2 * Copyright (c) 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016 Nicira, Inc.
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at:
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
19 #include <arpa/inet.h>
20 #include <sys/socket.h>
21 #include <netinet/in.h>
22 #include <netinet/ip6.h>
23 #include <netinet/icmp6.h>
25 #include "byte-order.h"
29 #include "openvswitch/hmap.h"
30 #include "openvswitch/dynamic-string.h"
31 #include "ovs-thread.h"
33 #include "dp-packet.h"
34 #include "unaligned.h"
36 const struct in6_addr in6addr_exact
= IN6ADDR_EXACT_INIT
;
37 const struct in6_addr in6addr_all_hosts
= IN6ADDR_ALL_HOSTS_INIT
;
38 const struct in6_addr in6addr_all_routers
= IN6ADDR_ALL_ROUTERS_INIT
;
41 flow_tnl_dst(const struct flow_tnl
*tnl
)
43 return tnl
->ip_dst
? in6_addr_mapped_ipv4(tnl
->ip_dst
) : tnl
->ipv6_dst
;
47 flow_tnl_src(const struct flow_tnl
*tnl
)
49 return tnl
->ip_src
? in6_addr_mapped_ipv4(tnl
->ip_src
) : tnl
->ipv6_src
;
52 /* Parses 's' as a 16-digit hexadecimal number representing a datapath ID. On
53 * success stores the dpid into '*dpidp' and returns true, on failure stores 0
54 * into '*dpidp' and returns false.
56 * Rejects an all-zeros dpid as invalid. */
58 dpid_from_string(const char *s
, uint64_t *dpidp
)
60 *dpidp
= (strlen(s
) == 16 && strspn(s
, "0123456789abcdefABCDEF") == 16
61 ? strtoull(s
, NULL
, 16)
66 /* Returns true if 'ea' is a reserved address, that a bridge must never
67 * forward, false otherwise.
69 * If you change this function's behavior, please update corresponding
70 * documentation in vswitch.xml at the same time. */
72 eth_addr_is_reserved(const struct eth_addr ea
)
74 struct eth_addr_node
{
75 struct hmap_node hmap_node
;
79 static struct eth_addr_node nodes
[] = {
80 /* STP, IEEE pause frames, and other reserved protocols. */
81 { HMAP_NODE_NULL_INITIALIZER
, 0x0180c2000000ULL
},
82 { HMAP_NODE_NULL_INITIALIZER
, 0x0180c2000001ULL
},
83 { HMAP_NODE_NULL_INITIALIZER
, 0x0180c2000002ULL
},
84 { HMAP_NODE_NULL_INITIALIZER
, 0x0180c2000003ULL
},
85 { HMAP_NODE_NULL_INITIALIZER
, 0x0180c2000004ULL
},
86 { HMAP_NODE_NULL_INITIALIZER
, 0x0180c2000005ULL
},
87 { HMAP_NODE_NULL_INITIALIZER
, 0x0180c2000006ULL
},
88 { HMAP_NODE_NULL_INITIALIZER
, 0x0180c2000007ULL
},
89 { HMAP_NODE_NULL_INITIALIZER
, 0x0180c2000008ULL
},
90 { HMAP_NODE_NULL_INITIALIZER
, 0x0180c2000009ULL
},
91 { HMAP_NODE_NULL_INITIALIZER
, 0x0180c200000aULL
},
92 { HMAP_NODE_NULL_INITIALIZER
, 0x0180c200000bULL
},
93 { HMAP_NODE_NULL_INITIALIZER
, 0x0180c200000cULL
},
94 { HMAP_NODE_NULL_INITIALIZER
, 0x0180c200000dULL
},
95 { HMAP_NODE_NULL_INITIALIZER
, 0x0180c200000eULL
},
96 { HMAP_NODE_NULL_INITIALIZER
, 0x0180c200000fULL
},
98 /* Extreme protocols. */
99 { HMAP_NODE_NULL_INITIALIZER
, 0x00e02b000000ULL
}, /* EDP. */
100 { HMAP_NODE_NULL_INITIALIZER
, 0x00e02b000004ULL
}, /* EAPS. */
101 { HMAP_NODE_NULL_INITIALIZER
, 0x00e02b000006ULL
}, /* EAPS. */
103 /* Cisco protocols. */
104 { HMAP_NODE_NULL_INITIALIZER
, 0x01000c000000ULL
}, /* ISL. */
105 { HMAP_NODE_NULL_INITIALIZER
, 0x01000cccccccULL
}, /* PAgP, UDLD, CDP,
107 { HMAP_NODE_NULL_INITIALIZER
, 0x01000ccccccdULL
}, /* PVST+. */
108 { HMAP_NODE_NULL_INITIALIZER
, 0x01000ccdcdcdULL
}, /* STP Uplink Fast,
112 { HMAP_NODE_NULL_INITIALIZER
, 0x01000cccccc0ULL
},
113 { HMAP_NODE_NULL_INITIALIZER
, 0x01000cccccc1ULL
},
114 { HMAP_NODE_NULL_INITIALIZER
, 0x01000cccccc2ULL
},
115 { HMAP_NODE_NULL_INITIALIZER
, 0x01000cccccc3ULL
},
116 { HMAP_NODE_NULL_INITIALIZER
, 0x01000cccccc4ULL
},
117 { HMAP_NODE_NULL_INITIALIZER
, 0x01000cccccc5ULL
},
118 { HMAP_NODE_NULL_INITIALIZER
, 0x01000cccccc6ULL
},
119 { HMAP_NODE_NULL_INITIALIZER
, 0x01000cccccc7ULL
},
122 static struct ovsthread_once once
= OVSTHREAD_ONCE_INITIALIZER
;
123 struct eth_addr_node
*node
;
124 static struct hmap addrs
;
127 if (ovsthread_once_start(&once
)) {
129 for (node
= nodes
; node
< &nodes
[ARRAY_SIZE(nodes
)]; node
++) {
130 hmap_insert(&addrs
, &node
->hmap_node
, hash_uint64(node
->ea64
));
132 ovsthread_once_done(&once
);
135 ea64
= eth_addr_to_uint64(ea
);
136 HMAP_FOR_EACH_IN_BUCKET (node
, hmap_node
, hash_uint64(ea64
), &addrs
) {
137 if (node
->ea64
== ea64
) {
144 /* Attempts to parse 's' as an Ethernet address. If successful, stores the
145 * address in 'ea' and returns true, otherwise zeros 'ea' and returns
146 * false. This function checks trailing characters. */
148 eth_addr_from_string(const char *s
, struct eth_addr
*ea
)
151 if (ovs_scan(s
, ETH_ADDR_SCAN_FMT
"%n", ETH_ADDR_SCAN_ARGS(*ea
), &n
)
160 /* Fills 'b' with a Reverse ARP packet with Ethernet source address 'eth_src'.
161 * This function is used by Open vSwitch to compose packets in cases where
162 * context is important but content doesn't (or shouldn't) matter.
164 * The returned packet has enough headroom to insert an 802.1Q VLAN header if
167 compose_rarp(struct dp_packet
*b
, const struct eth_addr eth_src
)
169 struct eth_header
*eth
;
170 struct arp_eth_header
*arp
;
173 dp_packet_prealloc_tailroom(b
, 2 + ETH_HEADER_LEN
+ VLAN_HEADER_LEN
174 + ARP_ETH_HEADER_LEN
);
175 dp_packet_reserve(b
, 2 + VLAN_HEADER_LEN
);
176 eth
= dp_packet_put_uninit(b
, sizeof *eth
);
177 eth
->eth_dst
= eth_addr_broadcast
;
178 eth
->eth_src
= eth_src
;
179 eth
->eth_type
= htons(ETH_TYPE_RARP
);
181 arp
= dp_packet_put_uninit(b
, sizeof *arp
);
182 arp
->ar_hrd
= htons(ARP_HRD_ETHERNET
);
183 arp
->ar_pro
= htons(ARP_PRO_IP
);
184 arp
->ar_hln
= sizeof arp
->ar_sha
;
185 arp
->ar_pln
= sizeof arp
->ar_spa
;
186 arp
->ar_op
= htons(ARP_OP_RARP
);
187 arp
->ar_sha
= eth_src
;
188 put_16aligned_be32(&arp
->ar_spa
, htonl(0));
189 arp
->ar_tha
= eth_src
;
190 put_16aligned_be32(&arp
->ar_tpa
, htonl(0));
192 dp_packet_reset_offsets(b
);
193 dp_packet_set_l3(b
, arp
);
194 b
->packet_type
= htonl(PT_ETH
);
197 /* Insert VLAN header according to given TCI. Packet passed must be Ethernet
198 * packet. Ignores the CFI bit of 'tci' using 0 instead.
200 * Also adjusts the layer offsets accordingly. */
202 eth_push_vlan(struct dp_packet
*packet
, ovs_be16 tpid
, ovs_be16 tci
)
204 struct vlan_eth_header
*veh
;
206 /* Insert new 802.1Q header. */
207 veh
= dp_packet_resize_l2(packet
, VLAN_HEADER_LEN
);
208 memmove(veh
, (char *)veh
+ VLAN_HEADER_LEN
, 2 * ETH_ADDR_LEN
);
209 veh
->veth_type
= tpid
;
210 veh
->veth_tci
= tci
& htons(~VLAN_CFI
);
213 /* Removes outermost VLAN header (if any is present) from 'packet'.
215 * 'packet->l2_5' should initially point to 'packet''s outer-most VLAN header
216 * or may be NULL if there are no VLAN headers. */
218 eth_pop_vlan(struct dp_packet
*packet
)
220 struct vlan_eth_header
*veh
= dp_packet_eth(packet
);
222 if (veh
&& dp_packet_size(packet
) >= sizeof *veh
223 && eth_type_vlan(veh
->veth_type
)) {
225 memmove((char *)veh
+ VLAN_HEADER_LEN
, veh
, 2 * ETH_ADDR_LEN
);
226 dp_packet_resize_l2(packet
, -VLAN_HEADER_LEN
);
230 /* Push Ethernet header onto 'packet' assuming it is layer 3 */
232 push_eth(struct dp_packet
*packet
, const struct eth_addr
*dst
,
233 const struct eth_addr
*src
)
235 struct eth_header
*eh
;
237 ovs_assert(packet
->packet_type
!= htonl(PT_ETH
));
238 eh
= dp_packet_resize_l2(packet
, ETH_HEADER_LEN
);
241 eh
->eth_type
= pt_ns_type_be(packet
->packet_type
);
242 packet
->packet_type
= htonl(PT_ETH
);
245 /* Removes Ethernet header, including VLAN header, from 'packet'.
247 * Previous to calling this function, 'ofpbuf_l3(packet)' must not be NULL */
249 pop_eth(struct dp_packet
*packet
)
251 char *l2_5
= dp_packet_l2_5(packet
);
252 char *l3
= dp_packet_l3(packet
);
256 ovs_assert(packet
->packet_type
== htonl(PT_ETH
));
257 ovs_assert(l3
!= NULL
);
260 increment
= packet
->l2_5_ofs
;
261 ethertype
= *(ALIGNED_CAST(ovs_be16
*, (l2_5
- 2)));
263 increment
= packet
->l3_ofs
;
264 ethertype
= *(ALIGNED_CAST(ovs_be16
*, (l3
- 2)));
267 dp_packet_resize_l2(packet
, -increment
);
268 packet
->packet_type
= PACKET_TYPE_BE(OFPHTN_ETHERTYPE
, ntohs(ethertype
));
271 /* Set ethertype of the packet. */
273 set_ethertype(struct dp_packet
*packet
, ovs_be16 eth_type
)
275 struct eth_header
*eh
= dp_packet_eth(packet
);
281 if (eth_type_vlan(eh
->eth_type
)) {
283 char *l2_5
= dp_packet_l2_5(packet
);
285 p
= ALIGNED_CAST(ovs_be16
*,
286 (l2_5
? l2_5
: (char *)dp_packet_l3(packet
)) - 2);
289 eh
->eth_type
= eth_type
;
293 static bool is_mpls(struct dp_packet
*packet
)
295 return packet
->l2_5_ofs
!= UINT16_MAX
;
298 /* Set time to live (TTL) of an MPLS label stack entry (LSE). */
300 set_mpls_lse_ttl(ovs_be32
*lse
, uint8_t ttl
)
302 *lse
&= ~htonl(MPLS_TTL_MASK
);
303 *lse
|= htonl((ttl
<< MPLS_TTL_SHIFT
) & MPLS_TTL_MASK
);
306 /* Set traffic class (TC) of an MPLS label stack entry (LSE). */
308 set_mpls_lse_tc(ovs_be32
*lse
, uint8_t tc
)
310 *lse
&= ~htonl(MPLS_TC_MASK
);
311 *lse
|= htonl((tc
<< MPLS_TC_SHIFT
) & MPLS_TC_MASK
);
314 /* Set label of an MPLS label stack entry (LSE). */
316 set_mpls_lse_label(ovs_be32
*lse
, ovs_be32 label
)
318 *lse
&= ~htonl(MPLS_LABEL_MASK
);
319 *lse
|= htonl((ntohl(label
) << MPLS_LABEL_SHIFT
) & MPLS_LABEL_MASK
);
322 /* Set bottom of stack (BoS) bit of an MPLS label stack entry (LSE). */
324 set_mpls_lse_bos(ovs_be32
*lse
, uint8_t bos
)
326 *lse
&= ~htonl(MPLS_BOS_MASK
);
327 *lse
|= htonl((bos
<< MPLS_BOS_SHIFT
) & MPLS_BOS_MASK
);
330 /* Compose an MPLS label stack entry (LSE) from its components:
331 * label, traffic class (TC), time to live (TTL) and
332 * bottom of stack (BoS) bit. */
334 set_mpls_lse_values(uint8_t ttl
, uint8_t tc
, uint8_t bos
, ovs_be32 label
)
336 ovs_be32 lse
= htonl(0);
337 set_mpls_lse_ttl(&lse
, ttl
);
338 set_mpls_lse_tc(&lse
, tc
);
339 set_mpls_lse_bos(&lse
, bos
);
340 set_mpls_lse_label(&lse
, label
);
344 /* Set MPLS label stack entry to outermost MPLS header.*/
346 set_mpls_lse(struct dp_packet
*packet
, ovs_be32 mpls_lse
)
348 /* Packet type should be MPLS to set label stack entry. */
349 if (is_mpls(packet
)) {
350 struct mpls_hdr
*mh
= dp_packet_l2_5(packet
);
352 /* Update mpls label stack entry. */
353 put_16aligned_be32(&mh
->mpls_lse
, mpls_lse
);
357 /* Push MPLS label stack entry 'lse' onto 'packet' as the outermost MPLS
358 * header. If 'packet' does not already have any MPLS labels, then its
359 * Ethertype is changed to 'ethtype' (which must be an MPLS Ethertype). */
361 push_mpls(struct dp_packet
*packet
, ovs_be16 ethtype
, ovs_be32 lse
)
366 if (!eth_type_mpls(ethtype
)) {
370 if (!is_mpls(packet
)) {
371 /* Set MPLS label stack offset. */
372 packet
->l2_5_ofs
= packet
->l3_ofs
;
375 set_ethertype(packet
, ethtype
);
377 /* Push new MPLS shim header onto packet. */
378 len
= packet
->l2_5_ofs
;
379 header
= dp_packet_resize_l2_5(packet
, MPLS_HLEN
);
380 memmove(header
, header
+ MPLS_HLEN
, len
);
381 memcpy(header
+ len
, &lse
, sizeof lse
);
384 /* If 'packet' is an MPLS packet, removes its outermost MPLS label stack entry.
385 * If the label that was removed was the only MPLS label, changes 'packet''s
386 * Ethertype to 'ethtype' (which ordinarily should not be an MPLS
389 pop_mpls(struct dp_packet
*packet
, ovs_be16 ethtype
)
391 if (is_mpls(packet
)) {
392 struct mpls_hdr
*mh
= dp_packet_l2_5(packet
);
393 size_t len
= packet
->l2_5_ofs
;
395 set_ethertype(packet
, ethtype
);
396 if (get_16aligned_be32(&mh
->mpls_lse
) & htonl(MPLS_BOS_MASK
)) {
397 dp_packet_set_l2_5(packet
, NULL
);
399 /* Shift the l2 header forward. */
400 memmove((char*)dp_packet_data(packet
) + MPLS_HLEN
, dp_packet_data(packet
), len
);
401 dp_packet_resize_l2_5(packet
, -MPLS_HLEN
);
406 encap_nsh(struct dp_packet
*packet
, const struct ovs_action_encap_nsh
*encap
)
409 size_t length
= NSH_BASE_HDR_LEN
+ encap
->mdlen
;
412 switch (ntohl(packet
->packet_type
)) {
414 next_proto
= NSH_P_ETHERNET
;
417 next_proto
= NSH_P_IPV4
;
420 next_proto
= NSH_P_IPV6
;
423 next_proto
= NSH_P_NSH
;
429 nsh
= (struct nsh_hdr
*) dp_packet_push_uninit(packet
, length
);
430 nsh
->ver_flags_len
= htons(encap
->flags
<< NSH_FLAGS_SHIFT
| length
>> 2);
431 nsh
->next_proto
= next_proto
;
432 put_16aligned_be32(&nsh
->path_hdr
, encap
->path_hdr
);
433 nsh
->md_type
= encap
->mdtype
;
434 switch (nsh
->md_type
) {
436 nsh
->md1
= *ALIGNED_CAST(struct nsh_md1_ctx
*, encap
->metadata
);
439 /* The MD2 metadata in encap is already padded to 4 bytes. */
440 size_t len
= ROUND_UP(encap
->mdlen
, 4);
441 memcpy(&nsh
->md2
, encap
->metadata
, len
);
448 packet
->packet_type
= htonl(PT_NSH
);
449 dp_packet_reset_offsets(packet
);
454 decap_nsh(struct dp_packet
*packet
)
456 struct nsh_hdr
*nsh
= (struct nsh_hdr
*) dp_packet_l3(packet
);
460 if (packet
->packet_type
== htonl(PT_NSH
) && nsh
) {
461 switch (nsh
->next_proto
) {
475 /* Unknown inner packet type. Drop packet. */
479 length
= nsh_hdr_len(nsh
);
480 dp_packet_reset_packet(packet
, length
);
481 packet
->packet_type
= htonl(next_pt
);
482 /* Packet must be recirculated for further processing. */
487 /* Converts hex digits in 'hex' to an Ethernet packet in '*packetp'. The
488 * caller must free '*packetp'. On success, returns NULL. On failure, returns
489 * an error message and stores NULL in '*packetp'.
491 * Aligns the L3 header of '*packetp' on a 32-bit boundary. */
493 eth_from_hex(const char *hex
, struct dp_packet
**packetp
)
495 struct dp_packet
*packet
;
497 /* Use 2 bytes of headroom to 32-bit align the L3 header. */
498 packet
= *packetp
= dp_packet_new_with_headroom(strlen(hex
) / 2, 2);
500 if (dp_packet_put_hex(packet
, hex
, NULL
)[0] != '\0') {
501 dp_packet_delete(packet
);
503 return "Trailing garbage in packet data";
506 if (dp_packet_size(packet
) < ETH_HEADER_LEN
) {
507 dp_packet_delete(packet
);
509 return "Packet data too short for Ethernet";
516 eth_format_masked(const struct eth_addr eth
,
517 const struct eth_addr
*mask
, struct ds
*s
)
519 ds_put_format(s
, ETH_ADDR_FMT
, ETH_ADDR_ARGS(eth
));
520 if (mask
&& !eth_mask_is_exact(*mask
)) {
521 ds_put_format(s
, "/"ETH_ADDR_FMT
, ETH_ADDR_ARGS(*mask
));
525 /* Given the IP netmask 'netmask', returns the number of bits of the IP address
526 * that it specifies, that is, the number of 1-bits in 'netmask'.
528 * If 'netmask' is not a CIDR netmask (see ip_is_cidr()), the return value will
529 * still be in the valid range but isn't otherwise meaningful. */
531 ip_count_cidr_bits(ovs_be32 netmask
)
533 return 32 - ctz32(ntohl(netmask
));
537 ip_format_masked(ovs_be32 ip
, ovs_be32 mask
, struct ds
*s
)
539 ds_put_format(s
, IP_FMT
, IP_ARGS(ip
));
540 if (mask
!= OVS_BE32_MAX
) {
541 if (ip_is_cidr(mask
)) {
542 ds_put_format(s
, "/%d", ip_count_cidr_bits(mask
));
544 ds_put_format(s
, "/"IP_FMT
, IP_ARGS(mask
));
549 /* Parses string 's', which must be an IP address. Stores the IP address into
550 * '*ip'. Returns true if successful, otherwise false. */
552 ip_parse(const char *s
, ovs_be32
*ip
)
554 return inet_pton(AF_INET
, s
, ip
) == 1;
557 /* Parses string 's', which must be an IP address with a port number
558 * with ":" as a separator (e.g.: 192.168.1.2:80).
559 * Stores the IP address into '*ip' and port number to '*port'.
561 * Returns NULL if successful, otherwise an error message that the caller must
563 char * OVS_WARN_UNUSED_RESULT
564 ip_parse_port(const char *s
, ovs_be32
*ip
, ovs_be16
*port
)
567 if (ovs_scan(s
, IP_PORT_SCAN_FMT
"%n", IP_PORT_SCAN_ARGS(ip
, port
), &n
)
572 return xasprintf("%s: invalid IP address or port number", s
);
575 /* Parses string 's', which must be an IP address with an optional netmask or
576 * CIDR prefix length. Stores the IP address into '*ip', netmask into '*mask',
577 * (255.255.255.255, if 's' lacks a netmask), and number of scanned characters
580 * Returns NULL if successful, otherwise an error message that the caller must
582 char * OVS_WARN_UNUSED_RESULT
583 ip_parse_masked_len(const char *s
, int *n
, ovs_be32
*ip
,
588 if (ovs_scan_len(s
, n
, IP_SCAN_FMT
"/"IP_SCAN_FMT
,
589 IP_SCAN_ARGS(ip
), IP_SCAN_ARGS(mask
))) {
591 } else if (ovs_scan_len(s
, n
, IP_SCAN_FMT
"/%d",
592 IP_SCAN_ARGS(ip
), &prefix
)) {
593 if (prefix
< 0 || prefix
> 32) {
594 return xasprintf("%s: IPv4 network prefix bits not between 0 and "
597 *mask
= be32_prefix_mask(prefix
);
598 } else if (ovs_scan_len(s
, n
, IP_SCAN_FMT
, IP_SCAN_ARGS(ip
))) {
599 *mask
= OVS_BE32_MAX
;
601 return xasprintf("%s: invalid IP address", s
);
606 /* This function is similar to ip_parse_masked_len(), but doesn't return the
607 * number of scanned characters and expects 's' to end after the ip/(optional)
610 * Returns NULL if successful, otherwise an error message that the caller must
612 char * OVS_WARN_UNUSED_RESULT
613 ip_parse_masked(const char *s
, ovs_be32
*ip
, ovs_be32
*mask
)
617 char *error
= ip_parse_masked_len(s
, &n
, ip
, mask
);
618 if (!error
&& s
[n
]) {
619 return xasprintf("%s: invalid IP address", s
);
624 /* Similar to ip_parse_masked_len(), but the mask, if present, must be a CIDR
625 * mask and is returned as a prefix len in '*plen'. */
626 char * OVS_WARN_UNUSED_RESULT
627 ip_parse_cidr_len(const char *s
, int *n
, ovs_be32
*ip
, unsigned int *plen
)
632 error
= ip_parse_masked_len(s
, n
, ip
, &mask
);
637 if (!ip_is_cidr(mask
)) {
638 return xasprintf("%s: CIDR network required", s
);
640 *plen
= ip_count_cidr_bits(mask
);
644 /* Similar to ip_parse_cidr_len(), but doesn't return the number of scanned
645 * characters and expects 's' to be NULL terminated at the end of the
646 * ip/(optional) cidr. */
647 char * OVS_WARN_UNUSED_RESULT
648 ip_parse_cidr(const char *s
, ovs_be32
*ip
, unsigned int *plen
)
652 char *error
= ip_parse_cidr_len(s
, &n
, ip
, plen
);
653 if (!error
&& s
[n
]) {
654 return xasprintf("%s: invalid IP address", s
);
659 /* Parses string 's', which must be an IPv6 address. Stores the IPv6 address
660 * into '*ip'. Returns true if successful, otherwise false. */
662 ipv6_parse(const char *s
, struct in6_addr
*ip
)
664 return inet_pton(AF_INET6
, s
, ip
) == 1;
667 /* Parses string 's', which must be an IPv6 address with an optional netmask or
668 * CIDR prefix length. Stores the IPv6 address into '*ip' and the netmask into
669 * '*mask' (if 's' does not contain a netmask, all-one-bits is assumed), and
670 * number of scanned characters into '*n'.
672 * Returns NULL if successful, otherwise an error message that the caller must
674 char * OVS_WARN_UNUSED_RESULT
675 ipv6_parse_masked_len(const char *s
, int *n
, struct in6_addr
*ip
,
676 struct in6_addr
*mask
)
678 char ipv6_s
[IPV6_SCAN_LEN
+ 1];
681 if (ovs_scan_len(s
, n
, " "IPV6_SCAN_FMT
, ipv6_s
)
682 && ipv6_parse(ipv6_s
, ip
)) {
683 if (ovs_scan_len(s
, n
, "/%d", &prefix
)) {
684 if (prefix
< 0 || prefix
> 128) {
685 return xasprintf("%s: IPv6 network prefix bits not between 0 "
686 "and 128, inclusive", s
);
688 *mask
= ipv6_create_mask(prefix
);
689 } else if (ovs_scan_len(s
, n
, "/"IPV6_SCAN_FMT
, ipv6_s
)) {
690 if (!ipv6_parse(ipv6_s
, mask
)) {
691 return xasprintf("%s: Invalid IPv6 mask", s
);
696 *mask
= in6addr_exact
;
700 return xasprintf("%s: invalid IPv6 address", s
);
703 /* This function is similar to ipv6_parse_masked_len(), but doesn't return the
704 * number of scanned characters and expects 's' to end following the
705 * ipv6/(optional) mask. */
706 char * OVS_WARN_UNUSED_RESULT
707 ipv6_parse_masked(const char *s
, struct in6_addr
*ip
, struct in6_addr
*mask
)
711 char *error
= ipv6_parse_masked_len(s
, &n
, ip
, mask
);
712 if (!error
&& s
[n
]) {
713 return xasprintf("%s: invalid IPv6 address", s
);
718 /* Similar to ipv6_parse_masked_len(), but the mask, if present, must be a CIDR
719 * mask and is returned as a prefix length in '*plen'. */
720 char * OVS_WARN_UNUSED_RESULT
721 ipv6_parse_cidr_len(const char *s
, int *n
, struct in6_addr
*ip
,
724 struct in6_addr mask
;
727 error
= ipv6_parse_masked_len(s
, n
, ip
, &mask
);
732 if (!ipv6_is_cidr(&mask
)) {
733 return xasprintf("%s: IPv6 CIDR network required", s
);
735 *plen
= ipv6_count_cidr_bits(&mask
);
739 /* Similar to ipv6_parse_cidr_len(), but doesn't return the number of scanned
740 * characters and expects 's' to end after the ipv6/(optional) cidr. */
741 char * OVS_WARN_UNUSED_RESULT
742 ipv6_parse_cidr(const char *s
, struct in6_addr
*ip
, unsigned int *plen
)
746 char *error
= ipv6_parse_cidr_len(s
, &n
, ip
, plen
);
747 if (!error
&& s
[n
]) {
748 return xasprintf("%s: invalid IPv6 address", s
);
753 /* Stores the string representation of the IPv6 address 'addr' into the
754 * character array 'addr_str', which must be at least INET6_ADDRSTRLEN
757 ipv6_format_addr(const struct in6_addr
*addr
, struct ds
*s
)
761 ds_reserve(s
, s
->length
+ INET6_ADDRSTRLEN
);
763 dst
= s
->string
+ s
->length
;
764 inet_ntop(AF_INET6
, addr
, dst
, INET6_ADDRSTRLEN
);
765 s
->length
+= strlen(dst
);
768 /* Same as print_ipv6_addr, but optionally encloses the address in square
771 ipv6_format_addr_bracket(const struct in6_addr
*addr
, struct ds
*s
,
777 ipv6_format_addr(addr
, s
);
784 ipv6_format_mapped(const struct in6_addr
*addr
, struct ds
*s
)
786 if (IN6_IS_ADDR_V4MAPPED(addr
)) {
787 ds_put_format(s
, IP_FMT
, addr
->s6_addr
[12], addr
->s6_addr
[13],
788 addr
->s6_addr
[14], addr
->s6_addr
[15]);
790 ipv6_format_addr(addr
, s
);
795 ipv6_format_masked(const struct in6_addr
*addr
, const struct in6_addr
*mask
,
798 ipv6_format_addr(addr
, s
);
799 if (mask
&& !ipv6_mask_is_exact(mask
)) {
800 if (ipv6_is_cidr(mask
)) {
801 int cidr_bits
= ipv6_count_cidr_bits(mask
);
802 ds_put_format(s
, "/%d", cidr_bits
);
805 ipv6_format_addr(mask
, s
);
810 /* Stores the string representation of the IPv6 address 'addr' into the
811 * character array 'addr_str', which must be at least INET6_ADDRSTRLEN
812 * bytes long. If addr is IPv4-mapped, store an IPv4 dotted-decimal string. */
814 ipv6_string_mapped(char *addr_str
, const struct in6_addr
*addr
)
817 ip
= in6_addr_get_mapped_ipv4(addr
);
819 return inet_ntop(AF_INET
, &ip
, addr_str
, INET6_ADDRSTRLEN
);
821 return inet_ntop(AF_INET6
, addr
, addr_str
, INET6_ADDRSTRLEN
);
826 #define s6_addrX s6_addr32
827 #define IPV6_FOR_EACH(VAR) for (int VAR = 0; VAR < 4; VAR++)
829 #define s6_addrX s6_addr
830 #define IPV6_FOR_EACH(VAR) for (int VAR = 0; VAR < 16; VAR++)
834 ipv6_addr_bitand(const struct in6_addr
*a
, const struct in6_addr
*b
)
838 dst
.s6_addrX
[i
] = a
->s6_addrX
[i
] & b
->s6_addrX
[i
];
844 ipv6_addr_bitxor(const struct in6_addr
*a
, const struct in6_addr
*b
)
848 dst
.s6_addrX
[i
] = a
->s6_addrX
[i
] ^ b
->s6_addrX
[i
];
854 ipv6_is_zero(const struct in6_addr
*a
)
857 if (a
->s6_addrX
[i
]) {
864 /* Returns an in6_addr consisting of 'mask' high-order 1-bits and 128-N
865 * low-order 0-bits. */
867 ipv6_create_mask(int mask
)
869 struct in6_addr netmask
;
870 uint8_t *netmaskp
= &netmask
.s6_addr
[0];
872 memset(&netmask
, 0, sizeof netmask
);
880 *netmaskp
= 0xff << (8 - mask
);
886 /* Given the IPv6 netmask 'netmask', returns the number of bits of the IPv6
887 * address that it specifies, that is, the number of 1-bits in 'netmask'.
888 * 'netmask' must be a CIDR netmask (see ipv6_is_cidr()).
890 * If 'netmask' is not a CIDR netmask (see ipv6_is_cidr()), the return value
891 * will still be in the valid range but isn't otherwise meaningful. */
893 ipv6_count_cidr_bits(const struct in6_addr
*netmask
)
897 const uint8_t *netmaskp
= &netmask
->s6_addr
[0];
899 for (i
=0; i
<16; i
++) {
900 if (netmaskp
[i
] == 0xff) {
905 for(nm
= netmaskp
[i
]; nm
; nm
<<= 1) {
916 /* Returns true if 'netmask' is a CIDR netmask, that is, if it consists of N
917 * high-order 1-bits and 128-N low-order 0-bits. */
919 ipv6_is_cidr(const struct in6_addr
*netmask
)
921 const uint8_t *netmaskp
= &netmask
->s6_addr
[0];
924 for (i
=0; i
<16; i
++) {
925 if (netmaskp
[i
] != 0xff) {
926 uint8_t x
= ~netmaskp
[i
];
941 /* Populates 'b' with an Ethernet II packet headed with the given 'eth_dst',
942 * 'eth_src' and 'eth_type' parameters. A payload of 'size' bytes is allocated
943 * in 'b' and returned. This payload may be populated with appropriate
944 * information by the caller. Sets 'b''s 'frame' pointer and 'l3' offset to
945 * the Ethernet header and payload respectively. Aligns b->l3 on a 32-bit
948 * The returned packet has enough headroom to insert an 802.1Q VLAN header if
951 eth_compose(struct dp_packet
*b
, const struct eth_addr eth_dst
,
952 const struct eth_addr eth_src
, uint16_t eth_type
,
956 struct eth_header
*eth
;
960 /* The magic 2 here ensures that the L3 header (when it is added later)
961 * will be 32-bit aligned. */
962 dp_packet_prealloc_tailroom(b
, 2 + ETH_HEADER_LEN
+ VLAN_HEADER_LEN
+ size
);
963 dp_packet_reserve(b
, 2 + VLAN_HEADER_LEN
);
964 eth
= dp_packet_put_uninit(b
, ETH_HEADER_LEN
);
965 data
= dp_packet_put_zeros(b
, size
);
967 eth
->eth_dst
= eth_dst
;
968 eth
->eth_src
= eth_src
;
969 eth
->eth_type
= htons(eth_type
);
971 b
->packet_type
= htonl(PT_ETH
);
972 dp_packet_reset_offsets(b
);
973 dp_packet_set_l3(b
, data
);
979 packet_set_ipv4_addr(struct dp_packet
*packet
,
980 ovs_16aligned_be32
*addr
, ovs_be32 new_addr
)
982 struct ip_header
*nh
= dp_packet_l3(packet
);
983 ovs_be32 old_addr
= get_16aligned_be32(addr
);
984 size_t l4_size
= dp_packet_l4_size(packet
);
986 if (nh
->ip_proto
== IPPROTO_TCP
&& l4_size
>= TCP_HEADER_LEN
) {
987 struct tcp_header
*th
= dp_packet_l4(packet
);
989 th
->tcp_csum
= recalc_csum32(th
->tcp_csum
, old_addr
, new_addr
);
990 } else if (nh
->ip_proto
== IPPROTO_UDP
&& l4_size
>= UDP_HEADER_LEN
) {
991 struct udp_header
*uh
= dp_packet_l4(packet
);
994 uh
->udp_csum
= recalc_csum32(uh
->udp_csum
, old_addr
, new_addr
);
996 uh
->udp_csum
= htons(0xffff);
1000 nh
->ip_csum
= recalc_csum32(nh
->ip_csum
, old_addr
, new_addr
);
1001 put_16aligned_be32(addr
, new_addr
);
1004 /* Returns true, if packet contains at least one routing header where
1005 * segements_left > 0.
1007 * This function assumes that L3 and L4 offsets are set in the packet. */
1009 packet_rh_present(struct dp_packet
*packet
, uint8_t *nexthdr
)
1011 const struct ovs_16aligned_ip6_hdr
*nh
;
1014 uint8_t *data
= dp_packet_l3(packet
);
1016 remaining
= packet
->l4_ofs
- packet
->l3_ofs
;
1017 if (remaining
< sizeof *nh
) {
1020 nh
= ALIGNED_CAST(struct ovs_16aligned_ip6_hdr
*, data
);
1022 remaining
-= sizeof *nh
;
1023 *nexthdr
= nh
->ip6_nxt
;
1026 if ((*nexthdr
!= IPPROTO_HOPOPTS
)
1027 && (*nexthdr
!= IPPROTO_ROUTING
)
1028 && (*nexthdr
!= IPPROTO_DSTOPTS
)
1029 && (*nexthdr
!= IPPROTO_AH
)
1030 && (*nexthdr
!= IPPROTO_FRAGMENT
)) {
1031 /* It's either a terminal header (e.g., TCP, UDP) or one we
1032 * don't understand. In either case, we're done with the
1033 * packet, so use it to fill in 'nw_proto'. */
1037 /* We only verify that at least 8 bytes of the next header are
1038 * available, but many of these headers are longer. Ensure that
1039 * accesses within the extension header are within those first 8
1040 * bytes. All extension headers are required to be at least 8
1042 if (remaining
< 8) {
1046 if (*nexthdr
== IPPROTO_AH
) {
1047 /* A standard AH definition isn't available, but the fields
1048 * we care about are in the same location as the generic
1049 * option header--only the header length is calculated
1051 const struct ip6_ext
*ext_hdr
= (struct ip6_ext
*)data
;
1053 *nexthdr
= ext_hdr
->ip6e_nxt
;
1054 len
= (ext_hdr
->ip6e_len
+ 2) * 4;
1055 } else if (*nexthdr
== IPPROTO_FRAGMENT
) {
1056 const struct ovs_16aligned_ip6_frag
*frag_hdr
1057 = ALIGNED_CAST(struct ovs_16aligned_ip6_frag
*, data
);
1059 *nexthdr
= frag_hdr
->ip6f_nxt
;
1060 len
= sizeof *frag_hdr
;
1061 } else if (*nexthdr
== IPPROTO_ROUTING
) {
1062 const struct ip6_rthdr
*rh
= (struct ip6_rthdr
*)data
;
1064 if (rh
->ip6r_segleft
> 0) {
1068 *nexthdr
= rh
->ip6r_nxt
;
1069 len
= (rh
->ip6r_len
+ 1) * 8;
1071 const struct ip6_ext
*ext_hdr
= (struct ip6_ext
*)data
;
1073 *nexthdr
= ext_hdr
->ip6e_nxt
;
1074 len
= (ext_hdr
->ip6e_len
+ 1) * 8;
1077 if (remaining
< len
) {
1088 packet_update_csum128(struct dp_packet
*packet
, uint8_t proto
,
1089 ovs_16aligned_be32 addr
[4],
1090 const struct in6_addr
*new_addr
)
1092 size_t l4_size
= dp_packet_l4_size(packet
);
1094 if (proto
== IPPROTO_TCP
&& l4_size
>= TCP_HEADER_LEN
) {
1095 struct tcp_header
*th
= dp_packet_l4(packet
);
1097 th
->tcp_csum
= recalc_csum128(th
->tcp_csum
, addr
, new_addr
);
1098 } else if (proto
== IPPROTO_UDP
&& l4_size
>= UDP_HEADER_LEN
) {
1099 struct udp_header
*uh
= dp_packet_l4(packet
);
1102 uh
->udp_csum
= recalc_csum128(uh
->udp_csum
, addr
, new_addr
);
1103 if (!uh
->udp_csum
) {
1104 uh
->udp_csum
= htons(0xffff);
1107 } else if (proto
== IPPROTO_ICMPV6
&&
1108 l4_size
>= sizeof(struct icmp6_header
)) {
1109 struct icmp6_header
*icmp
= dp_packet_l4(packet
);
1111 icmp
->icmp6_cksum
= recalc_csum128(icmp
->icmp6_cksum
, addr
, new_addr
);
1116 packet_set_ipv6_addr(struct dp_packet
*packet
, uint8_t proto
,
1117 ovs_16aligned_be32 addr
[4],
1118 const struct in6_addr
*new_addr
,
1119 bool recalculate_csum
)
1121 if (recalculate_csum
) {
1122 packet_update_csum128(packet
, proto
, addr
, new_addr
);
1124 memcpy(addr
, new_addr
, sizeof(ovs_be32
[4]));
1128 packet_set_ipv6_flow_label(ovs_16aligned_be32
*flow_label
, ovs_be32 flow_key
)
1130 ovs_be32 old_label
= get_16aligned_be32(flow_label
);
1131 ovs_be32 new_label
= (old_label
& htonl(~IPV6_LABEL_MASK
)) | flow_key
;
1132 put_16aligned_be32(flow_label
, new_label
);
1136 packet_set_ipv6_tc(ovs_16aligned_be32
*flow_label
, uint8_t tc
)
1138 ovs_be32 old_label
= get_16aligned_be32(flow_label
);
1139 ovs_be32 new_label
= (old_label
& htonl(0xF00FFFFF)) | htonl(tc
<< 20);
1140 put_16aligned_be32(flow_label
, new_label
);
1143 /* Modifies the IPv4 header fields of 'packet' to be consistent with 'src',
1144 * 'dst', 'tos', and 'ttl'. Updates 'packet''s L4 checksums as appropriate.
1145 * 'packet' must contain a valid IPv4 packet with correctly populated l[347]
1148 packet_set_ipv4(struct dp_packet
*packet
, ovs_be32 src
, ovs_be32 dst
,
1149 uint8_t tos
, uint8_t ttl
)
1151 struct ip_header
*nh
= dp_packet_l3(packet
);
1153 if (get_16aligned_be32(&nh
->ip_src
) != src
) {
1154 packet_set_ipv4_addr(packet
, &nh
->ip_src
, src
);
1157 if (get_16aligned_be32(&nh
->ip_dst
) != dst
) {
1158 packet_set_ipv4_addr(packet
, &nh
->ip_dst
, dst
);
1161 if (nh
->ip_tos
!= tos
) {
1162 uint8_t *field
= &nh
->ip_tos
;
1164 nh
->ip_csum
= recalc_csum16(nh
->ip_csum
, htons((uint16_t) *field
),
1165 htons((uint16_t) tos
));
1169 if (nh
->ip_ttl
!= ttl
) {
1170 uint8_t *field
= &nh
->ip_ttl
;
1172 nh
->ip_csum
= recalc_csum16(nh
->ip_csum
, htons(*field
<< 8),
1178 /* Modifies the IPv6 header fields of 'packet' to be consistent with 'src',
1179 * 'dst', 'traffic class', and 'next hop'. Updates 'packet''s L4 checksums as
1180 * appropriate. 'packet' must contain a valid IPv6 packet with correctly
1181 * populated l[34] offsets. */
1183 packet_set_ipv6(struct dp_packet
*packet
, const struct in6_addr
*src
,
1184 const struct in6_addr
*dst
, uint8_t key_tc
, ovs_be32 key_fl
,
1187 struct ovs_16aligned_ip6_hdr
*nh
= dp_packet_l3(packet
);
1191 rh_present
= packet_rh_present(packet
, &proto
);
1193 if (memcmp(&nh
->ip6_src
, src
, sizeof(ovs_be32
[4]))) {
1194 packet_set_ipv6_addr(packet
, proto
, nh
->ip6_src
.be32
, src
, true);
1197 if (memcmp(&nh
->ip6_dst
, dst
, sizeof(ovs_be32
[4]))) {
1198 packet_set_ipv6_addr(packet
, proto
, nh
->ip6_dst
.be32
, dst
,
1202 packet_set_ipv6_tc(&nh
->ip6_flow
, key_tc
);
1203 packet_set_ipv6_flow_label(&nh
->ip6_flow
, key_fl
);
1204 nh
->ip6_hlim
= key_hl
;
1208 packet_set_port(ovs_be16
*port
, ovs_be16 new_port
, ovs_be16
*csum
)
1210 if (*port
!= new_port
) {
1211 *csum
= recalc_csum16(*csum
, *port
, new_port
);
1216 /* Sets the TCP source and destination port ('src' and 'dst' respectively) of
1217 * the TCP header contained in 'packet'. 'packet' must be a valid TCP packet
1218 * with its l4 offset properly populated. */
1220 packet_set_tcp_port(struct dp_packet
*packet
, ovs_be16 src
, ovs_be16 dst
)
1222 struct tcp_header
*th
= dp_packet_l4(packet
);
1224 packet_set_port(&th
->tcp_src
, src
, &th
->tcp_csum
);
1225 packet_set_port(&th
->tcp_dst
, dst
, &th
->tcp_csum
);
1228 /* Sets the UDP source and destination port ('src' and 'dst' respectively) of
1229 * the UDP header contained in 'packet'. 'packet' must be a valid UDP packet
1230 * with its l4 offset properly populated. */
1232 packet_set_udp_port(struct dp_packet
*packet
, ovs_be16 src
, ovs_be16 dst
)
1234 struct udp_header
*uh
= dp_packet_l4(packet
);
1237 packet_set_port(&uh
->udp_src
, src
, &uh
->udp_csum
);
1238 packet_set_port(&uh
->udp_dst
, dst
, &uh
->udp_csum
);
1240 if (!uh
->udp_csum
) {
1241 uh
->udp_csum
= htons(0xffff);
1249 /* Sets the SCTP source and destination port ('src' and 'dst' respectively) of
1250 * the SCTP header contained in 'packet'. 'packet' must be a valid SCTP packet
1251 * with its l4 offset properly populated. */
1253 packet_set_sctp_port(struct dp_packet
*packet
, ovs_be16 src
, ovs_be16 dst
)
1255 struct sctp_header
*sh
= dp_packet_l4(packet
);
1256 ovs_be32 old_csum
, old_correct_csum
, new_csum
;
1257 uint16_t tp_len
= dp_packet_l4_size(packet
);
1259 old_csum
= get_16aligned_be32(&sh
->sctp_csum
);
1260 put_16aligned_be32(&sh
->sctp_csum
, 0);
1261 old_correct_csum
= crc32c((void *)sh
, tp_len
);
1266 new_csum
= crc32c((void *)sh
, tp_len
);
1267 put_16aligned_be32(&sh
->sctp_csum
, old_csum
^ old_correct_csum
^ new_csum
);
1270 /* Sets the ICMP type and code of the ICMP header contained in 'packet'.
1271 * 'packet' must be a valid ICMP packet with its l4 offset properly
1274 packet_set_icmp(struct dp_packet
*packet
, uint8_t type
, uint8_t code
)
1276 struct icmp_header
*ih
= dp_packet_l4(packet
);
1277 ovs_be16 orig_tc
= htons(ih
->icmp_type
<< 8 | ih
->icmp_code
);
1278 ovs_be16 new_tc
= htons(type
<< 8 | code
);
1280 if (orig_tc
!= new_tc
) {
1281 ih
->icmp_type
= type
;
1282 ih
->icmp_code
= code
;
1284 ih
->icmp_csum
= recalc_csum16(ih
->icmp_csum
, orig_tc
, new_tc
);
1289 packet_set_nd(struct dp_packet
*packet
, const struct in6_addr
*target
,
1290 const struct eth_addr sll
, const struct eth_addr tll
)
1292 struct ovs_nd_msg
*ns
;
1293 struct ovs_nd_lla_opt
*opt
;
1294 int bytes_remain
= dp_packet_l4_size(packet
);
1296 if (OVS_UNLIKELY(bytes_remain
< sizeof(*ns
))) {
1300 ns
= dp_packet_l4(packet
);
1301 opt
= &ns
->options
[0];
1302 bytes_remain
-= sizeof(*ns
);
1304 if (memcmp(&ns
->target
, target
, sizeof(ovs_be32
[4]))) {
1305 packet_set_ipv6_addr(packet
, IPPROTO_ICMPV6
, ns
->target
.be32
, target
,
1309 while (bytes_remain
>= ND_LLA_OPT_LEN
&& opt
->len
!= 0) {
1310 if (opt
->type
== ND_OPT_SOURCE_LINKADDR
&& opt
->len
== 1) {
1311 if (!eth_addr_equals(opt
->mac
, sll
)) {
1312 ovs_be16
*csum
= &(ns
->icmph
.icmp6_cksum
);
1314 *csum
= recalc_csum48(*csum
, opt
->mac
, sll
);
1318 /* A packet can only contain one SLL or TLL option */
1320 } else if (opt
->type
== ND_OPT_TARGET_LINKADDR
&& opt
->len
== 1) {
1321 if (!eth_addr_equals(opt
->mac
, tll
)) {
1322 ovs_be16
*csum
= &(ns
->icmph
.icmp6_cksum
);
1324 *csum
= recalc_csum48(*csum
, opt
->mac
, tll
);
1328 /* A packet can only contain one SLL or TLL option */
1333 bytes_remain
-= opt
->len
* ND_LLA_OPT_LEN
;
1338 packet_tcp_flag_to_string(uint32_t flag
)
1370 /* Appends a string representation of the TCP flags value 'tcp_flags'
1371 * (e.g. from struct flow.tcp_flags or obtained via TCP_FLAGS) to 's', in the
1372 * format used by tcpdump. */
1374 packet_format_tcp_flags(struct ds
*s
, uint16_t tcp_flags
)
1377 ds_put_cstr(s
, "none");
1381 if (tcp_flags
& TCP_SYN
) {
1382 ds_put_char(s
, 'S');
1384 if (tcp_flags
& TCP_FIN
) {
1385 ds_put_char(s
, 'F');
1387 if (tcp_flags
& TCP_PSH
) {
1388 ds_put_char(s
, 'P');
1390 if (tcp_flags
& TCP_RST
) {
1391 ds_put_char(s
, 'R');
1393 if (tcp_flags
& TCP_URG
) {
1394 ds_put_char(s
, 'U');
1396 if (tcp_flags
& TCP_ACK
) {
1397 ds_put_char(s
, '.');
1399 if (tcp_flags
& TCP_ECE
) {
1400 ds_put_cstr(s
, "E");
1402 if (tcp_flags
& TCP_CWR
) {
1403 ds_put_cstr(s
, "C");
1405 if (tcp_flags
& TCP_NS
) {
1406 ds_put_cstr(s
, "N");
1408 if (tcp_flags
& 0x200) {
1409 ds_put_cstr(s
, "[200]");
1411 if (tcp_flags
& 0x400) {
1412 ds_put_cstr(s
, "[400]");
1414 if (tcp_flags
& 0x800) {
1415 ds_put_cstr(s
, "[800]");
1419 #define ARP_PACKET_SIZE (2 + ETH_HEADER_LEN + VLAN_HEADER_LEN + \
1422 /* Clears 'b' and replaces its contents by an ARP frame with the specified
1423 * 'arp_op', 'arp_sha', 'arp_tha', 'arp_spa', and 'arp_tpa'. The outer
1424 * Ethernet frame is initialized with Ethernet source 'arp_sha' and destination
1425 * 'arp_tha', except that destination ff:ff:ff:ff:ff:ff is used instead if
1426 * 'broadcast' is true. Points the L3 header to the ARP header. */
1428 compose_arp(struct dp_packet
*b
, uint16_t arp_op
,
1429 const struct eth_addr arp_sha
, const struct eth_addr arp_tha
,
1430 bool broadcast
, ovs_be32 arp_spa
, ovs_be32 arp_tpa
)
1434 struct eth_header
*eth
= dp_packet_eth(b
);
1435 eth
->eth_dst
= broadcast
? eth_addr_broadcast
: arp_tha
;
1436 eth
->eth_src
= arp_sha
;
1438 struct arp_eth_header
*arp
= dp_packet_l3(b
);
1439 arp
->ar_op
= htons(arp_op
);
1440 arp
->ar_sha
= arp_sha
;
1441 arp
->ar_tha
= arp_tha
;
1442 put_16aligned_be32(&arp
->ar_spa
, arp_spa
);
1443 put_16aligned_be32(&arp
->ar_tpa
, arp_tpa
);
1446 /* Clears 'b' and replaces its contents by an ARP frame. Sets the fields in
1447 * the Ethernet and ARP headers that are fixed for ARP frames to those fixed
1448 * values, and zeroes the other fields. Points the L3 header to the ARP
1451 compose_arp__(struct dp_packet
*b
)
1454 dp_packet_prealloc_tailroom(b
, ARP_PACKET_SIZE
);
1455 dp_packet_reserve(b
, 2 + VLAN_HEADER_LEN
);
1457 struct eth_header
*eth
= dp_packet_put_zeros(b
, sizeof *eth
);
1458 eth
->eth_type
= htons(ETH_TYPE_ARP
);
1460 struct arp_eth_header
*arp
= dp_packet_put_zeros(b
, sizeof *arp
);
1461 arp
->ar_hrd
= htons(ARP_HRD_ETHERNET
);
1462 arp
->ar_pro
= htons(ARP_PRO_IP
);
1463 arp
->ar_hln
= sizeof arp
->ar_sha
;
1464 arp
->ar_pln
= sizeof arp
->ar_spa
;
1466 dp_packet_reset_offsets(b
);
1467 dp_packet_set_l3(b
, arp
);
1469 b
->packet_type
= htonl(PT_ETH
);
1472 /* This function expects packet with ethernet header with correct
1473 * l3 pointer set. */
1475 compose_ipv6(struct dp_packet
*packet
, uint8_t proto
,
1476 const struct in6_addr
*src
, const struct in6_addr
*dst
,
1477 uint8_t key_tc
, ovs_be32 key_fl
, uint8_t key_hl
, int size
)
1482 nh
= dp_packet_l3(packet
);
1484 nh
->ip6_nxt
= proto
;
1485 nh
->ip6_plen
= htons(size
);
1486 data
= dp_packet_put_zeros(packet
, size
);
1487 dp_packet_set_l4(packet
, data
);
1488 packet_set_ipv6(packet
, src
, dst
, key_tc
, key_fl
, key_hl
);
1492 /* Compose an IPv6 Neighbor Discovery Neighbor Solicitation message. */
1494 compose_nd_ns(struct dp_packet
*b
, const struct eth_addr eth_src
,
1495 const struct in6_addr
*ipv6_src
, const struct in6_addr
*ipv6_dst
)
1497 struct in6_addr sn_addr
;
1498 struct eth_addr eth_dst
;
1499 struct ovs_nd_msg
*ns
;
1500 struct ovs_nd_lla_opt
*lla_opt
;
1503 in6_addr_solicited_node(&sn_addr
, ipv6_dst
);
1504 ipv6_multicast_to_ethernet(ð_dst
, &sn_addr
);
1506 eth_compose(b
, eth_dst
, eth_src
, ETH_TYPE_IPV6
, IPV6_HEADER_LEN
);
1507 ns
= compose_ipv6(b
, IPPROTO_ICMPV6
, ipv6_src
, &sn_addr
,
1508 0, 0, 255, ND_MSG_LEN
+ ND_LLA_OPT_LEN
);
1510 ns
->icmph
.icmp6_type
= ND_NEIGHBOR_SOLICIT
;
1511 ns
->icmph
.icmp6_code
= 0;
1512 put_16aligned_be32(&ns
->rso_flags
, htonl(0));
1514 lla_opt
= &ns
->options
[0];
1515 lla_opt
->type
= ND_OPT_SOURCE_LINKADDR
;
1518 packet_set_nd(b
, ipv6_dst
, eth_src
, eth_addr_zero
);
1520 ns
->icmph
.icmp6_cksum
= 0;
1521 icmp_csum
= packet_csum_pseudoheader6(dp_packet_l3(b
));
1522 ns
->icmph
.icmp6_cksum
= csum_finish(
1523 csum_continue(icmp_csum
, ns
, ND_MSG_LEN
+ ND_LLA_OPT_LEN
));
1526 /* Compose an IPv6 Neighbor Discovery Neighbor Advertisement message. */
1528 compose_nd_na(struct dp_packet
*b
,
1529 const struct eth_addr eth_src
, const struct eth_addr eth_dst
,
1530 const struct in6_addr
*ipv6_src
, const struct in6_addr
*ipv6_dst
,
1533 struct ovs_nd_msg
*na
;
1534 struct ovs_nd_lla_opt
*lla_opt
;
1537 eth_compose(b
, eth_dst
, eth_src
, ETH_TYPE_IPV6
, IPV6_HEADER_LEN
);
1538 na
= compose_ipv6(b
, IPPROTO_ICMPV6
, ipv6_src
, ipv6_dst
,
1539 0, 0, 255, ND_MSG_LEN
+ ND_LLA_OPT_LEN
);
1541 na
->icmph
.icmp6_type
= ND_NEIGHBOR_ADVERT
;
1542 na
->icmph
.icmp6_code
= 0;
1543 put_16aligned_be32(&na
->rso_flags
, rso_flags
);
1545 lla_opt
= &na
->options
[0];
1546 lla_opt
->type
= ND_OPT_TARGET_LINKADDR
;
1549 packet_set_nd(b
, ipv6_src
, eth_addr_zero
, eth_src
);
1551 na
->icmph
.icmp6_cksum
= 0;
1552 icmp_csum
= packet_csum_pseudoheader6(dp_packet_l3(b
));
1553 na
->icmph
.icmp6_cksum
= csum_finish(csum_continue(
1554 icmp_csum
, na
, ND_MSG_LEN
+ ND_LLA_OPT_LEN
));
1557 /* Compose an IPv6 Neighbor Discovery Router Advertisement message with
1558 * Source Link-layer Address Option and MTU Option.
1559 * Caller can call packet_put_ra_prefix_opt to append Prefix Information
1560 * Options to composed messags in 'b'. */
1562 compose_nd_ra(struct dp_packet
*b
,
1563 const struct eth_addr eth_src
, const struct eth_addr eth_dst
,
1564 const struct in6_addr
*ipv6_src
, const struct in6_addr
*ipv6_dst
,
1565 uint8_t cur_hop_limit
, uint8_t mo_flags
,
1566 ovs_be16 router_lt
, ovs_be32 reachable_time
,
1567 ovs_be32 retrans_timer
, ovs_be32 mtu
)
1569 /* Don't compose Router Advertisement packet with MTU Option if mtu
1571 bool with_mtu
= mtu
!= 0;
1572 size_t mtu_opt_len
= with_mtu
? ND_MTU_OPT_LEN
: 0;
1574 eth_compose(b
, eth_dst
, eth_src
, ETH_TYPE_IPV6
, IPV6_HEADER_LEN
);
1576 struct ovs_ra_msg
*ra
= compose_ipv6(
1577 b
, IPPROTO_ICMPV6
, ipv6_src
, ipv6_dst
, 0, 0, 255,
1578 RA_MSG_LEN
+ ND_LLA_OPT_LEN
+ mtu_opt_len
);
1579 ra
->icmph
.icmp6_type
= ND_ROUTER_ADVERT
;
1580 ra
->icmph
.icmp6_code
= 0;
1581 ra
->cur_hop_limit
= cur_hop_limit
;
1582 ra
->mo_flags
= mo_flags
;
1583 ra
->router_lifetime
= router_lt
;
1584 ra
->reachable_time
= reachable_time
;
1585 ra
->retrans_timer
= retrans_timer
;
1587 struct ovs_nd_lla_opt
*lla_opt
= ra
->options
;
1588 lla_opt
->type
= ND_OPT_SOURCE_LINKADDR
;
1590 lla_opt
->mac
= eth_src
;
1593 /* ovs_nd_mtu_opt has the same size with ovs_nd_lla_opt. */
1594 struct ovs_nd_mtu_opt
*mtu_opt
1595 = (struct ovs_nd_mtu_opt
*)(lla_opt
+ 1);
1596 mtu_opt
->type
= ND_OPT_MTU
;
1598 mtu_opt
->reserved
= 0;
1599 put_16aligned_be32(&mtu_opt
->mtu
, mtu
);
1602 ra
->icmph
.icmp6_cksum
= 0;
1603 uint32_t icmp_csum
= packet_csum_pseudoheader6(dp_packet_l3(b
));
1604 ra
->icmph
.icmp6_cksum
= csum_finish(csum_continue(
1605 icmp_csum
, ra
, RA_MSG_LEN
+ ND_LLA_OPT_LEN
+ mtu_opt_len
));
1608 /* Append an IPv6 Neighbor Discovery Prefix Information option to a
1609 * Router Advertisement message. */
1611 packet_put_ra_prefix_opt(struct dp_packet
*b
,
1612 uint8_t plen
, uint8_t la_flags
,
1613 ovs_be32 valid_lifetime
, ovs_be32 preferred_lifetime
,
1614 const ovs_be128 prefix
)
1616 size_t prev_l4_size
= dp_packet_l4_size(b
);
1617 struct ip6_hdr
*nh
= dp_packet_l3(b
);
1618 nh
->ip6_plen
= htons(prev_l4_size
+ ND_PREFIX_OPT_LEN
);
1620 struct ovs_ra_msg
*ra
= dp_packet_l4(b
);
1621 struct ovs_nd_prefix_opt
*prefix_opt
=
1622 dp_packet_put_uninit(b
, sizeof *prefix_opt
);
1623 prefix_opt
->type
= ND_OPT_PREFIX_INFORMATION
;
1624 prefix_opt
->len
= 4;
1625 prefix_opt
->prefix_len
= plen
;
1626 prefix_opt
->la_flags
= la_flags
;
1627 put_16aligned_be32(&prefix_opt
->valid_lifetime
, valid_lifetime
);
1628 put_16aligned_be32(&prefix_opt
->preferred_lifetime
, preferred_lifetime
);
1629 put_16aligned_be32(&prefix_opt
->reserved
, 0);
1630 memcpy(prefix_opt
->prefix
.be32
, prefix
.be32
, sizeof(ovs_be32
[4]));
1632 ra
->icmph
.icmp6_cksum
= 0;
1633 uint32_t icmp_csum
= packet_csum_pseudoheader6(dp_packet_l3(b
));
1634 ra
->icmph
.icmp6_cksum
= csum_finish(csum_continue(
1635 icmp_csum
, ra
, prev_l4_size
+ ND_PREFIX_OPT_LEN
));
1639 packet_csum_pseudoheader(const struct ip_header
*ip
)
1641 uint32_t partial
= 0;
1643 partial
= csum_add32(partial
, get_16aligned_be32(&ip
->ip_src
));
1644 partial
= csum_add32(partial
, get_16aligned_be32(&ip
->ip_dst
));
1645 partial
= csum_add16(partial
, htons(ip
->ip_proto
));
1646 partial
= csum_add16(partial
, htons(ntohs(ip
->ip_tot_len
) -
1647 IP_IHL(ip
->ip_ihl_ver
) * 4));
1654 packet_csum_pseudoheader6(const struct ovs_16aligned_ip6_hdr
*ip6
)
1656 uint32_t partial
= 0;
1658 partial
= csum_continue(partial
, &ip6
->ip6_src
, sizeof ip6
->ip6_src
);
1659 partial
= csum_continue(partial
, &ip6
->ip6_dst
, sizeof ip6
->ip6_dst
);
1660 partial
= csum_add16(partial
, htons(ip6
->ip6_nxt
));
1661 partial
= csum_add16(partial
, ip6
->ip6_plen
);
1666 /* Calculate the IPv6 upper layer checksum according to RFC2460. We pass the
1667 ip6_nxt and ip6_plen values, so it will also work if extension headers
1670 packet_csum_upperlayer6(const struct ovs_16aligned_ip6_hdr
*ip6
,
1671 const void *data
, uint8_t l4_protocol
,
1674 uint32_t partial
= 0;
1676 partial
= csum_continue(partial
, &ip6
->ip6_src
, sizeof ip6
->ip6_src
);
1677 partial
= csum_continue(partial
, &ip6
->ip6_dst
, sizeof ip6
->ip6_dst
);
1678 partial
= csum_add16(partial
, htons(l4_protocol
));
1679 partial
= csum_add16(partial
, htons(l4_size
));
1681 partial
= csum_continue(partial
, data
, l4_size
);
1683 return csum_finish(partial
);
1688 IP_ECN_set_ce(struct dp_packet
*pkt
, bool is_ipv6
)
1691 ovs_16aligned_be32
*ip6
= dp_packet_l3(pkt
);
1693 put_16aligned_be32(ip6
, get_16aligned_be32(ip6
) |
1694 htonl(IP_ECN_CE
<< 20));
1696 struct ip_header
*nh
= dp_packet_l3(pkt
);
1697 uint8_t tos
= nh
->ip_tos
;
1700 if (nh
->ip_tos
!= tos
) {
1701 nh
->ip_csum
= recalc_csum16(nh
->ip_csum
, htons(nh
->ip_tos
),
1702 htons((uint16_t) tos
));