/*
* handle unicast arp requests and neighbor refreshes. In many cases,
* we wouldn't like the unicast arp requests from gateway (such as MX)
* to reach the VMs and change the gateway mac to ip(6) binding, since
* for vms the gateway is always agent. We would like such requests
* to go only if the mode is l2
*/
int
vif_plug_mac_request(struct vr_interface *vif, struct vr_packet *pkt,
struct vr_forwarding_md *fmd)
{
int handled = 1;
int nheader;
struct vr_arp *sarp;
if (pkt->vp_flags & VP_FLAG_MULTICAST)
goto unhandled;
nheader = pkt_network_header(pkt) - pkt_data(pkt);
if (nheader < 0 || (pkt->vp_data + nheader > pkt->vp_end))
goto unhandled;
if (pkt->vp_type == VP_TYPE_ARP) {
if (pkt->vp_len < (nheader + sizeof(*sarp)))
goto unhandled;
sarp = (struct vr_arp *)(pkt_data(pkt) + nheader);
if (ntohs(sarp->arp_op) != VR_ARP_OP_REQUEST)
goto unhandled;
pkt_pull(pkt, nheader);
handled = vr_arp_input(pkt, fmd);
if (!handled) {
pkt_push(pkt, nheader);
}
return handled;
} else if (pkt->vp_type == VP_TYPE_IP6) {
if (pkt->vp_len < (nheader + sizeof(struct vr_ip6) +
sizeof(struct vr_icmp) + VR_IP6_ADDRESS_LEN +
sizeof(struct vr_neighbor_option) + VR_ETHER_ALEN))
goto unhandled;
pkt_pull(pkt, nheader);
handled = vr_neighbor_input(pkt, fmd);
if (!handled) {
pkt_push(pkt, nheader);
}
return handled;
}
unhandled:
return !handled;
}
unsigned int
vr_bridge_input(struct vrouter *router, struct vr_packet *pkt,
struct vr_forwarding_md *fmd)
{
int reason, handled;
l4_pkt_type_t l4_type = L4_TYPE_UNKNOWN;
unsigned short pull_len, overlay_len = VROUTER_OVERLAY_LEN;
int8_t *dmac;
struct vr_bridge_entry *be;
struct vr_nexthop *nh = NULL;
struct vr_vrf_stats *stats;
dmac = (int8_t *) pkt_data(pkt);
if (pkt->vp_if->vif_flags & VIF_FLAG_MAC_LEARN) {
if (vr_bridge_learn(router, pkt, fmd)) {
return 0;
}
}
pull_len = 0;
if ((pkt->vp_type == VP_TYPE_IP) || (pkt->vp_type == VP_TYPE_IP6) ||
(pkt->vp_type == VP_TYPE_ARP)) {
pull_len = pkt_get_network_header_off(pkt) - pkt_head_space(pkt);
if (pull_len && !pkt_pull(pkt, pull_len)) {
vr_pfree(pkt, VP_DROP_PULL);
return 0;
}
}
if ((pkt->vp_type == VP_TYPE_IP) || (pkt->vp_type == VP_TYPE_IP6)) {
if (fmd->fmd_dscp < 0) {
if (pkt->vp_type == VP_TYPE_IP) {
fmd->fmd_dscp =
vr_inet_get_tos((struct vr_ip *)pkt_network_header(pkt));
} else if (pkt->vp_type == VP_TYPE_IP6) {
fmd->fmd_dscp =
vr_inet6_get_tos((struct vr_ip6 *)pkt_network_header(pkt));
}
}
} else {
if (fmd->fmd_dotonep < 0) {
fmd->fmd_dotonep = vr_vlan_get_tos(pkt_data(pkt));
}
}
/* Do the bridge lookup for the packets not meant for "me" */
if (!fmd->fmd_to_me) {
/*
* If DHCP packet coming from VM, Trap it to Agent before doing the bridge
* lookup itself
*/
if (vif_is_virtual(pkt->vp_if)) {
if (pkt->vp_type == VP_TYPE_IP)
l4_type = vr_ip_well_known_packet(pkt);
else if (pkt->vp_type == VP_TYPE_IP6)
l4_type = vr_ip6_well_known_packet(pkt);
if (l4_type == L4_TYPE_DHCP_REQUEST) {
if (pkt->vp_if->vif_flags & VIF_FLAG_DHCP_ENABLED) {
vr_trap(pkt, fmd->fmd_dvrf, AGENT_TRAP_L3_PROTOCOLS, NULL);
return 0;
}
}
/*
* Handle the unicast ARP, coming from VM, not
* destined to us. Broadcast ARP requests would be handled
* in L2 multicast nexthop. Multicast ARP on fabric
* interface also would be handled in L2 multicast nexthop.
* Unicast ARP packets on fabric interface would be handled
* in plug routines of interface.
*/
if (!IS_MAC_BMCAST(dmac)) {
handled = 0;
if (pkt->vp_type == VP_TYPE_ARP) {
handled = vr_arp_input(pkt, fmd, dmac);
} else if (l4_type == L4_TYPE_NEIGHBOUR_SOLICITATION) {
handled = vr_neighbor_input(pkt, fmd, dmac);
}
if (handled)
return 0;
}
}
be = bridge_lookup(dmac, fmd);
if (be)
nh = be->be_nh;
if (!nh || nh->nh_type == NH_DISCARD) {
/* If Flooding of unknown unicast not allowed, drop the packet */
if (!vr_unknown_uc_flood(pkt->vp_if, pkt->vp_nh) ||
IS_MAC_BMCAST(dmac)) {
vr_pfree(pkt, VP_DROP_L2_NO_ROUTE);
return 0;
}
be = bridge_lookup(vr_bcast_mac, fmd);
nh = be->be_nh;
if (!nh) {
vr_pfree(pkt, VP_DROP_L2_NO_ROUTE);
return 0;
}
stats = vr_inet_vrf_stats(fmd->fmd_dvrf, pkt->vp_cpu);
if (stats)
stats->vrf_uuc_floods++;
/* Treat this unknown unicast packet as multicast */
pkt->vp_flags |= VP_FLAG_MULTICAST;
}
if (be)
__sync_fetch_and_add(&be->be_packets, 1);
if (nh->nh_type != NH_L2_RCV)
overlay_len = VROUTER_L2_OVERLAY_LEN;
}
/* Adjust MSS for V4 and V6 packets */
if ((pkt->vp_type == VP_TYPE_IP) || (pkt->vp_type == VP_TYPE_IP6)) {
if (vif_is_virtual(pkt->vp_if) &&
vr_from_vm_mss_adj && vr_pkt_from_vm_tcp_mss_adj) {
if ((reason = vr_pkt_from_vm_tcp_mss_adj(pkt, overlay_len))) {
vr_pfree(pkt, reason);
return 0;
}
}
if (fmd->fmd_to_me) {
handled = vr_l3_input(pkt, fmd);
if (!handled) {
vr_pfree(pkt, VP_DROP_NOWHERE_TO_GO);
}
return 0;
}
}
if (pull_len && !pkt_push(pkt, pull_len)) {
vr_pfree(pkt, VP_DROP_PUSH);
return 0;
}
nh_output(pkt, nh, fmd);
return 0;
}