1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 22 /* 23 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 24 * Use is subject to license terms. 25 */ 26 27 #ifndef _INET_IP_STACK_H 28 #define _INET_IP_STACK_H 29 30 #ifdef __cplusplus 31 extern "C" { 32 #endif 33 34 #include <sys/netstack.h> 35 #include <netinet/igmp_var.h> 36 #include <sys/modhash.h> 37 38 #ifdef _KERNEL 39 #include <sys/list.h> 40 41 /* 42 * IP statistics. 43 */ 44 #define IP_STAT(ipst, x) ((ipst)->ips_ip_statistics.x.value.ui64++) 45 #define IP_STAT_UPDATE(ipst, x, n) \ 46 ((ipst)->ips_ip_statistics.x.value.ui64 += (n)) 47 48 typedef struct ip_stat { 49 kstat_named_t ipsec_fanout_proto; 50 kstat_named_t ip_udp_fannorm; 51 kstat_named_t ip_udp_fanmb; 52 kstat_named_t ip_udp_fanothers; 53 kstat_named_t ip_udp_fast_path; 54 kstat_named_t ip_udp_slow_path; 55 kstat_named_t ip_udp_input_err; 56 kstat_named_t ip_tcppullup; 57 kstat_named_t ip_tcpoptions; 58 kstat_named_t ip_multipkttcp; 59 kstat_named_t ip_tcp_fast_path; 60 kstat_named_t ip_tcp_slow_path; 61 kstat_named_t ip_tcp_input_error; 62 kstat_named_t ip_db_ref; 63 kstat_named_t ip_notaligned1; 64 kstat_named_t ip_notaligned2; 65 kstat_named_t ip_multimblk3; 66 kstat_named_t ip_multimblk4; 67 kstat_named_t ip_ipoptions; 68 kstat_named_t ip_classify_fail; 69 kstat_named_t ip_opt; 70 kstat_named_t ip_udp_rput_local; 71 kstat_named_t ipsec_proto_ahesp; 72 kstat_named_t ip_conn_flputbq; 73 kstat_named_t ip_conn_walk_drain; 74 kstat_named_t ip_out_sw_cksum; 75 kstat_named_t ip_in_sw_cksum; 76 kstat_named_t ip_trash_ire_reclaim_calls; 77 kstat_named_t ip_trash_ire_reclaim_success; 78 kstat_named_t ip_ire_arp_timer_expired; 79 kstat_named_t ip_ire_redirect_timer_expired; 80 kstat_named_t ip_ire_pmtu_timer_expired; 81 kstat_named_t ip_input_multi_squeue; 82 kstat_named_t ip_tcp_in_full_hw_cksum_err; 83 kstat_named_t ip_tcp_in_part_hw_cksum_err; 84 kstat_named_t ip_tcp_in_sw_cksum_err; 85 kstat_named_t ip_tcp_out_sw_cksum_bytes; 86 kstat_named_t ip_udp_in_full_hw_cksum_err; 87 kstat_named_t ip_udp_in_part_hw_cksum_err; 88 kstat_named_t ip_udp_in_sw_cksum_err; 89 kstat_named_t ip_udp_out_sw_cksum_bytes; 90 kstat_named_t ip_frag_mdt_pkt_out; 91 kstat_named_t ip_frag_mdt_discarded; 92 kstat_named_t ip_frag_mdt_allocfail; 93 kstat_named_t ip_frag_mdt_addpdescfail; 94 kstat_named_t ip_frag_mdt_allocd; 95 } ip_stat_t; 96 97 98 /* 99 * IP6 statistics. 100 */ 101 #define IP6_STAT(ipst, x) ((ipst)->ips_ip6_statistics.x.value.ui64++) 102 #define IP6_STAT_UPDATE(ipst, x, n) \ 103 ((ipst)->ips_ip6_statistics.x.value.ui64 += (n)) 104 105 typedef struct ip6_stat { 106 kstat_named_t ip6_udp_fast_path; 107 kstat_named_t ip6_udp_slow_path; 108 kstat_named_t ip6_udp_fannorm; 109 kstat_named_t ip6_udp_fanmb; 110 kstat_named_t ip6_out_sw_cksum; 111 kstat_named_t ip6_in_sw_cksum; 112 kstat_named_t ip6_tcp_in_full_hw_cksum_err; 113 kstat_named_t ip6_tcp_in_part_hw_cksum_err; 114 kstat_named_t ip6_tcp_in_sw_cksum_err; 115 kstat_named_t ip6_tcp_out_sw_cksum_bytes; 116 kstat_named_t ip6_udp_in_full_hw_cksum_err; 117 kstat_named_t ip6_udp_in_part_hw_cksum_err; 118 kstat_named_t ip6_udp_in_sw_cksum_err; 119 kstat_named_t ip6_udp_out_sw_cksum_bytes; 120 kstat_named_t ip6_frag_mdt_pkt_out; 121 kstat_named_t ip6_frag_mdt_discarded; 122 kstat_named_t ip6_frag_mdt_allocfail; 123 kstat_named_t ip6_frag_mdt_addpdescfail; 124 kstat_named_t ip6_frag_mdt_allocd; 125 } ip6_stat_t; 126 127 typedef struct ire_stats { 128 uint64_t ire_stats_alloced; /* # of ires alloced */ 129 uint64_t ire_stats_freed; /* # of ires freed */ 130 uint64_t ire_stats_inserted; /* # of ires inserted in the bucket */ 131 uint64_t ire_stats_deleted; /* # of ires deleted from the bucket */ 132 } ire_stats_t; 133 134 #define TX_FANOUT_SIZE 128 135 #define IDLHASHINDEX(X) \ 136 ((((uintptr_t)(X) >> 2) + ((uintptr_t)(X) >> 9)) & (TX_FANOUT_SIZE - 1)) 137 138 /* Data structure to represent addresses */ 139 typedef struct srcid_map { 140 struct srcid_map *sm_next; 141 in6_addr_t sm_addr; /* Local address */ 142 uint_t sm_srcid; /* source id */ 143 uint_t sm_refcnt; /* > 1 ipif with same addr? */ 144 zoneid_t sm_zoneid; /* zone id */ 145 } srcid_map_t; 146 147 /* 148 * IP stack instances 149 */ 150 struct ip_stack { 151 netstack_t *ips_netstack; /* Common netstack */ 152 153 struct ipparam_s *ips_param_arr; /* ndd variable table */ 154 struct ipndp_s *ips_ndp_arr; 155 156 mib2_ipIfStatsEntry_t ips_ip_mib; /* SNMP fixed size info */ 157 mib2_icmp_t ips_icmp_mib; 158 /* 159 * IPv6 mibs when the interface (ill) is not known. 160 * When the ill is known the per-interface mib in the ill is used. 161 */ 162 mib2_ipIfStatsEntry_t ips_ip6_mib; 163 mib2_ipv6IfIcmpEntry_t ips_icmp6_mib; 164 165 struct igmpstat ips_igmpstat; 166 167 kstat_t *ips_ip_mibkp; /* kstat exporting ip_mib data */ 168 kstat_t *ips_icmp_mibkp; /* kstat exporting icmp_mib data */ 169 kstat_t *ips_ip_kstat; 170 ip_stat_t ips_ip_statistics; 171 kstat_t *ips_ip6_kstat; 172 ip6_stat_t ips_ip6_statistics; 173 174 /* ip.c */ 175 krwlock_t ips_ip_g_nd_lock; 176 kmutex_t ips_igmp_timer_lock; 177 kmutex_t ips_mld_timer_lock; 178 kmutex_t ips_ip_mi_lock; 179 kmutex_t ips_ip_addr_avail_lock; 180 krwlock_t ips_ill_g_lock; 181 krwlock_t ips_ipsec_capab_ills_lock; 182 /* protects the list of IPsec capable ills */ 183 struct ipsec_capab_ill_s *ips_ipsec_capab_ills_ah; 184 struct ipsec_capab_ill_s *ips_ipsec_capab_ills_esp; 185 186 krwlock_t ips_ill_g_usesrc_lock; 187 188 /* Taskq dispatcher for capability operations */ 189 kmutex_t ips_capab_taskq_lock; 190 kcondvar_t ips_capab_taskq_cv; 191 mblk_t *ips_capab_taskq_head; 192 mblk_t *ips_capab_taskq_tail; 193 kthread_t *ips_capab_taskq_thread; 194 boolean_t ips_capab_taskq_quit; 195 196 /* ipclassifier.c - keep in ip_stack_t */ 197 /* ipclassifier hash tables */ 198 struct connf_s *ips_rts_clients; 199 struct connf_s *ips_ipcl_conn_fanout; 200 struct connf_s *ips_ipcl_bind_fanout; 201 struct connf_s *ips_ipcl_proto_fanout; 202 struct connf_s *ips_ipcl_proto_fanout_v6; 203 struct connf_s *ips_ipcl_udp_fanout; 204 struct connf_s *ips_ipcl_raw_fanout; 205 struct connf_s *ips_ipcl_iptun_fanout; 206 uint_t ips_ipcl_conn_fanout_size; 207 uint_t ips_ipcl_bind_fanout_size; 208 uint_t ips_ipcl_udp_fanout_size; 209 uint_t ips_ipcl_raw_fanout_size; 210 uint_t ips_ipcl_iptun_fanout_size; 211 struct connf_s *ips_ipcl_globalhash_fanout; 212 int ips_conn_g_index; 213 214 /* ip.c */ 215 /* Following protected by igmp_timer_lock */ 216 int ips_igmp_time_to_next; /* Time since last timeout */ 217 int ips_igmp_timer_scheduled_last; 218 int ips_igmp_deferred_next; 219 timeout_id_t ips_igmp_timeout_id; 220 boolean_t ips_igmp_timer_setter_active; 221 222 /* Following protected by mld_timer_lock */ 223 int ips_mld_time_to_next; /* Time since last timeout */ 224 int ips_mld_timer_scheduled_last; 225 int ips_mld_deferred_next; 226 timeout_id_t ips_mld_timeout_id; 227 boolean_t ips_mld_timer_setter_active; 228 229 /* Protected by igmp_slowtimeout_lock */ 230 timeout_id_t ips_igmp_slowtimeout_id; 231 kmutex_t ips_igmp_slowtimeout_lock; 232 233 /* Protected by mld_slowtimeout_lock */ 234 timeout_id_t ips_mld_slowtimeout_id; 235 kmutex_t ips_mld_slowtimeout_lock; 236 237 /* IPv4 forwarding table */ 238 struct radix_node_head *ips_ip_ftable; 239 240 /* This is dynamically allocated in ip_ire_init */ 241 struct irb *ips_ip_cache_table; 242 243 #define IPV6_ABITS 128 244 #define IP6_MASK_TABLE_SIZE (IPV6_ABITS + 1) /* 129 ptrs */ 245 246 struct irb *ips_ip_forwarding_table_v6[IP6_MASK_TABLE_SIZE]; 247 /* This is dynamically allocated in ip_ire_init */ 248 struct irb *ips_ip_cache_table_v6; 249 250 uint32_t ips_ire_handle; 251 /* 252 * ire_ft_init_lock is used while initializing ip_forwarding_table 253 * dynamically in ire_add. 254 */ 255 kmutex_t ips_ire_ft_init_lock; 256 kmutex_t ips_ire_handle_lock; /* Protects ire_handle */ 257 258 uint32_t ips_ip_cache_table_size; 259 uint32_t ips_ip6_cache_table_size; 260 uint32_t ips_ip6_ftable_hash_size; 261 262 ire_stats_t ips_ire_stats_v4; /* IPv4 ire statistics */ 263 ire_stats_t ips_ire_stats_v6; /* IPv6 ire statistics */ 264 265 /* pending binds */ 266 mblk_t *ips_ip6_asp_pending_ops; 267 mblk_t *ips_ip6_asp_pending_ops_tail; 268 269 /* Synchronize updates with table usage */ 270 mblk_t *ips_ip6_asp_pending_update; /* pending table updates */ 271 272 boolean_t ips_ip6_asp_uip; /* table update in progress */ 273 kmutex_t ips_ip6_asp_lock; /* protect all the above */ 274 uint32_t ips_ip6_asp_refcnt; /* outstanding references */ 275 276 struct ip6_asp *ips_ip6_asp_table; 277 /* The number of policy entries in the table */ 278 uint_t ips_ip6_asp_table_count; 279 280 int ips_ip_g_forward; 281 int ips_ipv6_forward; 282 283 time_t ips_ip_g_frag_timeout; 284 clock_t ips_ip_g_frag_timo_ms; 285 time_t ips_ipv6_frag_timeout; 286 clock_t ips_ipv6_frag_timo_ms; 287 288 struct conn_s *ips_ip_g_mrouter; 289 290 /* Time since last icmp_pkt_err */ 291 clock_t ips_icmp_pkt_err_last; 292 /* Number of packets sent in burst */ 293 uint_t ips_icmp_pkt_err_sent; 294 295 /* Protected by ip_mi_lock */ 296 void *ips_ip_g_head; /* Instance Data List Head */ 297 298 caddr_t ips_ip_g_nd; /* Named Dispatch List Head */ 299 300 /* Multirouting stuff */ 301 /* Interval (in ms) between consecutive 'bad MTU' warnings */ 302 hrtime_t ips_ip_multirt_log_interval; 303 /* Time since last warning issued. */ 304 hrtime_t ips_multirt_bad_mtu_last_time; 305 306 struct cgtp_filter_ops *ips_ip_cgtp_filter_ops; /* CGTP hooks */ 307 boolean_t ips_ip_cgtp_filter; /* Enable/disable CGTP hooks */ 308 309 kmutex_t ips_ip_trash_timer_lock; 310 timeout_id_t ips_ip_ire_expire_id; /* IRE expiration timer. */ 311 struct ipsq_s *ips_ipsq_g_head; 312 uint_t ips_ill_index; /* Used to assign interface indicies */ 313 /* When set search for unused index */ 314 boolean_t ips_ill_index_wrap; 315 316 clock_t ips_ip_ire_arp_time_elapsed; 317 /* Time since IRE cache last flushed */ 318 clock_t ips_ip_ire_rd_time_elapsed; 319 /* ... redirect IREs last flushed */ 320 clock_t ips_ip_ire_pmtu_time_elapsed; 321 /* Time since path mtu increase */ 322 323 uint_t ips_ip_redirect_cnt; 324 /* Num of redirect routes in ftable */ 325 uint_t ips_ipv6_ire_default_count; 326 /* Number of IPv6 IRE_DEFAULT entries */ 327 uint_t ips_ipv6_ire_default_index; 328 /* Walking IPv6 index used to mod in */ 329 330 uint_t ips_loopback_packets; 331 332 /* NDP/NCE structures for IPv4 and IPv6 */ 333 struct ndp_g_s *ips_ndp4; 334 struct ndp_g_s *ips_ndp6; 335 336 /* ip_mroute stuff */ 337 kmutex_t ips_ip_g_mrouter_mutex; 338 339 struct mrtstat *ips_mrtstat; /* Stats for netstat */ 340 int ips_saved_ip_g_forward; 341 342 /* numvifs is only a hint about the max interface being used. */ 343 ushort_t ips_numvifs; 344 kmutex_t ips_numvifs_mutex; 345 346 struct vif *ips_vifs; 347 struct mfcb *ips_mfcs; /* kernel routing table */ 348 struct tbf *ips_tbfs; 349 /* 350 * One-back cache used to locate a tunnel's vif, 351 * given a datagram's src ip address. 352 */ 353 ipaddr_t ips_last_encap_src; 354 struct vif *ips_last_encap_vif; 355 kmutex_t ips_last_encap_lock; /* Protects the above */ 356 357 /* 358 * reg_vif_num is protected by numvifs_mutex 359 */ 360 /* Whether or not special PIM assert processing is enabled. */ 361 ushort_t ips_reg_vif_num; /* Index to Register vif */ 362 int ips_pim_assert; 363 364 union ill_g_head_u *ips_ill_g_heads; /* ILL List Head */ 365 366 kstat_t *ips_loopback_ksp; 367 368 /* Array of conn drain lists */ 369 struct idl_tx_list_s *ips_idl_tx_list; 370 uint_t ips_conn_drain_list_cnt; /* Count of conn_drain_list */ 371 372 /* 373 * ID used to assign next free one. 374 * Increases by one. Once it wraps we search for an unused ID. 375 */ 376 uint_t ips_ip_src_id; 377 boolean_t ips_srcid_wrapped; 378 379 struct srcid_map *ips_srcid_head; 380 krwlock_t ips_srcid_lock; 381 382 uint64_t ips_ipif_g_seqid; 383 union phyint_list_u *ips_phyint_g_list; /* start of phyint list */ 384 385 /* ip_neti.c */ 386 hook_family_t ips_ipv4root; 387 hook_family_t ips_ipv6root; 388 389 /* 390 * Hooks for firewalling 391 */ 392 hook_event_t ips_ip4_physical_in_event; 393 hook_event_t ips_ip4_physical_out_event; 394 hook_event_t ips_ip4_forwarding_event; 395 hook_event_t ips_ip4_loopback_in_event; 396 hook_event_t ips_ip4_loopback_out_event; 397 hook_event_t ips_ip4_nic_events; 398 hook_event_t ips_ip6_physical_in_event; 399 hook_event_t ips_ip6_physical_out_event; 400 hook_event_t ips_ip6_forwarding_event; 401 hook_event_t ips_ip6_loopback_in_event; 402 hook_event_t ips_ip6_loopback_out_event; 403 hook_event_t ips_ip6_nic_events; 404 405 hook_event_token_t ips_ipv4firewall_physical_in; 406 hook_event_token_t ips_ipv4firewall_physical_out; 407 hook_event_token_t ips_ipv4firewall_forwarding; 408 hook_event_token_t ips_ipv4firewall_loopback_in; 409 hook_event_token_t ips_ipv4firewall_loopback_out; 410 hook_event_token_t ips_ipv4nicevents; 411 hook_event_token_t ips_ipv6firewall_physical_in; 412 hook_event_token_t ips_ipv6firewall_physical_out; 413 hook_event_token_t ips_ipv6firewall_forwarding; 414 hook_event_token_t ips_ipv6firewall_loopback_in; 415 hook_event_token_t ips_ipv6firewall_loopback_out; 416 hook_event_token_t ips_ipv6nicevents; 417 418 net_handle_t ips_ipv4_net_data; 419 net_handle_t ips_ipv6_net_data; 420 421 boolean_t ips_ipobs_enabled; 422 list_t ips_ipobs_cb_list; 423 kmutex_t ips_ipobs_cb_lock; 424 uint_t ips_ipobs_cb_nwalkers; 425 kcondvar_t ips_ipobs_cb_cv; 426 427 struct __ldi_ident *ips_ldi_ident; 428 429 /* ipmp.c */ 430 krwlock_t ips_ipmp_lock; 431 mod_hash_t *ips_ipmp_grp_hash; 432 433 /* igmp.c */ 434 /* multicast restart timers thread logic */ 435 kmutex_t ips_mrt_lock; 436 uint_t ips_mrt_flags; 437 kcondvar_t ips_mrt_cv; 438 kcondvar_t ips_mrt_done_cv; 439 kthread_t *ips_mrt_thread; 440 }; 441 typedef struct ip_stack ip_stack_t; 442 443 /* Finding an ip_stack_t */ 444 #define CONNQ_TO_IPST(_q) (Q_TO_CONN(_q)->conn_netstack->netstack_ip) 445 #define ILLQ_TO_IPST(_q) (((ill_t *)(_q)->q_ptr)->ill_ipst) 446 #define PHYINT_TO_IPST(phyi) ((phyi)->phyint_ipsq->ipsq_ipst) 447 448 #else /* _KERNEL */ 449 typedef int ip_stack_t; 450 #endif /* _KERNEL */ 451 452 #ifdef __cplusplus 453 } 454 #endif 455 456 #endif /* _INET_IP_STACK_H */ 457