unsigned int
vr_fabric_input(struct vr_interface *vif, struct vr_packet *pkt,
unsigned short vlan_id)
{
int handled = 0;
unsigned short pull_len;
struct vr_forwarding_md fmd;
vr_init_forwarding_md(&fmd);
fmd.fmd_vlan = vlan_id;
fmd.fmd_dvrf = vif->vif_vrf;
if (vr_pkt_type(pkt, 0, &fmd) < 0) {
vif_drop_pkt(vif, pkt, 1);
return 0;
}
if (pkt->vp_type == VP_TYPE_IP6)
return vif_xconnect(vif, pkt, &fmd);
pull_len = pkt_get_network_header_off(pkt) - pkt_head_space(pkt);
pkt_pull(pkt, pull_len);
if (pkt->vp_type == VP_TYPE_IP || pkt->vp_type == VP_TYPE_IP6)
handled = vr_l3_input(pkt, &fmd);
else if (pkt->vp_type == VP_TYPE_ARP)
handled = vr_arp_input(pkt, &fmd);
if (!handled) {
pkt_push(pkt, pull_len);
return vif_xconnect(vif, pkt, &fmd);
}
return 0;
}
static void
vr_arp_proxy(struct vr_arp *sarp, struct vr_packet *pkt,
struct vr_forwarding_md *fmd, unsigned char *dmac)
{
struct vr_eth *eth;
struct vr_arp *arp;
struct vr_forwarding_md fmd_new;
struct vr_interface *vif = pkt->vp_if;
eth = (struct vr_eth *)pkt_push(pkt, sizeof(*eth));
if (!eth) {
vr_pfree(pkt, VP_DROP_PUSH);
return;
}
memcpy(eth->eth_dmac, sarp->arp_sha, VR_ETHER_ALEN);
memcpy(eth->eth_smac, dmac, VR_ETHER_ALEN);
eth->eth_proto = htons(VR_ETH_PROTO_ARP);
arp = (struct vr_arp *)(pkt_data(pkt) + sizeof(*eth));
arp->arp_hw = htons(VR_ARP_HW_TYPE_ETHER);
arp->arp_proto = htons(VR_ETH_PROTO_IP);
arp->arp_hwlen = VR_ETHER_ALEN;
arp->arp_protolen = VR_IP_ADDRESS_LEN;
arp->arp_op = htons(VR_ARP_OP_REPLY);
memcpy(arp->arp_sha, dmac, VR_ETHER_ALEN);
memcpy(arp->arp_dha, sarp->arp_sha, VR_ETHER_ALEN);
memcpy(&arp->arp_dpa, &sarp->arp_spa, sizeof(sarp->arp_spa));
memcpy(&arp->arp_spa, &sarp->arp_dpa, sizeof(sarp->arp_dpa));
vr_init_forwarding_md(&fmd_new);
fmd_new.fmd_dvrf = fmd->fmd_dvrf;
vr_pkt_type(pkt, 0, &fmd_new);
/*
* XXX: for vcp ports, there won't be bridge table entries. to avoid
* doing vr_bridge_input, we check for the flag NO_ARP_PROXY and
* and if set, directly send out on that interface
*/
if (vif_is_vhost(vif) ||
(vif->vif_flags & VIF_FLAG_NO_ARP_PROXY)) {
vif->vif_tx(vif, pkt, fmd);
} else {
vr_bridge_input(vif->vif_router, pkt, &fmd_new);
}
return;
}
/*
* vr_interface_input() is invoked if a packet ingresses an interface.
* This function demultiplexes the packet to right input
* function depending on the protocols enabled on the VIF
*/
unsigned int
vr_virtual_input(unsigned short vrf, struct vr_interface *vif,
struct vr_packet *pkt, unsigned short vlan_id)
{
struct vr_forwarding_md fmd;
vr_init_forwarding_md(&fmd);
fmd.fmd_vlan = vlan_id;
fmd.fmd_dvrf = vrf;
if (vif->vif_flags & VIF_FLAG_MIRROR_RX) {
fmd.fmd_dvrf = vif->vif_vrf;
vr_mirror(vif->vif_router, vif->vif_mirror_id, pkt, &fmd);
}
if (vr_pkt_type(pkt, 0, &fmd) < 0) {
vif_drop_pkt(vif, pkt, 1);
return 0;
}
/*
* we really do not allow any broadcast packets from interfaces
* that are part of transparent service chain, since transparent
* service chain bridges packets across vrf (and hence loops can
* happen)
*/
if ((pkt->vp_flags & VP_FLAG_MULTICAST) &&
(vif_is_service(vif))) {
vif_drop_pkt(vif, pkt, 1);
return 0;
}
if (!vr_flow_forward(pkt->vp_if->vif_router, pkt, &fmd))
return 0;
vr_bridge_input(vif->vif_router, pkt, &fmd);
return 0;
}
int
vr_mpls_input(struct vrouter *router, struct vr_packet *pkt,
struct vr_forwarding_md *fmd)
{
int ttl, l2_offset = 0;
unsigned int label;
unsigned short drop_reason;
struct vr_nexthop *nh;
struct vr_ip *ip;
struct vr_forwarding_md c_fmd;
if (!fmd) {
vr_init_forwarding_md(&c_fmd);
fmd = &c_fmd;
}
label = ntohl(*(unsigned int *)pkt_data(pkt));
ttl = label & 0xFF;
label >>= VR_MPLS_LABEL_SHIFT;
if (label >= router->vr_max_labels) {
drop_reason = VP_DROP_INVALID_LABEL;
goto dropit;
}
if (--ttl <= 0) {
drop_reason = VP_DROP_TTL_EXCEEDED;
goto dropit;
}
ip = (struct vr_ip *)pkt_network_header(pkt);
fmd->fmd_outer_src_ip = ip->ip_saddr;
vr_forwarding_md_set_label(fmd, label, VR_LABEL_TYPE_MPLS);
/* Store the TTL in packet. Will be used for multicast replication */
pkt->vp_ttl = ttl;
/* drop the TOStack label */
if (!pkt_pull(pkt, VR_MPLS_HDR_LEN)) {
drop_reason = VP_DROP_PULL;
goto dropit;
}
nh = __vrouter_get_label(router, label);
if (!nh) {
drop_reason = VP_DROP_INVALID_LABEL;
goto dropit;
}
/*
* Mark it for GRO. Diag, L2 and multicast nexthops unmark if
* required
*/
if (vr_perfr)
pkt->vp_flags |= VP_FLAG_GRO;
/* Reset the flags which get defined below */
pkt->vp_flags &= ~VP_FLAG_MULTICAST;
fmd->fmd_vlan = VLAN_ID_INVALID;
if (nh->nh_family == AF_INET) {
ip = (struct vr_ip *)pkt_data(pkt);
if (vr_ip_is_ip4(ip)) {
pkt->vp_type = VP_TYPE_IP;
} else if (vr_ip_is_ip6(ip)) {
pkt->vp_type = VP_TYPE_IP6;
} else {
drop_reason = VP_DROP_INVALID_PROTOCOL;
goto dropit;
}
pkt_set_network_header(pkt, pkt->vp_data);
pkt_set_inner_network_header(pkt, pkt->vp_data);
} else if (nh->nh_family == AF_BRIDGE) {
if (nh->nh_type == NH_COMPOSITE) {
if (label >= VR_MAX_UCAST_LABELS)
l2_offset = VR_L2_MCAST_CTRL_DATA_LEN + VR_VXLAN_HDR_LEN;
}
if (vr_pkt_type(pkt, l2_offset, fmd) < 0) {
drop_reason = VP_DROP_INVALID_PACKET;
goto dropit;
}
} else {
drop_reason = VP_DROP_INVALID_NH;
goto dropit;
}
/*
* We are typically looking at interface nexthops, and hence we will
* hit the vrf of the destination device. But, labels can also point
* to composite nexthops (ECMP being case in point), in which case we
* will take the vrf from the nexthop. When everything else fails, we
* will forward the packet in the vrf in which it came i.e fabric
*/
if (nh->nh_vrf >= 0)
fmd->fmd_dvrf = nh->nh_vrf;
else if (nh->nh_dev)
fmd->fmd_dvrf = nh->nh_dev->vif_vrf;
else
fmd->fmd_dvrf = pkt->vp_if->vif_vrf;
nh_output(pkt, nh, fmd);
return 0;
dropit:
vr_pfree(pkt, drop_reason);
return 0;
}
