summaryrefslogtreecommitdiffstats
path: root/src/vnet/fib
AgeCommit message (Collapse)AuthorFilesLines
2017-10-03Repair vlib API socket serverDave Barach1-1/+2
- Teach vpp_api_test to send/receive API messages over sockets - Add memfd-based shared memory - Add api messages to create memfd-based shared memory segments - vpp_api_test supports both socket and shared memory segment connections - vpp_api_test pivot from socket to shared memory API messaging - add socket client support to libvlibclient.so - dead client reaper sends ping messages, container-friendly - dead client reaper falls back to kill (<pid>, 0) live checking if e.g. a python app goes silent for tens of seconds - handle ping messages in python client support code - teach show api ring about pairwise shared-memory segments - fix ip probing of already resolved destinations (VPP-998) We'll need this work to implement proper host-stack client isolation Change-Id: Ic23b65f75c854d0393d9a2e9d6b122a9551be769 Signed-off-by: Dave Barach <dave@barachs.net> Signed-off-by: Dave Wallace <dwallacelf@gmail.com> Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-09-13Add a name to the creation of an IP and MPLS tableNeale Ranns6-14/+67
Change-Id: I4b4648831551519b2ffb6f93255d28a4b8726c22 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-09-11FIB table add/delete APINeale Ranns13-68/+171
part 2; - this adds the code to create an IP and MPLS table via the API. - but the enforcement that the table must be created before it is used is still missing, this is so that CSIT can pass. Change-Id: Id124d884ade6cb7da947225200e3bb193454c555 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-08-21PPPoE usses a midchain adjacency stack on an interface-tx DPONeale Ranns2-14/+14
1) introduce an interface-tx DPO. This is a simple wrapper around a sw_if_index. enhance DPO stacking functions to allow per-instance next-nodes and hence allow children to stack onto the interface per-instance tx node and not on 'interface-output'. 2) update PPPoE code to use ta midchain stack on a interface-tx DPO of the encap-interface. This remove the need for pppoe_encap node (which is replaced by the adj-midchain-tx) and interface-output node is no longer used (see above). Since PPPoE encap node is no longer needed, the PPPoE seesion does not need to be retrieved in the data-path, hence the cahce misses are removed. Change-Id: Id8b40f53daa14889a9c51d802e14fed7fba4399a Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-08-15coverity: remove dependency on uint32_t in fib_test.cMarek Gradzki1-1/+1
Fixes make build-coverity Change-Id: I5cf6992224f18b8e8770d365c42b3e759dc93f73 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-08-08L2 over MPLSNeale Ranns20-263/+263
[support for VPWS/VPLS] - switch to using dpo_proto_t rather than fib_protocol_t in fib_paths so that we can describe L2 paths - VLIB nodes to handle pop/push of MPLS labels to L2 Change-Id: Id050d06a11fd2c9c1c81ce5a0654e6c5ae6afa6e Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-08-03DHCP Client: receive unicast ACKsNeale Ranns1-7/+2
despite VPP DHCP client setting neither ciaddr nor giaddr and setting the broadcast bit (see RFC 2131 section 4.1) some DHCP servers will still send a unicast DCHPACK. So as not to drop this VPP must have both 1) a receive FIB entry for the OFFERED IP adress and 2) a 'don't drop me because of uRPF' FIB entry for the DHCP server's address. Change-Id: I167d858deb45629318cbdccf5bf67d971730a42f Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-08-01FIB path weight incorrect in dump (VPP-922)Neale Ranns3-5/+6
Change-Id: I655f41878ca3595681d0255782b0faba01c9824b Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-07-31Fix fib_path encoding (VPP-921)Florin Coras1-0/+2
Change-Id: I4c3b22c333b052d068f1a5977e9d4e38471693d6 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-07-19Add a bihash prefetchable bucket-level cacheDave Barach2-3/+3
According to Maciek, the easiest way to leverage the csit "performance trend" job is to actually merge the patch once verified. Manual testing indicates that the patch improves l2 path performance. Other use-cases are TBD. It's possible that we'll need to back out the patch depending on what happens. Change-Id: Ic0a0363de35ef9be953ad7709c57c3936b73fd5a Signed-off-by: Dave Barach <dave@barachs.net>
2017-07-18FIB path preferenceNeale Ranns8-40/+623
Paths are given a preference, lowest value is 'best'. Only paths that are up are up contribute to fprwarding - that's unchanged. What's new is that of the path's that re up only those that have the best preference contribute. A poor man's primary and backup. It's not true primary/backup function because the FIB must converge before the lower preference paths are used. Change-Id: Ie4453c4a7b1094c6c2b51fe1594b8302103bb68e Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-06-21ARP: ignore non-connected routes and non-interface sources when determing if ↵Neale Ranns1-3/+7
source is connected Change-Id: I39fb0ec44cc322eaa12c0ff0700fc405d3982bfc Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-06-13FIB walk process - wake-up rate unnecessarily highNeale Ranns1-1/+11
Change-Id: I7dedf283c83c7f0e0b7642f095b68bc0b40898cf Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-06-06Rework vxlan-gpe to support FIB 2.0 and bypass modeHongjun Ni1-1/+3
Change-Id: I0324f945bdb4dd3b19151be6f3ce24a47a000104 Signed-off-by: Hongjun Ni <hongjun.ni@intel.com>
2017-05-26ARP/ND use path_remove to complement path_addNeale Ranns2-8/+19
don't add duplicate extensions. Change-Id: Icf72d6e1b004d0dda532bec2b51f6b74544925bb Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-05-24IPv6 Performance bugsNeale Ranns3-44/+39
- inline the FIB lookup function; this requires access to the bihash, so for files that use more than one type this casues problems. those files that include ip6_fib.h unnecessarily have been updated - better use of the feature arcs. ip6-lookup and interface-output are now sentinels (end-node-index in the cm speak) rather than enabled features. Change-Id: I9d1375fee63f7dbb2d327da6124d8e60b63367ec Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-05-24Leak locks and tables in the ClassifierNeale Ranns2-4/+6
Change-Id: Iae04c57bba87ab3665388eadd0805f75171636a5 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-05-23Labelled attached paths via an MPLS tunnelNeale Ranns2-39/+62
Change-Id: Ic86617c9c3217122043656ce2ea70bb106df5b2d Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-05-23ARP/ND entries for the same address on different interfaces (VPP-848)Neale Ranns13-621/+1159
there are, intentionally, no validation checks in the ARP/ND code to prevent an ARP/ND entry from being installed for an address that is not local to the interface's sub-net. This is ok, since the adjacency/FIB code is designed to handle this case using the 'refinement' criteria - i.e. only installing a FIB entry for the address if the address 'refines' (i.e. is more specific than) the interface's sub-net. However, the refinement criteria currently operates on the FIB entry's prefix (which is a /32, so on the address) and not on the next-hop in the path. So, enter multiple ARP entries for the same address on different links, and this refinement criteria uses only the last added path, and so will remove the FIB entry should the ARP entries be added in the 'wrong' order. This fix updates the refinement criteria to work on each path of the FIB entry. The entry is installed if one of the paths refines the covers and only paths refining the cover contribute forwarding. Per-path refinement checks are stored in path-extensions. The patch is rather large as path-extension, which were previously used only for out-going MPLS labels, have been generalized. Change-Id: I00be359148cb948c32c52109e832a70537a7920a Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-05-15Fix FIB recursion loops via cover (VPP-842)Neale Ranns3-38/+81
Change-Id: Ia91c3e8cb27b9e4c1cccefc0a4857dd9995450ab Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-05-05First commit SR MPLSPablo Camarillo1-4/+4
Change-Id: I961685a2a0e4c314049444c64eb6ccf877c278dd Signed-off-by: Pablo Camarillo <pcamaril@cisco.com>
2017-05-02Use per-protocol default flow-hash config when the FIB table index is not knownNeale Ranns3-2/+44
Change-Id: If088e75801831befc6bddb77ea20abe9288b93c4 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-26IP Flow Hash Config fixesNeale Ranns11-56/+128
- the flow hash config is (and was) cached on the load-balance object so the fib_table_t struct is not used a switch time. Therefore changes to the table's flow hash config need to be propagated to all load-balances and hance all FIB entries in the table. - enable API for setting the IPv6 table flow hash config - use only the hash config in the fib_table_t object and not on the ipX_fib_t - add tests. Change-Id: Ib804c11162c6d4972c764957562c372f663e05d4 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-24Improve Load-Balance MAPsNeale Ranns10-68/+307
- only build them for popular path-lists (where popular means more than 64 children) the reason to have a map is to improve convergence speed for recursive prefixes - if there are only a few this technique is not needed - only build them when there is at least one path that has recursive constraints, i.e. a path that can 'fail' in a PIC scenario. - Use the MAPS in the switch path. - PIC test cases for functionality (not convergence performance) Change-Id: I70705444c8469d22b07ae34be82cfb6a01358e10 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-18Memory leak in load-balance mapsNeale Ranns1-2/+10
Change-Id: Iec67ae1232e346d5e0000e0b4c997fdc31865bc6 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-13Remove unsed parameter from fib_table_entry_special_add() (only used in FIB ↵Neale Ranns7-39/+21
tests). The DPO was incorrectly initialised with FIB_PROTO_MAX Change-Id: I962df9e162e4dfb6837a5ce79ea795d5ff2d7315 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-11MPLS Mcast coverity fixesNeale Ranns1-1/+1
Change-Id: Ic07ec5d4c2560a414d5f4f7eb37e10faf591664a Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-11Remove usued, redundant and deprecated code from lookup.hNeale Ranns1-19/+0
Change-Id: Ic16bc10d0b2877b2afdf052615f9334f31b9519f Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-07MPLS McastNeale Ranns17-311/+1039
1 - interface-DPO Used in the Data-plane to change a packet's input interface 2 - MPLS multicast FIB entry Same as a unicast entry but it links to a replicate not a load-balance DPO 3 - Multicast MPLS tunnel Update MPLS tunnels to use a FIB path-list to describe the endpoint[s]. Use the path-list to generate the forwarding chain (DPOs) to link to . 4 - Resolve a path via a local label (of an mLDP LSP) For IP multicast entries to use an LSP in the replication list, we need to decribe the 'resolve-via-label' where the label is that of a multicast LSP. 5 - MPLS disposition path sets RPF-ID For a interface-less LSP (i.e. mLDP not RSVP-TE) at the tail of the LSP we still need to perform an RPF check. An MPLS disposition DPO performs the MPLS pop validation checks and sets the RPF-ID in the packet. 6 - RPF check with per-entry RPF-ID An RPF-ID is used instead of a real interface SW if index in the case the IP traffic arrives from an LSP that does not have an associated interface. Change-Id: Ib92e177be919147bafeb599729abf3d1abc2f4b3 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-06BFD-FIB interactionsNeale Ranns13-138/+983
- single-hop BFD: attach a delegate to the appropriate adjacency - multi-hop BFD [not supported yet]: attach a delegate to the FIB entry. adjacency/fib_entry state tracks the BFD session state. when the state is down the object does not contribute forwarding hence and hence dependent objects will not use it. For example, if a route is ECMP via two adjacencies and one of them is BFD down, then only the other is used to forward (i.e. we don't drop half the traffic). Change-Id: I0ef53e20e73b067001a132cd0a3045408811a822 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-01MTRIE Optimisations 2Neale Ranns12-66/+147
1) 16-8-8 stride. Reduce trie depth walk traded with increased memory in the top PLY. 2) separate the vector of protocol-independent (PI) fib_table_t with the vector of protocol dependent (PD) FIBs. PD FIBs are large structures, we don't want to burn the memory for ech PD type 3) Go straight to the PD FIB in the data-path thus avoiding an indirection through, e.g., a PLY pool. Change-Id: I800d1ed0b2049040d5da95213f3ed6b12bdd78b7 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-30SR replicate mheap corruption fix VPP-672shwethab2-1/+1
Change-Id: If1c68fc63fa71fab198f2bf4f79bdd7a9841c2e8 Signed-off-by: shwethab <shwetha.bhandari@gmail.com> Signed-off-by: Pablo Camarillo <pcamaril@cisco.com>
2017-03-29Mtrie optimisationsNeale Ranns2-6/+3
1 - make the default route non-special, i.e. like any other less specific route. Consequently, all buckets have a valid valid index of either a leaf or a ply. Checks for special indeices in the data-path can thus be removed. 2 - since all leaves are now 'real' i.e. they represent a real load-balance object, to tell if a ply slot is 'empty' requeirs chekcing that the prefix length of the leaf occupying the slot is slot than the minium value for that ply. 3 - when removing a leaf find the cover first, then recurse down the ply and replace the old leaf with the cover. This saves us a ply walk. Change-Id: Idd523019e8bb1b6ef527b1f5279a5e24bcf18332 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-29Sub-net broadcast addresses for IPv4Neale Ranns1-0/+21
Change-Id: Ib2189d01e8bc61de57404159690fb70f89c47277 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-17Attached hostsNeale Ranns5-0/+22
allow this config to function: set int ip address loop0 169.254.1.1/32 (the default GW address for attached hosts) set int unnumbered af_packet0 use loop0 ('enable' IP on the host interface) ip route add 192.168.1.1/32 via af_packet0 (where to find the host) repeat for each host and host interface. Inter-host communication is throught the /32 routes. To allow this: 1 - attached host routes have the ATTACHED flag set, so the ARP code accepts then as legitimate sources 2 - unnumbered interfaces inherit the source address from the IP interface Change-Id: Ib66c5f0e848c528f79372813adc3a0c11b50717f Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-17Adjacency refinement; check the cover's interface against the adjacency'sNeale Ranns2-4/+97
Change-Id: I3fa2f35056b74e479288bb956f2713f727a81c72 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-15No vector allocation during buffer copyNeale Ranns1-3/+1
Change-Id: I7e8556af833ca0e00fadc96dcd2077ff1104541b Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-09MAP pre-resolve - use FIB to track pre-resolved next-hopNeale Ranns1-0/+2
Change-Id: I9ea16881caf7aee57f0daf4ac2e8b82c672f87e9 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-08Proxy ND (RFC4389 - or a sub-set thereof). This allows the 'emulation' of ↵Neale Ranns2-0/+6
bridging. That is hosts in one sub-net reachable via differenet interfaces. Introducate a new API command: ip6 nd proxy <host-address> <interface> this indicates 2 things; 1) that host <host-address> is reachable out of interface <interface>. VPP will thus install that route. 2) NS requests sent to <host-address> will be responeded to (i.e. proxied). Change-Id: I863f967fdb5097ab3b574769c70afdbfc8d5478a Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-06ioam: manycast using iOAM and SR (VPP-628)Shwetha Bhandari2-3/+11
Change-Id: I6d2afda991d771fb4a89fc3f6544f8e940a9b9f0 Signed-off-by: Shwetha Bhandari <shwethab@cisco.com>
2017-02-25MFIB: changes to improve route add/delete performanceNeale Ranns1-5/+3
Change-Id: I063d85200d12b09545ae1c373c7fc69112ae3b34 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-24FIB: 1) fix pool realloc during prefix export. 2) don't walk off the end of ↵Neale Ranns3-7/+31
the path-extension vector Change-Id: I8bd8f6917ace089edb1f65bd017b478ee198c03f Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-24MFIB memory leak. free the per-source interface hashNeale Ranns1-1/+1
Change-Id: I0ccb337eb0ed50ccc64193533cd816f6e36e6db5 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-20FIB reset leaves residual routes. Wrong API used to remove the routes meant ↵Neale Ranns2-2/+5
the lock count on the entry did not drop to zero Change-Id: I6e2dff8c3c7976fd1c2e4c5258f5dc73123aa9b7 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-20Python test IP and MPLS objects conform to infra.Neale Ranns1-1/+1
Add IP[46] MFIB dump. Change-Id: I4a2821f65e67a5416b291e4912c84f64989883b8 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-13Out-of-tree Build Error fixAkshayaNadahalli1-22/+0
File vnet/fib/fib_urpf_list.h was included in vnet/fib/ip6_fib.h but was exported to be installed in /usr/include/vnet. So out-of-tree builds relying on an installed package was failing. Fix is to inlcude fib_urpf_list.h in source file rather than including it in header file. Change-Id: Iae39c1d9417dbd31ee67fa1bd2d1915d5e813c73 Signed-off-by: AkshayaNadahalli <anadahal@cisco.com>
2017-02-13Basic support for LISP-GPE encapsulated NSH packetsFlorin Coras6-4/+25
Change-Id: I97fedb0f70dd18ed9bbe985407cc5fe714e8a2e2 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-02-08Fix source address reachability check for ip6 local packetsAkshayaNadahalli1-1/+23
Currently ip6 local check fails with error - source lookup miss if route to source of packet is over a dpo object such as load balance - recurssive route, tunnel adj - GRE, SR etc. So unless packet source is of a directly connected neibhor or has route with both interface and nexthop specified, it will be dropped. Fix is to check urpf list and if at least one link exists in the list, then allow packets to be processed, else drop. Change-Id: Id426311bb63bab506754a79409c602fdb6d0f190 Signed-off-by: AkshayaNadahalli <anadahal@cisco.com>
2017-01-27IP Multicast FIB (mfib)Neale Ranns20-224/+440
- IPv[46] mfib tables with support for (*,G/m), (*,G) and (S,G) exact and longest prefix match - Replication represented via a new replicate DPO. - RPF configuration and data-plane checking - data-plane signals sent to listening control planes. The functions of multicast forwarding entries differ from their unicast conterparts, so we introduce a new mfib_table_t and mfib_entry_t objects. However, we re-use the fib_path_list to resolve and build the entry's output list. the fib_path_list provides the service to construct a replicate DPO for multicast. 'make tests' is added to with two new suites; TEST=mfib, this is invocation of the CLI command 'test mfib' which deals with many path add/remove, flag set/unset scenarios, TEST=ip-mcast, data-plane forwarding tests. Updated applications to use the new MIFB functions; - IPv6 NS/RA. - DHCPv6 unit tests for these are undated accordingly. Change-Id: I49ec37b01f1b170335a5697541c8fd30e6d3a961 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-01-12Account for pool realloc when importing FIB entries during VRF exportNeale Ranns1-4/+12
Change-Id: I8ec6d53fa9c0790f85802663f70a6b3630239f8d Signed-off-by: Neale Ranns <neale.ranns@cisco.com>