2 * Copyright (c) 2014, 2015, 2016 Nicira, Inc.
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at:
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
19 #include "tnl-neigh-cache.h"
22 #include <sys/types.h>
23 #include <netinet/in.h>
24 #include <netinet/icmp6.h>
30 #include "dpif-netdev.h"
31 #include "openvswitch/dynamic-string.h"
35 #include "ovs-thread.h"
37 #include "poll-loop.h"
39 #include "socket-util.h"
41 #include "unaligned.h"
44 #include "openvswitch/vlog.h"
48 #define NEIGH_ENTRY_DEFAULT_IDLE_TIME (15 * 60)
50 struct tnl_neigh_entry {
51 struct cmap_node cmap_node;
54 time_t expires; /* Expiration time. */
55 char br_name[IFNAMSIZ];
58 static struct cmap table = CMAP_INITIALIZER;
59 static struct ovs_mutex mutex = OVS_MUTEX_INITIALIZER;
62 tnl_neigh_hash(const struct in6_addr *ip)
64 return hash_bytes(ip->s6_addr, 16, 0);
67 static struct tnl_neigh_entry *
68 tnl_neigh_lookup__(const char br_name[IFNAMSIZ], const struct in6_addr *dst)
70 struct tnl_neigh_entry *neigh;
73 hash = tnl_neigh_hash(dst);
74 CMAP_FOR_EACH_WITH_HASH (neigh, cmap_node, hash, &table) {
75 if (ipv6_addr_equals(&neigh->ip, dst) && !strcmp(neigh->br_name, br_name)) {
76 if (neigh->expires <= time_now()) {
80 neigh->expires = time_now() + NEIGH_ENTRY_DEFAULT_IDLE_TIME;
88 tnl_neigh_lookup(const char br_name[IFNAMSIZ], const struct in6_addr *dst,
91 struct tnl_neigh_entry *neigh;
94 neigh = tnl_neigh_lookup__(br_name, dst);
103 neigh_entry_free(struct tnl_neigh_entry *neigh)
109 tnl_neigh_delete(struct tnl_neigh_entry *neigh)
111 uint32_t hash = tnl_neigh_hash(&neigh->ip);
112 cmap_remove(&table, &neigh->cmap_node, hash);
113 ovsrcu_postpone(neigh_entry_free, neigh);
117 tnl_neigh_set__(const char name[IFNAMSIZ], const struct in6_addr *dst,
118 const struct eth_addr mac)
120 ovs_mutex_lock(&mutex);
121 struct tnl_neigh_entry *neigh = tnl_neigh_lookup__(name, dst);
123 if (eth_addr_equals(neigh->mac, mac)) {
124 neigh->expires = time_now() + NEIGH_ENTRY_DEFAULT_IDLE_TIME;
125 ovs_mutex_unlock(&mutex);
128 tnl_neigh_delete(neigh);
129 seq_change(tnl_conf_seq);
132 neigh = xmalloc(sizeof *neigh);
136 neigh->expires = time_now() + NEIGH_ENTRY_DEFAULT_IDLE_TIME;
137 ovs_strlcpy(neigh->br_name, name, sizeof neigh->br_name);
138 cmap_insert(&table, &neigh->cmap_node, tnl_neigh_hash(&neigh->ip));
139 ovs_mutex_unlock(&mutex);
143 tnl_arp_set(const char name[IFNAMSIZ], ovs_be32 dst,
144 const struct eth_addr mac)
146 struct in6_addr dst6 = in6_addr_mapped_ipv4(dst);
147 tnl_neigh_set__(name, &dst6, mac);
151 tnl_arp_snoop(const struct flow *flow, struct flow_wildcards *wc,
152 const char name[IFNAMSIZ])
154 if (flow->dl_type != htons(ETH_TYPE_ARP) ||
155 flow->nw_proto != ARP_OP_REPLY ||
156 eth_addr_is_zero(flow->arp_sha)) {
160 /* Exact Match on all ARP flows. */
161 memset(&wc->masks.nw_proto, 0xff, sizeof wc->masks.nw_proto);
162 memset(&wc->masks.nw_src, 0xff, sizeof wc->masks.nw_src);
163 memset(&wc->masks.arp_sha, 0xff, sizeof wc->masks.arp_sha);
165 tnl_arp_set(name, flow->nw_src, flow->arp_sha);
170 tnl_nd_snoop(const struct flow *flow, struct flow_wildcards *wc,
171 const char name[IFNAMSIZ])
173 if (!is_nd(flow, NULL) || flow->tp_src != htons(ND_NEIGHBOR_ADVERT)) {
176 /* - RFC4861 says Neighbor Advertisements sent in response to unicast Neighbor
177 * Solicitations SHOULD include the Target link-layer address. However, Linux
178 * doesn't. So, the response to Solicitations sent by OVS will include the
179 * TLL address and other Advertisements not including it can be ignored.
180 * - OVS flow extract can set this field to zero in case of packet parsing errors.
181 * For details refer miniflow_extract()*/
182 if (eth_addr_is_zero(flow->arp_tha)) {
186 memset(&wc->masks.ipv6_src, 0xff, sizeof wc->masks.ipv6_src);
187 memset(&wc->masks.ipv6_dst, 0xff, sizeof wc->masks.ipv6_dst);
188 memset(&wc->masks.nd_target, 0xff, sizeof wc->masks.nd_target);
189 memset(&wc->masks.arp_tha, 0xff, sizeof wc->masks.arp_tha);
191 tnl_neigh_set__(name, &flow->nd_target, flow->arp_tha);
196 tnl_neigh_snoop(const struct flow *flow, struct flow_wildcards *wc,
197 const char name[IFNAMSIZ])
200 res = tnl_arp_snoop(flow, wc, name);
204 return tnl_nd_snoop(flow, wc, name);
208 tnl_neigh_cache_run(void)
210 struct tnl_neigh_entry *neigh;
211 bool changed = false;
213 ovs_mutex_lock(&mutex);
214 CMAP_FOR_EACH(neigh, cmap_node, &table) {
215 if (neigh->expires <= time_now()) {
216 tnl_neigh_delete(neigh);
220 ovs_mutex_unlock(&mutex);
223 seq_change(tnl_conf_seq);
228 tnl_neigh_cache_flush(struct unixctl_conn *conn, int argc OVS_UNUSED,
229 const char *argv[] OVS_UNUSED, void *aux OVS_UNUSED)
231 struct tnl_neigh_entry *neigh;
232 bool changed = false;
234 ovs_mutex_lock(&mutex);
235 CMAP_FOR_EACH(neigh, cmap_node, &table) {
236 tnl_neigh_delete(neigh);
239 ovs_mutex_unlock(&mutex);
241 seq_change(tnl_conf_seq);
243 unixctl_command_reply(conn, "OK");
247 lookup_any(const char *host_name, struct in6_addr *address)
249 if (addr_is_ipv6(host_name)) {
250 return lookup_ipv6(host_name, address);
254 r = lookup_ip(host_name, &ip);
256 in6_addr_set_mapped_ipv4(address, ip.s_addr);
264 tnl_neigh_cache_add(struct unixctl_conn *conn, int argc OVS_UNUSED,
265 const char *argv[], void *aux OVS_UNUSED)
267 const char *br_name = argv[1];
271 if (lookup_any(argv[2], &ip6) != 0) {
272 unixctl_command_reply_error(conn, "bad IP address");
276 if (!eth_addr_from_string(argv[3], &mac)) {
277 unixctl_command_reply_error(conn, "bad MAC address");
281 tnl_neigh_set__(br_name, &ip6, mac);
282 unixctl_command_reply(conn, "OK");
286 tnl_neigh_cache_show(struct unixctl_conn *conn, int argc OVS_UNUSED,
287 const char *argv[] OVS_UNUSED, void *aux OVS_UNUSED)
289 struct ds ds = DS_EMPTY_INITIALIZER;
290 struct tnl_neigh_entry *neigh;
292 ds_put_cstr(&ds, "IP MAC Bridge\n");
293 ds_put_cstr(&ds, "==========================================================================\n");
294 ovs_mutex_lock(&mutex);
295 CMAP_FOR_EACH(neigh, cmap_node, &table) {
296 int start_len, need_ws;
298 start_len = ds.length;
299 ipv6_format_mapped(&neigh->ip, &ds);
301 need_ws = INET6_ADDRSTRLEN - (ds.length - start_len);
302 ds_put_char_multiple(&ds, ' ', need_ws);
304 ds_put_format(&ds, ETH_ADDR_FMT" %s",
305 ETH_ADDR_ARGS(neigh->mac), neigh->br_name);
306 if (neigh->expires <= time_now()) {
307 ds_put_format(&ds, " STALE");
309 ds_put_char(&ds, '\n');
312 ovs_mutex_unlock(&mutex);
313 unixctl_command_reply(conn, ds_cstr(&ds));
318 tnl_neigh_cache_init(void)
320 unixctl_command_register("tnl/arp/show", "", 0, 0, tnl_neigh_cache_show, NULL);
321 unixctl_command_register("tnl/arp/set", "BRIDGE IP MAC", 3, 3, tnl_neigh_cache_add, NULL);
322 unixctl_command_register("tnl/arp/flush", "", 0, 0, tnl_neigh_cache_flush, NULL);
323 unixctl_command_register("tnl/neigh/show", "", 0, 0, tnl_neigh_cache_show, NULL);
324 unixctl_command_register("tnl/neigh/set", "BRIDGE IP MAC", 3, 3, tnl_neigh_cache_add, NULL);
325 unixctl_command_register("tnl/neigh/flush", "", 0, 0, tnl_neigh_cache_flush, NULL);