aboutsummaryrefslogtreecommitdiffstats
path: root/src/vnet/ethernet
AgeCommit message (Collapse)AuthorFilesLines
2017-05-23ARP/ND entries for the same address on different interfaces (VPP-848)Neale Ranns1-5/+5
there are, intentionally, no validation checks in the ARP/ND code to prevent an ARP/ND entry from being installed for an address that is not local to the interface's sub-net. This is ok, since the adjacency/FIB code is designed to handle this case using the 'refinement' criteria - i.e. only installing a FIB entry for the address if the address 'refines' (i.e. is more specific than) the interface's sub-net. However, the refinement criteria currently operates on the FIB entry's prefix (which is a /32, so on the address) and not on the next-hop in the path. So, enter multiple ARP entries for the same address on different links, and this refinement criteria uses only the last added path, and so will remove the FIB entry should the ARP entries be added in the 'wrong' order. This fix updates the refinement criteria to work on each path of the FIB entry. The entry is installed if one of the paths refines the covers and only paths refining the cover contribute forwarding. Per-path refinement checks are stored in path-extensions. The patch is rather large as path-extension, which were previously used only for out-going MPLS labels, have been generalized. Change-Id: I00be359148cb948c32c52109e832a70537a7920a Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-05-17VPP-719: Accept ARP replies from VRRP hw addrMatthew Smith1-7/+27
Check whether an ARP src hw addr starts with 00:00:5e:00:01 before rejecting due to a mismatch between ARP src hw addr and ethernet frame src addr. Change-Id: Ia3ecd5d6dba34876aca8d90bc622a0a1397e48fb Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2017-05-17Add ethernet type to support NSH over ethernetHongjun Ni1-1/+1
Change-Id: I876599d6183fab989949e8ccad5c0a3ef81991be Signed-off-by: Hongjun Ni <hongjun.ni@intel.com>
2017-05-17ARP learning fixes (VPP-843)Neale Ranns1-72/+47
learn ARP peers if, 1) it's a reply to a local address, 2) we are sending a response to a request. send proxy ARP responses only in the interface the request was sent. Change-Id: I22b949c65122824233076492b7dd537daca07bc2 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-05-06Fix mac check issue for vitual tunnel interface with no mac addressHongjun Ni1-0/+3
Change-Id: I6ce21317fcaa25781199f4329be815f076ab8b09 Signed-off-by: Hongjun Ni <hongjun.ni@intel.com>
2017-04-19Learn IP6 link-local ND entries from NSs sourced from link-local addressNeale Ranns1-0/+3
Change-Id: I4c3ce4d58df7977490fc94991291422ea1e31ee3 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-11Remove usued, redundant and deprecated code from lookup.hNeale Ranns1-9/+5
Change-Id: Ic16bc10d0b2877b2afdf052615f9334f31b9519f Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-07MPLS McastNeale Ranns4-5/+6
1 - interface-DPO Used in the Data-plane to change a packet's input interface 2 - MPLS multicast FIB entry Same as a unicast entry but it links to a replicate not a load-balance DPO 3 - Multicast MPLS tunnel Update MPLS tunnels to use a FIB path-list to describe the endpoint[s]. Use the path-list to generate the forwarding chain (DPOs) to link to . 4 - Resolve a path via a local label (of an mLDP LSP) For IP multicast entries to use an LSP in the replication list, we need to decribe the 'resolve-via-label' where the label is that of a multicast LSP. 5 - MPLS disposition path sets RPF-ID For a interface-less LSP (i.e. mLDP not RSVP-TE) at the tail of the LSP we still need to perform an RPF check. An MPLS disposition DPO performs the MPLS pop validation checks and sets the RPF-ID in the packet. 6 - RPF check with per-entry RPF-ID An RPF-ID is used instead of a real interface SW if index in the case the IP traffic arrives from an LSP that does not have an associated interface. Change-Id: Ib92e177be919147bafeb599729abf3d1abc2f4b3 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-06Use thread local storage for thread indexDamjan Marion3-11/+12
This patch deprecates stack-based thread identification, Also removes requirement that thread stacks are adjacent. Finally, possibly annoying for some folks, it renames all occurences of cpu_index and cpu_number with thread index. Using word "cpu" is misleading here as thread can be migrated ti different CPU, and also it is not related to linux cpu index. Change-Id: I68cdaf661e701d2336fc953dcb9978d10a70f7c1 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-04-03Adjacency layout change and move to vnet/adjNeale Ranns1-1/+0
Change-Id: I03195a86c69f84a301051c6b3ab64456bbf28645 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-31ARP/API:protect against identical registrationsEyal Bari1-55/+38
Change-Id: Ia3acf87d3e07a7d41c047869de504e1972334b55 Signed-off-by: Eyal Bari <ebari@cisco.com>
2017-03-30BRIDGE-DOMAIN:enable arp term,mac/ip learning on local intsEyal Bari1-8/+7
we should not suppress arps on remote interface instead we should flood them to the local one used shg != 0 to identify packets from remote interfaces and disable arp term l2 input feature for them Change-Id: I701537c05df7451a25ccb5bfc9e2b03ea70cff20 Signed-off-by: Eyal Bari <ebari@cisco.com>
2017-03-27Mcast rewrite no memcpyNeale Ranns1-21/+23
use a 32bit mask in the adjacency to AND with the IP address and OR into the rewrite. Change-Id: I80b0f246c18fd74f3e43c5d49e25833412f34665 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-17Attached hostsNeale Ranns1-18/+54
allow this config to function: set int ip address loop0 169.254.1.1/32 (the default GW address for attached hosts) set int unnumbered af_packet0 use loop0 ('enable' IP on the host interface) ip route add 192.168.1.1/32 via af_packet0 (where to find the host) repeat for each host and host interface. Inter-host communication is throught the /32 routes. To allow this: 1 - attached host routes have the ATTACHED flag set, so the ARP code accepts then as legitimate sources 2 - unnumbered interfaces inherit the source address from the IP interface Change-Id: Ib66c5f0e848c528f79372813adc3a0c11b50717f Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-13Add MAC address check in ethernet-input node if interface in L3 modeJohn Lo1-6/+17
Interface can be in promiscuous mode if more than one of its sub- interface is in L2 mode. In promiscuous mode, L3 interface need to verify DMAC of packet to match that of the interface and drop if not. This check was done on sub-interface only and now also added to main interface path. Fix incorrect MAC addresses in the flow-per-pkt plugin test, which caused it to fail. Fix MAC address usage in BFD tests. Change-Id: I12a17ec05c7ab298ad10d400c90d082c97eca521 Signed-off-by: John Lo <loj@cisco.com> Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-03-10Retire vpp_liteDamjan Marion2-0/+234
vpp_lite platform is not needed anymore as same efect can be achieved with following startup.conf config: plugins { plugin dpdk_plugin.so { disable } } Change-Id: I690ea8ceb1c6e1fe32e01e7da54e9958019a93bf Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-03-09IMplementation for option to not create a FIB table entry when adding a ↵Neale Ranns3-29/+46
neighbor entry Change-Id: I952039e101031ee6a06e63f4c73d8eb359423e1a Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-08ARP resilience in the absence of IP config on input and output interfacesNeale Ranns1-0/+6
Change-Id: Ia9c6790436f8f6337b5351e3017ef5e441a8a4e9 Signed-off-by: Neale Ranns <nranns@cisco.com> (cherry picked from commit 5e323329ed6ded6f6944c56069329207ad9069c0)
2017-03-03Implement a loopback instance allocation scheme.Jon Loeliger2-12/+117
To support creating loopback interfaces with a specific instance number, a new CREATE_LOOPBACK_INSTANCE API call with flag is_specified and value user_instance is introduced. Presumably the existing CREATE_LOOPBACK API message will be obsoleted and revmoved. The VAT cli commands can now mention and format the new field as 'instance %d' data. If no instance number is named, the old call CREATE_LOOPBACK is used to maintain backward compatibility. However, if the instance is named, the new CREATE_LOOPBACK_INSTANCE message will be used. Both the dynamically allocated and user-requested instance number are tracked in a bitvector. If is_specified is 0, the next free instance will be used.. A request for a specific instance number will be granted if it is available. On error, the value ~0 is returned. Change-Id: I849815563a5da736dcd6bccd262ef49b963f6643 Signed-off-by: Jon Loeliger <jdl@netgate.com>
2017-02-21VPP-540 : pbb tag rewrite detailsPavel Kotucek1-28/+10
Extended sw_interface_dump to provide 802.1ah (pbb) tag rewrite info if present. Extended log "l2-output" to provide raw data to display result of prospetive pbb tag rewrite. Tracing is moved after l2output_vtr to show these changes. Change-Id: I8b7cb865dc67ce21afab402cc086dac35f7c0f07 Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
2017-02-02SNAT: changed source for outbound address FIB entry (VPP-613)Matus Fabian1-5/+2
Use FIB_SOURCE_PLUGIN_HI and modify ARP input to use non-source variants for flags and resolving interface get. Change-Id: I3bab76f36e0b1ee86e430a416099f1654e02740a Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-01-27IP Multicast FIB (mfib)Neale Ranns3-21/+85
- IPv[46] mfib tables with support for (*,G/m), (*,G) and (S,G) exact and longest prefix match - Replication represented via a new replicate DPO. - RPF configuration and data-plane checking - data-plane signals sent to listening control planes. The functions of multicast forwarding entries differ from their unicast conterparts, so we introduce a new mfib_table_t and mfib_entry_t objects. However, we re-use the fib_path_list to resolve and build the entry's output list. the fib_path_list provides the service to construct a replicate DPO for multicast. 'make tests' is added to with two new suites; TEST=mfib, this is invocation of the CLI command 'test mfib' which deals with many path add/remove, flag set/unset scenarios, TEST=ip-mcast, data-plane forwarding tests. Updated applications to use the new MIFB functions; - IPv6 NS/RA. - DHCPv6 unit tests for these are undated accordingly. Change-Id: I49ec37b01f1b170335a5697541c8fd30e6d3a961 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-01-12Fix ARP on unnumbered interfaces (VPP-583)Neale Ranns1-2/+15
Change-Id: Iea1e2c31c016c3bb6344f73173d082a2c548ffee Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2016-12-28Reorganize source tree to use single autotools instanceDamjan Marion13-0/+6596
Change-Id: I7b51f88292e057c6443b12224486f2d0c9f8ae23 Signed-off-by: Damjan Marion <damarion@cisco.com>