libsixrd_plugin_la_SOURCES = \
sixrd/sixrd.c \
- sixrd/sixrd_dpo.c \
- sixrd/ip4_sixrd.c \
- sixrd/ip6_sixrd.c
+ sixrd/ip4_sixrd.c
noinst_HEADERS += \
sixrd/sixrd.h \
- sixrd/sixrd_dpo.h
+ sixrd/sixrd_all_api_h.h \
+ sixrd/sixrd_msg_enum.h
vppplugins_LTLIBRARIES += libsixrd_plugin.la
+API_FILES += sixrd/sixrd.api
+
# vi:syntax=automake
* limitations under the License.
*---------------------------------------------------------------------------
*/
+
#include "sixrd.h"
-static vlib_node_registration_t ip4_sixrd_node;
+vlib_node_registration_t ip4_sixrd_node;
typedef enum {
IP4_SIXRD_NEXT_IP6_LOOKUP,
IP4_SIXRD_N_NEXT,
} ip4_sixrd_next_t;
+typedef struct {
+ u32 tunnel_id;
+ u32 length;
+ ip4_address_t src;
+ ip4_address_t dst;
+} sixrd_rx_trace_t;
+
+u8 *
+format_sixrd_rx_trace (u8 * s, va_list * args)
+{
+ CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
+ CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
+ sixrd_rx_trace_t *t = va_arg (*args, sixrd_rx_trace_t *);
+
+ s = format (s, "6RD: tunnel %d len %d src %U dst %U",
+ t->tunnel_id, clib_net_to_host_u16 (t->length),
+ format_ip4_address, &t->src, format_ip4_address, &t->dst);
+ return s;
+}
+
/*
* ip4_sixrd_sec_check
*/
static_always_inline void
-ip4_sixrd_sec_check (sixrd_domain_t *d, ip4_address_t sa4, ip6_address_t sa6, u8 *error)
-{
- u32 a = sixrd_get_addr(d, sa6.as_u64[0]);
- clib_warning("Security check: %U %U", format_ip4_address, &a, format_ip4_address, &sa4);
- if (PREDICT_FALSE(sixrd_get_addr(d, sa6.as_u64[0]) != sa4.as_u32))
+ip4_sixrd_sec_check(sixrd_tunnel_t *t, ip4_address_t sa4,
+ ip6_address_t sa6, u8 *error) {
+ if (PREDICT_FALSE(sixrd_get_addr_net(t, sa6.as_u64[0]) != sa4.as_u32))
*error = SIXRD_ERROR_SEC_CHECK;
}
/*
* ip4_sixrd
*/
-static uword
-ip4_sixrd (vlib_main_t *vm,
- vlib_node_runtime_t *node,
- vlib_frame_t *frame)
-{
+uword ip4_sixrd(vlib_main_t *vm, vlib_node_runtime_t *node,
+ vlib_frame_t *frame) {
u32 n_left_from, *from, next_index, *to_next, n_left_to_next;
vlib_node_runtime_t *error_node = vlib_node_get_runtime(vm, ip4_sixrd_node.index);
- u32 decap = 0;
+ vnet_interface_main_t * im = &vnet_get_main()->interface_main;
+ u32 thread_index = vlib_get_thread_index ();
from = vlib_frame_vector_args(frame);
n_left_from = frame->n_vectors;
u32 pi0;
vlib_buffer_t *p0;
u8 error0 = SIXRD_ERROR_NONE;
- sixrd_domain_t *d0 = 0;
+ sixrd_tunnel_t *t0 = 0;
ip4_header_t *ip40;
ip6_header_t *ip60;
- u32 sixrd_domain_index0 = ~0;
- u32 next0;
+ u32 tunnel_sw_if_index = ~0;
+ u32 next0 = IP4_SIXRD_NEXT_DROP;
pi0 = to_next[0] = from[0];
from += 1;
n_left_from -= 1;
- to_next +=1;
+ to_next += 1;
n_left_to_next -= 1;
p0 = vlib_get_buffer(vm, pi0);
/* Throw away anything that isn't IP in IP. */
if (PREDICT_TRUE(ip40->protocol == IP_PROTOCOL_IPV6 && clib_net_to_host_u16(ip40->length) >= 60)) {
- vlib_buffer_advance(p0, sizeof(ip4_header_t));
- ip60 = vlib_buffer_get_current(p0);
- d0 = ip4_sixrd_get_domain(vnet_buffer(p0)->ip.adj_index[VLIB_TX], (ip6_address_t *)&ip60->src_address,
- &sixrd_domain_index0, &error0);
+ vlib_buffer_advance(p0, sizeof(ip4_header_t));
+ t0 = ip4_sixrd_get_tunnel(vnet_buffer(p0)->ip.adj_index[VLIB_TX], (ip4_address_t *)&ip40->dst_address, &error0);
} else {
- error0 = SIXRD_ERROR_BAD_PROTOCOL;
+ error0 = SIXRD_ERROR_BAD_PROTOCOL;
}
- if (d0) {
- /* SIXRD inbound security check */
- ip4_sixrd_sec_check(d0, ip40->src_address, ip60->src_address, &error0);
+
+ if (!t0) {
+ error0 = SIXRD_ERROR_NO_TUNNEL;
+ goto error;
}
- next0 = error0 == SIXRD_ERROR_NONE ? IP4_SIXRD_NEXT_IP6_LOOKUP : IP4_SIXRD_NEXT_DROP;
+ tunnel_sw_if_index = t0->sw_if_index;
- if (PREDICT_FALSE(p0->flags & VLIB_BUFFER_IS_TRACED)) {
- sixrd_trace_t *tr = vlib_add_trace(vm, node, p0, sizeof(*tr));
- tr->sixrd_domain_index = sixrd_domain_index0;
+ /* SIXRD inbound security check */
+ if (t0->security_check) {
+ ip60 = vlib_buffer_get_current(p0);
+ ip4_sixrd_sec_check(t0, ip40->src_address, ip60->src_address, &error0);
}
+ next0 = error0 == SIXRD_ERROR_NONE ? IP4_SIXRD_NEXT_IP6_LOOKUP
+ : IP4_SIXRD_NEXT_DROP;
- p0->error = error_node->errors[error0];
- if (PREDICT_TRUE(error0 == SIXRD_ERROR_NONE)) decap++;
- vlib_validate_buffer_enqueue_x1(vm, node, next_index, to_next, n_left_to_next, pi0, next0);
+ if (PREDICT_FALSE(p0->flags & VLIB_BUFFER_IS_TRACED)) {
+ sixrd_rx_trace_t *tr = vlib_add_trace(vm, node, p0, sizeof(*tr));
+ tr->tunnel_id = tunnel_sw_if_index;
+ tr->length = ip40->length;
+ tr->src.as_u32 = ip40->src_address.as_u32;
+ tr->dst.as_u32 = ip40->dst_address.as_u32;
+ }
+ error:
+ if (PREDICT_TRUE(error0 == SIXRD_ERROR_NONE)) {
+ u32 len = vlib_buffer_length_in_chain (vm, p0);
+ vlib_increment_combined_counter (im->combined_sw_if_counters
+ + VNET_INTERFACE_COUNTER_RX,
+ thread_index,
+ tunnel_sw_if_index,
+ 1 /* packets */ ,
+ len /* bytes */ );
+
+ vnet_buffer (p0)->sw_if_index[VLIB_RX] = tunnel_sw_if_index;
+ } else {
+ p0->error = error_node->errors[error0];
+ }
+ vlib_validate_buffer_enqueue_x1(vm, node, next_index, to_next,
+ n_left_to_next, pi0, next0);
}
vlib_put_next_frame(vm, node, next_index, n_left_to_next);
}
- vlib_node_increment_counter(vm, ip4_sixrd_node.index, SIXRD_ERROR_DECAPSULATED, decap);
-
return frame->n_vectors;
}
static char *sixrd_error_strings[] = {
-#define _(sym,string) string,
- foreach_sixrd_error
+#define _(sym, string) string,
+ foreach_sixrd_error
#undef _
};
-VLIB_REGISTER_NODE(ip4_sixrd_node,static) = {
+VLIB_REGISTER_NODE(ip4_sixrd_node) = {
.function = ip4_sixrd,
.name = "ip4-sixrd",
.vector_size = sizeof(u32),
- .format_trace = format_sixrd_trace,
+ .format_trace = format_sixrd_rx_trace,
.n_errors = SIXRD_N_ERROR,
.error_strings = sixrd_error_strings,
.n_next_nodes = IP4_SIXRD_N_NEXT,
- .next_nodes = {
+ .next_nodes =
+ {
[IP4_SIXRD_NEXT_IP6_LOOKUP] = "ip6-lookup",
[IP4_SIXRD_NEXT_DROP] = "error-drop",
},
+++ /dev/null
-/*---------------------------------------------------------------------------
- * Copyright (c) 2009-2014 Cisco and/or its affiliates.
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at:
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *---------------------------------------------------------------------------
- */
-/*
- * Defines used for testing various optimisation schemes
- */
-#define SIXRD_ENCAP_DUAL 0
-
-#include "sixrd.h"
-
-static vlib_node_registration_t ip6_sixrd_node;
-
-typedef enum {
- IP6_SIXRD_NEXT_IP4_LOOKUP,
- IP6_SIXRD_NEXT_DROP,
- IP6_SIXRD_N_NEXT,
-} ip6_sixrd_next_t;
-
-/*
- * ip6_sixrd
- */
-static uword
-ip6_sixrd (vlib_main_t *vm,
- vlib_node_runtime_t *node,
- vlib_frame_t *frame)
-{
- u32 n_left_from, *from, next_index, *to_next, n_left_to_next;
- vlib_node_runtime_t *error_node = vlib_node_get_runtime(vm, ip6_sixrd_node.index);
- u32 encap = 0;
- from = vlib_frame_vector_args(frame);
- n_left_from = frame->n_vectors;
- next_index = node->cached_next_index;
-
- while (n_left_from > 0) {
- vlib_get_next_frame(vm, node, next_index, to_next, n_left_to_next);
-
- while (n_left_from > 0 && n_left_to_next > 0) {
- u32 pi0;
- vlib_buffer_t *p0;
- sixrd_domain_t *d0;
- u8 error0 = SIXRD_ERROR_NONE;
- ip6_header_t *ip60;
- ip4_header_t *ip4h0;
- u32 next0 = IP6_SIXRD_NEXT_IP4_LOOKUP;
- u32 sixrd_domain_index0 = ~0;
-
- pi0 = to_next[0] = from[0];
- from += 1;
- n_left_from -= 1;
- to_next +=1;
- n_left_to_next -= 1;
-
- p0 = vlib_get_buffer(vm, pi0);
- ip60 = vlib_buffer_get_current(p0);
- // p0->current_length = clib_net_to_host_u16(ip40->length);
- d0 = ip6_sixrd_get_domain(vnet_buffer(p0)->ip.adj_index[VLIB_TX], &sixrd_domain_index0);
- ASSERT(d0);
-
- /* SIXRD calc */
- u64 dal60 = clib_net_to_host_u64(ip60->dst_address.as_u64[0]);
- u32 da40 = sixrd_get_addr(d0, dal60);
- u16 len = clib_net_to_host_u16(ip60->payload_length) + 60;
- if (da40 == 0) error0 = SIXRD_ERROR_UNKNOWN;
-
- /* construct ipv4 header */
- vlib_buffer_advance(p0, - (sizeof(ip4_header_t)));
- ip4h0 = vlib_buffer_get_current(p0);
- vnet_buffer(p0)->sw_if_index[VLIB_TX] = (u32)~0;
- ip4h0->ip_version_and_header_length = 0x45;
- ip4h0->tos = 0;
- ip4h0->length = clib_host_to_net_u16(len);
- ip4h0->fragment_id = 0;
- ip4h0->flags_and_fragment_offset = 0;
- ip4h0->ttl = 0x40;
- ip4h0->protocol = IP_PROTOCOL_IPV6;
- ip4h0->src_address = d0->ip4_src;
- ip4h0->dst_address.as_u32 = clib_host_to_net_u32(da40);
- ip4h0->checksum = ip4_header_checksum(ip4h0);
-
- next0 = error0 == SIXRD_ERROR_NONE ? IP6_SIXRD_NEXT_IP4_LOOKUP : IP6_SIXRD_NEXT_DROP;
-
- if (PREDICT_FALSE(p0->flags & VLIB_BUFFER_IS_TRACED)) {
- sixrd_trace_t *tr = vlib_add_trace(vm, node, p0, sizeof(*tr));
- tr->sixrd_domain_index = sixrd_domain_index0;
- }
-
- p0->error = error_node->errors[error0];
- if (PREDICT_TRUE(error0 == SIXRD_ERROR_NONE)) encap++;
-
- vlib_validate_buffer_enqueue_x1(vm, node, next_index, to_next, n_left_to_next, pi0, next0);
- }
- vlib_put_next_frame(vm, node, next_index, n_left_to_next);
- }
- vlib_node_increment_counter(vm, ip6_sixrd_node.index, SIXRD_ERROR_ENCAPSULATED, encap);
-
- return frame->n_vectors;
-}
-
-static char *sixrd_error_strings[] = {
-#define _(sym,string) string,
- foreach_sixrd_error
-#undef _
-};
-
-VLIB_REGISTER_NODE(ip6_sixrd_node,static) = {
- .function = ip6_sixrd,
- .name = "ip6-sixrd",
- .vector_size = sizeof(u32),
- .format_trace = format_sixrd_trace,
- .n_errors = SIXRD_N_ERROR,
- .error_strings = sixrd_error_strings,
- .n_next_nodes = IP6_SIXRD_N_NEXT,
- .next_nodes = {
- [IP6_SIXRD_NEXT_IP4_LOOKUP] = "ip4-lookup",
- [IP6_SIXRD_NEXT_DROP] = "error-drop",
- },
-};
--- /dev/null
+/*
+ * Copyright (c) 2018 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+option version = "2.0.0";
+
+define sixrd_add_tunnel
+{
+ u32 client_index;
+ u32 context;
+ u32 fib_index;
+ u8 ip6_prefix[16];
+ u8 ip4_prefix[4];
+ u8 ip4_src[4];
+ u8 ip6_prefix_len;
+ u8 ip4_prefix_len;
+ u16 mtu;
+ u8 security_check;
+};
+
+define sixrd_add_tunnel_reply
+{
+ u32 context;
+ u32 sw_if_index;
+ i32 retval;
+};
+
+autoreply define sixrd_del_tunnel
+{
+ u32 client_index;
+ u32 context;
+ u32 sw_if_index;
+};
/*
- * Copyright (c) 2015 Cisco and/or its affiliates.
+ * Copyright (c) 2018 Cisco and/or its affiliates.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at:
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-
-#include "sixrd.h"
-#include <vnet/plugin/plugin.h>
-
-#include <vnet/fib/fib_table.h>
-#include <vnet/fib/ip6_fib.h>
-#include <vnet/adj/adj.h>
-#include <vpp/app/version.h>
-
-/*
+/**
* This code supports the following sixrd modes:
- *
+ *
* 32 EA bits (Complete IPv4 address is embedded):
* ea_bits_len = 32
* IPv4 suffix is embedded:
* ea_bits_len = 0
*/
+#include "sixrd.h"
+#include <vnet/plugin/plugin.h>
+#include <vlibapi/api.h>
+#include <vlibmemory/api.h>
+#include <vnet/adj/adj.h>
+#include <vnet/fib/fib_table.h>
+#include <vnet/fib/ip6_fib.h>
+#include <vnet/adj/adj_midchain.h>
+#include <vnet/adj/adj_delegate.h>
+#include <vnet/dpo/lookup_dpo.h>
+#include <vpp/app/version.h> // Really needed?
+
+/* define message IDs */
+#include "sixrd_msg_enum.h"
+
+/* define message structures */
+#define vl_typedefs
+#include "sixrd_all_api_h.h"
+#undef vl_typedefs
+
+/* define generated endian-swappers */
+#define vl_endianfun
+#include "sixrd_all_api_h.h"
+#undef vl_endianfun
+
+/* instantiate all the print functions we know about */
+#define vl_print(handle, ...) vlib_cli_output(handle, __VA_ARGS__)
+#define vl_printfun
+#include "sixrd_all_api_h.h"
+#undef vl_printfun
+
+/* Get the API version number */
+#define vl_api_version(n, v) static u32 api_version = (v);
+#include "sixrd_all_api_h.h"
+#undef vl_api_version
+
+#define REPLY_MSG_ID_BASE sm->msg_id_base
+#include <vlibapi/api_helper_macros.h>
+
+extern vlib_node_registration_t ip4_sixrd_node;
+
+/**
+ * Adj delegate data
+ */
+typedef struct sixrd_adj_delegate_t_
+{
+ /**
+ * linkage to the adj
+ */
+ u32 adj_index;
+
+ /**
+ * Linnkage to the FIB node graph
+ */
+ fib_node_t sixrd_node;
+
+ /**
+ * tracking of the IPv4 next-hop
+ */
+ fib_node_index_t sixrd_fib_entry_index;
+
+ /**
+ * sibling on the fib-entry
+ */
+ u32 sixrd_sibling;
+} sixrd_adj_delegate_t;
+
+/**
+ * Pool of delegate structs
+ */
+static sixrd_adj_delegate_t *sixrd_adj_delegate_pool;
+
+/**
+ * Adj delegate registered type
+ */
+static adj_delegate_type_t sixrd_adj_delegate_type;
+
+/**
+ * FIB node registered type
+ */
+static fib_node_type_t sixrd_fib_node_type;
+
+static inline sixrd_adj_delegate_t *
+sixrd_adj_from_base (adj_delegate_t * ad)
+{
+ if (NULL == ad)
+ {
+ return (NULL);
+ }
+ return (pool_elt_at_index (sixrd_adj_delegate_pool, ad->ad_index));
+}
+
+static inline const sixrd_adj_delegate_t *
+sixrd_adj_from_const_base (const adj_delegate_t * ad)
+{
+ if (NULL == ad)
+ {
+ return (NULL);
+ }
+ return (pool_elt_at_index (sixrd_adj_delegate_pool, ad->ad_index));
+}
+
sixrd_main_t sixrd_main;
-int
-sixrd_create_domain (ip6_address_t *ip6_prefix,
- u8 ip6_prefix_len,
- ip4_address_t *ip4_prefix,
- u8 ip4_prefix_len,
- ip4_address_t *ip4_src,
- u32 *sixrd_domain_index,
- u16 mtu)
+static void
+sixrd_fixup (vlib_main_t * vm,
+ ip_adjacency_t * adj, vlib_buffer_t * b0, const void *data)
{
- dpo_id_t dpo_v6 = DPO_INVALID, dpo_v4 = DPO_INVALID;
- sixrd_main_t *mm = &sixrd_main;
- fib_node_index_t fei;
- sixrd_domain_t *d;
-
- /* Get domain index */
- pool_get_aligned(mm->domains, d, CLIB_CACHE_LINE_BYTES);
- memset(d, 0, sizeof (*d));
- *sixrd_domain_index = d - mm->domains;
-
- /* Init domain struct */
- d->ip4_prefix.as_u32 = ip4_prefix->as_u32;
- d->ip4_prefix_len = ip4_prefix_len;
- d->ip6_prefix = *ip6_prefix;
- d->ip6_prefix_len = ip6_prefix_len;
- d->ip4_src = *ip4_src;
- d->mtu = mtu;
-
- if (ip4_prefix_len < 32)
- d->shift = 64 - ip6_prefix_len + (32 - ip4_prefix_len);
-
- /* Create IPv6 route/adjacency */
- fib_prefix_t pfx6 = {
- .fp_proto = FIB_PROTOCOL_IP6,
- .fp_len = d->ip6_prefix_len,
- .fp_addr = {
- .ip6 = d->ip6_prefix,
- },
- };
- sixrd_dpo_create(DPO_PROTO_IP6,
- *sixrd_domain_index,
- &dpo_v6);
- fib_table_entry_special_dpo_add(0, &pfx6,
- FIB_SOURCE_SIXRD,
- FIB_ENTRY_FLAG_EXCLUSIVE,
- &dpo_v6);
- dpo_reset (&dpo_v6);
+ ip4_header_t *ip4 = vlib_buffer_get_current (b0);
+ ip6_header_t *ip6 = vlib_buffer_get_current (b0) + sizeof (ip4_header_t);
+ const sixrd_tunnel_t *t = data;
+
+ ip4->length = clib_host_to_net_u16 (vlib_buffer_length_in_chain (vm, b0));
+ ip4->dst_address.as_u32 =
+ sixrd_get_addr_net (t, ip6->dst_address.as_u64[0]);
+ ip4->checksum = ip4_header_checksum (ip4);
+}
+
+static void
+ip6ip_fixup (vlib_main_t * vm,
+ ip_adjacency_t * adj, vlib_buffer_t * b0, const void *data)
+{
+ const sixrd_tunnel_t *t = data;
+ ip4_header_t *ip4 = vlib_buffer_get_current (b0);
+ ip4->length = clib_host_to_net_u16 (vlib_buffer_length_in_chain (vm, b0));
+ ip4->dst_address.as_u32 =
+ sixrd_get_addr_net (t, adj->sub_type.nbr.next_hop.as_u64[0]);
+ ip4->checksum = ip4_header_checksum (ip4);
+}
+
+static sixrd_tunnel_t *
+find_tunnel_by_sw_if_index (u32 sw_if_index)
+{
+ sixrd_main_t *sm = &sixrd_main;
+ u32 ti = sm->tunnel_index_by_sw_if_index[sw_if_index];
+ if (ti == ~0)
+ {
+ clib_warning ("Not our tunnel\n");
+ return (0);
+ }
+ return pool_elt_at_index (sm->tunnels, ti);
+}
+
+static sixrd_tunnel_t *
+find_tunnel (ip6_address_t * ip6_prefix)
+{
+ sixrd_main_t *sm = &sixrd_main;
+ sixrd_tunnel_t *d;
+
+ /* *INDENT-OFF* */
+ pool_foreach (d, sm->tunnels,
+ ({
+ if (!memcmp (&d->ip6_prefix, ip6_prefix, 16))
+ return d;
+ }));
+ /* *INDENT-ON* */
+ return 0;
+}
+
+
+static u8 *
+sixrd_build_rewrite (vnet_main_t * vnm,
+ u32 sw_if_index,
+ vnet_link_t link_type, const void *dst_address)
+{
+ u8 *rewrite = NULL;
+ sixrd_tunnel_t *t;
+
+ t = find_tunnel_by_sw_if_index (sw_if_index);
+ if (!t)
+ {
+ return 0;
+ }
+
+ vec_validate (rewrite, sizeof (ip4_header_t) - 1);
+ ip4_header_t *ip4 = (ip4_header_t *) rewrite;
+ ip4->ip_version_and_header_length = 0x45;
+ ip4->ttl = 64;
+ ip4->protocol = IP_PROTOCOL_IPV6;
+ /* fixup ip4 header length and checksum after-the-fact */
+ ip4->src_address.as_u32 = t->ip4_src.as_u32;
+ ip4->dst_address.as_u32 = 0;
+ ip4->checksum = ip4_header_checksum (ip4);
+
+ return rewrite;
+}
+
+static void
+ip6ip_tunnel_stack (adj_index_t ai, u32 fib_entry_index)
+{
+ sixrd_main_t *sm = &sixrd_main;
+ ip_adjacency_t *adj = adj_get (ai);
+ sixrd_tunnel_t *t;
+ u32 sw_if_index = adj->rewrite_header.sw_if_index;
+
+ if ((vec_len (sm->tunnel_index_by_sw_if_index) < sw_if_index) ||
+ (~0 == sm->tunnel_index_by_sw_if_index[sw_if_index]))
+ return;
+
+ t =
+ pool_elt_at_index (sm->tunnels,
+ sm->tunnel_index_by_sw_if_index[sw_if_index]);
/*
- * Multiple SIXRD domains may share same source IPv4 TEP
- * In this case the route will exist and be SixRD sourced.
- * Find the adj (if any) already contributed and modify it
+ * find the adjacency that is contributed by the FIB entry
+ * that this tunnel resolves via, and use it as the next adj
+ * in the midchain
*/
- fib_prefix_t pfx4 = {
- .fp_proto = FIB_PROTOCOL_IP4,
- .fp_len = 32,
- .fp_addr = {
- .ip4 = d->ip4_src,
- },
+ if (vnet_hw_interface_get_flags (vnet_get_main (), t->hw_if_index) &
+ VNET_HW_INTERFACE_FLAG_LINK_UP)
+ {
+ adj_nbr_midchain_stack (ai,
+ fib_entry_contribute_ip_forwarding
+ (fib_entry_index));
+ }
+ else
+ {
+ adj_nbr_midchain_unstack (ai);
+ }
+}
+
+static void
+sixrd_tunnel_stack (adj_index_t ai, u32 fib_index)
+{
+ dpo_id_t dpo = DPO_INVALID;
+ sixrd_main_t *sm = &sixrd_main;
+ ip_adjacency_t *adj = adj_get (ai);
+ u32 sw_if_index = adj->rewrite_header.sw_if_index;
+
+ if ((vec_len (sm->tunnel_index_by_sw_if_index) < sw_if_index) ||
+ (~0 == sm->tunnel_index_by_sw_if_index[sw_if_index]))
+ return;
+
+ if ((vec_len (sm->tunnel_index_by_sw_if_index) < sw_if_index) ||
+ (sm->tunnel_index_by_sw_if_index[sw_if_index] == ~0))
+ return;
+
+ lookup_dpo_add_or_lock_w_fib_index (fib_index, DPO_PROTO_IP4,
+ LOOKUP_UNICAST, LOOKUP_INPUT_DST_ADDR,
+ LOOKUP_TABLE_FROM_CONFIG, &dpo);
+ adj_nbr_midchain_stack (ai, &dpo);
+}
+
+const static ip46_address_t sixrd_special_nh = {
+ .ip6 = {
+ .as_u64 = {
+ [0] = 0xffffffffffffffff,
+ [1] = 0xffffffffffffffff,
+ },
+ },
+};
+
+static void
+sixrd_update_adj (vnet_main_t * vnm, u32 sw_if_index, adj_index_t ai)
+{
+ ip_adjacency_t *adj = adj_get (ai);
+ sixrd_tunnel_t *t = find_tunnel_by_sw_if_index (sw_if_index);
+
+ if (!memcmp (&sixrd_special_nh,
+ &adj->sub_type.nbr.next_hop, sizeof (sixrd_special_nh)))
+ {
+ adj_nbr_midchain_update_rewrite (ai, sixrd_fixup, t, ADJ_FLAG_NONE,
+ sixrd_build_rewrite (vnm, sw_if_index,
+ adj_get_link_type
+ (ai), NULL));
+ sixrd_tunnel_stack (ai, t->fib_index);
+ }
+ else
+ {
+ sixrd_adj_delegate_t *sixrd_ad;
+ ip4_address_t da4;
+
+ da4.as_u32 =
+ sixrd_get_addr_net (t, adj->sub_type.nbr.next_hop.as_u64[0]);
+
+ fib_prefix_t pfx = {
+ .fp_proto = FIB_PROTOCOL_IP4,
+ .fp_len = 32,
+ .fp_addr = {.ip4 = da4,}
+ ,
+ };
+
+ adj_nbr_midchain_update_rewrite
+ (ai, ip6ip_fixup, t,
+ ADJ_FLAG_NONE,
+ sixrd_build_rewrite (vnm, sw_if_index,
+ adj_get_link_type (ai), NULL));
+
+ sixrd_ad =
+ sixrd_adj_from_base (adj_delegate_get (adj, sixrd_adj_delegate_type));
+ if (NULL == sixrd_ad)
+ {
+ pool_get (sixrd_adj_delegate_pool, sixrd_ad);
+ fib_node_init (&sixrd_ad->sixrd_node, sixrd_fib_node_type);
+ sixrd_ad->adj_index = ai;
+ sixrd_ad->sixrd_fib_entry_index =
+ fib_table_entry_special_add (t->fib_index, &pfx,
+ FIB_SOURCE_RR, FIB_ENTRY_FLAG_NONE);
+ sixrd_ad->sixrd_sibling =
+ fib_entry_child_add (sixrd_ad->sixrd_fib_entry_index,
+ sixrd_fib_node_type,
+ sixrd_ad - sixrd_adj_delegate_pool);
+
+ adj_delegate_add (adj,
+ sixrd_adj_delegate_type,
+ sixrd_ad - sixrd_adj_delegate_pool);
+
+ ip6ip_tunnel_stack (ai, sixrd_ad->sixrd_fib_entry_index);
+ }
+ }
+}
+
+
+clib_error_t *
+sixrd_interface_admin_up_down (vnet_main_t * vnm, u32 hw_if_index, u32 flags)
+{
+ /* Always up */
+ vnet_hw_interface_set_flags (vnm, hw_if_index,
+ VNET_HW_INTERFACE_FLAG_LINK_UP);
+ return /* no error */ 0;
+}
+
+/* *INDENT-OFF* */
+VNET_HW_INTERFACE_CLASS (sixrd_hw_interface_class) =
+{
+ .name = "ip6ip-6rd",
+ .build_rewrite = sixrd_build_rewrite,
+ .update_adjacency = sixrd_update_adj,
+};
+
+VNET_DEVICE_CLASS (sixrd_device_class) =
+{
+ .name = "ip6ip-6rd",
+ .admin_up_down_function = sixrd_interface_admin_up_down,
+#ifdef SOON
+ .clear counter = 0;
+#endif
+};
+/* *INDENT-ON* */
+
+static int
+sixrd_create_tunnel (ip6_address_t * ip6_prefix, u8 ip6_prefix_len,
+ ip4_address_t * ip4_prefix, u8 ip4_prefix_len,
+ ip4_address_t * ip4_src, u16 mtu, bool security_check,
+ u32 fib_index, u32 * sixrd_tunnel_index)
+{
+ sixrd_main_t *sm = &sixrd_main;
+ sixrd_tunnel_t *t;
+
+ if (fib_index == ~0)
+ return VNET_API_ERROR_NO_SUCH_FIB;
+
+ if ((ip6_prefix_len + 32 - ip4_prefix_len) > 64)
+ return VNET_API_ERROR_INVALID_VALUE;
+
+ /* Tunnel already configured */
+ if (find_tunnel (ip6_prefix))
+ return VNET_API_ERROR_INVALID_VALUE;
+ /* Tunnel already configured for this source */
+ if (find_tunnel_by_ip4_address (ip4_src))
+ return VNET_API_ERROR_INVALID_VALUE;
+
+ /* Get tunnel index */
+ pool_get_aligned (sm->tunnels, t, CLIB_CACHE_LINE_BYTES);
+ memset (t, 0, sizeof (*t));
+ t->tunnel_index = t - sm->tunnels;
+
+ /* Init tunnel struct */
+ t->ip4_prefix.as_u32 = ip4_prefix->as_u32;
+ t->ip4_prefix_len = ip4_prefix_len;
+ t->ip6_prefix = *ip6_prefix;
+ t->ip6_prefix_len = ip6_prefix_len;
+ t->ip4_src = *ip4_src;
+ t->mtu = mtu ? mtu : SIXRD_DEFAULT_MTU;
+ t->security_check = security_check;
+
+ t->shift = (ip4_prefix_len < 32) ?
+ 64 - ip6_prefix_len - (32 - ip4_prefix_len) : 0;
+
+ /* Create interface */
+ u32 hw_if_index = vnet_register_interface (vnet_get_main (),
+ sixrd_device_class.index,
+ t->tunnel_index,
+ sixrd_hw_interface_class.index,
+ t->tunnel_index);
+
+ /* Default the interface to up and enable IPv6 (payload) */
+ vnet_hw_interface_t *hi =
+ vnet_get_hw_interface (vnet_get_main (), hw_if_index);
+ t->hw_if_index = hw_if_index;
+ t->fib_index = fib_index;
+ t->sw_if_index = hi->sw_if_index;
+
+ hi->max_l3_packet_bytes[VLIB_RX] = hi->max_l3_packet_bytes[VLIB_TX] =
+ t->mtu;
+
+ vec_validate_init_empty (sm->tunnel_index_by_sw_if_index, hi->sw_if_index,
+ ~0);
+ sm->tunnel_index_by_sw_if_index[hi->sw_if_index] = t->tunnel_index;
+
+ hash_set (sm->tunnel_by_ip, ip4_src->as_u32, t->tunnel_index);
+
+ vnet_hw_interface_set_flags (vnet_get_main (), hw_if_index,
+ VNET_HW_INTERFACE_FLAG_LINK_UP);
+ vnet_sw_interface_set_flags (vnet_get_main (), hi->sw_if_index,
+ VNET_SW_INTERFACE_FLAG_ADMIN_UP);
+
+ /* Create IPv6 route/adjacency */
+ fib_prefix_t pfx6 = {
+ .fp_proto = FIB_PROTOCOL_IP6,
+ .fp_len = t->ip6_prefix_len,
+ .fp_addr = {.ip6 = t->ip6_prefix,}
+ ,
};
- fei = fib_table_lookup_exact_match(0, &pfx4);
-
- if (FIB_NODE_INDEX_INVALID != fei)
- {
- dpo_id_t dpo = DPO_INVALID;
-
- if (fib_entry_get_dpo_for_source (fei, FIB_SOURCE_SIXRD, &dpo))
- {
- /*
- * modify the existing adj to indicate it's shared
- * skip to route add.
- * It is locked to pair with the unlock below.
- */
- const dpo_id_t *sd_dpo;
- sixrd_dpo_t *sd;
-
- ASSERT(DPO_LOAD_BALANCE == dpo.dpoi_type);
-
- sd_dpo = load_balance_get_bucket(dpo.dpoi_index, 0);
- sd = sixrd_dpo_get (sd_dpo->dpoi_index);
-
- sd->sd_domain = ~0;
- dpo_copy (&dpo_v4, sd_dpo);
- dpo_reset (&dpo);
-
- goto route_add;
- }
- }
- /* first time addition of the route */
- sixrd_dpo_create(DPO_PROTO_IP4,
- *sixrd_domain_index,
- &dpo_v4);
-
-route_add:
- /*
- * Create ip4 route. This is a reference counted add. If the prefix
- * already exists and is SixRD sourced, it is now SixRD source n+1 times
- * and will need to be removed n+1 times.
- */
- fib_table_entry_special_dpo_add(0, &pfx4,
- FIB_SOURCE_SIXRD,
- FIB_ENTRY_FLAG_EXCLUSIVE,
- &dpo_v4);
- dpo_reset (&dpo_v4);
+
+ fib_table_entry_update_one_path (fib_index, &pfx6,
+ FIB_SOURCE_CLI, FIB_ENTRY_FLAG_ATTACHED,
+ DPO_PROTO_IP6, &sixrd_special_nh,
+ hi->sw_if_index,
+ ~0, 1, NULL, FIB_ROUTE_PATH_FLAG_NONE);
+
+ *sixrd_tunnel_index = hi->sw_if_index;
+
+ ip4_register_protocol (IP_PROTOCOL_IPV6, ip4_sixrd_node.index);
return 0;
}
/*
- * sixrd_delete_domain
+ * sixrd_delete_tunnel
*/
int
-sixrd_delete_domain (u32 sixrd_domain_index)
+sixrd_delete_tunnel (u32 sw_if_index)
{
- sixrd_main_t *mm = &sixrd_main;
- sixrd_domain_t *d;
-
- if (pool_is_free_index(mm->domains, sixrd_domain_index)) {
- clib_warning("SIXRD domain delete: domain does not exist: %d",
- sixrd_domain_index);
- return -1;
- }
-
- d = pool_elt_at_index(mm->domains, sixrd_domain_index);
-
- fib_prefix_t pfx = {
- .fp_proto = FIB_PROTOCOL_IP4,
- .fp_len = 32,
- .fp_addr = {
- .ip4 = d->ip4_src,
- },
- };
- fib_table_entry_special_remove(0, &pfx, FIB_SOURCE_SIXRD);
+ sixrd_main_t *sm = &sixrd_main;
+ sixrd_tunnel_t *t = find_tunnel_by_sw_if_index (sw_if_index);
+
+ if (!t)
+ {
+ clib_warning ("SIXRD tunnel delete: tunnel does not exist: %d",
+ sw_if_index);
+ return -1;
+ }
fib_prefix_t pfx6 = {
- .fp_proto = FIB_PROTOCOL_IP6,
- .fp_len = d->ip6_prefix_len,
- .fp_addr = {
- .ip6 = d->ip6_prefix,
- },
+ .fp_proto = FIB_PROTOCOL_IP6,
+ .fp_len = t->ip6_prefix_len,
+ .fp_addr = {.ip6 = t->ip6_prefix,}
+ ,
};
- fib_table_entry_special_remove(0, &pfx6, FIB_SOURCE_SIXRD);
+ fib_table_entry_special_remove (0, &pfx6, FIB_SOURCE_CLI);
+ vnet_sw_interface_set_flags (vnet_get_main (), t->sw_if_index,
+ 0 /* down */ );
+
+ sm->tunnel_index_by_sw_if_index[t->sw_if_index] = ~0;
+
+ hash_unset (sm->tunnel_by_ip, t->ip4_src.as_u32);
- pool_put(mm->domains, d);
+ vnet_delete_hw_interface (vnet_get_main (), t->hw_if_index);
+
+ pool_put (sm->tunnels, t);
return 0;
}
static clib_error_t *
-sixrd_add_domain_command_fn (vlib_main_t *vm,
- unformat_input_t *input,
- vlib_cli_command_t *cmd)
+sixrd_add_del_tunnel_command_fn (vlib_main_t * vm,
+ unformat_input_t * input,
+ vlib_cli_command_t * cmd)
{
unformat_input_t _line_input, *line_input = &_line_input;
ip4_address_t ip4_prefix;
ip6_address_t ip6_prefix;
ip4_address_t ip4_src;
- u32 ip6_prefix_len=0, ip4_prefix_len=0, sixrd_domain_index;
+ u32 ip6_prefix_len = 0, ip4_prefix_len = 0, sixrd_tunnel_index;
u32 num_m_args = 0;
/* Optional arguments */
u32 mtu = 0;
+ u32 fib_index = 0;
clib_error_t *error = 0;
+ bool is_add = true, security_check = false;
/* Get a line of input. */
- if (!unformat_user(input, unformat_line_input, line_input))
+ if (!unformat_user (input, unformat_line_input, line_input))
return 0;
- while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT) {
- if (unformat(line_input, "ip6-pfx %U/%d", unformat_ip6_address, &ip6_prefix, &ip6_prefix_len))
- num_m_args++;
- else if (unformat(line_input, "ip4-pfx %U/%d", unformat_ip4_address, &ip4_prefix, &ip4_prefix_len))
- num_m_args++;
- else if (unformat(line_input, "ip4-src %U", unformat_ip4_address, &ip4_src))
- num_m_args++;
- else if (unformat(line_input, "mtu %d", &mtu))
- num_m_args++;
- else {
- error = clib_error_return(0, "unknown input `%U'",
- format_unformat_error, line_input);
- goto done;
+ while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
+ {
+ if (unformat (line_input, "del"))
+ is_add = false;
+ if (unformat (line_input, "security-check"))
+ security_check = true;
+ else
+ if (unformat
+ (line_input, "ip6-pfx %U/%d", unformat_ip6_address, &ip6_prefix,
+ &ip6_prefix_len))
+ num_m_args++;
+ else if (unformat (line_input, "ip4-pfx %U/%d", unformat_ip4_address,
+ &ip4_prefix, &ip4_prefix_len))
+ num_m_args++;
+ else
+ if (unformat
+ (line_input, "ip4-src %U", unformat_ip4_address, &ip4_src))
+ num_m_args++;
+ else if (unformat (line_input, "mtu %d", &mtu))
+ num_m_args++;
+ else if (unformat (line_input, "fib-id %d", &fib_index))
+ ;
+ else
+ {
+ error =
+ clib_error_return (0, "unknown input `%U'", format_unformat_error,
+ line_input);
+ goto done;
+ }
}
- }
-
- if (num_m_args < 3) {
- error = clib_error_return(0, "mandatory argument(s) missing");
- goto done;
- }
- sixrd_create_domain(&ip6_prefix, ip6_prefix_len, &ip4_prefix, ip4_prefix_len,
- &ip4_src, &sixrd_domain_index, mtu);
+ if (num_m_args < 3)
+ {
+ error = clib_error_return (0, "mandatory argument(s) missing");
+ goto done;
+ }
+ if (is_add)
+ {
+ int rv = sixrd_create_tunnel (&ip6_prefix, ip6_prefix_len, &ip4_prefix,
+ ip4_prefix_len, &ip4_src, mtu,
+ security_check,
+ fib_index, &sixrd_tunnel_index);
+ if (rv)
+ error = clib_error_return (0, "adding tunnel failed");
+ }
+ else
+ {
+ sixrd_tunnel_t *t = find_tunnel (&ip6_prefix);
+ if (t)
+ {
+ sixrd_delete_tunnel (t->sw_if_index);
+ }
+ }
done:
unformat_free (line_input);
return error;
}
-static clib_error_t *
-sixrd_del_domain_command_fn (vlib_main_t *vm,
- unformat_input_t *input,
- vlib_cli_command_t *cmd)
+/* *INDENT-OFF* */
+VLIB_CLI_COMMAND (sixrd_add_del_tunnel_command, static) =
{
- unformat_input_t _line_input, *line_input = &_line_input;
- u32 num_m_args = 0;
- u32 sixrd_domain_index;
- clib_error_t *error = 0;
-
- /* Get a line of input. */
- if (! unformat_user(input, unformat_line_input, line_input))
- return 0;
-
- while (unformat_check_input(line_input) != UNFORMAT_END_OF_INPUT) {
- if (unformat(line_input, "index %d", &sixrd_domain_index))
- num_m_args++;
- else {
- error = clib_error_return(0, "unknown input `%U'",
- format_unformat_error, line_input);
- goto done;
- }
- }
+ .path = "create 6rd tunnel",
+ .short_help = "create 6rd tunnel ip6-pfx <ip6-pfx> ip4-pfx <ip4-pfx> "
+ "ip4-src <ip4-addr> [del]",
+ .function = sixrd_add_del_tunnel_command_fn,
+};
+/* *INDENT-ON* */
- if (num_m_args != 1) {
- error = clib_error_return(0, "mandatory argument(s) missing");
- goto done;
- }
+static void
+vl_api_sixrd_add_tunnel_t_handler (vl_api_sixrd_add_tunnel_t * mp)
+{
+ sixrd_main_t *sm = &sixrd_main;
+ vl_api_sixrd_add_tunnel_reply_t *rmp;
+ u32 sixrd_tunnel_index;
+
+ int rv = sixrd_create_tunnel ((ip6_address_t *) & mp->ip6_prefix,
+ mp->ip6_prefix_len,
+ (ip4_address_t *) & mp->ip4_prefix,
+ mp->ip4_prefix_len,
+ (ip4_address_t *) & mp->ip4_src,
+ ntohs (mp->mtu),
+ mp->security_check, ntohl (mp->fib_index),
+ &sixrd_tunnel_index);
+
+ REPLY_MACRO2 (VL_API_SIXRD_ADD_TUNNEL_REPLY, (
+ {
+ rmp->sw_if_index =
+ htonl (sixrd_tunnel_index);
+ }));
+}
- sixrd_delete_domain(sixrd_domain_index);
+static void
+vl_api_sixrd_del_tunnel_t_handler (vl_api_sixrd_del_tunnel_t * mp)
+{
+ sixrd_main_t *sm = &sixrd_main;
+ vl_api_sixrd_del_tunnel_reply_t *rmp;
-done:
- unformat_free (line_input);
+ int rv = sixrd_delete_tunnel (ntohl (mp->sw_if_index));
- return error;
+ REPLY_MACRO (VL_API_SIXRD_DEL_TUNNEL_REPLY);
}
-static u8 *
-format_sixrd_domain (u8 *s, va_list *args)
+/* List of message types that this plugin understands */
+
+#define foreach_sixrd_plugin_api_msg \
+_(SIXRD_ADD_TUNNEL, sixrd_add_tunnel) \
+_(SIXRD_DEL_TUNNEL, sixrd_del_tunnel)
+
+/* *INDENT-OFF* */
+VLIB_PLUGIN_REGISTER() = {
+ .version = VPP_BUILD_VER,
+ .description = "IPv6 Rapid Deployment on IPv4 Infrastructure (RFC5969)",
+};
+/* *INDENT-ON* */
+
+/**
+ * @brief Set up the API message handling tables.
+ */
+static clib_error_t *
+sixrd_plugin_api_hookup (vlib_main_t * vm)
{
- sixrd_domain_t *d = va_arg(*args, sixrd_domain_t *);
- sixrd_main_t *mm = &sixrd_main;
+ sixrd_main_t *sm = &sixrd_main;
- s = format(s,
- "[%d] ip6-pfx %U/%d ip4-pfx %U/%d ip4-src %U mtu %d",
- d - mm->domains,
- format_ip6_address, &d->ip6_prefix, d->ip6_prefix_len,
- format_ip4_address, &d->ip4_prefix, d->ip4_prefix_len,
- format_ip4_address, &d->ip4_src, d->mtu);
+#define _(N, n) \
+ vl_msg_api_set_handlers((VL_API_##N + sm->msg_id_base), #n, \
+ vl_api_##n##_t_handler, vl_noop_handler, \
+ vl_api_##n##_t_endian, vl_api_##n##_t_print, \
+ sizeof(vl_api_##n##_t), 1);
+ foreach_sixrd_plugin_api_msg;
+#undef _
- return s;
+ return 0;
}
-static clib_error_t *
-show_sixrd_domain_command_fn (vlib_main_t *vm, unformat_input_t *input, vlib_cli_command_t *cmd)
+#define vl_msg_name_crc_list
+#include "sixrd_all_api_h.h"
+#undef vl_msg_name_crc_list
+
+static void
+setup_message_id_table (sixrd_main_t * sm, api_main_t * am)
{
- sixrd_main_t *mm = &sixrd_main;
- sixrd_domain_t *d;
+#define _(id, n, crc) \
+ vl_msg_api_add_msg_name_crc(am, #n "_" #crc, id + sm->msg_id_base);
+ foreach_vl_msg_name_crc_sixrd;
+#undef _
+}
- if (pool_elts(mm->domains) == 0)
- vlib_cli_output(vm, "No SIXRD domains are configured...");
+static void
+sixrd_adj_delegate_adj_deleted (adj_delegate_t * aed)
+{
+ sixrd_adj_delegate_t *sixrd_ad;
- pool_foreach(d, mm->domains, ({vlib_cli_output(vm, "%U", format_sixrd_domain, d);}));
+ sixrd_ad = sixrd_adj_from_base (aed);
- return 0;
+ fib_entry_child_remove (sixrd_ad->sixrd_fib_entry_index,
+ sixrd_ad->sixrd_sibling);
+ fib_table_entry_delete_index (sixrd_ad->sixrd_fib_entry_index,
+ FIB_SOURCE_RR);
+ pool_put (sixrd_adj_delegate_pool, sixrd_ad);
}
-static clib_error_t *
-show_sixrd_stats_command_fn (vlib_main_t *vm, unformat_input_t *input, vlib_cli_command_t *cmd)
+static u8 *
+sixrd_adj_delegate_format (const adj_delegate_t * aed, u8 * s)
{
- sixrd_main_t *mm = &sixrd_main;
- sixrd_domain_t *d;
- int domains = 0, domaincount = 0;
- if (pool_elts (mm->domains) == 0)
- vlib_cli_output (vm, "No SIXRD domains are configured...");
-
- pool_foreach(d, mm->domains, ({
- domains += sizeof(*d);
- domaincount++;
- }));
+ const sixrd_adj_delegate_t *sixrd_ad;
- vlib_cli_output(vm, "SIXRD domains structure: %d\n", sizeof (sixrd_domain_t));
- vlib_cli_output(vm, "SIXRD domains: %d (%d bytes)\n", domaincount, domains);
+ sixrd_ad = sixrd_adj_from_const_base (aed);
- return 0;
+ s = format (s, "SIXRD:[fib-entry:%d]", sixrd_ad->sixrd_fib_entry_index);
+
+ return (s);
}
-/*
- * packet trace format function
- */
-u8 *
-format_sixrd_trace (u8 *s, va_list *args)
+static void
+sixrd_fib_node_last_lock_gone (fib_node_t * node)
+{
+ // top of the dependency tree, locks not managed here.
+}
+
+static sixrd_adj_delegate_t *
+sixrd_adj_delegate_from_fib_node (fib_node_t * node)
+{
+ return ((sixrd_adj_delegate_t *) (((char *) node) -
+ STRUCT_OFFSET_OF (sixrd_adj_delegate_t,
+ sixrd_node)));
+}
+
+static fib_node_back_walk_rc_t
+sixrd_fib_node_back_walk_notify (fib_node_t * node,
+ fib_node_back_walk_ctx_t * ctx)
{
- CLIB_UNUSED(vlib_main_t *vm) = va_arg (*args, vlib_main_t *);
- CLIB_UNUSED(vlib_node_t *node) = va_arg (*args, vlib_node_t *);
- sixrd_trace_t *t = va_arg (*args, sixrd_trace_t *);
- u32 sixrd_domain_index = t->sixrd_domain_index;
+ sixrd_adj_delegate_t *sixrd_ad;
- s = format(s, "SIXRD domain index: %d", sixrd_domain_index);
+ sixrd_ad = sixrd_adj_delegate_from_fib_node (node);
- return s;
+ ip6ip_tunnel_stack (sixrd_ad->adj_index, sixrd_ad->sixrd_fib_entry_index);
+
+ return (FIB_NODE_BACK_WALK_CONTINUE);
}
-VLIB_CLI_COMMAND(sixrd_add_domain_command, static) = {
- .path = "sixrd add domain",
- .short_help =
- "sixrd add domain ip6-pfx <ip6-pfx> ip4-pfx <ip4-pfx> ip4-src <ip4-addr>",
- .function = sixrd_add_domain_command_fn,
-};
+/**
+ * Function definition to get a FIB node from its index
+ */
+static fib_node_t *
+sixrd_fib_node_get (fib_node_index_t index)
+{
+ sixrd_adj_delegate_t *sixrd_ad;
-VLIB_CLI_COMMAND(sixrd_del_command, static) = {
- .path = "sixrd del domain",
- .short_help =
- "sixrd del domain index <domain>",
- .function = sixrd_del_domain_command_fn,
-};
+ sixrd_ad = pool_elt_at_index (sixrd_adj_delegate_pool, index);
-VLIB_CLI_COMMAND(show_sixrd_domain_command, static) = {
- .path = "show sixrd domain",
- .function = show_sixrd_domain_command_fn,
-};
+ return (&sixrd_ad->sixrd_node);
+}
-VLIB_CLI_COMMAND(show_sixrd_stats_command, static) = {
- .path = "show sixrd stats",
- .function = show_sixrd_stats_command_fn,
+/**
+ * VFT registered with the adjacency delegate
+ */
+const static adj_delegate_vft_t sixrd_adj_delegate_vft = {
+ .adv_adj_deleted = sixrd_adj_delegate_adj_deleted,
+ .adv_format = sixrd_adj_delegate_format,
};
-/* *INDENT-OFF* */
-VLIB_PLUGIN_REGISTER () ={
- .version = VPP_BUILD_VER,
- .description = "IPv6 Rapid Deployment on IPv4 Infrastructure (RFC5969)",
+/**
+ * VFT registered with the FIB node for the adj delegate
+ */
+const static fib_node_vft_t sixrd_fib_node_vft = {
+ .fnv_get = sixrd_fib_node_get,
+ .fnv_last_lock = sixrd_fib_node_last_lock_gone,
+ .fnv_back_walk = sixrd_fib_node_back_walk_notify,
};
-/* *INDENT-ON* */
-static clib_error_t * sixrd_init (vlib_main_t * vm)
+static clib_error_t *
+sixrd_init (vlib_main_t * vm)
{
- sixrd_main_t *mm = &sixrd_main;
+ sixrd_main_t *sm = &sixrd_main;
+ clib_error_t *error = 0;
+ u8 *name;
+
+ name = format (0, "sixrd_%08x%c", api_version, 0);
+
+ sm->msg_id_base =
+ vl_msg_api_get_msg_ids ((char *) name, VL_MSG_FIRST_AVAILABLE);
+ vec_free (name);
+ error = sixrd_plugin_api_hookup (vm);
- mm->vnet_main = vnet_get_main();
- mm->vlib_main = vm;
+ setup_message_id_table (sm, &api_main);
- sixrd_dpo_module_init ();
+ sixrd_adj_delegate_type =
+ adj_delegate_register_new_type (&sixrd_adj_delegate_vft);
+ sixrd_fib_node_type = fib_node_register_new_type (&sixrd_fib_node_vft);
- return (NULL);
+ return error;
}
VLIB_INIT_FUNCTION (sixrd_init);
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
*---------------------------------------------------------------------------
*/
#include <stdbool.h>
-#include <vppinfra/error.h>
-#include <vnet/vnet.h>
-#include <vnet/ip/ip.h>
#include <vnet/fib/ip6_fib.h>
+#include <vnet/ip/ip.h>
+#include <vnet/vnet.h>
+#include <vppinfra/error.h>
-#include "sixrd_dpo.h"
-
-int sixrd_create_domain(ip6_address_t *ip6_prefix, u8 ip6_prefix_len,
- ip4_address_t *ip4_prefix, u8 ip4_prefix_len,
- ip4_address_t *ip4_src, u32 *sixrd_domain_index, u16 mtu);
-int sixrd_delete_domain(u32 sixrd_domain_index);
-u8 *format_sixrd_trace(u8 *s, va_list *args);
+#define SIXRD_DEFAULT_MTU 1480 /* 1500 - IPv4 header */
-typedef struct {
+typedef struct
+{
+ u32 fib_index;
+ u32 hw_if_index;
+ u32 sw_if_index;
+ u32 tunnel_index;
ip6_address_t ip6_prefix;
ip4_address_t ip4_prefix;
ip4_address_t ip4_src;
u8 shift;
u16 mtu;
-} sixrd_domain_t;
+ bool security_check;
+} sixrd_tunnel_t;
+
+typedef struct
+{
+ u16 msg_id_base;
-typedef struct {
/* pool of SIXRD domains */
- sixrd_domain_t *domains;
+ sixrd_tunnel_t *tunnels;
+ u32 *tunnel_index_by_sw_if_index;
+ uword *tunnel_by_ip;
- /* convenience */
- vlib_main_t *vlib_main;
- vnet_main_t *vnet_main;
} sixrd_main_t;
-#define foreach_sixrd_error \
- /* Must be first. */ \
- _(NONE, "valid SIXRD packets") \
- _(BAD_PROTOCOL, "bad protocol") \
- _(WRONG_ICMP_TYPE, "wrong icmp type") \
- _(SEC_CHECK, "security check failed") \
- _(ICMP, "unable to translate ICMP") \
- _(UNKNOWN, "unknown") \
- _(NO_DOMAIN, "no domain") \
- _(ENCAPSULATED, "encapsulated") \
- _(DECAPSULATED, "decapsulated") \
- _(TRANSLATED_4TO6, "translated 4 to 6") \
- _(TRANSLATED_6TO4, "translated 6 to 4") \
- _(FRAGMENT, "fragment handling error") \
- _(FRAGMENT_QUEUED, "dropped, missing first fragment") \
- _(FRAGMENTED, "packets requiring fragmentation") \
- _(FRAGMENT_PARTS, "fragment parts") \
- _(MALFORMED, "malformed packet")
-
-typedef enum {
-#define _(sym,str) SIXRD_ERROR_##sym,
- foreach_sixrd_error
-#undef _
- SIXRD_N_ERROR,
- } sixrd_error_t;
+#define foreach_sixrd_error \
+ /* Must be first. */ \
+ _(NONE, "valid SIXRD packets") \
+ _(BAD_PROTOCOL, "bad protocol") \
+ _(SEC_CHECK, "security check failed") \
+ _(NO_TUNNEL, "no tunnel")
-typedef struct {
- u32 sixrd_domain_index;
-} sixrd_trace_t;
+
+typedef enum
+{
+#define _(sym, str) SIXRD_ERROR_##sym,
+ foreach_sixrd_error
+#undef _
+ SIXRD_N_ERROR,
+} sixrd_error_t;
extern sixrd_main_t sixrd_main;
* sixrd_get_addr
*/
static_always_inline u32
-sixrd_get_addr (sixrd_domain_t *d, u64 dal)
+sixrd_get_addr_net (const sixrd_tunnel_t * t, u64 dal)
{
-
/* 1:1 mode */
- if (d->ip4_prefix_len == 32) return (d->ip4_prefix.as_u32);
-
- /* Grab 32 - ip4_prefix_len bits out of IPv6 address from offset ip6_prefix_len */
- return (d->ip4_prefix.as_u32 | (u32)(dal >> d->shift));
+ if (t->ip4_prefix_len == 32)
+ return (t->ip4_prefix.as_u32);
+
+ dal = clib_net_to_host_u64 (dal);
+
+ /* Grab 32 - ip4_prefix_len bits out of IPv6 address from offset
+ * ip6_prefix_len */
+ u32 mask = ~(~0ULL << (32 - t->ip4_prefix_len));
+ u32 ip4 =
+ clib_net_to_host_u32 (t->
+ ip4_prefix.as_u32) | ((u32) (dal >> t->
+ shift) & mask);
+ return clib_host_to_net_u32 (ip4);
}
-/*
- * Get the SIXRD domain from an IPv6 lookup adjacency.
- */
-static_always_inline sixrd_domain_t *
-ip6_sixrd_get_domain (u32 sdi, u32 *sixrd_domain_index)
+static_always_inline sixrd_tunnel_t *
+find_tunnel_by_ip4_address (ip4_address_t * ip)
{
- sixrd_main_t *mm = &sixrd_main;
- sixrd_dpo_t *sd;
-
- sd = sixrd_dpo_get(sdi);
-
- ASSERT(sd);
- *sixrd_domain_index = sd->sd_domain;
- return pool_elt_at_index(mm->domains, *sixrd_domain_index);
+ sixrd_main_t *sm = &sixrd_main;
+ uword *p;
+ p = hash_get (sm->tunnel_by_ip, ip->as_u32);
+ if (!p)
+ return NULL;
+ return pool_elt_at_index (sm->tunnels, p[0]);
}
-/*
- * Get the SIXRD domain from an IPv4 lookup adjacency.
- * If the IPv4 address is not shared, no lookup is required.
- * The IPv6 address is used otherwise.
- */
-static_always_inline sixrd_domain_t *
-ip4_sixrd_get_domain (u32 sdi, ip6_address_t *addr,
- u32 *sixrd_domain_index, u8 *error)
+static_always_inline sixrd_tunnel_t *
+ip4_sixrd_get_tunnel (u32 sdi, ip4_address_t * addr, u8 * error)
{
- sixrd_main_t *mm = &sixrd_main;
- sixrd_dpo_t *sd;
-
- sd = sixrd_dpo_get(sdi);
- *sixrd_domain_index = sd->sd_domain;
- if (*sixrd_domain_index != ~0)
- return pool_elt_at_index(mm->domains, *sixrd_domain_index);
-
- u32 lbi = ip6_fib_table_fwding_lookup(&ip6_main, 0, addr);
- const dpo_id_t *dpo = load_balance_get_bucket(lbi, 0);
- if (PREDICT_TRUE(dpo->dpoi_type == sixrd_dpo_type))
+ sixrd_tunnel_t *t = find_tunnel_by_ip4_address (addr);
+ if (!t)
{
- sd = sixrd_dpo_get(dpo->dpoi_index);
- *sixrd_domain_index = sd->sd_domain;
- return pool_elt_at_index(mm->domains, *sixrd_domain_index);
+ *error = SIXRD_ERROR_NO_TUNNEL;
+ return NULL;
}
- *error = SIXRD_ERROR_NO_DOMAIN;
- return NULL;
+ return t;
}
+
+/*
+ * fd.io coding-style-patch-verification: ON
+ *
+ * Local Variables:
+ * eval: (c-set-style "gnu")
+ * End:
+ */
--- /dev/null
+/*
+ * Copyright (c) 2016 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+/* Include the generated file, see BUILT_SOURCES in Makefile.am */
+#include <sixrd/sixrd.api.h>
+++ /dev/null
-/*
- * Copyright (c) 2016 Cisco and/or its affiliates.
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at:
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include "sixrd_dpo.h"
-#include <vnet/ip/ip.h>
-
-/**
- * pool of all MPLS Label DPOs
- */
-sixrd_dpo_t *sixrd_dpo_pool;
-
-/**
- * The register SIXRD DPO type
- */
-dpo_type_t sixrd_dpo_type;
-
-static sixrd_dpo_t *
-sixrd_dpo_alloc (void)
-{
- sixrd_dpo_t *sd;
-
- pool_get_aligned(sixrd_dpo_pool, sd, CLIB_CACHE_LINE_BYTES);
- memset(sd, 0, sizeof(*sd));
-
- return (sd);
-}
-
-static index_t
-sixrd_dpo_get_index (sixrd_dpo_t *sd)
-{
- return (sd - sixrd_dpo_pool);
-}
-
-void
-sixrd_dpo_create (dpo_proto_t dproto,
- u32 domain_index,
- dpo_id_t *dpo)
-{
- sixrd_dpo_t *sd;
-
- sd = sixrd_dpo_alloc();
- sd->sd_domain = domain_index;
- sd->sd_proto = dproto;
-
- dpo_set(dpo,
- sixrd_dpo_type,
- dproto,
- sixrd_dpo_get_index(sd));
-}
-
-u8*
-format_sixrd_dpo (u8 *s, va_list *args)
-{
- index_t index = va_arg (*args, index_t);
- CLIB_UNUSED(u32 indent) = va_arg (*args, u32);
- sixrd_dpo_t *sd;
-
- sd = sixrd_dpo_get(index);
-
- return (format(s, "sixrd:[%d]:%U domain:%d",
- index,
- format_dpo_proto, sd->sd_proto,
- sd->sd_domain));
-}
-
-
-static void
-sixrd_dpo_lock (dpo_id_t *dpo)
-{
- sixrd_dpo_t *sd;
-
- sd = sixrd_dpo_get(dpo->dpoi_index);
-
- sd->sd_locks++;
-}
-
-static void
-sixrd_dpo_unlock (dpo_id_t *dpo)
-{
- sixrd_dpo_t *sd;
-
- sd = sixrd_dpo_get(dpo->dpoi_index);
-
- sd->sd_locks--;
-
- if (0 == sd->sd_locks)
- {
- pool_put(sixrd_dpo_pool, sd);
- }
-}
-
-const static dpo_vft_t sd_vft = {
- .dv_lock = sixrd_dpo_lock,
- .dv_unlock = sixrd_dpo_unlock,
- .dv_format = format_sixrd_dpo,
-};
-
-const static char* const sixrd_ip4_nodes[] =
-{
- "ip4-sixrd",
- NULL,
-};
-const static char* const sixrd_ip6_nodes[] =
-{
- "ip6-sixrd",
- NULL,
-};
-
-const static char* const * const sixrd_nodes[DPO_PROTO_NUM] =
-{
- [DPO_PROTO_IP4] = sixrd_ip4_nodes,
- [DPO_PROTO_IP6] = sixrd_ip6_nodes,
- [DPO_PROTO_MPLS] = NULL,
-};
-
-void
-sixrd_dpo_module_init (void)
-{
- sixrd_dpo_type = dpo_register_new_type(&sd_vft, sixrd_nodes);
-}
+++ /dev/null
-/*
- * Copyright (c) 2016 Cisco and/or its affiliates.
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at:
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __SIXRD_DPO_H__
-#define __SIXRD_DPO_H__
-
-#include <vnet/vnet.h>
-#include <vnet/dpo/dpo.h>
-
-/**
- * A representation of a 6RD DPO
- */
-typedef struct sixrd_dpo_t
-{
- /**
- * The dat-plane protocol
- */
- dpo_proto_t sd_proto;
-
- /**
- * the SIXRD domain index
- */
- u32 sd_domain;
-
- /**
- * Number of locks/users of the label
- */
- u16 sd_locks;
-} sixrd_dpo_t;
-
-extern void sixrd_dpo_create (dpo_proto_t dproto,
- u32 domain_index,
- dpo_id_t *dpo);
-
-/*
- * Encapsulation violation for fast data-path access
- */
-extern sixrd_dpo_t *sixrd_dpo_pool;
-extern dpo_type_t sixrd_dpo_type;
-
-static inline sixrd_dpo_t *
-sixrd_dpo_get (index_t index)
-{
- return (pool_elt_at_index(sixrd_dpo_pool, index));
-}
-
-extern void sixrd_dpo_module_init(void);
-
-#endif
--- /dev/null
+/*
+ * Copyright (c) 2016 Cisco and/or its affiliates.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#ifndef included_sixrd_msg_enum_h
+#define included_sixrd_msg_enum_h
+
+#include <vppinfra/byte_order.h>
+
+#define vl_msg_id(n,h) n,
+typedef enum {
+#include <sixrd/sixrd_all_api_h.h>
+ /* We'll want to know how many messages IDs we need... */
+ VL_MSG_FIRST_AVAILABLE,
+} vl_msg_id_t;
+#undef vl_msg_id
+
+#endif
adj_delegate_type_t fdt,
index_t adi);
-
/**
* @brief Get a delegate from an adjacency
*
*/
adj_index_t
adj_glean_add_or_lock (fib_protocol_t proto,
+ vnet_link_t linkt,
u32 sw_if_index,
const ip46_address_t *nh_addr)
{
adj->lookup_next_index = IP_LOOKUP_NEXT_GLEAN;
adj->ia_nh_proto = proto;
+ adj->ia_link = linkt;
adj_gleans[proto][sw_if_index] = adj_get_index(adj);
if (NULL != nh_addr)
{
adj->sub_type.glean.receive_addr = *nh_addr;
}
+ else
+ {
+ adj->sub_type.glean.receive_addr = zero_addr;
+ }
adj->rewrite_header.sw_if_index = sw_if_index;
adj->rewrite_header.data_bytes = 0;
+ adj->rewrite_header.max_l3_packet_bytes =
+ vnet_sw_interface_get_mtu(vnet_get_main(), sw_if_index, VLIB_TX);
+
adj_lock(adj_get_index(adj));
vnet_update_adjacency_for_sw_interface(vnet_get_main(),
* as the source address in packets when the ARP/ND packet is sent
*/
extern adj_index_t adj_glean_add_or_lock(fib_protocol_t proto,
+ vnet_link_t linkt,
u32 sw_if_index,
const ip46_address_t *nh_addr);
s = format (s, "DELETED:%d", rw->sw_if_index);
}
+ s = format (s, " mtu:%d", rw->max_l3_packet_bytes);
+
/* Format rewrite string. */
if (rw->data_bytes > 0)
s = format (s, " %U",
* IPv[46] Mapping
*/
FIB_SOURCE_MAP,
- /**
- * SIXRD
- */
- FIB_SOURCE_SIXRD,
/**
* DHCP
*/
[FIB_SOURCE_ADJ] = "adjacency", \
[FIB_SOURCE_MAP] = "MAP", \
[FIB_SOURCE_SR] = "SR", \
- [FIB_SOURCE_SIXRD] = "SixRD", \
[FIB_SOURCE_LISP] = "LISP", \
[FIB_SOURCE_CLASSIFY] = "classify", \
[FIB_SOURCE_DHCP] = "DHCP", \
{
fib_entry_src_register(FIB_SOURCE_SPECIAL, &special_src_vft);
fib_entry_src_register(FIB_SOURCE_MAP, &special_src_vft);
- fib_entry_src_register(FIB_SOURCE_SIXRD, &special_src_vft);
fib_entry_src_register(FIB_SOURCE_CLASSIFY, &special_src_vft);
fib_entry_src_register(FIB_SOURCE_AE, &special_src_vft);
fib_entry_src_register(FIB_SOURCE_PROXY, &special_src_vft);
else
{
return (adj_glean_add_or_lock(dpo_proto_to_fib(path->fp_nh_proto),
+ link,
path->attached.fp_interface,
NULL));
}
if (adj->lookup_next_index == IP_LOOKUP_NEXT_REWRITE)
{
adj_unlock (ai);
- ai = adj_glean_add_or_lock (FIB_PROTOCOL_IP4, sw_if_index, &nh);
+ ai = adj_glean_add_or_lock (FIB_PROTOCOL_IP4,
+ VNET_LINK_IP4, sw_if_index, &nh);
adj = adj_get (ai);
}
if (adj->lookup_next_index == IP_LOOKUP_NEXT_REWRITE)
{
adj_unlock (ai);
- ai = adj_glean_add_or_lock (FIB_PROTOCOL_IP6, sw_if_index, &nh);
+ ai = adj_glean_add_or_lock (FIB_PROTOCOL_IP6,
+ VNET_LINK_IP6, sw_if_index, &nh);
adj = adj_get (ai);
}
endif
PYTHON_VENV_PATH=$(VPP_PYTHON_PREFIX)/virtualenv
-PYTHON_DEPENDS=$(PYTHON_EXTRA_DEPENDS) faulthandler six scapy==2.3.3 pexpect pycrypto subprocess32 cffi git+https://github.com/klement/py-lispnetworking@setup
+PYTHON_DEPENDS=$(PYTHON_EXTRA_DEPENDS) faulthandler six scapy==2.3.3 pexpect pycrypto subprocess32 cffi git+https://github.com/klement/py-lispnetworking@setup py2-ipaddress
SCAPY_SOURCE=$(shell find $(PYTHON_VENV_PATH) -name site-packages)
BUILD_COV_DIR=$(BR)/test-cov
--- /dev/null
+#
+# 6RD RFC5969 functional tests
+#
+
+import unittest
+from scapy.layers.inet import IP, UDP, ICMP
+from scapy.layers.inet6 import IPv6
+from scapy.layers.l2 import Ether, GRE
+from scapy.packet import Raw
+
+from framework import VppTestCase
+from vpp_ip_route import VppIpRoute, VppRoutePath, DpoProto
+from util import ppp
+from ipaddress import *
+
+""" Test6rd is a subclass of VPPTestCase classes.
+
+6RD tests.
+
+"""
+
+
+class Test6RD(VppTestCase):
+ """ 6RD Test Case """
+
+ @classmethod
+ def setUpClass(cls):
+ super(Test6RD, cls).setUpClass()
+ try:
+ cls.create_pg_interfaces(range(2))
+ cls.interfaces = list(cls.pg_interfaces)
+ except Exception:
+ super(Test6RD, cls).tearDownClass()
+ raise
+
+ def setUp(cls):
+ super(Test6RD, cls).setUp()
+ try:
+ for i in cls.interfaces:
+ i.admin_up()
+ i.config_ip4()
+ i.config_ip6()
+ i.disable_ipv6_ra()
+ i.resolve_arp()
+ i.resolve_ndp()
+ except Exception:
+ super(Test6RD, cls).tearDown()
+ raise
+
+ def tearDown(self):
+ super(Test6RD, self).tearDown()
+ if not self.vpp_dead:
+ self.vapi.cli("show hardware")
+ for i in self.pg_interfaces:
+ i.unconfig_ip4()
+ i.unconfig_ip6()
+ i.admin_down()
+ if type(self.tunnel_index) is list:
+ for sw_if_index in self.tunnel_index:
+ self.vapi.sixrd_del_tunnel(sw_if_index)
+ else:
+ self.vapi.sixrd_del_tunnel(self.tunnel_index)
+ self.vapi.cli("show error")
+
+ def validate_6in4(self, rx, expected):
+ if IP not in rx:
+ self.fail()
+ if IPv6 not in rx:
+ self.fail()
+
+ self.assertEqual(rx[IP].src, expected[IP].src)
+ self.assertEqual(rx[IP].dst, expected[IP].dst)
+ self.assertEqual(rx[IP].proto, expected[IP].proto)
+ self.assertEqual(rx[IPv6].src, expected[IPv6].src)
+ self.assertEqual(rx[IPv6].dst, expected[IPv6].dst)
+
+ def validate_4in6(self, rx, expected):
+ if IPv6 not in rx:
+ self.fail()
+ if IP in rx:
+ self.fail()
+
+ self.assertTrue(rx[IPv6].src == expected[IPv6].src)
+ self.assertTrue(rx[IPv6].dst == expected[IPv6].dst)
+ self.assertTrue(rx[IPv6].nh == expected[IPv6].nh)
+
+ def payload(self, len):
+ return 'x' * len
+
+ def test_6rd_ip6_to_ip4(self):
+ """ ip6 -> ip4 (encap) 6rd test """
+ p_ether = Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
+ p_ip6 = IPv6(src="1::1", dst="2002:AC10:0202::1", nh='UDP')
+
+ rv = self.vapi.sixrd_add_tunnel(
+ 0, str(ip_address('2002::').packed), 16,
+ str(ip_address('0.0.0.0').packed), 0,
+ str(ip_address(self.pg0.local_ip4).packed), 0, True)
+
+ self.assertEqual(rv.retval, 0)
+ self.tunnel_index = rv.sw_if_index
+ self.vapi.cli("show ip6 fib")
+ p_payload = UDP(sport=1234, dport=1234)
+ p = (p_ether / p_ip6 / p_payload)
+
+ p_reply = (IP(src=self.pg0.local_ip4, dst=self.pg1.remote_ip4,
+ proto='ipv6') / p_ip6)
+
+ rx = self.send_and_expect(self.pg0, p*10, self.pg1)
+ for p in rx:
+ self.validate_6in4(p, p_reply)
+
+ # MTU tests (default is 1480)
+ plen = 1481 - 40 - 8
+ p_ip6 = IPv6(src="1::1", dst="2002:AC10:0202::1")
+ p_payload = UDP(sport=1234, dport=1234) / Raw(self.payload(plen))
+ p = (p_ether / p_ip6 / p_payload)
+
+ p_reply = (IP(src=self.pg0.local_ip4, dst=self.pg1.remote_ip4,
+ proto='ipv6') / p_ip6)
+
+ rx = self.send_and_assert_no_replies(self.pg0, p*10)
+
+ def test_6rd_ip4_to_ip6(self):
+ """ ip4 -> ip6 (decap) 6rd test """
+
+ rv = self.vapi.sixrd_add_tunnel(
+ 0, str(ip_address('2002::').packed),
+ 16, str(ip_address('0.0.0.0').packed),
+ 0, str(ip_address(self.pg0.local_ip4).packed), 0, True)
+ self.assertEqual(rv.retval, 0)
+ self.tunnel_index = rv.sw_if_index
+ self.vapi.cli("show ip6 fib")
+ p_ip6 = (IPv6(src="2002:AC10:0202::1", dst=self.pg1.remote_ip6) /
+ UDP(sport=1234, dport=1234))
+
+ p = (Ether(src=self.pg0.remote_mac,
+ dst=self.pg0.local_mac) /
+ IP(src=self.pg1.remote_ip4, dst=self.pg0.local_ip4) /
+ p_ip6)
+
+ p_reply = p_ip6
+
+ rx = self.send_and_expect(self.pg0, p*10, self.pg1)
+ for p in rx:
+ self.validate_4in6(p, p_reply)
+
+ def test_6rd_ip4_to_ip6_multiple(self):
+ """ ip4 -> ip6 (decap) 6rd test """
+
+ self.tunnel_index = []
+ rv = self.vapi.sixrd_add_tunnel(
+ 0, str(ip_address('2002::').packed),
+ 16, str(ip_address('0.0.0.0').packed),
+ 0, str(ip_address(self.pg0.local_ip4).packed), 0, True)
+ self.assertEqual(rv.retval, 0)
+ self.tunnel_index.append(rv.sw_if_index)
+ rv = self.vapi.sixrd_add_tunnel(
+ 0, str(ip_address('2003::').packed),
+ 16, str(ip_address('0.0.0.0').packed),
+ 0, str(ip_address(self.pg1.local_ip4).packed), 0, True)
+ self.assertEqual(rv.retval, 0)
+
+ self.tunnel_index.append(rv.sw_if_index)
+
+ self.vapi.cli("show ip6 fib")
+ p_ether = Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
+ p_ip4 = IP(src=self.pg1.remote_ip4, dst=self.pg0.local_ip4)
+ p_ip6_1 = (IPv6(src="2002:AC10:0202::1", dst=self.pg1.remote_ip6) /
+ UDP(sport=1234, dport=1234))
+ p_ip6_2 = (IPv6(src="2003:AC10:0202::1", dst=self.pg1.remote_ip6) /
+ UDP(sport=1234, dport=1234))
+
+ p = (p_ether / p_ip4 / p_ip6_1)
+ rx = self.send_and_expect(self.pg0, p*10, self.pg1)
+ for p in rx:
+ self.validate_4in6(p, p_ip6_1)
+
+ p = (p_ether / p_ip4 / p_ip6_2)
+ rx = self.send_and_expect(self.pg0, p*10, self.pg1)
+ for p in rx:
+ self.validate_4in6(p, p_ip6_2)
+
+ def test_6rd_ip4_to_ip6_suffix(self):
+ """ ip4 -> ip6 (decap) 6rd test """
+
+ rv = self.vapi.sixrd_add_tunnel(
+ 0, str(ip_address('2002::').packed), 16,
+ str(ip_address('172.0.0.0').packed), 8,
+ str(ip_address(self.pg0.local_ip4).packed), 0, True)
+ self.assertEqual(rv.retval, 0)
+
+ self.tunnel_index = rv.sw_if_index
+
+ self.vapi.cli("show ip6 fib")
+ p_ether = Ether(src=self.pg0.remote_mac, dst=self.pg0.local_mac)
+ p_ip4 = IP(src=self.pg1.remote_ip4, dst=self.pg0.local_ip4)
+ p_ip6 = (IPv6(src="2002:1002:0200::1", dst=self.pg1.remote_ip6) /
+ UDP(sport=1234, dport=1234))
+
+ p = (p_ether / p_ip4 / p_ip6)
+ rx = self.send_and_expect(self.pg0, p*10, self.pg1)
+ for p in rx:
+ self.validate_4in6(p, p_ip6)
+
+ def test_6rd_ip4_to_ip6_sec_check(self):
+ """ ip4 -> ip6 (decap) security check 6rd test """
+
+ rv = self.vapi.sixrd_add_tunnel(
+ 0, str(ip_address('2002::').packed),
+ 16, str(ip_address('0.0.0.0').packed),
+ 0, str(ip_address(self.pg0.local_ip4).packed), 0, True)
+ self.assertEqual(rv.retval, 0)
+ self.tunnel_index = rv.sw_if_index
+ self.vapi.cli("show ip6 fib")
+ p_ip6 = (IPv6(src="2002:AC10:0202::1", dst=self.pg1.remote_ip6) /
+ UDP(sport=1234, dport=1234))
+ p_ip6_fail = (IPv6(src="2002:DEAD:0202::1", dst=self.pg1.remote_ip6) /
+ UDP(sport=1234, dport=1234))
+
+ p = (Ether(src=self.pg0.remote_mac,
+ dst=self.pg0.local_mac) /
+ IP(src=self.pg1.remote_ip4, dst=self.pg0.local_ip4) /
+ p_ip6)
+
+ p_reply = p_ip6
+
+ rx = self.send_and_expect(self.pg0, p*10, self.pg1)
+ for p in rx:
+ self.validate_4in6(p, p_reply)
+
+ p = (Ether(src=self.pg0.remote_mac,
+ dst=self.pg0.local_mac) /
+ IP(src=self.pg1.remote_ip4, dst=self.pg0.local_ip4) /
+ p_ip6_fail)
+ rx = self.send_and_assert_no_replies(self.pg0, p*10)
+
+ def test_6rd_bgp_tunnel(self):
+ """ 6rd BGP tunnel """
+
+ rv = self.vapi.sixrd_add_tunnel(
+ 0, str(ip_address('2002::').packed),
+ 16, str(ip_address('0.0.0.0').packed),
+ 0, str(ip_address(self.pg0.local_ip4).packed), 0, False)
+ self.assertEqual(rv.retval, 0)
+ self.tunnel_index = rv.sw_if_index
+
+ default_route = VppIpRoute(
+ self, "DEAD::", 16, [VppRoutePath("2002:0808:0808::",
+ self.tunnel_index,
+ proto=DpoProto.DPO_PROTO_IP6)],
+ is_ip6=1)
+ default_route.add_vpp_config()
+
+ ip4_route = VppIpRoute(self, "8.0.0.0", 8,
+ [VppRoutePath(self.pg1.remote_ip4, 0xFFFFFFFF)])
+ ip4_route.add_vpp_config()
+
+ # Via recursive route 6 -> 4
+ p = (Ether(src=self.pg0.remote_mac,
+ dst=self.pg0.local_mac) /
+ IPv6(src="1::1", dst="DEAD:BEEF::1") /
+ UDP(sport=1234, dport=1234))
+
+ p_reply = (IP(src=self.pg0.local_ip4, dst="8.8.8.8",
+ proto='ipv6') /
+ IPv6(src='1::1', dst='DEAD:BEEF::1', nh='UDP'))
+
+ rx = self.send_and_expect(self.pg0, p*10, self.pg1)
+ for p in rx:
+ self.validate_6in4(p, p_reply)
+
+ # Via recursive route 4 -> 6 (Security check must be disabled)
+ p_ip6 = (IPv6(src="DEAD:BEEF::1", dst=self.pg1.remote_ip6) /
+ UDP(sport=1234, dport=1234))
+ p = (Ether(src=self.pg0.remote_mac,
+ dst=self.pg0.local_mac) /
+ IP(src="8.8.8.8", dst=self.pg0.local_ip4) /
+ p_ip6)
+
+ p_reply = p_ip6
+
+ rx = self.send_and_expect(self.pg0, p*10, self.pg1)
+ for p in rx:
+ self.validate_4in6(p, p_reply)
+
+
+if __name__ == '__main__':
+ unittest.main(testRunner=VppTestRunner)
def gbp_contract_dump(self):
""" GBP contract Dump """
return self.api(self.papi.gbp_contract_dump, {})
+
+ def sixrd_add_tunnel(self, fib_index, ip6_prefix, ip6_prefix_len,
+ ip4_prefix, ip4_prefix_len, ip4_src, mtu,
+ security_check):
+ """ 6RD tunnel Add """
+ return self.api(self.papi.sixrd_add_tunnel,
+ {'fib_index': fib_index,
+ 'ip6_prefix': ip6_prefix,
+ 'ip6_prefix_len': ip6_prefix_len,
+ 'ip4_prefix': ip4_prefix,
+ 'ip4_prefix_len': ip4_prefix_len,
+ 'ip4_src': ip4_src,
+ 'mtu': mtu,
+ 'security_check': security_check})
+
+ def sixrd_del_tunnel(self, sw_if_index):
+ """ 6RD tunnel Delete """
+ return self.api(self.papi.sixrd_del_tunnel,
+ {'sw_if_index': sw_if_index})
Code Review / vpp.git / commitdiff