2 * Copyright (c) 2014, 2015, 2016 Nicira, Inc.
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at:
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
19 #include "tnl-neigh-cache.h"
22 #include <sys/types.h>
23 #include <netinet/in.h>
24 #include <netinet/icmp6.h>
30 #include "dpif-netdev.h"
31 #include "openvswitch/dynamic-string.h"
35 #include "ovs-thread.h"
37 #include "openvswitch/poll-loop.h"
39 #include "socket-util.h"
41 #include "unaligned.h"
44 #include "openvswitch/vlog.h"
48 #define NEIGH_ENTRY_DEFAULT_IDLE_TIME (15 * 60)
50 struct tnl_neigh_entry
{
51 struct cmap_node cmap_node
;
54 time_t expires
; /* Expiration time. */
55 char br_name
[IFNAMSIZ
];
58 static struct cmap table
= CMAP_INITIALIZER
;
59 static struct ovs_mutex mutex
= OVS_MUTEX_INITIALIZER
;
62 tnl_neigh_hash(const struct in6_addr
*ip
)
64 return hash_bytes(ip
->s6_addr
, 16, 0);
67 static struct tnl_neigh_entry
*
68 tnl_neigh_lookup__(const char br_name
[IFNAMSIZ
], const struct in6_addr
*dst
)
70 struct tnl_neigh_entry
*neigh
;
73 hash
= tnl_neigh_hash(dst
);
74 CMAP_FOR_EACH_WITH_HASH (neigh
, cmap_node
, hash
, &table
) {
75 if (ipv6_addr_equals(&neigh
->ip
, dst
) && !strcmp(neigh
->br_name
, br_name
)) {
76 if (neigh
->expires
<= time_now()) {
80 neigh
->expires
= time_now() + NEIGH_ENTRY_DEFAULT_IDLE_TIME
;
88 tnl_neigh_lookup(const char br_name
[IFNAMSIZ
], const struct in6_addr
*dst
,
91 struct tnl_neigh_entry
*neigh
;
94 neigh
= tnl_neigh_lookup__(br_name
, dst
);
103 neigh_entry_free(struct tnl_neigh_entry
*neigh
)
109 tnl_neigh_delete(struct tnl_neigh_entry
*neigh
)
111 uint32_t hash
= tnl_neigh_hash(&neigh
->ip
);
112 cmap_remove(&table
, &neigh
->cmap_node
, hash
);
113 ovsrcu_postpone(neigh_entry_free
, neigh
);
117 tnl_neigh_set__(const char name
[IFNAMSIZ
], const struct in6_addr
*dst
,
118 const struct eth_addr mac
)
120 ovs_mutex_lock(&mutex
);
121 struct tnl_neigh_entry
*neigh
= tnl_neigh_lookup__(name
, dst
);
123 if (eth_addr_equals(neigh
->mac
, mac
)) {
124 neigh
->expires
= time_now() + NEIGH_ENTRY_DEFAULT_IDLE_TIME
;
125 ovs_mutex_unlock(&mutex
);
128 tnl_neigh_delete(neigh
);
130 seq_change(tnl_conf_seq
);
132 neigh
= xmalloc(sizeof *neigh
);
136 neigh
->expires
= time_now() + NEIGH_ENTRY_DEFAULT_IDLE_TIME
;
137 ovs_strlcpy(neigh
->br_name
, name
, sizeof neigh
->br_name
);
138 cmap_insert(&table
, &neigh
->cmap_node
, tnl_neigh_hash(&neigh
->ip
));
139 ovs_mutex_unlock(&mutex
);
143 tnl_arp_set(const char name
[IFNAMSIZ
], ovs_be32 dst
,
144 const struct eth_addr mac
)
146 struct in6_addr dst6
= in6_addr_mapped_ipv4(dst
);
147 tnl_neigh_set__(name
, &dst6
, mac
);
151 tnl_arp_snoop(const struct flow
*flow
, struct flow_wildcards
*wc
,
152 const char name
[IFNAMSIZ
])
154 /* Snoop normal ARP replies and gratuitous ARP requests/replies only */
156 || (!is_garp(flow
, wc
) &&
157 FLOW_WC_GET_AND_MASK_WC(flow
, wc
, nw_proto
) != ARP_OP_REPLY
)
158 || eth_addr_is_zero(FLOW_WC_GET_AND_MASK_WC(flow
, wc
, arp_sha
))) {
162 tnl_arp_set(name
, FLOW_WC_GET_AND_MASK_WC(flow
, wc
, nw_src
), flow
->arp_sha
);
167 tnl_nd_snoop(const struct flow
*flow
, struct flow_wildcards
*wc
,
168 const char name
[IFNAMSIZ
])
170 if (!is_nd(flow
, wc
) || flow
->tp_src
!= htons(ND_NEIGHBOR_ADVERT
)) {
173 /* - RFC4861 says Neighbor Advertisements sent in response to unicast Neighbor
174 * Solicitations SHOULD include the Target link-layer address. However, Linux
175 * doesn't. So, the response to Solicitations sent by OVS will include the
176 * TLL address and other Advertisements not including it can be ignored.
177 * - OVS flow extract can set this field to zero in case of packet parsing errors.
178 * For details refer miniflow_extract()*/
179 if (eth_addr_is_zero(FLOW_WC_GET_AND_MASK_WC(flow
, wc
, arp_tha
))) {
183 memset(&wc
->masks
.ipv6_src
, 0xff, sizeof wc
->masks
.ipv6_src
);
184 memset(&wc
->masks
.ipv6_dst
, 0xff, sizeof wc
->masks
.ipv6_dst
);
185 memset(&wc
->masks
.nd_target
, 0xff, sizeof wc
->masks
.nd_target
);
187 tnl_neigh_set__(name
, &flow
->nd_target
, flow
->arp_tha
);
192 tnl_neigh_snoop(const struct flow
*flow
, struct flow_wildcards
*wc
,
193 const char name
[IFNAMSIZ
])
196 res
= tnl_arp_snoop(flow
, wc
, name
);
200 return tnl_nd_snoop(flow
, wc
, name
);
204 tnl_neigh_cache_run(void)
206 struct tnl_neigh_entry
*neigh
;
207 bool changed
= false;
209 ovs_mutex_lock(&mutex
);
210 CMAP_FOR_EACH(neigh
, cmap_node
, &table
) {
211 if (neigh
->expires
<= time_now()) {
212 tnl_neigh_delete(neigh
);
216 ovs_mutex_unlock(&mutex
);
219 seq_change(tnl_conf_seq
);
224 tnl_neigh_flush(const char br_name
[IFNAMSIZ
])
226 struct tnl_neigh_entry
*neigh
;
227 bool changed
= false;
229 ovs_mutex_lock(&mutex
);
230 CMAP_FOR_EACH (neigh
, cmap_node
, &table
) {
231 if (!strcmp(neigh
->br_name
, br_name
)) {
232 tnl_neigh_delete(neigh
);
236 ovs_mutex_unlock(&mutex
);
239 seq_change(tnl_conf_seq
);
244 tnl_neigh_cache_flush(struct unixctl_conn
*conn
, int argc OVS_UNUSED
,
245 const char *argv
[] OVS_UNUSED
, void *aux OVS_UNUSED
)
247 struct tnl_neigh_entry
*neigh
;
248 bool changed
= false;
250 ovs_mutex_lock(&mutex
);
251 CMAP_FOR_EACH(neigh
, cmap_node
, &table
) {
252 tnl_neigh_delete(neigh
);
255 ovs_mutex_unlock(&mutex
);
257 seq_change(tnl_conf_seq
);
259 unixctl_command_reply(conn
, "OK");
263 lookup_any(const char *host_name
, struct in6_addr
*address
)
265 if (addr_is_ipv6(host_name
)) {
266 return lookup_ipv6(host_name
, address
);
270 r
= lookup_ip(host_name
, &ip
);
272 in6_addr_set_mapped_ipv4(address
, ip
.s_addr
);
280 tnl_neigh_cache_add(struct unixctl_conn
*conn
, int argc OVS_UNUSED
,
281 const char *argv
[], void *aux OVS_UNUSED
)
283 const char *br_name
= argv
[1];
287 if (lookup_any(argv
[2], &ip6
) != 0) {
288 unixctl_command_reply_error(conn
, "bad IP address");
292 if (!eth_addr_from_string(argv
[3], &mac
)) {
293 unixctl_command_reply_error(conn
, "bad MAC address");
297 tnl_neigh_set__(br_name
, &ip6
, mac
);
298 unixctl_command_reply(conn
, "OK");
302 tnl_neigh_cache_show(struct unixctl_conn
*conn
, int argc OVS_UNUSED
,
303 const char *argv
[] OVS_UNUSED
, void *aux OVS_UNUSED
)
305 struct ds ds
= DS_EMPTY_INITIALIZER
;
306 struct tnl_neigh_entry
*neigh
;
308 ds_put_cstr(&ds
, "IP MAC Bridge\n");
309 ds_put_cstr(&ds
, "==========================================================================\n");
310 ovs_mutex_lock(&mutex
);
311 CMAP_FOR_EACH(neigh
, cmap_node
, &table
) {
312 int start_len
, need_ws
;
314 start_len
= ds
.length
;
315 ipv6_format_mapped(&neigh
->ip
, &ds
);
317 need_ws
= INET6_ADDRSTRLEN
- (ds
.length
- start_len
);
318 ds_put_char_multiple(&ds
, ' ', need_ws
);
320 ds_put_format(&ds
, ETH_ADDR_FMT
" %s",
321 ETH_ADDR_ARGS(neigh
->mac
), neigh
->br_name
);
322 if (neigh
->expires
<= time_now()) {
323 ds_put_format(&ds
, " STALE");
325 ds_put_char(&ds
, '\n');
328 ovs_mutex_unlock(&mutex
);
329 unixctl_command_reply(conn
, ds_cstr(&ds
));
334 tnl_neigh_cache_init(void)
336 unixctl_command_register("tnl/arp/show", "", 0, 0, tnl_neigh_cache_show
, NULL
);
337 unixctl_command_register("tnl/arp/set", "BRIDGE IP MAC", 3, 3, tnl_neigh_cache_add
, NULL
);
338 unixctl_command_register("tnl/arp/flush", "", 0, 0, tnl_neigh_cache_flush
, NULL
);
339 unixctl_command_register("tnl/neigh/show", "", 0, 0, tnl_neigh_cache_show
, NULL
);
340 unixctl_command_register("tnl/neigh/set", "BRIDGE IP MAC", 3, 3, tnl_neigh_cache_add
, NULL
);
341 unixctl_command_register("tnl/neigh/flush", "", 0, 0, tnl_neigh_cache_flush
, NULL
);