ip: reassembly - increasing the nbuckets for reass
Type: fix Adding stats from debugging point of view Signed-off-by: Vijayabhaskar Katamreddy <vkatamre@cisco.com> Change-Id: I3118d3fd5d630fad80a42ab960e30459789123cf
This commit is contained in:
Vijayabhaskar Katamreddy
committed by
Ole Tr�an
Ole Tr�an
parent
01e593e8e5
commit
14a7442e73
@@ -40,53 +40,58 @@
|
||||
#ifndef included_ip_ip4_error_h
|
||||
#define included_ip_ip4_error_h
|
||||
|
||||
#define foreach_ip4_error \
|
||||
/* Must be first. */ \
|
||||
_ (NONE, "valid ip4 packets") \
|
||||
\
|
||||
/* Errors signalled by ip4-input */ \
|
||||
_ (TOO_SHORT, "ip4 length < 20 bytes") \
|
||||
_ (BAD_LENGTH, "ip4 length > l2 length") \
|
||||
_ (BAD_CHECKSUM, "bad ip4 checksum") \
|
||||
_ (VERSION, "ip4 version != 4") \
|
||||
_ (OPTIONS, "ip4 options present") \
|
||||
_ (FRAGMENT_OFFSET_ONE, "ip4 fragment offset == 1") \
|
||||
_ (TIME_EXPIRED, "ip4 ttl <= 1") \
|
||||
\
|
||||
/* Errors signalled by ip4-rewrite. */ \
|
||||
_ (MTU_EXCEEDED, "ip4 MTU exceeded and DF set") \
|
||||
_ (DST_LOOKUP_MISS, "ip4 destination lookup miss") \
|
||||
_ (SRC_LOOKUP_MISS, "ip4 source lookup miss") \
|
||||
_ (DROP, "ip4 drop") \
|
||||
_ (PUNT, "ip4 punt") \
|
||||
_ (SAME_INTERFACE, "ip4 egress interface same as ingress") \
|
||||
\
|
||||
/* Errors signalled by ip4-local. */ \
|
||||
_ (UNKNOWN_PROTOCOL, "unknown ip protocol") \
|
||||
_ (TCP_CHECKSUM, "bad tcp checksum") \
|
||||
_ (UDP_CHECKSUM, "bad udp checksum") \
|
||||
_ (UDP_LENGTH, "inconsistent udp/ip lengths") \
|
||||
\
|
||||
/* Spoofed packets in ip4-rewrite-local */ \
|
||||
_ (SPOOFED_LOCAL_PACKETS, "ip4 spoofed local-address packet drops") \
|
||||
\
|
||||
/* Errors signalled by ip4-inacl */ \
|
||||
_ (INACL_TABLE_MISS, "input ACL table-miss drops") \
|
||||
_ (INACL_SESSION_DENY, "input ACL session deny drops") \
|
||||
/* Errors singalled by ip4-outacl */ \
|
||||
_ (OUTACL_TABLE_MISS, "output ACL table-miss drops") \
|
||||
_ (OUTACL_SESSION_DENY, "output ACL session deny drops") \
|
||||
\
|
||||
/* Errors from mfib-forward */ \
|
||||
_ (RPF_FAILURE, "Multicast RPF check failed") \
|
||||
\
|
||||
/* Errors signalled by ip4-reassembly */ \
|
||||
_ (REASS_DUPLICATE_FRAGMENT, "duplicate/overlapping fragments") \
|
||||
_ (REASS_LIMIT_REACHED, "drops due to concurrent reassemblies limit") \
|
||||
_ (REASS_FRAGMENT_CHAIN_TOO_LONG, "fragment chain too long (drop)") \
|
||||
_ (REASS_NO_BUF, "out of buffers (drop)") \
|
||||
_ (REASS_MALFORMED_PACKET, "malformed packets") \
|
||||
_ (REASS_INTERNAL_ERROR, "drops due to internal reassembly error") \
|
||||
#define foreach_ip4_error \
|
||||
/* Must be first. */ \
|
||||
_ (NONE, "valid ip4 packets") \
|
||||
\
|
||||
/* Errors signalled by ip4-input */ \
|
||||
_ (TOO_SHORT, "ip4 length < 20 bytes") \
|
||||
_ (BAD_LENGTH, "ip4 length > l2 length") \
|
||||
_ (BAD_CHECKSUM, "bad ip4 checksum") \
|
||||
_ (VERSION, "ip4 version != 4") \
|
||||
_ (OPTIONS, "ip4 options present") \
|
||||
_ (FRAGMENT_OFFSET_ONE, "ip4 fragment offset == 1") \
|
||||
_ (TIME_EXPIRED, "ip4 ttl <= 1") \
|
||||
\
|
||||
/* Errors signalled by ip4-rewrite. */ \
|
||||
_ (MTU_EXCEEDED, "ip4 MTU exceeded and DF set") \
|
||||
_ (DST_LOOKUP_MISS, "ip4 destination lookup miss") \
|
||||
_ (SRC_LOOKUP_MISS, "ip4 source lookup miss") \
|
||||
_ (DROP, "ip4 drop") \
|
||||
_ (PUNT, "ip4 punt") \
|
||||
_ (SAME_INTERFACE, "ip4 egress interface same as ingress") \
|
||||
\
|
||||
/* Errors signalled by ip4-local. */ \
|
||||
_ (UNKNOWN_PROTOCOL, "unknown ip protocol") \
|
||||
_ (TCP_CHECKSUM, "bad tcp checksum") \
|
||||
_ (UDP_CHECKSUM, "bad udp checksum") \
|
||||
_ (UDP_LENGTH, "inconsistent udp/ip lengths") \
|
||||
\
|
||||
/* Spoofed packets in ip4-rewrite-local */ \
|
||||
_ (SPOOFED_LOCAL_PACKETS, "ip4 spoofed local-address packet drops") \
|
||||
\
|
||||
/* Errors signalled by ip4-inacl */ \
|
||||
_ (INACL_TABLE_MISS, "input ACL table-miss drops") \
|
||||
_ (INACL_SESSION_DENY, "input ACL session deny drops") \
|
||||
/* Errors singalled by ip4-outacl */ \
|
||||
_ (OUTACL_TABLE_MISS, "output ACL table-miss drops") \
|
||||
_ (OUTACL_SESSION_DENY, "output ACL session deny drops") \
|
||||
\
|
||||
/* Errors from mfib-forward */ \
|
||||
_ (RPF_FAILURE, "Multicast RPF check failed") \
|
||||
\
|
||||
/* Errors signalled by ip4-reassembly */ \
|
||||
_ (REASS_DUPLICATE_FRAGMENT, "duplicate/overlapping fragments") \
|
||||
_ (REASS_LIMIT_REACHED, "drops due to concurrent reassemblies limit") \
|
||||
_ (REASS_FRAGMENT_CHAIN_TOO_LONG, "fragment chain too long (drop)") \
|
||||
_ (REASS_NO_BUF, "out of buffers (drop)") \
|
||||
_ (REASS_MALFORMED_PACKET, "malformed packets") \
|
||||
_ (REASS_INTERNAL_ERROR, "drops due to internal reassembly error") \
|
||||
_ (REASS_TIMEOUT, "fragments dropped due to reassembly timeout") \
|
||||
_ (REASS_TO_CUSTOM_APP, "send to custom drop app") \
|
||||
_ (REASS_SUCCESS, "successful reassemblies") \
|
||||
_ (REASS_FRAGMENTS_REASSEMBLED, "fragments reassembled") \
|
||||
_ (REASS_FRAGMENTS_RCVD, "fragments received") \
|
||||
_ (REASS_UNSUPP_IP_PROT, "unsupported ip protocol")
|
||||
|
||||
typedef enum
|
||||
|
||||
@@ -453,6 +453,11 @@ ip4_full_reass_drop_all (vlib_main_t *vm, vlib_node_runtime_t *node,
|
||||
next_index = reass->error_next_index;
|
||||
u32 bi = ~0;
|
||||
|
||||
/* record number of packets sent to custom app */
|
||||
vlib_node_increment_counter (vm, node->node_index,
|
||||
IP4_ERROR_REASS_TO_CUSTOM_APP,
|
||||
vec_len (to_free));
|
||||
|
||||
while (vec_len (to_free) > 0)
|
||||
{
|
||||
vlib_get_next_frame (vm, node, next_index, *to_next,
|
||||
@@ -579,6 +584,8 @@ again:
|
||||
|
||||
if (now > reass->last_heard + rm->timeout)
|
||||
{
|
||||
vlib_node_increment_counter (vm, node->node_index,
|
||||
IP4_ERROR_REASS_TIMEOUT, 1);
|
||||
ip4_full_reass_drop_all (vm, node, reass, n_left_to_next, to_next);
|
||||
ip4_full_reass_free (rm, rt, reass);
|
||||
reass = NULL;
|
||||
@@ -825,6 +832,15 @@ ip4_full_reass_finalize (vlib_main_t * vm, vlib_node_runtime_t * node,
|
||||
}
|
||||
vnet_buffer (first_b)->ip.reass.estimated_mtu = reass->min_fragment_length;
|
||||
|
||||
/* Keep track of number of successfully reassembled packets and number of
|
||||
* fragments reassembled */
|
||||
vlib_node_increment_counter (vm, node->node_index, IP4_ERROR_REASS_SUCCESS,
|
||||
1);
|
||||
|
||||
vlib_node_increment_counter (vm, node->node_index,
|
||||
IP4_ERROR_REASS_FRAGMENTS_REASSEMBLED,
|
||||
reass->fragments_n);
|
||||
|
||||
*error0 = IP4_ERROR_NONE;
|
||||
ip4_full_reass_free (rm, rt, reass);
|
||||
reass = NULL;
|
||||
@@ -1214,6 +1230,10 @@ ip4_full_reass_inline (vlib_main_t *vm, vlib_node_runtime_t *node,
|
||||
clib_net_to_host_u16 (ip0->length) - ip4_header_bytes (ip0);
|
||||
const u32 fragment_last = fragment_first + fragment_length - 1;
|
||||
|
||||
/* Keep track of received fragments */
|
||||
vlib_node_increment_counter (vm, node->node_index,
|
||||
IP4_ERROR_REASS_FRAGMENTS_RCVD, 1);
|
||||
|
||||
if (fragment_first > fragment_last ||
|
||||
fragment_first + fragment_length > UINT16_MAX - 20 ||
|
||||
(fragment_length < 8 && // 8 is minimum frag length per RFC 791
|
||||
@@ -1335,6 +1355,14 @@ ip4_full_reass_inline (vlib_main_t *vm, vlib_node_runtime_t *node,
|
||||
vnet_feature_next (&next0, b0);
|
||||
}
|
||||
|
||||
/* Increment the counter to-custom-app also as this fragment is
|
||||
* also going to application */
|
||||
if (CUSTOM == type)
|
||||
{
|
||||
vlib_node_increment_counter (
|
||||
vm, node->node_index, IP4_ERROR_REASS_TO_CUSTOM_APP, 1);
|
||||
}
|
||||
|
||||
vlib_validate_buffer_enqueue_x1 (vm, node, next_index,
|
||||
to_next, n_left_to_next,
|
||||
bi0, next0);
|
||||
@@ -1680,6 +1708,10 @@ ip4_full_reass_walk_expired (vlib_main_t *vm, vlib_node_runtime_t *node,
|
||||
}
|
||||
}
|
||||
|
||||
if (vec_len (pool_indexes_to_free))
|
||||
vlib_node_increment_counter (vm, node->node_index,
|
||||
IP4_ERROR_REASS_TIMEOUT,
|
||||
vec_len (pool_indexes_to_free));
|
||||
int *i;
|
||||
vec_foreach (i, pool_indexes_to_free)
|
||||
{
|
||||
|
||||
Reference in New Issue
Block a user