2 * l2_bd.c : layer 2 bridge domain
4 * Copyright (c) 2013 Cisco and/or its affiliates.
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
18 #include <vlib/vlib.h>
19 #include <vnet/vnet.h>
21 #include <vnet/ethernet/ethernet.h>
22 #include <vnet/ip/format.h>
23 #include <vnet/l2/l2_input.h>
24 #include <vnet/l2/feat_bitmap.h>
25 #include <vnet/l2/l2_bd.h>
26 #include <vnet/l2/l2_learn.h>
27 #include <vnet/l2/l2_fib.h>
28 #include <vnet/l2/l2_vtr.h>
29 #include <vnet/ip/ip4_packet.h>
30 #include <vnet/ip/ip6_packet.h>
32 #include <vppinfra/error.h>
33 #include <vppinfra/hash.h>
34 #include <vppinfra/vec.h>
38 * @brief Ethernet Bridge Domain.
40 * Code in this file manages Layer 2 bridge domains.
47 Init bridge domain if not done already.
48 For feature bitmap, set all bits except ARP termination
51 bd_validate (l2_bridge_domain_t * bd_config)
53 if (bd_is_valid (bd_config))
55 bd_config->feature_bitmap =
56 ~(L2INPUT_FEAT_ARP_TERM | L2INPUT_FEAT_UU_FWD | L2INPUT_FEAT_ARP_UFWD);
57 bd_config->bvi_sw_if_index = ~0;
58 bd_config->uu_fwd_sw_if_index = ~0;
59 bd_config->members = 0;
60 bd_config->flood_count = 0;
61 bd_config->tun_master_count = 0;
62 bd_config->tun_normal_count = 0;
63 bd_config->no_flood_count = 0;
64 bd_config->mac_by_ip4 = 0;
65 bd_config->mac_by_ip6 = hash_create_mem (0, sizeof (ip6_address_t),
70 bd_find_index (bd_main_t * bdm, u32 bd_id)
72 u32 *p = (u32 *) hash_get (bdm->bd_index_by_bd_id, bd_id);
79 bd_add_bd_index (bd_main_t * bdm, u32 bd_id)
81 ASSERT (!hash_get (bdm->bd_index_by_bd_id, bd_id));
82 u32 rv = clib_bitmap_first_clear (bdm->bd_index_bitmap);
84 /* mark this index taken */
85 bdm->bd_index_bitmap = clib_bitmap_set (bdm->bd_index_bitmap, rv, 1);
87 hash_set (bdm->bd_index_by_bd_id, bd_id, rv);
89 vec_validate (l2input_main.bd_configs, rv);
90 l2input_main.bd_configs[rv].bd_id = bd_id;
96 bd_free_ip_mac_tables (l2_bridge_domain_t * bd)
99 ip6_address_t *ip6_addr_key;
101 hash_free (bd->mac_by_ip4);
103 hash_foreach_mem (ip6_addr_key, mac_addr, bd->mac_by_ip6,
105 clib_mem_free (ip6_addr_key); /* free memory used for ip6 addr key */
108 hash_free (bd->mac_by_ip6);
112 bd_delete (bd_main_t * bdm, u32 bd_index)
114 l2_bridge_domain_t *bd = &l2input_main.bd_configs[bd_index];
115 u32 bd_id = bd->bd_id;
117 /* flush non-static MACs in BD and removed bd_id from hash table */
118 l2fib_flush_bd_mac (vlib_get_main (), bd_index);
119 hash_unset (bdm->bd_index_by_bd_id, bd_id);
121 /* mark this index clear */
122 bdm->bd_index_bitmap = clib_bitmap_set (bdm->bd_index_bitmap, bd_index, 0);
124 /* clear BD config for reuse: bd_id to -1 and clear feature_bitmap */
126 bd->feature_bitmap = 0;
129 vec_free (bd->bd_tag);
131 /* free memory used by BD */
132 vec_free (bd->members);
133 bd_free_ip_mac_tables (bd);
139 update_flood_count (l2_bridge_domain_t * bd_config)
141 bd_config->flood_count = (vec_len (bd_config->members) -
142 (bd_config->tun_master_count ?
143 bd_config->tun_normal_count : 0));
144 bd_config->flood_count -= bd_config->no_flood_count;
148 bd_add_member (l2_bridge_domain_t * bd_config, l2_flood_member_t * member)
151 vnet_sw_interface_t *sw_if = vnet_get_sw_interface
152 (vnet_get_main (), member->sw_if_index);
155 * Add one element to the vector
156 * vector is ordered [ bvi, normal/tun_masters..., tun_normals... no_flood]
157 * When flooding, the bvi interface (if present) must be the last member
158 * processed due to how BVI processing can change the packet. To enable
159 * this order, we make the bvi interface the first in the vector and
160 * flooding walks the vector in reverse. The flood-count determines where
161 * in the member list to start the walk from.
163 switch (sw_if->flood_class)
165 case VNET_FLOOD_CLASS_NO_FLOOD:
166 bd_config->no_flood_count++;
167 ix = vec_len (bd_config->members);
169 case VNET_FLOOD_CLASS_BVI:
172 case VNET_FLOOD_CLASS_TUNNEL_MASTER:
173 bd_config->tun_master_count++;
175 case VNET_FLOOD_CLASS_NORMAL:
176 ix = (vec_len (bd_config->members) -
177 bd_config->tun_normal_count - bd_config->no_flood_count);
179 case VNET_FLOOD_CLASS_TUNNEL_NORMAL:
180 ix = (vec_len (bd_config->members) - bd_config->no_flood_count);
181 bd_config->tun_normal_count++;
185 vec_insert_elts (bd_config->members, member, 1, ix);
186 update_flood_count (bd_config);
189 #define BD_REMOVE_ERROR_OK 0
190 #define BD_REMOVE_ERROR_NOT_FOUND 1
193 bd_remove_member (l2_bridge_domain_t * bd_config, u32 sw_if_index)
197 /* Find and delete the member */
198 vec_foreach_index (ix, bd_config->members)
200 l2_flood_member_t *m = vec_elt_at_index (bd_config->members, ix);
201 if (m->sw_if_index == sw_if_index)
203 vnet_sw_interface_t *sw_if = vnet_get_sw_interface
204 (vnet_get_main (), sw_if_index);
206 if (sw_if->flood_class != VNET_FLOOD_CLASS_NORMAL)
208 if (sw_if->flood_class == VNET_FLOOD_CLASS_TUNNEL_MASTER)
209 bd_config->tun_master_count--;
210 else if (sw_if->flood_class == VNET_FLOOD_CLASS_TUNNEL_NORMAL)
211 bd_config->tun_normal_count--;
212 else if (sw_if->flood_class == VNET_FLOOD_CLASS_NO_FLOOD)
213 bd_config->no_flood_count--;
215 vec_delete (bd_config->members, 1, ix);
216 update_flood_count (bd_config);
218 return BD_REMOVE_ERROR_OK;
222 return BD_REMOVE_ERROR_NOT_FOUND;
227 l2bd_init (vlib_main_t * vm)
229 bd_main_t *bdm = &bd_main;
230 bdm->bd_index_by_bd_id = hash_create (0, sizeof (uword));
232 * create a dummy bd with bd_id of 0 and bd_index of 0 with feature set
233 * to packet drop only. Thus, packets received from any L2 interface with
234 * uninitialized bd_index of 0 can be dropped safely.
236 u32 bd_index = bd_add_bd_index (bdm, 0);
237 ASSERT (bd_index == 0);
238 l2input_main.bd_configs[0].feature_bitmap = L2INPUT_FEAT_DROP;
244 VLIB_INIT_FUNCTION (l2bd_init);
248 Set the learn/forward/flood flags for the bridge domain.
249 Return 0 if ok, non-zero if for an error.
252 bd_set_flags (vlib_main_t * vm, u32 bd_index, bd_flags_t flags, u32 enable)
255 l2_bridge_domain_t *bd_config = l2input_bd_config (bd_index);
256 bd_validate (bd_config);
257 u32 feature_bitmap = 0;
259 if (flags & L2_LEARN)
261 feature_bitmap |= L2INPUT_FEAT_LEARN;
265 feature_bitmap |= L2INPUT_FEAT_FWD;
267 if (flags & L2_FLOOD)
269 feature_bitmap |= L2INPUT_FEAT_FLOOD;
271 if (flags & L2_UU_FLOOD)
273 feature_bitmap |= L2INPUT_FEAT_UU_FLOOD;
275 if (flags & L2_ARP_TERM)
277 feature_bitmap |= L2INPUT_FEAT_ARP_TERM;
279 if (flags & L2_ARP_UFWD)
281 feature_bitmap |= L2INPUT_FEAT_ARP_UFWD;
286 bd_config->feature_bitmap |= feature_bitmap;
290 bd_config->feature_bitmap &= ~feature_bitmap;
293 return bd_config->feature_bitmap;
297 Set the mac age for the bridge domain.
300 bd_set_mac_age (vlib_main_t * vm, u32 bd_index, u8 age)
302 l2_bridge_domain_t *bd_config;
305 vec_validate (l2input_main.bd_configs, bd_index);
306 bd_config = vec_elt_at_index (l2input_main.bd_configs, bd_index);
307 bd_config->mac_age = age;
309 /* check if there is at least one bd with mac aging enabled */
310 vec_foreach (bd_config, l2input_main.bd_configs)
311 enable |= bd_config->bd_id != ~0 && bd_config->mac_age != 0;
313 vlib_process_signal_event (vm, l2fib_mac_age_scanner_process_node.index,
314 enable ? L2_MAC_AGE_PROCESS_EVENT_START :
315 L2_MAC_AGE_PROCESS_EVENT_STOP, 0);
319 Set the tag for the bridge domain.
323 bd_set_bd_tag (vlib_main_t * vm, u32 bd_index, u8 * bd_tag)
326 l2_bridge_domain_t *bd_config;
327 vec_validate (l2input_main.bd_configs, bd_index);
328 bd_config = vec_elt_at_index (l2input_main.bd_configs, bd_index);
330 old = bd_config->bd_tag;
334 bd_config->bd_tag = format (0, "%s%c", bd_tag, 0);
338 bd_config->bd_tag = NULL;
345 Set bridge-domain learn enable/disable.
347 set bridge-domain learn <bd_id> [disable]
349 static clib_error_t *
350 bd_learn (vlib_main_t * vm,
351 unformat_input_t * input, vlib_cli_command_t * cmd)
353 bd_main_t *bdm = &bd_main;
354 clib_error_t *error = 0;
359 if (!unformat (input, "%d", &bd_id))
361 error = clib_error_return (0, "expecting bridge-domain id but got `%U'",
362 format_unformat_error, input);
367 return clib_error_return (0,
368 "No operations on the default bridge domain are supported");
370 p = hash_get (bdm->bd_index_by_bd_id, bd_id);
373 return clib_error_return (0, "No such bridge domain %d", bd_id);
378 if (unformat (input, "disable"))
383 /* set the bridge domain flag */
384 bd_set_flags (vm, bd_index, L2_LEARN, enable);
391 * Layer 2 learning can be enabled and disabled on each
392 * interface and on each bridge-domain. Use this command to
393 * manage bridge-domains. It is enabled by default.
396 * Example of how to enable learning (where 200 is the bridge-domain-id):
397 * @cliexcmd{set bridge-domain learn 200}
398 * Example of how to disable learning (where 200 is the bridge-domain-id):
399 * @cliexcmd{set bridge-domain learn 200 disable}
402 VLIB_CLI_COMMAND (bd_learn_cli, static) = {
403 .path = "set bridge-domain learn",
404 .short_help = "set bridge-domain learn <bridge-domain-id> [disable]",
405 .function = bd_learn,
410 Set bridge-domain forward enable/disable.
412 set bridge-domain forward <bd_index> [disable]
414 static clib_error_t *
415 bd_fwd (vlib_main_t * vm, unformat_input_t * input, vlib_cli_command_t * cmd)
417 bd_main_t *bdm = &bd_main;
418 clib_error_t *error = 0;
423 if (!unformat (input, "%d", &bd_id))
425 error = clib_error_return (0, "expecting bridge-domain id but got `%U'",
426 format_unformat_error, input);
431 return clib_error_return (0,
432 "No operations on the default bridge domain are supported");
434 p = hash_get (bdm->bd_index_by_bd_id, bd_id);
437 return clib_error_return (0, "No such bridge domain %d", bd_id);
442 if (unformat (input, "disable"))
447 /* set the bridge domain flag */
448 bd_set_flags (vm, bd_index, L2_FWD, enable);
456 * Layer 2 unicast forwarding can be enabled and disabled on each
457 * interface and on each bridge-domain. Use this command to
458 * manage bridge-domains. It is enabled by default.
461 * Example of how to enable forwarding (where 200 is the bridge-domain-id):
462 * @cliexcmd{set bridge-domain forward 200}
463 * Example of how to disable forwarding (where 200 is the bridge-domain-id):
464 * @cliexcmd{set bridge-domain forward 200 disable}
467 VLIB_CLI_COMMAND (bd_fwd_cli, static) = {
468 .path = "set bridge-domain forward",
469 .short_help = "set bridge-domain forward <bridge-domain-id> [disable]",
475 Set bridge-domain flood enable/disable.
477 set bridge-domain flood <bd_index> [disable]
479 static clib_error_t *
480 bd_flood (vlib_main_t * vm,
481 unformat_input_t * input, vlib_cli_command_t * cmd)
483 bd_main_t *bdm = &bd_main;
484 clib_error_t *error = 0;
489 if (!unformat (input, "%d", &bd_id))
491 error = clib_error_return (0, "expecting bridge-domain id but got `%U'",
492 format_unformat_error, input);
497 return clib_error_return (0,
498 "No operations on the default bridge domain are supported");
500 p = hash_get (bdm->bd_index_by_bd_id, bd_id);
503 return clib_error_return (0, "No such bridge domain %d", bd_id);
508 if (unformat (input, "disable"))
513 /* set the bridge domain flag */
514 bd_set_flags (vm, bd_index, L2_FLOOD, enable);
521 * Layer 2 flooding can be enabled and disabled on each
522 * interface and on each bridge-domain. Use this command to
523 * manage bridge-domains. It is enabled by default.
526 * Example of how to enable flooding (where 200 is the bridge-domain-id):
527 * @cliexcmd{set bridge-domain flood 200}
528 * Example of how to disable flooding (where 200 is the bridge-domain-id):
529 * @cliexcmd{set bridge-domain flood 200 disable}
532 VLIB_CLI_COMMAND (bd_flood_cli, static) = {
533 .path = "set bridge-domain flood",
534 .short_help = "set bridge-domain flood <bridge-domain-id> [disable]",
535 .function = bd_flood,
540 Set bridge-domain unknown-unicast flood enable/disable.
542 set bridge-domain uu-flood <bd_index> [disable]
544 static clib_error_t *
545 bd_uu_flood (vlib_main_t * vm,
546 unformat_input_t * input, vlib_cli_command_t * cmd)
548 bd_main_t *bdm = &bd_main;
549 clib_error_t *error = 0;
554 if (!unformat (input, "%d", &bd_id))
556 error = clib_error_return (0, "expecting bridge-domain id but got `%U'",
557 format_unformat_error, input);
562 return clib_error_return (0,
563 "No operations on the default bridge domain are supported");
565 p = hash_get (bdm->bd_index_by_bd_id, bd_id);
568 return clib_error_return (0, "No such bridge domain %d", bd_id);
573 if (unformat (input, "disable"))
578 /* set the bridge domain flag */
579 bd_set_flags (vm, bd_index, L2_UU_FLOOD, enable);
586 * Layer 2 unknown-unicast flooding can be enabled and disabled on each
587 * bridge-domain. It is enabled by default.
590 * Example of how to enable unknown-unicast flooding (where 200 is the
592 * @cliexcmd{set bridge-domain uu-flood 200}
593 * Example of how to disable unknown-unicast flooding (where 200 is the bridge-domain-id):
594 * @cliexcmd{set bridge-domain uu-flood 200 disable}
597 VLIB_CLI_COMMAND (bd_uu_flood_cli, static) = {
598 .path = "set bridge-domain uu-flood",
599 .short_help = "set bridge-domain uu-flood <bridge-domain-id> [disable]",
600 .function = bd_uu_flood,
605 Set bridge-domain arp-unicast forward enable/disable.
607 set bridge-domain arp-ufwd <bd_index> [disable]
609 static clib_error_t *
610 bd_arp_ufwd (vlib_main_t * vm,
611 unformat_input_t * input, vlib_cli_command_t * cmd)
613 bd_main_t *bdm = &bd_main;
614 clib_error_t *error = 0;
619 if (!unformat (input, "%d", &bd_id))
621 error = clib_error_return (0, "expecting bridge-domain id but got `%U'",
622 format_unformat_error, input);
627 return clib_error_return (0,
628 "No operations on the default bridge domain are supported");
630 p = hash_get (bdm->bd_index_by_bd_id, bd_id);
633 return clib_error_return (0, "No such bridge domain %d", bd_id);
638 if (unformat (input, "disable"))
643 /* set the bridge domain flag */
644 bd_set_flags (vm, bd_index, L2_ARP_UFWD, enable);
651 * Layer 2 arp-unicast forwarding can be enabled and disabled on each
652 * bridge-domain. It is disabled by default.
655 * Example of how to enable arp-unicast forwarding (where 200 is the
657 * @cliexcmd{set bridge-domain arp-ufwd 200}
658 * Example of how to disable arp-unicast forwarding (where 200 is the bridge-domain-id):
659 * @cliexcmd{set bridge-domain arp-ufwd 200 disable}
662 VLIB_CLI_COMMAND (bd_arp_ufwd_cli, static) = {
663 .path = "set bridge-domain arp-ufwd",
664 .short_help = "set bridge-domain arp-ufwd <bridge-domain-id> [disable]",
665 .function = bd_arp_ufwd,
670 Set bridge-domain arp term enable/disable.
672 set bridge-domain arp term <bridge-domain-id> [disable]
674 static clib_error_t *
675 bd_arp_term (vlib_main_t * vm,
676 unformat_input_t * input, vlib_cli_command_t * cmd)
678 bd_main_t *bdm = &bd_main;
679 clib_error_t *error = 0;
684 if (!unformat (input, "%d", &bd_id))
686 error = clib_error_return (0, "expecting bridge-domain id but got `%U'",
687 format_unformat_error, input);
692 return clib_error_return (0,
693 "No operations on the default bridge domain are supported");
695 p = hash_get (bdm->bd_index_by_bd_id, bd_id);
699 return clib_error_return (0, "No such bridge domain %d", bd_id);
702 if (unformat (input, "disable"))
705 /* set the bridge domain flag */
706 bd_set_flags (vm, bd_index, L2_ARP_TERM, enable);
712 static clib_error_t *
713 bd_mac_age (vlib_main_t * vm,
714 unformat_input_t * input, vlib_cli_command_t * cmd)
716 bd_main_t *bdm = &bd_main;
717 clib_error_t *error = 0;
722 if (!unformat (input, "%d", &bd_id))
724 error = clib_error_return (0, "expecting bridge-domain id but got `%U'",
725 format_unformat_error, input);
730 return clib_error_return (0,
731 "No operations on the default bridge domain are supported");
733 p = hash_get (bdm->bd_index_by_bd_id, bd_id);
736 return clib_error_return (0, "No such bridge domain %d", bd_id);
740 if (!unformat (input, "%u", &age))
743 clib_error_return (0, "expecting ageing time in minutes but got `%U'",
744 format_unformat_error, input);
748 /* set the bridge domain flag */
752 clib_error_return (0, "mac aging time cannot be bigger than 255");
755 bd_set_mac_age (vm, bd_index, (u8) age);
762 * Layer 2 mac aging can be enabled and disabled on each
763 * bridge-domain. Use this command to set or disable mac aging
764 * on specific bridge-domains. It is disabled by default.
767 * Example of how to set mac aging (where 200 is the bridge-domain-id and
768 * 5 is aging time in minutes):
769 * @cliexcmd{set bridge-domain mac-age 200 5}
770 * Example of how to disable mac aging (where 200 is the bridge-domain-id):
771 * @cliexcmd{set bridge-domain flood 200 0}
774 VLIB_CLI_COMMAND (bd_mac_age_cli, static) = {
775 .path = "set bridge-domain mac-age",
776 .short_help = "set bridge-domain mac-age <bridge-domain-id> <mins>",
777 .function = bd_mac_age,
782 * Modify whether or not an existing bridge-domain should terminate and respond
783 * to ARP Requests. ARP Termination is disabled by default.
786 * Example of how to enable ARP termination (where 200 is the bridge-domain-id):
787 * @cliexcmd{set bridge-domain arp term 200}
788 * Example of how to disable ARP termination (where 200 is the bridge-domain-id):
789 * @cliexcmd{set bridge-domain arp term 200 disable}
792 VLIB_CLI_COMMAND (bd_arp_term_cli, static) = {
793 .path = "set bridge-domain arp term",
794 .short_help = "set bridge-domain arp term <bridge-domain-id> [disable]",
795 .function = bd_arp_term,
801 * Add/delete IP address to MAC address mapping.
803 * The clib hash implementation stores uword entries in the hash table.
804 * The hash table mac_by_ip4 is keyed via IP4 address and store the
805 * 6-byte MAC address directly in the hash table entry uword.
807 * @warning This only works for 64-bit processor with 8-byte uword;
808 * which means this code *WILL NOT WORK* for a 32-bit processor with
812 bd_add_del_ip_mac (u32 bd_index,
814 const ip46_address_t * ip,
815 const mac_address_t * mac, u8 is_add)
817 l2_bridge_domain_t *bd_cfg = l2input_bd_config (bd_index);
818 u64 new_mac = mac_address_as_u64 (mac);
821 /* make sure uword is 8 bytes */
822 ASSERT (sizeof (uword) == sizeof (u64));
823 ASSERT (bd_is_valid (bd_cfg));
825 if (IP46_TYPE_IP6 == type)
827 ip6_address_t *ip6_addr_key;
829 old_mac = (u64 *) hash_get_mem (bd_cfg->mac_by_ip6, &ip->ip6);
834 /* new entry - allocate and create ip6 address key */
835 ip6_addr_key = clib_mem_alloc (sizeof (ip6_address_t));
836 clib_memcpy (ip6_addr_key, &ip->ip6, sizeof (ip6_address_t));
838 else if (*old_mac == new_mac)
840 /* same mac entry already exist for ip6 address */
845 /* update mac for ip6 address */
846 hp = hash_get_pair (bd_cfg->mac_by_ip6, &ip->ip6);
847 ip6_addr_key = (ip6_address_t *) hp->key;
849 hash_set_mem (bd_cfg->mac_by_ip6, ip6_addr_key, new_mac);
853 if (old_mac && (*old_mac == new_mac))
855 hp = hash_get_pair (bd_cfg->mac_by_ip6, &ip->ip6);
856 ip6_addr_key = (ip6_address_t *) hp->key;
857 hash_unset_mem (bd_cfg->mac_by_ip6, &ip->ip6);
858 clib_mem_free (ip6_addr_key);
866 old_mac = (u64 *) hash_get (bd_cfg->mac_by_ip4, ip->ip4.as_u32);
869 if (old_mac && (*old_mac == new_mac))
870 /* mac entry already exist */
872 hash_set (bd_cfg->mac_by_ip4, ip->ip4.as_u32, new_mac);
876 if (old_mac && (*old_mac == new_mac))
877 hash_unset (bd_cfg->mac_by_ip4, ip->ip4.as_u32);
886 * Flush IP address to MAC address mapping tables in a BD.
889 bd_flush_ip_mac (u32 bd_index)
891 l2_bridge_domain_t *bd = l2input_bd_config (bd_index);
892 ASSERT (bd_is_valid (bd));
893 bd_free_ip_mac_tables (bd);
896 hash_create_mem (0, sizeof (ip6_address_t), sizeof (uword));
900 Set bridge-domain arp entry add/delete.
902 set bridge-domain arp entry <bridge-domain-id> <ip-addr> <mac-addr> [del]
904 static clib_error_t *
905 bd_arp_entry (vlib_main_t * vm,
906 unformat_input_t * input, vlib_cli_command_t * cmd)
908 ip46_address_t ip_addr = ip46_address_initializer;
909 ip46_type_t type = IP46_TYPE_IP4;
910 bd_main_t *bdm = &bd_main;
911 clib_error_t *error = 0;
917 if (!unformat (input, "%d", &bd_id))
919 error = clib_error_return (0, "expecting bridge-domain id but got `%U'",
920 format_unformat_error, input);
925 return clib_error_return (0,
926 "No operations on the default bridge domain are supported");
928 p = hash_get (bdm->bd_index_by_bd_id, bd_id);
933 return clib_error_return (0, "No such bridge domain %d", bd_id);
935 if (unformat (input, "%U", unformat_ip4_address, &ip_addr.ip4))
937 type = IP46_TYPE_IP4;
939 else if (unformat (input, "%U", unformat_ip6_address, &ip_addr.ip6))
941 type = IP46_TYPE_IP6;
943 else if (unformat (input, "del-all"))
945 bd_flush_ip_mac (bd_index);
950 error = clib_error_return (0, "expecting IP address but got `%U'",
951 format_unformat_error, input);
955 if (!unformat (input, "%U", unformat_mac_address_t, &mac))
957 error = clib_error_return (0, "expecting MAC address but got `%U'",
958 format_unformat_error, input);
962 if (unformat (input, "del"))
967 /* set the bridge domain flagAdd IP-MAC entry into bridge domain */
968 if (bd_add_del_ip_mac (bd_index, type, &ip_addr, &mac, is_add))
970 error = clib_error_return (0, "MAC %s for IP %U and MAC %U failed",
971 is_add ? "add" : "del",
972 format_ip46_address, &ip_addr, IP46_TYPE_ANY,
973 format_mac_address_t, &mac);
981 * Add an ARP entry to an existing bridge-domain.
984 * Example of how to add an ARP entry (where 200 is the bridge-domain-id):
985 * @cliexcmd{set bridge-domain arp entry 200 192.168.72.45 52:54:00:3b:83:1a}
986 * Example of how to delete an ARP entry (where 200 is the bridge-domain-id):
987 * @cliexcmd{set bridge-domain arp entry 200 192.168.72.45 52:54:00:3b:83:1a del}
990 VLIB_CLI_COMMAND (bd_arp_entry_cli, static) = {
991 .path = "set bridge-domain arp entry",
992 .short_help = "set bridge-domain arp entry <bridge-domain-id> [<ip-addr> <mac-addr> [del] | del-all]",
993 .function = bd_arp_entry,
998 format_vtr (u8 * s, va_list * args)
1000 u32 vtr_op = va_arg (*args, u32);
1001 u32 dot1q = va_arg (*args, u32);
1002 u32 tag1 = va_arg (*args, u32);
1003 u32 tag2 = va_arg (*args, u32);
1006 case L2_VTR_DISABLED:
1007 return format (s, "none");
1009 return format (s, "push-1 %s %d", dot1q ? "dot1q" : "dot1ad", tag1);
1011 return format (s, "push-2 %s %d %d", dot1q ? "dot1q" : "dot1ad", tag1,
1014 return format (s, "pop-1");
1016 return format (s, "pop-2");
1017 case L2_VTR_TRANSLATE_1_1:
1018 return format (s, "trans-1-1 %s %d", dot1q ? "dot1q" : "dot1ad", tag1);
1019 case L2_VTR_TRANSLATE_1_2:
1020 return format (s, "trans-1-2 %s %d %d", dot1q ? "dot1q" : "dot1ad",
1022 case L2_VTR_TRANSLATE_2_1:
1023 return format (s, "trans-2-1 %s %d", dot1q ? "dot1q" : "dot1ad", tag1);
1024 case L2_VTR_TRANSLATE_2_2:
1025 return format (s, "trans-2-2 %s %d %d", dot1q ? "dot1q" : "dot1ad",
1028 return format (s, "none");
1033 format_uu_cfg (u8 * s, va_list * args)
1035 l2_bridge_domain_t *bd_config = va_arg (*args, l2_bridge_domain_t *);
1037 if (bd_config->feature_bitmap & L2INPUT_FEAT_UU_FWD)
1038 return (format (s, "%U", format_vnet_sw_if_index_name_with_NA,
1039 vnet_get_main (), bd_config->uu_fwd_sw_if_index));
1040 else if (bd_config->feature_bitmap & L2INPUT_FEAT_UU_FLOOD)
1041 return (format (s, "flood"));
1043 return (format (s, "drop"));
1047 Show bridge-domain state.
1049 show bridge-domain [<bd_index>]
1051 static clib_error_t *
1052 bd_show (vlib_main_t * vm, unformat_input_t * input, vlib_cli_command_t * cmd)
1054 vnet_main_t *vnm = vnet_get_main ();
1055 bd_main_t *bdm = &bd_main;
1056 clib_error_t *error = 0;
1058 l2_bridge_domain_t *bd_config;
1068 end = vec_len (l2input_main.bd_configs);
1070 if (unformat (input, "%d", &bd_id))
1072 if (unformat (input, "detail"))
1074 else if (unformat (input, "det"))
1076 if (unformat (input, "int"))
1078 if (unformat (input, "arp"))
1080 if (unformat (input, "bd-tag"))
1084 return clib_error_return (0,
1085 "No operations on the default bridge domain are supported");
1087 p = hash_get (bdm->bd_index_by_bd_id, bd_id);
1091 return clib_error_return (0, "No such bridge domain %d", bd_id);
1093 vec_validate (l2input_main.bd_configs, bd_index);
1094 bd_config = vec_elt_at_index (l2input_main.bd_configs, bd_index);
1095 if (bd_is_valid (bd_config))
1102 vlib_cli_output (vm, "bridge-domain %d not in use", bd_id);
1107 /* Show all bridge-domains that have been initialized */
1110 for (bd_index = start; bd_index < end; bd_index++)
1112 bd_config = vec_elt_at_index (l2input_main.bd_configs, bd_index);
1113 if (bd_is_valid (bd_config))
1118 vlib_cli_output (vm,
1119 "%=8s %=7s %=4s %=9s %=9s %=9s %=11s %=9s %=9s %=9s %=11s",
1120 "BD-ID", "Index", "BSN", "Age(min)",
1121 "Learning", "U-Forwrd", "UU-Flood",
1122 "Flooding", "ARP-Term", "arp-ufwd",
1126 if (bd_config->mac_age)
1127 as = format (as, "%d", bd_config->mac_age);
1129 as = format (as, "off");
1130 vlib_cli_output (vm,
1131 "%=8d %=7d %=4d %=9v %=9s %=9s %=11U %=9s %=9s %=9s %=11U",
1132 bd_config->bd_id, bd_index, bd_config->seq_num, as,
1133 bd_config->feature_bitmap & L2INPUT_FEAT_LEARN ?
1135 bd_config->feature_bitmap & L2INPUT_FEAT_FWD ?
1137 format_uu_cfg, bd_config,
1138 bd_config->feature_bitmap & L2INPUT_FEAT_FLOOD ?
1140 bd_config->feature_bitmap & L2INPUT_FEAT_ARP_TERM ?
1142 bd_config->feature_bitmap & L2INPUT_FEAT_ARP_UFWD ?
1144 format_vnet_sw_if_index_name_with_NA,
1145 vnm, bd_config->bvi_sw_if_index);
1146 vec_reset_length (as);
1150 /* Show all member interfaces */
1152 vec_foreach_index (i, bd_config->members)
1154 l2_flood_member_t *member =
1155 vec_elt_at_index (bd_config->members, i);
1156 u8 swif_seq_num = *l2fib_swif_seq_num (member->sw_if_index);
1157 u32 vtr_opr, dot1q, tag1, tag2;
1160 vlib_cli_output (vm, "\n%=30s%=7s%=5s%=5s%=5s%=9s%=30s",
1161 "Interface", "If-idx", "ISN", "SHG",
1162 "BVI", "TxFlood", "VLAN-Tag-Rewrite");
1164 l2vtr_get (vm, vnm, member->sw_if_index, &vtr_opr, &dot1q,
1166 vlib_cli_output (vm, "%=30U%=7d%=5d%=5d%=5s%=9s%=30U",
1167 format_vnet_sw_if_index_name, vnm,
1168 member->sw_if_index, member->sw_if_index,
1169 swif_seq_num, member->shg,
1170 member->flags & L2_FLOOD_MEMBER_BVI ? "*" :
1171 "-", i < bd_config->flood_count ? "*" : "-",
1172 format_vtr, vtr_opr, dot1q, tag1, tag2);
1174 if (~0 != bd_config->uu_fwd_sw_if_index)
1175 vlib_cli_output (vm, "%=30U%=7d%=5d%=5d%=5s%=9s%=30s",
1176 format_vnet_sw_if_index_name, vnm,
1177 bd_config->uu_fwd_sw_if_index,
1178 bd_config->uu_fwd_sw_if_index,
1179 0, 0, "uu", "-", "None");
1183 if ((detail || arp) &&
1184 (bd_config->feature_bitmap & L2INPUT_FEAT_ARP_TERM))
1187 ip6_address_t *ip6_addr;
1189 vlib_cli_output (vm,
1190 "\n IP4/IP6 to MAC table for ARP Termination");
1193 hash_foreach (ip4_addr, mac_addr, bd_config->mac_by_ip4,
1195 vlib_cli_output (vm, "%=40U => %=20U",
1196 format_ip4_address, &ip4_addr,
1197 format_ethernet_address, &mac_addr);
1200 hash_foreach_mem (ip6_addr, mac_addr, bd_config->mac_by_ip6,
1202 vlib_cli_output (vm, "%=40U => %=20U",
1203 format_ip6_address, ip6_addr,
1204 format_ethernet_address, &mac_addr);
1209 if ((detail || bd_tag) && (bd_config->bd_tag))
1211 vlib_cli_output (vm, "\n BD-Tag: %s", bd_config->bd_tag);
1220 vlib_cli_output (vm, "no bridge-domains in use");
1228 * Show a summary of all the bridge-domain instances or detailed view of a
1229 * single bridge-domain. Bridge-domains are created by adding an interface
1230 * to a bridge using the '<em>set interface l2 bridge</em>' command.
1234 * Example of displaying all bridge-domains:
1235 * @cliexstart{show bridge-domain}
1236 * ID Index Learning U-Forwrd UU-Flood Flooding ARP-Term BVI-Intf
1237 * 0 0 off off off off off local0
1238 * 200 1 on on on on off N/A
1241 * Example of displaying details of a single bridge-domains:
1242 * @cliexstart{show bridge-domain 200 detail}
1243 * ID Index Learning U-Forwrd UU-Flood Flooding ARP-Term BVI-Intf
1244 * 200 1 on on on on off N/A
1246 * Interface Index SHG BVI VLAN-Tag-Rewrite
1247 * GigabitEthernet0/8/0.200 3 0 - none
1248 * GigabitEthernet0/9/0.200 4 0 - none
1253 VLIB_CLI_COMMAND (bd_show_cli, static) = {
1254 .path = "show bridge-domain",
1255 .short_help = "show bridge-domain [bridge-domain-id [detail|int|arp|bd-tag]]",
1256 .function = bd_show,
1261 bd_add_del (l2_bridge_domain_add_del_args_t * a)
1263 bd_main_t *bdm = &bd_main;
1264 vlib_main_t *vm = bdm->vlib_main;
1267 u32 bd_index = bd_find_index (bdm, a->bd_id);
1271 return VNET_API_ERROR_BD_ALREADY_EXISTS;
1272 if (a->bd_id > L2_BD_ID_MAX)
1273 return VNET_API_ERROR_BD_ID_EXCEED_MAX;
1274 bd_index = bd_add_bd_index (bdm, a->bd_id);
1276 bd_flags_t enable_flags = 0, disable_flags = 0;
1278 enable_flags |= L2_FLOOD;
1280 disable_flags |= L2_FLOOD;
1283 enable_flags |= L2_UU_FLOOD;
1285 disable_flags |= L2_UU_FLOOD;
1288 enable_flags |= L2_FWD;
1290 disable_flags |= L2_FWD;
1293 enable_flags |= L2_LEARN;
1295 disable_flags |= L2_LEARN;
1298 enable_flags |= L2_ARP_TERM;
1300 disable_flags |= L2_ARP_TERM;
1303 enable_flags |= L2_ARP_UFWD;
1305 disable_flags |= L2_ARP_UFWD;
1308 bd_set_flags (vm, bd_index, enable_flags, 1 /* enable */ );
1311 bd_set_flags (vm, bd_index, disable_flags, 0 /* disable */ );
1313 bd_set_mac_age (vm, bd_index, a->mac_age);
1316 bd_set_bd_tag (vm, bd_index, a->bd_tag);
1322 return VNET_API_ERROR_NO_SUCH_ENTRY;
1324 return VNET_API_ERROR_BD_NOT_MODIFIABLE;
1325 if (vec_len (l2input_main.bd_configs[bd_index].members))
1326 return VNET_API_ERROR_BD_IN_USE;
1327 rv = bd_delete (bdm, bd_index);
1334 Create or delete bridge-domain.
1336 create bridge-domain <bd_index> [learn <0|1>] [forward <0|1>] [uu-flood <0|1>] [flood <0|1>]
1337 [arp-term <0|1>] [mac-age <nn>] [bd-tag <tag>] [del]
1340 static clib_error_t *
1341 bd_add_del_command_fn (vlib_main_t * vm, unformat_input_t * input,
1342 vlib_cli_command_t * cmd)
1344 unformat_input_t _line_input, *line_input = &_line_input;
1345 clib_error_t *error = 0;
1348 u32 flood = 1, forward = 1, learn = 1, uu_flood = 1, arp_term =
1352 l2_bridge_domain_add_del_args_t _a, *a = &_a;
1355 /* Get a line of input. */
1356 if (!unformat_user (input, unformat_line_input, line_input))
1359 while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
1361 if (unformat (line_input, "%d", &bd_id))
1363 else if (unformat (line_input, "flood %d", &flood))
1365 else if (unformat (line_input, "uu-flood %d", &uu_flood))
1367 else if (unformat (line_input, "forward %d", &forward))
1369 else if (unformat (line_input, "learn %d", &learn))
1371 else if (unformat (line_input, "arp-term %d", &arp_term))
1373 else if (unformat (line_input, "arp-ufwd %d", &arp_ufwd))
1375 else if (unformat (line_input, "mac-age %d", &mac_age))
1377 else if (unformat (line_input, "bd-tag %s", &bd_tag))
1379 else if (unformat (line_input, "del"))
1382 flood = uu_flood = forward = learn = 0;
1390 error = clib_error_return (0, "bridge-domain-id not specified");
1396 error = clib_error_return (0, "bridge domain 0 can not be modified");
1402 error = clib_error_return (0, "mac age must be less than 256");
1405 if ((bd_tag) && (strlen ((char *) bd_tag) > 63))
1407 error = clib_error_return (0, "bd-tag cannot be longer than 63");
1411 clib_memset (a, 0, sizeof (*a));
1414 a->flood = (u8) flood;
1415 a->uu_flood = (u8) uu_flood;
1416 a->forward = (u8) forward;
1417 a->learn = (u8) learn;
1418 a->arp_term = (u8) arp_term;
1419 a->arp_ufwd = (u8) arp_ufwd;
1420 a->mac_age = (u8) mac_age;
1423 rv = bd_add_del (a);
1429 vlib_cli_output (vm, "bridge-domain %d", bd_id);
1431 case VNET_API_ERROR_BD_IN_USE:
1432 error = clib_error_return (0, "bridge domain in use - remove members");
1434 case VNET_API_ERROR_NO_SUCH_ENTRY:
1435 error = clib_error_return (0, "bridge domain ID does not exist");
1437 case VNET_API_ERROR_BD_NOT_MODIFIABLE:
1438 error = clib_error_return (0, "bridge domain 0 can not be modified");
1440 case VNET_API_ERROR_BD_ID_EXCEED_MAX:
1441 error = clib_error_return (0, "bridge domain ID exceed 16M limit");
1444 error = clib_error_return (0, "bd_add_del returned %d", rv);
1450 unformat_free (line_input);
1457 * Create/Delete bridge-domain instance
1461 * Example of creating bridge-domain 1:
1462 * @cliexstart{create bridge-domain 1}
1466 * Example of creating bridge-domain 2 with enabling arp-term, mac-age 60:
1467 * @cliexstart{create bridge-domain 2 arp-term 1 mac-age 60}
1470 * vpp# show bridge-domain
1471 * ID Index BSN Age(min) Learning U-Forwrd UU-Flood Flooding ARP-Term BVI-Intf
1472 * 0 0 0 off off off off off off local0
1473 * 1 1 0 off on on off on off N/A
1474 * 2 2 0 60 on on off on on N/A
1478 * Example of delete bridge-domain 1:
1479 * @cliexstart{create bridge-domain 1 del}
1485 VLIB_CLI_COMMAND (bd_create_cli, static) = {
1486 .path = "create bridge-domain",
1487 .short_help = "create bridge-domain <bridge-domain-id>"
1488 " [learn <0|1>] [forward <0|1>] [uu-flood <0|1>] [flood <0|1>] [arp-term <0|1>]"
1489 " [arp-ufwd <0|1>] [mac-age <nn>] [bd-tag <tag>] [del]",
1490 .function = bd_add_del_command_fn,
1497 * fd.io coding-style-patch-verification: ON
1500 * eval: (c-set-style "gnu")
Code Review / vpp.git / blob