aboutsummaryrefslogtreecommitdiffstats
path: root/src/vnet/gre/interface.c
AgeCommit message (Collapse)AuthorFilesLines
2021-05-20gre: Walk IPv6 adjacencies during restackMatthew Smith1-2/+4
Type: fix If a GRE tunnel is created and the peer is not resolved yet and an IPv6 route is added which points to the tunnel, packets matching the route will be dropped. When the tunnel peer is resolved, adjacencies on the tunnel interface should be restacked and packets matching the route can be encapsulated and sent.. There is a loop that is intended to do this for both IPv4 and IPv6. The call to walk adjacencies is invoked in a "return" statement though. So the loop is exited and the function returns before IPv6 adjacencies are walked. Remove the return so the loop finishes. Change-Id: Ia4f695681713020209ea490ae4142857cea49c41 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2021-03-21gre: Multipoint GRE fixesNeale Ranns1-1/+53
Type: fix - the CLI was broken when a nh-table-id was present, since it overwrote the next-hop address - bouncing interface state stacked the adjacencies on the tunnel's destination (which is all zeros) - don't crash in the switch path if the interface has no hw-address Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I1ba9fdc9b2185899b753a2d40f23afa847a3ef4f
2020-12-14misc: move to new pool_foreach macrosDamjan Marion1-3/+3
Type: refactor Change-Id: Ie67dc579e88132ddb1ee4a34cb69f96920101772 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-12-08tunnel: add cli support for encap_decap flagsMohammed Hawari1-0/+7
Change-Id: I2bf6ba325975309183dba1e14e9519c944710752 Signed-off-by: Mohammed Hawari <mohammed@hawari.fr> Type: improvement
2020-10-21ipsec: support for multipoint on ipsec interfacesNeale Ranns1-1/+1
Type: feature Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: Iae9fe35cfbce4c675fa25e0800c0f4629a83e012
2020-10-19ip: Move the IP6 fib into ip6_[m]fib.cNeale Ranns1-6/+4
Type: improvement reduce the compile time by moving the bihash includes out of ip[46].h Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I6b9216e10aff1013071f9238b3e1ebbdd205bd80
2020-10-07misc: Purge unused pg includesNeale Ranns1-1/+0
Type: style Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I26a19e42076e031ec5399d5ca05cb49fd6fbe1cd
2020-09-22ipip: Add option to tunnel create help stringNeale Ranns1-1/+2
Type: style Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I3703b9a882b7577025f495d500daf08a916891b9
2020-09-17teib: Use ip_address_t not ip46_address_tNeale Ranns1-6/+8
Type: improvement Change-Id: Ica75c4e43d6198658a1954640c7ac56ea68bb39a Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-04-22gre: Optimise encap node for tunnel typesNeale Ranns1-1/+6
Type: improvement Change-Id: I6627e22110be94c8127486ae009761494e734c04 Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-02-04teib: Rename NHRP to TEIBNeale Ranns1-26/+26
Type: refactor The Tunnel Endpoint Informatiob Base (TEIB) is a better description of what it is (a mapping between tunnel endpoint address, in the overlay, and next-hop address, in the underlay) whereas NHRP is one instanc eof a control protocol that might add such endpoints. Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: Idcb2ad0b6543d3e5d9f6e96f9d14dafb5ce2aa85
2020-01-30gre: Tunnel encap/decap flagsNeale Ranns1-0/+1
Type: feature common funcitons across IP-in-IP and GRE tunnels for encap/decap functions Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I325b66824878d843af167adfe5a7a96b0ab90566
2020-01-27ipip: Multi-point interfaceNeale Ranns1-0/+32
Type: feature plus fixes for gre Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I0eca5f94b8b8ea0fcfb058162cafea4491708db6
2020-01-27tunnel: Common types for IP tunnelsNeale Ranns1-27/+10
Type: refactor Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I18dcdb7af3e327f6cacdbcb1e52b89f13d6ba6e2
2019-12-19gre: multipoint ingress lookup fixNeale Ranns1-14/+119
Type: fix Change-Id: I170edd62220a63cb19efea3032e173fb87730b1b Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-12-04gre: Multi-point interfacesNeale Ranns1-62/+78
Type: feature Change-Id: I0129ad6ace44a50a8a3b26db8e445cd06b2b49e8 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-05-28gre: don't register gre input nodes unless a gre tunnel is createdJakub Grajciar1-0/+4
Change-Id: Id5c0f420e32e0504cea660fed2013f3ad28088aa Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
2019-04-18GRE: API updateNeale Ranns1-11/+11
Change-Id: I5010cd34123c6498230dedac6ba8dd774a1085f9 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-03-26ADJ: midchain delegate to performing stackingNeale Ranns1-76/+7
this can be used by e.g. tunnels so it doesn't need to be implemented for each tunnel type. Change-Id: I0790f89aa49f83421612b35108cce67693285999 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-12-07FIB recusrion loop checks traverse midchain adjacenciesNeale Ranns1-35/+5
if a tunnel's destination address is reachable through the tunnel (see example config belwo) then search for and detect a recursion loop and don't stack the adjacency. Otherwise this results in a nasty surprise. DBGvpp# loop cre DBGvpp# set int state loop0 up DBGvpp# set int ip addr loop0 10.0.0.1/24 DBGvpp# create gre tunnel src 10.0.0.1 dst 1.1.1.1 DBGvpp# set int state gre0 up DBGvpp# set int unnum gre0 use loop0 DBGvpp# ip route 1.1.1.1/32 via gre0 DBGvpp# sh ip fib 1.1.1.1 ipv4-VRF:0, fib_index:0, flow hash:[src dst sport dport proto ] locks:[src:plugin-hi:2, src:default-route:1, ] 1.1.1.1/32 fib:0 index:11 locks:4 <<< this is entry #11 src:CLI refs:1 entry-flags:attached, src-flags:added,contributing,active, path-list:[14] locks:2 flags:shared,looped, uPRF-list:12 len:1 itfs:[2, ] path:[14] pl-index:14 ip4 weight=1 pref=0 attached-nexthop: oper-flags:recursive-loop,resolved, cfg-flags:attached, 1.1.1.1 gre0 (p2p) [@0]: ipv4 via 0.0.0.0 gre0: mtu:9000 4500000000000000fe2fb0cc0a0000010101010100000800 stacked-on entry:11: <<<< and the midchain forwards via entry #11 [@2]: dpo-drop ip4 src:recursive-resolution refs:1 src-flags:added, cover:-1 forwarding: unicast-ip4-chain [@0]: dpo-load-balance: [proto:ip4 index:13 buckets:1 uRPF:12 to:[0:0]] [0] [@6]: ipv4 via 0.0.0.0 gre0: mtu:9000 4500000000000000fe2fb0cc0a0000010101010100000800 stacked-on entry:11: [@2]: dpo-drop ip4 DBGvpp# sh adj 1 [@1] ipv4 via 0.0.0.0 gre0: mtu:9000 4500000000000000fe2fb0cc0a0000010101010100000800 stacked-on entry:11: [@2]: dpo-drop ip4 flags:midchain-ip-stack midchain-looped <<<<< this is a loop counts:[0:0] locks:4 delegates: children: {path:14} Change-Id: I39b82bd1ea439be4611c88b130d40289fa0c1b59 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-10-23c11 safe string handling supportDave Barach1-2/+2
Change-Id: Ied34720ca5a6e6e717eea4e86003e854031b6eab Signed-off-by: Dave Barach <dave@barachs.net>
2018-09-25L2 BD: introduce a BD interface on which to send UU packetsNeale Ranns1-1/+2
Change-Id: I21ad6b04c19c8735d057174b1f260a59f2812241 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-09-19GRE: fix 4o6 and 6o4 adj stackingNeale Ranns1-3/+3
Change-Id: I13dc5eab8835c4f3b95906816d42dccfeee8b092 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-09-08L2 BVI/FIB: Update L2 FIB table when BVI's MAC changesNeale Ranns1-0/+1
also some moving of l2 headers to reduce dependencies Change-Id: I7a700a411a91451ef13fd65f9c90de2432b793bb Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-07-23fix vector index range checksEyal Bari1-1/+1
Change-Id: I63c36644c9d93f2c3ec6606ca0205b407499de4e Signed-off-by: Eyal Bari <ebari@cisco.com>
2018-06-11MTU: Software interface / Per-protocol MTU supportOle Troan1-4/+1
This patch separates setting of hardware interfaec and software interface MTU. Software MTU is L2 payload MTU (i.e. not including L2 header). Per-protocol MTU for IPv4, IPv6 and MPLS can also be set. Currently only IP4, IP6 are enabled in adjacency / rewrite code. Documentation in src/vnet/MTU.md Change-Id: Iee2fd6f0bbc8210748dd8e073ab9fab87d323690 Signed-off-by: Ole Troan <ot@cisco.com>
2018-04-13Revert "MTU: Setting of MTU on software interface (instead of hardware ↵Damjan Marion1-1/+5
interface)" This reverts commit 70083ee74c3141bbefb185525315f1b34497dcaa. Reverting as this patch is causing following crash: 0: /home/damarion/cisco/vpp3/build-data/../src/vnet/devices/devices.h:131 (vnet_get_device_input_thread_index) assertion `queue_id < vec_len (hw->input_node_thread_index_by_queue)' fails Aborted Change-Id: Ie2a365032110b1f67be7a9d832885b9899813d39 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-04-13MTU: Setting of MTU on software interface (instead of hardware interface)Ole Troan1-5/+1
Change-Id: I98bd454a761a1032738a21edeb0fe847e801f901 Signed-off-by: Ole Troan <ot@cisco.com>
2018-02-16Minor VXLAN/GRE Tunnel Encap Optimization and CleanupJohn Lo1-3/+5
Change-Id: I62a2a6524b72115a4239fbd7dc9ac8fdc35e20ed Signed-off-by: John Lo <loj@cisco.com>
2018-02-15Optimize GRE Tunnel and add support for ERSPAN encapJohn Lo1-148/+182
Change GRE tunnel to use the interface type where the same encap node is used as output node for all GRE tunnels, instead of having dedicated output and tx node for each tunnel. This allows for more efficient tunnel creation and deletion at scale tested at 1000's of GRE tunnels. Add support for ERSPAN encap as another tunnel type, in addition to the existing L3 and TEB types. The GRE ERSPAN encap supported is type 2 thus GRE encap need to include sequence number and GRE- ERSPAN tunnel can be created with user secified ERSPAN session ID. The GRE tunnel lookup hash key is updated to inclue tunnel type and session ID, in addition to SIP/DIP and FIB index. Thus, GRE-ERSPAN tunnel can be created, with the appropriate session ID, to be used as output interface for SPAN config to send mirrored packets. Change interface naming so that all GRE tunnels, irrespective of tunnel type, uses "greN" where N is the instance number. Removed interface reuse on tunnel creation and deletion to enable unfied tunnel interface name. Add support of user specified instance on GRE tunnel creation. Thus, N in the "greN" interface name can optionally be specified by user via CLI/API. Optimize GRE tunnel encap DPO stacking to bypass load-balance DPO node since packet output on GRE tunnel always belong to the same flow after 5-tupple hash. Change-Id: Ifa83915744a1a88045c998604777cc3583f4da52 Signed-off-by: John Lo <loj@cisco.com>
2018-01-13Improve "show xxx tunnel" and "show int addr" outputJohn Lo1-23/+7
Improve "show xxx tunnel" output functions format_xxx_tunnel() for GRE, VXLAN, VXLAN-GPE, GENEVE and GTPU tunnels to make their output more consistent and provide better information. Improved the output of "show int addr" to make its info more consistent with tunnels and provide fib-index info. Change-Id: Icd4b5b85a5bec417f8ee19afea336c770ad3b4c5 Signed-off-by: John Lo <loj@cisco.com>
2018-01-06GRE tunnel key should use fib_index instead of fib_id (VPP-1118)John Lo1-2/+11
The code path in src/vnet/gre/interface.c uses fib_id as a component to generate hash key for GRE tunnel. This should be fib_index as the GRE rx/decap data path will be using fib_index to generate the hash key to lookup the GRE tunnel. Change-Id: Ia7f0892d84f9dac79223a6e016775892b61eb5fb Signed-off-by: John Lo <loj@cisco.com> (cherry picked from commit 72247c803250894834d15952a6fddcd8f4a39a9c)
2017-12-16GRE tunnel key includes the FIB tableNeale Ranns1-46/+26
- GRE tunnels with the same src,dst addresses are not the same tunnel - Two data-plane improvements: - the cached key was never updated and so useless - no need to dereference the tunnel's HW interface to get the sw_if_index Change-Id: I2f2ea6e08c759a810b753cec22c497e921a2ca01 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-11-27VPP-253 Coding standards cleanup - vnet/vnet/greSwarup Nayak1-271/+295
Change-Id: I95f98b91faf74178c05f30da9eb3d6125193b7ef Signed-off-by: Swarup Nayak <swarupnpvt@gmail.com>
2017-11-26FIB: store the node type not the function pointer.Neale Ranns1-2/+0
Saves memory at no appreciable performance cost. before: DBGvpp# sh fib mem FIB memory Name Size in-use /allocated totals Entry 80 7 / 150 560/12000 after: DBGvpp# sh fib mem FIB memory Name Size in-use /allocated totals Entry 72 7 / 7 504/504 Change-Id: Ic5d3920ceb57b54260dc9af2078c26484335fef1 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-13Remove unsed parameter from fib_table_entry_special_add() (only used in FIB ↵Neale Ranns1-2/+1
tests). The DPO was incorrectly initialised with FIB_PROTO_MAX Change-Id: I962df9e162e4dfb6837a5ce79ea795d5ff2d7315 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-05GRE over IPv6Ciara Loftus1-54/+140
Refactors the GRE node to work with both IPv4 and IPv6 transports. Note that this changes the binary configuration API to support both address families; each address uses the same memory for either address type and a flag to indicate which is in use. The CLI and VAT syntax remains unchanged; the code detects whether an IPv4 or an IPv6 address was given. Configuration examples: IPv4 CLI: create gre tunnel src 192.168.1.1 dst 192.168.1.2 IPv6 CLI: create gre tunnel src 2620:124:9000::1 dst 2620:124:9000::2 IPv4 VAT: gre_add_del_tunnel src 192.168.1.1 dst 192.168.1.2 IPv6 VAT: gre_add_del_tunnel src 2620:124:9000::1 dst 2620:124:9000::2 Change-Id: Ica8ee775dc101047fb8cd41617ddc8fafc2741b0 Signed-off-by: Ciara Loftus <ciara.loftus@intel.com>
2017-02-22VPP-635: CLI Memory leak with invalid parameterBilly McFall1-10/+25
In the CLI parsing, below is a common pattern: /* Get a line of input. */ if (!unformat_user (input, unformat_line_input, line_input)) return 0; while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT) { if (unformat (line_input, "x")) x = 1; : else return clib_error_return (0, "unknown input `%U'", format_unformat_error, line_input); } unformat_free (line_input); The 'else' returns if an unknown string is encountered. There a memory leak because the 'unformat_free(line_input)' is not called. There is a large number of instances of this pattern. Replaced the previous pattern with: /* Get a line of input. */ if (!unformat_user (input, unformat_line_input, line_input)) return 0; while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT) { if (unformat (line_input, "x")) x = 1; : else { error = clib_error_return (0, "unknown input `%U'", format_unformat_error, line_input); goto done: } } /* ...Remaining code... */ done: unformat_free (line_input); return error; } In multiple files, 'unformat_free (line_input);' was never called, so there was a memory leak whether an invalid string was entered or not. Also, there were multiple instance where: error = clib_error_return (0, "unknown input `%U'", format_unformat_error, line_input); used 'input' as the last parameter instead of 'line_input'. The result is that output did not contain the substring in error, instead just an empty string. Fixed all of those as well. There are a lot of file, and very mind numbing work, so tried to keep it to a pattern to avoid mistakes. Change-Id: I8902f0c32a47dd7fb3bb3471a89818571702f1d2 Signed-off-by: Billy McFall <bmcfall@redhat.com> Signed-off-by: Dave Barach <dave@barachs.net>
2016-12-28Reorganize source tree to use single autotools instanceDamjan Marion1-0/+606
Change-Id: I7b51f88292e057c6443b12224486f2d0c9f8ae23 Signed-off-by: Damjan Marion <damarion@cisco.com>