summaryrefslogtreecommitdiffstats
path: root/src/plugins/map
AgeCommit message (Collapse)AuthorFilesLines
2020-01-28map: ip4-map-t more RFC compliantVladimir Ratnikov1-8/+20
When MTU is not set, ignore_df and mtu check always returns true and packets are dropped. This patch puts MTU checks after it was compared with 0 and set to maximum if not set. Added trace node. If MTU is less than the total length value of the IPv4 packet plus 20, the translator MUST send an ICMPv4 "Fragmentation Needed" error message to the IPv4 source address Type: fix Fixes: 87663cdf644fb7c94c0fec9460829b7e4e7c35ca Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com> Change-Id: I35b99bc2648984cdbf5b6a57ddec91c586b15bef
2020-01-27map: api: fix tag overflow and leakBenoît Ganne2-4/+6
The 'tag' parameter is expected to be a NULL-terminated C-string in callees: - make sure it is null-terminated in both API and CLI cases - do not allocate & copy the string into a non-NULL-terminated vector in API case - fix leak in CLI case Type: fix Change-Id: I221a489a226240548cdeb5e3663bbfb94eee4600 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-01-10docs: Edit FEATURE.yaml files so they can be publishedJohn DeNisco1-2/+2
Type: docs Signed-off-by: John DeNisco <jdenisco@cisco.com> Change-Id: I7280e5c5ad10a66c0787a5282291a2ef000bff5f
2020-01-03map: fix ip4-map-t DF behaviorVladimir Ratnikov1-11/+12
ip4_is_fragment(header) or ip4_is_first_fragment(header) didn't changed when packet with fragmentation needed arrives. This patch checks DF flag and MTU with packet length and if DF is set and length > MTU, packet is dropped. In case if ignore_df is set, DF flag makes no sense. Type: fix Fixes: d6d50cebde647f9a5ee7251a7fef977506f315d7 Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com> Change-Id: I720e25167c19a0b13ac5fdfb41b12c0bbdc00d09
2020-01-03nat: use SVRKlement Sekera2-17/+20
Remove NAT's implementation of shallow virtual reassembly with corresponding CLIs, APIs & tests. Replace with standalone shallow virtual reassembly provided by ipX-sv-reass* nodes. Type: refactor Change-Id: I7e6c7487a5a500d591f6871474a359e0993e59b6 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-12-14tests: changes for scapy 2.4.3 migrationsnaramre1-1/+2
Type: fix Change-Id: I7e041b666dabd90df23a920a1f1d99db4c10ddfe Signed-off-by: snaramre <snaramre@cisco.com>
2019-12-07map: use explicit types in apiOle Troan1-2/+3
Type: fix Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: I8f01f9e71c788fbca989d43d5b87da9c33fba0b1
2019-12-05map: fix MAP-T ip6 port checkMatthew Smith2-5/+60
Type: fix Ticket: VPP-1804 Fix a regression introduced by 640edcd90. The port set ID on received IPv6 packets for MAP-T was being checked against the destination port. It should be checked against the source port. Added a new unit test to verify that a v6 packet with a good source port is translated and forwarded and a v6 packet with a bad source port is dropped. The important part of the test which will prevent similar future regressions is that the source port and destination port are not equal. The existing unit test used the same source and destination port which is why it did not fail when the regression was introduced. Change-Id: Idc144ea509722bb9e0f80b3887d220384a04e6d6 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2019-12-04map: Fix a coverity MAP dead-code issue.Jon Loeliger1-3/+0
Type: fix Change-Id: I5467bbe3b25b1ea3fb44157abe6e7bfb3f191e77 Signed-off-by: Jon Loeliger <jdl@netgate.com>
2019-12-03map: Avoid null dereference in 'map show' and 'map del'Jon Loeliger1-12/+22
If a map domain is created without a tag name, inspecting the map data will segfault looking for an unset name in the so-called "domain extras" vector. Enhance "show map domain" to show all map domains. Type: fix Change-Id: Ic55662b84eec58221816da270b2ef9e89c3a31c3 Signed-off-by: Jon Loeliger <jdl@netgate.com>
2019-11-26map: Fix inverted 'map security check enable' CLI flag.Jon Loeliger1-2/+2
Type: fix Fixes: 5a2e278a09726be627b8310e03f0522d60aafedf Change-Id: Ibdc2f0be44e382bfa4a8f3e16be8d6239d7a0ec1 Signed-off-by: Jon Loeliger <jdl@netgate.com>
2019-11-19map: fix coverity issue 205684Andrew Yourtchenko1-2/+2
ip4_map_get_domain returns d0 = 0 in case of no domain, and sets error MAP_ERROR_NO_DOMAIN. Rearrange the clauses in the logical check that relies on dereferencing d0 such that boolean shortcutting takes care of not referencing the null pointer. Change-Id: I378adc120836ea920fc530808ac3c1f98ab8d593 Type: fix Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2019-11-19map: Fix TCP MSS clamping for MAP-E traffic.Jon Loeliger2-2/+84
Original MSS clamp patch by Vladimir Ratnikov. Modified to apply only to TCP packets. Type: fix Test: Wrote new unit test to ensure MAP-E TCP MSS clamping. Change-Id: I77c69714a2e3cc3b7473aa12b645243bb595c2a2 Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com> Signed-off-by: Jon Loeliger <jdl@netgate.com>
2019-11-15tests: Remove the unrequired VPP IP address/prefix class wrappersNeale Ranns1-1/+0
Type: refactor Change-Id: I204f3f8eebc5f5d5a377e91262f91c615fd00168 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-11-11ip: functional interface to ip fragmentationOle Troan5-214/+148
This provides a functional interface to IP fragmentation. Allowing external features to fragment. Supports arbitrary encap size, for e.g. MPLS or inner fragmentation of tunnels. This also removed dual loop in MAP that was fundamentally broken. Type: fix Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: Ia89ecec8ee3cbe2416edbe87630fdb714898c2a8 Signed-off-by: Ole Troan <ot@cisco.com>
2019-11-06build: add yaml file linting to make checkstylePaul Vinciguerra1-1/+2
Type: feature fts and trex rely on yaml config files. Verify that they are valid, so comitters can catch errors early. Change-Id: Ide0bb276659119c59bdbbc8b8155e37562a648b8 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-11-05misc: Fix python scripts shebang lineRenato Botelho do Couto3-3/+3
Type: fix Since CentOS 8, RPM build script doesn't accept '#!/usr/bin/env python' as a valid shebang line. It requires scripts to explicitly chose between python2 or python3. Change all to use python3 as suggested by Paul Vinciguerra. Depends-On: https://gerrit.fd.io/r/23170 Signed-off-by: Renato Botelho do Couto <renato@netgate.com> Change-Id: Ie72af9f60fd0609e07f05b70f8d96e738b2754d1
2019-10-18map: python3 support in testsOle Troan1-8/+8
Type: fix Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: Icbe9ca3dc738c6575fe382740a1cc9d29a4a74ff
2019-10-09map: use ip6-full-reassembly instead of own codeKlement Sekera6-978/+30
Remove map's implementation of reassembly and use common ip6-full-reassembly functionality. This makes it easier to maintain by removing duplicate code/functionality. Type: refactor Change-Id: I430e888b704e28c100a9ce075d1460cb529e4676 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-10-03map: fix DF[Don't fragment] ip4-map-t behaviourVladimir Ratnikov1-0/+11
This patch allows ip4-map-t plugin to drop packets if DF flag is set and packet size is bigger than MTU Type: fix Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com> Change-Id: I0c1531a1f876d9efc8e7e2bff9804f298becdb68
2019-10-03map: fix indent-offKlement Sekera1-121/+133
Replace erroneous INDENT-OFF with INDENT-ON and reformat code which is non-conforming wrt to code style. Type: style Change-Id: Ia3310371e96b248e5da143fad8fdca3b2fb6650b Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-10-01map: use SVR for MAP-TKlement Sekera9-624/+69
This change is part of an effort to unify reassembly code. By removing shallow virtual reassembly functionality in MAP and using the common vnet provided shallow virtual reassembly, code size and complexity is reduced. Type: refactor Change-Id: Iec8edd039f7b967b53e17bb9bca228a8b452ac0c Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-09-26map: use SVR for MAP-EKlement Sekera5-456/+172
This change is part of an effort to unify reassembly code. By removing shallow virtual reassembly functionality in MAP and using the common vnet provided shallow virtual reassembly, code size and complexity is reduced. Type: refactor Change-Id: I431f47d4db97154fecaeaecd6719cfc3b83cfc4a Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-09-25api: split api generated filesOle Troan4-129/+6
Split generation of API message enum and the typedefs into separate files, so that the type file can be included from elsewhere. Generate a C file for VPP that contains the API registration, this was previously done via X macros by the C pre- processor. This allows deleting lots of skeleton/copy paste code for each feature. plugins/flowprobe plugins/map examples/sample-plugin vnet/ipip used as Guinea pigs. Generate a C Test file for VAT, that does the same for VAT plugins. Also add support for a per-message CLI option, that is currently limited to VAT help text. option vat_help = "<help text>"; Type: refactor Change-Id: I245e3104bb76f7e1fb69a59ab20cc7c8dfcdd460 Signed-off-by: Ole Troan <ot@cisco.com>
2019-09-16api: autogenerate api trace print/endianOle Troan2-0/+6
In addition to the external vppapitrace tool, VPP itself supports dumping of API trace files. In two formats, "custom-dump" and "dump". "dump" gives a human friendly list, and "custom-dump" is meant to give a list of commands that can be fed to VAT. This patch only deals with "dump". Prior to this fix, auto-generation was only done for the basic types. This fix adds support for any type, including lists, and supports pretty-printing of enums, strings, IP addresses, MAC addresses and so on. Usage: api trace dump <api-trace-file> For example Change-Id: I4e485680e6dcfce7489299ae6cf31d835071ac40 ---------- trace 48 ----------- vl_api_sw_interface_set_flags_t: _vl_msg_id: 75 client_index: 0 context: 10 sw_if_index: 1 flags: IF_STATUS_API_FLAG_ADMIN_UP ---------- trace 49 ----------- vl_api_sw_interface_add_del_address_t: _vl_msg_id: 88 client_index: 0 context: 11 sw_if_index: 1 is_add: 1 del_all: 0 prefix: 172.16.1.1/24 ---------- trace 51 ----------- vl_api_cli_inband_t: _vl_msg_id: 819 client_index: 0 context: 13 cmd: packet-generator capture pg0 pcap /tmp/vpp-unittest-TestMAP-YhcmDX/pg0_out.pcap disable ---------- trace 58 ----------- vl_api_ip_neighbor_add_del_t: _vl_msg_id: 199 client_index: 0 context: 20 is_add: 1 neighbor: sw_if_index: 2 flags: IP_API_NEIGHBOR_FLAG_NONE mac_address: 0202.0000.ff02 ip_address: fd01:2::2 Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: I5556d06008de2762e7c2d35a8b0963ae670b3db1 Type: fix Signed-off-by: Ole Troan <ot@cisco.com> Signed-off-by: Ole Troan <ot@cisco.com> Signed-off-by: Ole Troan <ot@cisco.com> Signed-off-by: Ole Troan <ot@cisco.com> Signed-off-by: Ole Troan <ot@cisco.com> Signed-off-by: Ole Troan <ot@cisco.com> Signed-off-by: Ole Troan <ot@cisco.com> Signed-off-by: Ole Troan <ot@cisco.com>
2019-09-12map: fix non-null-terminated C-stringBenoît Ganne1-3/+4
Type: fix Change-Id: Ia3a4693acd5eab234f60b37436c5b642b00bda46 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-09-03api: enforce vla is last and fixed string typeOle Troan2-9/+8
Enforce that variable length fields are the last element of API messages. Add a 'fixed' version of string type, since dealing with multiple variable length strings turned out too painful for the C language bindings. The string type is now: { string name[64]; // NUL terminated C-string. Essentially decays to u8 name[64] string name[]; // Variable length string with embedded len field (vl_api_string_t) }; The latter notation could be made available to other types as well. e.g. { vl_api_address_t addresses[]; } instead of { u32 n_addr; vl_api_address_t addresses[n_addr]; }; Type: fix Change-Id: I18fa17ef47227633752ab50453e8d20a652a9f9b Signed-off-by: Ole Troan <ot@cisco.com>
2019-08-22tests: move plugin tests to src/plugins/*/testDave Wallace1-0/+437
- Relocate plugin tests for 'make test' into src/plugins/*/test so that plugin test cases are co-located with the plugin source code. Type: refactor Signed-off-by: Dave Wallace <dwallacelf@gmail.com> Change-Id: I503e6a43528e14981799b735fa65674155713f67 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2019-08-19vppapigen map: raise ValueError when fieldname is python keywordPaul Vinciguerra2-6/+6
When working on the lb api, one of the field names was chosen as 'as' (application server). Since 'as' is a python keyword, the field was renamed to _1 in vpp_papi. This changeset instead fails early with a descriptive message, hopefully saving others time troubleshooting the issue. ValueError: Fieldname 'as' is a python keyword and is not accessible via the python API. Type: feature Change-Id: Ib048d97de0e392645540092e356cf8989848c947 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-07-31vppinfra: refactor test_and_set spinlocks to use clib_spinlock_tjaszha032-12/+9
Spinlock performance improved when implemented with compare_and_exchange instead of test_and_set. All instances of test_and_set locks were refactored to use clib_spinlock_t when possible. Some locks e.g. ssvm synchronize between processes rather than threads, so they cannot directly use clib_spinlock_t. Type: refactor Change-Id: Ia16b5d4cd49209b2b57b8df6c94615c28b11bb60 Signed-off-by: Jason Zhang <jason.zhang2@arm.com> Reviewed-by: Honnappa Nagarahalli <honnappa.nagarahalli@arm.com> Reviewed-by: Lijian Zhang <Lijian.Zhang@arm.com>
2019-07-30vppinfra: refactor use of CLIB_MEMORY_BARRIER ()jaszha031-2/+2
All instances of test_and_set locks used the following sequence to release the locks: CLIB_MEMORY_BARRIER (); p->lock = 0; // p is a generic struct with a TAS lock Use clib_atomic_release to generate more efficient assembly code. Type: refactor Change-Id: Idca3a38b1cf43578108bdd1afe83b6ebc17a4c68 Signed-off-by: Jason Zhang <jason.zhang2@arm.com> Reviewed-by: Honnappa Nagarahalli <honnappa.nagarahalli@arm.com> Reviewed-by: Lijian Zhang <Lijian.Zhang@arm.com>
2019-07-30vppinfra: conformed spinlocks to use CLIB_PAUSEjaszha031-2/+3
Modified test-and-set spin locks to call CLIB_PAUSE () when spinning for code consistency. Decreases the memory bandwidth consumed. Type: fix Change-Id: I1cca4f87f44f23f257c7a35466cd2e7767072f51 Signed-off-by: Jason Zhang <jason.zhang2@arm.com> Reviewed-by: Honnappa Nagarahalli <honnappa.nagarahalli@arm.com> Reviewed-by: Lijian Zhang <Lijian.Zhang@arm.com>
2019-07-23vlib: address vlib_error_t scaling issueDave Barach1-1/+1
Encoding the vpp node index into the vlib_error_t as a 10-bit quantity limits us to 1K graph nodes. Unfortunately, a few nodes need 6 bit per-node error codes. Only a very few nodes have so many counters. It turns out that there are about 2K total error counters in the system, which is (approximately) the maximum error heap index. The current (index,code) encoding limits the number of interfaces to around 250, since each interface has two associated graph nodes and we have about 500 "normal, interior" graph node This patch adds an error-index to node-index map, so we can store error heap indices directly in the vlib_buffer_t. Type: refactor Change-Id: I28101cad3d8750819e27b8785fc0cf71ff54f79a Signed-off-by: Dave Barach <dave@barachs.net>
2019-07-19fib: FIB Entry trackingNeale Ranns1-13/+4
Instead of all clients directly RR sourcing the entry they are tracking, use a deidcated 'tracker' object. This tracker object is a entry delegate and a child of the entry. The clients are then children of the tracker. The benefit of this aproach is that each time a new client tracks the entry it doesn't RR source it. When an entry is sourced all its children are updated. Thus, new clients tracking an entry is O(n^2). With the tracker as indirection, the entry is sourced only once. Type: feature Change-Id: I5b80bdda6c02057152e5f721e580e786cd840a3b Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-07-08map gbp papi: match endianess of f64Paul Vinciguerra1-5/+3
clib_net_to_host_f64, clib_host_to_net_f64 are now implemented as '=', https://gerrit.fd.io/r/#/c/20406/ set papi to match. - all f64 api references are now wrapped with clib_net_to_host_f64 or clib_host_to_net_f64. IEEE f64 endianess is not defined. If clib_net_to_host_f64 and clib_host_to_net_f64 are later defined in VPP as big-endian, it is a single character change in the papi vpp_serializer. Note: This breaks the api in a manner that would not be detected by the flag day initiative. The scope is small. This only impacts map.api, which applied the u64 transformation, while the gbp api uses '='. The implementation of "=" raises issues for the papi socket implementation if used between systems of differing endianess. See Vratko's comments. - Added get_f64_endian_value() to api to allow client to verify endianess of f64's. Type: fix Depends-on: https://gerrit.fd.io/r/#/c/20484/ Change-Id: I00fc64a6557ba0190398df211aa0ea5c7eb101df Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-06-26api: refactor format_vl_api_prefix_t return keysPaul Vinciguerra1-6/+6
format_vl_api_prefix_t returns a dict with keys 'address' and 'address_length', but other format_vl_api_prefix functions return a dict with 'prefix', and 'len'. Refactor all format_vl_api_prefix_t to return consistent keys 'address' and 'len'. Type: refactor Change-Id: I5f9558fc2da8742a303266e011102f5b2db80aad Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-06-26api: Remove the inlines file and replace with library functionsNeale Ranns1-1/+0
using inlines exposes the users to the internal data types used by VPP, namely vec.h. This file does not compile with a C++ compiler. Type: feature Change-Id: I1544fdd9eae998309f865df61df78571bdb96903 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-06-18api: string type to convert to vectorOle Troan3-23/+18
Previous use of strndup() required user to remember to call free(). Now return a vector pointing directly to the API message string. Of course user must remember to copy the string out if lifetime is longer than API message lifetime. Change-Id: Ib5e2b3d52d258e1a42ea9ea9a9e04abbe360e2bf Type: fix Signed-off-by: Ole Troan <ot@cisco.com>
2019-05-31tools: FEATURE.yaml meta-data infrastructureOle Troan1-0/+13
Add tooling for feature metadata configuration files. The main tool is in src/scripts/fts.py make checkfeaturelist to validate against schema. make featurelist to dump all feature lists to stdout. Example feature definition: name: IP in IP tunnelling maintainer: Ole Troan <ot@cisco.com> features: - IPv4/IPv6 over IPv4/IPv6 encapsulation: - Fragmentation and Reassembly - Configurable MTU - Inner to outer Traffic Class / TOS copy - Configurable Traffic Class / TOS - ICMPv4 / ICMPv6 proxying - 6RD (RFC5969): - Border Relay description: "Implements IP{v4,v6} over IP{v4,v6} tunnelling as described in RFC2473. This module also implement the border relay of 6RD (RFC5969)." state: production properties: [API, CLI, STATS, MULTITHREAD] missing: - Tunnel PMTUD - Tracking of FIB state for tunnel state - IPv6 extension headers (Tunnel encapsulation limit option) JSON schema is embedded in fts.py Example markdown: https://github.com/otroan/scratch/blob/master/features.md Change-Id: I903b4ee6b316a9378c259e86dc937092e5d4b7da Type: make Signed-off-by: Ole Troan <ot@cisco.com>
2019-05-29map: Use vl_api_string macros.Paul Vinciguerra2-27/+9
* Add optional tag to api call in tests * Add test for map_domain_dump() for api code coverage. Type: fix Change-Id: I2f7784aecdca4bf9e94de3319f959786e3d2c607 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-05-03plugins: clean up plugin descriptionsDave Wallace1-1/+1
- Make plugin descriptions more consistent so the output of "show plugin" can be used in the wiki. Change-Id: I4c6feb11e7dcc5a4cf0848eed37f1d3b035c7dda Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2019-03-22MAP: Crush Coverity ComplaintJon Loeliger1-1/+1
Change-Id: I965229f5bf8fcde9176357536a23ba8056542919 Signed-off-by: Jon Loeliger <jdl@netgate.com>
2019-03-19MAP: Add optional user-supplied 'tag' field in MAPs.Jon Loeliger4-14/+135
Like other entities, allow an arbitrray user-supplied 'tag' field to be place on created MAP domains. It is also later returned with the MAP details. You might be thinking "User assigned MAP name" here. As the MAP domain structure was at the limit of a cacheline size, introduce a parallel "extra data" vector with non-essential domain information in it. Change-Id: Icc12b64cc4cb3e040c9a475908b19f6abaf4c293 Signed-off-by: Jon Loeliger <jdl@netgate.com>
2019-03-11VPP-1533: Deleting a non-existent pre-resolved MAP next-hop causes VPP core dumpOle Troan1-7/+10
Change-Id: I6f0830b786ac46c69c867f73b044aab174e6210b Signed-off-by: Ole Troan <ot@cisco.com>
2019-02-26Remove fake MAP domain 0 entry.Jon Loeliger1-7/+1
Problematic: - It didn't have its counters initialized, so vpp crashed during a "show map stat" - Not all the tests for "are there any domains" actually accounted for the fake entry at pool slot 0. - Dump details happily returned its bogus entry. Change-Id: I57aaa9f63917686334fd4a9fa7bc80044bf1718c Signed-off-by: Jon Loeliger <jdl@netgate.com>
2019-02-02VPP-1543: show map stats crash when not configured.Ole Troan1-1/+1
Change-Id: I4c8bc3fb057d57339ce282a31b0bb70ad16dd03e Signed-off-by: Ole Troan <ot@cisco.com>
2019-01-20minor fixup in map doc (people -> seconds)Jim Thompson1-1/+1
Change-Id: I151c1afac2133ad32ad7779a59fffafee4b9de60 Signed-off-by: Jim Thompson <jim@netgate.com>
2019-01-07MAP: Prevent duplicate MAP-E/T graph nodes.Jon Loeliger3-0/+35
Change-Id: I6031f3f9cfa048a901a8424d33d47679115c2eb3 Signed-off-by: Jon Loeliger <jdl@netgate.com>
2018-12-27MAP: Install lpm.h as map.h references it.Jon Loeliger1-0/+1
Change-Id: I97c6475920b7f7028c2bb1117ff9e5f629a54b44 Signed-off-by: Jon Loeliger <jdl@netgate.com>
2018-12-21MAP: Convert from DPO to input feature.Jon Loeliger11-477/+582
Change-Id: I25c86aea23dff19656449b23133db27b1f062ac0 Signed-off-by: Jon Loeliger <jdl@netgate.com> Signed-off-by: Ole Troan <ot@cisco.com>