summaryrefslogtreecommitdiffstats
path: root/src/vnet/ip
AgeCommit message (Collapse)AuthorFilesLines
2019-10-03ip: fix use-after-free in reassemblyBenoît Ganne2-6/+8
- ip{4,6}_reass_finalize() frees the reassembly context: do not access it after the call. - traces access reassembly context: free it after and not before tracing. Type: fix Change-Id: Ia3aaea9c7b74932e249e013be04b9bd7298fd187 Signed-off-by: Benoît Ganne <bganne@cisco.com> (cherry picked from commit 2d0ebd7ebc555565868038a09d80a61f5de29430)
2019-10-03ip: respect buffer boundary when searching for ipv6 headersKlement Sekera2-34/+81
Type: fix Change-Id: I5a5461652f8115fa1270e20f748178fb5f5450f2 Signed-off-by: Klement Sekera <ksekera@cisco.com> (cherry picked from commit 769145cdbc28324bd0b6304951199ec3d6e0e883)
2019-10-03fib: fix some typos in fib/mtrieLijian.Zhang4-10/+10
Type: fix Change-Id: I1af0e4a9bc23a3b6b6d3a74df093801ab6cae1f8 Signed-off-by: Lijian Zhang <Lijian.Zhang@arm.com> (cherry picked from commit 33af8c1ed89f15cf0601ee891e9603bef16f2c93)
2019-10-03ip: refactor reassemblyKlement Sekera9-825/+868
this is a preparation step for introducing other reassembly types Type: refactor Change-Id: I197e299dbd729b00eead31667913b8ceff915d63 Signed-off-by: Klement Sekera <ksekera@cisco.com> (cherry picked from commit 896c896a3c4ed563a270281ff8b50fd253f4833f)
2019-10-03vlib: add flag to explicitelly mark nodes which can init per-node packet traceDamjan Marion1-0/+1
Type: feature Change-Id: I913f08383ee1c24d610c3d2aac07cef402570e2c Signed-off-by: Damjan Marion <damarion@cisco.com> (cherry picked from commit 7ca5aaac10e95306f74ea4afd52110dd46aa0381)
2019-10-02ip: mfib CLI 'via local' fixNeale Ranns1-0/+2
Type: fix Change-Id: I6fd7bb27b95a50d37424f65dc51e8b341f8b1b28 Signed-off-by: Neale Ranns <nranns@cisco.com> (cherry picked from commit eacc8c5943e44d19b5a65a68db3ad5adf9e37495)
2019-10-02ip: fix memory leak in ip_dump handlerMatthew Smith1-0/+2
Type: fix A vector allocated by vl_api_ip_dump_t_handler() was not being freed. Change-Id: I13425b8087e60df60c6aaa1230aa7e6d60b101a8 Signed-off-by: Matthew Smith <mgsmith@netgate.com> (cherry picked from commit 6d5f6592559bc0db4294c53236177d4e35e603c6)
2019-09-30fib: do not dump no-longer valid adjacenciesBenoît Ganne1-1/+6
In some cases, we can refer to no-longer adjacencies (eg. in traces). Do not dump them in this case as they are probably incorrect (memory can be reused). Type: fix Change-Id: Ib653ba066bb6595ec6ec37d313a3124bce0eeed3 Signed-off-by: Benoît Ganne <bganne@cisco.com> (cherry picked from commit 138c37af5291e2045075052a4db036be03be4a85)
2019-09-29tcp: enable gso in tcp hoststackSimon Zhang1-0/+2
Type: feature Change-Id: If68d07fbe8c6f7fffd2f93c7e854367082927e4f Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com> (cherry picked from commit 1146ff4bcd336d8efc19405f1d83914e6115a01f)
2019-09-28ipsec ip tcp l2: multiarch nodes cannot be declared as staticDamjan Marion2-2/+2
Credits to ray.kinsella@intel.com who spotted the issue and identified root cause. Type: fix Change-Id: I4afe74c47769484309f6aebca2de56ad32c8041f Signed-off-by: Damjan Marion <damarion@cisco.com> (cherry picked from commit d770cfc96257f9bd9e0c96c8ebe50e4531dc1bc5)
2019-09-27ip: remove unused function parameterSimon Zhang2-7/+4
Type: refactor Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com> Change-Id: I8674ff5f6f6336b256b7df8187afbb36ddef71fb (cherry picked from commit e7eba48937c52478d3844745ebb63a4b9ce8d681)
2019-09-25ip: reassembly: remove unnecessary codeKlement Sekera2-6/+0
Type: refactor Change-Id: I30cb324006c3c6ab88d01c044cf80fab3a34f13a Signed-off-by: Klement Sekera <ksekera@cisco.com> (cherry picked from commit 8e9e0eccb280619f10d287dad3f79541ade03adc)
2019-09-25ip: fix merge issueKlement Sekera1-2/+0
Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: Idd64b0b3eedb7179f6d316b66cea8160ad577990 Type: fix Fixes: 630ab5846bceddf8d663e9f488a2dc0378949827 Signed-off-by: Klement Sekera <ksekera@cisco.com> (cherry picked from commit 95e091b268212c4bc7153d1526fdffd3ce1d647a)
2019-09-25ip: reassembly: send packet out on correct workerKlement Sekera2-92/+287
Note which worker received fragment with offset zero and use this worker to send out the reassembled packet. Type: fix Change-Id: I1d3cee16788db3b230682525239c0100d51dc380 Signed-off-by: Klement Sekera <ksekera@cisco.com> (cherry picked from commit 630ab5846bceddf8d663e9f488a2dc0378949827)
2019-09-21ip: leverage existing vlib_buffer_advanceZhiyong Yang1-6/+3
The function ip4_rewrite_inline_with_gso can leverage the existing vlib_buffer_advance to simplify code. Type: fix Change-Id: I25d943dc78aba2f67654385cf3f693eb01e0210e Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com> (cherry picked from commit a6659214aa7be7fe9fa04fbdc744affaaa8324ec)
2019-09-18ip: allow addrs from the same prefix on intfMatthew Smith4-101/+396
Type: feature Adding a prefix to an interface was not permitted if it overlapped with another prefix on an interface which used the same FIB. Loosen the restriction. Allow 2 or more addresses from the same prefix on a single interface. Reference count the prefix to figure out when a glean/connected route for the prefix needs to be added or removed. Added unit tests to check that the route is only removed when all addresses in the prefix are removed from the interface. Change-Id: I1a962ecb5e1ee65fc6d41f98a4cc097a51a55321 Signed-off-by: Matthew Smith <mgsmith@netgate.com> (cherry picked from commit 6c92f5babdc3c52cf343509fc9cf9d8a9a3df390)
2019-09-12api: split vl_api_prefix into twoOle Troan2-2/+19
One type for address with prefix and one type for prefix. Ticket: VPP-1769 Type: fix Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: Icfec51d9b7d5cde1d69fbecdd97498688ab7b295 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-09-09api: enforce vla is last and fixed string typeOle Troan1-2/+2
Enforce that variable length fields are the last element of API messages. Add a 'fixed' version of string type, since dealing with multiple variable length strings turned out too painful for the C language bindings. The string type is now: { string name[64]; // NUL terminated C-string. Essentially decays to u8 name[64] string name[]; // Variable length string with embedded len field (vl_api_string_t) }; The latter notation could be made available to other types as well. e.g. { vl_api_address_t addresses[]; } instead of { u32 n_addr; vl_api_address_t addresses[n_addr]; }; Type: fix Change-Id: I18fa17ef47227633752ab50453e8d20a652a9f9b Signed-off-by: Ole Troan <ot@cisco.com> (cherry picked from commit e5ff5a36dd126ee57dca4e0b03da2f7704e0a4f5) Signed-off-by: Ole Troan <ot@cisco.com>
2019-09-07ip: fix udp/tcp checksum corner casesDave Barach2-5/+31
When checksumming chained buffers with odd lengths: insert a NULL byte, or the calculation fails. Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Signed-off-by: John Lo <loj@cisco.com> Change-Id: I380f7c42897bdb28c8c29aa1c4cdaaa849cc9ecc (cherry picked from commit c4abafd83df38051765352785b146277734701f4)
2019-09-02ip: ip6_preflen_to_mask incorrect result for prefix len > 64Andrew Yourtchenko1-0/+1
The as_u64[0] in the result was not correctly filled in for longer prefix lengths. Type: fix Fixes: 1c7104514c Change-Id: I871772c618475396d1c1c4c699ff77e35097f07e Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> (cherry picked from commit 59ac9c23c47962fbbd935e7075ff7ee89e955847)
2019-08-12api: vppapitrace JSON/API trace converterOle Troan1-1/+1
Usage: vppapitrace.py [-h] [--debug] [--apidir APIDIR] {convert,replay} ... optional arguments: -h, --help show this help message and exit --debug enable debug mode --apidir APIDIR Location of JSON API definitions subcommands: valid subcommands {convert,replay} additional help convert Convert API trace to JSON or Python and back replay Replay messages to running VPP instance To convert an API trace file to JSON: vppapitrace convert /tmp/api.trace trace.json To convert an (edited) JSON file back to API trace for replay: vppapitrace convert trace.json api-edited.trace To generate a Python file that can be replayed: vppapitrace convert /tmp/api.trace trace.py vppapitrace convert trace.json trace.py Replay it to a running VPP instance: vppapitrace replay --socket /tmp/api.trace In VPP that file can be replayed with: vpp# api trace replay api-edited.trace This patch also modifies the API binary trace format, to include the message id to message name table. Ticket: VPP-1733 Change-Id: Ie6441efb53c1c93c9f778f6ae9c1758bccc8dd87 Type: refactor Signed-off-by: Ole Troan <ot@cisco.com> (cherry picked from commit edfe2c0079a756f5fb1108037c39450e3521c8bd) Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2019-08-03ip: fix ip6/udp checksum for pkts using buffer chainingJohn Lo2-4/+15
Fix ip6_tcp_udp_icmp_compute_checksum to work properly for packets with multiple buffers. Fix ip4_tcp_udp_compute_checksum to exit upon detecting error. Type: fix Signed-off-by: John Lo <loj@cisco.com> Change-Id: I673547f4479d72cd60757383343fc562cff10265
2019-08-02ipsec: FIx feature orderingNeale Ranns2-4/+2
Type: fix Fixes: 1404698df397bc4d3007daea41f52ad75ed4486c Change-Id: Ibb77d95bb5e862cf5d1cb65843c526fd2e225c62 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-08-01docs: Small fixes and orderingNathan Skrzypczak1-11/+10
* deactivtates the TODOs on doxygen (were empty) * This move punt.md to readthedocs (should be the new place for dev doc ?) * Makes Handoff queue demo plugin a child of dev doc in doxygen Type: fix Change-Id: I1f0476a911b35208212af8dd608bc76160efd22a Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2019-07-31api: add prefix matcher typedefPaul Vinciguerra1-0/+11
There is a need to be able to specifiy whether a prefix in a request is to match exactly or if more specific prefixes are also desired. Todo: Uncomment defaults, once supported in vppapigen. Type: feature Change-Id: I74fdef0e89e3aefda822c7c0a477e22479297a90 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-07-31ip: Ensure reassembly runs before IPSec decrypt.Neale Ranns2-2/+6
Type: fix Change-Id: I01eeedf8d5015b07b9422c65afe78bfe8177c22c Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-07-31fib: fix calls to unformat_fib_pathNeale Ranns2-2/+4
Type: fix Ticket: 1728 Change-Id: I679c2b8c5b0f751c9476db3669ab3f6c26dcdd28 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-07-26dhcp ip: DSCP settings for transmitted DHCP packetsNeale Ranns7-5/+74
Type: feature - Define the ip_dscp_t and use in the IP headers - Add DSCP setting to the DHCP client for use with packet TX Change-Id: If220dde0017ea78793747d65f53e11daf23a28fa Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-07-19ip: admin change affects intf IPv4 addr routesMatthew G Smith1-7/+53
Type: feature When admin status is changed on an interface, add or delete the routes for the IPv4 addresses configured on that interface. This is already being done for IPv6 interface addresses. Change-Id: Ib1e7dc49c499921dd287e075640243520ffa5589 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2019-07-14api: add DSCP definitions to ip_types.apiPaul Vinciguerra1-0/+46
- also adds ecn definitions. Type: feature Change-Id: Id98d9ae57289425fcfed367f426442173ef4e882 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-07-12ip: Trace the packet from the punt nodeNeale Ranns1-7/+14
Type: feature Change-Id: I01f1cc53efc93b0a7bb588ea6db89a53c971a3f5 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-07-12ip ipsec: Remove IPSec SPI-0 punt reasonNeale Ranns2-7/+22
Type: fix There's no call for an SPI-0 punt reason with UDP encap, since it's only with UDP encap that the ambiguity between IKE or IPSEC occurs (and SPI=0 determines IKE). Enhance the punt API to dum ponly the reason requested, so a client can use this as a get-ID API Change-Id: I5c6d72b03885e88c489117677e72f1ef5da90dfc Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-07-11ip: Punt node does not free iovecsNeale Ranns3-11/+22
Type: fix Fixes: f7a55ad74c Change-Id: Ic3474e746887f880a8f6246bebc399715bac8e80 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-07-10ip: fix show ip neigh vector read overflowBenoît Ganne2-19/+24
Both format_ethernet_arp_ip4_entry() and format_ip6_neighbor_ip6_entry() used %s to format flags which is a vector and not a null-terminated C-string. Introduce format_ip_neighbor_flags() instead. Type: fix Fixes: 102ec52bc4 Change-Id: I0c9349fefbeb76471933de358acceb50512a21aa Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-07-09vppinfra: allocate bihash virtual space on demandDave Barach2-0/+2
Reduces the vpp image virtual size by multiple gigabytes Add a "show bihash" command which displays configured and current virtual space in use by bihash tables. Modify the .py test framework to call "show bihash" on test tear-down Type: refactor Change-Id: Ifc1b7e2c43d29bbef645f6802fa29ff8ef09940c Signed-off-by: Dave Barach <dave@barachs.net>
2019-07-08ip: retain local interface address adjacencyMatthew Smith1-6/+24
Type: feature ip4_local_check_src() was overwriting vnet buffer opaque data on the adjacency for packets with "local" (dpo-receive) destination addresses. Retain the dpo receive index in vnet_buffer()->adj_index[VLIB_TX]. This can allow a graph node to distinguish the interface where the destination address is configured from the interface where the packet was received. This can be useful in correctly handling packets that have been sent to an address configured on a loopback interface. Change-Id: I52a942e85b5302b338a2d0404a37c5ea1a99e89f Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2019-07-05sctp: move to plugins, disabled by defaultFlorin Coras3-20/+11
Removed sctp buffer metadata from vnet/buffer.h, added it to the plugin. Add registration APIs for plugin-based vlib_buffer_opaque / opaque2 decoders, used by "pcap dispatch trace ..." for display in the wireshark dissector. Type:refactor Not actively maintained. Change-Id: Ie4cb6ba66f68b3b3a7d7d2c63c917fdccf994371 Signed-off-by: Florin Coras <fcoras@cisco.com> Signed-off-by: Dave Barach <dave@barachs.net>
2019-07-03fib: allow route delete with no paths and multipath=0 to remove theNeale Ranns1-10/+5
whole route Type: fix Fixes: 097fa66b Change-Id: I017ab5797670eb278c27c6e306cd8cadaacddf9d Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-07-01ip: fix ip lookup for armFlorin Coras1-27/+10
Type:fix Fixes: cb54e3c Change-Id: I3120eaabdc00a6c1248cf7eb81f2075983836dfd Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-06-28ip: ip-lookup - remove the dead codeNeale Ranns2-65/+27
Type: refactor Change-Id: I791cc63e989df049104420faf74fc28f965b6648 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-06-26api: refactor format_vl_api_prefix_t return keysPaul Vinciguerra2-5/+5
format_vl_api_prefix_t returns a dict with keys 'address' and 'address_length', but other format_vl_api_prefix functions return a dict with 'prefix', and 'len'. Refactor all format_vl_api_prefix_t to return consistent keys 'address' and 'len'. Type: refactor Change-Id: I5f9558fc2da8742a303266e011102f5b2db80aad Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-06-26api: Remove the inlines file and replace with library functionsNeale Ranns1-1/+0
using inlines exposes the users to the internal data types used by VPP, namely vec.h. This file does not compile with a C++ compiler. Type: feature Change-Id: I1544fdd9eae998309f865df61df78571bdb96903 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-06-24vlib: packet tracer support for pkt thread handoffsDave Barach2-37/+3
Type: feature Change-Id: Ia3d9a47679202c2a47cd3746b50e86c6b8627ef6 Signed-off-by: Dave Barach <dave@barachs.net>
2019-06-18ipsec: ipsec-tun protectNeale Ranns1-1/+16
please consult the new tunnel proposal at: https://wiki.fd.io/view/VPP/IPSec Type: feature Change-Id: I52857fc92ae068b85f59be08bdbea1bd5932e291 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-06-18fib: fib api updatesNeale Ranns4-1052/+396
Enhance the route add/del APIs to take a set of paths rather than just one. Most unicast routing protocols calcualte all the available paths in one run of the algorithm so updating all the paths at once is beneficial for the client. two knobs control the behaviour: is_multipath - if set the the set of paths passed will be added to those that already exist, otherwise the set will replace them. is_add - add or remove the set is_add=0, is_multipath=1 and an empty set, results in deleting the route. It is also considerably faster to add multiple paths at once, than one at a time: vat# ip_add_del_route 1.1.1.1/32 count 100000 multipath via 10.10.10.11 100000 routes in .572240 secs, 174751.80 routes/sec vat# ip_add_del_route 1.1.1.1/32 count 100000 multipath via 10.10.10.12 100000 routes in .528383 secs, 189256.54 routes/sec vat# ip_add_del_route 1.1.1.1/32 count 100000 multipath via 10.10.10.13 100000 routes in .757131 secs, 132077.52 routes/sec vat# ip_add_del_route 1.1.1.1/32 count 100000 multipath via 10.10.10.14 100000 routes in .878317 secs, 113854.12 routes/sec vat# ip_route_add_del 1.1.1.1/32 count 100000 multipath via 10.10.10.11 via 10.10.10.12 via 10.10.10.13 via 10.10.10.14 100000 routes in .900212 secs, 111084.93 routes/sec Change-Id: I416b93f7684745099c1adb0b33edac58c9339c1a Signed-off-by: Neale Ranns <neale.ranns@cisco.com> Signed-off-by: Ole Troan <ot@cisco.com> Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-06-18api: string type to convert to vectorOle Troan1-0/+1
Previous use of strndup() required user to remember to call free(). Now return a vector pointing directly to the API message string. Of course user must remember to copy the string out if lifetime is longer than API message lifetime. Change-Id: Ib5e2b3d52d258e1a42ea9ea9a9e04abbe360e2bf Type: fix Signed-off-by: Ole Troan <ot@cisco.com>
2019-06-18ip: reassembly-separate feature and custom codeKlement Sekera2-62/+65
This change is made fix a crash, because is_feature flag semantics turn out to be different from "custom app code" semantics. Introduce a flag which custom plugins/apps can use to instead of tying that code to is_feature flag. Change-Id: Ief5898711e68529f9306cfac54c4dc9b3650f9e3 Ticket: N/A Type: fix Fixes: 21aa8f1022590b8b5caf819b4bbd485de0f1dfe5 Signed-off-by: Klement Sekera <ksekera@cisco.com> Signed-off-by: Ole Troan <ot@cisco.com>
2019-06-17ip: consolidate IPv6 link-local-address functions.Jon Loeliger2-18/+1
Two codes diverged in the packet processor And sorry I could not use them both Long I stood being but one developer And studied one as far as I could To where the code said bitwise OR Then took the other, as just could see, And having perhaps the better bit, Because it followed the RFC And used the cryptic XOR in C, Had run them both a fair bit. And both equally ran that morning With packets dropped and flowing. Oh, I flagged the first for dropping! Yet knowing bug leads to debuging I hoped I'd never be returning. I shall be commiting this with a sigh Somewhere ages and ages hence: Two codes diverged by a bit, and I, I made the packets flow on by, And that has made all the difference. Type: fix Change-Id: If2698726d5501fde76211994f8efc37119345352 Signed-off-by: Jon Loeliger <jdl@netgate.com>
2019-06-11ip: punt coverity fix of CLI inputNeale Ranns1-1/+4
Type: fix Change-Id: Ia73cbe2fba0a364d966daed0b5d5d2ac7499f86d Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-06-07ip: ip4 lookup performance bump with the usual receipeNeale Ranns1-435/+378
2.77e1 v. 2.81e1 Type: performance Change-Id: I896ec77818603f17aaa622073dafc626570326f1 Signed-off-by: Neale Ranns <nranns@cisco.com>