1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 /* Copyright (c) 1990 Mentat Inc. */ 26 27 #ifndef _INET_IP_IRE_H 28 #define _INET_IP_IRE_H 29 30 #pragma ident "%Z%%M% %I% %E% SMI" 31 32 #ifdef __cplusplus 33 extern "C" { 34 #endif 35 36 #define IPV6_LL_PREFIXLEN 10 /* Number of bits in link-local pref */ 37 38 #define IP_CACHE_TABLE_SIZE 256 39 #define IP_MASK_TABLE_SIZE (IP_ABITS + 1) /* 33 ptrs */ 40 41 #define IP6_FTABLE_HASH_SIZE 32 /* size of each hash table in ptrs */ 42 #define IP6_CACHE_TABLE_SIZE 256 43 #define IP6_MASK_TABLE_SIZE (IPV6_ABITS + 1) /* 129 ptrs */ 44 45 /* 46 * We use the common modulo hash function. In ip_ire_init(), we make 47 * sure that the cache table size is always a power of 2. That's why 48 * we can use & instead of %. Also note that we try hard to make sure 49 * the lower bits of an address capture most info from the whole address. 50 * The reason being that since our hash table is probably a lot smaller 51 * than 2^32 buckets so the lower bits are the most important. 52 */ 53 #define IRE_ADDR_HASH(addr, table_size) \ 54 (((addr) ^ ((addr) >> 8) ^ ((addr) >> 16) ^ ((addr) >> 24)) & \ 55 ((table_size) - 1)) 56 57 /* 58 * To make a byte-order neutral hash for IPv6, just take all the 59 * bytes in the bottom 32 bits into account. 60 */ 61 #define IRE_ADDR_HASH_V6(addr, table_size) \ 62 IRE_ADDR_HASH((addr).s6_addr32[3], table_size) 63 64 /* This assumes that the ftable size is a power of 2. */ 65 #define IRE_ADDR_MASK_HASH_V6(addr, mask, table_size) \ 66 ((((addr).s6_addr8[8] & (mask).s6_addr8[8]) ^ \ 67 ((addr).s6_addr8[9] & (mask).s6_addr8[9]) ^ \ 68 ((addr).s6_addr8[10] & (mask).s6_addr8[10]) ^ \ 69 ((addr).s6_addr8[13] & (mask).s6_addr8[13]) ^ \ 70 ((addr).s6_addr8[14] & (mask).s6_addr8[14]) ^ \ 71 ((addr).s6_addr8[15] & (mask).s6_addr8[15])) & ((table_size) - 1)) 72 73 /* 74 * match parameter definitions for IRE lookup routines. 75 */ 76 #define MATCH_IRE_DSTONLY 0x0000 /* Match just the address */ 77 #define MATCH_IRE_TYPE 0x0001 /* Match IRE type */ 78 #define MATCH_IRE_SRC 0x0002 /* Match IRE source address */ 79 #define MATCH_IRE_MASK 0x0004 /* Match IRE mask */ 80 /* unused 0x0008 */ 81 #define MATCH_IRE_GW 0x0010 /* Match IRE gateway */ 82 #define MATCH_IRE_IPIF 0x0020 /* Match IRE ipif */ 83 #define MATCH_IRE_RECURSIVE 0x0040 /* Do recursive lookup if necessary */ 84 #define MATCH_IRE_DEFAULT 0x0080 /* Return default route if no route */ 85 /* found. */ 86 #define MATCH_IRE_RJ_BHOLE 0x0100 /* During lookup if we hit an ire */ 87 /* with RTF_REJECT or RTF_BLACKHOLE, */ 88 /* return the ire. No recursive */ 89 /* lookup should be done. */ 90 #define MATCH_IRE_IHANDLE 0x0200 /* Match IRE on ihandle */ 91 #define MATCH_IRE_MARK_HIDDEN 0x0400 /* Match IRE ire_marks with */ 92 /* IRE_MARK_HIDDEN. */ 93 /* 94 * MATCH_IRE_ILL is used whenever we want to specifically match an IRE 95 * whose ire_ipif->ipif_ill or (ill_t *)ire_stq->q_ptr matches a given 96 * ill. When MATCH_IRE_ILL is used to locate an IRE_CACHE, it implies 97 * that the packet will not be load balanced. This is normally used 98 * by in.mpathd to send out failure detection probes. 99 * 100 * MATCH_IRE_ILL_GROUP is used whenever we are not specific about which 101 * interface (ill) the packet should be sent out. This implies that the 102 * packets will be subjected to load balancing and it might go out on 103 * any interface in the group. When there is only interface in the group, 104 * MATCH_IRE_ILL_GROUP becomes MATCH_IRE_ILL. Most of the code uses 105 * MATCH_IRE_ILL_GROUP and MATCH_IRE_ILL is used in very few cases where 106 * we want to disable load balancing. 107 * 108 * MATCH_IRE_PARENT is used whenever we unconditionally want to get the 109 * parent IRE (sire) while recursively searching IREs for an offsubnet 110 * destination. With this flag, even if no IRE_CACHETABLE or IRE_INTERFACE 111 * is found to help resolving IRE_OFFSUBNET in lookup routines, the 112 * IRE_OFFSUBNET sire, if any, is returned to the caller. 113 */ 114 #define MATCH_IRE_ILL_GROUP 0x0800 /* Match IRE on ill or the ill_group. */ 115 #define MATCH_IRE_ILL 0x1000 /* Match IRE on the ill only */ 116 117 #define MATCH_IRE_PARENT 0x2000 /* Match parent ire, if any, */ 118 /* even if ire is not matched. */ 119 #define MATCH_IRE_ZONEONLY 0x4000 /* Match IREs in specified zone, ie */ 120 /* don't match IRE_LOCALs from other */ 121 /* zones or shared IREs */ 122 #define MATCH_IRE_MARK_PRIVATE_ADDR 0x8000 /* Match IRE ire_marks with */ 123 /* IRE_MARK_PRIVATE_ADDR. */ 124 #define MATCH_IRE_SECATTR 0x10000 /* Match gateway security attributes */ 125 #define MATCH_IRE_COMPLETE 0x20000 /* ire_ftable_lookup() can return */ 126 /* IRE_CACHE entry only if it is */ 127 /* ND_REACHABLE */ 128 129 /* 130 * Any ire to nce association is long term, and 131 * the refhold and refrele may be done by different 132 * threads. So all cases of making or breaking ire to 133 * nce association should all effectively use the NOTR variants. 134 * To understand the *effectively* part read on. 135 * 136 * ndp_lookup() and ndp_add_v4()/ndp_add_v6() implicitly do 137 * NCE_REFHOLD. So wherever we make ire to nce association after 138 * calling these functions, we effectively want to end up with 139 * NCE_REFHOLD_NOTR. We call this macro to achieve this effect. This 140 * macro changes a NCE_REFHOLD to a NCE_REFHOLD_NOTR. The macro's 141 * NCE_REFRELE cancels off ndp_lookup[ndp_add]'s implicit NCE_REFHOLD, 142 * and what you are left with is a NCE_REFHOLD_NOTR 143 */ 144 #define NCE_REFHOLD_TO_REFHOLD_NOTR(nce) { \ 145 NCE_REFHOLD_NOTR(nce); \ 146 NCE_REFRELE(nce); \ 147 } 148 149 /* 150 * find the next ire_t entry in the ire_next chain starting at ire 151 * that is not CONDEMNED. ire is set to NULL if we reach the end of the list. 152 * Caller must hold the ire_bucket lock. 153 */ 154 155 #define IRE_FIND_NEXT_ORIGIN(ire) { \ 156 while ((ire) != NULL && ((ire)->ire_marks & IRE_MARK_CONDEMNED))\ 157 (ire) = (ire)->ire_next; \ 158 } 159 160 161 /* Structure for ire_cache_count() */ 162 typedef struct { 163 int icc_total; /* Total number of IRE_CACHE */ 164 int icc_unused; /* # off/no PMTU unused since last reclaim */ 165 int icc_offlink; /* # offlink without PMTU information */ 166 int icc_pmtu; /* # offlink with PMTU information */ 167 int icc_onlink; /* # onlink */ 168 } ire_cache_count_t; 169 170 /* 171 * Structure for ire_cache_reclaim(). Each field is a fraction i.e. 1 meaning 172 * reclaim all, N meaning reclaim 1/Nth of all entries, 0 meaning reclaim none. 173 * 174 * The comment below (and for other netstack_t references) refers 175 * to the fact that we only do netstack_hold in particular cases, 176 * such as the references from open streams (ill_t and conn_t's 177 * pointers). Internally within IP we rely on IP's ability to cleanup e.g. 178 * ire_t's when an ill goes away. 179 */ 180 typedef struct { 181 int icr_unused; /* Fraction for unused since last reclaim */ 182 int icr_offlink; /* Fraction for offlink without PMTU info */ 183 int icr_pmtu; /* Fraction for offlink with PMTU info */ 184 int icr_onlink; /* Fraction for onlink */ 185 ip_stack_t *icr_ipst; /* Does not have a netstack_hold */ 186 } ire_cache_reclaim_t; 187 188 /* 189 * We use atomics so that we get an accurate accounting on the ires. 190 * Otherwise we can't determine leaks correctly. 191 */ 192 #define BUMP_IRE_STATS(ire_stats, x) atomic_add_64(&(ire_stats).x, 1) 193 194 #ifdef _KERNEL 195 struct ts_label_s; 196 struct nce_s; 197 198 extern ipaddr_t ip_plen_to_mask(uint_t); 199 extern in6_addr_t *ip_plen_to_mask_v6(uint_t, in6_addr_t *); 200 201 extern int ip_ire_advise(queue_t *, mblk_t *, cred_t *); 202 extern int ip_ire_delete(queue_t *, mblk_t *, cred_t *); 203 extern boolean_t ip_ire_clookup_and_delete(ipaddr_t, ipif_t *, ip_stack_t *); 204 extern void ip_ire_clookup_and_delete_v6(const in6_addr_t *, 205 ip_stack_t *); 206 207 extern void ip_ire_req(queue_t *, mblk_t *); 208 209 extern int ip_mask_to_plen(ipaddr_t); 210 extern int ip_mask_to_plen_v6(const in6_addr_t *); 211 212 extern ire_t *ipif_to_ire(const ipif_t *); 213 extern ire_t *ipif_to_ire_v6(const ipif_t *); 214 215 extern int ire_add(ire_t **, queue_t *, mblk_t *, ipsq_func_t, boolean_t); 216 extern void ire_add_then_send(queue_t *, ire_t *, mblk_t *); 217 extern int ire_add_v6(ire_t **, queue_t *, mblk_t *, ipsq_func_t); 218 extern int ire_atomic_start(irb_t *irb_ptr, ire_t *ire, queue_t *q, 219 mblk_t *mp, ipsq_func_t func); 220 extern void ire_atomic_end(irb_t *irb_ptr, ire_t *ire); 221 222 extern void ire_cache_count(ire_t *, char *); 223 extern ire_t *ire_cache_lookup(ipaddr_t, zoneid_t, 224 const struct ts_label_s *, ip_stack_t *); 225 extern ire_t *ire_cache_lookup_v6(const in6_addr_t *, zoneid_t, 226 const struct ts_label_s *, ip_stack_t *); 227 extern void ire_cache_reclaim(ire_t *, char *); 228 229 extern ire_t *ire_create_mp(uchar_t *, uchar_t *, uchar_t *, uchar_t *, 230 uint_t, struct nce_s *, queue_t *, queue_t *, ushort_t, ipif_t *, ipaddr_t, 231 uint32_t, uint32_t, uint32_t, const iulp_t *, tsol_gc_t *, tsol_gcgrp_t *, 232 ip_stack_t *); 233 extern ire_t *ire_create(uchar_t *, uchar_t *, uchar_t *, uchar_t *, 234 uint_t *, struct nce_s *, queue_t *, queue_t *, ushort_t, ipif_t *, 235 ipaddr_t, uint32_t, uint32_t, uint32_t, const iulp_t *, tsol_gc_t *, 236 tsol_gcgrp_t *, ip_stack_t *); 237 238 extern ire_t **ire_check_and_create_bcast(ipif_t *, ipaddr_t, 239 ire_t **, int); 240 extern ire_t **ire_create_bcast(ipif_t *, ipaddr_t, ire_t **); 241 extern ire_t *ire_init(ire_t *, uchar_t *, uchar_t *, uchar_t *, uchar_t *, 242 uint_t *, struct nce_s *, queue_t *, queue_t *, ushort_t, ipif_t *, 243 ipaddr_t, uint32_t, uint32_t, uint32_t, const iulp_t *, tsol_gc_t *, 244 tsol_gcgrp_t *, ip_stack_t *); 245 246 extern boolean_t ire_init_common(ire_t *, uint_t *, struct nce_s *, queue_t *, 247 queue_t *, ushort_t, ipif_t *, uint32_t, uint32_t, uint32_t, uchar_t, 248 const iulp_t *, tsol_gc_t *, tsol_gcgrp_t *, ip_stack_t *); 249 250 extern ire_t *ire_create_v6(const in6_addr_t *, const in6_addr_t *, 251 const in6_addr_t *, const in6_addr_t *, uint_t *, struct nce_s *, queue_t *, 252 queue_t *, ushort_t, ipif_t *, 253 const in6_addr_t *, uint32_t, uint32_t, uint_t, const iulp_t *, 254 tsol_gc_t *, tsol_gcgrp_t *, ip_stack_t *); 255 256 extern ire_t *ire_create_mp_v6(const in6_addr_t *, const in6_addr_t *, 257 const in6_addr_t *, const in6_addr_t *, struct nce_s *, queue_t *, 258 queue_t *, ushort_t, ipif_t *, 259 const in6_addr_t *, uint32_t, uint32_t, uint_t, const iulp_t *, 260 tsol_gc_t *, tsol_gcgrp_t *, ip_stack_t *); 261 262 263 extern void ire_clookup_delete_cache_gw(ipaddr_t, zoneid_t, 264 ip_stack_t *); 265 extern void ire_clookup_delete_cache_gw_v6(const in6_addr_t *, zoneid_t, 266 ip_stack_t *); 267 268 extern ire_t *ire_ctable_lookup(ipaddr_t, ipaddr_t, int, const ipif_t *, 269 zoneid_t, const struct ts_label_s *, int, ip_stack_t *); 270 271 extern ire_t *ire_ctable_lookup_v6(const in6_addr_t *, const in6_addr_t *, 272 int, const ipif_t *, zoneid_t, const struct ts_label_s *, int, 273 ip_stack_t *); 274 275 extern void ire_delete(ire_t *); 276 extern void ire_delete_cache_gw(ire_t *, char *); 277 extern void ire_delete_cache_gw_v6(ire_t *, char *); 278 extern void ire_delete_cache_v6(ire_t *, char *); 279 extern void ire_delete_v6(ire_t *); 280 281 extern void ire_expire(ire_t *, char *); 282 283 extern void ire_flush_cache_v4(ire_t *, int); 284 extern void ire_flush_cache_v6(ire_t *, int); 285 286 extern ire_t *ire_ftable_lookup_v6(const in6_addr_t *, const in6_addr_t *, 287 const in6_addr_t *, int, const ipif_t *, ire_t **, zoneid_t, 288 uint32_t, const struct ts_label_s *, int, ip_stack_t *); 289 290 extern ire_t *ire_ihandle_lookup_onlink(ire_t *); 291 extern ire_t *ire_ihandle_lookup_offlink(ire_t *, ire_t *); 292 extern ire_t *ire_ihandle_lookup_offlink_v6(ire_t *, ire_t *); 293 294 extern boolean_t ire_local_same_ill_group(ire_t *, ire_t *); 295 extern boolean_t ire_local_ok_across_zones(ire_t *, zoneid_t, void *, 296 const struct ts_label_s *, ip_stack_t *); 297 298 extern ire_t *ire_lookup_local(zoneid_t, ip_stack_t *); 299 extern ire_t *ire_lookup_local_v6(zoneid_t, ip_stack_t *); 300 301 extern ire_t *ire_lookup_multi(ipaddr_t, zoneid_t, ip_stack_t *); 302 extern ire_t *ire_lookup_multi_v6(const in6_addr_t *, zoneid_t, 303 ip_stack_t *); 304 305 extern void ire_refrele(ire_t *); 306 extern void ire_refrele_notr(ire_t *); 307 extern ire_t *ire_route_lookup(ipaddr_t, ipaddr_t, ipaddr_t, int, 308 const ipif_t *, ire_t **, zoneid_t, const struct ts_label_s *, int, 309 ip_stack_t *); 310 311 extern ire_t *ire_route_lookup_v6(const in6_addr_t *, const in6_addr_t *, 312 const in6_addr_t *, int, const ipif_t *, ire_t **, zoneid_t, 313 const struct ts_label_s *, int, ip_stack_t *); 314 315 extern ill_t *ire_to_ill(const ire_t *); 316 317 extern void ire_walk(pfv_t, void *, ip_stack_t *); 318 extern void ire_walk_ill(uint_t, uint_t, pfv_t, void *, ill_t *); 319 extern void ire_walk_ill_v4(uint_t, uint_t, pfv_t, void *, ill_t *); 320 extern void ire_walk_ill_v6(uint_t, uint_t, pfv_t, void *, ill_t *); 321 extern void ire_walk_v4(pfv_t, void *, zoneid_t, ip_stack_t *); 322 extern void ire_walk_ill_tables(uint_t match_flags, uint_t ire_type, 323 pfv_t func, void *arg, size_t ftbl_sz, size_t htbl_sz, 324 irb_t **ipftbl, size_t ctbl_sz, irb_t *ipctbl, ill_t *ill, 325 zoneid_t zoneid, ip_stack_t *); 326 extern void ire_walk_v6(pfv_t, void *, zoneid_t, ip_stack_t *); 327 328 extern boolean_t ire_multirt_lookup(ire_t **, ire_t **, uint32_t, 329 const struct ts_label_s *, ip_stack_t *); 330 extern boolean_t ire_multirt_need_resolve(ipaddr_t, 331 const struct ts_label_s *, ip_stack_t *); 332 extern boolean_t ire_multirt_lookup_v6(ire_t **, ire_t **, uint32_t, 333 const struct ts_label_s *, ip_stack_t *); 334 extern boolean_t ire_multirt_need_resolve_v6(const in6_addr_t *, 335 const struct ts_label_s *, ip_stack_t *); 336 337 extern ire_t *ipif_lookup_multi_ire(ipif_t *, ipaddr_t); 338 extern ire_t *ipif_lookup_multi_ire_v6(ipif_t *, const in6_addr_t *); 339 340 extern ire_t *ire_get_next_bcast_ire(ire_t *, ire_t *); 341 extern ire_t *ire_get_next_default_ire(ire_t *, ire_t *); 342 343 extern void ire_arpresolve(ire_t *, ill_t *); 344 extern void ire_freemblk(ire_t *); 345 extern boolean_t ire_match_args(ire_t *, ipaddr_t, ipaddr_t, ipaddr_t, 346 int, const ipif_t *, zoneid_t, uint32_t, const struct ts_label_s *, int); 347 extern int ire_nce_init(ire_t *, struct nce_s *); 348 extern boolean_t ire_walk_ill_match(uint_t, uint_t, ire_t *, ill_t *, 349 zoneid_t, ip_stack_t *); 350 351 #endif /* _KERNEL */ 352 353 #ifdef __cplusplus 354 } 355 #endif 356 357 #endif /* _INET_IP_IRE_H */ 358
Terms of Use |
Privacy |
Trademarks |
Copyright Policy |
Site Guidelines |
Help
Your use of this web site or any of its content or software indicates your agreement to be bound by these Terms of Use.
Copyright © 1995-2008 Sun Microsystems, Inc.