27 #define foreach_ipsec_gre_input_next \ 28 _(PUNT, "error-punt") \ 29 _(DROP, "error-drop") \ 30 _(L2_INPUT, "l2-input") 33 #define _(s,n) IPSEC_GRE_INPUT_NEXT_##s, 52 s =
format (s,
"GRE: tunnel %d len %d src %U dst %U",
92 u32 n_left_from, next_index, * from, * to_next;
93 u64 cached_tunnel_key = (
u64) ~0;
94 u32 cached_tunnel_sw_if_index = 0, tunnel_sw_if_index;
101 while (n_left_from > 0)
106 to_next, n_left_to_next);
108 while (n_left_from >= 4 && n_left_to_next >= 2)
113 u16 version0, version1, protocol0, protocol1;
160 protocol0 = clib_net_to_host_u16 (h0->
protocol);
161 protocol1 = clib_net_to_host_u16 (h1->
protocol);
164 next0 = IPSEC_GRE_INPUT_NEXT_L2_INPUT;
170 b0->
error = node->
errors[IPSEC_GRE_ERROR_UNKNOWN_PROTOCOL];
171 next0 = IPSEC_GRE_INPUT_NEXT_DROP;
175 next1 = IPSEC_GRE_INPUT_NEXT_L2_INPUT;
181 b1->
error = node->
errors[IPSEC_GRE_ERROR_UNKNOWN_PROTOCOL];
182 next1 = IPSEC_GRE_INPUT_NEXT_DROP;
190 b0->
error = verr0 ? node->
errors[IPSEC_GRE_ERROR_UNSUPPORTED_VERSION]
192 next0 = verr0 ? IPSEC_GRE_INPUT_NEXT_DROP : next0;
193 b1->
error = verr1 ? node->
errors[IPSEC_GRE_ERROR_UNSUPPORTED_VERSION]
195 next1 = verr1 ? IPSEC_GRE_INPUT_NEXT_DROP : next1;
198 if (
PREDICT_TRUE(next0 == IPSEC_GRE_INPUT_NEXT_L2_INPUT))
203 if (cached_tunnel_key != key)
212 next0 = IPSEC_GRE_INPUT_NEXT_DROP;
213 b0->
error = node->
errors[IPSEC_GRE_ERROR_NO_SUCH_TUNNEL];
220 cached_tunnel_sw_if_index = tunnel_sw_if_index;
224 tunnel_sw_if_index = cached_tunnel_sw_if_index;
231 if (
PREDICT_TRUE(next1 == IPSEC_GRE_INPUT_NEXT_L2_INPUT))
236 if (cached_tunnel_key != key)
245 next1 = IPSEC_GRE_INPUT_NEXT_DROP;
246 b1->
error = node->
errors[IPSEC_GRE_ERROR_NO_SUCH_TUNNEL];
253 cached_tunnel_sw_if_index = tunnel_sw_if_index;
257 tunnel_sw_if_index = cached_tunnel_sw_if_index;
287 to_next, n_left_to_next,
288 bi0, bi1, next0, next1);
291 while (n_left_from > 0 && n_left_to_next > 0)
297 u16 version0, protocol0;
318 protocol0 = clib_net_to_host_u16 (h0->
protocol);
321 next0 = IPSEC_GRE_INPUT_NEXT_L2_INPUT;
327 b0->
error = node->
errors[IPSEC_GRE_ERROR_UNKNOWN_PROTOCOL];
328 next0 = IPSEC_GRE_INPUT_NEXT_DROP;
333 b0->
error = verr0 ? node->
errors[IPSEC_GRE_ERROR_UNSUPPORTED_VERSION]
335 next0 = verr0 ? IPSEC_GRE_INPUT_NEXT_DROP : next0;
343 if (cached_tunnel_key != key)
352 next0 = IPSEC_GRE_INPUT_NEXT_DROP;
353 b0->
error = node->
errors[IPSEC_GRE_ERROR_NO_SUCH_TUNNEL];
360 cached_tunnel_sw_if_index = tunnel_sw_if_index;
364 tunnel_sw_if_index = cached_tunnel_sw_if_index;
383 to_next, n_left_to_next,
390 IPSEC_GRE_ERROR_PKTS_DECAP, from_frame->
n_vectors);
395 #define ipsec_gre_error(n,s) s, 397 #undef ipsec_gre_error 402 .name =
"ipsec-gre-input",
404 .vector_size =
sizeof (
u32),
406 .n_errors = IPSEC_GRE_N_ERROR,
411 #define _(s,n) [IPSEC_GRE_INPUT_NEXT_##s] = n, void vlib_put_next_frame(vlib_main_t *vm, vlib_node_runtime_t *r, u32 next_index, u32 n_vectors_left)
Release pointer to next frame vector data.
VLIB_NODE_FUNCTION_MULTIARCH(ethernet_input_not_l2_node, ethernet_input_not_l2)
L2-GRE over IPSec packet processing.
static vnet_hw_interface_t * vnet_get_hw_interface(vnet_main_t *vnm, u32 hw_if_index)
static uword ipsec_gre_input(vlib_main_t *vm, vlib_node_runtime_t *node, vlib_frame_t *from_frame)
L2-GRE over IPSec input node.
#define clib_error_report(e)
static clib_error_t * ipsec_gre_init(vlib_main_t *vm)
ipsec_gre_tunnel_t * tunnels
pool of tunnel instances
#define VLIB_INIT_FUNCTION(x)
static void * vlib_buffer_get_current(vlib_buffer_t *b)
Get pointer to current data to process.
ipsec_gre_main_t ipsec_gre_main
#define clib_warning(format, args...)
#define foreach_ipsec_gre_input_next
#define vlib_call_init_function(vm, x)
uword * tunnel_by_key
hash mapping src/dst addr pair to tunnel
#define pool_elt_at_index(p, i)
Returns pointer to element at given index.
#define vlib_validate_buffer_enqueue_x2(vm, node, next_index, to_next, n_left_to_next, bi0, bi1, next0, next1)
Finish enqueueing two buffers forward in the graph.
#define vlib_validate_buffer_enqueue_x1(vm, node, next_index, to_next, n_left_to_next, bi0, next0)
Finish enqueueing one buffer forward in the graph.
#define vlib_get_next_frame(vm, node, next_index, vectors, n_vectors_left)
Get pointer to next frame vector data by (vlib_node_runtime_t, next_index).
vlib_error_t error
Error code for buffers to be enqueued to error handler.
static void vlib_node_increment_counter(vlib_main_t *vm, u32 node_index, u32 counter_index, u64 increment)
L2-GRE over IPSec errors.
#define CLIB_PREFETCH(addr, size, type)
static void vlib_buffer_advance(vlib_buffer_t *b, word l)
Advance current data pointer by the supplied (signed!) amount.
static char * ipsec_gre_error_strings[]
IPSec-GRE tunnel parameters.
vnet_main_t * vnet_main
convenience
#define VLIB_BUFFER_IS_TRACED
static void * vlib_add_trace(vlib_main_t *vm, vlib_node_runtime_t *r, vlib_buffer_t *b, u32 n_data_bytes)
static void * vlib_frame_vector_args(vlib_frame_t *f)
Get pointer to frame vector data.
#define vlib_prefetch_buffer_header(b, type)
Prefetch buffer metadata.
#define VLIB_REGISTER_NODE(x,...)
vlib_node_registration_t ipsec_gre_input_node
(constructor) VLIB_REGISTER_NODE (ipsec_gre_input_node)
u32 flags
buffer flags: VLIB_BUFFER_IS_TRACED: trace this buffer.
static clib_error_t * ipsec_gre_input_init(vlib_main_t *vm)
static vlib_buffer_t * vlib_get_buffer(vlib_main_t *vm, u32 buffer_index)
Translate buffer index into buffer pointer.
u8 * format_ipsec_gre_rx_trace(u8 *s, va_list *args)