2 * Copyright (c) 2014, Bryan Venteicher <bryanv@FreeBSD.org>
4 * Copyright (c) 2020, Chelsio Communications.
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
9 * 1. Redistributions of source code must retain the above copyright
10 * notice unmodified, this list of conditions, and the following
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
18 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
19 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
21 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
22 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
23 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
25 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29 #include "opt_inet6.h"
31 #include <sys/cdefs.h>
32 __FBSDID("$FreeBSD$");
34 #include <sys/param.h>
35 #include <sys/eventhandler.h>
36 #include <sys/kernel.h>
39 #include <sys/malloc.h>
41 #include <sys/module.h>
42 #include <sys/refcount.h>
43 #include <sys/rmlock.h>
46 #include <sys/queue.h>
48 #include <sys/socket.h>
49 #include <sys/socketvar.h>
50 #include <sys/sockio.h>
51 #include <sys/sysctl.h>
52 #include <sys/systm.h>
55 #include <net/ethernet.h>
57 #include <net/if_var.h>
58 #include <net/if_private.h>
59 #include <net/if_clone.h>
60 #include <net/if_dl.h>
61 #include <net/if_media.h>
62 #include <net/if_types.h>
63 #include <net/if_vxlan.h>
64 #include <net/netisr.h>
65 #include <net/route.h>
66 #include <net/route/nhop.h>
68 #include <netinet/in.h>
69 #include <netinet/in_systm.h>
70 #include <netinet/in_var.h>
71 #include <netinet/in_pcb.h>
72 #include <netinet/ip.h>
73 #include <netinet/ip6.h>
74 #include <netinet/ip_var.h>
75 #include <netinet/udp.h>
76 #include <netinet/udp_var.h>
77 #include <netinet/in_fib.h>
78 #include <netinet6/in6_fib.h>
80 #include <netinet6/ip6_var.h>
81 #include <netinet6/scope6_var.h>
84 LIST_HEAD(vxlan_softc_head, vxlan_softc);
87 SX_SYSINIT(vxlan, &vxlan_sx, "VXLAN global start/stop lock");
89 struct vxlan_socket_mc_info {
90 union vxlan_sockaddr vxlsomc_saddr;
91 union vxlan_sockaddr vxlsomc_gaddr;
97 * The maximum MTU of encapsulated ethernet frame within IPv4/UDP packet.
99 #define VXLAN_MAX_MTU (IP_MAXPACKET - \
100 60 /* Maximum IPv4 header len */ - \
101 sizeof(struct udphdr) - \
102 sizeof(struct vxlan_header) - \
103 ETHER_HDR_LEN - ETHER_CRC_LEN - ETHER_VLAN_ENCAP_LEN)
104 #define VXLAN_BASIC_IFCAPS (IFCAP_LINKSTATE | IFCAP_JUMBO_MTU)
106 #define VXLAN_SO_MC_MAX_GROUPS 32
108 #define VXLAN_SO_VNI_HASH_SHIFT 6
109 #define VXLAN_SO_VNI_HASH_SIZE (1 << VXLAN_SO_VNI_HASH_SHIFT)
110 #define VXLAN_SO_VNI_HASH(_vni) ((_vni) % VXLAN_SO_VNI_HASH_SIZE)
112 struct vxlan_socket {
113 struct socket *vxlso_sock;
114 struct rmlock vxlso_lock;
116 union vxlan_sockaddr vxlso_laddr;
117 LIST_ENTRY(vxlan_socket) vxlso_entry;
118 struct vxlan_softc_head vxlso_vni_hash[VXLAN_SO_VNI_HASH_SIZE];
119 struct vxlan_socket_mc_info vxlso_mc[VXLAN_SO_MC_MAX_GROUPS];
122 #define VXLAN_SO_RLOCK(_vso, _p) rm_rlock(&(_vso)->vxlso_lock, (_p))
123 #define VXLAN_SO_RUNLOCK(_vso, _p) rm_runlock(&(_vso)->vxlso_lock, (_p))
124 #define VXLAN_SO_WLOCK(_vso) rm_wlock(&(_vso)->vxlso_lock)
125 #define VXLAN_SO_WUNLOCK(_vso) rm_wunlock(&(_vso)->vxlso_lock)
126 #define VXLAN_SO_LOCK_ASSERT(_vso) \
127 rm_assert(&(_vso)->vxlso_lock, RA_LOCKED)
128 #define VXLAN_SO_LOCK_WASSERT(_vso) \
129 rm_assert(&(_vso)->vxlso_lock, RA_WLOCKED)
131 #define VXLAN_SO_ACQUIRE(_vso) refcount_acquire(&(_vso)->vxlso_refcnt)
132 #define VXLAN_SO_RELEASE(_vso) refcount_release(&(_vso)->vxlso_refcnt)
134 struct vxlan_ftable_entry {
135 LIST_ENTRY(vxlan_ftable_entry) vxlfe_hash;
136 uint16_t vxlfe_flags;
137 uint8_t vxlfe_mac[ETHER_ADDR_LEN];
138 union vxlan_sockaddr vxlfe_raddr;
142 #define VXLAN_FE_FLAG_DYNAMIC 0x01
143 #define VXLAN_FE_FLAG_STATIC 0x02
145 #define VXLAN_FE_IS_DYNAMIC(_fe) \
146 ((_fe)->vxlfe_flags & VXLAN_FE_FLAG_DYNAMIC)
148 #define VXLAN_SC_FTABLE_SHIFT 9
149 #define VXLAN_SC_FTABLE_SIZE (1 << VXLAN_SC_FTABLE_SHIFT)
150 #define VXLAN_SC_FTABLE_MASK (VXLAN_SC_FTABLE_SIZE - 1)
151 #define VXLAN_SC_FTABLE_HASH(_sc, _mac) \
152 (vxlan_mac_hash(_sc, _mac) % VXLAN_SC_FTABLE_SIZE)
154 LIST_HEAD(vxlan_ftable_head, vxlan_ftable_entry);
156 struct vxlan_statistics {
157 uint32_t ftable_nospace;
158 uint32_t ftable_lock_upgrade_failed;
159 counter_u64_t txcsum;
161 counter_u64_t rxcsum;
165 struct ifnet *vxl_ifp;
168 struct vxlan_socket *vxl_sock;
170 union vxlan_sockaddr vxl_src_addr;
171 union vxlan_sockaddr vxl_dst_addr;
173 #define VXLAN_FLAG_INIT 0x0001
174 #define VXLAN_FLAG_TEARDOWN 0x0002
175 #define VXLAN_FLAG_LEARN 0x0004
176 #define VXLAN_FLAG_USER_MTU 0x0008
178 uint32_t vxl_port_hash_key;
179 uint16_t vxl_min_port;
180 uint16_t vxl_max_port;
183 /* Lookup table from MAC address to forwarding entry. */
184 uint32_t vxl_ftable_cnt;
185 uint32_t vxl_ftable_max;
186 uint32_t vxl_ftable_timeout;
187 uint32_t vxl_ftable_hash_key;
188 struct vxlan_ftable_head *vxl_ftable;
190 /* Derived from vxl_dst_addr. */
191 struct vxlan_ftable_entry vxl_default_fe;
193 struct ip_moptions *vxl_im4o;
194 struct ip6_moptions *vxl_im6o;
196 struct rmlock vxl_lock;
197 volatile u_int vxl_refcnt;
200 int vxl_vso_mc_index;
201 struct vxlan_statistics vxl_stats;
202 struct sysctl_oid *vxl_sysctl_node;
203 struct sysctl_ctx_list vxl_sysctl_ctx;
204 struct callout vxl_callout;
205 struct ether_addr vxl_hwaddr;
207 struct ifnet *vxl_mc_ifp;
208 struct ifmedia vxl_media;
209 char vxl_mc_ifname[IFNAMSIZ];
210 LIST_ENTRY(vxlan_softc) vxl_entry;
211 LIST_ENTRY(vxlan_softc) vxl_ifdetach_list;
213 /* For rate limiting errors on the tx fast path. */
214 struct timeval err_time;
218 #define VXLAN_RLOCK(_sc, _p) rm_rlock(&(_sc)->vxl_lock, (_p))
219 #define VXLAN_RUNLOCK(_sc, _p) rm_runlock(&(_sc)->vxl_lock, (_p))
220 #define VXLAN_WLOCK(_sc) rm_wlock(&(_sc)->vxl_lock)
221 #define VXLAN_WUNLOCK(_sc) rm_wunlock(&(_sc)->vxl_lock)
222 #define VXLAN_LOCK_WOWNED(_sc) rm_wowned(&(_sc)->vxl_lock)
223 #define VXLAN_LOCK_ASSERT(_sc) rm_assert(&(_sc)->vxl_lock, RA_LOCKED)
224 #define VXLAN_LOCK_WASSERT(_sc) rm_assert(&(_sc)->vxl_lock, RA_WLOCKED)
225 #define VXLAN_UNLOCK(_sc, _p) do { \
226 if (VXLAN_LOCK_WOWNED(_sc)) \
227 VXLAN_WUNLOCK(_sc); \
229 VXLAN_RUNLOCK(_sc, _p); \
232 #define VXLAN_ACQUIRE(_sc) refcount_acquire(&(_sc)->vxl_refcnt)
233 #define VXLAN_RELEASE(_sc) refcount_release(&(_sc)->vxl_refcnt)
235 #define satoconstsin(sa) ((const struct sockaddr_in *)(sa))
236 #define satoconstsin6(sa) ((const struct sockaddr_in6 *)(sa))
239 struct udphdr vxlh_udp;
240 struct vxlan_header vxlh_hdr;
243 static int vxlan_ftable_addr_cmp(const uint8_t *, const uint8_t *);
244 static void vxlan_ftable_init(struct vxlan_softc *);
245 static void vxlan_ftable_fini(struct vxlan_softc *);
246 static void vxlan_ftable_flush(struct vxlan_softc *, int);
247 static void vxlan_ftable_expire(struct vxlan_softc *);
248 static int vxlan_ftable_update_locked(struct vxlan_softc *,
249 const union vxlan_sockaddr *, const uint8_t *,
250 struct rm_priotracker *);
251 static int vxlan_ftable_learn(struct vxlan_softc *,
252 const struct sockaddr *, const uint8_t *);
253 static int vxlan_ftable_sysctl_dump(SYSCTL_HANDLER_ARGS);
255 static struct vxlan_ftable_entry *
256 vxlan_ftable_entry_alloc(void);
257 static void vxlan_ftable_entry_free(struct vxlan_ftable_entry *);
258 static void vxlan_ftable_entry_init(struct vxlan_softc *,
259 struct vxlan_ftable_entry *, const uint8_t *,
260 const struct sockaddr *, uint32_t);
261 static void vxlan_ftable_entry_destroy(struct vxlan_softc *,
262 struct vxlan_ftable_entry *);
263 static int vxlan_ftable_entry_insert(struct vxlan_softc *,
264 struct vxlan_ftable_entry *);
265 static struct vxlan_ftable_entry *
266 vxlan_ftable_entry_lookup(struct vxlan_softc *,
268 static void vxlan_ftable_entry_dump(struct vxlan_ftable_entry *,
271 static struct vxlan_socket *
272 vxlan_socket_alloc(const union vxlan_sockaddr *);
273 static void vxlan_socket_destroy(struct vxlan_socket *);
274 static void vxlan_socket_release(struct vxlan_socket *);
275 static struct vxlan_socket *
276 vxlan_socket_lookup(union vxlan_sockaddr *vxlsa);
277 static void vxlan_socket_insert(struct vxlan_socket *);
278 static int vxlan_socket_init(struct vxlan_socket *, struct ifnet *);
279 static int vxlan_socket_bind(struct vxlan_socket *, struct ifnet *);
280 static int vxlan_socket_create(struct ifnet *, int,
281 const union vxlan_sockaddr *, struct vxlan_socket **);
282 static void vxlan_socket_ifdetach(struct vxlan_socket *,
283 struct ifnet *, struct vxlan_softc_head *);
285 static struct vxlan_socket *
286 vxlan_socket_mc_lookup(const union vxlan_sockaddr *);
287 static int vxlan_sockaddr_mc_info_match(
288 const struct vxlan_socket_mc_info *,
289 const union vxlan_sockaddr *,
290 const union vxlan_sockaddr *, int);
291 static int vxlan_socket_mc_join_group(struct vxlan_socket *,
292 const union vxlan_sockaddr *, const union vxlan_sockaddr *,
293 int *, union vxlan_sockaddr *);
294 static int vxlan_socket_mc_leave_group(struct vxlan_socket *,
295 const union vxlan_sockaddr *,
296 const union vxlan_sockaddr *, int);
297 static int vxlan_socket_mc_add_group(struct vxlan_socket *,
298 const union vxlan_sockaddr *, const union vxlan_sockaddr *,
300 static void vxlan_socket_mc_release_group_by_idx(struct vxlan_socket *,
303 static struct vxlan_softc *
304 vxlan_socket_lookup_softc_locked(struct vxlan_socket *,
306 static struct vxlan_softc *
307 vxlan_socket_lookup_softc(struct vxlan_socket *, uint32_t);
308 static int vxlan_socket_insert_softc(struct vxlan_socket *,
309 struct vxlan_softc *);
310 static void vxlan_socket_remove_softc(struct vxlan_socket *,
311 struct vxlan_softc *);
313 static struct ifnet *
314 vxlan_multicast_if_ref(struct vxlan_softc *, int);
315 static void vxlan_free_multicast(struct vxlan_softc *);
316 static int vxlan_setup_multicast_interface(struct vxlan_softc *);
318 static int vxlan_setup_multicast(struct vxlan_softc *);
319 static int vxlan_setup_socket(struct vxlan_softc *);
321 static void vxlan_setup_zero_checksum_port(struct vxlan_softc *);
323 static void vxlan_setup_interface_hdrlen(struct vxlan_softc *);
324 static int vxlan_valid_init_config(struct vxlan_softc *);
325 static void vxlan_init_wait(struct vxlan_softc *);
326 static void vxlan_init_complete(struct vxlan_softc *);
327 static void vxlan_init(void *);
328 static void vxlan_release(struct vxlan_softc *);
329 static void vxlan_teardown_wait(struct vxlan_softc *);
330 static void vxlan_teardown_complete(struct vxlan_softc *);
331 static void vxlan_teardown_locked(struct vxlan_softc *);
332 static void vxlan_teardown(struct vxlan_softc *);
333 static void vxlan_ifdetach(struct vxlan_softc *, struct ifnet *,
334 struct vxlan_softc_head *);
335 static void vxlan_timer(void *);
337 static int vxlan_ctrl_get_config(struct vxlan_softc *, void *);
338 static int vxlan_ctrl_set_vni(struct vxlan_softc *, void *);
339 static int vxlan_ctrl_set_local_addr(struct vxlan_softc *, void *);
340 static int vxlan_ctrl_set_remote_addr(struct vxlan_softc *, void *);
341 static int vxlan_ctrl_set_local_port(struct vxlan_softc *, void *);
342 static int vxlan_ctrl_set_remote_port(struct vxlan_softc *, void *);
343 static int vxlan_ctrl_set_port_range(struct vxlan_softc *, void *);
344 static int vxlan_ctrl_set_ftable_timeout(struct vxlan_softc *, void *);
345 static int vxlan_ctrl_set_ftable_max(struct vxlan_softc *, void *);
346 static int vxlan_ctrl_set_multicast_if(struct vxlan_softc * , void *);
347 static int vxlan_ctrl_set_ttl(struct vxlan_softc *, void *);
348 static int vxlan_ctrl_set_learn(struct vxlan_softc *, void *);
349 static int vxlan_ctrl_ftable_entry_add(struct vxlan_softc *, void *);
350 static int vxlan_ctrl_ftable_entry_rem(struct vxlan_softc *, void *);
351 static int vxlan_ctrl_flush(struct vxlan_softc *, void *);
352 static int vxlan_ioctl_drvspec(struct vxlan_softc *,
353 struct ifdrv *, int);
354 static int vxlan_ioctl_ifflags(struct vxlan_softc *);
355 static int vxlan_ioctl(struct ifnet *, u_long, caddr_t);
357 #if defined(INET) || defined(INET6)
358 static uint16_t vxlan_pick_source_port(struct vxlan_softc *, struct mbuf *);
359 static void vxlan_encap_header(struct vxlan_softc *, struct mbuf *,
360 int, uint16_t, uint16_t);
362 static int vxlan_encap4(struct vxlan_softc *,
363 const union vxlan_sockaddr *, struct mbuf *);
364 static int vxlan_encap6(struct vxlan_softc *,
365 const union vxlan_sockaddr *, struct mbuf *);
366 static int vxlan_transmit(struct ifnet *, struct mbuf *);
367 static void vxlan_qflush(struct ifnet *);
368 static bool vxlan_rcv_udp_packet(struct mbuf *, int, struct inpcb *,
369 const struct sockaddr *, void *);
370 static int vxlan_input(struct vxlan_socket *, uint32_t, struct mbuf **,
371 const struct sockaddr *);
373 static int vxlan_stats_alloc(struct vxlan_softc *);
374 static void vxlan_stats_free(struct vxlan_softc *);
375 static void vxlan_set_default_config(struct vxlan_softc *);
376 static int vxlan_set_user_config(struct vxlan_softc *,
377 struct ifvxlanparam *);
378 static int vxlan_set_reqcap(struct vxlan_softc *, struct ifnet *, int);
379 static void vxlan_set_hwcaps(struct vxlan_softc *);
380 static int vxlan_clone_create(struct if_clone *, char *, size_t,
381 struct ifc_data *, struct ifnet **);
382 static int vxlan_clone_destroy(struct if_clone *, struct ifnet *, uint32_t);
384 static uint32_t vxlan_mac_hash(struct vxlan_softc *, const uint8_t *);
385 static int vxlan_media_change(struct ifnet *);
386 static void vxlan_media_status(struct ifnet *, struct ifmediareq *);
388 static int vxlan_sockaddr_cmp(const union vxlan_sockaddr *,
389 const struct sockaddr *);
390 static void vxlan_sockaddr_copy(union vxlan_sockaddr *,
391 const struct sockaddr *);
392 static int vxlan_sockaddr_in_equal(const union vxlan_sockaddr *,
393 const struct sockaddr *);
394 static void vxlan_sockaddr_in_copy(union vxlan_sockaddr *,
395 const struct sockaddr *);
396 static int vxlan_sockaddr_supported(const union vxlan_sockaddr *, int);
397 static int vxlan_sockaddr_in_any(const union vxlan_sockaddr *);
398 static int vxlan_sockaddr_in_multicast(const union vxlan_sockaddr *);
399 static int vxlan_sockaddr_in6_embedscope(union vxlan_sockaddr *);
401 static int vxlan_can_change_config(struct vxlan_softc *);
402 static int vxlan_check_vni(uint32_t);
403 static int vxlan_check_ttl(int);
404 static int vxlan_check_ftable_timeout(uint32_t);
405 static int vxlan_check_ftable_max(uint32_t);
407 static void vxlan_sysctl_setup(struct vxlan_softc *);
408 static void vxlan_sysctl_destroy(struct vxlan_softc *);
409 static int vxlan_tunable_int(struct vxlan_softc *, const char *, int);
411 static void vxlan_ifdetach_event(void *, struct ifnet *);
412 static void vxlan_load(void);
413 static void vxlan_unload(void);
414 static int vxlan_modevent(module_t, int, void *);
416 static const char vxlan_name[] = "vxlan";
417 static MALLOC_DEFINE(M_VXLAN, vxlan_name,
418 "Virtual eXtensible LAN Interface");
419 static struct if_clone *vxlan_cloner;
421 static struct mtx vxlan_list_mtx;
422 #define VXLAN_LIST_LOCK() mtx_lock(&vxlan_list_mtx)
423 #define VXLAN_LIST_UNLOCK() mtx_unlock(&vxlan_list_mtx)
425 static LIST_HEAD(, vxlan_socket) vxlan_socket_list;
427 static eventhandler_tag vxlan_ifdetach_event_tag;
429 SYSCTL_DECL(_net_link);
430 SYSCTL_NODE(_net_link, OID_AUTO, vxlan, CTLFLAG_RW | CTLFLAG_MPSAFE, 0,
431 "Virtual eXtensible Local Area Network");
433 static int vxlan_legacy_port = 0;
434 TUNABLE_INT("net.link.vxlan.legacy_port", &vxlan_legacy_port);
435 static int vxlan_reuse_port = 0;
436 TUNABLE_INT("net.link.vxlan.reuse_port", &vxlan_reuse_port);
438 /* Default maximum number of addresses in the forwarding table. */
439 #ifndef VXLAN_FTABLE_MAX
440 #define VXLAN_FTABLE_MAX 2000
443 /* Timeout (in seconds) of addresses learned in the forwarding table. */
444 #ifndef VXLAN_FTABLE_TIMEOUT
445 #define VXLAN_FTABLE_TIMEOUT (20 * 60)
449 * Maximum timeout (in seconds) of addresses learned in the forwarding
452 #ifndef VXLAN_FTABLE_MAX_TIMEOUT
453 #define VXLAN_FTABLE_MAX_TIMEOUT (60 * 60 * 24)
456 /* Number of seconds between pruning attempts of the forwarding table. */
457 #ifndef VXLAN_FTABLE_PRUNE
458 #define VXLAN_FTABLE_PRUNE (5 * 60)
461 static int vxlan_ftable_prune_period = VXLAN_FTABLE_PRUNE;
463 struct vxlan_control {
464 int (*vxlc_func)(struct vxlan_softc *, void *);
467 #define VXLAN_CTRL_FLAG_COPYIN 0x01
468 #define VXLAN_CTRL_FLAG_COPYOUT 0x02
469 #define VXLAN_CTRL_FLAG_SUSER 0x04
472 static const struct vxlan_control vxlan_control_table[] = {
473 [VXLAN_CMD_GET_CONFIG] =
474 { vxlan_ctrl_get_config, sizeof(struct ifvxlancfg),
475 VXLAN_CTRL_FLAG_COPYOUT
478 [VXLAN_CMD_SET_VNI] =
479 { vxlan_ctrl_set_vni, sizeof(struct ifvxlancmd),
480 VXLAN_CTRL_FLAG_COPYIN | VXLAN_CTRL_FLAG_SUSER,
483 [VXLAN_CMD_SET_LOCAL_ADDR] =
484 { vxlan_ctrl_set_local_addr, sizeof(struct ifvxlancmd),
485 VXLAN_CTRL_FLAG_COPYIN | VXLAN_CTRL_FLAG_SUSER,
488 [VXLAN_CMD_SET_REMOTE_ADDR] =
489 { vxlan_ctrl_set_remote_addr, sizeof(struct ifvxlancmd),
490 VXLAN_CTRL_FLAG_COPYIN | VXLAN_CTRL_FLAG_SUSER,
493 [VXLAN_CMD_SET_LOCAL_PORT] =
494 { vxlan_ctrl_set_local_port, sizeof(struct ifvxlancmd),
495 VXLAN_CTRL_FLAG_COPYIN | VXLAN_CTRL_FLAG_SUSER,
498 [VXLAN_CMD_SET_REMOTE_PORT] =
499 { vxlan_ctrl_set_remote_port, sizeof(struct ifvxlancmd),
500 VXLAN_CTRL_FLAG_COPYIN | VXLAN_CTRL_FLAG_SUSER,
503 [VXLAN_CMD_SET_PORT_RANGE] =
504 { vxlan_ctrl_set_port_range, sizeof(struct ifvxlancmd),
505 VXLAN_CTRL_FLAG_COPYIN | VXLAN_CTRL_FLAG_SUSER,
508 [VXLAN_CMD_SET_FTABLE_TIMEOUT] =
509 { vxlan_ctrl_set_ftable_timeout, sizeof(struct ifvxlancmd),
510 VXLAN_CTRL_FLAG_COPYIN | VXLAN_CTRL_FLAG_SUSER,
513 [VXLAN_CMD_SET_FTABLE_MAX] =
514 { vxlan_ctrl_set_ftable_max, sizeof(struct ifvxlancmd),
515 VXLAN_CTRL_FLAG_COPYIN | VXLAN_CTRL_FLAG_SUSER,
518 [VXLAN_CMD_SET_MULTICAST_IF] =
519 { vxlan_ctrl_set_multicast_if, sizeof(struct ifvxlancmd),
520 VXLAN_CTRL_FLAG_COPYIN | VXLAN_CTRL_FLAG_SUSER,
523 [VXLAN_CMD_SET_TTL] =
524 { vxlan_ctrl_set_ttl, sizeof(struct ifvxlancmd),
525 VXLAN_CTRL_FLAG_COPYIN | VXLAN_CTRL_FLAG_SUSER,
528 [VXLAN_CMD_SET_LEARN] =
529 { vxlan_ctrl_set_learn, sizeof(struct ifvxlancmd),
530 VXLAN_CTRL_FLAG_COPYIN | VXLAN_CTRL_FLAG_SUSER,
533 [VXLAN_CMD_FTABLE_ENTRY_ADD] =
534 { vxlan_ctrl_ftable_entry_add, sizeof(struct ifvxlancmd),
535 VXLAN_CTRL_FLAG_COPYIN | VXLAN_CTRL_FLAG_SUSER,
538 [VXLAN_CMD_FTABLE_ENTRY_REM] =
539 { vxlan_ctrl_ftable_entry_rem, sizeof(struct ifvxlancmd),
540 VXLAN_CTRL_FLAG_COPYIN | VXLAN_CTRL_FLAG_SUSER,
544 { vxlan_ctrl_flush, sizeof(struct ifvxlancmd),
545 VXLAN_CTRL_FLAG_COPYIN | VXLAN_CTRL_FLAG_SUSER,
549 static const int vxlan_control_table_size = nitems(vxlan_control_table);
552 vxlan_ftable_addr_cmp(const uint8_t *a, const uint8_t *b)
556 for (i = 0, d = 0; i < ETHER_ADDR_LEN && d == 0; i++)
557 d = ((int)a[i]) - ((int)b[i]);
563 vxlan_ftable_init(struct vxlan_softc *sc)
567 sc->vxl_ftable = malloc(sizeof(struct vxlan_ftable_head) *
568 VXLAN_SC_FTABLE_SIZE, M_VXLAN, M_ZERO | M_WAITOK);
570 for (i = 0; i < VXLAN_SC_FTABLE_SIZE; i++)
571 LIST_INIT(&sc->vxl_ftable[i]);
572 sc->vxl_ftable_hash_key = arc4random();
576 vxlan_ftable_fini(struct vxlan_softc *sc)
580 for (i = 0; i < VXLAN_SC_FTABLE_SIZE; i++) {
581 KASSERT(LIST_EMPTY(&sc->vxl_ftable[i]),
582 ("%s: vxlan %p ftable[%d] not empty", __func__, sc, i));
584 MPASS(sc->vxl_ftable_cnt == 0);
586 free(sc->vxl_ftable, M_VXLAN);
587 sc->vxl_ftable = NULL;
591 vxlan_ftable_flush(struct vxlan_softc *sc, int all)
593 struct vxlan_ftable_entry *fe, *tfe;
596 for (i = 0; i < VXLAN_SC_FTABLE_SIZE; i++) {
597 LIST_FOREACH_SAFE(fe, &sc->vxl_ftable[i], vxlfe_hash, tfe) {
598 if (all || VXLAN_FE_IS_DYNAMIC(fe))
599 vxlan_ftable_entry_destroy(sc, fe);
605 vxlan_ftable_expire(struct vxlan_softc *sc)
607 struct vxlan_ftable_entry *fe, *tfe;
610 VXLAN_LOCK_WASSERT(sc);
612 for (i = 0; i < VXLAN_SC_FTABLE_SIZE; i++) {
613 LIST_FOREACH_SAFE(fe, &sc->vxl_ftable[i], vxlfe_hash, tfe) {
614 if (VXLAN_FE_IS_DYNAMIC(fe) &&
615 time_uptime >= fe->vxlfe_expire)
616 vxlan_ftable_entry_destroy(sc, fe);
622 vxlan_ftable_update_locked(struct vxlan_softc *sc,
623 const union vxlan_sockaddr *vxlsa, const uint8_t *mac,
624 struct rm_priotracker *tracker)
626 struct vxlan_ftable_entry *fe;
629 VXLAN_LOCK_ASSERT(sc);
633 * A forwarding entry for this MAC address might already exist. If
634 * so, update it, otherwise create a new one. We may have to upgrade
635 * the lock if we have to change or create an entry.
637 fe = vxlan_ftable_entry_lookup(sc, mac);
639 fe->vxlfe_expire = time_uptime + sc->vxl_ftable_timeout;
641 if (!VXLAN_FE_IS_DYNAMIC(fe) ||
642 vxlan_sockaddr_in_equal(&fe->vxlfe_raddr, &vxlsa->sa))
644 if (!VXLAN_LOCK_WOWNED(sc)) {
645 VXLAN_RUNLOCK(sc, tracker);
647 sc->vxl_stats.ftable_lock_upgrade_failed++;
650 vxlan_sockaddr_in_copy(&fe->vxlfe_raddr, &vxlsa->sa);
654 if (!VXLAN_LOCK_WOWNED(sc)) {
655 VXLAN_RUNLOCK(sc, tracker);
657 sc->vxl_stats.ftable_lock_upgrade_failed++;
661 if (sc->vxl_ftable_cnt >= sc->vxl_ftable_max) {
662 sc->vxl_stats.ftable_nospace++;
666 fe = vxlan_ftable_entry_alloc();
670 vxlan_ftable_entry_init(sc, fe, mac, &vxlsa->sa, VXLAN_FE_FLAG_DYNAMIC);
672 /* The prior lookup failed, so the insert should not. */
673 error = vxlan_ftable_entry_insert(sc, fe);
680 vxlan_ftable_learn(struct vxlan_softc *sc, const struct sockaddr *sa,
683 struct rm_priotracker tracker;
684 union vxlan_sockaddr vxlsa;
688 * The source port may be randomly selected by the remote host, so
689 * use the port of the default destination address.
691 vxlan_sockaddr_copy(&vxlsa, sa);
692 vxlsa.in4.sin_port = sc->vxl_dst_addr.in4.sin_port;
694 if (VXLAN_SOCKADDR_IS_IPV6(&vxlsa)) {
695 error = vxlan_sockaddr_in6_embedscope(&vxlsa);
700 VXLAN_RLOCK(sc, &tracker);
701 error = vxlan_ftable_update_locked(sc, &vxlsa, mac, &tracker);
702 VXLAN_UNLOCK(sc, &tracker);
708 vxlan_ftable_sysctl_dump(SYSCTL_HANDLER_ARGS)
710 struct rm_priotracker tracker;
712 struct vxlan_softc *sc;
713 struct vxlan_ftable_entry *fe;
718 * This is mostly intended for debugging during development. It is
719 * not practical to dump an entire large table this way.
723 size = PAGE_SIZE; /* Calculate later. */
725 sbuf_new(&sb, NULL, size, SBUF_FIXEDLEN);
726 sbuf_putc(&sb, '\n');
728 VXLAN_RLOCK(sc, &tracker);
729 for (i = 0; i < VXLAN_SC_FTABLE_SIZE; i++) {
730 LIST_FOREACH(fe, &sc->vxl_ftable[i], vxlfe_hash) {
731 if (sbuf_error(&sb) != 0)
733 vxlan_ftable_entry_dump(fe, &sb);
736 VXLAN_RUNLOCK(sc, &tracker);
738 if (sbuf_len(&sb) == 1)
742 error = sysctl_handle_string(oidp, sbuf_data(&sb), sbuf_len(&sb), req);
748 static struct vxlan_ftable_entry *
749 vxlan_ftable_entry_alloc(void)
751 struct vxlan_ftable_entry *fe;
753 fe = malloc(sizeof(*fe), M_VXLAN, M_ZERO | M_NOWAIT);
759 vxlan_ftable_entry_free(struct vxlan_ftable_entry *fe)
766 vxlan_ftable_entry_init(struct vxlan_softc *sc, struct vxlan_ftable_entry *fe,
767 const uint8_t *mac, const struct sockaddr *sa, uint32_t flags)
770 fe->vxlfe_flags = flags;
771 fe->vxlfe_expire = time_uptime + sc->vxl_ftable_timeout;
772 memcpy(fe->vxlfe_mac, mac, ETHER_ADDR_LEN);
773 vxlan_sockaddr_copy(&fe->vxlfe_raddr, sa);
777 vxlan_ftable_entry_destroy(struct vxlan_softc *sc,
778 struct vxlan_ftable_entry *fe)
781 sc->vxl_ftable_cnt--;
782 LIST_REMOVE(fe, vxlfe_hash);
783 vxlan_ftable_entry_free(fe);
787 vxlan_ftable_entry_insert(struct vxlan_softc *sc,
788 struct vxlan_ftable_entry *fe)
790 struct vxlan_ftable_entry *lfe;
794 VXLAN_LOCK_WASSERT(sc);
795 hash = VXLAN_SC_FTABLE_HASH(sc, fe->vxlfe_mac);
797 lfe = LIST_FIRST(&sc->vxl_ftable[hash]);
799 LIST_INSERT_HEAD(&sc->vxl_ftable[hash], fe, vxlfe_hash);
804 dir = vxlan_ftable_addr_cmp(fe->vxlfe_mac, lfe->vxlfe_mac);
808 LIST_INSERT_BEFORE(lfe, fe, vxlfe_hash);
810 } else if (LIST_NEXT(lfe, vxlfe_hash) == NULL) {
811 LIST_INSERT_AFTER(lfe, fe, vxlfe_hash);
814 lfe = LIST_NEXT(lfe, vxlfe_hash);
815 } while (lfe != NULL);
818 sc->vxl_ftable_cnt++;
823 static struct vxlan_ftable_entry *
824 vxlan_ftable_entry_lookup(struct vxlan_softc *sc, const uint8_t *mac)
826 struct vxlan_ftable_entry *fe;
830 VXLAN_LOCK_ASSERT(sc);
831 hash = VXLAN_SC_FTABLE_HASH(sc, mac);
833 LIST_FOREACH(fe, &sc->vxl_ftable[hash], vxlfe_hash) {
834 dir = vxlan_ftable_addr_cmp(mac, fe->vxlfe_mac);
845 vxlan_ftable_entry_dump(struct vxlan_ftable_entry *fe, struct sbuf *sb)
848 const union vxlan_sockaddr *sa;
850 int i, len, af, width;
852 sa = &fe->vxlfe_raddr;
853 af = sa->sa.sa_family;
856 sbuf_printf(sb, "%c 0x%02X ", VXLAN_FE_IS_DYNAMIC(fe) ? 'D' : 'S',
859 for (i = 0; i < ETHER_ADDR_LEN - 1; i++)
860 sbuf_printf(sb, "%02X:", fe->vxlfe_mac[i]);
861 sbuf_printf(sb, "%02X ", fe->vxlfe_mac[i]);
864 addr = &sa->in4.sin_addr;
865 width = INET_ADDRSTRLEN - 1;
867 addr = &sa->in6.sin6_addr;
868 width = INET6_ADDRSTRLEN - 1;
870 inet_ntop(af, addr, buf, sizeof(buf));
871 sbuf_printf(sb, "%*s ", width, buf);
873 sbuf_printf(sb, "%08jd", (intmax_t)fe->vxlfe_expire);
877 /* Truncate a partial line. */
878 if (sbuf_error(sb) != 0)
879 sbuf_setpos(sb, len);
882 static struct vxlan_socket *
883 vxlan_socket_alloc(const union vxlan_sockaddr *sa)
885 struct vxlan_socket *vso;
888 vso = malloc(sizeof(*vso), M_VXLAN, M_WAITOK | M_ZERO);
889 rm_init(&vso->vxlso_lock, "vxlansorm");
890 refcount_init(&vso->vxlso_refcnt, 0);
891 for (i = 0; i < VXLAN_SO_VNI_HASH_SIZE; i++)
892 LIST_INIT(&vso->vxlso_vni_hash[i]);
893 vso->vxlso_laddr = *sa;
899 vxlan_socket_destroy(struct vxlan_socket *vso)
904 struct vxlan_socket_mc_info *mc;
906 for (i = 0; i < VXLAN_SO_MC_MAX_GROUPS; i++) {
907 mc = &vso->vxlso_mc[i];
908 KASSERT(mc->vxlsomc_gaddr.sa.sa_family == AF_UNSPEC,
909 ("%s: socket %p mc[%d] still has address",
913 for (i = 0; i < VXLAN_SO_VNI_HASH_SIZE; i++) {
914 KASSERT(LIST_EMPTY(&vso->vxlso_vni_hash[i]),
915 ("%s: socket %p vni_hash[%d] not empty",
919 so = vso->vxlso_sock;
921 vso->vxlso_sock = NULL;
925 rm_destroy(&vso->vxlso_lock);
930 vxlan_socket_release(struct vxlan_socket *vso)
935 destroy = VXLAN_SO_RELEASE(vso);
937 LIST_REMOVE(vso, vxlso_entry);
941 vxlan_socket_destroy(vso);
944 static struct vxlan_socket *
945 vxlan_socket_lookup(union vxlan_sockaddr *vxlsa)
947 struct vxlan_socket *vso;
950 LIST_FOREACH(vso, &vxlan_socket_list, vxlso_entry) {
951 if (vxlan_sockaddr_cmp(&vso->vxlso_laddr, &vxlsa->sa) == 0) {
952 VXLAN_SO_ACQUIRE(vso);
962 vxlan_socket_insert(struct vxlan_socket *vso)
966 VXLAN_SO_ACQUIRE(vso);
967 LIST_INSERT_HEAD(&vxlan_socket_list, vso, vxlso_entry);
972 vxlan_socket_init(struct vxlan_socket *vso, struct ifnet *ifp)
979 error = socreate(vso->vxlso_laddr.sa.sa_family, &vso->vxlso_sock,
980 SOCK_DGRAM, IPPROTO_UDP, td->td_ucred, td);
982 if_printf(ifp, "cannot create socket: %d\n", error);
986 error = udp_set_kernel_tunneling(vso->vxlso_sock,
987 vxlan_rcv_udp_packet, NULL, vso);
989 if_printf(ifp, "cannot set tunneling function: %d\n", error);
993 if (vxlan_reuse_port != 0) {
997 bzero(&sopt, sizeof(sopt));
998 sopt.sopt_dir = SOPT_SET;
999 sopt.sopt_level = IPPROTO_IP;
1000 sopt.sopt_name = SO_REUSEPORT;
1001 sopt.sopt_val = &val;
1002 sopt.sopt_valsize = sizeof(val);
1003 error = sosetopt(vso->vxlso_sock, &sopt);
1006 "cannot set REUSEADDR socket opt: %d\n", error);
1015 vxlan_socket_bind(struct vxlan_socket *vso, struct ifnet *ifp)
1017 union vxlan_sockaddr laddr;
1022 laddr = vso->vxlso_laddr;
1024 error = sobind(vso->vxlso_sock, &laddr.sa, td);
1026 if (error != EADDRINUSE)
1027 if_printf(ifp, "cannot bind socket: %d\n", error);
1035 vxlan_socket_create(struct ifnet *ifp, int multicast,
1036 const union vxlan_sockaddr *saddr, struct vxlan_socket **vsop)
1038 union vxlan_sockaddr laddr;
1039 struct vxlan_socket *vso;
1045 * If this socket will be multicast, then only the local port
1046 * must be specified when binding.
1048 if (multicast != 0) {
1049 if (VXLAN_SOCKADDR_IS_IPV4(&laddr))
1050 laddr.in4.sin_addr.s_addr = INADDR_ANY;
1053 laddr.in6.sin6_addr = in6addr_any;
1057 vso = vxlan_socket_alloc(&laddr);
1061 error = vxlan_socket_init(vso, ifp);
1065 error = vxlan_socket_bind(vso, ifp);
1070 * There is a small window between the bind completing and
1071 * inserting the socket, so that a concurrent create may fail.
1072 * Let's not worry about that for now.
1074 vxlan_socket_insert(vso);
1080 vxlan_socket_destroy(vso);
1086 vxlan_socket_ifdetach(struct vxlan_socket *vso, struct ifnet *ifp,
1087 struct vxlan_softc_head *list)
1089 struct rm_priotracker tracker;
1090 struct vxlan_softc *sc;
1093 VXLAN_SO_RLOCK(vso, &tracker);
1094 for (i = 0; i < VXLAN_SO_VNI_HASH_SIZE; i++) {
1095 LIST_FOREACH(sc, &vso->vxlso_vni_hash[i], vxl_entry)
1096 vxlan_ifdetach(sc, ifp, list);
1098 VXLAN_SO_RUNLOCK(vso, &tracker);
1101 static struct vxlan_socket *
1102 vxlan_socket_mc_lookup(const union vxlan_sockaddr *vxlsa)
1104 union vxlan_sockaddr laddr;
1105 struct vxlan_socket *vso;
1109 if (VXLAN_SOCKADDR_IS_IPV4(&laddr))
1110 laddr.in4.sin_addr.s_addr = INADDR_ANY;
1113 laddr.in6.sin6_addr = in6addr_any;
1116 vso = vxlan_socket_lookup(&laddr);
1122 vxlan_sockaddr_mc_info_match(const struct vxlan_socket_mc_info *mc,
1123 const union vxlan_sockaddr *group, const union vxlan_sockaddr *local,
1127 if (!vxlan_sockaddr_in_any(local) &&
1128 !vxlan_sockaddr_in_equal(&mc->vxlsomc_saddr, &local->sa))
1130 if (!vxlan_sockaddr_in_equal(&mc->vxlsomc_gaddr, &group->sa))
1132 if (ifidx != 0 && ifidx != mc->vxlsomc_ifidx)
1139 vxlan_socket_mc_join_group(struct vxlan_socket *vso,
1140 const union vxlan_sockaddr *group, const union vxlan_sockaddr *local,
1141 int *ifidx, union vxlan_sockaddr *source)
1143 struct sockopt sopt;
1148 if (VXLAN_SOCKADDR_IS_IPV4(group)) {
1149 struct ip_mreq mreq;
1151 mreq.imr_multiaddr = group->in4.sin_addr;
1152 mreq.imr_interface = local->in4.sin_addr;
1154 bzero(&sopt, sizeof(sopt));
1155 sopt.sopt_dir = SOPT_SET;
1156 sopt.sopt_level = IPPROTO_IP;
1157 sopt.sopt_name = IP_ADD_MEMBERSHIP;
1158 sopt.sopt_val = &mreq;
1159 sopt.sopt_valsize = sizeof(mreq);
1160 error = sosetopt(vso->vxlso_sock, &sopt);
1165 * BMV: Ideally, there would be a formal way for us to get
1166 * the local interface that was selected based on the
1167 * imr_interface address. We could then update *ifidx so
1168 * vxlan_sockaddr_mc_info_match() would return a match for
1169 * later creates that explicitly set the multicast interface.
1171 * If we really need to, we can of course look in the INP's
1173 * sotoinpcb(vso->vxlso_sock)->inp_moptions->
1174 * imo_head[]->imf_inm->inm_ifp
1175 * similarly to imo_match_group().
1177 source->in4.sin_addr = local->in4.sin_addr;
1179 } else if (VXLAN_SOCKADDR_IS_IPV6(group)) {
1180 struct ipv6_mreq mreq;
1182 mreq.ipv6mr_multiaddr = group->in6.sin6_addr;
1183 mreq.ipv6mr_interface = *ifidx;
1185 bzero(&sopt, sizeof(sopt));
1186 sopt.sopt_dir = SOPT_SET;
1187 sopt.sopt_level = IPPROTO_IPV6;
1188 sopt.sopt_name = IPV6_JOIN_GROUP;
1189 sopt.sopt_val = &mreq;
1190 sopt.sopt_valsize = sizeof(mreq);
1191 error = sosetopt(vso->vxlso_sock, &sopt);
1196 * BMV: As with IPv4, we would really like to know what
1197 * interface in6p_lookup_mcast_ifp() selected.
1200 error = EAFNOSUPPORT;
1206 vxlan_socket_mc_leave_group(struct vxlan_socket *vso,
1207 const union vxlan_sockaddr *group, const union vxlan_sockaddr *source,
1210 struct sockopt sopt;
1213 bzero(&sopt, sizeof(sopt));
1214 sopt.sopt_dir = SOPT_SET;
1216 if (VXLAN_SOCKADDR_IS_IPV4(group)) {
1217 struct ip_mreq mreq;
1219 mreq.imr_multiaddr = group->in4.sin_addr;
1220 mreq.imr_interface = source->in4.sin_addr;
1222 sopt.sopt_level = IPPROTO_IP;
1223 sopt.sopt_name = IP_DROP_MEMBERSHIP;
1224 sopt.sopt_val = &mreq;
1225 sopt.sopt_valsize = sizeof(mreq);
1226 error = sosetopt(vso->vxlso_sock, &sopt);
1228 } else if (VXLAN_SOCKADDR_IS_IPV6(group)) {
1229 struct ipv6_mreq mreq;
1231 mreq.ipv6mr_multiaddr = group->in6.sin6_addr;
1232 mreq.ipv6mr_interface = ifidx;
1234 sopt.sopt_level = IPPROTO_IPV6;
1235 sopt.sopt_name = IPV6_LEAVE_GROUP;
1236 sopt.sopt_val = &mreq;
1237 sopt.sopt_valsize = sizeof(mreq);
1238 error = sosetopt(vso->vxlso_sock, &sopt);
1241 error = EAFNOSUPPORT;
1247 vxlan_socket_mc_add_group(struct vxlan_socket *vso,
1248 const union vxlan_sockaddr *group, const union vxlan_sockaddr *local,
1249 int ifidx, int *idx)
1251 union vxlan_sockaddr source;
1252 struct vxlan_socket_mc_info *mc;
1253 int i, empty, error;
1256 * Within a socket, the same multicast group may be used by multiple
1257 * interfaces, each with a different network identifier. But a socket
1258 * may only join a multicast group once, so keep track of the users
1262 VXLAN_SO_WLOCK(vso);
1263 for (empty = 0, i = 0; i < VXLAN_SO_MC_MAX_GROUPS; i++) {
1264 mc = &vso->vxlso_mc[i];
1266 if (mc->vxlsomc_gaddr.sa.sa_family == AF_UNSPEC) {
1271 if (vxlan_sockaddr_mc_info_match(mc, group, local, ifidx))
1274 VXLAN_SO_WUNLOCK(vso);
1279 error = vxlan_socket_mc_join_group(vso, group, local, &ifidx, &source);
1283 VXLAN_SO_WLOCK(vso);
1284 for (i = 0; i < VXLAN_SO_MC_MAX_GROUPS; i++) {
1285 mc = &vso->vxlso_mc[i];
1287 if (mc->vxlsomc_gaddr.sa.sa_family == AF_UNSPEC) {
1288 vxlan_sockaddr_copy(&mc->vxlsomc_gaddr, &group->sa);
1289 vxlan_sockaddr_copy(&mc->vxlsomc_saddr, &source.sa);
1290 mc->vxlsomc_ifidx = ifidx;
1294 VXLAN_SO_WUNLOCK(vso);
1296 error = vxlan_socket_mc_leave_group(vso, group, &source, ifidx);
1302 mc->vxlsomc_users++;
1303 VXLAN_SO_WUNLOCK(vso);
1311 vxlan_socket_mc_release_group_by_idx(struct vxlan_socket *vso, int idx)
1313 union vxlan_sockaddr group, source;
1314 struct vxlan_socket_mc_info *mc;
1317 KASSERT(idx >= 0 && idx < VXLAN_SO_MC_MAX_GROUPS,
1318 ("%s: vso %p idx %d out of bounds", __func__, vso, idx));
1321 mc = &vso->vxlso_mc[idx];
1323 VXLAN_SO_WLOCK(vso);
1324 mc->vxlsomc_users--;
1325 if (mc->vxlsomc_users == 0) {
1326 group = mc->vxlsomc_gaddr;
1327 source = mc->vxlsomc_saddr;
1328 ifidx = mc->vxlsomc_ifidx;
1329 bzero(mc, sizeof(*mc));
1332 VXLAN_SO_WUNLOCK(vso);
1336 * Our socket's membership in this group may have already
1337 * been removed if we joined through an interface that's
1340 vxlan_socket_mc_leave_group(vso, &group, &source, ifidx);
1344 static struct vxlan_softc *
1345 vxlan_socket_lookup_softc_locked(struct vxlan_socket *vso, uint32_t vni)
1347 struct vxlan_softc *sc;
1350 VXLAN_SO_LOCK_ASSERT(vso);
1351 hash = VXLAN_SO_VNI_HASH(vni);
1353 LIST_FOREACH(sc, &vso->vxlso_vni_hash[hash], vxl_entry) {
1354 if (sc->vxl_vni == vni) {
1363 static struct vxlan_softc *
1364 vxlan_socket_lookup_softc(struct vxlan_socket *vso, uint32_t vni)
1366 struct rm_priotracker tracker;
1367 struct vxlan_softc *sc;
1369 VXLAN_SO_RLOCK(vso, &tracker);
1370 sc = vxlan_socket_lookup_softc_locked(vso, vni);
1371 VXLAN_SO_RUNLOCK(vso, &tracker);
1377 vxlan_socket_insert_softc(struct vxlan_socket *vso, struct vxlan_softc *sc)
1379 struct vxlan_softc *tsc;
1383 hash = VXLAN_SO_VNI_HASH(vni);
1385 VXLAN_SO_WLOCK(vso);
1386 tsc = vxlan_socket_lookup_softc_locked(vso, vni);
1388 VXLAN_SO_WUNLOCK(vso);
1394 LIST_INSERT_HEAD(&vso->vxlso_vni_hash[hash], sc, vxl_entry);
1395 VXLAN_SO_WUNLOCK(vso);
1401 vxlan_socket_remove_softc(struct vxlan_socket *vso, struct vxlan_softc *sc)
1404 VXLAN_SO_WLOCK(vso);
1405 LIST_REMOVE(sc, vxl_entry);
1406 VXLAN_SO_WUNLOCK(vso);
1411 static struct ifnet *
1412 vxlan_multicast_if_ref(struct vxlan_softc *sc, int ipv4)
1416 VXLAN_LOCK_ASSERT(sc);
1418 if (ipv4 && sc->vxl_im4o != NULL)
1419 ifp = sc->vxl_im4o->imo_multicast_ifp;
1420 else if (!ipv4 && sc->vxl_im6o != NULL)
1421 ifp = sc->vxl_im6o->im6o_multicast_ifp;
1432 vxlan_free_multicast(struct vxlan_softc *sc)
1435 if (sc->vxl_mc_ifp != NULL) {
1436 if_rele(sc->vxl_mc_ifp);
1437 sc->vxl_mc_ifp = NULL;
1438 sc->vxl_mc_ifindex = 0;
1441 if (sc->vxl_im4o != NULL) {
1442 free(sc->vxl_im4o, M_VXLAN);
1443 sc->vxl_im4o = NULL;
1446 if (sc->vxl_im6o != NULL) {
1447 free(sc->vxl_im6o, M_VXLAN);
1448 sc->vxl_im6o = NULL;
1453 vxlan_setup_multicast_interface(struct vxlan_softc *sc)
1457 ifp = ifunit_ref(sc->vxl_mc_ifname);
1459 if_printf(sc->vxl_ifp, "multicast interface %s does "
1460 "not exist\n", sc->vxl_mc_ifname);
1464 if ((ifp->if_flags & IFF_MULTICAST) == 0) {
1465 if_printf(sc->vxl_ifp, "interface %s does not support "
1466 "multicast\n", sc->vxl_mc_ifname);
1471 sc->vxl_mc_ifp = ifp;
1472 sc->vxl_mc_ifindex = ifp->if_index;
1478 vxlan_setup_multicast(struct vxlan_softc *sc)
1480 const union vxlan_sockaddr *group;
1483 group = &sc->vxl_dst_addr;
1486 if (sc->vxl_mc_ifname[0] != '\0') {
1487 error = vxlan_setup_multicast_interface(sc);
1493 * Initialize an multicast options structure that is sufficiently
1494 * populated for use in the respective IP output routine. This
1495 * structure is typically stored in the socket, but our sockets
1496 * may be shared among multiple interfaces.
1498 if (VXLAN_SOCKADDR_IS_IPV4(group)) {
1499 sc->vxl_im4o = malloc(sizeof(struct ip_moptions), M_VXLAN,
1501 sc->vxl_im4o->imo_multicast_ifp = sc->vxl_mc_ifp;
1502 sc->vxl_im4o->imo_multicast_ttl = sc->vxl_ttl;
1503 sc->vxl_im4o->imo_multicast_vif = -1;
1504 } else if (VXLAN_SOCKADDR_IS_IPV6(group)) {
1505 sc->vxl_im6o = malloc(sizeof(struct ip6_moptions), M_VXLAN,
1507 sc->vxl_im6o->im6o_multicast_ifp = sc->vxl_mc_ifp;
1508 sc->vxl_im6o->im6o_multicast_hlim = sc->vxl_ttl;
1515 vxlan_setup_socket(struct vxlan_softc *sc)
1517 struct vxlan_socket *vso;
1519 union vxlan_sockaddr *saddr, *daddr;
1520 int multicast, error;
1524 saddr = &sc->vxl_src_addr;
1525 daddr = &sc->vxl_dst_addr;
1527 multicast = vxlan_sockaddr_in_multicast(daddr);
1528 MPASS(multicast != -1);
1529 sc->vxl_vso_mc_index = -1;
1532 * Try to create the socket. If that fails, attempt to use an
1535 error = vxlan_socket_create(ifp, multicast, saddr, &vso);
1538 vso = vxlan_socket_mc_lookup(saddr);
1540 vso = vxlan_socket_lookup(saddr);
1543 if_printf(ifp, "cannot create socket (error: %d), "
1544 "and no existing socket found\n", error);
1549 if (multicast != 0) {
1550 error = vxlan_setup_multicast(sc);
1554 error = vxlan_socket_mc_add_group(vso, daddr, saddr,
1555 sc->vxl_mc_ifindex, &sc->vxl_vso_mc_index);
1561 error = vxlan_socket_insert_softc(vso, sc);
1563 sc->vxl_sock = NULL;
1564 if_printf(ifp, "network identifier %d already exists in "
1565 "this socket\n", sc->vxl_vni);
1573 if (sc->vxl_vso_mc_index != -1) {
1574 vxlan_socket_mc_release_group_by_idx(vso,
1575 sc->vxl_vso_mc_index);
1576 sc->vxl_vso_mc_index = -1;
1579 vxlan_free_multicast(sc);
1580 vxlan_socket_release(vso);
1588 vxlan_setup_zero_checksum_port(struct vxlan_softc *sc)
1591 if (!VXLAN_SOCKADDR_IS_IPV6(&sc->vxl_src_addr))
1594 MPASS(sc->vxl_src_addr.in6.sin6_port != 0);
1595 MPASS(sc->vxl_dst_addr.in6.sin6_port != 0);
1597 if (sc->vxl_src_addr.in6.sin6_port != sc->vxl_dst_addr.in6.sin6_port) {
1598 if_printf(sc->vxl_ifp, "port %d in src address does not match "
1599 "port %d in dst address, rfc6935_port (%d) not updated.\n",
1600 ntohs(sc->vxl_src_addr.in6.sin6_port),
1601 ntohs(sc->vxl_dst_addr.in6.sin6_port),
1602 V_zero_checksum_port);
1606 if (V_zero_checksum_port != 0) {
1607 if (V_zero_checksum_port !=
1608 ntohs(sc->vxl_src_addr.in6.sin6_port)) {
1609 if_printf(sc->vxl_ifp, "rfc6935_port is already set to "
1610 "%d, cannot set it to %d.\n", V_zero_checksum_port,
1611 ntohs(sc->vxl_src_addr.in6.sin6_port));
1616 V_zero_checksum_port = ntohs(sc->vxl_src_addr.in6.sin6_port);
1617 if_printf(sc->vxl_ifp, "rfc6935_port set to %d\n",
1618 V_zero_checksum_port);
1623 vxlan_setup_interface_hdrlen(struct vxlan_softc *sc)
1627 VXLAN_LOCK_WASSERT(sc);
1630 ifp->if_hdrlen = ETHER_HDR_LEN + sizeof(struct vxlanudphdr);
1632 if (VXLAN_SOCKADDR_IS_IPV4(&sc->vxl_dst_addr) != 0)
1633 ifp->if_hdrlen += sizeof(struct ip);
1634 else if (VXLAN_SOCKADDR_IS_IPV6(&sc->vxl_dst_addr) != 0)
1635 ifp->if_hdrlen += sizeof(struct ip6_hdr);
1637 if ((sc->vxl_flags & VXLAN_FLAG_USER_MTU) == 0)
1638 ifp->if_mtu = ETHERMTU - ifp->if_hdrlen;
1642 vxlan_valid_init_config(struct vxlan_softc *sc)
1646 if (vxlan_check_vni(sc->vxl_vni) != 0) {
1647 reason = "invalid virtual network identifier specified";
1651 if (vxlan_sockaddr_supported(&sc->vxl_src_addr, 1) == 0) {
1652 reason = "source address type is not supported";
1656 if (vxlan_sockaddr_supported(&sc->vxl_dst_addr, 0) == 0) {
1657 reason = "destination address type is not supported";
1661 if (vxlan_sockaddr_in_any(&sc->vxl_dst_addr) != 0) {
1662 reason = "no valid destination address specified";
1666 if (vxlan_sockaddr_in_multicast(&sc->vxl_dst_addr) == 0 &&
1667 sc->vxl_mc_ifname[0] != '\0') {
1668 reason = "can only specify interface with a group address";
1672 if (vxlan_sockaddr_in_any(&sc->vxl_src_addr) == 0) {
1673 if (VXLAN_SOCKADDR_IS_IPV4(&sc->vxl_src_addr) ^
1674 VXLAN_SOCKADDR_IS_IPV4(&sc->vxl_dst_addr)) {
1675 reason = "source and destination address must both "
1676 "be either IPv4 or IPv6";
1681 if (sc->vxl_src_addr.in4.sin_port == 0) {
1682 reason = "local port not specified";
1686 if (sc->vxl_dst_addr.in4.sin_port == 0) {
1687 reason = "remote port not specified";
1694 if_printf(sc->vxl_ifp, "cannot initialize interface: %s\n", reason);
1699 vxlan_init_wait(struct vxlan_softc *sc)
1702 VXLAN_LOCK_WASSERT(sc);
1703 while (sc->vxl_flags & VXLAN_FLAG_INIT)
1704 rm_sleep(sc, &sc->vxl_lock, 0, "vxlint", hz);
1708 vxlan_init_complete(struct vxlan_softc *sc)
1712 sc->vxl_flags &= ~VXLAN_FLAG_INIT;
1718 vxlan_init(void *xsc)
1720 static const uint8_t empty_mac[ETHER_ADDR_LEN];
1721 struct vxlan_softc *sc;
1727 sx_xlock(&vxlan_sx);
1729 if (ifp->if_drv_flags & IFF_DRV_RUNNING) {
1731 sx_xunlock(&vxlan_sx);
1734 sc->vxl_flags |= VXLAN_FLAG_INIT;
1737 if (vxlan_valid_init_config(sc) != 0)
1740 if (vxlan_setup_socket(sc) != 0)
1744 vxlan_setup_zero_checksum_port(sc);
1747 /* Initialize the default forwarding entry. */
1748 vxlan_ftable_entry_init(sc, &sc->vxl_default_fe, empty_mac,
1749 &sc->vxl_dst_addr.sa, VXLAN_FE_FLAG_STATIC);
1752 ifp->if_drv_flags |= IFF_DRV_RUNNING;
1753 callout_reset(&sc->vxl_callout, vxlan_ftable_prune_period * hz,
1757 if_link_state_change(ifp, LINK_STATE_UP);
1759 EVENTHANDLER_INVOKE(vxlan_start, ifp, sc->vxl_src_addr.in4.sin_family,
1760 ntohs(sc->vxl_src_addr.in4.sin_port));
1762 vxlan_init_complete(sc);
1763 sx_xunlock(&vxlan_sx);
1767 vxlan_release(struct vxlan_softc *sc)
1771 * The softc may be destroyed as soon as we release our reference,
1772 * so we cannot serialize the wakeup with the softc lock. We use a
1773 * timeout in our sleeps so a missed wakeup is unfortunate but not
1776 if (VXLAN_RELEASE(sc) != 0)
1781 vxlan_teardown_wait(struct vxlan_softc *sc)
1784 VXLAN_LOCK_WASSERT(sc);
1785 while (sc->vxl_flags & VXLAN_FLAG_TEARDOWN)
1786 rm_sleep(sc, &sc->vxl_lock, 0, "vxltrn", hz);
1790 vxlan_teardown_complete(struct vxlan_softc *sc)
1794 sc->vxl_flags &= ~VXLAN_FLAG_TEARDOWN;
1800 vxlan_teardown_locked(struct vxlan_softc *sc)
1803 struct vxlan_socket *vso;
1805 sx_assert(&vxlan_sx, SA_XLOCKED);
1806 VXLAN_LOCK_WASSERT(sc);
1807 MPASS(sc->vxl_flags & VXLAN_FLAG_TEARDOWN);
1810 ifp->if_flags &= ~IFF_UP;
1811 ifp->if_drv_flags &= ~IFF_DRV_RUNNING;
1812 callout_stop(&sc->vxl_callout);
1814 sc->vxl_sock = NULL;
1817 if_link_state_change(ifp, LINK_STATE_DOWN);
1818 EVENTHANDLER_INVOKE(vxlan_stop, ifp, sc->vxl_src_addr.in4.sin_family,
1819 ntohs(sc->vxl_src_addr.in4.sin_port));
1822 vxlan_socket_remove_softc(vso, sc);
1824 if (sc->vxl_vso_mc_index != -1) {
1825 vxlan_socket_mc_release_group_by_idx(vso,
1826 sc->vxl_vso_mc_index);
1827 sc->vxl_vso_mc_index = -1;
1832 while (sc->vxl_refcnt != 0)
1833 rm_sleep(sc, &sc->vxl_lock, 0, "vxldrn", hz);
1836 callout_drain(&sc->vxl_callout);
1838 vxlan_free_multicast(sc);
1840 vxlan_socket_release(vso);
1842 vxlan_teardown_complete(sc);
1846 vxlan_teardown(struct vxlan_softc *sc)
1849 sx_xlock(&vxlan_sx);
1851 if (sc->vxl_flags & VXLAN_FLAG_TEARDOWN) {
1852 vxlan_teardown_wait(sc);
1854 sx_xunlock(&vxlan_sx);
1858 sc->vxl_flags |= VXLAN_FLAG_TEARDOWN;
1859 vxlan_teardown_locked(sc);
1860 sx_xunlock(&vxlan_sx);
1864 vxlan_ifdetach(struct vxlan_softc *sc, struct ifnet *ifp,
1865 struct vxlan_softc_head *list)
1870 if (sc->vxl_mc_ifp != ifp)
1872 if (sc->vxl_flags & VXLAN_FLAG_TEARDOWN)
1875 sc->vxl_flags |= VXLAN_FLAG_TEARDOWN;
1876 LIST_INSERT_HEAD(list, sc, vxl_ifdetach_list);
1883 vxlan_timer(void *xsc)
1885 struct vxlan_softc *sc;
1888 VXLAN_LOCK_WASSERT(sc);
1890 vxlan_ftable_expire(sc);
1891 callout_schedule(&sc->vxl_callout, vxlan_ftable_prune_period * hz);
1895 vxlan_ioctl_ifflags(struct vxlan_softc *sc)
1901 if (ifp->if_flags & IFF_UP) {
1902 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0)
1905 if (ifp->if_drv_flags & IFF_DRV_RUNNING)
1913 vxlan_ctrl_get_config(struct vxlan_softc *sc, void *arg)
1915 struct rm_priotracker tracker;
1916 struct ifvxlancfg *cfg;
1919 bzero(cfg, sizeof(*cfg));
1921 VXLAN_RLOCK(sc, &tracker);
1922 cfg->vxlc_vni = sc->vxl_vni;
1923 memcpy(&cfg->vxlc_local_sa, &sc->vxl_src_addr,
1924 sizeof(union vxlan_sockaddr));
1925 memcpy(&cfg->vxlc_remote_sa, &sc->vxl_dst_addr,
1926 sizeof(union vxlan_sockaddr));
1927 cfg->vxlc_mc_ifindex = sc->vxl_mc_ifindex;
1928 cfg->vxlc_ftable_cnt = sc->vxl_ftable_cnt;
1929 cfg->vxlc_ftable_max = sc->vxl_ftable_max;
1930 cfg->vxlc_ftable_timeout = sc->vxl_ftable_timeout;
1931 cfg->vxlc_port_min = sc->vxl_min_port;
1932 cfg->vxlc_port_max = sc->vxl_max_port;
1933 cfg->vxlc_learn = (sc->vxl_flags & VXLAN_FLAG_LEARN) != 0;
1934 cfg->vxlc_ttl = sc->vxl_ttl;
1935 VXLAN_RUNLOCK(sc, &tracker);
1938 if (VXLAN_SOCKADDR_IS_IPV6(&cfg->vxlc_local_sa))
1939 sa6_recoverscope(&cfg->vxlc_local_sa.in6);
1940 if (VXLAN_SOCKADDR_IS_IPV6(&cfg->vxlc_remote_sa))
1941 sa6_recoverscope(&cfg->vxlc_remote_sa.in6);
1948 vxlan_ctrl_set_vni(struct vxlan_softc *sc, void *arg)
1950 struct ifvxlancmd *cmd;
1955 if (vxlan_check_vni(cmd->vxlcmd_vni) != 0)
1959 if (vxlan_can_change_config(sc)) {
1960 sc->vxl_vni = cmd->vxlcmd_vni;
1970 vxlan_ctrl_set_local_addr(struct vxlan_softc *sc, void *arg)
1972 struct ifvxlancmd *cmd;
1973 union vxlan_sockaddr *vxlsa;
1977 vxlsa = &cmd->vxlcmd_sa;
1979 if (!VXLAN_SOCKADDR_IS_IPV46(vxlsa))
1981 if (vxlan_sockaddr_in_multicast(vxlsa) != 0)
1983 if (VXLAN_SOCKADDR_IS_IPV6(vxlsa)) {
1984 error = vxlan_sockaddr_in6_embedscope(vxlsa);
1990 if (vxlan_can_change_config(sc)) {
1991 vxlan_sockaddr_in_copy(&sc->vxl_src_addr, &vxlsa->sa);
1992 vxlan_set_hwcaps(sc);
2002 vxlan_ctrl_set_remote_addr(struct vxlan_softc *sc, void *arg)
2004 struct ifvxlancmd *cmd;
2005 union vxlan_sockaddr *vxlsa;
2009 vxlsa = &cmd->vxlcmd_sa;
2011 if (!VXLAN_SOCKADDR_IS_IPV46(vxlsa))
2013 if (VXLAN_SOCKADDR_IS_IPV6(vxlsa)) {
2014 error = vxlan_sockaddr_in6_embedscope(vxlsa);
2020 if (vxlan_can_change_config(sc)) {
2021 vxlan_sockaddr_in_copy(&sc->vxl_dst_addr, &vxlsa->sa);
2022 vxlan_setup_interface_hdrlen(sc);
2032 vxlan_ctrl_set_local_port(struct vxlan_softc *sc, void *arg)
2034 struct ifvxlancmd *cmd;
2039 if (cmd->vxlcmd_port == 0)
2043 if (vxlan_can_change_config(sc)) {
2044 sc->vxl_src_addr.in4.sin_port = htons(cmd->vxlcmd_port);
2054 vxlan_ctrl_set_remote_port(struct vxlan_softc *sc, void *arg)
2056 struct ifvxlancmd *cmd;
2061 if (cmd->vxlcmd_port == 0)
2065 if (vxlan_can_change_config(sc)) {
2066 sc->vxl_dst_addr.in4.sin_port = htons(cmd->vxlcmd_port);
2076 vxlan_ctrl_set_port_range(struct vxlan_softc *sc, void *arg)
2078 struct ifvxlancmd *cmd;
2083 min = cmd->vxlcmd_port_min;
2084 max = cmd->vxlcmd_port_max;
2090 if (vxlan_can_change_config(sc)) {
2091 sc->vxl_min_port = min;
2092 sc->vxl_max_port = max;
2102 vxlan_ctrl_set_ftable_timeout(struct vxlan_softc *sc, void *arg)
2104 struct ifvxlancmd *cmd;
2110 if (vxlan_check_ftable_timeout(cmd->vxlcmd_ftable_timeout) == 0) {
2111 sc->vxl_ftable_timeout = cmd->vxlcmd_ftable_timeout;
2121 vxlan_ctrl_set_ftable_max(struct vxlan_softc *sc, void *arg)
2123 struct ifvxlancmd *cmd;
2129 if (vxlan_check_ftable_max(cmd->vxlcmd_ftable_max) == 0) {
2130 sc->vxl_ftable_max = cmd->vxlcmd_ftable_max;
2140 vxlan_ctrl_set_multicast_if(struct vxlan_softc * sc, void *arg)
2142 struct ifvxlancmd *cmd;
2148 if (vxlan_can_change_config(sc)) {
2149 strlcpy(sc->vxl_mc_ifname, cmd->vxlcmd_ifname, IFNAMSIZ);
2150 vxlan_set_hwcaps(sc);
2160 vxlan_ctrl_set_ttl(struct vxlan_softc *sc, void *arg)
2162 struct ifvxlancmd *cmd;
2168 if (vxlan_check_ttl(cmd->vxlcmd_ttl) == 0) {
2169 sc->vxl_ttl = cmd->vxlcmd_ttl;
2170 if (sc->vxl_im4o != NULL)
2171 sc->vxl_im4o->imo_multicast_ttl = sc->vxl_ttl;
2172 if (sc->vxl_im6o != NULL)
2173 sc->vxl_im6o->im6o_multicast_hlim = sc->vxl_ttl;
2183 vxlan_ctrl_set_learn(struct vxlan_softc *sc, void *arg)
2185 struct ifvxlancmd *cmd;
2190 if (cmd->vxlcmd_flags & VXLAN_CMD_FLAG_LEARN)
2191 sc->vxl_flags |= VXLAN_FLAG_LEARN;
2193 sc->vxl_flags &= ~VXLAN_FLAG_LEARN;
2200 vxlan_ctrl_ftable_entry_add(struct vxlan_softc *sc, void *arg)
2202 union vxlan_sockaddr vxlsa;
2203 struct ifvxlancmd *cmd;
2204 struct vxlan_ftable_entry *fe;
2208 vxlsa = cmd->vxlcmd_sa;
2210 if (!VXLAN_SOCKADDR_IS_IPV46(&vxlsa))
2212 if (vxlan_sockaddr_in_any(&vxlsa) != 0)
2214 if (vxlan_sockaddr_in_multicast(&vxlsa) != 0)
2216 /* BMV: We could support both IPv4 and IPv6 later. */
2217 if (vxlsa.sa.sa_family != sc->vxl_dst_addr.sa.sa_family)
2218 return (EAFNOSUPPORT);
2220 if (VXLAN_SOCKADDR_IS_IPV6(&vxlsa)) {
2221 error = vxlan_sockaddr_in6_embedscope(&vxlsa);
2226 fe = vxlan_ftable_entry_alloc();
2230 if (vxlsa.in4.sin_port == 0)
2231 vxlsa.in4.sin_port = sc->vxl_dst_addr.in4.sin_port;
2233 vxlan_ftable_entry_init(sc, fe, cmd->vxlcmd_mac, &vxlsa.sa,
2234 VXLAN_FE_FLAG_STATIC);
2237 error = vxlan_ftable_entry_insert(sc, fe);
2241 vxlan_ftable_entry_free(fe);
2247 vxlan_ctrl_ftable_entry_rem(struct vxlan_softc *sc, void *arg)
2249 struct ifvxlancmd *cmd;
2250 struct vxlan_ftable_entry *fe;
2256 fe = vxlan_ftable_entry_lookup(sc, cmd->vxlcmd_mac);
2258 vxlan_ftable_entry_destroy(sc, fe);
2268 vxlan_ctrl_flush(struct vxlan_softc *sc, void *arg)
2270 struct ifvxlancmd *cmd;
2274 all = cmd->vxlcmd_flags & VXLAN_CMD_FLAG_FLUSH_ALL;
2277 vxlan_ftable_flush(sc, all);
2284 vxlan_ioctl_drvspec(struct vxlan_softc *sc, struct ifdrv *ifd, int get)
2286 const struct vxlan_control *vc;
2288 struct ifvxlancfg cfg;
2289 struct ifvxlancmd cmd;
2293 if (ifd->ifd_cmd >= vxlan_control_table_size)
2296 bzero(&args, sizeof(args));
2297 vc = &vxlan_control_table[ifd->ifd_cmd];
2298 out = (vc->vxlc_flags & VXLAN_CTRL_FLAG_COPYOUT) != 0;
2300 if ((get != 0 && out == 0) || (get == 0 && out != 0))
2303 if (vc->vxlc_flags & VXLAN_CTRL_FLAG_SUSER) {
2304 error = priv_check(curthread, PRIV_NET_VXLAN);
2309 if (ifd->ifd_len != vc->vxlc_argsize ||
2310 ifd->ifd_len > sizeof(args))
2313 if (vc->vxlc_flags & VXLAN_CTRL_FLAG_COPYIN) {
2314 error = copyin(ifd->ifd_data, &args, ifd->ifd_len);
2319 error = vc->vxlc_func(sc, &args);
2323 if (vc->vxlc_flags & VXLAN_CTRL_FLAG_COPYOUT) {
2324 error = copyout(&args, ifd->ifd_data, ifd->ifd_len);
2333 vxlan_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data)
2335 struct rm_priotracker tracker;
2336 struct vxlan_softc *sc;
2342 ifr = (struct ifreq *) data;
2343 ifd = (struct ifdrv *) data;
2354 error = vxlan_ioctl_drvspec(sc, ifd, cmd == SIOCGDRVSPEC);
2358 error = vxlan_ioctl_ifflags(sc);
2363 error = ifmedia_ioctl(ifp, ifr, &sc->vxl_media, cmd);
2367 if (ifr->ifr_mtu < ETHERMIN || ifr->ifr_mtu > VXLAN_MAX_MTU) {
2371 ifp->if_mtu = ifr->ifr_mtu;
2372 sc->vxl_flags |= VXLAN_FLAG_USER_MTU;
2379 error = vxlan_set_reqcap(sc, ifp, ifr->ifr_reqcap);
2381 vxlan_set_hwcaps(sc);
2386 VXLAN_RLOCK(sc, &tracker);
2387 ifr->ifr_fib = sc->vxl_fibnum;
2388 VXLAN_RUNLOCK(sc, &tracker);
2392 if ((error = priv_check(curthread, PRIV_NET_VXLAN)) != 0)
2395 if (ifr->ifr_fib >= rt_numfibs)
2399 sc->vxl_fibnum = ifr->ifr_fib;
2405 error = ether_ioctl(ifp, cmd, data);
2412 #if defined(INET) || defined(INET6)
2414 vxlan_pick_source_port(struct vxlan_softc *sc, struct mbuf *m)
2419 range = sc->vxl_max_port - sc->vxl_min_port + 1;
2421 if (M_HASHTYPE_ISHASH(m))
2422 hash = m->m_pkthdr.flowid;
2424 hash = jenkins_hash(m->m_data, ETHER_HDR_LEN,
2425 sc->vxl_port_hash_key);
2427 return (sc->vxl_min_port + (hash % range));
2431 vxlan_encap_header(struct vxlan_softc *sc, struct mbuf *m, int ipoff,
2432 uint16_t srcport, uint16_t dstport)
2434 struct vxlanudphdr *hdr;
2435 struct udphdr *udph;
2436 struct vxlan_header *vxh;
2439 len = m->m_pkthdr.len - ipoff;
2440 MPASS(len >= sizeof(struct vxlanudphdr));
2441 hdr = mtodo(m, ipoff);
2443 udph = &hdr->vxlh_udp;
2444 udph->uh_sport = srcport;
2445 udph->uh_dport = dstport;
2446 udph->uh_ulen = htons(len);
2449 vxh = &hdr->vxlh_hdr;
2450 vxh->vxlh_flags = htonl(VXLAN_HDR_FLAGS_VALID_VNI);
2451 vxh->vxlh_vni = htonl(sc->vxl_vni << VXLAN_HDR_VNI_SHIFT);
2455 #if defined(INET6) || defined(INET)
2457 * Return the CSUM_INNER_* equivalent of CSUM_* caps.
2460 csum_flags_to_inner_flags(uint32_t csum_flags_in, const uint32_t encap)
2462 uint32_t csum_flags = encap;
2463 const uint32_t v4 = CSUM_IP | CSUM_IP_UDP | CSUM_IP_TCP;
2466 * csum_flags can request either v4 or v6 offload but not both.
2467 * tcp_output always sets CSUM_TSO (both CSUM_IP_TSO and CSUM_IP6_TSO)
2468 * so those bits are no good to detect the IP version. Other bits are
2469 * always set with CSUM_TSO and we use those to figure out the IP
2472 if (csum_flags_in & v4) {
2473 if (csum_flags_in & CSUM_IP)
2474 csum_flags |= CSUM_INNER_IP;
2475 if (csum_flags_in & CSUM_IP_UDP)
2476 csum_flags |= CSUM_INNER_IP_UDP;
2477 if (csum_flags_in & CSUM_IP_TCP)
2478 csum_flags |= CSUM_INNER_IP_TCP;
2479 if (csum_flags_in & CSUM_IP_TSO)
2480 csum_flags |= CSUM_INNER_IP_TSO;
2483 const uint32_t v6 = CSUM_IP6_UDP | CSUM_IP6_TCP;
2485 MPASS((csum_flags_in & v6) != 0);
2487 if (csum_flags_in & CSUM_IP6_UDP)
2488 csum_flags |= CSUM_INNER_IP6_UDP;
2489 if (csum_flags_in & CSUM_IP6_TCP)
2490 csum_flags |= CSUM_INNER_IP6_TCP;
2491 if (csum_flags_in & CSUM_IP6_TSO)
2492 csum_flags |= CSUM_INNER_IP6_TSO;
2495 return (csum_flags);
2500 vxlan_encap4(struct vxlan_softc *sc, const union vxlan_sockaddr *fvxlsa,
2506 struct in_addr srcaddr, dstaddr;
2507 uint16_t srcport, dstport;
2508 int plen, mcast, error;
2509 struct route route, *ro;
2510 struct sockaddr_in *sin;
2511 uint32_t csum_flags;
2516 srcaddr = sc->vxl_src_addr.in4.sin_addr;
2517 srcport = vxlan_pick_source_port(sc, m);
2518 dstaddr = fvxlsa->in4.sin_addr;
2519 dstport = fvxlsa->in4.sin_port;
2521 plen = m->m_pkthdr.len;
2522 M_PREPEND(m, sizeof(struct ip) + sizeof(struct vxlanudphdr),
2525 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1);
2529 ip = mtod(m, struct ip *);
2531 ip->ip_len = htons(m->m_pkthdr.len);
2533 ip->ip_ttl = sc->vxl_ttl;
2534 ip->ip_p = IPPROTO_UDP;
2536 ip->ip_src = srcaddr;
2537 ip->ip_dst = dstaddr;
2539 vxlan_encap_header(sc, m, sizeof(struct ip), srcport, dstport);
2541 mcast = (m->m_flags & (M_MCAST | M_BCAST)) ? 1 : 0;
2542 m->m_flags &= ~(M_MCAST | M_BCAST);
2544 m->m_pkthdr.csum_flags &= CSUM_FLAGS_TX;
2545 if (m->m_pkthdr.csum_flags != 0) {
2547 * HW checksum (L3 and/or L4) or TSO has been requested. Look
2548 * up the ifnet for the outbound route and verify that the
2549 * outbound ifnet can perform the requested operation on the
2552 bzero(&route, sizeof(route));
2554 sin = (struct sockaddr_in *)&ro->ro_dst;
2555 sin->sin_family = AF_INET;
2556 sin->sin_len = sizeof(*sin);
2557 sin->sin_addr = ip->ip_dst;
2558 ro->ro_nh = fib4_lookup(M_GETFIB(m), ip->ip_dst, 0, NHR_NONE,
2560 if (ro->ro_nh == NULL) {
2562 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1);
2563 return (EHOSTUNREACH);
2566 csum_flags = csum_flags_to_inner_flags(m->m_pkthdr.csum_flags,
2568 if ((csum_flags & ro->ro_nh->nh_ifp->if_hwassist) !=
2570 if (ppsratecheck(&sc->err_time, &sc->err_pps, 1)) {
2571 const struct ifnet *nh_ifp = ro->ro_nh->nh_ifp;
2573 if_printf(ifp, "interface %s is missing hwcaps "
2574 "0x%08x, csum_flags 0x%08x -> 0x%08x, "
2575 "hwassist 0x%08x\n", nh_ifp->if_xname,
2576 csum_flags & ~(uint32_t)nh_ifp->if_hwassist,
2577 m->m_pkthdr.csum_flags, csum_flags,
2578 (uint32_t)nh_ifp->if_hwassist);
2581 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1);
2584 m->m_pkthdr.csum_flags = csum_flags;
2586 (CSUM_INNER_IP | CSUM_INNER_IP_UDP | CSUM_INNER_IP6_UDP |
2587 CSUM_INNER_IP_TCP | CSUM_INNER_IP6_TCP)) {
2588 counter_u64_add(sc->vxl_stats.txcsum, 1);
2589 if (csum_flags & CSUM_INNER_TSO)
2590 counter_u64_add(sc->vxl_stats.tso, 1);
2594 error = ip_output(m, NULL, ro, 0, sc->vxl_im4o, NULL);
2596 if_inc_counter(ifp, IFCOUNTER_OPACKETS, 1);
2597 if_inc_counter(ifp, IFCOUNTER_OBYTES, plen);
2599 if_inc_counter(ifp, IFCOUNTER_OMCASTS, 1);
2601 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1);
2611 vxlan_encap6(struct vxlan_softc *sc, const union vxlan_sockaddr *fvxlsa,
2616 struct ip6_hdr *ip6;
2617 const struct in6_addr *srcaddr, *dstaddr;
2618 uint16_t srcport, dstport;
2619 int plen, mcast, error;
2620 struct route_in6 route, *ro;
2621 struct sockaddr_in6 *sin6;
2622 uint32_t csum_flags;
2627 srcaddr = &sc->vxl_src_addr.in6.sin6_addr;
2628 srcport = vxlan_pick_source_port(sc, m);
2629 dstaddr = &fvxlsa->in6.sin6_addr;
2630 dstport = fvxlsa->in6.sin6_port;
2632 plen = m->m_pkthdr.len;
2633 M_PREPEND(m, sizeof(struct ip6_hdr) + sizeof(struct vxlanudphdr),
2636 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1);
2640 ip6 = mtod(m, struct ip6_hdr *);
2641 ip6->ip6_flow = 0; /* BMV: Keep in forwarding entry? */
2642 ip6->ip6_vfc = IPV6_VERSION;
2644 ip6->ip6_nxt = IPPROTO_UDP;
2645 ip6->ip6_hlim = sc->vxl_ttl;
2646 ip6->ip6_src = *srcaddr;
2647 ip6->ip6_dst = *dstaddr;
2649 vxlan_encap_header(sc, m, sizeof(struct ip6_hdr), srcport, dstport);
2651 mcast = (m->m_flags & (M_MCAST | M_BCAST)) ? 1 : 0;
2652 m->m_flags &= ~(M_MCAST | M_BCAST);
2655 m->m_pkthdr.csum_flags &= CSUM_FLAGS_TX;
2656 if (m->m_pkthdr.csum_flags != 0) {
2658 * HW checksum (L3 and/or L4) or TSO has been requested. Look
2659 * up the ifnet for the outbound route and verify that the
2660 * outbound ifnet can perform the requested operation on the
2663 bzero(&route, sizeof(route));
2665 sin6 = (struct sockaddr_in6 *)&ro->ro_dst;
2666 sin6->sin6_family = AF_INET6;
2667 sin6->sin6_len = sizeof(*sin6);
2668 sin6->sin6_addr = ip6->ip6_dst;
2669 ro->ro_nh = fib6_lookup(M_GETFIB(m), &ip6->ip6_dst, 0,
2671 if (ro->ro_nh == NULL) {
2673 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1);
2674 return (EHOSTUNREACH);
2677 csum_flags = csum_flags_to_inner_flags(m->m_pkthdr.csum_flags,
2679 if ((csum_flags & ro->ro_nh->nh_ifp->if_hwassist) !=
2681 if (ppsratecheck(&sc->err_time, &sc->err_pps, 1)) {
2682 const struct ifnet *nh_ifp = ro->ro_nh->nh_ifp;
2684 if_printf(ifp, "interface %s is missing hwcaps "
2685 "0x%08x, csum_flags 0x%08x -> 0x%08x, "
2686 "hwassist 0x%08x\n", nh_ifp->if_xname,
2687 csum_flags & ~(uint32_t)nh_ifp->if_hwassist,
2688 m->m_pkthdr.csum_flags, csum_flags,
2689 (uint32_t)nh_ifp->if_hwassist);
2692 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1);
2695 m->m_pkthdr.csum_flags = csum_flags;
2697 (CSUM_INNER_IP | CSUM_INNER_IP_UDP | CSUM_INNER_IP6_UDP |
2698 CSUM_INNER_IP_TCP | CSUM_INNER_IP6_TCP)) {
2699 counter_u64_add(sc->vxl_stats.txcsum, 1);
2700 if (csum_flags & CSUM_INNER_TSO)
2701 counter_u64_add(sc->vxl_stats.tso, 1);
2703 } else if (ntohs(dstport) != V_zero_checksum_port) {
2704 struct udphdr *hdr = mtodo(m, sizeof(struct ip6_hdr));
2706 hdr->uh_sum = in6_cksum_pseudo(ip6,
2707 m->m_pkthdr.len - sizeof(struct ip6_hdr), IPPROTO_UDP, 0);
2708 m->m_pkthdr.csum_flags = CSUM_UDP_IPV6;
2709 m->m_pkthdr.csum_data = offsetof(struct udphdr, uh_sum);
2711 error = ip6_output(m, NULL, ro, 0, sc->vxl_im6o, NULL, NULL);
2713 if_inc_counter(ifp, IFCOUNTER_OPACKETS, 1);
2714 if_inc_counter(ifp, IFCOUNTER_OBYTES, plen);
2716 if_inc_counter(ifp, IFCOUNTER_OMCASTS, 1);
2718 if_inc_counter(ifp, IFCOUNTER_OERRORS, 1);
2728 vxlan_transmit(struct ifnet *ifp, struct mbuf *m)
2730 struct rm_priotracker tracker;
2731 union vxlan_sockaddr vxlsa;
2732 struct vxlan_softc *sc;
2733 struct vxlan_ftable_entry *fe;
2734 struct ifnet *mcifp;
2735 struct ether_header *eh;
2739 eh = mtod(m, struct ether_header *);
2743 ETHER_BPF_MTAP(ifp, m);
2745 VXLAN_RLOCK(sc, &tracker);
2746 M_SETFIB(m, sc->vxl_fibnum);
2747 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0) {
2748 VXLAN_RUNLOCK(sc, &tracker);
2753 if ((m->m_flags & (M_BCAST | M_MCAST)) == 0)
2754 fe = vxlan_ftable_entry_lookup(sc, eh->ether_dhost);
2756 fe = &sc->vxl_default_fe;
2757 vxlan_sockaddr_copy(&vxlsa, &fe->vxlfe_raddr.sa);
2759 ipv4 = VXLAN_SOCKADDR_IS_IPV4(&vxlsa) != 0;
2760 if (vxlan_sockaddr_in_multicast(&vxlsa) != 0)
2761 mcifp = vxlan_multicast_if_ref(sc, ipv4);
2764 VXLAN_RUNLOCK(sc, &tracker);
2767 error = vxlan_encap4(sc, &vxlsa, m);
2769 error = vxlan_encap6(sc, &vxlsa, m);
2779 vxlan_qflush(struct ifnet *ifp __unused)
2784 vxlan_rcv_udp_packet(struct mbuf *m, int offset, struct inpcb *inpcb,
2785 const struct sockaddr *srcsa, void *xvso)
2787 struct vxlan_socket *vso;
2788 struct vxlan_header *vxh, vxlanhdr;
2794 offset += sizeof(struct udphdr);
2796 if (m->m_pkthdr.len < offset + sizeof(struct vxlan_header))
2799 if (__predict_false(m->m_len < offset + sizeof(struct vxlan_header))) {
2800 m_copydata(m, offset, sizeof(struct vxlan_header),
2801 (caddr_t) &vxlanhdr);
2804 vxh = mtodo(m, offset);
2807 * Drop if there is a reserved bit set in either the flags or VNI
2808 * fields of the header. This goes against the specification, but
2809 * a bit set may indicate an unsupported new feature. This matches
2810 * the behavior of the Linux implementation.
2812 if (vxh->vxlh_flags != htonl(VXLAN_HDR_FLAGS_VALID_VNI) ||
2813 vxh->vxlh_vni & ~VXLAN_VNI_MASK)
2816 vni = ntohl(vxh->vxlh_vni) >> VXLAN_HDR_VNI_SHIFT;
2818 /* Adjust to the start of the inner Ethernet frame. */
2819 m_adj_decap(m, offset + sizeof(struct vxlan_header));
2821 error = vxlan_input(vso, vni, &m, srcsa);
2822 MPASS(error != 0 || m == NULL);
2832 vxlan_input(struct vxlan_socket *vso, uint32_t vni, struct mbuf **m0,
2833 const struct sockaddr *sa)
2835 struct vxlan_softc *sc;
2838 struct ether_header *eh;
2843 if (m->m_pkthdr.len < ETHER_HDR_LEN)
2846 sc = vxlan_socket_lookup_softc(vso, vni);
2851 if (m->m_len < ETHER_HDR_LEN &&
2852 (m = m_pullup(m, ETHER_HDR_LEN)) == NULL) {
2857 eh = mtod(m, struct ether_header *);
2859 if ((ifp->if_drv_flags & IFF_DRV_RUNNING) == 0) {
2862 } else if (ifp == m->m_pkthdr.rcvif) {
2863 /* XXX Does not catch more complex loops. */
2868 if (sc->vxl_flags & VXLAN_FLAG_LEARN)
2869 vxlan_ftable_learn(sc, sa, eh->ether_shost);
2872 m->m_pkthdr.rcvif = ifp;
2873 M_SETFIB(m, ifp->if_fib);
2874 if (((ifp->if_capenable & IFCAP_RXCSUM &&
2875 m->m_pkthdr.csum_flags & CSUM_INNER_L3_CALC) ||
2876 (ifp->if_capenable & IFCAP_RXCSUM_IPV6 &&
2877 !(m->m_pkthdr.csum_flags & CSUM_INNER_L3_CALC)))) {
2878 uint32_t csum_flags = 0;
2880 if (m->m_pkthdr.csum_flags & CSUM_INNER_L3_CALC)
2881 csum_flags |= CSUM_L3_CALC;
2882 if (m->m_pkthdr.csum_flags & CSUM_INNER_L3_VALID)
2883 csum_flags |= CSUM_L3_VALID;
2884 if (m->m_pkthdr.csum_flags & CSUM_INNER_L4_CALC)
2885 csum_flags |= CSUM_L4_CALC;
2886 if (m->m_pkthdr.csum_flags & CSUM_INNER_L4_VALID)
2887 csum_flags |= CSUM_L4_VALID;
2888 m->m_pkthdr.csum_flags = csum_flags;
2889 counter_u64_add(sc->vxl_stats.rxcsum, 1);
2891 /* clear everything */
2892 m->m_pkthdr.csum_flags = 0;
2893 m->m_pkthdr.csum_data = 0;
2896 if_inc_counter(ifp, IFCOUNTER_IPACKETS, 1);
2897 (*ifp->if_input)(ifp, m);
2907 vxlan_stats_alloc(struct vxlan_softc *sc)
2909 struct vxlan_statistics *stats = &sc->vxl_stats;
2911 stats->txcsum = counter_u64_alloc(M_WAITOK);
2912 if (stats->txcsum == NULL)
2915 stats->tso = counter_u64_alloc(M_WAITOK);
2916 if (stats->tso == NULL)
2919 stats->rxcsum = counter_u64_alloc(M_WAITOK);
2920 if (stats->rxcsum == NULL)
2925 vxlan_stats_free(sc);
2930 vxlan_stats_free(struct vxlan_softc *sc)
2932 struct vxlan_statistics *stats = &sc->vxl_stats;
2934 if (stats->txcsum != NULL) {
2935 counter_u64_free(stats->txcsum);
2936 stats->txcsum = NULL;
2938 if (stats->tso != NULL) {
2939 counter_u64_free(stats->tso);
2942 if (stats->rxcsum != NULL) {
2943 counter_u64_free(stats->rxcsum);
2944 stats->rxcsum = NULL;
2949 vxlan_set_default_config(struct vxlan_softc *sc)
2952 sc->vxl_flags |= VXLAN_FLAG_LEARN;
2954 sc->vxl_vni = VXLAN_VNI_MAX;
2955 sc->vxl_ttl = IPDEFTTL;
2957 if (!vxlan_tunable_int(sc, "legacy_port", vxlan_legacy_port)) {
2958 sc->vxl_src_addr.in4.sin_port = htons(VXLAN_PORT);
2959 sc->vxl_dst_addr.in4.sin_port = htons(VXLAN_PORT);
2961 sc->vxl_src_addr.in4.sin_port = htons(VXLAN_LEGACY_PORT);
2962 sc->vxl_dst_addr.in4.sin_port = htons(VXLAN_LEGACY_PORT);
2965 sc->vxl_min_port = V_ipport_firstauto;
2966 sc->vxl_max_port = V_ipport_lastauto;
2968 sc->vxl_ftable_max = VXLAN_FTABLE_MAX;
2969 sc->vxl_ftable_timeout = VXLAN_FTABLE_TIMEOUT;
2973 vxlan_set_user_config(struct vxlan_softc *sc, struct ifvxlanparam *vxlp)
2977 if (vxlp->vxlp_with & (VXLAN_PARAM_WITH_LOCAL_ADDR4 |
2978 VXLAN_PARAM_WITH_REMOTE_ADDR4))
2979 return (EAFNOSUPPORT);
2983 if (vxlp->vxlp_with & (VXLAN_PARAM_WITH_LOCAL_ADDR6 |
2984 VXLAN_PARAM_WITH_REMOTE_ADDR6))
2985 return (EAFNOSUPPORT);
2987 if (vxlp->vxlp_with & VXLAN_PARAM_WITH_LOCAL_ADDR6) {
2988 int error = vxlan_sockaddr_in6_embedscope(&vxlp->vxlp_local_sa);
2992 if (vxlp->vxlp_with & VXLAN_PARAM_WITH_REMOTE_ADDR6) {
2993 int error = vxlan_sockaddr_in6_embedscope(
2994 &vxlp->vxlp_remote_sa);
3000 if (vxlp->vxlp_with & VXLAN_PARAM_WITH_VNI) {
3001 if (vxlan_check_vni(vxlp->vxlp_vni) == 0)
3002 sc->vxl_vni = vxlp->vxlp_vni;
3005 if (vxlp->vxlp_with & VXLAN_PARAM_WITH_LOCAL_ADDR4) {
3006 sc->vxl_src_addr.in4.sin_len = sizeof(struct sockaddr_in);
3007 sc->vxl_src_addr.in4.sin_family = AF_INET;
3008 sc->vxl_src_addr.in4.sin_addr =
3009 vxlp->vxlp_local_sa.in4.sin_addr;
3010 } else if (vxlp->vxlp_with & VXLAN_PARAM_WITH_LOCAL_ADDR6) {
3011 sc->vxl_src_addr.in6.sin6_len = sizeof(struct sockaddr_in6);
3012 sc->vxl_src_addr.in6.sin6_family = AF_INET6;
3013 sc->vxl_src_addr.in6.sin6_addr =
3014 vxlp->vxlp_local_sa.in6.sin6_addr;
3017 if (vxlp->vxlp_with & VXLAN_PARAM_WITH_REMOTE_ADDR4) {
3018 sc->vxl_dst_addr.in4.sin_len = sizeof(struct sockaddr_in);
3019 sc->vxl_dst_addr.in4.sin_family = AF_INET;
3020 sc->vxl_dst_addr.in4.sin_addr =
3021 vxlp->vxlp_remote_sa.in4.sin_addr;
3022 } else if (vxlp->vxlp_with & VXLAN_PARAM_WITH_REMOTE_ADDR6) {
3023 sc->vxl_dst_addr.in6.sin6_len = sizeof(struct sockaddr_in6);
3024 sc->vxl_dst_addr.in6.sin6_family = AF_INET6;
3025 sc->vxl_dst_addr.in6.sin6_addr =
3026 vxlp->vxlp_remote_sa.in6.sin6_addr;
3029 if (vxlp->vxlp_with & VXLAN_PARAM_WITH_LOCAL_PORT)
3030 sc->vxl_src_addr.in4.sin_port = htons(vxlp->vxlp_local_port);
3031 if (vxlp->vxlp_with & VXLAN_PARAM_WITH_REMOTE_PORT)
3032 sc->vxl_dst_addr.in4.sin_port = htons(vxlp->vxlp_remote_port);
3034 if (vxlp->vxlp_with & VXLAN_PARAM_WITH_PORT_RANGE) {
3035 if (vxlp->vxlp_min_port <= vxlp->vxlp_max_port) {
3036 sc->vxl_min_port = vxlp->vxlp_min_port;
3037 sc->vxl_max_port = vxlp->vxlp_max_port;
3041 if (vxlp->vxlp_with & VXLAN_PARAM_WITH_MULTICAST_IF)
3042 strlcpy(sc->vxl_mc_ifname, vxlp->vxlp_mc_ifname, IFNAMSIZ);
3044 if (vxlp->vxlp_with & VXLAN_PARAM_WITH_FTABLE_TIMEOUT) {
3045 if (vxlan_check_ftable_timeout(vxlp->vxlp_ftable_timeout) == 0)
3046 sc->vxl_ftable_timeout = vxlp->vxlp_ftable_timeout;
3049 if (vxlp->vxlp_with & VXLAN_PARAM_WITH_FTABLE_MAX) {
3050 if (vxlan_check_ftable_max(vxlp->vxlp_ftable_max) == 0)
3051 sc->vxl_ftable_max = vxlp->vxlp_ftable_max;
3054 if (vxlp->vxlp_with & VXLAN_PARAM_WITH_TTL) {
3055 if (vxlan_check_ttl(vxlp->vxlp_ttl) == 0)
3056 sc->vxl_ttl = vxlp->vxlp_ttl;
3059 if (vxlp->vxlp_with & VXLAN_PARAM_WITH_LEARN) {
3060 if (vxlp->vxlp_learn == 0)
3061 sc->vxl_flags &= ~VXLAN_FLAG_LEARN;
3068 vxlan_set_reqcap(struct vxlan_softc *sc, struct ifnet *ifp, int reqcap)
3070 int mask = reqcap ^ ifp->if_capenable;
3072 /* Disable TSO if tx checksums are disabled. */
3073 if (mask & IFCAP_TXCSUM && !(reqcap & IFCAP_TXCSUM) &&
3074 reqcap & IFCAP_TSO4) {
3075 reqcap &= ~IFCAP_TSO4;
3076 if_printf(ifp, "tso4 disabled due to -txcsum.\n");
3078 if (mask & IFCAP_TXCSUM_IPV6 && !(reqcap & IFCAP_TXCSUM_IPV6) &&
3079 reqcap & IFCAP_TSO6) {
3080 reqcap &= ~IFCAP_TSO6;
3081 if_printf(ifp, "tso6 disabled due to -txcsum6.\n");
3084 /* Do not enable TSO if tx checksums are disabled. */
3085 if (mask & IFCAP_TSO4 && reqcap & IFCAP_TSO4 &&
3086 !(reqcap & IFCAP_TXCSUM)) {
3087 if_printf(ifp, "enable txcsum first.\n");
3090 if (mask & IFCAP_TSO6 && reqcap & IFCAP_TSO6 &&
3091 !(reqcap & IFCAP_TXCSUM_IPV6)) {
3092 if_printf(ifp, "enable txcsum6 first.\n");
3096 sc->vxl_reqcap = reqcap;
3101 * A VXLAN interface inherits the capabilities of the vxlandev or the interface
3102 * hosting the vxlanlocal address.
3105 vxlan_set_hwcaps(struct vxlan_softc *sc)
3107 struct epoch_tracker et;
3113 struct ifnet *ifp = sc->vxl_ifp;
3116 ifp->if_capabilities &= VXLAN_BASIC_IFCAPS;
3117 ifp->if_capenable &= VXLAN_BASIC_IFCAPS;
3118 ifp->if_hwassist = 0;
3120 NET_EPOCH_ENTER(et);
3121 CURVNET_SET(ifp->if_vnet);
3125 if (sc->vxl_mc_ifname[0] != '\0') {
3127 p = ifunit_ref(sc->vxl_mc_ifname);
3128 } else if (vxlan_sockaddr_in_any(&sc->vxl_src_addr) == 0) {
3129 if (sc->vxl_src_addr.sa.sa_family == AF_INET) {
3130 struct sockaddr_in in4 = sc->vxl_src_addr.in4;
3133 ifa = ifa_ifwithaddr((struct sockaddr *)&in4);
3136 } else if (sc->vxl_src_addr.sa.sa_family == AF_INET6) {
3137 struct sockaddr_in6 in6 = sc->vxl_src_addr.in6;
3140 ifa = ifa_ifwithaddr((struct sockaddr *)&in6);
3148 cap = ena = hwa = 0;
3150 /* checksum offload */
3151 if (p->if_capabilities & IFCAP_VXLAN_HWCSUM)
3152 cap |= p->if_capabilities & (IFCAP_HWCSUM | IFCAP_HWCSUM_IPV6);
3153 if (p->if_capenable & IFCAP_VXLAN_HWCSUM) {
3154 ena |= sc->vxl_reqcap & p->if_capenable &
3155 (IFCAP_HWCSUM | IFCAP_HWCSUM_IPV6);
3156 if (ena & IFCAP_TXCSUM) {
3157 if (p->if_hwassist & CSUM_INNER_IP)
3159 if (p->if_hwassist & CSUM_INNER_IP_UDP)
3161 if (p->if_hwassist & CSUM_INNER_IP_TCP)
3164 if (ena & IFCAP_TXCSUM_IPV6) {
3165 if (p->if_hwassist & CSUM_INNER_IP6_UDP)
3166 hwa |= CSUM_IP6_UDP;
3167 if (p->if_hwassist & CSUM_INNER_IP6_TCP)
3168 hwa |= CSUM_IP6_TCP;
3173 if (p->if_capabilities & IFCAP_VXLAN_HWTSO) {
3174 cap |= p->if_capabilities & IFCAP_TSO;
3175 if (p->if_hw_tsomax > IP_MAXPACKET - ifp->if_hdrlen)
3176 ifp->if_hw_tsomax = IP_MAXPACKET - ifp->if_hdrlen;
3178 ifp->if_hw_tsomax = p->if_hw_tsomax;
3179 /* XXX: tsomaxsegcount decrement is cxgbe specific */
3180 ifp->if_hw_tsomaxsegcount = p->if_hw_tsomaxsegcount - 1;
3181 ifp->if_hw_tsomaxsegsize = p->if_hw_tsomaxsegsize;
3183 if (p->if_capenable & IFCAP_VXLAN_HWTSO) {
3184 ena |= sc->vxl_reqcap & p->if_capenable & IFCAP_TSO;
3185 if (ena & IFCAP_TSO) {
3186 if (p->if_hwassist & CSUM_INNER_IP_TSO)
3188 if (p->if_hwassist & CSUM_INNER_IP6_TSO)
3189 hwa |= CSUM_IP6_TSO;
3193 ifp->if_capabilities |= cap;
3194 ifp->if_capenable |= ena;
3195 ifp->if_hwassist |= hwa;
3204 vxlan_clone_create(struct if_clone *ifc, char *name, size_t len,
3205 struct ifc_data *ifd, struct ifnet **ifpp)
3207 struct vxlan_softc *sc;
3209 struct ifvxlanparam vxlp;
3212 sc = malloc(sizeof(struct vxlan_softc), M_VXLAN, M_WAITOK | M_ZERO);
3213 sc->vxl_unit = ifd->unit;
3214 sc->vxl_fibnum = curthread->td_proc->p_fibnum;
3215 vxlan_set_default_config(sc);
3216 error = vxlan_stats_alloc(sc);
3220 if (ifd->params != NULL) {
3221 error = ifc_copyin(ifd, &vxlp, sizeof(vxlp));
3225 error = vxlan_set_user_config(sc, &vxlp);
3230 ifp = if_alloc(IFT_ETHER);
3237 rm_init(&sc->vxl_lock, "vxlanrm");
3238 callout_init_rw(&sc->vxl_callout, &sc->vxl_lock, 0);
3239 sc->vxl_port_hash_key = arc4random();
3240 vxlan_ftable_init(sc);
3242 vxlan_sysctl_setup(sc);
3245 if_initname(ifp, vxlan_name, ifd->unit);
3246 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST;
3247 ifp->if_init = vxlan_init;
3248 ifp->if_ioctl = vxlan_ioctl;
3249 ifp->if_transmit = vxlan_transmit;
3250 ifp->if_qflush = vxlan_qflush;
3251 ifp->if_capabilities = VXLAN_BASIC_IFCAPS;
3252 ifp->if_capenable = VXLAN_BASIC_IFCAPS;
3253 sc->vxl_reqcap = -1;
3254 vxlan_set_hwcaps(sc);
3256 ifmedia_init(&sc->vxl_media, 0, vxlan_media_change, vxlan_media_status);
3257 ifmedia_add(&sc->vxl_media, IFM_ETHER | IFM_AUTO, 0, NULL);
3258 ifmedia_set(&sc->vxl_media, IFM_ETHER | IFM_AUTO);
3260 ether_gen_addr(ifp, &sc->vxl_hwaddr);
3261 ether_ifattach(ifp, sc->vxl_hwaddr.octet);
3263 ifp->if_baudrate = 0;
3266 vxlan_setup_interface_hdrlen(sc);
3278 vxlan_clone_destroy(struct if_clone *ifc, struct ifnet *ifp, uint32_t flags)
3280 struct vxlan_softc *sc;
3286 vxlan_ftable_flush(sc, 1);
3288 ether_ifdetach(ifp);
3290 ifmedia_removeall(&sc->vxl_media);
3292 vxlan_ftable_fini(sc);
3294 vxlan_sysctl_destroy(sc);
3295 rm_destroy(&sc->vxl_lock);
3296 vxlan_stats_free(sc);
3302 /* BMV: Taken from if_bridge. */
3304 vxlan_mac_hash(struct vxlan_softc *sc, const uint8_t *addr)
3306 uint32_t a = 0x9e3779b9, b = 0x9e3779b9, c = sc->vxl_ftable_hash_key;
3316 * The following hash function is adapted from "Hash Functions" by Bob Jenkins
3317 * ("Algorithm Alley", Dr. Dobbs Journal, September 1997).
3319 #define mix(a, b, c) \
3321 a -= b; a -= c; a ^= (c >> 13); \
3322 b -= c; b -= a; b ^= (a << 8); \
3323 c -= a; c -= b; c ^= (b >> 13); \
3324 a -= b; a -= c; a ^= (c >> 12); \
3325 b -= c; b -= a; b ^= (a << 16); \
3326 c -= a; c -= b; c ^= (b >> 5); \
3327 a -= b; a -= c; a ^= (c >> 3); \
3328 b -= c; b -= a; b ^= (a << 10); \
3329 c -= a; c -= b; c ^= (b >> 15); \
3340 vxlan_media_change(struct ifnet *ifp)
3348 vxlan_media_status(struct ifnet *ifp, struct ifmediareq *ifmr)
3351 ifmr->ifm_status = IFM_ACTIVE | IFM_AVALID;
3352 ifmr->ifm_active = IFM_ETHER | IFM_FDX;
3356 vxlan_sockaddr_cmp(const union vxlan_sockaddr *vxladdr,
3357 const struct sockaddr *sa)
3360 return (bcmp(&vxladdr->sa, sa, vxladdr->sa.sa_len));
3364 vxlan_sockaddr_copy(union vxlan_sockaddr *vxladdr,
3365 const struct sockaddr *sa)
3368 MPASS(sa->sa_family == AF_INET || sa->sa_family == AF_INET6);
3369 bzero(vxladdr, sizeof(*vxladdr));
3371 if (sa->sa_family == AF_INET) {
3372 vxladdr->in4 = *satoconstsin(sa);
3373 vxladdr->in4.sin_len = sizeof(struct sockaddr_in);
3374 } else if (sa->sa_family == AF_INET6) {
3375 vxladdr->in6 = *satoconstsin6(sa);
3376 vxladdr->in6.sin6_len = sizeof(struct sockaddr_in6);
3381 vxlan_sockaddr_in_equal(const union vxlan_sockaddr *vxladdr,
3382 const struct sockaddr *sa)
3386 if (sa->sa_family == AF_INET) {
3387 const struct in_addr *in4 = &satoconstsin(sa)->sin_addr;
3388 equal = in4->s_addr == vxladdr->in4.sin_addr.s_addr;
3389 } else if (sa->sa_family == AF_INET6) {
3390 const struct in6_addr *in6 = &satoconstsin6(sa)->sin6_addr;
3391 equal = IN6_ARE_ADDR_EQUAL(in6, &vxladdr->in6.sin6_addr);
3399 vxlan_sockaddr_in_copy(union vxlan_sockaddr *vxladdr,
3400 const struct sockaddr *sa)
3403 MPASS(sa->sa_family == AF_INET || sa->sa_family == AF_INET6);
3405 if (sa->sa_family == AF_INET) {
3406 const struct in_addr *in4 = &satoconstsin(sa)->sin_addr;
3407 vxladdr->in4.sin_family = AF_INET;
3408 vxladdr->in4.sin_len = sizeof(struct sockaddr_in);
3409 vxladdr->in4.sin_addr = *in4;
3410 } else if (sa->sa_family == AF_INET6) {
3411 const struct in6_addr *in6 = &satoconstsin6(sa)->sin6_addr;
3412 vxladdr->in6.sin6_family = AF_INET6;
3413 vxladdr->in6.sin6_len = sizeof(struct sockaddr_in6);
3414 vxladdr->in6.sin6_addr = *in6;
3419 vxlan_sockaddr_supported(const union vxlan_sockaddr *vxladdr, int unspec)
3421 const struct sockaddr *sa;
3427 if (sa->sa_family == AF_UNSPEC && unspec != 0) {
3429 } else if (sa->sa_family == AF_INET) {
3433 } else if (sa->sa_family == AF_INET6) {
3443 vxlan_sockaddr_in_any(const union vxlan_sockaddr *vxladdr)
3445 const struct sockaddr *sa;
3450 if (sa->sa_family == AF_INET) {
3451 const struct in_addr *in4 = &satoconstsin(sa)->sin_addr;
3452 any = in4->s_addr == INADDR_ANY;
3453 } else if (sa->sa_family == AF_INET6) {
3454 const struct in6_addr *in6 = &satoconstsin6(sa)->sin6_addr;
3455 any = IN6_IS_ADDR_UNSPECIFIED(in6);
3463 vxlan_sockaddr_in_multicast(const union vxlan_sockaddr *vxladdr)
3465 const struct sockaddr *sa;
3470 if (sa->sa_family == AF_INET) {
3471 const struct in_addr *in4 = &satoconstsin(sa)->sin_addr;
3472 mc = IN_MULTICAST(ntohl(in4->s_addr));
3473 } else if (sa->sa_family == AF_INET6) {
3474 const struct in6_addr *in6 = &satoconstsin6(sa)->sin6_addr;
3475 mc = IN6_IS_ADDR_MULTICAST(in6);
3483 vxlan_sockaddr_in6_embedscope(union vxlan_sockaddr *vxladdr)
3487 MPASS(VXLAN_SOCKADDR_IS_IPV6(vxladdr));
3489 error = sa6_embedscope(&vxladdr->in6, V_ip6_use_defzone);
3491 error = EAFNOSUPPORT;
3498 vxlan_can_change_config(struct vxlan_softc *sc)
3503 VXLAN_LOCK_ASSERT(sc);
3505 if (ifp->if_drv_flags & IFF_DRV_RUNNING)
3507 if (sc->vxl_flags & (VXLAN_FLAG_INIT | VXLAN_FLAG_TEARDOWN))
3514 vxlan_check_vni(uint32_t vni)
3517 return (vni >= VXLAN_VNI_MAX);
3521 vxlan_check_ttl(int ttl)
3524 return (ttl > MAXTTL);
3528 vxlan_check_ftable_timeout(uint32_t timeout)
3531 return (timeout > VXLAN_FTABLE_MAX_TIMEOUT);
3535 vxlan_check_ftable_max(uint32_t max)
3538 return (max > VXLAN_FTABLE_MAX);
3542 vxlan_sysctl_setup(struct vxlan_softc *sc)
3544 struct sysctl_ctx_list *ctx;
3545 struct sysctl_oid *node;
3546 struct vxlan_statistics *stats;
3549 ctx = &sc->vxl_sysctl_ctx;
3550 stats = &sc->vxl_stats;
3551 snprintf(namebuf, sizeof(namebuf), "%d", sc->vxl_unit);
3553 sysctl_ctx_init(ctx);
3554 sc->vxl_sysctl_node = SYSCTL_ADD_NODE(ctx,
3555 SYSCTL_STATIC_CHILDREN(_net_link_vxlan), OID_AUTO, namebuf,
3556 CTLFLAG_RD | CTLFLAG_MPSAFE, NULL, "");
3558 node = SYSCTL_ADD_NODE(ctx, SYSCTL_CHILDREN(sc->vxl_sysctl_node),
3559 OID_AUTO, "ftable", CTLFLAG_RD | CTLFLAG_MPSAFE, NULL, "");
3560 SYSCTL_ADD_UINT(ctx, SYSCTL_CHILDREN(node), OID_AUTO, "count",
3561 CTLFLAG_RD, &sc->vxl_ftable_cnt, 0,
3562 "Number of entries in forwarding table");
3563 SYSCTL_ADD_UINT(ctx, SYSCTL_CHILDREN(node), OID_AUTO, "max",
3564 CTLFLAG_RD, &sc->vxl_ftable_max, 0,
3565 "Maximum number of entries allowed in forwarding table");
3566 SYSCTL_ADD_UINT(ctx, SYSCTL_CHILDREN(node), OID_AUTO, "timeout",
3567 CTLFLAG_RD, &sc->vxl_ftable_timeout, 0,
3568 "Number of seconds between prunes of the forwarding table");
3569 SYSCTL_ADD_PROC(ctx, SYSCTL_CHILDREN(node), OID_AUTO, "dump",
3570 CTLTYPE_STRING | CTLFLAG_RD | CTLFLAG_MPSAFE | CTLFLAG_SKIP,
3571 sc, 0, vxlan_ftable_sysctl_dump, "A",
3572 "Dump the forwarding table entries");
3574 node = SYSCTL_ADD_NODE(ctx, SYSCTL_CHILDREN(sc->vxl_sysctl_node),
3575 OID_AUTO, "stats", CTLFLAG_RD | CTLFLAG_MPSAFE, NULL, "");
3576 SYSCTL_ADD_UINT(ctx, SYSCTL_CHILDREN(node), OID_AUTO,
3577 "ftable_nospace", CTLFLAG_RD, &stats->ftable_nospace, 0,
3578 "Fowarding table reached maximum entries");
3579 SYSCTL_ADD_UINT(ctx, SYSCTL_CHILDREN(node), OID_AUTO,
3580 "ftable_lock_upgrade_failed", CTLFLAG_RD,
3581 &stats->ftable_lock_upgrade_failed, 0,
3582 "Forwarding table update required lock upgrade");
3584 SYSCTL_ADD_COUNTER_U64(ctx, SYSCTL_CHILDREN(node), OID_AUTO, "txcsum",
3585 CTLFLAG_RD, &stats->txcsum,
3586 "# of times hardware assisted with tx checksum");
3587 SYSCTL_ADD_COUNTER_U64(ctx, SYSCTL_CHILDREN(node), OID_AUTO, "tso",
3588 CTLFLAG_RD, &stats->tso, "# of times hardware assisted with TSO");
3589 SYSCTL_ADD_COUNTER_U64(ctx, SYSCTL_CHILDREN(node), OID_AUTO, "rxcsum",
3590 CTLFLAG_RD, &stats->rxcsum,
3591 "# of times hardware assisted with rx checksum");
3595 vxlan_sysctl_destroy(struct vxlan_softc *sc)
3598 sysctl_ctx_free(&sc->vxl_sysctl_ctx);
3599 sc->vxl_sysctl_node = NULL;
3603 vxlan_tunable_int(struct vxlan_softc *sc, const char *knob, int def)
3607 snprintf(path, sizeof(path), "net.link.vxlan.%d.%s",
3608 sc->vxl_unit, knob);
3609 TUNABLE_INT_FETCH(path, &def);
3615 vxlan_ifdetach_event(void *arg __unused, struct ifnet *ifp)
3617 struct vxlan_softc_head list;
3618 struct vxlan_socket *vso;
3619 struct vxlan_softc *sc, *tsc;
3623 if (ifp->if_flags & IFF_RENAMING)
3625 if ((ifp->if_flags & IFF_MULTICAST) == 0)
3629 LIST_FOREACH(vso, &vxlan_socket_list, vxlso_entry)
3630 vxlan_socket_ifdetach(vso, ifp, &list);
3631 VXLAN_LIST_UNLOCK();
3633 LIST_FOREACH_SAFE(sc, &list, vxl_ifdetach_list, tsc) {
3634 LIST_REMOVE(sc, vxl_ifdetach_list);
3636 sx_xlock(&vxlan_sx);
3638 if (sc->vxl_flags & VXLAN_FLAG_INIT)
3639 vxlan_init_wait(sc);
3640 vxlan_teardown_locked(sc);
3641 sx_xunlock(&vxlan_sx);
3649 mtx_init(&vxlan_list_mtx, "vxlan list", NULL, MTX_DEF);
3650 LIST_INIT(&vxlan_socket_list);
3651 vxlan_ifdetach_event_tag = EVENTHANDLER_REGISTER(ifnet_departure_event,
3652 vxlan_ifdetach_event, NULL, EVENTHANDLER_PRI_ANY);
3654 struct if_clone_addreq req = {
3655 .create_f = vxlan_clone_create,
3656 .destroy_f = vxlan_clone_destroy,
3657 .flags = IFC_F_AUTOUNIT,
3659 vxlan_cloner = ifc_attach_cloner(vxlan_name, &req);
3666 EVENTHANDLER_DEREGISTER(ifnet_departure_event,
3667 vxlan_ifdetach_event_tag);
3668 ifc_detach_cloner(vxlan_cloner);
3669 mtx_destroy(&vxlan_list_mtx);
3670 MPASS(LIST_EMPTY(&vxlan_socket_list));
3674 vxlan_modevent(module_t mod, int type, void *unused)
3695 static moduledata_t vxlan_mod = {
3701 DECLARE_MODULE(if_vxlan, vxlan_mod, SI_SUB_PSEUDO, SI_ORDER_ANY);
3702 MODULE_VERSION(if_vxlan, 1);
projects / FreeBSD / FreeBSD.git / blob