FD.io VPP  v19.01.3-6-g70449b9b9
Vector Packet Processing
ip_neighbor.c
Go to the documentation of this file.
1 /*
2  * src/vnet/ip/ip_neighboor.c: ip neighbor generic handling
3  *
4  * Copyright (c) 2018 Cisco and/or its affiliates.
5  * Licensed under the Apache License, Version 2.0 (the "License");
6  * you may not use this file except in compliance with the License.
7  * You may obtain a copy of the License at:
8  *
9  * http://www.apache.org/licenses/LICENSE-2.0
10  *
11  * Unless required by applicable law or agreed to in writing, software
12  * distributed under the License is distributed on an "AS IS" BASIS,
13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  * See the License for the specific language governing permissions and
15  * limitations under the License.
16  */
17 
18 #include <vnet/vnet.h>
19 #include <vnet/ip/ip.h>
20 #include <vnet/ip/ip6_neighbor.h>
21 #include <vnet/ip/ip_neighbor.h>
22 #include <vnet/ethernet/arp.h>
23 
24 /*
25  * IP neighbor scan parameter defaults are as follows:
26  * - Scan interval : 60 sec
27  * - Max processing allowed per run : 20 usec
28  * - Max probe/delete operations per run : 10
29  * - Scan interrupt delay to resume scan : 1 msec
30  * - Neighbor stale threashold : 4 x scan-interval
31  */
32 #define IP_NEIGHBOR_DEF_SCAN_INTERVAL (60.0)
33 #define IP_NEIGHBOR_DEF_MAX_PROC_TIME (20e-6)
34 #define IP_NEIGHBOR_DEF_SCAN_INT_DELAY (1e-3)
35 #define IP_NEIGHBOR_DEF_STALE (4*IP_NEIGHBOR_DEF_SCAN_INTERVAL)
36 #define IP_NEIGHBOR_DEF_MAX_UPDATE 10
37 
38 typedef struct
39 {
40  f64 scan_interval; /* Periodic scan interval */
41  f64 max_proc_time; /* Max processing time allowed per run */
42  f64 scan_int_delay; /* Scan interrupt delay to resume scan */
43  f64 stale_threshold; /* IP neighbor stale threshod */
44  u8 max_update; /* Max probe/delete actions allowed per run */
45  u8 mode; /* IP neighbor scan mode */
47 
49 
50 int
51 ip_neighbor_add (const ip46_address_t * ip,
52  u8 is_ip6,
53  const u8 * mac,
55  ip_neighbor_flags_t flags, u32 * stats_index)
56 {
57  fib_protocol_t fproto;
58  vnet_link_t linkt;
59  int rv;
60 
61  /*
62  * there's no validation here of the ND/ARP entry being added.
63  * The expectation is that the FIB will ensure that nothing bad
64  * will come of adding bogus entries.
65  */
66  if (is_ip6)
67  {
69  sw_if_index, &ip->ip6, mac, 6,
70  (flags & IP_NEIGHBOR_FLAG_STATIC),
71  (flags &
73  fproto = FIB_PROTOCOL_IP6;
74  linkt = VNET_LINK_IP6;
75  }
76  else
77  {
78  ethernet_arp_ip4_over_ethernet_address_t a = {
79  .ip4 = ip->ip4,
80  };
81 
82  clib_memcpy (&a.ethernet, mac, 6);
83 
85  sw_if_index,
86  &a,
87  (flags & IP_NEIGHBOR_FLAG_STATIC),
88  (flags &
90  fproto = FIB_PROTOCOL_IP4;
91  linkt = VNET_LINK_IP4;
92  }
93 
94  if (0 == rv && stats_index)
95  *stats_index = adj_nbr_find (fproto, linkt, ip, sw_if_index);
96 
97  return (rv);
98 }
99 
100 int
101 ip_neighbor_del (const ip46_address_t * ip, u8 is_ip6, u32 sw_if_index)
102 {
103  int rv;
104 
105  if (is_ip6)
106  {
108  sw_if_index, &ip->ip6);
109  }
110  else
111  {
112  ethernet_arp_ip4_over_ethernet_address_t a = {
113  .ip4 = ip->ip4,
114  };
115 
116  rv =
117  vnet_arp_unset_ip4_over_ethernet (vnet_get_main (), sw_if_index, &a);
118  }
119 
120  return (rv);
121 }
122 
123 void
125 {
127 
128  cfg->mode = arg->mode;
129 
130  if (arg->mode)
131  {
132  cfg->scan_interval = arg->scan_interval ?
134  cfg->max_proc_time = arg->max_proc_time ?
136  cfg->scan_int_delay = arg->scan_int_delay ?
138  cfg->stale_threshold = arg->stale_threshold ?
139  arg->stale_threshold * 60.0 : cfg->scan_interval * 4;
140  cfg->max_update = arg->max_update ?
142  }
143  else
145 }
146 
148 ip_neighbor_scan (vlib_main_t * vm, f64 start_time, u32 start_idx,
149  u8 is_ip6, u8 delete_stale, u8 * update_count)
150 {
151  vnet_main_t *vnm = vnet_get_main ();
156  ip6_neighbor_t *n6;
157  u32 curr_idx = start_idx;
158  u32 loop_count = 0;
159  f64 delta, update_time;
160 
161  if (!is_ip6)
162  {
163  if (pool_is_free_index (np4, start_idx))
164  curr_idx = pool_next_index (np4, start_idx);
165  }
166  else
167  {
168  if (pool_is_free_index (np6, start_idx))
169  curr_idx = pool_next_index (np6, start_idx);
170  }
171 
172  while (curr_idx != ~0)
173  {
174  /* allow no more than 10 neighbor updates or 20 usec of scan */
175  if ((update_count[0] >= cfg->max_update) ||
176  (((loop_count % 100) == 0) &&
177  ((vlib_time_now (vm) - start_time) > cfg->max_proc_time)))
178  break;
179 
180  if (!is_ip6)
181  {
182  n4 = pool_elt_at_index (np4, curr_idx);
184  goto next_neighbor;
185  update_time = n4->time_last_updated;
186  }
187  else
188  {
189  n6 = pool_elt_at_index (np6, curr_idx);
191  goto next_neighbor;
192  update_time = n6->time_last_updated;
193  }
194 
195  delta = start_time - update_time;
196  if (delete_stale && (delta >= cfg->stale_threshold))
197  {
198  update_count[0]++;
199  /* delete stale neighbor */
200  if (!is_ip6)
201  {
202  ethernet_arp_ip4_over_ethernet_address_t delme;
203  clib_memcpy (&delme.ethernet, n4->ethernet_address, 6);
204  delme.ip4.as_u32 = n4->ip4_address.as_u32;
206  }
207  else
208  {
210  (vm, n6->key.sw_if_index, &n6->key.ip6_address);
211  }
212  }
213  else if (delta >= cfg->scan_interval)
214  {
215  update_count[0]++;
216  /* probe neighbor */
217  if (!is_ip6)
218  ip4_probe_neighbor (vm, &n4->ip4_address, n4->sw_if_index, 1);
219  else
221  n6->key.sw_if_index, 1);
222  }
223 
224  next_neighbor:
225  loop_count++;
226 
227  if (!is_ip6)
228  curr_idx = pool_next_index (np4, curr_idx);
229  else
230  curr_idx = pool_next_index (np6, curr_idx);
231  }
232 
233  return curr_idx;
234 }
235 
236 static uword
239 {
242  f64 start, next_scan = CLIB_TIME_MAX;
243  u32 ip4_nidx = 0; /* ip4 neighbor pool index */
244  u32 ip6_nidx = 0; /* ip6 neighbor pool index */
245  uword *event_data = 0;
246  u8 purge4 = 0, purge6 = 0; /* flags to purge stale entry during scan */
247  u8 update;
248 
249  cfg->mode = IP_SCAN_DISABLED;
252 
253  while (1)
254  {
256  vlib_process_get_events (vm, &event_data);
257  vec_reset_length (event_data);
258 
259  start = vlib_time_now (vm);
260  update = 0;
261 
262  if ((ip4_nidx == 0) && (ip6_nidx == 0)) /* starting a fresh scan */
263  next_scan = start + cfg->scan_interval;
264 
265  if ((cfg->mode & IP_SCAN_V4_NEIGHBORS) == 0)
266  ip4_nidx = ~0; /* disable ip4 neighbor scan */
267 
268  if ((cfg->mode & IP_SCAN_V6_NEIGHBORS) == 0)
269  ip6_nidx = ~0; /* disable ip6 neighbor scan */
270 
271  if (ip4_nidx != ~0) /* scan ip4 neighbors */
272  ip4_nidx = ip_neighbor_scan (vm, start, ip4_nidx, /* ip4 */ 0,
273  purge4, &update);
274 
275  if (ip6_nidx != ~0) /* scan ip6 neighbors */
276  ip6_nidx = ip_neighbor_scan (vm, start, ip6_nidx, /* ip6 */ 1,
277  purge6, &update);
278 
279  if ((ip4_nidx == ~0) && (ip6_nidx == ~0))
280  { /* scan complete */
281  timeout = next_scan - vlib_time_now (vm);
282  ip4_nidx = ip6_nidx = 0;
283  purge4 = cfg->mode & IP_SCAN_V4_NEIGHBORS;
284  purge6 = cfg->mode & IP_SCAN_V6_NEIGHBORS;
285  }
286  else /* scan incomplete */
287  timeout = cfg->scan_int_delay;
288 
289  if (timeout > cfg->scan_interval)
290  timeout = cfg->scan_interval;
291  else if (timeout < cfg->scan_int_delay)
292  timeout = cfg->scan_int_delay;
293 
294  }
295  return 0;
296 }
297 
298 /* *INDENT-OFF* */
300  .function = neighbor_scan_process,
301  .type = VLIB_NODE_TYPE_PROCESS,
302  .name = "ip-neighbor-scan-process",
303 };
304 /* *INDENT-ON* */
305 
306 static clib_error_t *
308  vlib_cli_command_t * cmd)
309 {
310  unformat_input_t _line_input, *line_input = &_line_input;
311  clib_error_t *error = 0;
312  u32 interval = 0, time = 0, update = 0, delay = 0, stale = 0;
314 
315  clib_memset (&arg, 0, sizeof (arg));
317 
318  /* Get a line of input. */
319  if (!unformat_user (input, unformat_line_input, line_input))
320  {
322  return error;
323  }
324 
325  while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
326  {
327  if (unformat (line_input, "ip4"))
329 
330  else if (unformat (line_input, "ip6"))
332 
333  else if (unformat (line_input, "both"))
335 
336  else if (unformat (line_input, "disable"))
337  arg.mode = IP_SCAN_DISABLED;
338 
339  else if (unformat (line_input, "interval %d", &interval))
340  arg.scan_interval = interval;
341 
342  else if (unformat (line_input, "max-time %d", &time))
343  arg.max_proc_time = time;
344 
345  else if (unformat (line_input, "max-update %d", &update))
346  arg.max_update = update;
347 
348  else if (unformat (line_input, "delay %d", &delay))
349  arg.scan_int_delay = delay;
350 
351  else if (unformat (line_input, "stale %d", &stale))
352  arg.stale_threshold = stale;
353 
354  else
355  {
356  error = clib_error_return (0, "unknown input '%U'",
357  format_unformat_error, line_input);
358  goto done;
359  }
360  }
361 
362  if (interval > 255)
363  {
364  error = clib_error_return (0, "interval cannot exceed 255 minutes.");
365  goto done;
366  }
367  if (time > 255)
368  {
369  error = clib_error_return (0, "max-time cannot exceed 255 usec.");
370  goto done;
371  }
372  if (update > 255)
373  {
374  error = clib_error_return (0, "max-update cannot exceed 255.");
375  goto done;
376  }
377  if (delay > 255)
378  {
379  error = clib_error_return (0, "delay cannot exceed 255 msec.");
380  goto done;
381  }
382  if (stale > 255)
383  {
384  error = clib_error_return (0, "stale cannot exceed 255 minutes.");
385  goto done;
386  }
387 
389 
390 done:
391  unformat_free (line_input);
392 
393  return error;
394 }
395 
396 /*?
397  * The '<em>ip scan-neighbor</em>' command can be used to enable and disable
398  * periodic IP neighbor scan and change various scan parameneters.
399  *
400  * @note The default parameters used for IP neighbor scan should work fine
401  * under normal conditions. They should not be changed from the default unless
402  * properly tested to work as desied.
403  *
404  * @cliexpar
405  * Example of enabling IP neighbor scan:
406  * @cliexcmd{ip neighbor-scan enable}
407 ?*/
408 /* *INDENT-OFF* */
409 VLIB_CLI_COMMAND (ip_scan_neighbor_command, static) = {
410  .path = "ip scan-neighbor",
411  .function = ip_neighbor_scan_cli,
412  .short_help = "ip scan-neighbor [ip4|ip6|both|disable] [interval <n-min>] [max-time <n-usec>] [max-update <n>] [delay <n-msec>] [stale <n-min>]",
413  .is_mp_safe = 1,
414 };
415 /* *INDENT-ON* */
416 
417 static u8 *
418 format_ip_scan_mode (u8 * s, va_list * args)
419 {
420  u8 mode = va_arg (*args, u32);
421  switch (mode)
422  {
424  return format (s, "IPv4");
426  return format (s, "IPv6");
428  return format (s, "IPv4 and IPv6");
429  }
430  return format (s, "unknown");
431 }
432 
433 static clib_error_t *
435  vlib_cli_command_t * cmd)
436 {
438 
439  if (cfg->mode == 0)
440  vlib_cli_output (vm,
441  "IP neighbor scan disabled - current time is %.4f sec",
442  vlib_time_now (vm));
443  else
444  vlib_cli_output (vm, "IP neighbor scan enabled for %U neighbors - "
445  "current time is %.4f sec\n "
446  "Full_scan_interval: %f min "
447  "Stale_purge_threshod: %f min\n "
448  "Max_process_time: %f usec Max_updates %d "
449  "Delay_to_resume_after_max_limit: %f msec",
451  vlib_time_now (vm), cfg->scan_interval / 60.0,
452  cfg->stale_threshold / 60.0, cfg->max_proc_time / 1e-6,
453  cfg->max_update, cfg->scan_int_delay / 1e-3);
454  return 0;
455 }
456 
457 /*?
458  * The '<em>show ip scan-neighbor</em>' command can be used to show the current
459  * periodic IP neighbor scan parameters
460  *
461  * @cliexpar
462  * Example of showing IP neighbor scan current parameters:
463  * @cliexcmd{show ip neighbor-scan}
464 ?*/
465 /* *INDENT-OFF* */
466 VLIB_CLI_COMMAND (show_ip_scan_neighbor_command, static) = {
467  .path = "show ip scan-neighbor",
468  .function = show_ip_neighbor_scan,
469  .short_help = "show ip scan-neighbor",
470  .is_mp_safe = 1,
471 };
472 /* *INDENT-ON* */
473 
474 /*
475  * fd.io coding-style-patch-verification: ON
476  *
477  * Local Variables:
478  * eval: (c-set-style "gnu")
479  * End:
480  */
#define pool_next_index(P, I)
Return next occupied pool index after i, useful for safe iteration.
Definition: pool.h:519
u32 flags
Definition: vhost_user.h:115
#define IP_NEIGHBOR_DEF_MAX_UPDATE
Definition: ip_neighbor.c:36
static f64 vlib_process_wait_for_event_or_clock(vlib_main_t *vm, f64 dt)
Suspend a cooperative multi-tasking thread Waits for an event, or for the indicated number of seconds...
Definition: node_funcs.h:673
a
Definition: bitmap.h:538
int vnet_arp_unset_ip4_over_ethernet(vnet_main_t *vnm, u32 sw_if_index, const ethernet_arp_ip4_over_ethernet_address_t *a)
Control Plane hook to remove an ARP entry.
Definition: arp.c:1555
vnet_main_t * vnet_get_main(void)
Definition: misc.c:47
clib_memset(h->entries, 0, sizeof(h->entries[0]) *entries)
static f64 vlib_time_now(vlib_main_t *vm)
Definition: main.h:232
#define IP_SCAN_V6_NEIGHBORS
Definition: ip_neighbor.h:23
uword unformat_user(unformat_input_t *input, unformat_function_t *func,...)
Definition: unformat.c:983
u8 * format(u8 *s, const char *fmt,...)
Definition: format.c:419
#define IP_SCAN_V46_NEIGHBORS
Definition: ip_neighbor.h:24
static ip_neighbor_scan_config_t ip_neighbor_scan_conf
Definition: ip_neighbor.c:48
unsigned char u8
Definition: types.h:56
int ip_neighbor_del(const ip46_address_t *ip, u8 is_ip6, u32 sw_if_index)
Definition: ip_neighbor.c:101
#define IP_NEIGHBOR_DEF_SCAN_INTERVAL
Definition: ip_neighbor.c:32
enum fib_protocol_t_ fib_protocol_t
Protocol Type.
#define vec_reset_length(v)
Reset vector length to zero NULL-pointer tolerant.
double f64
Definition: types.h:142
#define clib_memcpy(d, s, n)
Definition: string.h:180
ip6_neighbor_flags_t flags
Definition: ip6_neighbor.h:42
ip6_neighbor_t * ip6_neighbors_pool(void)
#define static_always_inline
Definition: clib.h:99
void ip_neighbor_scan_enable_disable(ip_neighbor_scan_arg_t *arg)
Definition: ip_neighbor.c:124
static uword vlib_process_get_events(vlib_main_t *vm, uword **data_vector)
Return the first event type which has occurred and a vector of per-event data of that type...
Definition: node_funcs.h:516
u32 sw_if_index
Definition: vxlan_gbp.api:37
int vnet_set_ip6_ethernet_neighbor(vlib_main_t *vm, u32 sw_if_index, const ip6_address_t *a, const u8 *link_layer_address, uword n_bytes_link_layer_address, int is_static, int is_no_fib_entry)
Definition: ip6_neighbor.c:775
#define clib_error_return(e, args...)
Definition: error.h:99
#define IP_SCAN_V4_NEIGHBORS
Definition: ip_neighbor.h:22
unsigned int u32
Definition: types.h:88
clib_error_t * ip6_probe_neighbor(vlib_main_t *vm, ip6_address_t *dst, u32 sw_if_index, u8 refresh)
Definition: ip6_forward.c:1473
#define IP_NEIGHBOR_DEF_MAX_PROC_TIME
Definition: ip_neighbor.c:33
int vnet_arp_set_ip4_over_ethernet(vnet_main_t *vnm, u32 sw_if_index, const ethernet_arp_ip4_over_ethernet_address_t *a, int is_static, int is_no_fib_entry)
Definition: arp.c:1967
unformat_function_t unformat_line_input
Definition: format.h:282
#define pool_elt_at_index(p, i)
Returns pointer to element at given index.
Definition: pool.h:511
static clib_error_t * show_ip_neighbor_scan(vlib_main_t *vm, unformat_input_t *input, vlib_cli_command_t *cmd)
Definition: ip_neighbor.c:434
ip4_address_t ip4_address
Definition: arp_packet.h:153
struct _unformat_input_t unformat_input_t
u32 sw_if_index
Definition: arp_packet.h:152
ethernet_arp_ip4_entry_t * ip4_neighbors_pool(void)
Definition: arp.c:1389
u8 ethernet_address[6]
Definition: arp_packet.h:155
#define IP_SCAN_DISABLED
Definition: ip_neighbor.h:21
clib_error_t * ip4_probe_neighbor(vlib_main_t *vm, ip4_address_t *dst, u32 sw_if_index, u8 refresh)
Definition: ip4_forward.c:1995
#define VLIB_REGISTER_NODE(x,...)
Definition: node.h:169
#define UNFORMAT_END_OF_INPUT
Definition: format.h:144
vlib_main_t * vm
Definition: buffer.c:301
static vlib_node_registration_t neighbor_scan_process_node
(constructor) VLIB_REGISTER_NODE (neighbor_scan_process_node)
Definition: ip_neighbor.c:299
#define pool_is_free_index(P, I)
Use free bitmap to query whether given index is free.
Definition: pool.h:283
enum ip_neighbor_flags_t_ ip_neighbor_flags_t
static_always_inline u32 ip_neighbor_scan(vlib_main_t *vm, f64 start_time, u32 start_idx, u8 is_ip6, u8 delete_stale, u8 *update_count)
Definition: ip_neighbor.c:148
#define VLIB_CLI_COMMAND(x,...)
Definition: cli.h:155
ip6_address_t ip6_address
Definition: ip6_neighbor.h:26
enum vnet_link_t_ vnet_link_t
Link Type: A description of the protocol of packets on the link.
#define CLIB_TIME_MAX
Definition: time.h:212
static uword neighbor_scan_process(vlib_main_t *vm, vlib_node_runtime_t *rt, vlib_frame_t *f)
Definition: ip_neighbor.c:237
int ip_neighbor_add(const ip46_address_t *ip, u8 is_ip6, const u8 *mac, u32 sw_if_index, ip_neighbor_flags_t flags, u32 *stats_index)
Definition: ip_neighbor.c:51
ethernet_arp_entry_flags_t flags
Definition: arp_packet.h:157
static vlib_main_t * vlib_get_main(void)
Definition: global_funcs.h:23
f64 time_last_updated
Definition: arp_packet.h:159
static u8 * format_ip_scan_mode(u8 *s, va_list *args)
Definition: ip_neighbor.c:418
int vnet_unset_ip6_ethernet_neighbor(vlib_main_t *vm, u32 sw_if_index, const ip6_address_t *a)
Definition: ip6_neighbor.c:936
ip6_neighbor_key_t key
Definition: ip6_neighbor.h:40
u64 uword
Definition: types.h:112
static void unformat_free(unformat_input_t *i)
Definition: format.h:162
u8 * format_unformat_error(u8 *s, va_list *va)
Definition: unformat.c:91
vl_api_gbp_vxlan_tunnel_mode_t mode
Definition: gbp.api:349
vl_api_mac_address_t mac
Definition: gbp.api:118
void vlib_cli_output(vlib_main_t *vm, char *fmt,...)
Definition: cli.c:762
static clib_error_t * ip_neighbor_scan_cli(vlib_main_t *vm, unformat_input_t *input, vlib_cli_command_t *cmd)
Definition: ip_neighbor.c:307
#define IP_NEIGHBOR_DEF_SCAN_INT_DELAY
Definition: ip_neighbor.c:34
uword unformat(unformat_input_t *i, const char *fmt,...)
Definition: unformat.c:972
static uword unformat_check_input(unformat_input_t *i)
Definition: format.h:170
Definition: arp_packet.h:150
adj_index_t adj_nbr_find(fib_protocol_t nh_proto, vnet_link_t link_type, const ip46_address_t *nh_addr, u32 sw_if_index)
Lookup neighbor adjancency.
Definition: adj_nbr.c:99