16 #include <netinet/in.h> 41 void *format_addr_func;
64 return (
format (s,
"l3 %U -> %U %U | sess id %d thread id %d epoch %04x",
65 format_addr_func, paddr0,
66 format_addr_func, paddr1,
107 "ACL plugin FA IPv6 session bihash",
114 "ACL plugin FA IPv4 session bihash",
142 u16 thread_index,
int timeout_type)
149 u64 now,
u16 thread_index,
u32 session_index)
156 return (timeout_time < now)
171 int total_expired = 0;
197 int n_pending_swipes = 0;
201 while (n_expired < am->fa_max_deleted_sessions_per_interval)
212 "acl_fa_check_idle_sessions: expire session %d in list %d on thread %d",
214 (
u32) tt, (
u32) thread_index);
230 if (n_pending_swipes == 0)
245 u64 sess_timeout_time =
247 int timeout_passed = (now >= sess_timeout_time);
248 int clearing_interface =
253 "acl_fa_check_idle_sessions: now %lu sess_timeout_time %lu",
254 "i8i8", now, sess_timeout_time);
256 "acl_fa_check_idle_sessions: session %d sw_if_index %d timeout_passed %d clearing_interface %d",
259 (
u32) timeout_passed,
260 (
u32) clearing_interface);
262 if (timeout_passed || clearing_interface)
269 "acl_fa_check_idle_sessions: deleted session %d sw_if_index %d",
282 "acl_fa_check_idle_sessions: session %d sw_if_index %d marked as deleted, put to purgatory",
294 "acl_fa_check_idle_sessions: restart timer for session %d sw_if_index %d",
321 "acl_fa_check_idle_sessions: done, total sessions expired: %d",
322 "i4", (
u32) total_expired);
323 return (total_expired);
334 #define foreach_acl_fa_cleaner_error \ 335 _(UNKNOWN_EVENT, "unknown event received") \ 340 #define _(sym,str) ACL_FA_CLEANER_ERROR_##sym, 347 #define _(sym,string) string, 368 "send_one_worker_interrupt: send interrupt to worker %u",
369 "i4", ((
u32) thread_index));
378 u32 target_session,
u32 request_type)
387 (((
u64) request_type) << 32) | target_session);
441 "acl_fa_worker_conn_cleaner interrupt: now %lu",
464 "acl_fa_worker_conn_cleaner: now %lu, someone tried to call clear but one of the bitmaps are empty",
470 #ifdef FA_NODE_VERBOSE_DEBUG 472 (
"WORKER-CLEAR: (before and) swiping sw-if-index bitmap: %U, my serviced bitmap %U",
485 "acl_fa_worker_conn_cleaner: now %lu, clearing done, nothing to do",
492 #ifdef FA_NODE_VERBOSE_DEBUG 494 (
"WORKER-CLEAR: swiping sw-if-index bitmap: %U, my serviced bitmap %U",
499 "acl_fa_worker_conn_cleaner: swiping until %lu",
509 "acl_fa_worker_conn_cleaner: checked %d sessions (clear_in_process: %d)",
510 "i4i4", (
u32) num_expired,
520 "acl_fa_worker_conn_cleaner: now %lu, clearing done - all done",
526 "acl_fa_worker_conn_cleaner: now %lu, more work to do - requesting interrupt",
549 "acl_fa_worker_conn_cleaner: now %lu, interrupt needed: %u, interrupt unwanted: %u",
568 for (i = 0; i < n_threads; i++)
584 u64 max_timer_wait_interval = cpu_cps / 2;
585 uword event_type, *event_data = 0;
595 int has_pending_conns = 0;
621 "acl_fa_session_cleaner_process: now %lu, worker: %u tt: %u",
622 "i8i2i2", now, ti, tt);
624 "acl_fa_session_cleaner_process: head expiry: %lu, is earlier than curr next expire: %lu",
625 "i8i8", head_expiry, next_expire);
626 next_expire = head_expiry;
630 has_pending_conns = 1;
638 am->fa_cleaner_cnt_wait_without_timeout++;
640 "acl_conn_cleaner: now %lu entering wait without timeout",
647 f64 timeout = ((
i64) next_expire - (
i64) now) / cpu_cps;
655 am->fa_cleaner_cnt_wait_with_timeout++;
657 "acl_conn_cleaner: now %lu entering wait with timeout %.6f sec",
658 "i8f8", now, timeout);
674 uword *clear_sw_if_index_bitmap = 0;
679 "acl_fa_session_cleaner_process: now %lu, received ACL_FA_CLEANER_DELETE_BY_SW_IF_INDEX",
683 am->fa_cleaner_cnt_delete_by_sw_index++;
685 "acl_fa_session_cleaner_process: ACL_FA_CLEANER_DELETE_BY_SW_IF_INDEX %u",
686 "i4", *sw_if_index0);
687 if (*sw_if_index0 == ~0)
697 clear_sw_if_index_bitmap =
704 (
"ACL_FA_CLEANER_DELETE_BY_SW_IF_INDEX bitmap: %U, clear_all: %u",
705 format_bitmap_hex, clear_sw_if_index_bitmap, clear_all);
713 "ACL_FA_NODE_CLEAN: waiting previous cleaning cycle to finish on %u",
726 (
"ERROR-BUG! Could not initiate cleaning on worker because another cleanup in progress");
742 (
"ACL_FA_CLEANER: thread %u, pending clear bitmap: %U",
752 acl_log_info (
"CLEANER mains len: %u per-worker len: %d",
762 "ACL_FA_NODE_CLEAN: waiting for my cleaning cycle to finish on %u",
776 am->fa_cleaner_cnt_delete_by_sw_index_ok++;
779 #ifdef FA_NODE_VERBOSE_DEBUG 780 clib_warning (
"ACL plugin connection cleaner: unknown event %u",
786 ACL_FA_CLEANER_ERROR_UNKNOWN_EVENT, 1);
787 am->fa_cleaner_cnt_unknown_event++;
794 _vec_len (event_data) = 0;
800 int need_more_wait = 0;
801 int max_wait_cycles = 100;
817 while (need_more_wait && (--max_wait_cycles > 0));
819 int interrupts_needed = 0;
820 int interrupts_unwanted = 0;
831 interrupts_unwanted++;
835 if (interrupts_needed)
842 else if (interrupts_unwanted)
846 max_timer_wait_interval)
850 am->fa_cleaner_cnt_event_cycles++;
882 sw_if_index, enable_disable, 0, 0);
884 sw_if_index, enable_disable, 0, 0);
896 sw_if_index, enable_disable, 0, 0);
898 sw_if_index, enable_disable, 0, 0);
907 #ifdef FA_NODE_VERBOSE_DEBUG 908 clib_warning (
"ENABLE-DISABLE: clean the connections on interface %d",
936 "\nSession lookup hash table is not allocated.\n\n");
945 .name =
"acl-plugin-fa-worker-cleaner-process",
947 .state = VLIB_NODE_STATE_INTERRUPT,
953 .name =
"acl-plugin-fa-cleaner-process",
static void send_interrupts_to_workers(vlib_main_t *vm, acl_main_t *am)
static void send_one_worker_interrupt(vlib_main_t *vm, acl_main_t *am, int thread_index)
static vlib_node_registration_t acl_fa_worker_session_cleaner_process_node
(constructor) VLIB_REGISTER_NODE (acl_fa_worker_session_cleaner_process_node)
u32 fa_cleaner_node_index
static_always_inline u8 * format_ip46_session_bihash_kv(u8 *s, va_list *args, int is_ip6)
uword * fa_out_acl_on_sw_if_index
void acl_fa_enable_disable(u32 sw_if_index, int is_input, int enable_disable)
static u64 fa_session_get_list_timeout(acl_main_t *am, fa_session_t *sess)
#define elog_acl_maybe_trace_X4(am, acl_elog_trace_format_label, acl_elog_trace_format_args, acl_elog_val1, acl_elog_val2, acl_elog_val3, acl_elog_val4)
#define FA_SESSION_BOGUS_INDEX
uword * pending_clear_sw_if_index_bitmap
static int acl_fa_conn_list_delete_session(acl_main_t *am, fa_full_session_id_t sess_id, u64 now)
static f64 vlib_process_wait_for_event_or_clock(vlib_main_t *vm, f64 dt)
Suspend a cooperative multi-tasking thread Waits for an event, or for the indicated number of seconds...
u64 fa_current_cleaner_timer_wait_interval
static void acl_fa_verify_init_sessions(acl_main_t *am)
static uword * vlib_process_wait_for_event(vlib_main_t *vm)
clib_bihash_40_8_t fa_ip6_sessions_hash
vnet_interface_main_t interface_main
uword * fa_in_acl_on_sw_if_index
u64 * wip_session_change_requests
static void vlib_node_set_interrupt_pending(vlib_main_t *vm, u32 node_index)
static void acl_fa_conn_list_add_session(acl_main_t *am, fa_full_session_id_t sess_id, u64 now)
static_always_inline void clib_spinlock_unlock_if_init(clib_spinlock_t *p)
#define foreach_acl_fa_cleaner_error
#define vec_add1(V, E)
Add 1 element to end of vector (unspecified alignment).
static u64 clib_cpu_time_now(void)
void show_fa_sessions_hash(vlib_main_t *vm, u32 verbose)
static int acl_fa_two_stage_delete_session(acl_main_t *am, u32 sw_if_index, fa_full_session_id_t sess_id, u64 now)
void aclp_post_session_change_request(acl_main_t *am, u32 target_thread, u32 target_session, u32 request_type)
static uword * clib_bitmap_set(uword *ai, uword i, uword value)
Sets the ith bit of a bitmap to new_value Removes trailing zeros from the bitmap. ...
fa_session_t * fa_sessions_pool
static vlib_node_registration_t acl_fa_session_cleaner_process_node
(constructor) VLIB_REGISTER_NODE (acl_fa_session_cleaner_process_node)
vlib_main_t ** vlib_mains
#define clib_bitmap_zero(v)
Clear a bitmap.
static char * acl_fa_cleaner_error_strings[]
#define clib_bitmap_dup(v)
Duplicate a bitmap.
static u8 * format_ip4_session_bihash_kv(u8 *s, va_list *args)
f64 fa_cleaner_wait_time_increment
static fa_session_t * get_session_ptr(acl_main_t *am, u16 thread_index, u32 session_index)
static uword vlib_process_suspend(vlib_main_t *vm, f64 dt)
Suspend a vlib cooperative multi-tasking thread for a period of time.
uword fa_conn_table_hash_memory_size
static int acl_fa_ifc_has_in_acl(acl_main_t *am, int sw_if_index0)
u64 rcvd_session_change_requests
#define static_always_inline
vl_api_interface_index_t sw_if_index
static uword vlib_process_get_events(vlib_main_t *vm, uword **data_vector)
Return the first event type which has occurred and a vector of per-event data of that type...
u64 fa_conn_table_max_entries
static uword clib_bitmap_is_zero(uword *ai)
predicate function; is an entire bitmap empty?
u64 cnt_session_timer_restarted
static uword acl_fa_worker_conn_cleaner_process(vlib_main_t *vm, vlib_node_runtime_t *rt, vlib_frame_t *f)
static u8 * format_ip6_session_bihash_kv(u8 *s, va_list *args)
static void vlib_process_signal_event(vlib_main_t *vm, uword node_index, uword type_opaque, uword data)
static int acl_fa_check_idle_sessions(acl_main_t *am, u16 thread_index, u64 now)
int interrupt_is_unwanted
u32 fa_total_enabled_count
u64 * fa_conn_list_head_expiry_time
static void vlib_node_increment_counter(vlib_main_t *vm, u32 node_index, u32 counter_index, u64 increment)
#define elog_acl_maybe_trace_X2(am, acl_elog_trace_format_label, acl_elog_trace_format_args, acl_elog_val1, acl_elog_val2)
static int purgatory_has_connections(vlib_main_t *vm, acl_main_t *am, int thread_index)
static u64 fa_session_get_timeout(acl_main_t *am, fa_session_t *sess)
#define VLIB_REGISTER_NODE(x,...)
u64 sent_session_change_requests
clib_bihash_kv_40_8_t kv_40_8
static void * clib_mem_set_heap(void *heap)
#define clib_warning(format, args...)
#define pool_is_free_index(P, I)
Use free bitmap to query whether given index is free.
static uword clib_bitmap_get(uword *ai, uword i)
Gets the ith bit value from a bitmap.
static int acl_fa_restart_timer_for_session(acl_main_t *am, u64 now, fa_full_session_id_t sess_id)
#define pool_init_fixed(pool, max_elts)
initialize a fixed-size, preallocated pool
#define acl_log_info(...)
static_always_inline u8 * format_fa_session_l4_key(u8 *s, va_list *args)
#define clib_bitmap_free(v)
Free a bitmap.
clib_bihash_kv_16_8_t kv_16_8
uword * serviced_sw_if_index_bitmap
#define elog_acl_maybe_trace_X1(am, acl_elog_trace_format_label, acl_elog_trace_format_args, acl_elog_val1)
#define elog_acl_maybe_trace_X3(am, acl_elog_trace_format_label, acl_elog_trace_format_args, acl_elog_val1, acl_elog_val2, acl_elog_val3)
struct _vlib_node_registration vlib_node_registration_t
static int acl_fa_conn_time_to_check(acl_main_t *am, acl_fa_per_worker_data_t *pw, u64 now, u16 thread_index, u32 session_index)
#define vec_len(v)
Number of elements in vector (rvalue-only, NULL tolerant)
acl_fa_per_worker_data_t * per_worker_data
vnet_sw_interface_t * sw_interfaces
int fa_interrupt_generation
u64 cnt_already_deleted_sessions
static uword acl_fa_session_cleaner_process(vlib_main_t *vm, vlib_node_runtime_t *rt, vlib_frame_t *f)
static_always_inline uword os_get_thread_index(void)
#define vec_foreach(var, vec)
Vector iterator.
clib_spinlock_t pending_session_change_request_lock
#define CLIB_MEMORY_BARRIER()
static u64 acl_fa_get_list_head_expiry_time(acl_main_t *am, acl_fa_per_worker_data_t *pw, u64 now, u16 thread_index, int timeout_type)
ip4_address_t ip4_addr[2]
clib_bihash_16_8_t fa_ip4_sessions_hash
static int acl_fa_ifc_has_out_acl(acl_main_t *am, int sw_if_index0)
void vlib_cli_output(vlib_main_t *vm, char *fmt,...)
static_always_inline void clib_spinlock_lock_if_init(clib_spinlock_t *p)
int fa_sessions_hash_is_initialized
static uword * clib_bitmap_and(uword *ai, uword *bi)
Logical operator across two bitmaps.
u64 * pending_session_change_requests
int vnet_feature_enable_disable(const char *arc_name, const char *node_name, u32 sw_if_index, int enable_disable, void *feature_config, u32 n_feature_config_bytes)
u32 fa_conn_table_hash_num_buckets
void aclp_swap_wip_and_pending_session_change_requests(acl_main_t *am, u32 target_thread)
ip6_address_t ip6_addr[2]
foreach_fa_cleaner_counter vlib_main_t * vlib_main