16 #include <netinet/in.h> 42 return (
format (s,
"l3 %U -> %U" 43 " l4 lsb_of_sw_if_index %d proto %d l4_is_input %d l4_slow_path %d l4_reserved0 %d port %d -> %d | sess id %d thread id %d epoch %04x",
62 return (
format (s,
"l3 %U -> %U" 63 " l4 lsb_of_sw_if_index %d proto %d l4_is_input %d l4_slow_path %d l4_reserved0 %d port %d -> %d | sess id %d thread id %d epoch %04x",
96 "ACL plugin FA IPv6 session bihash",
103 "ACL plugin FA IPv4 session bihash",
131 u16 thread_index,
int timeout_type)
138 u64 now,
u16 thread_index,
u32 session_index)
145 return (timeout_time < now)
160 int total_expired = 0;
186 int n_pending_swipes = 0;
190 while (n_expired < am->fa_max_deleted_sessions_per_interval)
201 "acl_fa_check_idle_sessions: expire session %d in list %d on thread %d",
203 (
u32) tt, (
u32) thread_index);
219 if (n_pending_swipes == 0)
234 u64 sess_timeout_time =
236 int timeout_passed = (now >= sess_timeout_time);
237 int clearing_interface =
242 "acl_fa_check_idle_sessions: now %lu sess_timeout_time %lu",
243 "i8i8", now, sess_timeout_time);
245 "acl_fa_check_idle_sessions: session %d sw_if_index %d timeout_passed %d clearing_interface %d",
248 (
u32) timeout_passed,
249 (
u32) clearing_interface);
251 if (timeout_passed || clearing_interface)
258 "acl_fa_check_idle_sessions: deleted session %d sw_if_index %d",
271 "acl_fa_check_idle_sessions: session %d sw_if_index %d marked as deleted, put to purgatory",
283 "acl_fa_check_idle_sessions: restart timer for session %d sw_if_index %d",
310 "acl_fa_check_idle_sessions: done, total sessions expired: %d",
311 "i4", (
u32) total_expired);
312 return (total_expired);
323 #define foreach_acl_fa_cleaner_error \ 324 _(UNKNOWN_EVENT, "unknown event received") \ 329 #define _(sym,str) ACL_FA_CLEANER_ERROR_##sym, 336 #define _(sym,string) string, 357 "send_one_worker_interrupt: send interrupt to worker %u",
358 "i4", ((
u32) thread_index));
367 u32 target_session,
u32 request_type)
376 (((
u64) request_type) << 32) | target_session);
430 "acl_fa_worker_conn_cleaner interrupt: now %lu",
453 "acl_fa_worker_conn_cleaner: now %lu, someone tried to call clear but one of the bitmaps are empty",
459 #ifdef FA_NODE_VERBOSE_DEBUG 461 (
"WORKER-CLEAR: (before and) swiping sw-if-index bitmap: %U, my serviced bitmap %U",
474 "acl_fa_worker_conn_cleaner: now %lu, clearing done, nothing to do",
481 #ifdef FA_NODE_VERBOSE_DEBUG 483 (
"WORKER-CLEAR: swiping sw-if-index bitmap: %U, my serviced bitmap %U",
488 "acl_fa_worker_conn_cleaner: swiping until %lu",
498 "acl_fa_worker_conn_cleaner: checked %d sessions (clear_in_process: %d)",
499 "i4i4", (
u32) num_expired,
509 "acl_fa_worker_conn_cleaner: now %lu, clearing done - all done",
515 "acl_fa_worker_conn_cleaner: now %lu, more work to do - requesting interrupt",
538 "acl_fa_worker_conn_cleaner: now %lu, interrupt needed: %u, interrupt unwanted: %u",
557 for (i = 0; i < n_threads; i++)
573 u64 max_timer_wait_interval = cpu_cps / 2;
574 uword event_type, *event_data = 0;
584 int has_pending_conns = 0;
610 "acl_fa_session_cleaner_process: now %lu, worker: %u tt: %u",
611 "i8i2i2", now, ti, tt);
613 "acl_fa_session_cleaner_process: head expiry: %lu, is earlier than curr next expire: %lu",
614 "i8i8", head_expiry, next_expire);
615 next_expire = head_expiry;
619 has_pending_conns = 1;
627 am->fa_cleaner_cnt_wait_without_timeout++;
629 "acl_conn_cleaner: now %lu entering wait without timeout",
636 f64 timeout = ((
i64) next_expire - (
i64) now) / cpu_cps;
644 am->fa_cleaner_cnt_wait_with_timeout++;
646 "acl_conn_cleaner: now %lu entering wait with timeout %.6f sec",
647 "i8f8", now, timeout);
663 uword *clear_sw_if_index_bitmap = 0;
668 "acl_fa_session_cleaner_process: now %lu, received ACL_FA_CLEANER_DELETE_BY_SW_IF_INDEX",
672 am->fa_cleaner_cnt_delete_by_sw_index++;
674 "acl_fa_session_cleaner_process: ACL_FA_CLEANER_DELETE_BY_SW_IF_INDEX %u",
675 "i4", *sw_if_index0);
676 if (*sw_if_index0 == ~0)
686 clear_sw_if_index_bitmap =
693 (
"ACL_FA_CLEANER_DELETE_BY_SW_IF_INDEX bitmap: %U, clear_all: %u",
694 format_bitmap_hex, clear_sw_if_index_bitmap, clear_all);
702 "ACL_FA_NODE_CLEAN: waiting previous cleaning cycle to finish on %u",
715 (
"ERROR-BUG! Could not initiate cleaning on worker because another cleanup in progress");
731 (
"ACL_FA_CLEANER: thread %u, pending clear bitmap: %U",
741 acl_log_info (
"CLEANER mains len: %u per-worker len: %d",
751 "ACL_FA_NODE_CLEAN: waiting for my cleaning cycle to finish on %u",
765 am->fa_cleaner_cnt_delete_by_sw_index_ok++;
768 #ifdef FA_NODE_VERBOSE_DEBUG 769 clib_warning (
"ACL plugin connection cleaner: unknown event %u",
775 ACL_FA_CLEANER_ERROR_UNKNOWN_EVENT, 1);
776 am->fa_cleaner_cnt_unknown_event++;
783 _vec_len (event_data) = 0;
789 int need_more_wait = 0;
790 int max_wait_cycles = 100;
806 while (need_more_wait && (--max_wait_cycles > 0));
808 int interrupts_needed = 0;
809 int interrupts_unwanted = 0;
820 interrupts_unwanted++;
824 if (interrupts_needed)
831 else if (interrupts_unwanted)
835 max_timer_wait_interval)
839 am->fa_cleaner_cnt_event_cycles++;
871 sw_if_index, enable_disable, 0, 0);
873 sw_if_index, enable_disable, 0, 0);
885 sw_if_index, enable_disable, 0, 0);
887 sw_if_index, enable_disable, 0, 0);
896 #ifdef FA_NODE_VERBOSE_DEBUG 897 clib_warning (
"ENABLE-DISABLE: clean the connections on interface %d",
925 "\nSession lookup hash table is not allocated.\n\n");
934 .name =
"acl-plugin-fa-worker-cleaner-process",
936 .state = VLIB_NODE_STATE_INTERRUPT,
942 .name =
"acl-plugin-fa-cleaner-process",
static void send_interrupts_to_workers(vlib_main_t *vm, acl_main_t *am)
static void send_one_worker_interrupt(vlib_main_t *vm, acl_main_t *am, int thread_index)
static vlib_node_registration_t acl_fa_worker_session_cleaner_process_node
(constructor) VLIB_REGISTER_NODE (acl_fa_worker_session_cleaner_process_node)
u32 fa_cleaner_node_index
uword * fa_out_acl_on_sw_if_index
void acl_fa_enable_disable(u32 sw_if_index, int is_input, int enable_disable)
static u64 fa_session_get_list_timeout(acl_main_t *am, fa_session_t *sess)
#define FA_SESSION_BOGUS_INDEX
uword * pending_clear_sw_if_index_bitmap
static int acl_fa_conn_list_delete_session(acl_main_t *am, fa_full_session_id_t sess_id, u64 now)
static f64 vlib_process_wait_for_event_or_clock(vlib_main_t *vm, f64 dt)
Suspend a cooperative multi-tasking thread Waits for an event, or for the indicated number of seconds...
u64 fa_current_cleaner_timer_wait_interval
static void acl_fa_verify_init_sessions(acl_main_t *am)
static uword * vlib_process_wait_for_event(vlib_main_t *vm)
clib_bihash_40_8_t fa_ip6_sessions_hash
vnet_interface_main_t interface_main
uword * fa_in_acl_on_sw_if_index
u64 * wip_session_change_requests
static void vlib_node_set_interrupt_pending(vlib_main_t *vm, u32 node_index)
static void acl_fa_conn_list_add_session(acl_main_t *am, fa_full_session_id_t sess_id, u64 now)
static_always_inline void clib_spinlock_unlock_if_init(clib_spinlock_t *p)
#define foreach_acl_fa_cleaner_error
#define vec_add1(V, E)
Add 1 element to end of vector (unspecified alignment).
static u64 clib_cpu_time_now(void)
void show_fa_sessions_hash(vlib_main_t *vm, u32 verbose)
static int acl_fa_two_stage_delete_session(acl_main_t *am, u32 sw_if_index, fa_full_session_id_t sess_id, u64 now)
void aclp_post_session_change_request(acl_main_t *am, u32 target_thread, u32 target_session, u32 request_type)
static uword * clib_bitmap_set(uword *ai, uword i, uword value)
Sets the ith bit of a bitmap to new_value Removes trailing zeros from the bitmap. ...
fa_session_t * fa_sessions_pool
static vlib_node_registration_t acl_fa_session_cleaner_process_node
(constructor) VLIB_REGISTER_NODE (acl_fa_session_cleaner_process_node)
vlib_main_t ** vlib_mains
#define clib_bitmap_zero(v)
Clear a bitmap.
static char * acl_fa_cleaner_error_strings[]
#define clib_bitmap_dup(v)
Duplicate a bitmap.
static u8 * format_ip4_session_bihash_kv(u8 *s, va_list *args)
f64 fa_cleaner_wait_time_increment
static fa_session_t * get_session_ptr(acl_main_t *am, u16 thread_index, u32 session_index)
static uword vlib_process_suspend(vlib_main_t *vm, f64 dt)
Suspend a vlib cooperative multi-tasking thread for a period of time.
uword fa_conn_table_hash_memory_size
static int acl_fa_ifc_has_in_acl(acl_main_t *am, int sw_if_index0)
u64 rcvd_session_change_requests
static uword vlib_process_get_events(vlib_main_t *vm, uword **data_vector)
Return the first event type which has occurred and a vector of per-event data of that type...
u64 fa_conn_table_max_entries
static uword clib_bitmap_is_zero(uword *ai)
predicate function; is an entire bitmap empty?
u64 cnt_session_timer_restarted
static uword acl_fa_worker_conn_cleaner_process(vlib_main_t *vm, vlib_node_runtime_t *rt, vlib_frame_t *f)
static u8 * format_ip6_session_bihash_kv(u8 *s, va_list *args)
static void vlib_process_signal_event(vlib_main_t *vm, uword node_index, uword type_opaque, uword data)
#define elog_acl_maybe_trace_X4(am, acl_elog_trace_format_label, acl_elog_trace_format_args, acl_elog_val1,acl_elog_val2, acl_elog_val3, acl_elog_val4)
static int acl_fa_check_idle_sessions(acl_main_t *am, u16 thread_index, u64 now)
int interrupt_is_unwanted
u32 fa_total_enabled_count
u64 * fa_conn_list_head_expiry_time
static void vlib_node_increment_counter(vlib_main_t *vm, u32 node_index, u32 counter_index, u64 increment)
static int purgatory_has_connections(vlib_main_t *vm, acl_main_t *am, int thread_index)
static u64 fa_session_get_timeout(acl_main_t *am, fa_session_t *sess)
#define VLIB_REGISTER_NODE(x,...)
u64 sent_session_change_requests
#define elog_acl_maybe_trace_X3(am, acl_elog_trace_format_label, acl_elog_trace_format_args, acl_elog_val1,acl_elog_val2, acl_elog_val3)
clib_bihash_kv_40_8_t kv_40_8
static void * clib_mem_set_heap(void *heap)
#define clib_warning(format, args...)
#define pool_is_free_index(P, I)
Use free bitmap to query whether given index is free.
static uword clib_bitmap_get(uword *ai, uword i)
Gets the ith bit value from a bitmap.
static int acl_fa_restart_timer_for_session(acl_main_t *am, u64 now, fa_full_session_id_t sess_id)
#define pool_init_fixed(pool, max_elts)
initialize a fixed-size, preallocated pool
#define acl_log_info(...)
#define clib_bitmap_free(v)
Free a bitmap.
clib_bihash_kv_16_8_t kv_16_8
uword * serviced_sw_if_index_bitmap
#define elog_acl_maybe_trace_X1(am, acl_elog_trace_format_label, acl_elog_trace_format_args, acl_elog_val1)
struct _vlib_node_registration vlib_node_registration_t
static int acl_fa_conn_time_to_check(acl_main_t *am, acl_fa_per_worker_data_t *pw, u64 now, u16 thread_index, u32 session_index)
#define vec_len(v)
Number of elements in vector (rvalue-only, NULL tolerant)
acl_fa_per_worker_data_t * per_worker_data
vnet_sw_interface_t * sw_interfaces
int fa_interrupt_generation
u64 cnt_already_deleted_sessions
static uword acl_fa_session_cleaner_process(vlib_main_t *vm, vlib_node_runtime_t *rt, vlib_frame_t *f)
static_always_inline uword os_get_thread_index(void)
#define elog_acl_maybe_trace_X2(am, acl_elog_trace_format_label, acl_elog_trace_format_args,acl_elog_val1, acl_elog_val2)
#define vec_foreach(var, vec)
Vector iterator.
clib_spinlock_t pending_session_change_request_lock
#define CLIB_MEMORY_BARRIER()
static u64 acl_fa_get_list_head_expiry_time(acl_main_t *am, acl_fa_per_worker_data_t *pw, u64 now, u16 thread_index, int timeout_type)
ip4_address_t ip4_addr[2]
clib_bihash_16_8_t fa_ip4_sessions_hash
static int acl_fa_ifc_has_out_acl(acl_main_t *am, int sw_if_index0)
void vlib_cli_output(vlib_main_t *vm, char *fmt,...)
static_always_inline void clib_spinlock_lock_if_init(clib_spinlock_t *p)
int fa_sessions_hash_is_initialized
static uword * clib_bitmap_and(uword *ai, uword *bi)
Logical operator across two bitmaps.
u64 * pending_session_change_requests
int vnet_feature_enable_disable(const char *arc_name, const char *node_name, u32 sw_if_index, int enable_disable, void *feature_config, u32 n_feature_config_bytes)
u32 fa_conn_table_hash_num_buckets
void aclp_swap_wip_and_pending_session_change_requests(acl_main_t *am, u32 target_thread)
ip6_address_t ip6_addr[2]
foreach_fa_cleaner_counter vlib_main_t * vlib_main