aboutsummaryrefslogtreecommitdiffstats
path: root/src/vnet/ip
AgeCommit message (Collapse)AuthorFilesLines
2021-02-08tunnel: support copying TTL and flow label from inner to outerNeale Ranns2-8/+43
Type: feature The added functionality is to support copying TTL and flow label from inner to outer. The .api was extened to support expressing this and also adding a common tunnel endpoint type. i find it best to make API changes in one patch so there are less versions of the API. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I755c1e3f4c475058792af39c1abeda92129efb76
2021-02-05ip: Remove unused include fileNeale Ranns1-1/+0
Type: refactor Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: Iae135cbca372def29b1dd5e9f29b7db546ef1a3e
2021-02-05nat: 1:1 policy NATOle Troan1-2/+2
A NAT sub-plugin doing statically configured match/rewrite on IP4 input or output. It's stateless (no connection tracking). Currently it supports rewriting of SA, DA and TCP/UDP ports. It should be simple to add new rewrites if required. API: pnat_binding_add, pnat_binding_del, pnat_bindings_get, pnat_interfaces_get CLI: set pnat translation interface <name> match <5-tuple> rewrite <5-tuple> {in|out} [del] show pnat translations show pnat interfaces Trying a new C based unit testing scheme. Where the graph node is tested in isolation. See pnat/pnat_test.c. Also added new cmake targets to generate coverage directly. E.g.: make test_pnat-ccov-report File '/vpp/sdnat/src/plugins/nat/pnat/pnat.c': Name Regions Miss Cover Lines Miss Cover ------------------------------------------------------------------------------------ pnat_interface_by_sw_if_index 39 8 79.49% 13 0 100.00% pnat_instructions_from_mask 9 0 100.00% 13 0 100.00% pnat_binding_add 64 8 87.50% 31 2 93.55% pnat_flow_lookup 4 4 0.00% 10 10 0.00% pnat_binding_attach 104 75 27.88% 33 6 81.82% pnat_binding_detach 30 5 83.33% 23 2 91.30% pnat_binding_del 97 33 65.98% 17 3 82.35% pnat.c:pnat_calc_key_from_5tuple 9 1 88.89% 14 1 92.86% pnat.c:pnat_interface_check_mask 10 2 80.00% 11 2 81.82% pnat.c:pnat_enable 5 0 100.00% 11 0 100.00% pnat.c:pnat_enable_interface 107 26 75.70% 60 15 75.00% pnat.c:pnat_disable_interface 91 30 67.03% 32 7 78.12% pnat.c:pnat_disable 7 2 71.43% 13 7 46.15% ------------------------------------------------------------------------------------ TOTAL 576 194 66.32% 281 55 80.43% File '/vpp/sdnat/src/plugins/nat/pnat/pnat_node.h': Name Regions Miss Cover Lines Miss Cover ------------------------------------------------------------------------------------ pnat_test.c:pnat_node_inline 67 11 83.58% 115 1 99.13% pnat_test.c:pnat_calc_key 9 2 77.78% 14 2 85.71% pnat_test.c:pnat_rewrite_ip4 55 11 80.00% 60 12 80.00% pnat_test.c:format_pnat_trace 1 1 0.00% 12 12 0.00% pnat_node.c:pnat_node_inline 63 63 0.00% 115 115 0.00% pnat_node.c:pnat_calc_key 9 9 0.00% 14 14 0.00% pnat_node.c:pnat_rewrite_ip4 55 55 0.00% 60 60 0.00% pnat_node.c:format_pnat_trace 5 5 0.00% 12 12 0.00% ------------------------------------------------------------------------------------ TOTAL 264 157 40.53% 402 228 43.28% Type: feature Change-Id: I9c897f833603054a8303e7369ebff6512517c9e0 Signed-off-by: Ole Troan <ot@cisco.com>
2021-01-28ip: do policer thread handoff from punt policersBrian Russell3-51/+130
Pass packets arriving at the ip[46] punt policer nodes to punt policer handoff nodes if the worker thread they arrive on is not the same one configured in the policer. Initially, the policer will be tied to the worker thread that it first received a packet on. This will be expanded in future to be a configuration API option. Type: improvement Signed-off-by: Brian Russell <brian@graphiant.com> Change-Id: Ic39d936084c354af1859ad3d946da6cd0f6e34d9
2021-01-28ip: add frame queues to punt policer nodesBrian Russell2-0/+10
The policer is not thread safe. In order that handoff could be performed, add a frame queue to each of the punt policer nodes. Type: improvement Signed-off-by: Brian Russell <brian@graphiant.com> Change-Id: Iee50267ee7e36f0e6c95b9b43bf651648198b834
2021-01-28ip: Router ID included in flow hashNeale Ranns8-7/+60
Type: feature A device/router needs to have a unique ID which is included in the flow has so that flows are not polarised through the network, i.e. each deice in the network chooses the same nth link for the same flow. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I963e03674adbb085902b4084fdc4886b88f5734c
2021-01-21ip: do not return uninitialized IPv6 ll attributesBenoît Ganne1-3/+7
Type: fix Change-Id: If35cf7da0c3d1b92532cc2e45c164d6b5a08592c Signed-off-by: Benoît Ganne <bganne@cisco.com>
2021-01-21ip: Use correct enum type in ip_address_setNeale Ranns2-5/+5
Type: refactor Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: Ice2bc42838e6d5ba579f449c3f8b0feffebeb719
2021-01-21ip: use IPv6 flowlabel in flow hash computationAhmed Abdelsalam12-96/+111
extends ip6_compute_flow_hash() to include IPv6 flowlabel in flowhash computation Type: improvement Signed-off-by: Ahmed Abdelsalam <ahabdels@cisco.com> Signed-off-by: Neale Ranns <neale.ranns@cisco.com> Change-Id: Id1aaa20c9dac729c22b714eea1cdd6e9e4d1f75e
2021-01-21ip: set correct error in ip6-localBenoît Ganne1-3/+3
Type: fix Change-Id: Ib23f823e46494f80d9d857ddde88f4939bf2b3d1 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2021-01-20ip: add API to retrieve IPv6 link-layer addressBenoît Ganne2-35/+84
Type: feature Change-Id: I5739869490155b0b9674b4faf61882d97e66a4ed Signed-off-by: Benoît Ganne <bganne@cisco.com>
2021-01-18ipsec: Support MPLS over IPSec[46] interfaceNeale Ranns1-2/+0
Type: feature Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I89dc3815eabfee135cd5b3c910dea5e2e2ef1333
2021-01-12ip: vtep fixes for alignment and cache update.Ray Kinsella1-2/+2
Minor fixes for Intel AVX-512 alignment, and cache update. Type: fix Signed-off-by: Ray Kinsella <mdr@ashroe.eu> Change-Id: I9f9bebb4ecb3265ffc765affd1ed94d0ba979066
2020-12-28vlib: add missing file template descriptionsPaul Vinciguerra1-1/+1
Add descriptions to clib_file_t template structures so that sockets can be identified via the 'show unix file' cli command. Type: fix Change-Id: Ibf82d55aa6c7b1126bd252b76d0dc8b7076f5046 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2020-12-27ip: Use full reassembly for fragments in ip6-localNeale Ranns2-3/+1
Type: fix shallow was the default, but probably by accident as it depended on module load order. full assembly is the v4 behaviour. using proper types allows gdb to print enum names. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: If157c5b83614c7adbd7a15a8227a68f8caf4e92c Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-12-16ip: fix possible missing trace indexesKlement Sekera4-0/+28
Add safeguards when tracing packets to avoid cases where clear trace was issue while buffers were held in reassembly. Type: fix Change-Id: I1bdd1e629e8bc08ce63913fd3c4b2327e47dec04 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2020-12-14misc: move to new pool_foreach macrosDamjan Marion8-49/+49
Type: refactor Change-Id: Ie67dc579e88132ddb1ee4a34cb69f96920101772 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-12-11ip: ip4 rewrite prefetch optimizationPiotrX Kleski1-2/+5
Type: improvement ip4_rewrite_inline_with_gso() did vlib_prefetch_buffer_header() for all nodes. However it is not necessary for ip-rewrite, it is only needed by ip-midchain. This patch makes ip4-rewrite prefetches less buffers to save cycles. Signed-off-by: PiotrX Kleski <piotrx.kleski@intel.com> Change-Id: Ib82dcb0eda4a2d1d7b8d664f2224d49b72aef50f
2020-12-08fib: Adjacency flag for midchain to perfom flow hash (on inner packet)Neale Ranns1-4/+4
Type: feature Signed-off-by: Neale Ranns <neale.ranns@cisco.com> Change-Id: I964afd9266645de5c87d49c58ce6b48c2c18f97f
2020-12-08fib: Source Address SelectionNeale Ranns4-148/+49
Type: feature Use the FIB to provide SAS (in so far as it is today) - Use the glean adjacency as the record of the connected prefixes = there's a glean per-{interface, protocol, connected-prefix} - Keep the glean up to date with whatever the recieve host prefix is (since it can change) Signed-off-by: Neale Ranns <neale.ranns@cisco.com> Change-Id: I0f3dd1edb1f3fc965af1c7c586709028eb9cdeac
2020-12-04ip: fixup memory leak in function ip4_full_reass_drop_allbarryxie1-0/+1
Type: fix The vector 'to_free' allocated on heap should be freed to avoid memory leak. Signed-off-by: barryxie <barryxie@tencent.com> Change-Id: I539498b50a7f3e346c83b869fb400868961c233f
2020-11-27ip: Sub Address Family types. Feature enable for each SAFINeale Ranns6-0/+203
Type: improvement Signed-off-by: Neale Ranns <neale.ranns@cisco.com> Change-Id: I318424ffa569d9a09187066d6ba15576757c1cf6
2020-11-26ip: reassembly - fix handoff for custom nodeKlement Sekera2-21/+111
Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: If484725d48190246e4da09ceaed48a68a8a253f2
2020-11-26ip: trace icmp echo request/reply idKlement Sekera1-0/+6
Type: improvement Change-Id: Ie3a5b182e446c407f258c043c22d1cf25eb7ee59 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2020-11-25api: vat2 and json autogeneration for api messagesOle Troan1-3/+3
VAT2: A completely auto-generated replacement of VAT. Reads input message in JSON from stdin and outputs received messages in JSON. A VAT2 plugin is automatically built for a .api file. There no longer a need for a separate _test.c. Example: vat2 show_version {} { "_msgname": "show_version_reply", "retval": 0, "program": "vpe", "version": "21.01-rc0~411-gf6eb348a6", "build_date": "2020-11-19T09:49:25", "build_directory": "/vpp/autogen3" } vat2 sw_interface_dump '{"sw_if_index": -1, "name_filter_valid": 0, "name_filter": ""}' [{ "_msgname": "sw_interface_details", "sw_if_index": 0, "sup_sw_if_index": 0, "l2_address": "00:00:00:00:00:00", "flags": "Invalid ENUM", "type": "IF_API_TYPE_HARDWARE", "link_duplex": "LINK_DUPLEX_API_UNKNOWN", "link_speed": 0, "link_mtu": 0, "mtu": [0, 0, 0, 0], "sub_id": 0, "sub_number_of_tags": 0, "sub_outer_vlan_id": 0, "sub_inner_vlan_id": 0, "sub_if_flags": "Invalid ENUM", "vtr_op": 0, "vtr_push_dot1q": 0, "vtr_tag1": 0, "vtr_tag2": 0, "outer_tag": 0, "b_dmac": "00:00:00:00:00:00", "b_smac": "00:00:00:00:00:00", "b_vlanid": 0, "i_sid": 0, "interface_name": "local0", "interface_dev_type": "local", "tag": "" }] This is the first phase and vat2 is not integrated in packaging yet. Type: feature Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: Ib45ddeafb180ea7da8c5dc274a9274d7a4edc876 Signed-off-by: Ole Troan <ot@cisco.com>
2020-11-20ip-neighbor: Use ip_address_t rather than ip46_address_tNeale Ranns3-3/+19
Type: improvement Change-Id: Ica5f395075677bda5f38d28e704f65350af88610 Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-11-13ethernet: mac must support 64-bits loadsBenoît Ganne1-1/+2
ethernet dataplane loads MAC addresses as 64-bits loads for efficiency. We must make sure it is valid, especially for the vector of secondary MACs. Type: fix Change-Id: I851e319b8a973c154e85ff9f05f3b8e385939788 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-11-09vlib: fix trace number accountingBenoît Ganne1-2/+4
When using classifier to filter traces, not all packets will be traced. In that case, we should only count traced packets. Type: fix Change-Id: I87d1e217b580ebff8c6ade7860eb43950420ae78 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-11-05ip: fix doxygen doc for address add/del commandBenoît Ganne1-2/+2
Type: docs Change-Id: I96d5cdb41bd938f06d2d72f2625bf1b3d2c5b1b4 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-11-02ipsec: Tunnel SA DSCP behaviourNeale Ranns3-4/+29
Type: feature - use tunnel_encap_decap_flags to control the copying of DSCP/ECN/etc during IPSEC tunnel mode encap. - use DSCP value to have fixed encap value. Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: If4f51fd4c1dcbb0422aac9bd078e5c14af5bf11f
2020-10-28misc: Break the big IP header files to improve compile timeNeale Ranns17-659/+842
Type: refactor Signed-off-by: Neale Ranns <neale.ranns@cisco.com> Change-Id: Id1801519638a9b97175847d7ed58824fb83433d6
2020-10-21ip: convert u32 entry_flags to vl_api_mfib_entry_flags_t on mroute APINeale Ranns2-2/+4
Type: fix This is not an API change, it's the same values, just a different named type. also use VppEnum values in tests Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I3a18b529514f3cc9467ae4e8ac3e88d067fc776b
2020-10-21misc: minimize dependencies on udp.hFlorin Coras1-2/+0
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Id13f33843b230a1d169560742c4f7b2dc17d8718
2020-10-19ip: Move the IP6 fib into ip6_[m]fib.cNeale Ranns4-122/+1
Type: improvement reduce the compile time by moving the bihash includes out of ip[46].h Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I6b9216e10aff1013071f9238b3e1ebbdd205bd80
2020-10-12ip: IP6 incorrectly disabled on removing first ip6 prefixNeale Ranns1-1/+3
Type: fix reference counting on the ip6 state was broken, meaning that disabling one of serveral ip6 configs on an interface, completely ip6 disabled the interface. Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: Ie3af51587310ffe871ad2a9cbd927e15a3ececa9
2020-10-07misc: Purge unused pg includesNeale Ranns2-2/+0
Type: style Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I26a19e42076e031ec5399d5ca05cb49fd6fbe1cd
2020-10-05ipsec: Use bihash for tunnel lookupNeale Ranns1-0/+1
Type: improvement Change-Id: I0c82722dfce990345fe6eeecdb335678543367e0 Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-10-02ip: Fix unformat_ip_prefixNathan Skrzypczak1-1/+4
Type: fix Change-Id: I73629ccf7d5a49da3858899dc727cc180fb53003 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2020-09-28classify: preformance improvements in classifiersRay Kinsella1-285/+649
Reworked the code to reduce line fill buffer pressure. Improved compiler loop unrolling, over the existing complex hand-unrolling. Updated the code to use vlib_get_buffers & vlib_buffer_enqueue_to_next. Type: improvement Signed-off-by: Ray Kinsella <mdr@ashroe.eu> Change-Id: I7dca7515ba91672eaf50a6eecd13811210cf0006
2020-09-23ip: use main heap for mtrie, part 2 (remove args)Damjan Marion2-32/+0
Type: improvement Change-Id: I8c28c845c75657852f1e513e2832771fad6b90b7 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-09-21ip: use main heap for mtrieDamjan Marion2-51/+0
Main heap can be hugepage backed so it is more efficient to use main heap instead of allocating special heap just for mtrie.... Type: improvement Change-Id: I210912ab8567c043205ddfc10fdcfde9a0fa7757 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-09-18fib: skip byte swap on n_paths in mroute detailsMatthew Smith1-2/+2
Type: fix While preparing to send a ip_mroute_details API message, the number of paths for a multicast route is stored in an int in send_ip_mroute_details(). Before the value in the int is copied into the field n_paths in the API message, the byte order is swapped. This results in n_paths getting set to 0. Change the int to a u8 and omit the byte swap so API clients can receive data on multicast route paths. Change-Id: Ie6dcb0f7b135c5b5deeeb2e44147560dbbb12507 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2020-09-17teib: Use ip_address_t not ip46_address_tNeale Ranns1-0/+1
Type: improvement Change-Id: Ica75c4e43d6198658a1954640c7ac56ea68bb39a Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-09-04ip: enhance vtep4_check of tunnel by vector wayZhiyong Yang1-0/+42
This patch aims to improve decap performance by reducing expensive hash_get callings as less as possible using AVX512 on XEON. e.g. vxlan, vxlan_gpe, geneve, gtpu. For the existing code, if vtep4 of the current packet match the last vtep4_key_t well, expensive hash computation can be avoided and the code returns directly. This patch improves tunnel decap multiple flows case greatly by leveraging 512bit vector register on XEON accommodating 8 vtep4_keys. It enhances the possiblity of avoiding unnecessary hash computing once hash key of the current packet hits any one of 8 in the 512bit cache. The oldest element in vtep4_cache_t is updated in round-robin order. vlib_get_buffers is also leveraged in the meanwhile. Type: improvement Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com> Signed-off-by: Ray Kinsella <mdr@ashroe.eu> Signed-off-by: Junfeng Wang <drenfong.wang@intel.com> Change-Id: I313103202bd76f2dd638cd942554721b37ddad60
2020-09-01ip: fix ip zero checksum verificationBenoît Ganne3-8/+9
In one's complement, there are two representations of zero: the all zero and the all one bit values, often referred to as +0 and -0. See RFC 1624 section 3 for more details. This used to be taken care of in ip4_header_checksum(), but it is no longer the case. The check ip->checksum == ip4_header_checksum (ip) is no longer correct in the -0 case. Always use ip4_header_checksum_is_valid() instead (which behaves correctly since 9a79a1ab931c3b5a7ae07d6f0fcfef7c4368a2c4). Type: fix Fixes: e5f0050c7a5d411f96af6401797529d58825e2af Change-Id: Iacc6b60645a834287b085aecb9e3fdb4554cf0cf Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-09-01ip: improve ip4_header_checksum_is_validDamjan Marion1-5/+12
It is cheaper to include checksum field in calculation and simply compare result with zero. Type: improvement Change-Id: I6f77632c0a4d2f2c632d044d3a5d2fcf2b5bac62 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-08-31vppinfra: convert A_extend_to_B to B_from_A format of vector inlinesDamjan Marion1-8/+8
Make it shorter and same format when converting to biggor or smaller types. Type: refactor Change-Id: I443d67e18ae65d779b4d9a0dce5406f7d9f0e4ac Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-08-31ip: fix compiling error with gcc-10Jieqiang Wang1-0/+12
Building VPP using gcc-10 fails because of the array bounds check error for function ip4_header_checksum(), with option field in IPv4 header exceeding the ip4_header_t bound. Fix this error by turning off the array bounds check option for function ip4_header_checksum(). Change-Id: I68cc241ae9e403d35ac2e320549506dc6565a0b6 Type: fix Signed-off-by: Jieqiang Wang <jieqiang.wang@arm.com>
2020-08-31cnat: Destination based NATNeale Ranns1-0/+35
Type: feature Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I64a99a4fbc674212944247793fd5c1fb701408cb
2020-08-25flow: add vnet/flow formal APIChenmin Sun1-0/+12
This patch adds the API for vnet/flow infra. Currently this API supports the below flow types: VNET_FLOW_TYPE_IP4_N_TUPLE VNET_FLOW_TYPE_IP6_N_TUPLE VNET_FLOW_TYPE_IP4_N_TUPLE_TAGGED VNET_FLOW_TYPE_IP6_N_TUPLE_TAGGED VNET_FLOW_TYPE_IP4_L2TPV3OIP VNET_FLOW_TYPE_IP4_IPSEC_ESP VNET_FLOW_TYPE_IP4_IPSEC_AH VNET_FLOW_TYPE_IP4_GTPU All the above flows are tested with Intel E810/X710 NIC Type: feature Signed-off-by: Chenmin Sun <chenmin.sun@intel.com> Change-Id: Icb8ae20cab9bdad6b120dddc3bd4fb1d85634f3f