Age | Commit message (Collapse) | Author | Files | Lines |
|
Options like:
expire_walk_interval_ms,max_reassemblies,timeout_ms
can be configured via API, but it's impossible to
check them using vppctl, but this can be a useful
feature
Type: feature
Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com>
Change-Id: Iac8a96201a7a70b82e9852edc89b819c5d451a58
|
|
L4 checksums for IPv6 should be calculated using a pseudo header that
includes the source/destination addresses, payload length, and payload
protocol.
ip6_tcp_udp_icmp_compute_checksum() was using the payload length and
protocol from the IPv6 header. If there is a hop-by-hop header (or any
other extension header), the payload length used for the pseudo header
should only include the upper layer header and payload and not the
extension header bytes. Same deal with the protocol, the upper layer
next header value should be used instead of the extension header.
Type: fix
Fixes: cb9cadad57
Change-Id: Ifa2c9ad41c0fc4eea674f0671255b637c8e01f71
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
|
|
The first translated ICMPv6 packet of a fragmented ICMP message does
not have a IPv6 fragment header. All subsequent have.
With this commit, add a IPv6 fragment header to the first translated
ICMPv6 packet.
Type: fix
Change-Id: Id89409ce7273cbeed801e2e18a09d3e7c3c4e4bc
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
|
|
Type: feature
common funcitons across IP-in-IP and GRE tunnels for encap/decap
functions
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I325b66824878d843af167adfe5a7a96b0ab90566
|
|
By aligning vnet_buffer_opaque.ip.save_rewrite_length and
vnet_buffer_opaque.ip.reass.save_rewrite_length we prevent shallow
virtual reassembly code from overwrite save_rewrite_length, allowing
other features down the pipe to rely on this value.
A static assert is added to guard this alignment.
Type: fix
Fixes: f126e746fc01c75bc99329d10ce9127b26b23814
Change-Id: Ie7c7f3abc2a221bbcf2830c0f006a4368088b342
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
All translated ICMPv6 packets that exceed the minimal IPv6 MTU get
truncated but according to RFC 4443 2.4 only ICMPv6 error messages
(type < 128) need to be truncated.
With this commit, truncate only ICMPv6 error messages.
Type: fix
Change-Id: Ic455352de2ff4ff6aa3421b46a2a54923f2d3f80
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
|
|
Type: refactor
currently vnet_classify.h is included in ip.h where it's not required.
Change-Id: Id55682637601655aa2edda681536a979c8e323bd
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Type: fix
Fixes: be2286b0
This patch does following:
- If terminating frame has consecutive packets with same source IP, this patch
avoids fib lookup for those packets in ip4-local node. This drops cycle count
for ip4-local node on both ARM and x86. It being done by enabling dead code in
else {} case of ip4_local_check_src_x2() and ip4_local_check_src() functions.
- In case all packets in terminating frame have unique source IP (e.g:
incrementing), ip4-local is costlier by 2 cycles (broadwell)
Change-Id: I472ddc324716cec8bfe601568b8aeb7565f97ab3
Signed-off-by: Nitin Saxena <nsaxena@marvell.com>
|
|
Use consistent API types.
Type: fix
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Change-Id: I17b95bba2327049d2b99e59cea79208814a24b22
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
|
|
Remove NAT's implementation of shallow virtual reassembly with
corresponding CLIs, APIs & tests. Replace with standalone shallow
virtual reassembly provided by ipX-sv-reass* nodes.
Type: refactor
Change-Id: I7e6c7487a5a500d591f6871474a359e0993e59b6
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Type: style
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: Idfcd4a363d4582ce69fac83ddc760f2dc4feed52
|
|
Make the help string consistent with the cli parser.
Type: fix
Change-Id: I7140bd589c2a94dbf5af5cc633cb495457a6af22
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Type: feature
- ip-neighbour: generic neighbour handling; APIs, DBs, event handling,
aging
- arp: ARP protocol implementation
- ip6-nd; IPv6 neighbor discovery implementation; separate ND,
MLD, RA
- ip6-link; manage link-local addresses
- l2-arp-term; events separated from IP neighbours, since they are not
the same.
vnet retains just enough education to perform ND/ARP packet
construction.
arp and ip6-nd to be moved to plugins soon.
Change-Id: I88dedd0006b299344f4c7024a0aa5baa6b9a8bbe
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Type: feature
Change-Id: I28f7a658be3f3beec9ea32635b60d1d3a10d9b06
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Type: fix
Change-Id: I9498b660bf2045bb6aac96d19bb9456a14b35847
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I1fd190da28a765ba430952539c291a741aaa3dce
|
|
Type: feature
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I2272521d6e69edcd385ef684af6dd4eea5eaa953
|
|
Delete Null-checking "p0" in function ip6_tcp_udp_icmp_bad_length,
because it's not necessary.
Type: fix
Signed-off-by: johny <jan.cavojsky@pantheon.tech>
Change-Id: I2bf43a60c1c1d76e42581df27f2285c9e9563093
|
|
This fix is for cancel termination of vpp after receive malformed
packet type of ip6.To avoid termination of vpp are checked if are
missing data in packet. This occours, when payload length in ip6
header packet is more than real count of data in packet. When
this error occours, packet is ignore.
Type: fix
Ticket: VPP-1693, VPP-1694
Change-Id: I9d9ecea7b75c8702cb31aa8051c8d4d7ce19659d
Signed-off-by: johny <jan.cavojsky@pantheon.tech>
|
|
Type: feature
the fib_source_t enum alone no longer defines the priority and
behaviour, instead each source must be allocated these attributes.
This allows the creation of other sources by the plugins (and
soon over the API).
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I890ee820fbc16079ee417ea1fbc163192806e853
|
|
Type: refactor
Change-Id: I51405b9d09fb6fb03d08569369fdd4e11c647908
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
Type: fix
Fixes: cb9cadad578297ffd78fa8a33670bdf1ab669e7e
Change-Id: Id6de9780da41db5d762fe042f533cfaf21ed7b73
Reported-by: Rajith PR <rajith@rtbrick.com>
Signed-off-by: Jon Loeliger <jdl@netgate.com>
|
|
Type: fix
Fixes: de34c35fc
The API handler for requests to retrieve IP reassembly settings was
modified to support shallow virtual reassembly. It retrieves
settings into local variables now instead of directly into the reply
message. The fields in the reply message were not being populated
using those variables. So the reply message was being sent with all
0's, except in the is_ip6 field.
Also, the max_reassembly length field in the reply message was not
being populated.
Change-Id: I80b071340fdc190c3a0b1f7294a03f14b6e00ecc
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
|
|
Type: refactor
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I3aad20b35d89fc541fdf185096d71ca12b09a6e2
|
|
Type: feature
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I9467f11775936754406892b8e9e275f989ac9b30
|
|
Type: fix
Change-Id: I87503b9a981724b1f3ff1c45a4a5f7a43024ca76
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: feature
from the API doc, a table replace is:
"
The use-case is that, for some unspecified reason, the control plane
has a very different set of entries it wants in the table than VPP
currently has. The CP would thus like to 'replace' VPP's current table
only by specifying what the new set of entries shall be, i.e. it is not
going to delete anything that already eixts.
the CP delcartes the start of this procedure with this begin_replace
API Call, and when it has populated all the entries it wants, it calls
the below end_replace API. From this point on it is of coursce free
to add and delete entries as usual.
The underlying mechanism by which VPP implements this replace is
purposefully left unspecified.
"
In the FIB, the algorithm is implemented using mark and sweep.
Algorithm goes:
1) replace_begin: this marks all the entries in that table as 'stale'
2) download all the entries that should be in this table
- this clears the stale flag on those entries
3) signal the table converged: ip_table_replace_end
- this removes all entries that are still stale
this procedure can be used when an agent first connects to VPP,
as an alternative to dump and diff state reconciliation.
Change-Id: I168edec10cf7670866076b129ebfe6149ea8222e
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Type: refactor
Change-Id: I204f3f8eebc5f5d5a377e91262f91c615fd00168
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Type: refactor
Change-Id: I2c6b59013bfd21136a2955442c779685f951932b
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
This provides a functional interface to IP fragmentation.
Allowing external features to fragment. Supports
arbitrary encap size, for e.g. MPLS or inner fragmentation
of tunnels.
This also removed dual loop in MAP that was fundamentally broken.
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: Ia89ecec8ee3cbe2416edbe87630fdb714898c2a8
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Autoconfigure router advertisements for delegated prefixes.
Clean up a longstanding issue. If vpp receives a dhcpv6 renew reply,
do NOT reset per-delegated-prefix timers. That prevented vpp from
sending a solicit to renew the delegation on time. That, in turn
caused the RA code to send advertisements with valid_time =
preferred_time = 0. That causes almost any downstream client to throw
away its delegated address.
Miscellaneous changes
o src/vnet/ip/ip6_neighbor.c - always memset elements allocated from pools
to zero. DGMS.
o Remove debug spew from the ipv6 connection-tracker plugin
Type: feature
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I428feccdc47efdc413898600e0d62916928a6eb7
|
|
Type:feature
For cases when proxy is in use IPv6 flow label received in origin pkt needs to be added
to ipv6 header of outgoing pkts from proxy to original destination and vice versa.
Signed-off-by: Tarun Gupta <tarungup@cisco.com>
Change-Id: I143f7e67237c0f865333078628a016b50ad5e630
Signed-off-by: Tarun Gupta <tarungup@cisco.com>
|
|
Type: fix
if the packet is about to be fragmented, then don't call any of the
actions that expect the rewrite to have been written.
1) don't double count packets thru the adjacency (original & fragments)
2) don't double decrement the TTL for fragments
3) return to ip4-midchain post ip-frag if that's where we started.
4) only run midchain/mcast fixups if not fragmenting (if no errors)
Change-Id: Ib2866787a42713ee5871b87b597d8f74b901044b
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Type: style
Change-Id: I7d44b7fab1b8b196e4934cb4832ee51084c5bf98
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
ip4_mtrie used full memory barrier compare-and-swap in set_leaf () and
set_root_leaf () even though only one thread updates the trie. Replaced
such instances of compare-and-swap with atomic store-release.
Type: refactor
Change-Id: Ic6e3c84480697915541acd16dcc630d1c436137d
Signed-off-by: Jason Zhang <jason.zhang2@arm.com>
Reviewed-by: Lijian Zhang <Lijian.Zhang@arm.com>
Reviewed-by: Ruifeng Wang <ruifeng.wang@arm.com>
|
|
ip4_mtrie set leaves atomically in set_leaf () and set_root_leaf () but
deleted leaves using regular stores in unset_leaf () and unset_root_leaf ().
Changed leaf deletion to update mtrie using atomic store-release.
Slight performance improvement was observed in benchmarking on Qualcomm
and Xeon machines. Benchmarking involved running 'ip route add' and
'ip route del' on vpp instances. Below are the routes/second for adding
and deleting 100k routes before and after the store-release changes:
Xeon Add Routes Before: 1.140e6, 1.139e6, 1.148e6, 1.158e6, 1.155e6
Xeon Add Routes After: 1.167e6, 1.170e6, 1.174e6, 1.173e6, 1.169e6
Xeon Del Routes Before: 7.287e7, 8.089e7, 6.048e7, 7.171e7, 7.821e7
Xeon Del Routes After: 8.729e7, 7.353e7, 7.856e7, 8.209e7, 7.787e7
Qualcomm Add Routes Before: 3.709e5, 3.954e5, 3.739e5, 3.759e5, 3.671e5
Qualcomm Add Routes After: 3.879e5, 3.967e5, 3.936e5, 3.764e5, 3.817e5
Qualcomm Del Routes Before: 1.286e7, 1.379e7, 1.353e7, 1.230e7, 1.331e7
Qualcomm Del Routes After: 1.411e7, 1.355e7, 1.373e7, 1.394e7, 1.314e7
Type: refactor
Change-Id: If3acd25a2fb87addd0eb13d82d3c8f46579e8060
Signed-off-by: Jason Zhang <jason.zhang2@arm.com>
Reviewed-by: Lijian Zhang <Lijian.Zhang@arm.com>
Reviewed-by: Ruifeng Wang <ruifeng.wang@arm.com>
|
|
Type: feature
Change-Id: Ib137c453ff2dd5b9d028c653afa80e6b2b81b9e0
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Type: feature
Change-Id: I246346b82858e73b16d727e2106350bc0fc3c6f2
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
use correct value for sanity checks
Type: fix
Change-Id: If33db5ce3e4a26f7876c2a67832ca2947563e211
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
This fixes incorrect tracing of flags such as MORE_FRAGMENTS.
Type: fix
Change-Id: Ia5698418a7cbb45c18bc9c95f560cea020e63c39
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
When processing the last buffer of a reassembled packet, the current
buffer will be freed and must be reloaded using the updated index.
Type: fix
Change-Id: Ib39e29e60eb527b4cd4828a3aa37d82c8dddd709
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: fix
- when the addresses were learnt a copy of the client was sent to the
main thread, this meant the unicast adjacecny was saved on the copy
not on the original.
- Add logging.
- Improve the proxy-node that hands the clint packets so the DHCP
packets are traced.
- allow a renewal to configure new address data
Change-Id: I6ab0afcccbc4a1cdefdd1b8beeda8fc7ba20ec1f
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Type: style
Change-Id: I620f15b96ee5401e0145a139f06d343d7c4fadb4
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Use consistent API types.
Type: fix
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Change-Id: I7048f8ec598a8b06d75bdfb5d2fab9f6337c9474
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
|
|
Use consistent API types.
Type: fix
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Change-Id: I1cc42b57fbf72e2ced8b5d1283c34de2f7ff948a
|
|
Type: refactor
Change-Id: I51d5bf54dfd408aa0c406cbdf0f4be10ef19d10d
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
This change adds tracing of IP headers when doing a handoff between
worker threads. This eases debugging.
Type: feature
Change-Id: I2195b070a364cba13a658ec1cee5154fc4c3a8b0
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Type: fix
Change-Id: Ie436d51999dc1384a0db492f28a7e66620e14551
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
The non-extern declaration confuses clang linker in debug mode.
The function is defined as inline above anyway.
Type: fix
Fixes: c6215d902f
Change-Id: Ic7e4477631cf0bcfb31ab3f81effe3642dd4223e
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: feature
Based on the configuration, we can disable checksum offload capability
and calculate checksum while pushing the TCP & IP header.
This saves some cycles when VPP stack is used in legacy hardware devices.
Signed-off-by: Srikanth A <srakula@cisco.com>
Change-Id: Ic1b3fcf3040917e47ee65263694ebf7437ac5668
(cherry picked from commit 3642782a2748503f5b5ccf89d1575c1d489948ef)
|