#include <vppinfra/vec.h>
#include <vnet/vnet.h>
#include <vnet/ip/ip.h>
-#include <vppinfra/bihash_24_8.h>
+#include <vppinfra/bihash_16_8.h>
#include <vnet/ip/ip4_reassembly.h>
#define MSEC_PER_SEC 1000
#define IP4_REASS_TIMEOUT_DEFAULT_MS 100
#define IP4_REASS_EXPIRE_WALK_INTERVAL_DEFAULT_MS 10000 // 10 seconds default
-#define IP4_REASS_MAX_REASSEMBLIES_DEAFULT 1024
+#define IP4_REASS_MAX_REASSEMBLIES_DEFAULT 1024
+#define IP4_REASS_MAX_REASSEMBLY_LENGTH_DEFAULT 3
#define IP4_REASS_HT_LOAD_FACTOR (0.75)
#define IP4_REASS_DEBUG_BUFFERS 0
#define IP4_REASS_DEBUG_BUFFER(...)
#endif
-static vlib_node_registration_t ip4_reass_node;
+typedef enum
+{
+ IP4_REASS_RC_OK,
+ IP4_REASS_RC_TOO_MANY_FRAGMENTS,
+ IP4_REASS_RC_INTERNAL_ERROR,
+ IP4_REASS_RC_NO_BUF,
+} ip4_reass_rc_t;
typedef struct
{
{
struct
{
- // align by making this 4 octets even though its a 2 octets field
u32 xx_id;
ip4_address_t src;
ip4_address_t dst;
- // align by making this 4 octets even though its a 2 octets field
- u32 frag_id;
- // align by making this 4 octets even though its a 1 octet field
- u32 proto;
- u32 unused;
+ u16 frag_id;
+ u8 proto;
+ u8 unused;
};
- u64 as_u64[3];
+ u64 as_u64[2];
};
} ip4_reass_key_t;
-always_inline u32
-ip4_reass_buffer_get_data_offset_no_check (vlib_buffer_t * b)
+typedef union
{
- vnet_buffer_opaque_t *vnb = vnet_buffer (b);
- return vnb->ip.reass.range_first - vnb->ip.reass.fragment_first;
-}
+ struct
+ {
+ u32 reass_index;
+ u32 thread_index;
+ };
+ u64 as_u64;
+} ip4_reass_val_t;
+
+typedef union
+{
+ struct
+ {
+ ip4_reass_key_t k;
+ ip4_reass_val_t v;
+ };
+ clib_bihash_kv_16_8_t kv;
+} ip4_reass_kv_t;
always_inline u32
ip4_reass_buffer_get_data_offset (vlib_buffer_t * b)
{
vnet_buffer_opaque_t *vnb = vnet_buffer (b);
- ASSERT (vnb->ip.reass.range_first >= vnb->ip.reass.fragment_first);
- return ip4_reass_buffer_get_data_offset_no_check (b);
+ return vnb->ip.reass.range_first - vnb->ip.reass.fragment_first;
}
always_inline u16
-ip4_reass_buffer_get_data_len_no_check (vlib_buffer_t * b)
+ip4_reass_buffer_get_data_len (vlib_buffer_t * b)
{
vnet_buffer_opaque_t *vnb = vnet_buffer (b);
return clib_min (vnb->ip.reass.range_last, vnb->ip.reass.fragment_last) -
(vnb->ip.reass.fragment_first + ip4_reass_buffer_get_data_offset (b)) + 1;
}
-always_inline u16
-ip4_reass_buffer_get_data_len (vlib_buffer_t * b)
-{
- vnet_buffer_opaque_t *vnb = vnet_buffer (b);
- ASSERT (vnb->ip.reass.range_last > vnb->ip.reass.fragment_first);
- return ip4_reass_buffer_get_data_len_no_check (b);
-}
-
typedef struct
{
// hash table key
ip4_reass_key_t key;
- f64 first_heard;
// time when last packet was received
f64 last_heard;
// internal id of this reassembly
- u32 id;
+ u64 id;
// buffer index of first buffer in this reassembly context
u32 first_bi;
// last octet of packet, ~0 until fragment without more_fragments arrives
u32 data_len;
// trace operation counter
u32 trace_op_counter;
+ // next index - used by non-feature node
+ u8 next_index;
+ // minimum fragment length for this reassembly - used to estimate MTU
+ u16 min_fragment_length;
+ // number of fragments in this reassembly
+ u32 fragments_n;
} ip4_reass_t;
+typedef struct
+{
+ ip4_reass_t *pool;
+ u32 reass_n;
+ u32 id_counter;
+ clib_spinlock_t lock;
+} ip4_reass_per_thread_t;
+
typedef struct
{
// IPv4 config
u32 timeout_ms;
f64 timeout;
u32 expire_walk_interval_ms;
+ // maximum number of fragments in one reassembly
+ u32 max_reass_len;
+ // maximum number of reassemblies
u32 max_reass_n;
// IPv4 runtime
- ip4_reass_t *pool;
- clib_bihash_24_8_t hash;
- u32 reass_n;
- u32 id_counter;
- u32 buffers_n;
+ clib_bihash_16_8_t hash;
+ // per-thread data
+ ip4_reass_per_thread_t *per_thread_data;
// convenience
vlib_main_t *vlib_main;
u32 ip4_drop_idx;
u32 ip4_reass_expire_node_idx;
+ /** Worker handoff */
+ u32 fq_index;
+ u32 fq_feature_index;
+
} ip4_reass_main_t;
+extern ip4_reass_main_t ip4_reass_main;
+
+#ifndef CLIB_MARCH_VARIANT
ip4_reass_main_t ip4_reass_main;
+#endif /* CLIB_MARCH_VARIANT */
typedef enum
{
IP4_REASSEMBLY_NEXT_INPUT,
IP4_REASSEMBLY_NEXT_DROP,
+ IP4_REASSEMBLY_NEXT_HANDOFF,
IP4_REASSEMBLY_N_NEXT,
} ip4_reass_next_t;
typedef struct
{
ip4_reass_trace_operation_e action;
- u32 pool_index;
u32 reass_id;
ip4_reass_range_trace_t trace_range;
u32 size_diff;
u32 total_data_len;
} ip4_reass_trace_t;
-void
+extern vlib_node_registration_t ip4_reass_node;
+extern vlib_node_registration_t ip4_reass_node_feature;
+
+static void
ip4_reass_trace_details (vlib_main_t * vm, u32 bi,
ip4_reass_range_trace_t * trace)
{
vnet_buffer_opaque_t *vnb = vnet_buffer (b);
trace->range_first = vnb->ip.reass.range_first;
trace->range_last = vnb->ip.reass.range_last;
- trace->data_offset = ip4_reass_buffer_get_data_offset_no_check (b);
- trace->data_len = ip4_reass_buffer_get_data_len_no_check (b);
+ trace->data_offset = ip4_reass_buffer_get_data_offset (b);
+ trace->data_len = ip4_reass_buffer_get_data_len (b);
trace->range_bi = bi;
}
-u8 *
+static u8 *
format_ip4_reass_range_trace (u8 * s, va_list * args)
{
ip4_reass_range_trace_t *trace = va_arg (*args, ip4_reass_range_trace_t *);
return s;
}
-u8 *
+static u8 *
format_ip4_reass_trace (u8 * s, va_list * args)
{
CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
return s;
}
-void
+static void
ip4_reass_add_trace (vlib_main_t * vm, vlib_node_runtime_t * node,
ip4_reass_main_t * rm, ip4_reass_t * reass, u32 bi,
ip4_reass_trace_operation_e action, u32 size_diff)
{
vlib_buffer_t *b = vlib_get_buffer (vm, bi);
vnet_buffer_opaque_t *vnb = vnet_buffer (b);
+ if (pool_is_free_index (vm->trace_main.trace_buffer_pool, b->trace_index))
+ {
+ // this buffer's trace is gone
+ b->flags &= ~VLIB_BUFFER_IS_TRACED;
+ return;
+ }
ip4_reass_trace_t *t = vlib_add_trace (vm, node, b, sizeof (t[0]));
- t->pool_index = reass - rm->pool;
t->reass_id = reass->id;
t->action = action;
ip4_reass_trace_details (vm, bi, &t->trace_range);
#endif
}
-void
-ip4_reass_free (ip4_reass_main_t * rm, ip4_reass_t * reass)
+
+always_inline void
+ip4_reass_free (ip4_reass_main_t * rm, ip4_reass_per_thread_t * rt,
+ ip4_reass_t * reass)
{
- clib_bihash_kv_24_8_t kv;
+ clib_bihash_kv_16_8_t kv;
kv.key[0] = reass->key.as_u64[0];
kv.key[1] = reass->key.as_u64[1];
- kv.key[2] = reass->key.as_u64[2];
- clib_bihash_add_del_24_8 (&rm->hash, &kv, 0);
- pool_put (rm->pool, reass);
- --rm->reass_n;
+ clib_bihash_add_del_16_8 (&rm->hash, &kv, 0);
+ pool_put (rt->pool, reass);
+ --rt->reass_n;
}
-static void
+always_inline void
ip4_reass_on_timeout (vlib_main_t * vm, ip4_reass_main_t * rm,
- ip4_reass_t * reass, u32 ** vec_drop_timeout)
+ ip4_reass_t * reass)
{
u32 range_bi = reass->first_bi;
vlib_buffer_t *range_b;
vnet_buffer_opaque_t *range_vnb;
+ u32 *to_free = NULL;
while (~0 != range_bi)
{
range_b = vlib_get_buffer (vm, range_bi);
u32 bi = range_bi;
while (~0 != bi)
{
- vec_add1 (*vec_drop_timeout, bi);
+ vec_add1 (to_free, bi);
vlib_buffer_t *b = vlib_get_buffer (vm, bi);
if (b->flags & VLIB_BUFFER_NEXT_PRESENT)
{
}
range_bi = range_vnb->ip.reass.next_range_bi;
}
+ vlib_buffer_free (vm, to_free, vec_len (to_free));
+ vec_free (to_free);
}
-ip4_reass_t *
+static ip4_reass_t *
ip4_reass_find_or_create (vlib_main_t * vm, ip4_reass_main_t * rm,
- ip4_reass_key_t * k, u32 ** vec_drop_timeout)
+ ip4_reass_per_thread_t * rt, ip4_reass_kv_t * kv,
+ u8 * do_handoff)
{
ip4_reass_t *reass = NULL;
f64 now = vlib_time_now (rm->vlib_main);
- clib_bihash_kv_24_8_t kv, value;
- kv.key[0] = k->as_u64[0];
- kv.key[1] = k->as_u64[1];
- kv.key[2] = k->as_u64[2];
- if (!clib_bihash_search_24_8 (&rm->hash, &kv, &value))
+ if (!clib_bihash_search_16_8
+ (&rm->hash, (clib_bihash_kv_16_8_t *) kv, (clib_bihash_kv_16_8_t *) kv))
{
- reass = pool_elt_at_index (rm->pool, value.value);
+ if (vm->thread_index != kv->v.thread_index)
+ {
+ *do_handoff = 1;
+ return NULL;
+ }
+ reass = pool_elt_at_index (rt->pool, kv->v.reass_index);
+
if (now > reass->last_heard + rm->timeout)
{
- ip4_reass_on_timeout (vm, rm, reass, vec_drop_timeout);
- ip4_reass_free (rm, reass);
+ ip4_reass_on_timeout (vm, rm, reass);
+ ip4_reass_free (rm, rt, reass);
reass = NULL;
}
}
return reass;
}
- if (rm->reass_n >= rm->max_reass_n)
+ if (rt->reass_n >= rm->max_reass_n)
{
reass = NULL;
return reass;
}
else
{
- pool_get (rm->pool, reass);
- memset (reass, 0, sizeof (*reass));
- reass->id = rm->id_counter;
- ++rm->id_counter;
+ pool_get (rt->pool, reass);
+ clib_memset (reass, 0, sizeof (*reass));
+ reass->id = ((u64) vm->thread_index * 1000000000) + rt->id_counter;
+ ++rt->id_counter;
reass->first_bi = ~0;
reass->last_packet_octet = ~0;
reass->data_len = 0;
- ++rm->reass_n;
+ ++rt->reass_n;
}
- reass->key.as_u64[0] = kv.key[0] = k->as_u64[0];
- reass->key.as_u64[1] = kv.key[1] = k->as_u64[1];
- reass->key.as_u64[2] = kv.key[2] = k->as_u64[2];
- kv.value = reass - rm->pool;
+ reass->key.as_u64[0] = ((clib_bihash_kv_16_8_t *) kv)->key[0];
+ reass->key.as_u64[1] = ((clib_bihash_kv_16_8_t *) kv)->key[1];
+ kv->v.reass_index = (reass - rt->pool);
+ kv->v.thread_index = vm->thread_index;
reass->last_heard = now;
- if (clib_bihash_add_del_24_8 (&rm->hash, &kv, 1))
+ if (clib_bihash_add_del_16_8 (&rm->hash, (clib_bihash_kv_16_8_t *) kv, 1))
{
- ip4_reass_free (rm, reass);
+ ip4_reass_free (rm, rt, reass);
reass = NULL;
}
return reass;
}
-void
+always_inline ip4_reass_rc_t
ip4_reass_finalize (vlib_main_t * vm, vlib_node_runtime_t * node,
- ip4_reass_main_t * rm, ip4_reass_t * reass, u32 * bi0,
- u32 * next0, vlib_error_t * error0, u32 next_input,
- u32 ** vec_drop_compress, u32 ** vec_drop_overlap)
+ ip4_reass_main_t * rm, ip4_reass_per_thread_t * rt,
+ ip4_reass_t * reass, u32 * bi0, u32 * next0, u32 * error0,
+ bool is_feature)
{
- ASSERT (~0 != reass->first_bi);
vlib_buffer_t *first_b = vlib_get_buffer (vm, reass->first_bi);
vlib_buffer_t *last_b = NULL;
u32 sub_chain_bi = reass->first_bi;
u32 total_length = 0;
u32 buf_cnt = 0;
- u32 dropped_cnt = 0;
do
{
u32 tmp_bi = sub_chain_bi;
vlib_buffer_t *tmp = vlib_get_buffer (vm, tmp_bi);
ip4_header_t *ip = vlib_buffer_get_current (tmp);
+ vnet_buffer_opaque_t *vnb = vnet_buffer (tmp);
+ if (!(vnb->ip.reass.range_first >= vnb->ip.reass.fragment_first) &&
+ !(vnb->ip.reass.range_last > vnb->ip.reass.fragment_first))
+ {
+ return IP4_REASS_RC_INTERNAL_ERROR;
+ }
+
u32 data_len = ip4_reass_buffer_get_data_len (tmp);
u32 trim_front =
ip4_header_bytes (ip) + ip4_reass_buffer_get_data_offset (tmp);
if (tmp_bi == reass->first_bi)
{
/* first buffer - keep ip4 header */
- ASSERT (0 == ip4_reass_buffer_get_data_offset (tmp));
+ if (0 != ip4_reass_buffer_get_data_offset (tmp))
+ {
+ return IP4_REASS_RC_INTERNAL_ERROR;
+ }
trim_front = 0;
trim_end = vlib_buffer_length_in_chain (vm, tmp) - data_len -
ip4_header_bytes (ip);
- ASSERT (vlib_buffer_length_in_chain (vm, tmp) - trim_end > 0);
+ if (!(vlib_buffer_length_in_chain (vm, tmp) - trim_end > 0))
+ {
+ return IP4_REASS_RC_INTERNAL_ERROR;
+ }
}
u32 keep_data =
vlib_buffer_length_in_chain (vm, tmp) - trim_front - trim_end;
if (trim_front > tmp->current_length)
{
/* drop whole buffer */
- vec_add1 (*vec_drop_compress, tmp_bi);
- ++dropped_cnt;
+ u32 to_be_freed_bi = tmp_bi;
trim_front -= tmp->current_length;
- ASSERT (tmp->flags & VLIB_BUFFER_NEXT_PRESENT);
+ if (!(tmp->flags & VLIB_BUFFER_NEXT_PRESENT))
+ {
+ return IP4_REASS_RC_INTERNAL_ERROR;
+ }
tmp->flags &= ~VLIB_BUFFER_NEXT_PRESENT;
tmp_bi = tmp->next_buffer;
tmp = vlib_get_buffer (vm, tmp_bi);
+ vlib_buffer_free_one (vm, to_be_freed_bi);
continue;
}
else
else
{
keep_data -= tmp->current_length;
- ASSERT (tmp->flags & VLIB_BUFFER_NEXT_PRESENT);
+ if (!(tmp->flags & VLIB_BUFFER_NEXT_PRESENT))
+ {
+ return IP4_REASS_RC_INTERNAL_ERROR;
+ }
}
total_length += tmp->current_length;
+ if (tmp->flags & VLIB_BUFFER_NEXT_PRESENT)
+ {
+ tmp_bi = tmp->next_buffer;
+ tmp = vlib_get_buffer (vm, tmp->next_buffer);
+ }
+ else
+ {
+ break;
+ }
}
else
{
- vec_add1 (*vec_drop_overlap, tmp_bi);
- ASSERT (reass->first_bi != tmp_bi);
- ++dropped_cnt;
- }
- if (tmp->flags & VLIB_BUFFER_NEXT_PRESENT)
- {
- tmp_bi = tmp->next_buffer;
- tmp = vlib_get_buffer (vm, tmp->next_buffer);
- }
- else
- {
- break;
+ u32 to_be_freed_bi = tmp_bi;
+ if (reass->first_bi == tmp_bi)
+ {
+ return IP4_REASS_RC_INTERNAL_ERROR;
+ }
+ if (tmp->flags & VLIB_BUFFER_NEXT_PRESENT)
+ {
+ tmp_bi = tmp->next_buffer;
+ tmp = vlib_get_buffer (vm, tmp->next_buffer);
+ vlib_buffer_free_one (vm, to_be_freed_bi);
+ }
+ else
+ {
+ vlib_buffer_free_one (vm, to_be_freed_bi);
+ break;
+ }
}
}
sub_chain_bi =
reass.next_range_bi;
}
while (~0 != sub_chain_bi);
+
+ if (!last_b)
+ {
+ return IP4_REASS_RC_INTERNAL_ERROR;
+ }
last_b->flags &= ~VLIB_BUFFER_NEXT_PRESENT;
- ASSERT (rm->buffers_n >= (buf_cnt - dropped_cnt));
- rm->buffers_n -= buf_cnt - dropped_cnt;
- ASSERT (total_length >= first_b->current_length);
+ if (total_length < first_b->current_length)
+ {
+ return IP4_REASS_RC_INTERNAL_ERROR;
+ }
total_length -= first_b->current_length;
first_b->flags |= VLIB_BUFFER_TOTAL_LENGTH_VALID;
first_b->total_length_not_including_first_buffer = total_length;
ip->flags_and_fragment_offset = 0;
ip->length = clib_host_to_net_u16 (first_b->current_length + total_length);
ip->checksum = ip4_header_checksum (ip);
- vlib_buffer_chain_compress (vm, first_b, vec_drop_compress);
+ if (!vlib_buffer_chain_linearize (vm, first_b))
+ {
+ return IP4_REASS_RC_NO_BUF;
+ }
+
if (PREDICT_FALSE (first_b->flags & VLIB_BUFFER_IS_TRACED))
{
ip4_reass_add_trace (vm, node, rm, reass, reass->first_bi, FINALIZE, 0);
#endif
}
*bi0 = reass->first_bi;
- *next0 = next_input;
- *error0 = IP4_ERROR_NONE;
- ip4_reass_free (rm, reass);
- reass = NULL;
-}
-
-static u32
-ip4_reass_get_buffer_chain_length (vlib_main_t * vm, vlib_buffer_t * b)
-{
- u32 len = 0;
- while (b)
+ if (is_feature)
{
- ++len;
- if (PREDICT_FALSE (b->flags & VLIB_BUFFER_NEXT_PRESENT))
- {
- b = vlib_get_buffer (vm, b->next_buffer);
- }
- else
- {
- break;
- }
+ *next0 = IP4_REASSEMBLY_NEXT_INPUT;
+ }
+ else
+ {
+ *next0 = reass->next_index;
}
- return len;
+ vnet_buffer (first_b)->ip.reass.estimated_mtu = reass->min_fragment_length;
+ *error0 = IP4_ERROR_NONE;
+ ip4_reass_free (rm, rt, reass);
+ reass = NULL;
+ return IP4_REASS_RC_OK;
}
-static void
+always_inline ip4_reass_rc_t
ip4_reass_insert_range_in_chain (vlib_main_t * vm,
ip4_reass_main_t * rm,
+ ip4_reass_per_thread_t * rt,
ip4_reass_t * reass,
u32 prev_range_bi, u32 new_next_bi)
{
-
vlib_buffer_t *new_next_b = vlib_get_buffer (vm, new_next_bi);
vnet_buffer_opaque_t *new_next_vnb = vnet_buffer (new_next_b);
if (~0 != prev_range_bi)
}
reass->first_bi = new_next_bi;
}
+ vnet_buffer_opaque_t *vnb = vnet_buffer (new_next_b);
+ if (!(vnb->ip.reass.range_first >= vnb->ip.reass.fragment_first) &&
+ !(vnb->ip.reass.range_last > vnb->ip.reass.fragment_first))
+ {
+ return IP4_REASS_RC_INTERNAL_ERROR;
+ }
reass->data_len += ip4_reass_buffer_get_data_len (new_next_b);
- rm->buffers_n += ip4_reass_get_buffer_chain_length (vm, new_next_b);
+ return IP4_REASS_RC_OK;
}
-static void
+always_inline ip4_reass_rc_t
ip4_reass_remove_range_from_chain (vlib_main_t * vm,
vlib_node_runtime_t * node,
ip4_reass_main_t * rm,
- u32 ** vec_drop_overlap,
ip4_reass_t * reass, u32 prev_range_bi,
u32 discard_bi)
{
{
vlib_buffer_t *prev_b = vlib_get_buffer (vm, prev_range_bi);
vnet_buffer_opaque_t *prev_vnb = vnet_buffer (prev_b);
- ASSERT (prev_vnb->ip.reass.next_range_bi == discard_bi);
+ if (!(prev_vnb->ip.reass.next_range_bi == discard_bi))
+ {
+ return IP4_REASS_RC_INTERNAL_ERROR;
+ }
prev_vnb->ip.reass.next_range_bi = discard_vnb->ip.reass.next_range_bi;
}
else
{
reass->first_bi = discard_vnb->ip.reass.next_range_bi;
}
+ vnet_buffer_opaque_t *vnb = vnet_buffer (discard_b);
+ if (!(vnb->ip.reass.range_first >= vnb->ip.reass.fragment_first) &&
+ !(vnb->ip.reass.range_last > vnb->ip.reass.fragment_first))
+ {
+ return IP4_REASS_RC_INTERNAL_ERROR;
+ }
reass->data_len -= ip4_reass_buffer_get_data_len (discard_b);
while (1)
{
- vec_add1 (*vec_drop_overlap, discard_bi);
+ u32 to_be_freed_bi = discard_bi;
if (PREDICT_FALSE (discard_b->flags & VLIB_BUFFER_IS_TRACED))
{
ip4_reass_add_trace (vm, node, rm, reass, discard_bi, RANGE_DISCARD,
discard_b->flags &= ~VLIB_BUFFER_NEXT_PRESENT;
discard_bi = discard_b->next_buffer;
discard_b = vlib_get_buffer (vm, discard_bi);
+ vlib_buffer_free_one (vm, to_be_freed_bi);
}
else
{
+ vlib_buffer_free_one (vm, to_be_freed_bi);
break;
}
}
+ return IP4_REASS_RC_OK;
}
-void
+always_inline ip4_reass_rc_t
ip4_reass_update (vlib_main_t * vm, vlib_node_runtime_t * node,
- ip4_reass_main_t * rm, ip4_reass_t * reass, u32 * bi0,
- u32 * next0, vlib_error_t * error0,
- u32 ** vec_drop_overlap, u32 ** vec_drop_compress,
- u32 next_input, u32 next_drop)
+ ip4_reass_main_t * rm, ip4_reass_per_thread_t * rt,
+ ip4_reass_t * reass, u32 * bi0, u32 * next0, u32 * error0,
+ bool is_feature)
{
+ ip4_reass_rc_t rc = IP4_REASS_RC_OK;
int consumed = 0;
vlib_buffer_t *fb = vlib_get_buffer (vm, *bi0);
ip4_header_t *fip = vlib_buffer_get_current (fb);
- ASSERT (fb->current_length >= sizeof (*fip));
vnet_buffer_opaque_t *fvnb = vnet_buffer (fb);
- u32 fragment_first = fvnb->ip.reass.fragment_first =
- ip4_get_fragment_offset_bytes (fip);
- u32 fragment_length =
+ reass->next_index = fvnb->ip.reass.next_index; // store next_index before it's overwritten
+ const u32 fragment_first = ip4_get_fragment_offset_bytes (fip);
+ const u32 fragment_length =
clib_net_to_host_u16 (fip->length) - ip4_header_bytes (fip);
- u32 fragment_last = fvnb->ip.reass.fragment_last =
- fragment_first + fragment_length - 1;
+ const u32 fragment_last = fragment_first + fragment_length - 1;
+ fvnb->ip.reass.fragment_first = fragment_first;
+ fvnb->ip.reass.fragment_last = fragment_last;
int more_fragments = ip4_get_fragment_more (fip);
u32 candidate_range_bi = reass->first_bi;
u32 prev_range_bi = ~0;
if (~0 == reass->first_bi)
{
// starting a new reassembly
- ip4_reass_insert_range_in_chain (vm, rm, reass, prev_range_bi, *bi0);
+ rc =
+ ip4_reass_insert_range_in_chain (vm, rm, rt, reass, prev_range_bi,
+ *bi0);
+ if (IP4_REASS_RC_OK != rc)
+ {
+ return rc;
+ }
if (PREDICT_FALSE (fb->flags & VLIB_BUFFER_IS_TRACED))
{
ip4_reass_add_trace (vm, node, rm, reass, *bi0, RANGE_NEW, 0);
}
*bi0 = ~0;
- fvnb->ip.reass.estimated_mtu = clib_net_to_host_u16 (fip->length);
- return;
+ reass->min_fragment_length = clib_net_to_host_u16 (fip->length);
+ reass->fragments_n = 1;
+ return IP4_REASS_RC_OK;
}
- fvnb->ip.reass.estimated_mtu = clib_min (clib_net_to_host_u16 (fip->length),
- fvnb->ip.reass.estimated_mtu);
+ reass->min_fragment_length = clib_min (clib_net_to_host_u16 (fip->length),
+ fvnb->ip.reass.estimated_mtu);
while (~0 != candidate_range_bi)
{
vlib_buffer_t *candidate_b = vlib_get_buffer (vm, candidate_range_bi);
~0 == candidate_range_bi)
{
// special case - this fragment falls beyond all known ranges
- ip4_reass_insert_range_in_chain (vm, rm, reass, prev_range_bi,
- *bi0);
+ rc =
+ ip4_reass_insert_range_in_chain (vm, rm, rt, reass,
+ prev_range_bi, *bi0);
+ if (IP4_REASS_RC_OK != rc)
+ {
+ return rc;
+ }
consumed = 1;
break;
}
if (fragment_last < candidate_vnb->ip.reass.range_first)
{
// this fragment ends before candidate range without any overlap
- ip4_reass_insert_range_in_chain (vm, rm, reass, prev_range_bi,
- *bi0);
+ rc =
+ ip4_reass_insert_range_in_chain (vm, rm, rt, reass, prev_range_bi,
+ *bi0);
+ if (IP4_REASS_RC_OK != rc)
+ {
+ return rc;
+ }
consumed = 1;
}
else
if (overlap < ip4_reass_buffer_get_data_len (candidate_b))
{
candidate_vnb->ip.reass.range_first += overlap;
- ASSERT (reass->data_len >= overlap);
+ if (reass->data_len < overlap)
+ {
+ return IP4_REASS_RC_INTERNAL_ERROR;
+ }
reass->data_len -= overlap;
if (PREDICT_FALSE (fb->flags & VLIB_BUFFER_IS_TRACED))
{
candidate_range_bi, RANGE_SHRINK,
overlap);
}
- ip4_reass_insert_range_in_chain (vm, rm, reass,
- prev_range_bi, *bi0);
+ rc =
+ ip4_reass_insert_range_in_chain (vm, rm, rt, reass,
+ prev_range_bi, *bi0);
+ if (IP4_REASS_RC_OK != rc)
+ {
+ return rc;
+ }
consumed = 1;
}
else
else
{
// special case - last range discarded
- ip4_reass_insert_range_in_chain (vm, rm, reass,
- candidate_range_bi,
- *bi0);
+ rc =
+ ip4_reass_insert_range_in_chain (vm, rm, rt, reass,
+ candidate_range_bi,
+ *bi0);
+ if (IP4_REASS_RC_OK != rc)
+ {
+ return rc;
+ }
consumed = 1;
}
}
{
u32 next_range_bi = candidate_vnb->ip.reass.next_range_bi;
// discard candidate range, probe next range
- ip4_reass_remove_range_from_chain (vm, node, rm,
- vec_drop_overlap, reass,
- prev_range_bi,
- candidate_range_bi);
+ rc =
+ ip4_reass_remove_range_from_chain (vm, node, rm, reass,
+ prev_range_bi,
+ candidate_range_bi);
+ if (IP4_REASS_RC_OK != rc)
+ {
+ return rc;
+ }
if (~0 != next_range_bi)
{
candidate_range_bi = next_range_bi;
else
{
// special case - last range discarded
- ip4_reass_insert_range_in_chain (vm, rm, reass,
- prev_range_bi, *bi0);
+ rc =
+ ip4_reass_insert_range_in_chain (vm, rm, rt, reass,
+ prev_range_bi, *bi0);
+ if (IP4_REASS_RC_OK != rc)
+ {
+ return rc;
+ }
consumed = 1;
}
}
}
break;
}
+ ++reass->fragments_n;
if (consumed)
{
if (PREDICT_FALSE (fb->flags & VLIB_BUFFER_IS_TRACED))
if (~0 != reass->last_packet_octet &&
reass->data_len == reass->last_packet_octet + 1)
{
- ip4_reass_finalize (vm, node, rm, reass, bi0, next0, error0, next_input,
- vec_drop_compress, vec_drop_overlap);
+ return ip4_reass_finalize (vm, node, rm, rt, reass, bi0, next0, error0,
+ is_feature);
}
else
{
if (consumed)
{
*bi0 = ~0;
+ if (reass->fragments_n > rm->max_reass_len)
+ {
+ rc = IP4_REASS_RC_TOO_MANY_FRAGMENTS;
+ }
}
else
{
- *next0 = next_drop;
+ *next0 = IP4_REASSEMBLY_NEXT_DROP;
*error0 = IP4_ERROR_REASS_DUPLICATE_FRAGMENT;
}
}
+ return rc;
}
always_inline uword
-ip4_reassembly (vlib_main_t * vm, vlib_node_runtime_t * node,
- vlib_frame_t * frame)
+ip4_reassembly_inline (vlib_main_t * vm,
+ vlib_node_runtime_t * node,
+ vlib_frame_t * frame, bool is_feature)
{
u32 *from = vlib_frame_vector_args (frame);
u32 n_left_from, n_left_to_next, *to_next, next_index;
ip4_reass_main_t *rm = &ip4_reass_main;
+ ip4_reass_per_thread_t *rt = &rm->per_thread_data[vm->thread_index];
+ clib_spinlock_lock (&rt->lock);
n_left_from = frame->n_vectors;
next_index = node->cached_next_index;
- static u32 *vec_drop_timeout = NULL; // indexes of buffers which timed out
- static u32 *vec_drop_overlap = NULL; // indexes of buffers which were discarded due to overlap
- static u32 *vec_drop_compress = NULL; // indexes of buffers dicarded due to buffer compression
- while (n_left_from > 0 || vec_len (vec_drop_timeout) > 0 ||
- vec_len (vec_drop_overlap) > 0)
+ while (n_left_from > 0)
{
vlib_get_next_frame (vm, node, next_index, to_next, n_left_to_next);
- while (vec_len (vec_drop_timeout) > 0 && n_left_to_next > 0)
- {
- u32 bi = vec_pop (vec_drop_timeout);
- vlib_buffer_t *b = vlib_get_buffer (vm, bi);
- b->error = node->errors[IP4_ERROR_REASS_TIMEOUT];
- to_next[0] = bi;
- to_next += 1;
- n_left_to_next -= 1;
- vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
- n_left_to_next, bi,
- IP4_REASSEMBLY_NEXT_DROP);
- IP4_REASS_DEBUG_BUFFER (bi, enqueue_drop_timeout);
- ASSERT (rm->buffers_n > 0);
- --rm->buffers_n;
- }
-
- while (vec_len (vec_drop_overlap) > 0 && n_left_to_next > 0)
- {
- u32 bi = vec_pop (vec_drop_overlap);
- vlib_buffer_t *b = vlib_get_buffer (vm, bi);
- b->error = node->errors[IP4_ERROR_REASS_DUPLICATE_FRAGMENT];
- to_next[0] = bi;
- to_next += 1;
- n_left_to_next -= 1;
- vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
- n_left_to_next, bi,
- IP4_REASSEMBLY_NEXT_DROP);
- IP4_REASS_DEBUG_BUFFER (bi, enqueue_drop_duplicate_fragment);
- ASSERT (rm->buffers_n > 0);
- --rm->buffers_n;
- }
-
- while (vec_len (vec_drop_compress) > 0 && n_left_to_next > 0)
- {
- u32 bi = vec_pop (vec_drop_compress);
- vlib_buffer_t *b = vlib_get_buffer (vm, bi);
- b->error = node->errors[IP4_ERROR_NONE];
- to_next[0] = bi;
- to_next += 1;
- n_left_to_next -= 1;
- vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
- n_left_to_next, bi,
- IP4_REASSEMBLY_NEXT_DROP);
- IP4_REASS_DEBUG_BUFFER (bi, enqueue_drop_compress);
- ASSERT (rm->buffers_n > 0);
- --rm->buffers_n;
- }
-
while (n_left_from > 0 && n_left_to_next > 0)
{
u32 bi0;
vlib_buffer_t *b0;
- u32 next0; //, error0;
+ u32 next0;
+ u32 error0 = IP4_ERROR_NONE;
bi0 = from[0];
b0 = vlib_get_buffer (vm, bi0);
ip4_header_t *ip0 = vlib_buffer_get_current (b0);
- ip4_reass_key_t k;
- k.src.as_u32 = ip0->src_address.as_u32;
- k.dst.as_u32 = ip0->dst_address.as_u32;
- k.xx_id = vnet_buffer (b0)->sw_if_index[VLIB_RX];
- k.frag_id = ip0->fragment_id;
- k.proto = ip0->protocol;
- k.unused = 0;
- ip4_reass_t *reass =
- ip4_reass_find_or_create (vm, rm, &k, &vec_drop_timeout);
-
- u32 error0 = IP4_ERROR_NONE;
- if (reass)
+ if (!ip4_get_fragment_more (ip0) && !ip4_get_fragment_offset (ip0))
{
- ip4_reass_update (vm, node, rm, reass, &bi0, &next0, &error0,
- &vec_drop_overlap, &vec_drop_compress,
- IP4_REASSEMBLY_NEXT_INPUT,
- IP4_REASSEMBLY_NEXT_DROP);
+ // this is a whole packet - no fragmentation
+ if (is_feature)
+ {
+ next0 = IP4_REASSEMBLY_NEXT_INPUT;
+ }
+ else
+ {
+ next0 = vnet_buffer (b0)->ip.reass.next_index;
+ }
}
else
{
- next0 = IP4_REASSEMBLY_NEXT_DROP;
- error0 = IP4_ERROR_REASS_LIMIT_REACHED;
- }
+ const u32 fragment_first = ip4_get_fragment_offset_bytes (ip0);
+ const u32 fragment_length =
+ clib_net_to_host_u16 (ip0->length) - ip4_header_bytes (ip0);
+ const u32 fragment_last = fragment_first + fragment_length - 1;
+ if (fragment_first > fragment_last || fragment_first + fragment_length > UINT16_MAX - 20 || (fragment_length < 8 && ip4_get_fragment_more (ip0))) // 8 is minimum frag length per RFC 791
+ {
+ next0 = IP4_REASSEMBLY_NEXT_DROP;
+ error0 = IP4_ERROR_REASS_MALFORMED_PACKET;
+ }
+ else
+ {
+ ip4_reass_kv_t kv;
+ u8 do_handoff = 0;
+
+ kv.k.as_u64[0] =
+ (u64) vec_elt (ip4_main.fib_index_by_sw_if_index,
+ vnet_buffer (b0)->sw_if_index[VLIB_RX]) |
+ (u64) ip0->src_address.as_u32 << 32;
+ kv.k.as_u64[1] =
+ (u64) ip0->dst_address.as_u32 |
+ (u64) ip0->fragment_id << 32 | (u64) ip0->protocol << 48;
- b0->error = node->errors[error0];
+ ip4_reass_t *reass =
+ ip4_reass_find_or_create (vm, rm, rt, &kv, &do_handoff);
+
+ if (PREDICT_FALSE (do_handoff))
+ {
+ next0 = IP4_REASSEMBLY_NEXT_HANDOFF;
+ if (is_feature)
+ vnet_buffer (b0)->ip.
+ reass.owner_feature_thread_index =
+ kv.v.thread_index;
+ else
+ vnet_buffer (b0)->ip.reass.owner_thread_index =
+ kv.v.thread_index;
+ }
+ else if (reass)
+ {
+ switch (ip4_reass_update
+ (vm, node, rm, rt, reass, &bi0, &next0,
+ &error0, is_feature))
+ {
+ case IP4_REASS_RC_OK:
+ /* nothing to do here */
+ break;
+ case IP4_REASS_RC_TOO_MANY_FRAGMENTS:
+ vlib_node_increment_counter (vm, node->node_index,
+ IP4_ERROR_REASS_FRAGMENT_CHAIN_TOO_LONG,
+ 1);
+ ip4_reass_on_timeout (vm, rm, reass);
+ ip4_reass_free (rm, rt, reass);
+ goto next_packet;
+ break;
+ case IP4_REASS_RC_NO_BUF:
+ vlib_node_increment_counter (vm, node->node_index,
+ IP4_ERROR_REASS_NO_BUF,
+ 1);
+ ip4_reass_on_timeout (vm, rm, reass);
+ ip4_reass_free (rm, rt, reass);
+ goto next_packet;
+ break;
+ case IP4_REASS_RC_INTERNAL_ERROR:
+ vlib_node_increment_counter (vm, node->node_index,
+ IP4_ERROR_REASS_INTERNAL_ERROR,
+ 1);
+ ip4_reass_on_timeout (vm, rm, reass);
+ ip4_reass_free (rm, rt, reass);
+ goto next_packet;
+ break;
+ }
+ }
+ else
+ {
+ next0 = IP4_REASSEMBLY_NEXT_DROP;
+ error0 = IP4_ERROR_REASS_LIMIT_REACHED;
+ }
+ }
+
+ b0->error = node->errors[error0];
+ }
if (bi0 != ~0)
{
to_next[0] = bi0;
to_next += 1;
n_left_to_next -= 1;
- vlib_validate_buffer_enqueue_x1 (vm, node, next_index, to_next,
- n_left_to_next, bi0, next0);
+ if (is_feature && IP4_ERROR_NONE == error0)
+ {
+ b0 = vlib_get_buffer (vm, bi0);
+ vnet_feature_next (&next0, b0);
+ }
+ vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
+ to_next, n_left_to_next,
+ bi0, next0);
IP4_REASS_DEBUG_BUFFER (bi0, enqueue_next);
}
+ next_packet:
from += 1;
n_left_from -= 1;
}
vlib_put_next_frame (vm, node, next_index, n_left_to_next);
}
+ clib_spinlock_unlock (&rt->lock);
return frame->n_vectors;
}
#undef _
};
+VLIB_NODE_FN (ip4_reass_node) (vlib_main_t * vm, vlib_node_runtime_t * node,
+ vlib_frame_t * frame)
+{
+ return ip4_reassembly_inline (vm, node, frame, false /* is_feature */ );
+}
+
/* *INDENT-OFF* */
-VLIB_REGISTER_NODE (ip4_reass_node, static) = {
- .function = ip4_reassembly,
+VLIB_REGISTER_NODE (ip4_reass_node) = {
.name = "ip4-reassembly",
.vector_size = sizeof (u32),
.format_trace = format_ip4_reass_trace,
{
[IP4_REASSEMBLY_NEXT_INPUT] = "ip4-input",
[IP4_REASSEMBLY_NEXT_DROP] = "ip4-drop",
+ [IP4_REASSEMBLY_NEXT_HANDOFF] = "ip4-reassembly-handoff",
+
},
};
/* *INDENT-ON* */
-VLIB_NODE_FUNCTION_MULTIARCH (ip4_reass_node, ip4_reassembly)
- static u32 ip4_reass_get_nbuckets ()
+VLIB_NODE_FN (ip4_reass_node_feature) (vlib_main_t * vm,
+ vlib_node_runtime_t * node,
+ vlib_frame_t * frame)
+{
+ return ip4_reassembly_inline (vm, node, frame, true /* is_feature */ );
+}
+
+/* *INDENT-OFF* */
+VLIB_REGISTER_NODE (ip4_reass_node_feature) = {
+ .name = "ip4-reassembly-feature",
+ .vector_size = sizeof (u32),
+ .format_trace = format_ip4_reass_trace,
+ .n_errors = ARRAY_LEN (ip4_reassembly_error_strings),
+ .error_strings = ip4_reassembly_error_strings,
+ .n_next_nodes = IP4_REASSEMBLY_N_NEXT,
+ .next_nodes =
+ {
+ [IP4_REASSEMBLY_NEXT_INPUT] = "ip4-input",
+ [IP4_REASSEMBLY_NEXT_DROP] = "ip4-drop",
+ [IP4_REASSEMBLY_NEXT_HANDOFF] = "ip4-reass-feature-hoff",
+ },
+};
+/* *INDENT-ON* */
+
+/* *INDENT-OFF* */
+VNET_FEATURE_INIT (ip4_reassembly_feature, static) = {
+ .arc_name = "ip4-unicast",
+ .node_name = "ip4-reassembly-feature",
+ .runs_before = VNET_FEATURES ("ip4-lookup"),
+ .runs_after = 0,
+};
+/* *INDENT-ON* */
+
+#ifndef CLIB_MARCH_VARIANT
+always_inline u32
+ip4_reass_get_nbuckets ()
{
ip4_reass_main_t *rm = &ip4_reass_main;
u32 nbuckets;
return nbuckets;
}
+#endif /* CLIB_MARCH_VARIANT */
typedef enum
{
typedef struct
{
int failure;
- clib_bihash_24_8_t *new_hash;
+ clib_bihash_16_8_t *new_hash;
} ip4_rehash_cb_ctx;
-void
-ip4_rehash_cb (clib_bihash_kv_24_8_t * kv, void *_ctx)
+#ifndef CLIB_MARCH_VARIANT
+static void
+ip4_rehash_cb (clib_bihash_kv_16_8_t * kv, void *_ctx)
{
ip4_rehash_cb_ctx *ctx = _ctx;
- if (clib_bihash_add_del_24_8 (ctx->new_hash, kv, 1))
+ if (clib_bihash_add_del_16_8 (ctx->new_hash, kv, 1))
{
ctx->failure = 1;
}
}
-vnet_api_error_t
-ip4_reass_set (u32 timeout_ms, u32 max_reassemblies,
- u32 expire_walk_interval_ms)
+static void
+ip4_reass_set_params (u32 timeout_ms, u32 max_reassemblies,
+ u32 max_reassembly_length, u32 expire_walk_interval_ms)
{
- u32 old_nbuckets = ip4_reass_get_nbuckets ();
ip4_reass_main.timeout_ms = timeout_ms;
ip4_reass_main.timeout = (f64) timeout_ms / (f64) MSEC_PER_SEC;
ip4_reass_main.max_reass_n = max_reassemblies;
+ ip4_reass_main.max_reass_len = max_reassembly_length;
ip4_reass_main.expire_walk_interval_ms = expire_walk_interval_ms;
+}
+
+vnet_api_error_t
+ip4_reass_set (u32 timeout_ms, u32 max_reassemblies,
+ u32 max_reassembly_length, u32 expire_walk_interval_ms)
+{
+ u32 old_nbuckets = ip4_reass_get_nbuckets ();
+ ip4_reass_set_params (timeout_ms, max_reassemblies, max_reassembly_length,
+ expire_walk_interval_ms);
vlib_process_signal_event (ip4_reass_main.vlib_main,
ip4_reass_main.ip4_reass_expire_node_idx,
IP4_EVENT_CONFIG_CHANGED, 0);
u32 new_nbuckets = ip4_reass_get_nbuckets ();
- if (ip4_reass_main.max_reass_n > 0 && new_nbuckets > 1 &&
- new_nbuckets != old_nbuckets)
+ if (ip4_reass_main.max_reass_n > 0 && new_nbuckets > old_nbuckets)
{
- clib_bihash_24_8_t new_hash;
- memset (&new_hash, 0, sizeof (new_hash));
+ clib_bihash_16_8_t new_hash;
+ clib_memset (&new_hash, 0, sizeof (new_hash));
ip4_rehash_cb_ctx ctx;
ctx.failure = 0;
ctx.new_hash = &new_hash;
- clib_bihash_init_24_8 (&new_hash, "ip4-reass", new_nbuckets,
+ clib_bihash_init_16_8 (&new_hash, "ip4-reass", new_nbuckets,
new_nbuckets * 1024);
- clib_bihash_foreach_key_value_pair_24_8 (&ip4_reass_main.hash,
+ clib_bihash_foreach_key_value_pair_16_8 (&ip4_reass_main.hash,
ip4_rehash_cb, &ctx);
if (ctx.failure)
{
- clib_bihash_free_24_8 (&new_hash);
+ clib_bihash_free_16_8 (&new_hash);
return -1;
}
else
{
- clib_bihash_free_24_8 (&ip4_reass_main.hash);
- clib_memcpy (&ip4_reass_main.hash, &new_hash,
- sizeof (ip4_reass_main.hash));
+ clib_bihash_free_16_8 (&ip4_reass_main.hash);
+ clib_memcpy_fast (&ip4_reass_main.hash, &new_hash,
+ sizeof (ip4_reass_main.hash));
}
}
return 0;
vnet_api_error_t
ip4_reass_get (u32 * timeout_ms, u32 * max_reassemblies,
- u32 * expire_walk_interval_ms)
+ u32 * max_reassembly_length, u32 * expire_walk_interval_ms)
{
*timeout_ms = ip4_reass_main.timeout_ms;
*max_reassemblies = ip4_reass_main.max_reass_n;
+ *max_reassembly_length = ip4_reass_main.max_reass_len;
*expire_walk_interval_ms = ip4_reass_main.expire_walk_interval_ms;
return 0;
}
-clib_error_t *
+static clib_error_t *
ip4_reass_init_function (vlib_main_t * vm)
{
ip4_reass_main_t *rm = &ip4_reass_main;
clib_error_t *error = 0;
u32 nbuckets;
+ vlib_node_t *node;
rm->vlib_main = vm;
rm->vnet_main = vnet_get_main ();
- rm->reass_n = 0;
- pool_alloc (rm->pool, rm->max_reass_n);
- ip4_reass_set (IP4_REASS_TIMEOUT_DEFAULT_MS,
- IP4_REASS_MAX_REASSEMBLIES_DEAFULT,
- IP4_REASS_EXPIRE_WALK_INTERVAL_DEFAULT_MS);
+ vec_validate (rm->per_thread_data, vlib_num_workers ());
+ ip4_reass_per_thread_t *rt;
+ vec_foreach (rt, rm->per_thread_data)
+ {
+ clib_spinlock_init (&rt->lock);
+ pool_alloc (rt->pool, rm->max_reass_n);
+ }
+
+ node = vlib_get_node_by_name (vm, (u8 *) "ip4-reassembly-expire-walk");
+ ASSERT (node);
+ rm->ip4_reass_expire_node_idx = node->index;
+
+ ip4_reass_set_params (IP4_REASS_TIMEOUT_DEFAULT_MS,
+ IP4_REASS_MAX_REASSEMBLIES_DEFAULT,
+ IP4_REASS_MAX_REASSEMBLY_LENGTH_DEFAULT,
+ IP4_REASS_EXPIRE_WALK_INTERVAL_DEFAULT_MS);
nbuckets = ip4_reass_get_nbuckets ();
- clib_bihash_init_24_8 (&rm->hash, "ip4-reass", nbuckets, nbuckets * 1024);
+ clib_bihash_init_16_8 (&rm->hash, "ip4-reass", nbuckets, nbuckets * 1024);
- vlib_node_t *node = vlib_get_node_by_name (vm, (u8 *) "ip4-drop");
+ node = vlib_get_node_by_name (vm, (u8 *) "ip4-drop");
ASSERT (node);
rm->ip4_drop_idx = node->index;
- node = vlib_get_node_by_name (vm, (u8 *) "ip4-reassembly-expire-walk");
- ASSERT (node);
- rm->ip4_reass_expire_node_idx = node->index;
+
+ rm->fq_index = vlib_frame_queue_main_init (ip4_reass_node.index, 0);
+ rm->fq_feature_index =
+ vlib_frame_queue_main_init (ip4_reass_node_feature.index, 0);
+
+
return error;
}
VLIB_INIT_FUNCTION (ip4_reass_init_function);
+#endif /* CLIB_MARCH_VARIANT */
static uword
ip4_reass_walk_expired (vlib_main_t * vm,
while (true)
{
vlib_process_wait_for_event_or_clock (vm,
- (f64) rm->expire_walk_interval_ms
- / (f64) MSEC_PER_SEC);
+ (f64)
+ rm->expire_walk_interval_ms /
+ (f64) MSEC_PER_SEC);
event_type = vlib_process_get_events (vm, &event_data);
switch (event_type)
f64 now = vlib_time_now (vm);
ip4_reass_t *reass;
- u32 *vec_drop_timeout = NULL;
int *pool_indexes_to_free = NULL;
+ uword thread_index = 0;
int index;
- /* *INDENT-OFF* */
- pool_foreach_index (index, rm->pool, ({
- reass = pool_elt_at_index (rm->pool, index);
- if (now > reass->last_heard + rm->timeout)
- {
- vec_add1 (pool_indexes_to_free, index);
- }
- }));
- /* *INDENT-ON* */
- int *i;
- /* *INDENT-OFF* */
- vec_foreach (i, pool_indexes_to_free)
- {
- ip4_reass_t *reass = pool_elt_at_index (rm->pool, i[0]);
- ip4_reass_on_timeout (vm, rm, reass, &vec_drop_timeout);
- ip4_reass_free (rm, reass);
- }
- /* *INDENT-ON* */
-
- while (vec_len (vec_drop_timeout) > 0)
+ const uword nthreads = vlib_num_workers () + 1;
+ for (thread_index = 0; thread_index < nthreads; ++thread_index)
{
- vlib_frame_t *f = vlib_get_frame_to_node (vm, rm->ip4_drop_idx);
- u32 *to_next = vlib_frame_vector_args (f);
- u32 n_left_to_next = VLIB_FRAME_SIZE - f->n_vectors;
- u32 n_trace = 0;
- while (vec_len (vec_drop_timeout) > 0 && n_left_to_next > 0)
- {
- u32 bi = vec_pop (vec_drop_timeout);
- vlib_buffer_t *b = vlib_get_buffer (vm, bi);
- if (PREDICT_FALSE (b->flags & VLIB_BUFFER_IS_TRACED))
- {
- if (pool_is_free_index (vm->trace_main.trace_buffer_pool,
- b->trace_index))
- {
- /* the trace is gone, don't trace this buffer anymore */
- b->flags &= ~VLIB_BUFFER_IS_TRACED;
- }
- else
- {
- ++n_trace;
- }
- }
- b->error = node->errors[IP4_ERROR_REASS_TIMEOUT];
- to_next[0] = bi;
- ++f->n_vectors;
- to_next += 1;
- n_left_to_next -= 1;
- IP4_REASS_DEBUG_BUFFER (bi, enqueue_drop_timeout_walk);
- ASSERT (rm->buffers_n > 0);
- --rm->buffers_n;
- }
- if (PREDICT_FALSE (n_trace > 0))
- {
- f->flags |= VLIB_FRAME_TRACE;
- }
- vlib_put_frame_to_node (vm, rm->ip4_drop_idx, f);
+ ip4_reass_per_thread_t *rt = &rm->per_thread_data[thread_index];
+ clib_spinlock_lock (&rt->lock);
+
+ vec_reset_length (pool_indexes_to_free);
+ /* *INDENT-OFF* */
+ pool_foreach_index (index, rt->pool, ({
+ reass = pool_elt_at_index (rt->pool, index);
+ if (now > reass->last_heard + rm->timeout)
+ {
+ vec_add1 (pool_indexes_to_free, index);
+ }
+ }));
+ /* *INDENT-ON* */
+ int *i;
+ /* *INDENT-OFF* */
+ vec_foreach (i, pool_indexes_to_free)
+ {
+ ip4_reass_t *reass = pool_elt_at_index (rt->pool, i[0]);
+ ip4_reass_on_timeout (vm, rm, reass);
+ ip4_reass_free (rm, rt, reass);
+ }
+ /* *INDENT-ON* */
+
+ clib_spinlock_unlock (&rt->lock);
}
vec_free (pool_indexes_to_free);
- vec_free (vec_drop_timeout);
if (event_data)
{
_vec_len (event_data) = 0;
return 0;
}
-static vlib_node_registration_t ip4_reass_expire_node;
-
/* *INDENT-OFF* */
VLIB_REGISTER_NODE (ip4_reass_expire_node, static) = {
.function = ip4_reass_walk_expired,
vlib_main_t *vm = va_arg (*args, vlib_main_t *);
ip4_reass_t *reass = va_arg (*args, ip4_reass_t *);
- s = format (s, "ID: %u, key: %U\n first_bi: %u, data_len: %u, "
+ s = format (s, "ID: %lu, key: %U\n first_bi: %u, data_len: %u, "
"last_packet_octet: %u, trace_op_counter: %u\n",
reass->id, format_ip4_reass_key, &reass->key, reass->first_bi,
reass->data_len, reass->last_packet_octet,
"fragment[%u, %u]\n",
counter, vnb->ip.reass.range_first,
vnb->ip.reass.range_last, bi,
- ip4_reass_buffer_get_data_offset_no_check (b),
- ip4_reass_buffer_get_data_len_no_check (b),
+ ip4_reass_buffer_get_data_offset (b),
+ ip4_reass_buffer_get_data_len (b),
vnb->ip.reass.fragment_first, vnb->ip.reass.fragment_last);
if (b->flags & VLIB_BUFFER_NEXT_PRESENT)
{
}
static clib_error_t *
-show_ip4_reass (vlib_main_t * vm, unformat_input_t * input,
+show_ip4_reass (vlib_main_t * vm,
+ unformat_input_t * input,
CLIB_UNUSED (vlib_cli_command_t * lmd))
{
ip4_reass_main_t *rm = &ip4_reass_main;
vlib_cli_output (vm, "---------------------");
vlib_cli_output (vm, "IP4 reassembly status");
vlib_cli_output (vm, "---------------------");
+ bool details = false;
if (unformat (input, "details"))
{
- ip4_reass_t *reass;
- /* *INDENT-OFF* */
- pool_foreach (reass, rm->pool, {
- vlib_cli_output (vm, "%U", format_ip4_reass, vm, reass);
- });
- /* *INDENT-ON* */
+ details = true;
+ }
+
+ u32 sum_reass_n = 0;
+ ip4_reass_t *reass;
+ uword thread_index;
+ const uword nthreads = vlib_num_workers () + 1;
+ for (thread_index = 0; thread_index < nthreads; ++thread_index)
+ {
+ ip4_reass_per_thread_t *rt = &rm->per_thread_data[thread_index];
+ clib_spinlock_lock (&rt->lock);
+ if (details)
+ {
+ /* *INDENT-OFF* */
+ pool_foreach (reass, rt->pool, {
+ vlib_cli_output (vm, "%U", format_ip4_reass, vm, reass);
+ });
+ /* *INDENT-ON* */
+ }
+ sum_reass_n += rt->reass_n;
+ clib_spinlock_unlock (&rt->lock);
}
vlib_cli_output (vm, "---------------------");
- vlib_cli_output (vm, "Current IP4 reassemblies count: %lu\n", rm->reass_n);
+ vlib_cli_output (vm, "Current IP4 reassemblies count: %lu\n",
+ (long unsigned) sum_reass_n);
vlib_cli_output (vm,
- "Maximum configured concurrent IP4 reassemblies: %lu\n",
+ "Maximum configured concurrent IP4 reassemblies per worker-thread: %lu\n",
(long unsigned) rm->max_reass_n);
- vlib_cli_output (vm, "Buffers in use: %lu\n",
- (long unsigned) rm->buffers_n);
return 0;
}
};
/* *INDENT-ON* */
+#ifndef CLIB_MARCH_VARIANT
+vnet_api_error_t
+ip4_reass_enable_disable (u32 sw_if_index, u8 enable_disable)
+{
+ return vnet_feature_enable_disable ("ip4-unicast",
+ "ip4-reassembly-feature", sw_if_index,
+ enable_disable, 0, 0);
+}
+#endif /* CLIB_MARCH_VARIANT */
+
+
+#define foreach_ip4_reassembly_handoff_error \
+_(CONGESTION_DROP, "congestion drop")
+
+
+typedef enum
+{
+#define _(sym,str) IP4_REASSEMBLY_HANDOFF_ERROR_##sym,
+ foreach_ip4_reassembly_handoff_error
+#undef _
+ IP4_REASSEMBLY_HANDOFF_N_ERROR,
+} ip4_reassembly_handoff_error_t;
+
+static char *ip4_reassembly_handoff_error_strings[] = {
+#define _(sym,string) string,
+ foreach_ip4_reassembly_handoff_error
+#undef _
+};
+
+typedef struct
+{
+ u32 next_worker_index;
+} ip4_reassembly_handoff_trace_t;
+
+static u8 *
+format_ip4_reassembly_handoff_trace (u8 * s, va_list * args)
+{
+ CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
+ CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
+ ip4_reassembly_handoff_trace_t *t =
+ va_arg (*args, ip4_reassembly_handoff_trace_t *);
+
+ s =
+ format (s, "ip4-reassembly-handoff: next-worker %d",
+ t->next_worker_index);
+
+ return s;
+}
+
+always_inline uword
+ip4_reassembly_handoff_node_inline (vlib_main_t * vm,
+ vlib_node_runtime_t * node,
+ vlib_frame_t * frame, bool is_feature)
+{
+ ip4_reass_main_t *rm = &ip4_reass_main;
+
+ vlib_buffer_t *bufs[VLIB_FRAME_SIZE], **b;
+ u32 n_enq, n_left_from, *from;
+ u16 thread_indices[VLIB_FRAME_SIZE], *ti;
+ u32 fq_index;
+
+ from = vlib_frame_vector_args (frame);
+ n_left_from = frame->n_vectors;
+ vlib_get_buffers (vm, from, bufs, n_left_from);
+
+ b = bufs;
+ ti = thread_indices;
+
+ fq_index = (is_feature) ? rm->fq_feature_index : rm->fq_index;
+
+ while (n_left_from > 0)
+ {
+ ti[0] =
+ (is_feature) ? vnet_buffer (b[0])->ip.
+ reass.owner_feature_thread_index : vnet_buffer (b[0])->ip.
+ reass.owner_thread_index;
+
+ if (PREDICT_FALSE
+ ((node->flags & VLIB_NODE_FLAG_TRACE)
+ && (b[0]->flags & VLIB_BUFFER_IS_TRACED)))
+ {
+ ip4_reassembly_handoff_trace_t *t =
+ vlib_add_trace (vm, node, b[0], sizeof (*t));
+ t->next_worker_index = ti[0];
+ }
+
+ n_left_from -= 1;
+ ti += 1;
+ b += 1;
+ }
+ n_enq =
+ vlib_buffer_enqueue_to_thread (vm, fq_index, from, thread_indices,
+ frame->n_vectors, 1);
+
+ if (n_enq < frame->n_vectors)
+ vlib_node_increment_counter (vm, node->node_index,
+ IP4_REASSEMBLY_HANDOFF_ERROR_CONGESTION_DROP,
+ frame->n_vectors - n_enq);
+ return frame->n_vectors;
+}
+
+VLIB_NODE_FN (ip4_reassembly_handoff_node) (vlib_main_t * vm,
+ vlib_node_runtime_t * node,
+ vlib_frame_t * frame)
+{
+ return ip4_reassembly_handoff_node_inline (vm, node, frame,
+ false /* is_feature */ );
+}
+
+
+/* *INDENT-OFF* */
+VLIB_REGISTER_NODE (ip4_reassembly_handoff_node) = {
+ .name = "ip4-reassembly-handoff",
+ .vector_size = sizeof (u32),
+ .n_errors = ARRAY_LEN(ip4_reassembly_handoff_error_strings),
+ .error_strings = ip4_reassembly_handoff_error_strings,
+ .format_trace = format_ip4_reassembly_handoff_trace,
+
+ .n_next_nodes = 1,
+
+ .next_nodes = {
+ [0] = "error-drop",
+ },
+};
+/* *INDENT-ON* */
+
+
+/* *INDENT-OFF* */
+VLIB_NODE_FN (ip4_reassembly_feature_handoff_node) (vlib_main_t * vm,
+ vlib_node_runtime_t *
+ node,
+ vlib_frame_t * frame)
+{
+ return ip4_reassembly_handoff_node_inline (vm, node, frame,
+ true /* is_feature */ );
+}
+/* *INDENT-ON* */
+
+
+/* *INDENT-OFF* */
+VLIB_REGISTER_NODE (ip4_reassembly_feature_handoff_node) = {
+ .name = "ip4-reass-feature-hoff",
+ .vector_size = sizeof (u32),
+ .n_errors = ARRAY_LEN(ip4_reassembly_handoff_error_strings),
+ .error_strings = ip4_reassembly_handoff_error_strings,
+ .format_trace = format_ip4_reassembly_handoff_trace,
+
+ .n_next_nodes = 1,
+
+ .next_nodes = {
+ [0] = "error-drop",
+ },
+};
+/* *INDENT-ON* */
+
/*
* fd.io coding-style-patch-verification: ON
*
Code Review / vpp.git / blobdiff