2 * Copyright (c) 2015 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
18 #include <vnet/ipfix-export/flow_report.h>
19 #include <vnet/api_errno.h>
20 #include <vnet/udp/udp.h>
22 flow_report_main_t flow_report_main;
24 static_always_inline u8
25 stream_index_valid (u32 index)
27 ipfix_exporter_t *exp = pool_elt_at_index (flow_report_main.exporters, 0);
29 return index < vec_len (exp->streams) && exp->streams[index].domain_id != ~0;
32 static_always_inline flow_report_stream_t *
35 ipfix_exporter_t *exp = pool_elt_at_index (flow_report_main.exporters, 0);
38 for (i = 0; i < vec_len (exp->streams); i++)
39 if (!stream_index_valid (i))
40 return &exp->streams[i];
41 u32 index = vec_len (exp->streams);
42 vec_validate (exp->streams, index);
43 return &exp->streams[index];
46 static_always_inline void
47 delete_stream (u32 index)
49 ipfix_exporter_t *exp = pool_elt_at_index (flow_report_main.exporters, 0);
51 ASSERT (index < vec_len (exp->streams));
52 ASSERT (exp->streams[index].domain_id != ~0);
53 exp->streams[index].domain_id = ~0;
57 find_stream (u32 domain_id, u16 src_port)
59 ipfix_exporter_t *exp = pool_elt_at_index (flow_report_main.exporters, 0);
60 flow_report_stream_t *stream;
62 for (i = 0; i < vec_len (exp->streams); i++)
63 if (stream_index_valid (i))
65 stream = &exp->streams[i];
66 if (domain_id == stream->domain_id)
68 if (src_port != stream->src_port)
72 else if (src_port == stream->src_port)
81 send_template_packet (flow_report_main_t * frm,
82 flow_report_t * fr, u32 * buffer_indexp)
86 ip4_ipfix_template_packet_t *tp;
87 ipfix_message_header_t *h;
90 vlib_main_t *vm = frm->vlib_main;
91 flow_report_stream_t *stream;
92 ipfix_exporter_t *exp = pool_elt_at_index (frm->exporters, 0);
94 ASSERT (buffer_indexp);
96 if (fr->update_rewrite || fr->rewrite == 0)
98 if (exp->ipfix_collector.as_u32 == 0 || exp->src_address.as_u32 == 0)
100 vlib_node_set_state (frm->vlib_main, flow_report_process_node.index,
101 VLIB_NODE_STATE_DISABLED);
104 vec_free (fr->rewrite);
105 fr->update_rewrite = 1;
108 if (fr->update_rewrite)
110 fr->rewrite = fr->rewrite_callback (
111 frm, fr, &exp->ipfix_collector, &exp->src_address, exp->collector_port,
112 fr->report_elements, fr->n_report_elements, fr->stream_indexp);
113 fr->update_rewrite = 0;
116 if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
119 b0 = vlib_get_buffer (vm, bi0);
121 ASSERT (vec_len (fr->rewrite) < vlib_buffer_get_default_data_size (vm));
123 clib_memcpy_fast (b0->data, fr->rewrite, vec_len (fr->rewrite));
124 b0->current_data = 0;
125 b0->current_length = vec_len (fr->rewrite);
126 b0->flags |= (VLIB_BUFFER_TOTAL_LENGTH_VALID | VNET_BUFFER_F_FLOW_REPORT);
127 vnet_buffer (b0)->sw_if_index[VLIB_RX] = 0;
128 vnet_buffer (b0)->sw_if_index[VLIB_TX] = exp->fib_index;
130 tp = vlib_buffer_get_current (b0);
131 ip = (ip4_header_t *) & tp->ip4;
132 udp = (udp_header_t *) (ip + 1);
133 h = (ipfix_message_header_t *) (udp + 1);
135 /* FIXUP: message header export_time */
136 h->export_time = (u32)
137 (((f64) frm->unix_time_0) +
138 (vlib_time_now (frm->vlib_main) - frm->vlib_time_0));
139 h->export_time = clib_host_to_net_u32 (h->export_time);
141 stream = &exp->streams[fr->stream_index];
143 /* FIXUP: message header sequence_number. Templates do not increase it */
144 h->sequence_number = clib_host_to_net_u32 (stream->sequence_number);
146 /* FIXUP: udp length */
147 udp->length = clib_host_to_net_u16 (b0->current_length - sizeof (*ip));
149 if (exp->udp_checksum)
151 /* RFC 7011 section 10.3.2. */
152 udp->checksum = ip4_tcp_udp_compute_checksum (vm, b0, ip);
153 if (udp->checksum == 0)
154 udp->checksum = 0xffff;
157 *buffer_indexp = bi0;
159 fr->last_template_sent = vlib_time_now (vm);
165 vnet_flow_rewrite_generic_callback (flow_report_main_t * frm,
167 ip4_address_t * collector_address,
168 ip4_address_t * src_address,
170 ipfix_report_element_t * report_elts,
171 u32 n_elts, u32 * stream_indexp)
175 ipfix_message_header_t *h;
176 ipfix_set_header_t *s;
177 ipfix_template_header_t *t;
178 ipfix_field_specifier_t *f;
179 ipfix_field_specifier_t *first_field;
181 ip4_ipfix_template_packet_t *tp;
182 flow_report_stream_t *stream;
184 ipfix_report_element_t *ep;
185 ipfix_exporter_t *exp = pool_elt_at_index (frm->exporters, 0);
187 ASSERT (stream_indexp);
189 ASSERT (report_elts);
191 stream = &exp->streams[fr->stream_index];
192 *stream_indexp = fr->stream_index;
194 /* allocate rewrite space */
195 vec_validate_aligned (rewrite,
196 sizeof (ip4_ipfix_template_packet_t)
197 + n_elts * sizeof (ipfix_field_specifier_t) - 1,
198 CLIB_CACHE_LINE_BYTES);
200 /* create the packet rewrite string */
201 tp = (ip4_ipfix_template_packet_t *) rewrite;
202 ip = (ip4_header_t *) & tp->ip4;
203 udp = (udp_header_t *) (ip + 1);
204 h = (ipfix_message_header_t *) (udp + 1);
205 s = (ipfix_set_header_t *) (h + 1);
206 t = (ipfix_template_header_t *) (s + 1);
207 first_field = f = (ipfix_field_specifier_t *) (t + 1);
209 ip->ip_version_and_header_length = 0x45;
211 ip->protocol = IP_PROTOCOL_UDP;
212 ip->src_address.as_u32 = src_address->as_u32;
213 ip->dst_address.as_u32 = collector_address->as_u32;
214 udp->src_port = clib_host_to_net_u16 (stream->src_port);
215 udp->dst_port = clib_host_to_net_u16 (collector_port);
216 udp->length = clib_host_to_net_u16 (vec_len (rewrite) - sizeof (*ip));
218 /* FIXUP LATER: message header export_time */
219 h->domain_id = clib_host_to_net_u32 (stream->domain_id);
223 for (i = 0; i < n_elts; i++)
225 f->e_id_length = ipfix_e_id_length (0, ep->info_element, ep->size);
230 /* Back to the template packet... */
231 ip = (ip4_header_t *) & tp->ip4;
232 udp = (udp_header_t *) (ip + 1);
234 ASSERT (f - first_field);
235 /* Field count in this template */
236 t->id_count = ipfix_id_count (fr->template_id, f - first_field);
238 /* set length in octets */
240 ipfix_set_id_length (2 /* set_id */ , (u8 *) f - (u8 *) s);
242 /* message length in octets */
243 h->version_length = version_length ((u8 *) f - (u8 *) h);
245 ip->length = clib_host_to_net_u16 ((u8 *) f - (u8 *) ip);
246 ip->checksum = ip4_header_checksum (ip);
252 flow_report_process (vlib_main_t * vm,
253 vlib_node_runtime_t * rt, vlib_frame_t * f)
255 flow_report_main_t *frm = &flow_report_main;
257 u32 ip4_lookup_node_index;
258 vlib_node_t *ip4_lookup_node;
259 vlib_frame_t *nf = 0;
264 f64 def_wait_time = 5.0;
267 uword *event_data = 0;
269 /* Wait for Godot... */
270 vlib_process_wait_for_event_or_clock (vm, 1e9);
271 event_type = vlib_process_get_events (vm, &event_data);
273 clib_warning ("bogus kickoff event received, %d", event_type);
274 vec_reset_length (event_data);
276 /* Enqueue pkts to ip4-lookup */
277 ip4_lookup_node = vlib_get_node_by_name (vm, (u8 *) "ip4-lookup");
278 ip4_lookup_node_index = ip4_lookup_node->index;
280 wait_time = def_wait_time;
284 vlib_process_wait_for_event_or_clock (vm, wait_time);
285 event_type = vlib_process_get_events (vm, &event_data);
286 vec_reset_length (event_data);
287 ipfix_exporter_t *exp = pool_elt_at_index (frm->exporters, 0);
289 /* 5s delay by default, possibly reduced by template intervals */
290 wait_time = def_wait_time;
292 vec_foreach (fr, exp->reports)
295 now = vlib_time_now (vm);
297 /* Need to send a template packet? */
299 now > (fr->last_template_sent + exp->template_interval);
300 send_template += fr->last_template_sent == 0;
305 rv = send_template_packet (frm, fr, &template_bi);
310 /* decide if template should be sent sooner than current wait time */
312 (fr->last_template_sent + exp->template_interval) - now;
313 wait_time = clib_min (wait_time, next_template);
315 nf = vlib_get_frame_to_node (vm, ip4_lookup_node_index);
317 to_next = vlib_frame_vector_args (nf);
319 if (template_bi != ~0)
321 to_next[0] = template_bi;
326 nf = fr->flow_data_callback (frm, fr, nf, to_next,
327 ip4_lookup_node_index);
329 vlib_put_frame_to_node (vm, ip4_lookup_node_index, nf);
333 return 0; /* not so much */
337 VLIB_REGISTER_NODE (flow_report_process_node) = {
338 .function = flow_report_process,
339 .type = VLIB_NODE_TYPE_PROCESS,
340 .name = "flow-report-process",
345 vnet_flow_report_add_del (flow_report_main_t * frm,
346 vnet_flow_report_add_del_args_t * a,
350 int found_index = ~0;
352 flow_report_stream_t *stream;
354 ipfix_exporter_t *exp = pool_elt_at_index (frm->exporters, 0);
356 si = find_stream (a->domain_id, a->src_port);
358 return VNET_API_ERROR_INVALID_VALUE;
359 if (si == -1 && a->is_add == 0)
360 return VNET_API_ERROR_NO_SUCH_ENTRY;
362 for (i = 0; i < vec_len (exp->reports); i++)
364 fr = vec_elt_at_index (exp->reports, i);
365 if (fr->opaque.as_uword == a->opaque.as_uword
366 && fr->rewrite_callback == a->rewrite_callback
367 && fr->flow_data_callback == a->flow_data_callback)
371 *template_id = fr->template_id;
378 if (found_index != ~0)
380 vec_delete (exp->reports, 1, found_index);
381 stream = &exp->streams[si];
383 if (stream->n_reports == 0)
387 return VNET_API_ERROR_NO_SUCH_ENTRY;
390 if (found_index != ~0)
391 return VNET_API_ERROR_VALUE_EXIST;
395 stream = add_stream ();
396 stream->domain_id = a->domain_id;
397 stream->src_port = a->src_port;
398 stream->sequence_number = 0;
399 stream->n_reports = 0;
400 si = stream - exp->streams;
403 stream = &exp->streams[si];
407 vec_add2 (exp->reports, fr, 1);
409 fr->stream_index = si;
410 fr->template_id = 256 + stream->next_template_no;
411 stream->next_template_no = (stream->next_template_no + 1) % (65536 - 256);
412 fr->update_rewrite = 1;
413 fr->opaque = a->opaque;
414 fr->rewrite_callback = a->rewrite_callback;
415 fr->flow_data_callback = a->flow_data_callback;
416 fr->report_elements = a->report_elements;
417 fr->n_report_elements = a->n_report_elements;
418 fr->stream_indexp = a->stream_indexp;
420 *template_id = fr->template_id;
426 flow_report_add_del_error_to_clib_error (int error)
432 case VNET_API_ERROR_NO_SUCH_ENTRY:
433 return clib_error_return (0, "Flow report not found");
434 case VNET_API_ERROR_VALUE_EXIST:
435 return clib_error_return (0, "Flow report already exists");
436 case VNET_API_ERROR_INVALID_VALUE:
437 return clib_error_return (0, "Expecting either still unused values "
438 "for both domain_id and src_port "
439 "or already used values for both fields");
441 return clib_error_return (0, "vnet_flow_report_add_del returned %d",
447 vnet_flow_reports_reset (flow_report_main_t * frm)
451 ipfix_exporter_t *exp = pool_elt_at_index (frm->exporters, 0);
453 for (i = 0; i < vec_len (exp->streams); i++)
454 if (stream_index_valid (i))
455 exp->streams[i].sequence_number = 0;
457 vec_foreach (fr, exp->reports)
459 fr->update_rewrite = 1;
460 fr->last_template_sent = 0;
465 vnet_stream_reset (flow_report_main_t * frm, u32 stream_index)
468 ipfix_exporter_t *exp = pool_elt_at_index (frm->exporters, 0);
470 exp->streams[stream_index].sequence_number = 0;
472 vec_foreach (fr, exp->reports)
473 if (exp->reports->stream_index == stream_index)
475 fr->update_rewrite = 1;
476 fr->last_template_sent = 0;
481 vnet_stream_change (flow_report_main_t * frm,
482 u32 old_domain_id, u16 old_src_port,
483 u32 new_domain_id, u16 new_src_port)
485 ipfix_exporter_t *exp = pool_elt_at_index (frm->exporters, 0);
487 i32 stream_index = find_stream (old_domain_id, old_src_port);
488 if (stream_index < 0)
490 flow_report_stream_t *stream = &exp->streams[stream_index];
491 stream->domain_id = new_domain_id;
492 stream->src_port = new_src_port;
493 if (old_domain_id != new_domain_id || old_src_port != new_src_port)
494 vnet_stream_reset (frm, stream_index);
498 static clib_error_t *
499 set_ipfix_exporter_command_fn (vlib_main_t * vm,
500 unformat_input_t * input,
501 vlib_cli_command_t * cmd)
503 flow_report_main_t *frm = &flow_report_main;
504 ip4_address_t collector, src;
505 u16 collector_port = UDP_DST_PORT_ipfix;
509 collector.as_u32 = 0;
511 u32 path_mtu = 512; // RFC 7011 section 10.3.3.
512 u32 template_interval = 20;
514 ipfix_exporter_t *exp = pool_elt_at_index (frm->exporters, 0);
516 while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
518 if (unformat (input, "collector %U", unformat_ip4_address, &collector))
520 else if (unformat (input, "port %U", unformat_udp_port,
523 else if (unformat (input, "src %U", unformat_ip4_address, &src))
525 else if (unformat (input, "fib-id %u", &fib_id))
527 ip4_main_t *im = &ip4_main;
528 uword *p = hash_get (im->fib_index_by_table_id, fib_id);
530 return clib_error_return (0, "fib ID %d doesn't exist\n", fib_id);
533 else if (unformat (input, "path-mtu %u", &path_mtu))
535 else if (unformat (input, "template-interval %u", &template_interval))
537 else if (unformat (input, "udp-checksum"))
543 if (collector.as_u32 != 0 && src.as_u32 == 0)
544 return clib_error_return (0, "src address required");
546 if (path_mtu > 1450 /* vpp does not support fragmentation */ )
547 return clib_error_return (0, "too big path-mtu value, maximum is 1450");
550 return clib_error_return (0, "too small path-mtu value, minimum is 68");
552 /* Reset report streams if we are reconfiguring IP addresses */
553 if (exp->ipfix_collector.as_u32 != collector.as_u32 ||
554 exp->src_address.as_u32 != src.as_u32 ||
555 exp->collector_port != collector_port)
556 vnet_flow_reports_reset (frm);
558 exp->ipfix_collector.as_u32 = collector.as_u32;
559 exp->collector_port = collector_port;
560 exp->src_address.as_u32 = src.as_u32;
561 exp->fib_index = fib_index;
562 exp->path_mtu = path_mtu;
563 exp->template_interval = template_interval;
564 exp->udp_checksum = udp_checksum;
566 if (collector.as_u32)
568 "Collector %U, src address %U, "
569 "fib index %d, path MTU %u, "
570 "template resend interval %us, "
572 format_ip4_address, exp->ipfix_collector,
573 format_ip4_address, exp->src_address, fib_index, path_mtu,
574 template_interval, udp_checksum ? "enabled" : "disabled");
576 vlib_cli_output (vm, "IPFIX Collector is disabled");
578 /* Turn on the flow reporting process */
579 vlib_process_signal_event (vm, flow_report_process_node.index, 1, 0);
584 VLIB_CLI_COMMAND (set_ipfix_exporter_command, static) = {
585 .path = "set ipfix exporter",
586 .short_help = "set ipfix exporter "
587 "collector <ip4-address> [port <port>] "
588 "src <ip4-address> [fib-id <fib-id>] "
589 "[path-mtu <path-mtu>] "
590 "[template-interval <template-interval>] "
592 .function = set_ipfix_exporter_command_fn,
597 static clib_error_t *
598 ipfix_flush_command_fn (vlib_main_t * vm,
599 unformat_input_t * input, vlib_cli_command_t * cmd)
601 /* poke the flow reporting process */
602 vlib_process_signal_event (vm, flow_report_process_node.index, 1, 0);
607 VLIB_CLI_COMMAND (ipfix_flush_command, static) = {
608 .path = "ipfix flush",
609 .short_help = "flush the current ipfix data [for make test]",
610 .function = ipfix_flush_command_fn,
614 static clib_error_t *
615 flow_report_init (vlib_main_t * vm)
617 flow_report_main_t *frm = &flow_report_main;
618 ipfix_exporter_t *exp;
621 frm->vnet_main = vnet_get_main ();
622 frm->unix_time_0 = time (0);
623 frm->vlib_time_0 = vlib_time_now (frm->vlib_main);
625 * Make sure that we can always access the first exporter for
626 * backwards compatibility reasons.
628 pool_alloc (frm->exporters, IPFIX_EXPORTERS_MAX);
629 pool_get (frm->exporters, exp);
630 /* Verify that this is at index 0 */
631 ASSERT (frm->exporters == exp);
636 VLIB_INIT_FUNCTION (flow_report_init);
638 * fd.io coding-style-patch-verification: ON
641 * eval: (c-set-style "gnu")
Code Review / vpp.git / blob