summaryrefslogtreecommitdiffstats
path: root/src/vnet/ip/lookup.c
AgeCommit message (Collapse)AuthorFilesLines
2020-03-25ip: Adding IP tables is no MP safeNeale Ranns1-2/+0
Type: fix it was marked MP safe in the CLI (which it shouldn't be) but it it not marked MP safe on the API. Change-Id: I4bdea498a510a8b406d13d62a899b6d03656f7e8 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-12-17ip: Protocol Independent IP NeighborsNeale Ranns1-206/+0
Type: feature - ip-neighbour: generic neighbour handling; APIs, DBs, event handling, aging - arp: ARP protocol implementation - ip6-nd; IPv6 neighbor discovery implementation; separate ND, MLD, RA - ip6-link; manage link-local addresses - l2-arp-term; events separated from IP neighbours, since they are not the same. vnet retains just enough education to perform ND/ARP packet construction. arp and ip6-nd to be moved to plugins soon. Change-Id: I88dedd0006b299344f4c7024a0aa5baa6b9a8bbe Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-11-05ip: Fragmentation fixesNeale Ranns1-18/+1
Type: fix if the packet is about to be fragmented, then don't call any of the actions that expect the rewrite to have been written. 1) don't double count packets thru the adjacency (original & fragments) 2) don't double decrement the TTL for fragments 3) return to ip4-midchain post ip-frag if that's where we started. 4) only run midchain/mcast fixups if not fragmenting (if no errors) Change-Id: Ib2866787a42713ee5871b87b597d8f74b901044b Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-10-30ip: cleanup typos in documentationPaul Vinciguerra1-3/+3
Type: style Change-Id: I7d44b7fab1b8b196e4934cb4832ee51084c5bf98 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-10-07ip: MFIB CLI fix for parsing path flagsNeale Ranns1-3/+0
Type: fix Change-Id: I7ed9726d8c5ca26715a84b004a18fd7f93142486 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-10-02ip: mfib CLI 'via local' fixNeale Ranns1-0/+2
Type: fix Change-Id: I6fd7bb27b95a50d37424f65dc51e8b341f8b1b28 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-09-23fib: do not dump no-longer valid adjacenciesBenoît Ganne1-1/+6
In some cases, we can refer to no-longer adjacencies (eg. in traces). Do not dump them in this case as they are probably incorrect (memory can be reused). Type: fix Change-Id: Ib653ba066bb6595ec6ec37d313a3124bce0eeed3 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-08-12ip: allow addrs from the same prefix on intfMatthew Smith1-0/+2
Type: feature Adding a prefix to an interface was not permitted if it overlapped with another prefix on an interface which used the same FIB. Loosen the restriction. Allow 2 or more addresses from the same prefix on a single interface. Reference count the prefix to figure out when a glean/connected route for the prefix needs to be added or removed. Added unit tests to check that the route is only removed when all addresses in the prefix are removed from the interface. Change-Id: I1a962ecb5e1ee65fc6d41f98a4cc097a51a55321 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2019-06-18fib: fib api updatesNeale Ranns1-77/+31
Enhance the route add/del APIs to take a set of paths rather than just one. Most unicast routing protocols calcualte all the available paths in one run of the algorithm so updating all the paths at once is beneficial for the client. two knobs control the behaviour: is_multipath - if set the the set of paths passed will be added to those that already exist, otherwise the set will replace them. is_add - add or remove the set is_add=0, is_multipath=1 and an empty set, results in deleting the route. It is also considerably faster to add multiple paths at once, than one at a time: vat# ip_add_del_route 1.1.1.1/32 count 100000 multipath via 10.10.10.11 100000 routes in .572240 secs, 174751.80 routes/sec vat# ip_add_del_route 1.1.1.1/32 count 100000 multipath via 10.10.10.12 100000 routes in .528383 secs, 189256.54 routes/sec vat# ip_add_del_route 1.1.1.1/32 count 100000 multipath via 10.10.10.13 100000 routes in .757131 secs, 132077.52 routes/sec vat# ip_add_del_route 1.1.1.1/32 count 100000 multipath via 10.10.10.14 100000 routes in .878317 secs, 113854.12 routes/sec vat# ip_route_add_del 1.1.1.1/32 count 100000 multipath via 10.10.10.11 via 10.10.10.12 via 10.10.10.13 via 10.10.10.14 100000 routes in .900212 secs, 111084.93 routes/sec Change-Id: I416b93f7684745099c1adb0b33edac58c9339c1a Signed-off-by: Neale Ranns <neale.ranns@cisco.com> Signed-off-by: Ole Troan <ot@cisco.com> Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-01-30Use IP and MAC API types for neighborsNeale Ranns1-0/+1
use address_t and mac_address_t for IPv6 and ARP entries and all other API calls in ip.api aprat from the route ones, that will follow in a separate commit Change-Id: I67161737c2184d3f8fc1e79ebd2b55121c5b0191 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-12-06MFIB; CLI improvementsNeale Ranns1-6/+32
Change-Id: I7cf3ae8c10dd584e8bc234a3253bea3c5a2d105a Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-10-23c11 safe string handling supportDave Barach1-12/+12
Change-Id: Ied34720ca5a6e6e717eea4e86003e854031b6eab Signed-off-by: Dave Barach <dave@barachs.net>
2018-10-12ip: add container proxy dump API (VPP-1364)Matus Fabian1-0/+55
Change-Id: I3cb89dbfb7174b9913a8c4ad9b3b1dc9f6ed6326 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-08-29Consolidate table->index conversion in fib-path CLI processingNeale Ranns1-16/+0
Change-Id: I221cebddc45efbfdec428b7df2af96e2aedff2dd Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-08-03Documentation fix on "set interface ip[6] table"Yichen Wang1-2/+2
Change-Id: I8dc6230b65e57ddc07f974bf6726393d8dbfd4a2 Signed-off-by: Yichen Wang <yicwang@cisco.com>
2018-06-14Use unicast DMAC for IP neighbor pool refresh probesJohn Lo1-2/+2
Change-Id: I12fbebd1d24c37dc77c147773ea522c8a4b7b99d Signed-off-by: John Lo <loj@cisco.com>
2018-05-30IPv6 for-us/receive multicast routes fixNeale Ranns1-0/+4
Change-Id: I5e29e16b4d45411b1a7c177b8d7156c5baefe6a1 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-04-17IP mcast: allow unicast address as a next-hopNeale Ranns1-0/+16
Change-Id: I5e679f2601e37688f2768620479dc2efb7d19ca3 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-03-21reassembly: feature/concurrencyKlement Sekera1-2/+0
This change makes ip reassembly an interface feature, while adding concurrency support. Due to this, punt is no longer needed to test reassembly. Change-Id: I467669514ec33283ce935be0f1dd08f07684f0c7 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2018-03-16QoS recording and markingNeale Ranns1-1/+1
Change-Id: Ie5a50def4ec1e4a3b3404a8b6ab9ec248bc16744 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-02-16Allow providers to override glean behaviourNeale Ranns1-41/+0
and update glean address on local interface MAC change Change-Id: I530826d60c7e9db2b0fa2d45754139d82c5ea807 Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2018-02-15Revert "Allow interface types to override glean adjacency behaivour"Ole Trøan1-0/+41
This reverts commit 8b30e471df4d42214619e1d6c50cc8298426b45f. Change-Id: I99edb236eb0a7f8ba3fba333c3481a710ebcb59c Signed-off-by: Ole Troan <ot@cisco.com>
2018-02-15Allow interface types to override glean adjacency behaivourNeale Ranns1-41/+0
update the glean adj on a local interface MAC change Change-Id: Ia5c5cde424ed0fea3431532cc5abf22b364bbab5 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-02-01IPv4/6 reassemblyKlement Sekera1-0/+2
Change-Id: Ic5dcadd13c88b8a5e7896dab82404509c081614a Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-12-11call unformat_free in some flow, remove unnecessary callsSwarup Nayak1-4/+12
Change-Id: I565277eafbce3d4f59a7f0d497fca1c4fed3cfc8 Signed-off-by: Swarup Nayak <swarupnpvt@gmail.com>
2017-11-18unformat function for FIB pathsNeale Ranns1-147/+6
Change-Id: I32de25890ac0a643314f650591d2479879d9a2a6 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-11-08ip: fix container proxy coverity warningFlorin Coras1-4/+7
Change-Id: I5e35921acb65157a3de8ea0c53b3a6fa5cfca044 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-11-07UDP Encapsulation.Neale Ranns1-1/+8
A UDP-encap object that particiapates in the FIB graph and contributes DPO to teh output chain. It thereofre resembles a tunnel but without the interface. FIB paths (and henace routes) can then be created to egress through the UDP-encap. Said routes can have MPLS labels, hence this also allows MPLSoUPD. Encap is uni-directional. For decap, one still registers with the UDP port dispatcher. Change-Id: I23bd345523b20789a1de1b02022ea1148ca50797 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-11-07ip: add container proxy apiFlorin Coras1-19/+120
Change-Id: Id324a757517f85973097e20e2eb88d64ae0e931b Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-10-25L3 proxy FIB source for container networkingAndrew Yourtchenko1-0/+79
Change-Id: I4164c4c19c8dbfd73e6ddf94a12056325cc093b9 Signed-off-by: Neale Ranns <nranns@cisco.com> Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-10-03Propagate duplicate IF addr add/del error up to API.Jon Loeliger1-1/+11
Identify and complain when the same IP prefix is assigned to two different SW interfaces: vpp# set int ip address TenGigabitEthernet6/0/0 1.2.3.4/32 vpp# set int ip address TenGigabitEthernet6/0/1 1.2.3.4/32 set interface ip address: Prefix 1.2.3.4/32 already found on interface TenGigabitEthernet6/0/0 Change-Id: I1aee1b6a7ddd00d3109a53d8e1b6ce97bf45e372 Signed-off-by: Jon Loeliger <jdl@netgate.com>
2017-09-13Add a name to the creation of an IP and MPLS tableNeale Ranns1-1/+4
Change-Id: I4b4648831551519b2ffb6f93255d28a4b8726c22 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-09-11FIB table add/delete APINeale Ranns1-0/+225
part 2; - this adds the code to create an IP and MPLS table via the API. - but the enforcement that the table must be created before it is used is still missing, this is so that CSIT can pass. Change-Id: Id124d884ade6cb7da947225200e3bb193454c555 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-08-19Fixed ip add bug for ip6 with review commentspragash1-4/+4
Change-Id: Ie1fba1a32020775444c7b1ed800e8559b54691ff Signed-off-by: pragash <pxv3620@rit.edu>
2017-08-09Allow multiple MPLS output labels to be passed on the CLINeale Ranns1-3/+10
Change-Id: Ib5af105e32b6b0df86923e189ab6bf6ee59de5b9 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-08-08L2 over MPLSNeale Ranns1-9/+9
[support for VPWS/VPLS] - switch to using dpo_proto_t rather than fib_protocol_t in fib_paths so that we can describe L2 paths - VLIB nodes to handle pop/push of MPLS labels to L2 Change-Id: Id050d06a11fd2c9c1c81ce5a0654e6c5ae6afa6e Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-07-18FIB path preferenceNeale Ranns1-20/+11
Paths are given a preference, lowest value is 'best'. Only paths that are up are up contribute to fprwarding - that's unchanged. What's new is that of the path's that re up only those that have the best preference contribute. A poor man's primary and backup. It's not true primary/backup function because the FIB must converge before the lower preference paths are used. Change-Id: Ie4453c4a7b1094c6c2b51fe1594b8302103bb68e Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-05-19mfib CLI bugs (VPP-852)Neale Ranns1-0/+2
Change-Id: I1b71010e20742eee02693d672e24c85897e37759 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-05-02Allow local/for-us replications for IP multicast routes on the CLINeale Ranns1-1/+6
Change-Id: I046d9402b79fdbc6a6663199ffff8e40a278fd51 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-11Remove usued, redundant and deprecated code from lookup.hNeale Ranns1-32/+3
Change-Id: Ic16bc10d0b2877b2afdf052615f9334f31b9519f Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-07MPLS McastNeale Ranns1-1/+2
1 - interface-DPO Used in the Data-plane to change a packet's input interface 2 - MPLS multicast FIB entry Same as a unicast entry but it links to a replicate not a load-balance DPO 3 - Multicast MPLS tunnel Update MPLS tunnels to use a FIB path-list to describe the endpoint[s]. Use the path-list to generate the forwarding chain (DPOs) to link to . 4 - Resolve a path via a local label (of an mLDP LSP) For IP multicast entries to use an LSP in the replication list, we need to decribe the 'resolve-via-label' where the label is that of a multicast LSP. 5 - MPLS disposition path sets RPF-ID For a interface-less LSP (i.e. mLDP not RSVP-TE) at the tail of the LSP we still need to perform an RPF check. An MPLS disposition DPO performs the MPLS pop validation checks and sets the RPF-ID in the packet. 6 - RPF check with per-entry RPF-ID An RPF-ID is used instead of a real interface SW if index in the case the IP traffic arrives from an LSP that does not have an associated interface. Change-Id: Ib92e177be919147bafeb599729abf3d1abc2f4b3 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-07VPP-684.Add ip which mask length exceeding upper limit,ping segmentfaultflyingeagle231-1/+4
Change-Id: I2d1c5e4dbdcab2a81d6c88801183ca0bbc83e1d9 Signed-off-by: flyingeagle23 <wang.hui56@zte.com.cn>
2017-04-03Adjacency layout change and move to vnet/adjNeale Ranns1-8/+2
Change-Id: I03195a86c69f84a301051c6b3ab64456bbf28645 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-17Cache a 'has-features' flag on the adjacency for faster access. Reclaim the ↵Neale Ranns1-5/+3
node_index memeber from the rewrite for space - this is only used for formtting before: ip4-rewrite * * * * 2.66e1 256.00 after: ip4-rewrite * * * * 2.40e1 256.00 Change-Id: Ic397150727cad38811564777419ad6bd26b8a3a6 Signed-off-by: Neale Ranns <nranns@wasa-ucs-11.cisco.com>
2017-03-08ARP resilience in the absence of IP config on input and output interfacesNeale Ranns1-0/+15
Change-Id: Ia9c6790436f8f6337b5351e3017ef5e441a8a4e9 Signed-off-by: Neale Ranns <nranns@cisco.com> (cherry picked from commit 5e323329ed6ded6f6944c56069329207ad9069c0)
2017-03-08Proxy ND (RFC4389 - or a sub-set thereof). This allows the 'emulation' of ↵Neale Ranns1-0/+1
bridging. That is hosts in one sub-net reachable via differenet interfaces. Introducate a new API command: ip6 nd proxy <host-address> <interface> this indicates 2 things; 1) that host <host-address> is reachable out of interface <interface>. VPP will thus install that route. 2) NS requests sent to <host-address> will be responeded to (i.e. proxied). Change-Id: I863f967fdb5097ab3b574769c70afdbfc8d5478a Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-22VPP-635: CLI Memory leak with invalid parameterBilly McFall1-11/+23
In the CLI parsing, below is a common pattern: /* Get a line of input. */ if (!unformat_user (input, unformat_line_input, line_input)) return 0; while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT) { if (unformat (line_input, "x")) x = 1; : else return clib_error_return (0, "unknown input `%U'", format_unformat_error, line_input); } unformat_free (line_input); The 'else' returns if an unknown string is encountered. There a memory leak because the 'unformat_free(line_input)' is not called. There is a large number of instances of this pattern. Replaced the previous pattern with: /* Get a line of input. */ if (!unformat_user (input, unformat_line_input, line_input)) return 0; while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT) { if (unformat (line_input, "x")) x = 1; : else { error = clib_error_return (0, "unknown input `%U'", format_unformat_error, line_input); goto done: } } /* ...Remaining code... */ done: unformat_free (line_input); return error; } In multiple files, 'unformat_free (line_input);' was never called, so there was a memory leak whether an invalid string was entered or not. Also, there were multiple instance where: error = clib_error_return (0, "unknown input `%U'", format_unformat_error, line_input); used 'input' as the last parameter instead of 'line_input'. The result is that output did not contain the substring in error, instead just an empty string. Fixed all of those as well. There are a lot of file, and very mind numbing work, so tried to keep it to a pattern to avoid mistakes. Change-Id: I8902f0c32a47dd7fb3bb3471a89818571702f1d2 Signed-off-by: Billy McFall <bmcfall@redhat.com> Signed-off-by: Dave Barach <dave@barachs.net>
2017-02-20CLI extension to add multiple (S,G)s at once and time itNeale Ranns1-10/+76
Change-Id: Id17060fd0e8ac80c8cf1999b0b82d0241b3b969a Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-01-27IP Multicast FIB (mfib)Neale Ranns1-0/+171
- IPv[46] mfib tables with support for (*,G/m), (*,G) and (S,G) exact and longest prefix match - Replication represented via a new replicate DPO. - RPF configuration and data-plane checking - data-plane signals sent to listening control planes. The functions of multicast forwarding entries differ from their unicast conterparts, so we introduce a new mfib_table_t and mfib_entry_t objects. However, we re-use the fib_path_list to resolve and build the entry's output list. the fib_path_list provides the service to construct a replicate DPO for multicast. 'make tests' is added to with two new suites; TEST=mfib, this is invocation of the CLI command 'test mfib' which deals with many path add/remove, flag set/unset scenarios, TEST=ip-mcast, data-plane forwarding tests. Updated applications to use the new MIFB functions; - IPv6 NS/RA. - DHCPv6 unit tests for these are undated accordingly. Change-Id: I49ec37b01f1b170335a5697541c8fd30e6d3a961 Signed-off-by: Neale Ranns <nranns@cisco.com>
2016-12-28Reorganize source tree to use single autotools instanceDamjan Marion1-0/+967
Change-Id: I7b51f88292e057c6443b12224486f2d0c9f8ae23 Signed-off-by: Damjan Marion <damarion@cisco.com>