ligang/vpp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

gre: Tunnel encap/decap flags

Browse Source 
Type: feature

common funcitons across IP-in-IP and GRE tunnels for encap/decap
functions

Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I325b66824878d843af167adfe5a7a96b0ab90566
This commit is contained in:
Neale Ranns
2019-12-31 05:13:14 +00:00
committed by Damjan Marion
parent 9ace36d0f9
commit e5b94dded0
13 changed files with 397 additions and 175 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/vnet/CMakeLists.txt
+1
View File
@@ -762,6 +762,7 @@ list(APPEND VNET_API_FILES
list(APPEND VNET_HEADERS
tunnel/tunnel.h
tunnel/tunnel_dp.h
)
##############################################################################
src/vnet/gre/gre.api
+3
View File
@@ -34,6 +34,8 @@ enum gre_tunnel_type : u8
@param context - sender context, to match reply w/ request
@param tunnel_type - 0: L3, 1: TEB, 2: ERSPAN
@param instance - optional unique custom device instance, else ~0.
@param mode - P2P or P2MP
@param flags - to control encap/decap behaviour
@param src - Source IP address
@param dst - Destination IP address, can be multicast
@param outer_table_id - Encap FIB table ID
@@ -44,6 +46,7 @@ typedef gre_tunnel
{
vl_api_gre_tunnel_type_t type;
vl_api_tunnel_mode_t mode;
vl_api_tunnel_encap_decap_flags_t flags;
u16 session_id;
u32 instance;
u32 outer_table_id;
src/vnet/gre/gre.c
+110 -17
View File
@@ -18,6 +18,7 @@
#include <vnet/vnet.h>
#include <vnet/gre/gre.h>
#include <vnet/adj/adj_midchain.h>
#include <vnet/tunnel/tunnel_dp.h>
extern gre_main_t gre_main;
@@ -274,11 +275,45 @@ gre_build_rewrite (vnet_main_t * vnm,
return (rewrite);
}
#define is_v4_packet(_h) ((*(u8*) _h) & 0xF0) == 0x40
static void
gre44_fixup (vlib_main_t * vm,
const ip_adjacency_t * adj, vlib_buffer_t * b0, const void *data)
{
tunnel_encap_decap_flags_t flags;
ip4_and_gre_header_t *ip0;
ip0 = vlib_buffer_get_current (b0);
flags = pointer_to_uword (data);
/* Fixup the checksum and len fields in the GRE tunnel encap
* that was applied at the midchain node */
ip0->ip4.length =
clib_host_to_net_u16 (vlib_buffer_length_in_chain (vm, b0));
tunnel_encap_fixup_4o4 (flags, (ip4_header_t *) (ip0 + 1), &ip0->ip4);
ip0->ip4.checksum = ip4_header_checksum (&ip0->ip4);
}
static void
gre4_fixup (vlib_main_t * vm,
const ip_adjacency_t * adj, vlib_buffer_t * b0, const void *data)
gre64_fixup (vlib_main_t * vm,
const ip_adjacency_t * adj, vlib_buffer_t * b0, const void *data)
{
tunnel_encap_decap_flags_t flags;
ip4_and_gre_header_t *ip0;
ip0 = vlib_buffer_get_current (b0);
flags = pointer_to_uword (data);
/* Fixup the checksum and len fields in the GRE tunnel encap
* that was applied at the midchain node */
ip0->ip4.length =
clib_host_to_net_u16 (vlib_buffer_length_in_chain (vm, b0));
tunnel_encap_fixup_6o4 (flags, (ip6_header_t *) (ip0 + 1), &ip0->ip4);
ip0->ip4.checksum = ip4_header_checksum (&ip0->ip4);
}
static void
grex4_fixup (vlib_main_t * vm,
const ip_adjacency_t * adj, vlib_buffer_t * b0, const void *data)
{
ip4_header_t *ip0;
@@ -291,8 +326,44 @@ gre4_fixup (vlib_main_t * vm,
}
static void
gre6_fixup (vlib_main_t * vm,
const ip_adjacency_t * adj, vlib_buffer_t * b0, const void *data)
gre46_fixup (vlib_main_t * vm,
const ip_adjacency_t * adj, vlib_buffer_t * b0, const void *data)
{
tunnel_encap_decap_flags_t flags;
ip6_and_gre_header_t *ip0;
ip0 = vlib_buffer_get_current (b0);
flags = pointer_to_uword (data);
/* Fixup the payload length field in the GRE tunnel encap that was applied
* at the midchain node */
ip0->ip6.payload_length =
clib_host_to_net_u16 (vlib_buffer_length_in_chain (vm, b0) -
sizeof (*ip0));
tunnel_encap_fixup_4o6 (flags, (ip4_header_t *) (ip0 + 1), &ip0->ip6);
}
static void
gre66_fixup (vlib_main_t * vm,
const ip_adjacency_t * adj, vlib_buffer_t * b0, const void *data)
{
tunnel_encap_decap_flags_t flags;
ip6_and_gre_header_t *ip0;
ip0 = vlib_buffer_get_current (b0);
flags = pointer_to_uword (data);
/* Fixup the payload length field in the GRE tunnel encap that was applied
* at the midchain node */
ip0->ip6.payload_length =
clib_host_to_net_u16 (vlib_buffer_length_in_chain (vm, b0) -
sizeof (*ip0));
tunnel_encap_fixup_6o6 (flags, (ip6_header_t *) (ip0 + 1), &ip0->ip6);
}
static void
grex6_fixup (vlib_main_t * vm,
const ip_adjacency_t * adj, vlib_buffer_t * b0, const void *data)
{
ip6_header_t *ip0;
@@ -305,25 +376,49 @@ gre6_fixup (vlib_main_t * vm,
sizeof (*ip0));
}
/**
* return the appropriate fixup function given the overlay (link-type) and
* underlay (fproto) combination
*/
static adj_midchain_fixup_t
gre_get_fixup (fib_protocol_t fproto, vnet_link_t lt)
{
if (fproto == FIB_PROTOCOL_IP6 && lt == VNET_LINK_IP6)
return (gre66_fixup);
if (fproto == FIB_PROTOCOL_IP6 && lt == VNET_LINK_IP4)
return (gre46_fixup);
if (fproto == FIB_PROTOCOL_IP4 && lt == VNET_LINK_IP6)
return (gre64_fixup);
if (fproto == FIB_PROTOCOL_IP4 && lt == VNET_LINK_IP4)
return (gre44_fixup);
if (fproto == FIB_PROTOCOL_IP6 && lt == VNET_LINK_ETHERNET)
return (grex6_fixup);
if (fproto == FIB_PROTOCOL_IP4 && lt == VNET_LINK_ETHERNET)
return (grex4_fixup);
ASSERT (0);
return (gre44_fixup);
}
void
gre_update_adj (vnet_main_t * vnm, u32 sw_if_index, adj_index_t ai)
{
gre_main_t *gm = &gre_main;
gre_tunnel_t *t;
adj_flags_t af;
u8 is_ipv6;
u32 ti;
ti = gm->tunnel_index_by_sw_if_index[sw_if_index];
t = pool_elt_at_index (gm->tunnels, ti);
is_ipv6 = t->tunnel_dst.fp_proto == FIB_PROTOCOL_IP6 ? 1 : 0;
af = ADJ_FLAG_MIDCHAIN_IP_STACK;
if (VNET_LINK_ETHERNET == adj_get_link_type (ai))
af |= ADJ_FLAG_MIDCHAIN_NO_COUNT;
adj_nbr_midchain_update_rewrite
(ai, !is_ipv6 ? gre4_fixup : gre6_fixup, NULL, af,
(ai, gre_get_fixup (t->tunnel_dst.fp_proto,
adj_get_link_type (ai)),
uword_to_pointer (t->flags, void *), af,
gre_build_rewrite (vnm, sw_if_index, adj_get_link_type (ai),
&t->tunnel_dst.fp_addr));
@@ -334,13 +429,12 @@ adj_walk_rc_t
mgre_mk_complete_walk (adj_index_t ai, void *data)
{
mgre_walk_ctx_t *ctx = data;
adj_midchain_fixup_t f;
f = (ctx->t->tunnel_dst.fp_proto == FIB_PROTOCOL_IP4 ?
gre4_fixup : gre6_fixup);
adj_nbr_midchain_update_rewrite
(ai, f, NULL, ADJ_FLAG_MIDCHAIN_IP_STACK,
(ai, gre_get_fixup (ctx->t->tunnel_dst.fp_proto,
adj_get_link_type (ai)),
uword_to_pointer (ctx->t->flags, void *),
ADJ_FLAG_MIDCHAIN_IP_STACK,
gre_build_rewrite (vnet_get_main (),
ctx->t->sw_if_index,
adj_get_link_type (ai),
@@ -355,11 +449,10 @@ adj_walk_rc_t
mgre_mk_incomplete_walk (adj_index_t ai, void *data)
{
gre_tunnel_t *t = data;
adj_midchain_fixup_t f;
f = (t->tunnel_dst.fp_proto == FIB_PROTOCOL_IP4 ? gre4_fixup : gre6_fixup);
adj_nbr_midchain_update_rewrite (ai, f, NULL, ADJ_FLAG_NONE, NULL);
adj_nbr_midchain_update_rewrite (ai, gre_get_fixup (t->tunnel_dst.fp_proto,
adj_get_link_type (ai)),
NULL, ADJ_FLAG_NONE, NULL);
adj_midchain_delegate_unstack (ai);
src/vnet/gre/gre.h
+2
View File
@@ -206,6 +206,7 @@ typedef struct
u32 sw_if_index;
gre_tunnel_type_t type;
tunnel_mode_t mode;
tunnel_encap_decap_flags_t flags;
/**
* an L2 tunnel always rquires an L2 midchain. cache here for DP.
@@ -368,6 +369,7 @@ typedef struct
ip46_address_t src, dst;
u32 outer_table_id;
u16 session_id;
tunnel_encap_decap_flags_t flags;
} vnet_gre_tunnel_add_del_args_t;
extern int vnet_gre_tunnel_add_del (vnet_gre_tunnel_add_del_args_t * a,
src/vnet/gre/gre_api.c
+7
View File
@@ -89,6 +89,7 @@ static void vl_api_gre_tunnel_add_del_t_handler
{
vnet_gre_tunnel_add_del_args_t _a = { }, *a = &_a;
vl_api_gre_tunnel_add_del_reply_t *rmp;
tunnel_encap_decap_flags_t flags;
u32 sw_if_index = ~0;
ip46_type_t itype[2];
int rv = 0;
@@ -115,6 +116,11 @@ static void vl_api_gre_tunnel_add_del_t_handler
rv = tunnel_mode_decode (mp->tunnel.mode, &a->mode);
if (rv)
goto out;
rv = tunnel_encap_decap_flags_decode (mp->tunnel.flags, &flags);
if (rv)
goto out;
@@ -123,6 +129,7 @@ static void vl_api_gre_tunnel_add_del_t_handler
a->instance = ntohl (mp->tunnel.instance);
a->session_id = ntohs (mp->tunnel.session_id);
a->outer_table_id = ntohl (mp->tunnel.outer_table_id);
a->flags = flags;
rv = vnet_gre_tunnel_add_del (a, &sw_if_index);
src/vnet/gre/interface.c
+1
View File
@@ -346,6 +346,7 @@ vnet_gre_tunnel_add (vnet_gre_tunnel_add_del_args_t * a,
t->type = a->type;
t->mode = a->mode;
t->flags = a->flags;
if (t->type == GRE_TUNNEL_TYPE_ERSPAN)
t->session_id = a->session_id;
src/vnet/ip/ip4_packet.h
+1 -1
View File
@@ -322,7 +322,7 @@ ip4_header_clear_df (ip4_header_t * ip4)
}
always_inline u8
ip4_header_get_df (ip4_header_t * ip4)
ip4_header_get_df (const ip4_header_t * ip4)
{
return (! !(ip4->flags_and_fragment_offset &
clib_host_to_net_u16 (IP4_HEADER_FLAG_DONT_FRAGMENT)));
src/vnet/ipip/ipip.c
+90 -67
View File
@@ -26,6 +26,7 @@
#include <vnet/ip/format.h>
#include <vnet/ipip/ipip.h>
#include <vnet/nhrp/nhrp.h>
#include <vnet/tunnel/tunnel_dp.h>
ipip_main_t ipip_main;
@@ -84,6 +85,18 @@ ipip_build_rewrite (vnet_main_t * vnm, u32 sw_if_index,
if (t->flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_SET_DF)
ip4_header_set_df (ip4);
ip4->checksum = ip4_header_checksum (ip4);
switch (link_type)
{
case VNET_LINK_IP6:
ip4->protocol = IP_PROTOCOL_IPV6;
break;
case VNET_LINK_IP4:
ip4->protocol = IP_PROTOCOL_IP_IN_IP;
break;
default:
break;
}
break;
case IPIP_TRANSPORT_IP6:
@@ -99,14 +112,26 @@ ipip_build_rewrite (vnet_main_t * vnm, u32 sw_if_index,
ip6->dst_address.as_u64[1] = dst->ip6.as_u64[1];
if (!(t->flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_DSCP))
ip6_set_dscp_network_order (ip6, t->dscp);
switch (link_type)
{
case VNET_LINK_IP6:
ip6->protocol = IP_PROTOCOL_IPV6;
break;
case VNET_LINK_IP4:
ip6->protocol = IP_PROTOCOL_IP_IN_IP;
break;
default:
break;
}
break;
}
return (rewrite);
}
static void
ipip4_fixup (vlib_main_t * vm, const ip_adjacency_t * adj, vlib_buffer_t * b,
const void *data)
ipip64_fixup (vlib_main_t * vm, const ip_adjacency_t * adj, vlib_buffer_t * b,
const void *data)
{
tunnel_encap_decap_flags_t flags;
ip4_header_t *ip4;
@@ -115,41 +140,30 @@ ipip4_fixup (vlib_main_t * vm, const ip_adjacency_t * adj, vlib_buffer_t * b,
ip4 = vlib_buffer_get_current (b);
ip4->length = clib_host_to_net_u16 (vlib_buffer_length_in_chain (vm, b));
switch (adj->ia_link)
{
case VNET_LINK_IP6:
ip4->protocol = IP_PROTOCOL_IPV6;
if (flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_DSCP)
ip4_header_set_dscp (ip4,
ip6_dscp_network_order ((ip6_header_t *) (ip4 +
1)));
if (flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_ECN)
ip4_header_set_ecn (ip4,
ip6_ecn_network_order ((ip6_header_t *) (ip4 +
1)));
break;
case VNET_LINK_IP4:
ip4->protocol = IP_PROTOCOL_IP_IN_IP;
if (flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_DSCP)
ip4_header_set_dscp (ip4, ip4_header_get_dscp (ip4 + 1));
if (flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_ECN)
ip4_header_set_ecn (ip4, ip4_header_get_ecn (ip4 + 1));
if ((flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_DF) &&
ip4_header_get_df (ip4 + 1))
ip4_header_set_df (ip4);
break;
default:
break;
}
tunnel_encap_fixup_6o4 (flags, ((ip6_header_t *) (ip4 + 1)), ip4);
ip4->checksum = ip4_header_checksum (ip4);
}
static void
ipip6_fixup (vlib_main_t * vm, const ip_adjacency_t * adj, vlib_buffer_t * b,
const void *data)
ipip44_fixup (vlib_main_t * vm, const ip_adjacency_t * adj, vlib_buffer_t * b,
const void *data)
{
tunnel_encap_decap_flags_t flags;
ip4_header_t *ip4;
flags = pointer_to_uword (data);
ip4 = vlib_buffer_get_current (b);
ip4->length = clib_host_to_net_u16 (vlib_buffer_length_in_chain (vm, b));
tunnel_encap_fixup_4o4 (flags, ip4 + 1, ip4);
ip4->checksum = ip4_header_checksum (ip4);
}
static void
ipip46_fixup (vlib_main_t * vm, const ip_adjacency_t * adj, vlib_buffer_t * b,
const void *data)
{
tunnel_encap_decap_flags_t flags;
ip6_header_t *ip6;
@@ -164,29 +178,27 @@ ipip6_fixup (vlib_main_t * vm, const ip_adjacency_t * adj, vlib_buffer_t * b,
ip6->payload_length =
clib_host_to_net_u16 (vlib_buffer_length_in_chain (vm, b) -
sizeof (*ip6));
switch (adj->ia_link)
{
case VNET_LINK_IP6:
ip6->protocol = IP_PROTOCOL_IPV6;
if (flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_DSCP)
ip6_set_dscp_network_order (ip6, ip6_dscp_network_order (ip6 + 1));
if (flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_ECN)
ip6_set_ecn_network_order (ip6, ip6_ecn_network_order (ip6 + 1));
break;
tunnel_encap_fixup_4o6 (flags, ((ip4_header_t *) (ip6 + 1)), ip6);
}
case VNET_LINK_IP4:
ip6->protocol = IP_PROTOCOL_IP_IN_IP;
if (flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_DSCP)
ip6_set_dscp_network_order
(ip6, ip4_header_get_dscp ((ip4_header_t *) (ip6 + 1)));
if (flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_ECN)
ip6_set_ecn_network_order
(ip6, ip4_header_get_ecn ((ip4_header_t *) (ip6 + 1)));
break;
static void
ipip66_fixup (vlib_main_t * vm,
const ip_adjacency_t * adj, vlib_buffer_t * b, const void *data)
{
tunnel_encap_decap_flags_t flags;
ip6_header_t *ip6;
default:
break;
}
flags = pointer_to_uword (data);
/* Must set locally originated otherwise we're not allowed to
fragment the packet later */
b->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED;
ip6 = vlib_buffer_get_current (b);
ip6->payload_length =
clib_host_to_net_u16 (vlib_buffer_length_in_chain (vm, b) -
sizeof (*ip6));
tunnel_encap_fixup_6o6 (flags, ip6 + 1, ip6);
}
static void
@@ -246,10 +258,25 @@ ipip_tunnel_restack (ipip_tunnel_t * gt)
}
}
static adj_midchain_fixup_t
ipip_get_fixup (const ipip_tunnel_t * t, vnet_link_t lt)
{
if (t->transport == IPIP_TRANSPORT_IP6 && lt == VNET_LINK_IP6)
return (ipip66_fixup);
if (t->transport == IPIP_TRANSPORT_IP6 && lt == VNET_LINK_IP4)
return (ipip46_fixup);
if (t->transport == IPIP_TRANSPORT_IP4 && lt == VNET_LINK_IP6)
return (ipip64_fixup);
if (t->transport == IPIP_TRANSPORT_IP4 && lt == VNET_LINK_IP4)
return (ipip44_fixup);
ASSERT (0);
return (ipip44_fixup);
}
void
ipip_update_adj (vnet_main_t * vnm, u32 sw_if_index, adj_index_t ai)
{
adj_midchain_fixup_t f;
ipip_tunnel_t *t;
adj_flags_t af;
@@ -257,13 +284,13 @@ ipip_update_adj (vnet_main_t * vnm, u32 sw_if_index, adj_index_t ai)
if (!t)
return;
f = t->transport == IPIP_TRANSPORT_IP6 ? ipip6_fixup : ipip4_fixup;
af = ADJ_FLAG_MIDCHAIN_IP_STACK;
if (VNET_LINK_ETHERNET == adj_get_link_type (ai))
af |= ADJ_FLAG_MIDCHAIN_NO_COUNT;
adj_nbr_midchain_update_rewrite
(ai, f, uword_to_pointer (t->flags, void *), af,
(ai, ipip_get_fixup (t, adj_get_link_type (ai)),
uword_to_pointer (t->flags, void *), af,
ipip_build_rewrite (vnm, sw_if_index,
adj_get_link_type (ai), &t->tunnel_dst));
ipip_tunnel_stack (ai);
@@ -279,12 +306,10 @@ static adj_walk_rc_t
mipip_mk_complete_walk (adj_index_t ai, void *data)
{
mipip_walk_ctx_t *ctx = data;
adj_midchain_fixup_t f;
f = ctx->t->transport == IPIP_TRANSPORT_IP6 ? ipip6_fixup : ipip4_fixup;
adj_nbr_midchain_update_rewrite
(ai, f, uword_to_pointer (ctx->t->flags, void *),
(ai, ipip_get_fixup (ctx->t, adj_get_link_type (ai)),
uword_to_pointer (ctx->t->flags, void *),
ADJ_FLAG_MIDCHAIN_IP_STACK, ipip_build_rewrite (vnet_get_main (),
ctx->t->sw_if_index,
adj_get_link_type (ai),
@@ -300,11 +325,10 @@ static adj_walk_rc_t
mipip_mk_incomplete_walk (adj_index_t ai, void *data)
{
ipip_tunnel_t *t = data;
adj_midchain_fixup_t f;
f = t->transport == IPIP_TRANSPORT_IP6 ? ipip6_fixup : ipip4_fixup;
adj_nbr_midchain_update_rewrite (ai, f, NULL, ADJ_FLAG_NONE, NULL);
adj_nbr_midchain_update_rewrite
(ai, ipip_get_fixup (t, adj_get_link_type (ai)),
NULL, ADJ_FLAG_NONE, NULL);
adj_midchain_delegate_unstack (ai);
@@ -315,7 +339,6 @@ void
mipip_update_adj (vnet_main_t * vnm, u32 sw_if_index, adj_index_t ai)
{
ipip_main_t *gm = &ipip_main;
adj_midchain_fixup_t f;
ip_adjacency_t *adj;
nhrp_entry_t *ne;
ipip_tunnel_t *t;
@@ -324,7 +347,6 @@ mipip_update_adj (vnet_main_t * vnm, u32 sw_if_index, adj_index_t ai)
adj = adj_get (ai);
ti = gm->tunnel_index_by_sw_if_index[sw_if_index];
t = pool_elt_at_index (gm->tunnels, ti);
f = t->transport == IPIP_TRANSPORT_IP6 ? ipip6_fixup : ipip4_fixup;
ne = nhrp_entry_find (sw_if_index, &adj->sub_type.nbr.next_hop);
@@ -332,7 +354,8 @@ mipip_update_adj (vnet_main_t * vnm, u32 sw_if_index, adj_index_t ai)
{
// no NHRP entry to provide the next-hop
adj_nbr_midchain_update_rewrite
(ai, f, uword_to_pointer (t->flags, void *), ADJ_FLAG_NONE, NULL);
(ai, ipip_get_fixup (t, adj_get_link_type (ai)),
uword_to_pointer (t->flags, void *), ADJ_FLAG_NONE, NULL);
return;
}
src/vnet/ipip/node.c
+12 -20
View File
@@ -19,7 +19,7 @@
#include <vnet/ipip/ipip.h>
#include <vnet/ip/ip6_packet.h>
#include <vnet/mpls/mpls.h>
#include <vnet/pg/pg.h>
#include <vnet/tunnel/tunnel_dp.h>
#include <vppinfra/sparse_vec.h>
#define foreach_ipip_input_next \
@@ -159,29 +159,21 @@ ipip_input (vlib_main_t * vm, vlib_node_runtime_t * node,
{
next0 = IPIP_INPUT_NEXT_IP6_INPUT;
if (t0->flags & TUNNEL_ENCAP_DECAP_FLAG_DECAP_COPY_ECN)
{
if (is_ipv6)
ip6_set_ecn_network_order ((ip60 + 1),
ip6_ecn_network_order (ip60));
else
ip6_set_ecn_network_order ((ip6_header_t *) (ip40 + 1),
ip4_header_get_ecn (ip40));
}
if (is_ipv6)
tunnel_decap_fixup_6o6 (t0->flags, (ip60 + 1), ip60);
else
tunnel_decap_fixup_6o4 (t0->flags,
(ip6_header_t *) (ip40 + 1), ip40);
}
else if (inner_protocol0 == IP_PROTOCOL_IP_IN_IP)
{
next0 = IPIP_INPUT_NEXT_IP4_INPUT;
if (t0->flags & TUNNEL_ENCAP_DECAP_FLAG_DECAP_COPY_ECN)
{
if (is_ipv6)
ip4_header_set_ecn_w_chksum ((ip4_header_t *) (ip60 + 1),
ip6_ecn_network_order
(ip60));
else
ip4_header_set_ecn_w_chksum (ip40 + 1,
ip4_header_get_ecn (ip40));
}
if (is_ipv6)
tunnel_decap_fixup_4o6 (t0->flags,
(ip4_header_t *) (ip60 + 1), ip60);
else
tunnel_decap_fixup_4o4 (t0->flags, ip40 + 1, ip40);
}
if (!is_ipv6 && t0->mode == IPIP_MODE_6RD
src/vnet/tunnel/tunnel_dp.h
+104
View File
@@ -0,0 +1,104 @@
/*
* tunnel_dp.h: data-plane functions tunnels.
*
* Copyright (c) 2019 Cisco and/or its affiliates.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at:
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef __TUNNEL_DP_H__
#define __TUNNEL_DP_H__
static_always_inline void
tunnel_encap_fixup_4o4 (tunnel_encap_decap_flags_t flags,
const ip4_header_t * inner, ip4_header_t * outer)
{
if (flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_DSCP)
ip4_header_set_dscp (outer, ip4_header_get_dscp (inner));
if (flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_ECN)
ip4_header_set_ecn (outer, ip4_header_get_ecn (inner));
if ((flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_DF) &&
ip4_header_get_df (inner))
ip4_header_set_df (outer);
}
static_always_inline void
tunnel_encap_fixup_6o4 (tunnel_encap_decap_flags_t flags,
const ip6_header_t * inner, ip4_header_t * outer)
{
if (flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_DSCP)
ip4_header_set_dscp (outer, ip6_dscp_network_order (inner));
if (flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_ECN)
ip4_header_set_ecn (outer, ip6_ecn_network_order ((inner)));
}
static_always_inline void
tunnel_encap_fixup_6o6 (tunnel_encap_decap_flags_t flags,
const ip6_header_t * inner, ip6_header_t * outer)
{
if (flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_DSCP)
ip6_set_dscp_network_order (outer, ip6_dscp_network_order (inner));
if (flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_ECN)
ip6_set_ecn_network_order (outer, ip6_ecn_network_order (inner));
}
static_always_inline void
tunnel_encap_fixup_4o6 (tunnel_encap_decap_flags_t flags,
const ip4_header_t * inner, ip6_header_t * outer)
{
if (flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_DSCP)
ip6_set_dscp_network_order (outer, ip4_header_get_dscp (inner));
if (flags & TUNNEL_ENCAP_DECAP_FLAG_ENCAP_COPY_ECN)
ip6_set_ecn_network_order (outer, ip4_header_get_ecn (inner));
}
static_always_inline void
tunnel_decap_fixup_4o6 (tunnel_encap_decap_flags_t flags,
ip4_header_t * inner, const ip6_header_t * outer)
{
if (flags & TUNNEL_ENCAP_DECAP_FLAG_DECAP_COPY_ECN)
ip4_header_set_ecn_w_chksum (inner, ip6_ecn_network_order (outer));
}
static_always_inline void
tunnel_decap_fixup_6o6 (tunnel_encap_decap_flags_t flags,
ip6_header_t * inner, const ip6_header_t * outer)
{
if (flags & TUNNEL_ENCAP_DECAP_FLAG_DECAP_COPY_ECN)
ip6_set_ecn_network_order (inner, ip6_ecn_network_order (outer));
}
static_always_inline void
tunnel_decap_fixup_6o4 (tunnel_encap_decap_flags_t flags,
ip6_header_t * inner, const ip4_header_t * outer)
{
if (flags & TUNNEL_ENCAP_DECAP_FLAG_DECAP_COPY_ECN)
ip6_set_ecn_network_order (inner, ip4_header_get_ecn (outer));
}
static_always_inline void
tunnel_decap_fixup_4o4 (tunnel_encap_decap_flags_t flags,
ip4_header_t * inner, const ip4_header_t * outer)
{
if (flags & TUNNEL_ENCAP_DECAP_FLAG_DECAP_COPY_ECN)
ip4_header_set_ecn_w_chksum (inner, ip4_header_get_ecn (outer));
}
#endif
/*
* fd.io coding-style-patch-verification: ON
*
* Local Variables:
* eval: (c-set-style "gnu")
* End:
*/
test/test_gre.py
+43 -19
View File
@@ -108,26 +108,28 @@ class TestGRE(VppTestCase):
self.pg1.set_table_ip4(0)
super(TestGRE, self).tearDown()
def create_stream_ip4(self, src_if, src_ip, dst_ip):
def create_stream_ip4(self, src_if, src_ip, dst_ip, dscp=0, ecn=0):
pkts = []
tos = (dscp << 2) | ecn
for i in range(0, 257):
info = self.create_packet_info(src_if, src_if)
payload = self.info_to_payload(info)
p = (Ether(dst=src_if.local_mac, src=src_if.remote_mac) /
IP(src=src_ip, dst=dst_ip) /
IP(src=src_ip, dst=dst_ip, tos=tos) /
UDP(sport=1234, dport=1234) /
Raw(payload))
info.data = p.copy()
pkts.append(p)
return pkts
def create_stream_ip6(self, src_if, src_ip, dst_ip):
def create_stream_ip6(self, src_if, src_ip, dst_ip, dscp=0, ecn=0):
pkts = []
tc = (dscp << 2) | ecn
for i in range(0, 257):
info = self.create_packet_info(src_if, src_if)
payload = self.info_to_payload(info)
p = (Ether(dst=src_if.local_mac, src=src_if.remote_mac) /
IPv6(src=src_ip, dst=dst_ip) /
IPv6(src=src_ip, dst=dst_ip, tc=tc) /
UDP(sport=1234, dport=1234) /
Raw(payload))
info.data = p.copy()
@@ -225,9 +227,11 @@ class TestGRE(VppTestCase):
return pkts
def verify_tunneled_4o4(self, src_if, capture, sent,
tunnel_src, tunnel_dst):
tunnel_src, tunnel_dst,
dscp=0, ecn=0):
self.assertEqual(len(capture), len(sent))
tos = (dscp << 2) | ecn
for i in range(len(capture)):
try:
@@ -239,6 +243,7 @@ class TestGRE(VppTestCase):
self.assertEqual(rx_ip.src, tunnel_src)
self.assertEqual(rx_ip.dst, tunnel_dst)
self.assertEqual(rx_ip.tos, tos)
rx_gre = rx[GRE]
rx_ip = rx_gre[IP]
@@ -254,9 +259,11 @@ class TestGRE(VppTestCase):
raise
def verify_tunneled_6o6(self, src_if, capture, sent,
tunnel_src, tunnel_dst):
tunnel_src, tunnel_dst,
dscp=0, ecn=0):
self.assertEqual(len(capture), len(sent))
tc = (dscp << 2) | ecn
for i in range(len(capture)):
try:
@@ -268,6 +275,7 @@ class TestGRE(VppTestCase):
self.assertEqual(rx_ip.src, tunnel_src)
self.assertEqual(rx_ip.dst, tunnel_dst)
self.assertEqual(rx_ip.tc, tc)
rx_gre = GRE(scapy.compat.raw(rx_ip[IPv6].payload))
rx_ip = rx_gre[IPv6]
@@ -719,6 +727,8 @@ class TestGRE(VppTestCase):
def test_gre_vrf(self):
""" GRE tunnel VRF Tests """
e = VppEnum.vl_api_tunnel_encap_decap_flags_t
#
# Create an L3 GRE tunnel whose destination is in the non-default
# table. The underlay is thus non-default - the overlay is still
@@ -726,9 +736,13 @@ class TestGRE(VppTestCase):
# - set it admin up
# - assign an IP Addres
#
gre_if = VppGreInterface(self, self.pg1.local_ip4,
"2.2.2.2",
outer_table_id=1)
gre_if = VppGreInterface(
self, self.pg1.local_ip4,
"2.2.2.2",
outer_table_id=1,
flags=(e.TUNNEL_API_ENCAP_DECAP_FLAG_ENCAP_COPY_DSCP |
e.TUNNEL_API_ENCAP_DECAP_FLAG_ENCAP_COPY_ECN))
gre_if.add_vpp_config()
gre_if.admin_up()
gre_if.config_ip4()
@@ -756,10 +770,12 @@ class TestGRE(VppTestCase):
# - packets are GRE encapped
#
self.vapi.cli("clear trace")
tx = self.create_stream_ip4(self.pg0, "5.5.5.5", "9.9.9.9")
tx = self.create_stream_ip4(self.pg0, "5.5.5.5", "9.9.9.9",
dscp=5, ecn=3)
rx = self.send_and_expect(self.pg0, tx, self.pg1)
self.verify_tunneled_4o4(self.pg1, rx, tx,
self.pg1.local_ip4, "2.2.2.2")
self.pg1.local_ip4, "2.2.2.2",
dscp=5, ecn=3)
#
# Send tunneled packets that match the created tunnel and
@@ -1100,6 +1116,8 @@ class TestGRE(VppTestCase):
self.pg0.config_ip6()
self.pg0.resolve_ndp()
e = VppEnum.vl_api_tunnel_encap_decap_flags_t
for itf in self.pg_interfaces[3:]:
#
# one underlay nh for each overlay/tunnel peer
@@ -1114,11 +1132,14 @@ class TestGRE(VppTestCase):
# - assign an IP Addres
# - Add a route via the tunnel
#
gre_if = VppGreInterface(self,
itf.local_ip6,
"::",
mode=(VppEnum.vl_api_tunnel_mode_t.
TUNNEL_API_MODE_MP))
gre_if = VppGreInterface(
self,
itf.local_ip6,
"::",
mode=(VppEnum.vl_api_tunnel_mode_t.
TUNNEL_API_MODE_MP),
flags=e.TUNNEL_API_ENCAP_DECAP_FLAG_ENCAP_COPY_DSCP)
gre_if.add_vpp_config()
gre_if.admin_up()
gre_if.config_ip6()
@@ -1151,11 +1172,13 @@ class TestGRE(VppTestCase):
# Send a packet stream that is routed into the tunnel
# - packets are GRE encapped
#
tx_e = self.create_stream_ip6(self.pg0, "5::5", route_addr)
tx_e = self.create_stream_ip6(self.pg0, "5::5", route_addr,
dscp=2, ecn=1)
rx = self.send_and_expect(self.pg0, tx_e, itf)
self.verify_tunneled_6o6(self.pg0, rx, tx_e,
itf.local_ip6,
itf._remote_hosts[ii].ip6)
itf._remote_hosts[ii].ip6,
dscp=2)
tx_i = self.create_tunnel_stream_6o6(self.pg0,
itf._remote_hosts[ii].ip6,
itf.local_ip6,
@@ -1174,7 +1197,8 @@ class TestGRE(VppTestCase):
rx = self.send_and_expect(self.pg0, tx_e, itf)
self.verify_tunneled_6o6(self.pg0, rx, tx_e,
itf.local_ip6,
itf._remote_hosts[ii].ip6)
itf._remote_hosts[ii].ip6,
dscp=2)
rx = self.send_and_expect(self.pg0, tx_i, self.pg0)
self.verify_decapped_6o6(self.pg0, rx, tx_i)
test/vpp_gre_interface.py
+23 -14
View File
@@ -10,7 +10,7 @@ class VppGreInterface(VppInterface):
"""
def __init__(self, test, src_ip, dst_ip, outer_table_id=0,
type=None, mode=None,
type=None, mode=None, flags=0,
session=0):
""" Create VPP GRE interface """
super(VppGreInterface, self).__init__(test)
@@ -18,6 +18,7 @@ class VppGreInterface(VppInterface):
self.t_dst = dst_ip
self.t_outer_table = outer_table_id
self.t_session = session
self.t_flags = flags
self.t_type = type
if not self.t_type:
self.t_type = (VppEnum.vl_api_gre_tunnel_type_t.
@@ -29,12 +30,16 @@ class VppGreInterface(VppInterface):
def add_vpp_config(self):
r = self.test.vapi.gre_tunnel_add_del(
self.t_src,
self.t_dst,
outer_table_id=self.t_outer_table,
type=self.t_type,
mode=self.t_mode,
session_id=self.t_session)
is_add=1,
tunnel={
'src': self.t_src,
'dst': self.t_dst,
'outer_table_id': self.t_outer_table,
'instance': 0xffffffff,
'type': self.t_type,
'mode': self.t_mode,
'flags': self.t_flags,
'session_id': self.t_session})
self.set_sw_if_index(r.sw_if_index)
self.generate_remote_hosts()
self.test.registry.register(self, self.test.logger)
@@ -42,13 +47,17 @@ class VppGreInterface(VppInterface):
def remove_vpp_config(self):
self.unconfig()
self.test.vapi.gre_tunnel_add_del(self.t_src,
self.t_dst,
outer_table_id=self.t_outer_table,
type=self.t_type,
mode=self.t_mode,
session_id=self.t_session,
is_add=0)
self.test.vapi.gre_tunnel_add_del(
is_add=0,
tunnel={
'src': self.t_src,
'dst': self.t_dst,
'outer_table_id': self.t_outer_table,
'instance': 0xffffffff,
'type': self.t_type,
'mode': self.t_mode,
'flags': self.t_flags,
'session_id': self.t_session})
def object_id(self):
return "gre-%d" % self.sw_if_index
test/vpp_papi_provider.py
-37
View File
@@ -45,7 +45,6 @@ defaultmapping = {
'gbp_subnet_add_del': {'sw_if_index': 4294967295, 'epg_id': 65535, },
'geneve_add_del_tunnel': {'mcast_sw_if_index': 4294967295, 'is_add': 1,
'decap_next_index': 4294967295, },
'gre_tunnel_add_del': {'instance': 4294967295, 'is_add': 1, },
'input_acl_set_interface': {'ip4_table_index': 4294967295,
'ip6_table_index': 4294967295,
'l2_table_index': 4294967295, },
@@ -505,42 +504,6 @@ class VppPapiProvider(object):
}
)
def gre_tunnel_add_del(self,
src,
dst,
outer_table_id=0,
type=0,
mode=0,
instance=0xFFFFFFFF,
session_id=0,
is_add=1):
""" Add a GRE tunnel
:param src_address:
:param dst_address:
:param outer_fib_id: (Default value = 0)
:param tunnel_type: (Default value = 0)
:param instance: (Default value = 0xFFFFFFFF)
:param session_id: (Default value = 0)
:param is_add: (Default value = 1)
:param is_ipv6: (Default value = 0)
"""
return self.api(
self.papi.gre_tunnel_add_del,
{'is_add': is_add,
'tunnel':
{
'type': type,
'mode': mode,
'instance': instance,
'src': src,
'dst': dst,
'outer_table_id': outer_table_id,
'session_id': session_id}
}
)
def udp_encap_add(self,
src_ip,
dst_ip,