mirror of
https://github.com/opnsense/src.git
synced 2026-04-29 18:32:49 -04:00
fedeb08b6a
This change is based on the nexthop objects landed in D24232.
The change introduces the concept of nexthop groups.
Each group contains the collection of nexthops with their
relative weights and a dataplane-optimized structure to enable
efficient nexthop selection.
Simular to the nexthops, nexthop groups are immutable. Dataplane part
gets compiled during group creation and is basically an array of
nexthop pointers, compiled w.r.t their weights.
With this change, `rt_nhop` field of `struct rtentry` contains either
nexthop or nexthop group. They are distinguished by the presense of
NHF_MULTIPATH flag.
All dataplane lookup functions returns pointer to the nexthop object,
leaving nexhop groups details inside routing subsystem.
User-visible changes:
The change is intended to be backward-compatible: all non-mpath operations
should work as before with ROUTE_MPATH and net.route.multipath=1.
All routes now comes with weight, default weight is 1, maximum is 2^24-1.
Current maximum multipath group width is statically set to 64.
This will become sysctl-tunable in the followup changes.
Using functionality:
* Recompile kernel with ROUTE_MPATH
* set net.route.multipath to 1
route add -6 2001:db8::/32 2001:db8::2 -weight 10
route add -6 2001:db8::/32 2001:db8::3 -weight 20
netstat -6On
Nexthop groups data
Internet6:
GrpIdx NhIdx Weight Slots Gateway Netif Refcnt
1 ------- ------- ------- --------------------------------------- --------- 1
13 10 1 2001:db8::2 vlan2
14 20 2 2001:db8::3 vlan2
Next steps:
* Land outbound hashing for locally-originated routes ( D26523 ).
* Fix net/bird multipath (net/frr seems to work fine)
* Add ROUTE_MPATH to GENERIC
* Set net.route.multipath=1 by default
Tested by: olivier
Reviewed by: glebius
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D26449
226 lines
6.1 KiB
C
226 lines
6.1 KiB
C
/*-
|
|
* Copyright (c) 2015
|
|
* Alexander V. Chernikov <melifaro@FreeBSD.org>
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions
|
|
* are met:
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
* documentation and/or other materials provided with the distribution.
|
|
* 3. Neither the name of the University nor the names of its contributors
|
|
* may be used to endorse or promote products derived from this software
|
|
* without specific prior written permission.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
* SUCH DAMAGE.
|
|
*/
|
|
|
|
#include <sys/cdefs.h>
|
|
__FBSDID("$FreeBSD$");
|
|
|
|
#include "opt_inet.h"
|
|
#include "opt_route.h"
|
|
|
|
#include <sys/param.h>
|
|
#include <sys/systm.h>
|
|
#include <sys/lock.h>
|
|
#include <sys/rmlock.h>
|
|
#include <sys/malloc.h>
|
|
#include <sys/mbuf.h>
|
|
#include <sys/socket.h>
|
|
#include <sys/sysctl.h>
|
|
#include <sys/kernel.h>
|
|
|
|
#include <net/if.h>
|
|
#include <net/if_var.h>
|
|
#include <net/if_dl.h>
|
|
#include <net/route.h>
|
|
#include <net/route/route_ctl.h>
|
|
#include <net/route/route_var.h>
|
|
#include <net/route/nhop.h>
|
|
#include <net/vnet.h>
|
|
|
|
#include <netinet/in.h>
|
|
#include <netinet/in_var.h>
|
|
#include <netinet/in_fib.h>
|
|
|
|
#ifdef INET
|
|
|
|
/* Verify struct route compatiblity */
|
|
/* Assert 'struct route_in' is compatible with 'struct route' */
|
|
CHK_STRUCT_ROUTE_COMPAT(struct route_in, ro_dst4);
|
|
|
|
/*
|
|
* Looks up path in fib @fibnum specified by @dst.
|
|
* Returns path nexthop on success. Nexthop is safe to use
|
|
* within the current network epoch. If longer lifetime is required,
|
|
* one needs to pass NHR_REF as a flag. This will return referenced
|
|
* nexthop.
|
|
*/
|
|
struct nhop_object *
|
|
fib4_lookup(uint32_t fibnum, struct in_addr dst, uint32_t scopeid,
|
|
uint32_t flags, uint32_t flowid)
|
|
{
|
|
RIB_RLOCK_TRACKER;
|
|
struct rib_head *rh;
|
|
struct radix_node *rn;
|
|
struct nhop_object *nh;
|
|
|
|
KASSERT((fibnum < rt_numfibs), ("fib4_lookup: bad fibnum"));
|
|
rh = rt_tables_get_rnh(fibnum, AF_INET);
|
|
if (rh == NULL)
|
|
return (NULL);
|
|
|
|
/* Prepare lookup key */
|
|
struct sockaddr_in sin4;
|
|
memset(&sin4, 0, sizeof(sin4));
|
|
sin4.sin_family = AF_INET;
|
|
sin4.sin_len = sizeof(struct sockaddr_in);
|
|
sin4.sin_addr = dst;
|
|
|
|
nh = NULL;
|
|
RIB_RLOCK(rh);
|
|
rn = rh->rnh_matchaddr((void *)&sin4, &rh->head);
|
|
if (rn != NULL && ((rn->rn_flags & RNF_ROOT) == 0)) {
|
|
nh = nhop_select((RNTORT(rn))->rt_nhop, flowid);
|
|
/* Ensure route & ifp is UP */
|
|
if (RT_LINK_IS_UP(nh->nh_ifp)) {
|
|
if (flags & NHR_REF)
|
|
nhop_ref_object(nh);
|
|
RIB_RUNLOCK(rh);
|
|
return (nh);
|
|
}
|
|
}
|
|
RIB_RUNLOCK(rh);
|
|
|
|
RTSTAT_INC(rts_unreach);
|
|
return (NULL);
|
|
}
|
|
|
|
inline static int
|
|
check_urpf_nhop(const struct nhop_object *nh, uint32_t flags,
|
|
const struct ifnet *src_if)
|
|
{
|
|
|
|
if (src_if != NULL && nh->nh_aifp == src_if) {
|
|
return (1);
|
|
}
|
|
if (src_if == NULL) {
|
|
if ((flags & NHR_NODEFAULT) == 0)
|
|
return (1);
|
|
else if ((nh->nh_flags & NHF_DEFAULT) == 0)
|
|
return (1);
|
|
}
|
|
|
|
return (0);
|
|
}
|
|
|
|
static int
|
|
check_urpf(struct nhop_object *nh, uint32_t flags,
|
|
const struct ifnet *src_if)
|
|
{
|
|
#ifdef ROUTE_MPATH
|
|
if (NH_IS_NHGRP(nh)) {
|
|
struct weightened_nhop *wn;
|
|
uint32_t num_nhops;
|
|
wn = nhgrp_get_nhops((struct nhgrp_object *)nh, &num_nhops);
|
|
for (int i = 0; i < num_nhops; i++) {
|
|
if (check_urpf_nhop(wn[i].nh, flags, src_if) != 0)
|
|
return (1);
|
|
}
|
|
return (0);
|
|
} else
|
|
#endif
|
|
return (check_urpf_nhop(nh, flags, src_if));
|
|
}
|
|
|
|
/*
|
|
* Performs reverse path forwarding lookup.
|
|
* If @src_if is non-zero, verifies that at least 1 path goes via
|
|
* this interface.
|
|
* If @src_if is zero, verifies that route exist.
|
|
* if @flags contains NHR_NOTDEFAULT, do not consider default route.
|
|
*
|
|
* Returns 1 if route matching conditions is found, 0 otherwise.
|
|
*/
|
|
int
|
|
fib4_check_urpf(uint32_t fibnum, struct in_addr dst, uint32_t scopeid,
|
|
uint32_t flags, const struct ifnet *src_if)
|
|
{
|
|
RIB_RLOCK_TRACKER;
|
|
struct rib_head *rh;
|
|
struct radix_node *rn;
|
|
int ret;
|
|
|
|
KASSERT((fibnum < rt_numfibs), ("fib4_check_urpf: bad fibnum"));
|
|
rh = rt_tables_get_rnh(fibnum, AF_INET);
|
|
if (rh == NULL)
|
|
return (0);
|
|
|
|
/* Prepare lookup key */
|
|
struct sockaddr_in sin4;
|
|
memset(&sin4, 0, sizeof(sin4));
|
|
sin4.sin_len = sizeof(struct sockaddr_in);
|
|
sin4.sin_addr = dst;
|
|
|
|
RIB_RLOCK(rh);
|
|
rn = rh->rnh_matchaddr((void *)&sin4, &rh->head);
|
|
if (rn != NULL && ((rn->rn_flags & RNF_ROOT) == 0)) {
|
|
ret = check_urpf(RNTORT(rn)->rt_nhop, flags, src_if);
|
|
RIB_RUNLOCK(rh);
|
|
return (ret);
|
|
}
|
|
RIB_RUNLOCK(rh);
|
|
|
|
return (0);
|
|
}
|
|
|
|
struct nhop_object *
|
|
fib4_lookup_debugnet(uint32_t fibnum, struct in_addr dst, uint32_t scopeid,
|
|
uint32_t flags)
|
|
{
|
|
struct rib_head *rh;
|
|
struct radix_node *rn;
|
|
struct nhop_object *nh;
|
|
|
|
KASSERT((fibnum < rt_numfibs), ("fib4_lookup_debugnet: bad fibnum"));
|
|
rh = rt_tables_get_rnh(fibnum, AF_INET);
|
|
if (rh == NULL)
|
|
return (NULL);
|
|
|
|
/* Prepare lookup key */
|
|
struct sockaddr_in sin4;
|
|
memset(&sin4, 0, sizeof(sin4));
|
|
sin4.sin_family = AF_INET;
|
|
sin4.sin_len = sizeof(struct sockaddr_in);
|
|
sin4.sin_addr = dst;
|
|
|
|
nh = NULL;
|
|
/* unlocked lookup */
|
|
rn = rh->rnh_matchaddr((void *)&sin4, &rh->head);
|
|
if (rn != NULL && ((rn->rn_flags & RNF_ROOT) == 0)) {
|
|
nh = nhop_select((RNTORT(rn))->rt_nhop, 0);
|
|
/* Ensure route & ifp is UP */
|
|
if (RT_LINK_IS_UP(nh->nh_ifp)) {
|
|
if (flags & NHR_REF)
|
|
nhop_ref_object(nh);
|
|
return (nh);
|
|
}
|
|
}
|
|
|
|
return (NULL);
|
|
}
|
|
|
|
#endif
|