summaryrefslogtreecommitdiffstats
path: root/src/vat
AgeCommit message (Collapse)AuthorFilesLines
2017-05-09Add missing format_ip6_address() functions to plugin_api.Jon Loeliger2-0/+78
Specifically, the ACL plugin needed format_ip6_address() and the ip46 variant as well. Change-Id: Iec35b8acd4cab4bcbc73053dcca2ee91bd9c72cd Signed-off-by: Jon Loeliger <jdl@netgate.com>
2017-04-13LISP: make statistics thread safeFilip Tehlar1-0/+15
Change-Id: I056dc6246f79d887d69ad459a6b8b3092a099baa Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-04-07MPLS McastNeale Ranns1-56/+77
1 - interface-DPO Used in the Data-plane to change a packet's input interface 2 - MPLS multicast FIB entry Same as a unicast entry but it links to a replicate not a load-balance DPO 3 - Multicast MPLS tunnel Update MPLS tunnels to use a FIB path-list to describe the endpoint[s]. Use the path-list to generate the forwarding chain (DPOs) to link to . 4 - Resolve a path via a local label (of an mLDP LSP) For IP multicast entries to use an LSP in the replication list, we need to decribe the 'resolve-via-label' where the label is that of a multicast LSP. 5 - MPLS disposition path sets RPF-ID For a interface-less LSP (i.e. mLDP not RSVP-TE) at the tail of the LSP we still need to perform an RPF check. An MPLS disposition DPO performs the MPLS pop validation checks and sets the RPF-ID in the packet. 6 - RPF check with per-entry RPF-ID An RPF-ID is used instead of a real interface SW if index in the case the IP traffic arrives from an LSP that does not have an associated interface. Change-Id: Ib92e177be919147bafeb599729abf3d1abc2f4b3 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-05L2FIB:add l2fib_flush_bd l2fib_flush_int apisEyal Bari1-2/+72
Change-Id: I0a6989c6963956f3e60e8c50835c57845fccef8c Signed-off-by: Eyal Bari <ebari@cisco.com>
2017-04-05GRE over IPv6Ciara Loftus1-13/+65
Refactors the GRE node to work with both IPv4 and IPv6 transports. Note that this changes the binary configuration API to support both address families; each address uses the same memory for either address type and a flag to indicate which is in use. The CLI and VAT syntax remains unchanged; the code detects whether an IPv4 or an IPv6 address was given. Configuration examples: IPv4 CLI: create gre tunnel src 192.168.1.1 dst 192.168.1.2 IPv6 CLI: create gre tunnel src 2620:124:9000::1 dst 2620:124:9000::2 IPv4 VAT: gre_add_del_tunnel src 192.168.1.1 dst 192.168.1.2 IPv6 VAT: gre_add_del_tunnel src 2620:124:9000::1 dst 2620:124:9000::2 Change-Id: Ica8ee775dc101047fb8cd41617ddc8fafc2741b0 Signed-off-by: Ciara Loftus <ciara.loftus@intel.com>
2017-04-04BD/API:add bridge_domain_set_mac_age apiEyal Bari1-1/+76
Change-Id: Ic2d33b31ba88f6d9602a22439865637d98cf4a33 Signed-off-by: Eyal Bari <ebari@cisco.com>
2017-03-30Fix pid field endian in ARP/ND/DHCP event related API messagesJohn Lo1-9/+9
Make sure pid field in these API messages is stored in network order (it is also kept and used by VPP in network order). Change-Id: Id5d08e7a45b7e49d4b840a337458d99414d0b949 Signed-off-by: John Lo <loj@cisco.com>
2017-03-30Fix more "symbol XXX found in none of the libs" warningsDave Barach1-1/+0
Change-Id: I4467f26da5bdcfd76e5914e0124a83b659757947 Signed-off-by: Dave Barach <dave@barachs.net>
2017-03-22vhost: support interrupt modeSteven1-5/+62
vhost currently supports only polling mode. This patch is to add interrupt mode. When the interface is configured for interrupt mode, our input node does not get called unless there is a packet in the vring. If a particular CPU has one interface configured for polling mode and another in interrupt, the input node is set to polling for that CPU. This diffs also includes two crashes in vlib's dispatch_node. One is included in https://gerrit.fd.io/r/#/c/5516. The other crash is in the ASSERT. The ASSERT can become true when the caller of dispatch_node is in a loop. The first call converted the node to polling. The second call thereafter will hit the ASSERT. Change-Id: If17b6d48b20d7d8605c6a161459828637173cd32 Signed-off-by: Steven <sluong@cisco.com>
2017-03-22policer: fix byte ordering in policer_details msgMarek Gradzki1-2/+2
Change-Id: Id53131e8cd32bfd35739a7bd7cdbadf3a9f4d941 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-03-21LISP statisticsFilip Tehlar1-0/+208
Change-Id: I399cac46d279e020ba33459ef759d9d29d3ac716 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-03-15VXLAN:add hidden multicast interface checkEyal Bari1-4/+2
and some refactoring Change-Id: I99e3c5e782ce65cb9779ccc3a9a3151ef1429e07 Signed-off-by: Eyal Bari <ebari@cisco.com>
2017-03-10LISP: fix Proxy-ETR show command, VPP-660Filip Tehlar1-0/+146
Change-Id: I8b7dc3bf631bd228db23679534e04b8af7ac4ec7 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-03-09IMplementation for option to not create a FIB table entry when adding a ↵Neale Ranns1-0/+4
neighbor entry Change-Id: I952039e101031ee6a06e63f4c73d8eb359423e1a Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-08Proxy ND (RFC4389 - or a sub-set thereof). This allows the 'emulation' of ↵Neale Ranns1-0/+109
bridging. That is hosts in one sub-net reachable via differenet interfaces. Introducate a new API command: ip6 nd proxy <host-address> <interface> this indicates 2 things; 1) that host <host-address> is reachable out of interface <interface>. VPP will thus install that route. 2) NS requests sent to <host-address> will be responeded to (i.e. proxied). Change-Id: I863f967fdb5097ab3b574769c70afdbfc8d5478a Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-07Missing plugin binary API command fns found after brief searchDave Barach2-2/+1
Create hash tables before loading plugins. Previous init sequence wiped out most if not all of them. Change-Id: I5dd628895f68f740d525951511a9fef1822d39da Signed-off-by: Dave Barach <dave@barachs.net>
2017-03-07DHCP Multiple Servers (VPP-602, VPP-605)Neale Ranns1-14/+42
Multiple DHCP (4 and/or 6) servers can be added and removed through multiple calls to the 'set dhcp server' API. All 4/6/ discover/solicit messages will then be replicated to all servers in the list. The expectation is that the servers/system is configured in such a way that this is viable. If VSS information is providied for the clinet VRF which also has multiple servers configured, then the same VSS information is sent to each server. Likewise the source address of packets sent to from VPP to each server is the same. Change-Id: I3287cb084c84b3f612b78bc69cfcb5b9c1f8934d Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-07Fix endian issue in ARP Event ReplyWojciech Dec1-2/+4
ARP Event reply sw_if_index was getting passed in host byte order. Change-Id: Ifae8673906ac2c4233f146786a3d02c38280809b Signed-off-by: Wojciech Dec <wdec@cisco.com>
2017-03-04Evolving SRv6 (Segment Routing for IPv6)Pablo Camarillo1-286/+71
Implements: 1.- SR Policies with several (weighted) SID lists 2.- Binding SID 3.- SR LocalSIDs with support for the following functions - End - End.X - End.DX6 - End.DX4 - End.DX2 - End.DT6 - End.DT2 - End.B6 - End.B6.Encaps 4.- SR Steering policies (to steer a traffic through an SR Policy) - Support for IPv6 traffic (IPv6 Encapsulation / SRH insertion) - Support for IPv4 traffic (IPv6 Encapsulation) - Support for L2 traffic (T.Insert / T.Encaps) 5.- Doxygen documentation 6.- Framework (APIs) to allow the definition of new SR LocalSID behaviors by means of plugins 7.- Sample SRv6 LocalSID plugin Change-Id: I2de3d126699d4f11f54c0f7f3b71420ea41fd389 Signed-off-by: Pablo Camarillo <pcamaril@cisco.com>
2017-03-03Implement a loopback instance allocation scheme.Jon Loeliger1-6/+53
To support creating loopback interfaces with a specific instance number, a new CREATE_LOOPBACK_INSTANCE API call with flag is_specified and value user_instance is introduced. Presumably the existing CREATE_LOOPBACK API message will be obsoleted and revmoved. The VAT cli commands can now mention and format the new field as 'instance %d' data. If no instance number is named, the old call CREATE_LOOPBACK is used to maintain backward compatibility. However, if the instance is named, the new CREATE_LOOPBACK_INSTANCE message will be used. Both the dynamically allocated and user-requested instance number are tracked in a bitvector. If is_specified is 0, the next free instance will be used.. A request for a specific instance number will be granted if it is available. On error, the value ~0 is returned. Change-Id: I849815563a5da736dcd6bccd262ef49b963f6643 Signed-off-by: Jon Loeliger <jdl@netgate.com>
2017-03-02Clean up binary api message handler registration issuesDave Barach1-7/+36
Removed a fair number of "BUG" message handlers, due to conflicts with actual message handlers in api_format.c. Vpp itself had no business receiving certain messages, up to the point where we started building in relevant code from vpp_api_test. Eliminated all but one duplicate registration complaint. That one needs attention from the vxlan team since the duplicated handlers have diverged. Change-Id: Iafce5429d2f906270643b4ea5f0130e20beb4d1d Signed-off-by: Dave Barach <dave@barachs.net>
2017-03-02Remove the unused VRF ID parameter from the IP neighbour Add/Del APINeale Ranns1-4/+0
Change-Id: Icf0d72f6af1f98c86f78e586c354515ac69804aa Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-01dpdk: be a pluginDamjan Marion1-320/+0
Change-Id: I238258cdeb77035adc5e88903d824593d0a1da90 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-02-27Add GPE CLI/API for setting encap modeFilip Tehlar1-0/+114
Change-Id: Id89e23fb5d275572b2356c073dfa0f55719e1a76 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-02-23Fix vpp built-in version of api_unformat_sw_if_index(...)Dave Barach1-16/+34
Change-Id: I103fe19a1ecbaf3746ec6b957fa1010458cc9fae Signed-off-by: Dave Barach <dave@barachs.net>
2017-02-22Clean up "binary-api" help string, arg parse bugsDave Barach1-0/+2
Change-Id: I12311be8ebd376b8aeac25364d010d70a85c7874 Signed-off-by: Dave Barach <dave@barachs.net>
2017-02-21Add Overlay Network Engine APIFilip Tehlar1-209/+291
Change-Id: I6b5984df176688f0722a2888e73f05d8ed8b9310 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-02-21dhcp: multiple additionsNeale Ranns1-89/+84
DHCP additions: 1) DHCPv4 will only relay a message back to the client, if the Option82 information is present. So make this the default. 2) It is no longer possible to select via the API to "insert circuit ID" - since this is now default 3) Remove the version 2 API since it's now the same as version 1. 4) Adding the VSS option is now conditional only on the presence of VSS config (not the 'insert' option in the set API) 5) DHCP proxy dump via API Change-Id: Ia7271ba8c1d4dbf34a02c401d268ccfbb1b74f17 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-21Rename LISP GPE API to GPEFilip Tehlar1-50/+49
Change-Id: I133c55bce46d40ffddabbbf8626cbd3d072522d4 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-02-21VPP-540 : pbb tag rewrite detailsPavel Kotucek1-0/+13
Extended sw_interface_dump to provide 802.1ah (pbb) tag rewrite info if present. Extended log "l2-output" to provide raw data to display result of prospetive pbb tag rewrite. Tracing is moved after l2output_vtr to show these changes. Change-Id: I8b7cb865dc67ce21afab402cc086dac35f7c0f07 Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
2017-02-20Python test IP and MPLS objects conform to infra.Neale Ranns1-0/+38
Add IP[46] MFIB dump. Change-Id: I4a2821f65e67a5416b291e4912c84f64989883b8 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-17Implemented IKEv2 initiator features:Radu Nicolau1-0/+354
- IKE_SA_INIT and IKE_AUTH initial exchanges - Delete IKA SA - Rekey and delete Child SA - Child SAs lifetime policy To set up one VPP instance as the initiator use the following CLI commands (or API equivalents): ikev2 profile set <id> responder <interface> <addr> ikev2 profile set <id> ike-crypto-alg <crypto alg> <key size> ike-integ-alg <integ alg> ike-dh <dh type> ikev2 profile set <id> esp-crypto-alg <crypto alg> <key size> esp-integ-alg <integ alg> esp-dh <dh type> ikev2 profile set <id> sa-lifetime <seconds> <jitter> <handover> <max bytes> and finally ikev2 initiate sa-init <profile id> to initiate the IKE_SA_INIT exchange Child SA re-keying process: 1. Child SA expires 2. A new Child SA is created using the Child SA rekey exchange 3. For a set time both SAs are alive 4. After the set time interval expires old SA is deleted Any additional settings will not be carried over (i.e. settings of the ipsec<x> interface associated with the Child SA) CLI API additions: ikev2 profile set <id> responder <interface> <addr> ikev2 profile set <id> ike-crypto-alg <crypto alg> <key size> ike-integ-alg <integ alg> ike-dh <dh type> ikev2 profile set <id> esp-crypto-alg <crypto alg> <key size> esp-integ-alg <integ alg> esp-dh <dh type> ikev2 profile set <id> sa-lifetime <seconds> <jitter> <handover> <max bytes> ikev2 initiate sa-init <profile id> ikev2 initiate del-child-sa <child sa ispi> ikev2 initiate del-sa <sa ispi> ikev2 initiate rekey-child-sa <profile id> <child sa ispi> Sample configurations: Responder: ikev2 profile add pr1 ikev2 profile set pr1 auth shared-key-mic string Vpp123 ikev2 profile set pr1 id local fqdn vpp.home.responder ikev2 profile set pr1 id remote fqdn vpp.home.initiator ikev2 profile set pr1 traffic-selector remote ip-range 192.168.125.0 - 192.168.125.255 port-range 0 - 65535 protocol 0 ikev2 profile set pr1 traffic-selector local ip-range 192.168.124.0 - 192.168.124.255 port-range 0 - 65535 protocol 0 Initiator: ikev2 profile add pr1 ikev2 profile set pr1 auth shared-key-mic string Vpp123 ikev2 profile set pr1 id local fqdn vpp.home.initiator ikev2 profile set pr1 id remote fqdn vpp.home.responder ikev2 profile set pr1 traffic-selector local ip-range 192.168.125.0 - 192.168.125.255 port-range 0 - 65535 protocol 0 ikev2 profile set pr1 traffic-selector remote ip-range 192.168.124.0 - 192.168.124.255 port-range 0 - 65535 protocol 0 ikev2 profile set pr1 responder TenGigabitEthernet3/0/1 192.168.40.20 ikev2 profile set pr1 ike-crypto-alg aes-cbc 192 ike-integ-alg sha1-96 ike-dh modp-2048 ikev2 profile set pr1 esp-crypto-alg aes-cbc 192 esp-integ-alg sha1-96 esp-dh ecp-256 ikev2 profile set pr1 sa-lifetime 3600 10 5 0 Change-Id: I1db9084dc787129ea61298223fb7585a6f7eaf9e Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
2017-02-02Remove unnecessary block structure around CONTROL_PING messages.Jon Loeliger1-179/+143
Now that the M() and S() macros accept a message parameter, there is no longer a need to introduce a new block structure around the CONTROL_PING messages just to have a new unbound "mp" variable. Instead, just use one named "mp_ping" directly. Change-Id: I6b283562bb6eec25806e3d35c35b977680ecd1dd Signed-off-by: Jon Loeliger <jdl@netgate.com>
2017-02-02Refactor fragile msg macro W and W2 to not burry return control flow.Jon Loeliger1-470/+558
Instead, have them accept and assign a return paramter leaving the return control flow up to the caller. Clean up otherwise misleading returns present even after "NOT REACHED" comments. Change-Id: I0861921f73ab65d55b95eabd27514f0129152723 Signed-off-by: Jon Loeliger <jdl@netgate.com>
2017-02-02Localize the timeout variable within the W message macro.Jon Loeliger1-184/+2
Rather than rely on an unbound variable, explicitly introduce the timeout variable within the 'do { ... } while (0)' construct as a block-local variable. Change-Id: I6e78635290f9b5ab3f56b7f116c5fa762c88c9e9 Signed-off-by: Jon Loeliger <jdl@netgate.com>
2017-02-02Convert message macro S to accept a message pointer parameter;Jon Loeliger1-232/+232
Rather than blindly assume an unbound, fixed message parameter explicilty pass it as a paramter to the S() macro. Change-Id: Ieea1f1815cadd2eec7d9240408d69acdc3caa49a Signed-off-by: Jon Loeliger <jdl@netgate.com>
2017-02-02Ensure all M() and M2() second parameters are the message pointer.Jon Loeliger1-237/+233
Rather than maintain (?) an unused second parameter, t, and pull an unbound message pointer, mp, out of context, explicitly list the message pointer as the second parameter. Change-Id: I92143efda6211cdf6b935470f8c71579742a6b64 Signed-off-by: Jon Loeliger <jdl@netgate.com>
2017-02-02LISP: enhance binary part of some APIsFilip Tehlar1-14/+4
Remote mapping and locator set binary APIs uses zero length arrays defined as 'u8 array[0]' in .api file. This path will change such cases to form 'type_t array[count];' in order to enhance maintainability. Change-Id: I98d0252b441020609c550d48186ed0d8338a3f2d Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-01-31MFIB Coverity warnings. The lock macro is functionally equivalent but more ↵Neale Ranns1-4/+4
expressive (and might appease coverity) Change-Id: Ie3c9b2896a487a0302903bfbdd6348f6f091c67d Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-01-31Add vxlan-bypass feature to IP6 forwarding pathJohn Lo1-2/+2
Add vxlan-bypass feature which can be enabled on the IP6 underlay interface which receive VXLAN packets to accelerate VXLAN decap processing. The CLI to enable/disable it is: set interface ip6 vxlan-bypass <interface> [del] The vxlan-bypass feature is already supported on the IP4 underlay interface. The CLI to enable/disable it is: set interface ip vxlan-bypass <interface> [del] Move vxlan-bypass API/CLI support code from decap.c to vxlan.c. Also fixed two issues in the VXLAN decap path in the vxlan-input node: 1. Add verification of VXLAN packet FIB index with the encap-vrf-id of the VXLAN tunnel. 2. Fix checking of VXLANoIPv6 packet mcast DIP against that of the IP6 mcast VXLAN tunnel. Change-Id: I2bad4074a468c48fbb8bb5ac64f6437190756ed2 Signed-off-by: John Lo <loj@cisco.com>
2017-01-30LISP: add dump calls for GPE entries APIFilip Tehlar1-0/+256
Change-Id: Ie7f51643fd3522a0fa8df8d0309305481c211f5f Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-01-27dpdk: rework cryptodev ipsec build and setupSergio Gonzalez Monroy1-31/+0
Build Cryptodev IPsec support by default when DPDK is enabled but only build hardware Cryptodev PMDs. To enable Cryptodev support, a new startup.conf option for dpdk has been introduced 'enable-cryptodev'. During VPP init, if Cryptodev support is not enabled or not enough cryptodev resources are available then default to OpenSSL ipsec implementation. Change-Id: I5aa7e0d5c2676bdb41d775ef40364536a081956d Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
2017-01-27IP Multicast FIB (mfib)Neale Ranns1-0/+173
- IPv[46] mfib tables with support for (*,G/m), (*,G) and (S,G) exact and longest prefix match - Replication represented via a new replicate DPO. - RPF configuration and data-plane checking - data-plane signals sent to listening control planes. The functions of multicast forwarding entries differ from their unicast conterparts, so we introduce a new mfib_table_t and mfib_entry_t objects. However, we re-use the fib_path_list to resolve and build the entry's output list. the fib_path_list provides the service to construct a replicate DPO for multicast. 'make tests' is added to with two new suites; TEST=mfib, this is invocation of the CLI command 'test mfib' which deals with many path add/remove, flag set/unset scenarios, TEST=ip-mcast, data-plane forwarding tests. Updated applications to use the new MIFB functions; - IPv6 NS/RA. - DHCPv6 unit tests for these are undated accordingly. Change-Id: I49ec37b01f1b170335a5697541c8fd30e6d3a961 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-01-25Repair plugin binary API message numberingDave Barach1-0/+1
Change-Id: I422a3f168bd483e011cfaf54af022cb79b78db02 Signed-off-by: Dave Barach <dave@barachs.net>
2017-01-25[re]Enable per-Adjacency/neighbour countersNeale Ranns2-0/+142
Change-Id: I953b3888bbc6d8a5f53f684a5edc8742b382f323 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-01-23binary-api debug CLI works with pluginsDave Barach2-84/+44
Change-Id: I81f33f5153d5afac94b66b5a8cb91da77463af79 Signed-off-by: Dave Barach <dave@barachs.net>
2017-01-14Provision linux stack ip4 and ip6 addresses for tap interfacesDave Barach1-0/+25
To simplify system configuration. Converted existing code to use an argument structure, instead of [one or two too many] discrete parameters. Change-Id: I3eddfa74eeed918c1b04a6285fba494651594332 Signed-off-by: Dave Barach <dave@barachs.net>
2017-01-13LISP: Fix gpe APIFilip Tehlar1-152/+33
Change-Id: Iba076fc13e3f870c49fc5ca971dc7b8799188a27 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-01-10IPv6 NS RS tests and fixesNeale Ranns1-4/+1
includes Fix for VPP-584 with API change to remove prefix length from LL programming Change-Id: If860751c35e60255fb977f73bc33e8c2649e728e Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-01-10API refactoring : dpdkPavel Kotucek1-17/+102
Change-Id: If2541be803a0303401b013390e117c26fd1d9739 Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>