ip_mroute.c revision 1.48
1 /* $NetBSD: ip_mroute.c,v 1.48 2000/03/30 13:25:01 augustss Exp $ */ 2 3 /* 4 * IP multicast forwarding procedures 5 * 6 * Written by David Waitzman, BBN Labs, August 1988. 7 * Modified by Steve Deering, Stanford, February 1989. 8 * Modified by Mark J. Steiglitz, Stanford, May, 1991 9 * Modified by Van Jacobson, LBL, January 1993 10 * Modified by Ajit Thyagarajan, PARC, August 1993 11 * Modified by Bill Fenner, PARC, April 1994 12 * Modified by Charles M. Hannum, NetBSD, May 1995. 13 * 14 * MROUTING Revision: 1.2 15 */ 16 17 #include "opt_ipsec.h" 18 19 #include <sys/param.h> 20 #include <sys/systm.h> 21 #include <sys/callout.h> 22 #include <sys/mbuf.h> 23 #include <sys/socket.h> 24 #include <sys/socketvar.h> 25 #include <sys/protosw.h> 26 #include <sys/errno.h> 27 #include <sys/time.h> 28 #include <sys/kernel.h> 29 #include <sys/ioctl.h> 30 #include <sys/syslog.h> 31 #include <net/if.h> 32 #include <net/route.h> 33 #include <net/raw_cb.h> 34 #include <netinet/in.h> 35 #include <netinet/in_var.h> 36 #include <netinet/in_systm.h> 37 #include <netinet/ip.h> 38 #include <netinet/ip_var.h> 39 #include <netinet/in_pcb.h> 40 #include <netinet/udp.h> 41 #include <netinet/igmp.h> 42 #include <netinet/igmp_var.h> 43 #include <netinet/ip_mroute.h> 44 45 #include <machine/stdarg.h> 46 47 #define IP_MULTICASTOPTS 0 48 #define M_PULLUP(m, len) \ 49 do { \ 50 if ((m) && ((m)->m_flags & M_EXT || (m)->m_len < (len))) \ 51 (m) = m_pullup((m), (len)); \ 52 } while (0) 53 54 /* 55 * Globals. All but ip_mrouter and ip_mrtproto could be static, 56 * except for netstat or debugging purposes. 57 */ 58 struct socket *ip_mrouter = 0; 59 int ip_mrtproto = IGMP_DVMRP; /* for netstat only */ 60 61 #define NO_RTE_FOUND 0x1 62 #define RTE_FOUND 0x2 63 64 #define MFCHASH(a, g) \ 65 ((((a).s_addr >> 20) ^ ((a).s_addr >> 10) ^ (a).s_addr ^ \ 66 ((g).s_addr >> 20) ^ ((g).s_addr >> 10) ^ (g).s_addr) & mfchash) 67 LIST_HEAD(mfchashhdr, mfc) *mfchashtbl; 68 u_long mfchash; 69 70 u_char nexpire[MFCTBLSIZ]; 71 struct vif viftable[MAXVIFS]; 72 struct mrtstat mrtstat; 73 u_int mrtdebug = 0; /* debug level */ 74 #define DEBUG_MFC 0x02 75 #define DEBUG_FORWARD 0x04 76 #define DEBUG_EXPIRE 0x08 77 #define DEBUG_XMIT 0x10 78 u_int tbfdebug = 0; /* tbf debug level */ 79 #ifdef RSVP_ISI 80 u_int rsvpdebug = 0; /* rsvp debug level */ 81 extern struct socket *ip_rsvpd; 82 extern int rsvp_on; 83 #endif /* RSVP_ISI */ 84 85 #define EXPIRE_TIMEOUT (hz / 4) /* 4x / second */ 86 #define UPCALL_EXPIRE 6 /* number of timeouts */ 87 88 /* 89 * Define the token bucket filter structures 90 */ 91 92 #define TBF_REPROCESS (hz / 100) /* 100x / second */ 93 94 static int get_sg_cnt __P((struct sioc_sg_req *)); 95 static int get_vif_cnt __P((struct sioc_vif_req *)); 96 static int ip_mrouter_init __P((struct socket *, struct mbuf *)); 97 static int get_version __P((struct mbuf *)); 98 static int set_assert __P((struct mbuf *)); 99 static int get_assert __P((struct mbuf *)); 100 static int add_vif __P((struct mbuf *)); 101 static int del_vif __P((struct mbuf *)); 102 static void update_mfc __P((struct mfcctl *, struct mfc *)); 103 static void expire_mfc __P((struct mfc *)); 104 static int add_mfc __P((struct mbuf *)); 105 #ifdef UPCALL_TIMING 106 static void collate __P((struct timeval *)); 107 #endif 108 static int del_mfc __P((struct mbuf *)); 109 static int socket_send __P((struct socket *, struct mbuf *, 110 struct sockaddr_in *)); 111 static void expire_upcalls __P((void *)); 112 #ifdef RSVP_ISI 113 static int ip_mdq __P((struct mbuf *, struct ifnet *, struct mfc *, vifi_t)); 114 #else 115 static int ip_mdq __P((struct mbuf *, struct ifnet *, struct mfc *)); 116 #endif 117 static void phyint_send __P((struct ip *, struct vif *, struct mbuf *)); 118 static void encap_send __P((struct ip *, struct vif *, struct mbuf *)); 119 static void tbf_control __P((struct vif *, struct mbuf *, struct ip *, 120 u_int32_t)); 121 static void tbf_queue __P((struct vif *, struct mbuf *)); 122 static void tbf_process_q __P((struct vif *)); 123 static void tbf_reprocess_q __P((void *)); 124 static int tbf_dq_sel __P((struct vif *, struct ip *)); 125 static void tbf_send_packet __P((struct vif *, struct mbuf *)); 126 static void tbf_update_tokens __P((struct vif *)); 127 static int priority __P((struct vif *, struct ip *)); 128 129 /* 130 * 'Interfaces' associated with decapsulator (so we can tell 131 * packets that went through it from ones that get reflected 132 * by a broken gateway). These interfaces are never linked into 133 * the system ifnet list & no routes point to them. I.e., packets 134 * can't be sent this way. They only exist as a placeholder for 135 * multicast source verification. 136 */ 137 #if 0 138 struct ifnet multicast_decap_if[MAXVIFS]; 139 #endif 140 141 #define ENCAP_TTL 64 142 #define ENCAP_PROTO IPPROTO_IPIP /* 4 */ 143 144 /* prototype IP hdr for encapsulated packets */ 145 struct ip multicast_encap_iphdr = { 146 #if BYTE_ORDER == LITTLE_ENDIAN 147 sizeof(struct ip) >> 2, IPVERSION, 148 #else 149 IPVERSION, sizeof(struct ip) >> 2, 150 #endif 151 0, /* tos */ 152 sizeof(struct ip), /* total length */ 153 0, /* id */ 154 0, /* frag offset */ 155 ENCAP_TTL, ENCAP_PROTO, 156 0, /* checksum */ 157 }; 158 159 /* 160 * Private variables. 161 */ 162 static vifi_t numvifs = 0; 163 static int have_encap_tunnel = 0; 164 165 static struct callout expire_upcalls_ch; 166 167 /* 168 * one-back cache used by mrt_ipip_input to locate a tunnel's vif 169 * given a datagram's src ip address. 170 */ 171 static struct in_addr last_encap_src; 172 static struct vif *last_encap_vif; 173 174 /* 175 * whether or not special PIM assert processing is enabled. 176 */ 177 static int pim_assert; 178 /* 179 * Rate limit for assert notification messages, in usec 180 */ 181 #define ASSERT_MSG_TIME 3000000 182 183 /* 184 * Find a route for a given origin IP address and Multicast group address 185 * Type of service parameter to be added in the future!!! 186 */ 187 188 #define MFCFIND(o, g, rt) { \ 189 struct mfc *_rt; \ 190 (rt) = 0; \ 191 ++mrtstat.mrts_mfc_lookups; \ 192 for (_rt = mfchashtbl[MFCHASH(o, g)].lh_first; \ 193 _rt; _rt = _rt->mfc_hash.le_next) { \ 194 if (in_hosteq(_rt->mfc_origin, (o)) && \ 195 in_hosteq(_rt->mfc_mcastgrp, (g)) && \ 196 _rt->mfc_stall == 0) { \ 197 (rt) = _rt; \ 198 break; \ 199 } \ 200 } \ 201 if ((rt) == 0) \ 202 ++mrtstat.mrts_mfc_misses; \ 203 } 204 205 /* 206 * Macros to compute elapsed time efficiently 207 * Borrowed from Van Jacobson's scheduling code 208 */ 209 #define TV_DELTA(a, b, delta) { \ 210 int xxs; \ 211 delta = (a).tv_usec - (b).tv_usec; \ 212 xxs = (a).tv_sec - (b).tv_sec; \ 213 switch (xxs) { \ 214 case 2: \ 215 delta += 1000000; \ 216 /* fall through */ \ 217 case 1: \ 218 delta += 1000000; \ 219 /* fall through */ \ 220 case 0: \ 221 break; \ 222 default: \ 223 delta += (1000000 * xxs); \ 224 break; \ 225 } \ 226 } 227 228 #ifdef UPCALL_TIMING 229 u_int32_t upcall_data[51]; 230 #endif /* UPCALL_TIMING */ 231 232 /* 233 * Handle MRT setsockopt commands to modify the multicast routing tables. 234 */ 235 int 236 ip_mrouter_set(so, optname, m) 237 struct socket *so; 238 int optname; 239 struct mbuf **m; 240 { 241 int error; 242 243 if (optname != MRT_INIT && so != ip_mrouter) 244 error = ENOPROTOOPT; 245 else 246 switch (optname) { 247 case MRT_INIT: 248 error = ip_mrouter_init(so, *m); 249 break; 250 case MRT_DONE: 251 error = ip_mrouter_done(); 252 break; 253 case MRT_ADD_VIF: 254 error = add_vif(*m); 255 break; 256 case MRT_DEL_VIF: 257 error = del_vif(*m); 258 break; 259 case MRT_ADD_MFC: 260 error = add_mfc(*m); 261 break; 262 case MRT_DEL_MFC: 263 error = del_mfc(*m); 264 break; 265 case MRT_ASSERT: 266 error = set_assert(*m); 267 break; 268 default: 269 error = ENOPROTOOPT; 270 break; 271 } 272 273 if (*m) 274 m_free(*m); 275 return (error); 276 } 277 278 /* 279 * Handle MRT getsockopt commands 280 */ 281 int 282 ip_mrouter_get(so, optname, m) 283 struct socket *so; 284 int optname; 285 struct mbuf **m; 286 { 287 int error; 288 289 if (so != ip_mrouter) 290 error = ENOPROTOOPT; 291 else { 292 *m = m_get(M_WAIT, MT_SOOPTS); 293 294 switch (optname) { 295 case MRT_VERSION: 296 error = get_version(*m); 297 break; 298 case MRT_ASSERT: 299 error = get_assert(*m); 300 break; 301 default: 302 error = ENOPROTOOPT; 303 break; 304 } 305 306 if (error) 307 m_free(*m); 308 } 309 310 return (error); 311 } 312 313 /* 314 * Handle ioctl commands to obtain information from the cache 315 */ 316 int 317 mrt_ioctl(so, cmd, data) 318 struct socket *so; 319 u_long cmd; 320 caddr_t data; 321 { 322 int error; 323 324 if (so != ip_mrouter) 325 error = EINVAL; 326 else 327 switch (cmd) { 328 case SIOCGETVIFCNT: 329 error = get_vif_cnt((struct sioc_vif_req *)data); 330 break; 331 case SIOCGETSGCNT: 332 error = get_sg_cnt((struct sioc_sg_req *)data); 333 break; 334 default: 335 error = EINVAL; 336 break; 337 } 338 339 return (error); 340 } 341 342 /* 343 * returns the packet, byte, rpf-failure count for the source group provided 344 */ 345 static int 346 get_sg_cnt(req) 347 struct sioc_sg_req *req; 348 { 349 struct mfc *rt; 350 int s; 351 352 s = splsoftnet(); 353 MFCFIND(req->src, req->grp, rt); 354 splx(s); 355 if (rt != 0) { 356 req->pktcnt = rt->mfc_pkt_cnt; 357 req->bytecnt = rt->mfc_byte_cnt; 358 req->wrong_if = rt->mfc_wrong_if; 359 } else 360 req->pktcnt = req->bytecnt = req->wrong_if = 0xffffffff; 361 362 return (0); 363 } 364 365 /* 366 * returns the input and output packet and byte counts on the vif provided 367 */ 368 static int 369 get_vif_cnt(req) 370 struct sioc_vif_req *req; 371 { 372 vifi_t vifi = req->vifi; 373 374 if (vifi >= numvifs) 375 return (EINVAL); 376 377 req->icount = viftable[vifi].v_pkt_in; 378 req->ocount = viftable[vifi].v_pkt_out; 379 req->ibytes = viftable[vifi].v_bytes_in; 380 req->obytes = viftable[vifi].v_bytes_out; 381 382 return (0); 383 } 384 385 /* 386 * Enable multicast routing 387 */ 388 static int 389 ip_mrouter_init(so, m) 390 struct socket *so; 391 struct mbuf *m; 392 { 393 int *v; 394 395 if (mrtdebug) 396 log(LOG_DEBUG, 397 "ip_mrouter_init: so_type = %d, pr_protocol = %d\n", 398 so->so_type, so->so_proto->pr_protocol); 399 400 if (so->so_type != SOCK_RAW || 401 so->so_proto->pr_protocol != IPPROTO_IGMP) 402 return (EOPNOTSUPP); 403 404 if (m == 0 || m->m_len < sizeof(int)) 405 return (EINVAL); 406 407 v = mtod(m, int *); 408 if (*v != 1) 409 return (EINVAL); 410 411 if (ip_mrouter != 0) 412 return (EADDRINUSE); 413 414 ip_mrouter = so; 415 416 mfchashtbl = hashinit(MFCTBLSIZ, M_MRTABLE, M_WAITOK, &mfchash); 417 bzero((caddr_t)nexpire, sizeof(nexpire)); 418 419 pim_assert = 0; 420 421 callout_init(&expire_upcalls_ch); 422 callout_reset(&expire_upcalls_ch, EXPIRE_TIMEOUT, 423 expire_upcalls, NULL); 424 425 if (mrtdebug) 426 log(LOG_DEBUG, "ip_mrouter_init\n"); 427 428 return (0); 429 } 430 431 /* 432 * Disable multicast routing 433 */ 434 int 435 ip_mrouter_done() 436 { 437 vifi_t vifi; 438 struct vif *vifp; 439 int i; 440 int s; 441 442 s = splsoftnet(); 443 444 /* Clear out all the vifs currently in use. */ 445 for (vifi = 0; vifi < numvifs; vifi++) { 446 vifp = &viftable[vifi]; 447 if (!in_nullhost(vifp->v_lcl_addr)) 448 reset_vif(vifp); 449 } 450 451 numvifs = 0; 452 pim_assert = 0; 453 454 callout_stop(&expire_upcalls_ch); 455 456 /* 457 * Free all multicast forwarding cache entries. 458 */ 459 for (i = 0; i < MFCTBLSIZ; i++) { 460 struct mfc *rt, *nrt; 461 462 for (rt = mfchashtbl[i].lh_first; rt; rt = nrt) { 463 nrt = rt->mfc_hash.le_next; 464 465 expire_mfc(rt); 466 } 467 } 468 469 free(mfchashtbl, M_MRTABLE); 470 mfchashtbl = 0; 471 472 /* Reset de-encapsulation cache. */ 473 have_encap_tunnel = 0; 474 475 ip_mrouter = 0; 476 477 splx(s); 478 479 if (mrtdebug) 480 log(LOG_DEBUG, "ip_mrouter_done\n"); 481 482 return (0); 483 } 484 485 static int 486 get_version(m) 487 struct mbuf *m; 488 { 489 int *v = mtod(m, int *); 490 491 *v = 0x0305; /* XXX !!!! */ 492 m->m_len = sizeof(int); 493 return (0); 494 } 495 496 /* 497 * Set PIM assert processing global 498 */ 499 static int 500 set_assert(m) 501 struct mbuf *m; 502 { 503 int *i; 504 505 if (m == 0 || m->m_len < sizeof(int)) 506 return (EINVAL); 507 508 i = mtod(m, int *); 509 pim_assert = !!*i; 510 return (0); 511 } 512 513 /* 514 * Get PIM assert processing global 515 */ 516 static int 517 get_assert(m) 518 struct mbuf *m; 519 { 520 int *i = mtod(m, int *); 521 522 *i = pim_assert; 523 m->m_len = sizeof(int); 524 return (0); 525 } 526 527 static struct sockaddr_in sin = { sizeof(sin), AF_INET }; 528 529 /* 530 * Add a vif to the vif table 531 */ 532 static int 533 add_vif(m) 534 struct mbuf *m; 535 { 536 struct vifctl *vifcp; 537 struct vif *vifp; 538 struct ifaddr *ifa; 539 struct ifnet *ifp; 540 struct ifreq ifr; 541 int error, s; 542 543 if (m == 0 || m->m_len < sizeof(struct vifctl)) 544 return (EINVAL); 545 546 vifcp = mtod(m, struct vifctl *); 547 if (vifcp->vifc_vifi >= MAXVIFS) 548 return (EINVAL); 549 550 vifp = &viftable[vifcp->vifc_vifi]; 551 if (!in_nullhost(vifp->v_lcl_addr)) 552 return (EADDRINUSE); 553 554 /* Find the interface with an address in AF_INET family. */ 555 sin.sin_addr = vifcp->vifc_lcl_addr; 556 ifa = ifa_ifwithaddr(sintosa(&sin)); 557 if (ifa == 0) 558 return (EADDRNOTAVAIL); 559 560 if (vifcp->vifc_flags & VIFF_TUNNEL) { 561 if (vifcp->vifc_flags & VIFF_SRCRT) { 562 log(LOG_ERR, "Source routed tunnels not supported\n"); 563 return (EOPNOTSUPP); 564 } 565 566 /* Create a fake encapsulation interface. */ 567 ifp = (struct ifnet *)malloc(sizeof(*ifp), M_MRTABLE, M_WAITOK); 568 bzero(ifp, sizeof(*ifp)); 569 sprintf(ifp->if_xname, "mdecap%d", vifcp->vifc_vifi); 570 571 /* Prepare cached route entry. */ 572 bzero(&vifp->v_route, sizeof(vifp->v_route)); 573 574 /* Tell mrt_ipip_input() to start looking at encapsulated packets. */ 575 have_encap_tunnel = 1; 576 } else { 577 /* Use the physical interface associated with the address. */ 578 ifp = ifa->ifa_ifp; 579 580 /* Make sure the interface supports multicast. */ 581 if ((ifp->if_flags & IFF_MULTICAST) == 0) 582 return (EOPNOTSUPP); 583 584 /* Enable promiscuous reception of all IP multicasts. */ 585 satosin(&ifr.ifr_addr)->sin_len = sizeof(struct sockaddr_in); 586 satosin(&ifr.ifr_addr)->sin_family = AF_INET; 587 satosin(&ifr.ifr_addr)->sin_addr = zeroin_addr; 588 error = (*ifp->if_ioctl)(ifp, SIOCADDMULTI, (caddr_t)&ifr); 589 if (error) 590 return (error); 591 } 592 593 s = splsoftnet(); 594 595 /* Define parameters for the tbf structure. */ 596 vifp->tbf_q = 0; 597 vifp->tbf_t = &vifp->tbf_q; 598 microtime(&vifp->tbf_last_pkt_t); 599 vifp->tbf_n_tok = 0; 600 vifp->tbf_q_len = 0; 601 vifp->tbf_max_q_len = MAXQSIZE; 602 603 vifp->v_flags = vifcp->vifc_flags; 604 vifp->v_threshold = vifcp->vifc_threshold; 605 /* scaling up here allows division by 1024 in critical code */ 606 vifp->v_rate_limit = vifcp->vifc_rate_limit * 1024 / 1000; 607 vifp->v_lcl_addr = vifcp->vifc_lcl_addr; 608 vifp->v_rmt_addr = vifcp->vifc_rmt_addr; 609 vifp->v_ifp = ifp; 610 /* Initialize per vif pkt counters. */ 611 vifp->v_pkt_in = 0; 612 vifp->v_pkt_out = 0; 613 vifp->v_bytes_in = 0; 614 vifp->v_bytes_out = 0; 615 616 callout_init(&vifp->v_repq_ch); 617 618 #ifdef RSVP_ISI 619 vifp->v_rsvp_on = 0; 620 vifp->v_rsvpd = 0; 621 #endif /* RSVP_ISI */ 622 623 splx(s); 624 625 /* Adjust numvifs up if the vifi is higher than numvifs. */ 626 if (numvifs <= vifcp->vifc_vifi) 627 numvifs = vifcp->vifc_vifi + 1; 628 629 if (mrtdebug) 630 log(LOG_DEBUG, "add_vif #%d, lcladdr %x, %s %x, thresh %x, rate %d\n", 631 vifcp->vifc_vifi, 632 ntohl(vifcp->vifc_lcl_addr.s_addr), 633 (vifcp->vifc_flags & VIFF_TUNNEL) ? "rmtaddr" : "mask", 634 ntohl(vifcp->vifc_rmt_addr.s_addr), 635 vifcp->vifc_threshold, 636 vifcp->vifc_rate_limit); 637 638 return (0); 639 } 640 641 void 642 reset_vif(vifp) 643 struct vif *vifp; 644 { 645 struct mbuf *m, *n; 646 struct ifnet *ifp; 647 struct ifreq ifr; 648 649 callout_stop(&vifp->v_repq_ch); 650 651 for (m = vifp->tbf_q; m != 0; m = n) { 652 n = m->m_nextpkt; 653 m_freem(m); 654 } 655 656 if (vifp->v_flags & VIFF_TUNNEL) { 657 free(vifp->v_ifp, M_MRTABLE); 658 if (vifp == last_encap_vif) { 659 last_encap_vif = 0; 660 last_encap_src = zeroin_addr; 661 } 662 } else { 663 satosin(&ifr.ifr_addr)->sin_len = sizeof(struct sockaddr_in); 664 satosin(&ifr.ifr_addr)->sin_family = AF_INET; 665 satosin(&ifr.ifr_addr)->sin_addr = zeroin_addr; 666 ifp = vifp->v_ifp; 667 (*ifp->if_ioctl)(ifp, SIOCDELMULTI, (caddr_t)&ifr); 668 } 669 bzero((caddr_t)vifp, sizeof(*vifp)); 670 } 671 672 /* 673 * Delete a vif from the vif table 674 */ 675 static int 676 del_vif(m) 677 struct mbuf *m; 678 { 679 vifi_t *vifip; 680 struct vif *vifp; 681 vifi_t vifi; 682 int s; 683 684 if (m == 0 || m->m_len < sizeof(vifi_t)) 685 return (EINVAL); 686 687 vifip = mtod(m, vifi_t *); 688 if (*vifip >= numvifs) 689 return (EINVAL); 690 691 vifp = &viftable[*vifip]; 692 if (in_nullhost(vifp->v_lcl_addr)) 693 return (EADDRNOTAVAIL); 694 695 s = splsoftnet(); 696 697 reset_vif(vifp); 698 699 /* Adjust numvifs down */ 700 for (vifi = numvifs; vifi > 0; vifi--) 701 if (!in_nullhost(viftable[vifi-1].v_lcl_addr)) 702 break; 703 numvifs = vifi; 704 705 splx(s); 706 707 if (mrtdebug) 708 log(LOG_DEBUG, "del_vif %d, numvifs %d\n", *vifip, numvifs); 709 710 return (0); 711 } 712 713 static void 714 update_mfc(mfccp, rt) 715 struct mfcctl *mfccp; 716 struct mfc *rt; 717 { 718 vifi_t vifi; 719 720 rt->mfc_parent = mfccp->mfcc_parent; 721 for (vifi = 0; vifi < numvifs; vifi++) 722 rt->mfc_ttls[vifi] = mfccp->mfcc_ttls[vifi]; 723 rt->mfc_expire = 0; 724 rt->mfc_stall = 0; 725 } 726 727 static void 728 expire_mfc(rt) 729 struct mfc *rt; 730 { 731 struct rtdetq *rte, *nrte; 732 733 for (rte = rt->mfc_stall; rte != 0; rte = nrte) { 734 nrte = rte->next; 735 m_freem(rte->m); 736 free(rte, M_MRTABLE); 737 } 738 739 LIST_REMOVE(rt, mfc_hash); 740 free(rt, M_MRTABLE); 741 } 742 743 /* 744 * Add an mfc entry 745 */ 746 static int 747 add_mfc(m) 748 struct mbuf *m; 749 { 750 struct mfcctl *mfccp; 751 struct mfc *rt; 752 u_int32_t hash = 0; 753 struct rtdetq *rte, *nrte; 754 u_short nstl; 755 int s; 756 757 if (m == 0 || m->m_len < sizeof(struct mfcctl)) 758 return (EINVAL); 759 760 mfccp = mtod(m, struct mfcctl *); 761 762 s = splsoftnet(); 763 MFCFIND(mfccp->mfcc_origin, mfccp->mfcc_mcastgrp, rt); 764 765 /* If an entry already exists, just update the fields */ 766 if (rt) { 767 if (mrtdebug & DEBUG_MFC) 768 log(LOG_DEBUG,"add_mfc update o %x g %x p %x\n", 769 ntohl(mfccp->mfcc_origin.s_addr), 770 ntohl(mfccp->mfcc_mcastgrp.s_addr), 771 mfccp->mfcc_parent); 772 773 if (rt->mfc_expire) 774 nexpire[hash]--; 775 776 update_mfc(mfccp, rt); 777 778 splx(s); 779 return (0); 780 } 781 782 /* 783 * Find the entry for which the upcall was made and update 784 */ 785 nstl = 0; 786 hash = MFCHASH(mfccp->mfcc_origin, mfccp->mfcc_mcastgrp); 787 for (rt = mfchashtbl[hash].lh_first; rt; rt = rt->mfc_hash.le_next) { 788 if (in_hosteq(rt->mfc_origin, mfccp->mfcc_origin) && 789 in_hosteq(rt->mfc_mcastgrp, mfccp->mfcc_mcastgrp) && 790 rt->mfc_stall != 0) { 791 if (nstl++) 792 log(LOG_ERR, "add_mfc %s o %x g %x p %x dbx %p\n", 793 "multiple kernel entries", 794 ntohl(mfccp->mfcc_origin.s_addr), 795 ntohl(mfccp->mfcc_mcastgrp.s_addr), 796 mfccp->mfcc_parent, rt->mfc_stall); 797 798 if (mrtdebug & DEBUG_MFC) 799 log(LOG_DEBUG,"add_mfc o %x g %x p %x dbg %p\n", 800 ntohl(mfccp->mfcc_origin.s_addr), 801 ntohl(mfccp->mfcc_mcastgrp.s_addr), 802 mfccp->mfcc_parent, rt->mfc_stall); 803 804 if (rt->mfc_expire) 805 nexpire[hash]--; 806 807 rte = rt->mfc_stall; 808 update_mfc(mfccp, rt); 809 810 /* free packets Qed at the end of this entry */ 811 for (; rte != 0; rte = nrte) { 812 nrte = rte->next; 813 #ifdef RSVP_ISI 814 ip_mdq(rte->m, rte->ifp, rt, -1); 815 #else 816 ip_mdq(rte->m, rte->ifp, rt); 817 #endif /* RSVP_ISI */ 818 m_freem(rte->m); 819 #ifdef UPCALL_TIMING 820 collate(&rte->t); 821 #endif /* UPCALL_TIMING */ 822 free(rte, M_MRTABLE); 823 } 824 } 825 } 826 827 if (nstl == 0) { 828 /* 829 * No mfc; make a new one 830 */ 831 if (mrtdebug & DEBUG_MFC) 832 log(LOG_DEBUG,"add_mfc no upcall o %x g %x p %x\n", 833 ntohl(mfccp->mfcc_origin.s_addr), 834 ntohl(mfccp->mfcc_mcastgrp.s_addr), 835 mfccp->mfcc_parent); 836 837 rt = (struct mfc *)malloc(sizeof(*rt), M_MRTABLE, M_NOWAIT); 838 if (rt == 0) { 839 splx(s); 840 return (ENOBUFS); 841 } 842 843 rt->mfc_origin = mfccp->mfcc_origin; 844 rt->mfc_mcastgrp = mfccp->mfcc_mcastgrp; 845 /* initialize pkt counters per src-grp */ 846 rt->mfc_pkt_cnt = 0; 847 rt->mfc_byte_cnt = 0; 848 rt->mfc_wrong_if = 0; 849 timerclear(&rt->mfc_last_assert); 850 update_mfc(mfccp, rt); 851 852 /* insert new entry at head of hash chain */ 853 LIST_INSERT_HEAD(&mfchashtbl[hash], rt, mfc_hash); 854 } 855 856 splx(s); 857 return (0); 858 } 859 860 #ifdef UPCALL_TIMING 861 /* 862 * collect delay statistics on the upcalls 863 */ 864 static void collate(t) 865 struct timeval *t; 866 { 867 u_int32_t d; 868 struct timeval tp; 869 u_int32_t delta; 870 871 microtime(&tp); 872 873 if (timercmp(t, &tp, <)) { 874 TV_DELTA(tp, *t, delta); 875 876 d = delta >> 10; 877 if (d > 50) 878 d = 50; 879 880 ++upcall_data[d]; 881 } 882 } 883 #endif /* UPCALL_TIMING */ 884 885 /* 886 * Delete an mfc entry 887 */ 888 static int 889 del_mfc(m) 890 struct mbuf *m; 891 { 892 struct mfcctl *mfccp; 893 struct mfc *rt; 894 int s; 895 896 if (m == 0 || m->m_len < sizeof(struct mfcctl)) 897 return (EINVAL); 898 899 mfccp = mtod(m, struct mfcctl *); 900 901 if (mrtdebug & DEBUG_MFC) 902 log(LOG_DEBUG, "del_mfc origin %x mcastgrp %x\n", 903 ntohl(mfccp->mfcc_origin.s_addr), 904 ntohl(mfccp->mfcc_mcastgrp.s_addr)); 905 906 s = splsoftnet(); 907 908 MFCFIND(mfccp->mfcc_origin, mfccp->mfcc_mcastgrp, rt); 909 if (rt == 0) { 910 splx(s); 911 return (EADDRNOTAVAIL); 912 } 913 914 LIST_REMOVE(rt, mfc_hash); 915 free(rt, M_MRTABLE); 916 917 splx(s); 918 return (0); 919 } 920 921 static int 922 socket_send(s, mm, src) 923 struct socket *s; 924 struct mbuf *mm; 925 struct sockaddr_in *src; 926 { 927 if (s) { 928 if (sbappendaddr(&s->so_rcv, sintosa(src), mm, (struct mbuf *)0) != 0) { 929 sorwakeup(s); 930 return (0); 931 } 932 } 933 m_freem(mm); 934 return (-1); 935 } 936 937 /* 938 * IP multicast forwarding function. This function assumes that the packet 939 * pointed to by "ip" has arrived on (or is about to be sent to) the interface 940 * pointed to by "ifp", and the packet is to be relayed to other networks 941 * that have members of the packet's destination IP multicast group. 942 * 943 * The packet is returned unscathed to the caller, unless it is 944 * erroneous, in which case a non-zero return value tells the caller to 945 * discard it. 946 */ 947 948 #define IP_HDR_LEN 20 /* # bytes of fixed IP header (excluding options) */ 949 #define TUNNEL_LEN 12 /* # bytes of IP option for tunnel encapsulation */ 950 951 int 952 #ifdef RSVP_ISI 953 ip_mforward(m, ifp, imo) 954 #else 955 ip_mforward(m, ifp) 956 #endif /* RSVP_ISI */ 957 struct mbuf *m; 958 struct ifnet *ifp; 959 #ifdef RSVP_ISI 960 struct ip_moptions *imo; 961 #endif /* RSVP_ISI */ 962 { 963 struct ip *ip = mtod(m, struct ip *); 964 struct mfc *rt; 965 u_char *ipoptions; 966 static int srctun = 0; 967 struct mbuf *mm; 968 int s; 969 #ifdef RSVP_ISI 970 struct vif *vifp; 971 vifi_t vifi; 972 #endif /* RSVP_ISI */ 973 974 if (mrtdebug & DEBUG_FORWARD) 975 log(LOG_DEBUG, "ip_mforward: src %x, dst %x, ifp %p\n", 976 ntohl(ip->ip_src.s_addr), ntohl(ip->ip_dst.s_addr), ifp); 977 978 if (ip->ip_hl < (IP_HDR_LEN + TUNNEL_LEN) >> 2 || 979 (ipoptions = (u_char *)(ip + 1))[1] != IPOPT_LSRR) { 980 /* 981 * Packet arrived via a physical interface or 982 * an encapuslated tunnel. 983 */ 984 } else { 985 /* 986 * Packet arrived through a source-route tunnel. 987 * Source-route tunnels are no longer supported. 988 */ 989 if ((srctun++ % 1000) == 0) 990 log(LOG_ERR, "ip_mforward: received source-routed packet from %x\n", 991 ntohl(ip->ip_src.s_addr)); 992 993 return (1); 994 } 995 996 #ifdef RSVP_ISI 997 if (imo && ((vifi = imo->imo_multicast_vif) < numvifs)) { 998 if (ip->ip_ttl < 255) 999 ip->ip_ttl++; /* compensate for -1 in *_send routines */ 1000 if (rsvpdebug && ip->ip_p == IPPROTO_RSVP) { 1001 vifp = viftable + vifi; 1002 printf("Sending IPPROTO_RSVP from %x to %x on vif %d (%s%s)\n", 1003 ntohl(ip->ip_src), ntohl(ip->ip_dst), vifi, 1004 (vifp->v_flags & VIFF_TUNNEL) ? "tunnel on " : "", 1005 vifp->v_ifp->if_xname); 1006 } 1007 return (ip_mdq(m, ifp, (struct mfc *)0, vifi)); 1008 } 1009 if (rsvpdebug && ip->ip_p == IPPROTO_RSVP) { 1010 printf("Warning: IPPROTO_RSVP from %x to %x without vif option\n", 1011 ntohl(ip->ip_src), ntohl(ip->ip_dst)); 1012 } 1013 #endif /* RSVP_ISI */ 1014 1015 /* 1016 * Don't forward a packet with time-to-live of zero or one, 1017 * or a packet destined to a local-only group. 1018 */ 1019 if (ip->ip_ttl <= 1 || 1020 IN_LOCAL_GROUP(ip->ip_dst.s_addr)) 1021 return (0); 1022 1023 /* 1024 * Determine forwarding vifs from the forwarding cache table 1025 */ 1026 s = splsoftnet(); 1027 MFCFIND(ip->ip_src, ip->ip_dst, rt); 1028 1029 /* Entry exists, so forward if necessary */ 1030 if (rt != 0) { 1031 splx(s); 1032 #ifdef RSVP_ISI 1033 return (ip_mdq(m, ifp, rt, -1)); 1034 #else 1035 return (ip_mdq(m, ifp, rt)); 1036 #endif /* RSVP_ISI */ 1037 } else { 1038 /* 1039 * If we don't have a route for packet's origin, 1040 * Make a copy of the packet & 1041 * send message to routing daemon 1042 */ 1043 1044 struct mbuf *mb0; 1045 struct rtdetq *rte; 1046 u_int32_t hash; 1047 int hlen = ip->ip_hl << 2; 1048 #ifdef UPCALL_TIMING 1049 struct timeval tp; 1050 1051 microtime(&tp); 1052 #endif /* UPCALL_TIMING */ 1053 1054 mrtstat.mrts_no_route++; 1055 if (mrtdebug & (DEBUG_FORWARD | DEBUG_MFC)) 1056 log(LOG_DEBUG, "ip_mforward: no rte s %x g %x\n", 1057 ntohl(ip->ip_src.s_addr), 1058 ntohl(ip->ip_dst.s_addr)); 1059 1060 /* 1061 * Allocate mbufs early so that we don't do extra work if we are 1062 * just going to fail anyway. Make sure to pullup the header so 1063 * that other people can't step on it. 1064 */ 1065 rte = (struct rtdetq *)malloc(sizeof(*rte), M_MRTABLE, M_NOWAIT); 1066 if (rte == 0) { 1067 splx(s); 1068 return (ENOBUFS); 1069 } 1070 mb0 = m_copy(m, 0, M_COPYALL); 1071 M_PULLUP(mb0, hlen); 1072 if (mb0 == 0) { 1073 free(rte, M_MRTABLE); 1074 splx(s); 1075 return (ENOBUFS); 1076 } 1077 1078 /* is there an upcall waiting for this packet? */ 1079 hash = MFCHASH(ip->ip_src, ip->ip_dst); 1080 for (rt = mfchashtbl[hash].lh_first; rt; rt = rt->mfc_hash.le_next) { 1081 if (in_hosteq(ip->ip_src, rt->mfc_origin) && 1082 in_hosteq(ip->ip_dst, rt->mfc_mcastgrp) && 1083 rt->mfc_stall != 0) 1084 break; 1085 } 1086 1087 if (rt == 0) { 1088 int i; 1089 struct igmpmsg *im; 1090 1091 /* no upcall, so make a new entry */ 1092 rt = (struct mfc *)malloc(sizeof(*rt), M_MRTABLE, M_NOWAIT); 1093 if (rt == 0) { 1094 free(rte, M_MRTABLE); 1095 m_freem(mb0); 1096 splx(s); 1097 return (ENOBUFS); 1098 } 1099 /* Make a copy of the header to send to the user level process */ 1100 mm = m_copy(m, 0, hlen); 1101 M_PULLUP(mm, hlen); 1102 if (mm == 0) { 1103 free(rte, M_MRTABLE); 1104 m_freem(mb0); 1105 free(rt, M_MRTABLE); 1106 splx(s); 1107 return (ENOBUFS); 1108 } 1109 1110 /* 1111 * Send message to routing daemon to install 1112 * a route into the kernel table 1113 */ 1114 sin.sin_addr = ip->ip_src; 1115 1116 im = mtod(mm, struct igmpmsg *); 1117 im->im_msgtype = IGMPMSG_NOCACHE; 1118 im->im_mbz = 0; 1119 1120 mrtstat.mrts_upcalls++; 1121 1122 if (socket_send(ip_mrouter, mm, &sin) < 0) { 1123 log(LOG_WARNING, "ip_mforward: ip_mrouter socket queue full\n"); 1124 ++mrtstat.mrts_upq_sockfull; 1125 free(rte, M_MRTABLE); 1126 m_freem(mb0); 1127 free(rt, M_MRTABLE); 1128 splx(s); 1129 return (ENOBUFS); 1130 } 1131 1132 /* insert new entry at head of hash chain */ 1133 rt->mfc_origin = ip->ip_src; 1134 rt->mfc_mcastgrp = ip->ip_dst; 1135 rt->mfc_pkt_cnt = 0; 1136 rt->mfc_byte_cnt = 0; 1137 rt->mfc_wrong_if = 0; 1138 rt->mfc_expire = UPCALL_EXPIRE; 1139 nexpire[hash]++; 1140 for (i = 0; i < numvifs; i++) 1141 rt->mfc_ttls[i] = 0; 1142 rt->mfc_parent = -1; 1143 1144 /* link into table */ 1145 LIST_INSERT_HEAD(&mfchashtbl[hash], rt, mfc_hash); 1146 /* Add this entry to the end of the queue */ 1147 rt->mfc_stall = rte; 1148 } else { 1149 /* determine if q has overflowed */ 1150 struct rtdetq **p; 1151 int npkts = 0; 1152 1153 for (p = &rt->mfc_stall; *p != 0; p = &(*p)->next) 1154 if (++npkts > MAX_UPQ) { 1155 mrtstat.mrts_upq_ovflw++; 1156 free(rte, M_MRTABLE); 1157 m_freem(mb0); 1158 splx(s); 1159 return (0); 1160 } 1161 1162 /* Add this entry to the end of the queue */ 1163 *p = rte; 1164 } 1165 1166 rte->next = 0; 1167 rte->m = mb0; 1168 rte->ifp = ifp; 1169 #ifdef UPCALL_TIMING 1170 rte->t = tp; 1171 #endif /* UPCALL_TIMING */ 1172 1173 1174 splx(s); 1175 1176 return (0); 1177 } 1178 } 1179 1180 1181 /*ARGSUSED*/ 1182 static void 1183 expire_upcalls(v) 1184 void *v; 1185 { 1186 int i; 1187 int s; 1188 1189 s = splsoftnet(); 1190 1191 for (i = 0; i < MFCTBLSIZ; i++) { 1192 struct mfc *rt, *nrt; 1193 1194 if (nexpire[i] == 0) 1195 continue; 1196 1197 for (rt = mfchashtbl[i].lh_first; rt; rt = nrt) { 1198 nrt = rt->mfc_hash.le_next; 1199 1200 if (rt->mfc_expire == 0 || 1201 --rt->mfc_expire > 0) 1202 continue; 1203 nexpire[i]--; 1204 1205 ++mrtstat.mrts_cache_cleanups; 1206 if (mrtdebug & DEBUG_EXPIRE) 1207 log(LOG_DEBUG, 1208 "expire_upcalls: expiring (%x %x)\n", 1209 ntohl(rt->mfc_origin.s_addr), 1210 ntohl(rt->mfc_mcastgrp.s_addr)); 1211 1212 expire_mfc(rt); 1213 } 1214 } 1215 1216 splx(s); 1217 callout_reset(&expire_upcalls_ch, EXPIRE_TIMEOUT, 1218 expire_upcalls, NULL); 1219 } 1220 1221 /* 1222 * Packet forwarding routine once entry in the cache is made 1223 */ 1224 static int 1225 #ifdef RSVP_ISI 1226 ip_mdq(m, ifp, rt, xmt_vif) 1227 #else 1228 ip_mdq(m, ifp, rt) 1229 #endif /* RSVP_ISI */ 1230 struct mbuf *m; 1231 struct ifnet *ifp; 1232 struct mfc *rt; 1233 #ifdef RSVP_ISI 1234 vifi_t xmt_vif; 1235 #endif /* RSVP_ISI */ 1236 { 1237 struct ip *ip = mtod(m, struct ip *); 1238 vifi_t vifi; 1239 struct vif *vifp; 1240 int plen = ntohs(ip->ip_len); 1241 1242 /* 1243 * Macro to send packet on vif. Since RSVP packets don't get counted on 1244 * input, they shouldn't get counted on output, so statistics keeping is 1245 * seperate. 1246 */ 1247 #define MC_SEND(ip,vifp,m) { \ 1248 if ((vifp)->v_flags & VIFF_TUNNEL) \ 1249 encap_send((ip), (vifp), (m)); \ 1250 else \ 1251 phyint_send((ip), (vifp), (m)); \ 1252 } 1253 1254 #ifdef RSVP_ISI 1255 /* 1256 * If xmt_vif is not -1, send on only the requested vif. 1257 * 1258 * (since vifi_t is u_short, -1 becomes MAXUSHORT, which > numvifs. 1259 */ 1260 if (xmt_vif < numvifs) { 1261 MC_SEND(ip, viftable + xmt_vif, m); 1262 return (1); 1263 } 1264 #endif /* RSVP_ISI */ 1265 1266 /* 1267 * Don't forward if it didn't arrive from the parent vif for its origin. 1268 */ 1269 vifi = rt->mfc_parent; 1270 if ((vifi >= numvifs) || (viftable[vifi].v_ifp != ifp)) { 1271 /* came in the wrong interface */ 1272 if (mrtdebug & DEBUG_FORWARD) 1273 log(LOG_DEBUG, "wrong if: ifp %p vifi %d vififp %p\n", 1274 ifp, vifi, viftable[vifi].v_ifp); 1275 ++mrtstat.mrts_wrong_if; 1276 ++rt->mfc_wrong_if; 1277 /* 1278 * If we are doing PIM assert processing, and we are forwarding 1279 * packets on this interface, and it is a broadcast medium 1280 * interface (and not a tunnel), send a message to the routing daemon. 1281 */ 1282 if (pim_assert && rt->mfc_ttls[vifi] && 1283 (ifp->if_flags & IFF_BROADCAST) && 1284 !(viftable[vifi].v_flags & VIFF_TUNNEL)) { 1285 struct mbuf *mm; 1286 struct igmpmsg *im; 1287 int hlen = ip->ip_hl << 2; 1288 struct timeval now; 1289 u_int32_t delta; 1290 1291 microtime(&now); 1292 1293 TV_DELTA(rt->mfc_last_assert, now, delta); 1294 1295 if (delta > ASSERT_MSG_TIME) { 1296 mm = m_copy(m, 0, hlen); 1297 M_PULLUP(mm, hlen); 1298 if (mm == 0) { 1299 return (ENOBUFS); 1300 } 1301 1302 rt->mfc_last_assert = now; 1303 1304 im = mtod(mm, struct igmpmsg *); 1305 im->im_msgtype = IGMPMSG_WRONGVIF; 1306 im->im_mbz = 0; 1307 im->im_vif = vifi; 1308 1309 sin.sin_addr = im->im_src; 1310 1311 socket_send(ip_mrouter, mm, &sin); 1312 } 1313 } 1314 return (0); 1315 } 1316 1317 /* If I sourced this packet, it counts as output, else it was input. */ 1318 if (in_hosteq(ip->ip_src, viftable[vifi].v_lcl_addr)) { 1319 viftable[vifi].v_pkt_out++; 1320 viftable[vifi].v_bytes_out += plen; 1321 } else { 1322 viftable[vifi].v_pkt_in++; 1323 viftable[vifi].v_bytes_in += plen; 1324 } 1325 rt->mfc_pkt_cnt++; 1326 rt->mfc_byte_cnt += plen; 1327 1328 /* 1329 * For each vif, decide if a copy of the packet should be forwarded. 1330 * Forward if: 1331 * - the ttl exceeds the vif's threshold 1332 * - there are group members downstream on interface 1333 */ 1334 for (vifp = viftable, vifi = 0; vifi < numvifs; vifp++, vifi++) 1335 if ((rt->mfc_ttls[vifi] > 0) && 1336 (ip->ip_ttl > rt->mfc_ttls[vifi])) { 1337 vifp->v_pkt_out++; 1338 vifp->v_bytes_out += plen; 1339 MC_SEND(ip, vifp, m); 1340 } 1341 1342 return (0); 1343 } 1344 1345 #ifdef RSVP_ISI 1346 /* 1347 * check if a vif number is legal/ok. This is used by ip_output, to export 1348 * numvifs there, 1349 */ 1350 int 1351 legal_vif_num(vif) 1352 int vif; 1353 { 1354 if (vif >= 0 && vif < numvifs) 1355 return (1); 1356 else 1357 return (0); 1358 } 1359 #endif /* RSVP_ISI */ 1360 1361 static void 1362 phyint_send(ip, vifp, m) 1363 struct ip *ip; 1364 struct vif *vifp; 1365 struct mbuf *m; 1366 { 1367 struct mbuf *mb_copy; 1368 int hlen = ip->ip_hl << 2; 1369 1370 /* 1371 * Make a new reference to the packet; make sure that 1372 * the IP header is actually copied, not just referenced, 1373 * so that ip_output() only scribbles on the copy. 1374 */ 1375 mb_copy = m_copy(m, 0, M_COPYALL); 1376 M_PULLUP(mb_copy, hlen); 1377 if (mb_copy == 0) 1378 return; 1379 1380 if (vifp->v_rate_limit <= 0) 1381 tbf_send_packet(vifp, mb_copy); 1382 else 1383 tbf_control(vifp, mb_copy, mtod(mb_copy, struct ip *), ip->ip_len); 1384 } 1385 1386 static void 1387 encap_send(ip, vifp, m) 1388 struct ip *ip; 1389 struct vif *vifp; 1390 struct mbuf *m; 1391 { 1392 struct mbuf *mb_copy; 1393 struct ip *ip_copy; 1394 int i, len = ip->ip_len + sizeof(multicast_encap_iphdr); 1395 1396 /* 1397 * copy the old packet & pullup it's IP header into the 1398 * new mbuf so we can modify it. Try to fill the new 1399 * mbuf since if we don't the ethernet driver will. 1400 */ 1401 MGETHDR(mb_copy, M_DONTWAIT, MT_DATA); 1402 if (mb_copy == 0) 1403 return; 1404 mb_copy->m_data += max_linkhdr; 1405 mb_copy->m_pkthdr.len = len; 1406 mb_copy->m_len = sizeof(multicast_encap_iphdr); 1407 1408 if ((mb_copy->m_next = m_copy(m, 0, M_COPYALL)) == 0) { 1409 m_freem(mb_copy); 1410 return; 1411 } 1412 i = MHLEN - max_linkhdr; 1413 if (i > len) 1414 i = len; 1415 mb_copy = m_pullup(mb_copy, i); 1416 if (mb_copy == 0) 1417 return; 1418 1419 /* 1420 * fill in the encapsulating IP header. 1421 */ 1422 ip_copy = mtod(mb_copy, struct ip *); 1423 *ip_copy = multicast_encap_iphdr; 1424 ip_copy->ip_id = htons(ip_id++); 1425 ip_copy->ip_len = len; 1426 ip_copy->ip_src = vifp->v_lcl_addr; 1427 ip_copy->ip_dst = vifp->v_rmt_addr; 1428 1429 /* 1430 * turn the encapsulated IP header back into a valid one. 1431 */ 1432 ip = (struct ip *)((caddr_t)ip_copy + sizeof(multicast_encap_iphdr)); 1433 --ip->ip_ttl; 1434 HTONS(ip->ip_len); 1435 HTONS(ip->ip_off); 1436 ip->ip_sum = 0; 1437 #if defined(LBL) && !defined(ultrix) && !defined(i386) 1438 ip->ip_sum = ~oc_cksum((caddr_t)ip, ip->ip_hl << 2, 0); 1439 #else 1440 mb_copy->m_data += sizeof(multicast_encap_iphdr); 1441 ip->ip_sum = in_cksum(mb_copy, ip->ip_hl << 2); 1442 mb_copy->m_data -= sizeof(multicast_encap_iphdr); 1443 #endif 1444 1445 if (vifp->v_rate_limit <= 0) 1446 tbf_send_packet(vifp, mb_copy); 1447 else 1448 tbf_control(vifp, mb_copy, ip, ip_copy->ip_len); 1449 } 1450 1451 /* 1452 * De-encapsulate a packet and feed it back through ip input (this 1453 * routine is called whenever IP gets a packet with proto type 1454 * ENCAP_PROTO and a local destination address). 1455 * 1456 * Return 1 if we handled the packet, 0 if we did not. 1457 * 1458 * Called from ipip_input(). 1459 */ 1460 int 1461 mrt_ipip_input(m, hlen) 1462 struct mbuf *m; 1463 int hlen; 1464 { 1465 struct ip *ip = mtod(m, struct ip *); 1466 int s; 1467 struct ifqueue *ifq; 1468 struct vif *vifp; 1469 1470 if (!have_encap_tunnel) 1471 return (0); 1472 1473 /* 1474 * dump the packet if it's not to a multicast destination or if 1475 * we don't have an encapsulating tunnel with the source. 1476 * Note: This code assumes that the remote site IP address 1477 * uniquely identifies the tunnel (i.e., that this site has 1478 * at most one tunnel with the remote site). 1479 */ 1480 if (!IN_MULTICAST(((struct ip *)((char *)ip + hlen))->ip_dst.s_addr)) { 1481 ++mrtstat.mrts_bad_tunnel; 1482 return (0); 1483 } 1484 1485 if (!in_hosteq(ip->ip_src, last_encap_src)) { 1486 struct vif *vife; 1487 1488 vifp = viftable; 1489 vife = vifp + numvifs; 1490 for (; vifp < vife; vifp++) 1491 if (vifp->v_flags & VIFF_TUNNEL && 1492 in_hosteq(vifp->v_rmt_addr, ip->ip_src)) 1493 break; 1494 if (vifp == vife) { 1495 mrtstat.mrts_cant_tunnel++; /*XXX*/ 1496 if (mrtdebug) 1497 log(LOG_DEBUG, 1498 "ip_mforward: no tunnel with %x\n", 1499 ntohl(ip->ip_src.s_addr)); 1500 return (0); 1501 } 1502 last_encap_vif = vifp; 1503 last_encap_src = ip->ip_src; 1504 } else 1505 vifp = last_encap_vif; 1506 1507 m->m_data += hlen; 1508 m->m_len -= hlen; 1509 m->m_pkthdr.len -= hlen; 1510 m->m_pkthdr.rcvif = vifp->v_ifp; 1511 ifq = &ipintrq; 1512 s = splimp(); 1513 if (IF_QFULL(ifq)) { 1514 IF_DROP(ifq); 1515 m_freem(m); 1516 } else { 1517 IF_ENQUEUE(ifq, m); 1518 /* 1519 * normally we would need a "schednetisr(NETISR_IP)" 1520 * here but we were called by ip_input and it is going 1521 * to loop back & try to dequeue the packet we just 1522 * queued as soon as we return so we avoid the 1523 * unnecessary software interrrupt. 1524 */ 1525 } 1526 splx(s); 1527 return (1); 1528 } 1529 1530 /* 1531 * Token bucket filter module 1532 */ 1533 static void 1534 tbf_control(vifp, m, ip, len) 1535 struct vif *vifp; 1536 struct mbuf *m; 1537 struct ip *ip; 1538 u_int32_t len; 1539 { 1540 1541 if (len > MAX_BKT_SIZE) { 1542 /* drop if packet is too large */ 1543 mrtstat.mrts_pkt2large++; 1544 m_freem(m); 1545 return; 1546 } 1547 1548 tbf_update_tokens(vifp); 1549 1550 /* 1551 * If there are enough tokens, and the queue is empty, send this packet 1552 * out immediately. Otherwise, try to insert it on this vif's queue. 1553 */ 1554 if (vifp->tbf_q_len == 0) { 1555 if (len <= vifp->tbf_n_tok) { 1556 vifp->tbf_n_tok -= len; 1557 tbf_send_packet(vifp, m); 1558 } else { 1559 /* queue packet and timeout till later */ 1560 tbf_queue(vifp, m); 1561 callout_reset(&vifp->v_repq_ch, TBF_REPROCESS, 1562 tbf_reprocess_q, vifp); 1563 } 1564 } else { 1565 if (vifp->tbf_q_len >= vifp->tbf_max_q_len && 1566 !tbf_dq_sel(vifp, ip)) { 1567 /* queue length too much, and couldn't make room */ 1568 mrtstat.mrts_q_overflow++; 1569 m_freem(m); 1570 } else { 1571 /* queue length low enough, or made room */ 1572 tbf_queue(vifp, m); 1573 tbf_process_q(vifp); 1574 } 1575 } 1576 } 1577 1578 /* 1579 * adds a packet to the queue at the interface 1580 */ 1581 static void 1582 tbf_queue(vifp, m) 1583 struct vif *vifp; 1584 struct mbuf *m; 1585 { 1586 int s = splsoftnet(); 1587 1588 /* insert at tail */ 1589 *vifp->tbf_t = m; 1590 vifp->tbf_t = &m->m_nextpkt; 1591 vifp->tbf_q_len++; 1592 1593 splx(s); 1594 } 1595 1596 1597 /* 1598 * processes the queue at the interface 1599 */ 1600 static void 1601 tbf_process_q(vifp) 1602 struct vif *vifp; 1603 { 1604 struct mbuf *m; 1605 int len; 1606 int s = splsoftnet(); 1607 1608 /* 1609 * Loop through the queue at the interface and send as many packets 1610 * as possible. 1611 */ 1612 for (m = vifp->tbf_q; 1613 m != 0; 1614 m = vifp->tbf_q) { 1615 len = mtod(m, struct ip *)->ip_len; 1616 1617 /* determine if the packet can be sent */ 1618 if (len <= vifp->tbf_n_tok) { 1619 /* if so, 1620 * reduce no of tokens, dequeue the packet, 1621 * send the packet. 1622 */ 1623 if ((vifp->tbf_q = m->m_nextpkt) == 0) 1624 vifp->tbf_t = &vifp->tbf_q; 1625 --vifp->tbf_q_len; 1626 1627 m->m_nextpkt = 0; 1628 vifp->tbf_n_tok -= len; 1629 tbf_send_packet(vifp, m); 1630 } else 1631 break; 1632 } 1633 splx(s); 1634 } 1635 1636 static void 1637 tbf_reprocess_q(arg) 1638 void *arg; 1639 { 1640 struct vif *vifp = arg; 1641 1642 if (ip_mrouter == 0) 1643 return; 1644 1645 tbf_update_tokens(vifp); 1646 tbf_process_q(vifp); 1647 1648 if (vifp->tbf_q_len != 0) 1649 callout_reset(&vifp->v_repq_ch, TBF_REPROCESS, 1650 tbf_reprocess_q, vifp); 1651 } 1652 1653 /* function that will selectively discard a member of the queue 1654 * based on the precedence value and the priority 1655 */ 1656 static int 1657 tbf_dq_sel(vifp, ip) 1658 struct vif *vifp; 1659 struct ip *ip; 1660 { 1661 u_int p; 1662 struct mbuf **mp, *m; 1663 int s = splsoftnet(); 1664 1665 p = priority(vifp, ip); 1666 1667 for (mp = &vifp->tbf_q, m = *mp; 1668 m != 0; 1669 mp = &m->m_nextpkt, m = *mp) { 1670 if (p > priority(vifp, mtod(m, struct ip *))) { 1671 if ((*mp = m->m_nextpkt) == 0) 1672 vifp->tbf_t = mp; 1673 --vifp->tbf_q_len; 1674 1675 m_freem(m); 1676 mrtstat.mrts_drop_sel++; 1677 splx(s); 1678 return (1); 1679 } 1680 } 1681 splx(s); 1682 return (0); 1683 } 1684 1685 static void 1686 tbf_send_packet(vifp, m) 1687 struct vif *vifp; 1688 struct mbuf *m; 1689 { 1690 int error; 1691 int s = splsoftnet(); 1692 1693 if (vifp->v_flags & VIFF_TUNNEL) { 1694 /* If tunnel options */ 1695 #ifdef IPSEC 1696 /* Don't lookup socket in forwading case */ 1697 ipsec_setsocket(m, NULL); 1698 #endif 1699 ip_output(m, (struct mbuf *)0, &vifp->v_route, 1700 IP_FORWARDING, (struct ip_moptions *)0); 1701 } else { 1702 /* if physical interface option, extract the options and then send */ 1703 struct ip_moptions imo; 1704 1705 imo.imo_multicast_ifp = vifp->v_ifp; 1706 imo.imo_multicast_ttl = mtod(m, struct ip *)->ip_ttl - 1; 1707 imo.imo_multicast_loop = 1; 1708 #ifdef RSVP_ISI 1709 imo.imo_multicast_vif = -1; 1710 #endif 1711 1712 #ifdef IPSEC 1713 /* Don't lookup socket in forwading case */ 1714 ipsec_setsocket(m, NULL); 1715 #endif 1716 error = ip_output(m, (struct mbuf *)0, (struct route *)0, 1717 IP_FORWARDING|IP_MULTICASTOPTS, &imo); 1718 1719 if (mrtdebug & DEBUG_XMIT) 1720 log(LOG_DEBUG, "phyint_send on vif %ld err %d\n", 1721 (long)(vifp-viftable), error); 1722 } 1723 splx(s); 1724 } 1725 1726 /* determine the current time and then 1727 * the elapsed time (between the last time and time now) 1728 * in milliseconds & update the no. of tokens in the bucket 1729 */ 1730 static void 1731 tbf_update_tokens(vifp) 1732 struct vif *vifp; 1733 { 1734 struct timeval tp; 1735 u_int32_t tm; 1736 int s = splsoftnet(); 1737 1738 microtime(&tp); 1739 1740 TV_DELTA(tp, vifp->tbf_last_pkt_t, tm); 1741 1742 /* 1743 * This formula is actually 1744 * "time in seconds" * "bytes/second". 1745 * 1746 * (tm / 1000000) * (v_rate_limit * 1000 * (1000/1024) / 8) 1747 * 1748 * The (1000/1024) was introduced in add_vif to optimize 1749 * this divide into a shift. 1750 */ 1751 vifp->tbf_n_tok += tm * vifp->v_rate_limit / 8192; 1752 vifp->tbf_last_pkt_t = tp; 1753 1754 if (vifp->tbf_n_tok > MAX_BKT_SIZE) 1755 vifp->tbf_n_tok = MAX_BKT_SIZE; 1756 1757 splx(s); 1758 } 1759 1760 static int 1761 priority(vifp, ip) 1762 struct vif *vifp; 1763 struct ip *ip; 1764 { 1765 int prio; 1766 1767 /* temporary hack; may add general packet classifier some day */ 1768 1769 /* 1770 * The UDP port space is divided up into four priority ranges: 1771 * [0, 16384) : unclassified - lowest priority 1772 * [16384, 32768) : audio - highest priority 1773 * [32768, 49152) : whiteboard - medium priority 1774 * [49152, 65536) : video - low priority 1775 */ 1776 if (ip->ip_p == IPPROTO_UDP) { 1777 struct udphdr *udp = (struct udphdr *)(((char *)ip) + (ip->ip_hl << 2)); 1778 1779 switch (ntohs(udp->uh_dport) & 0xc000) { 1780 case 0x4000: 1781 prio = 70; 1782 break; 1783 case 0x8000: 1784 prio = 60; 1785 break; 1786 case 0xc000: 1787 prio = 55; 1788 break; 1789 default: 1790 prio = 50; 1791 break; 1792 } 1793 1794 if (tbfdebug > 1) 1795 log(LOG_DEBUG, "port %x prio %d\n", ntohs(udp->uh_dport), prio); 1796 } else 1797 prio = 50; 1798 1799 1800 return (prio); 1801 } 1802 1803 /* 1804 * End of token bucket filter modifications 1805 */ 1806 1807 #ifdef RSVP_ISI 1808 1809 int 1810 ip_rsvp_vif_init(so, m) 1811 struct socket *so; 1812 struct mbuf *m; 1813 { 1814 int i; 1815 int s; 1816 1817 if (rsvpdebug) 1818 printf("ip_rsvp_vif_init: so_type = %d, pr_protocol = %d\n", 1819 so->so_type, so->so_proto->pr_protocol); 1820 1821 if (so->so_type != SOCK_RAW || so->so_proto->pr_protocol != IPPROTO_RSVP) 1822 return (EOPNOTSUPP); 1823 1824 /* Check mbuf. */ 1825 if (m == 0 || m->m_len != sizeof(int)) { 1826 return (EINVAL); 1827 } 1828 i = *(mtod(m, int *)); 1829 1830 if (rsvpdebug) 1831 printf("ip_rsvp_vif_init: vif = %d rsvp_on = %d\n",i,rsvp_on); 1832 1833 s = splsoftnet(); 1834 1835 /* Check vif. */ 1836 if (!legal_vif_num(i)) { 1837 splx(s); 1838 return (EADDRNOTAVAIL); 1839 } 1840 1841 /* Check if socket is available. */ 1842 if (viftable[i].v_rsvpd != 0) { 1843 splx(s); 1844 return (EADDRINUSE); 1845 } 1846 1847 viftable[i].v_rsvpd = so; 1848 /* This may seem silly, but we need to be sure we don't over-increment 1849 * the RSVP counter, in case something slips up. 1850 */ 1851 if (!viftable[i].v_rsvp_on) { 1852 viftable[i].v_rsvp_on = 1; 1853 rsvp_on++; 1854 } 1855 1856 splx(s); 1857 return (0); 1858 } 1859 1860 int 1861 ip_rsvp_vif_done(so, m) 1862 struct socket *so; 1863 struct mbuf *m; 1864 { 1865 int i; 1866 int s; 1867 1868 if (rsvpdebug) 1869 printf("ip_rsvp_vif_done: so_type = %d, pr_protocol = %d\n", 1870 so->so_type, so->so_proto->pr_protocol); 1871 1872 if (so->so_type != SOCK_RAW || so->so_proto->pr_protocol != IPPROTO_RSVP) 1873 return (EOPNOTSUPP); 1874 1875 /* Check mbuf. */ 1876 if (m == 0 || m->m_len != sizeof(int)) { 1877 return (EINVAL); 1878 } 1879 i = *(mtod(m, int *)); 1880 1881 s = splsoftnet(); 1882 1883 /* Check vif. */ 1884 if (!legal_vif_num(i)) { 1885 splx(s); 1886 return (EADDRNOTAVAIL); 1887 } 1888 1889 if (rsvpdebug) 1890 printf("ip_rsvp_vif_done: v_rsvpd = %x so = %x\n", 1891 viftable[i].v_rsvpd, so); 1892 1893 viftable[i].v_rsvpd = 0; 1894 /* This may seem silly, but we need to be sure we don't over-decrement 1895 * the RSVP counter, in case something slips up. 1896 */ 1897 if (viftable[i].v_rsvp_on) { 1898 viftable[i].v_rsvp_on = 0; 1899 rsvp_on--; 1900 } 1901 1902 splx(s); 1903 return (0); 1904 } 1905 1906 void 1907 ip_rsvp_force_done(so) 1908 struct socket *so; 1909 { 1910 int vifi; 1911 int s; 1912 1913 /* Don't bother if it is not the right type of socket. */ 1914 if (so->so_type != SOCK_RAW || so->so_proto->pr_protocol != IPPROTO_RSVP) 1915 return; 1916 1917 s = splsoftnet(); 1918 1919 /* The socket may be attached to more than one vif...this 1920 * is perfectly legal. 1921 */ 1922 for (vifi = 0; vifi < numvifs; vifi++) { 1923 if (viftable[vifi].v_rsvpd == so) { 1924 viftable[vifi].v_rsvpd = 0; 1925 /* This may seem silly, but we need to be sure we don't 1926 * over-decrement the RSVP counter, in case something slips up. 1927 */ 1928 if (viftable[vifi].v_rsvp_on) { 1929 viftable[vifi].v_rsvp_on = 0; 1930 rsvp_on--; 1931 } 1932 } 1933 } 1934 1935 splx(s); 1936 return; 1937 } 1938 1939 void 1940 rsvp_input(m, ifp) 1941 struct mbuf *m; 1942 struct ifnet *ifp; 1943 { 1944 int vifi; 1945 struct ip *ip = mtod(m, struct ip *); 1946 static struct sockaddr_in rsvp_src = { sizeof(sin), AF_INET }; 1947 int s; 1948 1949 if (rsvpdebug) 1950 printf("rsvp_input: rsvp_on %d\n",rsvp_on); 1951 1952 /* Can still get packets with rsvp_on = 0 if there is a local member 1953 * of the group to which the RSVP packet is addressed. But in this 1954 * case we want to throw the packet away. 1955 */ 1956 if (!rsvp_on) { 1957 m_freem(m); 1958 return; 1959 } 1960 1961 /* If the old-style non-vif-associated socket is set, then use 1962 * it and ignore the new ones. 1963 */ 1964 if (ip_rsvpd != 0) { 1965 if (rsvpdebug) 1966 printf("rsvp_input: Sending packet up old-style socket\n"); 1967 rip_input(m); /*XXX*/ 1968 return; 1969 } 1970 1971 s = splsoftnet(); 1972 1973 if (rsvpdebug) 1974 printf("rsvp_input: check vifs\n"); 1975 1976 /* Find which vif the packet arrived on. */ 1977 for (vifi = 0; vifi < numvifs; vifi++) { 1978 if (viftable[vifi].v_ifp == ifp) 1979 break; 1980 } 1981 1982 if (vifi == numvifs) { 1983 /* Can't find vif packet arrived on. Drop packet. */ 1984 if (rsvpdebug) 1985 printf("rsvp_input: Can't find vif for packet...dropping it.\n"); 1986 m_freem(m); 1987 splx(s); 1988 return; 1989 } 1990 1991 if (rsvpdebug) 1992 printf("rsvp_input: check socket\n"); 1993 1994 if (viftable[vifi].v_rsvpd == 0) { 1995 /* drop packet, since there is no specific socket for this 1996 * interface */ 1997 if (rsvpdebug) 1998 printf("rsvp_input: No socket defined for vif %d\n",vifi); 1999 m_freem(m); 2000 splx(s); 2001 return; 2002 } 2003 2004 rsvp_src.sin_addr = ip->ip_src; 2005 2006 if (rsvpdebug && m) 2007 printf("rsvp_input: m->m_len = %d, sbspace() = %d\n", 2008 m->m_len,sbspace(&viftable[vifi].v_rsvpd->so_rcv)); 2009 2010 if (socket_send(viftable[vifi].v_rsvpd, m, &rsvp_src) < 0) 2011 if (rsvpdebug) 2012 printf("rsvp_input: Failed to append to socket\n"); 2013 else 2014 if (rsvpdebug) 2015 printf("rsvp_input: send packet up\n"); 2016 2017 splx(s); 2018 } 2019 #endif /* RSVP_ISI */ 2020
Indexes created Thu Sep 25 16:09:42 GMT 2025