aboutsummaryrefslogtreecommitdiffstats
path: root/src/vnet/fib
AgeCommit message (Collapse)AuthorFilesLines
2017-05-24Leak locks and tables in the ClassifierNeale Ranns2-4/+6
Change-Id: Iae04c57bba87ab3665388eadd0805f75171636a5 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-05-23Labelled attached paths via an MPLS tunnelNeale Ranns2-39/+62
Change-Id: Ic86617c9c3217122043656ce2ea70bb106df5b2d Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-05-23ARP/ND entries for the same address on different interfaces (VPP-848)Neale Ranns13-621/+1159
there are, intentionally, no validation checks in the ARP/ND code to prevent an ARP/ND entry from being installed for an address that is not local to the interface's sub-net. This is ok, since the adjacency/FIB code is designed to handle this case using the 'refinement' criteria - i.e. only installing a FIB entry for the address if the address 'refines' (i.e. is more specific than) the interface's sub-net. However, the refinement criteria currently operates on the FIB entry's prefix (which is a /32, so on the address) and not on the next-hop in the path. So, enter multiple ARP entries for the same address on different links, and this refinement criteria uses only the last added path, and so will remove the FIB entry should the ARP entries be added in the 'wrong' order. This fix updates the refinement criteria to work on each path of the FIB entry. The entry is installed if one of the paths refines the covers and only paths refining the cover contribute forwarding. Per-path refinement checks are stored in path-extensions. The patch is rather large as path-extension, which were previously used only for out-going MPLS labels, have been generalized. Change-Id: I00be359148cb948c32c52109e832a70537a7920a Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-05-15Fix FIB recursion loops via cover (VPP-842)Neale Ranns3-38/+81
Change-Id: Ia91c3e8cb27b9e4c1cccefc0a4857dd9995450ab Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-05-05First commit SR MPLSPablo Camarillo1-4/+4
Change-Id: I961685a2a0e4c314049444c64eb6ccf877c278dd Signed-off-by: Pablo Camarillo <pcamaril@cisco.com>
2017-05-02Use per-protocol default flow-hash config when the FIB table index is not knownNeale Ranns3-2/+44
Change-Id: If088e75801831befc6bddb77ea20abe9288b93c4 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-26IP Flow Hash Config fixesNeale Ranns11-56/+128
- the flow hash config is (and was) cached on the load-balance object so the fib_table_t struct is not used a switch time. Therefore changes to the table's flow hash config need to be propagated to all load-balances and hance all FIB entries in the table. - enable API for setting the IPv6 table flow hash config - use only the hash config in the fib_table_t object and not on the ipX_fib_t - add tests. Change-Id: Ib804c11162c6d4972c764957562c372f663e05d4 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-24Improve Load-Balance MAPsNeale Ranns10-68/+307
- only build them for popular path-lists (where popular means more than 64 children) the reason to have a map is to improve convergence speed for recursive prefixes - if there are only a few this technique is not needed - only build them when there is at least one path that has recursive constraints, i.e. a path that can 'fail' in a PIC scenario. - Use the MAPS in the switch path. - PIC test cases for functionality (not convergence performance) Change-Id: I70705444c8469d22b07ae34be82cfb6a01358e10 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-18Memory leak in load-balance mapsNeale Ranns1-2/+10
Change-Id: Iec67ae1232e346d5e0000e0b4c997fdc31865bc6 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-13Remove unsed parameter from fib_table_entry_special_add() (only used in FIB ↵Neale Ranns7-39/+21
tests). The DPO was incorrectly initialised with FIB_PROTO_MAX Change-Id: I962df9e162e4dfb6837a5ce79ea795d5ff2d7315 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-11MPLS Mcast coverity fixesNeale Ranns1-1/+1
Change-Id: Ic07ec5d4c2560a414d5f4f7eb37e10faf591664a Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-11Remove usued, redundant and deprecated code from lookup.hNeale Ranns1-19/+0
Change-Id: Ic16bc10d0b2877b2afdf052615f9334f31b9519f Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-07MPLS McastNeale Ranns17-311/+1039
1 - interface-DPO Used in the Data-plane to change a packet's input interface 2 - MPLS multicast FIB entry Same as a unicast entry but it links to a replicate not a load-balance DPO 3 - Multicast MPLS tunnel Update MPLS tunnels to use a FIB path-list to describe the endpoint[s]. Use the path-list to generate the forwarding chain (DPOs) to link to . 4 - Resolve a path via a local label (of an mLDP LSP) For IP multicast entries to use an LSP in the replication list, we need to decribe the 'resolve-via-label' where the label is that of a multicast LSP. 5 - MPLS disposition path sets RPF-ID For a interface-less LSP (i.e. mLDP not RSVP-TE) at the tail of the LSP we still need to perform an RPF check. An MPLS disposition DPO performs the MPLS pop validation checks and sets the RPF-ID in the packet. 6 - RPF check with per-entry RPF-ID An RPF-ID is used instead of a real interface SW if index in the case the IP traffic arrives from an LSP that does not have an associated interface. Change-Id: Ib92e177be919147bafeb599729abf3d1abc2f4b3 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-06BFD-FIB interactionsNeale Ranns13-138/+983
- single-hop BFD: attach a delegate to the appropriate adjacency - multi-hop BFD [not supported yet]: attach a delegate to the FIB entry. adjacency/fib_entry state tracks the BFD session state. when the state is down the object does not contribute forwarding hence and hence dependent objects will not use it. For example, if a route is ECMP via two adjacencies and one of them is BFD down, then only the other is used to forward (i.e. we don't drop half the traffic). Change-Id: I0ef53e20e73b067001a132cd0a3045408811a822 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-01MTRIE Optimisations 2Neale Ranns12-66/+147
1) 16-8-8 stride. Reduce trie depth walk traded with increased memory in the top PLY. 2) separate the vector of protocol-independent (PI) fib_table_t with the vector of protocol dependent (PD) FIBs. PD FIBs are large structures, we don't want to burn the memory for ech PD type 3) Go straight to the PD FIB in the data-path thus avoiding an indirection through, e.g., a PLY pool. Change-Id: I800d1ed0b2049040d5da95213f3ed6b12bdd78b7 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-30SR replicate mheap corruption fix VPP-672shwethab2-1/+1
Change-Id: If1c68fc63fa71fab198f2bf4f79bdd7a9841c2e8 Signed-off-by: shwethab <shwetha.bhandari@gmail.com> Signed-off-by: Pablo Camarillo <pcamaril@cisco.com>
2017-03-29Mtrie optimisationsNeale Ranns2-6/+3
1 - make the default route non-special, i.e. like any other less specific route. Consequently, all buckets have a valid valid index of either a leaf or a ply. Checks for special indeices in the data-path can thus be removed. 2 - since all leaves are now 'real' i.e. they represent a real load-balance object, to tell if a ply slot is 'empty' requeirs chekcing that the prefix length of the leaf occupying the slot is slot than the minium value for that ply. 3 - when removing a leaf find the cover first, then recurse down the ply and replace the old leaf with the cover. This saves us a ply walk. Change-Id: Idd523019e8bb1b6ef527b1f5279a5e24bcf18332 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-29Sub-net broadcast addresses for IPv4Neale Ranns1-0/+21
Change-Id: Ib2189d01e8bc61de57404159690fb70f89c47277 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-17Attached hostsNeale Ranns5-0/+22
allow this config to function: set int ip address loop0 169.254.1.1/32 (the default GW address for attached hosts) set int unnumbered af_packet0 use loop0 ('enable' IP on the host interface) ip route add 192.168.1.1/32 via af_packet0 (where to find the host) repeat for each host and host interface. Inter-host communication is throught the /32 routes. To allow this: 1 - attached host routes have the ATTACHED flag set, so the ARP code accepts then as legitimate sources 2 - unnumbered interfaces inherit the source address from the IP interface Change-Id: Ib66c5f0e848c528f79372813adc3a0c11b50717f Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-17Adjacency refinement; check the cover's interface against the adjacency'sNeale Ranns2-4/+97
Change-Id: I3fa2f35056b74e479288bb956f2713f727a81c72 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-15No vector allocation during buffer copyNeale Ranns1-3/+1
Change-Id: I7e8556af833ca0e00fadc96dcd2077ff1104541b Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-09MAP pre-resolve - use FIB to track pre-resolved next-hopNeale Ranns1-0/+2
Change-Id: I9ea16881caf7aee57f0daf4ac2e8b82c672f87e9 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-08Proxy ND (RFC4389 - or a sub-set thereof). This allows the 'emulation' of ↵Neale Ranns2-0/+6
bridging. That is hosts in one sub-net reachable via differenet interfaces. Introducate a new API command: ip6 nd proxy <host-address> <interface> this indicates 2 things; 1) that host <host-address> is reachable out of interface <interface>. VPP will thus install that route. 2) NS requests sent to <host-address> will be responeded to (i.e. proxied). Change-Id: I863f967fdb5097ab3b574769c70afdbfc8d5478a Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-06ioam: manycast using iOAM and SR (VPP-628)Shwetha Bhandari2-3/+11
Change-Id: I6d2afda991d771fb4a89fc3f6544f8e940a9b9f0 Signed-off-by: Shwetha Bhandari <shwethab@cisco.com>
2017-02-25MFIB: changes to improve route add/delete performanceNeale Ranns1-5/+3
Change-Id: I063d85200d12b09545ae1c373c7fc69112ae3b34 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-24FIB: 1) fix pool realloc during prefix export. 2) don't walk off the end of ↵Neale Ranns3-7/+31
the path-extension vector Change-Id: I8bd8f6917ace089edb1f65bd017b478ee198c03f Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-24MFIB memory leak. free the per-source interface hashNeale Ranns1-1/+1
Change-Id: I0ccb337eb0ed50ccc64193533cd816f6e36e6db5 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-20FIB reset leaves residual routes. Wrong API used to remove the routes meant ↵Neale Ranns2-2/+5
the lock count on the entry did not drop to zero Change-Id: I6e2dff8c3c7976fd1c2e4c5258f5dc73123aa9b7 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-20Python test IP and MPLS objects conform to infra.Neale Ranns1-1/+1
Add IP[46] MFIB dump. Change-Id: I4a2821f65e67a5416b291e4912c84f64989883b8 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-13Out-of-tree Build Error fixAkshayaNadahalli1-22/+0
File vnet/fib/fib_urpf_list.h was included in vnet/fib/ip6_fib.h but was exported to be installed in /usr/include/vnet. So out-of-tree builds relying on an installed package was failing. Fix is to inlcude fib_urpf_list.h in source file rather than including it in header file. Change-Id: Iae39c1d9417dbd31ee67fa1bd2d1915d5e813c73 Signed-off-by: AkshayaNadahalli <anadahal@cisco.com>
2017-02-13Basic support for LISP-GPE encapsulated NSH packetsFlorin Coras6-4/+25
Change-Id: I97fedb0f70dd18ed9bbe985407cc5fe714e8a2e2 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-02-08Fix source address reachability check for ip6 local packetsAkshayaNadahalli1-1/+23
Currently ip6 local check fails with error - source lookup miss if route to source of packet is over a dpo object such as load balance - recurssive route, tunnel adj - GRE, SR etc. So unless packet source is of a directly connected neibhor or has route with both interface and nexthop specified, it will be dropped. Fix is to check urpf list and if at least one link exists in the list, then allow packets to be processed, else drop. Change-Id: Id426311bb63bab506754a79409c602fdb6d0f190 Signed-off-by: AkshayaNadahalli <anadahal@cisco.com>
2017-01-27IP Multicast FIB (mfib)Neale Ranns20-224/+440
- IPv[46] mfib tables with support for (*,G/m), (*,G) and (S,G) exact and longest prefix match - Replication represented via a new replicate DPO. - RPF configuration and data-plane checking - data-plane signals sent to listening control planes. The functions of multicast forwarding entries differ from their unicast conterparts, so we introduce a new mfib_table_t and mfib_entry_t objects. However, we re-use the fib_path_list to resolve and build the entry's output list. the fib_path_list provides the service to construct a replicate DPO for multicast. 'make tests' is added to with two new suites; TEST=mfib, this is invocation of the CLI command 'test mfib' which deals with many path add/remove, flag set/unset scenarios, TEST=ip-mcast, data-plane forwarding tests. Updated applications to use the new MIFB functions; - IPv6 NS/RA. - DHCPv6 unit tests for these are undated accordingly. Change-Id: I49ec37b01f1b170335a5697541c8fd30e6d3a961 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-01-12Account for pool realloc when importing FIB entries during VRF exportNeale Ranns1-4/+12
Change-Id: I8ec6d53fa9c0790f85802663f70a6b3630239f8d Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2017-01-05FIB memory leaks (VPP-578)Neale Ranns4-8/+29
1) vec_free the fe_srcs of a fib_entry_t when the fib_entry_t is itself reed 2) in the load-balance fixup if a drop path is required add this to a new vector of next-hops 'fixed_nhs'. This vector is managed by the load-balance function. The caller continues to manage its own set. The function is now const implying that the caller is safe to assume the next-hops do not change. Change-Id: I0f29203ee16b9a270f40edf237488fa99ba65320 Signed-off-by: Neale Ranns <nranns@cisco.com> Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2016-12-28Reorganize source tree to use single autotools instanceDamjan Marion48-0/+25560
Change-Id: I7b51f88292e057c6443b12224486f2d0c9f8ae23 Signed-off-by: Damjan Marion <damarion@cisco.com>