From e26c81fc80d1ce9a8746ebf4009149849b04f60f Mon Sep 17 00:00:00 2001
From: John Lo <loj@cisco.com>
Date: Mon, 7 Jan 2019 15:16:33 -0500
Subject: [PATCH] L2 BD API to flush all IP-MAC entries in the specified BD

Implement API/CLI to clear IP-MAC tables used for ARP-termination
in the specified bridge domain.
The CLI to flush MAC IP tables for a BD is:
 set bridge-domain arp entry <bd-id> del-all
The API added is bd_ip_mac_flush.

Change-Id: I34ceb87c0f480c7102f6559312c24081ed485af8
Signed-off-by: John Lo <loj@cisco.com>
---
 src/vat/api_format.c      | 39 +++++++++++++++++++++++++++++++++++++-
 src/vnet/l2/l2.api        | 13 ++++++++++++-
 src/vnet/l2/l2_api.c      | 32 +++++++++++++++++++++++++++++++
 src/vnet/l2/l2_bd.c       | 48 ++++++++++++++++++++++++++++++++++++-----------
 src/vnet/l2/l2_bd.h       |  2 ++
 src/vpp/api/custom_dump.c | 12 ++++++++++++
 6 files changed, 133 insertions(+), 13 deletions(-)

diff --git a/src/vat/api_format.c b/src/vat/api_format.c
index f39c9e62ae5..db22f29148f 100644
--- a/src/vat/api_format.c
+++ b/src/vat/api_format.c
@@ -5259,6 +5259,7 @@ _(ikev2_initiate_del_child_sa_reply)                    \
 _(ikev2_initiate_rekey_child_sa_reply)                  \
 _(delete_loopback_reply)                                \
 _(bd_ip_mac_add_del_reply)                              \
+_(bd_ip_mac_flush_reply)                                \
 _(want_interface_events_reply)                          \
 _(cop_interface_enable_disable_reply)			\
 _(cop_whitelist_enable_disable_reply)                   \
@@ -5515,6 +5516,7 @@ _(IKEV2_INITIATE_DEL_CHILD_SA_REPLY, ikev2_initiate_del_child_sa_reply) \
 _(IKEV2_INITIATE_REKEY_CHILD_SA_REPLY, ikev2_initiate_rekey_child_sa_reply) \
 _(DELETE_LOOPBACK_REPLY, delete_loopback_reply)                         \
 _(BD_IP_MAC_ADD_DEL_REPLY, bd_ip_mac_add_del_reply)                     \
+_(BD_IP_MAC_FLUSH_REPLY, bd_ip_mac_flush_reply)                         \
 _(BD_IP_MAC_DETAILS, bd_ip_mac_details)                                 \
 _(DHCP_COMPL_EVENT, dhcp_compl_event)                                   \
 _(WANT_INTERFACE_EVENTS_REPLY, want_interface_events_reply)             \
@@ -7385,6 +7387,40 @@ api_bd_ip_mac_add_del (vat_main_t * vam)
   return ret;
 }
 
+static int
+api_bd_ip_mac_flush (vat_main_t * vam)
+{
+  unformat_input_t *i = vam->input;
+  vl_api_bd_ip_mac_flush_t *mp;
+  u32 bd_id;
+  u8 bd_id_set = 0;
+  int ret;
+
+  while (unformat_check_input (i) != UNFORMAT_END_OF_INPUT)
+    {
+      if (unformat (i, "bd_id %d", &bd_id))
+	{
+	  bd_id_set++;
+	}
+      else
+	break;
+    }
+
+  if (bd_id_set == 0)
+    {
+      errmsg ("missing bridge domain");
+      return -99;
+    }
+
+  M (BD_IP_MAC_FLUSH, mp);
+
+  mp->bd_id = ntohl (bd_id);
+
+  S (mp);
+  W (ret);
+  return ret;
+}
+
 static void vl_api_bd_ip_mac_details_t_handler
   (vl_api_bd_ip_mac_details_t * mp)
 {
@@ -23352,7 +23388,8 @@ _(ikev2_initiate_del_child_sa, "<ispi>")                                \
 _(ikev2_initiate_rekey_child_sa, "<ispi>")                              \
 _(delete_loopback,"sw_if_index <nn>")                                   \
 _(bd_ip_mac_add_del, "bd_id <bridge-domain-id> <ip4/6-addr> <mac-addr> [del]") \
-_(bd_ip_mac_dump, "[bd_id] <id>")                                       \
+_(bd_ip_mac_flush, "bd_id <bridge-domain-id>")                          \
+_(bd_ip_mac_dump, "[bd_id] <bridge-domain-id>")                         \
 _(want_interface_events,  "enable|disable")                             \
 _(get_first_msg_id, "client <name>")					\
 _(cop_interface_enable_disable, "<intfc> | sw_if_index <nn> [disable]") \
diff --git a/src/vnet/l2/l2.api b/src/vnet/l2/l2.api
index ea24a71feb5..f16a8ad05a3 100644
--- a/src/vnet/l2/l2.api
+++ b/src/vnet/l2/l2.api
@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 
-option version = "2.1.1";
+option version = "2.1.2";
 
 import "vnet/ip/ip_types.api";
 import "vnet/ethernet/ethernet_types.api";
@@ -487,6 +487,17 @@ autoreply define bd_ip_mac_add_del
   vl_api_mac_address_t mac;
 };
 
+/** \brief Flush bridge domain IP to MAC entries
+    @param client_index - opaque cookie to identify the sender
+    @param bd_id - bridge domain identifier
+*/
+autoreply define bd_ip_mac_flush
+{
+  u32 client_index;
+  u32 context;
+  u32 bd_id;
+};
+
 /** \brief bridge domain IP to MAC entry details structure
     @param bd_id - bridge domain table id
     @param is_ipv6 - if non-zero, ipv6 address, else ipv4 address
diff --git a/src/vnet/l2/l2_api.c b/src/vnet/l2/l2_api.c
index 25f38a6d5b0..059f668d664 100644
--- a/src/vnet/l2/l2_api.c
+++ b/src/vnet/l2/l2_api.c
@@ -66,6 +66,7 @@ _(SW_INTERFACE_SET_L2_BRIDGE, sw_interface_set_l2_bridge)       \
 _(L2_PATCH_ADD_DEL, l2_patch_add_del)				\
 _(L2_INTERFACE_EFP_FILTER, l2_interface_efp_filter)             \
 _(BD_IP_MAC_ADD_DEL, bd_ip_mac_add_del)                         \
+_(BD_IP_MAC_FLUSH, bd_ip_mac_flush)                             \
 _(BD_IP_MAC_DUMP, bd_ip_mac_dump)				\
 _(BRIDGE_DOMAIN_ADD_DEL, bridge_domain_add_del)                 \
 _(BRIDGE_DOMAIN_DUMP, bridge_domain_dump)                       \
@@ -893,6 +894,37 @@ out:
   REPLY_MACRO (VL_API_BD_IP_MAC_ADD_DEL_REPLY);
 }
 
+static void
+vl_api_bd_ip_mac_flush_t_handler (vl_api_bd_ip_mac_flush_t * mp)
+{
+  vl_api_bd_ip_mac_flush_reply_t *rmp;
+  bd_main_t *bdm = &bd_main;
+  u32 bd_index, bd_id;
+  int rv = 0;
+  uword *p;
+
+  bd_id = ntohl (mp->bd_id);
+
+  if (bd_id == 0)
+    {
+      rv = VNET_API_ERROR_BD_NOT_MODIFIABLE;
+      goto out;
+    }
+
+  p = hash_get (bdm->bd_index_by_bd_id, bd_id);
+  if (p == 0)
+    {
+      rv = VNET_API_ERROR_NO_SUCH_ENTRY;
+      goto out;
+    }
+  bd_index = p[0];
+
+  bd_flush_ip_mac (bd_index);
+
+out:
+  REPLY_MACRO (VL_API_BD_IP_MAC_FLUSH_REPLY);
+}
+
 extern void l2_efp_filter_configure (vnet_main_t * vnet_main,
 				     u32 sw_if_index, u8 enable);
 
diff --git a/src/vnet/l2/l2_bd.c b/src/vnet/l2/l2_bd.c
index 943385ccb7c..4dd359ed0b7 100644
--- a/src/vnet/l2/l2_bd.c
+++ b/src/vnet/l2/l2_bd.c
@@ -91,13 +91,27 @@ bd_add_bd_index (bd_main_t * bdm, u32 bd_id)
   return rv;
 }
 
+static inline void
+bd_free_ip_mac_tables (l2_bridge_domain_t * bd)
+{
+  u64 mac_addr;
+  ip6_address_t *ip6_addr_key;
+
+  hash_free (bd->mac_by_ip4);
+  /* *INDENT-OFF* */
+  hash_foreach_mem (ip6_addr_key, mac_addr, bd->mac_by_ip6,
+  ({
+    clib_mem_free (ip6_addr_key); /* free memory used for ip6 addr key */
+  }));
+  /* *INDENT-ON* */
+  hash_free (bd->mac_by_ip6);
+}
+
 static int
 bd_delete (bd_main_t * bdm, u32 bd_index)
 {
   l2_bridge_domain_t *bd = &l2input_main.bd_configs[bd_index];
   u32 bd_id = bd->bd_id;
-  u64 mac_addr;
-  ip6_address_t *ip6_addr_key;
 
   /* flush non-static MACs in BD and removed bd_id from hash table */
   l2fib_flush_bd_mac (vlib_get_main (), bd_index);
@@ -115,14 +129,7 @@ bd_delete (bd_main_t * bdm, u32 bd_index)
 
   /* free memory used by BD */
   vec_free (bd->members);
-  hash_free (bd->mac_by_ip4);
-  /* *INDENT-OFF* */
-  hash_foreach_mem (ip6_addr_key, mac_addr, bd->mac_by_ip6,
-  ({
-    clib_mem_free (ip6_addr_key); /* free memory used for ip6 addr key */
-  }));
-  /* *INDENT-ON* */
-  hash_free (bd->mac_by_ip6);
+  bd_free_ip_mac_tables (bd);
 
   return 0;
 }
@@ -805,6 +812,20 @@ bd_add_del_ip_mac (u32 bd_index,
   return 0;
 }
 
+/**
+ * Flush IP address to MAC address mapping tables in a BD.
+ */
+void
+bd_flush_ip_mac (u32 bd_index)
+{
+  l2_bridge_domain_t *bd = l2input_bd_config (bd_index);
+  ASSERT (bd_is_valid (bd));
+  bd_free_ip_mac_tables (bd);
+  bd->mac_by_ip4 = 0;
+  bd->mac_by_ip6 =
+    hash_create_mem (0, sizeof (ip6_address_t), sizeof (uword));
+}
+
 /**
     Set bridge-domain arp entry add/delete.
     The CLI format is:
@@ -849,6 +870,11 @@ bd_arp_entry (vlib_main_t * vm,
     {
       type = IP46_TYPE_IP6;
     }
+  else if (unformat (input, "del-all"))
+    {
+      bd_flush_ip_mac (bd_index);
+      goto done;
+    }
   else
     {
       error = clib_error_return (0, "expecting IP address but got `%U'",
@@ -893,7 +919,7 @@ done:
 /* *INDENT-OFF* */
 VLIB_CLI_COMMAND (bd_arp_entry_cli, static) = {
   .path = "set bridge-domain arp entry",
-  .short_help = "set bridge-domain arp entry <bridge-domain-id> <ip-addr> <mac-addr> [del]",
+  .short_help = "set bridge-domain arp entry <bridge-domain-id> [<ip-addr> <mac-addr> [del] | del-all]",
   .function = bd_arp_entry,
 };
 /* *INDENT-ON* */
diff --git a/src/vnet/l2/l2_bd.h b/src/vnet/l2/l2_bd.h
index 987569aad9e..65d3dadab28 100644
--- a/src/vnet/l2/l2_bd.h
+++ b/src/vnet/l2/l2_bd.h
@@ -204,6 +204,8 @@ u32 bd_add_del_ip_mac (u32 bd_index,
 		       const ip46_address_t * ip_addr,
 		       const mac_address_t * mac, u8 is_add);
 
+void bd_flush_ip_mac (u32 bd_index);
+
 #endif
 
 /*
diff --git a/src/vpp/api/custom_dump.c b/src/vpp/api/custom_dump.c
index 78d37044955..0d8b453188d 100644
--- a/src/vpp/api/custom_dump.c
+++ b/src/vpp/api/custom_dump.c
@@ -515,6 +515,17 @@ static void *vl_api_bd_ip_mac_add_del_t_print
   FINISH;
 }
 
+static void *vl_api_bd_ip_mac_flush_t_print
+  (vl_api_bd_ip_mac_flush_t * mp, void *handle)
+{
+  u8 *s;
+
+  s = format (0, "SCRIPT: bd_ip_mac_flush ");
+  s = format (s, "bd_id %d ", ntohl (mp->bd_id));
+
+  FINISH;
+}
+
 static void *vl_api_bd_ip_mac_dump_t_print
   (vl_api_bd_ip_mac_dump_t * mp, void *handle)
 {
@@ -3827,6 +3838,7 @@ _(IP_ADDRESS_DUMP, ip_address_dump)                                     \
 _(IP_DUMP, ip_dump)                                                     \
 _(DELETE_LOOPBACK, delete_loopback)                                     \
 _(BD_IP_MAC_ADD_DEL, bd_ip_mac_add_del)					\
+_(BD_IP_MAC_FLUSH, bd_ip_mac_flush)					\
 _(COP_INTERFACE_ENABLE_DISABLE, cop_interface_enable_disable) 		\
 _(COP_WHITELIST_ENABLE_DISABLE, cop_whitelist_enable_disable)           \
 _(AF_PACKET_CREATE, af_packet_create)					\
-- 
2.16.6