ip_mroute.c revision 1.51
1 /* $NetBSD: ip_mroute.c,v 1.51 2000/11/08 14:28:15 ad Exp $ */ 2 3 /* 4 * IP multicast forwarding procedures 5 * 6 * Written by David Waitzman, BBN Labs, August 1988. 7 * Modified by Steve Deering, Stanford, February 1989. 8 * Modified by Mark J. Steiglitz, Stanford, May, 1991 9 * Modified by Van Jacobson, LBL, January 1993 10 * Modified by Ajit Thyagarajan, PARC, August 1993 11 * Modified by Bill Fenner, PARC, April 1994 12 * Modified by Charles M. Hannum, NetBSD, May 1995. 13 * 14 * MROUTING Revision: 1.2 15 */ 16 17 #include "opt_ipsec.h" 18 19 #include <sys/param.h> 20 #include <sys/systm.h> 21 #include <sys/callout.h> 22 #include <sys/mbuf.h> 23 #include <sys/socket.h> 24 #include <sys/socketvar.h> 25 #include <sys/protosw.h> 26 #include <sys/errno.h> 27 #include <sys/time.h> 28 #include <sys/kernel.h> 29 #include <sys/ioctl.h> 30 #include <sys/syslog.h> 31 #include <net/if.h> 32 #include <net/route.h> 33 #include <net/raw_cb.h> 34 #include <netinet/in.h> 35 #include <netinet/in_var.h> 36 #include <netinet/in_systm.h> 37 #include <netinet/ip.h> 38 #include <netinet/ip_var.h> 39 #include <netinet/in_pcb.h> 40 #include <netinet/udp.h> 41 #include <netinet/igmp.h> 42 #include <netinet/igmp_var.h> 43 #include <netinet/ip_mroute.h> 44 45 #include <machine/stdarg.h> 46 47 #define IP_MULTICASTOPTS 0 48 #define M_PULLUP(m, len) \ 49 do { \ 50 if ((m) && ((m)->m_flags & M_EXT || (m)->m_len < (len))) \ 51 (m) = m_pullup((m), (len)); \ 52 } while (0) 53 54 /* 55 * Globals. All but ip_mrouter and ip_mrtproto could be static, 56 * except for netstat or debugging purposes. 57 */ 58 struct socket *ip_mrouter = 0; 59 int ip_mrtproto = IGMP_DVMRP; /* for netstat only */ 60 61 #define NO_RTE_FOUND 0x1 62 #define RTE_FOUND 0x2 63 64 #define MFCHASH(a, g) \ 65 ((((a).s_addr >> 20) ^ ((a).s_addr >> 10) ^ (a).s_addr ^ \ 66 ((g).s_addr >> 20) ^ ((g).s_addr >> 10) ^ (g).s_addr) & mfchash) 67 LIST_HEAD(mfchashhdr, mfc) *mfchashtbl; 68 u_long mfchash; 69 70 u_char nexpire[MFCTBLSIZ]; 71 struct vif viftable[MAXVIFS]; 72 struct mrtstat mrtstat; 73 u_int mrtdebug = 0; /* debug level */ 74 #define DEBUG_MFC 0x02 75 #define DEBUG_FORWARD 0x04 76 #define DEBUG_EXPIRE 0x08 77 #define DEBUG_XMIT 0x10 78 u_int tbfdebug = 0; /* tbf debug level */ 79 #ifdef RSVP_ISI 80 u_int rsvpdebug = 0; /* rsvp debug level */ 81 extern struct socket *ip_rsvpd; 82 extern int rsvp_on; 83 #endif /* RSVP_ISI */ 84 85 #define EXPIRE_TIMEOUT (hz / 4) /* 4x / second */ 86 #define UPCALL_EXPIRE 6 /* number of timeouts */ 87 88 /* 89 * Define the token bucket filter structures 90 */ 91 92 #define TBF_REPROCESS (hz / 100) /* 100x / second */ 93 94 static int get_sg_cnt __P((struct sioc_sg_req *)); 95 static int get_vif_cnt __P((struct sioc_vif_req *)); 96 static int ip_mrouter_init __P((struct socket *, struct mbuf *)); 97 static int get_version __P((struct mbuf *)); 98 static int set_assert __P((struct mbuf *)); 99 static int get_assert __P((struct mbuf *)); 100 static int add_vif __P((struct mbuf *)); 101 static int del_vif __P((struct mbuf *)); 102 static void update_mfc __P((struct mfcctl *, struct mfc *)); 103 static void expire_mfc __P((struct mfc *)); 104 static int add_mfc __P((struct mbuf *)); 105 #ifdef UPCALL_TIMING 106 static void collate __P((struct timeval *)); 107 #endif 108 static int del_mfc __P((struct mbuf *)); 109 static int socket_send __P((struct socket *, struct mbuf *, 110 struct sockaddr_in *)); 111 static void expire_upcalls __P((void *)); 112 #ifdef RSVP_ISI 113 static int ip_mdq __P((struct mbuf *, struct ifnet *, struct mfc *, vifi_t)); 114 #else 115 static int ip_mdq __P((struct mbuf *, struct ifnet *, struct mfc *)); 116 #endif 117 static void phyint_send __P((struct ip *, struct vif *, struct mbuf *)); 118 static void encap_send __P((struct ip *, struct vif *, struct mbuf *)); 119 static void tbf_control __P((struct vif *, struct mbuf *, struct ip *, 120 u_int32_t)); 121 static void tbf_queue __P((struct vif *, struct mbuf *)); 122 static void tbf_process_q __P((struct vif *)); 123 static void tbf_reprocess_q __P((void *)); 124 static int tbf_dq_sel __P((struct vif *, struct ip *)); 125 static void tbf_send_packet __P((struct vif *, struct mbuf *)); 126 static void tbf_update_tokens __P((struct vif *)); 127 static int priority __P((struct vif *, struct ip *)); 128 129 /* 130 * 'Interfaces' associated with decapsulator (so we can tell 131 * packets that went through it from ones that get reflected 132 * by a broken gateway). These interfaces are never linked into 133 * the system ifnet list & no routes point to them. I.e., packets 134 * can't be sent this way. They only exist as a placeholder for 135 * multicast source verification. 136 */ 137 #if 0 138 struct ifnet multicast_decap_if[MAXVIFS]; 139 #endif 140 141 #define ENCAP_TTL 64 142 #define ENCAP_PROTO IPPROTO_IPIP /* 4 */ 143 144 /* prototype IP hdr for encapsulated packets */ 145 struct ip multicast_encap_iphdr = { 146 #if BYTE_ORDER == LITTLE_ENDIAN 147 sizeof(struct ip) >> 2, IPVERSION, 148 #else 149 IPVERSION, sizeof(struct ip) >> 2, 150 #endif 151 0, /* tos */ 152 sizeof(struct ip), /* total length */ 153 0, /* id */ 154 0, /* frag offset */ 155 ENCAP_TTL, ENCAP_PROTO, 156 0, /* checksum */ 157 }; 158 159 /* 160 * Private variables. 161 */ 162 static vifi_t numvifs = 0; 163 static int have_encap_tunnel = 0; 164 165 static struct callout expire_upcalls_ch; 166 167 /* 168 * one-back cache used by mrt_ipip_input to locate a tunnel's vif 169 * given a datagram's src ip address. 170 */ 171 static struct in_addr last_encap_src; 172 static struct vif *last_encap_vif; 173 174 /* 175 * whether or not special PIM assert processing is enabled. 176 */ 177 static int pim_assert; 178 /* 179 * Rate limit for assert notification messages, in usec 180 */ 181 #define ASSERT_MSG_TIME 3000000 182 183 /* 184 * Find a route for a given origin IP address and Multicast group address 185 * Type of service parameter to be added in the future!!! 186 */ 187 188 #define MFCFIND(o, g, rt) { \ 189 struct mfc *_rt; \ 190 (rt) = 0; \ 191 ++mrtstat.mrts_mfc_lookups; \ 192 for (_rt = mfchashtbl[MFCHASH(o, g)].lh_first; \ 193 _rt; _rt = _rt->mfc_hash.le_next) { \ 194 if (in_hosteq(_rt->mfc_origin, (o)) && \ 195 in_hosteq(_rt->mfc_mcastgrp, (g)) && \ 196 _rt->mfc_stall == 0) { \ 197 (rt) = _rt; \ 198 break; \ 199 } \ 200 } \ 201 if ((rt) == 0) \ 202 ++mrtstat.mrts_mfc_misses; \ 203 } 204 205 /* 206 * Macros to compute elapsed time efficiently 207 * Borrowed from Van Jacobson's scheduling code 208 */ 209 #define TV_DELTA(a, b, delta) { \ 210 int xxs; \ 211 delta = (a).tv_usec - (b).tv_usec; \ 212 xxs = (a).tv_sec - (b).tv_sec; \ 213 switch (xxs) { \ 214 case 2: \ 215 delta += 1000000; \ 216 /* fall through */ \ 217 case 1: \ 218 delta += 1000000; \ 219 /* fall through */ \ 220 case 0: \ 221 break; \ 222 default: \ 223 delta += (1000000 * xxs); \ 224 break; \ 225 } \ 226 } 227 228 #ifdef UPCALL_TIMING 229 u_int32_t upcall_data[51]; 230 #endif /* UPCALL_TIMING */ 231 232 /* 233 * Handle MRT setsockopt commands to modify the multicast routing tables. 234 */ 235 int 236 ip_mrouter_set(so, optname, m) 237 struct socket *so; 238 int optname; 239 struct mbuf **m; 240 { 241 int error; 242 243 if (optname != MRT_INIT && so != ip_mrouter) 244 error = ENOPROTOOPT; 245 else 246 switch (optname) { 247 case MRT_INIT: 248 error = ip_mrouter_init(so, *m); 249 break; 250 case MRT_DONE: 251 error = ip_mrouter_done(); 252 break; 253 case MRT_ADD_VIF: 254 error = add_vif(*m); 255 break; 256 case MRT_DEL_VIF: 257 error = del_vif(*m); 258 break; 259 case MRT_ADD_MFC: 260 error = add_mfc(*m); 261 break; 262 case MRT_DEL_MFC: 263 error = del_mfc(*m); 264 break; 265 case MRT_ASSERT: 266 error = set_assert(*m); 267 break; 268 default: 269 error = ENOPROTOOPT; 270 break; 271 } 272 273 if (*m) 274 m_free(*m); 275 return (error); 276 } 277 278 /* 279 * Handle MRT getsockopt commands 280 */ 281 int 282 ip_mrouter_get(so, optname, m) 283 struct socket *so; 284 int optname; 285 struct mbuf **m; 286 { 287 int error; 288 289 if (so != ip_mrouter) 290 error = ENOPROTOOPT; 291 else { 292 *m = m_get(M_WAIT, MT_SOOPTS); 293 294 switch (optname) { 295 case MRT_VERSION: 296 error = get_version(*m); 297 break; 298 case MRT_ASSERT: 299 error = get_assert(*m); 300 break; 301 default: 302 error = ENOPROTOOPT; 303 break; 304 } 305 306 if (error) 307 m_free(*m); 308 } 309 310 return (error); 311 } 312 313 /* 314 * Handle ioctl commands to obtain information from the cache 315 */ 316 int 317 mrt_ioctl(so, cmd, data) 318 struct socket *so; 319 u_long cmd; 320 caddr_t data; 321 { 322 int error; 323 324 if (so != ip_mrouter) 325 error = EINVAL; 326 else 327 switch (cmd) { 328 case SIOCGETVIFCNT: 329 error = get_vif_cnt((struct sioc_vif_req *)data); 330 break; 331 case SIOCGETSGCNT: 332 error = get_sg_cnt((struct sioc_sg_req *)data); 333 break; 334 default: 335 error = EINVAL; 336 break; 337 } 338 339 return (error); 340 } 341 342 /* 343 * returns the packet, byte, rpf-failure count for the source group provided 344 */ 345 static int 346 get_sg_cnt(req) 347 struct sioc_sg_req *req; 348 { 349 struct mfc *rt; 350 int s; 351 352 s = splsoftnet(); 353 MFCFIND(req->src, req->grp, rt); 354 splx(s); 355 if (rt != 0) { 356 req->pktcnt = rt->mfc_pkt_cnt; 357 req->bytecnt = rt->mfc_byte_cnt; 358 req->wrong_if = rt->mfc_wrong_if; 359 } else 360 req->pktcnt = req->bytecnt = req->wrong_if = 0xffffffff; 361 362 return (0); 363 } 364 365 /* 366 * returns the input and output packet and byte counts on the vif provided 367 */ 368 static int 369 get_vif_cnt(req) 370 struct sioc_vif_req *req; 371 { 372 vifi_t vifi = req->vifi; 373 374 if (vifi >= numvifs) 375 return (EINVAL); 376 377 req->icount = viftable[vifi].v_pkt_in; 378 req->ocount = viftable[vifi].v_pkt_out; 379 req->ibytes = viftable[vifi].v_bytes_in; 380 req->obytes = viftable[vifi].v_bytes_out; 381 382 return (0); 383 } 384 385 /* 386 * Enable multicast routing 387 */ 388 static int 389 ip_mrouter_init(so, m) 390 struct socket *so; 391 struct mbuf *m; 392 { 393 int *v; 394 395 if (mrtdebug) 396 log(LOG_DEBUG, 397 "ip_mrouter_init: so_type = %d, pr_protocol = %d\n", 398 so->so_type, so->so_proto->pr_protocol); 399 400 if (so->so_type != SOCK_RAW || 401 so->so_proto->pr_protocol != IPPROTO_IGMP) 402 return (EOPNOTSUPP); 403 404 if (m == 0 || m->m_len < sizeof(int)) 405 return (EINVAL); 406 407 v = mtod(m, int *); 408 if (*v != 1) 409 return (EINVAL); 410 411 if (ip_mrouter != 0) 412 return (EADDRINUSE); 413 414 ip_mrouter = so; 415 416 mfchashtbl = 417 hashinit(MFCTBLSIZ, HASH_LIST, M_MRTABLE, M_WAITOK, &mfchash); 418 bzero((caddr_t)nexpire, sizeof(nexpire)); 419 420 pim_assert = 0; 421 422 callout_init(&expire_upcalls_ch); 423 callout_reset(&expire_upcalls_ch, EXPIRE_TIMEOUT, 424 expire_upcalls, NULL); 425 426 if (mrtdebug) 427 log(LOG_DEBUG, "ip_mrouter_init\n"); 428 429 return (0); 430 } 431 432 /* 433 * Disable multicast routing 434 */ 435 int 436 ip_mrouter_done() 437 { 438 vifi_t vifi; 439 struct vif *vifp; 440 int i; 441 int s; 442 443 s = splsoftnet(); 444 445 /* Clear out all the vifs currently in use. */ 446 for (vifi = 0; vifi < numvifs; vifi++) { 447 vifp = &viftable[vifi]; 448 if (!in_nullhost(vifp->v_lcl_addr)) 449 reset_vif(vifp); 450 } 451 452 numvifs = 0; 453 pim_assert = 0; 454 455 callout_stop(&expire_upcalls_ch); 456 457 /* 458 * Free all multicast forwarding cache entries. 459 */ 460 for (i = 0; i < MFCTBLSIZ; i++) { 461 struct mfc *rt, *nrt; 462 463 for (rt = mfchashtbl[i].lh_first; rt; rt = nrt) { 464 nrt = rt->mfc_hash.le_next; 465 466 expire_mfc(rt); 467 } 468 } 469 470 free(mfchashtbl, M_MRTABLE); 471 mfchashtbl = 0; 472 473 /* Reset de-encapsulation cache. */ 474 have_encap_tunnel = 0; 475 476 ip_mrouter = 0; 477 478 splx(s); 479 480 if (mrtdebug) 481 log(LOG_DEBUG, "ip_mrouter_done\n"); 482 483 return (0); 484 } 485 486 static int 487 get_version(m) 488 struct mbuf *m; 489 { 490 int *v = mtod(m, int *); 491 492 *v = 0x0305; /* XXX !!!! */ 493 m->m_len = sizeof(int); 494 return (0); 495 } 496 497 /* 498 * Set PIM assert processing global 499 */ 500 static int 501 set_assert(m) 502 struct mbuf *m; 503 { 504 int *i; 505 506 if (m == 0 || m->m_len < sizeof(int)) 507 return (EINVAL); 508 509 i = mtod(m, int *); 510 pim_assert = !!*i; 511 return (0); 512 } 513 514 /* 515 * Get PIM assert processing global 516 */ 517 static int 518 get_assert(m) 519 struct mbuf *m; 520 { 521 int *i = mtod(m, int *); 522 523 *i = pim_assert; 524 m->m_len = sizeof(int); 525 return (0); 526 } 527 528 static struct sockaddr_in sin = { sizeof(sin), AF_INET }; 529 530 /* 531 * Add a vif to the vif table 532 */ 533 static int 534 add_vif(m) 535 struct mbuf *m; 536 { 537 struct vifctl *vifcp; 538 struct vif *vifp; 539 struct ifaddr *ifa; 540 struct ifnet *ifp; 541 struct ifreq ifr; 542 int error, s; 543 544 if (m == 0 || m->m_len < sizeof(struct vifctl)) 545 return (EINVAL); 546 547 vifcp = mtod(m, struct vifctl *); 548 if (vifcp->vifc_vifi >= MAXVIFS) 549 return (EINVAL); 550 551 vifp = &viftable[vifcp->vifc_vifi]; 552 if (!in_nullhost(vifp->v_lcl_addr)) 553 return (EADDRINUSE); 554 555 /* Find the interface with an address in AF_INET family. */ 556 sin.sin_addr = vifcp->vifc_lcl_addr; 557 ifa = ifa_ifwithaddr(sintosa(&sin)); 558 if (ifa == 0) 559 return (EADDRNOTAVAIL); 560 561 if (vifcp->vifc_flags & VIFF_TUNNEL) { 562 if (vifcp->vifc_flags & VIFF_SRCRT) { 563 log(LOG_ERR, "Source routed tunnels not supported\n"); 564 return (EOPNOTSUPP); 565 } 566 567 /* Create a fake encapsulation interface. */ 568 ifp = (struct ifnet *)malloc(sizeof(*ifp), M_MRTABLE, M_WAITOK); 569 bzero(ifp, sizeof(*ifp)); 570 sprintf(ifp->if_xname, "mdecap%d", vifcp->vifc_vifi); 571 572 /* Prepare cached route entry. */ 573 bzero(&vifp->v_route, sizeof(vifp->v_route)); 574 575 /* Tell mrt_ipip_input() to start looking at encapsulated packets. */ 576 have_encap_tunnel = 1; 577 } else { 578 /* Use the physical interface associated with the address. */ 579 ifp = ifa->ifa_ifp; 580 581 /* Make sure the interface supports multicast. */ 582 if ((ifp->if_flags & IFF_MULTICAST) == 0) 583 return (EOPNOTSUPP); 584 585 /* Enable promiscuous reception of all IP multicasts. */ 586 satosin(&ifr.ifr_addr)->sin_len = sizeof(struct sockaddr_in); 587 satosin(&ifr.ifr_addr)->sin_family = AF_INET; 588 satosin(&ifr.ifr_addr)->sin_addr = zeroin_addr; 589 error = (*ifp->if_ioctl)(ifp, SIOCADDMULTI, (caddr_t)&ifr); 590 if (error) 591 return (error); 592 } 593 594 s = splsoftnet(); 595 596 /* Define parameters for the tbf structure. */ 597 vifp->tbf_q = 0; 598 vifp->tbf_t = &vifp->tbf_q; 599 microtime(&vifp->tbf_last_pkt_t); 600 vifp->tbf_n_tok = 0; 601 vifp->tbf_q_len = 0; 602 vifp->tbf_max_q_len = MAXQSIZE; 603 604 vifp->v_flags = vifcp->vifc_flags; 605 vifp->v_threshold = vifcp->vifc_threshold; 606 /* scaling up here allows division by 1024 in critical code */ 607 vifp->v_rate_limit = vifcp->vifc_rate_limit * 1024 / 1000; 608 vifp->v_lcl_addr = vifcp->vifc_lcl_addr; 609 vifp->v_rmt_addr = vifcp->vifc_rmt_addr; 610 vifp->v_ifp = ifp; 611 /* Initialize per vif pkt counters. */ 612 vifp->v_pkt_in = 0; 613 vifp->v_pkt_out = 0; 614 vifp->v_bytes_in = 0; 615 vifp->v_bytes_out = 0; 616 617 callout_init(&vifp->v_repq_ch); 618 619 #ifdef RSVP_ISI 620 vifp->v_rsvp_on = 0; 621 vifp->v_rsvpd = 0; 622 #endif /* RSVP_ISI */ 623 624 splx(s); 625 626 /* Adjust numvifs up if the vifi is higher than numvifs. */ 627 if (numvifs <= vifcp->vifc_vifi) 628 numvifs = vifcp->vifc_vifi + 1; 629 630 if (mrtdebug) 631 log(LOG_DEBUG, "add_vif #%d, lcladdr %x, %s %x, thresh %x, rate %d\n", 632 vifcp->vifc_vifi, 633 ntohl(vifcp->vifc_lcl_addr.s_addr), 634 (vifcp->vifc_flags & VIFF_TUNNEL) ? "rmtaddr" : "mask", 635 ntohl(vifcp->vifc_rmt_addr.s_addr), 636 vifcp->vifc_threshold, 637 vifcp->vifc_rate_limit); 638 639 return (0); 640 } 641 642 void 643 reset_vif(vifp) 644 struct vif *vifp; 645 { 646 struct mbuf *m, *n; 647 struct ifnet *ifp; 648 struct ifreq ifr; 649 650 callout_stop(&vifp->v_repq_ch); 651 652 for (m = vifp->tbf_q; m != 0; m = n) { 653 n = m->m_nextpkt; 654 m_freem(m); 655 } 656 657 if (vifp->v_flags & VIFF_TUNNEL) { 658 free(vifp->v_ifp, M_MRTABLE); 659 if (vifp == last_encap_vif) { 660 last_encap_vif = 0; 661 last_encap_src = zeroin_addr; 662 } 663 } else { 664 satosin(&ifr.ifr_addr)->sin_len = sizeof(struct sockaddr_in); 665 satosin(&ifr.ifr_addr)->sin_family = AF_INET; 666 satosin(&ifr.ifr_addr)->sin_addr = zeroin_addr; 667 ifp = vifp->v_ifp; 668 (*ifp->if_ioctl)(ifp, SIOCDELMULTI, (caddr_t)&ifr); 669 } 670 bzero((caddr_t)vifp, sizeof(*vifp)); 671 } 672 673 /* 674 * Delete a vif from the vif table 675 */ 676 static int 677 del_vif(m) 678 struct mbuf *m; 679 { 680 vifi_t *vifip; 681 struct vif *vifp; 682 vifi_t vifi; 683 int s; 684 685 if (m == 0 || m->m_len < sizeof(vifi_t)) 686 return (EINVAL); 687 688 vifip = mtod(m, vifi_t *); 689 if (*vifip >= numvifs) 690 return (EINVAL); 691 692 vifp = &viftable[*vifip]; 693 if (in_nullhost(vifp->v_lcl_addr)) 694 return (EADDRNOTAVAIL); 695 696 s = splsoftnet(); 697 698 reset_vif(vifp); 699 700 /* Adjust numvifs down */ 701 for (vifi = numvifs; vifi > 0; vifi--) 702 if (!in_nullhost(viftable[vifi-1].v_lcl_addr)) 703 break; 704 numvifs = vifi; 705 706 splx(s); 707 708 if (mrtdebug) 709 log(LOG_DEBUG, "del_vif %d, numvifs %d\n", *vifip, numvifs); 710 711 return (0); 712 } 713 714 static void 715 update_mfc(mfccp, rt) 716 struct mfcctl *mfccp; 717 struct mfc *rt; 718 { 719 vifi_t vifi; 720 721 rt->mfc_parent = mfccp->mfcc_parent; 722 for (vifi = 0; vifi < numvifs; vifi++) 723 rt->mfc_ttls[vifi] = mfccp->mfcc_ttls[vifi]; 724 rt->mfc_expire = 0; 725 rt->mfc_stall = 0; 726 } 727 728 static void 729 expire_mfc(rt) 730 struct mfc *rt; 731 { 732 struct rtdetq *rte, *nrte; 733 734 for (rte = rt->mfc_stall; rte != 0; rte = nrte) { 735 nrte = rte->next; 736 m_freem(rte->m); 737 free(rte, M_MRTABLE); 738 } 739 740 LIST_REMOVE(rt, mfc_hash); 741 free(rt, M_MRTABLE); 742 } 743 744 /* 745 * Add an mfc entry 746 */ 747 static int 748 add_mfc(m) 749 struct mbuf *m; 750 { 751 struct mfcctl *mfccp; 752 struct mfc *rt; 753 u_int32_t hash = 0; 754 struct rtdetq *rte, *nrte; 755 u_short nstl; 756 int s; 757 758 if (m == 0 || m->m_len < sizeof(struct mfcctl)) 759 return (EINVAL); 760 761 mfccp = mtod(m, struct mfcctl *); 762 763 s = splsoftnet(); 764 MFCFIND(mfccp->mfcc_origin, mfccp->mfcc_mcastgrp, rt); 765 766 /* If an entry already exists, just update the fields */ 767 if (rt) { 768 if (mrtdebug & DEBUG_MFC) 769 log(LOG_DEBUG,"add_mfc update o %x g %x p %x\n", 770 ntohl(mfccp->mfcc_origin.s_addr), 771 ntohl(mfccp->mfcc_mcastgrp.s_addr), 772 mfccp->mfcc_parent); 773 774 if (rt->mfc_expire) 775 nexpire[hash]--; 776 777 update_mfc(mfccp, rt); 778 779 splx(s); 780 return (0); 781 } 782 783 /* 784 * Find the entry for which the upcall was made and update 785 */ 786 nstl = 0; 787 hash = MFCHASH(mfccp->mfcc_origin, mfccp->mfcc_mcastgrp); 788 for (rt = mfchashtbl[hash].lh_first; rt; rt = rt->mfc_hash.le_next) { 789 if (in_hosteq(rt->mfc_origin, mfccp->mfcc_origin) && 790 in_hosteq(rt->mfc_mcastgrp, mfccp->mfcc_mcastgrp) && 791 rt->mfc_stall != 0) { 792 if (nstl++) 793 log(LOG_ERR, "add_mfc %s o %x g %x p %x dbx %p\n", 794 "multiple kernel entries", 795 ntohl(mfccp->mfcc_origin.s_addr), 796 ntohl(mfccp->mfcc_mcastgrp.s_addr), 797 mfccp->mfcc_parent, rt->mfc_stall); 798 799 if (mrtdebug & DEBUG_MFC) 800 log(LOG_DEBUG,"add_mfc o %x g %x p %x dbg %p\n", 801 ntohl(mfccp->mfcc_origin.s_addr), 802 ntohl(mfccp->mfcc_mcastgrp.s_addr), 803 mfccp->mfcc_parent, rt->mfc_stall); 804 805 if (rt->mfc_expire) 806 nexpire[hash]--; 807 808 rte = rt->mfc_stall; 809 update_mfc(mfccp, rt); 810 811 /* free packets Qed at the end of this entry */ 812 for (; rte != 0; rte = nrte) { 813 nrte = rte->next; 814 #ifdef RSVP_ISI 815 ip_mdq(rte->m, rte->ifp, rt, -1); 816 #else 817 ip_mdq(rte->m, rte->ifp, rt); 818 #endif /* RSVP_ISI */ 819 m_freem(rte->m); 820 #ifdef UPCALL_TIMING 821 collate(&rte->t); 822 #endif /* UPCALL_TIMING */ 823 free(rte, M_MRTABLE); 824 } 825 } 826 } 827 828 if (nstl == 0) { 829 /* 830 * No mfc; make a new one 831 */ 832 if (mrtdebug & DEBUG_MFC) 833 log(LOG_DEBUG,"add_mfc no upcall o %x g %x p %x\n", 834 ntohl(mfccp->mfcc_origin.s_addr), 835 ntohl(mfccp->mfcc_mcastgrp.s_addr), 836 mfccp->mfcc_parent); 837 838 rt = (struct mfc *)malloc(sizeof(*rt), M_MRTABLE, M_NOWAIT); 839 if (rt == 0) { 840 splx(s); 841 return (ENOBUFS); 842 } 843 844 rt->mfc_origin = mfccp->mfcc_origin; 845 rt->mfc_mcastgrp = mfccp->mfcc_mcastgrp; 846 /* initialize pkt counters per src-grp */ 847 rt->mfc_pkt_cnt = 0; 848 rt->mfc_byte_cnt = 0; 849 rt->mfc_wrong_if = 0; 850 timerclear(&rt->mfc_last_assert); 851 update_mfc(mfccp, rt); 852 853 /* insert new entry at head of hash chain */ 854 LIST_INSERT_HEAD(&mfchashtbl[hash], rt, mfc_hash); 855 } 856 857 splx(s); 858 return (0); 859 } 860 861 #ifdef UPCALL_TIMING 862 /* 863 * collect delay statistics on the upcalls 864 */ 865 static void collate(t) 866 struct timeval *t; 867 { 868 u_int32_t d; 869 struct timeval tp; 870 u_int32_t delta; 871 872 microtime(&tp); 873 874 if (timercmp(t, &tp, <)) { 875 TV_DELTA(tp, *t, delta); 876 877 d = delta >> 10; 878 if (d > 50) 879 d = 50; 880 881 ++upcall_data[d]; 882 } 883 } 884 #endif /* UPCALL_TIMING */ 885 886 /* 887 * Delete an mfc entry 888 */ 889 static int 890 del_mfc(m) 891 struct mbuf *m; 892 { 893 struct mfcctl *mfccp; 894 struct mfc *rt; 895 int s; 896 897 if (m == 0 || m->m_len < sizeof(struct mfcctl)) 898 return (EINVAL); 899 900 mfccp = mtod(m, struct mfcctl *); 901 902 if (mrtdebug & DEBUG_MFC) 903 log(LOG_DEBUG, "del_mfc origin %x mcastgrp %x\n", 904 ntohl(mfccp->mfcc_origin.s_addr), 905 ntohl(mfccp->mfcc_mcastgrp.s_addr)); 906 907 s = splsoftnet(); 908 909 MFCFIND(mfccp->mfcc_origin, mfccp->mfcc_mcastgrp, rt); 910 if (rt == 0) { 911 splx(s); 912 return (EADDRNOTAVAIL); 913 } 914 915 LIST_REMOVE(rt, mfc_hash); 916 free(rt, M_MRTABLE); 917 918 splx(s); 919 return (0); 920 } 921 922 static int 923 socket_send(s, mm, src) 924 struct socket *s; 925 struct mbuf *mm; 926 struct sockaddr_in *src; 927 { 928 if (s) { 929 if (sbappendaddr(&s->so_rcv, sintosa(src), mm, (struct mbuf *)0) != 0) { 930 sorwakeup(s); 931 return (0); 932 } 933 } 934 m_freem(mm); 935 return (-1); 936 } 937 938 /* 939 * IP multicast forwarding function. This function assumes that the packet 940 * pointed to by "ip" has arrived on (or is about to be sent to) the interface 941 * pointed to by "ifp", and the packet is to be relayed to other networks 942 * that have members of the packet's destination IP multicast group. 943 * 944 * The packet is returned unscathed to the caller, unless it is 945 * erroneous, in which case a non-zero return value tells the caller to 946 * discard it. 947 */ 948 949 #define IP_HDR_LEN 20 /* # bytes of fixed IP header (excluding options) */ 950 #define TUNNEL_LEN 12 /* # bytes of IP option for tunnel encapsulation */ 951 952 int 953 #ifdef RSVP_ISI 954 ip_mforward(m, ifp, imo) 955 #else 956 ip_mforward(m, ifp) 957 #endif /* RSVP_ISI */ 958 struct mbuf *m; 959 struct ifnet *ifp; 960 #ifdef RSVP_ISI 961 struct ip_moptions *imo; 962 #endif /* RSVP_ISI */ 963 { 964 struct ip *ip = mtod(m, struct ip *); 965 struct mfc *rt; 966 u_char *ipoptions; 967 static int srctun = 0; 968 struct mbuf *mm; 969 int s; 970 #ifdef RSVP_ISI 971 struct vif *vifp; 972 vifi_t vifi; 973 #endif /* RSVP_ISI */ 974 975 if (mrtdebug & DEBUG_FORWARD) 976 log(LOG_DEBUG, "ip_mforward: src %x, dst %x, ifp %p\n", 977 ntohl(ip->ip_src.s_addr), ntohl(ip->ip_dst.s_addr), ifp); 978 979 if (ip->ip_hl < (IP_HDR_LEN + TUNNEL_LEN) >> 2 || 980 (ipoptions = (u_char *)(ip + 1))[1] != IPOPT_LSRR) { 981 /* 982 * Packet arrived via a physical interface or 983 * an encapuslated tunnel. 984 */ 985 } else { 986 /* 987 * Packet arrived through a source-route tunnel. 988 * Source-route tunnels are no longer supported. 989 */ 990 if ((srctun++ % 1000) == 0) 991 log(LOG_ERR, "ip_mforward: received source-routed packet from %x\n", 992 ntohl(ip->ip_src.s_addr)); 993 994 return (1); 995 } 996 997 #ifdef RSVP_ISI 998 if (imo && ((vifi = imo->imo_multicast_vif) < numvifs)) { 999 if (ip->ip_ttl < 255) 1000 ip->ip_ttl++; /* compensate for -1 in *_send routines */ 1001 if (rsvpdebug && ip->ip_p == IPPROTO_RSVP) { 1002 vifp = viftable + vifi; 1003 printf("Sending IPPROTO_RSVP from %x to %x on vif %d (%s%s)\n", 1004 ntohl(ip->ip_src), ntohl(ip->ip_dst), vifi, 1005 (vifp->v_flags & VIFF_TUNNEL) ? "tunnel on " : "", 1006 vifp->v_ifp->if_xname); 1007 } 1008 return (ip_mdq(m, ifp, (struct mfc *)0, vifi)); 1009 } 1010 if (rsvpdebug && ip->ip_p == IPPROTO_RSVP) { 1011 printf("Warning: IPPROTO_RSVP from %x to %x without vif option\n", 1012 ntohl(ip->ip_src), ntohl(ip->ip_dst)); 1013 } 1014 #endif /* RSVP_ISI */ 1015 1016 /* 1017 * Don't forward a packet with time-to-live of zero or one, 1018 * or a packet destined to a local-only group. 1019 */ 1020 if (ip->ip_ttl <= 1 || 1021 IN_LOCAL_GROUP(ip->ip_dst.s_addr)) 1022 return (0); 1023 1024 /* 1025 * Determine forwarding vifs from the forwarding cache table 1026 */ 1027 s = splsoftnet(); 1028 MFCFIND(ip->ip_src, ip->ip_dst, rt); 1029 1030 /* Entry exists, so forward if necessary */ 1031 if (rt != 0) { 1032 splx(s); 1033 #ifdef RSVP_ISI 1034 return (ip_mdq(m, ifp, rt, -1)); 1035 #else 1036 return (ip_mdq(m, ifp, rt)); 1037 #endif /* RSVP_ISI */ 1038 } else { 1039 /* 1040 * If we don't have a route for packet's origin, 1041 * Make a copy of the packet & 1042 * send message to routing daemon 1043 */ 1044 1045 struct mbuf *mb0; 1046 struct rtdetq *rte; 1047 u_int32_t hash; 1048 int hlen = ip->ip_hl << 2; 1049 #ifdef UPCALL_TIMING 1050 struct timeval tp; 1051 1052 microtime(&tp); 1053 #endif /* UPCALL_TIMING */ 1054 1055 mrtstat.mrts_no_route++; 1056 if (mrtdebug & (DEBUG_FORWARD | DEBUG_MFC)) 1057 log(LOG_DEBUG, "ip_mforward: no rte s %x g %x\n", 1058 ntohl(ip->ip_src.s_addr), 1059 ntohl(ip->ip_dst.s_addr)); 1060 1061 /* 1062 * Allocate mbufs early so that we don't do extra work if we are 1063 * just going to fail anyway. Make sure to pullup the header so 1064 * that other people can't step on it. 1065 */ 1066 rte = (struct rtdetq *)malloc(sizeof(*rte), M_MRTABLE, M_NOWAIT); 1067 if (rte == 0) { 1068 splx(s); 1069 return (ENOBUFS); 1070 } 1071 mb0 = m_copy(m, 0, M_COPYALL); 1072 M_PULLUP(mb0, hlen); 1073 if (mb0 == 0) { 1074 free(rte, M_MRTABLE); 1075 splx(s); 1076 return (ENOBUFS); 1077 } 1078 1079 /* is there an upcall waiting for this packet? */ 1080 hash = MFCHASH(ip->ip_src, ip->ip_dst); 1081 for (rt = mfchashtbl[hash].lh_first; rt; rt = rt->mfc_hash.le_next) { 1082 if (in_hosteq(ip->ip_src, rt->mfc_origin) && 1083 in_hosteq(ip->ip_dst, rt->mfc_mcastgrp) && 1084 rt->mfc_stall != 0) 1085 break; 1086 } 1087 1088 if (rt == 0) { 1089 int i; 1090 struct igmpmsg *im; 1091 1092 /* no upcall, so make a new entry */ 1093 rt = (struct mfc *)malloc(sizeof(*rt), M_MRTABLE, M_NOWAIT); 1094 if (rt == 0) { 1095 free(rte, M_MRTABLE); 1096 m_freem(mb0); 1097 splx(s); 1098 return (ENOBUFS); 1099 } 1100 /* Make a copy of the header to send to the user level process */ 1101 mm = m_copy(m, 0, hlen); 1102 M_PULLUP(mm, hlen); 1103 if (mm == 0) { 1104 free(rte, M_MRTABLE); 1105 m_freem(mb0); 1106 free(rt, M_MRTABLE); 1107 splx(s); 1108 return (ENOBUFS); 1109 } 1110 1111 /* 1112 * Send message to routing daemon to install 1113 * a route into the kernel table 1114 */ 1115 sin.sin_addr = ip->ip_src; 1116 1117 im = mtod(mm, struct igmpmsg *); 1118 im->im_msgtype = IGMPMSG_NOCACHE; 1119 im->im_mbz = 0; 1120 1121 mrtstat.mrts_upcalls++; 1122 1123 if (socket_send(ip_mrouter, mm, &sin) < 0) { 1124 log(LOG_WARNING, "ip_mforward: ip_mrouter socket queue full\n"); 1125 ++mrtstat.mrts_upq_sockfull; 1126 free(rte, M_MRTABLE); 1127 m_freem(mb0); 1128 free(rt, M_MRTABLE); 1129 splx(s); 1130 return (ENOBUFS); 1131 } 1132 1133 /* insert new entry at head of hash chain */ 1134 rt->mfc_origin = ip->ip_src; 1135 rt->mfc_mcastgrp = ip->ip_dst; 1136 rt->mfc_pkt_cnt = 0; 1137 rt->mfc_byte_cnt = 0; 1138 rt->mfc_wrong_if = 0; 1139 rt->mfc_expire = UPCALL_EXPIRE; 1140 nexpire[hash]++; 1141 for (i = 0; i < numvifs; i++) 1142 rt->mfc_ttls[i] = 0; 1143 rt->mfc_parent = -1; 1144 1145 /* link into table */ 1146 LIST_INSERT_HEAD(&mfchashtbl[hash], rt, mfc_hash); 1147 /* Add this entry to the end of the queue */ 1148 rt->mfc_stall = rte; 1149 } else { 1150 /* determine if q has overflowed */ 1151 struct rtdetq **p; 1152 int npkts = 0; 1153 1154 for (p = &rt->mfc_stall; *p != 0; p = &(*p)->next) 1155 if (++npkts > MAX_UPQ) { 1156 mrtstat.mrts_upq_ovflw++; 1157 free(rte, M_MRTABLE); 1158 m_freem(mb0); 1159 splx(s); 1160 return (0); 1161 } 1162 1163 /* Add this entry to the end of the queue */ 1164 *p = rte; 1165 } 1166 1167 rte->next = 0; 1168 rte->m = mb0; 1169 rte->ifp = ifp; 1170 #ifdef UPCALL_TIMING 1171 rte->t = tp; 1172 #endif /* UPCALL_TIMING */ 1173 1174 1175 splx(s); 1176 1177 return (0); 1178 } 1179 } 1180 1181 1182 /*ARGSUSED*/ 1183 static void 1184 expire_upcalls(v) 1185 void *v; 1186 { 1187 int i; 1188 int s; 1189 1190 s = splsoftnet(); 1191 1192 for (i = 0; i < MFCTBLSIZ; i++) { 1193 struct mfc *rt, *nrt; 1194 1195 if (nexpire[i] == 0) 1196 continue; 1197 1198 for (rt = mfchashtbl[i].lh_first; rt; rt = nrt) { 1199 nrt = rt->mfc_hash.le_next; 1200 1201 if (rt->mfc_expire == 0 || 1202 --rt->mfc_expire > 0) 1203 continue; 1204 nexpire[i]--; 1205 1206 ++mrtstat.mrts_cache_cleanups; 1207 if (mrtdebug & DEBUG_EXPIRE) 1208 log(LOG_DEBUG, 1209 "expire_upcalls: expiring (%x %x)\n", 1210 ntohl(rt->mfc_origin.s_addr), 1211 ntohl(rt->mfc_mcastgrp.s_addr)); 1212 1213 expire_mfc(rt); 1214 } 1215 } 1216 1217 splx(s); 1218 callout_reset(&expire_upcalls_ch, EXPIRE_TIMEOUT, 1219 expire_upcalls, NULL); 1220 } 1221 1222 /* 1223 * Packet forwarding routine once entry in the cache is made 1224 */ 1225 static int 1226 #ifdef RSVP_ISI 1227 ip_mdq(m, ifp, rt, xmt_vif) 1228 #else 1229 ip_mdq(m, ifp, rt) 1230 #endif /* RSVP_ISI */ 1231 struct mbuf *m; 1232 struct ifnet *ifp; 1233 struct mfc *rt; 1234 #ifdef RSVP_ISI 1235 vifi_t xmt_vif; 1236 #endif /* RSVP_ISI */ 1237 { 1238 struct ip *ip = mtod(m, struct ip *); 1239 vifi_t vifi; 1240 struct vif *vifp; 1241 int plen = ntohs(ip->ip_len); 1242 1243 /* 1244 * Macro to send packet on vif. Since RSVP packets don't get counted on 1245 * input, they shouldn't get counted on output, so statistics keeping is 1246 * seperate. 1247 */ 1248 #define MC_SEND(ip,vifp,m) { \ 1249 if ((vifp)->v_flags & VIFF_TUNNEL) \ 1250 encap_send((ip), (vifp), (m)); \ 1251 else \ 1252 phyint_send((ip), (vifp), (m)); \ 1253 } 1254 1255 #ifdef RSVP_ISI 1256 /* 1257 * If xmt_vif is not -1, send on only the requested vif. 1258 * 1259 * (since vifi_t is u_short, -1 becomes MAXUSHORT, which > numvifs. 1260 */ 1261 if (xmt_vif < numvifs) { 1262 MC_SEND(ip, viftable + xmt_vif, m); 1263 return (1); 1264 } 1265 #endif /* RSVP_ISI */ 1266 1267 /* 1268 * Don't forward if it didn't arrive from the parent vif for its origin. 1269 */ 1270 vifi = rt->mfc_parent; 1271 if ((vifi >= numvifs) || (viftable[vifi].v_ifp != ifp)) { 1272 /* came in the wrong interface */ 1273 if (mrtdebug & DEBUG_FORWARD) 1274 log(LOG_DEBUG, "wrong if: ifp %p vifi %d vififp %p\n", 1275 ifp, vifi, viftable[vifi].v_ifp); 1276 ++mrtstat.mrts_wrong_if; 1277 ++rt->mfc_wrong_if; 1278 /* 1279 * If we are doing PIM assert processing, and we are forwarding 1280 * packets on this interface, and it is a broadcast medium 1281 * interface (and not a tunnel), send a message to the routing daemon. 1282 */ 1283 if (pim_assert && rt->mfc_ttls[vifi] && 1284 (ifp->if_flags & IFF_BROADCAST) && 1285 !(viftable[vifi].v_flags & VIFF_TUNNEL)) { 1286 struct mbuf *mm; 1287 struct igmpmsg *im; 1288 int hlen = ip->ip_hl << 2; 1289 struct timeval now; 1290 u_int32_t delta; 1291 1292 microtime(&now); 1293 1294 TV_DELTA(rt->mfc_last_assert, now, delta); 1295 1296 if (delta > ASSERT_MSG_TIME) { 1297 mm = m_copy(m, 0, hlen); 1298 M_PULLUP(mm, hlen); 1299 if (mm == 0) { 1300 return (ENOBUFS); 1301 } 1302 1303 rt->mfc_last_assert = now; 1304 1305 im = mtod(mm, struct igmpmsg *); 1306 im->im_msgtype = IGMPMSG_WRONGVIF; 1307 im->im_mbz = 0; 1308 im->im_vif = vifi; 1309 1310 sin.sin_addr = im->im_src; 1311 1312 socket_send(ip_mrouter, mm, &sin); 1313 } 1314 } 1315 return (0); 1316 } 1317 1318 /* If I sourced this packet, it counts as output, else it was input. */ 1319 if (in_hosteq(ip->ip_src, viftable[vifi].v_lcl_addr)) { 1320 viftable[vifi].v_pkt_out++; 1321 viftable[vifi].v_bytes_out += plen; 1322 } else { 1323 viftable[vifi].v_pkt_in++; 1324 viftable[vifi].v_bytes_in += plen; 1325 } 1326 rt->mfc_pkt_cnt++; 1327 rt->mfc_byte_cnt += plen; 1328 1329 /* 1330 * For each vif, decide if a copy of the packet should be forwarded. 1331 * Forward if: 1332 * - the ttl exceeds the vif's threshold 1333 * - there are group members downstream on interface 1334 */ 1335 for (vifp = viftable, vifi = 0; vifi < numvifs; vifp++, vifi++) 1336 if ((rt->mfc_ttls[vifi] > 0) && 1337 (ip->ip_ttl > rt->mfc_ttls[vifi])) { 1338 vifp->v_pkt_out++; 1339 vifp->v_bytes_out += plen; 1340 MC_SEND(ip, vifp, m); 1341 } 1342 1343 return (0); 1344 } 1345 1346 #ifdef RSVP_ISI 1347 /* 1348 * check if a vif number is legal/ok. This is used by ip_output, to export 1349 * numvifs there, 1350 */ 1351 int 1352 legal_vif_num(vif) 1353 int vif; 1354 { 1355 if (vif >= 0 && vif < numvifs) 1356 return (1); 1357 else 1358 return (0); 1359 } 1360 #endif /* RSVP_ISI */ 1361 1362 static void 1363 phyint_send(ip, vifp, m) 1364 struct ip *ip; 1365 struct vif *vifp; 1366 struct mbuf *m; 1367 { 1368 struct mbuf *mb_copy; 1369 int hlen = ip->ip_hl << 2; 1370 1371 /* 1372 * Make a new reference to the packet; make sure that 1373 * the IP header is actually copied, not just referenced, 1374 * so that ip_output() only scribbles on the copy. 1375 */ 1376 mb_copy = m_copy(m, 0, M_COPYALL); 1377 M_PULLUP(mb_copy, hlen); 1378 if (mb_copy == 0) 1379 return; 1380 1381 if (vifp->v_rate_limit <= 0) 1382 tbf_send_packet(vifp, mb_copy); 1383 else 1384 tbf_control(vifp, mb_copy, mtod(mb_copy, struct ip *), ip->ip_len); 1385 } 1386 1387 static void 1388 encap_send(ip, vifp, m) 1389 struct ip *ip; 1390 struct vif *vifp; 1391 struct mbuf *m; 1392 { 1393 struct mbuf *mb_copy; 1394 struct ip *ip_copy; 1395 int i, len = ip->ip_len + sizeof(multicast_encap_iphdr); 1396 1397 /* 1398 * copy the old packet & pullup it's IP header into the 1399 * new mbuf so we can modify it. Try to fill the new 1400 * mbuf since if we don't the ethernet driver will. 1401 */ 1402 MGETHDR(mb_copy, M_DONTWAIT, MT_DATA); 1403 if (mb_copy == 0) 1404 return; 1405 mb_copy->m_data += max_linkhdr; 1406 mb_copy->m_pkthdr.len = len; 1407 mb_copy->m_len = sizeof(multicast_encap_iphdr); 1408 1409 if ((mb_copy->m_next = m_copy(m, 0, M_COPYALL)) == 0) { 1410 m_freem(mb_copy); 1411 return; 1412 } 1413 i = MHLEN - max_linkhdr; 1414 if (i > len) 1415 i = len; 1416 mb_copy = m_pullup(mb_copy, i); 1417 if (mb_copy == 0) 1418 return; 1419 1420 /* 1421 * fill in the encapsulating IP header. 1422 */ 1423 ip_copy = mtod(mb_copy, struct ip *); 1424 *ip_copy = multicast_encap_iphdr; 1425 ip_copy->ip_id = htons(ip_id++); 1426 ip_copy->ip_len = len; 1427 ip_copy->ip_src = vifp->v_lcl_addr; 1428 ip_copy->ip_dst = vifp->v_rmt_addr; 1429 1430 /* 1431 * turn the encapsulated IP header back into a valid one. 1432 */ 1433 ip = (struct ip *)((caddr_t)ip_copy + sizeof(multicast_encap_iphdr)); 1434 --ip->ip_ttl; 1435 HTONS(ip->ip_len); 1436 HTONS(ip->ip_off); 1437 ip->ip_sum = 0; 1438 mb_copy->m_data += sizeof(multicast_encap_iphdr); 1439 ip->ip_sum = in_cksum(mb_copy, ip->ip_hl << 2); 1440 mb_copy->m_data -= sizeof(multicast_encap_iphdr); 1441 1442 if (vifp->v_rate_limit <= 0) 1443 tbf_send_packet(vifp, mb_copy); 1444 else 1445 tbf_control(vifp, mb_copy, ip, ip_copy->ip_len); 1446 } 1447 1448 /* 1449 * De-encapsulate a packet and feed it back through ip input (this 1450 * routine is called whenever IP gets a packet with proto type 1451 * ENCAP_PROTO and a local destination address). 1452 * 1453 * Return 1 if we handled the packet, 0 if we did not. 1454 * 1455 * Called from encap4_input() in sys/netinet/ip_encap.c. 1456 */ 1457 int 1458 mrt_ipip_input(m, hlen) 1459 struct mbuf *m; 1460 int hlen; 1461 { 1462 struct ip *ip = mtod(m, struct ip *); 1463 int s; 1464 struct ifqueue *ifq; 1465 struct vif *vifp; 1466 1467 if (!have_encap_tunnel) 1468 return (0); 1469 1470 /* 1471 * dump the packet if it's not to a multicast destination or if 1472 * we don't have an encapsulating tunnel with the source. 1473 * Note: This code assumes that the remote site IP address 1474 * uniquely identifies the tunnel (i.e., that this site has 1475 * at most one tunnel with the remote site). 1476 */ 1477 if (!IN_MULTICAST(((struct ip *)((char *)ip + hlen))->ip_dst.s_addr)) { 1478 ++mrtstat.mrts_bad_tunnel; 1479 return (0); 1480 } 1481 1482 if (!in_hosteq(ip->ip_src, last_encap_src)) { 1483 struct vif *vife; 1484 1485 vifp = viftable; 1486 vife = vifp + numvifs; 1487 for (; vifp < vife; vifp++) 1488 if (vifp->v_flags & VIFF_TUNNEL && 1489 in_hosteq(vifp->v_rmt_addr, ip->ip_src)) 1490 break; 1491 if (vifp == vife) { 1492 mrtstat.mrts_cant_tunnel++; /*XXX*/ 1493 if (mrtdebug) 1494 log(LOG_DEBUG, 1495 "ip_mforward: no tunnel with %x\n", 1496 ntohl(ip->ip_src.s_addr)); 1497 return (0); 1498 } 1499 last_encap_vif = vifp; 1500 last_encap_src = ip->ip_src; 1501 } else 1502 vifp = last_encap_vif; 1503 1504 m->m_data += hlen; 1505 m->m_len -= hlen; 1506 m->m_pkthdr.len -= hlen; 1507 m->m_pkthdr.rcvif = vifp->v_ifp; 1508 ifq = &ipintrq; 1509 s = splimp(); 1510 if (IF_QFULL(ifq)) { 1511 IF_DROP(ifq); 1512 m_freem(m); 1513 } else { 1514 IF_ENQUEUE(ifq, m); 1515 /* 1516 * normally we would need a "schednetisr(NETISR_IP)" 1517 * here but we were called by ip_input and it is going 1518 * to loop back & try to dequeue the packet we just 1519 * queued as soon as we return so we avoid the 1520 * unnecessary software interrrupt. 1521 */ 1522 } 1523 splx(s); 1524 return (1); 1525 } 1526 1527 /* 1528 * Token bucket filter module 1529 */ 1530 static void 1531 tbf_control(vifp, m, ip, len) 1532 struct vif *vifp; 1533 struct mbuf *m; 1534 struct ip *ip; 1535 u_int32_t len; 1536 { 1537 1538 if (len > MAX_BKT_SIZE) { 1539 /* drop if packet is too large */ 1540 mrtstat.mrts_pkt2large++; 1541 m_freem(m); 1542 return; 1543 } 1544 1545 tbf_update_tokens(vifp); 1546 1547 /* 1548 * If there are enough tokens, and the queue is empty, send this packet 1549 * out immediately. Otherwise, try to insert it on this vif's queue. 1550 */ 1551 if (vifp->tbf_q_len == 0) { 1552 if (len <= vifp->tbf_n_tok) { 1553 vifp->tbf_n_tok -= len; 1554 tbf_send_packet(vifp, m); 1555 } else { 1556 /* queue packet and timeout till later */ 1557 tbf_queue(vifp, m); 1558 callout_reset(&vifp->v_repq_ch, TBF_REPROCESS, 1559 tbf_reprocess_q, vifp); 1560 } 1561 } else { 1562 if (vifp->tbf_q_len >= vifp->tbf_max_q_len && 1563 !tbf_dq_sel(vifp, ip)) { 1564 /* queue length too much, and couldn't make room */ 1565 mrtstat.mrts_q_overflow++; 1566 m_freem(m); 1567 } else { 1568 /* queue length low enough, or made room */ 1569 tbf_queue(vifp, m); 1570 tbf_process_q(vifp); 1571 } 1572 } 1573 } 1574 1575 /* 1576 * adds a packet to the queue at the interface 1577 */ 1578 static void 1579 tbf_queue(vifp, m) 1580 struct vif *vifp; 1581 struct mbuf *m; 1582 { 1583 int s = splsoftnet(); 1584 1585 /* insert at tail */ 1586 *vifp->tbf_t = m; 1587 vifp->tbf_t = &m->m_nextpkt; 1588 vifp->tbf_q_len++; 1589 1590 splx(s); 1591 } 1592 1593 1594 /* 1595 * processes the queue at the interface 1596 */ 1597 static void 1598 tbf_process_q(vifp) 1599 struct vif *vifp; 1600 { 1601 struct mbuf *m; 1602 int len; 1603 int s = splsoftnet(); 1604 1605 /* 1606 * Loop through the queue at the interface and send as many packets 1607 * as possible. 1608 */ 1609 for (m = vifp->tbf_q; 1610 m != 0; 1611 m = vifp->tbf_q) { 1612 len = mtod(m, struct ip *)->ip_len; 1613 1614 /* determine if the packet can be sent */ 1615 if (len <= vifp->tbf_n_tok) { 1616 /* if so, 1617 * reduce no of tokens, dequeue the packet, 1618 * send the packet. 1619 */ 1620 if ((vifp->tbf_q = m->m_nextpkt) == 0) 1621 vifp->tbf_t = &vifp->tbf_q; 1622 --vifp->tbf_q_len; 1623 1624 m->m_nextpkt = 0; 1625 vifp->tbf_n_tok -= len; 1626 tbf_send_packet(vifp, m); 1627 } else 1628 break; 1629 } 1630 splx(s); 1631 } 1632 1633 static void 1634 tbf_reprocess_q(arg) 1635 void *arg; 1636 { 1637 struct vif *vifp = arg; 1638 1639 if (ip_mrouter == 0) 1640 return; 1641 1642 tbf_update_tokens(vifp); 1643 tbf_process_q(vifp); 1644 1645 if (vifp->tbf_q_len != 0) 1646 callout_reset(&vifp->v_repq_ch, TBF_REPROCESS, 1647 tbf_reprocess_q, vifp); 1648 } 1649 1650 /* function that will selectively discard a member of the queue 1651 * based on the precedence value and the priority 1652 */ 1653 static int 1654 tbf_dq_sel(vifp, ip) 1655 struct vif *vifp; 1656 struct ip *ip; 1657 { 1658 u_int p; 1659 struct mbuf **mp, *m; 1660 int s = splsoftnet(); 1661 1662 p = priority(vifp, ip); 1663 1664 for (mp = &vifp->tbf_q, m = *mp; 1665 m != 0; 1666 mp = &m->m_nextpkt, m = *mp) { 1667 if (p > priority(vifp, mtod(m, struct ip *))) { 1668 if ((*mp = m->m_nextpkt) == 0) 1669 vifp->tbf_t = mp; 1670 --vifp->tbf_q_len; 1671 1672 m_freem(m); 1673 mrtstat.mrts_drop_sel++; 1674 splx(s); 1675 return (1); 1676 } 1677 } 1678 splx(s); 1679 return (0); 1680 } 1681 1682 static void 1683 tbf_send_packet(vifp, m) 1684 struct vif *vifp; 1685 struct mbuf *m; 1686 { 1687 int error; 1688 int s = splsoftnet(); 1689 1690 if (vifp->v_flags & VIFF_TUNNEL) { 1691 /* If tunnel options */ 1692 #ifdef IPSEC 1693 /* Don't lookup socket in forwading case */ 1694 ipsec_setsocket(m, NULL); 1695 #endif 1696 ip_output(m, (struct mbuf *)0, &vifp->v_route, 1697 IP_FORWARDING, (struct ip_moptions *)0); 1698 } else { 1699 /* if physical interface option, extract the options and then send */ 1700 struct ip_moptions imo; 1701 1702 imo.imo_multicast_ifp = vifp->v_ifp; 1703 imo.imo_multicast_ttl = mtod(m, struct ip *)->ip_ttl - 1; 1704 imo.imo_multicast_loop = 1; 1705 #ifdef RSVP_ISI 1706 imo.imo_multicast_vif = -1; 1707 #endif 1708 1709 #ifdef IPSEC 1710 /* Don't lookup socket in forwading case */ 1711 ipsec_setsocket(m, NULL); 1712 #endif 1713 error = ip_output(m, (struct mbuf *)0, (struct route *)0, 1714 IP_FORWARDING|IP_MULTICASTOPTS, &imo); 1715 1716 if (mrtdebug & DEBUG_XMIT) 1717 log(LOG_DEBUG, "phyint_send on vif %ld err %d\n", 1718 (long)(vifp-viftable), error); 1719 } 1720 splx(s); 1721 } 1722 1723 /* determine the current time and then 1724 * the elapsed time (between the last time and time now) 1725 * in milliseconds & update the no. of tokens in the bucket 1726 */ 1727 static void 1728 tbf_update_tokens(vifp) 1729 struct vif *vifp; 1730 { 1731 struct timeval tp; 1732 u_int32_t tm; 1733 int s = splsoftnet(); 1734 1735 microtime(&tp); 1736 1737 TV_DELTA(tp, vifp->tbf_last_pkt_t, tm); 1738 1739 /* 1740 * This formula is actually 1741 * "time in seconds" * "bytes/second". 1742 * 1743 * (tm / 1000000) * (v_rate_limit * 1000 * (1000/1024) / 8) 1744 * 1745 * The (1000/1024) was introduced in add_vif to optimize 1746 * this divide into a shift. 1747 */ 1748 vifp->tbf_n_tok += tm * vifp->v_rate_limit / 8192; 1749 vifp->tbf_last_pkt_t = tp; 1750 1751 if (vifp->tbf_n_tok > MAX_BKT_SIZE) 1752 vifp->tbf_n_tok = MAX_BKT_SIZE; 1753 1754 splx(s); 1755 } 1756 1757 static int 1758 priority(vifp, ip) 1759 struct vif *vifp; 1760 struct ip *ip; 1761 { 1762 int prio; 1763 1764 /* temporary hack; may add general packet classifier some day */ 1765 1766 /* 1767 * The UDP port space is divided up into four priority ranges: 1768 * [0, 16384) : unclassified - lowest priority 1769 * [16384, 32768) : audio - highest priority 1770 * [32768, 49152) : whiteboard - medium priority 1771 * [49152, 65536) : video - low priority 1772 */ 1773 if (ip->ip_p == IPPROTO_UDP) { 1774 struct udphdr *udp = (struct udphdr *)(((char *)ip) + (ip->ip_hl << 2)); 1775 1776 switch (ntohs(udp->uh_dport) & 0xc000) { 1777 case 0x4000: 1778 prio = 70; 1779 break; 1780 case 0x8000: 1781 prio = 60; 1782 break; 1783 case 0xc000: 1784 prio = 55; 1785 break; 1786 default: 1787 prio = 50; 1788 break; 1789 } 1790 1791 if (tbfdebug > 1) 1792 log(LOG_DEBUG, "port %x prio %d\n", ntohs(udp->uh_dport), prio); 1793 } else 1794 prio = 50; 1795 1796 1797 return (prio); 1798 } 1799 1800 /* 1801 * End of token bucket filter modifications 1802 */ 1803 1804 #ifdef RSVP_ISI 1805 1806 int 1807 ip_rsvp_vif_init(so, m) 1808 struct socket *so; 1809 struct mbuf *m; 1810 { 1811 int i; 1812 int s; 1813 1814 if (rsvpdebug) 1815 printf("ip_rsvp_vif_init: so_type = %d, pr_protocol = %d\n", 1816 so->so_type, so->so_proto->pr_protocol); 1817 1818 if (so->so_type != SOCK_RAW || so->so_proto->pr_protocol != IPPROTO_RSVP) 1819 return (EOPNOTSUPP); 1820 1821 /* Check mbuf. */ 1822 if (m == 0 || m->m_len != sizeof(int)) { 1823 return (EINVAL); 1824 } 1825 i = *(mtod(m, int *)); 1826 1827 if (rsvpdebug) 1828 printf("ip_rsvp_vif_init: vif = %d rsvp_on = %d\n",i,rsvp_on); 1829 1830 s = splsoftnet(); 1831 1832 /* Check vif. */ 1833 if (!legal_vif_num(i)) { 1834 splx(s); 1835 return (EADDRNOTAVAIL); 1836 } 1837 1838 /* Check if socket is available. */ 1839 if (viftable[i].v_rsvpd != 0) { 1840 splx(s); 1841 return (EADDRINUSE); 1842 } 1843 1844 viftable[i].v_rsvpd = so; 1845 /* This may seem silly, but we need to be sure we don't over-increment 1846 * the RSVP counter, in case something slips up. 1847 */ 1848 if (!viftable[i].v_rsvp_on) { 1849 viftable[i].v_rsvp_on = 1; 1850 rsvp_on++; 1851 } 1852 1853 splx(s); 1854 return (0); 1855 } 1856 1857 int 1858 ip_rsvp_vif_done(so, m) 1859 struct socket *so; 1860 struct mbuf *m; 1861 { 1862 int i; 1863 int s; 1864 1865 if (rsvpdebug) 1866 printf("ip_rsvp_vif_done: so_type = %d, pr_protocol = %d\n", 1867 so->so_type, so->so_proto->pr_protocol); 1868 1869 if (so->so_type != SOCK_RAW || so->so_proto->pr_protocol != IPPROTO_RSVP) 1870 return (EOPNOTSUPP); 1871 1872 /* Check mbuf. */ 1873 if (m == 0 || m->m_len != sizeof(int)) { 1874 return (EINVAL); 1875 } 1876 i = *(mtod(m, int *)); 1877 1878 s = splsoftnet(); 1879 1880 /* Check vif. */ 1881 if (!legal_vif_num(i)) { 1882 splx(s); 1883 return (EADDRNOTAVAIL); 1884 } 1885 1886 if (rsvpdebug) 1887 printf("ip_rsvp_vif_done: v_rsvpd = %x so = %x\n", 1888 viftable[i].v_rsvpd, so); 1889 1890 viftable[i].v_rsvpd = 0; 1891 /* This may seem silly, but we need to be sure we don't over-decrement 1892 * the RSVP counter, in case something slips up. 1893 */ 1894 if (viftable[i].v_rsvp_on) { 1895 viftable[i].v_rsvp_on = 0; 1896 rsvp_on--; 1897 } 1898 1899 splx(s); 1900 return (0); 1901 } 1902 1903 void 1904 ip_rsvp_force_done(so) 1905 struct socket *so; 1906 { 1907 int vifi; 1908 int s; 1909 1910 /* Don't bother if it is not the right type of socket. */ 1911 if (so->so_type != SOCK_RAW || so->so_proto->pr_protocol != IPPROTO_RSVP) 1912 return; 1913 1914 s = splsoftnet(); 1915 1916 /* The socket may be attached to more than one vif...this 1917 * is perfectly legal. 1918 */ 1919 for (vifi = 0; vifi < numvifs; vifi++) { 1920 if (viftable[vifi].v_rsvpd == so) { 1921 viftable[vifi].v_rsvpd = 0; 1922 /* This may seem silly, but we need to be sure we don't 1923 * over-decrement the RSVP counter, in case something slips up. 1924 */ 1925 if (viftable[vifi].v_rsvp_on) { 1926 viftable[vifi].v_rsvp_on = 0; 1927 rsvp_on--; 1928 } 1929 } 1930 } 1931 1932 splx(s); 1933 return; 1934 } 1935 1936 void 1937 rsvp_input(m, ifp) 1938 struct mbuf *m; 1939 struct ifnet *ifp; 1940 { 1941 int vifi; 1942 struct ip *ip = mtod(m, struct ip *); 1943 static struct sockaddr_in rsvp_src = { sizeof(sin), AF_INET }; 1944 int s; 1945 1946 if (rsvpdebug) 1947 printf("rsvp_input: rsvp_on %d\n",rsvp_on); 1948 1949 /* Can still get packets with rsvp_on = 0 if there is a local member 1950 * of the group to which the RSVP packet is addressed. But in this 1951 * case we want to throw the packet away. 1952 */ 1953 if (!rsvp_on) { 1954 m_freem(m); 1955 return; 1956 } 1957 1958 /* If the old-style non-vif-associated socket is set, then use 1959 * it and ignore the new ones. 1960 */ 1961 if (ip_rsvpd != 0) { 1962 if (rsvpdebug) 1963 printf("rsvp_input: Sending packet up old-style socket\n"); 1964 rip_input(m); /*XXX*/ 1965 return; 1966 } 1967 1968 s = splsoftnet(); 1969 1970 if (rsvpdebug) 1971 printf("rsvp_input: check vifs\n"); 1972 1973 /* Find which vif the packet arrived on. */ 1974 for (vifi = 0; vifi < numvifs; vifi++) { 1975 if (viftable[vifi].v_ifp == ifp) 1976 break; 1977 } 1978 1979 if (vifi == numvifs) { 1980 /* Can't find vif packet arrived on. Drop packet. */ 1981 if (rsvpdebug) 1982 printf("rsvp_input: Can't find vif for packet...dropping it.\n"); 1983 m_freem(m); 1984 splx(s); 1985 return; 1986 } 1987 1988 if (rsvpdebug) 1989 printf("rsvp_input: check socket\n"); 1990 1991 if (viftable[vifi].v_rsvpd == 0) { 1992 /* drop packet, since there is no specific socket for this 1993 * interface */ 1994 if (rsvpdebug) 1995 printf("rsvp_input: No socket defined for vif %d\n",vifi); 1996 m_freem(m); 1997 splx(s); 1998 return; 1999 } 2000 2001 rsvp_src.sin_addr = ip->ip_src; 2002 2003 if (rsvpdebug && m) 2004 printf("rsvp_input: m->m_len = %d, sbspace() = %d\n", 2005 m->m_len,sbspace(&viftable[vifi].v_rsvpd->so_rcv)); 2006 2007 if (socket_send(viftable[vifi].v_rsvpd, m, &rsvp_src) < 0) 2008 if (rsvpdebug) 2009 printf("rsvp_input: Failed to append to socket\n"); 2010 else 2011 if (rsvpdebug) 2012 printf("rsvp_input: send packet up\n"); 2013 2014 splx(s); 2015 } 2016 #endif /* RSVP_ISI */ 2017
Indexes created Tue Sep 23 21:09:50 GMT 2025