Age | Commit message (Collapse) | Author | Files | Lines |
|
Not only is it wasteful to send all fragments back through ip4-lookup, but
it doesn't work with tunnel mechanisms that don't have IP enabled on their
payload side.
Change-Id: Ic92d95982dddaa70969a2a6ea2f98edec7614425
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
The dev build ('make build') was failing because
ip4_rewrite_bcast() and ip6_rewrite_bcast() are declared static
and were not referenced.
The node functions that were set for directed broadcast rewrite:
ip4_rewrite_bcast_node - ip4_rewrite()
ip6_rewrite_bcast_node - ip6_rewrite()
Changed to:
ip4_rewrite_bcast_node - ip4_rewrite_bcast()
ip6_rewrite_bcast_node - ip6_rewrite_bcast()
The release build ('make build-release') succeeds because there is
a VLIB_NODE_FUNCTION_MULTIARCH() call referencing the function. That
macro is empty for dev builds.
Change-Id: I2a05f00ca43d0eae8ff2e3026991e69917003fe1
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
|
|
with ip direct broadcast enable a packet to the interface's
subnet broadcast address with be sent L2 broadcast on the
interface. dissabled, it will be dropped. it is disabled by
default, which preserves current behaviour
Change-Id: If154cb92e64834e97a541b32624354348a0eafb3
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
It is cheaper to get thread index from vlib_main_t if available...
Change-Id: I4582e160d06d9d7fccdc54271912f0635da79b50
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Thanks to gcc-8 for highlighting this...
Change-Id: I53bfab631a40fd1b680c76a48b0307a33fa2b154
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
After calling vlib_packet_template_get_packet(), make sure
packet buffer is allocated before using it.
Change-Id: Idb5199f4e2c9596137b2101e502d611f474a6ffe
Signed-off-by: John Lo <loj@cisco.com>
|
|
Change-Id: I12fbebd1d24c37dc77c147773ea522c8a4b7b99d
Signed-off-by: John Lo <loj@cisco.com>
|
|
Change-Id: Ibae260273f25a319153be37470aed49ff73e957a
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
"sh run" says the number of clocks for my tcp based throughput test
dropped from ~43 to ~23
Change-Id: I719439ba7fc079ad36be1432c5d7cf74e3b70d73
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Avoids recomputing the fib index in ip local for locally delivered
packets and should incur no extra cost when forwarding packets.
Change-Id: Id826ffa8206392087327f154337eabc8a801b4d7
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Fix GRE/IPv6 setting of ip->payload_length (which has never worked).
Change-Id: Ie68f1cc7bbb70489d6ec97356132c783f2345e1e
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
DBGvpp# set int ip addr loop0 10.10.10.10/24
DBGvpp# set int ip addr loop0 10.10.10.11/24
set interface ip address: failed to add 10.10.10.11/24 which conflicts with 10.10.10.10/24 for interface loop0
Change-Id: Iba63ffafbd36b6146ce86adb78139da9d55b40ba
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
- move the IPv6 incomplete and glean node to ip6_neighbour.c (so it has access to ip6_neighbour_main_t)
- use the RA info config on the interface to find the multicast adj to use
Change-Id: I835e419072abe54fb09dafb0e7eb0a9e50eba1af
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
hard code the address mask offsets. This are protocol specific and only used on ethernet when used at all.
Change-Id: Ib1f6f33682f53254ffbb5a241a1583e65420e0c7
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
interface)"
This reverts commit 70083ee74c3141bbefb185525315f1b34497dcaa.
Reverting as this patch is causing following crash:
0: /home/damarion/cisco/vpp3/build-data/../src/vnet/devices/devices.h:131 (vnet_get_device_input_thread_index) assertion `queue_id < vec_len (hw->input_node_thread_index_by_queue)' fails
Aborted
Change-Id: Ie2a365032110b1f67be7a9d832885b9899813d39
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I98bd454a761a1032738a21edeb0fe847e801f901
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Change-Id: I994649761fe2e66e12ae0e49a84fb1d0a966ddfb
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Use sw_if_index[VLIB_TX] if set as fib index when doing the urpf check.
Change-Id: I5ec3e7f7a54c6782704d91e9a5614fd0f7f9e3de
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
This change makes ip reassembly an interface feature, while adding
concurrency support. Due to this, punt is no longer needed to test
reassembly.
Change-Id: I467669514ec33283ce935be0f1dd08f07684f0c7
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Change-Id: Iae5532c3d53e208831f3b2782242d9e59d367087
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
- IPv6 link local table is a per-SW interface array of IPv6 unicast FIBs
- the per-interface ocst is sizeof(fib_table_t) which is small,
w.r.t. the cost of an interface
- FE80::/10 in the 'global' table points to a DPO that performs a lookup in the
input interface's LL fib.
Change-Id: Ice834b25ebeeacb2e929d7c864d7ec8c09918cbe
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
|
|
Change-Id: Ic30fbcb2630f39e45345d7215babf5d7ed4b33a0
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Needed to allow other code paths to reuse them.
Change-Id: I9e469527c6b2e9a6fec7af5f17d8b400a2e85826
Signed-off-by: Vijayabhaskar Katamreddy <vkatamre@cisco.com>
|
|
For implementation of MACIP ACLs enhancement (VPP-1088), an outbound
classifier-based ACL would be needed. There was an existing incomplete
code for outbound ACLs, it looked almost exact copy of input ACLs, minus
the various enhancements, trying to sync that code seemed error-prone
and cumbersome to maintain in the longer run.
This change refactors the input+output ACLs processing into a unified
routine (thus any changes will have effect on both), and also adds
the API to set the output interface ACL, with the same format
and semantics as the existing input one (except working on output
ACL of course).
WARNING: IP outbound ACL in L3 mode clobbers the ip.* fields
in the vnet_buffer_opaque_t, since the code is using l2_classify.*
The net_buffer (p0)->ip.save_rewrite_length is rescued into
l2_classify.pad.l2_len, and used to rewind the header in case of
drop, so that ipX_drop prints something sensible.
Change-Id: I62f814f1e3650e504474a3a5359edb8a0a8836ed
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Change-Id: Ic5dcadd13c88b8a5e7896dab82404509c081614a
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
now we get
00:00:03:665501: pg-input
...
00:00:03:665681: ethernet-input
...
00:00:03:665691: ip6-input
UDP: 2001::1 -> ffef::1
tos 0x00, flow label 0x0, hop limit 64, payload length 108
UDP: 1234 -> 1234
length 108, checksum 0x7b25
00:00:03:665695: ip6-not-enabled
UDP: 2001::1 -> ffef::1
tos 0x00, flow label 0x0, hop limit 64, payload length 108
UDP: 1234 -> 1234
length 108, checksum 0x7b25
00:00:03:665706: error-drop
ethernet-input: no error
Same goes for IPv4
Change-Id: Ia360df39b43281d3a0aa1b686f04b73cfa37c546
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
returned in the fixup function
Change-Id: I458e6e03b03e27775df33a2fd302743126d6ac44
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
- rename l2_bridged to is_dvr. Including on the ip.api
this was new in the 18.01 release so no compatability issues.
- steal the free space in vnet_buffer_opaque_t for use with flags.
- run the ipX-output feature arc from the DVR DPO
Change-Id: I040e5976d1dbe076fcdda3a40a7804f56337ce3f
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Send packets to ip4/6_punt/drop nodes instead of error-drop/punt nodes
dbarach: clean up an annoying checkstyle issue: indent 2.2.10
(OpenSUSE version) and indent 2.2.11 (Ubuntu / CentOS versions) had an
artistic disagreement about ip_frag.c.
Change-Id: I660bee28a064af9c6c70371363081e941d1c3a94
Signed-off-by: Vijayabhaskar Katamreddy <vkatamre@cisco.com>
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: I497e9f6489dd35219bcf2b51ac992467aac4c8eb
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: Id14826eefe43168747c8ba69b3b600441a7d4047
Signed-off-by: Jakub Grajciar <Jakub.Grajciar@pantheon.tech>
|
|
calculation
Change-Id: I62f625a93e5d818caef382316035cd5447bd8fef
Signed-off-by: Jakub Grajciar <Jakub.Grajciar@pantheon.tech>
|
|
Applications are now provided the option to select the namespace they
are to be attached to and the scope of their attachement. Application
namespaces are meant to:
1) constrain the scope of communication through the network by
association with source interfaces and/or fib tables that provide the
source ips to be used and limit the scope of routing
2) provide a namespace local scope to session layer communication, as
opposed to the global scope provided by 1). That is, sessions can be
established without assistance from transport and network layers.
Albeit, zero/local-host ip addresses must still be provided in session
establishment messages due to existing application idiosyncrasies. This
mode of communication uses shared-memory fifos (cut-through sessions)
exclusively.
If applications request no namespace, they are assigned to the default
one, which at its turn uses the default fib. Applications can request
access to both local and global scopes for a namespace. If no scope is
specified, session layer defaults to the global one.
When a sw_if_index is provided for a namespace, zero-ip (INADDR_ANY)
binds are converted to binds to the requested interface.
Change-Id: Ia0f660bbf7eec7f89673f75b4821fc7c3d58e3d1
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
- new IPv4 and IPv6 feature arcs on the punt and drop nodes
- new features:
- redirect punted traffic to an interface and nexthop
- police punted traffic.
Change-Id: I53be8bf4e06545add8a3619e462de5ffedd0a95c
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
- always use 'va_args' as pointer in all format_* functions
- u32 for all 'indent' params as it's declaration was inconsistent
Change-Id: Ic5799309a6b104c9b50fec309cba789c8da99e79
Signed-off-by: Christophe Fontaine <christophe.fontaine@enea.com>
|
|
- Teach vpp_api_test to send/receive API messages over sockets
- Add memfd-based shared memory
- Add api messages to create memfd-based shared memory segments
- vpp_api_test supports both socket and shared memory segment connections
- vpp_api_test pivot from socket to shared memory API messaging
- add socket client support to libvlibclient.so
- dead client reaper sends ping messages, container-friendly
- dead client reaper falls back to kill (<pid>, 0) live checking
if e.g. a python app goes silent for tens of seconds
- handle ping messages in python client support code
- teach show api ring about pairwise shared-memory segments
- fix ip probing of already resolved destinations (VPP-998)
We'll need this work to implement proper host-stack client isolation
Change-Id: Ic23b65f75c854d0393d9a2e9d6b122a9551be769
Signed-off-by: Dave Barach <dave@barachs.net>
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
ip4-local feature arc existed but not ip6-local one.
This patch also adds node name to the 'show ip local' command and fixes
a minor include issue in vnet/ip/ip4.h file.
Change-Id: I9bb8a7159917d58f89afcce974680de20d946a70
Signed-off-by: Pierre Pfister <ppfister@cisco.com>
|
|
part 2;
- this adds the code to create an IP and MPLS table via the API.
- but the enforcement that the table must be created before it is used is still missing, this is so that CSIT can pass.
Change-Id: Id124d884ade6cb7da947225200e3bb193454c555
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: Ia6dd5e948b17b2f3866fe70838eabb09e35415e1
Signed-off-by: Dave Barach <dbarach@cisco.com>
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
[support for VPWS/VPLS]
- switch to using dpo_proto_t rather than fib_protocol_t in fib_paths so that we can describe L2 paths
- VLIB nodes to handle pop/push of MPLS labels to L2
Change-Id: Id050d06a11fd2c9c1c81ce5a0654e6c5ae6afa6e
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
VPP crash when trying to send arp message or to probe neighbor over
interface with IP address but without hw address (local0 and tunnels
- vxlan, gre, ...)
Change-Id: I08a1c97d3ea913fc11b2886cf73b2ccc31356664
Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
|
|
Change-Id: I123eccea98abafeb31f25d2a162501e2eded60d4
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
To save space in the first cacheline following is changed:
- total_length_not_including_first_buffer moved to the 2nd cacheline.
This field is used only when VLIB_BUFFER_TOTAL_LENGTH_VALID and
VLIB_BUFFER_NEXT_PRESENT are both set.
- free_list_index is now stored in 4bits inside flags, which
allows up to 16 free lists. In case we need more we can store index
in the 2nd cachelin
Change-Id: Ic8521350819391af470d31d3fa1013e67ecb7681
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
after deleting a sub interface with IP4/IP6 address vpp crash
Change-Id: Ie768ca845b9e2394f61e2a8e9722a80a788746e7
Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
|
|
Change-Id: Ib874ad93357500b2c425d75cf48834264b2183fc
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
- inline the FIB lookup function; this requires access to the bihash, so for files that use more than one type this casues problems. those files that include ip6_fib.h unnecessarily have been updated
- better use of the feature arcs. ip6-lookup and interface-output are now sentinels (end-node-index in the cm speak) rather than enabled features.
Change-Id: I9d1375fee63f7dbb2d327da6124d8e60b63367ec
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
This should avoid random crashes due to reception of packets (multicast
in particular) before ip6 addresses are configured on the interfaces.
Change-Id: Ibcf1a5a2ae2fa75f8b57da1b2f09f32c081210d7
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
- the flow hash config is (and was) cached on the load-balance object so the fib_table_t struct is not used a switch time. Therefore changes to the table's flow hash config need to be propagated to all load-balances and hance all FIB entries in the table.
- enable API for setting the IPv6 table flow hash config
- use only the hash config in the fib_table_t object and not on the ipX_fib_t
- add tests.
Change-Id: Ib804c11162c6d4972c764957562c372f663e05d4
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
- only build them for popular path-lists (where popular means more than 64 children)
the reason to have a map is to improve convergence speed for recursive prefixes - if there are only a few this technique is not needed
- only build them when there is at least one path that has recursive constraints, i.e. a path that can 'fail' in a PIC scenario.
- Use the MAPS in the switch path.
- PIC test cases for functionality (not convergence performance)
Change-Id: I70705444c8469d22b07ae34be82cfb6a01358e10
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: Ic07ec5d4c2560a414d5f4f7eb37e10faf591664a
Signed-off-by: Neale Ranns <nranns@cisco.com>
|