2 * src/vnet/ip/ip_neighboor.c: ip neighbor generic handling
4 * Copyright (c) 2018 Cisco and/or its affiliates.
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
18 #include <vppinfra/llist.h>
20 #include <vnet/ip-neighbor/ip_neighbor.h>
21 #include <vnet/ip-neighbor/ip4_neighbor.h>
22 #include <vnet/ip-neighbor/ip6_neighbor.h>
23 #include <vnet/ip-neighbor/ip_neighbor_watch.h>
25 #include <vnet/ip/ip6_ll_table.h>
26 #include <vnet/ip/ip46_address.h>
27 #include <vnet/fib/fib_table.h>
28 #include <vnet/adj/adj_mcast.h>
30 ip_neighbor_counters_t ip_neighbor_counters[] =
35 [IP_NEIGHBOR_CTR_REPLY] = {
36 .name = "arp-rx-replies",
37 .stat_segment_name = "/net/arp/rx/replies",
39 [IP_NEIGHBOR_CTR_REQUEST] = {
40 .name = "arp-rx-requests",
41 .stat_segment_name = "/net/arp/rx/requests",
43 [IP_NEIGHBOR_CTR_GRAT] = {
44 .name = "arp-rx-gratuitous",
45 .stat_segment_name = "/net/arp/rx/gratuitous",
49 [IP_NEIGHBOR_CTR_REPLY] = {
50 .name = "arp-tx-replies",
51 .stat_segment_name = "/net/arp/tx/replies",
53 [IP_NEIGHBOR_CTR_REQUEST] = {
54 .name = "arp-tx-requests",
55 .stat_segment_name = "/net/arp/tx/requests",
57 [IP_NEIGHBOR_CTR_GRAT] = {
58 .name = "arp-tx-gratuitous",
59 .stat_segment_name = "/net/arp/tx/gratuitous",
67 [IP_NEIGHBOR_CTR_REPLY] = {
68 .name = "ip6-nd-rx-replies",
69 .stat_segment_name = "/net/ip6-nd/rx/replies",
71 [IP_NEIGHBOR_CTR_REQUEST] = {
72 .name = "ip6-nd-rx-requests",
73 .stat_segment_name = "/net/ip6-nd/rx/requests",
75 [IP_NEIGHBOR_CTR_GRAT] = {
76 .name = "ip6-nd-rx-gratuitous",
77 .stat_segment_name = "/net/ip6-nd/rx/gratuitous",
81 [IP_NEIGHBOR_CTR_REPLY] = {
82 .name = "ip6-nd-tx-replies",
83 .stat_segment_name = "/net/ip6-nd/tx/replies",
85 [IP_NEIGHBOR_CTR_REQUEST] = {
86 .name = "ip6-nd-tx-requests",
87 .stat_segment_name = "/net/ip6-nd/tx/requests",
89 [IP_NEIGHBOR_CTR_GRAT] = {
90 .name = "ip6-nd-tx-gratuitous",
91 .stat_segment_name = "/net/ip6-nd/tx/gratuitous",
98 /** Pool for All IP neighbors */
99 static ip_neighbor_t *ip_neighbor_pool;
101 /** protocol specific lists of time sorted neighbors */
102 index_t ip_neighbor_list_head[N_AF];
104 typedef struct ip_neighbor_elt_t_
106 clib_llist_anchor_t ipne_anchor;
110 /** Pool of linked list elemeents */
111 ip_neighbor_elt_t *ip_neighbor_elt_pool;
113 typedef struct ip_neighbor_db_t_
115 /** per interface hash */
117 /** per-protocol limit - max number of neighbors*/
119 /** max age of a neighbor before it's forcibly evicted */
121 /** when the limit is reached and new neighbors are created, should
122 * we recycle an old one */
124 /** per-protocol number of elements */
126 /** per-protocol number of elements per-fib-index*/
127 u32 *ipndb_n_elts_per_fib;
130 static vlib_log_class_t ipn_logger;
132 /* DBs of neighbours one per AF */
133 static ip_neighbor_db_t ip_neighbor_db[N_AF] = {
135 .ipndb_limit = 50000,
136 /* Default to not aging and not recycling */
138 .ipndb_recycle = false,
141 .ipndb_limit = 50000,
142 /* Default to not aging and not recycling */
144 .ipndb_recycle = false,
148 #define IP_NEIGHBOR_DBG(...) \
149 vlib_log_debug (ipn_logger, __VA_ARGS__);
151 #define IP_NEIGHBOR_INFO(...) \
152 vlib_log_notice (ipn_logger, __VA_ARGS__);
155 ip_neighbor_get (index_t ipni)
157 if (pool_is_free_index (ip_neighbor_pool, ipni))
160 return (pool_elt_at_index (ip_neighbor_pool, ipni));
164 ip_neighbor_get_index (const ip_neighbor_t * ipn)
166 return (ipn - ip_neighbor_pool);
170 ip_neighbor_touch (ip_neighbor_t * ipn)
172 ipn->ipn_flags &= ~IP_NEIGHBOR_FLAG_STALE;
176 ip_neighbor_is_dynamic (const ip_neighbor_t * ipn)
178 return (ipn->ipn_flags & IP_NEIGHBOR_FLAG_DYNAMIC);
182 ip_neighbor_get_ip (const ip_neighbor_t * ipn)
184 return (&ipn->ipn_key->ipnk_ip);
188 ip_neighbor_get_af (const ip_neighbor_t * ipn)
190 return (ip_addr_version (&ipn->ipn_key->ipnk_ip));
193 const mac_address_t *
194 ip_neighbor_get_mac (const ip_neighbor_t * ipn)
196 return (&ipn->ipn_mac);
200 ip_neighbor_get_sw_if_index (const ip_neighbor_t * ipn)
202 return (ipn->ipn_key->ipnk_sw_if_index);
206 ip_neighbor_list_remove (ip_neighbor_t * ipn)
208 /* new neighbours, are added to the head of the list, since the
209 * list is time sorted, newest first */
210 ip_neighbor_elt_t *elt;
212 if (~0 != ipn->ipn_elt)
214 elt = pool_elt_at_index (ip_neighbor_elt_pool, ipn->ipn_elt);
216 clib_llist_remove (ip_neighbor_elt_pool, ipne_anchor, elt);
223 ip_neighbor_refresh (ip_neighbor_t * ipn)
225 /* new neighbours, are added to the head of the list, since the
226 * list is time sorted, newest first */
227 ip_neighbor_elt_t *elt, *head;
229 ip_neighbor_touch (ipn);
230 ipn->ipn_time_last_updated = vlib_time_now (vlib_get_main ());
231 ipn->ipn_n_probes = 0;
233 if (ip_neighbor_is_dynamic (ipn))
235 if (~0 == ipn->ipn_elt)
236 /* first time insertion */
237 pool_get_zero (ip_neighbor_elt_pool, elt);
240 /* already inserted - extract first */
241 elt = pool_elt_at_index (ip_neighbor_elt_pool, ipn->ipn_elt);
243 clib_llist_remove (ip_neighbor_elt_pool, ipne_anchor, elt);
245 head = pool_elt_at_index (ip_neighbor_elt_pool,
246 ip_neighbor_list_head[ip_neighbor_get_af
249 elt->ipne_index = ip_neighbor_get_index (ipn);
250 clib_llist_add (ip_neighbor_elt_pool, ipne_anchor, elt, head);
251 ipn->ipn_elt = elt - ip_neighbor_elt_pool;
256 ip_neighbor_db_add (const ip_neighbor_t * ipn)
258 ip_address_family_t af;
261 af = ip_neighbor_get_af (ipn);
262 sw_if_index = ipn->ipn_key->ipnk_sw_if_index;
264 vec_validate (ip_neighbor_db[af].ipndb_hash, sw_if_index);
266 if (!ip_neighbor_db[af].ipndb_hash[sw_if_index])
267 ip_neighbor_db[af].ipndb_hash[sw_if_index]
268 = hash_create_mem (0, sizeof (ip_neighbor_key_t), sizeof (index_t));
270 hash_set_mem (ip_neighbor_db[af].ipndb_hash[sw_if_index],
271 ipn->ipn_key, ip_neighbor_get_index (ipn));
273 ip_neighbor_db[af].ipndb_n_elts++;
277 ip_neighbor_db_remove (const ip_neighbor_t * ipn)
279 ip_address_family_t af;
282 af = ip_neighbor_get_af (ipn);
283 sw_if_index = ipn->ipn_key->ipnk_sw_if_index;
285 vec_validate (ip_neighbor_db[af].ipndb_hash, sw_if_index);
287 hash_unset_mem (ip_neighbor_db[af].ipndb_hash[sw_if_index], ipn->ipn_key);
289 ip_neighbor_db[af].ipndb_n_elts--;
292 static ip_neighbor_t *
293 ip_neighbor_db_find (const ip_neighbor_key_t * key)
295 ip_address_family_t af;
298 af = ip_addr_version (&key->ipnk_ip);
300 if (key->ipnk_sw_if_index >= vec_len (ip_neighbor_db[af].ipndb_hash))
303 p = hash_get_mem (ip_neighbor_db[af].ipndb_hash
304 [key->ipnk_sw_if_index], key);
307 return ip_neighbor_get (p[0]);
313 ip_af_type_pfx_len (ip_address_family_t type)
315 return (type == AF_IP4 ? 32 : 128);
319 ip_neighbor_adj_fib_add (ip_neighbor_t * ipn, u32 fib_index)
321 ip_address_family_t af;
323 af = ip_neighbor_get_af (ipn);
326 ip6_address_is_link_local_unicast (&ip_addr_v6
327 (&ipn->ipn_key->ipnk_ip)))
329 ip6_ll_prefix_t pfx = {
330 .ilp_addr = ip_addr_v6 (&ipn->ipn_key->ipnk_ip),
331 .ilp_sw_if_index = ipn->ipn_key->ipnk_sw_if_index,
333 ipn->ipn_fib_entry_index =
334 ip6_ll_table_entry_update (&pfx, FIB_ROUTE_PATH_FLAG_NONE);
338 fib_protocol_t fproto;
340 fproto = ip_address_family_to_fib_proto (af);
343 .fp_len = ip_af_type_pfx_len (af),
345 .fp_addr = ip_addr_46 (&ipn->ipn_key->ipnk_ip),
348 ipn->ipn_fib_entry_index =
349 fib_table_entry_path_add (fib_index, &pfx, FIB_SOURCE_ADJ,
350 FIB_ENTRY_FLAG_ATTACHED,
351 fib_proto_to_dpo (fproto),
353 ipn->ipn_key->ipnk_sw_if_index,
354 ~0, 1, NULL, FIB_ROUTE_PATH_FLAG_NONE);
356 vec_validate (ip_neighbor_db[af].ipndb_n_elts_per_fib, fib_index);
358 ip_neighbor_db[af].ipndb_n_elts_per_fib[fib_index]++;
360 if (1 == ip_neighbor_db[af].ipndb_n_elts_per_fib[fib_index])
361 fib_table_lock (fib_index, fproto, FIB_SOURCE_ADJ);
366 ip_neighbor_adj_fib_remove (ip_neighbor_t * ipn, u32 fib_index)
368 ip_address_family_t af;
370 af = ip_neighbor_get_af (ipn);
372 if (FIB_NODE_INDEX_INVALID != ipn->ipn_fib_entry_index)
375 ip6_address_is_link_local_unicast (&ip_addr_v6
376 (&ipn->ipn_key->ipnk_ip)))
378 ip6_ll_prefix_t pfx = {
379 .ilp_addr = ip_addr_v6 (&ipn->ipn_key->ipnk_ip),
380 .ilp_sw_if_index = ipn->ipn_key->ipnk_sw_if_index,
382 ip6_ll_table_entry_delete (&pfx);
386 fib_protocol_t fproto;
388 fproto = ip_address_family_to_fib_proto (af);
391 .fp_len = ip_af_type_pfx_len (af),
393 .fp_addr = ip_addr_46 (&ipn->ipn_key->ipnk_ip),
396 fib_table_entry_path_remove (fib_index,
399 fib_proto_to_dpo (fproto),
401 ipn->ipn_key->ipnk_sw_if_index,
402 ~0, 1, FIB_ROUTE_PATH_FLAG_NONE);
404 ip_neighbor_db[af].ipndb_n_elts_per_fib[fib_index]--;
406 if (0 == ip_neighbor_db[af].ipndb_n_elts_per_fib[fib_index])
407 fib_table_unlock (fib_index, fproto, FIB_SOURCE_ADJ);
413 ip_neighbor_mk_complete (adj_index_t ai, ip_neighbor_t * ipn)
415 adj_nbr_update_rewrite (ai, ADJ_NBR_REWRITE_FLAG_COMPLETE,
416 ethernet_build_rewrite (vnet_get_main (),
418 ipn_key->ipnk_sw_if_index,
419 adj_get_link_type (ai),
420 ipn->ipn_mac.bytes));
424 ip_neighbor_mk_incomplete (adj_index_t ai)
426 ip_adjacency_t *adj = adj_get (ai);
428 adj_nbr_update_rewrite (ai,
429 ADJ_NBR_REWRITE_FLAG_INCOMPLETE,
430 ethernet_build_rewrite (vnet_get_main (),
432 rewrite_header.sw_if_index,
434 VNET_REWRITE_FOR_SW_INTERFACE_ADDRESS_BROADCAST));
438 ip_neighbor_mk_complete_walk (adj_index_t ai, void *ctx)
440 ip_neighbor_t *ipn = ctx;
442 ip_neighbor_mk_complete (ai, ipn);
444 return (ADJ_WALK_RC_CONTINUE);
448 ip_neighbor_mk_incomplete_walk (adj_index_t ai, void *ctx)
450 ip_neighbor_mk_incomplete (ai);
452 return (ADJ_WALK_RC_CONTINUE);
456 ip_neighbor_destroy (ip_neighbor_t * ipn)
458 ip_address_family_t af;
460 af = ip_neighbor_get_af (ipn);
462 IP_NEIGHBOR_DBG ("free: %U", format_ip_neighbor,
463 vlib_time_now (vlib_get_main ()),
464 ip_neighbor_get_index (ipn));
466 ip_neighbor_publish (ip_neighbor_get_index (ipn),
467 IP_NEIGHBOR_EVENT_REMOVED);
469 adj_nbr_walk_nh (ipn->ipn_key->ipnk_sw_if_index,
470 ip_address_family_to_fib_proto (af),
471 &ip_addr_46 (&ipn->ipn_key->ipnk_ip),
472 ip_neighbor_mk_incomplete_walk, ipn);
473 ip_neighbor_adj_fib_remove
475 fib_table_get_index_for_sw_if_index
476 (ip_address_family_to_fib_proto (af), ipn->ipn_key->ipnk_sw_if_index));
478 ip_neighbor_list_remove (ipn);
479 ip_neighbor_db_remove (ipn);
480 clib_mem_free (ipn->ipn_key);
482 pool_put (ip_neighbor_pool, ipn);
486 ip_neighbor_force_reuse (ip_address_family_t af)
488 if (!ip_neighbor_db[af].ipndb_recycle)
491 /* pluck the oldest entry, which is the one from the end of the list */
492 ip_neighbor_elt_t *elt, *head;
494 head = pool_elt_at_index (ip_neighbor_elt_pool, ip_neighbor_list_head[af]);
496 if (clib_llist_is_empty (ip_neighbor_elt_pool, ipne_anchor, head))
499 elt = clib_llist_prev (ip_neighbor_elt_pool, ipne_anchor, head);
500 ip_neighbor_destroy (ip_neighbor_get (elt->ipne_index));
505 static ip_neighbor_t *
506 ip_neighbor_alloc (const ip_neighbor_key_t * key,
507 const mac_address_t * mac, ip_neighbor_flags_t flags)
509 ip_address_family_t af;
512 af = ip_addr_version (&key->ipnk_ip);
514 if (ip_neighbor_db[af].ipndb_limit &&
515 (ip_neighbor_db[af].ipndb_n_elts >= ip_neighbor_db[af].ipndb_limit))
517 if (!ip_neighbor_force_reuse (af))
521 pool_get_zero (ip_neighbor_pool, ipn);
523 ipn->ipn_key = clib_mem_alloc (sizeof (*ipn->ipn_key));
524 clib_memcpy (ipn->ipn_key, key, sizeof (*ipn->ipn_key));
526 ipn->ipn_fib_entry_index = FIB_NODE_INDEX_INVALID;
527 ipn->ipn_flags = flags;
530 mac_address_copy (&ipn->ipn_mac, mac);
532 ip_neighbor_db_add (ipn);
534 /* create the adj-fib. the entry in the FIB table for the peer's interface */
535 if (!(ipn->ipn_flags & IP_NEIGHBOR_FLAG_NO_FIB_ENTRY))
536 ip_neighbor_adj_fib_add
537 (ipn, fib_table_get_index_for_sw_if_index
538 (ip_address_family_to_fib_proto (af), ipn->ipn_key->ipnk_sw_if_index));
544 ip_neighbor_add (const ip_address_t * ip,
545 const mac_address_t * mac,
547 ip_neighbor_flags_t flags, u32 * stats_index)
549 fib_protocol_t fproto;
552 /* main thread only */
553 ASSERT (0 == vlib_get_thread_index ());
555 fproto = ip_address_family_to_fib_proto (ip_addr_version (ip));
557 const ip_neighbor_key_t key = {
559 .ipnk_sw_if_index = sw_if_index,
562 ipn = ip_neighbor_db_find (&key);
566 IP_NEIGHBOR_DBG ("update: %U, %U",
567 format_vnet_sw_if_index_name, vnet_get_main (),
568 sw_if_index, format_ip_address, ip,
569 format_ip_neighbor_flags, flags, format_mac_address_t,
572 ip_neighbor_touch (ipn);
574 /* Refuse to over-write static neighbor entry. */
575 if (!(flags & IP_NEIGHBOR_FLAG_STATIC) &&
576 (ipn->ipn_flags & IP_NEIGHBOR_FLAG_STATIC))
578 /* if MAC address match, still check to send event */
579 if (0 == mac_address_cmp (&ipn->ipn_mac, mac))
580 goto check_customers;
584 /* A dynamic entry can become static, but not vice-versa.
585 * i.e. since if it was programmed by the CP then it must
586 * be removed by the CP */
587 if ((flags & IP_NEIGHBOR_FLAG_STATIC) &&
588 !(ipn->ipn_flags & IP_NEIGHBOR_FLAG_STATIC))
590 ip_neighbor_list_remove (ipn);
591 ipn->ipn_flags |= IP_NEIGHBOR_FLAG_STATIC;
592 ipn->ipn_flags &= ~IP_NEIGHBOR_FLAG_DYNAMIC;
596 * prevent a DoS attack from the data-plane that
597 * spams us with no-op updates to the MAC address
599 if (0 == mac_address_cmp (&ipn->ipn_mac, mac))
601 ip_neighbor_refresh (ipn);
602 goto check_customers;
605 mac_address_copy (&ipn->ipn_mac, mac);
609 IP_NEIGHBOR_INFO ("add: %U, %U",
610 format_vnet_sw_if_index_name, vnet_get_main (),
611 sw_if_index, format_ip_address, ip,
612 format_ip_neighbor_flags, flags, format_mac_address_t,
615 ipn = ip_neighbor_alloc (&key, mac, flags);
618 return VNET_API_ERROR_LIMIT_EXCEEDED;
621 /* Update time stamp and flags. */
622 ip_neighbor_refresh (ipn);
624 adj_nbr_walk_nh (ipn->ipn_key->ipnk_sw_if_index,
625 fproto, &ip_addr_46 (&ipn->ipn_key->ipnk_ip),
626 ip_neighbor_mk_complete_walk, ipn);
629 /* Customer(s) requesting event for this address? */
630 ip_neighbor_publish (ip_neighbor_get_index (ipn), IP_NEIGHBOR_EVENT_ADDED);
633 *stats_index = adj_nbr_find (fproto,
634 fib_proto_to_link (fproto),
635 &ip_addr_46 (&ipn->ipn_key->ipnk_ip),
636 ipn->ipn_key->ipnk_sw_if_index);
641 ip_neighbor_del (const ip_address_t * ip, u32 sw_if_index)
645 /* main thread only */
646 ASSERT (0 == vlib_get_thread_index ());
648 IP_NEIGHBOR_INFO ("delete: %U, %U",
649 format_vnet_sw_if_index_name, vnet_get_main (),
650 sw_if_index, format_ip_address, ip);
652 const ip_neighbor_key_t key = {
654 .ipnk_sw_if_index = sw_if_index,
657 ipn = ip_neighbor_db_find (&key);
660 return (VNET_API_ERROR_NO_SUCH_ENTRY);
662 ip_neighbor_destroy (ipn);
667 typedef struct ip_neighbor_del_all_ctx_t_
670 } ip_neighbor_del_all_ctx_t;
673 ip_neighbor_del_all_walk_cb (index_t ipni, void *arg)
675 ip_neighbor_del_all_ctx_t *ctx = arg;
677 vec_add1 (ctx->ipn_del, ipni);
679 return (WALK_CONTINUE);
683 ip_neighbor_del_all (ip_address_family_t af, u32 sw_if_index)
685 IP_NEIGHBOR_INFO ("delete-all: %U, %U",
686 format_ip_address_family, af,
687 format_vnet_sw_if_index_name, vnet_get_main (),
690 ip_neighbor_del_all_ctx_t ctx = {
695 ip_neighbor_walk (af, sw_if_index, ip_neighbor_del_all_walk_cb, &ctx);
698 ctx.ipn_del) ip_neighbor_destroy (ip_neighbor_get (*ipni));
699 vec_free (ctx.ipn_del);
703 ip_neighbor_update (vnet_main_t * vnm, adj_index_t ai)
710 ip_neighbor_key_t key = {
711 .ipnk_sw_if_index = adj->rewrite_header.sw_if_index,
714 ip_address_from_46 (&adj->sub_type.nbr.next_hop,
715 adj->ia_nh_proto, &key.ipnk_ip);
717 ipn = ip_neighbor_db_find (&key);
719 switch (adj->lookup_next_index)
721 case IP_LOOKUP_NEXT_ARP:
724 adj_nbr_walk_nh (adj->rewrite_header.sw_if_index,
726 &adj->sub_type.nbr.next_hop,
727 ip_neighbor_mk_complete_walk, ipn);
732 * no matching ARP entry.
733 * construct the rewrite required to for an ARP packet, and stick
734 * that in the adj's pipe to smoke.
736 adj_nbr_update_rewrite
738 ADJ_NBR_REWRITE_FLAG_INCOMPLETE,
739 ethernet_build_rewrite
741 adj->rewrite_header.sw_if_index,
743 VNET_REWRITE_FOR_SW_INTERFACE_ADDRESS_BROADCAST));
746 * since the FIB has added this adj for a route, it makes sense it
747 * may want to forward traffic sometime soon. Let's send a
748 * speculative ARP. just one. If we were to do periodically that
749 * wouldn't be bad either, but that's more code than i'm prepared to
750 * write at this time for relatively little reward.
753 * adj_nbr_update_rewrite may actually call fib_walk_sync.
754 * fib_walk_sync may allocate a new adjacency and potentially cause
755 * a realloc for adj_pool. When that happens, adj pointer is no
756 * longer valid here.x We refresh adj pointer accordingly.
759 ip_neighbor_probe (adj);
762 case IP_LOOKUP_NEXT_REWRITE:
763 /* Update of an existing rewrite adjacency happens e.g. when the
764 * interface's MAC address changes */
766 ip_neighbor_mk_complete (ai, ipn);
768 case IP_LOOKUP_NEXT_GLEAN:
769 case IP_LOOKUP_NEXT_BCAST:
770 case IP_LOOKUP_NEXT_MCAST:
771 case IP_LOOKUP_NEXT_DROP:
772 case IP_LOOKUP_NEXT_PUNT:
773 case IP_LOOKUP_NEXT_LOCAL:
774 case IP_LOOKUP_NEXT_MCAST_MIDCHAIN:
775 case IP_LOOKUP_NEXT_MIDCHAIN:
776 case IP_LOOKUP_NEXT_ICMP_ERROR:
777 case IP_LOOKUP_N_NEXT:
784 ip_neighbor_learn (const ip_neighbor_learn_t * l)
786 ip_neighbor_add (&l->ip, &l->mac, l->sw_if_index,
787 IP_NEIGHBOR_FLAG_DYNAMIC, NULL);
790 static clib_error_t *
791 ip_neighbor_cmd (vlib_main_t * vm,
792 unformat_input_t * input, vlib_cli_command_t * cmd)
794 ip_address_t ip = IP_ADDRESS_V6_ALL_0S;
795 mac_address_t mac = ZERO_MAC_ADDRESS;
796 vnet_main_t *vnm = vnet_get_main ();
797 ip_neighbor_flags_t flags;
798 u32 sw_if_index = ~0;
799 int is_add = 1, is_flush = 0;
802 flags = IP_NEIGHBOR_FLAG_DYNAMIC;
804 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
806 /* set ip arp TenGigE1/1/0/1 1.2.3.4 aa:bb:... or aabb.ccdd... */
807 if (unformat (input, "%U %U %U",
808 unformat_vnet_sw_interface, vnm, &sw_if_index,
809 unformat_ip_address, &ip, unformat_mac_address_t, &mac))
811 else if (unformat (input, "delete") || unformat (input, "del"))
813 else if (unformat (input, "flush"))
815 else if (unformat (input, "static"))
817 flags |= IP_NEIGHBOR_FLAG_STATIC;
818 flags &= ~IP_NEIGHBOR_FLAG_DYNAMIC;
820 else if (unformat (input, "no-fib-entry"))
821 flags |= IP_NEIGHBOR_FLAG_NO_FIB_ENTRY;
822 else if (unformat (input, "count %d", &count))
830 ip_neighbor_del_all (AF_IP4, sw_if_index);
831 ip_neighbor_del_all (AF_IP6, sw_if_index);
835 if (sw_if_index == ~0 ||
836 ip_address_is_zero (&ip) || mac_address_is_zero (&mac))
837 return clib_error_return (0,
838 "specify interface, IP address and MAC: `%U'",
839 format_unformat_error, input);
844 ip_neighbor_add (&ip, &mac, sw_if_index, flags, NULL);
846 ip_neighbor_del (&ip, sw_if_index);
848 ip_address_increment (&ip);
849 mac_address_increment (&mac);
858 * Add or delete IPv4 ARP cache entries.
860 * @note 'set ip neighbor' options (e.g. delete, static,
861 * 'count <number>', 'interface ip4_addr mac_addr') can be added in
862 * any order and combination.
866 * Add or delete IPv4 ARP cache entries as follows. MAC Address can be in
867 * either aa:bb:cc:dd:ee:ff format or aabb.ccdd.eeff format.
868 * @cliexcmd{set ip neighbor GigabitEthernet2/0/0 6.0.0.3 dead.beef.babe}
869 * @cliexcmd{set ip neighbor delete GigabitEthernet2/0/0 6.0.0.3
872 * To add or delete an IPv4 ARP cache entry
874 * @cliexcmd{set ip neighbor GigabitEthernet2/0/0 6.0.0.3 dead.beef.babe}
875 * @cliexcmd{set ip neighbor delete GigabitEthernet2/0/0 6.0.0.3
878 * Add or delete IPv4 static ARP cache entries as follows:
879 * @cliexcmd{set ip neighbor static GigabitEthernet2/0/0 6.0.0.3
881 * @cliexcmd{set ip neighbor static delete GigabitEthernet2/0/0 6.0.0.3
884 * For testing / debugging purposes, the 'set ip neighbor' command can add or
885 * delete multiple entries. Supply the 'count N' parameter:
886 * @cliexcmd{set ip neighbor count 10 GigabitEthernet2/0/0 6.0.0.3
890 VLIB_CLI_COMMAND (ip_neighbor_command, static) = {
891 .path = "set ip neighbor",
892 .short_help = "set ip neighbor [del] <intfc> <ip-address> <mac-address> "
893 "[static] [no-fib-entry] [count <count>]",
894 .function = ip_neighbor_cmd,
896 VLIB_CLI_COMMAND (ip_neighbor_command2, static) = {
897 .path = "ip neighbor",
898 .short_help = "ip neighbor [del] [flush] <intfc> <ip-address> <mac-address> "
899 "[static] [no-fib-entry] [count <count>]",
900 .function = ip_neighbor_cmd,
904 ip_neighbor_sort (void *a1, void *a2)
906 index_t *ipni1 = a1, *ipni2 = a2;
907 ip_neighbor_t *ipn1, *ipn2;
910 ipn1 = ip_neighbor_get (*ipni1);
911 ipn2 = ip_neighbor_get (*ipni2);
913 cmp = vnet_sw_interface_compare (vnet_get_main (),
914 ipn1->ipn_key->ipnk_sw_if_index,
915 ipn2->ipn_key->ipnk_sw_if_index);
917 cmp = ip_address_cmp (&ipn1->ipn_key->ipnk_ip, &ipn2->ipn_key->ipnk_ip);
922 ip_neighbor_entries (u32 sw_if_index, ip_address_family_t af)
924 index_t *ipnis = NULL;
927 pool_foreach (ipn, ip_neighbor_pool)
929 if ((sw_if_index == ~0 ||
930 ipn->ipn_key->ipnk_sw_if_index == sw_if_index) &&
932 ip_neighbor_get_af(ipn) == af))
933 vec_add1 (ipnis, ip_neighbor_get_index(ipn));
938 vec_sort_with_function (ipnis, ip_neighbor_sort);
942 static clib_error_t *
943 ip_neighbor_show_sorted_i (vlib_main_t * vm,
944 unformat_input_t * input,
945 vlib_cli_command_t * cmd, ip_address_family_t af)
947 ip_neighbor_elt_t *elt, *head;
950 head = pool_elt_at_index (ip_neighbor_elt_pool, ip_neighbor_list_head[af]);
951 now = vlib_time_now (vm);
953 vlib_cli_output (vm, "%=12s%=40s%=6s%=20s%=24s", "Age", "IP", "Flags",
954 "Ethernet", "Interface");
956 /* the list is time sorted, newest first, so start from the back
957 * and work forwards. Stop when we get to one that is alive */
958 clib_llist_foreach_reverse (ip_neighbor_elt_pool, ipne_anchor, head, elt, ({
959 vlib_cli_output (vm, "%U", format_ip_neighbor,
960 now, elt->ipne_index);
966 static clib_error_t *
967 ip_neighbor_show_i (vlib_main_t * vm,
968 unformat_input_t * input,
969 vlib_cli_command_t * cmd, ip_address_family_t af)
971 index_t *ipni, *ipnis = NULL;
975 /* Filter entries by interface if given. */
977 (void) unformat_user (input, unformat_vnet_sw_interface, vnet_get_main (),
980 ipnis = ip_neighbor_entries (sw_if_index, af);
981 now = vlib_time_now (vm);
984 vlib_cli_output (vm, "%=12s%=40s%=6s%=20s%=24s", "Age", "IP", "Flags",
985 "Ethernet", "Interface");
987 vec_foreach (ipni, ipnis)
989 vlib_cli_output (vm, "%U", format_ip_neighbor, now, *ipni);
996 static clib_error_t *
997 ip_neighbor_show (vlib_main_t * vm,
998 unformat_input_t * input, vlib_cli_command_t * cmd)
1000 return (ip_neighbor_show_i (vm, input, cmd, N_AF));
1003 static clib_error_t *
1004 ip6_neighbor_show (vlib_main_t * vm,
1005 unformat_input_t * input, vlib_cli_command_t * cmd)
1007 return (ip_neighbor_show_i (vm, input, cmd, AF_IP6));
1010 static clib_error_t *
1011 ip4_neighbor_show (vlib_main_t * vm,
1012 unformat_input_t * input, vlib_cli_command_t * cmd)
1014 return (ip_neighbor_show_i (vm, input, cmd, AF_IP4));
1017 static clib_error_t *
1018 ip6_neighbor_show_sorted (vlib_main_t * vm,
1019 unformat_input_t * input, vlib_cli_command_t * cmd)
1021 return (ip_neighbor_show_sorted_i (vm, input, cmd, AF_IP6));
1024 static clib_error_t *
1025 ip4_neighbor_show_sorted (vlib_main_t * vm,
1026 unformat_input_t * input, vlib_cli_command_t * cmd)
1028 return (ip_neighbor_show_sorted_i (vm, input, cmd, AF_IP4));
1032 * Display all the IP neighbor entries.
1035 * Example of how to display the IPv4 ARP table:
1036 * @cliexstart{show ip neighbor}
1037 * Time FIB IP4 Flags Ethernet Interface
1038 * 346.3028 0 6.1.1.3 de:ad:be:ef:ba:be GigabitEthernet2/0/0
1039 * 3077.4271 0 6.1.1.4 S de:ad:be:ef:ff:ff GigabitEthernet2/0/0
1040 * 2998.6409 1 6.2.2.3 de:ad:be:ef:00:01 GigabitEthernet2/0/0
1041 * Proxy arps enabled for:
1042 * Fib_index 0 6.0.0.1 - 6.0.0.11
1045 VLIB_CLI_COMMAND (show_ip_neighbors_cmd_node, static) = {
1046 .path = "show ip neighbors",
1047 .function = ip_neighbor_show,
1048 .short_help = "show ip neighbors [interface]",
1050 VLIB_CLI_COMMAND (show_ip4_neighbors_cmd_node, static) = {
1051 .path = "show ip4 neighbors",
1052 .function = ip4_neighbor_show,
1053 .short_help = "show ip4 neighbors [interface]",
1055 VLIB_CLI_COMMAND (show_ip6_neighbors_cmd_node, static) = {
1056 .path = "show ip6 neighbors",
1057 .function = ip6_neighbor_show,
1058 .short_help = "show ip6 neighbors [interface]",
1060 VLIB_CLI_COMMAND (show_ip_neighbor_cmd_node, static) = {
1061 .path = "show ip neighbor",
1062 .function = ip_neighbor_show,
1063 .short_help = "show ip neighbor [interface]",
1065 VLIB_CLI_COMMAND (show_ip4_neighbor_cmd_node, static) = {
1066 .path = "show ip4 neighbor",
1067 .function = ip4_neighbor_show,
1068 .short_help = "show ip4 neighbor [interface]",
1070 VLIB_CLI_COMMAND (show_ip6_neighbor_cmd_node, static) = {
1071 .path = "show ip6 neighbor",
1072 .function = ip6_neighbor_show,
1073 .short_help = "show ip6 neighbor [interface]",
1075 VLIB_CLI_COMMAND (show_ip4_neighbor_sorted_cmd_node, static) = {
1076 .path = "show ip4 neighbor-sorted",
1077 .function = ip4_neighbor_show_sorted,
1078 .short_help = "show ip4 neighbor-sorted",
1080 VLIB_CLI_COMMAND (show_ip6_neighbor_sorted_cmd_node, static) = {
1081 .path = "show ip6 neighbor-sorted",
1082 .function = ip6_neighbor_show_sorted,
1083 .short_help = "show ip6 neighbor-sorted",
1086 static ip_neighbor_vft_t ip_nbr_vfts[N_AF];
1089 ip_neighbor_register (ip_address_family_t af, const ip_neighbor_vft_t * vft)
1091 ip_nbr_vfts[af] = *vft;
1095 ip_neighbor_probe_dst (u32 sw_if_index, u32 thread_index,
1096 ip_address_family_t af, const ip46_address_t *dst)
1098 if (!vnet_sw_interface_is_admin_up (vnet_get_main (), sw_if_index))
1104 ip6_neighbor_probe_dst (sw_if_index, thread_index, &dst->ip6);
1107 ip4_neighbor_probe_dst (sw_if_index, thread_index, &dst->ip4);
1113 ip_neighbor_probe (const ip_adjacency_t * adj)
1115 ip_neighbor_probe_dst (adj->rewrite_header.sw_if_index,
1116 vlib_get_thread_index (),
1117 ip_address_family_from_fib_proto (adj->ia_nh_proto),
1118 &adj->sub_type.nbr.next_hop);
1122 ip_neighbor_walk (ip_address_family_t af,
1123 u32 sw_if_index, ip_neighbor_walk_cb_t cb, void *ctx)
1125 ip_neighbor_key_t *key;
1128 if (~0 == sw_if_index)
1132 vec_foreach (hash, ip_neighbor_db[af].ipndb_hash)
1134 hash_foreach (key, ipni, *hash,
1136 if (WALK_STOP == cb (ipni, ctx))
1145 if (vec_len (ip_neighbor_db[af].ipndb_hash) <= sw_if_index)
1147 hash = ip_neighbor_db[af].ipndb_hash[sw_if_index];
1149 hash_foreach (key, ipni, hash,
1151 if (WALK_STOP == cb (ipni, ctx))
1158 ip4_neighbor_proxy_add (u32 fib_index,
1159 const ip4_address_t * start,
1160 const ip4_address_t * end)
1162 if (ip_nbr_vfts[AF_IP4].inv_proxy4_add)
1164 return (ip_nbr_vfts[AF_IP4].inv_proxy4_add (fib_index, start, end));
1171 ip4_neighbor_proxy_delete (u32 fib_index,
1172 const ip4_address_t * start,
1173 const ip4_address_t * end)
1175 if (ip_nbr_vfts[AF_IP4].inv_proxy4_del)
1177 return (ip_nbr_vfts[AF_IP4].inv_proxy4_del (fib_index, start, end));
1183 ip4_neighbor_proxy_enable (u32 sw_if_index)
1185 if (ip_nbr_vfts[AF_IP4].inv_proxy4_enable)
1187 return (ip_nbr_vfts[AF_IP4].inv_proxy4_enable (sw_if_index));
1193 ip4_neighbor_proxy_disable (u32 sw_if_index)
1195 if (ip_nbr_vfts[AF_IP4].inv_proxy4_disable)
1197 return (ip_nbr_vfts[AF_IP4].inv_proxy4_disable (sw_if_index));
1203 ip6_neighbor_proxy_add (u32 sw_if_index, const ip6_address_t * addr)
1205 if (ip_nbr_vfts[AF_IP6].inv_proxy6_add)
1207 return (ip_nbr_vfts[AF_IP6].inv_proxy6_add (sw_if_index, addr));
1213 ip6_neighbor_proxy_del (u32 sw_if_index, const ip6_address_t * addr)
1215 if (ip_nbr_vfts[AF_IP6].inv_proxy6_del)
1217 return (ip_nbr_vfts[AF_IP6].inv_proxy6_del (sw_if_index, addr));
1223 ip_neighbor_populate (ip_address_family_t af, u32 sw_if_index)
1225 index_t *ipnis = NULL, *ipni;
1228 IP_NEIGHBOR_DBG ("populate: %U %U",
1229 format_vnet_sw_if_index_name, vnet_get_main (),
1230 sw_if_index, format_ip_address_family, af);
1232 pool_foreach (ipn, ip_neighbor_pool)
1234 if (ip_neighbor_get_af(ipn) == af &&
1235 ipn->ipn_key->ipnk_sw_if_index == sw_if_index)
1236 vec_add1 (ipnis, ipn - ip_neighbor_pool);
1239 vec_foreach (ipni, ipnis)
1241 ipn = ip_neighbor_get (*ipni);
1243 adj_nbr_walk_nh (ipn->ipn_key->ipnk_sw_if_index,
1244 ip_address_family_to_fib_proto (ip_neighbor_get_af
1246 &ip_addr_46 (&ipn->ipn_key->ipnk_ip),
1247 ip_neighbor_mk_complete_walk, ipn);
1253 ip_neighbor_flush (ip_address_family_t af, u32 sw_if_index)
1255 index_t *ipnis = NULL, *ipni;
1259 IP_NEIGHBOR_DBG ("flush: %U %U",
1260 format_vnet_sw_if_index_name, vnet_get_main (),
1261 sw_if_index, format_ip_address_family, af);
1263 pool_foreach (ipn, ip_neighbor_pool)
1265 if (ip_neighbor_get_af(ipn) == af &&
1266 ipn->ipn_key->ipnk_sw_if_index == sw_if_index &&
1267 ip_neighbor_is_dynamic (ipn))
1268 vec_add1 (ipnis, ipn - ip_neighbor_pool);
1271 vec_foreach (ipni, ipnis) ip_neighbor_destroy (ip_neighbor_get (*ipni));
1276 ip_neighbor_mark_one (index_t ipni, void *ctx)
1280 ipn = ip_neighbor_get (ipni);
1282 ipn->ipn_flags |= IP_NEIGHBOR_FLAG_STALE;
1284 return (WALK_CONTINUE);
1288 ip_neighbor_mark (ip_address_family_t af)
1290 ip_neighbor_walk (af, ~0, ip_neighbor_mark_one, NULL);
1293 typedef struct ip_neighbor_sweep_ctx_t_
1295 index_t *ipnsc_stale;
1296 } ip_neighbor_sweep_ctx_t;
1299 ip_neighbor_sweep_one (index_t ipni, void *arg)
1301 ip_neighbor_sweep_ctx_t *ctx = arg;
1304 ipn = ip_neighbor_get (ipni);
1306 if (ipn->ipn_flags & IP_NEIGHBOR_FLAG_STALE)
1308 vec_add1 (ctx->ipnsc_stale, ipni);
1311 return (WALK_CONTINUE);
1315 ip_neighbor_sweep (ip_address_family_t af)
1317 ip_neighbor_sweep_ctx_t ctx = { };
1320 ip_neighbor_walk (af, ~0, ip_neighbor_sweep_one, &ctx);
1322 vec_foreach (ipni, ctx.ipnsc_stale)
1324 ip_neighbor_destroy (ip_neighbor_get (*ipni));
1326 vec_free (ctx.ipnsc_stale);
1330 * Remove any arp entries associated with the specified interface
1332 static clib_error_t *
1333 ip_neighbor_interface_admin_change (vnet_main_t * vnm,
1334 u32 sw_if_index, u32 flags)
1336 ip_address_family_t af;
1338 IP_NEIGHBOR_DBG ("interface-admin: %U %s",
1339 format_vnet_sw_if_index_name, vnet_get_main (),
1341 (flags & VNET_SW_INTERFACE_FLAG_ADMIN_UP ? "up" : "down"));
1343 if (flags & VNET_SW_INTERFACE_FLAG_ADMIN_UP)
1345 FOR_EACH_IP_ADDRESS_FAMILY (af) ip_neighbor_populate (af, sw_if_index);
1349 /* admin down, flush all neighbours */
1350 FOR_EACH_IP_ADDRESS_FAMILY (af) ip_neighbor_flush (af, sw_if_index);
1356 VNET_SW_INTERFACE_ADMIN_UP_DOWN_FUNCTION (ip_neighbor_interface_admin_change);
1359 * Remove any arp entries associated with the specified interface
1361 static clib_error_t *
1362 ip_neighbor_add_del_sw_interface (vnet_main_t *vnm, u32 sw_if_index,
1365 IP_NEIGHBOR_DBG ("interface-change: %U %s",
1366 format_vnet_sw_if_index_name, vnet_get_main (),
1367 sw_if_index, (is_add ? "add" : "del"));
1369 if (!is_add && sw_if_index != ~0)
1371 ip_address_family_t af;
1373 FOR_EACH_IP_ADDRESS_FAMILY (af) ip_neighbor_flush (af, sw_if_index);
1378 ip_neighbor_alloc_ctr (&ip_neighbor_counters[AF_IP4], sw_if_index);
1379 ip_neighbor_alloc_ctr (&ip_neighbor_counters[AF_IP6], sw_if_index);
1385 VNET_SW_INTERFACE_ADD_DEL_FUNCTION (ip_neighbor_add_del_sw_interface);
1387 typedef struct ip_neighbor_walk_covered_ctx_t_
1392 } ip_neighbor_walk_covered_ctx_t;
1395 ip_neighbor_walk_covered (index_t ipni, void *arg)
1397 ip_neighbor_walk_covered_ctx_t *ctx = arg;
1400 ipn = ip_neighbor_get (ipni);
1402 if (AF_IP4 == ip_addr_version (&ctx->addr))
1404 if (ip4_destination_matches_route (&ip4_main,
1405 &ip_addr_v4 (&ipn->ipn_key->ipnk_ip),
1406 &ip_addr_v4 (&ctx->addr),
1408 ip_neighbor_is_dynamic (ipn))
1410 vec_add1 (ctx->ipnis, ip_neighbor_get_index (ipn));
1413 else if (AF_IP6 == ip_addr_version (&ctx->addr))
1415 if (ip6_destination_matches_route (&ip6_main,
1416 &ip_addr_v6 (&ipn->ipn_key->ipnk_ip),
1417 &ip_addr_v6 (&ctx->addr),
1419 ip_neighbor_is_dynamic (ipn))
1421 vec_add1 (ctx->ipnis, ip_neighbor_get_index (ipn));
1424 return (WALK_CONTINUE);
1429 * callback when an interface address is added or deleted
1432 ip_neighbor_add_del_interface_address_v4 (ip4_main_t * im,
1435 ip4_address_t * address,
1437 u32 if_address_index, u32 is_del)
1440 * Flush the ARP cache of all entries covered by the address
1441 * that is being removed.
1443 IP_NEIGHBOR_DBG ("addr-%s: %U, %U/%d", (is_del ? "del" : "add"),
1444 format_vnet_sw_if_index_name, vnet_get_main (), sw_if_index,
1445 format_ip4_address, address, address_length);
1449 ip_neighbor_walk_covered_ctx_t ctx = {
1454 .length = address_length,
1458 ip_neighbor_walk (AF_IP4, sw_if_index, ip_neighbor_walk_covered, &ctx);
1460 vec_foreach (ipni, ctx.ipnis)
1461 ip_neighbor_destroy (ip_neighbor_get (*ipni));
1463 vec_free (ctx.ipnis);
1468 * callback when an interface address is added or deleted
1471 ip_neighbor_add_del_interface_address_v6 (ip6_main_t * im,
1474 ip6_address_t * address,
1476 u32 if_address_index, u32 is_del)
1479 * Flush the ARP cache of all entries covered by the address
1480 * that is being removed.
1482 IP_NEIGHBOR_DBG ("addr-change: %U, %U/%d %s",
1483 format_vnet_sw_if_index_name, vnet_get_main (),
1484 sw_if_index, format_ip6_address, address, address_length,
1485 (is_del ? "del" : "add"));
1489 ip_neighbor_walk_covered_ctx_t ctx = {
1494 .length = address_length,
1498 ip_neighbor_walk (AF_IP6, sw_if_index, ip_neighbor_walk_covered, &ctx);
1500 vec_foreach (ipni, ctx.ipnis)
1501 ip_neighbor_destroy (ip_neighbor_get (*ipni));
1503 vec_free (ctx.ipnis);
1507 typedef struct ip_neighbor_table_bind_ctx_t_
1511 } ip_neighbor_table_bind_ctx_t;
1514 ip_neighbor_walk_table_bind (index_t ipni, void *arg)
1516 ip_neighbor_table_bind_ctx_t *ctx = arg;
1519 ipn = ip_neighbor_get (ipni);
1520 ip_neighbor_adj_fib_remove (ipn, ctx->old_fib_index);
1521 ip_neighbor_adj_fib_add (ipn, ctx->new_fib_index);
1523 return (WALK_CONTINUE);
1527 ip_neighbor_table_bind_v4 (ip4_main_t * im,
1530 u32 new_fib_index, u32 old_fib_index)
1532 ip_neighbor_table_bind_ctx_t ctx = {
1533 .old_fib_index = old_fib_index,
1534 .new_fib_index = new_fib_index,
1537 ip_neighbor_walk (AF_IP4, sw_if_index, ip_neighbor_walk_table_bind, &ctx);
1541 ip_neighbor_table_bind_v6 (ip6_main_t * im,
1544 u32 new_fib_index, u32 old_fib_index)
1546 ip_neighbor_table_bind_ctx_t ctx = {
1547 .old_fib_index = old_fib_index,
1548 .new_fib_index = new_fib_index,
1551 ip_neighbor_walk (AF_IP6, sw_if_index, ip_neighbor_walk_table_bind, &ctx);
1554 typedef enum ip_neighbor_age_state_t_
1556 IP_NEIGHBOR_AGE_ALIVE,
1557 IP_NEIGHBOR_AGE_PROBE,
1558 IP_NEIGHBOR_AGE_DEAD,
1559 } ip_neighbor_age_state_t;
1561 #define IP_NEIGHBOR_PROCESS_SLEEP_LONG (0)
1563 static ip_neighbor_age_state_t
1564 ip_neighbour_age_out (index_t ipni, f64 now, f64 * wait)
1566 ip_address_family_t af;
1571 ipn = ip_neighbor_get (ipni);
1572 af = ip_neighbor_get_af (ipn);
1573 ipndb_age = ip_neighbor_db[af].ipndb_age;
1574 ttl = now - ipn->ipn_time_last_updated;
1577 if (ttl > ipndb_age)
1579 IP_NEIGHBOR_DBG ("aged: %U @%f - %f > %d", format_ip_neighbor, now, ipni,
1580 now, ipn->ipn_time_last_updated, ipndb_age);
1581 if (ipn->ipn_n_probes > 2)
1583 /* 3 strikes and yea-re out */
1584 IP_NEIGHBOR_DBG ("dead: %U", format_ip_neighbor, now, ipni);
1586 return (IP_NEIGHBOR_AGE_DEAD);
1590 ip_neighbor_probe_dst (ip_neighbor_get_sw_if_index (ipn),
1591 vlib_get_thread_index (), af,
1592 &ip_addr_46 (&ipn->ipn_key->ipnk_ip));
1594 ipn->ipn_n_probes++;
1600 /* here we are sure that ttl <= ipndb_age */
1601 *wait = ipndb_age - ttl + 1;
1602 return (IP_NEIGHBOR_AGE_ALIVE);
1605 return (IP_NEIGHBOR_AGE_PROBE);
1608 typedef enum ip_neighbor_process_event_t_
1610 IP_NEIGHBOR_AGE_PROCESS_WAKEUP,
1611 } ip_neighbor_process_event_t;
1614 ip_neighbor_age_loop (vlib_main_t * vm,
1615 vlib_node_runtime_t * rt,
1616 vlib_frame_t * f, ip_address_family_t af)
1618 uword event_type, *event_data = NULL;
1621 /* Set the timeout to an effectively infinite value when the process starts */
1622 timeout = IP_NEIGHBOR_PROCESS_SLEEP_LONG;
1629 vlib_process_wait_for_event (vm);
1631 vlib_process_wait_for_event_or_clock (vm, timeout);
1633 event_type = vlib_process_get_events (vm, &event_data);
1634 vec_reset_length (event_data);
1636 now = vlib_time_now (vm);
1643 ip_neighbor_elt_t *elt, *head;
1646 timeout = ip_neighbor_db[af].ipndb_age;
1647 head = pool_elt_at_index (ip_neighbor_elt_pool,
1648 ip_neighbor_list_head[af]);
1650 /* the list is time sorted, newest first, so start from the back
1651 * and work forwards. Stop when we get to one that is alive */
1653 clib_llist_foreach_reverse(ip_neighbor_elt_pool,
1654 ipne_anchor, head, elt,
1656 ip_neighbor_age_state_t res;
1658 res = ip_neighbour_age_out(elt->ipne_index, now, &wait);
1660 if (IP_NEIGHBOR_AGE_ALIVE == res) {
1661 /* the oldest neighbor has not yet expired, go back to sleep */
1662 timeout = clib_min (wait, timeout);
1665 else if (IP_NEIGHBOR_AGE_DEAD == res) {
1666 /* the oldest neighbor is dead, pop it, then restart the walk
1667 * again from the back */
1668 ip_neighbor_destroy (ip_neighbor_get(elt->ipne_index));
1672 timeout = clib_min (wait, timeout);
1676 case IP_NEIGHBOR_AGE_PROCESS_WAKEUP:
1679 if (!ip_neighbor_db[af].ipndb_age)
1681 /* aging has been disabled */
1685 ip_neighbor_elt_t *elt, *head;
1687 head = pool_elt_at_index (ip_neighbor_elt_pool,
1688 ip_neighbor_list_head[af]);
1689 /* no neighbors yet */
1690 if (clib_llist_is_empty (ip_neighbor_elt_pool, ipne_anchor, head))
1692 timeout = ip_neighbor_db[af].ipndb_age;
1696 /* poke the oldset neighbour for aging, which returns how long we sleep for */
1697 elt = clib_llist_prev (ip_neighbor_elt_pool, ipne_anchor, head);
1698 ip_neighbour_age_out (elt->ipne_index, now, &timeout);
1707 ip4_neighbor_age_process (vlib_main_t * vm,
1708 vlib_node_runtime_t * rt, vlib_frame_t * f)
1710 return (ip_neighbor_age_loop (vm, rt, f, AF_IP4));
1714 ip6_neighbor_age_process (vlib_main_t * vm,
1715 vlib_node_runtime_t * rt, vlib_frame_t * f)
1717 return (ip_neighbor_age_loop (vm, rt, f, AF_IP6));
1720 VLIB_REGISTER_NODE (ip4_neighbor_age_process_node,static) = {
1721 .function = ip4_neighbor_age_process,
1722 .type = VLIB_NODE_TYPE_PROCESS,
1723 .name = "ip4-neighbor-age-process",
1725 VLIB_REGISTER_NODE (ip6_neighbor_age_process_node,static) = {
1726 .function = ip6_neighbor_age_process,
1727 .type = VLIB_NODE_TYPE_PROCESS,
1728 .name = "ip6-neighbor-age-process",
1732 ip_neighbor_config (ip_address_family_t af, u32 limit, u32 age, bool recycle)
1734 ip_neighbor_db[af].ipndb_limit = limit;
1735 ip_neighbor_db[af].ipndb_recycle = recycle;
1736 ip_neighbor_db[af].ipndb_age = age;
1738 vlib_process_signal_event (vlib_get_main (),
1740 ip4_neighbor_age_process_node.index :
1741 ip6_neighbor_age_process_node.index),
1742 IP_NEIGHBOR_AGE_PROCESS_WAKEUP, 0);
1748 ip_neighbor_get_config (ip_address_family_t af, u32 *limit, u32 *age,
1751 *limit = ip_neighbor_db[af].ipndb_limit;
1752 *age = ip_neighbor_db[af].ipndb_age;
1753 *recycle = ip_neighbor_db[af].ipndb_recycle;
1758 static clib_error_t *
1759 ip_neighbor_config_show (vlib_main_t * vm,
1760 unformat_input_t * input, vlib_cli_command_t * cmd)
1762 ip_address_family_t af;
1764 FOR_EACH_IP_ADDRESS_FAMILY(af) {
1765 vlib_cli_output (vm, "%U:", format_ip_address_family, af);
1766 vlib_cli_output (vm, " limit:%d, age:%d, recycle:%d",
1767 ip_neighbor_db[af].ipndb_limit,
1768 ip_neighbor_db[af].ipndb_age,
1769 ip_neighbor_db[af].ipndb_recycle);
1775 static clib_error_t *
1776 ip_neighbor_config_set (vlib_main_t *vm, unformat_input_t *input,
1777 vlib_cli_command_t *cmd)
1779 unformat_input_t _line_input, *line_input = &_line_input;
1780 clib_error_t *error = NULL;
1781 ip_address_family_t af;
1785 if (!unformat_user (input, unformat_line_input, line_input))
1788 if (!unformat (line_input, "%U", unformat_ip_address_family, &af))
1790 error = unformat_parse_error (line_input);
1794 limit = ip_neighbor_db[af].ipndb_limit;
1795 age = ip_neighbor_db[af].ipndb_age;
1796 recycle = ip_neighbor_db[af].ipndb_recycle;
1798 while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
1800 if (unformat (line_input, "limit %u", &limit))
1802 else if (unformat (line_input, "age %u", &age))
1804 else if (unformat (line_input, "recycle"))
1806 else if (unformat (line_input, "norecycle"))
1810 error = unformat_parse_error (line_input);
1815 ip_neighbor_config (af, limit, age, recycle);
1818 unformat_free (line_input);
1823 ip_neighbor_stats_show_one (vlib_main_t *vm, vnet_main_t *vnm, u32 sw_if_index)
1825 vlib_cli_output (vm, " %U", format_vnet_sw_if_index_name, vnm, sw_if_index);
1826 vlib_cli_output (vm, " arp:%U", format_ip_neighbor_counters,
1827 &ip_neighbor_counters[AF_IP4], sw_if_index);
1828 vlib_cli_output (vm, " nd: %U", format_ip_neighbor_counters,
1829 &ip_neighbor_counters[AF_IP6], sw_if_index);
1833 ip_neighbor_stats_show_cb (vnet_main_t *vnm, vnet_sw_interface_t *si,
1836 ip_neighbor_stats_show_one (ctx, vnm, si->sw_if_index);
1838 return (WALK_CONTINUE);
1841 static clib_error_t *
1842 ip_neighbor_stats_show (vlib_main_t *vm, unformat_input_t *input,
1843 vlib_cli_command_t *cmd)
1848 vnm = vnet_get_main ();
1850 (void) unformat_user (input, unformat_vnet_sw_interface, vnm, &sw_if_index);
1852 if (~0 == sw_if_index)
1854 vnet_sw_interface_walk (vnm, ip_neighbor_stats_show_cb, vm);
1858 ip_neighbor_stats_show_one (vm, vnm, sw_if_index);
1863 VLIB_CLI_COMMAND (show_ip_neighbor_cfg_cmd_node, static) = {
1864 .path = "show ip neighbor-config",
1865 .function = ip_neighbor_config_show,
1866 .short_help = "show ip neighbor-config",
1868 VLIB_CLI_COMMAND (set_ip_neighbor_cfg_cmd_node, static) = {
1869 .path = "set ip neighbor-config",
1870 .function = ip_neighbor_config_set,
1871 .short_help = "set ip neighbor-config ip4|ip6 [limit <limit>] [age <age>] "
1872 "[recycle|norecycle]",
1874 VLIB_CLI_COMMAND (show_ip_neighbor_stats_cmd_node, static) = {
1875 .path = "show ip neighbor-stats",
1876 .function = ip_neighbor_stats_show,
1877 .short_help = "show ip neighbor-stats [interface]",
1880 static clib_error_t *
1881 ip_neighbor_init (vlib_main_t * vm)
1884 ip4_add_del_interface_address_callback_t cb = {
1885 .function = ip_neighbor_add_del_interface_address_v4,
1887 vec_add1 (ip4_main.add_del_interface_address_callbacks, cb);
1890 ip6_add_del_interface_address_callback_t cb = {
1891 .function = ip_neighbor_add_del_interface_address_v6,
1893 vec_add1 (ip6_main.add_del_interface_address_callbacks, cb);
1896 ip4_table_bind_callback_t cb = {
1897 .function = ip_neighbor_table_bind_v4,
1899 vec_add1 (ip4_main.table_bind_callbacks, cb);
1902 ip6_table_bind_callback_t cb = {
1903 .function = ip_neighbor_table_bind_v6,
1905 vec_add1 (ip6_main.table_bind_callbacks, cb);
1907 ipn_logger = vlib_log_register_class ("ip", "neighbor");
1909 ip_address_family_t af;
1911 FOR_EACH_IP_ADDRESS_FAMILY (af)
1912 ip_neighbor_list_head[af] =
1913 clib_llist_make_head (ip_neighbor_elt_pool, ipne_anchor);
1918 VLIB_INIT_FUNCTION (ip_neighbor_init) =
1920 .runs_after = VLIB_INITS("ip_main_init"),
1924 * fd.io coding-style-patch-verification: ON
1927 * eval: (c-set-style "gnu")
Code Review / vpp.git / blob