TSG-17749 tsg-service-chaining-engine更改VXLAN Frame源端口的计算方式

author: luwenpeng <[email protected]> 2023-11-20 10:31:21 +0800
committer: luwenpeng <[email protected]> 2023-11-20 10:31:21 +0800
commit: 134d2c82b7ebc2229fac03be721555e37f4db571 (patch)
tree: ec696bc40260d2b180b792aa44ae5550c2771487 /platform
parent: 83f9880ff0dcad18bb96a6a3587e5cd3782e4b93 (diff)
4 files changed, 50 insertions, 41 deletions
diff --git a/platform/include/global_metrics.h b/platform/include/global_metrics.h
index 410fa1a..8b34261 100644
--- a/platform/include/global_metrics.h
+++ b/platform/include/global_metrics.h
@@ -35,7 +35,7 @@ struct device_metrics
     struct throughput_metrics endpoint_vlan_drop; // 累计值
 };
 
-// data_pkt_metrics 不包含 g_vxlan 所占的字节
+// data_pkt_metrics 不包含 vxlan frame 所占的字节
 struct data_pkt_metrics
 {
     struct throughput_metrics mirr_bypass;  // 累计值
diff --git a/platform/include/sce.h b/platform/include/sce.h
index 311204b..866bfca 100644
--- a/platform/include/sce.h
+++ b/platform/include/sce.h
@@ -74,6 +74,7 @@ struct session_ctx
 {
     uint64_t session_id;
     char *session_addr;
+    uint16_t vxlan_src_port;
 
     struct four_tuple inner_tuple4;
     struct mutable_array rule_ids;
diff --git a/platform/src/health_check.cpp b/platform/src/health_check.cpp
index f283e62..7096eae 100644
--- a/platform/src/health_check.cpp
+++ b/platform/src/health_check.cpp
@@ -161,6 +161,29 @@ static int health_check_method_table_add(struct session_table_addr *table, char
     return 0;
 }
 
+#define CHECKSUM_CARRY(x) (x = (x >> 16) + (x & 0xffff), (~(x + (x >> 16)) & 0xffff))
+static inline int checksum(uint16_t *data, int len)
+{
+    int sum = 0;
+    int nleft = len;
+    uint16_t ans = 0;
+    uint16_t *w = data;
+
+    while (nleft > 1)
+    {
+        sum += *w++;
+        nleft -= 2;
+    }
+
+    if (nleft == 1)
+    {
+        *(char *)(&ans) = *(char *)w;
+        sum += ans;
+    }
+
+    return sum;
+}
+
 static int send_icmp_pkt(char *addr)
 {
     int sockfd;
diff --git a/platform/src/packet_io.cpp b/platform/src/packet_io.cpp
index f582d27..a1effe0 100644
--- a/platform/src/packet_io.cpp
+++ b/platform/src/packet_io.cpp
@@ -11,7 +11,7 @@
 #include "log.h"
 #include "sce.h"
 #include "utils.h"
-#include "g_vxlan.h"
+#include "vxlan.h"
 #include "packet_io.h"
 #include "sf_metrics.h"
 #include "control_packet.h"
@@ -322,7 +322,7 @@ static int is_uplink_keepalive_packet(marsio_buff_t *rx_buff)
 {
     int raw_len = marsio_buff_datalen(rx_buff);
     char *raw_data = marsio_buff_mtod(rx_buff);
-    if (raw_data == NULL || raw_len < (int)(sizeof(struct ethhdr) + sizeof(struct ip) + sizeof(struct udp_hdr)))
+    if (raw_data == NULL || raw_len < (int)(sizeof(struct ethhdr) + sizeof(struct ip) + sizeof(struct udphdr)))
     {
         return 0;
     }
@@ -339,7 +339,7 @@ static int is_uplink_keepalive_packet(marsio_buff_t *rx_buff)
         return 0;
     }
 
-    struct udp_hdr *udp_hdr = (struct udp_hdr *)((char *)ip_hdr + sizeof(struct ip));
+    struct udphdr *udp_hdr = (struct udphdr *)((char *)ip_hdr + sizeof(struct ip));
     if (udp_hdr->uh_dport != htons(3784))
     {
         return 0;
@@ -408,26 +408,6 @@ static struct session_ctx *inject_packet_search_session(struct session_table *ta
  * action bypass/block/forward
  ******************************************************************************/
 
-static void vxlan_encapsulate(marsio_buff_t *mbuff,
-                              const u_char src_mac[], const u_char dst_mac[],
-                              const in_addr_t src_ip, const in_addr_t dst_ip, uint16_t ipid,
-                              uint16_t src_port, int payload_len, int is_e2i, int is_decrypted, int sf_index)
-{
-    struct ethhdr *eth_hdr = (struct ethhdr *)marsio_buff_prepend(mbuff, sizeof(struct ethhdr) + sizeof(struct ip) + sizeof(struct udp_hdr) + sizeof(struct g_vxlan));
-    struct ip *ip_hdr = (struct ip *)((char *)eth_hdr + sizeof(struct ethhdr));
-    struct udp_hdr *udp_hdr = (struct udp_hdr *)((char *)ip_hdr + sizeof(struct ip));
-    struct g_vxlan *g_vxlan_hdr = (struct g_vxlan *)((char *)udp_hdr + sizeof(struct udp_hdr));
-
-    memset(g_vxlan_hdr, 0, sizeof(struct g_vxlan));
-    g_vxlan_set_packet_dir(g_vxlan_hdr, is_e2i);
-    g_vxlan_set_sf_index(g_vxlan_hdr, sf_index);
-    g_vxlan_set_traffic_type(g_vxlan_hdr, is_decrypted);
-
-    build_ether_header(eth_hdr, ETH_P_IP, src_mac, dst_mac);
-    build_ip_header(ip_hdr, IPPROTO_UDP, ipid, src_ip, dst_ip, sizeof(struct udp_hdr) + sizeof(struct g_vxlan) + payload_len);
-    build_udp_header((const char *)&ip_hdr->ip_src, 8, udp_hdr, src_port, 4789, sizeof(struct g_vxlan) + payload_len);
-}
-
 struct vlan_hdr
 {
     uint16_t vlan_cfi;
@@ -507,10 +487,11 @@ void vlan_encapsulate(marsio_buff_t *mbuff, int vlan_id, int replace_orig_vlan_h
     }
 }
 
-static int send_packet_to_sf(marsio_buff_t *mbuff, struct metadata *meta, struct selected_sf *sf, struct thread_ctx *thread_ctx)
+static int send_packet_to_sf(struct session_ctx *session_ctx, marsio_buff_t *mbuff, struct metadata *meta, struct selected_sf *sf, struct thread_ctx *thread_ctx)
 {
     thread_ctx->tx_packets_ipid++;
     int nsend = 0;
+    char *buffer = NULL;
     struct packet_io *packet_io = thread_ctx->ref_io;
     struct thread_metrics *thread_metrics = &thread_ctx->thread_metrics;
 
@@ -518,9 +499,12 @@ static int send_packet_to_sf(marsio_buff_t *mbuff, struct metadata *meta, struct
     switch (sf->sf_connectivity.method)
     {
     case ENCAPSULATE_METHOD_VXLAN_G:
-        vxlan_encapsulate(mbuff, packet_io->config.dev_endpoint_l3_mac, sf->sf_dst_mac,
-                          packet_io->config.dev_endpoint_l3_ip, sf->sf_dst_ip, thread_ctx->tx_packets_ipid % 65535,
-                          meta->session_id % (65535 - 49152) + 49152, meta->raw_len, meta->is_e2i_dir, meta->is_decrypted, sf->sf_index);
+        buffer = marsio_buff_prepend(mbuff, VXLAN_FRAME_HDR_LEN);
+        vxlan_frame_encode(buffer,
+                           packet_io->config.dev_endpoint_l3_mac, sf->sf_dst_mac,
+                           packet_io->config.dev_endpoint_l3_ip, sf->sf_dst_ip, thread_ctx->tx_packets_ipid % 65535,
+                           session_ctx->vxlan_src_port, meta->raw_len,
+                           meta->is_e2i_dir, meta->is_decrypted, sf->sf_index);
         nsend = marsio_buff_datalen(mbuff);
         marsio_send_burst_with_options(packet_io->dev_endpoint_l3.mr_path, thread_ctx->thread_index, &mbuff, 1, MARSIO_SEND_OPT_REHASH);
         throughput_metrics_inc(&(thread_metrics->device.endpoint_vxlan_tx), 1, nsend);
@@ -603,7 +587,7 @@ static void action_mirr_block(marsio_buff_t *rx_buff, struct metadata *meta, str
     throughput_metrics_inc(&(thread_metrics->data_pkt.mirr_block), 1, raw_len);
 }
 
-static void action_mirr_forward(marsio_buff_t *rx_buff, struct metadata *meta, struct selected_sf *sf, struct thread_ctx *thread_ctx)
+static void action_mirr_forward(struct session_ctx *session_ctx, marsio_buff_t *rx_buff, struct metadata *meta, struct selected_sf *sf, struct thread_ctx *thread_ctx)
 {
     struct thread_metrics *thread_metrics = &thread_ctx->thread_metrics;
     struct packet_io *packet_io = thread_ctx->ref_io;
@@ -622,7 +606,7 @@ static void action_mirr_forward(marsio_buff_t *rx_buff, struct metadata *meta, s
     char *copy_ptr = marsio_buff_append(new_buff, raw_len);
     memcpy(copy_ptr, raw_data, raw_len);
 
-    int nsend = send_packet_to_sf(new_buff, meta, sf, thread_ctx);
+    int nsend = send_packet_to_sf(session_ctx, new_buff, meta, sf, thread_ctx);
     throughput_metrics_inc(&(thread_metrics->data_pkt.mirr_tx), 1, raw_len);
     throughput_metrics_inc(&sf->tx, 1, nsend);
     sf_metrics_inc(thread_ctx->sf_metrics, sf->rule_vsys_id, sf->rule_id, sf->sff_profile_id, sf->sf_profile_id, 0, 0, 1, nsend);
@@ -647,12 +631,12 @@ static void action_stee_block(marsio_buff_t *rx_buff, struct metadata *meta, str
     marsio_buff_free(packet_io->instance, &rx_buff, 1, 0, thread_index);
 }
 
-static void action_stee_forward(marsio_buff_t *rx_buff, struct metadata *meta, struct selected_sf *sf, struct thread_ctx *thread_ctx)
+static void action_stee_forward(struct session_ctx *session_ctx, marsio_buff_t *rx_buff, struct metadata *meta, struct selected_sf *sf, struct thread_ctx *thread_ctx)
 {
     struct thread_metrics *thread_metrics = &thread_ctx->thread_metrics;
 
     int raw_len = marsio_buff_datalen(rx_buff);
-    int nsend = send_packet_to_sf(rx_buff, meta, sf, thread_ctx);
+    int nsend = send_packet_to_sf(session_ctx, rx_buff, meta, sf, thread_ctx);
     throughput_metrics_inc(&(thread_metrics->data_pkt.stee_tx), 1, raw_len);
     throughput_metrics_inc(&sf->tx, 1, nsend);
     sf_metrics_inc(thread_ctx->sf_metrics, sf->rule_vsys_id, sf->rule_id, sf->sff_profile_id, sf->sf_profile_id, 0, 0, 1, nsend);
@@ -707,12 +691,12 @@ static void action_sf_chaining(struct thread_ctx *thread_ctx, struct session_ctx
 
             if (sf->sff_forward_type == FORWARD_TYPE_STEERING)
             {
-                action_stee_forward(rx_buff, meta, sf, thread_ctx);
+                action_stee_forward(session_ctx, rx_buff, meta, sf, thread_ctx);
                 return;
             }
             else
             {
-                action_mirr_forward(rx_buff, meta, sf, thread_ctx);
+                action_mirr_forward(session_ctx, rx_buff, meta, sf, thread_ctx);
                 continue;
             }
         }
@@ -962,6 +946,7 @@ static void handle_session_opening(struct metadata *meta, struct control_packet
     struct session_ctx *session_ctx = session_ctx_new();
     session_ctx->session_id = meta->session_id;
     session_ctx->session_addr = four_tuple_tostring(&inner_tuple4);
+    session_ctx->vxlan_src_port = calculate_vxlan_source_port(&inner_tuple4);
     four_tuple_copy(&session_ctx->inner_tuple4, &inner_tuple4);
     metadata_deep_copy(session_ctx->ctrl_meta, meta);
     session_ctx->chainings.chaining_raw = selected_chaining_create(chaining_size, session_ctx->session_id, session_ctx->session_addr);
@@ -1164,7 +1149,7 @@ static void handle_inject_vxlan_packet(marsio_buff_t *rx_buff, struct thread_ctx
     struct thread_metrics *thread_metrics = &thread_ctx->thread_metrics;
 
     struct metadata meta;
-    struct g_vxlan *g_vxlan_hdr = NULL;
+    struct vxlan_hdr *vxlan_hdr = NULL;
     struct session_ctx *session_ctx = NULL;
     struct selected_chaining *chaining = NULL;
     memset(&meta, 0, sizeof(struct metadata));
@@ -1172,20 +1157,20 @@ static void handle_inject_vxlan_packet(marsio_buff_t *rx_buff, struct thread_ctx
     int sf_index = 0;
     int raw_len = marsio_buff_datalen(rx_buff);
     char *raw_data = marsio_buff_mtod(rx_buff);
-    if (g_vxlan_decode(&g_vxlan_hdr, raw_data, raw_len) == -1)
+    if (vxlan_frame_decode(&vxlan_hdr, raw_data, raw_len) == -1)
     {
         throughput_metrics_inc(&(thread_metrics->device.endpoint_vxlan_drop), 1, raw_len);
         action_err_block(rx_buff, &meta, NULL, thread_ctx);
         return;
     }
 
-    meta.raw_data = (char *)g_vxlan_hdr + sizeof(struct g_vxlan);
-    meta.raw_len = raw_len - sizeof(struct ethhdr) - sizeof(struct ip) - sizeof(struct udp_hdr) - sizeof(struct g_vxlan);
+    meta.raw_data = (char *)vxlan_hdr + sizeof(struct vxlan_hdr);
+    meta.raw_len = raw_len - VXLAN_FRAME_HDR_LEN;
     meta.l7offset = 0;
-    meta.is_e2i_dir = g_vxlan_get_packet_dir(g_vxlan_hdr);
     meta.is_ctrl_pkt = 0;
-    meta.is_decrypted = g_vxlan_get_traffic_type(g_vxlan_hdr);
-    sf_index = g_vxlan_get_sf_index(g_vxlan_hdr);
+    sf_index = vxlan_get_opt(vxlan_hdr, VNI_OPT_SFINDEX);
+    meta.is_e2i_dir = vxlan_get_opt(vxlan_hdr, VNI_OPT_DIR);
+    meta.is_decrypted = vxlan_get_opt(vxlan_hdr, VNI_OPT_TRAFFIC);
 
     session_ctx = inject_packet_search_session(session_table, meta.raw_data, meta.raw_len);
     if (session_ctx == NULL)
author	luwenpeng <[email protected]>	2023-11-20 10:31:21 +0800
committer	luwenpeng <[email protected]>	2023-11-20 10:31:21 +0800
commit	134d2c82b7ebc2229fac03be721555e37f4db571 (patch)
tree	ec696bc40260d2b180b792aa44ae5550c2771487 /platform
parent	83f9880ff0dcad18bb96a6a3587e5cd3782e4b93 (diff)