lib/tnl-neigh-cache.c

   1 /*
   2  * Copyright (c) 2014, 2015, 2016 Nicira, Inc.
   3  *
   4  * Licensed under the Apache License, Version 2.0 (the "License");
   5  * you may not use this file except in compliance with the License.
   6  * You may obtain a copy of the License at:
   7  *
   8  *     http://www.apache.org/licenses/LICENSE-2.0
   9  *
  10  * Unless required by applicable law or agreed to in writing, software
  11  * distributed under the License is distributed on an "AS IS" BASIS,
  12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13  * See the License for the specific language governing permissions and
  14  * limitations under the License.
  15  */
  16
  17 #include <config.h>
  18
  19 #include "tnl-neigh-cache.h"
  20
  21 #include <inttypes.h>
  22 #include <sys/types.h>
  23 #include <netinet/in.h>
  24 #include <netinet/icmp6.h>
  25 #include <stdlib.h>
  26
  27 #include "bitmap.h"
  28 #include "cmap.h"
  29 #include "coverage.h"
  30 #include "dpif-netdev.h"
  31 #include "openvswitch/dynamic-string.h"
  32 #include "errno.h"
  33 #include "flow.h"
  34 #include "netdev.h"
  35 #include "ovs-thread.h"
  36 #include "packets.h"
  37 #include "poll-loop.h"
  38 #include "seq.h"
  39 #include "socket-util.h"
  40 #include "timeval.h"
  41 #include "unaligned.h"
  42 #include "unixctl.h"
  43 #include "util.h"
  44 #include "openvswitch/vlog.h"
  45
  46
  47 /* In seconds */
  48 #define NEIGH_ENTRY_DEFAULT_IDLE_TIME  (15 * 60)
  49
  50 struct tnl_neigh_entry {
  51     struct cmap_node cmap_node;
  52     struct in6_addr ip;
  53     struct eth_addr mac;
  54     time_t expires;             /* Expiration time. */
  55     char br_name[IFNAMSIZ];
  56 };
  57
  58 static struct cmap table = CMAP_INITIALIZER;
  59 static struct ovs_mutex mutex = OVS_MUTEX_INITIALIZER;
  60
  61 static uint32_t
  62 tnl_neigh_hash(const struct in6_addr *ip)
  63 {
  64     return hash_bytes(ip->s6_addr, 16, 0);
  65 }
  66
  67 static struct tnl_neigh_entry *
  68 tnl_neigh_lookup__(const char br_name[IFNAMSIZ], const struct in6_addr *dst)
  69 {
  70     struct tnl_neigh_entry *neigh;
  71     uint32_t hash;
  72
  73     hash = tnl_neigh_hash(dst);
  74     CMAP_FOR_EACH_WITH_HASH (neigh, cmap_node, hash, &table) {
  75         if (ipv6_addr_equals(&neigh->ip, dst) && !strcmp(neigh->br_name, br_name)) {
  76             if (neigh->expires <= time_now()) {
  77                 return NULL;
  78             }
  79
  80             neigh->expires = time_now() + NEIGH_ENTRY_DEFAULT_IDLE_TIME;
  81             return neigh;
  82         }
  83     }
  84     return NULL;
  85 }
  86
  87 int
  88 tnl_neigh_lookup(const char br_name[IFNAMSIZ], const struct in6_addr *dst,
  89                  struct eth_addr *mac)
  90 {
  91     struct tnl_neigh_entry *neigh;
  92     int res = ENOENT;
  93
  94     neigh = tnl_neigh_lookup__(br_name, dst);
  95     if (neigh) {
  96         *mac = neigh->mac;
  97         res = 0;
  98     }
  99     return res;
 100 }
 101
 102 static void
 103 neigh_entry_free(struct tnl_neigh_entry *neigh)
 104 {
 105     free(neigh);
 106 }
 107
 108 static void
 109 tnl_neigh_delete(struct tnl_neigh_entry *neigh)
 110 {
 111     uint32_t hash = tnl_neigh_hash(&neigh->ip);
 112     cmap_remove(&table, &neigh->cmap_node, hash);
 113     ovsrcu_postpone(neigh_entry_free, neigh);
 114 }
 115
 116 static void
 117 tnl_neigh_set__(const char name[IFNAMSIZ], const struct in6_addr *dst,
 118               const struct eth_addr mac)
 119 {
 120     ovs_mutex_lock(&mutex);
 121     struct tnl_neigh_entry *neigh = tnl_neigh_lookup__(name, dst);
 122     if (neigh) {
 123         if (eth_addr_equals(neigh->mac, mac)) {
 124             neigh->expires = time_now() + NEIGH_ENTRY_DEFAULT_IDLE_TIME;
 125             ovs_mutex_unlock(&mutex);
 126             return;
 127         }
 128         tnl_neigh_delete(neigh);
 129         seq_change(tnl_conf_seq);
 130     }
 131
 132     neigh = xmalloc(sizeof *neigh);
 133
 134     neigh->ip = *dst;
 135     neigh->mac = mac;
 136     neigh->expires = time_now() + NEIGH_ENTRY_DEFAULT_IDLE_TIME;
 137     ovs_strlcpy(neigh->br_name, name, sizeof neigh->br_name);
 138     cmap_insert(&table, &neigh->cmap_node, tnl_neigh_hash(&neigh->ip));
 139     ovs_mutex_unlock(&mutex);
 140 }
 141
 142 static void
 143 tnl_arp_set(const char name[IFNAMSIZ], ovs_be32 dst,
 144             const struct eth_addr mac)
 145 {
 146     struct in6_addr dst6 = in6_addr_mapped_ipv4(dst);
 147     tnl_neigh_set__(name, &dst6, mac);
 148 }
 149
 150 static int
 151 tnl_arp_snoop(const struct flow *flow, struct flow_wildcards *wc,
 152               const char name[IFNAMSIZ])
 153 {
 154     if (flow->dl_type != htons(ETH_TYPE_ARP) ||
 155         flow->nw_proto != ARP_OP_REPLY ||
 156         eth_addr_is_zero(flow->arp_sha)) {
 157         return EINVAL;
 158     }
 159
 160     /* Exact Match on all ARP flows. */
 161     memset(&wc->masks.nw_proto, 0xff, sizeof wc->masks.nw_proto);
 162     memset(&wc->masks.nw_src, 0xff, sizeof wc->masks.nw_src);
 163     memset(&wc->masks.arp_sha, 0xff, sizeof wc->masks.arp_sha);
 164
 165     tnl_arp_set(name, flow->nw_src, flow->arp_sha);
 166     return 0;
 167 }
 168
 169 static int
 170 tnl_nd_snoop(const struct flow *flow, struct flow_wildcards *wc,
 171               const char name[IFNAMSIZ])
 172 {
 173     if (!is_nd(flow, NULL) || flow->tp_src != htons(ND_NEIGHBOR_ADVERT)) {
 174         return EINVAL;
 175     }
 176     /* - RFC4861 says Neighbor Advertisements sent in response to unicast Neighbor
 177      *   Solicitations SHOULD include the Target link-layer address. However, Linux
 178      *   doesn't. So, the response to Solicitations sent by OVS will include the
 179      *   TLL address and other Advertisements not including it can be ignored.
 180      * - OVS flow extract can set this field to zero in case of packet parsing errors.
 181      *   For details refer miniflow_extract()*/
 182     if (eth_addr_is_zero(flow->arp_tha)) {
 183         return EINVAL;
 184     }
 185
 186     memset(&wc->masks.ipv6_src, 0xff, sizeof wc->masks.ipv6_src);
 187     memset(&wc->masks.ipv6_dst, 0xff, sizeof wc->masks.ipv6_dst);
 188     memset(&wc->masks.nd_target, 0xff, sizeof wc->masks.nd_target);
 189     memset(&wc->masks.arp_tha, 0xff, sizeof wc->masks.arp_tha);
 190
 191     tnl_neigh_set__(name, &flow->nd_target, flow->arp_tha);
 192     return 0;
 193 }
 194
 195 int
 196 tnl_neigh_snoop(const struct flow *flow, struct flow_wildcards *wc,
 197                 const char name[IFNAMSIZ])
 198 {
 199     int res;
 200     res = tnl_arp_snoop(flow, wc, name);
 201     if (res != EINVAL) {
 202         return res;
 203     }
 204     return tnl_nd_snoop(flow, wc, name);
 205 }
 206
 207 void
 208 tnl_neigh_cache_run(void)
 209 {
 210     struct tnl_neigh_entry *neigh;
 211     bool changed = false;
 212
 213     ovs_mutex_lock(&mutex);
 214     CMAP_FOR_EACH(neigh, cmap_node, &table) {
 215         if (neigh->expires <= time_now()) {
 216             tnl_neigh_delete(neigh);
 217             changed = true;
 218         }
 219     }
 220     ovs_mutex_unlock(&mutex);
 221
 222     if (changed) {
 223         seq_change(tnl_conf_seq);
 224     }
 225 }
 226
 227 static void
 228 tnl_neigh_cache_flush(struct unixctl_conn *conn, int argc OVS_UNUSED,
 229                     const char *argv[] OVS_UNUSED, void *aux OVS_UNUSED)
 230 {
 231     struct tnl_neigh_entry *neigh;
 232     bool changed = false;
 233
 234     ovs_mutex_lock(&mutex);
 235     CMAP_FOR_EACH(neigh, cmap_node, &table) {
 236         tnl_neigh_delete(neigh);
 237         changed = true;
 238     }
 239     ovs_mutex_unlock(&mutex);
 240     if (changed) {
 241         seq_change(tnl_conf_seq);
 242     }
 243     unixctl_command_reply(conn, "OK");
 244 }
 245
 246 static int
 247 lookup_any(const char *host_name, struct in6_addr *address)
 248 {
 249     if (addr_is_ipv6(host_name)) {
 250         return lookup_ipv6(host_name, address);
 251     } else {
 252         int r;
 253         struct in_addr ip;
 254         r = lookup_ip(host_name, &ip);
 255         if (r == 0) {
 256             in6_addr_set_mapped_ipv4(address, ip.s_addr);
 257         }
 258         return r;
 259     }
 260     return ENOENT;
 261 }
 262
 263 static void
 264 tnl_neigh_cache_add(struct unixctl_conn *conn, int argc OVS_UNUSED,
 265                     const char *argv[], void *aux OVS_UNUSED)
 266 {
 267     const char *br_name = argv[1];
 268     struct eth_addr mac;
 269     struct in6_addr ip6;
 270
 271     if (lookup_any(argv[2], &ip6) != 0) {
 272         unixctl_command_reply_error(conn, "bad IP address");
 273         return;
 274     }
 275
 276     if (!eth_addr_from_string(argv[3], &mac)) {
 277         unixctl_command_reply_error(conn, "bad MAC address");
 278         return;
 279     }
 280
 281     tnl_neigh_set__(br_name, &ip6, mac);
 282     unixctl_command_reply(conn, "OK");
 283 }
 284
 285 static void
 286 tnl_neigh_cache_show(struct unixctl_conn *conn, int argc OVS_UNUSED,
 287                      const char *argv[] OVS_UNUSED, void *aux OVS_UNUSED)
 288 {
 289     struct ds ds = DS_EMPTY_INITIALIZER;
 290     struct tnl_neigh_entry *neigh;
 291
 292     ds_put_cstr(&ds, "IP                                            MAC                 Bridge\n");
 293     ds_put_cstr(&ds, "==========================================================================\n");
 294     ovs_mutex_lock(&mutex);
 295     CMAP_FOR_EACH(neigh, cmap_node, &table) {
 296         int start_len, need_ws;
 297
 298         start_len = ds.length;
 299         ipv6_format_mapped(&neigh->ip, &ds);
 300
 301         need_ws = INET6_ADDRSTRLEN - (ds.length - start_len);
 302         ds_put_char_multiple(&ds, ' ', need_ws);
 303
 304         ds_put_format(&ds, ETH_ADDR_FMT"   %s",
 305                       ETH_ADDR_ARGS(neigh->mac), neigh->br_name);
 306         if (neigh->expires <= time_now()) {
 307             ds_put_format(&ds, " STALE");
 308         }
 309         ds_put_char(&ds, '\n');
 310
 311     }
 312     ovs_mutex_unlock(&mutex);
 313     unixctl_command_reply(conn, ds_cstr(&ds));
 314     ds_destroy(&ds);
 315 }
 316
 317 void
 318 tnl_neigh_cache_init(void)
 319 {
 320     unixctl_command_register("tnl/arp/show", "", 0, 0, tnl_neigh_cache_show, NULL);
 321     unixctl_command_register("tnl/arp/set", "BRIDGE IP MAC", 3, 3, tnl_neigh_cache_add, NULL);
 322     unixctl_command_register("tnl/arp/flush", "", 0, 0, tnl_neigh_cache_flush, NULL);
 323     unixctl_command_register("tnl/neigh/show", "", 0, 0, tnl_neigh_cache_show, NULL);
 324     unixctl_command_register("tnl/neigh/set", "BRIDGE IP MAC", 3, 3, tnl_neigh_cache_add, NULL);
 325     unixctl_command_register("tnl/neigh/flush", "", 0, 0, tnl_neigh_cache_flush, NULL);
 326 }