2 * Copyright (c) 2009, 2010, 2011, 2012, 2013, 2014, 2015 Nicira, Inc.
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at:
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
19 #include <arpa/inet.h>
20 #include <sys/socket.h>
21 #include <netinet/in.h>
22 #include <netinet/ip6.h>
23 #include <netinet/icmp6.h>
25 #include "byte-order.h"
30 #include "dynamic-string.h"
31 #include "ovs-thread.h"
33 #include "dp-packet.h"
34 #include "unaligned.h"
36 const struct in6_addr in6addr_exact
= IN6ADDR_EXACT_INIT
;
37 const struct in6_addr in6addr_all_hosts
= IN6ADDR_ALL_HOSTS_INIT
;
40 flow_tnl_dst(const struct flow_tnl
*tnl
)
42 return tnl
->ip_dst
? in6_addr_mapped_ipv4(tnl
->ip_dst
) : tnl
->ipv6_dst
;
46 flow_tnl_src(const struct flow_tnl
*tnl
)
48 return tnl
->ip_src
? in6_addr_mapped_ipv4(tnl
->ip_src
) : tnl
->ipv6_src
;
51 /* Parses 's' as a 16-digit hexadecimal number representing a datapath ID. On
52 * success stores the dpid into '*dpidp' and returns true, on failure stores 0
53 * into '*dpidp' and returns false.
55 * Rejects an all-zeros dpid as invalid. */
57 dpid_from_string(const char *s
, uint64_t *dpidp
)
59 *dpidp
= (strlen(s
) == 16 && strspn(s
, "0123456789abcdefABCDEF") == 16
60 ? strtoull(s
, NULL
, 16)
65 /* Returns true if 'ea' is a reserved address, that a bridge must never
66 * forward, false otherwise.
68 * If you change this function's behavior, please update corresponding
69 * documentation in vswitch.xml at the same time. */
71 eth_addr_is_reserved(const struct eth_addr ea
)
73 struct eth_addr_node
{
74 struct hmap_node hmap_node
;
78 static struct eth_addr_node nodes
[] = {
79 /* STP, IEEE pause frames, and other reserved protocols. */
80 { HMAP_NODE_NULL_INITIALIZER
, 0x0180c2000000ULL
},
81 { HMAP_NODE_NULL_INITIALIZER
, 0x0180c2000001ULL
},
82 { HMAP_NODE_NULL_INITIALIZER
, 0x0180c2000002ULL
},
83 { HMAP_NODE_NULL_INITIALIZER
, 0x0180c2000003ULL
},
84 { HMAP_NODE_NULL_INITIALIZER
, 0x0180c2000004ULL
},
85 { HMAP_NODE_NULL_INITIALIZER
, 0x0180c2000005ULL
},
86 { HMAP_NODE_NULL_INITIALIZER
, 0x0180c2000006ULL
},
87 { HMAP_NODE_NULL_INITIALIZER
, 0x0180c2000007ULL
},
88 { HMAP_NODE_NULL_INITIALIZER
, 0x0180c2000008ULL
},
89 { HMAP_NODE_NULL_INITIALIZER
, 0x0180c2000009ULL
},
90 { HMAP_NODE_NULL_INITIALIZER
, 0x0180c200000aULL
},
91 { HMAP_NODE_NULL_INITIALIZER
, 0x0180c200000bULL
},
92 { HMAP_NODE_NULL_INITIALIZER
, 0x0180c200000cULL
},
93 { HMAP_NODE_NULL_INITIALIZER
, 0x0180c200000dULL
},
94 { HMAP_NODE_NULL_INITIALIZER
, 0x0180c200000eULL
},
95 { HMAP_NODE_NULL_INITIALIZER
, 0x0180c200000fULL
},
97 /* Extreme protocols. */
98 { HMAP_NODE_NULL_INITIALIZER
, 0x00e02b000000ULL
}, /* EDP. */
99 { HMAP_NODE_NULL_INITIALIZER
, 0x00e02b000004ULL
}, /* EAPS. */
100 { HMAP_NODE_NULL_INITIALIZER
, 0x00e02b000006ULL
}, /* EAPS. */
102 /* Cisco protocols. */
103 { HMAP_NODE_NULL_INITIALIZER
, 0x01000c000000ULL
}, /* ISL. */
104 { HMAP_NODE_NULL_INITIALIZER
, 0x01000cccccccULL
}, /* PAgP, UDLD, CDP,
106 { HMAP_NODE_NULL_INITIALIZER
, 0x01000ccccccdULL
}, /* PVST+. */
107 { HMAP_NODE_NULL_INITIALIZER
, 0x01000ccdcdcdULL
}, /* STP Uplink Fast,
111 { HMAP_NODE_NULL_INITIALIZER
, 0x01000cccccc0ULL
},
112 { HMAP_NODE_NULL_INITIALIZER
, 0x01000cccccc1ULL
},
113 { HMAP_NODE_NULL_INITIALIZER
, 0x01000cccccc2ULL
},
114 { HMAP_NODE_NULL_INITIALIZER
, 0x01000cccccc3ULL
},
115 { HMAP_NODE_NULL_INITIALIZER
, 0x01000cccccc4ULL
},
116 { HMAP_NODE_NULL_INITIALIZER
, 0x01000cccccc5ULL
},
117 { HMAP_NODE_NULL_INITIALIZER
, 0x01000cccccc6ULL
},
118 { HMAP_NODE_NULL_INITIALIZER
, 0x01000cccccc7ULL
},
121 static struct ovsthread_once once
= OVSTHREAD_ONCE_INITIALIZER
;
122 struct eth_addr_node
*node
;
123 static struct hmap addrs
;
126 if (ovsthread_once_start(&once
)) {
128 for (node
= nodes
; node
< &nodes
[ARRAY_SIZE(nodes
)]; node
++) {
129 hmap_insert(&addrs
, &node
->hmap_node
, hash_uint64(node
->ea64
));
131 ovsthread_once_done(&once
);
134 ea64
= eth_addr_to_uint64(ea
);
135 HMAP_FOR_EACH_IN_BUCKET (node
, hmap_node
, hash_uint64(ea64
), &addrs
) {
136 if (node
->ea64
== ea64
) {
144 eth_addr_from_string(const char *s
, struct eth_addr
*ea
)
146 if (ovs_scan(s
, ETH_ADDR_SCAN_FMT
, ETH_ADDR_SCAN_ARGS(*ea
))) {
154 /* Fills 'b' with a Reverse ARP packet with Ethernet source address 'eth_src'.
155 * This function is used by Open vSwitch to compose packets in cases where
156 * context is important but content doesn't (or shouldn't) matter.
158 * The returned packet has enough headroom to insert an 802.1Q VLAN header if
161 compose_rarp(struct dp_packet
*b
, const struct eth_addr eth_src
)
163 struct eth_header
*eth
;
164 struct arp_eth_header
*arp
;
167 dp_packet_prealloc_tailroom(b
, 2 + ETH_HEADER_LEN
+ VLAN_HEADER_LEN
168 + ARP_ETH_HEADER_LEN
);
169 dp_packet_reserve(b
, 2 + VLAN_HEADER_LEN
);
170 eth
= dp_packet_put_uninit(b
, sizeof *eth
);
171 eth
->eth_dst
= eth_addr_broadcast
;
172 eth
->eth_src
= eth_src
;
173 eth
->eth_type
= htons(ETH_TYPE_RARP
);
175 arp
= dp_packet_put_uninit(b
, sizeof *arp
);
176 arp
->ar_hrd
= htons(ARP_HRD_ETHERNET
);
177 arp
->ar_pro
= htons(ARP_PRO_IP
);
178 arp
->ar_hln
= sizeof arp
->ar_sha
;
179 arp
->ar_pln
= sizeof arp
->ar_spa
;
180 arp
->ar_op
= htons(ARP_OP_RARP
);
181 arp
->ar_sha
= eth_src
;
182 put_16aligned_be32(&arp
->ar_spa
, htonl(0));
183 arp
->ar_tha
= eth_src
;
184 put_16aligned_be32(&arp
->ar_tpa
, htonl(0));
186 dp_packet_reset_offsets(b
);
187 dp_packet_set_l3(b
, arp
);
190 /* Insert VLAN header according to given TCI. Packet passed must be Ethernet
191 * packet. Ignores the CFI bit of 'tci' using 0 instead.
193 * Also adjusts the layer offsets accordingly. */
195 eth_push_vlan(struct dp_packet
*packet
, ovs_be16 tpid
, ovs_be16 tci
)
197 struct vlan_eth_header
*veh
;
199 /* Insert new 802.1Q header. */
200 veh
= dp_packet_resize_l2(packet
, VLAN_HEADER_LEN
);
201 memmove(veh
, (char *)veh
+ VLAN_HEADER_LEN
, 2 * ETH_ADDR_LEN
);
202 veh
->veth_type
= tpid
;
203 veh
->veth_tci
= tci
& htons(~VLAN_CFI
);
206 /* Removes outermost VLAN header (if any is present) from 'packet'.
208 * 'packet->l2_5' should initially point to 'packet''s outer-most VLAN header
209 * or may be NULL if there are no VLAN headers. */
211 eth_pop_vlan(struct dp_packet
*packet
)
213 struct vlan_eth_header
*veh
= dp_packet_l2(packet
);
215 if (veh
&& dp_packet_size(packet
) >= sizeof *veh
216 && eth_type_vlan(veh
->veth_type
)) {
218 memmove((char *)veh
+ VLAN_HEADER_LEN
, veh
, 2 * ETH_ADDR_LEN
);
219 dp_packet_resize_l2(packet
, -VLAN_HEADER_LEN
);
223 /* Set ethertype of the packet. */
225 set_ethertype(struct dp_packet
*packet
, ovs_be16 eth_type
)
227 struct eth_header
*eh
= dp_packet_l2(packet
);
233 if (eth_type_vlan(eh
->eth_type
)) {
235 char *l2_5
= dp_packet_l2_5(packet
);
237 p
= ALIGNED_CAST(ovs_be16
*,
238 (l2_5
? l2_5
: (char *)dp_packet_l3(packet
)) - 2);
241 eh
->eth_type
= eth_type
;
245 static bool is_mpls(struct dp_packet
*packet
)
247 return packet
->l2_5_ofs
!= UINT16_MAX
;
250 /* Set time to live (TTL) of an MPLS label stack entry (LSE). */
252 set_mpls_lse_ttl(ovs_be32
*lse
, uint8_t ttl
)
254 *lse
&= ~htonl(MPLS_TTL_MASK
);
255 *lse
|= htonl((ttl
<< MPLS_TTL_SHIFT
) & MPLS_TTL_MASK
);
258 /* Set traffic class (TC) of an MPLS label stack entry (LSE). */
260 set_mpls_lse_tc(ovs_be32
*lse
, uint8_t tc
)
262 *lse
&= ~htonl(MPLS_TC_MASK
);
263 *lse
|= htonl((tc
<< MPLS_TC_SHIFT
) & MPLS_TC_MASK
);
266 /* Set label of an MPLS label stack entry (LSE). */
268 set_mpls_lse_label(ovs_be32
*lse
, ovs_be32 label
)
270 *lse
&= ~htonl(MPLS_LABEL_MASK
);
271 *lse
|= htonl((ntohl(label
) << MPLS_LABEL_SHIFT
) & MPLS_LABEL_MASK
);
274 /* Set bottom of stack (BoS) bit of an MPLS label stack entry (LSE). */
276 set_mpls_lse_bos(ovs_be32
*lse
, uint8_t bos
)
278 *lse
&= ~htonl(MPLS_BOS_MASK
);
279 *lse
|= htonl((bos
<< MPLS_BOS_SHIFT
) & MPLS_BOS_MASK
);
282 /* Compose an MPLS label stack entry (LSE) from its components:
283 * label, traffic class (TC), time to live (TTL) and
284 * bottom of stack (BoS) bit. */
286 set_mpls_lse_values(uint8_t ttl
, uint8_t tc
, uint8_t bos
, ovs_be32 label
)
288 ovs_be32 lse
= htonl(0);
289 set_mpls_lse_ttl(&lse
, ttl
);
290 set_mpls_lse_tc(&lse
, tc
);
291 set_mpls_lse_bos(&lse
, bos
);
292 set_mpls_lse_label(&lse
, label
);
296 /* Set MPLS label stack entry to outermost MPLS header.*/
298 set_mpls_lse(struct dp_packet
*packet
, ovs_be32 mpls_lse
)
300 /* Packet type should be MPLS to set label stack entry. */
301 if (is_mpls(packet
)) {
302 struct mpls_hdr
*mh
= dp_packet_l2_5(packet
);
304 /* Update mpls label stack entry. */
305 put_16aligned_be32(&mh
->mpls_lse
, mpls_lse
);
309 /* Push MPLS label stack entry 'lse' onto 'packet' as the outermost MPLS
310 * header. If 'packet' does not already have any MPLS labels, then its
311 * Ethertype is changed to 'ethtype' (which must be an MPLS Ethertype). */
313 push_mpls(struct dp_packet
*packet
, ovs_be16 ethtype
, ovs_be32 lse
)
318 if (!eth_type_mpls(ethtype
)) {
322 if (!is_mpls(packet
)) {
323 /* Set MPLS label stack offset. */
324 packet
->l2_5_ofs
= packet
->l3_ofs
;
327 set_ethertype(packet
, ethtype
);
329 /* Push new MPLS shim header onto packet. */
330 len
= packet
->l2_5_ofs
;
331 header
= dp_packet_resize_l2_5(packet
, MPLS_HLEN
);
332 memmove(header
, header
+ MPLS_HLEN
, len
);
333 memcpy(header
+ len
, &lse
, sizeof lse
);
336 /* If 'packet' is an MPLS packet, removes its outermost MPLS label stack entry.
337 * If the label that was removed was the only MPLS label, changes 'packet''s
338 * Ethertype to 'ethtype' (which ordinarily should not be an MPLS
341 pop_mpls(struct dp_packet
*packet
, ovs_be16 ethtype
)
343 if (is_mpls(packet
)) {
344 struct mpls_hdr
*mh
= dp_packet_l2_5(packet
);
345 size_t len
= packet
->l2_5_ofs
;
347 set_ethertype(packet
, ethtype
);
348 if (get_16aligned_be32(&mh
->mpls_lse
) & htonl(MPLS_BOS_MASK
)) {
349 dp_packet_set_l2_5(packet
, NULL
);
351 /* Shift the l2 header forward. */
352 memmove((char*)dp_packet_data(packet
) + MPLS_HLEN
, dp_packet_data(packet
), len
);
353 dp_packet_resize_l2_5(packet
, -MPLS_HLEN
);
357 /* Converts hex digits in 'hex' to an Ethernet packet in '*packetp'. The
358 * caller must free '*packetp'. On success, returns NULL. On failure, returns
359 * an error message and stores NULL in '*packetp'.
361 * Aligns the L3 header of '*packetp' on a 32-bit boundary. */
363 eth_from_hex(const char *hex
, struct dp_packet
**packetp
)
365 struct dp_packet
*packet
;
367 /* Use 2 bytes of headroom to 32-bit align the L3 header. */
368 packet
= *packetp
= dp_packet_new_with_headroom(strlen(hex
) / 2, 2);
370 if (dp_packet_put_hex(packet
, hex
, NULL
)[0] != '\0') {
371 dp_packet_delete(packet
);
373 return "Trailing garbage in packet data";
376 if (dp_packet_size(packet
) < ETH_HEADER_LEN
) {
377 dp_packet_delete(packet
);
379 return "Packet data too short for Ethernet";
386 eth_format_masked(const struct eth_addr eth
,
387 const struct eth_addr
*mask
, struct ds
*s
)
389 ds_put_format(s
, ETH_ADDR_FMT
, ETH_ADDR_ARGS(eth
));
390 if (mask
&& !eth_mask_is_exact(*mask
)) {
391 ds_put_format(s
, "/"ETH_ADDR_FMT
, ETH_ADDR_ARGS(*mask
));
395 /* Given the IP netmask 'netmask', returns the number of bits of the IP address
396 * that it specifies, that is, the number of 1-bits in 'netmask'.
398 * If 'netmask' is not a CIDR netmask (see ip_is_cidr()), the return value will
399 * still be in the valid range but isn't otherwise meaningful. */
401 ip_count_cidr_bits(ovs_be32 netmask
)
403 return 32 - ctz32(ntohl(netmask
));
407 ip_format_masked(ovs_be32 ip
, ovs_be32 mask
, struct ds
*s
)
409 ds_put_format(s
, IP_FMT
, IP_ARGS(ip
));
410 if (mask
!= OVS_BE32_MAX
) {
411 if (ip_is_cidr(mask
)) {
412 ds_put_format(s
, "/%d", ip_count_cidr_bits(mask
));
414 ds_put_format(s
, "/"IP_FMT
, IP_ARGS(mask
));
419 /* Parses string 's', which must be an IP address. Stores the IP address into
420 * '*ip'. Returns true if successful, otherwise false. */
422 ip_parse(const char *s
, ovs_be32
*ip
)
424 return inet_pton(AF_INET
, s
, ip
) == 1;
427 /* Parses string 's', which must be an IP address with an optional netmask or
428 * CIDR prefix length. Stores the IP address into '*ip' and the netmask into
429 * '*mask'. (If 's' does not contain a netmask, 255.255.255.255 is
432 * Returns NULL if successful, otherwise an error message that the caller must
434 char * OVS_WARN_UNUSED_RESULT
435 ip_parse_masked(const char *s
, ovs_be32
*ip
, ovs_be32
*mask
)
440 if (ovs_scan(s
, IP_SCAN_FMT
"/"IP_SCAN_FMT
"%n",
441 IP_SCAN_ARGS(ip
), IP_SCAN_ARGS(mask
), &n
) && !s
[n
]) {
443 } else if (ovs_scan(s
, IP_SCAN_FMT
"/%d%n", IP_SCAN_ARGS(ip
), &prefix
, &n
)
445 if (prefix
<= 0 || prefix
> 32) {
446 return xasprintf("%s: network prefix bits not between 0 and "
449 *mask
= be32_prefix_mask(prefix
);
450 } else if (ovs_scan(s
, IP_SCAN_FMT
"%n", IP_SCAN_ARGS(ip
), &n
) && !s
[n
]) {
451 *mask
= OVS_BE32_MAX
;
453 return xasprintf("%s: invalid IP address", s
);
458 /* Similar to ip_parse_masked(), but the mask, if present, must be a CIDR mask
459 * and is returned as a prefix length in '*plen'. */
460 char * OVS_WARN_UNUSED_RESULT
461 ip_parse_cidr(const char *s
, ovs_be32
*ip
, unsigned int *plen
)
466 error
= ip_parse_masked(s
, ip
, &mask
);
471 if (!ip_is_cidr(mask
)) {
472 return xasprintf("%s: CIDR network required", s
);
474 *plen
= ip_count_cidr_bits(mask
);
478 /* Parses string 's', which must be an IPv6 address. Stores the IPv6 address
479 * into '*ip'. Returns true if successful, otherwise false. */
481 ipv6_parse(const char *s
, struct in6_addr
*ip
)
483 return inet_pton(AF_INET6
, s
, ip
) == 1;
486 /* Parses string 's', which must be an IPv6 address with an optional netmask or
487 * CIDR prefix length. Stores the IPv6 address into '*ip' and the netmask into
488 * '*mask'. (If 's' does not contain a netmask, all-one-bits is assumed.)
490 * Returns NULL if successful, otherwise an error message that the caller must
492 char * OVS_WARN_UNUSED_RESULT
493 ipv6_parse_masked(const char *s
, struct in6_addr
*ip
, struct in6_addr
*mask
)
495 char ipv6_s
[IPV6_SCAN_LEN
+ 1];
499 if (ovs_scan(s
, IPV6_SCAN_FMT
"%n", ipv6_s
, &n
) && ipv6_parse(ipv6_s
, ip
)) {
502 *mask
= in6addr_exact
;
503 } else if (ovs_scan(s
, "/%d%n", &prefix
, &n
) && !s
[n
]) {
504 if (prefix
<= 0 || prefix
> 128) {
505 return xasprintf("%s: IPv6 network prefix bits not between 0 "
508 *mask
= ipv6_create_mask(prefix
);
509 } else if (ovs_scan(s
, "/"IPV6_SCAN_FMT
"%n", ipv6_s
, &n
)
511 && ipv6_parse(ipv6_s
, mask
)) {
514 return xasprintf("%s: syntax error expecting IPv6 prefix length "
519 return xasprintf("%s: invalid IPv6 address", s
);
522 /* Similar to ipv6_parse_masked(), but the mask, if present, must be a CIDR
523 * mask and is returned as a prefix length in '*plen'. */
524 char * OVS_WARN_UNUSED_RESULT
525 ipv6_parse_cidr(const char *s
, struct in6_addr
*ip
, unsigned int *plen
)
527 struct in6_addr mask
;
530 error
= ipv6_parse_masked(s
, ip
, &mask
);
535 if (!ipv6_is_cidr(&mask
)) {
536 return xasprintf("%s: IPv6 CIDR network required", s
);
538 *plen
= ipv6_count_cidr_bits(&mask
);
542 /* Stores the string representation of the IPv6 address 'addr' into the
543 * character array 'addr_str', which must be at least INET6_ADDRSTRLEN
546 ipv6_format_addr(const struct in6_addr
*addr
, struct ds
*s
)
550 ds_reserve(s
, s
->length
+ INET6_ADDRSTRLEN
);
552 dst
= s
->string
+ s
->length
;
553 inet_ntop(AF_INET6
, addr
, dst
, INET6_ADDRSTRLEN
);
554 s
->length
+= strlen(dst
);
557 /* Same as print_ipv6_addr, but optionally encloses the address in square
560 ipv6_format_addr_bracket(const struct in6_addr
*addr
, struct ds
*s
,
566 ipv6_format_addr(addr
, s
);
573 ipv6_format_mapped(const struct in6_addr
*addr
, struct ds
*s
)
575 if (IN6_IS_ADDR_V4MAPPED(addr
)) {
576 ds_put_format(s
, IP_FMT
, addr
->s6_addr
[12], addr
->s6_addr
[13],
577 addr
->s6_addr
[14], addr
->s6_addr
[15]);
579 ipv6_format_addr(addr
, s
);
584 ipv6_format_masked(const struct in6_addr
*addr
, const struct in6_addr
*mask
,
587 ipv6_format_addr(addr
, s
);
588 if (mask
&& !ipv6_mask_is_exact(mask
)) {
589 if (ipv6_is_cidr(mask
)) {
590 int cidr_bits
= ipv6_count_cidr_bits(mask
);
591 ds_put_format(s
, "/%d", cidr_bits
);
594 ipv6_format_addr(mask
, s
);
599 /* Stores the string representation of the IPv6 address 'addr' into the
600 * character array 'addr_str', which must be at least INET6_ADDRSTRLEN
601 * bytes long. If addr is IPv4-mapped, store an IPv4 dotted-decimal string. */
603 ipv6_string_mapped(char *addr_str
, const struct in6_addr
*addr
)
606 ip
= in6_addr_get_mapped_ipv4(addr
);
608 return inet_ntop(AF_INET
, &ip
, addr_str
, INET6_ADDRSTRLEN
);
610 return inet_ntop(AF_INET6
, addr
, addr_str
, INET6_ADDRSTRLEN
);
614 struct in6_addr
ipv6_addr_bitand(const struct in6_addr
*a
,
615 const struct in6_addr
*b
)
621 for (i
=0; i
<4; i
++) {
622 dst
.s6_addr32
[i
] = a
->s6_addr32
[i
] & b
->s6_addr32
[i
];
625 for (i
=0; i
<16; i
++) {
626 dst
.s6_addr
[i
] = a
->s6_addr
[i
] & b
->s6_addr
[i
];
633 /* Returns an in6_addr consisting of 'mask' high-order 1-bits and 128-N
634 * low-order 0-bits. */
636 ipv6_create_mask(int mask
)
638 struct in6_addr netmask
;
639 uint8_t *netmaskp
= &netmask
.s6_addr
[0];
641 memset(&netmask
, 0, sizeof netmask
);
649 *netmaskp
= 0xff << (8 - mask
);
655 /* Given the IPv6 netmask 'netmask', returns the number of bits of the IPv6
656 * address that it specifies, that is, the number of 1-bits in 'netmask'.
657 * 'netmask' must be a CIDR netmask (see ipv6_is_cidr()).
659 * If 'netmask' is not a CIDR netmask (see ipv6_is_cidr()), the return value
660 * will still be in the valid range but isn't otherwise meaningful. */
662 ipv6_count_cidr_bits(const struct in6_addr
*netmask
)
666 const uint8_t *netmaskp
= &netmask
->s6_addr
[0];
668 for (i
=0; i
<16; i
++) {
669 if (netmaskp
[i
] == 0xff) {
674 for(nm
= netmaskp
[i
]; nm
; nm
<<= 1) {
685 /* Returns true if 'netmask' is a CIDR netmask, that is, if it consists of N
686 * high-order 1-bits and 128-N low-order 0-bits. */
688 ipv6_is_cidr(const struct in6_addr
*netmask
)
690 const uint8_t *netmaskp
= &netmask
->s6_addr
[0];
693 for (i
=0; i
<16; i
++) {
694 if (netmaskp
[i
] != 0xff) {
695 uint8_t x
= ~netmaskp
[i
];
710 /* Populates 'b' with an Ethernet II packet headed with the given 'eth_dst',
711 * 'eth_src' and 'eth_type' parameters. A payload of 'size' bytes is allocated
712 * in 'b' and returned. This payload may be populated with appropriate
713 * information by the caller. Sets 'b''s 'frame' pointer and 'l3' offset to
714 * the Ethernet header and payload respectively. Aligns b->l3 on a 32-bit
717 * The returned packet has enough headroom to insert an 802.1Q VLAN header if
720 eth_compose(struct dp_packet
*b
, const struct eth_addr eth_dst
,
721 const struct eth_addr eth_src
, uint16_t eth_type
,
725 struct eth_header
*eth
;
729 /* The magic 2 here ensures that the L3 header (when it is added later)
730 * will be 32-bit aligned. */
731 dp_packet_prealloc_tailroom(b
, 2 + ETH_HEADER_LEN
+ VLAN_HEADER_LEN
+ size
);
732 dp_packet_reserve(b
, 2 + VLAN_HEADER_LEN
);
733 eth
= dp_packet_put_uninit(b
, ETH_HEADER_LEN
);
734 data
= dp_packet_put_uninit(b
, size
);
736 eth
->eth_dst
= eth_dst
;
737 eth
->eth_src
= eth_src
;
738 eth
->eth_type
= htons(eth_type
);
740 dp_packet_reset_offsets(b
);
741 dp_packet_set_l3(b
, data
);
747 packet_set_ipv4_addr(struct dp_packet
*packet
,
748 ovs_16aligned_be32
*addr
, ovs_be32 new_addr
)
750 struct ip_header
*nh
= dp_packet_l3(packet
);
751 ovs_be32 old_addr
= get_16aligned_be32(addr
);
752 size_t l4_size
= dp_packet_l4_size(packet
);
754 if (nh
->ip_proto
== IPPROTO_TCP
&& l4_size
>= TCP_HEADER_LEN
) {
755 struct tcp_header
*th
= dp_packet_l4(packet
);
757 th
->tcp_csum
= recalc_csum32(th
->tcp_csum
, old_addr
, new_addr
);
758 } else if (nh
->ip_proto
== IPPROTO_UDP
&& l4_size
>= UDP_HEADER_LEN
) {
759 struct udp_header
*uh
= dp_packet_l4(packet
);
762 uh
->udp_csum
= recalc_csum32(uh
->udp_csum
, old_addr
, new_addr
);
764 uh
->udp_csum
= htons(0xffff);
768 nh
->ip_csum
= recalc_csum32(nh
->ip_csum
, old_addr
, new_addr
);
769 put_16aligned_be32(addr
, new_addr
);
772 /* Returns true, if packet contains at least one routing header where
773 * segements_left > 0.
775 * This function assumes that L3 and L4 offsets are set in the packet. */
777 packet_rh_present(struct dp_packet
*packet
)
779 const struct ovs_16aligned_ip6_hdr
*nh
;
783 uint8_t *data
= dp_packet_l3(packet
);
785 remaining
= packet
->l4_ofs
- packet
->l3_ofs
;
787 if (remaining
< sizeof *nh
) {
790 nh
= ALIGNED_CAST(struct ovs_16aligned_ip6_hdr
*, data
);
792 remaining
-= sizeof *nh
;
793 nexthdr
= nh
->ip6_nxt
;
796 if ((nexthdr
!= IPPROTO_HOPOPTS
)
797 && (nexthdr
!= IPPROTO_ROUTING
)
798 && (nexthdr
!= IPPROTO_DSTOPTS
)
799 && (nexthdr
!= IPPROTO_AH
)
800 && (nexthdr
!= IPPROTO_FRAGMENT
)) {
801 /* It's either a terminal header (e.g., TCP, UDP) or one we
802 * don't understand. In either case, we're done with the
803 * packet, so use it to fill in 'nw_proto'. */
807 /* We only verify that at least 8 bytes of the next header are
808 * available, but many of these headers are longer. Ensure that
809 * accesses within the extension header are within those first 8
810 * bytes. All extension headers are required to be at least 8
816 if (nexthdr
== IPPROTO_AH
) {
817 /* A standard AH definition isn't available, but the fields
818 * we care about are in the same location as the generic
819 * option header--only the header length is calculated
821 const struct ip6_ext
*ext_hdr
= (struct ip6_ext
*)data
;
823 nexthdr
= ext_hdr
->ip6e_nxt
;
824 len
= (ext_hdr
->ip6e_len
+ 2) * 4;
825 } else if (nexthdr
== IPPROTO_FRAGMENT
) {
826 const struct ovs_16aligned_ip6_frag
*frag_hdr
827 = ALIGNED_CAST(struct ovs_16aligned_ip6_frag
*, data
);
829 nexthdr
= frag_hdr
->ip6f_nxt
;
830 len
= sizeof *frag_hdr
;
831 } else if (nexthdr
== IPPROTO_ROUTING
) {
832 const struct ip6_rthdr
*rh
= (struct ip6_rthdr
*)data
;
834 if (rh
->ip6r_segleft
> 0) {
838 nexthdr
= rh
->ip6r_nxt
;
839 len
= (rh
->ip6r_len
+ 1) * 8;
841 const struct ip6_ext
*ext_hdr
= (struct ip6_ext
*)data
;
843 nexthdr
= ext_hdr
->ip6e_nxt
;
844 len
= (ext_hdr
->ip6e_len
+ 1) * 8;
847 if (remaining
< len
) {
858 packet_update_csum128(struct dp_packet
*packet
, uint8_t proto
,
859 ovs_16aligned_be32 addr
[4], const ovs_be32 new_addr
[4])
861 size_t l4_size
= dp_packet_l4_size(packet
);
863 if (proto
== IPPROTO_TCP
&& l4_size
>= TCP_HEADER_LEN
) {
864 struct tcp_header
*th
= dp_packet_l4(packet
);
866 th
->tcp_csum
= recalc_csum128(th
->tcp_csum
, addr
, new_addr
);
867 } else if (proto
== IPPROTO_UDP
&& l4_size
>= UDP_HEADER_LEN
) {
868 struct udp_header
*uh
= dp_packet_l4(packet
);
871 uh
->udp_csum
= recalc_csum128(uh
->udp_csum
, addr
, new_addr
);
873 uh
->udp_csum
= htons(0xffff);
876 } else if (proto
== IPPROTO_ICMPV6
&&
877 l4_size
>= sizeof(struct icmp6_header
)) {
878 struct icmp6_header
*icmp
= dp_packet_l4(packet
);
880 icmp
->icmp6_cksum
= recalc_csum128(icmp
->icmp6_cksum
, addr
, new_addr
);
885 packet_set_ipv6_addr(struct dp_packet
*packet
, uint8_t proto
,
886 ovs_16aligned_be32 addr
[4], const ovs_be32 new_addr
[4],
887 bool recalculate_csum
)
889 if (recalculate_csum
) {
890 packet_update_csum128(packet
, proto
, addr
, new_addr
);
892 memcpy(addr
, new_addr
, sizeof(ovs_be32
[4]));
896 packet_set_ipv6_flow_label(ovs_16aligned_be32
*flow_label
, ovs_be32 flow_key
)
898 ovs_be32 old_label
= get_16aligned_be32(flow_label
);
899 ovs_be32 new_label
= (old_label
& htonl(~IPV6_LABEL_MASK
)) | flow_key
;
900 put_16aligned_be32(flow_label
, new_label
);
904 packet_set_ipv6_tc(ovs_16aligned_be32
*flow_label
, uint8_t tc
)
906 ovs_be32 old_label
= get_16aligned_be32(flow_label
);
907 ovs_be32 new_label
= (old_label
& htonl(0xF00FFFFF)) | htonl(tc
<< 20);
908 put_16aligned_be32(flow_label
, new_label
);
911 /* Modifies the IPv4 header fields of 'packet' to be consistent with 'src',
912 * 'dst', 'tos', and 'ttl'. Updates 'packet''s L4 checksums as appropriate.
913 * 'packet' must contain a valid IPv4 packet with correctly populated l[347]
916 packet_set_ipv4(struct dp_packet
*packet
, ovs_be32 src
, ovs_be32 dst
,
917 uint8_t tos
, uint8_t ttl
)
919 struct ip_header
*nh
= dp_packet_l3(packet
);
921 if (get_16aligned_be32(&nh
->ip_src
) != src
) {
922 packet_set_ipv4_addr(packet
, &nh
->ip_src
, src
);
925 if (get_16aligned_be32(&nh
->ip_dst
) != dst
) {
926 packet_set_ipv4_addr(packet
, &nh
->ip_dst
, dst
);
929 if (nh
->ip_tos
!= tos
) {
930 uint8_t *field
= &nh
->ip_tos
;
932 nh
->ip_csum
= recalc_csum16(nh
->ip_csum
, htons((uint16_t) *field
),
933 htons((uint16_t) tos
));
937 if (nh
->ip_ttl
!= ttl
) {
938 uint8_t *field
= &nh
->ip_ttl
;
940 nh
->ip_csum
= recalc_csum16(nh
->ip_csum
, htons(*field
<< 8),
946 /* Modifies the IPv6 header fields of 'packet' to be consistent with 'src',
947 * 'dst', 'traffic class', and 'next hop'. Updates 'packet''s L4 checksums as
948 * appropriate. 'packet' must contain a valid IPv6 packet with correctly
949 * populated l[34] offsets. */
951 packet_set_ipv6(struct dp_packet
*packet
, uint8_t proto
, const ovs_be32 src
[4],
952 const ovs_be32 dst
[4], uint8_t key_tc
, ovs_be32 key_fl
,
955 struct ovs_16aligned_ip6_hdr
*nh
= dp_packet_l3(packet
);
957 if (memcmp(&nh
->ip6_src
, src
, sizeof(ovs_be32
[4]))) {
958 packet_set_ipv6_addr(packet
, proto
, nh
->ip6_src
.be32
, src
, true);
961 if (memcmp(&nh
->ip6_dst
, dst
, sizeof(ovs_be32
[4]))) {
962 packet_set_ipv6_addr(packet
, proto
, nh
->ip6_dst
.be32
, dst
,
963 !packet_rh_present(packet
));
966 packet_set_ipv6_tc(&nh
->ip6_flow
, key_tc
);
968 packet_set_ipv6_flow_label(&nh
->ip6_flow
, key_fl
);
970 nh
->ip6_hlim
= key_hl
;
974 packet_set_port(ovs_be16
*port
, ovs_be16 new_port
, ovs_be16
*csum
)
976 if (*port
!= new_port
) {
977 *csum
= recalc_csum16(*csum
, *port
, new_port
);
982 /* Sets the TCP source and destination port ('src' and 'dst' respectively) of
983 * the TCP header contained in 'packet'. 'packet' must be a valid TCP packet
984 * with its l4 offset properly populated. */
986 packet_set_tcp_port(struct dp_packet
*packet
, ovs_be16 src
, ovs_be16 dst
)
988 struct tcp_header
*th
= dp_packet_l4(packet
);
990 packet_set_port(&th
->tcp_src
, src
, &th
->tcp_csum
);
991 packet_set_port(&th
->tcp_dst
, dst
, &th
->tcp_csum
);
994 /* Sets the UDP source and destination port ('src' and 'dst' respectively) of
995 * the UDP header contained in 'packet'. 'packet' must be a valid UDP packet
996 * with its l4 offset properly populated. */
998 packet_set_udp_port(struct dp_packet
*packet
, ovs_be16 src
, ovs_be16 dst
)
1000 struct udp_header
*uh
= dp_packet_l4(packet
);
1003 packet_set_port(&uh
->udp_src
, src
, &uh
->udp_csum
);
1004 packet_set_port(&uh
->udp_dst
, dst
, &uh
->udp_csum
);
1006 if (!uh
->udp_csum
) {
1007 uh
->udp_csum
= htons(0xffff);
1015 /* Sets the SCTP source and destination port ('src' and 'dst' respectively) of
1016 * the SCTP header contained in 'packet'. 'packet' must be a valid SCTP packet
1017 * with its l4 offset properly populated. */
1019 packet_set_sctp_port(struct dp_packet
*packet
, ovs_be16 src
, ovs_be16 dst
)
1021 struct sctp_header
*sh
= dp_packet_l4(packet
);
1022 ovs_be32 old_csum
, old_correct_csum
, new_csum
;
1023 uint16_t tp_len
= dp_packet_l4_size(packet
);
1025 old_csum
= get_16aligned_be32(&sh
->sctp_csum
);
1026 put_16aligned_be32(&sh
->sctp_csum
, 0);
1027 old_correct_csum
= crc32c((void *)sh
, tp_len
);
1032 new_csum
= crc32c((void *)sh
, tp_len
);
1033 put_16aligned_be32(&sh
->sctp_csum
, old_csum
^ old_correct_csum
^ new_csum
);
1036 /* Sets the ICMP type and code of the ICMP header contained in 'packet'.
1037 * 'packet' must be a valid ICMP packet with its l4 offset properly
1040 packet_set_icmp(struct dp_packet
*packet
, uint8_t type
, uint8_t code
)
1042 struct icmp_header
*ih
= dp_packet_l4(packet
);
1043 ovs_be16 orig_tc
= htons(ih
->icmp_type
<< 8 | ih
->icmp_code
);
1044 ovs_be16 new_tc
= htons(type
<< 8 | code
);
1046 if (orig_tc
!= new_tc
) {
1047 ih
->icmp_type
= type
;
1048 ih
->icmp_code
= code
;
1050 ih
->icmp_csum
= recalc_csum16(ih
->icmp_csum
, orig_tc
, new_tc
);
1055 packet_set_nd(struct dp_packet
*packet
, const ovs_be32 target
[4],
1056 const struct eth_addr sll
, const struct eth_addr tll
) {
1057 struct ovs_nd_msg
*ns
;
1058 struct ovs_nd_opt
*nd_opt
;
1059 int bytes_remain
= dp_packet_l4_size(packet
);
1061 if (OVS_UNLIKELY(bytes_remain
< sizeof(*ns
))) {
1065 ns
= dp_packet_l4(packet
);
1066 nd_opt
= &ns
->options
[0];
1067 bytes_remain
-= sizeof(*ns
);
1069 if (memcmp(&ns
->target
, target
, sizeof(ovs_be32
[4]))) {
1070 packet_set_ipv6_addr(packet
, IPPROTO_ICMPV6
,
1075 while (bytes_remain
>= ND_OPT_LEN
&& nd_opt
->nd_opt_len
!= 0) {
1076 if (nd_opt
->nd_opt_type
== ND_OPT_SOURCE_LINKADDR
1077 && nd_opt
->nd_opt_len
== 1) {
1078 if (!eth_addr_equals(nd_opt
->nd_opt_mac
, sll
)) {
1079 ovs_be16
*csum
= &(ns
->icmph
.icmp6_cksum
);
1081 *csum
= recalc_csum48(*csum
, nd_opt
->nd_opt_mac
, sll
);
1082 nd_opt
->nd_opt_mac
= sll
;
1085 /* A packet can only contain one SLL or TLL option */
1087 } else if (nd_opt
->nd_opt_type
== ND_OPT_TARGET_LINKADDR
1088 && nd_opt
->nd_opt_len
== 1) {
1089 if (!eth_addr_equals(nd_opt
->nd_opt_mac
, tll
)) {
1090 ovs_be16
*csum
= &(ns
->icmph
.icmp6_cksum
);
1092 *csum
= recalc_csum48(*csum
, nd_opt
->nd_opt_mac
, tll
);
1093 nd_opt
->nd_opt_mac
= tll
;
1096 /* A packet can only contain one SLL or TLL option */
1100 nd_opt
+= nd_opt
->nd_opt_len
;
1101 bytes_remain
-= nd_opt
->nd_opt_len
* ND_OPT_LEN
;
1106 packet_tcp_flag_to_string(uint32_t flag
)
1138 /* Appends a string representation of the TCP flags value 'tcp_flags'
1139 * (e.g. from struct flow.tcp_flags or obtained via TCP_FLAGS) to 's', in the
1140 * format used by tcpdump. */
1142 packet_format_tcp_flags(struct ds
*s
, uint16_t tcp_flags
)
1145 ds_put_cstr(s
, "none");
1149 if (tcp_flags
& TCP_SYN
) {
1150 ds_put_char(s
, 'S');
1152 if (tcp_flags
& TCP_FIN
) {
1153 ds_put_char(s
, 'F');
1155 if (tcp_flags
& TCP_PSH
) {
1156 ds_put_char(s
, 'P');
1158 if (tcp_flags
& TCP_RST
) {
1159 ds_put_char(s
, 'R');
1161 if (tcp_flags
& TCP_URG
) {
1162 ds_put_char(s
, 'U');
1164 if (tcp_flags
& TCP_ACK
) {
1165 ds_put_char(s
, '.');
1167 if (tcp_flags
& TCP_ECE
) {
1168 ds_put_cstr(s
, "E");
1170 if (tcp_flags
& TCP_CWR
) {
1171 ds_put_cstr(s
, "C");
1173 if (tcp_flags
& TCP_NS
) {
1174 ds_put_cstr(s
, "N");
1176 if (tcp_flags
& 0x200) {
1177 ds_put_cstr(s
, "[200]");
1179 if (tcp_flags
& 0x400) {
1180 ds_put_cstr(s
, "[400]");
1182 if (tcp_flags
& 0x800) {
1183 ds_put_cstr(s
, "[800]");
1187 #define ARP_PACKET_SIZE (2 + ETH_HEADER_LEN + VLAN_HEADER_LEN + \
1190 /* Clears 'b' and replaces its contents by an ARP frame with the specified
1191 * 'arp_op', 'arp_sha', 'arp_tha', 'arp_spa', and 'arp_tpa'. The outer
1192 * Ethernet frame is initialized with Ethernet source 'arp_sha' and destination
1193 * 'arp_tha', except that destination ff:ff:ff:ff:ff:ff is used instead if
1194 * 'broadcast' is true. */
1196 compose_arp(struct dp_packet
*b
, uint16_t arp_op
,
1197 const struct eth_addr arp_sha
, const struct eth_addr arp_tha
,
1198 bool broadcast
, ovs_be32 arp_spa
, ovs_be32 arp_tpa
)
1200 struct eth_header
*eth
;
1201 struct arp_eth_header
*arp
;
1204 dp_packet_prealloc_tailroom(b
, ARP_PACKET_SIZE
);
1205 dp_packet_reserve(b
, 2 + VLAN_HEADER_LEN
);
1207 eth
= dp_packet_put_uninit(b
, sizeof *eth
);
1208 eth
->eth_dst
= broadcast
? eth_addr_broadcast
: arp_tha
;
1209 eth
->eth_src
= arp_sha
;
1210 eth
->eth_type
= htons(ETH_TYPE_ARP
);
1212 arp
= dp_packet_put_uninit(b
, sizeof *arp
);
1213 arp
->ar_hrd
= htons(ARP_HRD_ETHERNET
);
1214 arp
->ar_pro
= htons(ARP_PRO_IP
);
1215 arp
->ar_hln
= sizeof arp
->ar_sha
;
1216 arp
->ar_pln
= sizeof arp
->ar_spa
;
1217 arp
->ar_op
= htons(arp_op
);
1218 arp
->ar_sha
= arp_sha
;
1219 arp
->ar_tha
= arp_tha
;
1221 put_16aligned_be32(&arp
->ar_spa
, arp_spa
);
1222 put_16aligned_be32(&arp
->ar_tpa
, arp_tpa
);
1224 dp_packet_reset_offsets(b
);
1225 dp_packet_set_l3(b
, arp
);
1229 compose_nd(struct dp_packet
*b
, const struct eth_addr eth_src
,
1230 struct in6_addr
* ipv6_src
, struct in6_addr
* ipv6_dst
)
1232 struct in6_addr sn_addr
;
1233 struct eth_addr eth_dst
;
1234 struct ovs_nd_msg
*ns
;
1235 struct ovs_nd_opt
*nd_opt
;
1237 in6_addr_solicited_node(&sn_addr
, ipv6_dst
);
1238 ipv6_multicast_to_ethernet(ð_dst
, &sn_addr
);
1240 eth_compose(b
, eth_dst
, eth_src
, ETH_TYPE_IPV6
,
1241 IPV6_HEADER_LEN
+ ICMP6_HEADER_LEN
+ ND_OPT_LEN
);
1242 packet_set_ipv6(b
, IPPROTO_ICMPV6
,
1243 ALIGNED_CAST(ovs_be32
*, ipv6_src
->s6_addr
),
1244 ALIGNED_CAST(ovs_be32
*, sn_addr
.s6_addr
),
1247 ns
= dp_packet_l4(b
);
1248 nd_opt
= &ns
->options
[0];
1250 ns
->icmph
.icmp6_type
= ND_NEIGHBOR_SOLICIT
;
1251 ns
->icmph
.icmp6_code
= 0;
1253 nd_opt
->nd_opt_type
= ND_OPT_SOURCE_LINKADDR
;
1254 packet_set_nd(b
, ALIGNED_CAST(ovs_be32
*, ipv6_dst
->s6_addr
),
1255 eth_src
, eth_addr_zero
);
1259 packet_csum_pseudoheader(const struct ip_header
*ip
)
1261 uint32_t partial
= 0;
1263 partial
= csum_add32(partial
, get_16aligned_be32(&ip
->ip_src
));
1264 partial
= csum_add32(partial
, get_16aligned_be32(&ip
->ip_dst
));
1265 partial
= csum_add16(partial
, htons(ip
->ip_proto
));
1266 partial
= csum_add16(partial
, htons(ntohs(ip
->ip_tot_len
) -
1267 IP_IHL(ip
->ip_ihl_ver
) * 4));
1274 packet_csum_pseudoheader6(const struct ovs_16aligned_ip6_hdr
*ip6
)
1276 uint32_t partial
= 0;
1278 partial
= csum_add32(partial
, get_16aligned_be32(&(ip6
->ip6_src
.be32
[0])));
1279 partial
= csum_add32(partial
, get_16aligned_be32(&(ip6
->ip6_src
.be32
[1])));
1280 partial
= csum_add32(partial
, get_16aligned_be32(&(ip6
->ip6_src
.be32
[2])));
1281 partial
= csum_add32(partial
, get_16aligned_be32(&(ip6
->ip6_src
.be32
[3])));
1282 partial
= csum_add32(partial
, get_16aligned_be32(&(ip6
->ip6_dst
.be32
[0])));
1283 partial
= csum_add32(partial
, get_16aligned_be32(&(ip6
->ip6_dst
.be32
[1])));
1284 partial
= csum_add32(partial
, get_16aligned_be32(&(ip6
->ip6_dst
.be32
[2])));
1285 partial
= csum_add32(partial
, get_16aligned_be32(&(ip6
->ip6_dst
.be32
[3])));
1287 partial
= csum_add16(partial
, 0);
1288 partial
= csum_add16(partial
, ip6
->ip6_plen
);
1289 partial
= csum_add16(partial
, 0);
1290 partial
= csum_add16(partial
, ip6
->ip6_nxt
);