邻居表项的delay_probe_time时长

delay_probe_time控制首次发送邻居请求报文的等待时长,对于arp协议,内核默认的delay_probe_time时长为5秒钟。

struct neigh_table arp_tbl = {
    .family     = AF_INET,
    .key_len    = 4,
    .protocol   = cpu_to_be16(ETH_P_IP),
    .hash       = arp_hash,
    .key_eq     = arp_key_eq,
    .constructor    = arp_constructor,
    .proxy_redo = parp_redo,
    .id     = "arp_cache",
    .parms      = {
        .tbl            = &arp_tbl,
        .reachable_time     = 30 * HZ,
        .data   = {
            ...
            [NEIGH_VAR_DELAY_PROBE_TIME] = 5 * HZ,

通过PROC文件delay_first_probe_time可查看和修改此时长,如下,修改为10秒钟。

$ cat /proc/sys/net/ipv4/neigh/eth0/delay_first_probe_time 
5
$ echo 10 > /proc/sys/net/ipv4/neigh/eth0/delay_first_probe_time  
$     
$ cat /proc/sys/net/ipv4/neigh/eth0/delay_first_probe_time       
10

内核中静态变量neigh_sysctl_table定义了gc_stale_time的PROC文件信息。

static struct neigh_sysctl_table {
    struct ctl_table_header *sysctl_header;
    struct ctl_table neigh_vars[NEIGH_VAR_MAX + 1];
} neigh_sysctl_template __read_mostly = {
    .neigh_vars = {
        ...
        NEIGH_SYSCTL_JIFFIES_ENTRY(DELAY_PROBE_TIME, "delay_first_probe_time"),

netlink接口

除了以上的PROC文件外,还可使用ip ntable命令查看和修改设备的邻居表参数。

# ip ntable show dev eth0
inet arp_cache 
    dev eth0
    refcnt 12 reachable 28884 base_reachable 30000 retrans 1000 
    gc_stale 60000 delay_probe 5000 queue 31 
    app_probes 0 ucast_probes 3 mcast_probes 3 
    anycast_delay 1000 proxy_delay 800 proxy_queue 64 locktime 1000 

与PROC文件不同,这里显示的delay_probe时间单位为毫秒。如下将设备eth0的邻居表参数delay_probe修改为10秒钟。

# ip ntable change name arp_cache dev eth0 delay_probe 10000

内核函数neigh_init负责以上ip ntable change命令的处理。

static int __init neigh_init(void)
{
    ...
    rtnl_register(PF_UNSPEC, RTM_SETNEIGHTBL, neightbl_set, NULL, 0);

如下为neightbl_set的实现,函数nla_get_msecs读取IP命令行设置的delay_probe_time的毫秒值参数。

static int neightbl_set(struct sk_buff *skb, struct nlmsghdr *nlh, struct netlink_ext_ack *extack)
{
    struct neigh_table *tbl;
    struct nlattr *tb[NDTA_MAX+1];
	
    if (tb[NDTA_PARMS]) {
	    struct neigh_parms *p;
	    p = lookup_neigh_parms(tbl, net, ifindex);
        ...
        for (i = 1; i <= NDTPA_MAX; i++) {
            if (tbp[i] == NULL) continue;

            switch (i) {
            ...
            case NDTPA_DELAY_PROBE_TIME:
                NEIGH_VAR_SET(p, DELAY_PROBE_TIME, nla_get_msecs(tbp[i]));
                call_netevent_notifiers(NETEVENT_DELAY_PROBE_TIME_UPDATE, p);
                break;

对于arp协议,宏NEIGH_VAR_SET将修改全局变量arp_tbl的成员parms的data数组,具体为以NEIGH_VAR_DELAY_PROBE_TIME为所对应的成员的值。函数nla_get_msecs将命令行输入的毫秒值转换为内核使用的jiffies值。

#define NEIGH_VAR_SET(p, attr, val) neigh_var_set(p, NEIGH_VAR_ ## attr, val)

static inline void neigh_var_set(struct neigh_parms *p, int index, int val)
{                
    set_bit(index, p->data_state);
    p->data[index] = val;
}

显示命令ip ntable show由内核中的函数neightbl_fill_parms填充值,对于delay_probe_time的值,由nla_put_msecs填充。

static int neightbl_fill_parms(struct sk_buff *skb, struct neigh_parms *parms)
{
    ...
    if ((parms->dev &&
         ...
        nla_put_msecs(skb, NDTPA_DELAY_PROBE_TIME,
              NEIGH_VAR(parms, DELAY_PROBE_TIME), NDTPA_PAD) ||

如下函数nla_put_msecs,其需要将内核使用delay_probe_time的jiffies表示的值转换为ip ntable show显示时的毫秒值,通过jiffies_to_msecs实现。

static inline int nla_put_msecs(struct sk_buff *skb, int attrtype,
                unsigned long njiffies, int padattr)
{
    u64 tmp = jiffies_to_msecs(njiffies);
  
    return nla_put_64bit(skb, attrtype, sizeof(u64), &tmp, padattr);
}

delay_probe_time处理

如下邻居表项超时处理函数neigh_timer_handler,如果表项状态为NUD_REACHABLE,但是已经超过reachable_time规定的时长没有确认了,分成以下两种情况处理:

1) 此表项还在被使用,最后一次的使用时间戳到当下时刻还没有超出DELAY_PROBE_TIME(默认5秒钟)定义的时长,将表项状态设置为NUD_DELAY。
2) 如果条件1)不满足,即表项上一次使用时间戳到当下时刻时长超过DELAY_PROBE_TIME定义,将表项状态设置为NUD_STALE。

static void neigh_timer_handler(struct timer_list *t)
{
    struct neighbour *neigh = from_timer(neigh, t, timer);
    ...
    state = neigh->nud_state;
    now = jiffies;
    next = now + HZ;

    if (!(state & NUD_IN_TIMER))
        goto out;

    if (state & NUD_REACHABLE) {
        if (time_before_eq(now,
                   neigh->confirmed + neigh->parms->reachable_time)) {
            neigh_dbg(2, "neigh %p is still alive\n", neigh);
            next = neigh->confirmed + neigh->parms->reachable_time;
        } else if (time_before_eq(now,
                      neigh->used +
                      NEIGH_VAR(neigh->parms, DELAY_PROBE_TIME))) {
            neigh_dbg(2, "neigh %p is delayed\n", neigh);
            neigh->nud_state = NUD_DELAY;
            neigh->updated = jiffies;
            neigh_suspect(neigh);
            next = now + NEIGH_VAR(neigh->parms, DELAY_PROBE_TIME);
        } else {
            neigh_dbg(2, "neigh %p is suspected\n", neigh);
            neigh->nud_state = NUD_STALE;
            neigh->updated = jiffies;
            neigh_suspect(neigh);
            notify = 1;
        }

如果此表项的初始状态已经为NUD_DELAY,但是在定时器超时(DELAY_PROBE_TIME)之前,邻居表项得到了确认,重新将表项状态设置为NUD_REACHABLE。否则,如果表项没有被确认,将其状态设置为NUD_PROBE,发送ARP请求报文,由函数neigh_probe实现。

    } else if (state & NUD_DELAY) {
        if (time_before_eq(now,
                   neigh->confirmed +
                   NEIGH_VAR(neigh->parms, DELAY_PROBE_TIME))) {
            neigh_dbg(2, "neigh %p is now reachable\n", neigh);
            neigh->nud_state = NUD_REACHABLE;
            neigh->updated = jiffies;
            neigh_connect(neigh);
            notify = 1;
            next = neigh->confirmed + neigh->parms->reachable_time;
        } else {
            neigh_dbg(2, "neigh %p is probed\n", neigh);
            neigh->nud_state = NUD_PROBE;
            neigh->updated = jiffies;
            atomic_set(&neigh->probes, 0);
            notify = 1;
            next = now + NEIGH_VAR(neigh->parms, RETRANS_TIME);
        }
    } else {
        /* NUD_PROBE|NUD_INCOMPLETE */
        next = now + NEIGH_VAR(neigh->parms, RETRANS_TIME);
    }

邻居表项定时处理函数的时长不小于1/2秒。

    if (neigh->nud_state & NUD_IN_TIMER) {
        if (time_before(next, jiffies + HZ/2))
            next = jiffies + HZ/2;
        if (!mod_timer(&neigh->timer, next))
            neigh_hold(neigh);
    }
    if (neigh->nud_state & (NUD_INCOMPLETE | NUD_PROBE)) {
        neigh_probe(neigh);
    } else {

另外,在数据报文发送流程中,如果检测到相应邻居表项的状态为NUD_STALE,将其设置为NUD_DELAY,之后将定时器超时时间设置为DELAY_PROBE_TIME,到期之后发送probe报文,以便更新邻居表项。

int __neigh_event_send(struct neighbour *neigh, struct sk_buff *skb)
{
    int rc;
    bool immediate_probe = false;

    write_lock_bh(&neigh->lock);

    rc = 0;
    if (neigh->nud_state & (NUD_CONNECTED | NUD_DELAY | NUD_PROBE))
        goto out_unlock_bh;
    if (neigh->dead)
        goto out_dead;

    if (!(neigh->nud_state & (NUD_STALE | NUD_INCOMPLETE))) {
        ...
    } else if (neigh->nud_state & NUD_STALE) {
        neigh_dbg(2, "neigh %p is delayed\n", neigh);
        neigh->nud_state = NUD_DELAY;
        neigh->updated = jiffies;
        neigh_add_timer(neigh, jiffies +
                NEIGH_VAR(neigh->parms, DELAY_PROBE_TIME));
    }

内核版本 5.0

已标记关键词 清除标记
©️2020 CSDN 皮肤主题: 编程工作室 设计师:CSDN官方博客 返回首页