X-Git-Url: https://gerrit.fd.io/r/gitweb?p=vpp.git;a=blobdiff_plain;f=src%2Fvnet%2Fip%2Fip6_neighbor.c;h=87bda439ae5b3532455dc574975cbd03e17d12c7;hp=6b53137ffb2583e21d09815d87c28b217810622d;hb=17ff3c1;hpb=a9a20e7f69f4a91a4d5267ab5ce14125bdc7d6c6 diff --git a/src/vnet/ip/ip6_neighbor.c b/src/vnet/ip/ip6_neighbor.c index 6b53137ffb2..87bda439ae5 100644 --- a/src/vnet/ip/ip6_neighbor.c +++ b/src/vnet/ip/ip6_neighbor.c @@ -19,11 +19,12 @@ #include #include #include -#include #include #include #include #include +#include +#include /** * @file @@ -106,7 +107,6 @@ typedef struct /* local information */ u32 sw_if_index; - u32 fib_index; int send_radv; /* radv on/off on this interface - set by config */ int cease_radv; /* we are ceasing to send - set byf config */ int send_unicast; @@ -154,6 +154,15 @@ typedef struct /* Link local address to use (defaults to underlying physical for logical interfaces */ ip6_address_t link_local_address; + + /* router solicitations sending state */ + u8 keep_sending_rs; /* when true then next fields are valid */ + icmp6_send_router_solicitation_params_t params; + f64 sleep_interval; + f64 due_time; + u32 n_left; + f64 start_time; + vlib_buffer_t *buffer; } ip6_radv_t; typedef struct @@ -195,11 +204,134 @@ typedef struct u32 limit_neighbor_cache_size; u32 neighbor_delete_rotor; + /* Wildcard nd report publisher */ + uword wc_ip6_nd_publisher_node; + uword wc_ip6_nd_publisher_et; + + /* Router advertisement report publisher */ + uword ip6_ra_publisher_node; + uword ip6_ra_publisher_et; } ip6_neighbor_main_t; +/* ipv6 neighbor discovery - timer/event types */ +typedef enum +{ + ICMP6_ND_EVENT_INIT, +} ip6_icmp_neighbor_discovery_event_type_t; + +typedef union +{ + u32 add_del_swindex; + struct + { + u32 up_down_swindex; + u32 fib_index; + } up_down_event; +} ip6_icmp_neighbor_discovery_event_data_t; + static ip6_neighbor_main_t ip6_neighbor_main; +ip6_neighbor_public_main_t ip6_neighbor_public_main; static ip6_address_t ip6a_zero; /* ip6 address 0 */ +static void wc_nd_signal_report (wc_nd_report_t * r); +static void ra_signal_report (ra_report_t * r); + +ip6_address_t +ip6_neighbor_get_link_local_address (u32 sw_if_index) +{ + static ip6_address_t empty_address = { {0} }; + ip6_neighbor_main_t *nm = &ip6_neighbor_main; + ip6_radv_t *radv_info; + u32 ri; + + ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index]; + if (ri == ~0) + { + clib_warning ("IPv6 is not enabled for sw_if_index %d", sw_if_index); + return empty_address; + } + radv_info = pool_elt_at_index (nm->if_radv_pool, ri); + if (radv_info == NULL) + { + clib_warning ("Internal error"); + return empty_address; + } + return radv_info->link_local_address; +} + +/** + * @brief publish wildcard arp event + * @param sw_if_index The interface on which the ARP entires are acted + */ +static int +vnet_nd_wc_publish (u32 sw_if_index, u8 * mac, ip6_address_t * ip6) +{ + wc_nd_report_t r = { + .sw_if_index = sw_if_index, + .ip6 = *ip6, + }; + memcpy (r.mac, mac, sizeof r.mac); + + void vl_api_rpc_call_main_thread (void *fp, u8 * data, u32 data_length); + vl_api_rpc_call_main_thread (wc_nd_signal_report, (u8 *) & r, sizeof r); + return 0; +} + +static void +wc_nd_signal_report (wc_nd_report_t * r) +{ + vlib_main_t *vm = vlib_get_main (); + ip6_neighbor_main_t *nm = &ip6_neighbor_main; + uword ni = nm->wc_ip6_nd_publisher_node; + uword et = nm->wc_ip6_nd_publisher_et; + + if (ni == (uword) ~ 0) + return; + wc_nd_report_t *q = + vlib_process_signal_event_data (vm, ni, et, 1, sizeof *q); + + *q = *r; +} + +void +wc_nd_set_publisher_node (uword node_index, uword event_type) +{ + ip6_neighbor_main_t *nm = &ip6_neighbor_main; + nm->wc_ip6_nd_publisher_node = node_index; + nm->wc_ip6_nd_publisher_et = event_type; +} + +static int +ra_publish (ra_report_t * r) +{ + void vl_api_rpc_call_main_thread (void *fp, u8 * data, u32 data_length); + vl_api_rpc_call_main_thread (ra_signal_report, (u8 *) r, sizeof *r); + return 0; +} + +static void +ra_signal_report (ra_report_t * r) +{ + vlib_main_t *vm = vlib_get_main (); + ip6_neighbor_main_t *nm = &ip6_neighbor_main; + uword ni = nm->ip6_ra_publisher_node; + uword et = nm->ip6_ra_publisher_et; + + if (ni == (uword) ~ 0) + return; + ra_report_t *q = vlib_process_signal_event_data (vm, ni, et, 1, sizeof *q); + + *q = *r; +} + +void +ra_set_publisher_node (uword node_index, uword event_type) +{ + ip6_neighbor_main_t *nm = &ip6_neighbor_main; + nm->ip6_ra_publisher_node = node_index; + nm->ip6_ra_publisher_et = event_type; +} + static u8 * format_ip6_neighbor_ip6_entry (u8 * s, va_list * va) { @@ -210,7 +342,7 @@ format_ip6_neighbor_ip6_entry (u8 * s, va_list * va) u8 *flags = 0; if (!n) - return format (s, "%=12s%=20s%=6s%=20s%=40s", "Time", "Address", "Flags", + return format (s, "%=12s%=25s%=6s%=20s%=40s", "Time", "Address", "Flags", "Link layer", "Interface"); if (n->flags & IP6_NEIGHBOR_FLAG_DYNAMIC) @@ -219,9 +351,12 @@ format_ip6_neighbor_ip6_entry (u8 * s, va_list * va) if (n->flags & IP6_NEIGHBOR_FLAG_STATIC) flags = format (flags, "S"); + if (n->flags & IP6_NEIGHBOR_FLAG_NO_FIB_ENTRY) + flags = format (flags, "N"); + si = vnet_get_sw_interface (vnm, n->key.sw_if_index); - s = format (s, "%=12U%=20U%=6s%=20U%=40U", - format_vlib_cpu_time, vm, n->cpu_time_last_updated, + s = format (s, "%=12U%=25U%=6s%=20U%=40U", + format_vlib_time, vm, n->time_last_updated, format_ip6_address, &n->key.ip6_address, flags ? (char *) flags : "", format_ethernet_address, n->link_layer_address, @@ -231,76 +366,42 @@ format_ip6_neighbor_ip6_entry (u8 * s, va_list * va) return s; } -static clib_error_t * -ip6_neighbor_sw_interface_up_down (vnet_main_t * vnm, - u32 sw_if_index, u32 flags) +static void +ip6_neighbor_adj_fib_remove (ip6_neighbor_t * n, u32 fib_index) { - ip6_neighbor_main_t *nm = &ip6_neighbor_main; - ip6_neighbor_t *n; - - if (!(flags & VNET_SW_INTERFACE_FLAG_ADMIN_UP)) + if (FIB_NODE_INDEX_INVALID != n->fib_entry_index) { - u32 i, *to_delete = 0; - - /* *INDENT-OFF* */ - pool_foreach (n, nm->neighbor_pool, - ({ - if (n->key.sw_if_index == sw_if_index) - vec_add1 (to_delete, n - nm->neighbor_pool); - })); - /* *INDENT-ON* */ - - for (i = 0; i < vec_len (to_delete); i++) + if (ip6_address_is_link_local_unicast (&n->key.ip6_address)) { - n = pool_elt_at_index (nm->neighbor_pool, to_delete[i]); - mhash_unset (&nm->neighbor_index_by_key, &n->key, 0); - fib_table_entry_delete_index (n->fib_entry_index, FIB_SOURCE_ADJ); - pool_put (nm->neighbor_pool, n); + ip6_ll_prefix_t pfx = { + .ilp_addr = n->key.ip6_address, + .ilp_sw_if_index = n->key.sw_if_index, + }; + ip6_ll_table_entry_delete (&pfx); + } + else + { + fib_prefix_t pfx = { + .fp_len = 128, + .fp_proto = FIB_PROTOCOL_IP6, + .fp_addr.ip6 = n->key.ip6_address, + }; + fib_table_entry_path_remove (fib_index, + &pfx, + FIB_SOURCE_ADJ, + DPO_PROTO_IP6, + &pfx.fp_addr, + n->key.sw_if_index, ~0, + 1, FIB_ROUTE_PATH_FLAG_NONE); } - - vec_free (to_delete); - } - - return 0; -} - -VNET_SW_INTERFACE_ADMIN_UP_DOWN_FUNCTION (ip6_neighbor_sw_interface_up_down); - -static void -unset_random_neighbor_entry (void) -{ - ip6_neighbor_main_t *nm = &ip6_neighbor_main; - vnet_main_t *vnm = vnet_get_main (); - vlib_main_t *vm = vnm->vlib_main; - ip6_neighbor_t *e; - u32 index; - - index = pool_next_index (nm->neighbor_pool, nm->neighbor_delete_rotor); - nm->neighbor_delete_rotor = index; - - /* Try again from elt 0, could happen if an intfc goes down */ - if (index == ~0) - { - index = pool_next_index (nm->neighbor_pool, nm->neighbor_delete_rotor); - nm->neighbor_delete_rotor = index; } - - /* Nothing left in the pool */ - if (index == ~0) - return; - - e = pool_elt_at_index (nm->neighbor_pool, index); - - vnet_unset_ip6_ethernet_neighbor (vm, e->key.sw_if_index, - &e->key.ip6_address, - e->link_layer_address, - ETHER_MAC_ADDR_LEN); } typedef struct { u8 is_add; u8 is_static; + u8 is_no_fib_entry; u8 link_layer_address[6]; u32 sw_if_index; ip6_address_t addr; @@ -312,7 +413,8 @@ static void ip6_neighbor_set_unset_rpc_callback static void set_unset_ip6_neighbor_rpc (vlib_main_t * vm, u32 sw_if_index, - ip6_address_t * a, u8 * link_layer_addreess, int is_add, int is_static) + ip6_address_t * a, u8 * link_layer_address, int is_add, int is_static, + int is_no_fib_entry) { ip6_neighbor_set_unset_rpc_args_t args; void vl_api_rpc_call_main_thread (void *fp, u8 * data, u32 data_length); @@ -320,8 +422,10 @@ static void set_unset_ip6_neighbor_rpc args.sw_if_index = sw_if_index; args.is_add = is_add; args.is_static = is_static; + args.is_no_fib_entry = is_no_fib_entry; clib_memcpy (&args.addr, a, sizeof (*a)); - clib_memcpy (args.link_layer_address, link_layer_addreess, 6); + if (NULL != link_layer_address) + clib_memcpy (args.link_layer_address, link_layer_address, 6); vl_api_rpc_call_main_thread (ip6_neighbor_set_unset_rpc_callback, (u8 *) & args, sizeof (args)); @@ -362,6 +466,8 @@ ip6_nbr_probe (ip_adjacency_t * adj) h = vlib_packet_template_get_packet (vm, &im->discover_neighbor_packet_template, &bi); + if (!h) + return; hi = vnet_get_sup_hw_interface (vnm, adj->rewrite_header.sw_if_index); @@ -463,6 +569,54 @@ ip6_nd_mk_incomplete_walk (adj_index_t ai, void *ctx) return (ADJ_WALK_RC_CONTINUE); } +static clib_error_t * +ip6_neighbor_sw_interface_up_down (vnet_main_t * vnm, + u32 sw_if_index, u32 flags) +{ + ip6_neighbor_main_t *nm = &ip6_neighbor_main; + ip6_neighbor_t *n; + u32 i, *to_delete = 0; + + /* *INDENT-OFF* */ + pool_foreach (n, nm->neighbor_pool, + ({ + if (n->key.sw_if_index == sw_if_index) + vec_add1 (to_delete, n - nm->neighbor_pool); + })); + /* *INDENT-ON* */ + + if (flags & VNET_SW_INTERFACE_FLAG_ADMIN_UP) + { + for (i = 0; i < vec_len (to_delete); i++) + { + n = pool_elt_at_index (nm->neighbor_pool, to_delete[i]); + adj_nbr_walk_nh6 (n->key.sw_if_index, &n->key.ip6_address, + ip6_nd_mk_complete_walk, n); + } + } + else + { + for (i = 0; i < vec_len (to_delete); i++) + { + n = pool_elt_at_index (nm->neighbor_pool, to_delete[i]); + adj_nbr_walk_nh6 (n->key.sw_if_index, &n->key.ip6_address, + ip6_nd_mk_incomplete_walk, NULL); + if (n->flags & IP6_NEIGHBOR_FLAG_STATIC) + continue; + ip6_neighbor_adj_fib_remove (n, + ip6_fib_table_get_index_for_sw_if_index + (n->key.sw_if_index)); + mhash_unset (&nm->neighbor_index_by_key, &n->key, 0); + pool_put (nm->neighbor_pool, n); + } + } + + vec_free (to_delete); + return 0; +} + +VNET_SW_INTERFACE_ADMIN_UP_DOWN_FUNCTION (ip6_neighbor_sw_interface_up_down); + void ip6_ethernet_update_adjacency (vnet_main_t * vnm, u32 sw_if_index, u32 ai) { @@ -475,8 +629,10 @@ ip6_ethernet_update_adjacency (vnet_main_t * vnm, u32 sw_if_index, u32 ai) switch (adj->lookup_next_index) { - case IP_LOOKUP_NEXT_ARP: case IP_LOOKUP_NEXT_GLEAN: + adj_glean_update_rewrite (ai); + break; + case IP_LOOKUP_NEXT_ARP: if (NULL != nbr) { adj_nbr_walk_nh6 (sw_if_index, &nbr->key.ip6_address, @@ -507,33 +663,34 @@ ip6_ethernet_update_adjacency (vnet_main_t * vnm, u32 sw_if_index, u32 ai) } break; case IP_LOOKUP_NEXT_MCAST: - /* - * Construct a partial rewrite from the known ethernet mcast dest MAC - */ - adj_mcast_update_rewrite - (ai, - ethernet_build_rewrite (vnm, - sw_if_index, - adj->ia_link, - ethernet_ip6_mcast_dst_addr ())); - - /* - * Complete the remaining fields of the adj's rewrite to direct the - * complete of the rewrite at switch time by copying in the IP - * dst address's bytes. - * Ofset is 12 bytes from the end of the MAC header - which is 2 - * bytes into the desintation address. And we write 4 bytes. - */ - adj->rewrite_header.dst_mcast_offset = 12; - adj->rewrite_header.dst_mcast_n_bytes = 4; - - break; + { + /* + * Construct a partial rewrite from the known ethernet mcast dest MAC + */ + u8 *rewrite; + u8 offset; + + rewrite = ethernet_build_rewrite (vnm, + sw_if_index, + adj->ia_link, + ethernet_ip6_mcast_dst_addr ()); + + /* + * Complete the remaining fields of the adj's rewrite to direct the + * complete of the rewrite at switch time by copying in the IP + * dst address's bytes. + * Ofset is 2 bytes into the desintation address. + */ + offset = vec_len (rewrite) - 2; + adj_mcast_update_rewrite (ai, rewrite, offset); + break; + } case IP_LOOKUP_NEXT_DROP: case IP_LOOKUP_NEXT_PUNT: case IP_LOOKUP_NEXT_LOCAL: case IP_LOOKUP_NEXT_REWRITE: - case IP_LOOKUP_NEXT_LOAD_BALANCE: + case IP_LOOKUP_NEXT_MCAST_MIDCHAIN: case IP_LOOKUP_NEXT_MIDCHAIN: case IP_LOOKUP_NEXT_ICMP_ERROR: case IP_LOOKUP_N_NEXT: @@ -542,13 +699,74 @@ ip6_ethernet_update_adjacency (vnet_main_t * vnm, u32 sw_if_index, u32 ai) } } + +static void +ip6_neighbor_adj_fib_add (ip6_neighbor_t * n, u32 fib_index) +{ + if (ip6_address_is_link_local_unicast (&n->key.ip6_address)) + { + ip6_ll_prefix_t pfx = { + .ilp_addr = n->key.ip6_address, + .ilp_sw_if_index = n->key.sw_if_index, + }; + n->fib_entry_index = + ip6_ll_table_entry_update (&pfx, FIB_ROUTE_PATH_FLAG_NONE); + } + else + { + fib_prefix_t pfx = { + .fp_len = 128, + .fp_proto = FIB_PROTOCOL_IP6, + .fp_addr.ip6 = n->key.ip6_address, + }; + + n->fib_entry_index = + fib_table_entry_path_add (fib_index, &pfx, FIB_SOURCE_ADJ, + FIB_ENTRY_FLAG_ATTACHED, + DPO_PROTO_IP6, &pfx.fp_addr, + n->key.sw_if_index, ~0, 1, NULL, + FIB_ROUTE_PATH_FLAG_NONE); + } +} + +static ip6_neighbor_t * +force_reuse_neighbor_entry (void) +{ + ip6_neighbor_t *n; + ip6_neighbor_main_t *nm = &ip6_neighbor_main; + u32 count = 0; + u32 index = pool_next_index (nm->neighbor_pool, nm->neighbor_delete_rotor); + if (index == ~0) /* Try again from elt 0 */ + index = pool_next_index (nm->neighbor_pool, index); + + /* Find a non-static random entry to free up for reuse */ + do + { + if ((count++ == 100) || (index == ~0)) + return NULL; /* give up after 100 entries */ + n = pool_elt_at_index (nm->neighbor_pool, index); + nm->neighbor_delete_rotor = index; + index = pool_next_index (nm->neighbor_pool, index); + } + while (n->flags & IP6_NEIGHBOR_FLAG_STATIC); + + /* Remove ARP entry from its interface and update fib */ + adj_nbr_walk_nh6 (n->key.sw_if_index, + &n->key.ip6_address, ip6_nd_mk_incomplete_walk, NULL); + ip6_neighbor_adj_fib_remove + (n, ip6_fib_table_get_index_for_sw_if_index (n->key.sw_if_index)); + mhash_unset (&nm->neighbor_index_by_key, &n->key, 0); + + return n; +} + int vnet_set_ip6_ethernet_neighbor (vlib_main_t * vm, u32 sw_if_index, ip6_address_t * a, u8 * link_layer_address, uword n_bytes_link_layer_address, - int is_static) + int is_static, int is_no_fib_entry) { ip6_neighbor_main_t *nm = &ip6_neighbor_main; ip6_neighbor_key_t k; @@ -558,10 +776,11 @@ vnet_set_ip6_ethernet_neighbor (vlib_main_t * vm, u32 next_index; pending_resolution_t *pr, *mc; - if (os_get_cpu_number ()) + if (vlib_get_thread_index ()) { set_unset_ip6_neighbor_rpc (vm, sw_if_index, a, link_layer_address, - 1 /* set new neighbor */ , is_static); + 1 /* set new neighbor */ , is_static, + is_no_fib_entry); return 0; } @@ -581,20 +800,20 @@ vnet_set_ip6_ethernet_neighbor (vlib_main_t * vm, if (make_new_nd_cache_entry) { - fib_prefix_t pfx = { - .fp_len = 128, - .fp_proto = FIB_PROTOCOL_IP6, - .fp_addr = { - .ip6 = k.ip6_address, - } - , - }; - u32 fib_index; + if (nm->limit_neighbor_cache_size && + pool_elts (nm->neighbor_pool) >= nm->limit_neighbor_cache_size) + { + n = force_reuse_neighbor_entry (); + if (NULL == n) + return -2; + } + else + pool_get (nm->neighbor_pool, n); - pool_get (nm->neighbor_pool, n); mhash_set (&nm->neighbor_index_by_key, &k, n - nm->neighbor_pool, /* old value */ 0); n->key = k; + n->fib_entry_index = FIB_NODE_INDEX_INVALID; clib_memcpy (n->link_layer_address, link_layer_address, n_bytes_link_layer_address); @@ -602,9 +821,15 @@ vnet_set_ip6_ethernet_neighbor (vlib_main_t * vm, /* * create the adj-fib. the entry in the FIB table for and to the peer. */ - fib_index = ip6_main.fib_index_by_sw_if_index[n->key.sw_if_index]; - n->fib_entry_index = fib_table_entry_update_one_path (fib_index, &pfx, FIB_SOURCE_ADJ, FIB_ENTRY_FLAG_NONE, FIB_PROTOCOL_IP6, &pfx.fp_addr, n->key.sw_if_index, ~0, 1, NULL, // no label stack - FIB_ROUTE_PATH_FLAG_NONE); + if (!is_no_fib_entry) + { + ip6_neighbor_adj_fib_add + (n, ip6_fib_table_get_index_for_sw_if_index (n->key.sw_if_index)); + } + else + { + n->flags |= IP6_NEIGHBOR_FLAG_NO_FIB_ENTRY; + } } else { @@ -614,22 +839,32 @@ vnet_set_ip6_ethernet_neighbor (vlib_main_t * vm, */ if (0 == memcmp (n->link_layer_address, link_layer_address, n_bytes_link_layer_address)) - return -1; + { + n->time_last_updated = vlib_time_now (vm); + goto check_customers; + } clib_memcpy (n->link_layer_address, link_layer_address, n_bytes_link_layer_address); } /* Update time stamp and flags. */ - n->cpu_time_last_updated = clib_cpu_time_now (); + n->time_last_updated = vlib_time_now (vm); if (is_static) - n->flags |= IP6_NEIGHBOR_FLAG_STATIC; + { + n->flags |= IP6_NEIGHBOR_FLAG_STATIC; + n->flags &= ~IP6_NEIGHBOR_FLAG_DYNAMIC; + } else - n->flags |= IP6_NEIGHBOR_FLAG_DYNAMIC; + { + n->flags |= IP6_NEIGHBOR_FLAG_DYNAMIC; + n->flags &= ~IP6_NEIGHBOR_FLAG_STATIC; + } adj_nbr_walk_nh6 (sw_if_index, &n->key.ip6_address, ip6_nd_mk_complete_walk, n); +check_customers: /* Customer(s) waiting for this address to be resolved? */ p = mhash_get (&nm->pending_resolutions_by_address, a); if (p) @@ -692,10 +927,10 @@ vnet_unset_ip6_ethernet_neighbor (vlib_main_t * vm, uword *p; int rv = 0; - if (os_get_cpu_number ()) + if (vlib_get_thread_index ()) { set_unset_ip6_neighbor_rpc (vm, sw_if_index, a, link_layer_address, - 0 /* unset */ , 0); + 0 /* unset */ , 0, 0); return 0; } @@ -711,12 +946,13 @@ vnet_unset_ip6_ethernet_neighbor (vlib_main_t * vm, } n = pool_elt_at_index (nm->neighbor_pool, p[0]); - mhash_unset (&nm->neighbor_index_by_key, &n->key, 0); adj_nbr_walk_nh6 (sw_if_index, &n->key.ip6_address, ip6_nd_mk_incomplete_walk, NULL); + ip6_neighbor_adj_fib_remove + (n, ip6_fib_table_get_index_for_sw_if_index (sw_if_index)); - fib_table_entry_delete_index (n->fib_entry_index, FIB_SOURCE_ADJ); + mhash_unset (&nm->neighbor_index_by_key, &n->key, 0); pool_put (nm->neighbor_pool, n); out: @@ -729,7 +965,8 @@ static void ip6_neighbor_set_unset_rpc_callback vlib_main_t *vm = vlib_get_main (); if (a->is_add) vnet_set_ip6_ethernet_neighbor (vm, a->sw_if_index, &a->addr, - a->link_layer_address, 6, a->is_static); + a->link_layer_address, 6, a->is_static, + a->is_no_fib_entry); else vnet_unset_ip6_ethernet_neighbor (vm, a->sw_if_index, &a->addr, a->link_layer_address, 6); @@ -748,6 +985,13 @@ ip6_neighbor_sort (void *a1, void *a2) return cmp; } +ip6_neighbor_t * +ip6_neighbors_pool (void) +{ + ip6_neighbor_main_t *nm = &ip6_neighbor_main; + return nm->neighbor_pool; +} + ip6_neighbor_t * ip6_neighbors_entries (u32 sw_if_index) { @@ -833,6 +1077,7 @@ set_ip6_neighbor (vlib_main_t * vm, int addr_valid = 0; int is_del = 0; int is_static = 0; + int is_no_fib_entry = 0; u32 sw_if_index; while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) @@ -848,6 +1093,8 @@ set_ip6_neighbor (vlib_main_t * vm, is_del = 1; else if (unformat (input, "static")) is_static = 1; + else if (unformat (input, "no-fib-entry")) + is_no_fib_entry = 1; else break; } @@ -858,7 +1105,7 @@ set_ip6_neighbor (vlib_main_t * vm, if (!is_del) vnet_set_ip6_ethernet_neighbor (vm, sw_if_index, &addr, mac_address, sizeof (mac_address), - is_static); + is_static, is_no_fib_entry); else vnet_unset_ip6_ethernet_neighbor (vm, sw_if_index, &addr, mac_address, sizeof (mac_address)); @@ -966,8 +1213,7 @@ icmp6_neighbor_solicitation_or_advertisement (vlib_main_t * vm, if (ADJ_INDEX_INVALID != src_adj_index0) { - ip_adjacency_t *adj0 = - ip_get_adjacency (&im->lookup_main, src_adj_index0); + ip_adjacency_t *adj0 = adj_get (src_adj_index0); /* Allow all realistic-looking rewrite adjacencies to pass */ ni0 = adj0->lookup_next_index; @@ -993,20 +1239,15 @@ icmp6_neighbor_solicitation_or_advertisement (vlib_main_t * vm, /* If src address unspecified or link local, donot learn neighbor MAC */ if (PREDICT_TRUE (error0 == ICMP6_ERROR_NONE && o0 != 0 && - !ip6_sadd_unspecified && !ip6_sadd_link_local)) + !ip6_sadd_unspecified)) { - ip6_neighbor_main_t *nm = &ip6_neighbor_main; - if (nm->limit_neighbor_cache_size && - pool_elts (nm->neighbor_pool) >= - nm->limit_neighbor_cache_size) - unset_random_neighbor_entry (); vnet_set_ip6_ethernet_neighbor (vm, sw_if_index0, is_solicitation ? &ip0->src_address : &h0->target_address, o0->ethernet_address, sizeof (o0->ethernet_address), - 0); + 0, 0); } if (is_solicitation && error0 == ICMP6_ERROR_NONE) @@ -1024,18 +1265,49 @@ icmp6_neighbor_solicitation_or_advertisement (vlib_main_t * vm, } else { - fei = ip6_fib_table_lookup_exact_match (fib_index, - &h0->target_address, - 128); - - if (FIB_NODE_INDEX_INVALID == fei || - !(FIB_ENTRY_FLAG_LOCAL & - fib_entry_get_flags_for_source (fei, - FIB_SOURCE_INTERFACE))) + if (ip6_address_is_link_local_unicast (&h0->target_address)) { + fei = ip6_fib_table_lookup_exact_match + (ip6_ll_fib_get (sw_if_index0), + &h0->target_address, 128); + } + else + { + fei = ip6_fib_table_lookup_exact_match (fib_index, + &h0->target_address, + 128); + } + + if (FIB_NODE_INDEX_INVALID == fei) + { + /* The target address is not in the FIB */ error0 = ICMP6_ERROR_NEIGHBOR_SOLICITATION_SOURCE_UNKNOWN; } + else + { + if (FIB_ENTRY_FLAG_LOCAL & + fib_entry_get_flags_for_source (fei, + FIB_SOURCE_INTERFACE)) + { + /* It's an address that belongs to one of our interfaces + * that's good. */ + } + else + if (fib_entry_is_sourced + (fei, FIB_SOURCE_IP6_ND_PROXY) || + fib_entry_is_sourced (fei, FIB_SOURCE_IP6_ND)) + { + /* The address was added by IPv6 Proxy ND config. + * We should only respond to these if the NS arrived on + * the link that has a matching covering prefix */ + } + else + { + error0 = + ICMP6_ERROR_NEIGHBOR_SOLICITATION_SOURCE_UNKNOWN; + } + } } } @@ -1180,6 +1452,23 @@ ip6_neighbor_syslog (vlib_main_t * vm, int priority, char *fmt, ...) return; } +clib_error_t * +call_ip6_neighbor_callbacks (void *data, + _vnet_ip6_neighbor_function_list_elt_t * elt) +{ + clib_error_t *error = 0; + + while (elt) + { + error = elt->fp (data); + if (error) + return error; + elt = elt->next_ip6_neighbor_function; + } + + return error; +} + /* ipv6 neighbor discovery - router advertisements */ typedef enum { @@ -1266,8 +1555,7 @@ icmp6_router_solicitation (vlib_main_t * vm, if (ADJ_INDEX_INVALID != src_adj_index0) { - ip_adjacency_t *adj0 = ip_get_adjacency (&im->lookup_main, - src_adj_index0); + ip_adjacency_t *adj0 = adj_get (src_adj_index0); error0 = (adj0->rewrite_header.sw_if_index != sw_if_index0 ? @@ -1290,17 +1578,11 @@ icmp6_router_solicitation (vlib_main_t * vm, if (PREDICT_TRUE (error0 == ICMP6_ERROR_NONE && o0 != 0 && !is_unspecified && !is_link_local)) { - ip6_neighbor_main_t *nm = &ip6_neighbor_main; - if (nm->limit_neighbor_cache_size && - pool_elts (nm->neighbor_pool) >= - nm->limit_neighbor_cache_size) - unset_random_neighbor_entry (); - vnet_set_ip6_ethernet_neighbor (vm, sw_if_index0, &ip0->src_address, o0->ethernet_address, sizeof (o0->ethernet_address), - 0); + 0, 0); } /* default is to drop */ @@ -1332,13 +1614,15 @@ icmp6_router_solicitation (vlib_main_t * vm, sizeof (icmp6_neighbor_discovery_header_t)); /* look up the radv_t information for this interface */ - vec_validate_init_empty - (nm->if_radv_pool_index_by_sw_if_index, sw_if_index0, ~0); - - ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index0]; + if (vec_len (nm->if_radv_pool_index_by_sw_if_index) > + sw_if_index0) + { + ri = + nm->if_radv_pool_index_by_sw_if_index[sw_if_index0]; - if (ri != ~0) - radv_info = pool_elt_at_index (nm->if_radv_pool, ri); + if (ri != ~0) + radv_info = pool_elt_at_index (nm->if_radv_pool, ri); + } error0 = ((!radv_info) ? @@ -1394,9 +1678,8 @@ icmp6_router_solicitation (vlib_main_t * vm, sizeof (icmp6_router_advertisement_header_t); vlib_buffer_add_data (vm, - p0->free_list_index, - bi0, - (void *) &rh, + vlib_buffer_get_free_list_index + (p0), bi0, (void *) &rh, sizeof (icmp6_router_advertisement_header_t)); @@ -1414,9 +1697,8 @@ icmp6_router_solicitation (vlib_main_t * vm, eth_if0->address, 6); vlib_buffer_add_data (vm, - p0->free_list_index, - bi0, - (void *) &h, + vlib_buffer_get_free_list_index + (p0), bi0, (void *) &h, sizeof (icmp6_neighbor_discovery_ethernet_link_layer_address_option_t)); @@ -1440,9 +1722,8 @@ icmp6_router_solicitation (vlib_main_t * vm, sizeof (icmp6_neighbor_discovery_mtu_option_t); vlib_buffer_add_data (vm, - p0->free_list_index, - bi0, - (void *) &h, + vlib_buffer_get_free_list_index + (p0), bi0, (void *) &h, sizeof (icmp6_neighbor_discovery_mtu_option_t)); } @@ -1494,7 +1775,7 @@ icmp6_router_solicitation (vlib_main_t * vm, payload_length += sizeof( icmp6_neighbor_discovery_prefix_information_option_t); vlib_buffer_add_data (vm, - p0->free_list_index, + vlib_buffer_get_free_list_index (p0), bi0, (void *)&h, sizeof(icmp6_neighbor_discovery_prefix_information_option_t)); @@ -1567,7 +1848,7 @@ icmp6_router_solicitation (vlib_main_t * vm, adj_index0; } } - p0->flags |= VNET_BUFFER_LOCALLY_ORIGINATED; + p0->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED; radv_info->n_solicitations_dropped += is_dropped; radv_info->n_solicitations_rcvd += is_solicitation; @@ -1684,13 +1965,15 @@ icmp6_router_advertisement (vlib_main_t * vm, u32 ri; /* look up the radv_t information for this interface */ - vec_validate_init_empty - (nm->if_radv_pool_index_by_sw_if_index, sw_if_index0, ~0); - - ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index0]; + if (vec_len (nm->if_radv_pool_index_by_sw_if_index) > + sw_if_index0) + { + ri = + nm->if_radv_pool_index_by_sw_if_index[sw_if_index0]; - if (ri != ~0) - radv_info = pool_elt_at_index (nm->if_radv_pool, ri); + if (ri != ~0) + radv_info = pool_elt_at_index (nm->if_radv_pool, ri); + } error0 = ((!radv_info) ? @@ -1699,6 +1982,22 @@ icmp6_router_advertisement (vlib_main_t * vm, if (error0 == ICMP6_ERROR_NONE) { + radv_info->keep_sending_rs = 0; + + ra_report_t r; + + r.sw_if_index = sw_if_index0; + memcpy (r.router_address, &ip0->src_address, 16); + r.current_hop_limit = h0->current_hop_limit; + r.flags = h0->flags; + r.router_lifetime_in_sec = + clib_net_to_host_u16 (h0->router_lifetime_in_sec); + r.neighbor_reachable_time_in_msec = + clib_net_to_host_u32 + (h0->neighbor_reachable_time_in_msec); + r.time_in_msec_between_retransmitted_neighbor_solicitations = clib_net_to_host_u32 (h0->time_in_msec_between_retransmitted_neighbor_solicitations); + r.prefixes = 0; + /* validate advertised information */ if ((h0->current_hop_limit && radv_info->curr_hop_limit) && (h0->current_hop_limit != @@ -1816,6 +2115,20 @@ icmp6_router_advertisement (vlib_main_t * vm, switch (option_type) { + case ICMP6_NEIGHBOR_DISCOVERY_OPTION_source_link_layer_address: + { + icmp6_neighbor_discovery_ethernet_link_layer_address_option_t + * h = + (icmp6_neighbor_discovery_ethernet_link_layer_address_option_t + *) (o0); + + if (opt_len < sizeof (*h)) + break; + + memcpy (r.slla, h->ethernet_address, 6); + } + break; + case ICMP6_NEIGHBOR_DISCOVERY_OPTION_mtu: { icmp6_neighbor_discovery_mtu_option_t *h = @@ -1825,6 +2138,8 @@ icmp6_router_advertisement (vlib_main_t * vm, if (opt_len < sizeof (*h)) break; + r.mtu = clib_net_to_host_u32 (h->mtu); + if ((h->mtu && radv_info->adv_link_mtu) && (h->mtu != clib_host_to_net_u32 @@ -1854,10 +2169,23 @@ icmp6_router_advertisement (vlib_main_t * vm, if (opt_len < sizeof (*h)) break; + vec_validate (r.prefixes, + vec_len (r.prefixes)); + ra_report_prefix_info_t *prefix = + vec_elt_at_index (r.prefixes, + vec_len (r.prefixes) - 1); + preferred = clib_net_to_host_u32 (h->preferred_time); valid = clib_net_to_host_u32 (h->valid_time); + prefix->preferred_time = preferred; + prefix->valid_time = valid; + prefix->flags = h->flags & 0xc0; + prefix->dst_address_length = + h->dst_address_length; + prefix->dst_address = h->dst_address; + /* look for matching prefix - if we our advertising it, it better be consistant */ /* *INDENT-OFF* */ pool_foreach (pr_info, radv_info->adv_prefixes_pool, @@ -1898,6 +2226,7 @@ icmp6_router_advertisement (vlib_main_t * vm, break; } } + ra_publish (&r); } } } @@ -1915,7 +2244,7 @@ icmp6_router_advertisement (vlib_main_t * vm, vlib_put_next_frame (vm, node, next_index, n_left_to_next); } - /* Account for router advertisements sent. */ + /* Account for router advertisements received. */ vlib_error_count (vm, error_node->node_index, ICMP6_ERROR_ROUTER_ADVERTISEMENTS_RX, n_advertisements_rcvd); @@ -1923,8 +2252,326 @@ icmp6_router_advertisement (vlib_main_t * vm, return frame->n_vectors; } -/* create and initialize router advertisement parameters with default values for this intfc */ -static u32 +static inline f64 +random_f64_from_to (f64 from, f64 to) +{ + static u32 seed = 0; + static u8 seed_set = 0; + if (!seed_set) + { + seed = random_default_seed (); + seed_set = 1; + } + return random_f64 (&seed) * (to - from) + from; +} + +static inline u8 +get_mac_address (u32 sw_if_index, u8 * address) +{ + vnet_main_t *vnm = vnet_get_main (); + vnet_hw_interface_t *hw_if = vnet_get_sup_hw_interface (vnm, sw_if_index); + if (!hw_if->hw_address) + return 1; + clib_memcpy (address, hw_if->hw_address, 6); + return 0; +} + +static inline vlib_buffer_t * +create_buffer_for_rs (vlib_main_t * vm, ip6_radv_t * radv_info) +{ + u32 bi0; + vlib_buffer_t *p0; + vlib_buffer_free_list_t *fl; + icmp6_router_solicitation_header_t *rh; + u16 payload_length; + int bogus_length; + u32 sw_if_index; + + sw_if_index = radv_info->sw_if_index; + + if (vlib_buffer_alloc (vm, &bi0, 1) != 1) + { + clib_warning ("buffer allocation failure"); + return 0; + } + + p0 = vlib_get_buffer (vm, bi0); + fl = vlib_buffer_get_free_list (vm, VLIB_BUFFER_DEFAULT_FREE_LIST_INDEX); + vlib_buffer_init_for_free_list (p0, fl); + VLIB_BUFFER_TRACE_TRAJECTORY_INIT (p0); + p0->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED; + + vnet_buffer (p0)->sw_if_index[VLIB_RX] = sw_if_index; + vnet_buffer (p0)->sw_if_index[VLIB_TX] = sw_if_index; + + vnet_buffer (p0)->ip.adj_index[VLIB_TX] = radv_info->mcast_adj_index; + + rh = vlib_buffer_get_current (p0); + p0->current_length = sizeof (*rh); + + rh->neighbor.icmp.type = ICMP6_router_solicitation; + rh->neighbor.icmp.code = 0; + rh->neighbor.icmp.checksum = 0; + rh->neighbor.reserved_must_be_zero = 0; + + rh->link_layer_option.header.type = + ICMP6_NEIGHBOR_DISCOVERY_OPTION_source_link_layer_address; + if (0 != get_mac_address (sw_if_index, + rh->link_layer_option.ethernet_address)) + { + clib_warning ("interface with sw_if_index %u has no mac address", + sw_if_index); + vlib_buffer_free (vm, &bi0, 1); + return 0; + } + rh->link_layer_option.header.n_data_u64s = 1; + + payload_length = sizeof (rh->neighbor) + sizeof (u64); + + rh->ip.ip_version_traffic_class_and_flow_label = + clib_host_to_net_u32 (0x6 << 28); + rh->ip.payload_length = clib_host_to_net_u16 (payload_length); + rh->ip.protocol = IP_PROTOCOL_ICMP6; + rh->ip.hop_limit = 255; + rh->ip.src_address = radv_info->link_local_address; + /* set address ff02::2 */ + rh->ip.dst_address.as_u64[0] = clib_host_to_net_u64 (0xff02L << 48); + rh->ip.dst_address.as_u64[1] = clib_host_to_net_u64 (2); + + rh->neighbor.icmp.checksum = ip6_tcp_udp_icmp_compute_checksum (vm, p0, + &rh->ip, + &bogus_length); + + return p0; +} + +static inline void +stop_sending_rs (vlib_main_t * vm, ip6_radv_t * ra) +{ + u32 bi0; + + ra->keep_sending_rs = 0; + if (ra->buffer) + { + bi0 = vlib_get_buffer_index (vm, ra->buffer); + vlib_buffer_free (vm, &bi0, 1); + ra->buffer = 0; + } +} + +static inline bool +check_send_rs (vlib_main_t * vm, ip6_radv_t * radv_info, f64 current_time, + f64 * due_time) +{ + vlib_buffer_t *p0; + vlib_frame_t *f; + u32 *to_next; + u32 next_index; + vlib_buffer_t *c0; + u32 ci0; + + icmp6_send_router_solicitation_params_t *params; + + if (!radv_info->keep_sending_rs) + return false; + + params = &radv_info->params; + + if (radv_info->due_time > current_time) + { + *due_time = radv_info->due_time; + return true; + } + + p0 = radv_info->buffer; + + next_index = ip6_rewrite_mcast_node.index; + + c0 = vlib_buffer_copy (vm, p0); + ci0 = vlib_get_buffer_index (vm, c0); + + f = vlib_get_frame_to_node (vm, next_index); + to_next = vlib_frame_vector_args (f); + to_next[0] = ci0; + f->n_vectors = 1; + vlib_put_frame_to_node (vm, next_index, f); + + if (params->mrc != 0 && --radv_info->n_left == 0) + stop_sending_rs (vm, radv_info); + else + { + radv_info->sleep_interval = + (2 + random_f64_from_to (-0.1, 0.1)) * radv_info->sleep_interval; + if (radv_info->sleep_interval > params->mrt) + radv_info->sleep_interval = + (1 + random_f64_from_to (-0.1, 0.1)) * params->mrt; + + radv_info->due_time = current_time + radv_info->sleep_interval; + + if (params->mrd != 0 + && current_time > radv_info->start_time + params->mrd) + stop_sending_rs (vm, radv_info); + else + *due_time = radv_info->due_time; + } + + return radv_info->keep_sending_rs; +} + +static uword +send_rs_process (vlib_main_t * vm, vlib_node_runtime_t * rt, + vlib_frame_t * f0) +{ + ip6_neighbor_main_t *nm = &ip6_neighbor_main; + ip6_radv_t *radv_info; + uword *event_data = 0; + f64 sleep_time = 1e9; + f64 current_time; + f64 due_time; + f64 dt = 0; + + while (true) + { + vlib_process_wait_for_event_or_clock (vm, sleep_time); + vlib_process_get_events (vm, &event_data); + vec_reset_length (event_data); + + current_time = vlib_time_now (vm); + do + { + due_time = current_time + 1e9; + /* *INDENT-OFF* */ + pool_foreach (radv_info, nm->if_radv_pool, + ({ + if (check_send_rs (vm, radv_info, current_time, &dt) + && (dt < due_time)) + due_time = dt; + })); + /* *INDENT-ON* */ + current_time = vlib_time_now (vm); + } + while (due_time < current_time); + + sleep_time = due_time - current_time; + } + + return 0; +} + +/* *INDENT-OFF* */ +VLIB_REGISTER_NODE (send_rs_process_node) = { + .function = send_rs_process, + .type = VLIB_NODE_TYPE_PROCESS, + .name = "send-rs-process", +}; +/* *INDENT-ON* */ + +void +icmp6_send_router_solicitation (vlib_main_t * vm, u32 sw_if_index, u8 stop, + icmp6_send_router_solicitation_params_t * + params) +{ + ip6_neighbor_main_t *nm = &ip6_neighbor_main; + u32 rai; + ip6_radv_t *ra = 0; + + ASSERT (~0 != sw_if_index); + + rai = nm->if_radv_pool_index_by_sw_if_index[sw_if_index]; + ra = pool_elt_at_index (nm->if_radv_pool, rai); + + stop_sending_rs (vm, ra); + + if (!stop) + { + ra->keep_sending_rs = 1; + ra->params = *params; + ra->n_left = params->mrc; + ra->start_time = vlib_time_now (vm); + ra->sleep_interval = (1 + random_f64_from_to (-0.1, 0.1)) * params->irt; + ra->due_time = 0; /* send first packet ASAP */ + ra->buffer = create_buffer_for_rs (vm, ra); + if (!ra->buffer) + ra->keep_sending_rs = 0; + else + vlib_process_signal_event (vm, send_rs_process_node.index, 1, 0); + } +} + +/** + * @brief Add a multicast Address to the advertised MLD set + */ +static void +ip6_neighbor_add_mld_prefix (ip6_radv_t * radv_info, ip6_address_t * addr) +{ + ip6_mldp_group_t *mcast_group_info; + uword *p; + + /* lookup mldp info for this interface */ + p = mhash_get (&radv_info->address_to_mldp_index, addr); + mcast_group_info = + p ? pool_elt_at_index (radv_info->mldp_group_pool, p[0]) : 0; + + /* add address */ + if (!mcast_group_info) + { + /* add */ + u32 mi; + pool_get (radv_info->mldp_group_pool, mcast_group_info); + + mi = mcast_group_info - radv_info->mldp_group_pool; + mhash_set (&radv_info->address_to_mldp_index, addr, mi, /* old_value */ + 0); + + mcast_group_info->type = 4; + mcast_group_info->mcast_source_address_pool = 0; + mcast_group_info->num_sources = 0; + clib_memcpy (&mcast_group_info->mcast_address, addr, + sizeof (ip6_address_t)); + } +} + +/** + * @brief Delete a multicast Address from the advertised MLD set + */ +static void +ip6_neighbor_del_mld_prefix (ip6_radv_t * radv_info, ip6_address_t * addr) +{ + ip6_mldp_group_t *mcast_group_info; + uword *p; + + p = mhash_get (&radv_info->address_to_mldp_index, &addr); + mcast_group_info = + p ? pool_elt_at_index (radv_info->mldp_group_pool, p[0]) : 0; + + if (mcast_group_info) + { + mhash_unset (&radv_info->address_to_mldp_index, &addr, + /* old_value */ 0); + pool_put (radv_info->mldp_group_pool, mcast_group_info); + } +} + +/** + * @brief Add a multicast Address to the advertised MLD set + */ +static void +ip6_neighbor_add_mld_grp (ip6_radv_t * a, + ip6_multicast_address_scope_t scope, + ip6_multicast_link_local_group_id_t group) +{ + ip6_address_t addr; + + ip6_set_reserved_multicast_address (&addr, scope, group); + + ip6_neighbor_add_mld_prefix (a, &addr); +} + +/** + * @brief create and initialize router advertisement parameters with default + * values for this intfc + */ +u32 ip6_neighbor_sw_interface_add_del (vnet_main_t * vnm, u32 sw_if_index, u32 is_add) { @@ -1952,47 +2599,32 @@ ip6_neighbor_sw_interface_add_del (vnet_main_t * vnm, if (!is_add) { - u32 i, *to_delete = 0; ip6_radv_prefix_t *p; ip6_mldp_group_t *m; /* release the lock on the interface's mcast adj */ adj_unlock (a->mcast_adj_index); - /* clean up prefix_pool */ + /* clean up prefix and MDP pools */ /* *INDENT-OFF* */ - pool_foreach (p, a->adv_prefixes_pool, + pool_flush(p, a->adv_prefixes_pool, ({ - vec_add1 (to_delete, p - a->adv_prefixes_pool); - })); - /* *INDENT-ON* */ - - for (i = 0; i < vec_len (to_delete); i++) - { - p = pool_elt_at_index (a->adv_prefixes_pool, to_delete[i]); mhash_unset (&a->address_to_prefix_index, &p->prefix, 0); - pool_put (a->adv_prefixes_pool, p); - } - - vec_free (to_delete); - to_delete = 0; - - /* clean up mldp group pool */ - /* *INDENT-OFF* */ - pool_foreach (m, a->mldp_group_pool, + })); + pool_flush (m, a->mldp_group_pool, ({ - vec_add1 (to_delete, m - a->mldp_group_pool); + mhash_unset (&a->address_to_mldp_index, &m->mcast_address, 0); })); /* *INDENT-ON* */ - for (i = 0; i < vec_len (to_delete); i++) - { - m = pool_elt_at_index (a->mldp_group_pool, to_delete[i]); - mhash_unset (&a->address_to_mldp_index, &m->mcast_address, 0); - pool_put (a->mldp_group_pool, m); - } + pool_free (a->mldp_group_pool); + pool_free (a->adv_prefixes_pool); + + mhash_free (&a->address_to_prefix_index); + mhash_free (&a->address_to_mldp_index); - vec_free (to_delete); + if (a->keep_sending_rs) + a->keep_sending_rs = 0; pool_put (nm->if_radv_pool, a); nm->if_radv_pool_index_by_sw_if_index[sw_if_index] = ~0; @@ -2003,10 +2635,6 @@ ip6_neighbor_sw_interface_add_del (vnet_main_t * vnm, { if (is_add) { - vnet_hw_interface_t *hw_if0; - - hw_if0 = vnet_get_sup_hw_interface (vnm, sw_if_index); - pool_get (nm->if_radv_pool, a); ri = a - nm->if_radv_pool; @@ -2016,13 +2644,13 @@ ip6_neighbor_sw_interface_add_del (vnet_main_t * vnm, memset (a, 0, sizeof (a[0])); a->sw_if_index = sw_if_index; - a->fib_index = ~0; a->max_radv_interval = DEF_MAX_RADV_INTERVAL; a->min_radv_interval = DEF_MIN_RADV_INTERVAL; a->curr_hop_limit = DEF_CURR_HOP_LIMIT; a->adv_router_lifetime_in_sec = DEF_DEF_RTR_LIFETIME; - a->adv_link_layer_address = 1; /* send ll address source address option */ + /* send ll address source address option */ + a->adv_link_layer_address = 1; a->min_delay_between_radv = MIN_DELAY_BETWEEN_RAS; a->max_delay_between_radv = MAX_DELAY_BETWEEN_RAS; @@ -2040,7 +2668,8 @@ ip6_neighbor_sw_interface_add_del (vnet_main_t * vnm, a->send_radv = 1; /* fill in radv_info for this interface that will be needed later */ - a->adv_link_mtu = hw_if0->max_l3_packet_bytes[VLIB_RX]; + a->adv_link_mtu = + vnet_sw_interface_get_mtu (vnm, sw_if_index, VNET_MTU_IP6); clib_memcpy (a->link_layer_address, eth_if0->address, 6); @@ -2050,94 +2679,25 @@ ip6_neighbor_sw_interface_add_del (vnet_main_t * vnm, mhash_init (&a->address_to_prefix_index, sizeof (uword), sizeof (ip6_address_t)); - mhash_init (&a->address_to_mldp_index, sizeof (uword), - sizeof (ip6_address_t)); - - a->mcast_adj_index = adj_mcast_add_or_lock (FIB_PROTOCOL_IP6, - VNET_LINK_IP6, - sw_if_index); - - /* add multicast groups we will always be reporting */ - ip6_address_t addr; - ip6_mldp_group_t *mcast_group_info; - - ip6_set_reserved_multicast_address (&addr, - IP6_MULTICAST_SCOPE_link_local, - IP6_MULTICAST_GROUP_ID_all_hosts); - - /* lookup mldp info for this interface */ - - uword *p = mhash_get (&a->address_to_mldp_index, &addr); - mcast_group_info = - p ? pool_elt_at_index (a->mldp_group_pool, p[0]) : 0; - - /* add address */ - if (!mcast_group_info) - { - /* add */ - u32 mi; - pool_get (a->mldp_group_pool, mcast_group_info); - - mi = mcast_group_info - a->mldp_group_pool; - mhash_set (&a->address_to_mldp_index, &addr, mi, /* old_value */ - 0); - - mcast_group_info->type = 4; - mcast_group_info->mcast_source_address_pool = 0; - mcast_group_info->num_sources = 0; - clib_memcpy (&mcast_group_info->mcast_address, &addr, - sizeof (ip6_address_t)); - } - - ip6_set_reserved_multicast_address (&addr, - IP6_MULTICAST_SCOPE_link_local, - IP6_MULTICAST_GROUP_ID_all_routers); - - p = mhash_get (&a->address_to_mldp_index, &addr); - mcast_group_info = - p ? pool_elt_at_index (a->mldp_group_pool, p[0]) : 0; - - if (!mcast_group_info) - { - /* add */ - u32 mi; - pool_get (a->mldp_group_pool, mcast_group_info); - - mi = mcast_group_info - a->mldp_group_pool; - mhash_set (&a->address_to_mldp_index, &addr, mi, /* old_value */ - 0); - - mcast_group_info->type = 4; - mcast_group_info->mcast_source_address_pool = 0; - mcast_group_info->num_sources = 0; - clib_memcpy (&mcast_group_info->mcast_address, &addr, - sizeof (ip6_address_t)); - } - - ip6_set_reserved_multicast_address (&addr, - IP6_MULTICAST_SCOPE_link_local, - IP6_MULTICAST_GROUP_ID_mldv2_routers); - - p = mhash_get (&a->address_to_mldp_index, &addr); - mcast_group_info = - p ? pool_elt_at_index (a->mldp_group_pool, p[0]) : 0; + mhash_init (&a->address_to_mldp_index, sizeof (uword), + sizeof (ip6_address_t)); - if (!mcast_group_info) - { - /* add */ - u32 mi; - pool_get (a->mldp_group_pool, mcast_group_info); + a->mcast_adj_index = adj_mcast_add_or_lock (FIB_PROTOCOL_IP6, + VNET_LINK_IP6, + sw_if_index); - mi = mcast_group_info - a->mldp_group_pool; - mhash_set (&a->address_to_mldp_index, &addr, mi, /* old_value */ - 0); + a->keep_sending_rs = 0; - mcast_group_info->type = 4; - mcast_group_info->mcast_source_address_pool = 0; - mcast_group_info->num_sources = 0; - clib_memcpy (&mcast_group_info->mcast_address, &addr, - sizeof (ip6_address_t)); - } + /* add multicast groups we will always be reporting */ + ip6_neighbor_add_mld_grp (a, + IP6_MULTICAST_SCOPE_link_local, + IP6_MULTICAST_GROUP_ID_all_hosts); + ip6_neighbor_add_mld_grp (a, + IP6_MULTICAST_SCOPE_link_local, + IP6_MULTICAST_GROUP_ID_all_routers); + ip6_neighbor_add_mld_grp (a, + IP6_MULTICAST_SCOPE_link_local, + IP6_MULTICAST_GROUP_ID_mldv2_routers); } } return ri; @@ -2258,7 +2818,7 @@ ip6_neighbor_send_mldpv2_report (u32 sw_if_index) num_addr_records++; vlib_buffer_add_data - (vm, b0->free_list_index, bo0, + (vm, vlib_buffer_get_free_list_index (b0), bo0, (void *)&rr, sizeof(icmp6_multicast_address_record_t)); payload_length += sizeof( icmp6_multicast_address_record_t); @@ -2283,7 +2843,7 @@ ip6_neighbor_send_mldpv2_report (u32 sw_if_index) vnet_main.local_interface_sw_if_index; vnet_buffer (b0)->ip.adj_index[VLIB_TX] = radv_info->mcast_adj_index; - b0->flags |= VNET_BUFFER_LOCALLY_ORIGINATED; + b0->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED; vlib_node_t *node = vlib_get_node_by_name (vm, (u8 *) "ip6-rewrite-mcast"); @@ -2308,7 +2868,7 @@ VLIB_REGISTER_NODE (ip6_icmp_router_solicitation_node,static) = .n_next_nodes = ICMP6_ROUTER_SOLICITATION_N_NEXT, .next_nodes = { - [ICMP6_ROUTER_SOLICITATION_NEXT_DROP] = "error-drop", + [ICMP6_ROUTER_SOLICITATION_NEXT_DROP] = "ip6-drop", [ICMP6_ROUTER_SOLICITATION_NEXT_REPLY_RW] = "ip6-rewrite-mcast", [ICMP6_ROUTER_SOLICITATION_NEXT_REPLY_TX] = "interface-output", }, @@ -2501,7 +3061,7 @@ VLIB_REGISTER_NODE (ip6_icmp_router_advertisement_node,static) = .n_next_nodes = 1, .next_nodes = { - [0] = "error-drop", + [0] = "ip6-drop", }, }; /* *INDENT-ON* */ @@ -2544,7 +3104,7 @@ VLIB_REGISTER_NODE (ip6_icmp_neighbor_solicitation_node,static) = .n_next_nodes = ICMP6_NEIGHBOR_SOLICITATION_N_NEXT, .next_nodes = { - [ICMP6_NEIGHBOR_SOLICITATION_NEXT_DROP] = "error-drop", + [ICMP6_NEIGHBOR_SOLICITATION_NEXT_DROP] = "ip6-drop", [ICMP6_NEIGHBOR_SOLICITATION_NEXT_REPLY] = "interface-output", }, }; @@ -2562,7 +3122,284 @@ VLIB_REGISTER_NODE (ip6_icmp_neighbor_advertisement_node,static) = .n_next_nodes = 1, .next_nodes = { - [0] = "error-drop", + [0] = "ip6-drop", + }, +}; +/* *INDENT-ON* */ + +typedef enum +{ + IP6_DISCOVER_NEIGHBOR_NEXT_DROP, + IP6_DISCOVER_NEIGHBOR_NEXT_REPLY_TX, + IP6_DISCOVER_NEIGHBOR_N_NEXT, +} ip6_discover_neighbor_next_t; + +typedef enum +{ + IP6_DISCOVER_NEIGHBOR_ERROR_DROP, + IP6_DISCOVER_NEIGHBOR_ERROR_REQUEST_SENT, + IP6_DISCOVER_NEIGHBOR_ERROR_NO_SOURCE_ADDRESS, +} ip6_discover_neighbor_error_t; + +static uword +ip6_discover_neighbor_inline (vlib_main_t * vm, + vlib_node_runtime_t * node, + vlib_frame_t * frame, int is_glean) +{ + vnet_main_t *vnm = vnet_get_main (); + ip6_main_t *im = &ip6_main; + ip_lookup_main_t *lm = &im->lookup_main; + u32 *from, *to_next_drop; + uword n_left_from, n_left_to_next_drop; + static f64 time_last_seed_change = -1e100; + static u32 hash_seeds[3]; + static uword hash_bitmap[256 / BITS (uword)]; + f64 time_now; + int bogus_length; + ip6_neighbor_main_t *nm = &ip6_neighbor_main; + + if (node->flags & VLIB_NODE_FLAG_TRACE) + ip6_forward_next_trace (vm, node, frame, VLIB_TX); + + time_now = vlib_time_now (vm); + if (time_now - time_last_seed_change > 1e-3) + { + uword i; + u32 *r = clib_random_buffer_get_data (&vm->random_buffer, + sizeof (hash_seeds)); + for (i = 0; i < ARRAY_LEN (hash_seeds); i++) + hash_seeds[i] = r[i]; + + /* Mark all hash keys as been not-seen before. */ + for (i = 0; i < ARRAY_LEN (hash_bitmap); i++) + hash_bitmap[i] = 0; + + time_last_seed_change = time_now; + } + + from = vlib_frame_vector_args (frame); + n_left_from = frame->n_vectors; + + while (n_left_from > 0) + { + vlib_get_next_frame (vm, node, IP6_DISCOVER_NEIGHBOR_NEXT_DROP, + to_next_drop, n_left_to_next_drop); + + while (n_left_from > 0 && n_left_to_next_drop > 0) + { + vlib_buffer_t *p0; + ip6_header_t *ip0; + u32 pi0, adj_index0, a0, b0, c0, m0, sw_if_index0, drop0; + uword bm0; + ip_adjacency_t *adj0; + vnet_hw_interface_t *hw_if0; + ip6_radv_t *radv_info; + u32 next0; + + pi0 = from[0]; + + p0 = vlib_get_buffer (vm, pi0); + + adj_index0 = vnet_buffer (p0)->ip.adj_index[VLIB_TX]; + + ip0 = vlib_buffer_get_current (p0); + + adj0 = adj_get (adj_index0); + + if (!is_glean) + { + ip0->dst_address.as_u64[0] = + adj0->sub_type.nbr.next_hop.ip6.as_u64[0]; + ip0->dst_address.as_u64[1] = + adj0->sub_type.nbr.next_hop.ip6.as_u64[1]; + } + + a0 = hash_seeds[0]; + b0 = hash_seeds[1]; + c0 = hash_seeds[2]; + + sw_if_index0 = adj0->rewrite_header.sw_if_index; + vnet_buffer (p0)->sw_if_index[VLIB_TX] = sw_if_index0; + + a0 ^= sw_if_index0; + b0 ^= ip0->dst_address.as_u32[0]; + c0 ^= ip0->dst_address.as_u32[1]; + + hash_v3_mix32 (a0, b0, c0); + + b0 ^= ip0->dst_address.as_u32[2]; + c0 ^= ip0->dst_address.as_u32[3]; + + hash_v3_finalize32 (a0, b0, c0); + + c0 &= BITS (hash_bitmap) - 1; + c0 = c0 / BITS (uword); + m0 = (uword) 1 << (c0 % BITS (uword)); + + bm0 = hash_bitmap[c0]; + drop0 = (bm0 & m0) != 0; + + /* Mark it as seen. */ + hash_bitmap[c0] = bm0 | m0; + + from += 1; + n_left_from -= 1; + to_next_drop[0] = pi0; + to_next_drop += 1; + n_left_to_next_drop -= 1; + + hw_if0 = vnet_get_sup_hw_interface (vnm, sw_if_index0); + + /* If the interface is link-down, drop the pkt */ + if (!(hw_if0->flags & VNET_HW_INTERFACE_FLAG_LINK_UP)) + drop0 = 1; + + if (vec_len (nm->if_radv_pool_index_by_sw_if_index) > sw_if_index0) + { + u32 ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index0]; + + if (ri != ~0) + radv_info = pool_elt_at_index (nm->if_radv_pool, ri); + else + drop0 = 1; + } + else + drop0 = 1; + + /* + * the adj has been updated to a rewrite but the node the DPO that got + * us here hasn't - yet. no big deal. we'll drop while we wait. + */ + if (IP_LOOKUP_NEXT_REWRITE == adj0->lookup_next_index) + drop0 = 1; + + p0->error = + node->errors[drop0 ? IP6_DISCOVER_NEIGHBOR_ERROR_DROP + : IP6_DISCOVER_NEIGHBOR_ERROR_REQUEST_SENT]; + + if (drop0) + continue; + + { + u32 bi0 = 0; + icmp6_neighbor_solicitation_header_t *h0; + vlib_buffer_t *b0; + + h0 = vlib_packet_template_get_packet + (vm, &im->discover_neighbor_packet_template, &bi0); + if (!h0) + continue; + + /* + * Build ethernet header. + * Choose source address based on destination lookup + * adjacency. + */ + if (!ip6_src_address_for_packet (lm, + sw_if_index0, + &ip0->dst_address, + &h0->ip.src_address)) + { + /* There is no address on the interface */ + p0->error = + node->errors[IP6_DISCOVER_NEIGHBOR_ERROR_NO_SOURCE_ADDRESS]; + vlib_buffer_free (vm, &bi0, 1); + continue; + } + + /* + * Destination address is a solicited node multicast address. + * We need to fill in + * the low 24 bits with low 24 bits of target's address. + */ + h0->ip.dst_address.as_u8[13] = ip0->dst_address.as_u8[13]; + h0->ip.dst_address.as_u8[14] = ip0->dst_address.as_u8[14]; + h0->ip.dst_address.as_u8[15] = ip0->dst_address.as_u8[15]; + + h0->neighbor.target_address = ip0->dst_address; + + clib_memcpy (h0->link_layer_option.ethernet_address, + hw_if0->hw_address, vec_len (hw_if0->hw_address)); + + /* $$$$ appears we need this; why is the checksum non-zero? */ + h0->neighbor.icmp.checksum = 0; + h0->neighbor.icmp.checksum = + ip6_tcp_udp_icmp_compute_checksum (vm, 0, &h0->ip, + &bogus_length); + + ASSERT (bogus_length == 0); + + vlib_buffer_copy_trace_flag (vm, p0, bi0); + b0 = vlib_get_buffer (vm, bi0); + vnet_buffer (b0)->sw_if_index[VLIB_TX] + = vnet_buffer (p0)->sw_if_index[VLIB_TX]; + + vnet_buffer (b0)->ip.adj_index[VLIB_TX] = + radv_info->mcast_adj_index; + + b0->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED; + next0 = IP6_DISCOVER_NEIGHBOR_NEXT_REPLY_TX; + + vlib_set_next_frame_buffer (vm, node, next0, bi0); + } + } + + vlib_put_next_frame (vm, node, IP6_DISCOVER_NEIGHBOR_NEXT_DROP, + n_left_to_next_drop); + } + + return frame->n_vectors; +} + +static uword +ip6_discover_neighbor (vlib_main_t * vm, + vlib_node_runtime_t * node, vlib_frame_t * frame) +{ + return (ip6_discover_neighbor_inline (vm, node, frame, 0)); +} + +static uword +ip6_glean (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame) +{ + return (ip6_discover_neighbor_inline (vm, node, frame, 1)); +} + +static char *ip6_discover_neighbor_error_strings[] = { + [IP6_DISCOVER_NEIGHBOR_ERROR_DROP] = "address overflow drops", + [IP6_DISCOVER_NEIGHBOR_ERROR_REQUEST_SENT] = "neighbor solicitations sent", + [IP6_DISCOVER_NEIGHBOR_ERROR_NO_SOURCE_ADDRESS] + = "no source address for ND solicitation", +}; + +/* *INDENT-OFF* */ +VLIB_REGISTER_NODE (ip6_glean_node) = +{ + .function = ip6_glean, + .name = "ip6-glean", + .vector_size = sizeof (u32), + .format_trace = format_ip6_forward_next_trace, + .n_errors = ARRAY_LEN (ip6_discover_neighbor_error_strings), + .error_strings = ip6_discover_neighbor_error_strings, + .n_next_nodes = IP6_DISCOVER_NEIGHBOR_N_NEXT, + .next_nodes = + { + [IP6_DISCOVER_NEIGHBOR_NEXT_DROP] = "ip6-drop", + [IP6_DISCOVER_NEIGHBOR_NEXT_REPLY_TX] = "ip6-rewrite-mcast", + }, +}; +VLIB_REGISTER_NODE (ip6_discover_neighbor_node) = +{ + .function = ip6_discover_neighbor, + .name = "ip6-discover-neighbor", + .vector_size = sizeof (u32), + .format_trace = format_ip6_forward_next_trace, + .n_errors = ARRAY_LEN (ip6_discover_neighbor_error_strings), + .error_strings = ip6_discover_neighbor_error_strings, + .n_next_nodes = IP6_DISCOVER_NEIGHBOR_N_NEXT, + .next_nodes = + { + [IP6_DISCOVER_NEIGHBOR_NEXT_DROP] = "ip6-drop", + [IP6_DISCOVER_NEIGHBOR_NEXT_REPLY_TX] = "ip6-rewrite-mcast", }, }; /* *INDENT-ON* */ @@ -3144,6 +3981,10 @@ show_ip6_interface_cmd (vlib_main_t * vm, vec_free (unknown_scope); } + vlib_cli_output (vm, "\tLink-local address(es):\n"); + vlib_cli_output (vm, "\t\t%U\n", format_ip6_address, + &radv_info->link_local_address); + vlib_cli_output (vm, "\tJoined group address(es):\n"); ip6_mldp_group_t *m; /* *INDENT-OFF* */ @@ -3266,7 +4107,6 @@ disable_ip6_interface (vlib_main_t * vm, u32 sw_if_index) /* if not created - do nothing */ if (ri != ~0) { - vnet_main_t *vnm = vnet_get_main (); ip6_radv_t *radv_info; radv_info = pool_elt_at_index (nm->if_radv_pool, ri); @@ -3276,13 +4116,15 @@ disable_ip6_interface (vlib_main_t * vm, u32 sw_if_index) if (radv_info->ref_count == 0) { /* essentially "disables" ipv6 on this interface */ - error = ip6_add_del_interface_address (vm, sw_if_index, - &radv_info-> - link_local_address, 128, - 1 /* is_del */ ); - - ip6_neighbor_sw_interface_add_del (vnm, sw_if_index, - 0 /* is_add */ ); + ip6_ll_prefix_t ilp = { + .ilp_addr = radv_info->link_local_address, + .ilp_sw_if_index = sw_if_index, + }; + ip6_ll_table_entry_delete (&ilp); + ip6_sw_interface_enable_disable (sw_if_index, 0); + ip6_mfib_interface_enable_disable (sw_if_index, 0); + ip6_neighbor_sw_interface_add_del (vnet_get_main (), sw_if_index, + 0); } } return error; @@ -3347,39 +4189,33 @@ enable_ip6_interface (vlib_main_t * vm, u32 sw_if_index) (&link_local_address, eth_if0->address); sw_if0 = vnet_get_sw_interface (vnm, sw_if_index); - if (sw_if0->type == VNET_SW_INTERFACE_TYPE_SUB) + if (sw_if0->type == VNET_SW_INTERFACE_TYPE_SUB || + sw_if0->type == VNET_SW_INTERFACE_TYPE_PIPE || + sw_if0->type == VNET_SW_INTERFACE_TYPE_P2P) { /* make up an interface id */ - md5_context_t m; - u8 digest[16]; - - link_local_address.as_u64[0] = radv_info->randomizer; - - md5_init (&m); - md5_add (&m, &link_local_address, 16); - md5_finish (&m, digest); - - clib_memcpy (&link_local_address, digest, 16); - - radv_info->randomizer = link_local_address.as_u64[0]; + link_local_address.as_u64[1] = + random_u64 (&radv_info->randomizer); link_local_address.as_u64[0] = clib_host_to_net_u64 (0xFE80000000000000ULL); /* clear u bit */ link_local_address.as_u8[8] &= 0xfd; } + { + ip6_ll_prefix_t ilp = { + .ilp_addr = link_local_address, + .ilp_sw_if_index = sw_if_index, + }; + + ip6_ll_table_entry_update (&ilp, FIB_ROUTE_PATH_LOCAL); + } /* essentially "enables" ipv6 on this interface */ - error = ip6_add_del_interface_address (vm, sw_if_index, - &link_local_address, - 128 - /* address width */ , - 0 /* is_del */ ); - - if (error) - ip6_neighbor_sw_interface_add_del (vnm, sw_if_index, - !is_add); - else + ip6_mfib_interface_enable_disable (sw_if_index, 1); + ip6_sw_interface_enable_disable (sw_if_index, 1); + + if (!error) { radv_info->link_local_address = link_local_address; } @@ -3390,6 +4226,27 @@ enable_ip6_interface (vlib_main_t * vm, u32 sw_if_index) return error; } +int +ip6_get_ll_address (u32 sw_if_index, ip6_address_t * addr) +{ + ip6_neighbor_main_t *nm = &ip6_neighbor_main; + ip6_radv_t *radv_info; + u32 ri; + + if (vec_len (nm->if_radv_pool_index_by_sw_if_index) < sw_if_index) + return 0; + + ri = nm->if_radv_pool_index_by_sw_if_index[sw_if_index]; + + if (ri == ~0) + return 0; + + radv_info = pool_elt_at_index (nm->if_radv_pool, ri); + *addr = radv_info->link_local_address; + + return (!0); +} + static clib_error_t * enable_ip6_interface_cmd (vlib_main_t * vm, unformat_input_t * input, vlib_cli_command_t * cmd) @@ -3691,7 +4548,9 @@ VLIB_CLI_COMMAND (set_ip6_link_local_address_command, static) = }; /* *INDENT-ON* */ -/* callback when an interface address is added or deleted */ +/** + * @brief callback when an interface address is added or deleted + */ static void ip6_neighbor_add_del_interface_address (ip6_main_t * im, uword opaque, @@ -3706,7 +4565,6 @@ ip6_neighbor_add_del_interface_address (ip6_main_t * im, vlib_main_t *vm = vnm->vlib_main; ip6_radv_t *radv_info; ip6_address_t a; - ip6_mldp_group_t *mcast_group_info; /* create solicited node multicast address for this interface adddress */ ip6_set_solicited_node_multicast_address (&a, 0); @@ -3733,28 +4591,7 @@ ip6_neighbor_add_del_interface_address (ip6_main_t * im, if (!ip6_address_is_link_local_unicast (address)) radv_info->ref_count++; - /* lookup prefix info for this address on this interface */ - uword *p = mhash_get (&radv_info->address_to_mldp_index, &a); - mcast_group_info = - p ? pool_elt_at_index (radv_info->mldp_group_pool, p[0]) : 0; - - /* add -solicted node multicast address */ - if (!mcast_group_info) - { - /* add */ - u32 mi; - pool_get (radv_info->mldp_group_pool, mcast_group_info); - - mi = mcast_group_info - radv_info->mldp_group_pool; - mhash_set (&radv_info->address_to_mldp_index, &a, mi, - /* old_value */ 0); - - mcast_group_info->type = 4; - mcast_group_info->mcast_source_address_pool = 0; - mcast_group_info->num_sources = 0; - clib_memcpy (&mcast_group_info->mcast_address, &a, - sizeof (ip6_address_t)); - } + ip6_neighbor_add_mld_prefix (radv_info, &a); } } else @@ -3771,17 +4608,7 @@ ip6_neighbor_add_del_interface_address (ip6_main_t * im, /* get radv_info */ radv_info = pool_elt_at_index (nm->if_radv_pool, ri); - /* lookup prefix info for this address on this interface */ - uword *p = mhash_get (&radv_info->address_to_mldp_index, &a); - mcast_group_info = - p ? pool_elt_at_index (radv_info->mldp_group_pool, p[0]) : 0; - - if (mcast_group_info) - { - mhash_unset (&radv_info->address_to_mldp_index, &a, - /* old_value */ 0); - pool_put (radv_info->mldp_group_pool, mcast_group_info); - } + ip6_neighbor_del_mld_prefix (radv_info, &a); /* if interface up send MLDP "report" */ radv_info->all_routers_mcast = 0; @@ -3804,6 +4631,33 @@ ip6_set_neighbor_limit (u32 neighbor_limit) return 0; } +static void +ip6_neighbor_table_bind (ip6_main_t * im, + uword opaque, + u32 sw_if_index, + u32 new_fib_index, u32 old_fib_index) +{ + ip6_neighbor_main_t *nm = &ip6_neighbor_main; + ip6_neighbor_t *n = NULL; + u32 i, *to_re_add = 0; + + /* *INDENT-OFF* */ + pool_foreach (n, nm->neighbor_pool, + ({ + if (n->key.sw_if_index == sw_if_index) + vec_add1 (to_re_add, n - nm->neighbor_pool); + })); + /* *INDENT-ON* */ + + for (i = 0; i < vec_len (to_re_add); i++) + { + n = pool_elt_at_index (nm->neighbor_pool, to_re_add[i]); + ip6_neighbor_adj_fib_remove (n, old_fib_index); + ip6_neighbor_adj_fib_add (n, new_fib_index); + } + vec_free (to_re_add); +} + static clib_error_t * ip6_neighbor_init (vlib_main_t * vm) { @@ -3835,6 +4689,11 @@ ip6_neighbor_init (vlib_main_t * vm) cb.function_opaque = 0; vec_add1 (im->add_del_interface_address_callbacks, cb); + ip6_table_bind_callback_t cbt; + cbt.function = ip6_neighbor_table_bind; + cbt.function_opaque = 0; + vec_add1 (im->table_bind_callbacks, cbt); + mhash_init (&nm->pending_resolutions_by_address, /* value size */ sizeof (uword), /* key size */ sizeof (ip6_address_t)); @@ -3846,6 +4705,10 @@ ip6_neighbor_init (vlib_main_t * vm) /* default, configurable */ nm->limit_neighbor_cache_size = 50000; + nm->wc_ip6_nd_publisher_node = (uword) ~ 0; + + nm->ip6_ra_publisher_node = (uword) ~ 0; + #if 0 /* $$$$ Hack fix for today */ vec_validate_init_empty @@ -3898,76 +4761,65 @@ vnet_add_del_ip6_nd_change_event (vnet_main_t * vnm, { ip6_neighbor_main_t *nm = &ip6_neighbor_main; ip6_address_t *address = address_arg; - uword *p; + + /* Try to find an existing entry */ + u32 *first = (u32 *) mhash_get (&nm->mac_changes_by_address, address); + u32 *p = first; pending_resolution_t *mc; - void (*fp) (u32, u8 *) = data_callback; + while (p && *p != ~0) + { + mc = pool_elt_at_index (nm->mac_changes, *p); + if (mc->node_index == node_index && mc->type_opaque == type_opaque + && mc->pid == pid) + break; + p = &mc->next_index; + } + int found = p && *p != ~0; if (is_add) { - pool_get (nm->mac_changes, mc); + if (found) + return VNET_API_ERROR_ENTRY_ALREADY_EXISTS; - mc->next_index = ~0; - mc->node_index = node_index; - mc->type_opaque = type_opaque; - mc->data = data; - mc->data_callback = data_callback; - mc->pid = pid; + pool_get (nm->mac_changes, mc); + /* *INDENT-OFF* */ + *mc = (pending_resolution_t) + { + .next_index = ~0, + .node_index = node_index, + .type_opaque = type_opaque, + .data = data, + .data_callback = data_callback, + .pid = pid, + }; + /* *INDENT-ON* */ - p = mhash_get (&nm->mac_changes_by_address, address); + /* Insert new resolution at the end of the list */ + u32 new_idx = mc - nm->mac_changes; if (p) - { - /* Insert new resolution at the head of the list */ - mc->next_index = p[0]; - mhash_unset (&nm->mac_changes_by_address, address, 0); - } - - mhash_set (&nm->mac_changes_by_address, address, - mc - nm->mac_changes, 0); - return 0; + p[0] = new_idx; + else + mhash_set (&nm->mac_changes_by_address, address, new_idx, 0); } else { - u32 index; - pending_resolution_t *mc_last = 0; - - p = mhash_get (&nm->mac_changes_by_address, address); - if (p == 0) + if (!found) return VNET_API_ERROR_NO_SUCH_ENTRY; - index = p[0]; + /* Clients may need to clean up pool entries, too */ + void (*fp) (u32, u8 *) = data_callback; + if (fp) + (*fp) (mc->data, 0 /* no new mac addrs */ ); - while (index != (u32) ~ 0) - { - mc = pool_elt_at_index (nm->mac_changes, index); - if (mc->node_index == node_index && - mc->type_opaque == type_opaque && mc->pid == pid) - { - /* Clients may need to clean up pool entries, too */ - if (fp) - (*fp) (mc->data, 0 /* no new mac addrs */ ); - if (index == p[0]) - { - mhash_unset (&nm->mac_changes_by_address, address, 0); - if (mc->next_index != ~0) - mhash_set (&nm->mac_changes_by_address, address, - mc->next_index, 0); - pool_put (nm->mac_changes, mc); - return 0; - } - else - { - ASSERT (mc_last); - mc_last->next_index = mc->next_index; - pool_put (nm->mac_changes, mc); - return 0; - } - } - mc_last = mc; - index = mc->next_index; - } + /* Remove the entry from the list and delete the entry */ + *p = mc->next_index; + pool_put (nm->mac_changes, mc); - return VNET_API_ERROR_NO_SUCH_ENTRY; + /* Remove from hash if we deleted the last entry */ + if (*p == ~0 && p == first) + mhash_unset (&nm->mac_changes_by_address, address, 0); } + return 0; } int @@ -3975,12 +4827,10 @@ vnet_ip6_nd_term (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_buffer_t * p0, ethernet_header_t * eth, - ip6_header_t * ip, u32 sw_if_index, u16 bd_index, u8 shg) + ip6_header_t * ip, u32 sw_if_index, u16 bd_index) { ip6_neighbor_main_t *nm = &ip6_neighbor_main; icmp6_neighbor_solicitation_or_advertisement_header_t *ndh; - pending_resolution_t *mc; - uword *p; ndh = ip6_next_header (ip); if (ndh->icmp.type != ICMP6_neighbor_solicitation && @@ -3996,27 +4846,11 @@ vnet_ip6_nd_term (vlib_main_t * vm, } /* Check if anyone want ND events for L2 BDs */ - p = mhash_get (&nm->mac_changes_by_address, &ip6a_zero); - if (p && shg == 0 && /* Only SHG 0 interface which is more likely local */ - !ip6_address_is_link_local_unicast (&ip->src_address)) + if (PREDICT_FALSE + (nm->wc_ip6_nd_publisher_node != (uword) ~ 0 + && !ip6_address_is_link_local_unicast (&ip->src_address))) { - u32 next_index = p[0]; - while (next_index != (u32) ~ 0) - { - int (*fp) (u32, u8 *, u32, ip6_address_t *); - int rv = 1; - mc = pool_elt_at_index (nm->mac_changes, next_index); - fp = mc->data_callback; - /* Call the callback, return 1 to suppress dup events */ - if (fp) - rv = (*fp) (mc->data, - eth->src_address, sw_if_index, &ip->src_address); - /* Signal the resolver process */ - if (rv == 0) - vlib_process_signal_event (vm, mc->node_index, - mc->type_opaque, mc->data); - next_index = mc->next_index; - } + vnet_nd_wc_publish (sw_if_index, eth->src_address, &ip->src_address); } /* Check if MAC entry exsist for solicited target IP */ @@ -4065,11 +4899,98 @@ vnet_ip6_nd_term (vlib_main_t * vm, } +int +ip6_neighbor_proxy_add_del (u32 sw_if_index, ip6_address_t * addr, u8 is_del) +{ + u32 fib_index; + + fib_prefix_t pfx = { + .fp_len = 128, + .fp_proto = FIB_PROTOCOL_IP6, + .fp_addr = { + .ip6 = *addr, + }, + }; + ip46_address_t nh = { + .ip6 = *addr, + }; + + fib_index = ip6_fib_table_get_index_for_sw_if_index (sw_if_index); + + if (~0 == fib_index) + return VNET_API_ERROR_NO_SUCH_FIB; + + if (is_del) + { + fib_table_entry_path_remove (fib_index, + &pfx, + FIB_SOURCE_IP6_ND_PROXY, + DPO_PROTO_IP6, + &nh, + sw_if_index, + ~0, 1, FIB_ROUTE_PATH_FLAG_NONE); + /* flush the ND cache of this address if it's there */ + vnet_unset_ip6_ethernet_neighbor (vlib_get_main (), + sw_if_index, addr, NULL, 0); + } + else + { + fib_table_entry_path_add (fib_index, + &pfx, + FIB_SOURCE_IP6_ND_PROXY, + FIB_ENTRY_FLAG_NONE, + DPO_PROTO_IP6, + &nh, + sw_if_index, + ~0, 1, NULL, FIB_ROUTE_PATH_FLAG_NONE); + } + return (0); +} + +static clib_error_t * +set_ip6_nd_proxy_cmd (vlib_main_t * vm, + unformat_input_t * input, vlib_cli_command_t * cmd) +{ + vnet_main_t *vnm = vnet_get_main (); + clib_error_t *error = 0; + ip6_address_t addr; + u32 sw_if_index; + u8 is_del = 0; + + if (unformat_user (input, unformat_vnet_sw_interface, vnm, &sw_if_index)) + { + /* get the rest of the command */ + while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT) + { + if (unformat (input, "%U", unformat_ip6_address, &addr)) + break; + else if (unformat (input, "delete") || unformat (input, "del")) + is_del = 1; + else + return (unformat_parse_error (input)); + } + } + + ip6_neighbor_proxy_add_del (sw_if_index, &addr, is_del); + + return error; +} + +/* *INDENT-OFF* */ +VLIB_CLI_COMMAND (set_ip6_nd_proxy_command, static) = +{ + .path = "set ip6 nd proxy", + .short_help = "set ip6 nd proxy ", + .function = set_ip6_nd_proxy_cmd, +}; +/* *INDENT-ON* */ + void ethernet_ndp_change_mac (u32 sw_if_index) { ip6_neighbor_main_t *nm = &ip6_neighbor_main; ip6_neighbor_t *n; + adj_index_t ai; /* *INDENT-OFF* */ pool_foreach (n, nm->neighbor_pool, @@ -4082,6 +5003,83 @@ ethernet_ndp_change_mac (u32 sw_if_index) } })); /* *INDENT-ON* */ + + ai = adj_glean_get (FIB_PROTOCOL_IP6, sw_if_index); + + if (ADJ_INDEX_INVALID != ai) + adj_glean_update_rewrite (ai); +} + +void +send_ip6_na (vlib_main_t * vm, u32 sw_if_index) +{ + ip6_main_t *i6m = &ip6_main; + ip6_address_t *ip6_addr = ip6_interface_first_address (i6m, sw_if_index); + + send_ip6_na_w_addr (vm, ip6_addr, sw_if_index); +} + +void +send_ip6_na_w_addr (vlib_main_t * vm, + const ip6_address_t * ip6_addr, u32 sw_if_index) +{ + ip6_main_t *i6m = &ip6_main; + vnet_main_t *vnm = vnet_get_main (); + u8 *rewrite, rewrite_len; + vnet_hw_interface_t *hi = vnet_get_sup_hw_interface (vnm, sw_if_index); + u8 dst_address[6]; + + if (ip6_addr) + { + clib_warning + ("Sending unsolicitated NA IP6 address %U on sw_if_idex %d", + format_ip6_address, ip6_addr, sw_if_index); + + /* Form unsolicited neighbor advertisement packet from NS pkt template */ + int bogus_length; + u32 bi = 0; + icmp6_neighbor_solicitation_header_t *h = + vlib_packet_template_get_packet (vm, + &i6m->discover_neighbor_packet_template, + &bi); + if (!h) + return; + + ip6_set_reserved_multicast_address (&h->ip.dst_address, + IP6_MULTICAST_SCOPE_link_local, + IP6_MULTICAST_GROUP_ID_all_hosts); + h->ip.src_address = ip6_addr[0]; + h->neighbor.icmp.type = ICMP6_neighbor_advertisement; + h->neighbor.target_address = ip6_addr[0]; + h->neighbor.advertisement_flags = clib_host_to_net_u32 + (ICMP6_NEIGHBOR_ADVERTISEMENT_FLAG_OVERRIDE); + clib_memcpy (h->link_layer_option.ethernet_address, + hi->hw_address, vec_len (hi->hw_address)); + h->neighbor.icmp.checksum = + ip6_tcp_udp_icmp_compute_checksum (vm, 0, &h->ip, &bogus_length); + ASSERT (bogus_length == 0); + + /* Setup MAC header with IP6 Etype and mcast DMAC */ + vlib_buffer_t *b = vlib_get_buffer (vm, bi); + ip6_multicast_ethernet_address (dst_address, + IP6_MULTICAST_GROUP_ID_all_hosts); + rewrite = + ethernet_build_rewrite (vnm, sw_if_index, VNET_LINK_IP6, dst_address); + rewrite_len = vec_len (rewrite); + vlib_buffer_advance (b, -rewrite_len); + ethernet_header_t *e = vlib_buffer_get_current (b); + clib_memcpy (e->dst_address, rewrite, rewrite_len); + vec_free (rewrite); + + /* Send unsolicited ND advertisement packet out the specified interface */ + vnet_buffer (b)->sw_if_index[VLIB_RX] = + vnet_buffer (b)->sw_if_index[VLIB_TX] = sw_if_index; + vlib_frame_t *f = vlib_get_frame_to_node (vm, hi->output_node_index); + u32 *to_next = vlib_frame_vector_args (f); + to_next[0] = bi; + f->n_vectors = 1; + vlib_put_frame_to_node (vm, hi->output_node_index, f); + } } /*