 17; /* udp, fwiw */
406 s0 = ct6_create_or_recycle_session
407 (cmp, &kvp0, 3.0 /* now */ , 0 /* thread index */ ,
408 &recycled, &created);
410 s = format (s, "%U (%d, %d)", format_ct6_session, cmp,
411 0 /* thread index */ , s0, 1 /* verbose */ ,
413 vlib_cli_output (vm, "%v", s);
415 increment_v6_address ((ip6_address_t *) src);
420 pool_foreach (s0, cmp->sessions[0])
422 s = format (s, "%U", format_ct6_session, cmp, 0, s0, 1 /* verbose */);
425 vlib_cli_output (vm, "\nEnd state: first index %d last index %d\n%v",
426 cmp->first_index[0], cmp->last_index[0], s);
430 midpt_index = cmp->max_sessions_per_worker / 3;
432 s0 = pool_elt_at_index (cmp->sessions[0], midpt_index);
433 vlib_cli_output (vm, "\nSimulate LRU hit on session %d",
434 s0 - cmp->sessions[0]);
436 ct6_update_session_hit (cmp, s0, 234.0);
438 pool_foreach (s0, cmp->sessions[0])
440 s = format (s, "%U", format_ct6_session, cmp, 0, s0, 1 /* verbose */);
443 vlib_cli_output (vm, "\nEnd state: first index %d last index %d\n%v",
444 cmp->first_index[0], cmp->last_index[0], s);
451 VLIB_CLI_COMMAND (test_ct6_command_fn_command, static) =
453 .path = "test ip6 connection-tracker",
454 .short_help = "test ip6 connection-tracker",
455 .function = test_ct6_command_fn_command_fn,
458 static clib_error_t *
459 ct6_config (vlib_main_t * vm, unformat_input_t * input)
461 ct6_main_t *cmp = &ct6_main;
463 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
465 if (unformat (input, "session-hash-buckets %u",
466 &cmp->session_hash_buckets))
468 else if (unformat (input, "session-hash-memory %U",
469 unformat_memory_size, &cmp->session_hash_memory))
471 else if (unformat (input, "session-timeout %f",
472 &cmp->session_timeout_interval))
476 return clib_error_return (0, "unknown input '%U'",
477 format_unformat_error, input);
483 VLIB_CONFIG_FUNCTION (ct6_config, "ct6");
486 * fd.io coding-style-patch-verification: ON
489 * eval: (c-set-style "gnu")