summaryrefslogtreecommitdiffstats
path: root/src/vnet/ip
AgeCommit message (Collapse)AuthorFilesLines
2019-03-28IPSEC: run encrpyt as a feautre on the tunnelNeale Ranns2-14/+42
Change-Id: I6527e3fd8bbbca2d5f728621fc66b3856b39d505 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-03-28Typos. A bunch of typos I've been collecting.Paul Vinciguerra2-2/+2
Change-Id: I53ab8d17914e6563110354e4052109ac02bf8f3b Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-03-26ip6-rewrite: bug fix buffer->error in dual loopKingwel Xie2-5/+24
error should be recorded in buffer so that process-error-punt can handle them correctly Per Damjan's comments, move counter to under else clause of last error0==NONE check. Both v4 and v6 are changed. Change-Id: I707c7877ccb12589337155173fc4a5200b42ee93 Signed-off-by: Kingwel Xie <kingwel.xie@ericsson.com>
2019-03-22ipv6: vectorized ext header checkDamjan Marion2-10/+35
Change-Id: I454bb01153d1d0536c4a6fe36103e7721aad8cd1 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-03-21icmp: bug fix of buffer->errorKingwel Xie2-2/+18
Recent changes in icmp4/6 choose to free the original buffer, and make a copy for sending icmp reply back. However, buffer->error will be ignored when the buffer is freed unconditionally. A quick fix can be moving the counter increment code to icmp, but I prefert to enqueue all buffers to 'error-drop' so that they can be handled in a batch rebase, using vlib_buffer_enqueue_to_single_next Change-Id: I9f3028b55f1d5f634763e2410cd91e17f368195e Signed-off-by: Kingwel Xie <kingwel.xie@ericsson.com>
2019-03-15Revert "API: Cleanup APIs interface.api"Ole Trøan1-1/+0
This reverts commit e63325e3ca03c847963863446345e6c80a2c0cfd. Allow time for CSIT to accommodate. Change-Id: I59435e4ab5e05e36a2796c3bf44889b5d4823cc2 Signed-off-by: ot@cisco.com
2019-03-15API: Cleanup APIs interface.apiJakub Grajciar1-0/+1
Use of consistent API types for interface.api Change-Id: Ieb54cebb4ac96b432a3f0b41596718aa2f34885b Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
2019-03-14IGMP: typo and doc fix (no behaviour change)Neale Ranns1-1/+1
Change-Id: I1c870f90a8e0d14b972593e72242b430c13d3bf2 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-03-12ip: migrate old MULTIARCH macros to VLIB_NODE_FNFilip Tehlar9-174/+166
Change-Id: Id55ec87724e421d5b722314f9302c6ade7545306 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2019-03-12ICMP46 error: Clone first buffer instead of "truncating" original bufferOle Troan2-52/+36
Previous code was walked buffer chain, effectively trying to "truncate" the chain, reset the length of first buffer and reused that as the ICMP error message. That could have issues in cases there were other users of the buffer chain. Update to clone the first buffer in chain, and use that for the ICMP error message instead. Change-Id: Ibc1a0bf2d854dae41874808c8297028ed93dd69d Signed-off-by: Ole Troan <ot@cisco.com>
2019-03-07API: Add python2.7 support for enum flags via aenumOle Troan1-1/+0
Change-Id: I77a43bfb37d827727c331cd65eee77536cc15953 Signed-off-by: Ole Troan <ot@cisco.com>
2019-03-06ip: coverity woesSteven Luong1-4/+4
coverity complains about logically dead code for the statement if (error) because error was assigned to 0 prior to the check. I believe error was meant to get the return status of the call vnet_punt_socket_add. Change-Id: I794167493f63cb898d3618c2c28817823f46b765 Signed-off-by: Steven Luong <sluong@cisco.com>
2019-03-06punt.c -- coverity woesSteven Luong1-9/+0
Coverity complains about identical code is executed for if and else branch. Clean them up by removing the useless code. Change-Id: Ie53f1dff055440ab2c3c3d2ea91edb1e50204b38 Signed-off-by: Steven Luong <sluong@cisco.com>
2019-03-04Hash and handoff reassembly fragmentsVijayabhaskar Katamreddy2-61/+448
in the following two scenarios 1. When fragments arrive in multiple interfaces and endup in different threads 2. When fragments arrive in same interafce but in different queues due to interface RSS doesnt have the ability to place fragments in the right queues Change-Id: I9f9a8a4085692055ef6823d634c8e19ff3daea05 Signed-off-by: Vijayabhaskar Katamreddy <vkatamre@cisco.com>
2019-02-26VPP-1574: minimize RPC barrier sync callsDave Barach1-5/+25
Grab the thread barrier across a set of RPCs, to greatly increase efficiency. Avoids running afoul of the barrier sync holddown timer. Change-Id: I782dfdb1bed398b290169c83266681c9edd57a3f Signed-off-by: Dave Barach <dave@barachs.net>
2019-02-25buffer chain linearizationKlement Sekera3-336/+82
Rewrite vlib_buffer_chain_linearize function so that it works as intended. Linearize buffer chains coming out of reassembly to work around some dpdk-tx issues. Note that this is not a complete workaround as a sufficiently large packet will still cause the resulting chain to be too long. Drop features from reassembly code which relies on knowing which and how many buffers were freed during linearization, buffer counts and tracing capabilities for these cases. Change-Id: Ic65de53ecb5c78cd96b178033f6a576ab4060ed1 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-02-19reassembly: handle ip6 atomic fragmentsKlement Sekera1-6/+3
Change-Id: Ide3425f144fb17201dcde7ba89f39e460048100d Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-02-19reassembly: fix buffer usage counterKlement Sekera1-5/+7
Change-Id: I713904f8eb2f724cb08dba494c160c14cc8b24a1 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-02-19tap gso: experimental supportAndrew Yourtchenko2-17/+81
This commit adds a "gso" parameter to existing "create tap..." CLI, and a "no-gso" parameter for the compatibility with the future, when/if defaults change. It makes use of the lowest bit of the "tap_flags" field in the API call in order to allow creation of GSO interfaces via API as well. It does the necessary syscalls to enable the GSO and checksum offload support on the kernel side and sets two flags on the interface: virtio-specific virtio_if_t.gso_enabled, and vnet_hw_interface_t.flags & VNET_HW_INTERFACE_FLAG_SUPPORTS_GSO. The first one, if enabled, triggers the marking of the GSO-encapsulated packets on ingress with VNET_BUFFER_F_GSO flag, and setting vnet_buffer2(b)->gso_size to the desired L4 payload size. VNET_HW_INTERFACE_FLAG_SUPPORTS_GSO determines the egress packet processing in interface-output for such packets: When the flag is set, they are sent out almost as usual (just taking care to set the vnet header for virtio). When the flag is not enabled (the case for most interfaces), the egress path performs the re-segmentation such that the L4 payload of the transmitted packets equals gso_size. The operations in the datapath are enabled only when there is at least one GSO-compatible interface in the system - this is done by tracking the count in interface_main.gso_interface_count. This way the impact of conditional checks for the setups that do not use GSO is minimized. "show tap" CLI shows the state of the GSO flag on the interface, and the total count of GSO-enabled interfaces (which is used to enable the GSO-related processing in the packet path). This commit lacks IPv6 extension header traversal support of any kind - the L4 payload is assumed to follow the IPv6 header. Also it performs the offloads only for TCP (TSO - TCP segmentation offload). The UDP fragmentation offload (UFO) is not part of it. For debug purposes it also adds the debug CLI: "set tap gso {<interface> | sw_if_index <sw_idx>} <enable|disable>" Change-Id: Ifd562db89adcc2208094b3d1032cee8c307aaef9 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2019-02-19VPP-1573 fix crash in ip6 reassemblyKlement Sekera1-1/+1
Change-Id: I3a3076c7d87446b5ec2a02e70d3b6d05f1875875 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-02-19ip6-local: fix uninitialized variable errorDamjan Marion1-1/+1
Change-Id: I245a8cc8f237242efadcf10d47b76222a6497e89 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-02-18Explicit dual-loop in ip6-localBenoît Ganne1-72/+134
Makes ip6-local node dual-loop explicit. This is only a style change. Change-Id: Ic8e7cecb3f51e98b8a069b501f5c338156934a6d Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-02-15Optimize ip6-localBenoît Ganne1-246/+187
Optimize IPv6 ip6-local node by rewriting the dual/single loop with prefetch and simpler unrolling. My local, unrepresentative tests for GRE4 termination over IPv6 show a performance improvement of ~40% for ip6-local node alone and ~5% globally. Change-Id: I11e1e86d3838dd3c081aa6be5e25dae16ed6e2d8 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-02-14Add -fno-common compile optionBenoît Ganne2-1/+5
-fno-common makes sure we do not have multiple declarations of the same global symbol across compilation units. It helps debug nasty linkage bugs by guaranteeing that all reference to a global symbol use the same underlying object. It also helps avoiding benign mistakes such as declaring enum as global objects instead of types in headers (hence the minor fixes scattered across the source). Change-Id: I55c16406dc54ff8a6860238b90ca990fa6b179f1 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-02-13ip6: convert code to new multiarchDamjan Marion2-96/+82
Change-Id: Idd09b5d0597336e4f2028113cae76c94fd1c5427 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-02-09buffers: fix typoDamjan Marion3-5/+5
Change-Id: I4e836244409c98739a13092ee252542a2c5fe259 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-02-06buffers: make buffer data size configurable from startup configDamjan Marion3-4/+6
Example: buffers { default data-size 1536 } Change-Id: I5b4436850ca18025c9fdcfc7ed648c2c2732d660 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-02-02Deprecate old mutliarch code, phase 1Damjan Marion1-22/+1
It is causing compilation sloness with gcc-7 so removing it before it was originally planned. So far macros are left in the tree so we can know which nodes to convert to new multiarch code. Change-Id: Idb14622ca61fdce1eba59723b20d98715b7971e6 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-01-30Use IP and MAC API types for neighborsNeale Ranns13-366/+418
use address_t and mac_address_t for IPv6 and ARP entries and all other API calls in ip.api aprat from the route ones, that will follow in a separate commit Change-Id: I67161737c2184d3f8fc1e79ebd2b55121c5b0191 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-01-25IP6 FIB: walk table for dump (VPP-1553)Neale Ranns1-12/+7
Change-Id: Iaa57ace6df96bfacd1235c80ec7bb08e5f335530 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-01-23IP route local and connectedNeale Ranns1-2/+9
allow routes that are local and connected to be added via the API. this emulates the addition of a second address in the same subnet added to an interface. Change-Id: Ib18a08c26956be9a07b3360664210c8cf6734c84 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-01-20buffers: don't init metadata, as it is already initializedDamjan Marion3-9/+0
Change-Id: Ia083050389853c25b069f0f8286d50d3f4aef527 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-01-19buffers: remove free-list information from buffer metadataDamjan Marion1-2/+1
Change-Id: I6048c6a51efa826ac333f7d15919cb87dd766d74 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-01-18buffers: remove freelist argument from vlib_buffer_add_dataDamjan Marion1-13/+7
Change-Id: Idb224b807373128b78dc46f177b2d2e0ed288349 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-01-10ARP/ND: copy opaque2 persistent fields to new packetNeale Ranns2-2/+8
Change-Id: Ic65f686aaccaf8450732d88d7471b587faccaa9d Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-01-07VOM: mroutesNeale Ranns2-6/+14
- fixes in ip.api for dumping mroute path flags Change-Id: I13b0cfb15d374250ed71bd4e13dda9b798c18204 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-01-07Handle buffer alloc failure in vlib_buffer_add_dataDave Barach2-23/+47
It's not OK to crash due to a transient buffer allocation failure. Return 1 if the requested operation failed, otherwise 0. Buffer index parameter change to a value-result, so the caller can differentiate between partial and complete allocation failure: callers which request an initial allocation (inbound bi = ~0) need to check the (out) value to decide whether or not to call vlib_buffer_free(...). Change-Id: I03029d7f2714c17dca4630dfd95a1eb578b68384 Signed-off-by: Dave Barach <dave@barachs.net>
2019-01-02Fixes for buliding for 32bit targets:David Johnson1-1/+1
* u32/u64/uword mismatches * pointer-to-int fixes * printf formatting issues * issues with incorrect "ULL" and related suffixes * structure alignment and padding issues Change-Id: I70b989007758755fe8211c074f651150680f60b4 Signed-off-by: David Johnson <davijoh3@cisco.com>
2019-01-01buffers: remove unused codeDamjan Marion1-6/+2
Change-Id: If2bbfbc52994f5de0879763e0b7a7864498debb6 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-12-20FIB: encode the label stack in the FIB path during table dumpNeale Ranns1-0/+2
Change-Id: I28e8a99b980ad343a4209e673201791b91ceab4e Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-12-20reassembly: replace asserts with error countersKlement Sekera4-128/+272
Change-Id: Iaa39aea990bc04147f6a049215e990a567d30106 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2018-12-18MFIB: recurse resolution through an MFIB entryNeale Ranns1-20/+20
Change-Id: I8dc261e40b8398c5c8ab6bb69ecebbd0176055d9 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-12-16VPP-1523: harden reassemblyKlement Sekera1-5/+3
Change-Id: I00d7b38bd99e81e3921ce08cce50d613f11de36e Signed-off-by: Klement Sekera <ksekera@cisco.com>
2018-12-16IP6-MFIB: replace the radix tree with bihash (VPP-1526)Neale Ranns3-11/+31
Change-Id: I7a48890c075826fbd8c75436dfdc5ffff230a693 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-12-14VPP-1510: add support for punt deletePavel Kotucek1-1/+12
Change-Id: Ibd7b1b13da0861f67e5e9e73bf6539199b3c82ea Signed-off-by: Pavel Kotucek <pavel.kotucek@pantheon.tech>
2018-12-13reassembly: fix internal buffer count accountingKlement Sekera1-0/+3
Change-Id: I6af2c8552aeafe0abc8b8c3e5af1a05640e95919 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2018-12-13VPP-1522: harden reassembly codeKlement Sekera2-24/+40
Change-Id: Ib5a20bff7d8a340ecf50bcd4a023d6bf36382ba3 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2018-12-13make build failure.Paul Vinciguerra1-2/+2
[84/597] Building C object vnet/CMakeFiles/vnet.dir/ip/ip_types_api.c.o FAILED: ccache /usr/lib/ccache/cc -DWITH_LIBSSL=1 -Dvnet_EXPORTS -I/vpp/src -I. -Iinclude -march=corei7 -mtune=corei7-avx -g -O2 -DFORTIFY_SOURCE=2 -fstack-protector -fPIC -Werror -fPIC -Wno-address-of-packed-member -Wall -MMD -MT vnet/CMakeFiles/vnet.dir/ip/ip_types_api.c.o -MF vnet/CMakeFiles/vnet.dir/ip/ip_types_api.c.o.d -o vnet/CMakeFiles/vnet.dir/ip/ip_types_api.c.o -c /vpp/src/vnet/ip/ip_types_api.c /vpp/src/vnet/ip/ip_types_api.c: In function 'ip_address_union_encode': /vpp/src/vnet/ip/ip_types_api.c:70:13: error: incompatible type for argument 1 of 'memcpy' memcpy (out->ip6, &in->ip6, sizeof (out->ip6)); ^ In file included from /usr/include/string.h:635:0, from /vpp/src/vppinfra/string.h:55, from /vpp/src/vppinfra/mem.h:55, from /vpp/src/vppinfra/vec.h:42, from /vpp/src/vppinfra/error.h:53, from /vpp/src/vppinfra/hash.h:41, from /vpp/src/vnet/ip/ip.h:43, from /vpp/src/vnet/ip/ip_types_api.h:23, from /vpp/src/vnet/ip/ip_types_api.c:16: /usr/include/x86_64-linux-gnu/bits/string3.h:50:42: note: expected 'void * restrict' but argument is of type 'vl_api_ip6_address_t {aka struct _vl_api_ip6_address}' __NTH (memcpy (void *__restrict __dest, const void *__restrict __src, ^ /vpp/src/vnet/ip/ip_types_api.c:72:13: error: incompatible type for argument 1 of 'memcpy' memcpy (out->ip4, &in->ip4, sizeof (out->ip4)); ^ In file included from /usr/include/string.h:635:0, from /vpp/src/vppinfra/string.h:55, from /vpp/src/vppinfra/mem.h:55, from /vpp/src/vppinfra/vec.h:42, from /vpp/src/vppinfra/error.h:53, from /vpp/src/vppinfra/hash.h:41, from /vpp/src/vnet/ip/ip.h:43, from /vpp/src/vnet/ip/ip_types_api.h:23, from /vpp/src/vnet/ip/ip_types_api.c:16: /usr/include/x86_64-linux-gnu/bits/string3.h:50:42: note: expected 'void * restrict' but argument is of type 'vl_api_ip4_address_t {aka struct _vl_api_ip4_address}' __NTH (memcpy (void *__restrict __dest, const void *__restrict __src, ^ /vpp/src/vnet/ip/ip_types_api.c: At top level: cc1: error: unrecognized command line option '-Wno-address-of-packed-member' [-Werror] cc1: all warnings being treated as errors [84/597] Building C object vnet/CMakeFiles/vnet.dir/ip/ip4_forward.c.o ninja: build stopped: subcommand failed. Makefile:691: recipe for target 'vpp-build' failed make[1]: *** [vpp-build] Error 1 make[1]: Leaving directory '/vpp/build-root' Makefile:394: recipe for target 'test' failed make: *** [test] Error 2 DBGvpp# show cpu Model name: Intel(R) Core(TM) i7-4870HQ CPU @ 2.50GHz Microarchitecture: Haswell (Crystalwell) Flags: sse3 ssse3 sse41 sse42 avx avx2 aes invariant_tsc Base frequency: 2.49 GHz DBGvpp# show version verbose Version: v19.01-rc0~447-g3be662f Compiled by: vagrant Compile host: vpp Compile date: Mon Dec 10 14:55:24 PST 2018 Compile location: /vpp Compiler: GCC 5.4.0 20160609 Current PID: 14104 Change-Id: I6ff03bc5ad1c3517256e244b6986e9a1507a3349 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2018-12-13ip4_rewrite_inline: fix variable errorZhiyong Yang1-2/+2
Change-Id: I0470b4b13095583fe018f565f100342fab45715e Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
2018-12-12Change ipsec feature node namesPierre Pfister2-8/+8
ipsec4-output and ipsec6-output were conflicting with ipsec interface names ("ipsec<id>") and vnet/interface.c autogenerated output node ("<ifname>-output"). Changing feature names seems to be the less invasive option. This patch also changes "input" feature names for consistency. Change-Id: I4ba10d07e9ba09df20aa2500104252b06b55f8f7 Signed-off-by: Pierre Pfister <ppfister@cisco.com>