summaryrefslogtreecommitdiffstats
path: root/src/vnet/ip
AgeCommit message (Collapse)AuthorFilesLines
2017-10-13VPP-1027: DNS name resolverDave Barach1-0/+3
This patch is a plausible first-cut, suitable for initial testing by vcl (host stack client library). Main features; - recursive name resolution - multiple ip4/ip6 name servers - cache size limit enforcement - currently limited to 65K - ttl / aging - static mapping support - show / clear / debug CLI commands Binary APIs provided for the following: - add/delete name servers - enable/disable the name cache - resolve a name To Do list: - Respond to ip4/ip6 client DNS requests (vs. binary API requests) - Perf / scale tuning - map pending transaction ids to pool indices, so the cache can (greatly) exceed 65K entries - Security improvements - Use unpredictable dns transaction IDs, related to previous item - Make sure that response-packet src ip addresses match the server - Add binary APIs - deliver raw response data to clients - control recursive name resolution - Documentation Change-Id: I48c373d5c05d7108ccd814d4055caf8c75ca10b7 Signed-off-by: Dave Barach <dave@barachs.net>
2017-10-10session: add support for application namespacingFlorin Coras4-0/+162
Applications are now provided the option to select the namespace they are to be attached to and the scope of their attachement. Application namespaces are meant to: 1) constrain the scope of communication through the network by association with source interfaces and/or fib tables that provide the source ips to be used and limit the scope of routing 2) provide a namespace local scope to session layer communication, as opposed to the global scope provided by 1). That is, sessions can be established without assistance from transport and network layers. Albeit, zero/local-host ip addresses must still be provided in session establishment messages due to existing application idiosyncrasies. This mode of communication uses shared-memory fifos (cut-through sessions) exclusively. If applications request no namespace, they are assigned to the default one, which at its turn uses the default fib. Applications can request access to both local and global scopes for a namespace. If no scope is specified, session layer defaults to the global one. When a sw_if_index is provided for a namespace, zero-ip (INADDR_ANY) binds are converted to binds to the requested interface. Change-Id: Ia0f660bbf7eec7f89673f75b4821fc7c3d58e3d1 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-10-10punt and drop features:Neale Ranns11-147/+1501
- new IPv4 and IPv6 feature arcs on the punt and drop nodes - new features: - redirect punted traffic to an interface and nexthop - police punted traffic. Change-Id: I53be8bf4e06545add8a3619e462de5ffedd0a95c Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-10-09IP neighbour move incorrectly placed jump labelNeale Ranns1-2/+2
Change-Id: I19fdf13a4848306ee3841d822b832cba96c5bce5 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-10-09vppapigen: support per-file (major,minor,patch) version stampsDave Barach1-0/+2
Add one of these statements to foo.api: vl_api_version 1.2.3 to generate a version tuple stanza in foo.api.h: /****** Version tuple *****/ vl_api_version_tuple(foo, 1, 2, 3) Change-Id: Ic514439e4677999daa8463a94f948f76b132ff15 Signed-off-by: Dave Barach <dave@barachs.net> Signed-off-by: Ole Troan <ot@cisco.com>
2017-10-09NAT: hairpinning rework (VPP-1003)Matus Fabian1-1/+9
Change-Id: I7c6911cd6ac366fe62675fd0ff8b0246a25ea1db Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-10-05Distributed Virtual Router SupportNeale Ranns2-0/+6
A distributed virtual router works by attmpeting to switch a packet, but on failing to find a local consumer (i.e. the packet is destined to a locally attached host) then the packet is sent unmodified 'upstream' to where the rest of the 'distributed' router is present. When L3 switching a packet this means the L2 header must not be modifed. This patch adds a 'l2-bridge' object to the L3 FIB which re-injects packets from the L3 path back into the L2 path - use with extreme caution. Change-Id: I069724eb45956647d7980cbe40a80a788ee6ee82 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-10-04[aarch64] Fixes CLI crashes on dpaa2 platform.Christophe Fontaine5-9/+9
- always use 'va_args' as pointer in all format_* functions - u32 for all 'indent' params as it's declaration was inconsistent Change-Id: Ic5799309a6b104c9b50fec309cba789c8da99e79 Signed-off-by: Christophe Fontaine <christophe.fontaine@enea.com>
2017-10-03Repair vlib API socket serverDave Barach3-9/+26
- Teach vpp_api_test to send/receive API messages over sockets - Add memfd-based shared memory - Add api messages to create memfd-based shared memory segments - vpp_api_test supports both socket and shared memory segment connections - vpp_api_test pivot from socket to shared memory API messaging - add socket client support to libvlibclient.so - dead client reaper sends ping messages, container-friendly - dead client reaper falls back to kill (<pid>, 0) live checking if e.g. a python app goes silent for tens of seconds - handle ping messages in python client support code - teach show api ring about pairwise shared-memory segments - fix ip probing of already resolved destinations (VPP-998) We'll need this work to implement proper host-stack client isolation Change-Id: Ic23b65f75c854d0393d9a2e9d6b122a9551be769 Signed-off-by: Dave Barach <dave@barachs.net> Signed-off-by: Dave Wallace <dwallacelf@gmail.com> Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-10-03Propagate duplicate IF addr add/del error up to API.Jon Loeliger1-1/+11
Identify and complain when the same IP prefix is assigned to two different SW interfaces: vpp# set int ip address TenGigabitEthernet6/0/0 1.2.3.4/32 vpp# set int ip address TenGigabitEthernet6/0/1 1.2.3.4/32 set interface ip address: Prefix 1.2.3.4/32 already found on interface TenGigabitEthernet6/0/0 Change-Id: I1aee1b6a7ddd00d3109a53d8e1b6ce97bf45e372 Signed-off-by: Jon Loeliger <jdl@netgate.com>
2017-09-26Add thread-safe event signaller, use RPC where requiredDave Barach1-2/+2
Update ping code to use the new function Change-Id: Ieb753b23f8402cbe5667c22747896784c8ece937 Signed-off-by: Florin Coras <fcoras@cisco.com> Signed-off-by: Dave Barach <dave@barachs.net>
2017-09-22IP-MAC,ND:wildcard events,fix sending multiple eventsEyal Bari2-20/+61
wildcard ND events publisher was sending the last event mutiple times Change-Id: I6c30f2de03fa825e79df9005a3cfaaf68ff7ea2f Signed-off-by: Eyal Bari <ebari@cisco.com>
2017-09-20tcp: add option to punt trafficPierre Pfister1-24/+42
Until now, if the stack didn't find a connection for a packet, it sent back a reset. With the punt option enabled, packets are now enqueued to error-punt where they can be handed off to the host os. Change-Id: I12dea8694b8bd24c92b0d601412928aa7b8046cb Signed-off-by: Florin Coras <fcoras@cisco.com> Signed-off-by: Pierre Pfister <ppfister@cisco.com>
2017-09-20Add ip6-local feature arcPierre Pfister3-7/+99
ip4-local feature arc existed but not ip6-local one. This patch also adds node name to the 'show ip local' command and fixes a minor include issue in vnet/ip/ip4.h file. Change-Id: I9bb8a7159917d58f89afcce974680de20d946a70 Signed-off-by: Pierre Pfister <ppfister@cisco.com>
2017-09-19Treat label=0 as an invalid next-hop-via-labelNeale Ranns1-1/+7
Change-Id: I831226111d26f5c8a795e0773e23fddcddfb1613 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-09-15dpdk: cli to check for buffer leakageFlorin Coras1-0/+1
Use buffer pre_data and existing buffer trace trajectory code to find out dpdk buffer leakages. Change-Id: I26a5d8bd2f23d01cb6070ffc3ddcc6d3d863b575 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-09-13Add a name to the creation of an IP and MPLS tableNeale Ranns4-20/+32
Change-Id: I4b4648831551519b2ffb6f93255d28a4b8726c22 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-09-11replace uint32_t with u32Neale Ranns3-7/+7
Change-Id: I6cab79c266837a8731adcf78c9e093dfa6be0ead Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-09-11arp/glean: fix hash computationFlorin Coras1-1/+2
Change-Id: Ifef8a9328bb865f6ddb041bafe3699153f89755a Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-09-11FIB table add/delete APINeale Ranns9-250/+453
part 2; - this adds the code to create an IP and MPLS table via the API. - but the enforcement that the table must be created before it is used is still missing, this is so that CSIT can pass. Change-Id: Id124d884ade6cb7da947225200e3bb193454c555 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-09-09move unix_file_* code to vppinfraDamjan Marion2-5/+5
This will allow us to use this code in client libraries without vlib. Change-Id: I8557b752496841ba588aa36b6082cbe2cd1867fe Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-09-08PUNT: Missing include for readv()Marco Varlese1-0/+1
The missing header include was generating a compile-time error; src/vnet/ip/punt.c:460:10: error: implicit declaration of function 'readv' Change-Id: I3f74294e7824ea3602b8d416c86fdada1aac1906 Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2017-09-05PUNT socket: External control plane processes connected via UNIX domain sockets.Ole Troan3-11/+555
An external (to VPP) process can register (over the VPP binary API) to receive control plane packets over a UNIX domain socket. The packets are prepended with a packet descriptor containing meta-data (if_index of interface, etc). Currently only UDP is supported. The socket supports sending of packets/frames as well. The sent packet is prepended with a descriptor, telling VPP to route the packet (via ip4-lookup, ip6-lookup) or as an pre-formed Ethernet frame that is sent directly to interface-output. The intended use case for this is for an external DHCP client or a RIP implementation. New configuration option: punt { socket <socket path> } To register use the punt_socket API message. TODO: - Add support for pre-routing. I.e send L3 packet to given TX interface, but do ARP/ND (ip[46]-rewrite) - Add test scripts - Support for abstract names (starting with \0) - Add rate limiting (COP) - Support for other protocols, e.g. IPv6 ND Change-Id: I4a0afc8020deebb3d9d74686dde694ee5bcb8d0f Signed-off-by: Ole Troan <ot@cisco.com>
2017-08-31Fix vent_data memory leak in function run_ping_ip46_address (VPP-966)dongjuan1-0/+1
Change-Id: I05d0c8310aa86480a3d283f45e115284c4b4ebd5 Signed-off-by: dongjuan <dong.juan1@zte.com.cn>
2017-08-22ping: remove unnecesary x86 intrinsics #includeDamjan Marion1-1/+0
This include file is present only on x86 so it breaks non-x86 builds. Change-Id: I6406b0b36f207b684535961545e95dbba707d267 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-08-19Fixed ip add bug for ip6 with review commentspragash1-4/+4
Change-Id: Ie1fba1a32020775444c7b1ed800e8559b54691ff Signed-off-by: pragash <pxv3620@rit.edu>
2017-08-16ip4: cleanup ip localFlorin Coras1-153/+85
Change-Id: I4f751b0181f25ec6c4abd3a9c7b0386d80743b3a Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-08-16tcp: fix v6 sessionsroot1-54/+64
Change-Id: Ia6dd5e948b17b2f3866fe70838eabb09e35415e1 Signed-off-by: Dave Barach <dbarach@cisco.com> Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-08-16NAT64: Fallback to 3-tuple key for non TCP/UDP sessions (VPP-884)Matus Fabian2-0/+123
Change-Id: I4cafc8291725feb499355092bd429433e649b5b2 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-08-15IPv6 local-address for P2P ethernet interfacesPavel Kotucek1-1/+2
Change-Id: I87d3cb5754843f38593e92f60a39af2e5241d1cf Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
2017-08-14FIB table add/delete API onlyNeale Ranns2-0/+28
commit only the addition of the .api definition and their invocation through VAT so CSIT can use it Change-Id: Id510f14b1ce007fe5e92120507ea34100652fc64 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-08-11Fix tcp multi buffer segments retransmissionFlorin Coras1-5/+7
- Fix tcp/udp sw checksum computation - Fix allocation of multi buffer tcp segments for retransmits - Send FIN only if/when tx fifo is empty Change-Id: I2e43a14b87a72c9e547b4339b9a51811cf5732c4 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-08-09Allow multiple MPLS output labels to be passed on the CLINeale Ranns1-3/+10
Change-Id: Ib5af105e32b6b0df86923e189ab6bf6ee59de5b9 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-08-08L2 over MPLSNeale Ranns5-35/+41
[support for VPWS/VPLS] - switch to using dpo_proto_t rather than fib_protocol_t in fib_paths so that we can describe L2 paths - VLIB nodes to handle pop/push of MPLS labels to L2 Change-Id: Id050d06a11fd2c9c1c81ce5a0654e6c5ae6afa6e Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-08-02Fix vpp crash sending arp or probing neighb (VPP-917)Pavel Kotucek2-0/+29
VPP crash when trying to send arp message or to probe neighbor over interface with IP address but without hw address (local0 and tunnels - vxlan, gre, ...) Change-Id: I08a1c97d3ea913fc11b2886cf73b2ccc31356664 Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
2017-08-02Fix ip checksum offload, move badly-placed ASSERTDave Barach1-0/+2
Change-Id: I5e04d618c4b4987edc64f6d82fd0a81b8362dbb0 Signed-off-by: Dave Barach <dbarach@cisco.com>
2017-08-02Fix tcp tx buffer allocationFlorin Coras1-2/+0
- Make tcp output buffer allocation macro an inline function - Use per ip version per thread tx frames for retransmits and timer events - Fix / parameterize tcp data structure preallocation - Add a couple of gdb-callable show commands - Fix local endpoint cleanup Change-Id: I67b47b7570aa14cb4634b6fd93c57cd2eacbfa29 Signed-off-by: Florin Coras <fcoras@cisco.com> Signed-off-by: Dave Barach <dave@barachs.net>
2017-08-02Make ip csum configurable in vlib buffer functionsFlorin Coras2-2/+4
Also fixes csum computation for lisp control plane 4o6 encapsulated control messages. Change-Id: I991e0b5c0d16dc51e0b5bdc79e1d752270b34765 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-08-01FIB path weight incorrect in dump (VPP-922)Neale Ranns1-3/+5
Change-Id: I655f41878ca3595681d0255782b0faba01c9824b Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-07-27ping: fixing wrong value when there are worker threadsMohammed Hawari2-9/+21
- the echo_reply_node is now notifying the cli process on the main thread/vlib_main - the timestamp for the icmp reply is now acquired in the echo_reply_node and not in the cli process to avoid an off by 10ms error (see 【vpp-dev】delay is error in ping with multi worker thread) Change-Id: I21d37002b0376b4f2ccab08d8f04c2f2944b9b39 Signed-off-by: Mohammed Hawari <mhawari@cisco.com>
2017-07-20Fix coverity issue introduced with IP checksum offload commitDamjan Marion1-3/+3
Change-Id: Ib5ad1369678389534426902ce698bccf7a6d9ec2 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-07-19Fix IP checksum offload metadata setupDave Barach1-2/+12
Change-Id: Idf4f8b02337551670d6b7ce1a03799de9c53d19a Signed-off-by: Dave Barach <dave@barachs.net>
2017-07-18FIB path preferenceNeale Ranns3-22/+20
Paths are given a preference, lowest value is 'best'. Only paths that are up are up contribute to fprwarding - that's unchanged. What's new is that of the path's that re up only those that have the best preference contribute. A poor man's primary and backup. It's not true primary/backup function because the FIB must converge before the lower preference paths are used. Change-Id: Ie4453c4a7b1094c6c2b51fe1594b8302103bb68e Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-07-18TCP/UDP checksum offload APIDave Barach2-4/+9
Change-Id: I2cb6ce4e29813f6602b14e6e61713fb381fbcef8 Signed-off-by: Dave Barach <dave@barachs.net>
2017-07-14vnet_buffer_t flags cleanupDamjan Marion4-43/+49
Change-Id: I123eccea98abafeb31f25d2a162501e2eded60d4 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-07-14Introduce l{2,3,4}_hdr_offset fields in the buffer metadataDamjan Marion3-17/+14
To save space in the first cacheline following is changed: - total_length_not_including_first_buffer moved to the 2nd cacheline. This field is used only when VLIB_BUFFER_TOTAL_LENGTH_VALID and VLIB_BUFFER_NEXT_PRESENT are both set. - free_list_index is now stored in 4bits inside flags, which allows up to 16 free lists. In case we need more we can store index in the 2nd cachelin Change-Id: Ic8521350819391af470d31d3fa1013e67ecb7681 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-07-06Send GARP/NA on bonded intf slave up/down if in active-backup modeJohn Lo2-0/+55
If a bonded interface is in active-backup mode and configured with IPv4 and/or IPv6 addresses, on slave interface link up/down, send a GARP packet if configured with an IPv4 address and an unsolcited NA if configured with an IPv6 address. These packets can help with faster route convergence in the next hop router/switch. Change-Id: I68ccb11a4a40cda414704fa08ee0171c952befa2 Signed-off-by: John Lo <loj@cisco.com>
2017-06-23IP4/IP6 FIB: fix crash during interface deletePavel Kotucek4-1/+42
after deleting a sub interface with IP4/IP6 address vpp crash Change-Id: Ie768ca845b9e2394f61e2a8e9722a80a788746e7 Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
2017-06-19NAT64: Hairpinning (VPP-699)Matus Fabian2-28/+49
Change-Id: I83a6c277fa211ac2c2ca2d603650c992886af0a7 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-06-12NAT64: bug fixMatus Fabian1-5/+9
ICMP to ICMPv6 error message inner UDP packet translation delete ST entries when deleting static BIB entry Change-Id: I2a28631ac040e20827a692331506cd8254f70916 Signed-off-by: Matus Fabian <matfabia@cisco.com>