#include <vnet/vnet.h>
#include <vnet/ip/ip.h>
+#include <vnet/ip/ip_frag.h>
#include <vnet/ethernet/ethernet.h> /* for ethernet_header_t */
#include <vnet/ethernet/arp_packet.h> /* for ethernet_arp_header_t */
#include <vnet/ppp/ppp.h>
{
IP4_REWRITE_NEXT_DROP,
IP4_REWRITE_NEXT_ICMP_ERROR,
+ IP4_REWRITE_NEXT_FRAGMENT,
+ IP4_REWRITE_N_NEXT /* Last */
} ip4_rewrite_next_t;
/**
}
else
{
- /* Add support for fragmentation here */
- *next = IP4_REWRITE_NEXT_DROP;
+ /* IP fragmentation */
+ ip_frag_set_vnet_buffer (b, 0, adj_packet_bytes,
+ IP4_FRAG_NEXT_IP4_LOOKUP, 0);
+ *next = IP4_REWRITE_NEXT_FRAGMENT;
}
}
}
.format_trace = format_ip4_rewrite_trace,
- .n_next_nodes = 2,
+ .n_next_nodes = IP4_REWRITE_N_NEXT,
.next_nodes = {
[IP4_REWRITE_NEXT_DROP] = "ip4-drop",
[IP4_REWRITE_NEXT_ICMP_ERROR] = "ip4-icmp-error",
+ [IP4_REWRITE_NEXT_FRAGMENT] = "ip4-frag",
},
};
VLIB_NODE_FUNCTION_MULTIARCH (ip4_rewrite_node, ip4_rewrite)
#include <vnet/vnet.h>
#include <vnet/ip/ip.h>
+#include <vnet/ip/ip_frag.h>
#include <vnet/ip/ip6_neighbor.h>
#include <vnet/ethernet/ethernet.h> /* for ethernet_header_t */
#include <vnet/srp/srp.h> /* for srp_hw_interface_class */
{
IP6_REWRITE_NEXT_DROP,
IP6_REWRITE_NEXT_ICMP_ERROR,
+ IP6_REWRITE_NEXT_FRAGMENT,
+ IP6_REWRITE_N_NEXT /* Last */
} ip6_rewrite_next_t;
/**
always_inline void
ip6_mtu_check (vlib_buffer_t * b, u16 packet_bytes,
- u16 adj_packet_bytes, u32 * next, u32 * error)
+ u16 adj_packet_bytes, bool is_locally_generated,
+ u32 * next, u32 * error)
{
if (adj_packet_bytes >= 1280 && packet_bytes > adj_packet_bytes)
{
- *error = IP6_ERROR_MTU_EXCEEDED;
- icmp6_error_set_vnet_buffer (b, ICMP6_packet_too_big, 0,
- adj_packet_bytes);
- *next = IP6_REWRITE_NEXT_ICMP_ERROR;
+ if (is_locally_generated)
+ {
+ /* IP fragmentation */
+ ip_frag_set_vnet_buffer (b, 0, adj_packet_bytes,
+ IP6_FRAG_NEXT_IP6_LOOKUP, 0);
+ *next = IP6_REWRITE_NEXT_FRAGMENT;
+ }
+ else
+ {
+ *error = IP6_ERROR_MTU_EXCEEDED;
+ icmp6_error_set_vnet_buffer (b, ICMP6_packet_too_big, 0,
+ adj_packet_bytes);
+ *next = IP6_REWRITE_NEXT_ICMP_ERROR;
+ }
}
}
u32 pi0, rw_len0, next0, error0, adj_index0;
u32 pi1, rw_len1, next1, error1, adj_index1;
u32 tx_sw_if_index0, tx_sw_if_index1;
+ bool is_locally_originated0, is_locally_originated1;
/* Prefetch next iteration. */
{
error0 = error1 = IP6_ERROR_NONE;
next0 = next1 = IP6_REWRITE_NEXT_DROP;
- if (PREDICT_TRUE (!(p0->flags & VNET_BUFFER_F_LOCALLY_ORIGINATED)))
+ is_locally_originated0 =
+ p0->flags & VNET_BUFFER_F_LOCALLY_ORIGINATED;
+ if (PREDICT_TRUE (!is_locally_originated0))
{
i32 hop_limit0 = ip0->hop_limit;
{
p0->flags &= ~VNET_BUFFER_F_LOCALLY_ORIGINATED;
}
- if (PREDICT_TRUE (!(p1->flags & VNET_BUFFER_F_LOCALLY_ORIGINATED)))
+ is_locally_originated1 =
+ p1->flags & VNET_BUFFER_F_LOCALLY_ORIGINATED;
+ if (PREDICT_TRUE (!is_locally_originated1))
{
i32 hop_limit1 = ip1->hop_limit;
ip6_mtu_check (p0, clib_net_to_host_u16 (ip0->payload_length) +
sizeof (ip6_header_t),
adj0[0].rewrite_header.max_l3_packet_bytes,
- &next0, &error0);
+ is_locally_originated0, &next0, &error0);
ip6_mtu_check (p1, clib_net_to_host_u16 (ip1->payload_length) +
sizeof (ip6_header_t),
adj1[0].rewrite_header.max_l3_packet_bytes,
- &next1, &error1);
+ is_locally_originated1, &next1, &error1);
/* Don't adjust the buffer for hop count issue; icmp-error node
* wants to see the IP headerr */
u32 pi0, rw_len0;
u32 adj_index0, next0, error0;
u32 tx_sw_if_index0;
+ bool is_locally_originated0;
pi0 = to_next[0] = from[0];
next0 = IP6_REWRITE_NEXT_DROP;
/* Check hop limit */
- if (PREDICT_TRUE (!(p0->flags & VNET_BUFFER_F_LOCALLY_ORIGINATED)))
+ is_locally_originated0 =
+ p0->flags & VNET_BUFFER_F_LOCALLY_ORIGINATED;
+ if (PREDICT_TRUE (!is_locally_originated0))
{
i32 hop_limit0 = ip0->hop_limit;
ip6_mtu_check (p0, clib_net_to_host_u16 (ip0->payload_length) +
sizeof (ip6_header_t),
adj0[0].rewrite_header.max_l3_packet_bytes,
- &next0, &error0);
+ is_locally_originated0, &next0, &error0);
/* Don't adjust the buffer for hop count issue; icmp-error node
* wants to see the IP header */
.name = "ip6-rewrite",
.vector_size = sizeof (u32),
.format_trace = format_ip6_rewrite_trace,
- .n_next_nodes = 2,
+ .n_next_nodes = IP6_REWRITE_N_NEXT,
.next_nodes =
{
[IP6_REWRITE_NEXT_DROP] = "ip6-drop",
[IP6_REWRITE_NEXT_ICMP_ERROR] = "ip6-icmp-error",
+ [IP6_REWRITE_NEXT_FRAGMENT] = "ip6-frag",
},
};
/* *INDENT-ON* */
# n.show2()
self.validate_bytes(str(p[1]), icmp4_reply)
- '''
# Now with DF off. Expect fragments.
# First go with 1500 byte packets.
p_payload = UDP(sport=1234, dport=1234) / self.payload(
p4 = p_ether / p_ip4 / p_payload
p4.flags = 0
p4_reply = p_ip4 / p_payload
- p4_reply.ttl = 62 # check this
+ p4_reply.ttl = 62 # check this
p4_reply.flags = 0
p4_reply.id = 256
self.pg_enable_capture()
self.pg0.add_stream(p4*1)
self.pg_start()
rx = self.pg1.get_capture(3)
- print('RX', len(rx))
reass_pkt = reassemble(rx)
self.validate(reass_pkt, p4_reply)
+
'''
# Now what happens with a 9K frame
- '''
p_payload = UDP(sport=1234, dport=1234) / self.payload(
current_mtu - 20 - 8)
p4 = p_ether / p_ip4 / p_payload
p4_reply.show2()
self.validate(reass_pkt, p4_reply)
'''
+
# Reset MTU
self.vapi.sw_interface_set_mtu(self.pg1.sw_if_index,
[current_mtu, 0, 0, 0])
Code Review / vpp.git / commitdiff