Print this page
10472 Limit number of multicast NCEs
Reviewed by: Cody Peter Mello <melloc@writev.io>
Reviewed by: Jason King <jason.king@joyent.com>
Reviewed by: Robert Mustacchi <rm@joyent.com>
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/uts/common/inet/ip_stack.h
+++ new/usr/src/uts/common/inet/ip_stack.h
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
|
↓ open down ↓ |
16 lines elided |
↑ open up ↑ |
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21
22 22 /*
23 23 * Copyright 2010 Sun Microsystems, Inc. All rights reserved.
24 24 * Use is subject to license terms.
25 25 */
26 26
27 +/*
28 + * Copyright 2019 Joyent, Inc.
29 + */
30 +
27 31 #ifndef _INET_IP_STACK_H
28 32 #define _INET_IP_STACK_H
29 33
30 34 #ifdef __cplusplus
31 35 extern "C" {
32 36 #endif
33 37
34 38 #include <sys/netstack.h>
35 39 #include <netinet/igmp_var.h>
36 40 #include <sys/modhash.h>
37 41
38 42 #ifdef _KERNEL
39 43 #include <sys/list.h>
40 44
41 45
42 46 /*
43 47 * IP statistics.
44 48 */
45 49 #define IP_STAT(ipst, x) ((ipst)->ips_ip_statistics.x.value.ui64++)
46 50 #define IP_STAT_UPDATE(ipst, x, n) \
47 51 ((ipst)->ips_ip_statistics.x.value.ui64 += (n))
48 52
49 53 typedef struct ip_stat {
50 54 kstat_named_t ip_udp_fannorm;
51 55 kstat_named_t ip_udp_fanmb;
52 56 kstat_named_t ip_recv_pullup;
53 57 kstat_named_t ip_db_ref;
54 58 kstat_named_t ip_notaligned;
55 59 kstat_named_t ip_multimblk;
56 60 kstat_named_t ip_opt;
|
↓ open down ↓ |
20 lines elided |
↑ open up ↑ |
57 61 kstat_named_t ipsec_proto_ahesp;
58 62 kstat_named_t ip_conn_flputbq;
59 63 kstat_named_t ip_conn_walk_drain;
60 64 kstat_named_t ip_out_sw_cksum;
61 65 kstat_named_t ip_out_sw_cksum_bytes;
62 66 kstat_named_t ip_in_sw_cksum;
63 67 kstat_named_t ip_ire_reclaim_calls;
64 68 kstat_named_t ip_ire_reclaim_deleted;
65 69 kstat_named_t ip_nce_reclaim_calls;
66 70 kstat_named_t ip_nce_reclaim_deleted;
71 + kstat_named_t ip_nce_mcast_reclaim_calls;
72 + kstat_named_t ip_nce_mcast_reclaim_deleted;
73 + kstat_named_t ip_nce_mcast_reclaim_tqfail;
67 74 kstat_named_t ip_dce_reclaim_calls;
68 75 kstat_named_t ip_dce_reclaim_deleted;
69 76 kstat_named_t ip_tcp_in_full_hw_cksum_err;
70 77 kstat_named_t ip_tcp_in_part_hw_cksum_err;
71 78 kstat_named_t ip_tcp_in_sw_cksum_err;
72 79 kstat_named_t ip_udp_in_full_hw_cksum_err;
73 80 kstat_named_t ip_udp_in_part_hw_cksum_err;
74 81 kstat_named_t ip_udp_in_sw_cksum_err;
75 82 kstat_named_t conn_in_recvdstaddr;
76 83 kstat_named_t conn_in_recvopts;
77 84 kstat_named_t conn_in_recvif;
78 85 kstat_named_t conn_in_recvslla;
79 86 kstat_named_t conn_in_recvucred;
80 87 kstat_named_t conn_in_recvttl;
81 88 kstat_named_t conn_in_recvhopopts;
82 89 kstat_named_t conn_in_recvhoplimit;
83 90 kstat_named_t conn_in_recvdstopts;
84 91 kstat_named_t conn_in_recvrthdrdstopts;
85 92 kstat_named_t conn_in_recvrthdr;
86 93 kstat_named_t conn_in_recvpktinfo;
87 94 kstat_named_t conn_in_recvtclass;
88 95 kstat_named_t conn_in_timestamp;
89 96 } ip_stat_t;
90 97
91 98
92 99 /*
93 100 * IP6 statistics.
94 101 */
95 102 #define IP6_STAT(ipst, x) ((ipst)->ips_ip6_statistics.x.value.ui64++)
96 103 #define IP6_STAT_UPDATE(ipst, x, n) \
97 104 ((ipst)->ips_ip6_statistics.x.value.ui64 += (n))
98 105
99 106 typedef struct ip6_stat {
100 107 kstat_named_t ip6_udp_fannorm;
101 108 kstat_named_t ip6_udp_fanmb;
102 109 kstat_named_t ip6_recv_pullup;
103 110 kstat_named_t ip6_db_ref;
104 111 kstat_named_t ip6_notaligned;
105 112 kstat_named_t ip6_multimblk;
106 113 kstat_named_t ipsec_proto_ahesp;
107 114 kstat_named_t ip6_out_sw_cksum;
108 115 kstat_named_t ip6_out_sw_cksum_bytes;
109 116 kstat_named_t ip6_in_sw_cksum;
110 117 kstat_named_t ip6_tcp_in_full_hw_cksum_err;
111 118 kstat_named_t ip6_tcp_in_part_hw_cksum_err;
112 119 kstat_named_t ip6_tcp_in_sw_cksum_err;
113 120 kstat_named_t ip6_udp_in_full_hw_cksum_err;
114 121 kstat_named_t ip6_udp_in_part_hw_cksum_err;
115 122 kstat_named_t ip6_udp_in_sw_cksum_err;
116 123 } ip6_stat_t;
117 124
118 125 typedef struct ire_stats {
119 126 uint64_t ire_stats_alloced; /* # of ires alloced */
120 127 uint64_t ire_stats_freed; /* # of ires freed */
121 128 uint64_t ire_stats_inserted; /* # of ires inserted in the bucket */
122 129 uint64_t ire_stats_deleted; /* # of ires deleted from the bucket */
123 130 } ire_stats_t;
124 131
125 132 #define TX_FANOUT_SIZE 128
126 133 #define IDLHASHINDEX(X) \
127 134 ((((uintptr_t)(X) >> 2) + ((uintptr_t)(X) >> 9)) & (TX_FANOUT_SIZE - 1))
128 135
129 136 /* Data structure to represent addresses */
130 137 typedef struct srcid_map {
131 138 struct srcid_map *sm_next;
132 139 in6_addr_t sm_addr; /* Local address */
133 140 uint_t sm_srcid; /* source id */
134 141 uint_t sm_refcnt; /* > 1 ipif with same addr? */
135 142 zoneid_t sm_zoneid; /* zone id */
|
↓ open down ↓ |
59 lines elided |
↑ open up ↑ |
136 143 } srcid_map_t;
137 144
138 145 /*
139 146 * IP stack instances
140 147 */
141 148 struct ip_stack {
142 149 netstack_t *ips_netstack; /* Common netstack */
143 150
144 151 uint_t ips_src_generation; /* Both IPv4 and IPv6 */
145 152
146 - struct mod_prop_info_s *ips_propinfo_tbl; /* ip tunables table */
153 + struct mod_prop_info_s *ips_propinfo_tbl; /* ip tunables table */
147 154
148 155 mib2_ipIfStatsEntry_t ips_ip_mib; /* SNMP fixed size info */
149 156 mib2_icmp_t ips_icmp_mib;
150 157 /*
151 158 * IPv6 mibs when the interface (ill) is not known.
152 159 * When the ill is known the per-interface mib in the ill is used.
153 160 */
154 161 mib2_ipIfStatsEntry_t ips_ip6_mib;
155 162 mib2_ipv6IfIcmpEntry_t ips_icmp6_mib;
156 163
157 164 struct igmpstat ips_igmpstat;
158 165
159 166 kstat_t *ips_ip_mibkp; /* kstat exporting ip_mib data */
160 167 kstat_t *ips_icmp_mibkp; /* kstat exporting icmp_mib data */
161 168 kstat_t *ips_ip_kstat;
162 169 ip_stat_t ips_ip_statistics;
163 170 kstat_t *ips_ip6_kstat;
164 171 ip6_stat_t ips_ip6_statistics;
165 172
166 173 /* ip.c */
167 174 kmutex_t ips_igmp_timer_lock;
168 175 kmutex_t ips_mld_timer_lock;
169 176 kmutex_t ips_ip_mi_lock;
170 177 kmutex_t ips_ip_addr_avail_lock;
171 178 krwlock_t ips_ill_g_lock;
172 179
173 180 krwlock_t ips_ill_g_usesrc_lock;
174 181
175 182 /* Taskq dispatcher for capability operations */
176 183 kmutex_t ips_capab_taskq_lock;
177 184 kcondvar_t ips_capab_taskq_cv;
178 185 mblk_t *ips_capab_taskq_head;
179 186 mblk_t *ips_capab_taskq_tail;
180 187 kthread_t *ips_capab_taskq_thread;
181 188 boolean_t ips_capab_taskq_quit;
182 189
183 190 /* ipclassifier.c - keep in ip_stack_t */
184 191 /* ipclassifier hash tables */
185 192 struct connf_s *ips_rts_clients;
186 193 struct connf_s *ips_ipcl_conn_fanout;
187 194 struct connf_s *ips_ipcl_bind_fanout;
188 195 struct connf_s *ips_ipcl_proto_fanout_v4;
189 196 struct connf_s *ips_ipcl_proto_fanout_v6;
190 197 struct connf_s *ips_ipcl_udp_fanout;
191 198 struct connf_s *ips_ipcl_raw_fanout; /* RAW SCTP sockets */
192 199 struct connf_s *ips_ipcl_iptun_fanout;
|
↓ open down ↓ |
36 lines elided |
↑ open up ↑ |
193 200 uint_t ips_ipcl_conn_fanout_size;
194 201 uint_t ips_ipcl_bind_fanout_size;
195 202 uint_t ips_ipcl_udp_fanout_size;
196 203 uint_t ips_ipcl_raw_fanout_size;
197 204 uint_t ips_ipcl_iptun_fanout_size;
198 205 struct connf_s *ips_ipcl_globalhash_fanout;
199 206 int ips_conn_g_index;
200 207
201 208 /* ip.c */
202 209 /* Following protected by igmp_timer_lock */
203 - int ips_igmp_time_to_next; /* Time since last timeout */
204 - int ips_igmp_timer_scheduled_last;
210 + int ips_igmp_time_to_next; /* Time since last timeout */
211 + int ips_igmp_timer_scheduled_last;
205 212 int ips_igmp_deferred_next;
206 213 timeout_id_t ips_igmp_timeout_id;
207 214 boolean_t ips_igmp_timer_setter_active;
208 215 boolean_t ips_igmp_timer_quiesce;
209 216
210 217 /* Following protected by mld_timer_lock */
211 - int ips_mld_time_to_next; /* Time since last timeout */
212 - int ips_mld_timer_scheduled_last;
218 + int ips_mld_time_to_next; /* Time since last timeout */
219 + int ips_mld_timer_scheduled_last;
213 220 int ips_mld_deferred_next;
214 221 timeout_id_t ips_mld_timeout_id;
215 222 boolean_t ips_mld_timer_setter_active;
216 223 boolean_t ips_mld_timer_quiesce;
217 224
218 225 /* Protected by igmp_slowtimeout_lock */
219 226 timeout_id_t ips_igmp_slowtimeout_id;
220 227 kmutex_t ips_igmp_slowtimeout_lock;
221 228 boolean_t ips_igmp_slowtimeout_quiesce;
222 229
223 230 /* Protected by mld_slowtimeout_lock */
224 231 timeout_id_t ips_mld_slowtimeout_id;
225 232 kmutex_t ips_mld_slowtimeout_lock;
226 233 boolean_t ips_mld_slowtimeout_quiesce;
227 234
228 235 /* IPv4 forwarding table */
229 236 struct radix_node_head *ips_ip_ftable;
230 237
231 238 #define IPV6_ABITS 128
232 239 #define IP6_MASK_TABLE_SIZE (IPV6_ABITS + 1) /* 129 ptrs */
233 240 struct irb *ips_ip_forwarding_table_v6[IP6_MASK_TABLE_SIZE];
234 241
235 242 /*
236 243 * ire_ft_init_lock is used while initializing ip_forwarding_table
237 244 * dynamically in ire_add.
238 245 */
239 246 kmutex_t ips_ire_ft_init_lock;
|
↓ open down ↓ |
17 lines elided |
↑ open up ↑ |
240 247
241 248 /*
242 249 * This is the IPv6 counterpart of RADIX_NODE_HEAD_LOCK. It is used
243 250 * to prevent adds and deletes while we are doing a ftable_lookup
244 251 * and extracting the ire_generation.
245 252 */
246 253 krwlock_t ips_ip6_ire_head_lock;
247 254
248 255 uint32_t ips_ip6_ftable_hash_size;
249 256
250 - ire_stats_t ips_ire_stats_v4; /* IPv4 ire statistics */
251 - ire_stats_t ips_ire_stats_v6; /* IPv6 ire statistics */
257 + ire_stats_t ips_ire_stats_v4; /* IPv4 ire statistics */
258 + ire_stats_t ips_ire_stats_v6; /* IPv6 ire statistics */
252 259
253 260 /* Count how many condemned objects for kmem_cache callbacks */
254 261 uint32_t ips_num_ire_condemned;
255 262 uint32_t ips_num_nce_condemned;
256 263 uint32_t ips_num_dce_condemned;
257 264
258 265 struct ire_s *ips_ire_reject_v4; /* For unreachable dests */
259 266 struct ire_s *ips_ire_reject_v6; /* For unreachable dests */
260 267 struct ire_s *ips_ire_blackhole_v4; /* For temporary failures */
261 268 struct ire_s *ips_ire_blackhole_v6; /* For temporary failures */
262 269
263 270 /* ips_ire_dep_lock protects ire_dep_* relationship between IREs */
264 271 krwlock_t ips_ire_dep_lock;
265 272
266 273 /* Destination Cache Entries */
267 274 struct dce_s *ips_dce_default;
268 275 uint_t ips_dce_hashsize;
269 276 struct dcb_s *ips_dce_hash_v4;
270 277 struct dcb_s *ips_dce_hash_v6;
271 278 uint_t ips_dce_reclaim_needed;
272 279
273 280 /* pending binds */
274 281 mblk_t *ips_ip6_asp_pending_ops;
275 282 mblk_t *ips_ip6_asp_pending_ops_tail;
276 283
277 284 /* Synchronize updates with table usage */
278 285 mblk_t *ips_ip6_asp_pending_update; /* pending table updates */
279 286
280 287 boolean_t ips_ip6_asp_uip; /* table update in progress */
281 288 kmutex_t ips_ip6_asp_lock; /* protect all the above */
282 289 uint32_t ips_ip6_asp_refcnt; /* outstanding references */
283 290
284 291 struct ip6_asp *ips_ip6_asp_table;
285 292 /* The number of policy entries in the table */
286 293 uint_t ips_ip6_asp_table_count;
287 294
288 295 struct conn_s *ips_ip_g_mrouter;
289 296
290 297 /* Time since last icmp_pkt_err */
291 298 clock_t ips_icmp_pkt_err_last;
292 299 /* Number of packets sent in burst */
293 300 uint_t ips_icmp_pkt_err_sent;
294 301
295 302 /* Protected by ip_mi_lock */
296 303 void *ips_ip_g_head; /* IP Instance Data List Head */
297 304 void *ips_arp_g_head; /* ARP Instance Data List Head */
298 305
299 306 /* Multirouting stuff */
300 307 /* Interval (in ms) between consecutive 'bad MTU' warnings */
301 308 hrtime_t ips_ip_multirt_log_interval;
302 309 /* Time since last warning issued. */
303 310 hrtime_t ips_multirt_bad_mtu_last_time;
304 311
305 312 /*
306 313 * CGTP hooks. Enabling and disabling of hooks is controlled by an
307 314 * IP tunable 'ips_ip_cgtp_filter'.
308 315 */
309 316 struct cgtp_filter_ops *ips_ip_cgtp_filter_ops;
310 317
311 318 struct ipsq_s *ips_ipsq_g_head;
312 319 uint_t ips_ill_index; /* Used to assign interface indicies */
313 320 /* When set search for unused index */
314 321 boolean_t ips_ill_index_wrap;
315 322
316 323 uint_t ips_loopback_packets;
317 324
318 325 /* NDP/NCE structures for IPv4 and IPv6 */
319 326 struct ndp_g_s *ips_ndp4;
320 327 struct ndp_g_s *ips_ndp6;
321 328
322 329 /* ip_mroute stuff */
323 330 kmutex_t ips_ip_g_mrouter_mutex;
324 331
325 332 struct mrtstat *ips_mrtstat; /* Stats for netstat */
326 333 int ips_saved_ip_forwarding;
327 334
328 335 /* numvifs is only a hint about the max interface being used. */
329 336 ushort_t ips_numvifs;
330 337 kmutex_t ips_numvifs_mutex;
331 338
332 339 struct vif *ips_vifs;
333 340 struct mfcb *ips_mfcs; /* kernel routing table */
334 341 struct tbf *ips_tbfs;
335 342 /*
336 343 * One-back cache used to locate a tunnel's vif,
|
↓ open down ↓ |
75 lines elided |
↑ open up ↑ |
337 344 * given a datagram's src ip address.
338 345 */
339 346 ipaddr_t ips_last_encap_src;
340 347 struct vif *ips_last_encap_vif;
341 348 kmutex_t ips_last_encap_lock; /* Protects the above */
342 349
343 350 /*
344 351 * reg_vif_num is protected by numvifs_mutex
345 352 */
346 353 /* Whether or not special PIM assert processing is enabled. */
347 - ushort_t ips_reg_vif_num; /* Index to Register vif */
354 + ushort_t ips_reg_vif_num; /* Index to Register vif */
348 355 int ips_pim_assert;
349 356
350 357 union ill_g_head_u *ips_ill_g_heads; /* ILL List Head */
351 358
352 359 kstat_t *ips_loopback_ksp;
353 360
354 361 /* Array of conn drain lists */
355 362 struct idl_tx_list_s *ips_idl_tx_list;
356 363 uint_t ips_conn_drain_list_cnt; /* Count of conn_drain_list */
357 364
358 365 /*
359 366 * ID used to assign next free one.
360 367 * Increases by one. Once it wraps we search for an unused ID.
361 368 */
362 369 uint_t ips_ip_src_id;
363 370 boolean_t ips_srcid_wrapped;
364 371
365 372 struct srcid_map *ips_srcid_head;
366 373 krwlock_t ips_srcid_lock;
367 374
368 375 uint64_t ips_ipif_g_seqid; /* Used only for sctp_addr.c */
369 376 union phyint_list_u *ips_phyint_g_list; /* start of phyint list */
370 377
371 378 /* ip_netinfo.c */
372 379 hook_family_t ips_ipv4root;
373 380 hook_family_t ips_ipv6root;
374 381 hook_family_t ips_arproot;
375 382
376 383 net_handle_t ips_ipv4_net_data;
377 384 net_handle_t ips_ipv6_net_data;
378 385 net_handle_t ips_arp_net_data;
379 386
380 387 /*
381 388 * Hooks for firewalling
382 389 */
383 390 hook_event_t ips_ip4_physical_in_event;
384 391 hook_event_t ips_ip4_physical_out_event;
385 392 hook_event_t ips_ip4_forwarding_event;
386 393 hook_event_t ips_ip4_loopback_in_event;
387 394 hook_event_t ips_ip4_loopback_out_event;
388 395
389 396 hook_event_t ips_ip6_physical_in_event;
390 397 hook_event_t ips_ip6_physical_out_event;
391 398 hook_event_t ips_ip6_forwarding_event;
392 399 hook_event_t ips_ip6_loopback_in_event;
393 400 hook_event_t ips_ip6_loopback_out_event;
394 401
395 402 hook_event_t ips_arp_physical_in_event;
396 403 hook_event_t ips_arp_physical_out_event;
397 404 hook_event_t ips_arp_nic_events;
398 405
399 406 hook_event_token_t ips_ipv4firewall_physical_in;
400 407 hook_event_token_t ips_ipv4firewall_physical_out;
401 408 hook_event_token_t ips_ipv4firewall_forwarding;
402 409 hook_event_token_t ips_ipv4firewall_loopback_in;
403 410 hook_event_token_t ips_ipv4firewall_loopback_out;
404 411
405 412 hook_event_token_t ips_ipv6firewall_physical_in;
406 413 hook_event_token_t ips_ipv6firewall_physical_out;
407 414 hook_event_token_t ips_ipv6firewall_forwarding;
408 415 hook_event_token_t ips_ipv6firewall_loopback_in;
409 416 hook_event_token_t ips_ipv6firewall_loopback_out;
410 417
411 418 hook_event_t ips_ip4_nic_events;
412 419 hook_event_t ips_ip6_nic_events;
413 420 hook_event_token_t ips_ipv4nicevents;
414 421 hook_event_token_t ips_ipv6nicevents;
415 422
416 423 hook_event_token_t ips_arp_physical_in;
417 424 hook_event_token_t ips_arp_physical_out;
418 425 hook_event_token_t ips_arpnicevents;
419 426
420 427 net_handle_t ips_ip4_observe_pr;
421 428 net_handle_t ips_ip6_observe_pr;
422 429 hook_event_t ips_ip4_observe;
423 430 hook_event_t ips_ip6_observe;
424 431 hook_event_token_t ips_ipv4observing;
425 432 hook_event_token_t ips_ipv6observing;
426 433
427 434 struct __ldi_ident *ips_ldi_ident;
428 435
429 436 /* ipmp.c */
430 437 krwlock_t ips_ipmp_lock;
431 438 mod_hash_t *ips_ipmp_grp_hash;
432 439
433 440 };
434 441 typedef struct ip_stack ip_stack_t;
435 442
436 443 /* Finding an ip_stack_t */
437 444 #define CONNQ_TO_IPST(_q) (Q_TO_CONN(_q)->conn_netstack->netstack_ip)
438 445 #define ILLQ_TO_IPST(_q) (((ill_t *)(_q)->q_ptr)->ill_ipst)
439 446 #define PHYINT_TO_IPST(phyi) ((phyi)->phyint_ipsq->ipsq_ipst)
440 447
441 448 #else /* _KERNEL */
442 449 typedef int ip_stack_t;
443 450 #endif /* _KERNEL */
444 451
445 452 #ifdef __cplusplus
446 453 }
447 454 #endif
448 455
449 456 #endif /* _INET_IP_STACK_H */
|
↓ open down ↓ |
92 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX