From 2a1783fd6ae7e17c994010fca414c180eb48bc40 Mon Sep 17 00:00:00 2001 From: Nathan Skrzypczak Date: Tue, 10 Aug 2021 15:05:29 +0200 Subject: [PATCH] ip: punt redirect add nh in api Type: feature Change-Id: Ia970f444ba2f38b7a42ea94942c906f1b541511b Signed-off-by: Nathan Skrzypczak --- src/vnet/ip/ip.api | 43 +++++++++ src/vnet/ip/ip4.h | 4 +- src/vnet/ip/ip4_punt_drop.c | 24 +---- src/vnet/ip/ip6.h | 4 +- src/vnet/ip/ip6_punt_drop.c | 23 +---- src/vnet/ip/ip_api.c | 214 ++++++++++++++++++++++++++++++++++---------- src/vnet/ip/ip_punt_drop.c | 6 +- src/vnet/ip/ip_punt_drop.h | 5 +- src/vnet/ip/ip_test.c | 20 +++++ 9 files changed, 243 insertions(+), 100 deletions(-) diff --git a/src/vnet/ip/ip.api b/src/vnet/ip/ip.api index c8d4c397182..28786fa5a90 100644 --- a/src/vnet/ip/ip.api +++ b/src/vnet/ip/ip.api @@ -557,6 +557,7 @@ typedef punt_redirect */ autoreply define ip_punt_redirect { + option deprecated; u32 client_index; u32 context; vl_api_punt_redirect_t punt; @@ -577,6 +578,48 @@ define ip_punt_redirect_details vl_api_punt_redirect_t punt; }; +/** \brief Punt redirect type + @param rx_sw_if_index - specify the original RX interface of traffic + that should be redirected. ~0 means any interface. + @param af - Address family (ip4 or ip6) + @param paths - the TX paths to which traffic should be redirected. +*/ +typedef punt_redirect_v2 +{ + vl_api_interface_index_t rx_sw_if_index [default=0xffffffff]; + vl_api_address_family_t af; + u32 n_paths; + vl_api_fib_path_t paths[n_paths]; +}; + +/** \brief Add IP punt redirect rule + @param client_index - opaque cookie to identify the sender + @param context - sender context, to match reply w/ request + @param punt - punt definition + @param is_add - 1 to add punt_redirect rule, 0 to delete +*/ +autoreply define add_del_ip_punt_redirect_v2 +{ + u32 client_index; + u32 context; + bool is_add [default=true]; + vl_api_punt_redirect_v2_t punt; +}; + +define ip_punt_redirect_v2_dump +{ + u32 client_index; + u32 context; + vl_api_interface_index_t sw_if_index; + vl_api_address_family_t af; +}; + +define ip_punt_redirect_v2_details +{ + u32 context; + vl_api_punt_redirect_v2_t punt; +}; + autoreply define ip_container_proxy_add_del { u32 client_index; diff --git a/src/vnet/ip/ip4.h b/src/vnet/ip/ip4.h index dba27851c8f..dde7b7b9de9 100644 --- a/src/vnet/ip/ip4.h +++ b/src/vnet/ip/ip4.h @@ -261,10 +261,8 @@ int vnet_set_ip4_classify_intfc (vlib_main_t * vm, u32 sw_if_index, void ip4_punt_policer_add_del (u8 is_add, u32 policer_index); -void ip4_punt_redirect_add (u32 rx_sw_if_index, - u32 tx_sw_if_index, ip46_address_t * nh); void ip4_punt_redirect_add_paths (u32 rx_sw_if_index, - fib_route_path_t * paths); + const fib_route_path_t *paths); void ip4_punt_redirect_del (u32 rx_sw_if_index); diff --git a/src/vnet/ip/ip4_punt_drop.c b/src/vnet/ip/ip4_punt_drop.c index c8d65921183..89803afb9dd 100644 --- a/src/vnet/ip/ip4_punt_drop.c +++ b/src/vnet/ip/ip4_punt_drop.c @@ -313,28 +313,8 @@ VLIB_CLI_COMMAND (ip4_punt_policer_command, static) = #ifndef CLIB_MARCH_VARIANT void -ip4_punt_redirect_add (u32 rx_sw_if_index, - u32 tx_sw_if_index, ip46_address_t * nh) -{ - /* *INDENT-OFF* */ - fib_route_path_t *rpaths = NULL, rpath = { - .frp_proto = DPO_PROTO_IP4, - .frp_addr = *nh, - .frp_sw_if_index = tx_sw_if_index, - .frp_weight = 1, - .frp_fib_index = ~0, - }; - /* *INDENT-ON* */ - - vec_add1 (rpaths, rpath); - - ip4_punt_redirect_add_paths (rx_sw_if_index, rpaths); - - vec_free (rpaths); -} - -void -ip4_punt_redirect_add_paths (u32 rx_sw_if_index, fib_route_path_t * rpaths) +ip4_punt_redirect_add_paths (u32 rx_sw_if_index, + const fib_route_path_t *rpaths) { ip_punt_redirect_add (FIB_PROTOCOL_IP4, rx_sw_if_index, diff --git a/src/vnet/ip/ip6.h b/src/vnet/ip/ip6.h index 4d94d8c1230..f33780f1a98 100644 --- a/src/vnet/ip/ip6.h +++ b/src/vnet/ip/ip6.h @@ -287,10 +287,8 @@ u8 *format_ip6_forward_next_trace (u8 * s, va_list * args); u32 ip6_tcp_udp_icmp_validate_checksum (vlib_main_t * vm, vlib_buffer_t * p0); void ip6_punt_policer_add_del (u8 is_add, u32 policer_index); -void ip6_punt_redirect_add (u32 rx_sw_if_index, - u32 tx_sw_if_index, ip46_address_t * nh); void ip6_punt_redirect_add_paths (u32 rx_sw_if_index, - fib_route_path_t * paths); + const fib_route_path_t *paths); void ip6_punt_redirect_del (u32 rx_sw_if_index); int vnet_set_ip6_classify_intfc (vlib_main_t * vm, u32 sw_if_index, diff --git a/src/vnet/ip/ip6_punt_drop.c b/src/vnet/ip/ip6_punt_drop.c index 31f5d37bf02..4edb673c3fa 100644 --- a/src/vnet/ip/ip6_punt_drop.c +++ b/src/vnet/ip/ip6_punt_drop.c @@ -306,27 +306,8 @@ VNET_FEATURE_INIT (ip6_punt_redirect_node, static) = { #ifndef CLIB_MARCH_VARIANT void -ip6_punt_redirect_add (u32 rx_sw_if_index, - u32 tx_sw_if_index, ip46_address_t * nh) -{ - /* *INDENT-OFF* */ - fib_route_path_t *rpaths = NULL, rpath = { - .frp_proto = DPO_PROTO_IP6, - .frp_addr = *nh, - .frp_sw_if_index = tx_sw_if_index, - .frp_weight = 1, - .frp_fib_index = ~0, - }; - /* *INDENT-ON* */ - vec_add1 (rpaths, rpath); - - ip6_punt_redirect_add_paths (rx_sw_if_index, rpaths); - - vec_free (rpaths); -} - -void -ip6_punt_redirect_add_paths (u32 rx_sw_if_index, fib_route_path_t * rpaths) +ip6_punt_redirect_add_paths (u32 rx_sw_if_index, + const fib_route_path_t *rpaths) { ip_punt_redirect_add (FIB_PROTOCOL_IP6, rx_sw_if_index, diff --git a/src/vnet/ip/ip_api.c b/src/vnet/ip/ip_api.c index 6f06e382024..f9f9ac783d9 100644 --- a/src/vnet/ip/ip_api.c +++ b/src/vnet/ip/ip_api.c @@ -443,48 +443,98 @@ vl_api_ip_punt_police_t_handler (vl_api_ip_punt_police_t * mp, } static void -vl_api_ip_punt_redirect_t_handler (vl_api_ip_punt_redirect_t * mp, - vlib_main_t * vm) +ip_punt_redirect_t_handler_common (u8 is_add, u32 rx_sw_if_index, + ip_address_family_t af, + const fib_route_path_t *rpaths) +{ + if (is_add) + { + if (af == AF_IP6) + ip6_punt_redirect_add_paths (rx_sw_if_index, rpaths); + else if (af == AF_IP4) + ip4_punt_redirect_add_paths (rx_sw_if_index, rpaths); + } + else + { + if (af == AF_IP6) + ip6_punt_redirect_del (rx_sw_if_index); + else if (af == AF_IP4) + ip4_punt_redirect_del (rx_sw_if_index); + } +} + +static void +vl_api_ip_punt_redirect_t_handler (vl_api_ip_punt_redirect_t *mp, + vlib_main_t *vm) { vl_api_ip_punt_redirect_reply_t *rmp; - int rv = 0; + fib_route_path_t *rpaths = NULL, rpath = { + .frp_weight = 1, + .frp_fib_index = ~0, + }; + ip_address_family_t af; ip46_type_t ipv; - ip46_address_t nh; + u32 rx_sw_if_index; + int rv = 0; if (!vnet_sw_if_index_is_api_valid (ntohl (mp->punt.tx_sw_if_index))) goto bad_sw_if_index; - ipv = ip_address_decode (&mp->punt.nh, &nh); - if (mp->is_add) - { - if (ipv == IP46_TYPE_IP6) - { - ip6_punt_redirect_add (ntohl (mp->punt.rx_sw_if_index), - ntohl (mp->punt.tx_sw_if_index), &nh); - } - else if (ipv == IP46_TYPE_IP4) - { - ip4_punt_redirect_add (ntohl (mp->punt.rx_sw_if_index), - ntohl (mp->punt.tx_sw_if_index), &nh); - } - } - else - { - if (ipv == IP46_TYPE_IP6) - { - ip6_punt_redirect_del (ntohl (mp->punt.rx_sw_if_index)); - } - else if (ipv == IP46_TYPE_IP4) - { - ip4_punt_redirect_del (ntohl (mp->punt.rx_sw_if_index)); - } - } + ipv = ip_address_decode (&mp->punt.nh, &rpath.frp_addr); + af = (ipv == IP46_TYPE_IP6) ? AF_IP6 : AF_IP4; + rpath.frp_proto = (ipv == IP46_TYPE_IP6) ? DPO_PROTO_IP6 : DPO_PROTO_IP4; + rpath.frp_sw_if_index = ntohl (mp->punt.tx_sw_if_index); + rx_sw_if_index = ntohl (mp->punt.rx_sw_if_index); + + vec_add1 (rpaths, rpath); + ip_punt_redirect_t_handler_common (mp->is_add, rx_sw_if_index, af, rpaths); + vec_free (rpaths); BAD_SW_IF_INDEX_LABEL; REPLY_MACRO (VL_API_IP_PUNT_REDIRECT_REPLY); } +static void +vl_api_add_del_ip_punt_redirect_v2_t_handler ( + vl_api_add_del_ip_punt_redirect_v2_t *mp, vlib_main_t *vm) +{ + vl_api_add_del_ip_punt_redirect_v2_reply_t *rmp; + fib_route_path_t *rpaths = NULL, *rpath; + vl_api_fib_path_t *apath; + ip_address_family_t af; + u32 rx_sw_if_index, n_paths; + int rv = 0, ii; + + rx_sw_if_index = ntohl (mp->punt.rx_sw_if_index); + n_paths = ntohl (mp->punt.n_paths); + + rv = ip_address_family_decode (mp->punt.af, &af); + if (rv != 0) + goto out; + + if (0 != n_paths) + vec_validate (rpaths, n_paths - 1); + + for (ii = 0; ii < n_paths; ii++) + { + apath = &mp->punt.paths[ii]; + rpath = &rpaths[ii]; + + rv = fib_api_path_decode (apath, rpath); + + if (rv != 0) + goto out; + } + + ip_punt_redirect_t_handler_common (mp->is_add, rx_sw_if_index, af, rpaths); + +out: + vec_free (rpaths); + + REPLY_MACRO (VL_API_ADD_DEL_IP_PUNT_REDIRECT_V2_REPLY); +} + static clib_error_t * call_elf_section_ip_table_callbacks (vnet_main_t * vnm, u32 table_id, u32 flags, @@ -1814,40 +1864,114 @@ send_ip_punt_redirect_details (u32 rx_sw_if_index, return (WALK_CONTINUE); } +static walk_rc_t +send_ip_punt_redirect_v2_details (u32 rx_sw_if_index, + const ip_punt_redirect_rx_t *ipr, void *arg) +{ + vl_api_ip_punt_redirect_v2_details_t *mp; + fib_path_encode_ctx_t path_ctx = { + .rpaths = NULL, + }; + fib_route_path_t *rpath; + ip_walk_ctx_t *ctx = arg; + vl_api_fib_path_t *fp; + int n_paths; + + fib_path_list_walk_w_ext (ipr->pl, NULL, fib_path_encode, &path_ctx); + + n_paths = vec_len (path_ctx.rpaths); + mp = vl_msg_api_alloc (sizeof (*mp) + n_paths * sizeof (*fp)); + if (!mp) + return (WALK_STOP); + + clib_memset (mp, 0, sizeof (*mp)); + mp->_vl_msg_id = + ntohs (REPLY_MSG_ID_BASE + VL_API_IP_PUNT_REDIRECT_V2_DETAILS); + mp->context = ctx->context; + mp->punt.rx_sw_if_index = htonl (rx_sw_if_index); + mp->punt.n_paths = htonl (n_paths); + fp = mp->punt.paths; + vec_foreach (rpath, path_ctx.rpaths) + { + fib_api_path_encode (rpath, fp); + fp++; + } + mp->punt.af = (ipr->fproto == FIB_PROTOCOL_IP6) ? ADDRESS_IP6 : ADDRESS_IP4; + + vl_api_send_msg (ctx->reg, (u8 *) mp); + + vec_free (path_ctx.rpaths); + + return (WALK_CONTINUE); +} + +static void +vl_api_ip_punt_redirect_dump_common (ip_walk_ctx_t *ctx, fib_protocol_t fproto, + u32 rx_sw_if_index, + ip_punt_redirect_walk_cb_t cb) +{ + + if ((u32) ~0 != rx_sw_if_index) + { + index_t pri; + pri = ip_punt_redirect_find (fproto, rx_sw_if_index); + + if (INDEX_INVALID == pri) + return; + + cb (rx_sw_if_index, ip_punt_redirect_get (pri), ctx); + } + else + ip_punt_redirect_walk (fproto, cb, ctx); +} + static void vl_api_ip_punt_redirect_dump_t_handler (vl_api_ip_punt_redirect_dump_t * mp) { vl_api_registration_t *reg; - fib_protocol_t fproto = FIB_PROTOCOL_IP4; + fib_protocol_t fproto; reg = vl_api_client_index_to_registration (mp->client_index); if (!reg) return; - if (mp->is_ipv6 == 1) - fproto = FIB_PROTOCOL_IP6; + fproto = (mp->is_ipv6 == 1) ? FIB_PROTOCOL_IP6 : FIB_PROTOCOL_IP4; ip_walk_ctx_t ctx = { .reg = reg, .context = mp->context, }; - if (~0 != mp->sw_if_index) - { - u32 rx_sw_if_index; - index_t pri; + vl_api_ip_punt_redirect_dump_common (&ctx, fproto, ntohl (mp->sw_if_index), + send_ip_punt_redirect_details); +} - rx_sw_if_index = ntohl (mp->sw_if_index); - pri = ip_punt_redirect_find (fproto, rx_sw_if_index); +static void +vl_api_ip_punt_redirect_v2_dump_t_handler ( + vl_api_ip_punt_redirect_v2_dump_t *mp) +{ + vl_api_registration_t *reg; + ip_address_family_t af; + fib_protocol_t fproto; + int rv = 0; - if (INDEX_INVALID == pri) - return; + reg = vl_api_client_index_to_registration (mp->client_index); + if (!reg) + return; - send_ip_punt_redirect_details (rx_sw_if_index, - ip_punt_redirect_get (pri), &ctx); - } - else - ip_punt_redirect_walk (fproto, send_ip_punt_redirect_details, &ctx); + rv = ip_address_family_decode (mp->af, &af); + if (rv != 0) + return; + + fproto = (af == AF_IP6) ? FIB_PROTOCOL_IP6 : FIB_PROTOCOL_IP4; + + ip_walk_ctx_t ctx = { + .reg = reg, + .context = mp->context, + }; + + vl_api_ip_punt_redirect_dump_common (&ctx, fproto, ntohl (mp->sw_if_index), + send_ip_punt_redirect_v2_details); } void diff --git a/src/vnet/ip/ip_punt_drop.c b/src/vnet/ip/ip_punt_drop.c index f3388007b4a..bf01adadb10 100644 --- a/src/vnet/ip/ip_punt_drop.c +++ b/src/vnet/ip/ip_punt_drop.c @@ -69,9 +69,9 @@ ip_punt_redirect_find (fib_protocol_t fproto, u32 rx_sw_if_index) } void -ip_punt_redirect_add (fib_protocol_t fproto, - u32 rx_sw_if_index, - fib_forward_chain_type_t ct, fib_route_path_t * rpaths) +ip_punt_redirect_add (fib_protocol_t fproto, u32 rx_sw_if_index, + fib_forward_chain_type_t ct, + const fib_route_path_t *rpaths) { ip_punt_redirect_rx_t *ipr; index_t ipri; diff --git a/src/vnet/ip/ip_punt_drop.h b/src/vnet/ip/ip_punt_drop.h index a595e446adc..11b7ad6c895 100644 --- a/src/vnet/ip/ip_punt_drop.h +++ b/src/vnet/ip/ip_punt_drop.h @@ -267,10 +267,9 @@ typedef struct ip4_punt_redirect_trace_t_ /** * Add a punt redirect entry */ -extern void ip_punt_redirect_add (fib_protocol_t fproto, - u32 rx_sw_if_index, +extern void ip_punt_redirect_add (fib_protocol_t fproto, u32 rx_sw_if_index, fib_forward_chain_type_t ct, - fib_route_path_t * rpaths); + const fib_route_path_t *rpaths); extern void ip_punt_redirect_del (fib_protocol_t fproto, u32 rx_sw_if_index); extern index_t ip_punt_redirect_find (fib_protocol_t fproto, diff --git a/src/vnet/ip/ip_test.c b/src/vnet/ip/ip_test.c index 7d8ed9ff09a..2de8235288d 100644 --- a/src/vnet/ip/ip_test.c +++ b/src/vnet/ip/ip_test.c @@ -657,6 +657,12 @@ api_ip_punt_redirect (vat_main_t *vat) return -1; } +static int +api_add_del_ip_punt_redirect_v2 (vat_main_t *vat) +{ + return -1; +} + static int api_ip_punt_redirect_dump (vat_main_t *vat) { @@ -667,6 +673,20 @@ static void vl_api_ip_punt_redirect_details_t_handler ( vl_api_ip_punt_redirect_details_t *mp) { + /**/ +} + +static int +api_ip_punt_redirect_v2_dump (vat_main_t *vat) +{ + return -1; +} + +static void +vl_api_ip_punt_redirect_v2_details_t_handler ( + vl_api_ip_punt_redirect_v2_details_t *mp) +{ + /**/ } static int -- 2.16.6