Gitiles
Code Review Sign In
gerrit.nordix.org / fdio / vpp / 878c646aea9b9ccf68011ffd964694c43bbe5fdd / . / src / vnet / ip / ip_neighbor.c
blob: 80437655f9252fbc0f6c10920c2bf17916e803c0 [file] [log] [blame]
John Lo7f358b32018-04-28 01:19:24 -0400[diff] [blame]1/*
2 * src/vnet/ip/ip_neighboor.c: ip neighbor generic handling
3 *
4 * Copyright (c) 2018 Cisco and/or its affiliates.
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 */
17
18#include <vnet/vnet.h>
19#include <vnet/ip/ip.h>
20#include <vnet/ip/ip6_neighbor.h>
21#include <vnet/ip/ip_neighbor.h>
Neale Ranns0053de62018-05-22 08:40:52 -0700[diff] [blame]22#include <vnet/ethernet/arp.h>
John Lo7f358b32018-04-28 01:19:24 -0400[diff] [blame]23
24/*
25 * IP neighbor scan parameter defaults are as follows:
26 * - Scan interval : 60 sec
27 * - Max processing allowed per run : 20 usec
28 * - Max probe/delete operations per run : 10
29 * - Scan interrupt delay to resume scan : 1 msec
30 * - Neighbor stale threashold : 4 x scan-interval
31 */
32#define IP_NEIGHBOR_DEF_SCAN_INTERVAL (60.0)
33#define IP_NEIGHBOR_DEF_MAX_PROC_TIME (20e-6)
34#define IP_NEIGHBOR_DEF_SCAN_INT_DELAY (1e-3)
35#define IP_NEIGHBOR_DEF_STALE (4*IP_NEIGHBOR_DEF_SCAN_INTERVAL)
36#define IP_NEIGHBOR_DEF_MAX_UPDATE 10
37
38typedef struct
39{
40 f64 scan_interval; /* Periodic scan interval */
41 f64 max_proc_time; /* Max processing time allowed per run */
42 f64 scan_int_delay; /* Scan interrupt delay to resume scan */
43 f64 stale_threshold; /* IP neighbor stale threshod */
44 u8 max_update; /* Max probe/delete actions allowed per run */
45 u8 mode; /* IP neighbor scan mode */
46} ip_neighbor_scan_config_t;
47
48static ip_neighbor_scan_config_t ip_neighbor_scan_conf;
49
50void
51ip_neighbor_scan_enable_disable (ip_neighbor_scan_arg_t * arg)
52{
53 ip_neighbor_scan_config_t *cfg = &ip_neighbor_scan_conf;
54
55 cfg->mode = arg->mode;
56
57 if (arg->mode)
58 {
59 cfg->scan_interval = arg->scan_interval ?
John Lo3c22aff2018-06-07 12:00:43 -0400[diff] [blame]60 arg->scan_interval * 60.0 : IP_NEIGHBOR_DEF_SCAN_INTERVAL;
John Lo7f358b32018-04-28 01:19:24 -0400[diff] [blame]61 cfg->max_proc_time = arg->max_proc_time ?
62 arg->max_proc_time * 1e-6 : IP_NEIGHBOR_DEF_MAX_PROC_TIME;
63 cfg->scan_int_delay = arg->scan_int_delay ?
64 arg->scan_int_delay * 1e-3 : IP_NEIGHBOR_DEF_SCAN_INT_DELAY;
65 cfg->stale_threshold = arg->stale_threshold ?
John Lo3c22aff2018-06-07 12:00:43 -0400[diff] [blame]66 arg->stale_threshold * 60.0 : cfg->scan_interval * 4;
John Lo7f358b32018-04-28 01:19:24 -0400[diff] [blame]67 cfg->max_update = arg->max_update ?
68 cfg->max_update : IP_NEIGHBOR_DEF_MAX_UPDATE;
69 }
70 else
71 cfg->scan_interval = IP_NEIGHBOR_DEF_SCAN_INTERVAL;
72}
73
74static_always_inline u32
75ip_neighbor_scan (vlib_main_t * vm, f64 start_time, u32 start_idx,
76 u8 is_ip6, u8 delete_stale, u8 * update_count)
77{
78 vnet_main_t *vnm = vnet_get_main ();
79 ip_neighbor_scan_config_t *cfg = &ip_neighbor_scan_conf;
80 ethernet_arp_ip4_entry_t *np4 = ip4_neighbors_pool ();
81 ip6_neighbor_t *np6 = ip6_neighbors_pool ();
82 ethernet_arp_ip4_entry_t *n4;
83 ip6_neighbor_t *n6;
84 u32 curr_idx = start_idx;
85 u32 loop_count = 0;
86 f64 delta, update_time;
87
88 if (!is_ip6)
89 {
90 if (pool_is_free_index (np4, start_idx))
91 curr_idx = pool_next_index (np4, start_idx);
92 }
93 else
94 {
95 if (pool_is_free_index (np6, start_idx))
96 curr_idx = pool_next_index (np6, start_idx);
97 }
98
99 while (curr_idx != ~0)
100 {
101 /* allow no more than 10 neighbor updates or 20 usec of scan */
102 if ((update_count[0] >= cfg->max_update) ||
103 (((loop_count % 100) == 0) &&
104 ((vlib_time_now (vm) - start_time) > cfg->max_proc_time)))
105 break;
106
107 if (!is_ip6)
108 {
109 n4 = pool_elt_at_index (np4, curr_idx);
110 if (n4->flags & ETHERNET_ARP_IP4_ENTRY_FLAG_STATIC)
111 goto next_neighbor;
112 update_time = n4->time_last_updated;
113 }
114 else
115 {
116 n6 = pool_elt_at_index (np6, curr_idx);
117 if (n6->flags & IP6_NEIGHBOR_FLAG_STATIC)
118 goto next_neighbor;
119 update_time = n6->time_last_updated;
120 }
121
122 delta = start_time - update_time;
123 if (delete_stale && (delta >= cfg->stale_threshold))
124 {
125 update_count[0]++;
126 /* delete stale neighbor */
127 if (!is_ip6)
128 {
129 ethernet_arp_ip4_over_ethernet_address_t delme;
130 clib_memcpy (&delme.ethernet, n4->ethernet_address, 6);
131 delme.ip4.as_u32 = n4->ip4_address.as_u32;
132 vnet_arp_unset_ip4_over_ethernet (vnm, n4->sw_if_index, &delme);
133 }
134 else
135 {
136 vnet_unset_ip6_ethernet_neighbor
137 (vm, n6->key.sw_if_index, &n6->key.ip6_address,
138 n6->link_layer_address, 6);
139 }
140 }
141 else if (delta >= cfg->scan_interval)
142 {
143 update_count[0]++;
144 /* probe neighbor */
145 if (!is_ip6)
John Lo86376342018-06-11 20:14:49 -0400[diff] [blame]146 ip4_probe_neighbor (vm, &n4->ip4_address, n4->sw_if_index, 1);
John Lo7f358b32018-04-28 01:19:24 -0400[diff] [blame]147 else
148 ip6_probe_neighbor (vm, &n6->key.ip6_address,
John Lo86376342018-06-11 20:14:49 -0400[diff] [blame]149 n6->key.sw_if_index, 1);
John Lo7f358b32018-04-28 01:19:24 -0400[diff] [blame]150 }
151
152 next_neighbor:
153 loop_count++;
154
155 if (!is_ip6)
156 curr_idx = pool_next_index (np4, curr_idx);
157 else
158 curr_idx = pool_next_index (np6, curr_idx);
159 }
160
161 return curr_idx;
162}
163
164static uword
165neighbor_scan_process (vlib_main_t * vm,
166 vlib_node_runtime_t * rt, vlib_frame_t * f)
167{
168 ip_neighbor_scan_config_t *cfg = &ip_neighbor_scan_conf;
169 f64 timeout = IP_NEIGHBOR_DEF_SCAN_INTERVAL;
170 f64 start, next_scan = CLIB_TIME_MAX;
171 u32 ip4_nidx = 0; /* ip4 neighbor pool index */
172 u32 ip6_nidx = 0; /* ip6 neighbor pool index */
173 uword *event_data = 0;
174 u8 purge4 = 0, purge6 = 0; /* flags to purge stale entry during scan */
175 u8 update;
176
177 cfg->mode = IP_SCAN_DISABLED;
178 cfg->scan_interval = IP_NEIGHBOR_DEF_SCAN_INTERVAL;
179 cfg->scan_int_delay = IP_NEIGHBOR_DEF_SCAN_INTERVAL;
180
181 while (1)
182 {
183 vlib_process_wait_for_event_or_clock (vm, timeout);
184 vlib_process_get_events (vm, &event_data);
185 vec_reset_length (event_data);
186
187 start = vlib_time_now (vm);
188 update = 0;
189
190 if ((ip4_nidx == 0) && (ip6_nidx == 0)) /* starting a fresh scan */
191 next_scan = start + cfg->scan_interval;
192
193 if ((cfg->mode & IP_SCAN_V4_NEIGHBORS) == 0)
194 ip4_nidx = ~0; /* disable ip4 neighbor scan */
195
196 if ((cfg->mode & IP_SCAN_V6_NEIGHBORS) == 0)
197 ip6_nidx = ~0; /* disable ip6 neighbor scan */
198
199 if (ip4_nidx != ~0) /* scan ip4 neighbors */
200 ip4_nidx = ip_neighbor_scan (vm, start, ip4_nidx, /* ip4 */ 0,
201 purge4, &update);
202
203 if (ip6_nidx != ~0) /* scan ip6 neighbors */
204 ip6_nidx = ip_neighbor_scan (vm, start, ip6_nidx, /* ip6 */ 1,
205 purge6, &update);
206
207 if ((ip4_nidx == ~0) && (ip6_nidx == ~0))
208 { /* scan complete */
209 timeout = next_scan - vlib_time_now (vm);
210 ip4_nidx = ip6_nidx = 0;
211 purge4 = cfg->mode & IP_SCAN_V4_NEIGHBORS;
212 purge6 = cfg->mode & IP_SCAN_V6_NEIGHBORS;
213 }
214 else /* scan incomplete */
215 timeout = cfg->scan_int_delay;
216
217 if (timeout > cfg->scan_interval)
218 timeout = cfg->scan_interval;
219 else if (timeout < cfg->scan_int_delay)
220 timeout = cfg->scan_int_delay;
221
222 }
223 return 0;
224}
225
226/* *INDENT-OFF* */
227VLIB_REGISTER_NODE (neighbor_scan_process_node,static) = {
228 .function = neighbor_scan_process,
229 .type = VLIB_NODE_TYPE_PROCESS,
230 .name = "ip-neighbor-scan-process",
231};
232/* *INDENT-ON* */
233
234static clib_error_t *
235ip_neighbor_scan_cli (vlib_main_t * vm, unformat_input_t * input,
236 vlib_cli_command_t * cmd)
237{
238 unformat_input_t _line_input, *line_input = &_line_input;
239 clib_error_t *error = 0;
240 u32 interval = 0, time = 0, update = 0, delay = 0, stale = 0;
241 ip_neighbor_scan_arg_t arg;
242
243 memset (&arg, 0, sizeof (arg));
244 arg.mode = IP_SCAN_V46_NEIGHBORS;
245
246 /* Get a line of input. */
247 if (!unformat_user (input, unformat_line_input, line_input))
248 {
249 ip_neighbor_scan_enable_disable (&arg);
250 return error;
251 }
252
253 while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
254 {
255 if (unformat (line_input, "ip4"))
256 arg.mode = IP_SCAN_V4_NEIGHBORS;
257
258 else if (unformat (line_input, "ip6"))
259 arg.mode = IP_SCAN_V6_NEIGHBORS;
260
261 else if (unformat (line_input, "both"))
262 arg.mode = IP_SCAN_V46_NEIGHBORS;
263
264 else if (unformat (line_input, "disable"))
265 arg.mode = IP_SCAN_DISABLED;
266
267 else if (unformat (line_input, "interval %d", &interval))
268 arg.scan_interval = interval;
269
270 else if (unformat (line_input, "max-time %d", &time))
271 arg.max_proc_time = time;
272
273 else if (unformat (line_input, "max-update %d", &update))
274 arg.max_update = update;
275
276 else if (unformat (line_input, "delay %d", &delay))
277 arg.scan_int_delay = delay;
278
279 else if (unformat (line_input, "stale %d", &stale))
280 arg.stale_threshold = stale;
281
282 else
283 {
284 error = clib_error_return (0, "unknown input '%U'",
285 format_unformat_error, line_input);
286 goto done;
287 }
288 }
289
290 if (interval > 255)
291 {
292 error = clib_error_return (0, "interval cannot exceed 255 minutes.");
293 goto done;
294 }
295 if (time > 255)
296 {
297 error = clib_error_return (0, "max-time cannot exceed 255 usec.");
298 goto done;
299 }
300 if (update > 255)
301 {
302 error = clib_error_return (0, "max-update cannot exceed 255.");
303 goto done;
304 }
305 if (delay > 255)
306 {
307 error = clib_error_return (0, "delay cannot exceed 255 msec.");
308 goto done;
309 }
310 if (stale > 255)
311 {
312 error = clib_error_return (0, "stale cannot exceed 255 minutes.");
313 goto done;
314 }
315
316 ip_neighbor_scan_enable_disable (&arg);
317
318done:
319 unformat_free (line_input);
320
321 return error;
322}
323
324/*?
325 * The '<em>ip scan-neighbor</em>' command can be used to enable and disable
326 * periodic IP neighbor scan and change various scan parameneters.
327 *
328 * @note The default parameters used for IP neighbor scan should work fine
329 * under normal conditions. They should not be changed from the default unless
330 * properly tested to work as desied.
331 *
332 * @cliexpar
333 * Example of enabling IP neighbor scan:
334 * @cliexcmd{ip neighbor-scan enable}
335?*/
336/* *INDENT-OFF* */
337VLIB_CLI_COMMAND (ip_scan_neighbor_command, static) = {
338 .path = "ip scan-neighbor",
339 .function = ip_neighbor_scan_cli,
340 .short_help = "ip scan-neighbor [ip4|ip6|both|disable] [interval <n-min>] [max-time <n-usec>] [max-update <n>] [delay <n-msec>] [stale <n-min>]",
341 .is_mp_safe = 1,
342};
343/* *INDENT-ON* */
344
345static u8 *
346format_ip_scan_mode (u8 * s, va_list * args)
347{
348 u8 mode = va_arg (*args, u32);
349 switch (mode)
350 {
351 case IP_SCAN_V4_NEIGHBORS:
352 return format (s, "IPv4");
353 case IP_SCAN_V6_NEIGHBORS:
354 return format (s, "IPv6");
355 case IP_SCAN_V46_NEIGHBORS:
356 return format (s, "IPv4 and IPv6");
357 }
358 return format (s, "unknown");
359}
360
361static clib_error_t *
362show_ip_neighbor_scan (vlib_main_t * vm, unformat_input_t * input,
363 vlib_cli_command_t * cmd)
364{
365 ip_neighbor_scan_config_t *cfg = &ip_neighbor_scan_conf;
366
367 if (cfg->mode == 0)
368 vlib_cli_output (vm,
369 "IP neighbor scan disabled - current time is %.4f sec",
370 vlib_time_now (vm));
371 else
372 vlib_cli_output (vm, "IP neighbor scan enabled for %U neighbors - "
373 "current time is %.4f sec\n "
374 "Full_scan_interval: %f min "
375 "Stale_purge_threshod: %f min\n "
376 "Max_process_time: %f usec Max_updates %d "
377 "Delay_to_resume_after_max_limit: %f msec",
378 format_ip_scan_mode, cfg->mode,
379 vlib_time_now (vm), cfg->scan_interval / 60.0,
380 cfg->stale_threshold / 60.0, cfg->max_proc_time / 1e-6,
381 cfg->max_update, cfg->scan_int_delay / 1e-3);
382 return 0;
383}
384
385/*?
386 * The '<em>show ip scan-neighbor</em>' command can be used to show the current
387 * periodic IP neighbor scan parameters
388 *
389 * @cliexpar
390 * Example of showing IP neighbor scan current parameters:
391 * @cliexcmd{show ip neighbor-scan}
392?*/
393/* *INDENT-OFF* */
394VLIB_CLI_COMMAND (show_ip_scan_neighbor_command, static) = {
395 .path = "show ip scan-neighbor",
396 .function = show_ip_neighbor_scan,
397 .short_help = "show ip scan-neighbor",
398 .is_mp_safe = 1,
399};
400/* *INDENT-ON* */
401
402/*
403 * fd.io coding-style-patch-verification: ON
404 *
405 * Local Variables:
406 * eval: (c-set-style "gnu")
407 * End:
408 */