aboutsummaryrefslogtreecommitdiffstats
path: root/src/vnet/ip/ip_api.c
AgeCommit message (Collapse)AuthorFilesLines
2021-12-14api: verify message size on receiptKlement Sekera1-1/+3
When a message is received, verify that it's sufficiently large to accomodate any VLAs within message. To do that, we need a way to calculate message size including any VLAs. This patch adds such funcionality to vppapigen and necessary C code to use those to validate message size on receipt. Drop messages which are malformed. Type: improvement Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I2903aa21dee84be6822b064795ba314de46c18f4
2021-10-21fib: respect mfib entry flags on create with pathsPaul Atkins1-3/+2
When an mfib entry was created with both paths and entry_flags then the entry flags were being ignored. If there are no paths then the flags were passed into mfib_table_entry_update, but in the case where the entry didn't exist and there were paths and flags, the entry was created within mfib_table_entry_paths_update() which used a default of MFIB_ENTRY_FLAG_NONE. Pass the flags through into the mfib_table_entry_paths_update fn. All existing callers other than the create case will now pass in MFIB_ENTRY_FLAG_NONE. Type: fix Signed-off-by: Paul Atkins <patkins@graphiant.com> Change-Id: I256375ba2fa863a62a88474ce1ea6bf2accdd456
2021-10-11ip: fix fib and mfib locksNathan Skrzypczak1-14/+8
This patches fixes an issue that could cause fib locks to underflow: if an API user deletes a fib and quickly recreates it, the fib may not have been actually deleted. As a result, the lock would not be incremented on the create call leading to the fib potentially disappearing afterwards - or to the lock to underflow when the fib is deleted again. In order to keep the existing API semantics, we use the locks with API and CLI source as flags. This means we need to use a different counter for the interface-related locks. This also prevents an issue where an interface being bound to a vrf via API and released via CLI could mess up the lock counter. Finally, this will help with cleaning up the interface-related locks on interface deletion in a later patch. Type: fix Change-Id: I93030a7660646d6dd179ddf27fe4e708aa11b90e Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com> Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
2021-09-27ip: fix ip table allocation randomnessAloys Augustin1-1/+1
This prevents going through the same sequence every time the api is called. Type: fix Change-Id: I3ca3587ab5d1c060e2913ca88501b8dbcdd9c196 Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
2021-09-22ip: add ip_table_allocate to apiAloys Augustin1-0/+49
Set tableID = ~0 for auto selection unused ID https://jira.fd.io/browse/VPP-1993 Type: improvement Change-Id: I4eec2cc1d18fc025196cb6ac4c9a4b374388eb56 Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
2021-08-13ip: punt redirect add nh in apiNathan Skrzypczak1-45/+169
Type: feature Change-Id: Ia970f444ba2f38b7a42ea94942c906f1b541511b Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2021-07-01ip: api cleanupFilip Tehlar1-97/+19
Use autogenerated code. Does not change API definitions. Type: improvement Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: I4b6d881571c158b7a69a78b9680732d090c4f8b5
2021-03-16fib: Allow the creation of new source on the APINeale Ranns1-3/+215
Type: feature an client can dump the existing sources, examine their priorities, then define thier own source. Usefull if a client wants to distingusih between say, static, ospf, bgp, etc routes it has added over the API. Signed-off-by: Neale Ranns <nranns@cisco.com> Signed-off-by: Alexander Chernavin <achernavin@netgate.com> Change-Id: I5158b4fa1ebe87381ff8707bb173217f56ea274a
2021-02-15ip: Path MTUNeale Ranns1-13/+79
Type: feature Support setting the MTU for a peer on an interface. The minimum value of the path and interface MTU is used at forwarding time. the path MTU is specified for a given peer, by address and table-ID. In the forwarding plane the MTU is enfored either: 1 - if the peer is attached, then the MTU is set on the peer's adjacency 2 - if the peer is not attached, it is remote, then a DPO is added to the peer's FIB entry to perform the necessary fragmentation. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I8b9ea6a07868b50e97e2561f18d9335407dea7ae
2021-01-28ip: Router ID included in flow hashNeale Ranns1-0/+13
Type: feature A device/router needs to have a unique ID which is included in the flow has so that flows are not polarised through the network, i.e. each deice in the network chooses the same nth link for the same flow. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I963e03674adbb085902b4084fdc4886b88f5734c
2021-01-21ip: use IPv6 flowlabel in flow hash computationAhmed Abdelsalam1-24/+13
extends ip6_compute_flow_hash() to include IPv6 flowlabel in flowhash computation Type: improvement Signed-off-by: Ahmed Abdelsalam <ahabdels@cisco.com> Signed-off-by: Neale Ranns <neale.ranns@cisco.com> Change-Id: Id1aaa20c9dac729c22b714eea1cdd6e9e4d1f75e
2021-01-20ip: add API to retrieve IPv6 link-layer addressBenoît Ganne1-34/+60
Type: feature Change-Id: I5739869490155b0b9674b4faf61882d97e66a4ed Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-12-14misc: move to new pool_foreach macrosDamjan Marion1-21/+21
Type: refactor Change-Id: Ie67dc579e88132ddb1ee4a34cb69f96920101772 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-10-28misc: Break the big IP header files to improve compile timeNeale Ranns1-0/+1
Type: refactor Signed-off-by: Neale Ranns <neale.ranns@cisco.com> Change-Id: Id1801519638a9b97175847d7ed58824fb83433d6
2020-10-21ip: convert u32 entry_flags to vl_api_mfib_entry_flags_t on mroute APINeale Ranns1-1/+3
Type: fix This is not an API change, it's the same values, just a different named type. also use VppEnum values in tests Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I3a18b529514f3cc9467ae4e8ac3e88d067fc776b
2020-10-19ip: Move the IP6 fib into ip6_[m]fib.cNeale Ranns1-2/+0
Type: improvement reduce the compile time by moving the bihash includes out of ip[46].h Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I6b9216e10aff1013071f9238b3e1ebbdd205bd80
2020-09-18fib: skip byte swap on n_paths in mroute detailsMatthew Smith1-2/+2
Type: fix While preparing to send a ip_mroute_details API message, the number of paths for a multicast route is stored in an int in send_ip_mroute_details(). Before the value in the int is copied into the field n_paths in the API message, the byte order is swapped. This results in n_paths getting set to 0. Change the int to a u8 and omit the byte swap so API clients can receive data on multicast route paths. Change-Id: Ie6dcb0f7b135c5b5deeeb2e44147560dbbb12507 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2020-08-14ip: add VNET_IP_TABLE_ADD_DEL_FUNCTIONSteven Luong1-0/+37
vrf table may be dynamically added or deleted. When the table is deleted, clients who use the corresponding vrf table may need a callback to do the clean up. The mechanism added here is cloned from VNET_SW_INTERFACE_ADD_DEL_FUNCTION. Type: improvement Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I08635c715cd7361a6c359b90890dd3545b0da94c
2020-05-05api: ip: add IP_ROUTE_LOOKUP APIChristian Hopps1-0/+57
Add an IP_ROUTE_LOOKUP function that does either an exact match or longest prefix match in a given fib table for a given prefix returning the match if present. Add API test. Type: improvement Signed-off-by: Christian Hopps <chopps@labn.net> Change-ID: I67ec5a61079f4acf1349a9c646185f91f5f11806
2020-05-04misc: binary api fuzz test fixesDave Barach1-2/+3
Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API messages, e.g. by xoring random data into them before processing. We specifically exempt client connection messages, and inband debug CLI messages. We step over msg_id, client index, client context, and sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn anything. The goal is to reduce the number of crashes caused to zero. We're fairly close with this patch. Add vl_msg_api_max_length(void *mp), which returns the maximum plausible length for a binary API message. Use it to hardern vl_api_from_api_to_new_vec(...) which takes an additional argument - message pointer - so it can verify that astr->length is sane. If it's not sane, return a u8 *vector of the form "insane astr->length nnnn\0". Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...) and vl_api_dhcp6_pd_send_client_message_t_handler(...). Add a fairly effective binary API fuzz hook to the unittest plugin, and modify the "make test" framework.py to pass "api-fuzz { on|off }" to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar Type: improvement Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
2020-04-24ip: Setting the Link-Local address from the API enables IPv6 on theNeale Ranns1-2/+2
interface Type: fix Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I0b7c189006e30a357cd6be4f3c9c61fded4157cb
2020-04-14urpf: Unicast reverse Path Forwarding (plugin)Neale Ranns1-33/+0
Type: feature - move the IP4 code to plugin - add ip6 support - add suport for uRPF on TX - add tests Change-Id: I074c2debc486d3e79c12fad4b8dbd72c41e841a0 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-12-17ip: Protocol Independent IP NeighborsNeale Ranns1-1341/+37
Type: feature - ip-neighbour: generic neighbour handling; APIs, DBs, event handling, aging - arp: ARP protocol implementation - ip6-nd; IPv6 neighbor discovery implementation; separate ND, MLD, RA - ip6-link; manage link-local addresses - l2-arp-term; events separated from IP neighbours, since they are not the same. vnet retains just enough education to perform ND/ARP packet construction. arp and ip6-nd to be moved to plugins soon. Change-Id: I88dedd0006b299344f4c7024a0aa5baa6b9a8bbe Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-12-10api: multiple connections per processDave Barach1-1/+1
Type: feature Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I2272521d6e69edcd385ef684af6dd4eea5eaa953
2019-12-04ip: populate ip_reassembly_get_reply correctlyMatthew Smith1-3/+4
Type: fix Fixes: de34c35fc The API handler for requests to retrieve IP reassembly settings was modified to support shallow virtual reassembly. It retrieves settings into local variables now instead of directly into the reply message. The fields in the reply message were not being populated using those variables. So the reply message was being sent with all 0's, except in the is_ip6 field. Also, the max_reassembly length field in the reply message was not being populated. Change-Id: I80b071340fdc190c3a0b1f7294a03f14b6e00ecc Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2019-11-26fib: Table ReplaceNeale Ranns1-117/+73
Type: feature from the API doc, a table replace is: " The use-case is that, for some unspecified reason, the control plane has a very different set of entries it wants in the table than VPP currently has. The CP would thus like to 'replace' VPP's current table only by specifying what the new set of entries shall be, i.e. it is not going to delete anything that already eixts. the CP delcartes the start of this procedure with this begin_replace API Call, and when it has populated all the entries it wants, it calls the below end_replace API. From this point on it is of coursce free to add and delete entries as usual. The underlying mechanism by which VPP implements this replace is purposefully left unspecified. " In the FIB, the algorithm is implemented using mark and sweep. Algorithm goes: 1) replace_begin: this marks all the entries in that table as 'stale' 2) download all the entries that should be in this table - this clears the stale flag on those entries 3) signal the table converged: ip_table_replace_end - this removes all entries that are still stale this procedure can be used when an agent first connects to VPP, as an alternative to dump and diff state reconciliation. Change-Id: I168edec10cf7670866076b129ebfe6149ea8222e Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-10-06ip: Fix IP unnumbered dump of one interfaceNeale Ranns1-1/+1
Type: fix Change-Id: I35fb6fdfba50c4a59cf1ffb94cb51487bcf5afc9 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-09-26ip: add shallow virtual reassembly functionalityKlement Sekera1-33/+101
Type: feature Change-Id: Ibc8334e26c7e6f6120696c3e313b6e11d73dab99 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-09-25ip: refactor reassemblyKlement Sekera1-19/+25
this is a preparation step for introducing other reassembly types Type: refactor Change-Id: I197e299dbd729b00eead31667913b8ceff915d63 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-09-23ip: fix memory leak in ip_dump handlerMatthew Smith1-0/+2
Type: fix A vector allocated by vl_api_ip_dump_t_handler() was not being freed. Change-Id: I13425b8087e60df60c6aaa1230aa7e6d60b101a8 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2019-09-16api: autogenerate api trace print/endianOle Troan1-0/+1
In addition to the external vppapitrace tool, VPP itself supports dumping of API trace files. In two formats, "custom-dump" and "dump". "dump" gives a human friendly list, and "custom-dump" is meant to give a list of commands that can be fed to VAT. This patch only deals with "dump". Prior to this fix, auto-generation was only done for the basic types. This fix adds support for any type, including lists, and supports pretty-printing of enums, strings, IP addresses, MAC addresses and so on. Usage: api trace dump <api-trace-file> For example Change-Id: I4e485680e6dcfce7489299ae6cf31d835071ac40 ---------- trace 48 ----------- vl_api_sw_interface_set_flags_t: _vl_msg_id: 75 client_index: 0 context: 10 sw_if_index: 1 flags: IF_STATUS_API_FLAG_ADMIN_UP ---------- trace 49 ----------- vl_api_sw_interface_add_del_address_t: _vl_msg_id: 88 client_index: 0 context: 11 sw_if_index: 1 is_add: 1 del_all: 0 prefix: 172.16.1.1/24 ---------- trace 51 ----------- vl_api_cli_inband_t: _vl_msg_id: 819 client_index: 0 context: 13 cmd: packet-generator capture pg0 pcap /tmp/vpp-unittest-TestMAP-YhcmDX/pg0_out.pcap disable ---------- trace 58 ----------- vl_api_ip_neighbor_add_del_t: _vl_msg_id: 199 client_index: 0 context: 20 is_add: 1 neighbor: sw_if_index: 2 flags: IP_API_NEIGHBOR_FLAG_NONE mac_address: 0202.0000.ff02 ip_address: fd01:2::2 Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: I5556d06008de2762e7c2d35a8b0963ae670b3db1 Type: fix Signed-off-by: Ole Troan <ot@cisco.com> Signed-off-by: Ole Troan <ot@cisco.com> Signed-off-by: Ole Troan <ot@cisco.com> Signed-off-by: Ole Troan <ot@cisco.com> Signed-off-by: Ole Troan <ot@cisco.com> Signed-off-by: Ole Troan <ot@cisco.com> Signed-off-by: Ole Troan <ot@cisco.com> Signed-off-by: Ole Troan <ot@cisco.com>
2019-08-08api: vppapitrace JSON/API trace converterOle Troan1-1/+1
usage: vppapitrace.py [-h] [--debug] [--apidir APIDIR] {convert,replay} ... optional arguments: -h, --help show this help message and exit --debug enable debug mode --apidir APIDIR Location of JSON API definitions subcommands: valid subcommands {convert,replay} additional help convert Convert API trace to JSON or Python and back replay Replay messages to running VPP instance To convert an API trace file to JSON: vppapitrace convert /tmp/api.trace trace.json To convert an (edited) JSON file back to API trace for replay: vppapitrace convert trace.json api-edited.trace To generate a Python file that can be replayed: vppapitrace convert /tmp/api.trace trace.py vppapitrace convert trace.json trace.py Replay it to a running VPP instance: vppapitrace replay --socket /tmp/api.trace In VPP that file can be replayed with: vpp# api trace replay api-edited.trace This patch also modifies the API binary trace format, to include the message id to message name table. Change-Id: Ie6441efb53c1c93c9f778f6ae9c1758bccc8dd87 Type: refactor Signed-off-by: Ole Troan <ot@cisco.com>
2019-07-03fib: allow route delete with no paths and multipath=0 to remove theNeale Ranns1-10/+5
whole route Type: fix Fixes: 097fa66b Change-Id: I017ab5797670eb278c27c6e306cd8cadaacddf9d Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-06-18fib: fib api updatesNeale Ranns1-803/+253
Enhance the route add/del APIs to take a set of paths rather than just one. Most unicast routing protocols calcualte all the available paths in one run of the algorithm so updating all the paths at once is beneficial for the client. two knobs control the behaviour: is_multipath - if set the the set of paths passed will be added to those that already exist, otherwise the set will replace them. is_add - add or remove the set is_add=0, is_multipath=1 and an empty set, results in deleting the route. It is also considerably faster to add multiple paths at once, than one at a time: vat# ip_add_del_route 1.1.1.1/32 count 100000 multipath via 10.10.10.11 100000 routes in .572240 secs, 174751.80 routes/sec vat# ip_add_del_route 1.1.1.1/32 count 100000 multipath via 10.10.10.12 100000 routes in .528383 secs, 189256.54 routes/sec vat# ip_add_del_route 1.1.1.1/32 count 100000 multipath via 10.10.10.13 100000 routes in .757131 secs, 132077.52 routes/sec vat# ip_add_del_route 1.1.1.1/32 count 100000 multipath via 10.10.10.14 100000 routes in .878317 secs, 113854.12 routes/sec vat# ip_route_add_del 1.1.1.1/32 count 100000 multipath via 10.10.10.11 via 10.10.10.12 via 10.10.10.13 via 10.10.10.14 100000 routes in .900212 secs, 111084.93 routes/sec Change-Id: I416b93f7684745099c1adb0b33edac58c9339c1a Signed-off-by: Neale Ranns <neale.ranns@cisco.com> Signed-off-by: Ole Troan <ot@cisco.com> Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-06-06IP-Punt-redirect: allow the use of a FIB path to describe how toNeale Ranns1-44/+47
redirect Change-Id: I2a3ba2a3d73ea8511e3a511855b041432328f0a8 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-06-03ARP: add feature arcNeale Ranns1-17/+6
- arp-input, registered with the ethernet protocol dispatcher, performs basic checks and starts the arc - arp-reply; first feature on the arc replies to requests and learns from responses (no functional change) - arp-proxy; checks against the proxy DB arp-reply and arp-proxy are enabled when the interface is appropriately configured. Change-Id: I7d1bbabdb8c8b8187cac75e663daa4a5a7ce382a Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-05-22stats: support multiple works for error countersOle Troan1-24/+0
The current code only allowed access to the main thread error counters. That is not so useful for a multi worker instance. No return a vector indexed by thread of counter_t values. Type: fix Change-Id: Ie322c8889c0c8175e1116e71de04a2cf453b9ed7 Signed-off-by: Ole Troan <ot@cisco.com>
2019-05-20reassembly: prevent long chain attackKlement Sekera1-0/+3
limit max # of fragments to 3 per packet by default add API option to configure the limit at runtime Change-Id: Ie4b9507bf5c6095b9a5925972b37fe0032f4f9e8 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-04-10API: Fix shared memory only action handlers.Ole Troan1-5/+4
Some API action handlers called vl_msg_ai_send_shmem() directly. That breaks Unix domain socket API transport. A couple (bond / vhost) also tried to send a sw_interface_event directly, but did not send the message to all that had registred interest. That scheme never worked correctly. Refactored and improved the interface event code. Change-Id: Idb90edfd8703c6ae593b36b4eeb4d3ed7da5c808 Signed-off-by: Ole Troan <ot@cisco.com>
2019-04-08fixing typosJim Thompson1-2/+2
Change-Id: I215e1e0208a073db80ec6f87695d734cf40fabe3 Signed-off-by: Jim Thompson <jim@netgate.com>
2019-01-30Use IP and MAC API types for neighborsNeale Ranns1-142/+183
use address_t and mac_address_t for IPv6 and ARP entries and all other API calls in ip.api aprat from the route ones, that will follow in a separate commit Change-Id: I67161737c2184d3f8fc1e79ebd2b55121c5b0191 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-01-25IP6 FIB: walk table for dump (VPP-1553)Neale Ranns1-12/+7
Change-Id: Iaa57ace6df96bfacd1235c80ec7bb08e5f335530 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-01-23IP route local and connectedNeale Ranns1-2/+9
allow routes that are local and connected to be added via the API. this emulates the addition of a second address in the same subnet added to an interface. Change-Id: Ib18a08c26956be9a07b3360664210c8cf6734c84 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-01-07VOM: mroutesNeale Ranns1-4/+6
- fixes in ip.api for dumping mroute path flags Change-Id: I13b0cfb15d374250ed71bd4e13dda9b798c18204 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-12-20FIB: encode the label stack in the FIB path during table dumpNeale Ranns1-0/+2
Change-Id: I28e8a99b980ad343a4209e673201791b91ceab4e Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-12-18MFIB: recurse resolution through an MFIB entryNeale Ranns1-20/+20
Change-Id: I8dc261e40b8398c5c8ab6bb69ecebbd0176055d9 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-12-01ip_reassembly_enable_disable reply handler name is changed.Chore1-1/+1
Change-Id: I89be597376690bb75c4347bcfc1c6c3d27c4034c Signed-off-by: Chore <s3m2e1.6star@gmail.com>
2018-11-29api: ip_source_check_interface_add_del api is added.Chore1-0/+32
Change-Id: I4799a9d469c797e54669ff4b50851a9acc849427 Signed-off-by: Chore <s3m2e1.6star@gmail.com>
2018-11-29VPP-1507: Added binary api to dump configured ip_punt_redirectPavel Kotucek1-19/+92
Change-Id: I790f7785e183cc9aaffd5b593617c4e12a32e20d Signed-off-by: Pavel Kotucek <pavel.kotucek@pantheon.tech>
2018-11-12IPv6: Make link-local configurable per-interface (VPP-1446)Juraj Sloboda1-34/+0
Remove old nonfunctional code for setting link-local addresses. Use common API for setting all IPv6 addresses. Change-Id: I562329df86341f81ef2441510a9eefbbf710f6e0 Signed-off-by: Juraj Sloboda <jsloboda@cisco.com> Signed-off-by: Matus Fabian <matfabia@cisco.com>