summaryrefslogtreecommitdiffstats
path: root/src/vnet/ip
AgeCommit message (Collapse)AuthorFilesLines
2017-05-11Validate ip6 interface fib tables early onFlorin Coras1-0/+5
This should avoid random crashes due to reception of packets (multicast in particular) before ip6 addresses are configured on the interfaces. Change-Id: Ibcf1a5a2ae2fa75f8b57da1b2f09f32c081210d7 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-05-05ip6_to_ip4.h coverity fixMatus Fabian1-1/+1
Change-Id: Ia11fa42d1f2b21a6195e7dc890f958830f83d3a7 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-05-05NAT64: Move IPv6-IPv4 virtual reassembly code from MAP-T to common library ↵Matus Fabian2-0/+1148
(VPP-708) Change-Id: I9ad636f80bf109ffac9ca1b6d80d5f2c31f2076a Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-05-03change ip4_drop_node node register coding formatflyingeagle231-2/+2
Change-Id: Id4fdf2abf3bae3b14cdc6489ca16d2007da78d07 Signed-off-by: flyingeagle23 <wang.hui56@zte.com.cn>
2017-05-02Allow local/for-us replications for IP multicast routes on the CLINeale Ranns1-1/+6
Change-Id: I046d9402b79fdbc6a6663199ffff8e40a278fd51 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-26IP Flow Hash Config fixesNeale Ranns4-15/+17
- the flow hash config is (and was) cached on the load-balance object so the fib_table_t struct is not used a switch time. Therefore changes to the table's flow hash config need to be propagated to all load-balances and hance all FIB entries in the table. - enable API for setting the IPv6 table flow hash config - use only the hash config in the fib_table_t object and not on the ipX_fib_t - add tests. Change-Id: Ib804c11162c6d4972c764957562c372f663e05d4 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-25"autoreply" flag: autogenerate standard xxx_reply_t messagesDave Barach1-99/+9
Change-Id: I72298aaae7d172082ece3a8edea4217c11b28d79 Signed-off-by: Dave Barach <dave@barachs.net>
2017-04-24Improve Load-Balance MAPsNeale Ranns3-90/+153
- only build them for popular path-lists (where popular means more than 64 children) the reason to have a map is to improve convergence speed for recursive prefixes - if there are only a few this technique is not needed - only build them when there is at least one path that has recursive constraints, i.e. a path that can 'fail' in a PIC scenario. - Use the MAPS in the switch path. - PIC test cases for functionality (not convergence performance) Change-Id: I70705444c8469d22b07ae34be82cfb6a01358e10 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-19Learn IP6 link-local ND entries from NSs sourced from link-local addressNeale Ranns1-2/+5
Change-Id: I4c3ce4d58df7977490fc94991291422ea1e31ee3 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-13Remove unsed parameter from fib_table_entry_special_add() (only used in FIB ↵Neale Ranns2-5/+3
tests). The DPO was incorrectly initialised with FIB_PROTO_MAX Change-Id: I962df9e162e4dfb6837a5ce79ea795d5ff2d7315 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-11MPLS Mcast coverity fixesNeale Ranns1-1/+1
Change-Id: Ic07ec5d4c2560a414d5f4f7eb37e10faf591664a Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-11MTRIE coverity fixesNeale Ranns1-6/+8
Change-Id: If98355bebe823f45b11b0908a8d7700ab273a6db Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-11Remove usued, redundant and deprecated code from lookup.hNeale Ranns7-95/+33
Change-Id: Ic16bc10d0b2877b2afdf052615f9334f31b9519f Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-07MPLS McastNeale Ranns6-40/+108
1 - interface-DPO Used in the Data-plane to change a packet's input interface 2 - MPLS multicast FIB entry Same as a unicast entry but it links to a replicate not a load-balance DPO 3 - Multicast MPLS tunnel Update MPLS tunnels to use a FIB path-list to describe the endpoint[s]. Use the path-list to generate the forwarding chain (DPOs) to link to . 4 - Resolve a path via a local label (of an mLDP LSP) For IP multicast entries to use an LSP in the replication list, we need to decribe the 'resolve-via-label' where the label is that of a multicast LSP. 5 - MPLS disposition path sets RPF-ID For a interface-less LSP (i.e. mLDP not RSVP-TE) at the tail of the LSP we still need to perform an RPF check. An MPLS disposition DPO performs the MPLS pop validation checks and sets the RPF-ID in the packet. 6 - RPF check with per-entry RPF-ID An RPF-ID is used instead of a real interface SW if index in the case the IP traffic arrives from an LSP that does not have an associated interface. Change-Id: Ib92e177be919147bafeb599729abf3d1abc2f4b3 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-07VPP-684.Add ip which mask length exceeding upper limit,ping segmentfaultflyingeagle231-1/+4
Change-Id: I2d1c5e4dbdcab2a81d6c88801183ca0bbc83e1d9 Signed-off-by: flyingeagle23 <wang.hui56@zte.com.cn>
2017-04-06Use thread local storage for thread indexDamjan Marion5-39/+39
This patch deprecates stack-based thread identification, Also removes requirement that thread stacks are adjacent. Finally, possibly annoying for some folks, it renames all occurences of cpu_index and cpu_number with thread index. Using word "cpu" is misleading here as thread can be migrated ti different CPU, and also it is not related to linux cpu index. Change-Id: I68cdaf661e701d2336fc953dcb9978d10a70f7c1 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-04-03Adjacency layout change and move to vnet/adjNeale Ranns3-217/+3
Change-Id: I03195a86c69f84a301051c6b3ab64456bbf28645 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-01ARP/ND/API:fix arp reg + nd no identical regsEyal Bari1-55/+38
fixed arp registration without allocating the event added protection against identical ND registrations Change-Id: I4e2db4913b35d895d8686ada1f0818920f276ad6 Signed-off-by: Eyal Bari <ebari@cisco.com>
2017-04-01MTRIE Optimisations 2Neale Ranns8-296/+526
1) 16-8-8 stride. Reduce trie depth walk traded with increased memory in the top PLY. 2) separate the vector of protocol-independent (PI) fib_table_t with the vector of protocol dependent (PD) FIBs. PD FIBs are large structures, we don't want to burn the memory for ech PD type 3) Go straight to the PD FIB in the data-path thus avoiding an indirection through, e.g., a PLY pool. Change-Id: I800d1ed0b2049040d5da95213f3ed6b12bdd78b7 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-30VPP-669: ping: fix coverity check error 165075 + add ping testcaseAndrew Yourtchenko1-1/+1
Fix the bug and add the unit test to start with ping test coverage Change-Id: Ibeacbed1f1660e677faa2dbb2ebe386216693e96 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-03-30BRIDGE-DOMAIN:enable arp term,mac/ip learning on local intsEyal Bari2-7/+4
we should not suppress arps on remote interface instead we should flood them to the local one used shg != 0 to identify packets from remote interfaces and disable arp term l2 input feature for them Change-Id: I701537c05df7451a25ccb5bfc9e2b03ea70cff20 Signed-off-by: Eyal Bari <ebari@cisco.com>
2017-03-29IP lookup: remove used stack variablesNeale Ranns1-21/+5
Change-Id: I19b16d3e04a187ffe736fae868941957c70edf62 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-29Mtrie optimisationsNeale Ranns5-222/+191
1 - make the default route non-special, i.e. like any other less specific route. Consequently, all buckets have a valid valid index of either a leaf or a ply. Checks for special indeices in the data-path can thus be removed. 2 - since all leaves are now 'real' i.e. they represent a real load-balance object, to tell if a ply slot is 'empty' requeirs chekcing that the prefix length of the leaf occupying the slot is slot than the minium value for that ply. 3 - when removing a leaf find the cover first, then recurse down the ply and replace the old leaf with the cover. This saves us a ply walk. Change-Id: Idd523019e8bb1b6ef527b1f5279a5e24bcf18332 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-29Sub-net broadcast addresses for IPv4Neale Ranns1-3/+70
Change-Id: Ib2189d01e8bc61de57404159690fb70f89c47277 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-27Mcast rewrite no memcpyNeale Ranns4-27/+29
use a 32bit mask in the adjacency to AND with the IP address and OR into the rewrite. Change-Id: I80b0f246c18fd74f3e43c5d49e25833412f34665 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-22ping: allow the user to send bursts of N packets instead of single packetAndrew Yourtchenko1-10/+42
Change-Id: I3c1d3a2db56487473123e6fec2b076a063473313 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-03-1764 bit per-thread countersNeale Ranns1-17/+19
after: TenGigabitEthernet5/0/1-output active 107522 17375708 0 7.22e0 161.60 TenGigabitEthernet5/0/1-tx active 107522 17375708 0 6.93e1 161.60 ip4-input-no-checksum active 107522 17375708 0 2.52e1 161.60 ip4-lookup active 107522 17375708 0 3.10e1 161.60 ip4-rewrite active 107522 17375708 0 2.52e1 161.60 before TenGigabitEthernet5/0/1-output active 433575 110995200 0 6.95e0 256.00 TenGigabitEthernet5/0/1-tx active 433575 110995200 0 7.14e1 256.00 ip4-input-no-checksum active 433575 110995200 0 2.66e1 256.00 ip4-lookup active 433575 110995200 0 3.29e1 256.00 ip4-rewrite active 433575 110995200 0 2.59e1 256.00 Change-Id: I46405bd22189f48a39f06e3443bb7e13f410b539 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-17Fix IP feature ordering.Neale Ranns1-17/+12
Drop comes before lookup when enabled. is_first_or_last is not required when setting a feature, the anchor is added in find_config_with_features(). Don't make the PG interfaces automatically L3 enabled, this way we can have tests that check the L3 protocol disbaled behaviour. Change-Id: Icef22a920b27ff9cec6ab2da6b05f05c532cb60f Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-17Cache a 'has-features' flag on the adjacency for faster access. Reclaim the ↵Neale Ranns3-21/+29
node_index memeber from the rewrite for space - this is only used for formtting before: ip4-rewrite * * * * 2.66e1 256.00 after: ip4-rewrite * * * * 2.40e1 256.00 Change-Id: Ic397150727cad38811564777419ad6bd26b8a3a6 Signed-off-by: Neale Ranns <nranns@wasa-ucs-11.cisco.com>
2017-03-16ping: Fix coverity error 163907Andrew Yourtchenko2-0/+6
Return an error if the ip6_interface_first_address decides to return NULL. Change-Id: Iea0184382b8fbe2af81a781c3671687a1fbb5b32 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-03-15VXLAN:add hidden multicast interface checkEyal Bari1-6/+8
and some refactoring Change-Id: I99e3c5e782ce65cb9779ccc3a9a3151ef1429e07 Signed-off-by: Eyal Bari <ebari@cisco.com>
2017-03-14ioam: ip6 hop by hop ext header and SR header co-existenceshwethab1-1/+1
1. Fix finding sr extension header 2. Fix for assert checks for space for sr header in packet headroom 3. ioam build warnings 4. Fix for SR header removal in presence of hbh ext header clib_memcpy with overlapping src/dst was failing Change-Id: I8576204eb571d1d4725a4e6976e18fe61cd1cd35 Signed-off-by: shwethab <shwetha.bhandari@gmail.com>
2017-03-09IMplementation for option to not create a FIB table entry when adding a ↵Neale Ranns3-27/+52
neighbor entry Change-Id: I952039e101031ee6a06e63f4c73d8eb359423e1a Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-08ARP resilience in the absence of IP config on input and output interfacesNeale Ranns1-0/+15
Change-Id: Ia9c6790436f8f6337b5351e3017ef5e441a8a4e9 Signed-off-by: Neale Ranns <nranns@cisco.com> (cherry picked from commit 5e323329ed6ded6f6944c56069329207ad9069c0)
2017-03-08API change (only) to not create a FIB table entry when adding a neighbor entryNeale Ranns1-1/+6
Change-Id: I1a8edaf1e0fca89e5d24d57dbb186ee46801f661 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-08BUG: multiple registrations of 'vl_api_ip6nd_proxy_details_t_handlerNeale Ranns1-7/+0
Change-Id: I70e32b2196bfc8712d270f9a4365daca2504d52d Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-08Proxy ND (RFC4389 - or a sub-set thereof). This allows the 'emulation' of ↵Neale Ranns6-62/+324
bridging. That is hosts in one sub-net reachable via differenet interfaces. Introducate a new API command: ip6 nd proxy <host-address> <interface> this indicates 2 things; 1) that host <host-address> is reachable out of interface <interface>. VPP will thus install that route. 2) NS requests sent to <host-address> will be responeded to (i.e. proxied). Change-Id: I863f967fdb5097ab3b574769c70afdbfc8d5478a Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-07Register TCP with IP only if session is enabledFlorin Coras1-1/+2
Change-Id: I73154179e78aeae5f879125237bce593d0978fae Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-03-07DHCP Multiple Servers (VPP-602, VPP-605)Neale Ranns1-0/+2
Multiple DHCP (4 and/or 6) servers can be added and removed through multiple calls to the 'set dhcp server' API. All 4/6/ discover/solicit messages will then be replicated to all servers in the list. The expectation is that the servers/system is configured in such a way that this is viable. If VSS information is providied for the clinet VRF which also has multiple servers configured, then the same VSS information is sent to each server. Likewise the source address of packets sent to from VPP to each server is the same. Change-Id: I3287cb084c84b3f612b78bc69cfcb5b9c1f8934d Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-07In-band OAM active probe (VPP-471)AkshayaNadahalli3-32/+63
Change-Id: Icf0ddf76ba1c8b588c79387284cd0349ebc6e45f Signed-off-by: AkshayaNadahalli <anadahal@cisco.com>
2017-03-07make per-adj counters configurableNeale Ranns2-33/+67
Change-Id: Ifdd2b204ecf7d855f1269c11224b9c825311904d Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-07Fixing loadbalancing over ECMP for recursive routesAkshayaNadahalli2-12/+10
Change-Id: Ibe1734aeb94bc17cd8d8bc6f35ca7b780aaa9599 Signed-off-by: AkshayaNadahalli <anadahal@cisco.com>
2017-03-06ioam: manycast using iOAM and SR (VPP-628)Shwetha Bhandari2-74/+122
Change-Id: I6d2afda991d771fb4a89fc3f6544f8e940a9b9f0 Signed-off-by: Shwetha Bhandari <shwethab@cisco.com>
2017-03-04Evolving SRv6 (Segment Routing for IPv6)Pablo Camarillo1-3/+30
Implements: 1.- SR Policies with several (weighted) SID lists 2.- Binding SID 3.- SR LocalSIDs with support for the following functions - End - End.X - End.DX6 - End.DX4 - End.DX2 - End.DT6 - End.DT2 - End.B6 - End.B6.Encaps 4.- SR Steering policies (to steer a traffic through an SR Policy) - Support for IPv6 traffic (IPv6 Encapsulation / SRH insertion) - Support for IPv4 traffic (IPv6 Encapsulation) - Support for L2 traffic (T.Insert / T.Encaps) 5.- Doxygen documentation 6.- Framework (APIs) to allow the definition of new SR LocalSID behaviors by means of plugins 7.- Sample SRv6 LocalSID plugin Change-Id: I2de3d126699d4f11f54c0f7f3b71420ea41fd389 Signed-off-by: Pablo Camarillo <pcamaril@cisco.com>
2017-03-03IPv6 RA improvementsNeale Ranns2-157/+123
1) tests for RA options 2) memleaks deleteing a ip6_radv_info_t 3) MLD prefix code refactoring Change-Id: I34db103994bd8fbdbbec50b202d72770dd145681 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-03Changing the IP table for an interface is an error if the interface already ↵Neale Ranns4-43/+76
has an address configured (VPP-601) Change-Id: I311fc264f73dd3b2b3ce9d7d1c33cd0515b36c4a Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-02Clean up binary api message handler registration issuesDave Barach1-83/+0
Removed a fair number of "BUG" message handlers, due to conflicts with actual message handlers in api_format.c. Vpp itself had no business receiving certain messages, up to the point where we started building in relevant code from vpp_api_test. Eliminated all but one duplicate registration complaint. That one needs attention from the vxlan team since the duplicated handlers have diverged. Change-Id: Iafce5429d2f906270643b4ea5f0130e20beb4d1d Signed-off-by: Dave Barach <dave@barachs.net>
2017-03-02Remove the unused VRF ID parameter from the IP neighbour Add/Del APINeale Ranns1-2/+0
Change-Id: Icf0d72f6af1f98c86f78e586c354515ac69804aa Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-01VPP-598: tcp stack initial commitDave Barach15-1683/+220
Change-Id: I49e5ce0aae6e4ff634024387ceaf7dbc432a0351 Signed-off-by: Dave Barach <dave@barachs.net> Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-02-22VPP-635: CLI Memory leak with invalid parameterBilly McFall4-22/+60
In the CLI parsing, below is a common pattern: /* Get a line of input. */ if (!unformat_user (input, unformat_line_input, line_input)) return 0; while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT) { if (unformat (line_input, "x")) x = 1; : else return clib_error_return (0, "unknown input `%U'", format_unformat_error, line_input); } unformat_free (line_input); The 'else' returns if an unknown string is encountered. There a memory leak because the 'unformat_free(line_input)' is not called. There is a large number of instances of this pattern. Replaced the previous pattern with: /* Get a line of input. */ if (!unformat_user (input, unformat_line_input, line_input)) return 0; while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT) { if (unformat (line_input, "x")) x = 1; : else { error = clib_error_return (0, "unknown input `%U'", format_unformat_error, line_input); goto done: } } /* ...Remaining code... */ done: unformat_free (line_input); return error; } In multiple files, 'unformat_free (line_input);' was never called, so there was a memory leak whether an invalid string was entered or not. Also, there were multiple instance where: error = clib_error_return (0, "unknown input `%U'", format_unformat_error, line_input); used 'input' as the last parameter instead of 'line_input'. The result is that output did not contain the substring in error, instead just an empty string. Fixed all of those as well. There are a lot of file, and very mind numbing work, so tried to keep it to a pattern to avoid mistakes. Change-Id: I8902f0c32a47dd7fb3bb3471a89818571702f1d2 Signed-off-by: Billy McFall <bmcfall@redhat.com> Signed-off-by: Dave Barach <dave@barachs.net>