2 * l2_bd.c : layer 2 bridge domain
4 * Copyright (c) 2013 Cisco and/or its affiliates.
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
9 * http://www.apache.org/licenses/LICENSE-2.0
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
18 #include <vlib/vlib.h>
19 #include <vnet/vnet.h>
21 #include <vnet/ethernet/ethernet.h>
22 #include <vnet/ip/format.h>
23 #include <vnet/l2/l2_input.h>
24 #include <vnet/l2/feat_bitmap.h>
25 #include <vnet/l2/l2_bd.h>
26 #include <vnet/l2/l2_learn.h>
27 #include <vnet/l2/l2_fib.h>
28 #include <vnet/l2/l2_vtr.h>
29 #include <vnet/ip/ip4_packet.h>
30 #include <vnet/ip/ip6_packet.h>
32 #include <vppinfra/error.h>
33 #include <vppinfra/hash.h>
34 #include <vppinfra/vec.h>
38 * @brief Ethernet Bridge Domain.
40 * Code in this file manages Layer 2 bridge domains.
47 Init bridge domain if not done already.
48 For feature bitmap, set all bits except ARP termination
51 bd_validate (l2_bridge_domain_t * bd_config)
53 if (bd_is_valid (bd_config))
55 bd_config->feature_bitmap =
56 ~(L2INPUT_FEAT_ARP_TERM | L2INPUT_FEAT_UU_FWD | L2INPUT_FEAT_ARP_UFWD);
57 bd_config->bvi_sw_if_index = ~0;
58 bd_config->uu_fwd_sw_if_index = ~0;
59 bd_config->members = 0;
60 bd_config->flood_count = 0;
61 bd_config->tun_master_count = 0;
62 bd_config->tun_normal_count = 0;
63 bd_config->no_flood_count = 0;
64 bd_config->mac_by_ip4 = 0;
65 bd_config->mac_by_ip6 = hash_create_mem (0, sizeof (ip6_address_t),
70 bd_find_index (bd_main_t * bdm, u32 bd_id)
72 u32 *p = (u32 *) hash_get (bdm->bd_index_by_bd_id, bd_id);
79 bd_add_bd_index (bd_main_t * bdm, u32 bd_id)
81 ASSERT (!hash_get (bdm->bd_index_by_bd_id, bd_id));
82 u32 rv = clib_bitmap_first_clear (bdm->bd_index_bitmap);
84 /* mark this index taken */
85 bdm->bd_index_bitmap = clib_bitmap_set (bdm->bd_index_bitmap, rv, 1);
87 hash_set (bdm->bd_index_by_bd_id, bd_id, rv);
89 vec_validate (l2input_main.bd_configs, rv);
90 l2input_main.bd_configs[rv].bd_id = bd_id;
91 l2input_main.bd_configs[rv].learn_limit =
92 l2learn_main.bd_default_learn_limit;
93 l2input_main.bd_configs[rv].learn_count = 0;
99 bd_free_ip_mac_tables (l2_bridge_domain_t * bd)
102 ip6_address_t *ip6_addr_key;
104 hash_free (bd->mac_by_ip4);
105 hash_foreach_mem (ip6_addr_key, mac_addr, bd->mac_by_ip6,
107 clib_mem_free (ip6_addr_key); /* free memory used for ip6 addr key */
109 hash_free (bd->mac_by_ip6);
113 bd_delete (bd_main_t * bdm, u32 bd_index)
115 l2_bridge_domain_t *bd = &l2input_main.bd_configs[bd_index];
116 u32 bd_id = bd->bd_id;
118 /* flush non-static MACs in BD and removed bd_id from hash table */
119 l2fib_flush_bd_mac (vlib_get_main (), bd_index);
120 hash_unset (bdm->bd_index_by_bd_id, bd_id);
122 /* mark this index clear */
123 bdm->bd_index_bitmap = clib_bitmap_set (bdm->bd_index_bitmap, bd_index, 0);
125 /* clear BD config for reuse: bd_id to -1 and clear feature_bitmap */
127 bd->feature_bitmap = 0;
129 bd->learn_count = ~0;
132 vec_free (bd->bd_tag);
134 /* free memory used by BD */
135 vec_free (bd->members);
136 bd_free_ip_mac_tables (bd);
142 update_flood_count (l2_bridge_domain_t * bd_config)
144 bd_config->flood_count = (vec_len (bd_config->members) -
145 (bd_config->tun_master_count ?
146 bd_config->tun_normal_count : 0));
147 bd_config->flood_count -= bd_config->no_flood_count;
151 bd_add_member (l2_bridge_domain_t * bd_config, l2_flood_member_t * member)
154 vnet_sw_interface_t *sw_if = vnet_get_sw_interface
155 (vnet_get_main (), member->sw_if_index);
158 * Add one element to the vector
159 * vector is ordered [ bvi, normal/tun_masters..., tun_normals... no_flood]
160 * When flooding, the bvi interface (if present) must be the last member
161 * processed due to how BVI processing can change the packet. To enable
162 * this order, we make the bvi interface the first in the vector and
163 * flooding walks the vector in reverse. The flood-count determines where
164 * in the member list to start the walk from.
166 switch (sw_if->flood_class)
168 case VNET_FLOOD_CLASS_NO_FLOOD:
169 bd_config->no_flood_count++;
170 ix = vec_len (bd_config->members);
172 case VNET_FLOOD_CLASS_BVI:
175 case VNET_FLOOD_CLASS_TUNNEL_MASTER:
176 bd_config->tun_master_count++;
178 case VNET_FLOOD_CLASS_NORMAL:
179 ix = (vec_len (bd_config->members) -
180 bd_config->tun_normal_count - bd_config->no_flood_count);
182 case VNET_FLOOD_CLASS_TUNNEL_NORMAL:
183 ix = (vec_len (bd_config->members) - bd_config->no_flood_count);
184 bd_config->tun_normal_count++;
188 vec_insert_elts (bd_config->members, member, 1, ix);
189 update_flood_count (bd_config);
192 #define BD_REMOVE_ERROR_OK 0
193 #define BD_REMOVE_ERROR_NOT_FOUND 1
196 bd_remove_member (l2_bridge_domain_t * bd_config, u32 sw_if_index)
200 /* Find and delete the member */
201 vec_foreach_index (ix, bd_config->members)
203 l2_flood_member_t *m = vec_elt_at_index (bd_config->members, ix);
204 if (m->sw_if_index == sw_if_index)
206 vnet_sw_interface_t *sw_if = vnet_get_sw_interface
207 (vnet_get_main (), sw_if_index);
209 if (sw_if->flood_class != VNET_FLOOD_CLASS_NORMAL)
211 if (sw_if->flood_class == VNET_FLOOD_CLASS_TUNNEL_MASTER)
212 bd_config->tun_master_count--;
213 else if (sw_if->flood_class == VNET_FLOOD_CLASS_TUNNEL_NORMAL)
214 bd_config->tun_normal_count--;
215 else if (sw_if->flood_class == VNET_FLOOD_CLASS_NO_FLOOD)
216 bd_config->no_flood_count--;
218 vec_delete (bd_config->members, 1, ix);
219 update_flood_count (bd_config);
221 return BD_REMOVE_ERROR_OK;
225 return BD_REMOVE_ERROR_NOT_FOUND;
230 l2bd_init (vlib_main_t * vm)
232 bd_main_t *bdm = &bd_main;
233 bdm->bd_index_by_bd_id = hash_create (0, sizeof (uword));
235 * create a placeholder bd with bd_id of 0 and bd_index of 0 with feature set
236 * to packet drop only. Thus, packets received from any L2 interface with
237 * uninitialized bd_index of 0 can be dropped safely.
239 u32 bd_index = bd_add_bd_index (bdm, 0);
240 ASSERT (bd_index == 0);
241 l2input_main.bd_configs[0].feature_bitmap = L2INPUT_FEAT_DROP;
247 VLIB_INIT_FUNCTION (l2bd_init);
250 bd_get (u32 bd_index)
252 if (bd_index < vec_len (l2input_main.bd_configs))
253 return (vec_elt_at_index (l2input_main.bd_configs, bd_index));
258 bd_input_walk (u32 bd_index, bd_input_walk_fn_t fn, void *data)
260 l2_flood_member_t *member;
261 l2_bridge_domain_t *bd;
265 bd = bd_get (bd_index);
269 vec_foreach (member, bd->members)
271 if (WALK_STOP == fn (bd_index, member->sw_if_index))
273 sw_if_index = member->sw_if_index;
278 return (sw_if_index);
282 b2_input_recache (u32 bd_index)
284 bd_input_walk (bd_index, l2input_recache, NULL);
288 Set the learn/forward/flood flags for the bridge domain.
289 Return 0 if ok, non-zero if for an error.
292 bd_set_flags (vlib_main_t * vm, u32 bd_index, bd_flags_t flags, u32 enable)
295 l2_bridge_domain_t *bd_config = l2input_bd_config (bd_index);
296 bd_validate (bd_config);
297 u32 feature_bitmap = 0;
299 if (flags & L2_LEARN)
301 feature_bitmap |= L2INPUT_FEAT_LEARN;
305 feature_bitmap |= L2INPUT_FEAT_FWD;
307 if (flags & L2_FLOOD)
309 feature_bitmap |= L2INPUT_FEAT_FLOOD;
311 if (flags & L2_UU_FLOOD)
313 feature_bitmap |= L2INPUT_FEAT_UU_FLOOD;
315 if (flags & L2_ARP_TERM)
317 feature_bitmap |= L2INPUT_FEAT_ARP_TERM;
319 if (flags & L2_ARP_UFWD)
321 feature_bitmap |= L2INPUT_FEAT_ARP_UFWD;
326 bd_config->feature_bitmap |= feature_bitmap;
330 bd_config->feature_bitmap &= ~feature_bitmap;
333 b2_input_recache (bd_index);
335 return bd_config->feature_bitmap;
339 Set the mac age for the bridge domain.
342 bd_set_mac_age (vlib_main_t * vm, u32 bd_index, u8 age)
344 l2_bridge_domain_t *bd_config;
347 vec_validate (l2input_main.bd_configs, bd_index);
348 bd_config = vec_elt_at_index (l2input_main.bd_configs, bd_index);
349 bd_config->mac_age = age;
350 b2_input_recache (bd_index);
352 /* check if there is at least one bd with mac aging enabled */
353 vec_foreach (bd_config, l2input_main.bd_configs)
354 enable |= bd_config->bd_id != ~0 && bd_config->mac_age != 0;
356 vlib_process_signal_event (vm, l2fib_mac_age_scanner_process_node.index,
357 enable ? L2_MAC_AGE_PROCESS_EVENT_START :
358 L2_MAC_AGE_PROCESS_EVENT_STOP, 0);
362 Set learn limit for the bridge domain.
365 bd_set_learn_limit (vlib_main_t *vm, u32 bd_index, u32 learn_limit)
367 l2_bridge_domain_t *bd_config;
368 vec_validate (l2input_main.bd_configs, bd_index);
369 bd_config = vec_elt_at_index (l2input_main.bd_configs, bd_index);
370 bd_config->learn_limit = learn_limit;
374 Set the tag for the bridge domain.
377 bd_set_bd_tag (vlib_main_t * vm, u32 bd_index, u8 * bd_tag)
380 l2_bridge_domain_t *bd_config;
381 vec_validate (l2input_main.bd_configs, bd_index);
382 bd_config = vec_elt_at_index (l2input_main.bd_configs, bd_index);
384 old = bd_config->bd_tag;
388 bd_config->bd_tag = format (0, "%s%c", bd_tag, 0);
392 bd_config->bd_tag = NULL;
399 Set bridge-domain learn enable/disable.
401 set bridge-domain learn <bd_id> [disable]
403 static clib_error_t *
404 bd_learn (vlib_main_t * vm,
405 unformat_input_t * input, vlib_cli_command_t * cmd)
407 bd_main_t *bdm = &bd_main;
408 clib_error_t *error = 0;
413 if (!unformat (input, "%d", &bd_id))
415 error = clib_error_return (0, "expecting bridge-domain id but got `%U'",
416 format_unformat_error, input);
421 return clib_error_return (0,
422 "No operations on the default bridge domain are supported");
424 p = hash_get (bdm->bd_index_by_bd_id, bd_id);
427 return clib_error_return (0, "No such bridge domain %d", bd_id);
432 if (unformat (input, "disable"))
437 /* set the bridge domain flag */
438 bd_set_flags (vm, bd_index, L2_LEARN, enable);
445 * Layer 2 learning can be enabled and disabled on each
446 * interface and on each bridge-domain. Use this command to
447 * manage bridge-domains. It is enabled by default.
450 * Example of how to enable learning (where 200 is the bridge-domain-id):
451 * @cliexcmd{set bridge-domain learn 200}
452 * Example of how to disable learning (where 200 is the bridge-domain-id):
453 * @cliexcmd{set bridge-domain learn 200 disable}
455 VLIB_CLI_COMMAND (bd_learn_cli, static) = {
456 .path = "set bridge-domain learn",
457 .short_help = "set bridge-domain learn <bridge-domain-id> [disable]",
458 .function = bd_learn,
461 static clib_error_t *
462 bd_default_learn_limit (vlib_main_t *vm, unformat_input_t *input,
463 vlib_cli_command_t *cmd)
465 l2learn_main_t *l2m = &l2learn_main;
466 clib_error_t *error = 0;
469 if (!unformat (input, "%d", &learn_limit))
471 error = clib_error_return (
472 0, "expecting per bridge-domain max entry number got`%U'",
473 format_unformat_error, input);
477 l2m->bd_default_learn_limit = learn_limit;
483 VLIB_CLI_COMMAND (bd_default_learn_limit_cli, static) = {
484 .path = "set bridge-domain default-learn-limit",
485 .short_help = "set bridge-domain default-learn-limit <maxentries>",
486 .function = bd_default_learn_limit,
490 Set bridge-domain forward enable/disable.
492 set bridge-domain forward <bd_index> [disable]
494 static clib_error_t *
495 bd_fwd (vlib_main_t * vm, unformat_input_t * input, vlib_cli_command_t * cmd)
497 bd_main_t *bdm = &bd_main;
498 clib_error_t *error = 0;
503 if (!unformat (input, "%d", &bd_id))
505 error = clib_error_return (0, "expecting bridge-domain id but got `%U'",
506 format_unformat_error, input);
511 return clib_error_return (0,
512 "No operations on the default bridge domain are supported");
514 p = hash_get (bdm->bd_index_by_bd_id, bd_id);
517 return clib_error_return (0, "No such bridge domain %d", bd_id);
522 if (unformat (input, "disable"))
527 /* set the bridge domain flag */
528 bd_set_flags (vm, bd_index, L2_FWD, enable);
536 * Layer 2 unicast forwarding can be enabled and disabled on each
537 * interface and on each bridge-domain. Use this command to
538 * manage bridge-domains. It is enabled by default.
541 * Example of how to enable forwarding (where 200 is the bridge-domain-id):
542 * @cliexcmd{set bridge-domain forward 200}
543 * Example of how to disable forwarding (where 200 is the bridge-domain-id):
544 * @cliexcmd{set bridge-domain forward 200 disable}
546 VLIB_CLI_COMMAND (bd_fwd_cli, static) = {
547 .path = "set bridge-domain forward",
548 .short_help = "set bridge-domain forward <bridge-domain-id> [disable]",
553 Set bridge-domain flood enable/disable.
555 set bridge-domain flood <bd_index> [disable]
557 static clib_error_t *
558 bd_flood (vlib_main_t * vm,
559 unformat_input_t * input, vlib_cli_command_t * cmd)
561 bd_main_t *bdm = &bd_main;
562 clib_error_t *error = 0;
567 if (!unformat (input, "%d", &bd_id))
569 error = clib_error_return (0, "expecting bridge-domain id but got `%U'",
570 format_unformat_error, input);
575 return clib_error_return (0,
576 "No operations on the default bridge domain are supported");
578 p = hash_get (bdm->bd_index_by_bd_id, bd_id);
581 return clib_error_return (0, "No such bridge domain %d", bd_id);
586 if (unformat (input, "disable"))
591 /* set the bridge domain flag */
592 bd_set_flags (vm, bd_index, L2_FLOOD, enable);
599 * Layer 2 flooding can be enabled and disabled on each
600 * interface and on each bridge-domain. Use this command to
601 * manage bridge-domains. It is enabled by default.
604 * Example of how to enable flooding (where 200 is the bridge-domain-id):
605 * @cliexcmd{set bridge-domain flood 200}
606 * Example of how to disable flooding (where 200 is the bridge-domain-id):
607 * @cliexcmd{set bridge-domain flood 200 disable}
609 VLIB_CLI_COMMAND (bd_flood_cli, static) = {
610 .path = "set bridge-domain flood",
611 .short_help = "set bridge-domain flood <bridge-domain-id> [disable]",
612 .function = bd_flood,
616 Set bridge-domain unknown-unicast flood enable/disable.
618 set bridge-domain uu-flood <bd_index> [disable]
620 static clib_error_t *
621 bd_uu_flood (vlib_main_t * vm,
622 unformat_input_t * input, vlib_cli_command_t * cmd)
624 bd_main_t *bdm = &bd_main;
625 clib_error_t *error = 0;
630 if (!unformat (input, "%d", &bd_id))
632 error = clib_error_return (0, "expecting bridge-domain id but got `%U'",
633 format_unformat_error, input);
638 return clib_error_return (0,
639 "No operations on the default bridge domain are supported");
641 p = hash_get (bdm->bd_index_by_bd_id, bd_id);
644 return clib_error_return (0, "No such bridge domain %d", bd_id);
649 if (unformat (input, "disable"))
654 /* set the bridge domain flag */
655 bd_set_flags (vm, bd_index, L2_UU_FLOOD, enable);
662 * Layer 2 unknown-unicast flooding can be enabled and disabled on each
663 * bridge-domain. It is enabled by default.
666 * Example of how to enable unknown-unicast flooding (where 200 is the
668 * @cliexcmd{set bridge-domain uu-flood 200}
669 * Example of how to disable unknown-unicast flooding (where 200 is the bridge-domain-id):
670 * @cliexcmd{set bridge-domain uu-flood 200 disable}
672 VLIB_CLI_COMMAND (bd_uu_flood_cli, static) = {
673 .path = "set bridge-domain uu-flood",
674 .short_help = "set bridge-domain uu-flood <bridge-domain-id> [disable]",
675 .function = bd_uu_flood,
679 Set bridge-domain arp-unicast forward enable/disable.
681 set bridge-domain arp-ufwd <bd_index> [disable]
683 static clib_error_t *
684 bd_arp_ufwd (vlib_main_t * vm,
685 unformat_input_t * input, vlib_cli_command_t * cmd)
687 bd_main_t *bdm = &bd_main;
688 clib_error_t *error = 0;
693 if (!unformat (input, "%d", &bd_id))
695 error = clib_error_return (0, "expecting bridge-domain id but got `%U'",
696 format_unformat_error, input);
701 return clib_error_return (0,
702 "No operations on the default bridge domain are supported");
704 p = hash_get (bdm->bd_index_by_bd_id, bd_id);
707 return clib_error_return (0, "No such bridge domain %d", bd_id);
712 if (unformat (input, "disable"))
717 /* set the bridge domain flag */
718 bd_set_flags (vm, bd_index, L2_ARP_UFWD, enable);
725 * Layer 2 arp-unicast forwarding can be enabled and disabled on each
726 * bridge-domain. It is disabled by default.
729 * Example of how to enable arp-unicast forwarding (where 200 is the
731 * @cliexcmd{set bridge-domain arp-ufwd 200}
732 * Example of how to disable arp-unicast forwarding (where 200 is the bridge-domain-id):
733 * @cliexcmd{set bridge-domain arp-ufwd 200 disable}
735 VLIB_CLI_COMMAND (bd_arp_ufwd_cli, static) = {
736 .path = "set bridge-domain arp-ufwd",
737 .short_help = "set bridge-domain arp-ufwd <bridge-domain-id> [disable]",
738 .function = bd_arp_ufwd,
742 Set bridge-domain arp term enable/disable.
744 set bridge-domain arp term <bridge-domain-id> [disable]
746 static clib_error_t *
747 bd_arp_term (vlib_main_t * vm,
748 unformat_input_t * input, vlib_cli_command_t * cmd)
750 bd_main_t *bdm = &bd_main;
751 clib_error_t *error = 0;
756 if (!unformat (input, "%d", &bd_id))
758 error = clib_error_return (0, "expecting bridge-domain id but got `%U'",
759 format_unformat_error, input);
764 return clib_error_return (0,
765 "No operations on the default bridge domain are supported");
767 p = hash_get (bdm->bd_index_by_bd_id, bd_id);
771 return clib_error_return (0, "No such bridge domain %d", bd_id);
774 if (unformat (input, "disable"))
777 /* set the bridge domain flag */
778 bd_set_flags (vm, bd_index, L2_ARP_TERM, enable);
784 static clib_error_t *
785 bd_mac_age (vlib_main_t * vm,
786 unformat_input_t * input, vlib_cli_command_t * cmd)
788 bd_main_t *bdm = &bd_main;
789 clib_error_t *error = 0;
794 if (!unformat (input, "%d", &bd_id))
796 error = clib_error_return (0, "expecting bridge-domain id but got `%U'",
797 format_unformat_error, input);
802 return clib_error_return (0,
803 "No operations on the default bridge domain are supported");
805 p = hash_get (bdm->bd_index_by_bd_id, bd_id);
808 return clib_error_return (0, "No such bridge domain %d", bd_id);
812 if (!unformat (input, "%u", &age))
815 clib_error_return (0, "expecting ageing time in minutes but got `%U'",
816 format_unformat_error, input);
820 /* set the bridge domain flag */
824 clib_error_return (0, "mac aging time cannot be bigger than 255");
827 bd_set_mac_age (vm, bd_index, (u8) age);
834 * Layer 2 mac aging can be enabled and disabled on each
835 * bridge-domain. Use this command to set or disable mac aging
836 * on specific bridge-domains. It is disabled by default.
839 * Example of how to set mac aging (where 200 is the bridge-domain-id and
840 * 5 is aging time in minutes):
841 * @cliexcmd{set bridge-domain mac-age 200 5}
842 * Example of how to disable mac aging (where 200 is the bridge-domain-id):
843 * @cliexcmd{set bridge-domain flood 200 0}
845 VLIB_CLI_COMMAND (bd_mac_age_cli, static) = {
846 .path = "set bridge-domain mac-age",
847 .short_help = "set bridge-domain mac-age <bridge-domain-id> <mins>",
848 .function = bd_mac_age,
851 static clib_error_t *
852 bd_learn_limit (vlib_main_t *vm, unformat_input_t *input,
853 vlib_cli_command_t *cmd)
855 bd_main_t *bdm = &bd_main;
856 clib_error_t *error = 0;
861 if (!unformat (input, "%d", &bd_id))
863 error = clib_error_return (0, "expecting bridge-domain id but got `%U'",
864 format_unformat_error, input);
869 return clib_error_return (
870 0, "No operations on the default bridge domain are supported");
872 p = hash_get (bdm->bd_index_by_bd_id, bd_id);
875 return clib_error_return (0, "No such bridge domain %d", bd_id);
879 if (!unformat (input, "%u", &learn_limit))
881 error = clib_error_return (
882 0, "expecting maxium number of learned entries but got `%U'",
883 format_unformat_error, input);
887 bd_set_learn_limit (vm, bd_index, learn_limit);
893 VLIB_CLI_COMMAND (bd_learn_limit_cli, static) = {
894 .path = "set bridge-domain learn-limit",
896 "set bridge-domain learn-limit <bridge-domain-id> <learn-limit>",
897 .function = bd_learn_limit,
901 * Modify whether or not an existing bridge-domain should terminate and respond
902 * to ARP Requests. ARP Termination is disabled by default.
905 * Example of how to enable ARP termination (where 200 is the bridge-domain-id):
906 * @cliexcmd{set bridge-domain arp term 200}
907 * Example of how to disable ARP termination (where 200 is the bridge-domain-id):
908 * @cliexcmd{set bridge-domain arp term 200 disable}
910 VLIB_CLI_COMMAND (bd_arp_term_cli, static) = {
911 .path = "set bridge-domain arp term",
912 .short_help = "set bridge-domain arp term <bridge-domain-id> [disable]",
913 .function = bd_arp_term,
918 * Add/delete IP address to MAC address mapping.
920 * The clib hash implementation stores uword entries in the hash table.
921 * The hash table mac_by_ip4 is keyed via IP4 address and store the
922 * 6-byte MAC address directly in the hash table entry uword.
924 * @warning This only works for 64-bit processor with 8-byte uword;
925 * which means this code *WILL NOT WORK* for a 32-bit processor with
929 bd_add_del_ip_mac (u32 bd_index,
931 const ip46_address_t * ip,
932 const mac_address_t * mac, u8 is_add)
934 l2_bridge_domain_t *bd_cfg = l2input_bd_config (bd_index);
935 u64 new_mac = mac_address_as_u64 (mac);
938 /* make sure uword is 8 bytes */
939 ASSERT (sizeof (uword) == sizeof (u64));
940 ASSERT (bd_is_valid (bd_cfg));
942 if (IP46_TYPE_IP6 == type)
944 ip6_address_t *ip6_addr_key;
946 old_mac = (u64 *) hash_get_mem (bd_cfg->mac_by_ip6, &ip->ip6);
951 /* new entry - allocate and create ip6 address key */
952 ip6_addr_key = clib_mem_alloc (sizeof (ip6_address_t));
953 clib_memcpy (ip6_addr_key, &ip->ip6, sizeof (ip6_address_t));
955 else if (*old_mac == new_mac)
957 /* same mac entry already exist for ip6 address */
962 /* update mac for ip6 address */
963 hp = hash_get_pair (bd_cfg->mac_by_ip6, &ip->ip6);
964 ip6_addr_key = (ip6_address_t *) hp->key;
966 hash_set_mem (bd_cfg->mac_by_ip6, ip6_addr_key, new_mac);
970 if (old_mac && (*old_mac == new_mac))
972 hp = hash_get_pair (bd_cfg->mac_by_ip6, &ip->ip6);
973 ip6_addr_key = (ip6_address_t *) hp->key;
974 hash_unset_mem (bd_cfg->mac_by_ip6, &ip->ip6);
975 clib_mem_free (ip6_addr_key);
983 old_mac = (u64 *) hash_get (bd_cfg->mac_by_ip4, ip->ip4.as_u32);
986 if (old_mac && (*old_mac == new_mac))
987 /* mac entry already exist */
989 hash_set (bd_cfg->mac_by_ip4, ip->ip4.as_u32, new_mac);
993 if (old_mac && (*old_mac == new_mac))
994 hash_unset (bd_cfg->mac_by_ip4, ip->ip4.as_u32);
1003 * Flush IP address to MAC address mapping tables in a BD.
1006 bd_flush_ip_mac (u32 bd_index)
1008 l2_bridge_domain_t *bd = l2input_bd_config (bd_index);
1009 ASSERT (bd_is_valid (bd));
1010 bd_free_ip_mac_tables (bd);
1013 hash_create_mem (0, sizeof (ip6_address_t), sizeof (uword));
1017 Set bridge-domain arp entry add/delete.
1019 set bridge-domain arp entry <bridge-domain-id> <ip-addr> <mac-addr> [del]
1021 static clib_error_t *
1022 bd_arp_entry (vlib_main_t * vm,
1023 unformat_input_t * input, vlib_cli_command_t * cmd)
1025 ip46_address_t ip_addr = ip46_address_initializer;
1026 ip46_type_t type = IP46_TYPE_IP4;
1027 bd_main_t *bdm = &bd_main;
1028 clib_error_t *error = 0;
1029 u32 bd_index, bd_id;
1034 if (!unformat (input, "%d", &bd_id))
1036 error = clib_error_return (0, "expecting bridge-domain id but got `%U'",
1037 format_unformat_error, input);
1042 return clib_error_return (0,
1043 "No operations on the default bridge domain are supported");
1045 p = hash_get (bdm->bd_index_by_bd_id, bd_id);
1050 return clib_error_return (0, "No such bridge domain %d", bd_id);
1052 if (unformat (input, "%U", unformat_ip4_address, &ip_addr.ip4))
1054 type = IP46_TYPE_IP4;
1056 else if (unformat (input, "%U", unformat_ip6_address, &ip_addr.ip6))
1058 type = IP46_TYPE_IP6;
1060 else if (unformat (input, "del-all"))
1062 bd_flush_ip_mac (bd_index);
1067 error = clib_error_return (0, "expecting IP address but got `%U'",
1068 format_unformat_error, input);
1072 if (!unformat (input, "%U", unformat_mac_address_t, &mac))
1074 error = clib_error_return (0, "expecting MAC address but got `%U'",
1075 format_unformat_error, input);
1079 if (unformat (input, "del"))
1084 /* set the bridge domain flagAdd IP-MAC entry into bridge domain */
1085 if (bd_add_del_ip_mac (bd_index, type, &ip_addr, &mac, is_add))
1087 error = clib_error_return (0, "MAC %s for IP %U and MAC %U failed",
1088 is_add ? "add" : "del",
1089 format_ip46_address, &ip_addr, IP46_TYPE_ANY,
1090 format_mac_address_t, &mac);
1098 * Add an ARP entry to an existing bridge-domain.
1101 * Example of how to add an ARP entry (where 200 is the bridge-domain-id):
1102 * @cliexcmd{set bridge-domain arp entry 200 192.168.72.45 52:54:00:3b:83:1a}
1103 * Example of how to delete an ARP entry (where 200 is the bridge-domain-id):
1104 * @cliexcmd{set bridge-domain arp entry 200 192.168.72.45 52:54:00:3b:83:1a del}
1106 VLIB_CLI_COMMAND (bd_arp_entry_cli, static) = {
1107 .path = "set bridge-domain arp entry",
1108 .short_help = "set bridge-domain arp entry <bridge-domain-id> [<ip-addr> <mac-addr> [del] | del-all]",
1109 .function = bd_arp_entry,
1113 format_uu_cfg (u8 * s, va_list * args)
1115 l2_bridge_domain_t *bd_config = va_arg (*args, l2_bridge_domain_t *);
1117 if (bd_config->feature_bitmap & L2INPUT_FEAT_UU_FWD)
1118 return (format (s, "%U", format_vnet_sw_if_index_name_with_NA,
1119 vnet_get_main (), bd_config->uu_fwd_sw_if_index));
1120 else if (bd_config->feature_bitmap & L2INPUT_FEAT_UU_FLOOD)
1121 return (format (s, "flood"));
1123 return (format (s, "drop"));
1127 Show bridge-domain state.
1129 show bridge-domain [<bd_index>]
1131 static clib_error_t *
1132 bd_show (vlib_main_t * vm, unformat_input_t * input, vlib_cli_command_t * cmd)
1134 vnet_main_t *vnm = vnet_get_main ();
1135 bd_main_t *bdm = &bd_main;
1136 clib_error_t *error = 0;
1138 l2_bridge_domain_t *bd_config;
1148 end = vec_len (l2input_main.bd_configs);
1150 if (unformat (input, "%d", &bd_id))
1152 if (unformat (input, "detail"))
1154 else if (unformat (input, "det"))
1156 if (unformat (input, "int"))
1158 if (unformat (input, "arp"))
1160 if (unformat (input, "bd-tag"))
1164 return clib_error_return (0,
1165 "No operations on the default bridge domain are supported");
1167 p = hash_get (bdm->bd_index_by_bd_id, bd_id);
1171 return clib_error_return (0, "No such bridge domain %d", bd_id);
1173 vec_validate (l2input_main.bd_configs, bd_index);
1174 bd_config = vec_elt_at_index (l2input_main.bd_configs, bd_index);
1175 if (bd_is_valid (bd_config))
1182 vlib_cli_output (vm, "bridge-domain %d not in use", bd_id);
1187 /* Show all bridge-domains that have been initialized */
1190 for (bd_index = start; bd_index < end; bd_index++)
1192 bd_config = vec_elt_at_index (l2input_main.bd_configs, bd_index);
1193 if (bd_is_valid (bd_config))
1198 vlib_cli_output (vm,
1199 "%=8s %=7s %=4s %=9s %=9s %=9s %=11s %=9s %=9s "
1200 "%=9s %=8s %=8s %=11s",
1201 "BD-ID", "Index", "BSN", "Age(min)", "Learning",
1202 "U-Forwrd", "UU-Flood", "Flooding", "ARP-Term",
1203 "arp-ufwd", "Learn-count", "Learn-limit",
1207 if (bd_config->mac_age)
1208 as = format (as, "%d", bd_config->mac_age);
1210 as = format (as, "off");
1213 "%=8d %=7d %=4d %=9v %=9s %=9s %=11U %=9s %=9s %=9s %=8d %=8d "
1215 bd_config->bd_id, bd_index, bd_config->seq_num, as,
1216 bd_config->feature_bitmap & L2INPUT_FEAT_LEARN ? "on" : "off",
1217 bd_config->feature_bitmap & L2INPUT_FEAT_FWD ? "on" : "off",
1218 format_uu_cfg, bd_config,
1219 bd_config->feature_bitmap & L2INPUT_FEAT_FLOOD ? "on" : "off",
1220 bd_config->feature_bitmap & L2INPUT_FEAT_ARP_TERM ? "on" : "off",
1221 bd_config->feature_bitmap & L2INPUT_FEAT_ARP_UFWD ? "on" : "off",
1222 bd_config->learn_count, bd_config->learn_limit,
1223 format_vnet_sw_if_index_name_with_NA, vnm,
1224 bd_config->bvi_sw_if_index);
1226 vlib_cli_output (vm, "%U", format_l2_input_feature_bitmap,
1227 bd_config->feature_bitmap);
1228 vec_reset_length (as);
1232 /* Show all member interfaces */
1234 vec_foreach_index (i, bd_config->members)
1236 l2_flood_member_t *member =
1237 vec_elt_at_index (bd_config->members, i);
1238 u8 swif_seq_num = l2_input_seq_num (member->sw_if_index);
1239 u32 vtr_opr, dot1q, tag1, tag2;
1242 vlib_cli_output (vm, "\n%=30s%=7s%=5s%=5s%=5s%=9s%=30s",
1243 "Interface", "If-idx", "ISN", "SHG",
1244 "BVI", "TxFlood", "VLAN-Tag-Rewrite");
1246 l2vtr_get (vm, vnm, member->sw_if_index, &vtr_opr, &dot1q,
1248 vlib_cli_output (vm, "%=30U%=7d%=5d%=5d%=5s%=9s%=30U",
1249 format_vnet_sw_if_index_name, vnm,
1250 member->sw_if_index, member->sw_if_index,
1251 swif_seq_num, member->shg,
1252 member->flags & L2_FLOOD_MEMBER_BVI ? "*" :
1253 "-", i < bd_config->flood_count ? "*" : "-",
1254 format_vtr, vtr_opr, dot1q, tag1, tag2);
1256 if (~0 != bd_config->uu_fwd_sw_if_index)
1257 vlib_cli_output (vm, "%=30U%=7d%=5d%=5d%=5s%=9s%=30s",
1258 format_vnet_sw_if_index_name, vnm,
1259 bd_config->uu_fwd_sw_if_index,
1260 bd_config->uu_fwd_sw_if_index,
1261 0, 0, "uu", "-", "None");
1265 if ((detail || arp) &&
1266 (bd_config->feature_bitmap & L2INPUT_FEAT_ARP_TERM))
1269 ip6_address_t *ip6_addr;
1271 vlib_cli_output (vm,
1272 "\n IP4/IP6 to MAC table for ARP Termination");
1274 hash_foreach (ip4_addr, mac_addr, bd_config->mac_by_ip4,
1276 vlib_cli_output (vm, "%=40U => %=20U",
1277 format_ip4_address, &ip4_addr,
1278 format_ethernet_address, &mac_addr);
1281 hash_foreach_mem (ip6_addr, mac_addr, bd_config->mac_by_ip6,
1283 vlib_cli_output (vm, "%=40U => %=20U",
1284 format_ip6_address, ip6_addr,
1285 format_ethernet_address, &mac_addr);
1289 if ((detail || bd_tag) && (bd_config->bd_tag))
1291 vlib_cli_output (vm, "\n BD-Tag: %s", bd_config->bd_tag);
1300 vlib_cli_output (vm, "no bridge-domains in use");
1308 * Show a summary of all the bridge-domain instances or detailed view of a
1309 * single bridge-domain. Bridge-domains are created by adding an interface
1310 * to a bridge using the '<em>set interface l2 bridge</em>' command.
1314 * Example of displaying all bridge-domains:
1315 * @cliexstart{show bridge-domain}
1316 * ID Index Learning U-Forwrd UU-Flood Flooding ARP-Term BVI-Intf
1317 * 0 0 off off off off off local0
1318 * 200 1 on on on on off N/A
1321 * Example of displaying details of a single bridge-domains:
1322 * @cliexstart{show bridge-domain 200 detail}
1323 * ID Index Learning U-Forwrd UU-Flood Flooding ARP-Term BVI-Intf
1324 * 200 1 on on on on off N/A
1326 * Interface Index SHG BVI VLAN-Tag-Rewrite
1327 * GigabitEthernet0/8/0.200 3 0 - none
1328 * GigabitEthernet0/9/0.200 4 0 - none
1332 VLIB_CLI_COMMAND (bd_show_cli, static) = {
1333 .path = "show bridge-domain",
1334 .short_help = "show bridge-domain [bridge-domain-id [detail|int|arp|bd-tag]]",
1335 .function = bd_show,
1339 bd_add_del (l2_bridge_domain_add_del_args_t * a)
1341 bd_main_t *bdm = &bd_main;
1342 l2fib_main_t *fm = &l2fib_main;
1343 vlib_main_t *vm = bdm->vlib_main;
1346 if (fm->mac_table_initialized == 0)
1347 l2fib_table_init ();
1349 u32 bd_index = bd_find_index (bdm, a->bd_id);
1353 return VNET_API_ERROR_BD_ALREADY_EXISTS;
1354 if (a->bd_id > L2_BD_ID_MAX)
1355 return VNET_API_ERROR_BD_ID_EXCEED_MAX;
1356 bd_index = bd_add_bd_index (bdm, a->bd_id);
1358 bd_flags_t enable_flags = 0, disable_flags = 0;
1360 enable_flags |= L2_FLOOD;
1362 disable_flags |= L2_FLOOD;
1365 enable_flags |= L2_UU_FLOOD;
1367 disable_flags |= L2_UU_FLOOD;
1370 enable_flags |= L2_FWD;
1372 disable_flags |= L2_FWD;
1375 enable_flags |= L2_LEARN;
1377 disable_flags |= L2_LEARN;
1380 enable_flags |= L2_ARP_TERM;
1382 disable_flags |= L2_ARP_TERM;
1385 enable_flags |= L2_ARP_UFWD;
1387 disable_flags |= L2_ARP_UFWD;
1390 bd_set_flags (vm, bd_index, enable_flags, 1 /* enable */ );
1393 bd_set_flags (vm, bd_index, disable_flags, 0 /* disable */ );
1395 bd_set_mac_age (vm, bd_index, a->mac_age);
1398 bd_set_bd_tag (vm, bd_index, a->bd_tag);
1400 bd_set_learn_limit (vm, bd_index, l2learn_main.bd_default_learn_limit);
1401 vec_elt_at_index (l2input_main.bd_configs, bd_index)->learn_count = 0;
1406 return VNET_API_ERROR_NO_SUCH_ENTRY;
1408 return VNET_API_ERROR_BD_NOT_MODIFIABLE;
1409 if (vec_len (l2input_main.bd_configs[bd_index].members))
1410 return VNET_API_ERROR_BD_IN_USE;
1411 rv = bd_delete (bdm, bd_index);
1418 Create or delete bridge-domain.
1420 create bridge-domain <bd_index> [learn <0|1>] [forward <0|1>] [uu-flood <0|1>] [flood <0|1>]
1421 [arp-term <0|1>] [mac-age <nn>] [bd-tag <tag>] [del]
1424 static clib_error_t *
1425 bd_add_del_command_fn (vlib_main_t * vm, unformat_input_t * input,
1426 vlib_cli_command_t * cmd)
1428 unformat_input_t _line_input, *line_input = &_line_input;
1429 clib_error_t *error = 0;
1432 u32 flood = 1, forward = 1, learn = 1, uu_flood = 1, arp_term =
1436 l2_bridge_domain_add_del_args_t _a, *a = &_a;
1439 /* Get a line of input. */
1440 if (!unformat_user (input, unformat_line_input, line_input))
1443 while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
1445 if (unformat (line_input, "%d", &bd_id))
1447 else if (unformat (line_input, "flood %d", &flood))
1449 else if (unformat (line_input, "uu-flood %d", &uu_flood))
1451 else if (unformat (line_input, "forward %d", &forward))
1453 else if (unformat (line_input, "learn %d", &learn))
1455 else if (unformat (line_input, "arp-term %d", &arp_term))
1457 else if (unformat (line_input, "arp-ufwd %d", &arp_ufwd))
1459 else if (unformat (line_input, "mac-age %d", &mac_age))
1461 else if (unformat (line_input, "bd-tag %s", &bd_tag))
1463 else if (unformat (line_input, "del"))
1466 flood = uu_flood = forward = learn = 0;
1476 bd_id = bd_get_unused_id ();
1480 error = clib_error_return (0, "bridge-domain-id not specified");
1487 error = clib_error_return (0, "bridge domain 0 can not be modified");
1493 error = clib_error_return (0, "mac age must be less than 256");
1496 if ((bd_tag) && (strlen ((char *) bd_tag) > 63))
1498 error = clib_error_return (0, "bd-tag cannot be longer than 63");
1502 clib_memset (a, 0, sizeof (*a));
1505 a->flood = (u8) flood;
1506 a->uu_flood = (u8) uu_flood;
1507 a->forward = (u8) forward;
1508 a->learn = (u8) learn;
1509 a->arp_term = (u8) arp_term;
1510 a->arp_ufwd = (u8) arp_ufwd;
1511 a->mac_age = (u8) mac_age;
1514 rv = bd_add_del (a);
1520 vlib_cli_output (vm, "bridge-domain %d", bd_id);
1522 case VNET_API_ERROR_BD_IN_USE:
1523 error = clib_error_return (0, "bridge domain in use - remove members");
1525 case VNET_API_ERROR_NO_SUCH_ENTRY:
1526 error = clib_error_return (0, "bridge domain ID does not exist");
1528 case VNET_API_ERROR_BD_NOT_MODIFIABLE:
1529 error = clib_error_return (0, "bridge domain 0 can not be modified");
1531 case VNET_API_ERROR_BD_ID_EXCEED_MAX:
1532 error = clib_error_return (0, "bridge domain ID exceed 16M limit");
1535 error = clib_error_return (0, "bd_add_del returned %d", rv);
1541 unformat_free (line_input);
1548 * Create/Delete bridge-domain instance
1552 * Example of creating bridge-domain 1:
1553 * @cliexstart{create bridge-domain 1}
1557 * Example of creating bridge-domain 2 with enabling arp-term, mac-age 60:
1558 * @cliexstart{create bridge-domain 2 arp-term 1 mac-age 60}
1561 * vpp# show bridge-domain
1562 * ID Index BSN Age(min) Learning U-Forwrd UU-Flood Flooding ARP-Term BVI-Intf
1563 * 0 0 0 off off off off off off local0
1564 * 1 1 0 off on on off on off N/A
1565 * 2 2 0 60 on on off on on N/A
1569 * Example of delete bridge-domain 1:
1570 * @cliexstart{create bridge-domain 1 del}
1575 VLIB_CLI_COMMAND (bd_create_cli, static) = {
1576 .path = "create bridge-domain",
1577 .short_help = "create bridge-domain <bridge-domain-id>"
1578 " [learn <0|1>] [forward <0|1>] [uu-flood <0|1>] [flood <0|1>] [arp-term <0|1>]"
1579 " [arp-ufwd <0|1>] [mac-age <nn>] [bd-tag <tag>] [del]",
1580 .function = bd_add_del_command_fn,
1584 * Returns an unused bridge domain id, and ~0 if it can't find one.
1587 bd_get_unused_id (void)
1589 bd_main_t *bdm = &bd_main;
1591 static u32 seed = 0;
1593 /* limit to 1M tries */
1594 for (j = 0; j < 1 << 10; j++)
1596 seed = random_u32 (&seed);
1597 for (i = 0; i < 1 << 10; i++)
1600 * iterate seed+0, seed+1, seed-1, seed+2, seed-2, ... to generate id
1602 seed += (2 * (i % 2) - 1) * i;
1603 /* bd_id must be (1 <= bd_id <= L2_BD_ID_MAX) */
1604 seed &= L2_BD_ID_MAX;
1607 if (bd_find_index (bdm, seed) == ~0)
1616 * fd.io coding-style-patch-verification: ON
1619 * eval: (c-set-style "gnu")
Code Review / vpp.git / blob