2 * ethernet/arp.c: IP v4 ARP node
4 * Copyright (c) 2010 Cisco and/or its affiliates.
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
18 #include <vnet/ip/ip.h>
19 #include <vnet/ip/ip6.h>
20 #include <vnet/ethernet/ethernet.h>
21 #include <vnet/ethernet/arp_packet.h>
22 #include <vnet/l2/l2_input.h>
23 #include <vppinfra/mhash.h>
24 #include <vnet/fib/ip4_fib.h>
25 #include <vnet/adj/adj_nbr.h>
26 #include <vnet/adj/adj_mcast.h>
27 #include <vnet/mpls/mpls.h>
33 * This file contains code to manage the IPv4 ARP tables (IP Address
34 * to MAC Address lookup).
38 void vl_api_rpc_call_main_thread (void *fp, u8 * data, u32 data_length);
41 * @brief Per-interface ARP configuration and state
43 typedef struct ethernet_arp_interface_t_
46 * Hash table of ARP entries.
47 * Since this hash table is per-interface, the key is only the IPv4 address.
50 } ethernet_arp_interface_t;
57 } ethernet_proxy_arp_t;
65 /* Used for arp event notification only */
68 } pending_resolution_t;
72 /* Hash tables mapping name to opcode. */
73 uword *opcode_by_name;
75 /* lite beer "glean" adjacency handling */
76 uword *pending_resolutions_by_address;
77 pending_resolution_t *pending_resolutions;
79 /* Mac address change notification */
80 uword *mac_changes_by_address;
81 pending_resolution_t *mac_changes;
83 ethernet_arp_ip4_entry_t *ip4_entry_pool;
85 /* ARP attack mitigation */
87 u32 limit_arp_cache_size;
89 /** Per interface state */
90 ethernet_arp_interface_t *ethernet_arp_by_sw_if_index;
92 /* Proxy arp vector */
93 ethernet_proxy_arp_t *proxy_arps;
94 } ethernet_arp_main_t;
96 static ethernet_arp_main_t ethernet_arp_main;
101 ethernet_arp_ip4_over_ethernet_address_t a;
105 #define ETHERNET_ARP_ARGS_REMOVE (1<<0)
106 #define ETHERNET_ARP_ARGS_FLUSH (1<<1)
107 #define ETHERNET_ARP_ARGS_POPULATE (1<<2)
108 } vnet_arp_set_ip4_over_ethernet_rpc_args_t;
111 set_ip4_over_ethernet_rpc_callback (vnet_arp_set_ip4_over_ethernet_rpc_args_t
115 format_ethernet_arp_hardware_type (u8 * s, va_list * va)
117 ethernet_arp_hardware_type_t h = va_arg (*va, ethernet_arp_hardware_type_t);
121 #define _(n,f) case n: t = #f; break;
122 foreach_ethernet_arp_hardware_type;
126 return format (s, "unknown 0x%x", h);
129 return format (s, "%s", t);
133 format_ethernet_arp_opcode (u8 * s, va_list * va)
135 ethernet_arp_opcode_t o = va_arg (*va, ethernet_arp_opcode_t);
139 #define _(f) case ETHERNET_ARP_OPCODE_##f: t = #f; break;
140 foreach_ethernet_arp_opcode;
144 return format (s, "unknown 0x%x", o);
147 return format (s, "%s", t);
151 unformat_ethernet_arp_opcode_host_byte_order (unformat_input_t * input,
154 int *result = va_arg (*args, int *);
155 ethernet_arp_main_t *am = ðernet_arp_main;
158 /* Numeric opcode. */
159 if (unformat (input, "0x%x", &x) || unformat (input, "%d", &x))
168 if (unformat_user (input, unformat_vlib_number_by_name,
169 am->opcode_by_name, &i))
179 unformat_ethernet_arp_opcode_net_byte_order (unformat_input_t * input,
182 int *result = va_arg (*args, int *);
184 (input, unformat_ethernet_arp_opcode_host_byte_order, result))
187 *result = clib_host_to_net_u16 ((u16) * result);
192 format_ethernet_arp_header (u8 * s, va_list * va)
194 ethernet_arp_header_t *a = va_arg (*va, ethernet_arp_header_t *);
195 u32 max_header_bytes = va_arg (*va, u32);
197 u16 l2_type, l3_type;
199 if (max_header_bytes != 0 && sizeof (a[0]) > max_header_bytes)
200 return format (s, "ARP header truncated");
202 l2_type = clib_net_to_host_u16 (a->l2_type);
203 l3_type = clib_net_to_host_u16 (a->l3_type);
205 indent = format_get_indent (s);
207 s = format (s, "%U, type %U/%U, address size %d/%d",
208 format_ethernet_arp_opcode, clib_net_to_host_u16 (a->opcode),
209 format_ethernet_arp_hardware_type, l2_type,
210 format_ethernet_type, l3_type,
211 a->n_l2_address_bytes, a->n_l3_address_bytes);
213 if (l2_type == ETHERNET_ARP_HARDWARE_TYPE_ethernet
214 && l3_type == ETHERNET_TYPE_IP4)
216 s = format (s, "\n%U%U/%U -> %U/%U",
217 format_white_space, indent,
218 format_ethernet_address, a->ip4_over_ethernet[0].ethernet,
219 format_ip4_address, &a->ip4_over_ethernet[0].ip4,
220 format_ethernet_address, a->ip4_over_ethernet[1].ethernet,
221 format_ip4_address, &a->ip4_over_ethernet[1].ip4);
225 uword n2 = a->n_l2_address_bytes;
226 uword n3 = a->n_l3_address_bytes;
227 s = format (s, "\n%U%U/%U -> %U/%U",
228 format_white_space, indent,
229 format_hex_bytes, a->data + 0 * n2 + 0 * n3, n2,
230 format_hex_bytes, a->data + 1 * n2 + 0 * n3, n3,
231 format_hex_bytes, a->data + 1 * n2 + 1 * n3, n2,
232 format_hex_bytes, a->data + 2 * n2 + 1 * n3, n3);
239 format_ethernet_arp_ip4_entry (u8 * s, va_list * va)
241 vnet_main_t *vnm = va_arg (*va, vnet_main_t *);
242 ethernet_arp_ip4_entry_t *e = va_arg (*va, ethernet_arp_ip4_entry_t *);
243 vnet_sw_interface_t *si;
247 return format (s, "%=12s%=16s%=6s%=20s%=24s", "Time", "IP4",
248 "Flags", "Ethernet", "Interface");
250 si = vnet_get_sw_interface (vnm, e->sw_if_index);
252 if (e->flags & ETHERNET_ARP_IP4_ENTRY_FLAG_STATIC)
253 flags = format (flags, "S");
255 if (e->flags & ETHERNET_ARP_IP4_ENTRY_FLAG_DYNAMIC)
256 flags = format (flags, "D");
258 if (e->flags & ETHERNET_ARP_IP4_ENTRY_FLAG_NO_FIB_ENTRY)
259 flags = format (flags, "N");
261 s = format (s, "%=12U%=16U%=6s%=20U%=24U",
262 format_vlib_cpu_time, vnm->vlib_main, e->cpu_time_last_updated,
263 format_ip4_address, &e->ip4_address,
264 flags ? (char *) flags : "",
265 format_ethernet_address, e->ethernet_address,
266 format_vnet_sw_interface_name, vnm, si);
275 } ethernet_arp_input_trace_t;
278 format_ethernet_arp_input_trace (u8 * s, va_list * va)
280 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*va, vlib_main_t *);
281 CLIB_UNUSED (vlib_node_t * node) = va_arg (*va, vlib_node_t *);
282 ethernet_arp_input_trace_t *t = va_arg (*va, ethernet_arp_input_trace_t *);
285 format_ethernet_arp_header,
286 t->packet_data, sizeof (t->packet_data));
292 format_arp_term_input_trace (u8 * s, va_list * va)
294 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*va, vlib_main_t *);
295 CLIB_UNUSED (vlib_node_t * node) = va_arg (*va, vlib_node_t *);
296 ethernet_arp_input_trace_t *t = va_arg (*va, ethernet_arp_input_trace_t *);
298 /* arp-term trace data saved is either arp or ip6/icmp6 packet:
299 - for arp, the 1st 16-bit field is hw type of value of 0x0001.
300 - for ip6, the first nibble has value of 6. */
301 s = format (s, "%U", t->packet_data[0] == 0 ?
302 format_ethernet_arp_header : format_ip6_header,
303 t->packet_data, sizeof (t->packet_data));
309 arp_nbr_probe (ip_adjacency_t * adj)
311 vnet_main_t *vnm = vnet_get_main ();
312 ip4_main_t *im = &ip4_main;
313 ip_interface_address_t *ia;
314 ethernet_arp_header_t *h;
315 vnet_hw_interface_t *hi;
316 vnet_sw_interface_t *si;
322 vm = vlib_get_main ();
324 si = vnet_get_sw_interface (vnm, adj->rewrite_header.sw_if_index);
326 if (!(si->flags & VNET_SW_INTERFACE_FLAG_ADMIN_UP))
332 ip4_interface_address_matching_destination (im,
333 &adj->sub_type.nbr.next_hop.
343 vlib_packet_template_get_packet (vm, &im->ip4_arp_request_packet_template,
346 hi = vnet_get_sup_hw_interface (vnm, adj->rewrite_header.sw_if_index);
348 clib_memcpy (h->ip4_over_ethernet[0].ethernet,
349 hi->hw_address, sizeof (h->ip4_over_ethernet[0].ethernet));
351 h->ip4_over_ethernet[0].ip4 = src[0];
352 h->ip4_over_ethernet[1].ip4 = adj->sub_type.nbr.next_hop.ip4;
354 b = vlib_get_buffer (vm, bi);
355 vnet_buffer (b)->sw_if_index[VLIB_RX] =
356 vnet_buffer (b)->sw_if_index[VLIB_TX] = adj->rewrite_header.sw_if_index;
358 /* Add encapsulation string for software interface (e.g. ethernet header). */
359 vnet_rewrite_one_header (adj[0], h, sizeof (ethernet_header_t));
360 vlib_buffer_advance (b, -adj->rewrite_header.data_bytes);
363 vlib_frame_t *f = vlib_get_frame_to_node (vm, hi->output_node_index);
364 u32 *to_next = vlib_frame_vector_args (f);
367 vlib_put_frame_to_node (vm, hi->output_node_index, f);
372 arp_mk_complete (adj_index_t ai, ethernet_arp_ip4_entry_t * e)
374 adj_nbr_update_rewrite
375 (ai, ADJ_NBR_REWRITE_FLAG_COMPLETE,
376 ethernet_build_rewrite (vnet_get_main (),
378 adj_get_link_type (ai), e->ethernet_address));
382 arp_mk_incomplete (adj_index_t ai)
384 ip_adjacency_t *adj = adj_get (ai);
386 adj_nbr_update_rewrite
388 ADJ_NBR_REWRITE_FLAG_INCOMPLETE,
389 ethernet_build_rewrite (vnet_get_main (),
390 adj->rewrite_header.sw_if_index,
392 VNET_REWRITE_FOR_SW_INTERFACE_ADDRESS_BROADCAST));
395 static ethernet_arp_ip4_entry_t *
396 arp_entry_find (ethernet_arp_interface_t * eai, const ip4_address_t * addr)
398 ethernet_arp_main_t *am = ðernet_arp_main;
399 ethernet_arp_ip4_entry_t *e = NULL;
402 if (NULL != eai->arp_entries)
404 p = hash_get (eai->arp_entries, addr->as_u32);
408 e = pool_elt_at_index (am->ip4_entry_pool, p[0]);
415 arp_mk_complete_walk (adj_index_t ai, void *ctx)
417 ethernet_arp_ip4_entry_t *e = ctx;
419 arp_mk_complete (ai, e);
421 return (ADJ_WALK_RC_CONTINUE);
425 arp_mk_incomplete_walk (adj_index_t ai, void *ctx)
427 arp_mk_incomplete (ai);
429 return (ADJ_WALK_RC_CONTINUE);
433 arp_update_adjacency (vnet_main_t * vnm, u32 sw_if_index, u32 ai)
435 ethernet_arp_main_t *am = ðernet_arp_main;
436 ethernet_arp_interface_t *arp_int;
437 ethernet_arp_ip4_entry_t *e;
442 vec_validate (am->ethernet_arp_by_sw_if_index, sw_if_index);
443 arp_int = &am->ethernet_arp_by_sw_if_index[sw_if_index];
444 e = arp_entry_find (arp_int, &adj->sub_type.nbr.next_hop.ip4);
446 switch (adj->lookup_next_index)
448 case IP_LOOKUP_NEXT_ARP:
449 case IP_LOOKUP_NEXT_GLEAN:
452 adj_nbr_walk_nh4 (sw_if_index,
453 &e->ip4_address, arp_mk_complete_walk, e);
458 * no matching ARP entry.
459 * construct the rewrite required to for an ARP packet, and stick
460 * that in the adj's pipe to smoke.
462 adj_nbr_update_rewrite
464 ADJ_NBR_REWRITE_FLAG_INCOMPLETE,
465 ethernet_build_rewrite
469 VNET_REWRITE_FOR_SW_INTERFACE_ADDRESS_BROADCAST));
472 * since the FIB has added this adj for a route, it makes sense it
473 * may want to forward traffic sometime soon. Let's send a
474 * speculative ARP. just one. If we were to do periodically that
475 * wouldn't be bad either, but that's more code than i'm prepared to
476 * write at this time for relatively little reward.
481 case IP_LOOKUP_NEXT_MCAST:
483 * Construct a partial rewrite from the known ethernet mcast dest MAC
485 adj_mcast_update_rewrite
487 ethernet_build_rewrite (vnm,
490 ethernet_ip4_mcast_dst_addr ()));
493 * Complete the remaining fields of the adj's rewrite to direct the
494 * complete of the rewrite at switch time by copying in the IP
495 * dst address's bytes.
496 * Ofset is 11 bytes from the end of the MAC header - which is three
497 * bytes into the desintation address. And we write 3 bytes.
499 adj->rewrite_header.dst_mcast_offset = 11;
500 adj->rewrite_header.dst_mcast_n_bytes = 3;
504 case IP_LOOKUP_NEXT_DROP:
505 case IP_LOOKUP_NEXT_PUNT:
506 case IP_LOOKUP_NEXT_LOCAL:
507 case IP_LOOKUP_NEXT_REWRITE:
508 case IP_LOOKUP_NEXT_LOAD_BALANCE:
509 case IP_LOOKUP_NEXT_MIDCHAIN:
510 case IP_LOOKUP_NEXT_ICMP_ERROR:
511 case IP_LOOKUP_N_NEXT:
518 vnet_arp_set_ip4_over_ethernet_internal (vnet_main_t * vnm,
519 vnet_arp_set_ip4_over_ethernet_rpc_args_t
522 ethernet_arp_ip4_entry_t *e = 0;
523 ethernet_arp_main_t *am = ðernet_arp_main;
524 ethernet_arp_ip4_over_ethernet_address_t *a = &args->a;
525 vlib_main_t *vm = vlib_get_main ();
526 int make_new_arp_cache_entry = 1;
528 pending_resolution_t *pr, *mc;
529 ethernet_arp_interface_t *arp_int;
530 int is_static = args->is_static;
531 u32 sw_if_index = args->sw_if_index;
532 int is_no_fib_entry = args->is_no_fib_entry;
534 vec_validate (am->ethernet_arp_by_sw_if_index, sw_if_index);
536 arp_int = &am->ethernet_arp_by_sw_if_index[sw_if_index];
538 if (NULL != arp_int->arp_entries)
540 p = hash_get (arp_int->arp_entries, a->ip4.as_u32);
543 e = pool_elt_at_index (am->ip4_entry_pool, p[0]);
545 /* Refuse to over-write static arp. */
546 if (!is_static && (e->flags & ETHERNET_ARP_IP4_ENTRY_FLAG_STATIC))
548 make_new_arp_cache_entry = 0;
552 if (make_new_arp_cache_entry)
554 pool_get (am->ip4_entry_pool, e);
556 if (NULL == arp_int->arp_entries)
558 arp_int->arp_entries = hash_create (0, sizeof (u32));
561 hash_set (arp_int->arp_entries, a->ip4.as_u32, e - am->ip4_entry_pool);
563 e->sw_if_index = sw_if_index;
564 e->ip4_address = a->ip4;
565 clib_memcpy (e->ethernet_address,
566 a->ethernet, sizeof (e->ethernet_address));
568 if (!is_no_fib_entry)
572 .fp_proto = FIB_PROTOCOL_IP4,
573 .fp_addr.ip4 = a->ip4,
578 ip4_fib_table_get_index_for_sw_if_index (e->sw_if_index);
580 fib_table_entry_update_one_path (fib_index, &pfx, FIB_SOURCE_ADJ,
581 FIB_ENTRY_FLAG_ATTACHED,
582 FIB_PROTOCOL_IP4, &pfx.fp_addr,
583 e->sw_if_index, ~0, 1, NULL,
584 FIB_ROUTE_PATH_FLAG_NONE);
585 e->flags |= ETHERNET_ARP_IP4_ENTRY_FLAG_NO_FIB_ENTRY;
591 * prevent a DoS attack from the data-plane that
592 * spams us with no-op updates to the MAC address
594 if (0 == memcmp (e->ethernet_address,
595 a->ethernet, sizeof (e->ethernet_address)))
598 /* Update time stamp and ethernet address. */
599 clib_memcpy (e->ethernet_address, a->ethernet,
600 sizeof (e->ethernet_address));
603 e->cpu_time_last_updated = clib_cpu_time_now ();
605 e->flags |= ETHERNET_ARP_IP4_ENTRY_FLAG_STATIC;
607 e->flags |= ETHERNET_ARP_IP4_ENTRY_FLAG_DYNAMIC;
609 adj_nbr_walk_nh4 (sw_if_index, &e->ip4_address, arp_mk_complete_walk, e);
611 /* Customer(s) waiting for this address to be resolved? */
612 p = hash_get (am->pending_resolutions_by_address, a->ip4.as_u32);
618 while (next_index != (u32) ~ 0)
620 pr = pool_elt_at_index (am->pending_resolutions, next_index);
621 vlib_process_signal_event (vm, pr->node_index,
622 pr->type_opaque, pr->data);
623 next_index = pr->next_index;
624 pool_put (am->pending_resolutions, pr);
627 hash_unset (am->pending_resolutions_by_address, a->ip4.as_u32);
630 /* Customer(s) requesting ARP event for this address? */
631 p = hash_get (am->mac_changes_by_address, a->ip4.as_u32);
637 while (next_index != (u32) ~ 0)
639 int (*fp) (u32, u8 *, u32, u32);
641 mc = pool_elt_at_index (am->mac_changes, next_index);
642 fp = mc->data_callback;
644 /* Call the user's data callback, return 1 to suppress dup events */
646 rv = (*fp) (mc->data, a->ethernet, sw_if_index, 0);
649 * Signal the resolver process, as long as the user
650 * says they want to be notified
653 vlib_process_signal_event (vm, mc->node_index,
654 mc->type_opaque, mc->data);
655 next_index = mc->next_index;
663 vnet_register_ip4_arp_resolution_event (vnet_main_t * vnm,
666 uword type_opaque, uword data)
668 ethernet_arp_main_t *am = ðernet_arp_main;
669 ip4_address_t *address = address_arg;
671 pending_resolution_t *pr;
673 pool_get (am->pending_resolutions, pr);
676 pr->node_index = node_index;
677 pr->type_opaque = type_opaque;
679 pr->data_callback = 0;
681 p = hash_get (am->pending_resolutions_by_address, address->as_u32);
684 /* Insert new resolution at the head of the list */
685 pr->next_index = p[0];
686 hash_unset (am->pending_resolutions_by_address, address->as_u32);
689 hash_set (am->pending_resolutions_by_address, address->as_u32,
690 pr - am->pending_resolutions);
694 vnet_add_del_ip4_arp_change_event (vnet_main_t * vnm,
699 uword type_opaque, uword data, int is_add)
701 ethernet_arp_main_t *am = ðernet_arp_main;
702 ip4_address_t *address = address_arg;
704 pending_resolution_t *mc;
705 void (*fp) (u32, u8 *) = data_callback;
709 pool_get (am->mac_changes, mc);
712 mc->node_index = node_index;
713 mc->type_opaque = type_opaque;
715 mc->data_callback = data_callback;
718 p = hash_get (am->mac_changes_by_address, address->as_u32);
721 /* Insert new resolution at the head of the list */
722 mc->next_index = p[0];
723 hash_unset (am->mac_changes_by_address, address->as_u32);
726 hash_set (am->mac_changes_by_address, address->as_u32,
727 mc - am->mac_changes);
733 pending_resolution_t *mc_last = 0;
735 p = hash_get (am->mac_changes_by_address, address->as_u32);
737 return VNET_API_ERROR_NO_SUCH_ENTRY;
741 while (index != (u32) ~ 0)
743 mc = pool_elt_at_index (am->mac_changes, index);
744 if (mc->node_index == node_index &&
745 mc->type_opaque == type_opaque && mc->pid == pid)
747 /* Clients may need to clean up pool entries, too */
749 (*fp) (mc->data, 0 /* no new mac addrs */ );
752 hash_unset (am->mac_changes_by_address, address->as_u32);
753 if (mc->next_index != ~0)
754 hash_set (am->mac_changes_by_address, address->as_u32,
756 pool_put (am->mac_changes, mc);
762 mc_last->next_index = mc->next_index;
763 pool_put (am->mac_changes, mc);
768 index = mc->next_index;
771 return VNET_API_ERROR_NO_SUCH_ENTRY;
775 /* Either we drop the packet or we send a reply to the sender. */
779 ARP_INPUT_NEXT_REPLY_TX,
783 #define foreach_ethernet_arp_error \
784 _ (replies_sent, "ARP replies sent") \
785 _ (l2_type_not_ethernet, "L2 type not ethernet") \
786 _ (l3_type_not_ip4, "L3 type not IP4") \
787 _ (l3_src_address_not_local, "IP4 source address not local to subnet") \
788 _ (l3_dst_address_not_local, "IP4 destination address not local to subnet") \
789 _ (l3_src_address_is_local, "IP4 source address matches local interface") \
790 _ (l3_src_address_learned, "ARP request IP4 source address learned") \
791 _ (replies_received, "ARP replies received") \
792 _ (opcode_not_request, "ARP opcode not request") \
793 _ (proxy_arp_replies_sent, "Proxy ARP replies sent") \
794 _ (l2_address_mismatch, "ARP hw addr does not match L2 frame src addr") \
795 _ (missing_interface_address, "ARP missing interface address") \
796 _ (gratuitous_arp, "ARP probe or announcement dropped") \
797 _ (interface_no_table, "Interface is not mapped to an IP table") \
798 _ (interface_not_ip_enabled, "Interface is not IP enabled") \
802 #define _(sym,string) ETHERNET_ARP_ERROR_##sym,
803 foreach_ethernet_arp_error
805 ETHERNET_ARP_N_ERROR,
806 } ethernet_arp_input_error_t;
810 unset_random_arp_entry (void)
812 ethernet_arp_main_t *am = ðernet_arp_main;
813 ethernet_arp_ip4_entry_t *e;
814 vnet_main_t *vnm = vnet_get_main ();
815 ethernet_arp_ip4_over_ethernet_address_t delme;
818 index = pool_next_index (am->ip4_entry_pool, am->arp_delete_rotor);
819 am->arp_delete_rotor = index;
821 /* Try again from elt 0, could happen if an intfc goes down */
824 index = pool_next_index (am->ip4_entry_pool, am->arp_delete_rotor);
825 am->arp_delete_rotor = index;
828 /* Nothing left in the pool */
832 e = pool_elt_at_index (am->ip4_entry_pool, index);
834 clib_memcpy (&delme.ethernet, e->ethernet_address, 6);
835 delme.ip4.as_u32 = e->ip4_address.as_u32;
837 vnet_arp_unset_ip4_over_ethernet (vnm, e->sw_if_index, &delme);
841 arp_unnumbered (vlib_buffer_t * p0,
842 u32 pi0, ethernet_header_t * eth0, u32 sw_if_index)
844 vlib_main_t *vm = vlib_get_main ();
845 vnet_main_t *vnm = vnet_get_main ();
846 vnet_interface_main_t *vim = &vnm->interface_main;
847 vnet_sw_interface_t *si;
848 vnet_hw_interface_t *hi;
849 u32 unnum_src_sw_if_index;
850 u32 *broadcast_swifs = 0;
855 u8 dst_mac_address[6];
857 ethernet_arp_header_t *arp0;
859 /* Save the dst mac address */
860 clib_memcpy (dst_mac_address, eth0->dst_address, sizeof (dst_mac_address));
862 /* Figure out which sw_if_index supplied the address */
863 unnum_src_sw_if_index = sw_if_index;
865 /* Track down all users of the unnumbered source */
867 pool_foreach (si, vim->sw_interfaces,
869 if (si->flags & VNET_SW_INTERFACE_FLAG_UNNUMBERED &&
870 (si->unnumbered_sw_if_index == unnum_src_sw_if_index))
872 vec_add1 (broadcast_swifs, si->sw_if_index);
877 /* If there are no interfaces un-unmbered to this interface,
879 if (0 == vec_len (broadcast_swifs))
882 /* Allocate buffering if we need it */
883 if (vec_len (broadcast_swifs) > 1)
885 vec_validate (buffers, vec_len (broadcast_swifs) - 2);
886 n_alloc = vlib_buffer_alloc (vm, buffers, vec_len (buffers));
887 _vec_len (buffers) = n_alloc;
888 for (i = 0; i < n_alloc; i++)
890 b0 = vlib_get_buffer (vm, buffers[i]);
892 /* xerox (partially built) ARP pkt */
893 clib_memcpy (b0->data, p0->data,
894 p0->current_length + p0->current_data);
895 b0->current_data = p0->current_data;
896 b0->current_length = p0->current_length;
897 vnet_buffer (b0)->sw_if_index[VLIB_RX] =
898 vnet_buffer (p0)->sw_if_index[VLIB_RX];
902 vec_insert (buffers, 1, 0);
905 for (i = 0; i < vec_len (buffers); i++)
907 b0 = vlib_get_buffer (vm, buffers[i]);
908 arp0 = vlib_buffer_get_current (b0);
910 hi = vnet_get_sup_hw_interface (vnm, broadcast_swifs[i]);
911 si = vnet_get_sw_interface (vnm, broadcast_swifs[i]);
913 /* For decoration, most likely */
914 vnet_buffer (b0)->sw_if_index[VLIB_TX] = hi->sw_if_index;
916 /* Fix ARP pkt src address */
917 clib_memcpy (arp0->ip4_over_ethernet[0].ethernet, hi->hw_address, 6);
919 /* Build L2 encaps for this swif */
920 header_size = sizeof (ethernet_header_t);
921 if (si->sub.eth.flags.one_tag)
923 else if (si->sub.eth.flags.two_tags)
926 vlib_buffer_advance (b0, -header_size);
927 eth0 = vlib_buffer_get_current (b0);
929 if (si->sub.eth.flags.one_tag)
931 ethernet_vlan_header_t *outer = (void *) (eth0 + 1);
933 eth0->type = si->sub.eth.flags.dot1ad ?
934 clib_host_to_net_u16 (ETHERNET_TYPE_DOT1AD) :
935 clib_host_to_net_u16 (ETHERNET_TYPE_VLAN);
936 outer->priority_cfi_and_id =
937 clib_host_to_net_u16 (si->sub.eth.outer_vlan_id);
938 outer->type = clib_host_to_net_u16 (ETHERNET_TYPE_ARP);
941 else if (si->sub.eth.flags.two_tags)
943 ethernet_vlan_header_t *outer = (void *) (eth0 + 1);
944 ethernet_vlan_header_t *inner = (void *) (outer + 1);
946 eth0->type = si->sub.eth.flags.dot1ad ?
947 clib_host_to_net_u16 (ETHERNET_TYPE_DOT1AD) :
948 clib_host_to_net_u16 (ETHERNET_TYPE_VLAN);
949 outer->priority_cfi_and_id =
950 clib_host_to_net_u16 (si->sub.eth.outer_vlan_id);
951 outer->type = clib_host_to_net_u16 (ETHERNET_TYPE_VLAN);
952 inner->priority_cfi_and_id =
953 clib_host_to_net_u16 (si->sub.eth.inner_vlan_id);
954 inner->type = clib_host_to_net_u16 (ETHERNET_TYPE_ARP);
959 eth0->type = clib_host_to_net_u16 (ETHERNET_TYPE_ARP);
962 /* Restore the original dst address, set src address */
963 clib_memcpy (eth0->dst_address, dst_mac_address,
964 sizeof (eth0->dst_address));
965 clib_memcpy (eth0->src_address, hi->hw_address,
966 sizeof (eth0->src_address));
968 /* Transmit replicas */
972 vlib_get_frame_to_node (vm, hi->output_node_index);
973 u32 *to_next = vlib_frame_vector_args (f);
974 to_next[0] = buffers[i];
976 vlib_put_frame_to_node (vm, hi->output_node_index, f);
980 /* The regular path outputs the original pkt.. */
981 vnet_buffer (p0)->sw_if_index[VLIB_TX] = broadcast_swifs[0];
983 vec_free (broadcast_swifs);
990 arp_input (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame)
992 ethernet_arp_main_t *am = ðernet_arp_main;
993 vnet_main_t *vnm = vnet_get_main ();
994 ip4_main_t *im4 = &ip4_main;
995 u32 n_left_from, next_index, *from, *to_next;
996 u32 n_replies_sent = 0, n_proxy_arp_replies_sent = 0;
998 from = vlib_frame_vector_args (frame);
999 n_left_from = frame->n_vectors;
1000 next_index = node->cached_next_index;
1002 if (node->flags & VLIB_NODE_FLAG_TRACE)
1003 vlib_trace_frame_buffers_only (vm, node, from, frame->n_vectors,
1005 sizeof (ethernet_arp_input_trace_t));
1007 while (n_left_from > 0)
1011 vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
1013 while (n_left_from > 0 && n_left_to_next > 0)
1016 vnet_hw_interface_t *hw_if0;
1017 ethernet_arp_header_t *arp0;
1018 ethernet_header_t *eth0;
1019 ip_adjacency_t *adj0;
1020 ip4_address_t *if_addr0, proxy_src;
1021 u32 pi0, error0, next0, sw_if_index0, conn_sw_if_index0, fib_index0;
1022 u8 is_request0, dst_is_local0, is_unnum0;
1023 ethernet_proxy_arp_t *pa;
1024 fib_node_index_t dst_fei, src_fei;
1026 fib_entry_flag_t src_flags, dst_flags;
1033 n_left_to_next -= 1;
1036 p0 = vlib_get_buffer (vm, pi0);
1037 arp0 = vlib_buffer_get_current (p0);
1039 is_request0 = arp0->opcode
1040 == clib_host_to_net_u16 (ETHERNET_ARP_OPCODE_request);
1042 error0 = ETHERNET_ARP_ERROR_replies_sent;
1046 clib_net_to_host_u16 (ETHERNET_ARP_HARDWARE_TYPE_ethernet) ?
1047 ETHERNET_ARP_ERROR_l2_type_not_ethernet : error0);
1050 clib_net_to_host_u16 (ETHERNET_TYPE_IP4) ?
1051 ETHERNET_ARP_ERROR_l3_type_not_ip4 : error0);
1053 sw_if_index0 = vnet_buffer (p0)->sw_if_index[VLIB_RX];
1055 /* not playing the ARP game if the interface is not IPv4 enabled */
1057 (im4->ip_enabled_by_sw_if_index[sw_if_index0] == 0 ?
1058 ETHERNET_ARP_ERROR_interface_not_ip_enabled : error0);
1063 /* Check that IP address is local and matches incoming interface. */
1064 fib_index0 = ip4_fib_table_get_index_for_sw_if_index (sw_if_index0);
1065 if (~0 == fib_index0)
1067 error0 = ETHERNET_ARP_ERROR_interface_no_table;
1071 dst_fei = ip4_fib_table_lookup (ip4_fib_get (fib_index0),
1072 &arp0->ip4_over_ethernet[1].ip4,
1074 dst_flags = fib_entry_get_flags (dst_fei);
1076 conn_sw_if_index0 = fib_entry_get_resolving_interface (dst_fei);
1078 if (!(FIB_ENTRY_FLAG_CONNECTED & dst_flags))
1080 error0 = ETHERNET_ARP_ERROR_l3_dst_address_not_local;
1084 /* Honor unnumbered interface, if any */
1085 is_unnum0 = sw_if_index0 != conn_sw_if_index0;
1087 /* Source must also be local to subnet of matching interface address. */
1088 src_fei = ip4_fib_table_lookup (ip4_fib_get (fib_index0),
1089 &arp0->ip4_over_ethernet[0].ip4,
1091 src_flags = fib_entry_get_flags (src_fei);
1093 if (!((FIB_ENTRY_FLAG_ATTACHED & src_flags) ||
1094 (FIB_ENTRY_FLAG_CONNECTED & src_flags)))
1097 * The packet was sent from an address that is not connected nor attached
1098 * i.e. it is not from an address that is covered by a link's sub-net,
1099 * nor is it a already learned host resp.
1101 error0 = ETHERNET_ARP_ERROR_l3_src_address_not_local;
1104 if (sw_if_index0 != fib_entry_get_resolving_interface (src_fei))
1107 * The interface the ARP was received on is not the interface
1108 * on which the covering prefix is configured. Maybe this is a case
1114 /* Reject requests/replies with our local interface address. */
1115 if (FIB_ENTRY_FLAG_LOCAL & src_flags)
1117 error0 = ETHERNET_ARP_ERROR_l3_src_address_is_local;
1121 dst_is_local0 = (FIB_ENTRY_FLAG_LOCAL & dst_flags);
1122 fib_entry_get_prefix (dst_fei, &pfx0);
1123 if_addr0 = &pfx0.fp_addr.ip4;
1125 /* Fill in ethernet header. */
1126 eth0 = ethernet_buffer_get_header (p0);
1128 /* Trash ARP packets whose ARP-level source addresses do not
1129 match their L2-frame-level source addresses */
1130 if (memcmp (eth0->src_address, arp0->ip4_over_ethernet[0].ethernet,
1131 sizeof (eth0->src_address)))
1133 error0 = ETHERNET_ARP_ERROR_l2_address_mismatch;
1137 /* Learn or update sender's mapping only for requests or unicasts
1138 that don't match local interface address. */
1139 if (ethernet_address_cast (eth0->dst_address) ==
1140 ETHERNET_ADDRESS_UNICAST || is_request0)
1142 if (am->limit_arp_cache_size &&
1143 pool_elts (am->ip4_entry_pool) >= am->limit_arp_cache_size)
1144 unset_random_arp_entry ();
1146 vnet_arp_set_ip4_over_ethernet (vnm, sw_if_index0,
1147 &arp0->ip4_over_ethernet[0],
1148 0 /* is_static */ , 0);
1149 error0 = ETHERNET_ARP_ERROR_l3_src_address_learned;
1152 /* Only send a reply for requests sent which match a local interface. */
1153 if (!(is_request0 && dst_is_local0))
1157 clib_host_to_net_u16 (ETHERNET_ARP_OPCODE_reply) ?
1158 ETHERNET_ARP_ERROR_replies_received : error0);
1164 vnet_buffer (p0)->sw_if_index[VLIB_TX] = sw_if_index0;
1165 hw_if0 = vnet_get_sup_hw_interface (vnm, sw_if_index0);
1167 /* Send reply back through input interface */
1168 vnet_buffer (p0)->sw_if_index[VLIB_TX] = sw_if_index0;
1169 next0 = ARP_INPUT_NEXT_REPLY_TX;
1171 arp0->opcode = clib_host_to_net_u16 (ETHERNET_ARP_OPCODE_reply);
1173 arp0->ip4_over_ethernet[1] = arp0->ip4_over_ethernet[0];
1175 clib_memcpy (arp0->ip4_over_ethernet[0].ethernet,
1176 hw_if0->hw_address, 6);
1177 clib_mem_unaligned (&arp0->ip4_over_ethernet[0].ip4.data_u32, u32) =
1180 /* Hardware must be ethernet-like. */
1181 ASSERT (vec_len (hw_if0->hw_address) == 6);
1183 clib_memcpy (eth0->dst_address, eth0->src_address, 6);
1184 clib_memcpy (eth0->src_address, hw_if0->hw_address, 6);
1186 /* Figure out how much to rewind current data from adjacency. */
1187 /* get the adj from the destination's covering connected */
1191 adj_get (fib_entry_get_adj_for_source
1192 (ip4_fib_table_lookup
1193 (ip4_fib_get (fib_index0),
1194 &arp0->ip4_over_ethernet[1].ip4, 31),
1195 FIB_SOURCE_INTERFACE));
1196 if (adj0->lookup_next_index != IP_LOOKUP_NEXT_GLEAN)
1198 error0 = ETHERNET_ARP_ERROR_missing_interface_address;
1203 if (!arp_unnumbered (p0, pi0, eth0, conn_sw_if_index0))
1207 vlib_buffer_advance (p0, -adj0->rewrite_header.data_bytes);
1209 vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
1210 n_left_to_next, pi0, next0);
1212 n_replies_sent += 1;
1216 if (0 == arp0->ip4_over_ethernet[0].ip4.as_u32 ||
1217 (arp0->ip4_over_ethernet[0].ip4.as_u32 ==
1218 arp0->ip4_over_ethernet[1].ip4.as_u32))
1220 error0 = ETHERNET_ARP_ERROR_gratuitous_arp;
1223 /* See if proxy arp is configured for the address */
1226 vnet_sw_interface_t *si;
1227 u32 this_addr = clib_net_to_host_u32
1228 (arp0->ip4_over_ethernet[1].ip4.as_u32);
1231 si = vnet_get_sw_interface (vnm, sw_if_index0);
1233 if (!(si->flags & VNET_SW_INTERFACE_FLAG_PROXY_ARP))
1236 fib_index0 = vec_elt (im4->fib_index_by_sw_if_index,
1239 vec_foreach (pa, am->proxy_arps)
1241 u32 lo_addr = clib_net_to_host_u32 (pa->lo_addr);
1242 u32 hi_addr = clib_net_to_host_u32 (pa->hi_addr);
1244 /* an ARP request hit in the proxy-arp table? */
1245 if ((this_addr >= lo_addr && this_addr <= hi_addr) &&
1246 (fib_index0 == pa->fib_index))
1248 eth0 = ethernet_buffer_get_header (p0);
1250 arp0->ip4_over_ethernet[1].ip4.data_u32;
1253 * Rewind buffer, direct code above not to
1254 * think too hard about it.
1256 if_addr0 = &proxy_src;
1258 i32 ethernet_start =
1259 vnet_buffer (p0)->ethernet.start_of_ethernet_header;
1260 i32 rewind = p0->current_data - ethernet_start;
1261 vlib_buffer_advance (p0, -rewind);
1262 n_proxy_arp_replies_sent++;
1270 next0 = ARP_INPUT_NEXT_DROP;
1271 p0->error = node->errors[error0];
1273 vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
1274 n_left_to_next, pi0, next0);
1277 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
1280 vlib_error_count (vm, node->node_index,
1281 ETHERNET_ARP_ERROR_replies_sent,
1282 n_replies_sent - n_proxy_arp_replies_sent);
1284 vlib_error_count (vm, node->node_index,
1285 ETHERNET_ARP_ERROR_proxy_arp_replies_sent,
1286 n_proxy_arp_replies_sent);
1287 return frame->n_vectors;
1290 static char *ethernet_arp_error_strings[] = {
1291 #define _(sym,string) string,
1292 foreach_ethernet_arp_error
1297 VLIB_REGISTER_NODE (arp_input_node, static) =
1299 .function = arp_input,
1300 .name = "arp-input",
1301 .vector_size = sizeof (u32),
1302 .n_errors = ETHERNET_ARP_N_ERROR,
1303 .error_strings = ethernet_arp_error_strings,
1304 .n_next_nodes = ARP_INPUT_N_NEXT,
1306 [ARP_INPUT_NEXT_DROP] = "error-drop",
1307 [ARP_INPUT_NEXT_REPLY_TX] = "interface-output",
1309 .format_buffer = format_ethernet_arp_header,
1310 .format_trace = format_ethernet_arp_input_trace,
1315 ip4_arp_entry_sort (void *a1, void *a2)
1317 ethernet_arp_ip4_entry_t *e1 = a1;
1318 ethernet_arp_ip4_entry_t *e2 = a2;
1321 vnet_main_t *vnm = vnet_get_main ();
1323 cmp = vnet_sw_interface_compare (vnm, e1->sw_if_index, e2->sw_if_index);
1325 cmp = ip4_address_compare (&e1->ip4_address, &e2->ip4_address);
1329 ethernet_arp_ip4_entry_t *
1330 ip4_neighbor_entries (u32 sw_if_index)
1332 ethernet_arp_main_t *am = ðernet_arp_main;
1333 ethernet_arp_ip4_entry_t *n, *ns = 0;
1336 pool_foreach (n, am->ip4_entry_pool, ({
1337 if (sw_if_index != ~0 && n->sw_if_index != sw_if_index)
1339 vec_add1 (ns, n[0]);
1344 vec_sort_with_function (ns, ip4_arp_entry_sort);
1348 static clib_error_t *
1349 show_ip4_arp (vlib_main_t * vm,
1350 unformat_input_t * input, vlib_cli_command_t * cmd)
1352 vnet_main_t *vnm = vnet_get_main ();
1353 ethernet_arp_main_t *am = ðernet_arp_main;
1354 ethernet_arp_ip4_entry_t *e, *es;
1355 ethernet_proxy_arp_t *pa;
1356 clib_error_t *error = 0;
1359 /* Filter entries by interface if given. */
1361 (void) unformat_user (input, unformat_vnet_sw_interface, vnm, &sw_if_index);
1363 es = ip4_neighbor_entries (sw_if_index);
1366 vlib_cli_output (vm, "%U", format_ethernet_arp_ip4_entry, vnm, 0);
1369 vlib_cli_output (vm, "%U", format_ethernet_arp_ip4_entry, vnm, e);
1374 if (vec_len (am->proxy_arps))
1376 vlib_cli_output (vm, "Proxy arps enabled for:");
1377 vec_foreach (pa, am->proxy_arps)
1379 vlib_cli_output (vm, "Fib_index %d %U - %U ",
1381 format_ip4_address, &pa->lo_addr,
1382 format_ip4_address, &pa->hi_addr);
1390 * Display all the IPv4 ARP entries.
1393 * Example of how to display the IPv4 ARP table:
1394 * @cliexstart{show ip arp}
1395 * Time FIB IP4 Flags Ethernet Interface
1396 * 346.3028 0 6.1.1.3 de:ad:be:ef:ba:be GigabitEthernet2/0/0
1397 * 3077.4271 0 6.1.1.4 S de:ad:be:ef:ff:ff GigabitEthernet2/0/0
1398 * 2998.6409 1 6.2.2.3 de:ad:be:ef:00:01 GigabitEthernet2/0/0
1399 * Proxy arps enabled for:
1400 * Fib_index 0 6.0.0.1 - 6.0.0.11
1404 VLIB_CLI_COMMAND (show_ip4_arp_command, static) = {
1405 .path = "show ip arp",
1406 .function = show_ip4_arp,
1407 .short_help = "show ip arp",
1413 pg_edit_t l2_type, l3_type;
1414 pg_edit_t n_l2_address_bytes, n_l3_address_bytes;
1420 } ip4_over_ethernet[2];
1421 } pg_ethernet_arp_header_t;
1424 pg_ethernet_arp_header_init (pg_ethernet_arp_header_t * p)
1426 /* Initialize fields that are not bit fields in the IP header. */
1427 #define _(f) pg_edit_init (&p->f, ethernet_arp_header_t, f);
1430 _(n_l2_address_bytes);
1431 _(n_l3_address_bytes);
1433 _(ip4_over_ethernet[0].ethernet);
1434 _(ip4_over_ethernet[0].ip4);
1435 _(ip4_over_ethernet[1].ethernet);
1436 _(ip4_over_ethernet[1].ip4);
1441 unformat_pg_arp_header (unformat_input_t * input, va_list * args)
1443 pg_stream_t *s = va_arg (*args, pg_stream_t *);
1444 pg_ethernet_arp_header_t *p;
1447 p = pg_create_edit_group (s, sizeof (p[0]), sizeof (ethernet_arp_header_t),
1449 pg_ethernet_arp_header_init (p);
1452 pg_edit_set_fixed (&p->l2_type, ETHERNET_ARP_HARDWARE_TYPE_ethernet);
1453 pg_edit_set_fixed (&p->l3_type, ETHERNET_TYPE_IP4);
1454 pg_edit_set_fixed (&p->n_l2_address_bytes, 6);
1455 pg_edit_set_fixed (&p->n_l3_address_bytes, 4);
1457 if (!unformat (input, "%U: %U/%U -> %U/%U",
1459 unformat_ethernet_arp_opcode_net_byte_order, &p->opcode,
1461 unformat_ethernet_address, &p->ip4_over_ethernet[0].ethernet,
1463 unformat_ip4_address, &p->ip4_over_ethernet[0].ip4,
1465 unformat_ethernet_address, &p->ip4_over_ethernet[1].ethernet,
1467 unformat_ip4_address, &p->ip4_over_ethernet[1].ip4))
1469 /* Free up any edits we may have added. */
1470 pg_free_edit_group (s);
1477 ip4_set_arp_limit (u32 arp_limit)
1479 ethernet_arp_main_t *am = ðernet_arp_main;
1481 am->limit_arp_cache_size = arp_limit;
1486 * @brief Control Plane hook to remove an ARP entry
1489 vnet_arp_unset_ip4_over_ethernet (vnet_main_t * vnm,
1490 u32 sw_if_index, void *a_arg)
1492 ethernet_arp_ip4_over_ethernet_address_t *a = a_arg;
1493 vnet_arp_set_ip4_over_ethernet_rpc_args_t args;
1495 args.sw_if_index = sw_if_index;
1496 args.flags = ETHERNET_ARP_ARGS_REMOVE;
1497 clib_memcpy (&args.a, a, sizeof (*a));
1499 vl_api_rpc_call_main_thread (set_ip4_over_ethernet_rpc_callback,
1500 (u8 *) & args, sizeof (args));
1505 * @brief Internally generated event to flush the ARP cache on an
1506 * interface state change event.
1507 * A flush will remove dynamic ARP entries, and for statics remove the MAC
1508 * address from the corresponding adjacencies.
1511 vnet_arp_flush_ip4_over_ethernet (vnet_main_t * vnm,
1512 u32 sw_if_index, void *a_arg)
1514 ethernet_arp_ip4_over_ethernet_address_t *a = a_arg;
1515 vnet_arp_set_ip4_over_ethernet_rpc_args_t args;
1517 args.sw_if_index = sw_if_index;
1518 args.flags = ETHERNET_ARP_ARGS_FLUSH;
1519 clib_memcpy (&args.a, a, sizeof (*a));
1521 vl_api_rpc_call_main_thread (set_ip4_over_ethernet_rpc_callback,
1522 (u8 *) & args, sizeof (args));
1527 * @brief Internally generated event to populate the ARP cache on an
1528 * interface state change event.
1529 * For static entries this will re-source the adjacencies.
1531 * @param sw_if_index The interface on which the ARP entires are acted
1534 vnet_arp_populate_ip4_over_ethernet (vnet_main_t * vnm,
1535 u32 sw_if_index, void *a_arg)
1537 ethernet_arp_ip4_over_ethernet_address_t *a = a_arg;
1538 vnet_arp_set_ip4_over_ethernet_rpc_args_t args;
1540 args.sw_if_index = sw_if_index;
1541 args.flags = ETHERNET_ARP_ARGS_POPULATE;
1542 clib_memcpy (&args.a, a, sizeof (*a));
1544 vl_api_rpc_call_main_thread (set_ip4_over_ethernet_rpc_callback,
1545 (u8 *) & args, sizeof (args));
1550 * arp_add_del_interface_address
1552 * callback when an interface address is added or deleted
1555 arp_add_del_interface_address (ip4_main_t * im,
1558 ip4_address_t * address,
1560 u32 if_address_index, u32 is_del)
1563 * Flush the ARP cache of all entries covered by the address
1564 * that is being removed.
1566 ethernet_arp_main_t *am = ðernet_arp_main;
1567 ethernet_arp_ip4_entry_t *e;
1569 if (vec_len (am->ethernet_arp_by_sw_if_index) <= sw_if_index)
1574 ethernet_arp_interface_t *eai;
1575 u32 i, *to_delete = 0;
1578 eai = &am->ethernet_arp_by_sw_if_index[sw_if_index];
1581 hash_foreach_pair (pair, eai->arp_entries,
1583 e = pool_elt_at_index(am->ip4_entry_pool,
1585 if (ip4_destination_matches_route (im, &e->ip4_address,
1586 address, address_length))
1588 vec_add1 (to_delete, e - am->ip4_entry_pool);
1593 for (i = 0; i < vec_len (to_delete); i++)
1595 ethernet_arp_ip4_over_ethernet_address_t delme;
1596 e = pool_elt_at_index (am->ip4_entry_pool, to_delete[i]);
1598 clib_memcpy (&delme.ethernet, e->ethernet_address, 6);
1599 delme.ip4.as_u32 = e->ip4_address.as_u32;
1601 vnet_arp_flush_ip4_over_ethernet (vnet_get_main (),
1602 e->sw_if_index, &delme);
1605 vec_free (to_delete);
1609 static clib_error_t *
1610 ethernet_arp_init (vlib_main_t * vm)
1612 ethernet_arp_main_t *am = ðernet_arp_main;
1613 ip4_main_t *im = &ip4_main;
1614 clib_error_t *error;
1617 if ((error = vlib_call_init_function (vm, ethernet_init)))
1620 ethernet_register_input_type (vm, ETHERNET_TYPE_ARP, arp_input_node.index);
1622 pn = pg_get_node (arp_input_node.index);
1623 pn->unformat_edit = unformat_pg_arp_header;
1625 am->opcode_by_name = hash_create_string (0, sizeof (uword));
1626 #define _(o) hash_set_mem (am->opcode_by_name, #o, ETHERNET_ARP_OPCODE_##o);
1627 foreach_ethernet_arp_opcode;
1630 /* $$$ configurable */
1631 am->limit_arp_cache_size = 50000;
1633 am->pending_resolutions_by_address = hash_create (0, sizeof (uword));
1634 am->mac_changes_by_address = hash_create (0, sizeof (uword));
1636 /* don't trace ARP error packets */
1638 vlib_node_runtime_t *rt =
1639 vlib_node_get_runtime (vm, arp_input_node.index);
1642 vnet_pcap_drop_trace_filter_add_del \
1643 (rt->errors[ETHERNET_ARP_ERROR_##a], \
1645 foreach_ethernet_arp_error
1649 ip4_add_del_interface_address_callback_t cb;
1650 cb.function = arp_add_del_interface_address;
1651 cb.function_opaque = 0;
1652 vec_add1 (im->add_del_interface_address_callbacks, cb);
1657 VLIB_INIT_FUNCTION (ethernet_arp_init);
1660 arp_entry_free (ethernet_arp_interface_t * eai, ethernet_arp_ip4_entry_t * e)
1662 ethernet_arp_main_t *am = ðernet_arp_main;
1664 /* it's safe to delete the ADJ source on the FIB entry, even if it
1666 fib_table_entry_delete_index (e->fib_entry_index, FIB_SOURCE_ADJ);
1667 hash_unset (eai->arp_entries, e->ip4_address.as_u32);
1668 pool_put (am->ip4_entry_pool, e);
1672 vnet_arp_unset_ip4_over_ethernet_internal (vnet_main_t * vnm,
1673 vnet_arp_set_ip4_over_ethernet_rpc_args_t
1676 ethernet_arp_main_t *am = ðernet_arp_main;
1677 ethernet_arp_ip4_entry_t *e;
1678 ethernet_arp_interface_t *eai;
1680 eai = &am->ethernet_arp_by_sw_if_index[args->sw_if_index];
1682 e = arp_entry_find (eai, &args->a.ip4);
1686 arp_entry_free (eai, e);
1688 adj_nbr_walk_nh4 (e->sw_if_index,
1689 &e->ip4_address, arp_mk_incomplete_walk, NULL);
1696 vnet_arp_flush_ip4_over_ethernet_internal (vnet_main_t * vnm,
1697 vnet_arp_set_ip4_over_ethernet_rpc_args_t
1700 ethernet_arp_main_t *am = ðernet_arp_main;
1701 ethernet_arp_ip4_entry_t *e;
1702 ethernet_arp_interface_t *eai;
1704 eai = &am->ethernet_arp_by_sw_if_index[args->sw_if_index];
1706 e = arp_entry_find (eai, &args->a.ip4);
1710 adj_nbr_walk_nh4 (e->sw_if_index,
1711 &e->ip4_address, arp_mk_incomplete_walk, e);
1714 * The difference between flush and unset, is that an unset
1715 * means delete for static and dynamic entries. A flush
1716 * means delete only for dynamic. Flushing is what the DP
1717 * does in response to interface events. unset is only done
1718 * by the control plane.
1720 if (e->flags & ETHERNET_ARP_IP4_ENTRY_FLAG_DYNAMIC)
1722 arp_entry_free (eai, e);
1729 vnet_arp_populate_ip4_over_ethernet_internal (vnet_main_t * vnm,
1730 vnet_arp_set_ip4_over_ethernet_rpc_args_t
1733 ethernet_arp_main_t *am = ðernet_arp_main;
1734 ethernet_arp_ip4_entry_t *e;
1735 ethernet_arp_interface_t *eai;
1737 eai = &am->ethernet_arp_by_sw_if_index[args->sw_if_index];
1739 e = arp_entry_find (eai, &args->a.ip4);
1743 adj_nbr_walk_nh4 (e->sw_if_index,
1744 &e->ip4_address, arp_mk_complete_walk, e);
1750 set_ip4_over_ethernet_rpc_callback (vnet_arp_set_ip4_over_ethernet_rpc_args_t
1753 vnet_main_t *vm = vnet_get_main ();
1754 ASSERT (os_get_cpu_number () == 0);
1756 if (a->flags & ETHERNET_ARP_ARGS_REMOVE)
1757 vnet_arp_unset_ip4_over_ethernet_internal (vm, a);
1758 else if (a->flags & ETHERNET_ARP_ARGS_FLUSH)
1759 vnet_arp_flush_ip4_over_ethernet_internal (vm, a);
1760 else if (a->flags & ETHERNET_ARP_ARGS_POPULATE)
1761 vnet_arp_populate_ip4_over_ethernet_internal (vm, a);
1763 vnet_arp_set_ip4_over_ethernet_internal (vm, a);
1767 * @brief Invoked when the interface's admin state changes
1769 static clib_error_t *
1770 ethernet_arp_sw_interface_up_down (vnet_main_t * vnm,
1771 u32 sw_if_index, u32 flags)
1773 ethernet_arp_main_t *am = ðernet_arp_main;
1774 ethernet_arp_ip4_entry_t *e;
1775 u32 i, *to_delete = 0;
1778 pool_foreach (e, am->ip4_entry_pool,
1780 if (e->sw_if_index == sw_if_index)
1781 vec_add1 (to_delete,
1782 e - am->ip4_entry_pool);
1786 for (i = 0; i < vec_len (to_delete); i++)
1788 ethernet_arp_ip4_over_ethernet_address_t delme;
1789 e = pool_elt_at_index (am->ip4_entry_pool, to_delete[i]);
1791 clib_memcpy (&delme.ethernet, e->ethernet_address, 6);
1792 delme.ip4.as_u32 = e->ip4_address.as_u32;
1794 if (flags & VNET_SW_INTERFACE_FLAG_ADMIN_UP)
1796 vnet_arp_populate_ip4_over_ethernet (vnm, e->sw_if_index, &delme);
1800 vnet_arp_flush_ip4_over_ethernet (vnm, e->sw_if_index, &delme);
1804 vec_free (to_delete);
1809 VNET_SW_INTERFACE_ADMIN_UP_DOWN_FUNCTION (ethernet_arp_sw_interface_up_down);
1812 increment_ip4_and_mac_address (ethernet_arp_ip4_over_ethernet_address_t * a)
1817 for (i = 3; i >= 0; i--)
1819 old = a->ip4.as_u8[i];
1820 a->ip4.as_u8[i] += 1;
1821 if (old < a->ip4.as_u8[i])
1825 for (i = 5; i >= 0; i--)
1827 old = a->ethernet[i];
1828 a->ethernet[i] += 1;
1829 if (old < a->ethernet[i])
1835 vnet_arp_set_ip4_over_ethernet (vnet_main_t * vnm,
1836 u32 sw_if_index, void *a_arg,
1837 int is_static, int is_no_fib_entry)
1839 ethernet_arp_ip4_over_ethernet_address_t *a = a_arg;
1840 vnet_arp_set_ip4_over_ethernet_rpc_args_t args;
1842 args.sw_if_index = sw_if_index;
1843 args.is_static = is_static;
1844 args.is_no_fib_entry = is_no_fib_entry;
1846 clib_memcpy (&args.a, a, sizeof (*a));
1848 vl_api_rpc_call_main_thread (set_ip4_over_ethernet_rpc_callback,
1849 (u8 *) & args, sizeof (args));
1854 vnet_proxy_arp_add_del (ip4_address_t * lo_addr,
1855 ip4_address_t * hi_addr, u32 fib_index, int is_del)
1857 ethernet_arp_main_t *am = ðernet_arp_main;
1858 ethernet_proxy_arp_t *pa;
1859 u32 found_at_index = ~0;
1861 vec_foreach (pa, am->proxy_arps)
1863 if (pa->lo_addr == lo_addr->as_u32
1864 && pa->hi_addr == hi_addr->as_u32 && pa->fib_index == fib_index)
1866 found_at_index = pa - am->proxy_arps;
1871 if (found_at_index != ~0)
1873 /* Delete, otherwise it's already in the table */
1875 vec_delete (am->proxy_arps, 1, found_at_index);
1878 /* delete, no such entry */
1880 return VNET_API_ERROR_NO_SUCH_ENTRY;
1882 /* add, not in table */
1883 vec_add2 (am->proxy_arps, pa, 1);
1884 pa->lo_addr = lo_addr->as_u32;
1885 pa->hi_addr = hi_addr->as_u32;
1886 pa->fib_index = fib_index;
1891 * Remove any proxy arp entries asdociated with the
1895 vnet_proxy_arp_fib_reset (u32 fib_id)
1897 ip4_main_t *im = &ip4_main;
1898 ethernet_arp_main_t *am = ðernet_arp_main;
1899 ethernet_proxy_arp_t *pa;
1900 u32 *entries_to_delete = 0;
1905 p = hash_get (im->fib_index_by_table_id, fib_id);
1907 return VNET_API_ERROR_NO_SUCH_ENTRY;
1910 vec_foreach (pa, am->proxy_arps)
1912 if (pa->fib_index == fib_index)
1914 vec_add1 (entries_to_delete, pa - am->proxy_arps);
1918 for (i = 0; i < vec_len (entries_to_delete); i++)
1920 vec_delete (am->proxy_arps, 1, entries_to_delete[i]);
1923 vec_free (entries_to_delete);
1928 static clib_error_t *
1929 ip_arp_add_del_command_fn (vlib_main_t * vm,
1930 unformat_input_t * input, vlib_cli_command_t * cmd)
1932 vnet_main_t *vnm = vnet_get_main ();
1934 ethernet_arp_ip4_over_ethernet_address_t lo_addr, hi_addr, addr;
1941 int is_no_fib_entry = 0;
1944 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
1946 /* set ip arp TenGigE1/1/0/1 1.2.3.4 aa:bb:... or aabb.ccdd... */
1947 if (unformat (input, "%U %U %U",
1948 unformat_vnet_sw_interface, vnm, &sw_if_index,
1949 unformat_ip4_address, &addr.ip4,
1950 unformat_ethernet_address, &addr.ethernet))
1953 else if (unformat (input, "delete") || unformat (input, "del"))
1956 else if (unformat (input, "static"))
1959 else if (unformat (input, "no-fib-entry"))
1960 is_no_fib_entry = 1;
1962 else if (unformat (input, "count %d", &count))
1965 else if (unformat (input, "fib-id %d", &fib_id))
1967 ip4_main_t *im = &ip4_main;
1968 uword *p = hash_get (im->fib_index_by_table_id, fib_id);
1970 return clib_error_return (0, "fib ID %d doesn't exist\n", fib_id);
1974 else if (unformat (input, "proxy %U - %U",
1975 unformat_ip4_address, &lo_addr.ip4,
1976 unformat_ip4_address, &hi_addr.ip4))
1984 (void) vnet_proxy_arp_add_del (&lo_addr.ip4, &hi_addr.ip4,
1993 for (i = 0; i < count; i++)
1997 uword event_type, *event_data = 0;
1999 /* Park the debug CLI until the arp entry is installed */
2000 vnet_register_ip4_arp_resolution_event
2001 (vnm, &addr.ip4, vlib_current_process (vm),
2002 1 /* type */ , 0 /* data */ );
2004 vnet_arp_set_ip4_over_ethernet
2005 (vnm, sw_if_index, &addr, is_static, is_no_fib_entry);
2007 vlib_process_wait_for_event (vm);
2008 event_type = vlib_process_get_events (vm, &event_data);
2009 vec_reset_length (event_data);
2010 if (event_type != 1)
2011 clib_warning ("event type %d unexpected", event_type);
2014 vnet_arp_unset_ip4_over_ethernet (vnm, sw_if_index, &addr);
2016 increment_ip4_and_mac_address (&addr);
2021 return clib_error_return (0, "unknown input `%U'",
2022 format_unformat_error, input);
2030 * Add or delete IPv4 ARP cache entries.
2032 * @note 'set ip arp' options (e.g. delete, static, 'fib-id <id>',
2033 * 'count <number>', 'interface ip4_addr mac_addr') can be added in
2034 * any order and combination.
2038 * Add or delete IPv4 ARP cache entries as follows. MAC Address can be in
2039 * either aa:bb:cc:dd:ee:ff format or aabb.ccdd.eeff format.
2040 * @cliexcmd{set ip arp GigabitEthernet2/0/0 6.0.0.3 dead.beef.babe}
2041 * @cliexcmd{set ip arp delete GigabitEthernet2/0/0 6.0.0.3 de:ad:be:ef:ba:be}
2043 * To add or delete an IPv4 ARP cache entry to or from a specific fib
2045 * @cliexcmd{set ip arp fib-id 1 GigabitEthernet2/0/0 6.0.0.3 dead.beef.babe}
2046 * @cliexcmd{set ip arp fib-id 1 delete GigabitEthernet2/0/0 6.0.0.3 dead.beef.babe}
2048 * Add or delete IPv4 static ARP cache entries as follows:
2049 * @cliexcmd{set ip arp static GigabitEthernet2/0/0 6.0.0.3 dead.beef.babe}
2050 * @cliexcmd{set ip arp static delete GigabitEthernet2/0/0 6.0.0.3 dead.beef.babe}
2052 * For testing / debugging purposes, the 'set ip arp' command can add or
2053 * delete multiple entries. Supply the 'count N' parameter:
2054 * @cliexcmd{set ip arp count 10 GigabitEthernet2/0/0 6.0.0.3 dead.beef.babe}
2057 VLIB_CLI_COMMAND (ip_arp_add_del_command, static) = {
2058 .path = "set ip arp",
2060 "set ip arp [del] <intfc> <ip-address> <mac-address> [static] [no-fib-entry] [count <count>] [fib-id <fib-id>] [proxy <lo-addr> - <hi-addr>]",
2061 .function = ip_arp_add_del_command_fn,
2065 static clib_error_t *
2066 set_int_proxy_arp_command_fn (vlib_main_t * vm,
2068 input, vlib_cli_command_t * cmd)
2070 vnet_main_t *vnm = vnet_get_main ();
2072 vnet_sw_interface_t *si;
2076 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
2078 if (unformat (input, "%U", unformat_vnet_sw_interface,
2081 else if (unformat (input, "enable") || unformat (input, "on"))
2083 else if (unformat (input, "disable") || unformat (input, "off"))
2090 return clib_error_return (0, "unknown input '%U'",
2091 format_unformat_error, input);
2093 si = vnet_get_sw_interface (vnm, sw_if_index);
2096 si->flags |= VNET_SW_INTERFACE_FLAG_PROXY_ARP;
2098 si->flags &= ~VNET_SW_INTERFACE_FLAG_PROXY_ARP;
2105 * Enable proxy-arp on an interface. The vpp stack will answer ARP
2106 * requests for the indicated address range. Multiple proxy-arp
2107 * ranges may be provisioned.
2109 * @note Proxy ARP as a technology is infamous for blackholing traffic.
2110 * Also, the underlying implementation has not been performance-tuned.
2111 * Avoid creating an unnecessarily large set of ranges.
2114 * To enable proxy arp on a range of addresses, use:
2115 * @cliexcmd{set ip arp proxy 6.0.0.1 - 6.0.0.11}
2116 * Append 'del' to delete a range of proxy ARP addresses:
2117 * @cliexcmd{set ip arp proxy 6.0.0.1 - 6.0.0.11 del}
2118 * You must then specifically enable proxy arp on individual interfaces:
2119 * @cliexcmd{set interface proxy-arp GigabitEthernet0/8/0 enable}
2120 * To disable proxy arp on an individual interface:
2121 * @cliexcmd{set interface proxy-arp GigabitEthernet0/8/0 disable}
2123 VLIB_CLI_COMMAND (set_int_proxy_enable_command, static) = {
2124 .path = "set interface proxy-arp",
2126 "set interface proxy-arp <intfc> [enable|disable]",
2127 .function = set_int_proxy_arp_command_fn,
2133 * ARP/ND Termination in a L2 Bridge Domain based on IP4/IP6 to MAC
2134 * hash tables mac_by_ip4 and mac_by_ip6 for each BD.
2138 ARP_TERM_NEXT_L2_OUTPUT,
2143 u32 arp_term_next_node_index[32];
2146 arp_term_l2bd (vlib_main_t * vm,
2147 vlib_node_runtime_t * node, vlib_frame_t * frame)
2149 l2input_main_t *l2im = &l2input_main;
2150 u32 n_left_from, next_index, *from, *to_next;
2151 u32 n_replies_sent = 0;
2152 u16 last_bd_index = ~0;
2153 l2_bridge_domain_t *last_bd_config = 0;
2154 l2_input_config_t *cfg0;
2156 from = vlib_frame_vector_args (frame);
2157 n_left_from = frame->n_vectors;
2158 next_index = node->cached_next_index;
2160 while (n_left_from > 0)
2164 vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
2166 while (n_left_from > 0 && n_left_to_next > 0)
2169 ethernet_header_t *eth0;
2170 ethernet_arp_header_t *arp0;
2173 u32 pi0, error0, next0, sw_if_index0;
2184 n_left_to_next -= 1;
2186 p0 = vlib_get_buffer (vm, pi0);
2187 eth0 = vlib_buffer_get_current (p0);
2188 l3h0 = (u8 *) eth0 + vnet_buffer (p0)->l2.l2_len;
2189 ethertype0 = clib_net_to_host_u16 (*(u16 *) (l3h0 - 2));
2190 arp0 = (ethernet_arp_header_t *) l3h0;
2192 if (PREDICT_FALSE ((ethertype0 != ETHERNET_TYPE_ARP) ||
2194 clib_host_to_net_u16
2195 (ETHERNET_ARP_OPCODE_request))))
2198 /* Must be ARP request packet here */
2199 if (PREDICT_FALSE ((node->flags & VLIB_NODE_FLAG_TRACE) &&
2200 (p0->flags & VLIB_BUFFER_IS_TRACED)))
2202 u8 *t0 = vlib_add_trace (vm, node, p0,
2203 sizeof (ethernet_arp_input_trace_t));
2204 clib_memcpy (t0, l3h0, sizeof (ethernet_arp_input_trace_t));
2207 error0 = ETHERNET_ARP_ERROR_replies_sent;
2210 clib_net_to_host_u16 (ETHERNET_ARP_HARDWARE_TYPE_ethernet)
2211 ? ETHERNET_ARP_ERROR_l2_type_not_ethernet : error0);
2214 clib_net_to_host_u16 (ETHERNET_TYPE_IP4) ?
2215 ETHERNET_ARP_ERROR_l3_type_not_ip4 : error0);
2217 sw_if_index0 = vnet_buffer (p0)->sw_if_index[VLIB_RX];
2222 /* Trash ARP packets whose ARP-level source addresses do not
2223 match their L2-frame-level source addresses */
2226 (eth0->src_address, arp0->ip4_over_ethernet[0].ethernet,
2227 sizeof (eth0->src_address))))
2229 error0 = ETHERNET_ARP_ERROR_l2_address_mismatch;
2233 /* Check if anyone want ARP request events for L2 BDs */
2235 pending_resolution_t *mc;
2236 ethernet_arp_main_t *am = ðernet_arp_main;
2237 uword *p = hash_get (am->mac_changes_by_address, 0);
2238 if (p && (vnet_buffer (p0)->l2.shg == 0))
2239 { // Only SHG 0 interface which is more likely local
2240 u32 next_index = p[0];
2241 while (next_index != (u32) ~ 0)
2243 int (*fp) (u32, u8 *, u32, u32);
2245 mc = pool_elt_at_index (am->mac_changes, next_index);
2246 fp = mc->data_callback;
2247 /* Call the callback, return 1 to suppress dup events */
2249 rv = (*fp) (mc->data,
2250 arp0->ip4_over_ethernet[0].ethernet,
2252 arp0->ip4_over_ethernet[0].ip4.as_u32);
2253 /* Signal the resolver process */
2255 vlib_process_signal_event (vm, mc->node_index,
2256 mc->type_opaque, mc->data);
2257 next_index = mc->next_index;
2262 /* lookup BD mac_by_ip4 hash table for MAC entry */
2263 ip0 = arp0->ip4_over_ethernet[1].ip4.as_u32;
2264 bd_index0 = vnet_buffer (p0)->l2.bd_index;
2265 if (PREDICT_FALSE ((bd_index0 != last_bd_index)
2266 || (last_bd_index == (u16) ~ 0)))
2268 last_bd_index = bd_index0;
2269 last_bd_config = vec_elt_at_index (l2im->bd_configs, bd_index0);
2271 macp0 = (u8 *) hash_get (last_bd_config->mac_by_ip4, ip0);
2273 if (PREDICT_FALSE (!macp0))
2274 goto next_l2_feature; /* MAC not found */
2276 /* MAC found, send ARP reply -
2277 Convert ARP request packet to ARP reply */
2278 arp0->opcode = clib_host_to_net_u16 (ETHERNET_ARP_OPCODE_reply);
2279 arp0->ip4_over_ethernet[1] = arp0->ip4_over_ethernet[0];
2280 arp0->ip4_over_ethernet[0].ip4.as_u32 = ip0;
2281 clib_memcpy (arp0->ip4_over_ethernet[0].ethernet, macp0, 6);
2282 clib_memcpy (eth0->dst_address, eth0->src_address, 6);
2283 clib_memcpy (eth0->src_address, macp0, 6);
2284 n_replies_sent += 1;
2287 /* For BVI, need to use l2-fwd node to send ARP reply as
2288 l2-output node cannot output packet to BVI properly */
2289 cfg0 = vec_elt_at_index (l2im->configs, sw_if_index0);
2290 if (PREDICT_FALSE (cfg0->bvi))
2292 vnet_buffer (p0)->l2.feature_bitmap |= L2INPUT_FEAT_FWD;
2293 vnet_buffer (p0)->sw_if_index[VLIB_RX] = 0;
2294 goto next_l2_feature;
2297 /* Send ARP/ND reply back out input interface through l2-output */
2298 vnet_buffer (p0)->sw_if_index[VLIB_TX] = sw_if_index0;
2299 next0 = ARP_TERM_NEXT_L2_OUTPUT;
2300 /* Note that output to VXLAN tunnel will fail due to SHG which
2301 is probably desireable since ARP termination is not intended
2302 for ARP requests from other hosts. If output to VXLAN tunnel is
2303 required, however, can just clear the SHG in packet as follows:
2304 vnet_buffer(p0)->l2.shg = 0; */
2305 vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
2306 to_next, n_left_to_next, pi0,
2311 /* IP6 ND event notification or solicitation handling to generate
2312 local response instead of flooding */
2313 iph0 = (ip6_header_t *) l3h0;
2314 if (PREDICT_FALSE (ethertype0 == ETHERNET_TYPE_IP6 &&
2315 iph0->protocol == IP_PROTOCOL_ICMP6 &&
2316 !ip6_address_is_unspecified
2317 (&iph0->src_address)))
2319 sw_if_index0 = vnet_buffer (p0)->sw_if_index[VLIB_RX];
2320 if (vnet_ip6_nd_term
2321 (vm, node, p0, eth0, iph0, sw_if_index0,
2322 vnet_buffer (p0)->l2.bd_index, vnet_buffer (p0)->l2.shg))
2323 goto output_response;
2328 u32 feature_bitmap0 =
2329 vnet_buffer (p0)->l2.feature_bitmap & ~L2INPUT_FEAT_ARP_TERM;
2330 vnet_buffer (p0)->l2.feature_bitmap = feature_bitmap0;
2332 feat_bitmap_get_next_node_index (arp_term_next_node_index,
2334 vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
2335 to_next, n_left_to_next,
2341 if (0 == arp0->ip4_over_ethernet[0].ip4.as_u32 ||
2342 (arp0->ip4_over_ethernet[0].ip4.as_u32 ==
2343 arp0->ip4_over_ethernet[1].ip4.as_u32))
2345 error0 = ETHERNET_ARP_ERROR_gratuitous_arp;
2347 next0 = ARP_TERM_NEXT_DROP;
2348 p0->error = node->errors[error0];
2350 vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
2351 to_next, n_left_to_next, pi0,
2355 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
2358 vlib_error_count (vm, node->node_index,
2359 ETHERNET_ARP_ERROR_replies_sent, n_replies_sent);
2360 return frame->n_vectors;
2364 VLIB_REGISTER_NODE (arp_term_l2bd_node, static) = {
2365 .function = arp_term_l2bd,
2366 .name = "arp-term-l2bd",
2367 .vector_size = sizeof (u32),
2368 .n_errors = ETHERNET_ARP_N_ERROR,
2369 .error_strings = ethernet_arp_error_strings,
2370 .n_next_nodes = ARP_TERM_N_NEXT,
2372 [ARP_TERM_NEXT_L2_OUTPUT] = "l2-output",
2373 [ARP_TERM_NEXT_DROP] = "error-drop",
2375 .format_buffer = format_ethernet_arp_header,
2376 .format_trace = format_arp_term_input_trace,
2381 arp_term_init (vlib_main_t * vm)
2383 // Initialize the feature next-node indexes
2384 feat_bitmap_init_next_nodes (vm,
2385 arp_term_l2bd_node.index,
2387 l2input_get_feat_names (),
2388 arp_term_next_node_index);
2392 VLIB_INIT_FUNCTION (arp_term_init);
2395 change_arp_mac (u32 sw_if_index, ethernet_arp_ip4_entry_t * e)
2397 if (e->sw_if_index == sw_if_index)
2399 adj_nbr_walk_nh4 (e->sw_if_index,
2400 &e->ip4_address, arp_mk_complete_walk, e);
2405 ethernet_arp_change_mac (u32 sw_if_index)
2407 ethernet_arp_main_t *am = ðernet_arp_main;
2408 ethernet_arp_ip4_entry_t *e;
2411 pool_foreach (e, am->ip4_entry_pool,
2413 change_arp_mac (sw_if_index, e);
2419 * fd.io coding-style-patch-verification: ON
2422 * eval: (c-set-style "gnu")
Code Review / vpp.git / blob