2 * ip/ip6_neighbor.c: IP6 neighbor handling
4 * Copyright (c) 2010 Cisco and/or its affiliates.
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
18 #include <vnet/ip/ip.h>
19 #include <vnet/ip/ip6_neighbor.h>
20 #include <vnet/ethernet/ethernet.h>
21 #include <vppinfra/mhash.h>
22 #include <vnet/adj/adj.h>
23 #include <vnet/adj/adj_mcast.h>
24 #include <vnet/fib/fib_table.h>
25 #include <vnet/fib/ip6_fib.h>
26 #include <vnet/mfib/ip6_mfib.h>
27 #include <vnet/ip/ip6_ll_table.h>
31 * @brief IPv6 Neighbor Adjacency and Neighbor Discovery.
33 * The files contains the API and CLI code for managing IPv6 neighbor
34 * adjacency tables and neighbor discovery logic.
37 /* can't use sizeof link_layer_address, that's 8 */
38 #define ETHER_MAC_ADDR_LEN 6
40 /* advertised prefix option */
43 /* basic advertised information */
47 int adv_autonomous_flag;
48 u32 adv_valid_lifetime_in_secs;
49 u32 adv_pref_lifetime_in_secs;
51 /* advertised values are computed from these times if decrementing */
52 f64 valid_lifetime_expires;
53 f64 pref_lifetime_expires;
55 /* local information */
57 int deprecated_prefix_flag;
58 int decrement_lifetime_flag;
60 #define MIN_ADV_VALID_LIFETIME 7203 /* seconds */
61 #define DEF_ADV_VALID_LIFETIME 2592000
62 #define DEF_ADV_PREF_LIFETIME 604800
64 /* extensions are added here, mobile, DNS etc.. */
70 /* group information */
72 ip6_address_t mcast_address;
74 ip6_address_t *mcast_source_address_pool;
77 /* configured router advertisement information per ipv6 interface */
81 /* advertised config information, zero means unspecified */
85 u16 adv_router_lifetime_in_sec;
86 u32 adv_neighbor_reachable_time_in_msec;
87 u32 adv_time_in_msec_between_retransmitted_neighbor_solicitations;
92 /* source link layer option */
93 u8 link_layer_address[8];
94 u8 link_layer_addr_len;
97 ip6_radv_prefix_t *adv_prefixes_pool;
99 /* Hash table mapping address to index in interface advertised prefix pool. */
100 mhash_t address_to_prefix_index;
102 /* MLDP group information */
103 ip6_mldp_group_t *mldp_group_pool;
105 /* Hash table mapping address to index in mldp address pool. */
106 mhash_t address_to_mldp_index;
108 /* local information */
110 int send_radv; /* radv on/off on this interface - set by config */
111 int cease_radv; /* we are ceasing to send - set byf config */
113 int adv_link_layer_address;
115 int failed_device_check;
116 int all_routers_mcast;
120 adj_index_t mcast_adj_index;
122 /* timing information */
123 #define DEF_MAX_RADV_INTERVAL 200
124 #define DEF_MIN_RADV_INTERVAL .75 * DEF_MAX_RADV_INTERVAL
125 #define DEF_CURR_HOP_LIMIT 64
126 #define DEF_DEF_RTR_LIFETIME 3 * DEF_MAX_RADV_INTERVAL
127 #define MAX_DEF_RTR_LIFETIME 9000
129 #define MAX_INITIAL_RTR_ADVERT_INTERVAL 16 /* seconds */
130 #define MAX_INITIAL_RTR_ADVERTISEMENTS 3 /*transmissions */
131 #define MIN_DELAY_BETWEEN_RAS 3 /* seconds */
132 #define MAX_DELAY_BETWEEN_RAS 1800 /* seconds */
133 #define MAX_RA_DELAY_TIME .5 /* seconds */
135 f64 max_radv_interval;
136 f64 min_radv_interval;
137 f64 min_delay_between_radv;
138 f64 max_delay_between_radv;
139 f64 max_rtr_default_lifetime;
142 f64 last_multicast_time;
143 f64 next_multicast_time;
146 u32 initial_adverts_count;
147 f64 initial_adverts_interval;
148 u32 initial_adverts_sent;
151 u32 n_advertisements_sent;
152 u32 n_solicitations_rcvd;
153 u32 n_solicitations_dropped;
155 /* Link local address to use (defaults to underlying physical for logical interfaces */
156 ip6_address_t link_local_address;
158 /* router solicitations sending state */
159 u8 keep_sending_rs; /* when true then next fields are valid */
160 icmp6_send_router_solicitation_params_t params;
165 vlib_buffer_t *buffer;
174 /* Used for nd event notification only */
177 } pending_resolution_t;
182 /* Hash tables mapping name to opcode. */
183 uword *opcode_by_name;
185 /* lite beer "glean" adjacency handling */
186 mhash_t pending_resolutions_by_address;
187 pending_resolution_t *pending_resolutions;
189 /* Mac address change notification */
190 mhash_t mac_changes_by_address;
191 pending_resolution_t *mac_changes;
193 u32 *neighbor_input_next_index_by_hw_if_index;
195 ip6_neighbor_t *neighbor_pool;
197 mhash_t neighbor_index_by_key;
199 u32 *if_radv_pool_index_by_sw_if_index;
201 ip6_radv_t *if_radv_pool;
203 /* Neighbor attack mitigation */
204 u32 limit_neighbor_cache_size;
205 u32 neighbor_delete_rotor;
207 /* Wildcard nd report publisher */
208 uword wc_ip6_nd_publisher_node;
209 uword wc_ip6_nd_publisher_et;
211 /* Router advertisement report publisher */
212 uword ip6_ra_publisher_node;
213 uword ip6_ra_publisher_et;
214 } ip6_neighbor_main_t;
216 /* ipv6 neighbor discovery - timer/event types */
220 } ip6_icmp_neighbor_discovery_event_type_t;
230 } ip6_icmp_neighbor_discovery_event_data_t;
232 static ip6_neighbor_main_t ip6_neighbor_main;
233 ip6_neighbor_public_main_t ip6_neighbor_public_main;
234 static ip6_address_t ip6a_zero; /* ip6 address 0 */
236 static void wc_nd_signal_report (wc_nd_report_t * r);
237 static void ra_signal_report (ra_report_t * r);
240 ip6_neighbor_get_link_local_address (u32 sw_if_index)
242 static ip6_address_t empty_address = { {0} };
243 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
244 ip6_radv_t *radv_info;
247 ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index];
250 clib_warning ("IPv6 is not enabled for sw_if_index %d", sw_if_index);
251 return empty_address;
253 radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
254 if (radv_info == NULL)
256 clib_warning ("Internal error");
257 return empty_address;
259 return radv_info->link_local_address;
263 * @brief publish wildcard arp event
264 * @param sw_if_index The interface on which the ARP entires are acted
267 vnet_nd_wc_publish (u32 sw_if_index, u8 * mac, ip6_address_t * ip6)
270 .sw_if_index = sw_if_index,
273 memcpy (r.mac, mac, sizeof r.mac);
275 void vl_api_rpc_call_main_thread (void *fp, u8 * data, u32 data_length);
276 vl_api_rpc_call_main_thread (wc_nd_signal_report, (u8 *) & r, sizeof r);
281 wc_nd_signal_report (wc_nd_report_t * r)
283 vlib_main_t *vm = vlib_get_main ();
284 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
285 uword ni = nm->wc_ip6_nd_publisher_node;
286 uword et = nm->wc_ip6_nd_publisher_et;
288 if (ni == (uword) ~ 0)
291 vlib_process_signal_event_data (vm, ni, et, 1, sizeof *q);
297 wc_nd_set_publisher_node (uword node_index, uword event_type)
299 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
300 nm->wc_ip6_nd_publisher_node = node_index;
301 nm->wc_ip6_nd_publisher_et = event_type;
305 ra_publish (ra_report_t * r)
307 void vl_api_rpc_call_main_thread (void *fp, u8 * data, u32 data_length);
308 vl_api_rpc_call_main_thread (ra_signal_report, (u8 *) r, sizeof *r);
313 ra_signal_report (ra_report_t * r)
315 vlib_main_t *vm = vlib_get_main ();
316 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
317 uword ni = nm->ip6_ra_publisher_node;
318 uword et = nm->ip6_ra_publisher_et;
320 if (ni == (uword) ~ 0)
322 ra_report_t *q = vlib_process_signal_event_data (vm, ni, et, 1, sizeof *q);
328 ra_set_publisher_node (uword node_index, uword event_type)
330 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
331 nm->ip6_ra_publisher_node = node_index;
332 nm->ip6_ra_publisher_et = event_type;
336 format_ip6_neighbor_ip6_entry (u8 * s, va_list * va)
338 vlib_main_t *vm = va_arg (*va, vlib_main_t *);
339 ip6_neighbor_t *n = va_arg (*va, ip6_neighbor_t *);
340 vnet_main_t *vnm = vnet_get_main ();
341 vnet_sw_interface_t *si;
345 return format (s, "%=12s%=25s%=6s%=20s%=40s", "Time", "Address", "Flags",
346 "Link layer", "Interface");
348 if (n->flags & IP6_NEIGHBOR_FLAG_DYNAMIC)
349 flags = format (flags, "D");
351 if (n->flags & IP6_NEIGHBOR_FLAG_STATIC)
352 flags = format (flags, "S");
354 if (n->flags & IP6_NEIGHBOR_FLAG_NO_FIB_ENTRY)
355 flags = format (flags, "N");
357 si = vnet_get_sw_interface (vnm, n->key.sw_if_index);
358 s = format (s, "%=12U%=25U%=6s%=20U%=40U",
359 format_vlib_time, vm, n->time_last_updated,
360 format_ip6_address, &n->key.ip6_address,
361 flags ? (char *) flags : "",
362 format_ethernet_address, n->link_layer_address,
363 format_vnet_sw_interface_name, vnm, si);
370 ip6_neighbor_adj_fib_remove (ip6_neighbor_t * n, u32 fib_index)
372 if (FIB_NODE_INDEX_INVALID != n->fib_entry_index)
374 if (ip6_address_is_link_local_unicast (&n->key.ip6_address))
376 ip6_ll_prefix_t pfx = {
377 .ilp_addr = n->key.ip6_address,
378 .ilp_sw_if_index = n->key.sw_if_index,
380 ip6_ll_table_entry_delete (&pfx);
386 .fp_proto = FIB_PROTOCOL_IP6,
387 .fp_addr.ip6 = n->key.ip6_address,
389 fib_table_entry_path_remove (fib_index,
394 n->key.sw_if_index, ~0,
395 1, FIB_ROUTE_PATH_FLAG_NONE);
405 u8 link_layer_address[6];
408 } ip6_neighbor_set_unset_rpc_args_t;
410 static void ip6_neighbor_set_unset_rpc_callback
411 (ip6_neighbor_set_unset_rpc_args_t * a);
413 static void set_unset_ip6_neighbor_rpc
416 ip6_address_t * a, u8 * link_layer_address, int is_add, int is_static,
419 ip6_neighbor_set_unset_rpc_args_t args;
420 void vl_api_rpc_call_main_thread (void *fp, u8 * data, u32 data_length);
422 args.sw_if_index = sw_if_index;
423 args.is_add = is_add;
424 args.is_static = is_static;
425 args.is_no_fib_entry = is_no_fib_entry;
426 clib_memcpy (&args.addr, a, sizeof (*a));
427 if (NULL != link_layer_address)
428 clib_memcpy (args.link_layer_address, link_layer_address, 6);
430 vl_api_rpc_call_main_thread (ip6_neighbor_set_unset_rpc_callback,
431 (u8 *) & args, sizeof (args));
435 ip6_nbr_probe (ip_adjacency_t * adj)
437 icmp6_neighbor_solicitation_header_t *h;
438 vnet_main_t *vnm = vnet_get_main ();
439 ip6_main_t *im = &ip6_main;
440 ip_interface_address_t *ia;
441 ip6_address_t *dst, *src;
442 vnet_hw_interface_t *hi;
443 vnet_sw_interface_t *si;
449 vm = vlib_get_main ();
451 si = vnet_get_sw_interface (vnm, adj->rewrite_header.sw_if_index);
452 dst = &adj->sub_type.nbr.next_hop.ip6;
454 if (!(si->flags & VNET_SW_INTERFACE_FLAG_ADMIN_UP))
458 src = ip6_interface_address_matching_destination (im, dst,
466 h = vlib_packet_template_get_packet (vm,
467 &im->discover_neighbor_packet_template,
472 hi = vnet_get_sup_hw_interface (vnm, adj->rewrite_header.sw_if_index);
474 h->ip.dst_address.as_u8[13] = dst->as_u8[13];
475 h->ip.dst_address.as_u8[14] = dst->as_u8[14];
476 h->ip.dst_address.as_u8[15] = dst->as_u8[15];
477 h->ip.src_address = src[0];
478 h->neighbor.target_address = dst[0];
480 clib_memcpy (h->link_layer_option.ethernet_address,
481 hi->hw_address, vec_len (hi->hw_address));
483 h->neighbor.icmp.checksum =
484 ip6_tcp_udp_icmp_compute_checksum (vm, 0, &h->ip, &bogus_length);
485 ASSERT (bogus_length == 0);
487 b = vlib_get_buffer (vm, bi);
488 vnet_buffer (b)->sw_if_index[VLIB_RX] =
489 vnet_buffer (b)->sw_if_index[VLIB_TX] = adj->rewrite_header.sw_if_index;
491 /* Add encapsulation string for software interface (e.g. ethernet header). */
492 vnet_rewrite_one_header (adj[0], h, sizeof (ethernet_header_t));
493 vlib_buffer_advance (b, -adj->rewrite_header.data_bytes);
496 vlib_frame_t *f = vlib_get_frame_to_node (vm, hi->output_node_index);
497 u32 *to_next = vlib_frame_vector_args (f);
500 vlib_put_frame_to_node (vm, hi->output_node_index, f);
505 ip6_nd_mk_complete (adj_index_t ai, ip6_neighbor_t * nbr)
507 adj_nbr_update_rewrite (ai, ADJ_NBR_REWRITE_FLAG_COMPLETE,
508 ethernet_build_rewrite (vnet_get_main (),
509 nbr->key.sw_if_index,
510 adj_get_link_type (ai),
511 nbr->link_layer_address));
515 ip6_nd_mk_incomplete (adj_index_t ai)
517 ip_adjacency_t *adj = adj_get (ai);
519 adj_nbr_update_rewrite (ai,
520 ADJ_NBR_REWRITE_FLAG_INCOMPLETE,
521 ethernet_build_rewrite (vnet_get_main (),
524 adj_get_link_type (ai),
525 VNET_REWRITE_FOR_SW_INTERFACE_ADDRESS_BROADCAST));
528 #define IP6_NBR_MK_KEY(k, sw_if_index, addr) \
530 k.sw_if_index = sw_if_index; \
531 k.ip6_address = *addr; \
535 static ip6_neighbor_t *
536 ip6_nd_find (u32 sw_if_index, const ip6_address_t * addr)
538 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
539 ip6_neighbor_t *n = NULL;
540 ip6_neighbor_key_t k;
543 IP6_NBR_MK_KEY (k, sw_if_index, addr);
545 p = mhash_get (&nm->neighbor_index_by_key, &k);
548 n = pool_elt_at_index (nm->neighbor_pool, p[0]);
555 ip6_nd_mk_complete_walk (adj_index_t ai, void *ctx)
557 ip6_neighbor_t *nbr = ctx;
559 ip6_nd_mk_complete (ai, nbr);
561 return (ADJ_WALK_RC_CONTINUE);
565 ip6_nd_mk_incomplete_walk (adj_index_t ai, void *ctx)
567 ip6_nd_mk_incomplete (ai);
569 return (ADJ_WALK_RC_CONTINUE);
572 static clib_error_t *
573 ip6_neighbor_sw_interface_up_down (vnet_main_t * vnm,
574 u32 sw_if_index, u32 flags)
576 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
578 u32 i, *to_delete = 0;
581 pool_foreach (n, nm->neighbor_pool,
583 if (n->key.sw_if_index == sw_if_index)
584 vec_add1 (to_delete, n - nm->neighbor_pool);
588 if (flags & VNET_SW_INTERFACE_FLAG_ADMIN_UP)
590 for (i = 0; i < vec_len (to_delete); i++)
592 n = pool_elt_at_index (nm->neighbor_pool, to_delete[i]);
593 adj_nbr_walk_nh6 (n->key.sw_if_index, &n->key.ip6_address,
594 ip6_nd_mk_complete_walk, n);
599 for (i = 0; i < vec_len (to_delete); i++)
601 n = pool_elt_at_index (nm->neighbor_pool, to_delete[i]);
602 adj_nbr_walk_nh6 (n->key.sw_if_index, &n->key.ip6_address,
603 ip6_nd_mk_incomplete_walk, NULL);
604 if (n->flags & IP6_NEIGHBOR_FLAG_STATIC)
606 ip6_neighbor_adj_fib_remove (n,
607 ip6_fib_table_get_index_for_sw_if_index
608 (n->key.sw_if_index));
609 mhash_unset (&nm->neighbor_index_by_key, &n->key, 0);
610 pool_put (nm->neighbor_pool, n);
614 vec_free (to_delete);
618 VNET_SW_INTERFACE_ADMIN_UP_DOWN_FUNCTION (ip6_neighbor_sw_interface_up_down);
621 ip6_ethernet_update_adjacency (vnet_main_t * vnm, u32 sw_if_index, u32 ai)
628 nbr = ip6_nd_find (sw_if_index, &adj->sub_type.nbr.next_hop.ip6);
630 switch (adj->lookup_next_index)
632 case IP_LOOKUP_NEXT_GLEAN:
633 adj_glean_update_rewrite (ai);
635 case IP_LOOKUP_NEXT_ARP:
638 adj_nbr_walk_nh6 (sw_if_index, &nbr->key.ip6_address,
639 ip6_nd_mk_complete_walk, nbr);
644 * no matching ND entry.
645 * construct the rewrite required to for an ND packet, and stick
646 * that in the adj's pipe to smoke.
648 adj_nbr_update_rewrite (ai,
649 ADJ_NBR_REWRITE_FLAG_INCOMPLETE,
650 ethernet_build_rewrite (vnm,
653 VNET_REWRITE_FOR_SW_INTERFACE_ADDRESS_BROADCAST));
656 * since the FIB has added this adj for a route, it makes sense it may
657 * want to forward traffic sometime soon. Let's send a speculative ND.
658 * just one. If we were to do periodically that wouldn't be bad either,
659 * but that's more code than i'm prepared to write at this time for
660 * relatively little reward.
665 case IP_LOOKUP_NEXT_MCAST:
668 * Construct a partial rewrite from the known ethernet mcast dest MAC
673 rewrite = ethernet_build_rewrite (vnm,
676 ethernet_ip6_mcast_dst_addr ());
679 * Complete the remaining fields of the adj's rewrite to direct the
680 * complete of the rewrite at switch time by copying in the IP
681 * dst address's bytes.
682 * Ofset is 2 bytes into the desintation address.
684 offset = vec_len (rewrite) - 2;
685 adj_mcast_update_rewrite (ai, rewrite, offset);
689 case IP_LOOKUP_NEXT_DROP:
690 case IP_LOOKUP_NEXT_PUNT:
691 case IP_LOOKUP_NEXT_LOCAL:
692 case IP_LOOKUP_NEXT_REWRITE:
693 case IP_LOOKUP_NEXT_MCAST_MIDCHAIN:
694 case IP_LOOKUP_NEXT_MIDCHAIN:
695 case IP_LOOKUP_NEXT_ICMP_ERROR:
696 case IP_LOOKUP_N_NEXT:
704 ip6_neighbor_adj_fib_add (ip6_neighbor_t * n, u32 fib_index)
706 if (ip6_address_is_link_local_unicast (&n->key.ip6_address))
708 ip6_ll_prefix_t pfx = {
709 .ilp_addr = n->key.ip6_address,
710 .ilp_sw_if_index = n->key.sw_if_index,
713 ip6_ll_table_entry_update (&pfx, FIB_ROUTE_PATH_FLAG_NONE);
719 .fp_proto = FIB_PROTOCOL_IP6,
720 .fp_addr.ip6 = n->key.ip6_address,
724 fib_table_entry_path_add (fib_index, &pfx, FIB_SOURCE_ADJ,
725 FIB_ENTRY_FLAG_ATTACHED,
726 DPO_PROTO_IP6, &pfx.fp_addr,
727 n->key.sw_if_index, ~0, 1, NULL,
728 FIB_ROUTE_PATH_FLAG_NONE);
732 static ip6_neighbor_t *
733 force_reuse_neighbor_entry (void)
736 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
738 u32 index = pool_next_index (nm->neighbor_pool, nm->neighbor_delete_rotor);
739 if (index == ~0) /* Try again from elt 0 */
740 index = pool_next_index (nm->neighbor_pool, index);
742 /* Find a non-static random entry to free up for reuse */
745 if ((count++ == 100) || (index == ~0))
746 return NULL; /* give up after 100 entries */
747 n = pool_elt_at_index (nm->neighbor_pool, index);
748 nm->neighbor_delete_rotor = index;
749 index = pool_next_index (nm->neighbor_pool, index);
751 while (n->flags & IP6_NEIGHBOR_FLAG_STATIC);
753 /* Remove ARP entry from its interface and update fib */
754 adj_nbr_walk_nh6 (n->key.sw_if_index,
755 &n->key.ip6_address, ip6_nd_mk_incomplete_walk, NULL);
756 ip6_neighbor_adj_fib_remove
757 (n, ip6_fib_table_get_index_for_sw_if_index (n->key.sw_if_index));
758 mhash_unset (&nm->neighbor_index_by_key, &n->key, 0);
764 vnet_set_ip6_ethernet_neighbor (vlib_main_t * vm,
767 u8 * link_layer_address,
768 uword n_bytes_link_layer_address,
769 int is_static, int is_no_fib_entry)
771 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
772 ip6_neighbor_key_t k;
773 ip6_neighbor_t *n = 0;
774 int make_new_nd_cache_entry = 1;
777 pending_resolution_t *pr, *mc;
779 if (vlib_get_thread_index ())
781 set_unset_ip6_neighbor_rpc (vm, sw_if_index, a, link_layer_address,
782 1 /* set new neighbor */ , is_static,
787 k.sw_if_index = sw_if_index;
788 k.ip6_address = a[0];
791 p = mhash_get (&nm->neighbor_index_by_key, &k);
794 n = pool_elt_at_index (nm->neighbor_pool, p[0]);
795 /* Refuse to over-write static neighbor entry. */
796 if (!is_static && (n->flags & IP6_NEIGHBOR_FLAG_STATIC))
798 /* if MAC address match, still check to send event */
799 if (0 == memcmp (n->link_layer_address,
800 link_layer_address, n_bytes_link_layer_address))
801 goto check_customers;
804 make_new_nd_cache_entry = 0;
807 if (make_new_nd_cache_entry)
809 if (nm->limit_neighbor_cache_size &&
810 pool_elts (nm->neighbor_pool) >= nm->limit_neighbor_cache_size)
812 n = force_reuse_neighbor_entry ();
817 pool_get (nm->neighbor_pool, n);
819 mhash_set (&nm->neighbor_index_by_key, &k, n - nm->neighbor_pool,
822 n->fib_entry_index = FIB_NODE_INDEX_INVALID;
824 clib_memcpy (n->link_layer_address,
825 link_layer_address, n_bytes_link_layer_address);
828 * create the adj-fib. the entry in the FIB table for and to the peer.
830 if (!is_no_fib_entry)
832 ip6_neighbor_adj_fib_add
833 (n, ip6_fib_table_get_index_for_sw_if_index (n->key.sw_if_index));
837 n->flags |= IP6_NEIGHBOR_FLAG_NO_FIB_ENTRY;
843 * prevent a DoS attack from the data-plane that
844 * spams us with no-op updates to the MAC address
846 if (0 == memcmp (n->link_layer_address,
847 link_layer_address, n_bytes_link_layer_address))
849 n->time_last_updated = vlib_time_now (vm);
850 goto check_customers;
853 clib_memcpy (n->link_layer_address,
854 link_layer_address, n_bytes_link_layer_address);
857 /* Update time stamp and flags. */
858 n->time_last_updated = vlib_time_now (vm);
861 n->flags |= IP6_NEIGHBOR_FLAG_STATIC;
862 n->flags &= ~IP6_NEIGHBOR_FLAG_DYNAMIC;
866 n->flags |= IP6_NEIGHBOR_FLAG_DYNAMIC;
867 n->flags &= ~IP6_NEIGHBOR_FLAG_STATIC;
870 adj_nbr_walk_nh6 (sw_if_index,
871 &n->key.ip6_address, ip6_nd_mk_complete_walk, n);
874 /* Customer(s) waiting for this address to be resolved? */
875 p = mhash_get (&nm->pending_resolutions_by_address, a);
880 while (next_index != (u32) ~ 0)
882 pr = pool_elt_at_index (nm->pending_resolutions, next_index);
883 vlib_process_signal_event (vm, pr->node_index,
884 pr->type_opaque, pr->data);
885 next_index = pr->next_index;
886 pool_put (nm->pending_resolutions, pr);
889 mhash_unset (&nm->pending_resolutions_by_address, a, 0);
892 /* Customer(s) requesting ND event for this address? */
893 p = mhash_get (&nm->mac_changes_by_address, a);
898 while (next_index != (u32) ~ 0)
900 int (*fp) (u32, u8 *, u32, ip6_address_t *);
902 mc = pool_elt_at_index (nm->mac_changes, next_index);
903 fp = mc->data_callback;
905 /* Call the user's data callback, return 1 to suppress dup events */
908 (*fp) (mc->data, link_layer_address, sw_if_index, &ip6a_zero);
910 * Signal the resolver process, as long as the user
911 * says they want to be notified
914 vlib_process_signal_event (vm, mc->node_index,
915 mc->type_opaque, mc->data);
916 next_index = mc->next_index;
924 vnet_unset_ip6_ethernet_neighbor (vlib_main_t * vm,
927 u8 * link_layer_address,
928 uword n_bytes_link_layer_address)
930 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
931 ip6_neighbor_key_t k;
936 if (vlib_get_thread_index ())
938 set_unset_ip6_neighbor_rpc (vm, sw_if_index, a, link_layer_address,
939 0 /* unset */ , 0, 0);
943 k.sw_if_index = sw_if_index;
944 k.ip6_address = a[0];
947 p = mhash_get (&nm->neighbor_index_by_key, &k);
954 n = pool_elt_at_index (nm->neighbor_pool, p[0]);
956 adj_nbr_walk_nh6 (sw_if_index,
957 &n->key.ip6_address, ip6_nd_mk_incomplete_walk, NULL);
958 ip6_neighbor_adj_fib_remove
959 (n, ip6_fib_table_get_index_for_sw_if_index (sw_if_index));
961 mhash_unset (&nm->neighbor_index_by_key, &n->key, 0);
962 pool_put (nm->neighbor_pool, n);
968 static void ip6_neighbor_set_unset_rpc_callback
969 (ip6_neighbor_set_unset_rpc_args_t * a)
971 vlib_main_t *vm = vlib_get_main ();
973 vnet_set_ip6_ethernet_neighbor (vm, a->sw_if_index, &a->addr,
974 a->link_layer_address, 6, a->is_static,
977 vnet_unset_ip6_ethernet_neighbor (vm, a->sw_if_index, &a->addr,
978 a->link_layer_address, 6);
982 ip6_neighbor_sort (void *a1, void *a2)
984 vnet_main_t *vnm = vnet_get_main ();
985 ip6_neighbor_t *n1 = a1, *n2 = a2;
987 cmp = vnet_sw_interface_compare (vnm, n1->key.sw_if_index,
988 n2->key.sw_if_index);
990 cmp = ip6_address_compare (&n1->key.ip6_address, &n2->key.ip6_address);
995 ip6_neighbors_pool (void)
997 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
998 return nm->neighbor_pool;
1002 ip6_neighbors_entries (u32 sw_if_index)
1004 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
1005 ip6_neighbor_t *n, *ns = 0;
1008 pool_foreach (n, nm->neighbor_pool,
1010 if (sw_if_index != ~0 && n->key.sw_if_index != sw_if_index)
1012 vec_add1 (ns, n[0]);
1017 vec_sort_with_function (ns, ip6_neighbor_sort);
1021 static clib_error_t *
1022 show_ip6_neighbors (vlib_main_t * vm,
1023 unformat_input_t * input, vlib_cli_command_t * cmd)
1025 vnet_main_t *vnm = vnet_get_main ();
1026 ip6_neighbor_t *n, *ns;
1027 clib_error_t *error = 0;
1030 /* Filter entries by interface if given. */
1032 (void) unformat_user (input, unformat_vnet_sw_interface, vnm, &sw_if_index);
1034 ns = ip6_neighbors_entries (sw_if_index);
1037 vlib_cli_output (vm, "%U", format_ip6_neighbor_ip6_entry, vm, 0);
1040 vlib_cli_output (vm, "%U", format_ip6_neighbor_ip6_entry, vm, n);
1049 * This command is used to display the adjacent IPv6 hosts found via
1050 * neighbor discovery. Optionally, limit the output to the specified
1054 * Example of how to display the IPv6 neighbor adjacency table:
1055 * @cliexstart{show ip6 neighbors}
1056 * Time Address Flags Link layer Interface
1057 * 34.0910 ::a:1:1:0:7 02:fe:6a:07:39:6f GigabitEthernet2/0/0
1058 * 173.2916 ::b:5:1:c:2 02:fe:50:62:3a:94 GigabitEthernet2/0/0
1059 * 886.6654 ::1:1:c:0:9 S 02:fe:e4:45:27:5b GigabitEthernet3/0/0
1061 * Example of how to display the IPv6 neighbor adjacency table for given interface:
1062 * @cliexstart{show ip6 neighbors GigabitEthernet2/0/0}
1063 * Time Address Flags Link layer Interface
1064 * 34.0910 ::a:1:1:0:7 02:fe:6a:07:39:6f GigabitEthernet2/0/0
1065 * 173.2916 ::b:5:1:c:2 02:fe:50:62:3a:94 GigabitEthernet2/0/0
1069 VLIB_CLI_COMMAND (show_ip6_neighbors_command, static) = {
1070 .path = "show ip6 neighbors",
1071 .function = show_ip6_neighbors,
1072 .short_help = "show ip6 neighbors [<interface>]",
1076 static clib_error_t *
1077 set_ip6_neighbor (vlib_main_t * vm,
1078 unformat_input_t * input, vlib_cli_command_t * cmd)
1080 vnet_main_t *vnm = vnet_get_main ();
1086 int is_no_fib_entry = 0;
1089 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
1091 /* intfc, ip6-address, mac-address */
1092 if (unformat (input, "%U %U %U",
1093 unformat_vnet_sw_interface, vnm, &sw_if_index,
1094 unformat_ip6_address, &addr,
1095 unformat_ethernet_address, mac_address))
1098 else if (unformat (input, "delete") || unformat (input, "del"))
1100 else if (unformat (input, "static"))
1102 else if (unformat (input, "no-fib-entry"))
1103 is_no_fib_entry = 1;
1109 return clib_error_return (0, "Missing interface, ip6 or hw address");
1112 vnet_set_ip6_ethernet_neighbor (vm, sw_if_index, &addr,
1113 mac_address, sizeof (mac_address),
1114 is_static, is_no_fib_entry);
1116 vnet_unset_ip6_ethernet_neighbor (vm, sw_if_index, &addr,
1117 mac_address, sizeof (mac_address));
1122 * This command is used to manually add an entry to the IPv6 neighbor
1123 * adjacency table. Optionally, the entry can be added as static. It is
1124 * also used to remove an entry from the table. Use the '<em>show ip6
1125 * neighbors</em>' command to display all learned and manually entered entries.
1128 * Example of how to add a static entry to the IPv6 neighbor adjacency table:
1129 * @cliexcmd{set ip6 neighbor GigabitEthernet2/0/0 ::1:1:c:0:9 02:fe:e4:45:27:5b static}
1130 * Example of how to delete an entry from the IPv6 neighbor adjacency table:
1131 * @cliexcmd{set ip6 neighbor del GigabitEthernet2/0/0 ::1:1:c:0:9 02:fe:e4:45:27:5b}
1134 VLIB_CLI_COMMAND (set_ip6_neighbor_command, static) =
1136 .path = "set ip6 neighbor",
1137 .function = set_ip6_neighbor,
1138 .short_help = "set ip6 neighbor [del] <interface> <ip6-address> <mac-address> [static]",
1144 ICMP6_NEIGHBOR_SOLICITATION_NEXT_DROP,
1145 ICMP6_NEIGHBOR_SOLICITATION_NEXT_REPLY,
1146 ICMP6_NEIGHBOR_SOLICITATION_N_NEXT,
1147 } icmp6_neighbor_solicitation_or_advertisement_next_t;
1149 static_always_inline uword
1150 icmp6_neighbor_solicitation_or_advertisement (vlib_main_t * vm,
1151 vlib_node_runtime_t * node,
1152 vlib_frame_t * frame,
1153 uword is_solicitation)
1155 vnet_main_t *vnm = vnet_get_main ();
1156 ip6_main_t *im = &ip6_main;
1157 uword n_packets = frame->n_vectors;
1158 u32 *from, *to_next;
1159 u32 n_left_from, n_left_to_next, next_index, n_advertisements_sent;
1160 icmp6_neighbor_discovery_option_type_t option_type;
1161 vlib_node_runtime_t *error_node =
1162 vlib_node_get_runtime (vm, ip6_icmp_input_node.index);
1165 from = vlib_frame_vector_args (frame);
1166 n_left_from = n_packets;
1167 next_index = node->cached_next_index;
1169 if (node->flags & VLIB_NODE_FLAG_TRACE)
1170 vlib_trace_frame_buffers_only (vm, node, from, frame->n_vectors,
1172 sizeof (icmp6_input_trace_t));
1176 ? ICMP6_NEIGHBOR_DISCOVERY_OPTION_source_link_layer_address
1177 : ICMP6_NEIGHBOR_DISCOVERY_OPTION_target_link_layer_address);
1178 n_advertisements_sent = 0;
1180 while (n_left_from > 0)
1182 vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
1184 while (n_left_from > 0 && n_left_to_next > 0)
1188 icmp6_neighbor_solicitation_or_advertisement_header_t *h0;
1189 icmp6_neighbor_discovery_ethernet_link_layer_address_option_t *o0;
1190 u32 bi0, options_len0, sw_if_index0, next0, error0;
1191 u32 ip6_sadd_link_local, ip6_sadd_unspecified;
1195 bi0 = to_next[0] = from[0];
1200 n_left_to_next -= 1;
1202 p0 = vlib_get_buffer (vm, bi0);
1203 ip0 = vlib_buffer_get_current (p0);
1204 h0 = ip6_next_header (ip0);
1206 clib_net_to_host_u16 (ip0->payload_length) - sizeof (h0[0]);
1208 error0 = ICMP6_ERROR_NONE;
1209 sw_if_index0 = vnet_buffer (p0)->sw_if_index[VLIB_RX];
1210 ip6_sadd_link_local =
1211 ip6_address_is_link_local_unicast (&ip0->src_address);
1212 ip6_sadd_unspecified =
1213 ip6_address_is_unspecified (&ip0->src_address);
1215 /* Check that source address is unspecified, link-local or else on-link. */
1216 if (!ip6_sadd_unspecified && !ip6_sadd_link_local)
1218 u32 src_adj_index0 = ip6_src_lookup_for_packet (im, p0, ip0);
1220 if (ADJ_INDEX_INVALID != src_adj_index0)
1222 ip_adjacency_t *adj0 = adj_get (src_adj_index0);
1224 /* Allow all realistic-looking rewrite adjacencies to pass */
1225 ni0 = adj0->lookup_next_index;
1226 is_rewrite0 = (ni0 >= IP_LOOKUP_NEXT_ARP) &&
1227 (ni0 < IP6_LOOKUP_N_NEXT);
1229 error0 = ((adj0->rewrite_header.sw_if_index != sw_if_index0
1232 ICMP6_ERROR_NEIGHBOR_SOLICITATION_SOURCE_NOT_ON_LINK
1238 ICMP6_ERROR_NEIGHBOR_SOLICITATION_SOURCE_NOT_ON_LINK;
1242 o0 = (void *) (h0 + 1);
1243 o0 = ((options_len0 == 8 && o0->header.type == option_type
1244 && o0->header.n_data_u64s == 1) ? o0 : 0);
1246 /* If src address unspecified or link local, donot learn neighbor MAC */
1247 if (PREDICT_TRUE (error0 == ICMP6_ERROR_NONE && o0 != 0 &&
1248 !ip6_sadd_unspecified))
1250 vnet_set_ip6_ethernet_neighbor (vm, sw_if_index0,
1253 &h0->target_address,
1254 o0->ethernet_address,
1255 sizeof (o0->ethernet_address),
1259 if (is_solicitation && error0 == ICMP6_ERROR_NONE)
1261 /* Check that target address is local to this router. */
1262 fib_node_index_t fei;
1266 ip6_fib_table_get_index_for_sw_if_index (sw_if_index0);
1268 if (~0 == fib_index)
1270 error0 = ICMP6_ERROR_NEIGHBOR_SOLICITATION_SOURCE_UNKNOWN;
1274 if (ip6_address_is_link_local_unicast (&h0->target_address))
1276 fei = ip6_fib_table_lookup_exact_match
1277 (ip6_ll_fib_get (sw_if_index0),
1278 &h0->target_address, 128);
1282 fei = ip6_fib_table_lookup_exact_match (fib_index,
1283 &h0->target_address,
1287 if (FIB_NODE_INDEX_INVALID == fei)
1289 /* The target address is not in the FIB */
1291 ICMP6_ERROR_NEIGHBOR_SOLICITATION_SOURCE_UNKNOWN;
1295 if (FIB_ENTRY_FLAG_LOCAL &
1296 fib_entry_get_flags_for_source (fei,
1297 FIB_SOURCE_INTERFACE))
1299 /* It's an address that belongs to one of our interfaces
1303 if (fib_entry_is_sourced
1304 (fei, FIB_SOURCE_IP6_ND_PROXY) ||
1305 fib_entry_is_sourced (fei, FIB_SOURCE_IP6_ND))
1307 /* The address was added by IPv6 Proxy ND config.
1308 * We should only respond to these if the NS arrived on
1309 * the link that has a matching covering prefix */
1314 ICMP6_ERROR_NEIGHBOR_SOLICITATION_SOURCE_UNKNOWN;
1320 if (is_solicitation)
1321 next0 = (error0 != ICMP6_ERROR_NONE
1322 ? ICMP6_NEIGHBOR_SOLICITATION_NEXT_DROP
1323 : ICMP6_NEIGHBOR_SOLICITATION_NEXT_REPLY);
1327 error0 = error0 == ICMP6_ERROR_NONE ?
1328 ICMP6_ERROR_NEIGHBOR_ADVERTISEMENTS_RX : error0;
1331 if (is_solicitation && error0 == ICMP6_ERROR_NONE)
1333 vnet_sw_interface_t *sw_if0;
1334 ethernet_interface_t *eth_if0;
1335 ethernet_header_t *eth0;
1337 /* dst address is either source address or the all-nodes mcast addr */
1338 if (!ip6_sadd_unspecified)
1339 ip0->dst_address = ip0->src_address;
1341 ip6_set_reserved_multicast_address (&ip0->dst_address,
1342 IP6_MULTICAST_SCOPE_link_local,
1343 IP6_MULTICAST_GROUP_ID_all_hosts);
1345 ip0->src_address = h0->target_address;
1346 ip0->hop_limit = 255;
1347 h0->icmp.type = ICMP6_neighbor_advertisement;
1349 sw_if0 = vnet_get_sup_sw_interface (vnm, sw_if_index0);
1350 ASSERT (sw_if0->type == VNET_SW_INTERFACE_TYPE_HARDWARE);
1352 ethernet_get_interface (ðernet_main, sw_if0->hw_if_index);
1355 clib_memcpy (o0->ethernet_address, eth_if0->address, 6);
1357 ICMP6_NEIGHBOR_DISCOVERY_OPTION_target_link_layer_address;
1360 h0->advertisement_flags = clib_host_to_net_u32
1361 (ICMP6_NEIGHBOR_ADVERTISEMENT_FLAG_SOLICITED
1362 | ICMP6_NEIGHBOR_ADVERTISEMENT_FLAG_OVERRIDE);
1364 h0->icmp.checksum = 0;
1366 ip6_tcp_udp_icmp_compute_checksum (vm, p0, ip0,
1368 ASSERT (bogus_length == 0);
1370 /* Reuse current MAC header, copy SMAC to DMAC and
1371 * interface MAC to SMAC */
1372 vlib_buffer_advance (p0, -ethernet_buffer_header_size (p0));
1373 eth0 = vlib_buffer_get_current (p0);
1374 clib_memcpy (eth0->dst_address, eth0->src_address, 6);
1376 clib_memcpy (eth0->src_address, eth_if0->address, 6);
1378 /* Setup input and output sw_if_index for packet */
1379 ASSERT (vnet_buffer (p0)->sw_if_index[VLIB_RX] == sw_if_index0);
1380 vnet_buffer (p0)->sw_if_index[VLIB_TX] = sw_if_index0;
1381 vnet_buffer (p0)->sw_if_index[VLIB_RX] =
1382 vnet_main.local_interface_sw_if_index;
1384 n_advertisements_sent++;
1387 p0->error = error_node->errors[error0];
1389 vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
1390 to_next, n_left_to_next,
1394 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
1397 /* Account for advertisements sent. */
1398 vlib_error_count (vm, error_node->node_index,
1399 ICMP6_ERROR_NEIGHBOR_ADVERTISEMENTS_TX,
1400 n_advertisements_sent);
1402 return frame->n_vectors;
1405 /* for "syslogging" - use elog for now */
1406 #define foreach_log_level \
1407 _ (DEBUG, "DEBUG") \
1408 _ (INFO, "INFORMATION") \
1409 _ (NOTICE, "NOTICE") \
1410 _ (WARNING, "WARNING") \
1412 _ (CRIT, "CRITICAL") \
1413 _ (ALERT, "ALERT") \
1414 _ (EMERG, "EMERGENCY")
1418 #define _(f,s) LOG_##f,
1423 static char *log_level_strings[] = {
1429 static int logmask = 1 << LOG_DEBUG;
1432 ip6_neighbor_syslog (vlib_main_t * vm, int priority, char *fmt, ...)
1434 /* just use elog for now */
1438 if ((priority > LOG_EMERG) || !(logmask & (1 << priority)))
1444 what = va_format (0, fmt, &va);
1446 ELOG_TYPE_DECLARE (e) =
1448 .format = "ip6 nd: (%s): %s",.format_args = "T4T4",};
1453 ed = ELOG_DATA (&vm->elog_main, e);
1454 ed->s[0] = elog_string (&vm->elog_main, log_level_strings[priority]);
1455 ed->s[1] = elog_string (&vm->elog_main, (char *) what);
1462 call_ip6_neighbor_callbacks (void *data,
1463 _vnet_ip6_neighbor_function_list_elt_t * elt)
1465 clib_error_t *error = 0;
1469 error = elt->fp (data);
1472 elt = elt->next_ip6_neighbor_function;
1478 /* ipv6 neighbor discovery - router advertisements */
1481 ICMP6_ROUTER_SOLICITATION_NEXT_DROP,
1482 ICMP6_ROUTER_SOLICITATION_NEXT_REPLY_RW,
1483 ICMP6_ROUTER_SOLICITATION_NEXT_REPLY_TX,
1484 ICMP6_ROUTER_SOLICITATION_N_NEXT,
1485 } icmp6_router_solicitation_or_advertisement_next_t;
1487 static_always_inline uword
1488 icmp6_router_solicitation (vlib_main_t * vm,
1489 vlib_node_runtime_t * node, vlib_frame_t * frame)
1491 vnet_main_t *vnm = vnet_get_main ();
1492 ip6_main_t *im = &ip6_main;
1493 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
1494 uword n_packets = frame->n_vectors;
1495 u32 *from, *to_next;
1496 u32 n_left_from, n_left_to_next, next_index;
1497 u32 n_advertisements_sent = 0;
1500 icmp6_neighbor_discovery_option_type_t option_type;
1502 vlib_node_runtime_t *error_node =
1503 vlib_node_get_runtime (vm, ip6_icmp_input_node.index);
1505 from = vlib_frame_vector_args (frame);
1506 n_left_from = n_packets;
1507 next_index = node->cached_next_index;
1509 if (node->flags & VLIB_NODE_FLAG_TRACE)
1510 vlib_trace_frame_buffers_only (vm, node, from, frame->n_vectors,
1512 sizeof (icmp6_input_trace_t));
1514 /* source may append his LL address */
1515 option_type = ICMP6_NEIGHBOR_DISCOVERY_OPTION_source_link_layer_address;
1517 while (n_left_from > 0)
1519 vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
1521 while (n_left_from > 0 && n_left_to_next > 0)
1525 ip6_radv_t *radv_info = 0;
1527 icmp6_neighbor_discovery_header_t *h0;
1528 icmp6_neighbor_discovery_ethernet_link_layer_address_option_t *o0;
1530 u32 bi0, options_len0, sw_if_index0, next0, error0;
1531 u32 is_solicitation = 1, is_dropped = 0;
1532 u32 is_unspecified, is_link_local;
1534 bi0 = to_next[0] = from[0];
1539 n_left_to_next -= 1;
1541 p0 = vlib_get_buffer (vm, bi0);
1542 ip0 = vlib_buffer_get_current (p0);
1543 h0 = ip6_next_header (ip0);
1545 clib_net_to_host_u16 (ip0->payload_length) - sizeof (h0[0]);
1546 is_unspecified = ip6_address_is_unspecified (&ip0->src_address);
1548 ip6_address_is_link_local_unicast (&ip0->src_address);
1550 error0 = ICMP6_ERROR_NONE;
1551 sw_if_index0 = vnet_buffer (p0)->sw_if_index[VLIB_RX];
1553 /* check if solicitation (not from nd_timer node) */
1554 if (ip6_address_is_unspecified (&ip0->dst_address))
1555 is_solicitation = 0;
1557 /* Check that source address is unspecified, link-local or else on-link. */
1558 if (!is_unspecified && !is_link_local)
1560 u32 src_adj_index0 = ip6_src_lookup_for_packet (im, p0, ip0);
1562 if (ADJ_INDEX_INVALID != src_adj_index0)
1564 ip_adjacency_t *adj0 = adj_get (src_adj_index0);
1566 error0 = (adj0->rewrite_header.sw_if_index != sw_if_index0
1568 ICMP6_ERROR_ROUTER_SOLICITATION_SOURCE_NOT_ON_LINK
1573 error0 = ICMP6_ERROR_ROUTER_SOLICITATION_SOURCE_NOT_ON_LINK;
1577 /* check for source LL option and process */
1578 o0 = (void *) (h0 + 1);
1579 o0 = ((options_len0 == 8
1580 && o0->header.type == option_type
1581 && o0->header.n_data_u64s == 1) ? o0 : 0);
1583 /* if src address unspecified IGNORE any options */
1584 if (PREDICT_TRUE (error0 == ICMP6_ERROR_NONE && o0 != 0 &&
1585 !is_unspecified && !is_link_local))
1587 vnet_set_ip6_ethernet_neighbor (vm, sw_if_index0,
1589 o0->ethernet_address,
1590 sizeof (o0->ethernet_address),
1594 /* default is to drop */
1595 next0 = ICMP6_ROUTER_SOLICITATION_NEXT_DROP;
1597 if (error0 == ICMP6_ERROR_NONE)
1599 vnet_sw_interface_t *sw_if0;
1600 ethernet_interface_t *eth_if0;
1603 sw_if0 = vnet_get_sup_sw_interface (vnm, sw_if_index0);
1604 ASSERT (sw_if0->type == VNET_SW_INTERFACE_TYPE_HARDWARE);
1606 ethernet_get_interface (ðernet_main, sw_if0->hw_if_index);
1608 /* only support ethernet interface type for now */
1610 (!eth_if0) ? ICMP6_ERROR_ROUTER_SOLICITATION_UNSUPPORTED_INTF
1613 if (error0 == ICMP6_ERROR_NONE)
1617 /* adjust the sizeof the buffer to just include the ipv6 header */
1618 p0->current_length -=
1620 sizeof (icmp6_neighbor_discovery_header_t));
1622 /* look up the radv_t information for this interface */
1623 if (vec_len (nm->if_radv_pool_index_by_sw_if_index) >
1627 nm->if_radv_pool_index_by_sw_if_index[sw_if_index0];
1630 radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
1635 ICMP6_ERROR_ROUTER_SOLICITATION_RADV_NOT_CONFIG :
1638 if (error0 == ICMP6_ERROR_NONE)
1640 f64 now = vlib_time_now (vm);
1642 /* for solicited adverts - need to rate limit */
1643 if (is_solicitation)
1645 if (0 != radv_info->last_radv_time &&
1646 (now - radv_info->last_radv_time) <
1647 MIN_DELAY_BETWEEN_RAS)
1650 radv_info->last_radv_time = now;
1654 icmp6_router_advertisement_header_t rh;
1656 rh.icmp.type = ICMP6_router_advertisement;
1658 rh.icmp.checksum = 0;
1660 rh.current_hop_limit = radv_info->curr_hop_limit;
1661 rh.router_lifetime_in_sec =
1662 clib_host_to_net_u16
1663 (radv_info->adv_router_lifetime_in_sec);
1665 time_in_msec_between_retransmitted_neighbor_solicitations
1667 clib_host_to_net_u32 (radv_info->
1668 adv_time_in_msec_between_retransmitted_neighbor_solicitations);
1669 rh.neighbor_reachable_time_in_msec =
1670 clib_host_to_net_u32 (radv_info->
1671 adv_neighbor_reachable_time_in_msec);
1674 (radv_info->adv_managed_flag) ?
1675 ICMP6_ROUTER_DISCOVERY_FLAG_ADDRESS_CONFIG_VIA_DHCP :
1678 ((radv_info->adv_other_flag) ?
1679 ICMP6_ROUTER_DISCOVERY_FLAG_OTHER_CONFIG_VIA_DHCP :
1683 u16 payload_length =
1684 sizeof (icmp6_router_advertisement_header_t);
1686 vlib_buffer_add_data (vm,
1687 vlib_buffer_get_free_list_index
1688 (p0), bi0, (void *) &rh,
1690 (icmp6_router_advertisement_header_t));
1692 if (radv_info->adv_link_layer_address)
1694 icmp6_neighbor_discovery_ethernet_link_layer_address_option_t
1698 ICMP6_NEIGHBOR_DISCOVERY_OPTION_source_link_layer_address;
1699 h.header.n_data_u64s = 1;
1701 /* copy ll address */
1702 clib_memcpy (&h.ethernet_address[0],
1703 eth_if0->address, 6);
1705 vlib_buffer_add_data (vm,
1706 vlib_buffer_get_free_list_index
1707 (p0), bi0, (void *) &h,
1709 (icmp6_neighbor_discovery_ethernet_link_layer_address_option_t));
1713 (icmp6_neighbor_discovery_ethernet_link_layer_address_option_t);
1716 /* add MTU option */
1717 if (radv_info->adv_link_mtu)
1719 icmp6_neighbor_discovery_mtu_option_t h;
1723 clib_host_to_net_u32 (radv_info->adv_link_mtu);
1724 h.header.type = ICMP6_NEIGHBOR_DISCOVERY_OPTION_mtu;
1725 h.header.n_data_u64s = 1;
1728 sizeof (icmp6_neighbor_discovery_mtu_option_t);
1730 vlib_buffer_add_data (vm,
1731 vlib_buffer_get_free_list_index
1732 (p0), bi0, (void *) &h,
1734 (icmp6_neighbor_discovery_mtu_option_t));
1737 /* add advertised prefix options */
1738 ip6_radv_prefix_t *pr_info;
1741 pool_foreach (pr_info, radv_info->adv_prefixes_pool,
1743 if(pr_info->enabled &&
1744 (!pr_info->decrement_lifetime_flag
1745 || (pr_info->pref_lifetime_expires >0)))
1747 /* advertise this prefix */
1748 icmp6_neighbor_discovery_prefix_information_option_t h;
1750 h.header.type = ICMP6_NEIGHBOR_DISCOVERY_OPTION_prefix_information;
1751 h.header.n_data_u64s = (sizeof(icmp6_neighbor_discovery_prefix_information_option_t) >> 3);
1753 h.dst_address_length = pr_info->prefix_len;
1755 h.flags = (pr_info->adv_on_link_flag) ? ICMP6_NEIGHBOR_DISCOVERY_PREFIX_INFORMATION_FLAG_ON_LINK : 0;
1756 h.flags |= (pr_info->adv_autonomous_flag) ? ICMP6_NEIGHBOR_DISCOVERY_PREFIX_INFORMATION_AUTO : 0;
1758 if(radv_info->cease_radv && pr_info->deprecated_prefix_flag)
1760 h.valid_time = clib_host_to_net_u32(MIN_ADV_VALID_LIFETIME);
1761 h.preferred_time = 0;
1765 if(pr_info->decrement_lifetime_flag)
1767 pr_info->adv_valid_lifetime_in_secs = ((pr_info->valid_lifetime_expires > now)) ?
1768 (pr_info->valid_lifetime_expires - now) : 0;
1770 pr_info->adv_pref_lifetime_in_secs = ((pr_info->pref_lifetime_expires > now)) ?
1771 (pr_info->pref_lifetime_expires - now) : 0;
1774 h.valid_time = clib_host_to_net_u32(pr_info->adv_valid_lifetime_in_secs);
1775 h.preferred_time = clib_host_to_net_u32(pr_info->adv_pref_lifetime_in_secs) ;
1779 clib_memcpy(&h.dst_address, &pr_info->prefix, sizeof(ip6_address_t));
1781 payload_length += sizeof( icmp6_neighbor_discovery_prefix_information_option_t);
1783 vlib_buffer_add_data (vm,
1784 vlib_buffer_get_free_list_index (p0),
1786 (void *)&h, sizeof(icmp6_neighbor_discovery_prefix_information_option_t));
1792 /* add additional options before here */
1794 /* finish building the router advertisement... */
1795 if (!is_unspecified && radv_info->send_unicast)
1797 ip0->dst_address = ip0->src_address;
1801 /* target address is all-nodes mcast addr */
1802 ip6_set_reserved_multicast_address
1804 IP6_MULTICAST_SCOPE_link_local,
1805 IP6_MULTICAST_GROUP_ID_all_hosts);
1808 /* source address MUST be the link-local address */
1809 ip0->src_address = radv_info->link_local_address;
1811 ip0->hop_limit = 255;
1812 ip0->payload_length =
1813 clib_host_to_net_u16 (payload_length);
1815 icmp6_router_advertisement_header_t *rh0 =
1816 (icmp6_router_advertisement_header_t *) (ip0 + 1);
1817 rh0->icmp.checksum =
1818 ip6_tcp_udp_icmp_compute_checksum (vm, p0, ip0,
1820 ASSERT (bogus_length == 0);
1822 /* setup output if and adjacency */
1823 vnet_buffer (p0)->sw_if_index[VLIB_RX] =
1824 vnet_main.local_interface_sw_if_index;
1826 if (is_solicitation)
1828 ethernet_header_t *eth0;
1829 /* Reuse current MAC header, copy SMAC to DMAC and
1830 * interface MAC to SMAC */
1831 vlib_buffer_reset (p0);
1832 eth0 = vlib_buffer_get_current (p0);
1833 clib_memcpy (eth0->dst_address, eth0->src_address,
1835 clib_memcpy (eth0->src_address, eth_if0->address,
1838 is_dropped ? next0 :
1839 ICMP6_ROUTER_SOLICITATION_NEXT_REPLY_TX;
1840 vnet_buffer (p0)->sw_if_index[VLIB_TX] =
1845 adj_index0 = radv_info->mcast_adj_index;
1846 if (adj_index0 == 0)
1847 error0 = ICMP6_ERROR_DST_LOOKUP_MISS;
1851 is_dropped ? next0 :
1852 ICMP6_ROUTER_SOLICITATION_NEXT_REPLY_RW;
1853 vnet_buffer (p0)->ip.adj_index[VLIB_TX] =
1857 p0->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED;
1859 radv_info->n_solicitations_dropped += is_dropped;
1860 radv_info->n_solicitations_rcvd += is_solicitation;
1862 if ((error0 == ICMP6_ERROR_NONE) && !is_dropped)
1864 radv_info->n_advertisements_sent++;
1865 n_advertisements_sent++;
1871 p0->error = error_node->errors[error0];
1873 if (error0 != ICMP6_ERROR_NONE)
1874 vlib_error_count (vm, error_node->node_index, error0, 1);
1876 vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
1877 to_next, n_left_to_next,
1882 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
1885 /* Account for router advertisements sent. */
1886 vlib_error_count (vm, error_node->node_index,
1887 ICMP6_ERROR_ROUTER_ADVERTISEMENTS_TX,
1888 n_advertisements_sent);
1890 return frame->n_vectors;
1893 /* validate advertised info for consistancy (see RFC-4861 section 6.2.7) - log any inconsistencies, packet will always be dropped */
1894 static_always_inline uword
1895 icmp6_router_advertisement (vlib_main_t * vm,
1896 vlib_node_runtime_t * node, vlib_frame_t * frame)
1898 vnet_main_t *vnm = vnet_get_main ();
1899 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
1900 uword n_packets = frame->n_vectors;
1901 u32 *from, *to_next;
1902 u32 n_left_from, n_left_to_next, next_index;
1903 u32 n_advertisements_rcvd = 0;
1905 vlib_node_runtime_t *error_node =
1906 vlib_node_get_runtime (vm, ip6_icmp_input_node.index);
1908 from = vlib_frame_vector_args (frame);
1909 n_left_from = n_packets;
1910 next_index = node->cached_next_index;
1912 if (node->flags & VLIB_NODE_FLAG_TRACE)
1913 vlib_trace_frame_buffers_only (vm, node, from, frame->n_vectors,
1915 sizeof (icmp6_input_trace_t));
1917 while (n_left_from > 0)
1919 vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
1921 while (n_left_from > 0 && n_left_to_next > 0)
1925 ip6_radv_t *radv_info = 0;
1926 icmp6_router_advertisement_header_t *h0;
1927 u32 bi0, options_len0, sw_if_index0, next0, error0;
1929 bi0 = to_next[0] = from[0];
1934 n_left_to_next -= 1;
1936 p0 = vlib_get_buffer (vm, bi0);
1937 ip0 = vlib_buffer_get_current (p0);
1938 h0 = ip6_next_header (ip0);
1940 clib_net_to_host_u16 (ip0->payload_length) - sizeof (h0[0]);
1942 error0 = ICMP6_ERROR_NONE;
1943 sw_if_index0 = vnet_buffer (p0)->sw_if_index[VLIB_RX];
1945 /* Check that source address is link-local */
1946 error0 = (!ip6_address_is_link_local_unicast (&ip0->src_address)) ?
1947 ICMP6_ERROR_ROUTER_ADVERTISEMENT_SOURCE_NOT_LINK_LOCAL : error0;
1949 /* default is to drop */
1950 next0 = ICMP6_ROUTER_SOLICITATION_NEXT_DROP;
1952 n_advertisements_rcvd++;
1954 if (error0 == ICMP6_ERROR_NONE)
1956 vnet_sw_interface_t *sw_if0;
1957 ethernet_interface_t *eth_if0;
1959 sw_if0 = vnet_get_sup_sw_interface (vnm, sw_if_index0);
1960 ASSERT (sw_if0->type == VNET_SW_INTERFACE_TYPE_HARDWARE);
1962 ethernet_get_interface (ðernet_main, sw_if0->hw_if_index);
1964 /* only support ethernet interface type for now */
1966 (!eth_if0) ? ICMP6_ERROR_ROUTER_SOLICITATION_UNSUPPORTED_INTF
1969 if (error0 == ICMP6_ERROR_NONE)
1973 /* look up the radv_t information for this interface */
1974 if (vec_len (nm->if_radv_pool_index_by_sw_if_index) >
1978 nm->if_radv_pool_index_by_sw_if_index[sw_if_index0];
1981 radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
1986 ICMP6_ERROR_ROUTER_SOLICITATION_RADV_NOT_CONFIG :
1989 if (error0 == ICMP6_ERROR_NONE)
1991 radv_info->keep_sending_rs = 0;
1995 r.sw_if_index = sw_if_index0;
1996 memcpy (r.router_address, &ip0->src_address, 16);
1997 r.current_hop_limit = h0->current_hop_limit;
1998 r.flags = h0->flags;
1999 r.router_lifetime_in_sec =
2000 clib_net_to_host_u16 (h0->router_lifetime_in_sec);
2001 r.neighbor_reachable_time_in_msec =
2002 clib_net_to_host_u32
2003 (h0->neighbor_reachable_time_in_msec);
2004 r.time_in_msec_between_retransmitted_neighbor_solicitations = clib_net_to_host_u32 (h0->time_in_msec_between_retransmitted_neighbor_solicitations);
2007 /* validate advertised information */
2008 if ((h0->current_hop_limit && radv_info->curr_hop_limit)
2009 && (h0->current_hop_limit !=
2010 radv_info->curr_hop_limit))
2012 ip6_neighbor_syslog (vm, LOG_WARNING,
2013 "our AdvCurHopLimit on %U doesn't agree with %U",
2014 format_vnet_sw_if_index_name,
2021 ICMP6_ROUTER_DISCOVERY_FLAG_ADDRESS_CONFIG_VIA_DHCP)
2022 != radv_info->adv_managed_flag)
2024 ip6_neighbor_syslog (vm, LOG_WARNING,
2025 "our AdvManagedFlag on %U doesn't agree with %U",
2026 format_vnet_sw_if_index_name,
2033 ICMP6_ROUTER_DISCOVERY_FLAG_OTHER_CONFIG_VIA_DHCP)
2034 != radv_info->adv_other_flag)
2036 ip6_neighbor_syslog (vm, LOG_WARNING,
2037 "our AdvOtherConfigFlag on %U doesn't agree with %U",
2038 format_vnet_sw_if_index_name,
2045 time_in_msec_between_retransmitted_neighbor_solicitations
2047 adv_time_in_msec_between_retransmitted_neighbor_solicitations)
2049 time_in_msec_between_retransmitted_neighbor_solicitations
2051 clib_host_to_net_u32 (radv_info->
2052 adv_time_in_msec_between_retransmitted_neighbor_solicitations)))
2054 ip6_neighbor_syslog (vm, LOG_WARNING,
2055 "our AdvRetransTimer on %U doesn't agree with %U",
2056 format_vnet_sw_if_index_name,
2062 if ((h0->neighbor_reachable_time_in_msec &&
2063 radv_info->adv_neighbor_reachable_time_in_msec) &&
2064 (h0->neighbor_reachable_time_in_msec !=
2065 clib_host_to_net_u32
2066 (radv_info->adv_neighbor_reachable_time_in_msec)))
2068 ip6_neighbor_syslog (vm, LOG_WARNING,
2069 "our AdvReachableTime on %U doesn't agree with %U",
2070 format_vnet_sw_if_index_name,
2076 /* check for MTU or prefix options or .. */
2077 u8 *opt_hdr = (u8 *) (h0 + 1);
2078 while (options_len0 > 0)
2080 icmp6_neighbor_discovery_option_header_t *o0 =
2081 (icmp6_neighbor_discovery_option_header_t *)
2083 int opt_len = o0->n_data_u64s << 3;
2084 icmp6_neighbor_discovery_option_type_t option_type =
2087 if (options_len0 < 2)
2089 ip6_neighbor_syslog (vm, LOG_ERR,
2090 "malformed RA packet on %U from %U",
2091 format_vnet_sw_if_index_name,
2100 ip6_neighbor_syslog (vm, LOG_ERR,
2101 " zero length option in RA on %U from %U",
2102 format_vnet_sw_if_index_name,
2108 else if (opt_len > options_len0)
2110 ip6_neighbor_syslog (vm, LOG_ERR,
2111 "option length in RA packet greater than total length on %U from %U",
2112 format_vnet_sw_if_index_name,
2119 options_len0 -= opt_len;
2122 switch (option_type)
2124 case ICMP6_NEIGHBOR_DISCOVERY_OPTION_source_link_layer_address:
2126 icmp6_neighbor_discovery_ethernet_link_layer_address_option_t
2128 (icmp6_neighbor_discovery_ethernet_link_layer_address_option_t
2131 if (opt_len < sizeof (*h))
2134 memcpy (r.slla, h->ethernet_address, 6);
2138 case ICMP6_NEIGHBOR_DISCOVERY_OPTION_mtu:
2140 icmp6_neighbor_discovery_mtu_option_t *h =
2141 (icmp6_neighbor_discovery_mtu_option_t
2144 if (opt_len < sizeof (*h))
2147 r.mtu = clib_net_to_host_u32 (h->mtu);
2149 if ((h->mtu && radv_info->adv_link_mtu) &&
2151 clib_host_to_net_u32
2152 (radv_info->adv_link_mtu)))
2154 ip6_neighbor_syslog (vm, LOG_WARNING,
2155 "our AdvLinkMTU on %U doesn't agree with %U",
2156 format_vnet_sw_if_index_name,
2164 case ICMP6_NEIGHBOR_DISCOVERY_OPTION_prefix_information:
2166 icmp6_neighbor_discovery_prefix_information_option_t
2168 (icmp6_neighbor_discovery_prefix_information_option_t
2171 /* validate advertised prefix options */
2172 ip6_radv_prefix_t *pr_info;
2173 u32 preferred, valid;
2175 if (opt_len < sizeof (*h))
2178 vec_validate (r.prefixes,
2179 vec_len (r.prefixes));
2180 ra_report_prefix_info_t *prefix =
2181 vec_elt_at_index (r.prefixes,
2182 vec_len (r.prefixes) - 1);
2185 clib_net_to_host_u32 (h->preferred_time);
2186 valid = clib_net_to_host_u32 (h->valid_time);
2188 prefix->preferred_time = preferred;
2189 prefix->valid_time = valid;
2190 prefix->flags = h->flags & 0xc0;
2191 prefix->dst_address_length =
2192 h->dst_address_length;
2193 prefix->dst_address = h->dst_address;
2195 /* look for matching prefix - if we our advertising it, it better be consistant */
2197 pool_foreach (pr_info, radv_info->adv_prefixes_pool,
2201 ip6_address_mask_from_width(&mask, pr_info->prefix_len);
2203 if(pr_info->enabled &&
2204 (pr_info->prefix_len == h->dst_address_length) &&
2205 ip6_address_is_equal_masked (&pr_info->prefix, &h->dst_address, &mask))
2208 if(!pr_info->decrement_lifetime_flag &&
2209 valid != pr_info->adv_valid_lifetime_in_secs)
2211 ip6_neighbor_syslog(vm, LOG_WARNING,
2212 "our ADV validlifetime on %U for %U does not agree with %U",
2213 format_vnet_sw_if_index_name, vnm, sw_if_index0,format_ip6_address, &pr_info->prefix,
2214 format_ip6_address, &h->dst_address);
2216 if(!pr_info->decrement_lifetime_flag &&
2217 preferred != pr_info->adv_pref_lifetime_in_secs)
2219 ip6_neighbor_syslog(vm, LOG_WARNING,
2220 "our ADV preferredlifetime on %U for %U does not agree with %U",
2221 format_vnet_sw_if_index_name, vnm, sw_if_index0,format_ip6_address, &pr_info->prefix,
2222 format_ip6_address, &h->dst_address);
2240 p0->error = error_node->errors[error0];
2242 if (error0 != ICMP6_ERROR_NONE)
2243 vlib_error_count (vm, error_node->node_index, error0, 1);
2245 vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
2246 to_next, n_left_to_next,
2250 vlib_put_next_frame (vm, node, next_index, n_left_to_next);
2253 /* Account for router advertisements received. */
2254 vlib_error_count (vm, error_node->node_index,
2255 ICMP6_ERROR_ROUTER_ADVERTISEMENTS_RX,
2256 n_advertisements_rcvd);
2258 return frame->n_vectors;
2262 random_f64_from_to (f64 from, f64 to)
2264 static u32 seed = 0;
2265 static u8 seed_set = 0;
2268 seed = random_default_seed ();
2271 return random_f64 (&seed) * (to - from) + from;
2275 get_mac_address (u32 sw_if_index, u8 * address)
2277 vnet_main_t *vnm = vnet_get_main ();
2278 vnet_hw_interface_t *hw_if = vnet_get_sup_hw_interface (vnm, sw_if_index);
2279 if (!hw_if->hw_address)
2281 clib_memcpy (address, hw_if->hw_address, 6);
2285 static inline vlib_buffer_t *
2286 create_buffer_for_rs (vlib_main_t * vm, ip6_radv_t * radv_info)
2290 vlib_buffer_free_list_t *fl;
2291 icmp6_router_solicitation_header_t *rh;
2296 sw_if_index = radv_info->sw_if_index;
2298 if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
2300 clib_warning ("buffer allocation failure");
2304 p0 = vlib_get_buffer (vm, bi0);
2305 fl = vlib_buffer_get_free_list (vm, VLIB_BUFFER_DEFAULT_FREE_LIST_INDEX);
2306 vlib_buffer_init_for_free_list (p0, fl);
2307 VLIB_BUFFER_TRACE_TRAJECTORY_INIT (p0);
2308 p0->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED;
2310 vnet_buffer (p0)->sw_if_index[VLIB_RX] = sw_if_index;
2311 vnet_buffer (p0)->sw_if_index[VLIB_TX] = sw_if_index;
2313 vnet_buffer (p0)->ip.adj_index[VLIB_TX] = radv_info->mcast_adj_index;
2315 rh = vlib_buffer_get_current (p0);
2316 p0->current_length = sizeof (*rh);
2318 rh->neighbor.icmp.type = ICMP6_router_solicitation;
2319 rh->neighbor.icmp.code = 0;
2320 rh->neighbor.icmp.checksum = 0;
2321 rh->neighbor.reserved_must_be_zero = 0;
2323 rh->link_layer_option.header.type =
2324 ICMP6_NEIGHBOR_DISCOVERY_OPTION_source_link_layer_address;
2325 if (0 != get_mac_address (sw_if_index,
2326 rh->link_layer_option.ethernet_address))
2328 clib_warning ("interface with sw_if_index %u has no mac address",
2330 vlib_buffer_free (vm, &bi0, 1);
2333 rh->link_layer_option.header.n_data_u64s = 1;
2335 payload_length = sizeof (rh->neighbor) + sizeof (u64);
2337 rh->ip.ip_version_traffic_class_and_flow_label =
2338 clib_host_to_net_u32 (0x6 << 28);
2339 rh->ip.payload_length = clib_host_to_net_u16 (payload_length);
2340 rh->ip.protocol = IP_PROTOCOL_ICMP6;
2341 rh->ip.hop_limit = 255;
2342 rh->ip.src_address = radv_info->link_local_address;
2343 /* set address ff02::2 */
2344 rh->ip.dst_address.as_u64[0] = clib_host_to_net_u64 (0xff02L << 48);
2345 rh->ip.dst_address.as_u64[1] = clib_host_to_net_u64 (2);
2347 rh->neighbor.icmp.checksum = ip6_tcp_udp_icmp_compute_checksum (vm, p0,
2355 stop_sending_rs (vlib_main_t * vm, ip6_radv_t * ra)
2359 ra->keep_sending_rs = 0;
2362 bi0 = vlib_get_buffer_index (vm, ra->buffer);
2363 vlib_buffer_free (vm, &bi0, 1);
2369 check_send_rs (vlib_main_t * vm, ip6_radv_t * radv_info, f64 current_time,
2379 icmp6_send_router_solicitation_params_t *params;
2381 if (!radv_info->keep_sending_rs)
2384 params = &radv_info->params;
2386 if (radv_info->due_time > current_time)
2388 *due_time = radv_info->due_time;
2392 p0 = radv_info->buffer;
2394 next_index = ip6_rewrite_mcast_node.index;
2396 c0 = vlib_buffer_copy (vm, p0);
2397 ci0 = vlib_get_buffer_index (vm, c0);
2399 f = vlib_get_frame_to_node (vm, next_index);
2400 to_next = vlib_frame_vector_args (f);
2403 vlib_put_frame_to_node (vm, next_index, f);
2405 if (params->mrc != 0 && --radv_info->n_left == 0)
2406 stop_sending_rs (vm, radv_info);
2409 radv_info->sleep_interval =
2410 (2 + random_f64_from_to (-0.1, 0.1)) * radv_info->sleep_interval;
2411 if (radv_info->sleep_interval > params->mrt)
2412 radv_info->sleep_interval =
2413 (1 + random_f64_from_to (-0.1, 0.1)) * params->mrt;
2415 radv_info->due_time = current_time + radv_info->sleep_interval;
2417 if (params->mrd != 0
2418 && current_time > radv_info->start_time + params->mrd)
2419 stop_sending_rs (vm, radv_info);
2421 *due_time = radv_info->due_time;
2424 return radv_info->keep_sending_rs;
2428 send_rs_process (vlib_main_t * vm, vlib_node_runtime_t * rt,
2431 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
2432 ip6_radv_t *radv_info;
2433 uword *event_data = 0;
2434 f64 sleep_time = 1e9;
2441 vlib_process_wait_for_event_or_clock (vm, sleep_time);
2442 vlib_process_get_events (vm, &event_data);
2443 vec_reset_length (event_data);
2445 current_time = vlib_time_now (vm);
2448 due_time = current_time + 1e9;
2450 pool_foreach (radv_info, nm->if_radv_pool,
2452 if (check_send_rs (vm, radv_info, current_time, &dt)
2457 current_time = vlib_time_now (vm);
2459 while (due_time < current_time);
2461 sleep_time = due_time - current_time;
2468 VLIB_REGISTER_NODE (send_rs_process_node) = {
2469 .function = send_rs_process,
2470 .type = VLIB_NODE_TYPE_PROCESS,
2471 .name = "send-rs-process",
2476 icmp6_send_router_solicitation (vlib_main_t * vm, u32 sw_if_index, u8 stop,
2477 icmp6_send_router_solicitation_params_t *
2480 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
2484 ASSERT (~0 != sw_if_index);
2486 rai = nm->if_radv_pool_index_by_sw_if_index[sw_if_index];
2487 ra = pool_elt_at_index (nm->if_radv_pool, rai);
2489 stop_sending_rs (vm, ra);
2493 ra->keep_sending_rs = 1;
2494 ra->params = *params;
2495 ra->n_left = params->mrc;
2496 ra->start_time = vlib_time_now (vm);
2497 ra->sleep_interval = (1 + random_f64_from_to (-0.1, 0.1)) * params->irt;
2498 ra->due_time = 0; /* send first packet ASAP */
2499 ra->buffer = create_buffer_for_rs (vm, ra);
2501 ra->keep_sending_rs = 0;
2503 vlib_process_signal_event (vm, send_rs_process_node.index, 1, 0);
2508 * @brief Add a multicast Address to the advertised MLD set
2511 ip6_neighbor_add_mld_prefix (ip6_radv_t * radv_info, ip6_address_t * addr)
2513 ip6_mldp_group_t *mcast_group_info;
2516 /* lookup mldp info for this interface */
2517 p = mhash_get (&radv_info->address_to_mldp_index, addr);
2519 p ? pool_elt_at_index (radv_info->mldp_group_pool, p[0]) : 0;
2522 if (!mcast_group_info)
2526 pool_get (radv_info->mldp_group_pool, mcast_group_info);
2528 mi = mcast_group_info - radv_info->mldp_group_pool;
2529 mhash_set (&radv_info->address_to_mldp_index, addr, mi, /* old_value */
2532 mcast_group_info->type = 4;
2533 mcast_group_info->mcast_source_address_pool = 0;
2534 mcast_group_info->num_sources = 0;
2535 clib_memcpy (&mcast_group_info->mcast_address, addr,
2536 sizeof (ip6_address_t));
2541 * @brief Delete a multicast Address from the advertised MLD set
2544 ip6_neighbor_del_mld_prefix (ip6_radv_t * radv_info, ip6_address_t * addr)
2546 ip6_mldp_group_t *mcast_group_info;
2549 p = mhash_get (&radv_info->address_to_mldp_index, &addr);
2551 p ? pool_elt_at_index (radv_info->mldp_group_pool, p[0]) : 0;
2553 if (mcast_group_info)
2555 mhash_unset (&radv_info->address_to_mldp_index, &addr,
2557 pool_put (radv_info->mldp_group_pool, mcast_group_info);
2562 * @brief Add a multicast Address to the advertised MLD set
2565 ip6_neighbor_add_mld_grp (ip6_radv_t * a,
2566 ip6_multicast_address_scope_t scope,
2567 ip6_multicast_link_local_group_id_t group)
2571 ip6_set_reserved_multicast_address (&addr, scope, group);
2573 ip6_neighbor_add_mld_prefix (a, &addr);
2577 * @brief create and initialize router advertisement parameters with default
2578 * values for this intfc
2581 ip6_neighbor_sw_interface_add_del (vnet_main_t * vnm,
2582 u32 sw_if_index, u32 is_add)
2584 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
2587 vnet_sw_interface_t *sw_if0;
2588 ethernet_interface_t *eth_if0 = 0;
2590 /* lookup radv container - ethernet interfaces only */
2591 sw_if0 = vnet_get_sup_sw_interface (vnm, sw_if_index);
2592 if (sw_if0->type == VNET_SW_INTERFACE_TYPE_HARDWARE)
2593 eth_if0 = ethernet_get_interface (ðernet_main, sw_if0->hw_if_index);
2598 vec_validate_init_empty (nm->if_radv_pool_index_by_sw_if_index, sw_if_index,
2600 ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index];
2604 a = pool_elt_at_index (nm->if_radv_pool, ri);
2608 ip6_radv_prefix_t *p;
2609 ip6_mldp_group_t *m;
2611 /* release the lock on the interface's mcast adj */
2612 adj_unlock (a->mcast_adj_index);
2614 /* clean up prefix and MDP pools */
2616 pool_flush(p, a->adv_prefixes_pool,
2618 mhash_unset (&a->address_to_prefix_index, &p->prefix, 0);
2620 pool_flush (m, a->mldp_group_pool,
2622 mhash_unset (&a->address_to_mldp_index, &m->mcast_address, 0);
2626 pool_free (a->mldp_group_pool);
2627 pool_free (a->adv_prefixes_pool);
2629 mhash_free (&a->address_to_prefix_index);
2630 mhash_free (&a->address_to_mldp_index);
2632 if (a->keep_sending_rs)
2633 a->keep_sending_rs = 0;
2635 pool_put (nm->if_radv_pool, a);
2636 nm->if_radv_pool_index_by_sw_if_index[sw_if_index] = ~0;
2644 pool_get (nm->if_radv_pool, a);
2646 ri = a - nm->if_radv_pool;
2647 nm->if_radv_pool_index_by_sw_if_index[sw_if_index] = ri;
2649 /* initialize default values (most of which are zero) */
2650 memset (a, 0, sizeof (a[0]));
2652 a->sw_if_index = sw_if_index;
2653 a->max_radv_interval = DEF_MAX_RADV_INTERVAL;
2654 a->min_radv_interval = DEF_MIN_RADV_INTERVAL;
2655 a->curr_hop_limit = DEF_CURR_HOP_LIMIT;
2656 a->adv_router_lifetime_in_sec = DEF_DEF_RTR_LIFETIME;
2658 /* send ll address source address option */
2659 a->adv_link_layer_address = 1;
2661 a->min_delay_between_radv = MIN_DELAY_BETWEEN_RAS;
2662 a->max_delay_between_radv = MAX_DELAY_BETWEEN_RAS;
2663 a->max_rtr_default_lifetime = MAX_DEF_RTR_LIFETIME;
2664 a->seed = (u32) clib_cpu_time_now ();
2665 (void) random_u32 (&a->seed);
2666 a->randomizer = clib_cpu_time_now ();
2667 (void) random_u64 (&a->randomizer);
2669 a->initial_adverts_count = MAX_INITIAL_RTR_ADVERTISEMENTS;
2670 a->initial_adverts_sent = a->initial_adverts_count - 1;
2671 a->initial_adverts_interval = MAX_INITIAL_RTR_ADVERT_INTERVAL;
2673 /* deafult is to send */
2676 /* fill in radv_info for this interface that will be needed later */
2678 vnet_sw_interface_get_mtu (vnm, sw_if_index, VNET_MTU_IP6);
2680 clib_memcpy (a->link_layer_address, eth_if0->address, 6);
2682 /* fill in default link-local address (this may be overridden) */
2683 ip6_link_local_address_from_ethernet_address
2684 (&a->link_local_address, eth_if0->address);
2686 mhash_init (&a->address_to_prefix_index, sizeof (uword),
2687 sizeof (ip6_address_t));
2688 mhash_init (&a->address_to_mldp_index, sizeof (uword),
2689 sizeof (ip6_address_t));
2691 a->mcast_adj_index = adj_mcast_add_or_lock (FIB_PROTOCOL_IP6,
2695 a->keep_sending_rs = 0;
2697 /* add multicast groups we will always be reporting */
2698 ip6_neighbor_add_mld_grp (a,
2699 IP6_MULTICAST_SCOPE_link_local,
2700 IP6_MULTICAST_GROUP_ID_all_hosts);
2701 ip6_neighbor_add_mld_grp (a,
2702 IP6_MULTICAST_SCOPE_link_local,
2703 IP6_MULTICAST_GROUP_ID_all_routers);
2704 ip6_neighbor_add_mld_grp (a,
2705 IP6_MULTICAST_SCOPE_link_local,
2706 IP6_MULTICAST_GROUP_ID_mldv2_routers);
2712 /* send an mldpv2 report */
2714 ip6_neighbor_send_mldpv2_report (u32 sw_if_index)
2716 vnet_main_t *vnm = vnet_get_main ();
2717 vlib_main_t *vm = vnm->vlib_main;
2718 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
2719 vnet_sw_interface_t *sw_if0;
2720 ethernet_interface_t *eth_if0;
2724 ip6_radv_t *radv_info;
2734 icmp6_multicast_listener_report_header_t *rh0;
2735 icmp6_multicast_listener_report_packet_t *rp0;
2737 sw_if0 = vnet_get_sup_sw_interface (vnm, sw_if_index);
2738 ASSERT (sw_if0->type == VNET_SW_INTERFACE_TYPE_HARDWARE);
2739 eth_if0 = ethernet_get_interface (ðernet_main, sw_if0->hw_if_index);
2741 if (!eth_if0 || !vnet_sw_interface_is_admin_up (vnm, sw_if_index))
2744 /* look up the radv_t information for this interface */
2745 vec_validate_init_empty (nm->if_radv_pool_index_by_sw_if_index, sw_if_index,
2748 ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index];
2753 /* send report now - build a mldpv2 report packet */
2754 n_allocated = vlib_buffer_alloc_from_free_list (vm,
2757 VLIB_BUFFER_DEFAULT_FREE_LIST_INDEX);
2758 if (PREDICT_FALSE (n_allocated == 0))
2760 clib_warning ("buffer allocation failure");
2764 b0 = vlib_get_buffer (vm, bo0);
2766 /* adjust the sizeof the buffer to just include the ipv6 header */
2767 b0->current_length = sizeof (icmp6_multicast_listener_report_packet_t);
2769 payload_length = sizeof (icmp6_multicast_listener_report_header_t);
2771 b0->error = ICMP6_ERROR_NONE;
2773 rp0 = vlib_buffer_get_current (b0);
2774 ip0 = (ip6_header_t *) & rp0->ip;
2775 rh0 = (icmp6_multicast_listener_report_header_t *) & rp0->report_hdr;
2777 memset (rp0, 0x0, sizeof (icmp6_multicast_listener_report_packet_t));
2779 ip0->ip_version_traffic_class_and_flow_label =
2780 clib_host_to_net_u32 (0x6 << 28);
2782 ip0->protocol = IP_PROTOCOL_IP6_HOP_BY_HOP_OPTIONS;
2783 /* for DEBUG - vnet driver won't seem to emit router alerts */
2784 /* ip0->protocol = IP_PROTOCOL_ICMP6; */
2787 rh0->icmp.type = ICMP6_multicast_listener_report_v2;
2789 /* source address MUST be the link-local address */
2790 radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
2791 ip0->src_address = radv_info->link_local_address;
2793 /* destination is all mldpv2 routers */
2794 ip6_set_reserved_multicast_address (&ip0->dst_address,
2795 IP6_MULTICAST_SCOPE_link_local,
2796 IP6_MULTICAST_GROUP_ID_mldv2_routers);
2798 /* add reports here */
2799 ip6_mldp_group_t *m;
2800 int num_addr_records = 0;
2801 icmp6_multicast_address_record_t rr;
2803 /* fill in the hop-by-hop extension header (router alert) info */
2804 rh0->ext_hdr.next_hdr = IP_PROTOCOL_ICMP6;
2805 rh0->ext_hdr.n_data_u64s = 0;
2807 rh0->alert.type = IP6_MLDP_ALERT_TYPE;
2809 rh0->alert.value = 0;
2814 rh0->icmp.checksum = 0;
2817 pool_foreach (m, radv_info->mldp_group_pool,
2820 rr.aux_data_len_u32s = 0;
2821 rr.num_sources = clib_host_to_net_u16 (m->num_sources);
2822 clib_memcpy(&rr.mcast_addr, &m->mcast_address, sizeof(ip6_address_t));
2826 vlib_buffer_add_data
2827 (vm, vlib_buffer_get_free_list_index (b0), bo0,
2828 (void *)&rr, sizeof(icmp6_multicast_address_record_t));
2830 payload_length += sizeof( icmp6_multicast_address_record_t);
2835 rh0->num_addr_records = clib_host_to_net_u16 (num_addr_records);
2837 /* update lengths */
2838 ip0->payload_length = clib_host_to_net_u16 (payload_length);
2840 rh0->icmp.checksum = ip6_tcp_udp_icmp_compute_checksum (vm, b0, ip0,
2842 ASSERT (bogus_length == 0);
2845 * OK to override w/ no regard for actual FIB, because
2846 * ip6-rewrite only looks at the adjacency.
2848 vnet_buffer (b0)->sw_if_index[VLIB_RX] =
2849 vnet_main.local_interface_sw_if_index;
2851 vnet_buffer (b0)->ip.adj_index[VLIB_TX] = radv_info->mcast_adj_index;
2852 b0->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED;
2854 vlib_node_t *node = vlib_get_node_by_name (vm, (u8 *) "ip6-rewrite-mcast");
2856 f = vlib_get_frame_to_node (vm, node->index);
2857 to_next = vlib_frame_vector_args (f);
2861 vlib_put_frame_to_node (vm, node->index, f);
2866 VLIB_REGISTER_NODE (ip6_icmp_router_solicitation_node,static) =
2868 .function = icmp6_router_solicitation,
2869 .name = "icmp6-router-solicitation",
2871 .vector_size = sizeof (u32),
2873 .format_trace = format_icmp6_input_trace,
2875 .n_next_nodes = ICMP6_ROUTER_SOLICITATION_N_NEXT,
2877 [ICMP6_ROUTER_SOLICITATION_NEXT_DROP] = "ip6-drop",
2878 [ICMP6_ROUTER_SOLICITATION_NEXT_REPLY_RW] = "ip6-rewrite-mcast",
2879 [ICMP6_ROUTER_SOLICITATION_NEXT_REPLY_TX] = "interface-output",
2884 /* send a RA or update the timer info etc.. */
2886 ip6_neighbor_process_timer_event (vlib_main_t * vm,
2887 vlib_node_runtime_t * node,
2888 vlib_frame_t * frame)
2890 vnet_main_t *vnm = vnet_get_main ();
2891 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
2892 ip6_radv_t *radv_info;
2893 vlib_frame_t *f = 0;
2894 u32 n_this_frame = 0;
2895 u32 n_left_to_next = 0;
2898 icmp6_router_solicitation_header_t *h0;
2900 f64 now = vlib_time_now (vm);
2902 /* Interface ip6 radv info list */
2904 pool_foreach (radv_info, nm->if_radv_pool,
2906 if( !vnet_sw_interface_is_admin_up (vnm, radv_info->sw_if_index))
2908 radv_info->initial_adverts_sent = radv_info->initial_adverts_count-1;
2909 radv_info->next_multicast_time = now;
2910 radv_info->last_multicast_time = now;
2911 radv_info->last_radv_time = 0;
2912 radv_info->all_routers_mcast = 0;
2916 /* Make sure that we've joined the all-routers multicast group */
2917 if(!radv_info->all_routers_mcast)
2919 /* send MDLP_REPORT_EVENT message */
2920 ip6_neighbor_send_mldpv2_report(radv_info->sw_if_index);
2921 radv_info->all_routers_mcast = 1;
2924 /* is it time to send a multicast RA on this interface? */
2925 if(radv_info->send_radv && (now >= radv_info->next_multicast_time))
2930 f64 rfn = (radv_info->max_radv_interval - radv_info->min_radv_interval) *
2931 random_f64 (&radv_info->seed) + radv_info->min_radv_interval;
2933 /* multicast send - compute next multicast send time */
2934 if( radv_info->initial_adverts_sent > 0)
2936 radv_info->initial_adverts_sent--;
2937 if(rfn > radv_info-> initial_adverts_interval)
2938 rfn = radv_info-> initial_adverts_interval;
2940 /* check to see if we are ceasing to send */
2941 if( radv_info->initial_adverts_sent == 0)
2942 if(radv_info->cease_radv)
2943 radv_info->send_radv = 0;
2946 radv_info->next_multicast_time = rfn + now;
2947 radv_info->last_multicast_time = now;
2949 /* send advert now - build a "solicted" router advert with unspecified source address */
2950 n_allocated = vlib_buffer_alloc_from_free_list
2951 (vm, &bo0, n_to_alloc, VLIB_BUFFER_DEFAULT_FREE_LIST_INDEX);
2953 if (PREDICT_FALSE(n_allocated == 0))
2955 clib_warning ("buffer allocation failure");
2958 b0 = vlib_get_buffer (vm, bo0);
2959 b0->current_length = sizeof( icmp6_router_solicitation_header_t);
2960 b0->error = ICMP6_ERROR_NONE;
2961 vnet_buffer (b0)->sw_if_index[VLIB_RX] = radv_info->sw_if_index;
2963 h0 = vlib_buffer_get_current (b0);
2965 memset (h0, 0, sizeof (icmp6_router_solicitation_header_t));
2967 h0->ip.ip_version_traffic_class_and_flow_label = clib_host_to_net_u32 (0x6 << 28);
2968 h0->ip.payload_length = clib_host_to_net_u16 (sizeof (icmp6_router_solicitation_header_t)
2969 - STRUCT_OFFSET_OF (icmp6_router_solicitation_header_t, neighbor));
2970 h0->ip.protocol = IP_PROTOCOL_ICMP6;
2971 h0->ip.hop_limit = 255;
2973 /* set src/dst address as "unspecified" this marks this packet as internally generated rather than recieved */
2974 h0->ip.src_address.as_u64[0] = 0;
2975 h0->ip.src_address.as_u64[1] = 0;
2977 h0->ip.dst_address.as_u64[0] = 0;
2978 h0->ip.dst_address.as_u64[1] = 0;
2980 h0->neighbor.icmp.type = ICMP6_router_solicitation;
2982 if (PREDICT_FALSE(f == 0))
2984 f = vlib_get_frame_to_node (vm, ip6_icmp_router_solicitation_node.index);
2985 to_next = vlib_frame_vector_args (f);
2986 n_left_to_next = VLIB_FRAME_SIZE;
2995 if (PREDICT_FALSE(n_left_to_next == 0))
2997 f->n_vectors = n_this_frame;
2998 vlib_put_frame_to_node (vm, ip6_icmp_router_solicitation_node.index, f);
3007 ASSERT (n_this_frame);
3008 f->n_vectors = n_this_frame;
3009 vlib_put_frame_to_node (vm, ip6_icmp_router_solicitation_node.index, f);
3015 ip6_icmp_neighbor_discovery_event_process (vlib_main_t * vm,
3016 vlib_node_runtime_t * node,
3017 vlib_frame_t * frame)
3020 ip6_icmp_neighbor_discovery_event_data_t *event_data;
3022 /* init code here */
3026 vlib_process_wait_for_event_or_clock (vm, 1. /* seconds */ );
3028 event_data = vlib_process_get_event_data (vm, &event_type);
3032 /* No events found: timer expired. */
3033 /* process interface list and send RAs as appropriate, update timer info */
3034 ip6_neighbor_process_timer_event (vm, node, frame);
3041 case ICMP6_ND_EVENT_INIT:
3052 _vec_len (event_data) = 0;
3055 return frame->n_vectors;
3059 VLIB_REGISTER_NODE (ip6_icmp_router_advertisement_node,static) =
3061 .function = icmp6_router_advertisement,
3062 .name = "icmp6-router-advertisement",
3064 .vector_size = sizeof (u32),
3066 .format_trace = format_icmp6_input_trace,
3075 vlib_node_registration_t ip6_icmp_neighbor_discovery_event_node = {
3077 .function = ip6_icmp_neighbor_discovery_event_process,
3078 .name = "ip6-icmp-neighbor-discovery-event-process",
3079 .type = VLIB_NODE_TYPE_PROCESS,
3083 icmp6_neighbor_solicitation (vlib_main_t * vm,
3084 vlib_node_runtime_t * node, vlib_frame_t * frame)
3086 return icmp6_neighbor_solicitation_or_advertisement (vm, node, frame,
3087 /* is_solicitation */
3092 icmp6_neighbor_advertisement (vlib_main_t * vm,
3093 vlib_node_runtime_t * node,
3094 vlib_frame_t * frame)
3096 return icmp6_neighbor_solicitation_or_advertisement (vm, node, frame,
3097 /* is_solicitation */
3102 VLIB_REGISTER_NODE (ip6_icmp_neighbor_solicitation_node,static) =
3104 .function = icmp6_neighbor_solicitation,
3105 .name = "icmp6-neighbor-solicitation",
3107 .vector_size = sizeof (u32),
3109 .format_trace = format_icmp6_input_trace,
3111 .n_next_nodes = ICMP6_NEIGHBOR_SOLICITATION_N_NEXT,
3113 [ICMP6_NEIGHBOR_SOLICITATION_NEXT_DROP] = "ip6-drop",
3114 [ICMP6_NEIGHBOR_SOLICITATION_NEXT_REPLY] = "interface-output",
3120 VLIB_REGISTER_NODE (ip6_icmp_neighbor_advertisement_node,static) =
3122 .function = icmp6_neighbor_advertisement,
3123 .name = "icmp6-neighbor-advertisement",
3125 .vector_size = sizeof (u32),
3127 .format_trace = format_icmp6_input_trace,
3138 IP6_DISCOVER_NEIGHBOR_NEXT_DROP,
3139 IP6_DISCOVER_NEIGHBOR_NEXT_REPLY_TX,
3140 IP6_DISCOVER_NEIGHBOR_N_NEXT,
3141 } ip6_discover_neighbor_next_t;
3145 IP6_DISCOVER_NEIGHBOR_ERROR_DROP,
3146 IP6_DISCOVER_NEIGHBOR_ERROR_REQUEST_SENT,
3147 IP6_DISCOVER_NEIGHBOR_ERROR_NO_SOURCE_ADDRESS,
3148 } ip6_discover_neighbor_error_t;
3151 ip6_discover_neighbor_inline (vlib_main_t * vm,
3152 vlib_node_runtime_t * node,
3153 vlib_frame_t * frame, int is_glean)
3155 vnet_main_t *vnm = vnet_get_main ();
3156 ip6_main_t *im = &ip6_main;
3157 ip_lookup_main_t *lm = &im->lookup_main;
3158 u32 *from, *to_next_drop;
3159 uword n_left_from, n_left_to_next_drop;
3160 static f64 time_last_seed_change = -1e100;
3161 static u32 hash_seeds[3];
3162 static uword hash_bitmap[256 / BITS (uword)];
3165 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
3167 if (node->flags & VLIB_NODE_FLAG_TRACE)
3168 ip6_forward_next_trace (vm, node, frame, VLIB_TX);
3170 time_now = vlib_time_now (vm);
3171 if (time_now - time_last_seed_change > 1e-3)
3174 u32 *r = clib_random_buffer_get_data (&vm->random_buffer,
3175 sizeof (hash_seeds));
3176 for (i = 0; i < ARRAY_LEN (hash_seeds); i++)
3177 hash_seeds[i] = r[i];
3179 /* Mark all hash keys as been not-seen before. */
3180 for (i = 0; i < ARRAY_LEN (hash_bitmap); i++)
3183 time_last_seed_change = time_now;
3186 from = vlib_frame_vector_args (frame);
3187 n_left_from = frame->n_vectors;
3189 while (n_left_from > 0)
3191 vlib_get_next_frame (vm, node, IP6_DISCOVER_NEIGHBOR_NEXT_DROP,
3192 to_next_drop, n_left_to_next_drop);
3194 while (n_left_from > 0 && n_left_to_next_drop > 0)
3198 u32 pi0, adj_index0, a0, b0, c0, m0, sw_if_index0, drop0;
3200 ip_adjacency_t *adj0;
3201 vnet_hw_interface_t *hw_if0;
3202 ip6_radv_t *radv_info;
3207 p0 = vlib_get_buffer (vm, pi0);
3209 adj_index0 = vnet_buffer (p0)->ip.adj_index[VLIB_TX];
3211 ip0 = vlib_buffer_get_current (p0);
3213 adj0 = adj_get (adj_index0);
3217 ip0->dst_address.as_u64[0] =
3218 adj0->sub_type.nbr.next_hop.ip6.as_u64[0];
3219 ip0->dst_address.as_u64[1] =
3220 adj0->sub_type.nbr.next_hop.ip6.as_u64[1];
3227 sw_if_index0 = adj0->rewrite_header.sw_if_index;
3228 vnet_buffer (p0)->sw_if_index[VLIB_TX] = sw_if_index0;
3231 b0 ^= ip0->dst_address.as_u32[0];
3232 c0 ^= ip0->dst_address.as_u32[1];
3234 hash_v3_mix32 (a0, b0, c0);
3236 b0 ^= ip0->dst_address.as_u32[2];
3237 c0 ^= ip0->dst_address.as_u32[3];
3239 hash_v3_finalize32 (a0, b0, c0);
3241 c0 &= BITS (hash_bitmap) - 1;
3242 c0 = c0 / BITS (uword);
3243 m0 = (uword) 1 << (c0 % BITS (uword));
3245 bm0 = hash_bitmap[c0];
3246 drop0 = (bm0 & m0) != 0;
3248 /* Mark it as seen. */
3249 hash_bitmap[c0] = bm0 | m0;
3253 to_next_drop[0] = pi0;
3255 n_left_to_next_drop -= 1;
3257 hw_if0 = vnet_get_sup_hw_interface (vnm, sw_if_index0);
3259 /* If the interface is link-down, drop the pkt */
3260 if (!(hw_if0->flags & VNET_HW_INTERFACE_FLAG_LINK_UP))
3263 if (vec_len (nm->if_radv_pool_index_by_sw_if_index) > sw_if_index0)
3265 u32 ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index0];
3268 radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
3276 * the adj has been updated to a rewrite but the node the DPO that got
3277 * us here hasn't - yet. no big deal. we'll drop while we wait.
3279 if (IP_LOOKUP_NEXT_REWRITE == adj0->lookup_next_index)
3283 node->errors[drop0 ? IP6_DISCOVER_NEIGHBOR_ERROR_DROP
3284 : IP6_DISCOVER_NEIGHBOR_ERROR_REQUEST_SENT];
3291 icmp6_neighbor_solicitation_header_t *h0;
3294 h0 = vlib_packet_template_get_packet
3295 (vm, &im->discover_neighbor_packet_template, &bi0);
3300 * Build ethernet header.
3301 * Choose source address based on destination lookup
3304 if (!ip6_src_address_for_packet (lm,
3307 &h0->ip.src_address))
3309 /* There is no address on the interface */
3311 node->errors[IP6_DISCOVER_NEIGHBOR_ERROR_NO_SOURCE_ADDRESS];
3312 vlib_buffer_free (vm, &bi0, 1);
3317 * Destination address is a solicited node multicast address.
3318 * We need to fill in
3319 * the low 24 bits with low 24 bits of target's address.
3321 h0->ip.dst_address.as_u8[13] = ip0->dst_address.as_u8[13];
3322 h0->ip.dst_address.as_u8[14] = ip0->dst_address.as_u8[14];
3323 h0->ip.dst_address.as_u8[15] = ip0->dst_address.as_u8[15];
3325 h0->neighbor.target_address = ip0->dst_address;
3327 clib_memcpy (h0->link_layer_option.ethernet_address,
3328 hw_if0->hw_address, vec_len (hw_if0->hw_address));
3330 /* $$$$ appears we need this; why is the checksum non-zero? */
3331 h0->neighbor.icmp.checksum = 0;
3332 h0->neighbor.icmp.checksum =
3333 ip6_tcp_udp_icmp_compute_checksum (vm, 0, &h0->ip,
3336 ASSERT (bogus_length == 0);
3338 vlib_buffer_copy_trace_flag (vm, p0, bi0);
3339 b0 = vlib_get_buffer (vm, bi0);
3340 vnet_buffer (b0)->sw_if_index[VLIB_TX]
3341 = vnet_buffer (p0)->sw_if_index[VLIB_TX];
3343 vnet_buffer (b0)->ip.adj_index[VLIB_TX] =
3344 radv_info->mcast_adj_index;
3346 b0->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED;
3347 next0 = IP6_DISCOVER_NEIGHBOR_NEXT_REPLY_TX;
3349 vlib_set_next_frame_buffer (vm, node, next0, bi0);
3353 vlib_put_next_frame (vm, node, IP6_DISCOVER_NEIGHBOR_NEXT_DROP,
3354 n_left_to_next_drop);
3357 return frame->n_vectors;
3361 ip6_discover_neighbor (vlib_main_t * vm,
3362 vlib_node_runtime_t * node, vlib_frame_t * frame)
3364 return (ip6_discover_neighbor_inline (vm, node, frame, 0));
3368 ip6_glean (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame)
3370 return (ip6_discover_neighbor_inline (vm, node, frame, 1));
3373 static char *ip6_discover_neighbor_error_strings[] = {
3374 [IP6_DISCOVER_NEIGHBOR_ERROR_DROP] = "address overflow drops",
3375 [IP6_DISCOVER_NEIGHBOR_ERROR_REQUEST_SENT] = "neighbor solicitations sent",
3376 [IP6_DISCOVER_NEIGHBOR_ERROR_NO_SOURCE_ADDRESS]
3377 = "no source address for ND solicitation",
3381 VLIB_REGISTER_NODE (ip6_glean_node) =
3383 .function = ip6_glean,
3384 .name = "ip6-glean",
3385 .vector_size = sizeof (u32),
3386 .format_trace = format_ip6_forward_next_trace,
3387 .n_errors = ARRAY_LEN (ip6_discover_neighbor_error_strings),
3388 .error_strings = ip6_discover_neighbor_error_strings,
3389 .n_next_nodes = IP6_DISCOVER_NEIGHBOR_N_NEXT,
3392 [IP6_DISCOVER_NEIGHBOR_NEXT_DROP] = "ip6-drop",
3393 [IP6_DISCOVER_NEIGHBOR_NEXT_REPLY_TX] = "ip6-rewrite-mcast",
3396 VLIB_REGISTER_NODE (ip6_discover_neighbor_node) =
3398 .function = ip6_discover_neighbor,
3399 .name = "ip6-discover-neighbor",
3400 .vector_size = sizeof (u32),
3401 .format_trace = format_ip6_forward_next_trace,
3402 .n_errors = ARRAY_LEN (ip6_discover_neighbor_error_strings),
3403 .error_strings = ip6_discover_neighbor_error_strings,
3404 .n_next_nodes = IP6_DISCOVER_NEIGHBOR_N_NEXT,
3407 [IP6_DISCOVER_NEIGHBOR_NEXT_DROP] = "ip6-drop",
3408 [IP6_DISCOVER_NEIGHBOR_NEXT_REPLY_TX] = "ip6-rewrite-mcast",
3413 /* API support functions */
3415 ip6_neighbor_ra_config (vlib_main_t * vm, u32 sw_if_index,
3416 u8 suppress, u8 managed, u8 other,
3417 u8 ll_option, u8 send_unicast, u8 cease,
3418 u8 use_lifetime, u32 lifetime,
3419 u32 initial_count, u32 initial_interval,
3420 u32 max_interval, u32 min_interval, u8 is_no)
3422 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
3426 /* look up the radv_t information for this interface */
3427 vec_validate_init_empty (nm->if_radv_pool_index_by_sw_if_index, sw_if_index,
3429 ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index];
3430 error = (ri != ~0) ? 0 : VNET_API_ERROR_INVALID_SW_IF_INDEX;
3435 ip6_radv_t *radv_info;
3436 radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
3438 if ((max_interval != 0) && (min_interval == 0))
3439 min_interval = .75 * max_interval;
3443 0) ? ((is_no) ? DEF_MAX_RADV_INTERVAL : max_interval) :
3444 radv_info->max_radv_interval;
3447 0) ? ((is_no) ? DEF_MIN_RADV_INTERVAL : min_interval) :
3448 radv_info->min_radv_interval;
3451 0) ? ((is_no) ? DEF_DEF_RTR_LIFETIME : lifetime) :
3452 radv_info->adv_router_lifetime_in_sec;
3456 if (lifetime > MAX_DEF_RTR_LIFETIME)
3457 lifetime = MAX_DEF_RTR_LIFETIME;
3459 if (lifetime <= max_interval)
3460 return VNET_API_ERROR_INVALID_VALUE;
3463 if (min_interval != 0)
3465 if ((min_interval > .75 * max_interval) || (min_interval < 3))
3466 return VNET_API_ERROR_INVALID_VALUE;
3469 if ((initial_count > MAX_INITIAL_RTR_ADVERTISEMENTS) ||
3470 (initial_interval > MAX_INITIAL_RTR_ADVERT_INTERVAL))
3471 return VNET_API_ERROR_INVALID_VALUE;
3474 if "flag" is set and is_no is true then restore default value else set value corresponding to "flag"
3475 if "flag" is clear don't change corresponding value
3477 radv_info->send_radv =
3478 (suppress != 0) ? ((is_no != 0) ? 1 : 0) : radv_info->send_radv;
3479 radv_info->adv_managed_flag =
3480 (managed != 0) ? ((is_no) ? 0 : 1) : radv_info->adv_managed_flag;
3481 radv_info->adv_other_flag =
3482 (other != 0) ? ((is_no) ? 0 : 1) : radv_info->adv_other_flag;
3483 radv_info->adv_link_layer_address =
3485 0) ? ((is_no) ? 1 : 0) : radv_info->adv_link_layer_address;
3486 radv_info->send_unicast =
3487 (send_unicast != 0) ? ((is_no) ? 0 : 1) : radv_info->send_unicast;
3488 radv_info->cease_radv =
3489 (cease != 0) ? ((is_no) ? 0 : 1) : radv_info->cease_radv;
3491 radv_info->min_radv_interval = min_interval;
3492 radv_info->max_radv_interval = max_interval;
3493 radv_info->adv_router_lifetime_in_sec = lifetime;
3495 radv_info->initial_adverts_count =
3497 0) ? ((is_no) ? MAX_INITIAL_RTR_ADVERTISEMENTS : initial_count) :
3498 radv_info->initial_adverts_count;
3499 radv_info->initial_adverts_interval =
3500 (initial_interval !=
3501 0) ? ((is_no) ? MAX_INITIAL_RTR_ADVERT_INTERVAL : initial_interval) :
3502 radv_info->initial_adverts_interval;
3505 if ((cease != 0) && (is_no))
3506 radv_info->send_radv = 1;
3508 radv_info->initial_adverts_sent = radv_info->initial_adverts_count - 1;
3509 radv_info->next_multicast_time = vlib_time_now (vm);
3510 radv_info->last_multicast_time = vlib_time_now (vm);
3511 radv_info->last_radv_time = 0;
3517 ip6_neighbor_ra_prefix (vlib_main_t * vm, u32 sw_if_index,
3518 ip6_address_t * prefix_addr, u8 prefix_len,
3519 u8 use_default, u32 val_lifetime, u32 pref_lifetime,
3520 u8 no_advertise, u8 off_link, u8 no_autoconfig,
3521 u8 no_onlink, u8 is_no)
3523 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
3528 /* look up the radv_t information for this interface */
3529 vec_validate_init_empty (nm->if_radv_pool_index_by_sw_if_index, sw_if_index,
3532 ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index];
3534 error = (ri != ~0) ? 0 : VNET_API_ERROR_INVALID_SW_IF_INDEX;
3538 f64 now = vlib_time_now (vm);
3539 ip6_radv_t *radv_info;
3540 radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
3542 /* prefix info add, delete or update */
3543 ip6_radv_prefix_t *prefix;
3545 /* lookup prefix info for this address on this interface */
3546 uword *p = mhash_get (&radv_info->address_to_prefix_index, prefix_addr);
3548 prefix = p ? pool_elt_at_index (radv_info->adv_prefixes_pool, p[0]) : 0;
3554 return VNET_API_ERROR_INVALID_VALUE; /* invalid prefix */
3556 if (prefix->prefix_len != prefix_len)
3557 return VNET_API_ERROR_INVALID_VALUE_2;
3559 /* FIXME - Should the DP do this or the CP ? */
3560 /* do specific delete processing here before returning */
3561 /* try to remove from routing table */
3563 mhash_unset (&radv_info->address_to_prefix_index, prefix_addr,
3565 pool_put (radv_info->adv_prefixes_pool, prefix);
3567 radv_info->initial_adverts_sent =
3568 radv_info->initial_adverts_count - 1;
3569 radv_info->next_multicast_time = vlib_time_now (vm);
3570 radv_info->last_multicast_time = vlib_time_now (vm);
3571 radv_info->last_radv_time = 0;
3575 /* adding or changing */
3580 pool_get (radv_info->adv_prefixes_pool, prefix);
3581 pi = prefix - radv_info->adv_prefixes_pool;
3582 mhash_set (&radv_info->address_to_prefix_index, prefix_addr, pi,
3585 memset (prefix, 0x0, sizeof (ip6_radv_prefix_t));
3587 prefix->prefix_len = prefix_len;
3588 clib_memcpy (&prefix->prefix, prefix_addr, sizeof (ip6_address_t));
3590 /* initialize default values */
3591 prefix->adv_on_link_flag = 1; /* L bit set */
3592 prefix->adv_autonomous_flag = 1; /* A bit set */
3593 prefix->adv_valid_lifetime_in_secs = DEF_ADV_VALID_LIFETIME;
3594 prefix->adv_pref_lifetime_in_secs = DEF_ADV_PREF_LIFETIME;
3595 prefix->enabled = 1;
3596 prefix->decrement_lifetime_flag = 1;
3597 prefix->deprecated_prefix_flag = 1;
3601 /* FIXME - Should the DP do this or the CP ? */
3602 /* insert prefix into routing table as a connected prefix */
3611 if (prefix->prefix_len != prefix_len)
3612 return VNET_API_ERROR_INVALID_VALUE_2;
3616 /* FIXME - Should the DP do this or the CP ? */
3617 /* remove from routing table if already there */
3621 if ((val_lifetime == ~0) || (pref_lifetime == ~0))
3623 prefix->adv_valid_lifetime_in_secs = ~0;
3624 prefix->adv_pref_lifetime_in_secs = ~0;
3625 prefix->decrement_lifetime_flag = 0;
3629 prefix->adv_valid_lifetime_in_secs = val_lifetime;;
3630 prefix->adv_pref_lifetime_in_secs = pref_lifetime;
3633 /* copy remaining */
3634 prefix->enabled = !(no_advertise != 0);
3635 prefix->adv_on_link_flag = !((off_link != 0) || (no_onlink != 0));
3636 prefix->adv_autonomous_flag = !(no_autoconfig != 0);
3640 /* fill in the expiration times */
3641 prefix->valid_lifetime_expires =
3642 now + prefix->adv_valid_lifetime_in_secs;
3643 prefix->pref_lifetime_expires = now + prefix->adv_pref_lifetime_in_secs;
3645 radv_info->initial_adverts_sent = radv_info->initial_adverts_count - 1;
3646 radv_info->next_multicast_time = vlib_time_now (vm);
3647 radv_info->last_multicast_time = vlib_time_now (vm);
3648 radv_info->last_radv_time = 0;
3654 ip6_neighbor_cmd (vlib_main_t * vm, unformat_input_t * main_input,
3655 vlib_cli_command_t * cmd)
3657 vnet_main_t *vnm = vnet_get_main ();
3658 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
3659 clib_error_t *error = 0;
3661 u8 suppress = 0, managed = 0, other = 0;
3662 u8 suppress_ll_option = 0, send_unicast = 0, cease = 0;
3663 u8 use_lifetime = 0;
3664 u32 sw_if_index, ra_lifetime = 0, ra_initial_count =
3665 0, ra_initial_interval = 0;
3666 u32 ra_max_interval = 0, ra_min_interval = 0;
3668 unformat_input_t _line_input, *line_input = &_line_input;
3669 vnet_sw_interface_t *sw_if0;
3671 int add_radv_info = 1;
3672 __attribute__ ((unused)) ip6_radv_t *radv_info = 0;
3673 ip6_address_t ip6_addr;
3677 /* Get a line of input. */
3678 if (!unformat_user (main_input, unformat_line_input, line_input))
3681 /* get basic radv info for this interface */
3682 if (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
3685 if (unformat_user (line_input,
3686 unformat_vnet_sw_interface, vnm, &sw_if_index))
3689 ethernet_interface_t *eth_if0 = 0;
3691 sw_if0 = vnet_get_sup_sw_interface (vnm, sw_if_index);
3692 if (sw_if0->type == VNET_SW_INTERFACE_TYPE_HARDWARE)
3694 ethernet_get_interface (ðernet_main, sw_if0->hw_if_index);
3699 clib_error_return (0, "Interface must be of ethernet type");
3703 /* look up the radv_t information for this interface */
3704 vec_validate_init_empty (nm->if_radv_pool_index_by_sw_if_index,
3707 ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index];
3711 radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
3715 error = clib_error_return (0, "unknown interface %U'",
3716 format_unformat_error, line_input);
3722 error = clib_error_return (0, "invalid interface name %U'",
3723 format_unformat_error, line_input);
3728 /* get the rest of the command */
3729 while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
3731 if (unformat (line_input, "no"))
3733 else if (unformat (line_input, "prefix %U/%d",
3734 unformat_ip6_address, &ip6_addr, &addr_len))
3739 else if (unformat (line_input, "ra-managed-config-flag"))
3744 else if (unformat (line_input, "ra-other-config-flag"))
3749 else if (unformat (line_input, "ra-suppress") ||
3750 unformat (line_input, "ra-surpress"))
3755 else if (unformat (line_input, "ra-suppress-link-layer") ||
3756 unformat (line_input, "ra-surpress-link-layer"))
3758 suppress_ll_option = 1;
3761 else if (unformat (line_input, "ra-send-unicast"))
3766 else if (unformat (line_input, "ra-lifetime"))
3768 if (!unformat (line_input, "%d", &ra_lifetime))
3770 error = unformat_parse_error (line_input);
3776 else if (unformat (line_input, "ra-initial"))
3779 (line_input, "%d %d", &ra_initial_count, &ra_initial_interval))
3781 error = unformat_parse_error (line_input);
3786 else if (unformat (line_input, "ra-interval"))
3788 if (!unformat (line_input, "%d", &ra_max_interval))
3790 error = unformat_parse_error (line_input);
3794 if (!unformat (line_input, "%d", &ra_min_interval))
3795 ra_min_interval = 0;
3798 else if (unformat (line_input, "ra-cease"))
3805 error = unformat_parse_error (line_input);
3812 ip6_neighbor_ra_config (vm, sw_if_index,
3813 suppress, managed, other,
3814 suppress_ll_option, send_unicast, cease,
3815 use_lifetime, ra_lifetime,
3816 ra_initial_count, ra_initial_interval,
3817 ra_max_interval, ra_min_interval, is_no);
3821 u32 valid_lifetime_in_secs = 0;
3822 u32 pref_lifetime_in_secs = 0;
3823 u8 use_prefix_default_values = 0;
3824 u8 no_advertise = 0;
3826 u8 no_autoconfig = 0;
3829 /* get the rest of the command */
3830 while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
3832 if (unformat (line_input, "default"))
3834 use_prefix_default_values = 1;
3837 else if (unformat (line_input, "infinite"))
3839 valid_lifetime_in_secs = ~0;
3840 pref_lifetime_in_secs = ~0;
3843 else if (unformat (line_input, "%d %d", &valid_lifetime_in_secs,
3844 &pref_lifetime_in_secs))
3851 /* get the rest of the command */
3852 while (!use_prefix_default_values &&
3853 unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
3855 if (unformat (line_input, "no-advertise"))
3857 else if (unformat (line_input, "off-link"))
3859 else if (unformat (line_input, "no-autoconfig"))
3861 else if (unformat (line_input, "no-onlink"))
3865 error = unformat_parse_error (line_input);
3870 ip6_neighbor_ra_prefix (vm, sw_if_index,
3871 &ip6_addr, addr_len,
3872 use_prefix_default_values,
3873 valid_lifetime_in_secs,
3874 pref_lifetime_in_secs,
3876 off_link, no_autoconfig, no_onlink, is_no);
3880 unformat_free (line_input);
3886 ip6_print_addrs (vlib_main_t * vm, u32 * addrs)
3888 ip_lookup_main_t *lm = &ip6_main.lookup_main;
3891 for (i = 0; i < vec_len (addrs); i++)
3893 ip_interface_address_t *a =
3894 pool_elt_at_index (lm->if_address_pool, addrs[i]);
3895 ip6_address_t *address = ip_interface_address_get_address (lm, a);
3897 vlib_cli_output (vm, "\t\t%U/%d",
3898 format_ip6_address, address, a->address_length);
3902 static clib_error_t *
3903 show_ip6_interface_cmd (vlib_main_t * vm,
3904 unformat_input_t * input, vlib_cli_command_t * cmd)
3906 vnet_main_t *vnm = vnet_get_main ();
3907 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
3908 clib_error_t *error = 0;
3913 if (unformat_user (input, unformat_vnet_sw_interface, vnm, &sw_if_index))
3917 /* look up the radv_t information for this interface */
3918 vec_validate_init_empty (nm->if_radv_pool_index_by_sw_if_index,
3921 ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index];
3925 ip_lookup_main_t *lm = &ip6_main.lookup_main;
3926 ip6_radv_t *radv_info;
3927 radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
3929 vlib_cli_output (vm, "%U is admin %s\n",
3930 format_vnet_sw_interface_name, vnm,
3931 vnet_get_sw_interface (vnm, sw_if_index),
3932 (vnet_sw_interface_is_admin_up (vnm, sw_if_index) ?
3936 u32 *link_scope = 0, *global_scope = 0;
3937 u32 *local_scope = 0, *unknown_scope = 0;
3938 ip_interface_address_t *a;
3940 vec_validate_init_empty (lm->if_address_pool_index_by_sw_if_index,
3942 ai = lm->if_address_pool_index_by_sw_if_index[sw_if_index];
3944 while (ai != (u32) ~ 0)
3946 a = pool_elt_at_index (lm->if_address_pool, ai);
3947 ip6_address_t *address =
3948 ip_interface_address_get_address (lm, a);
3950 if (ip6_address_is_link_local_unicast (address))
3951 vec_add1 (link_scope, ai);
3952 else if (ip6_address_is_global_unicast (address))
3953 vec_add1 (global_scope, ai);
3954 else if (ip6_address_is_local_unicast (address))
3955 vec_add1 (local_scope, ai);
3957 vec_add1 (unknown_scope, ai);
3959 ai = a->next_this_sw_interface;
3962 if (vec_len (link_scope))
3964 vlib_cli_output (vm, "\tLink-local address(es):\n");
3965 ip6_print_addrs (vm, link_scope);
3966 vec_free (link_scope);
3969 if (vec_len (local_scope))
3971 vlib_cli_output (vm, "\tLocal unicast address(es):\n");
3972 ip6_print_addrs (vm, local_scope);
3973 vec_free (local_scope);
3976 if (vec_len (global_scope))
3978 vlib_cli_output (vm, "\tGlobal unicast address(es):\n");
3979 ip6_print_addrs (vm, global_scope);
3980 vec_free (global_scope);
3983 if (vec_len (unknown_scope))
3985 vlib_cli_output (vm, "\tOther-scope address(es):\n");
3986 ip6_print_addrs (vm, unknown_scope);
3987 vec_free (unknown_scope);
3990 vlib_cli_output (vm, "\tLink-local address(es):\n");
3991 vlib_cli_output (vm, "\t\t%U\n", format_ip6_address,
3992 &radv_info->link_local_address);
3994 vlib_cli_output (vm, "\tJoined group address(es):\n");
3995 ip6_mldp_group_t *m;
3997 pool_foreach (m, radv_info->mldp_group_pool,
3999 vlib_cli_output (vm, "\t\t%U\n", format_ip6_address,
4004 vlib_cli_output (vm, "\tAdvertised Prefixes:\n");
4005 ip6_radv_prefix_t *p;
4007 pool_foreach (p, radv_info->adv_prefixes_pool,
4009 vlib_cli_output (vm, "\t\tprefix %U, length %d\n",
4010 format_ip6_address, &p->prefix, p->prefix_len);
4014 vlib_cli_output (vm, "\tMTU is %d\n", radv_info->adv_link_mtu);
4015 vlib_cli_output (vm, "\tICMP error messages are unlimited\n");
4016 vlib_cli_output (vm, "\tICMP redirects are disabled\n");
4017 vlib_cli_output (vm, "\tICMP unreachables are not sent\n");
4018 vlib_cli_output (vm, "\tND DAD is disabled\n");
4019 //vlib_cli_output (vm, "\tND reachable time is %d milliseconds\n",);
4020 vlib_cli_output (vm, "\tND advertised reachable time is %d\n",
4021 radv_info->adv_neighbor_reachable_time_in_msec);
4022 vlib_cli_output (vm,
4023 "\tND advertised retransmit interval is %d (msec)\n",
4025 adv_time_in_msec_between_retransmitted_neighbor_solicitations);
4027 u32 ra_interval = radv_info->max_radv_interval;
4028 u32 ra_interval_min = radv_info->min_radv_interval;
4029 vlib_cli_output (vm,
4030 "\tND router advertisements are sent every %d seconds (min interval is %d)\n",
4031 ra_interval, ra_interval_min);
4032 vlib_cli_output (vm,
4033 "\tND router advertisements live for %d seconds\n",
4034 radv_info->adv_router_lifetime_in_sec);
4035 vlib_cli_output (vm,
4036 "\tHosts %s stateless autoconfig for addresses\n",
4037 (radv_info->adv_managed_flag) ? "use" :
4039 vlib_cli_output (vm, "\tND router advertisements sent %d\n",
4040 radv_info->n_advertisements_sent);
4041 vlib_cli_output (vm, "\tND router solicitations received %d\n",
4042 radv_info->n_solicitations_rcvd);
4043 vlib_cli_output (vm, "\tND router solicitations dropped %d\n",
4044 radv_info->n_solicitations_dropped);
4048 error = clib_error_return (0, "IPv6 not enabled on interface",
4049 format_unformat_error, input);
4057 * This command is used to display various IPv6 attributes on a given
4061 * Example of how to display IPv6 settings:
4062 * @cliexstart{show ip6 interface GigabitEthernet2/0/0}
4063 * GigabitEthernet2/0/0 is admin up
4064 * Link-local address(es):
4066 * Joined group address(es):
4071 * Advertised Prefixes:
4072 * prefix fe80::fe:28ff:fe9c:75b3, length 64
4074 * ICMP error messages are unlimited
4075 * ICMP redirects are disabled
4076 * ICMP unreachables are not sent
4077 * ND DAD is disabled
4078 * ND advertised reachable time is 0
4079 * ND advertised retransmit interval is 0 (msec)
4080 * ND router advertisements are sent every 200 seconds (min interval is 150)
4081 * ND router advertisements live for 600 seconds
4082 * Hosts use stateless autoconfig for addresses
4083 * ND router advertisements sent 19336
4084 * ND router solicitations received 0
4085 * ND router solicitations dropped 0
4087 * Example of output if IPv6 is not enabled on the interface:
4088 * @cliexstart{show ip6 interface GigabitEthernet2/0/0}
4089 * show ip6 interface: IPv6 not enabled on interface
4093 VLIB_CLI_COMMAND (show_ip6_interface_command, static) =
4095 .path = "show ip6 interface",
4096 .function = show_ip6_interface_cmd,
4097 .short_help = "show ip6 interface <interface>",
4102 disable_ip6_interface (vlib_main_t * vm, u32 sw_if_index)
4104 clib_error_t *error = 0;
4105 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
4108 /* look up the radv_t information for this interface */
4109 vec_validate_init_empty (nm->if_radv_pool_index_by_sw_if_index, sw_if_index,
4111 ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index];
4113 /* if not created - do nothing */
4116 ip6_radv_t *radv_info;
4118 radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
4120 /* check radv_info ref count for other ip6 addresses on this interface */
4121 /* This implicitly excludes the link local address */
4122 if (radv_info->ref_count == 0)
4124 /* essentially "disables" ipv6 on this interface */
4125 ip6_ll_prefix_t ilp = {
4126 .ilp_addr = radv_info->link_local_address,
4127 .ilp_sw_if_index = sw_if_index,
4129 ip6_ll_table_entry_delete (&ilp);
4130 ip6_sw_interface_enable_disable (sw_if_index, 0);
4131 ip6_mfib_interface_enable_disable (sw_if_index, 0);
4132 ip6_neighbor_sw_interface_add_del (vnet_get_main (), sw_if_index,
4140 ip6_interface_enabled (vlib_main_t * vm, u32 sw_if_index)
4142 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
4145 /* look up the radv_t information for this interface */
4146 vec_validate_init_empty (nm->if_radv_pool_index_by_sw_if_index, sw_if_index,
4149 ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index];
4155 enable_ip6_interface (vlib_main_t * vm, u32 sw_if_index)
4157 clib_error_t *error = 0;
4158 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
4162 /* look up the radv_t information for this interface */
4163 vec_validate_init_empty (nm->if_radv_pool_index_by_sw_if_index, sw_if_index,
4166 ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index];
4168 /* if not created yet */
4171 vnet_main_t *vnm = vnet_get_main ();
4172 vnet_sw_interface_t *sw_if0;
4174 sw_if0 = vnet_get_sup_sw_interface (vnm, sw_if_index);
4175 if (sw_if0->type == VNET_SW_INTERFACE_TYPE_HARDWARE)
4177 ethernet_interface_t *eth_if0;
4180 ethernet_get_interface (ðernet_main, sw_if0->hw_if_index);
4183 /* create radv_info. for this interface. This holds all the info needed for router adverts */
4185 ip6_neighbor_sw_interface_add_del (vnm, sw_if_index, is_add);
4189 ip6_radv_t *radv_info;
4190 ip6_address_t link_local_address;
4192 radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
4194 ip6_link_local_address_from_ethernet_mac_address
4195 (&link_local_address, eth_if0->address);
4197 sw_if0 = vnet_get_sw_interface (vnm, sw_if_index);
4198 if (sw_if0->type == VNET_SW_INTERFACE_TYPE_SUB ||
4199 sw_if0->type == VNET_SW_INTERFACE_TYPE_PIPE ||
4200 sw_if0->type == VNET_SW_INTERFACE_TYPE_P2P)
4202 /* make up an interface id */
4203 link_local_address.as_u64[1] =
4204 random_u64 (&radv_info->randomizer);
4206 link_local_address.as_u64[0] =
4207 clib_host_to_net_u64 (0xFE80000000000000ULL);
4209 link_local_address.as_u8[8] &= 0xfd;
4212 ip6_ll_prefix_t ilp = {
4213 .ilp_addr = link_local_address,
4214 .ilp_sw_if_index = sw_if_index,
4217 ip6_ll_table_entry_update (&ilp, FIB_ROUTE_PATH_LOCAL);
4220 /* essentially "enables" ipv6 on this interface */
4221 ip6_mfib_interface_enable_disable (sw_if_index, 1);
4222 ip6_sw_interface_enable_disable (sw_if_index, 1);
4226 radv_info->link_local_address = link_local_address;
4236 ip6_get_ll_address (u32 sw_if_index, ip6_address_t * addr)
4238 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
4239 ip6_radv_t *radv_info;
4242 if (vec_len (nm->if_radv_pool_index_by_sw_if_index) < sw_if_index)
4245 ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index];
4250 radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
4251 *addr = radv_info->link_local_address;
4256 static clib_error_t *
4257 enable_ip6_interface_cmd (vlib_main_t * vm,
4258 unformat_input_t * input, vlib_cli_command_t * cmd)
4260 vnet_main_t *vnm = vnet_get_main ();
4261 clib_error_t *error = 0;
4266 if (unformat_user (input, unformat_vnet_sw_interface, vnm, &sw_if_index))
4268 enable_ip6_interface (vm, sw_if_index);
4272 error = clib_error_return (0, "unknown interface\n'",
4273 format_unformat_error, input);
4280 * This command is used to enable IPv6 on a given interface.
4283 * Example of how enable IPv6 on a given interface:
4284 * @cliexcmd{enable ip6 interface GigabitEthernet2/0/0}
4287 VLIB_CLI_COMMAND (enable_ip6_interface_command, static) =
4289 .path = "enable ip6 interface",
4290 .function = enable_ip6_interface_cmd,
4291 .short_help = "enable ip6 interface <interface>",
4295 static clib_error_t *
4296 disable_ip6_interface_cmd (vlib_main_t * vm,
4297 unformat_input_t * input, vlib_cli_command_t * cmd)
4299 vnet_main_t *vnm = vnet_get_main ();
4300 clib_error_t *error = 0;
4305 if (unformat_user (input, unformat_vnet_sw_interface, vnm, &sw_if_index))
4307 error = disable_ip6_interface (vm, sw_if_index);
4311 error = clib_error_return (0, "unknown interface\n'",
4312 format_unformat_error, input);
4319 * This command is used to disable IPv6 on a given interface.
4322 * Example of how disable IPv6 on a given interface:
4323 * @cliexcmd{disable ip6 interface GigabitEthernet2/0/0}
4326 VLIB_CLI_COMMAND (disable_ip6_interface_command, static) =
4328 .path = "disable ip6 interface",
4329 .function = disable_ip6_interface_cmd,
4330 .short_help = "disable ip6 interface <interface>",
4335 * This command is used to configure the neighbor discovery
4336 * parameters on a given interface. Use the '<em>show ip6 interface</em>'
4337 * command to display some of the current neighbor discovery parameters
4338 * on a given interface. This command has three formats:
4341 * <b>Format 1 - Router Advertisement Options:</b> (Only one can be entered in a single command)
4343 * '<em><b>ip6 nd <interface> [no] [ra-managed-config-flag] | [ra-other-config-flag] | [ra-suppress] | [ra-suppress-link-layer] | [ra-send-unicast] | [ra-lifetime <lifetime>] | [ra-initial <cnt> <interval>] | [ra-interval <max-interval> [<min-interval>]] | [ra-cease]</b></em>'
4347 * <em>[no] ra-managed-config-flag</em> - Advertises in ICMPv6
4348 * router-advertisement messages to use stateful address
4349 * auto-configuration to obtain address information (sets the M-bit).
4350 * Default is the M-bit is not set and the '<em>no</em>' option
4351 * returns it to this default state.
4353 * <em>[no] ra-other-config-flag</em> - Indicates in ICMPv6
4354 * router-advertisement messages that hosts use stateful auto
4355 * configuration to obtain nonaddress related information (sets
4356 * the O-bit). Default is the O-bit is not set and the '<em>no</em>'
4357 * option returns it to this default state.
4359 * <em>[no] ra-suppress</em> - Disables sending ICMPv6 router-advertisement
4360 * messages. The '<em>no</em>' option implies to enable sending ICMPv6
4361 * router-advertisement messages.
4363 * <em>[no] ra-suppress-link-layer</em> - Indicates not to include the
4364 * optional source link-layer address in the ICMPv6 router-advertisement
4365 * messages. Default is to include the optional source link-layer address
4366 * and the '<em>no</em>' option returns it to this default state.
4368 * <em>[no] ra-send-unicast</em> - Use the source address of the
4369 * router-solicitation message if availiable. The default is to use
4370 * multicast address of all nodes, and the '<em>no</em>' option returns
4371 * it to this default state.
4373 * <em>[no] ra-lifetime <lifetime></em> - Advertises the lifetime of a
4374 * default router in ICMPv6 router-advertisement messages. The range is
4375 * from 0 to 9000 seconds. '<em><lifetime></em>' must be greater than
4376 * '<em><max-interval></em>'. The default value is 600 seconds and the
4377 * '<em>no</em>' option returns it to this default value.
4379 * <em>[no] ra-initial <cnt> <interval></em> - Number of initial ICMPv6
4380 * router-advertisement messages sent and the interval between each
4381 * message. Range for count is 1 - 3 and default is 3. Range for interval
4382 * is 1 to 16 seconds, and default is 16 seconds. The '<em>no</em>' option
4383 * returns both to their default value.
4385 * <em>[no] ra-interval <max-interval> [<min-interval>]</em> - Configures the
4386 * interval between sending ICMPv6 router-advertisement messages. The
4387 * range for max-interval is from 4 to 200 seconds. min-interval can not
4388 * be more than 75% of max-interval. If not set, min-interval will be
4389 * set to 75% of max-interval. The range for min-interval is from 3 to
4390 * 150 seconds. The '<em>no</em>' option returns both to their default
4393 * <em>[no] ra-cease</em> - Cease sending ICMPv6 router-advertisement messages.
4394 * The '<em>no</em>' options implies to start (or restart) sending
4395 * ICMPv6 router-advertisement messages.
4398 * <b>Format 2 - Prefix Options:</b>
4400 * '<em><b>ip6 nd <interface> [no] prefix <ip6-address>/<width> [<valid-lifetime> <pref-lifetime> | infinite] [no-advertise] [off-link] [no-autoconfig] [no-onlink]</b></em>'
4404 * <em>no</em> - All additional flags are ignored and the prefix is deleted.
4406 * <em><valid-lifetime> <pref-lifetime></em> - '<em><valid-lifetime></em>' is the
4407 * length of time in seconds during what the prefix is valid for the purpose of
4408 * on-link determination. Range is 7203 to 2592000 seconds and default is 2592000
4409 * seconds (30 days). '<em><pref-lifetime></em>' is the prefered-lifetime and is the
4410 * length of time in seconds during what addresses generated from the prefix remain
4411 * preferred. Range is 0 to 604800 seconds and default is 604800 seconds (7 days).
4413 * <em>infinite</em> - Both '<em><valid-lifetime></em>' and '<em><<pref-lifetime></em>'
4414 * are inifinte, no timeout.
4416 * <em>no-advertise</em> - Do not send full router address in prefix
4417 * advertisement. Default is to advertise (i.e. - This flag is off by default).
4419 * <em>off-link</em> - Prefix is off-link, clear L-bit in packet. Default is on-link
4420 * (i.e. - This flag is off and L-bit in packet is set by default and this prefix can
4421 * be used for on-link determination). '<em>no-onlink</em>' also controls the L-bit.
4423 * <em>no-autoconfig</em> - Do not use prefix for autoconfiguration, clear A-bit in packet.
4424 * Default is autoconfig (i.e. - This flag is off and A-bit in packet is set by default.
4426 * <em>no-onlink</em> - Do not use prefix for onlink determination, clear L-bit in packet.
4427 * Default is on-link (i.e. - This flag is off and L-bit in packet is set by default and
4428 * this prefix can be used for on-link determination). '<em>off-link</em>' also controls
4432 * <b>Format 3: - Default of Prefix:</b>
4434 * '<em><b>ip6 nd <interface> [no] prefix <ip6-address>/<width> default</b></em>'
4436 * When a new prefix is added (or existing one is being overwritten) <em>default</em>
4437 * uses default values for the prefix. If <em>no</em> is used, the <em>default</em>
4438 * is ignored and the prefix is deleted.
4442 * Example of how set a router advertisement option:
4443 * @cliexcmd{ip6 nd GigabitEthernet2/0/0 ra-interval 100 20}
4444 * Example of how to add a prefix:
4445 * @cliexcmd{ip6 nd GigabitEthernet2/0/0 prefix fe80::fe:28ff:fe9c:75b3/64 infinite no-advertise}
4446 * Example of how to delete a prefix:
4447 * @cliexcmd{ip6 nd GigabitEthernet2/0/0 no prefix fe80::fe:28ff:fe9c:75b3/64}
4450 VLIB_CLI_COMMAND (ip6_nd_command, static) =
4453 .short_help = "ip6 nd <interface> ...",
4454 .function = ip6_neighbor_cmd,
4459 set_ip6_link_local_address (vlib_main_t * vm,
4460 u32 sw_if_index, ip6_address_t * address)
4462 clib_error_t *error = 0;
4463 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
4465 ip6_radv_t *radv_info;
4466 vnet_main_t *vnm = vnet_get_main ();
4468 if (!ip6_address_is_link_local_unicast (address))
4470 vnm->api_errno = VNET_API_ERROR_ADDRESS_NOT_LINK_LOCAL;
4471 return (error = clib_error_return (0, "address not link-local",
4472 format_unformat_error));
4475 /* call enable ipv6 */
4476 enable_ip6_interface (vm, sw_if_index);
4478 ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index];
4482 radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
4484 /* save if link local address (overwrite default) */
4486 /* delete the old one */
4487 error = ip6_add_del_interface_address (vm, sw_if_index,
4488 &radv_info->link_local_address,
4489 128, 1 /* is_del */ );
4493 /* add the new one */
4494 error = ip6_add_del_interface_address (vm, sw_if_index,
4500 radv_info->link_local_address = *address;
4506 vnm->api_errno = VNET_API_ERROR_IP6_NOT_ENABLED;
4507 error = clib_error_return (0, "ip6 not enabled for interface",
4508 format_unformat_error);
4514 set_ip6_link_local_address_cmd (vlib_main_t * vm,
4515 unformat_input_t * input,
4516 vlib_cli_command_t * cmd)
4518 vnet_main_t *vnm = vnet_get_main ();
4519 clib_error_t *error = 0;
4521 ip6_address_t ip6_addr;
4523 if (unformat_user (input, unformat_vnet_sw_interface, vnm, &sw_if_index))
4525 /* get the rest of the command */
4526 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
4528 if (unformat (input, "%U", unformat_ip6_address, &ip6_addr))
4531 return (unformat_parse_error (input));
4534 error = set_ip6_link_local_address (vm, sw_if_index, &ip6_addr);
4539 * This command is used to assign an IPv6 Link-local address to an
4540 * interface. This command will enable IPv6 on an interface if it
4541 * is not already enabled. Use the '<em>show ip6 interface</em>' command
4542 * to display the assigned Link-local address.
4545 * Example of how to assign an IPv6 Link-local address to an interface:
4546 * @cliexcmd{set ip6 link-local address GigabitEthernet2/0/0 FE80::AB8}
4549 VLIB_CLI_COMMAND (set_ip6_link_local_address_command, static) =
4551 .path = "set ip6 link-local address",
4552 .short_help = "set ip6 link-local address <interface> <ip6-address>",
4553 .function = set_ip6_link_local_address_cmd,
4558 * @brief callback when an interface address is added or deleted
4561 ip6_neighbor_add_del_interface_address (ip6_main_t * im,
4564 ip6_address_t * address,
4566 u32 if_address_index, u32 is_delete)
4568 vnet_main_t *vnm = vnet_get_main ();
4569 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
4571 vlib_main_t *vm = vnm->vlib_main;
4572 ip6_radv_t *radv_info;
4575 /* create solicited node multicast address for this interface adddress */
4576 ip6_set_solicited_node_multicast_address (&a, 0);
4578 a.as_u8[0xd] = address->as_u8[0xd];
4579 a.as_u8[0xe] = address->as_u8[0xe];
4580 a.as_u8[0xf] = address->as_u8[0xf];
4584 /* try to create radv_info - does nothing if ipv6 already enabled */
4585 enable_ip6_interface (vm, sw_if_index);
4587 /* look up the radv_t information for this interface */
4588 vec_validate_init_empty (nm->if_radv_pool_index_by_sw_if_index,
4590 ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index];
4594 radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
4597 if (!ip6_address_is_link_local_unicast (address))
4598 radv_info->ref_count++;
4600 ip6_neighbor_add_mld_prefix (radv_info, &a);
4607 /* look up the radv_t information for this interface */
4608 vec_validate_init_empty (nm->if_radv_pool_index_by_sw_if_index,
4610 ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index];
4615 radv_info = pool_elt_at_index (nm->if_radv_pool, ri);
4617 ip6_neighbor_del_mld_prefix (radv_info, &a);
4619 /* if interface up send MLDP "report" */
4620 radv_info->all_routers_mcast = 0;
4623 if (!ip6_address_is_link_local_unicast (address))
4624 radv_info->ref_count--;
4626 /* Ensure that IPv6 is disabled, and LL removed after ref_count reaches 0 */
4627 disable_ip6_interface (vm, sw_if_index);
4632 ip6_set_neighbor_limit (u32 neighbor_limit)
4634 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
4636 nm->limit_neighbor_cache_size = neighbor_limit;
4641 ip6_neighbor_table_bind (ip6_main_t * im,
4644 u32 new_fib_index, u32 old_fib_index)
4646 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
4647 ip6_neighbor_t *n = NULL;
4648 u32 i, *to_re_add = 0;
4651 pool_foreach (n, nm->neighbor_pool,
4653 if (n->key.sw_if_index == sw_if_index)
4654 vec_add1 (to_re_add, n - nm->neighbor_pool);
4658 for (i = 0; i < vec_len (to_re_add); i++)
4660 n = pool_elt_at_index (nm->neighbor_pool, to_re_add[i]);
4661 ip6_neighbor_adj_fib_remove (n, old_fib_index);
4662 ip6_neighbor_adj_fib_add (n, new_fib_index);
4664 vec_free (to_re_add);
4667 static clib_error_t *
4668 ip6_neighbor_init (vlib_main_t * vm)
4670 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
4671 ip6_main_t *im = &ip6_main;
4673 mhash_init (&nm->neighbor_index_by_key,
4674 /* value size */ sizeof (uword),
4675 /* key size */ sizeof (ip6_neighbor_key_t));
4677 icmp6_register_type (vm, ICMP6_neighbor_solicitation,
4678 ip6_icmp_neighbor_solicitation_node.index);
4679 icmp6_register_type (vm, ICMP6_neighbor_advertisement,
4680 ip6_icmp_neighbor_advertisement_node.index);
4681 icmp6_register_type (vm, ICMP6_router_solicitation,
4682 ip6_icmp_router_solicitation_node.index);
4683 icmp6_register_type (vm, ICMP6_router_advertisement,
4684 ip6_icmp_router_advertisement_node.index);
4686 /* handler node for ip6 neighbor discovery events and timers */
4687 vlib_register_node (vm, &ip6_icmp_neighbor_discovery_event_node);
4689 /* add call backs */
4690 ip6_add_del_interface_address_callback_t cb;
4691 memset (&cb, 0x0, sizeof (ip6_add_del_interface_address_callback_t));
4693 /* when an interface address changes... */
4694 cb.function = ip6_neighbor_add_del_interface_address;
4695 cb.function_opaque = 0;
4696 vec_add1 (im->add_del_interface_address_callbacks, cb);
4698 ip6_table_bind_callback_t cbt;
4699 cbt.function = ip6_neighbor_table_bind;
4700 cbt.function_opaque = 0;
4701 vec_add1 (im->table_bind_callbacks, cbt);
4703 mhash_init (&nm->pending_resolutions_by_address,
4704 /* value size */ sizeof (uword),
4705 /* key size */ sizeof (ip6_address_t));
4707 mhash_init (&nm->mac_changes_by_address,
4708 /* value size */ sizeof (uword),
4709 /* key size */ sizeof (ip6_address_t));
4711 /* default, configurable */
4712 nm->limit_neighbor_cache_size = 50000;
4714 nm->wc_ip6_nd_publisher_node = (uword) ~ 0;
4716 nm->ip6_ra_publisher_node = (uword) ~ 0;
4719 /* $$$$ Hack fix for today */
4720 vec_validate_init_empty
4721 (im->discover_neighbor_next_index_by_hw_if_index, 32, 0 /* drop */ );
4727 VLIB_INIT_FUNCTION (ip6_neighbor_init);
4731 vnet_register_ip6_neighbor_resolution_event (vnet_main_t * vnm,
4734 uword type_opaque, uword data)
4736 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
4737 ip6_address_t *address = address_arg;
4739 pending_resolution_t *pr;
4741 pool_get (nm->pending_resolutions, pr);
4743 pr->next_index = ~0;
4744 pr->node_index = node_index;
4745 pr->type_opaque = type_opaque;
4748 p = mhash_get (&nm->pending_resolutions_by_address, address);
4751 /* Insert new resolution at the head of the list */
4752 pr->next_index = p[0];
4753 mhash_unset (&nm->pending_resolutions_by_address, address, 0);
4756 mhash_set (&nm->pending_resolutions_by_address, address,
4757 pr - nm->pending_resolutions, 0 /* old value */ );
4761 vnet_add_del_ip6_nd_change_event (vnet_main_t * vnm,
4762 void *data_callback,
4766 uword type_opaque, uword data, int is_add)
4768 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
4769 ip6_address_t *address = address_arg;
4771 /* Try to find an existing entry */
4772 u32 *first = (u32 *) mhash_get (&nm->mac_changes_by_address, address);
4774 pending_resolution_t *mc;
4775 while (p && *p != ~0)
4777 mc = pool_elt_at_index (nm->mac_changes, *p);
4778 if (mc->node_index == node_index && mc->type_opaque == type_opaque
4781 p = &mc->next_index;
4784 int found = p && *p != ~0;
4788 return VNET_API_ERROR_ENTRY_ALREADY_EXISTS;
4790 pool_get (nm->mac_changes, mc);
4792 *mc = (pending_resolution_t)
4795 .node_index = node_index,
4796 .type_opaque = type_opaque,
4798 .data_callback = data_callback,
4803 /* Insert new resolution at the end of the list */
4804 u32 new_idx = mc - nm->mac_changes;
4808 mhash_set (&nm->mac_changes_by_address, address, new_idx, 0);
4813 return VNET_API_ERROR_NO_SUCH_ENTRY;
4815 /* Clients may need to clean up pool entries, too */
4816 void (*fp) (u32, u8 *) = data_callback;
4818 (*fp) (mc->data, 0 /* no new mac addrs */ );
4820 /* Remove the entry from the list and delete the entry */
4821 *p = mc->next_index;
4822 pool_put (nm->mac_changes, mc);
4824 /* Remove from hash if we deleted the last entry */
4825 if (*p == ~0 && p == first)
4826 mhash_unset (&nm->mac_changes_by_address, address, 0);
4832 vnet_ip6_nd_term (vlib_main_t * vm,
4833 vlib_node_runtime_t * node,
4835 ethernet_header_t * eth,
4836 ip6_header_t * ip, u32 sw_if_index, u16 bd_index)
4838 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
4839 icmp6_neighbor_solicitation_or_advertisement_header_t *ndh;
4841 ndh = ip6_next_header (ip);
4842 if (ndh->icmp.type != ICMP6_neighbor_solicitation &&
4843 ndh->icmp.type != ICMP6_neighbor_advertisement)
4846 if (PREDICT_FALSE ((node->flags & VLIB_NODE_FLAG_TRACE) &&
4847 (p0->flags & VLIB_BUFFER_IS_TRACED)))
4849 u8 *t0 = vlib_add_trace (vm, node, p0,
4850 sizeof (icmp6_input_trace_t));
4851 clib_memcpy (t0, ip, sizeof (icmp6_input_trace_t));
4854 /* Check if anyone want ND events for L2 BDs */
4856 (nm->wc_ip6_nd_publisher_node != (uword) ~ 0
4857 && !ip6_address_is_link_local_unicast (&ip->src_address)))
4859 vnet_nd_wc_publish (sw_if_index, eth->src_address, &ip->src_address);
4862 /* Check if MAC entry exsist for solicited target IP */
4863 if (ndh->icmp.type == ICMP6_neighbor_solicitation)
4865 icmp6_neighbor_discovery_ethernet_link_layer_address_option_t *opt;
4866 l2_bridge_domain_t *bd_config;
4869 opt = (void *) (ndh + 1);
4870 if ((opt->header.type !=
4871 ICMP6_NEIGHBOR_DISCOVERY_OPTION_source_link_layer_address) ||
4872 (opt->header.n_data_u64s != 1))
4873 return 0; /* source link layer address option not present */
4875 bd_config = vec_elt_at_index (l2input_main.bd_configs, bd_index);
4877 (u8 *) hash_get_mem (bd_config->mac_by_ip6, &ndh->target_address);
4879 { /* found ip-mac entry, generate eighbor advertisement response */
4881 vlib_node_runtime_t *error_node =
4882 vlib_node_get_runtime (vm, ip6_icmp_input_node.index);
4883 ip->dst_address = ip->src_address;
4884 ip->src_address = ndh->target_address;
4885 ip->hop_limit = 255;
4887 ICMP6_NEIGHBOR_DISCOVERY_OPTION_target_link_layer_address;
4888 clib_memcpy (opt->ethernet_address, macp, 6);
4889 ndh->icmp.type = ICMP6_neighbor_advertisement;
4890 ndh->advertisement_flags = clib_host_to_net_u32
4891 (ICMP6_NEIGHBOR_ADVERTISEMENT_FLAG_SOLICITED |
4892 ICMP6_NEIGHBOR_ADVERTISEMENT_FLAG_OVERRIDE);
4893 ndh->icmp.checksum = 0;
4894 ndh->icmp.checksum =
4895 ip6_tcp_udp_icmp_compute_checksum (vm, p0, ip, &bogus_length);
4896 clib_memcpy (eth->dst_address, eth->src_address, 6);
4897 clib_memcpy (eth->src_address, macp, 6);
4898 vlib_error_count (vm, error_node->node_index,
4899 ICMP6_ERROR_NEIGHBOR_ADVERTISEMENTS_TX, 1);
4909 ip6_neighbor_proxy_add_del (u32 sw_if_index, ip6_address_t * addr, u8 is_del)
4913 fib_prefix_t pfx = {
4915 .fp_proto = FIB_PROTOCOL_IP6,
4920 ip46_address_t nh = {
4924 fib_index = ip6_fib_table_get_index_for_sw_if_index (sw_if_index);
4926 if (~0 == fib_index)
4927 return VNET_API_ERROR_NO_SUCH_FIB;
4931 fib_table_entry_path_remove (fib_index,
4933 FIB_SOURCE_IP6_ND_PROXY,
4937 ~0, 1, FIB_ROUTE_PATH_FLAG_NONE);
4938 /* flush the ND cache of this address if it's there */
4939 vnet_unset_ip6_ethernet_neighbor (vlib_get_main (),
4940 sw_if_index, addr, NULL, 0);
4944 fib_table_entry_path_add (fib_index,
4946 FIB_SOURCE_IP6_ND_PROXY,
4947 FIB_ENTRY_FLAG_NONE,
4951 ~0, 1, NULL, FIB_ROUTE_PATH_FLAG_NONE);
4956 static clib_error_t *
4957 set_ip6_nd_proxy_cmd (vlib_main_t * vm,
4958 unformat_input_t * input, vlib_cli_command_t * cmd)
4960 vnet_main_t *vnm = vnet_get_main ();
4961 clib_error_t *error = 0;
4966 if (unformat_user (input, unformat_vnet_sw_interface, vnm, &sw_if_index))
4968 /* get the rest of the command */
4969 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
4971 if (unformat (input, "%U", unformat_ip6_address, &addr))
4973 else if (unformat (input, "delete") || unformat (input, "del"))
4976 return (unformat_parse_error (input));
4980 ip6_neighbor_proxy_add_del (sw_if_index, &addr, is_del);
4986 VLIB_CLI_COMMAND (set_ip6_nd_proxy_command, static) =
4988 .path = "set ip6 nd proxy",
4989 .short_help = "set ip6 nd proxy <HOST> <INTERFACE>",
4990 .function = set_ip6_nd_proxy_cmd,
4995 ethernet_ndp_change_mac (u32 sw_if_index)
4997 ip6_neighbor_main_t *nm = &ip6_neighbor_main;
5002 pool_foreach (n, nm->neighbor_pool,
5004 if (n->key.sw_if_index == sw_if_index)
5006 adj_nbr_walk_nh6 (sw_if_index,
5007 &n->key.ip6_address,
5008 ip6_nd_mk_complete_walk, n);
5013 ai = adj_glean_get (FIB_PROTOCOL_IP6, sw_if_index);
5015 if (ADJ_INDEX_INVALID != ai)
5016 adj_glean_update_rewrite (ai);
5020 send_ip6_na (vlib_main_t * vm, u32 sw_if_index)
5022 ip6_main_t *i6m = &ip6_main;
5023 ip6_address_t *ip6_addr = ip6_interface_first_address (i6m, sw_if_index);
5025 send_ip6_na_w_addr (vm, ip6_addr, sw_if_index);
5029 send_ip6_na_w_addr (vlib_main_t * vm,
5030 const ip6_address_t * ip6_addr, u32 sw_if_index)
5032 ip6_main_t *i6m = &ip6_main;
5033 vnet_main_t *vnm = vnet_get_main ();
5034 u8 *rewrite, rewrite_len;
5035 vnet_hw_interface_t *hi = vnet_get_sup_hw_interface (vnm, sw_if_index);
5041 ("Sending unsolicitated NA IP6 address %U on sw_if_idex %d",
5042 format_ip6_address, ip6_addr, sw_if_index);
5044 /* Form unsolicited neighbor advertisement packet from NS pkt template */
5047 icmp6_neighbor_solicitation_header_t *h =
5048 vlib_packet_template_get_packet (vm,
5049 &i6m->discover_neighbor_packet_template,
5054 ip6_set_reserved_multicast_address (&h->ip.dst_address,
5055 IP6_MULTICAST_SCOPE_link_local,
5056 IP6_MULTICAST_GROUP_ID_all_hosts);
5057 h->ip.src_address = ip6_addr[0];
5058 h->neighbor.icmp.type = ICMP6_neighbor_advertisement;
5059 h->neighbor.target_address = ip6_addr[0];
5060 h->neighbor.advertisement_flags = clib_host_to_net_u32
5061 (ICMP6_NEIGHBOR_ADVERTISEMENT_FLAG_OVERRIDE);
5062 clib_memcpy (h->link_layer_option.ethernet_address,
5063 hi->hw_address, vec_len (hi->hw_address));
5064 h->neighbor.icmp.checksum =
5065 ip6_tcp_udp_icmp_compute_checksum (vm, 0, &h->ip, &bogus_length);
5066 ASSERT (bogus_length == 0);
5068 /* Setup MAC header with IP6 Etype and mcast DMAC */
5069 vlib_buffer_t *b = vlib_get_buffer (vm, bi);
5070 ip6_multicast_ethernet_address (dst_address,
5071 IP6_MULTICAST_GROUP_ID_all_hosts);
5073 ethernet_build_rewrite (vnm, sw_if_index, VNET_LINK_IP6, dst_address);
5074 rewrite_len = vec_len (rewrite);
5075 vlib_buffer_advance (b, -rewrite_len);
5076 ethernet_header_t *e = vlib_buffer_get_current (b);
5077 clib_memcpy (e->dst_address, rewrite, rewrite_len);
5080 /* Send unsolicited ND advertisement packet out the specified interface */
5081 vnet_buffer (b)->sw_if_index[VLIB_RX] =
5082 vnet_buffer (b)->sw_if_index[VLIB_TX] = sw_if_index;
5083 vlib_frame_t *f = vlib_get_frame_to_node (vm, hi->output_node_index);
5084 u32 *to_next = vlib_frame_vector_args (f);
5087 vlib_put_frame_to_node (vm, hi->output_node_index, f);
5092 * fd.io coding-style-patch-verification: ON
5095 * eval: (c-set-style "gnu")
Code Review / vpp.git / blob