2 * ethernet/arp.c: IP v4 ARP node
4 * Copyright (c) 2010 Cisco and/or its affiliates.
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
18 #include <vnet/ip/ip.h>
19 #include <vnet/ip/ip6.h>
20 #include <vnet/ethernet/ethernet.h>
21 #include <vnet/ethernet/arp_packet.h>
22 #include <vnet/l2/l2_input.h>
23 #include <vppinfra/mhash.h>
24 #include <vnet/fib/ip4_fib.h>
25 #include <vnet/adj/adj_nbr.h>
26 #include <vnet/adj/adj_mcast.h>
27 #include <vnet/mpls/mpls.h>
33 * This file contains code to manage the IPv4 ARP tables (IP Address
34 * to MAC Address lookup).
38 void vl_api_rpc_call_main_thread (void *fp, u8 * data, u32 data_length);
41 * @brief Per-interface ARP configuration and state
43 typedef struct ethernet_arp_interface_t_
46 * Hash table of ARP entries.
47 * Since this hash table is per-interface, the key is only the IPv4 address.
50 } ethernet_arp_interface_t;
57 } ethernet_proxy_arp_t;
65 /* Used for arp event notification only */
68 } pending_resolution_t;
72 /* Hash tables mapping name to opcode. */
73 uword *opcode_by_name;
75 /* lite beer "glean" adjacency handling */
76 uword *pending_resolutions_by_address;
77 pending_resolution_t *pending_resolutions;
79 /* Mac address change notification */
80 uword *mac_changes_by_address;
81 pending_resolution_t *mac_changes;
83 ethernet_arp_ip4_entry_t *ip4_entry_pool;
85 /* ARP attack mitigation */
87 u32 limit_arp_cache_size;
89 /** Per interface state */
90 ethernet_arp_interface_t *ethernet_arp_by_sw_if_index;
92 /* Proxy arp vector */
93 ethernet_proxy_arp_t *proxy_arps;
94 } ethernet_arp_main_t;
96 static ethernet_arp_main_t ethernet_arp_main;
101 ethernet_arp_ip4_over_ethernet_address_t a;
105 #define ETHERNET_ARP_ARGS_REMOVE (1<<0)
106 #define ETHERNET_ARP_ARGS_FLUSH (1<<1)
107 #define ETHERNET_ARP_ARGS_POPULATE (1<<2)
108 } vnet_arp_set_ip4_over_ethernet_rpc_args_t;
111 set_ip4_over_ethernet_rpc_callback (vnet_arp_set_ip4_over_ethernet_rpc_args_t
115 format_ethernet_arp_hardware_type (u8 * s, va_list * va)
117 ethernet_arp_hardware_type_t h = va_arg (*va, ethernet_arp_hardware_type_t);
121 #define _(n,f) case n: t = #f; break;
122 foreach_ethernet_arp_hardware_type;
126 return format (s, "unknown 0x%x", h);
129 return format (s, "%s", t);
133 format_ethernet_arp_opcode (u8 * s, va_list * va)
135 ethernet_arp_opcode_t o = va_arg (*va, ethernet_arp_opcode_t);
139 #define _(f) case ETHERNET_ARP_OPCODE_##f: t = #f; break;
140 foreach_ethernet_arp_opcode;
144 return format (s, "unknown 0x%x", o);
147 return format (s, "%s", t);
151 unformat_ethernet_arp_opcode_host_byte_order (unformat_input_t * input,
154 int *result = va_arg (*args, int *);
155 ethernet_arp_main_t *am = ðernet_arp_main;
158 /* Numeric opcode. */
159 if (unformat (input, "0x%x", &x) || unformat (input, "%d", &x))
168 if (unformat_user (input, unformat_vlib_number_by_name,
169 am->opcode_by_name, &i))
179 unformat_ethernet_arp_opcode_net_byte_order (unformat_input_t * input,
182 int *result = va_arg (*args, int *);
184 (input, unformat_ethernet_arp_opcode_host_byte_order, result))
187 *result = clib_host_to_net_u16 ((u16) * result);
192 format_ethernet_arp_header (u8 * s, va_list * va)
194 ethernet_arp_header_t *a = va_arg (*va, ethernet_arp_header_t *);
195 u32 max_header_bytes = va_arg (*va, u32);
197 u16 l2_type, l3_type;
199 if (max_header_bytes != 0 && sizeof (a[0]) > max_header_bytes)
200 return format (s, "ARP header truncated");
202 l2_type = clib_net_to_host_u16 (a->l2_type);
203 l3_type = clib_net_to_host_u16 (a->l3_type);
205 indent = format_get_indent (s);
207 s = format (s, "%U, type %U/%U, address size %d/%d",
208 format_ethernet_arp_opcode, clib_net_to_host_u16 (a->opcode),
209 format_ethernet_arp_hardware_type, l2_type,
210 format_ethernet_type, l3_type,
211 a->n_l2_address_bytes, a->n_l3_address_bytes);
213 if (l2_type == ETHERNET_ARP_HARDWARE_TYPE_ethernet
214 && l3_type == ETHERNET_TYPE_IP4)
216 s = format (s, "\n%U%U/%U -> %U/%U",
217 format_white_space, indent,
218 format_ethernet_address, a->ip4_over_ethernet[0].ethernet,
219 format_ip4_address, &a->ip4_over_ethernet[0].ip4,
220 format_ethernet_address, a->ip4_over_ethernet[1].ethernet,
221 format_ip4_address, &a->ip4_over_ethernet[1].ip4);
225 uword n2 = a->n_l2_address_bytes;
226 uword n3 = a->n_l3_address_bytes;
227 s = format (s, "\n%U%U/%U -> %U/%U",
228 format_white_space, indent,
229 format_hex_bytes, a->data + 0 * n2 + 0 * n3, n2,
230 format_hex_bytes, a->data + 1 * n2 + 0 * n3, n3,
231 format_hex_bytes, a->data + 1 * n2 + 1 * n3, n2,
232 format_hex_bytes, a->data + 2 * n2 + 1 * n3, n3);
239 format_ethernet_arp_ip4_entry (u8 * s, va_list * va)
241 vnet_main_t *vnm = va_arg (*va, vnet_main_t *);
242 ethernet_arp_ip4_entry_t *e = va_arg (*va, ethernet_arp_ip4_entry_t *);
243 vnet_sw_interface_t *si;
247 return format (s, "%=12s%=16s%=6s%=20s%=24s", "Time", "IP4",
248 "Flags", "Ethernet", "Interface");
250 si = vnet_get_sw_interface (vnm, e->sw_if_index);
252 if (e->flags & ETHERNET_ARP_IP4_ENTRY_FLAG_STATIC)
253 flags = format (flags, "S");
255 if (e->flags & ETHERNET_ARP_IP4_ENTRY_FLAG_DYNAMIC)
256 flags = format (flags, "D");
258 if (e->flags & ETHERNET_ARP_IP4_ENTRY_FLAG_NO_FIB_ENTRY)
259 flags = format (flags, "N");
261 s = format (s, "%=12U%=16U%=6s%=20U%=24U",
262 format_vlib_cpu_time, vnm->vlib_main, e->cpu_time_last_updated,
263 format_ip4_address, &e->ip4_address,
264 flags ? (char *) flags : "",
265 format_ethernet_address, e->ethernet_address,
266 format_vnet_sw_interface_name, vnm, si);
275 } ethernet_arp_input_trace_t;
278 format_ethernet_arp_input_trace (u8 * s, va_list * va)
280 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*va, vlib_main_t *);
281 CLIB_UNUSED (vlib_node_t * node) = va_arg (*va, vlib_node_t *);
282 ethernet_arp_input_trace_t *t = va_arg (*va, ethernet_arp_input_trace_t *);
285 format_ethernet_arp_header,
286 t->packet_data, sizeof (t->packet_data));
292 format_arp_term_input_trace (u8 * s, va_list * va)
294 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*va, vlib_main_t *);
295 CLIB_UNUSED (vlib_node_t * node) = va_arg (*va, vlib_node_t *);
296 ethernet_arp_input_trace_t *t = va_arg (*va, ethernet_arp_input_trace_t *);
298 /* arp-term trace data saved is either arp or ip6/icmp6 packet:
299 - for arp, the 1st 16-bit field is hw type of value of 0x0001.
300 - for ip6, the first nibble has value of 6. */
301 s = format (s, "%U", t->packet_data[0] == 0 ?
302 format_ethernet_arp_header : format_ip6_header,
303 t->packet_data, sizeof (t->packet_data));
309 arp_nbr_probe (ip_adjacency_t * adj)
311 vnet_main_t *vnm = vnet_get_main ();
312 ip4_main_t *im = &ip4_main;
313 ip_interface_address_t *ia;
314 ethernet_arp_header_t *h;
315 vnet_hw_interface_t *hi;
316 vnet_sw_interface_t *si;
322 vm = vlib_get_main ();
324 si = vnet_get_sw_interface (vnm, adj->rewrite_header.sw_if_index);
326 if (!(si->flags & VNET_SW_INTERFACE_FLAG_ADMIN_UP))
332 ip4_interface_address_matching_destination (im,
333 &adj->sub_type.nbr.next_hop.
343 vlib_packet_template_get_packet (vm, &im->ip4_arp_request_packet_template,
346 hi = vnet_get_sup_hw_interface (vnm, adj->rewrite_header.sw_if_index);
348 clib_memcpy (h->ip4_over_ethernet[0].ethernet,
349 hi->hw_address, sizeof (h->ip4_over_ethernet[0].ethernet));
351 h->ip4_over_ethernet[0].ip4 = src[0];
352 h->ip4_over_ethernet[1].ip4 = adj->sub_type.nbr.next_hop.ip4;
354 b = vlib_get_buffer (vm, bi);
355 vnet_buffer (b)->sw_if_index[VLIB_RX] =
356 vnet_buffer (b)->sw_if_index[VLIB_TX] = adj->rewrite_header.sw_if_index;
358 /* Add encapsulation string for software interface (e.g. ethernet header). */
359 vnet_rewrite_one_header (adj[0], h, sizeof (ethernet_header_t));
360 vlib_buffer_advance (b, -adj->rewrite_header.data_bytes);
363 vlib_frame_t *f = vlib_get_frame_to_node (vm, hi->output_node_index);
364 u32 *to_next = vlib_frame_vector_args (f);
367 vlib_put_frame_to_node (vm, hi->output_node_index, f);
372 arp_mk_complete (adj_index_t ai, ethernet_arp_ip4_entry_t * e)
374 adj_nbr_update_rewrite
375 (ai, ADJ_NBR_REWRITE_FLAG_COMPLETE,
376 ethernet_build_rewrite (vnet_get_main (),
378 adj_get_link_type (ai), e->ethernet_address));
382 arp_mk_incomplete (adj_index_t ai)
384 ip_adjacency_t *adj = adj_get (ai);
386 adj_nbr_update_rewrite
388 ADJ_NBR_REWRITE_FLAG_INCOMPLETE,
389 ethernet_build_rewrite (vnet_get_main (),
390 adj->rewrite_header.sw_if_index,
392 VNET_REWRITE_FOR_SW_INTERFACE_ADDRESS_BROADCAST));
395 static ethernet_arp_ip4_entry_t *
396 arp_entry_find (ethernet_arp_interface_t * eai, const ip4_address_t * addr)
398 ethernet_arp_main_t *am = ðernet_arp_main;
399 ethernet_arp_ip4_entry_t *e = NULL;
402 if (NULL != eai->arp_entries)
404 p = hash_get (eai->arp_entries, addr->as_u32);
408 e = pool_elt_at_index (am->ip4_entry_pool, p[0]);
415 arp_mk_complete_walk (adj_index_t ai, void *ctx)
417 ethernet_arp_ip4_entry_t *e = ctx;
419 arp_mk_complete (ai, e);
421 return (ADJ_WALK_RC_CONTINUE);
425 arp_mk_incomplete_walk (adj_index_t ai, void *ctx)
427 arp_mk_incomplete (ai);
429 return (ADJ_WALK_RC_CONTINUE);
433 arp_update_adjacency (vnet_main_t * vnm, u32 sw_if_index, u32 ai)
435 ethernet_arp_main_t *am = ðernet_arp_main;
436 ethernet_arp_interface_t *arp_int;
437 ethernet_arp_ip4_entry_t *e;
442 vec_validate (am->ethernet_arp_by_sw_if_index, sw_if_index);
443 arp_int = &am->ethernet_arp_by_sw_if_index[sw_if_index];
444 e = arp_entry_find (arp_int, &adj->sub_type.nbr.next_hop.ip4);
446 switch (adj->lookup_next_index)
448 case IP_LOOKUP_NEXT_ARP:
449 case IP_LOOKUP_NEXT_GLEAN:
452 adj_nbr_walk_nh4 (sw_if_index,
453 &e->ip4_address, arp_mk_complete_walk, e);
458 * no matching ARP entry.
459 * construct the rewrite required to for an ARP packet, and stick
460 * that in the adj's pipe to smoke.
462 adj_nbr_update_rewrite
464 ADJ_NBR_REWRITE_FLAG_INCOMPLETE,
465 ethernet_build_rewrite
469 VNET_REWRITE_FOR_SW_INTERFACE_ADDRESS_BROADCAST));
472 * since the FIB has added this adj for a route, it makes sense it
473 * may want to forward traffic sometime soon. Let's send a
474 * speculative ARP. just one. If we were to do periodically that
475 * wouldn't be bad either, but that's more code than i'm prepared to
476 * write at this time for relatively little reward.
481 case IP_LOOKUP_NEXT_MCAST:
483 * Construct a partial rewrite from the known ethernet mcast dest MAC
485 adj_mcast_update_rewrite
487 ethernet_build_rewrite (vnm,
490 ethernet_ip4_mcast_dst_addr ()));
493 * Complete the remaining fields of the adj's rewrite to direct the
494 * complete of the rewrite at switch time by copying in the IP
495 * dst address's bytes.
496 * Ofset is 11 bytes from the end of the MAC header - which is three
497 * bytes into the desintation address. And we write 3 bytes.
499 adj->rewrite_header.dst_mcast_offset = 11;
500 adj->rewrite_header.dst_mcast_n_bytes = 3;
504 case IP_LOOKUP_NEXT_DROP:
505 case IP_LOOKUP_NEXT_PUNT:
506 case IP_LOOKUP_NEXT_LOCAL:
507 case IP_LOOKUP_NEXT_REWRITE:
508 case IP_LOOKUP_NEXT_LOAD_BALANCE:
509 case IP_LOOKUP_NEXT_MIDCHAIN:
510 case IP_LOOKUP_NEXT_ICMP_ERROR:
511 case IP_LOOKUP_N_NEXT:
518 vnet_arp_set_ip4_over_ethernet_internal (vnet_main_t * vnm,
519 vnet_arp_set_ip4_over_ethernet_rpc_args_t
522 ethernet_arp_ip4_entry_t *e = 0;
523 ethernet_arp_main_t *am = ðernet_arp_main;
524 ethernet_arp_ip4_over_ethernet_address_t *a = &args->a;
525 vlib_main_t *vm = vlib_get_main ();
526 int make_new_arp_cache_entry = 1;
528 pending_resolution_t *pr, *mc;
529 ethernet_arp_interface_t *arp_int;
530 int is_static = args->is_static;
531 u32 sw_if_index = args->sw_if_index;
532 int is_no_fib_entry = args->is_no_fib_entry;
534 vec_validate (am->ethernet_arp_by_sw_if_index, sw_if_index);
536 arp_int = &am->ethernet_arp_by_sw_if_index[sw_if_index];
538 if (NULL != arp_int->arp_entries)
540 p = hash_get (arp_int->arp_entries, a->ip4.as_u32);
543 e = pool_elt_at_index (am->ip4_entry_pool, p[0]);
545 /* Refuse to over-write static arp. */
546 if (!is_static && (e->flags & ETHERNET_ARP_IP4_ENTRY_FLAG_STATIC))
548 make_new_arp_cache_entry = 0;
552 if (make_new_arp_cache_entry)
554 pool_get (am->ip4_entry_pool, e);
556 if (NULL == arp_int->arp_entries)
558 arp_int->arp_entries = hash_create (0, sizeof (u32));
561 hash_set (arp_int->arp_entries, a->ip4.as_u32, e - am->ip4_entry_pool);
563 e->sw_if_index = sw_if_index;
564 e->ip4_address = a->ip4;
565 clib_memcpy (e->ethernet_address,
566 a->ethernet, sizeof (e->ethernet_address));
568 if (!is_no_fib_entry)
572 .fp_proto = FIB_PROTOCOL_IP4,
573 .fp_addr.ip4 = a->ip4,
578 ip4_fib_table_get_index_for_sw_if_index (e->sw_if_index);
580 fib_table_entry_update_one_path (fib_index, &pfx, FIB_SOURCE_ADJ,
581 FIB_ENTRY_FLAG_ATTACHED,
582 FIB_PROTOCOL_IP4, &pfx.fp_addr,
583 e->sw_if_index, ~0, 1, NULL,
584 FIB_ROUTE_PATH_FLAG_NONE);
585 e->flags |= ETHERNET_ARP_IP4_ENTRY_FLAG_NO_FIB_ENTRY;
591 * prevent a DoS attack from the data-plane that
592 * spams us with no-op updates to the MAC address
594 if (0 == memcmp (e->ethernet_address,
595 a->ethernet, sizeof (e->ethernet_address)))
598 /* Update time stamp and ethernet address. */
599 clib_memcpy (e->ethernet_address, a->ethernet,
600 sizeof (e->ethernet_address));
603 e->cpu_time_last_updated = clib_cpu_time_now ();
605 e->flags |= ETHERNET_ARP_IP4_ENTRY_FLAG_STATIC;
607 e->flags |= ETHERNET_ARP_IP4_ENTRY_FLAG_DYNAMIC;
609 adj_nbr_walk_nh4 (sw_if_index, &e->ip4_address, arp_mk_complete_walk, e);
611 /* Customer(s) waiting for this address to be resolved? */
612 p = hash_get (am->pending_resolutions_by_address, a->ip4.as_u32);
618 while (next_index != (u32) ~ 0)
620 pr = pool_elt_at_index (am->pending_resolutions, next_index);
621 vlib_process_signal_event (vm, pr->node_index,
622 pr->type_opaque, pr->data);
623 next_index = pr->next_index;
624 pool_put (am->pending_resolutions, pr);
627 hash_unset (am->pending_resolutions_by_address, a->ip4.as_u32);
630 /* Customer(s) requesting ARP event for this address? */
631 p = hash_get (am->mac_changes_by_address, a->ip4.as_u32);
637 while (next_index != (u32) ~ 0)
639 int (*fp) (u32, u8 *, u32, u32);
641 mc = pool_elt_at_index (am->mac_changes, next_index);
642 fp = mc->data_callback;
644 /* Call the user's data callback, return 1 to suppress dup events */
646 rv = (*fp) (mc->data, a->ethernet, sw_if_index, 0);
649 * Signal the resolver process, as long as the user
650 * says they want to be notified
653 vlib_process_signal_event (vm, mc->node_index,
654 mc->type_opaque, mc->data);
655 next_index = mc->next_index;
663 vnet_register_ip4_arp_resolution_event (vnet_main_t * vnm,
666 uword type_opaque, uword data)
668 ethernet_arp_main_t *am = ðernet_arp_main;
669 ip4_address_t *address = address_arg;
671 pending_resolution_t *pr;
673 pool_get (am->pending_resolutions, pr);
676 pr->node_index = node_index;
677 pr->type_opaque = type_opaque;
679 pr->data_callback = 0;
681 p = hash_get (am->pending_resolutions_by_address, address->as_u32);
684 /* Insert new resolution at the head of the list */
685 pr->next_index = p[0];
686 hash_unset (am->pending_resolutions_by_address, address->as_u32);
689 hash_set (am->pending_resolutions_by_address, address->as_u32,
690 pr - am->pending_resolutions);
694 vnet_add_del_ip4_arp_change_event (vnet_main_t * vnm,
699 uword type_opaque, uword data, int is_add)
701 ethernet_arp_main_t *am = ðernet_arp_main;
702 ip4_address_t *address = address_arg;
704 pending_resolution_t *mc;
705 void (*fp) (u32, u8 *) = data_callback;
709 pool_get (am->mac_changes, mc);
712 mc->node_index = node_index;
713 mc->type_opaque = type_opaque;
715 mc->data_callback = data_callback;
718 p = hash_get (am->mac_changes_by_address, address->as_u32);
721 /* Insert new resolution at the head of the list */
722 mc->next_index = p[0];
723 hash_unset (am->mac_changes_by_address, address->as_u32);
726 hash_set (am->mac_changes_by_address, address->as_u32,
727 mc - am->mac_changes);
733 pending_resolution_t *mc_last = 0;
735 p = hash_get (am->mac_changes_by_address, address->as_u32);
737 return VNET_API_ERROR_NO_SUCH_ENTRY;
741 while (index != (u32) ~ 0)
743 mc = pool_elt_at_index (am->mac_changes, index);
744 if (mc->node_index == node_index &&
745 mc->type_opaque == type_opaque && mc->pid == pid)
747 /* Clients may need to clean up pool entries, too */
749 (*fp) (mc->data, 0 /* no new mac addrs */ );
752 hash_unset (am->mac_changes_by_address, address->as_u32);
753 if (mc->next_index != ~0)
754 hash_set (am->mac_changes_by_address, address->as_u32,
756 pool_put (am->mac_changes, mc);
762 mc_last->next_index = mc->next_index;
763 pool_put (am->mac_changes, mc);
768 index = mc->next_index;
771 return VNET_API_ERROR_NO_SUCH_ENTRY;
775 /* Either we drop the packet or we send a reply to the sender. */
779 ARP_INPUT_NEXT_REPLY_TX,
783 #define foreach_ethernet_arp_error \
784 _ (replies_sent, "ARP replies sent") \
785 _ (l2_type_not_ethernet, "L2 type not ethernet") \
786 _ (l3_type_not_ip4, "L3 type not IP4") \
787 _ (l3_src_address_not_local, "IP4 source address not local to subnet") \
788 _ (l3_dst_address_not_local, "IP4 destination address not local to subnet") \
789 _ (l3_src_address_is_local, "IP4 source address matches local interface") \
790 _ (l3_src_address_learned, "ARP request IP4 source address learned") \
791 _ (replies_received, "ARP replies received") \
792 _ (opcode_not_request, "ARP opcode not request") \
793 _ (proxy_arp_replies_sent, "Proxy ARP replies sent") \
794 _ (l2_address_mismatch, "ARP hw addr does not match L2 frame src addr") \
795 _ (missing_interface_address, "ARP missing interface address") \
796 _ (gratuitous_arp, "ARP probe or announcement dropped") \
797 _ (interface_no_table, "Interface is not mapped to an IP table") \
798 _ (interface_not_ip_enabled, "Interface is not IP enabled") \
802 #define _(sym,string) ETHERNET_ARP_ERROR_##sym,
803 foreach_ethernet_arp_error
805 ETHERNET_ARP_N_ERROR,
806 } ethernet_arp_input_error_t;
810 unset_random_arp_entry (void)
812 ethernet_arp_main_t *am = ðernet_arp_main;
813 ethernet_arp_ip4_entry_t *e;
814 vnet_main_t *vnm = vnet_get_main ();
815 ethernet_arp_ip4_over_ethernet_address_t delme;
818 index = pool_next_index (am->ip4_entry_pool, am->arp_delete_rotor);
819 am->arp_delete_rotor = index;
821 /* Try again from elt 0, could happen if an intfc goes down */
824 index = pool_next_index (am->ip4_entry_pool, am->arp_delete_rotor);
825 am->arp_delete_rotor = index;
828 /* Nothing left in the pool */
832 e = pool_elt_at_index (am->ip4_entry_pool, index);
834 clib_memcpy (&delme.ethernet, e->ethernet_address, 6);
835 delme.ip4.as_u32 = e->ip4_address.as_u32;
837 vnet_arp_unset_ip4_over_ethernet (vnm, e->sw_if_index, &delme);
841 arp_unnumbered (vlib_buffer_t * p0,
842 u32 pi0, ethernet_header_t * eth0, u32 sw_if_index)
844 vlib_main_t *vm = vlib_get_main ();
845 vnet_main_t *vnm = vnet_get_main ();
846 vnet_interface_main_t *vim = &vnm->interface_main;
847 vnet_sw_interface_t *si;
848 vnet_hw_interface_t *hi;
849 u32 unnum_src_sw_if_index;
850 u32 *broadcast_swifs = 0;
855 u8 dst_mac_address[6];
857 ethernet_arp_header_t *arp0;
859 /* Save the dst mac address */
860 clib_memcpy (dst_mac_address, eth0->dst_address, sizeof (dst_mac_address));
862 /* Figure out which sw_if_index supplied the address */
863 unnum_src_sw_if_index = sw_if_index;
865 /* Track down all users of the unnumbered source */
867 pool_foreach (si, vim->sw_interfaces,
869 if (si->flags & VNET_SW_INTERFACE_FLAG_UNNUMBERED &&
870 (si->unnumbered_sw_if_index == unnum_src_sw_if_index))
872 vec_add1 (broadcast_swifs, si->sw_if_index);
877 /* If there are no interfaces un-unmbered to this interface,
879 if (0 == vec_len (broadcast_swifs))
882 /* Allocate buffering if we need it */
883 if (vec_len (broadcast_swifs) > 1)
885 vec_validate (buffers, vec_len (broadcast_swifs) - 2);
886 n_alloc = vlib_buffer_alloc (vm, buffers, vec_len (buffers));
887 _vec_len (buffers) = n_alloc;
888 for (i = 0; i < n_alloc; i++)
890 b0 = vlib_get_buffer (vm, buffers[i]);
892 /* xerox (partially built) ARP pkt */
893 clib_memcpy (b0->data, p0->data,
894 p0->current_length + p0->current_data);
895 b0->current_data = p0->current_data;
896 b0->current_length = p0->current_length;
897 vnet_buffer (b0)->sw_if_index[VLIB_RX] =
898 vnet_buffer (p0)->sw_if_index[VLIB_RX];
902 vec_insert (buffers, 1, 0);
905 for (i = 0; i < vec_len (buffers); i++)
907 b0 = vlib_get_buffer (vm, buffers[i]);
908 arp0 = vlib_buffer_get_current (b0);
910 hi = vnet_get_sup_hw_interface (vnm, broadcast_swifs[i]);
911 si = vnet_get_sw_interface (vnm, broadcast_swifs[i]);
913 /* For decoration, most likely */
914 vnet_buffer (b0)->sw_if_index[VLIB_TX] = hi->sw_if_index;
916 /* Fix ARP pkt src address */
917 clib_memcpy (arp0->ip4_over_ethernet[0].ethernet, hi->hw_address, 6);
919 /* Build L2 encaps for this swif */
920 header_size = sizeof (ethernet_header_t);
921 if (si->sub.eth.flags.one_tag)
923 else if (si->sub.eth.flags.two_tags)
926 vlib_buffer_advance (b0, -header_size);
927 eth0 = vlib_buffer_get_current (b0);
929 if (si->sub.eth.flags.one_tag)
931 ethernet_vlan_header_t *outer = (void *) (eth0 + 1);
933 eth0->type = si->sub.eth.flags.dot1ad ?
934 clib_host_to_net_u16 (ETHERNET_TYPE_DOT1AD) :
935 clib_host_to_net_u16 (ETHERNET_TYPE_VLAN);
936 outer->priority_cfi_and_id =
937 clib_host_to_net_u16 (si->sub.eth.outer_vlan_id);
938 outer->type = clib_host_to_net_u16 (ETHERNET_TYPE_ARP);
941 else if (si->sub.eth.flags.two_tags)
943 ethernet_vlan_header_t *outer = (void *) (eth0 + 1);
944 ethernet_vlan_header_t *inner = (void *) (outer + 1);
946 eth0->type = si->sub.eth.flags.dot1ad ?
947 clib_host_to_net_u16 (ETHERNET_TYPE_DOT1AD) :
948 clib_host_to_net_u16 (ETHERNET_TYPE_VLAN);
949 outer->priority_cfi_and_id =
950 clib_host_to_net_u16 (si->sub.eth.outer_vlan_id);
951 outer->type = clib_host_to_net_u16 (ETHERNET_TYPE_VLAN);
952 inner->priority_cfi_and_id =
953 clib_host_to_net_u16 (si->sub.eth.inner_vlan_id);
954 inner->type = clib_host_to_net_u16 (ETHERNET_TYPE_ARP);
959 eth0->type = clib_host_to_net_u16 (ETHERNET_TYPE_ARP);
962 /* Restore the original dst address, set src address */
963 clib_memcpy (eth0->dst_address, dst_mac_address,
964 sizeof (eth0->dst_address));
965 clib_memcpy (eth0->src_address, hi->hw_address,
966 sizeof (eth0->src_address));
968 /* Transmit replicas */
972 vlib_get_frame_to_node (vm, hi->output_node_index);
973 u32 *to_next = vlib_frame_vector_args (f);
974 to_next[0] = buffers[i];
976 vlib_put_frame_to_node (vm, hi->output_node_index, f);
980 /* The regular path outputs the original pkt.. */
981 vnet_buffer (p0)->sw_if_index[VLIB_TX] = broadcast_swifs[0];
983 vec_free (broadcast_swifs);
990 arp_input (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame)
992 ethernet_arp_main_t *am = ðernet_arp_main;
993 vnet_main_t *vnm = vnet_get_main ();
994 ip4_main_t *im4 = &ip4_main;
995 u32 n_left_from, next_index, *from, *to_next;
996 u32 n_replies_sent = 0, n_proxy_arp_replies_sent = 0;
998 from = vlib_frame_vector_args (frame);
999 n_left_from = frame->n_vectors;
1000 next_index = node->cached_next_index;
1002 if (node->flags & VLIB_NODE_FLAG_TRACE)
1003 vlib_trace_frame_buffers_only (vm, node, from, frame->n_vectors,
1005 sizeof (ethernet_arp_input_trace_t));
1007 while (n_left_from > 0)
1011 vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
1013 while (n_left_from > 0 && n_left_to_next > 0)
1016 vnet_hw_interface_t *hw_if0;
1017 ethernet_arp_header_t *arp0;
1018 ethernet_header_t *eth0;
1019 ip4_address_t *if_addr0, proxy_src;
1020 u32 pi0, error0, next0, sw_if_index0, conn_sw_if_index0, fib_index0;
1021 u8 is_request0, dst_is_local0, is_unnum0;
1022 ethernet_proxy_arp_t *pa;
1023 fib_node_index_t dst_fei, src_fei;
1025 fib_entry_flag_t src_flags, dst_flags;
1032 n_left_to_next -= 1;
1035 p0 = vlib_get_buffer (vm, pi0);
1036 arp0 = vlib_buffer_get_current (p0);
1038 is_request0 = arp0->opcode
1039 == clib_host_to_net_u16 (ETHERNET_ARP_OPCODE_request);
1041 error0 = ETHERNET_ARP_ERROR_replies_sent;
1045 clib_net_to_host_u16 (ETHERNET_ARP_HARDWARE_TYPE_ethernet) ?
1046 ETHERNET_ARP_ERROR_l2_type_not_ethernet : error0);
1049 clib_net_to_host_u16 (ETHERNET_TYPE_IP4) ?
1050 ETHERNET_ARP_ERROR_l3_type_not_ip4 : error0);
1052 sw_if_index0 = vnet_buffer (p0)->sw_if_index[VLIB_RX];
1054 /* not playing the ARP game if the interface is not IPv4 enabled */
1056 (im4->ip_enabled_by_sw_if_index[sw_if_index0] == 0 ?
1057 ETHERNET_ARP_ERROR_interface_not_ip_enabled : error0);
1062 /* Check that IP address is local and matches incoming interface. */
1063 fib_index0 = ip4_fib_table_get_index_for_sw_if_index (sw_if_index0);
1064 if (~0 == fib_index0)
1066 error0 = ETHERNET_ARP_ERROR_interface_no_table;
1070 dst_fei = ip4_fib_table_lookup (ip4_fib_get (fib_index0),
1071 &arp0->ip4_over_ethernet[1].ip4,
1073 dst_flags = fib_entry_get_flags (dst_fei);
1075 src_fei = ip4_fib_table_lookup (ip4_fib_get (fib_index0),
1076 &arp0->ip4_over_ethernet[0].ip4,
1078 src_flags = fib_entry_get_flags (src_fei);
1080 conn_sw_if_index0 = fib_entry_get_resolving_interface (dst_fei);
1082 if (!(FIB_ENTRY_FLAG_CONNECTED & dst_flags))
1084 error0 = ETHERNET_ARP_ERROR_l3_dst_address_not_local;
1088 /* Honor unnumbered interface, if any */
1089 is_unnum0 = sw_if_index0 != conn_sw_if_index0;
1091 /* Source must also be local to subnet of matching interface address. */
1092 if (!((FIB_ENTRY_FLAG_ATTACHED & src_flags) ||
1093 (FIB_ENTRY_FLAG_CONNECTED & src_flags)))
1096 * The packet was sent from an address that is not connected nor attached
1097 * i.e. it is not from an address that is covered by a link's sub-net,
1098 * nor is it a already learned host resp.
1100 error0 = ETHERNET_ARP_ERROR_l3_src_address_not_local;
1103 if (sw_if_index0 != fib_entry_get_resolving_interface (src_fei))
1106 * The interface the ARP was received on is not the interface
1107 * on which the covering prefix is configured. Maybe this is a case
1113 /* Reject requests/replies with our local interface address. */
1114 if (FIB_ENTRY_FLAG_LOCAL & src_flags)
1116 error0 = ETHERNET_ARP_ERROR_l3_src_address_is_local;
1120 dst_is_local0 = (FIB_ENTRY_FLAG_LOCAL & dst_flags);
1121 fib_entry_get_prefix (dst_fei, &pfx0);
1122 if_addr0 = &pfx0.fp_addr.ip4;
1124 /* Fill in ethernet header. */
1125 eth0 = ethernet_buffer_get_header (p0);
1127 /* Trash ARP packets whose ARP-level source addresses do not
1128 match their L2-frame-level source addresses */
1129 if (memcmp (eth0->src_address, arp0->ip4_over_ethernet[0].ethernet,
1130 sizeof (eth0->src_address)))
1132 error0 = ETHERNET_ARP_ERROR_l2_address_mismatch;
1136 /* Learn or update sender's mapping only for requests or unicasts
1137 that don't match local interface address. */
1138 if (ethernet_address_cast (eth0->dst_address) ==
1139 ETHERNET_ADDRESS_UNICAST || is_request0)
1141 if (am->limit_arp_cache_size &&
1142 pool_elts (am->ip4_entry_pool) >= am->limit_arp_cache_size)
1143 unset_random_arp_entry ();
1145 vnet_arp_set_ip4_over_ethernet (vnm, sw_if_index0,
1146 &arp0->ip4_over_ethernet[0],
1147 0 /* is_static */ , 0);
1148 error0 = ETHERNET_ARP_ERROR_l3_src_address_learned;
1151 /* Only send a reply for requests sent which match a local interface. */
1152 if (!(is_request0 && dst_is_local0))
1156 clib_host_to_net_u16 (ETHERNET_ARP_OPCODE_reply) ?
1157 ETHERNET_ARP_ERROR_replies_received : error0);
1163 vnet_buffer (p0)->sw_if_index[VLIB_TX] = sw_if_index0;
1164 hw_if0 = vnet_get_sup_hw_interface (vnm, sw_if_index0);
1166 /* Send reply back through input interface */
1167 vnet_buffer (p0)->sw_if_index[VLIB_TX] = sw_if_index0;
1168 next0 = ARP_INPUT_NEXT_REPLY_TX;
1170 arp0->opcode = clib_host_to_net_u16 (ETHERNET_ARP_OPCODE_reply);
1172 arp0->ip4_over_ethernet[1] = arp0->ip4_over_ethernet[0];
1174 clib_memcpy (arp0->ip4_over_ethernet[0].ethernet,
1175 hw_if0->hw_address, 6);
1176 clib_mem_unaligned (&arp0->ip4_over_ethernet[0].ip4.data_u32, u32) =
1179 /* Hardware must be ethernet-like. */
1180 ASSERT (vec_len (hw_if0->hw_address) == 6);
1182 clib_memcpy (eth0->dst_address, eth0->src_address, 6);
1183 clib_memcpy (eth0->src_address, hw_if0->hw_address, 6);
1185 /* Figure out how much to rewind current data from adjacency. */
1186 /* get the adj from the destination's covering connected */
1191 if (!arp_unnumbered (p0, pi0, eth0, conn_sw_if_index0))
1196 ip_adjacency_t *adj0 = NULL;
1199 if (FIB_ENTRY_FLAG_ATTACHED & src_flags)
1202 * If the source is attached use the adj from that source.
1204 ai = fib_entry_get_adj (src_fei);
1205 if (ADJ_INDEX_INVALID != ai)
1207 adj0 = adj_get (ai);
1213 * Get the glean adj from the cover. This is presumably interface
1214 * sourced, and therefre needs to be a glean adj.
1216 ai = fib_entry_get_adj_for_source
1217 (ip4_fib_table_lookup
1218 (ip4_fib_get (fib_index0),
1219 &arp0->ip4_over_ethernet[1].ip4, 31),
1220 FIB_SOURCE_INTERFACE);
1222 if (ADJ_INDEX_INVALID != ai)
1224 adj0 = adj_get (ai);
1226 if (adj0->lookup_next_index == IP_LOOKUP_NEXT_GLEAN)
1234 vlib_buffer_advance (p0,
1235 -adj0->rewrite_header.data_bytes);
1239 error0 = ETHERNET_ARP_ERROR_missing_interface_address;
1245 vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
1246 n_left_to_next, pi0, next0);
1248 n_replies_sent += 1;
1252 if (0 == arp0->ip4_over_ethernet[0].ip4.as_u32 ||
1253 (arp0->ip4_over_ethernet[0].ip4.as_u32 ==
1254 arp0->ip4_over_ethernet[1].ip4.as_u32))
1256 error0 = ETHERNET_ARP_ERROR_gratuitous_arp;
1259 /* See if proxy arp is configured for the address */
1262 vnet_sw_interface_t *si;
1263 u32 this_addr = clib_net_to_host_u32
1264 (arp0->ip4_over_ethernet[1].ip4.as_u32);
1267 si = vnet_get_sw_interface (vnm, sw_if_index0);
1269 if (!(si->flags & VNET_SW_INTERFACE_FLAG_PROXY_ARP))
1272 fib_index0 = vec_elt (im4->fib_index_by_sw_if_index,
1275 vec_foreach (pa, am->proxy_arps)
1277 u32 lo_addr = clib_net_to_host_u32 (pa->lo_addr);
1278 u32 hi_addr = clib_net_to_host_u32 (pa->hi_addr);
1280 /* an ARP request hit in the proxy-arp table? */
1281 if ((this_addr >= lo_addr && this_addr <= hi_addr) &&
1282 (fib_index0 == pa->fib_index))
1284 eth0 = ethernet_buffer_get_header (p0);
1286 arp0->ip4_over_ethernet[1].ip4.data_u32;
1289 * Rewind buffer, direct code above not to
1290 * think too hard about it.
1292 if_addr0 = &proxy_src;
1294 i32 ethernet_start =
1295 vnet_buffer (p0)->ethernet.start_of_ethernet_header;
1296 i32 rewind = p0->current_data - ethernet_start;
1297 vlib_buffer_advance (p0, -rewind);
1298 n_proxy_arp_replies_sent++;
1306 next0 = ARP_INPUT_NEXT_DROP;
1307 p0->error = node->errors[error0];
1309 vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
1310 n_left_to_next, pi0, next0);
1313 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
1316 vlib_error_count (vm, node->node_index,
1317 ETHERNET_ARP_ERROR_replies_sent,
1318 n_replies_sent - n_proxy_arp_replies_sent);
1320 vlib_error_count (vm, node->node_index,
1321 ETHERNET_ARP_ERROR_proxy_arp_replies_sent,
1322 n_proxy_arp_replies_sent);
1323 return frame->n_vectors;
1326 static char *ethernet_arp_error_strings[] = {
1327 #define _(sym,string) string,
1328 foreach_ethernet_arp_error
1333 VLIB_REGISTER_NODE (arp_input_node, static) =
1335 .function = arp_input,
1336 .name = "arp-input",
1337 .vector_size = sizeof (u32),
1338 .n_errors = ETHERNET_ARP_N_ERROR,
1339 .error_strings = ethernet_arp_error_strings,
1340 .n_next_nodes = ARP_INPUT_N_NEXT,
1342 [ARP_INPUT_NEXT_DROP] = "error-drop",
1343 [ARP_INPUT_NEXT_REPLY_TX] = "interface-output",
1345 .format_buffer = format_ethernet_arp_header,
1346 .format_trace = format_ethernet_arp_input_trace,
1351 ip4_arp_entry_sort (void *a1, void *a2)
1353 ethernet_arp_ip4_entry_t *e1 = a1;
1354 ethernet_arp_ip4_entry_t *e2 = a2;
1357 vnet_main_t *vnm = vnet_get_main ();
1359 cmp = vnet_sw_interface_compare (vnm, e1->sw_if_index, e2->sw_if_index);
1361 cmp = ip4_address_compare (&e1->ip4_address, &e2->ip4_address);
1365 ethernet_arp_ip4_entry_t *
1366 ip4_neighbor_entries (u32 sw_if_index)
1368 ethernet_arp_main_t *am = ðernet_arp_main;
1369 ethernet_arp_ip4_entry_t *n, *ns = 0;
1372 pool_foreach (n, am->ip4_entry_pool, ({
1373 if (sw_if_index != ~0 && n->sw_if_index != sw_if_index)
1375 vec_add1 (ns, n[0]);
1380 vec_sort_with_function (ns, ip4_arp_entry_sort);
1384 static clib_error_t *
1385 show_ip4_arp (vlib_main_t * vm,
1386 unformat_input_t * input, vlib_cli_command_t * cmd)
1388 vnet_main_t *vnm = vnet_get_main ();
1389 ethernet_arp_main_t *am = ðernet_arp_main;
1390 ethernet_arp_ip4_entry_t *e, *es;
1391 ethernet_proxy_arp_t *pa;
1392 clib_error_t *error = 0;
1395 /* Filter entries by interface if given. */
1397 (void) unformat_user (input, unformat_vnet_sw_interface, vnm, &sw_if_index);
1399 es = ip4_neighbor_entries (sw_if_index);
1402 vlib_cli_output (vm, "%U", format_ethernet_arp_ip4_entry, vnm, 0);
1405 vlib_cli_output (vm, "%U", format_ethernet_arp_ip4_entry, vnm, e);
1410 if (vec_len (am->proxy_arps))
1412 vlib_cli_output (vm, "Proxy arps enabled for:");
1413 vec_foreach (pa, am->proxy_arps)
1415 vlib_cli_output (vm, "Fib_index %d %U - %U ",
1417 format_ip4_address, &pa->lo_addr,
1418 format_ip4_address, &pa->hi_addr);
1426 * Display all the IPv4 ARP entries.
1429 * Example of how to display the IPv4 ARP table:
1430 * @cliexstart{show ip arp}
1431 * Time FIB IP4 Flags Ethernet Interface
1432 * 346.3028 0 6.1.1.3 de:ad:be:ef:ba:be GigabitEthernet2/0/0
1433 * 3077.4271 0 6.1.1.4 S de:ad:be:ef:ff:ff GigabitEthernet2/0/0
1434 * 2998.6409 1 6.2.2.3 de:ad:be:ef:00:01 GigabitEthernet2/0/0
1435 * Proxy arps enabled for:
1436 * Fib_index 0 6.0.0.1 - 6.0.0.11
1440 VLIB_CLI_COMMAND (show_ip4_arp_command, static) = {
1441 .path = "show ip arp",
1442 .function = show_ip4_arp,
1443 .short_help = "show ip arp",
1449 pg_edit_t l2_type, l3_type;
1450 pg_edit_t n_l2_address_bytes, n_l3_address_bytes;
1456 } ip4_over_ethernet[2];
1457 } pg_ethernet_arp_header_t;
1460 pg_ethernet_arp_header_init (pg_ethernet_arp_header_t * p)
1462 /* Initialize fields that are not bit fields in the IP header. */
1463 #define _(f) pg_edit_init (&p->f, ethernet_arp_header_t, f);
1466 _(n_l2_address_bytes);
1467 _(n_l3_address_bytes);
1469 _(ip4_over_ethernet[0].ethernet);
1470 _(ip4_over_ethernet[0].ip4);
1471 _(ip4_over_ethernet[1].ethernet);
1472 _(ip4_over_ethernet[1].ip4);
1477 unformat_pg_arp_header (unformat_input_t * input, va_list * args)
1479 pg_stream_t *s = va_arg (*args, pg_stream_t *);
1480 pg_ethernet_arp_header_t *p;
1483 p = pg_create_edit_group (s, sizeof (p[0]), sizeof (ethernet_arp_header_t),
1485 pg_ethernet_arp_header_init (p);
1488 pg_edit_set_fixed (&p->l2_type, ETHERNET_ARP_HARDWARE_TYPE_ethernet);
1489 pg_edit_set_fixed (&p->l3_type, ETHERNET_TYPE_IP4);
1490 pg_edit_set_fixed (&p->n_l2_address_bytes, 6);
1491 pg_edit_set_fixed (&p->n_l3_address_bytes, 4);
1493 if (!unformat (input, "%U: %U/%U -> %U/%U",
1495 unformat_ethernet_arp_opcode_net_byte_order, &p->opcode,
1497 unformat_ethernet_address, &p->ip4_over_ethernet[0].ethernet,
1499 unformat_ip4_address, &p->ip4_over_ethernet[0].ip4,
1501 unformat_ethernet_address, &p->ip4_over_ethernet[1].ethernet,
1503 unformat_ip4_address, &p->ip4_over_ethernet[1].ip4))
1505 /* Free up any edits we may have added. */
1506 pg_free_edit_group (s);
1513 ip4_set_arp_limit (u32 arp_limit)
1515 ethernet_arp_main_t *am = ðernet_arp_main;
1517 am->limit_arp_cache_size = arp_limit;
1522 * @brief Control Plane hook to remove an ARP entry
1525 vnet_arp_unset_ip4_over_ethernet (vnet_main_t * vnm,
1526 u32 sw_if_index, void *a_arg)
1528 ethernet_arp_ip4_over_ethernet_address_t *a = a_arg;
1529 vnet_arp_set_ip4_over_ethernet_rpc_args_t args;
1531 args.sw_if_index = sw_if_index;
1532 args.flags = ETHERNET_ARP_ARGS_REMOVE;
1533 clib_memcpy (&args.a, a, sizeof (*a));
1535 vl_api_rpc_call_main_thread (set_ip4_over_ethernet_rpc_callback,
1536 (u8 *) & args, sizeof (args));
1541 * @brief Internally generated event to flush the ARP cache on an
1542 * interface state change event.
1543 * A flush will remove dynamic ARP entries, and for statics remove the MAC
1544 * address from the corresponding adjacencies.
1547 vnet_arp_flush_ip4_over_ethernet (vnet_main_t * vnm,
1548 u32 sw_if_index, void *a_arg)
1550 ethernet_arp_ip4_over_ethernet_address_t *a = a_arg;
1551 vnet_arp_set_ip4_over_ethernet_rpc_args_t args;
1553 args.sw_if_index = sw_if_index;
1554 args.flags = ETHERNET_ARP_ARGS_FLUSH;
1555 clib_memcpy (&args.a, a, sizeof (*a));
1557 vl_api_rpc_call_main_thread (set_ip4_over_ethernet_rpc_callback,
1558 (u8 *) & args, sizeof (args));
1563 * @brief Internally generated event to populate the ARP cache on an
1564 * interface state change event.
1565 * For static entries this will re-source the adjacencies.
1567 * @param sw_if_index The interface on which the ARP entires are acted
1570 vnet_arp_populate_ip4_over_ethernet (vnet_main_t * vnm,
1571 u32 sw_if_index, void *a_arg)
1573 ethernet_arp_ip4_over_ethernet_address_t *a = a_arg;
1574 vnet_arp_set_ip4_over_ethernet_rpc_args_t args;
1576 args.sw_if_index = sw_if_index;
1577 args.flags = ETHERNET_ARP_ARGS_POPULATE;
1578 clib_memcpy (&args.a, a, sizeof (*a));
1580 vl_api_rpc_call_main_thread (set_ip4_over_ethernet_rpc_callback,
1581 (u8 *) & args, sizeof (args));
1586 * arp_add_del_interface_address
1588 * callback when an interface address is added or deleted
1591 arp_add_del_interface_address (ip4_main_t * im,
1594 ip4_address_t * address,
1596 u32 if_address_index, u32 is_del)
1599 * Flush the ARP cache of all entries covered by the address
1600 * that is being removed.
1602 ethernet_arp_main_t *am = ðernet_arp_main;
1603 ethernet_arp_ip4_entry_t *e;
1605 if (vec_len (am->ethernet_arp_by_sw_if_index) <= sw_if_index)
1610 ethernet_arp_interface_t *eai;
1611 u32 i, *to_delete = 0;
1614 eai = &am->ethernet_arp_by_sw_if_index[sw_if_index];
1617 hash_foreach_pair (pair, eai->arp_entries,
1619 e = pool_elt_at_index(am->ip4_entry_pool,
1621 if (ip4_destination_matches_route (im, &e->ip4_address,
1622 address, address_length))
1624 vec_add1 (to_delete, e - am->ip4_entry_pool);
1629 for (i = 0; i < vec_len (to_delete); i++)
1631 ethernet_arp_ip4_over_ethernet_address_t delme;
1632 e = pool_elt_at_index (am->ip4_entry_pool, to_delete[i]);
1634 clib_memcpy (&delme.ethernet, e->ethernet_address, 6);
1635 delme.ip4.as_u32 = e->ip4_address.as_u32;
1637 vnet_arp_flush_ip4_over_ethernet (vnet_get_main (),
1638 e->sw_if_index, &delme);
1641 vec_free (to_delete);
1645 static clib_error_t *
1646 ethernet_arp_init (vlib_main_t * vm)
1648 ethernet_arp_main_t *am = ðernet_arp_main;
1649 ip4_main_t *im = &ip4_main;
1650 clib_error_t *error;
1653 if ((error = vlib_call_init_function (vm, ethernet_init)))
1656 ethernet_register_input_type (vm, ETHERNET_TYPE_ARP, arp_input_node.index);
1658 pn = pg_get_node (arp_input_node.index);
1659 pn->unformat_edit = unformat_pg_arp_header;
1661 am->opcode_by_name = hash_create_string (0, sizeof (uword));
1662 #define _(o) hash_set_mem (am->opcode_by_name, #o, ETHERNET_ARP_OPCODE_##o);
1663 foreach_ethernet_arp_opcode;
1666 /* $$$ configurable */
1667 am->limit_arp_cache_size = 50000;
1669 am->pending_resolutions_by_address = hash_create (0, sizeof (uword));
1670 am->mac_changes_by_address = hash_create (0, sizeof (uword));
1672 /* don't trace ARP error packets */
1674 vlib_node_runtime_t *rt =
1675 vlib_node_get_runtime (vm, arp_input_node.index);
1678 vnet_pcap_drop_trace_filter_add_del \
1679 (rt->errors[ETHERNET_ARP_ERROR_##a], \
1681 foreach_ethernet_arp_error
1685 ip4_add_del_interface_address_callback_t cb;
1686 cb.function = arp_add_del_interface_address;
1687 cb.function_opaque = 0;
1688 vec_add1 (im->add_del_interface_address_callbacks, cb);
1693 VLIB_INIT_FUNCTION (ethernet_arp_init);
1696 arp_entry_free (ethernet_arp_interface_t * eai, ethernet_arp_ip4_entry_t * e)
1698 ethernet_arp_main_t *am = ðernet_arp_main;
1700 /* it's safe to delete the ADJ source on the FIB entry, even if it
1702 fib_table_entry_delete_index (e->fib_entry_index, FIB_SOURCE_ADJ);
1703 hash_unset (eai->arp_entries, e->ip4_address.as_u32);
1704 pool_put (am->ip4_entry_pool, e);
1708 vnet_arp_unset_ip4_over_ethernet_internal (vnet_main_t * vnm,
1709 vnet_arp_set_ip4_over_ethernet_rpc_args_t
1712 ethernet_arp_main_t *am = ðernet_arp_main;
1713 ethernet_arp_ip4_entry_t *e;
1714 ethernet_arp_interface_t *eai;
1716 eai = &am->ethernet_arp_by_sw_if_index[args->sw_if_index];
1718 e = arp_entry_find (eai, &args->a.ip4);
1722 arp_entry_free (eai, e);
1724 adj_nbr_walk_nh4 (e->sw_if_index,
1725 &e->ip4_address, arp_mk_incomplete_walk, NULL);
1732 vnet_arp_flush_ip4_over_ethernet_internal (vnet_main_t * vnm,
1733 vnet_arp_set_ip4_over_ethernet_rpc_args_t
1736 ethernet_arp_main_t *am = ðernet_arp_main;
1737 ethernet_arp_ip4_entry_t *e;
1738 ethernet_arp_interface_t *eai;
1740 eai = &am->ethernet_arp_by_sw_if_index[args->sw_if_index];
1742 e = arp_entry_find (eai, &args->a.ip4);
1746 adj_nbr_walk_nh4 (e->sw_if_index,
1747 &e->ip4_address, arp_mk_incomplete_walk, e);
1750 * The difference between flush and unset, is that an unset
1751 * means delete for static and dynamic entries. A flush
1752 * means delete only for dynamic. Flushing is what the DP
1753 * does in response to interface events. unset is only done
1754 * by the control plane.
1756 if (e->flags & ETHERNET_ARP_IP4_ENTRY_FLAG_DYNAMIC)
1758 arp_entry_free (eai, e);
1765 vnet_arp_populate_ip4_over_ethernet_internal (vnet_main_t * vnm,
1766 vnet_arp_set_ip4_over_ethernet_rpc_args_t
1769 ethernet_arp_main_t *am = ðernet_arp_main;
1770 ethernet_arp_ip4_entry_t *e;
1771 ethernet_arp_interface_t *eai;
1773 eai = &am->ethernet_arp_by_sw_if_index[args->sw_if_index];
1775 e = arp_entry_find (eai, &args->a.ip4);
1779 adj_nbr_walk_nh4 (e->sw_if_index,
1780 &e->ip4_address, arp_mk_complete_walk, e);
1786 set_ip4_over_ethernet_rpc_callback (vnet_arp_set_ip4_over_ethernet_rpc_args_t
1789 vnet_main_t *vm = vnet_get_main ();
1790 ASSERT (os_get_cpu_number () == 0);
1792 if (a->flags & ETHERNET_ARP_ARGS_REMOVE)
1793 vnet_arp_unset_ip4_over_ethernet_internal (vm, a);
1794 else if (a->flags & ETHERNET_ARP_ARGS_FLUSH)
1795 vnet_arp_flush_ip4_over_ethernet_internal (vm, a);
1796 else if (a->flags & ETHERNET_ARP_ARGS_POPULATE)
1797 vnet_arp_populate_ip4_over_ethernet_internal (vm, a);
1799 vnet_arp_set_ip4_over_ethernet_internal (vm, a);
1803 * @brief Invoked when the interface's admin state changes
1805 static clib_error_t *
1806 ethernet_arp_sw_interface_up_down (vnet_main_t * vnm,
1807 u32 sw_if_index, u32 flags)
1809 ethernet_arp_main_t *am = ðernet_arp_main;
1810 ethernet_arp_ip4_entry_t *e;
1811 u32 i, *to_delete = 0;
1814 pool_foreach (e, am->ip4_entry_pool,
1816 if (e->sw_if_index == sw_if_index)
1817 vec_add1 (to_delete,
1818 e - am->ip4_entry_pool);
1822 for (i = 0; i < vec_len (to_delete); i++)
1824 ethernet_arp_ip4_over_ethernet_address_t delme;
1825 e = pool_elt_at_index (am->ip4_entry_pool, to_delete[i]);
1827 clib_memcpy (&delme.ethernet, e->ethernet_address, 6);
1828 delme.ip4.as_u32 = e->ip4_address.as_u32;
1830 if (flags & VNET_SW_INTERFACE_FLAG_ADMIN_UP)
1832 vnet_arp_populate_ip4_over_ethernet (vnm, e->sw_if_index, &delme);
1836 vnet_arp_flush_ip4_over_ethernet (vnm, e->sw_if_index, &delme);
1840 vec_free (to_delete);
1845 VNET_SW_INTERFACE_ADMIN_UP_DOWN_FUNCTION (ethernet_arp_sw_interface_up_down);
1848 increment_ip4_and_mac_address (ethernet_arp_ip4_over_ethernet_address_t * a)
1853 for (i = 3; i >= 0; i--)
1855 old = a->ip4.as_u8[i];
1856 a->ip4.as_u8[i] += 1;
1857 if (old < a->ip4.as_u8[i])
1861 for (i = 5; i >= 0; i--)
1863 old = a->ethernet[i];
1864 a->ethernet[i] += 1;
1865 if (old < a->ethernet[i])
1871 vnet_arp_set_ip4_over_ethernet (vnet_main_t * vnm,
1872 u32 sw_if_index, void *a_arg,
1873 int is_static, int is_no_fib_entry)
1875 ethernet_arp_ip4_over_ethernet_address_t *a = a_arg;
1876 vnet_arp_set_ip4_over_ethernet_rpc_args_t args;
1878 args.sw_if_index = sw_if_index;
1879 args.is_static = is_static;
1880 args.is_no_fib_entry = is_no_fib_entry;
1882 clib_memcpy (&args.a, a, sizeof (*a));
1884 vl_api_rpc_call_main_thread (set_ip4_over_ethernet_rpc_callback,
1885 (u8 *) & args, sizeof (args));
1890 vnet_proxy_arp_add_del (ip4_address_t * lo_addr,
1891 ip4_address_t * hi_addr, u32 fib_index, int is_del)
1893 ethernet_arp_main_t *am = ðernet_arp_main;
1894 ethernet_proxy_arp_t *pa;
1895 u32 found_at_index = ~0;
1897 vec_foreach (pa, am->proxy_arps)
1899 if (pa->lo_addr == lo_addr->as_u32
1900 && pa->hi_addr == hi_addr->as_u32 && pa->fib_index == fib_index)
1902 found_at_index = pa - am->proxy_arps;
1907 if (found_at_index != ~0)
1909 /* Delete, otherwise it's already in the table */
1911 vec_delete (am->proxy_arps, 1, found_at_index);
1914 /* delete, no such entry */
1916 return VNET_API_ERROR_NO_SUCH_ENTRY;
1918 /* add, not in table */
1919 vec_add2 (am->proxy_arps, pa, 1);
1920 pa->lo_addr = lo_addr->as_u32;
1921 pa->hi_addr = hi_addr->as_u32;
1922 pa->fib_index = fib_index;
1927 * Remove any proxy arp entries asdociated with the
1931 vnet_proxy_arp_fib_reset (u32 fib_id)
1933 ip4_main_t *im = &ip4_main;
1934 ethernet_arp_main_t *am = ðernet_arp_main;
1935 ethernet_proxy_arp_t *pa;
1936 u32 *entries_to_delete = 0;
1941 p = hash_get (im->fib_index_by_table_id, fib_id);
1943 return VNET_API_ERROR_NO_SUCH_ENTRY;
1946 vec_foreach (pa, am->proxy_arps)
1948 if (pa->fib_index == fib_index)
1950 vec_add1 (entries_to_delete, pa - am->proxy_arps);
1954 for (i = 0; i < vec_len (entries_to_delete); i++)
1956 vec_delete (am->proxy_arps, 1, entries_to_delete[i]);
1959 vec_free (entries_to_delete);
1964 static clib_error_t *
1965 ip_arp_add_del_command_fn (vlib_main_t * vm,
1966 unformat_input_t * input, vlib_cli_command_t * cmd)
1968 vnet_main_t *vnm = vnet_get_main ();
1970 ethernet_arp_ip4_over_ethernet_address_t lo_addr, hi_addr, addr;
1977 int is_no_fib_entry = 0;
1980 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
1982 /* set ip arp TenGigE1/1/0/1 1.2.3.4 aa:bb:... or aabb.ccdd... */
1983 if (unformat (input, "%U %U %U",
1984 unformat_vnet_sw_interface, vnm, &sw_if_index,
1985 unformat_ip4_address, &addr.ip4,
1986 unformat_ethernet_address, &addr.ethernet))
1989 else if (unformat (input, "delete") || unformat (input, "del"))
1992 else if (unformat (input, "static"))
1995 else if (unformat (input, "no-fib-entry"))
1996 is_no_fib_entry = 1;
1998 else if (unformat (input, "count %d", &count))
2001 else if (unformat (input, "fib-id %d", &fib_id))
2003 ip4_main_t *im = &ip4_main;
2004 uword *p = hash_get (im->fib_index_by_table_id, fib_id);
2006 return clib_error_return (0, "fib ID %d doesn't exist\n", fib_id);
2010 else if (unformat (input, "proxy %U - %U",
2011 unformat_ip4_address, &lo_addr.ip4,
2012 unformat_ip4_address, &hi_addr.ip4))
2020 (void) vnet_proxy_arp_add_del (&lo_addr.ip4, &hi_addr.ip4,
2029 for (i = 0; i < count; i++)
2033 uword event_type, *event_data = 0;
2035 /* Park the debug CLI until the arp entry is installed */
2036 vnet_register_ip4_arp_resolution_event
2037 (vnm, &addr.ip4, vlib_current_process (vm),
2038 1 /* type */ , 0 /* data */ );
2040 vnet_arp_set_ip4_over_ethernet
2041 (vnm, sw_if_index, &addr, is_static, is_no_fib_entry);
2043 vlib_process_wait_for_event (vm);
2044 event_type = vlib_process_get_events (vm, &event_data);
2045 vec_reset_length (event_data);
2046 if (event_type != 1)
2047 clib_warning ("event type %d unexpected", event_type);
2050 vnet_arp_unset_ip4_over_ethernet (vnm, sw_if_index, &addr);
2052 increment_ip4_and_mac_address (&addr);
2057 return clib_error_return (0, "unknown input `%U'",
2058 format_unformat_error, input);
2066 * Add or delete IPv4 ARP cache entries.
2068 * @note 'set ip arp' options (e.g. delete, static, 'fib-id <id>',
2069 * 'count <number>', 'interface ip4_addr mac_addr') can be added in
2070 * any order and combination.
2074 * Add or delete IPv4 ARP cache entries as follows. MAC Address can be in
2075 * either aa:bb:cc:dd:ee:ff format or aabb.ccdd.eeff format.
2076 * @cliexcmd{set ip arp GigabitEthernet2/0/0 6.0.0.3 dead.beef.babe}
2077 * @cliexcmd{set ip arp delete GigabitEthernet2/0/0 6.0.0.3 de:ad:be:ef:ba:be}
2079 * To add or delete an IPv4 ARP cache entry to or from a specific fib
2081 * @cliexcmd{set ip arp fib-id 1 GigabitEthernet2/0/0 6.0.0.3 dead.beef.babe}
2082 * @cliexcmd{set ip arp fib-id 1 delete GigabitEthernet2/0/0 6.0.0.3 dead.beef.babe}
2084 * Add or delete IPv4 static ARP cache entries as follows:
2085 * @cliexcmd{set ip arp static GigabitEthernet2/0/0 6.0.0.3 dead.beef.babe}
2086 * @cliexcmd{set ip arp static delete GigabitEthernet2/0/0 6.0.0.3 dead.beef.babe}
2088 * For testing / debugging purposes, the 'set ip arp' command can add or
2089 * delete multiple entries. Supply the 'count N' parameter:
2090 * @cliexcmd{set ip arp count 10 GigabitEthernet2/0/0 6.0.0.3 dead.beef.babe}
2093 VLIB_CLI_COMMAND (ip_arp_add_del_command, static) = {
2094 .path = "set ip arp",
2096 "set ip arp [del] <intfc> <ip-address> <mac-address> [static] [no-fib-entry] [count <count>] [fib-id <fib-id>] [proxy <lo-addr> - <hi-addr>]",
2097 .function = ip_arp_add_del_command_fn,
2101 static clib_error_t *
2102 set_int_proxy_arp_command_fn (vlib_main_t * vm,
2104 input, vlib_cli_command_t * cmd)
2106 vnet_main_t *vnm = vnet_get_main ();
2108 vnet_sw_interface_t *si;
2112 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
2114 if (unformat (input, "%U", unformat_vnet_sw_interface,
2117 else if (unformat (input, "enable") || unformat (input, "on"))
2119 else if (unformat (input, "disable") || unformat (input, "off"))
2126 return clib_error_return (0, "unknown input '%U'",
2127 format_unformat_error, input);
2129 si = vnet_get_sw_interface (vnm, sw_if_index);
2132 si->flags |= VNET_SW_INTERFACE_FLAG_PROXY_ARP;
2134 si->flags &= ~VNET_SW_INTERFACE_FLAG_PROXY_ARP;
2141 * Enable proxy-arp on an interface. The vpp stack will answer ARP
2142 * requests for the indicated address range. Multiple proxy-arp
2143 * ranges may be provisioned.
2145 * @note Proxy ARP as a technology is infamous for blackholing traffic.
2146 * Also, the underlying implementation has not been performance-tuned.
2147 * Avoid creating an unnecessarily large set of ranges.
2150 * To enable proxy arp on a range of addresses, use:
2151 * @cliexcmd{set ip arp proxy 6.0.0.1 - 6.0.0.11}
2152 * Append 'del' to delete a range of proxy ARP addresses:
2153 * @cliexcmd{set ip arp proxy 6.0.0.1 - 6.0.0.11 del}
2154 * You must then specifically enable proxy arp on individual interfaces:
2155 * @cliexcmd{set interface proxy-arp GigabitEthernet0/8/0 enable}
2156 * To disable proxy arp on an individual interface:
2157 * @cliexcmd{set interface proxy-arp GigabitEthernet0/8/0 disable}
2159 VLIB_CLI_COMMAND (set_int_proxy_enable_command, static) = {
2160 .path = "set interface proxy-arp",
2162 "set interface proxy-arp <intfc> [enable|disable]",
2163 .function = set_int_proxy_arp_command_fn,
2169 * ARP/ND Termination in a L2 Bridge Domain based on IP4/IP6 to MAC
2170 * hash tables mac_by_ip4 and mac_by_ip6 for each BD.
2174 ARP_TERM_NEXT_L2_OUTPUT,
2179 u32 arp_term_next_node_index[32];
2182 arp_term_l2bd (vlib_main_t * vm,
2183 vlib_node_runtime_t * node, vlib_frame_t * frame)
2185 l2input_main_t *l2im = &l2input_main;
2186 u32 n_left_from, next_index, *from, *to_next;
2187 u32 n_replies_sent = 0;
2188 u16 last_bd_index = ~0;
2189 l2_bridge_domain_t *last_bd_config = 0;
2190 l2_input_config_t *cfg0;
2192 from = vlib_frame_vector_args (frame);
2193 n_left_from = frame->n_vectors;
2194 next_index = node->cached_next_index;
2196 while (n_left_from > 0)
2200 vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
2202 while (n_left_from > 0 && n_left_to_next > 0)
2205 ethernet_header_t *eth0;
2206 ethernet_arp_header_t *arp0;
2209 u32 pi0, error0, next0, sw_if_index0;
2220 n_left_to_next -= 1;
2222 p0 = vlib_get_buffer (vm, pi0);
2223 eth0 = vlib_buffer_get_current (p0);
2224 l3h0 = (u8 *) eth0 + vnet_buffer (p0)->l2.l2_len;
2225 ethertype0 = clib_net_to_host_u16 (*(u16 *) (l3h0 - 2));
2226 arp0 = (ethernet_arp_header_t *) l3h0;
2228 if (PREDICT_FALSE ((ethertype0 != ETHERNET_TYPE_ARP) ||
2230 clib_host_to_net_u16
2231 (ETHERNET_ARP_OPCODE_request))))
2234 /* Must be ARP request packet here */
2235 if (PREDICT_FALSE ((node->flags & VLIB_NODE_FLAG_TRACE) &&
2236 (p0->flags & VLIB_BUFFER_IS_TRACED)))
2238 u8 *t0 = vlib_add_trace (vm, node, p0,
2239 sizeof (ethernet_arp_input_trace_t));
2240 clib_memcpy (t0, l3h0, sizeof (ethernet_arp_input_trace_t));
2243 error0 = ETHERNET_ARP_ERROR_replies_sent;
2246 clib_net_to_host_u16 (ETHERNET_ARP_HARDWARE_TYPE_ethernet)
2247 ? ETHERNET_ARP_ERROR_l2_type_not_ethernet : error0);
2250 clib_net_to_host_u16 (ETHERNET_TYPE_IP4) ?
2251 ETHERNET_ARP_ERROR_l3_type_not_ip4 : error0);
2253 sw_if_index0 = vnet_buffer (p0)->sw_if_index[VLIB_RX];
2258 /* Trash ARP packets whose ARP-level source addresses do not
2259 match their L2-frame-level source addresses */
2262 (eth0->src_address, arp0->ip4_over_ethernet[0].ethernet,
2263 sizeof (eth0->src_address))))
2265 error0 = ETHERNET_ARP_ERROR_l2_address_mismatch;
2269 /* Check if anyone want ARP request events for L2 BDs */
2271 pending_resolution_t *mc;
2272 ethernet_arp_main_t *am = ðernet_arp_main;
2273 uword *p = hash_get (am->mac_changes_by_address, 0);
2274 if (p && (vnet_buffer (p0)->l2.shg == 0))
2275 { // Only SHG 0 interface which is more likely local
2276 u32 next_index = p[0];
2277 while (next_index != (u32) ~ 0)
2279 int (*fp) (u32, u8 *, u32, u32);
2281 mc = pool_elt_at_index (am->mac_changes, next_index);
2282 fp = mc->data_callback;
2283 /* Call the callback, return 1 to suppress dup events */
2285 rv = (*fp) (mc->data,
2286 arp0->ip4_over_ethernet[0].ethernet,
2288 arp0->ip4_over_ethernet[0].ip4.as_u32);
2289 /* Signal the resolver process */
2291 vlib_process_signal_event (vm, mc->node_index,
2292 mc->type_opaque, mc->data);
2293 next_index = mc->next_index;
2298 /* lookup BD mac_by_ip4 hash table for MAC entry */
2299 ip0 = arp0->ip4_over_ethernet[1].ip4.as_u32;
2300 bd_index0 = vnet_buffer (p0)->l2.bd_index;
2301 if (PREDICT_FALSE ((bd_index0 != last_bd_index)
2302 || (last_bd_index == (u16) ~ 0)))
2304 last_bd_index = bd_index0;
2305 last_bd_config = vec_elt_at_index (l2im->bd_configs, bd_index0);
2307 macp0 = (u8 *) hash_get (last_bd_config->mac_by_ip4, ip0);
2309 if (PREDICT_FALSE (!macp0))
2310 goto next_l2_feature; /* MAC not found */
2312 /* MAC found, send ARP reply -
2313 Convert ARP request packet to ARP reply */
2314 arp0->opcode = clib_host_to_net_u16 (ETHERNET_ARP_OPCODE_reply);
2315 arp0->ip4_over_ethernet[1] = arp0->ip4_over_ethernet[0];
2316 arp0->ip4_over_ethernet[0].ip4.as_u32 = ip0;
2317 clib_memcpy (arp0->ip4_over_ethernet[0].ethernet, macp0, 6);
2318 clib_memcpy (eth0->dst_address, eth0->src_address, 6);
2319 clib_memcpy (eth0->src_address, macp0, 6);
2320 n_replies_sent += 1;
2323 /* For BVI, need to use l2-fwd node to send ARP reply as
2324 l2-output node cannot output packet to BVI properly */
2325 cfg0 = vec_elt_at_index (l2im->configs, sw_if_index0);
2326 if (PREDICT_FALSE (cfg0->bvi))
2328 vnet_buffer (p0)->l2.feature_bitmap |= L2INPUT_FEAT_FWD;
2329 vnet_buffer (p0)->sw_if_index[VLIB_RX] = 0;
2330 goto next_l2_feature;
2333 /* Send ARP/ND reply back out input interface through l2-output */
2334 vnet_buffer (p0)->sw_if_index[VLIB_TX] = sw_if_index0;
2335 next0 = ARP_TERM_NEXT_L2_OUTPUT;
2336 /* Note that output to VXLAN tunnel will fail due to SHG which
2337 is probably desireable since ARP termination is not intended
2338 for ARP requests from other hosts. If output to VXLAN tunnel is
2339 required, however, can just clear the SHG in packet as follows:
2340 vnet_buffer(p0)->l2.shg = 0; */
2341 vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
2342 to_next, n_left_to_next, pi0,
2347 /* IP6 ND event notification or solicitation handling to generate
2348 local response instead of flooding */
2349 iph0 = (ip6_header_t *) l3h0;
2350 if (PREDICT_FALSE (ethertype0 == ETHERNET_TYPE_IP6 &&
2351 iph0->protocol == IP_PROTOCOL_ICMP6 &&
2352 !ip6_address_is_unspecified
2353 (&iph0->src_address)))
2355 sw_if_index0 = vnet_buffer (p0)->sw_if_index[VLIB_RX];
2356 if (vnet_ip6_nd_term
2357 (vm, node, p0, eth0, iph0, sw_if_index0,
2358 vnet_buffer (p0)->l2.bd_index, vnet_buffer (p0)->l2.shg))
2359 goto output_response;
2364 u32 feature_bitmap0 =
2365 vnet_buffer (p0)->l2.feature_bitmap & ~L2INPUT_FEAT_ARP_TERM;
2366 vnet_buffer (p0)->l2.feature_bitmap = feature_bitmap0;
2368 feat_bitmap_get_next_node_index (arp_term_next_node_index,
2370 vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
2371 to_next, n_left_to_next,
2377 if (0 == arp0->ip4_over_ethernet[0].ip4.as_u32 ||
2378 (arp0->ip4_over_ethernet[0].ip4.as_u32 ==
2379 arp0->ip4_over_ethernet[1].ip4.as_u32))
2381 error0 = ETHERNET_ARP_ERROR_gratuitous_arp;
2383 next0 = ARP_TERM_NEXT_DROP;
2384 p0->error = node->errors[error0];
2386 vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
2387 to_next, n_left_to_next, pi0,
2391 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
2394 vlib_error_count (vm, node->node_index,
2395 ETHERNET_ARP_ERROR_replies_sent, n_replies_sent);
2396 return frame->n_vectors;
2400 VLIB_REGISTER_NODE (arp_term_l2bd_node, static) = {
2401 .function = arp_term_l2bd,
2402 .name = "arp-term-l2bd",
2403 .vector_size = sizeof (u32),
2404 .n_errors = ETHERNET_ARP_N_ERROR,
2405 .error_strings = ethernet_arp_error_strings,
2406 .n_next_nodes = ARP_TERM_N_NEXT,
2408 [ARP_TERM_NEXT_L2_OUTPUT] = "l2-output",
2409 [ARP_TERM_NEXT_DROP] = "error-drop",
2411 .format_buffer = format_ethernet_arp_header,
2412 .format_trace = format_arp_term_input_trace,
2417 arp_term_init (vlib_main_t * vm)
2419 // Initialize the feature next-node indexes
2420 feat_bitmap_init_next_nodes (vm,
2421 arp_term_l2bd_node.index,
2423 l2input_get_feat_names (),
2424 arp_term_next_node_index);
2428 VLIB_INIT_FUNCTION (arp_term_init);
2431 change_arp_mac (u32 sw_if_index, ethernet_arp_ip4_entry_t * e)
2433 if (e->sw_if_index == sw_if_index)
2435 adj_nbr_walk_nh4 (e->sw_if_index,
2436 &e->ip4_address, arp_mk_complete_walk, e);
2441 ethernet_arp_change_mac (u32 sw_if_index)
2443 ethernet_arp_main_t *am = ðernet_arp_main;
2444 ethernet_arp_ip4_entry_t *e;
2447 pool_foreach (e, am->ip4_entry_pool,
2449 change_arp_mac (sw_if_index, e);
2455 * fd.io coding-style-patch-verification: ON
2458 * eval: (c-set-style "gnu")