Gitiles
Code Review Sign In
gerrit.nordix.org / fdio / vpp / 62c25abaa3e93be5815172d391295a6ab0390122 / . / src / plugins / ct6 / ct6.c
blob: 15fa44a5d45106df19326334a4a3270ea29dcb7c [file] [log] [blame]
/*
* ct6.c - skeleton vpp engine plug-in
*
* Copyright (c) <current-year> <your-organization>
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at:
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include <vnet/vnet.h>
#include <vnet/plugin/plugin.h>
#include <ct6/ct6.h>
#include <vlibapi/api.h>
#include <vlibmemory/api.h>
#include <vpp/app/version.h>
/* define message IDs */
#include <ct6/ct6.api_enum.h>
#include <ct6/ct6.api_types.h>
#define REPLY_MSG_ID_BASE cmp->msg_id_base
#include <vlibapi/api_helper_macros.h>
ct6_main_t ct6_main;
/* Action function shared between message handler and debug CLI */
static void
ct6_feature_init (ct6_main_t * cmp)
{
u32 nworkers = vlib_num_workers ();
if (cmp->feature_initialized)
return;
clib_bihash_init_48_8 (&cmp->session_hash, "ct6 session table",
cmp->session_hash_buckets, cmp->session_hash_memory);
cmp->feature_initialized = 1;
vec_validate (cmp->sessions, nworkers);
vec_validate_init_empty (cmp->first_index, nworkers, ~0);
vec_validate_init_empty (cmp->last_index, nworkers, ~0);
}
int
ct6_in2out_enable_disable (ct6_main_t * cmp, u32 sw_if_index,
int enable_disable)
{
vnet_sw_interface_t *sw;
int rv = 0;
ct6_feature_init (cmp);
/* Utterly wrong? */
if (pool_is_free_index (cmp->vnet_main->interface_main.sw_interfaces,
sw_if_index))
return VNET_API_ERROR_INVALID_SW_IF_INDEX;
/* Not a physical port? */
sw = vnet_get_sw_interface (cmp->vnet_main, sw_if_index);
if (sw->type != VNET_SW_INTERFACE_TYPE_HARDWARE)
return VNET_API_ERROR_INVALID_SW_IF_INDEX;
vnet_feature_enable_disable ("interface-output", "ct6-in2out",
sw_if_index, enable_disable, 0, 0);
return rv;
}
int
ct6_out2in_enable_disable (ct6_main_t * cmp, u32 sw_if_index,
int enable_disable)
{
vnet_sw_interface_t *sw;
int rv = 0;
ct6_feature_init (cmp);
/* Utterly wrong? */
if (pool_is_free_index (cmp->vnet_main->interface_main.sw_interfaces,
sw_if_index))
return VNET_API_ERROR_INVALID_SW_IF_INDEX;
/* Not a physical port? */
sw = vnet_get_sw_interface (cmp->vnet_main, sw_if_index);
if (sw->type != VNET_SW_INTERFACE_TYPE_HARDWARE)
return VNET_API_ERROR_INVALID_SW_IF_INDEX;
vnet_feature_enable_disable ("ip6-unicast", "ct6-out2in",
sw_if_index, enable_disable, 0, 0);
return rv;
}
static clib_error_t *
set_ct6_enable_disable_command_fn (vlib_main_t * vm,
unformat_input_t * input,
vlib_cli_command_t * cmd)
{
ct6_main_t *cmp = &ct6_main;
u32 sw_if_index = ~0;
int enable_disable = 1;
u32 inside = ~0;
int rv;
while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
{
if (unformat (input, "disable"))
enable_disable = 0;
else if (unformat (input, "%U", unformat_vnet_sw_interface,
cmp->vnet_main, &sw_if_index))
;
else if (unformat (input, "inside") || unformat (input, "in"))
inside = 1;
else if (unformat (input, "outside") || unformat (input, "out"))
inside = 0;
else
break;
}
if (inside == ~0)
return clib_error_return (0, "Please specify inside or outside");
if (sw_if_index == ~0)
return clib_error_return (0, "Please specify an interface...");
if (inside == 1)
rv = ct6_in2out_enable_disable (cmp, sw_if_index, enable_disable);
else
rv = ct6_out2in_enable_disable (cmp, sw_if_index, enable_disable);
switch (rv)
{
case 0:
break;
case VNET_API_ERROR_INVALID_SW_IF_INDEX:
return clib_error_return
(0, "Invalid interface, only works on physical ports");
break;
default:
return clib_error_return (0, "ct6_enable_disable returned %d", rv);
}
return 0;
}
/* *INDENT-OFF* */
VLIB_CLI_COMMAND (set_ct6_command, static) =
{
.path = "set ct6",
.short_help =
"set ct6 [inside|outside] <interface-name> [disable]",
.function = set_ct6_enable_disable_command_fn,
};
/* *INDENT-ON* */
/* API message handler */
static void vl_api_ct6_enable_disable_t_handler
(vl_api_ct6_enable_disable_t * mp)
{
vl_api_ct6_enable_disable_reply_t *rmp;
ct6_main_t *cmp = &ct6_main;
int rv;
VALIDATE_SW_IF_INDEX (mp);
if (mp->is_inside)
rv = ct6_in2out_enable_disable (cmp, ntohl (mp->sw_if_index),
(int) (mp->enable_disable));
else
rv = ct6_out2in_enable_disable (cmp, ntohl (mp->sw_if_index),
(int) (mp->enable_disable));
BAD_SW_IF_INDEX_LABEL;
REPLY_MACRO (VL_API_CT6_ENABLE_DISABLE_REPLY);
}
#include <ct6/ct6.api.c>
static clib_error_t *
ct6_init (vlib_main_t * vm)
{
ct6_main_t *cmp = &ct6_main;
clib_error_t *error = 0;
cmp->vlib_main = vm;
cmp->vnet_main = vnet_get_main ();
/* Ask for a correctly-sized block of API message decode slots */
cmp->msg_id_base = setup_message_id_table ();
/*
* Set default parameters...
* 256K sessions
* 64K buckets
* 2 minute inactivity timer
* 10000 concurrent sessions
*/
cmp->session_hash_memory = 16ULL << 20;
cmp->session_hash_buckets = 64 << 10;
cmp->session_timeout_interval = 120.0;
cmp->max_sessions_per_worker = 10000;
/* ... so the packet generator can feed the in2out node ... */
ethernet_setup_node (vm, ct6_in2out_node.index);
return error;
}
VLIB_INIT_FUNCTION (ct6_init);
/* *INDENT-OFF* */
VNET_FEATURE_INIT (ct6out2in, static) =
{
.arc_name = "ip6-unicast",
.node_name = "ct6-out2in",
.runs_before = VNET_FEATURES ("ip6-lookup"),
};
/* *INDENT-ON */
/* *INDENT-OFF* */
VNET_FEATURE_INIT (ct6in2out, static) =
{
.arc_name = "interface-output",
.node_name = "ct6-in2out",
.runs_before = VNET_FEATURES ("interface-tx"),
};
/* *INDENT-ON */
/* *INDENT-OFF* */
VLIB_PLUGIN_REGISTER () =
{
.version = VPP_BUILD_VER,
.description = "IPv6 Connection Tracker",
};
/* *INDENT-ON* */
u8 *
format_ct6_session (u8 * s, va_list * args)
{
ct6_main_t *cmp = va_arg (*args, ct6_main_t *);
int i = va_arg (*args, int);
ct6_session_t *s0 = va_arg (*args, ct6_session_t *);
int verbose = va_arg (*args, int);
clib_bihash_kv_48_8_t kvp0;
if (s0 == 0)
{
s = format (s, "\n%6s%6s%40s%6s%40s%6s",
"Sess", "Prot", "Src", "Sport", "Dst", "Dport");
return s;
}
s = format (s, "\n%6d%6d%40U%6u%40U%6u",
s0 - cmp->sessions[i], s0->key.proto,
format_ip6_address, &s0->key.src,
clib_net_to_host_u16 (s0->key.sport),
format_ip6_address, &s0->key.dst,
clib_net_to_host_u16 (s0->key.dport));
clib_memcpy_fast (&kvp0, s0, sizeof (ct6_session_key_t));
if (clib_bihash_search_48_8 (&cmp->session_hash, &kvp0, &kvp0) < 0)
{
s = format (s, " LOOKUP FAIL!");
}
else
{
if (kvp0.value == s0 - cmp->sessions[s0->thread_index])
{
s = format (s, " OK");
if (verbose > 1)
{
s = format (s, " next %d prev %d", s0->next_index,
s0->prev_index);
s = format (s, " hits %d expires %.2f", s0->hits, s0->expires);
}
}
else
s = format (s, " BOGUS LOOKUP RESULT!");
}
return s;
}
static clib_error_t *
show_ct6_command_fn_command_fn (vlib_main_t * vm,
unformat_input_t * input,
vlib_cli_command_t * cmd)
{
ct6_main_t *cmp = &ct6_main;
ct6_session_t *s0;
int verbose = 0;
u8 *s = 0;
int i;
if (!cmp->feature_initialized)
return clib_error_return (0, "ip6 connection tracking not enabled...");
if (unformat (input, "verbose %d", &verbose))
;
else if (unformat (input, "verbose"))
verbose = 1;
for (i = 0; i < vec_len (cmp->sessions); i++)
{
s = format (s, "Thread %d: %d sessions\n", i,
pool_elts (cmp->sessions[i]));
if (verbose == 0)
continue;
s =
format (s, "%U", format_ct6_session, cmp,
0 /* pool */ , 0 /* header */ , verbose);
/* *INDENT-OFF* */
pool_foreach (s0, cmp->sessions[i],
({
s = format (s, "%U", format_ct6_session, cmp, i, s0, verbose);
}));
/* *INDENT-ON* */
}
vlib_cli_output (cmp->vlib_main, "%v", s);
vec_free (s);
return 0;
}
/* *INDENT-OFF* */
VLIB_CLI_COMMAND (show_ct6_command_fn_command, static) =
{
.path = "show ip6 connection-tracker",
.short_help = "show ip6 connection-tracker",
.function = show_ct6_command_fn_command_fn,
};
/* *INDENT-ON* */
static void
increment_v6_address (ip6_address_t * a)
{
u64 v0, v1;
v0 = clib_net_to_host_u64 (a->as_u64[0]);
v1 = clib_net_to_host_u64 (a->as_u64[1]);
v1 += 1;
if (v1 == 0)
v0 += 1;
a->as_u64[0] = clib_net_to_host_u64 (v0);
a->as_u64[1] = clib_net_to_host_u64 (v1);
}
static clib_error_t *
test_ct6_command_fn_command_fn (vlib_main_t * vm,
unformat_input_t * input,
vlib_cli_command_t * cmd)
{
ct6_main_t *cmp = &ct6_main;
clib_bihash_kv_48_8_t kvp0;
ct6_session_key_t *key0;
ct6_session_t *s0;
u8 src[16], dst[16];
u32 recycled = 0, created = 0;
int i, num_sessions = 5;
u32 midpt_index;
u8 *s = 0;
cmp->max_sessions_per_worker = 4;
while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
{
if (unformat (input, "num-sessions %d", &num_sessions))
;
else
if (unformat
(input, "max-sessions %d", &cmp->max_sessions_per_worker))
;
else
break;
}
ct6_feature_init (cmp);
/* Set up starting src/dst addresses */
memset (src, 0, sizeof (src));
memset (dst, 0, sizeof (dst));
src[0] = 0xdb;
dst[0] = 0xbe;
src[15] = 1;
dst[15] = 1;
/*
* See if we know about this flow.
* Key set up for the out2in path, the performant case
*/
key0 = (ct6_session_key_t *) & kvp0;
memset (&kvp0, 0, sizeof (kvp0));
for (i = 0; i < num_sessions; i++)
{
clib_memcpy_fast (&key0->src, src, sizeof (src));
clib_memcpy_fast (&key0->dst, dst, sizeof (dst));
key0->as_u64[4] = 0;
key0->as_u64[5] = 0;
key0->sport = clib_host_to_net_u16 (1234);
key0->dport = clib_host_to_net_u16 (4321);
key0->proto = 17; /* udp, fwiw */
s0 = ct6_create_or_recycle_session
(cmp, &kvp0, 3.0 /* now */ , 0 /* thread index */ ,
&recycled, &created);
s = format (s, "%U (%d, %d)", format_ct6_session, cmp,
0 /* thread index */ , s0, 1 /* verbose */ ,
recycled, created);
vlib_cli_output (vm, "%v", s);
vec_free (s);
increment_v6_address ((ip6_address_t *) src);
recycled = 0;
created = 0;
}
/* *INDENT-OFF* */
pool_foreach (s0, cmp->sessions[0],
({
s = format (s, "%U", format_ct6_session, cmp, 0, s0, 1 /* verbose */);
}));
/* *INDENT-ON* */
vlib_cli_output (vm, "\nEnd state: first index %d last index %d\n%v",
cmp->first_index[0], cmp->last_index[0], s);
vec_free (s);
midpt_index = cmp->max_sessions_per_worker / 3;
s0 = pool_elt_at_index (cmp->sessions[0], midpt_index);
vlib_cli_output (vm, "\nSimulate LRU hit on session %d",
s0 - cmp->sessions[0]);
ct6_update_session_hit (cmp, s0, 234.0);
/* *INDENT-OFF* */
pool_foreach (s0, cmp->sessions[0],
({
s = format (s, "%U", format_ct6_session, cmp, 0, s0, 1 /* verbose */);
}));
/* *INDENT-ON* */
vlib_cli_output (vm, "\nEnd state: first index %d last index %d\n%v",
cmp->first_index[0], cmp->last_index[0], s);
vec_free (s);
return 0;
}
/* *INDENT-OFF* */
VLIB_CLI_COMMAND (test_ct6_command_fn_command, static) =
{
.path = "test ip6 connection-tracker",
.short_help = "test ip6 connection-tracker",
.function = test_ct6_command_fn_command_fn,
};
/* *INDENT-ON* */
static clib_error_t *
ct6_config (vlib_main_t * vm, unformat_input_t * input)
{
ct6_main_t *cmp = &ct6_main;
while (unformat_check_input (input) != UNFORMAT_END_OF_INPUT)
{
if (unformat (input, "session-hash-buckets %u",
&cmp->session_hash_buckets))
;
else if (unformat (input, "session-hash-memory %U",
unformat_memory_size, &cmp->session_hash_memory))
;
else if (unformat (input, "session-timeout %f",
&cmp->session_timeout_interval))
;
else
{
return clib_error_return (0, "unknown input '%U'",
format_unformat_error, input);
}
}
return 0;
}
VLIB_CONFIG_FUNCTION (ct6_config, "ct6");
/*
* fd.io coding-style-patch-verification: ON
*
* Local Variables:
* eval: (c-set-style "gnu")
* End:
*/