aboutsummaryrefslogtreecommitdiffstats
path: root/src/plugins/map/ip6_map_t.c
AgeCommit message (Collapse)AuthorFilesLines
2020-08-13map: handle IPv6 extension headers for TCP/UDPVladimir Isaev1-2/+2
Without this patch offset for TCP/UDP headers was not calculated correctly if there is one or more IPv6 extension headers. Type: fix Signed-off-by: Vladimir Isaev <visaev@netgate.com> Change-Id: I04d6f5e42f8f072987192d6236085afbd74a4420 (cherry picked from commit 7d4cd0cf6f1a94953ef97ab885752424dea6948c)
2020-08-12map: honor pre-resolve param in map-tAlexander Chernavin1-2/+22
With this commit, forward the translated packet directly to the specified next-hop if pre-resolve param is enabled in MAP-T. Type: fix Change-Id: Ie26080c7820318c7982599577a4af6e4d01a0574 Signed-off-by: Alexander Chernavin <achernavin@netgate.com> (cherry picked from commit f145c15631ba62e798395499f83a2f8a91ae83c7) Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2020-08-12map: Prevent IPv4 prefix spoofing during IPv6 -> IPv4Jon Loeliger1-2/+14
Prevent malicious packets with spoofed embedded IPv4 addresses by limiting the IPv6 ingress packets to known MAP-T domains. Drop spoofed packets. Add several tests that ensure spoofing isn't allowed. Type: fix Fixes: fc7344f9be Change-Id: I80a5dd10d5fe7492e3a1b04de389d649a78065e2 Signed-off-by: Jon Loeliger <jdl@netgate.com> (cherry picked from commit 65866f03d96bd41b99b1c823ea6f38cd77fac58c)
2018-12-21MAP: Convert from DPO to input feature.Jon Loeliger1-114/+261
Change-Id: I25c86aea23dff19656449b23133db27b1f062ac0 Signed-off-by: Jon Loeliger <jdl@netgate.com> Signed-off-by: Ole Troan <ot@cisco.com>
2018-12-18MAP: Remove dual loop in MAP-T in preparation for refactor.Ole Troan1-389/+0
Change-Id: I3c77cadaa7b677073af00407f368bd48d703fdac Signed-off-by: Ole Troan <ot@cisco.com>
2018-11-22Revert "Add support for MAP-T CE (VPP-1058)"Ole Troan1-241/+106
This reverts commit 0ae15ed43aaa600a75ca4c154bc62478820c00b4. Re-add MAP CE support later. This patch polluted the code with too many if (ce) ... Change-Id: Ia0ffd6fdb452aa5d30abec57772c17fc16fb0dbd Signed-off-by: Ole Troan <ot@cisco.com>
2018-09-27IPIP and IPv6 fragmentationOle Troan1-7/+0
- Error where ICMPv6 error code doesn't reset VLIB_TX = -1 Leading to crash for ICMP generated on tunnelled packets - Missed setting VNET_BUFFER_F_LOCALLY_ORIGINATED, so IP in IPv6 packets never got fragmented. - Add support for fragmentation of buffer chains. - Remove support for inner fragmentation in frag code itself. Change-Id: If9a97301b7e35ca97ffa5c0fada2b9e7e7dbfb27 Signed-off-by: Ole Troan <ot@cisco.com>
2018-07-11avoid using thread local storage for thread indexDamjan Marion1-2/+2
It is cheaper to get thread index from vlib_main_t if available... Change-Id: I4582e160d06d9d7fccdc54271912f0635da79b50 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-06-25MAP: Move MAP-E/T to a plugin.Ole Troan1-0/+1186
Only remaining traces of MAP in the src/vnet is now in buffer.h. Awaiting a new buffer opaque API (hint, hint). Change-Id: Ie165561484731f1d7ed6e0f604b43624e06db3f0 Signed-off-by: Ole Troan <ot@cisco.com>