summaryrefslogtreecommitdiffstats
path: root/src/vnet/ip
AgeCommit message (Collapse)AuthorFilesLines
2021-11-04ip: reassembly: avoid reading truncated L4 headersKlement Sekera2-80/+149
Check if L4 headers are truncated and if so, set a flag for (future) consumers instead of reading/writing garbage data. Type: fix Fixes: de34c35fc73226943538149fae9dbc5cfbdc6e75 Change-Id: I0b656ec103a11c356b98a6f36cad98536a78d1dc Signed-off-by: Klement Sekera <ksekera@cisco.com>
2021-11-02ip: fix coverity warningKlement Sekera1-1/+1
Remove unnecessary NULL check of t0, which causes coverity to scream. t0 is always initilised to *something* by doing pool_elt_at_index(). Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I7cf21767c43a24923e490ad40622743c17142fe2
2021-11-02ip: fix build without vector unitDamjan Marion1-0/+13
Change-Id: I102f84d6d72a7f17e62fb8c16a1d4a3234753476 Type: fix Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-10-28ip: improve csum fold on x86_64Damjan Marion1-1/+15
New code seems to be 1.5 clocks faster. old: mov eax,edi shr rdi,0x20 add rdi,rax movzx edx,di shr rdi,0x10 add rdx,rdi movzx eax,dx shr rdx,0x10 add rax,rdx mov rdx,rax shr rdx,0x10 add eax,edx new: mov rax,rdi shr rax,0x20 add eax,edi mov edi,0x10 shrx edi,eax,edi adc ax,di adc ax,0x0 Type: improvement Change-Id: I3c565812c67ff4c3db197a9d4137a6c131b5b66c Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-10-21fib: respect mfib entry flags on create with pathsPaul Atkins2-5/+4
When an mfib entry was created with both paths and entry_flags then the entry flags were being ignored. If there are no paths then the flags were passed into mfib_table_entry_update, but in the case where the entry didn't exist and there were paths and flags, the entry was created within mfib_table_entry_paths_update() which used a default of MFIB_ENTRY_FLAG_NONE. Pass the flags through into the mfib_table_entry_paths_update fn. All existing callers other than the create case will now pass in MFIB_ENTRY_FLAG_NONE. Type: fix Signed-off-by: Paul Atkins <patkins@graphiant.com> Change-Id: I256375ba2fa863a62a88474ce1ea6bf2accdd456
2021-10-21ip: Add ip46-local node for local swif[rx]Nathan Skrzypczak2-34/+108
Type: improvement This adds a new ip[46]-receive node, sibling of ip[46]-local. Its goal is to set vnet_buffer (b)->ip.rx_sw_if_index to the sw_if_index of the local interface. In dependant nodes further down the line (e.g. hoststack) we then set sw_if_idx[rx] to this value. So that we know which local interface did receive the packet. The TCP issue this fixes is that : On accepts, we were setting tc->sw_if_index to the source sw_if_index. We should use the dest sw_if_index, so that packets coming back on this connection have the right source sw_if_index. And also setting it in the tx-ed packet. Change-Id: I569ed673e15c21e71f365c3ad45439b05bd14a9f Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2021-10-21ip6: set local flag on outbound echo replyMatthew Smith1-0/+4
Type: fix When VPP generates an ICMP echo reply in response to an incoming echo request to a local address, set VNET_BUFFER_F_LOCALLY_ORIGINATED on the buffer. It will prevent ip6-rewrite from decrementing the hop limit. Outbound IPv4 echo replies also get this flag set. Change-Id: Iaa229294eb158edb58cf1bf1b7a90da281321406 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2021-10-20ip6: fix IPv6 address calculation error using "ip route add" CLIJieqiang Wang1-20/+3
Using VPP CLI "ip route add" to add static IPv6 entries outputs wrong results. Fix this error by correctly calculating IPv6 addresses with different increased ranges and grouping ip4/ip6 prefix calculation functionality into two functions. Type: fix Signed-off-by: Jieqiang Wang <jieqiang.wang@arm.com> Reviewed-by: Lijian Zhang <lijian.zhang@arm.com> Reviewed-by: Tianyu Li <tianyu.li@arm.com> Change-Id: If954876301ca2095f9331799a086f75db936f246
2021-10-18interface: add api test fileFilip Tehlar1-15/+8
Type: improvement Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: Ib07029204ecf12bf2adb5a39afa54bc98fb81f34
2021-10-12fib: fix the drop counter for ipv6 RPF failuresNeale Ranns1-0/+6
Type: fix the only change to the mfib forwarding node is to set the error code, the rest is checkstyle formatting. The traces previously showed some bogus reason: 00:04:27:325550: ip6-mfib-forward-rpf entry 10 itf -1 flags 00:04:27:325551: ip6-drop fib:0 adj:10 flow:0 UDP: fe80::b203:eaff:fe02:604 -> ff02::1:2 tos 0x00, flow label 0x651ed, hop limit 1, payload length 64 UDP: 546 -> 547 length 64, checksum 0xec9a 00:04:27:325551: error-drop rx:GigabitEthernet6/0/0 00:04:27:325553: drop ip6-input: drops due to concurrent reassemblies limit Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I294684c36edc346b4ebdd83ba66888b3b2197704
2021-10-11ip: fix fib and mfib locksNathan Skrzypczak3-17/+10
This patches fixes an issue that could cause fib locks to underflow: if an API user deletes a fib and quickly recreates it, the fib may not have been actually deleted. As a result, the lock would not be incremented on the create call leading to the fib potentially disappearing afterwards - or to the lock to underflow when the fib is deleted again. In order to keep the existing API semantics, we use the locks with API and CLI source as flags. This means we need to use a different counter for the interface-related locks. This also prevents an issue where an interface being bound to a vrf via API and released via CLI could mess up the lock counter. Finally, this will help with cleaning up the interface-related locks on interface deletion in a later patch. Type: fix Change-Id: I93030a7660646d6dd179ddf27fe4e708aa11b90e Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com> Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
2021-10-07ip: fix path MTU node errors definitionBenoît Ganne3-3/+7
The path mtu node uses errors defined by ip fragmentation. Type: fix Change-Id: I1f173955919a4f555ab0309cd8201ec342a0ae92 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2021-10-06ip: check if interface has link-local address (addition)Artem Glazychev1-1/+6
previous - b31fbc47f5fcf8234c757558d7b0285348774086 Type: fix Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> Change-Id: I7ea2d693d3ad5bf41ece066b3511fbfa156c1e4b
2021-10-06docs: vnet comment nitfixesNathan Skrzypczak1-3/+4
Type: improvement Change-Id: Iac01d7830b53819ace8f199554be10ab89ecdb97 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2021-10-06ip: add classifier-based ACLs support on ip puntBenoît Ganne1-234/+184
This feature allows one to add classifier-based ACLs on packets punted from the ip infra, eg. to only whitelist specific sender(s). Type: feature Change-Id: Idab37b188583efbca980038875fc3e540cb2e880 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2021-10-04ip: fix punt for ipv6Benoît Ganne1-4/+9
Type: fix Change-Id: I583c30e9b63c0b0b6cd5fef0b2cb9ed7ec9856e2 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2021-10-01devices: add support for pseudo header checksumMohsin Kazmi1-0/+54
Type: improvement Linux uses pseudo header checksum when checksum of l4 is offloaded. This patch adds similar support in virtual interfaces. Change-Id: I6a94d1104e59356f95057e7c122e3be9cd8659a3 Signed-off-by: Aloys Augustin <aloaugus@cisco.com> Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2021-09-27misc: api move continuedFlorin Coras1-0/+1
Move control ping and change dependencies from vpe.api_types to memclnt.api_types Type: refactor Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I9f8bc442e28738c48d64d1f6794082c8c4f5725b
2021-09-27ip: fix ip table allocation randomnessAloys Augustin1-1/+1
This prevents going through the same sequence every time the api is called. Type: fix Change-Id: I3ca3587ab5d1c060e2913ca88501b8dbcdd9c196 Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
2021-09-27misc: move part of vpe apis to vlibmemoryFlorin Coras1-2/+0
VPE apis are actually vlib apis. This moves those that are not tightly coupled with vapi to vlib_api Type: refactor Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I456a64ce49a0cdeff4a0931c6ea513cb639f683e Signed-off-by: Ole Troan <ot@cisco.com>
2021-09-24ip: set error number on failed intf addrMatthew Smith2-2/+8
Type: fix A subinterface that does not have exact match enabled cannot have an IP address configured on it. When this is validated in the functions which add an interface IP address for IPv4 and IPv6, a clib_error_t * is returned but api_errno is not set. The API handler uses the value of vnet_main.api_errno to set the return value in it's reply. Since it was not set, the API reports the operation succeeded. Set vnet_main.api_errno if vnet_sw_interface_supports_addressing() returns a non-null value when adding/deleting an interface IP address. Change-Id: I257a30d21788986102a2a719235e714ff16a24e8 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2021-09-22ip: add ip_table_allocate to apiAloys Augustin5-15/+111
Set tableID = ~0 for auto selection unused ID https://jira.fd.io/browse/VPP-1993 Type: improvement Change-Id: I4eec2cc1d18fc025196cb6ac4c9a4b374388eb56 Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
2021-09-16vxlan: improve to use the hardware offloadMohsin Kazmi1-1/+2
Type: improvement Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: Ic0fa4f83048a280a7d1b04198c0f903798562d2d
2021-09-13interface: fix init fib_index_by_sw_if_indexNathan Skrzypczak2-17/+18
Type: fix The init of fib_index_by_sw_if_index wasn't setting default value to 0. Which we now need for setting interfaces unnumbered Change-Id: Ie5be9b5e5373ef055557a871ad4d1c45fbfc1dee Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2021-09-13ip: show ip table CLINathan Skrzypczak1-0/+77
Type: feature Thought this might be useful when using many VRF to get the list of allocated VRFs and corresponding names Change-Id: If9d2c6612d4215e7576315d66d1eb130fcecfa13 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2021-08-17ip: reassembly cleanupKlement Sekera4-246/+139
Remove unused parameters and fix warnings. Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I2d0e7b84b56817999283ecb6be606159dcb26a28
2021-08-14ip: Fix crash in ip address add on sub-int without exact-matchPim van Pelt2-12/+6
Type: fix Creating a sub-int without exact-match set, and subsequently adding an IPv4 or IPv6 address will crash VPP. This fix catches this situation and refuses to allow the caller to add an IPv4 or IPv6 address on an ethernet sub-int that does not have exact-match set. TESTED: Before this change, the following crashes VPP: ``` DBGvpp# cre sub TenGigabitEthernet3/0/0 1 dot1q 10 TenGigabitEthernet3/0/0.1 DBGvpp# set interface ip address TenGigabitEthernet3/0/0.1 2001:db8::1/64 <crash> ``` After the change, VPP refuses to act: ``` DBGvpp# cre sub TenGigabitEthernet3/0/0 1 dot1q 10 TenGigabitEthernet3/0/0.1 DBGvpp# set interface ip address TenGigabitEthernet3/0/0.1 192.0.2.1/30 set interface ip address: sub-interface without exact-match doesn't support IP addressing DBGvpp# set interface ip address TenGigabitEthernet3/0/0.1 2001:db8:1/64 set interface ip address: sub-interface without exact-match doesn't support IP addressing ``` Signed-off-by: Pim van Pelt <pim@ipng.nl> Change-Id: I42997db314225cd186ebb54013b5717ace7f7bd6
2021-08-13ip: punt redirect add nh in apiNathan Skrzypczak9-100/+243
Type: feature Change-Id: Ia970f444ba2f38b7a42ea94942c906f1b541511b Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2021-08-13ip: source address selectionOle Troan4-34/+259
Implement a simple source address selection algorithm for IPv4 and IPv6. IPv6 does not yet implement RFC6724 but supports link-locals. ping now chooses correct source address for link-local destination. Added ping support for link-local multicast (e.g. allnodes). Type: feature Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: I1a3382c1f7d4ace0386c2c19e4e47b045b73a3ed Signed-off-by: Ole Troan <ot@cisco.com>
2021-08-11fib: A 16-8-8 and a 8-8-8-8 versions of an ip4_fib_tNeale Ranns2-18/+11
Type: feature The difference being the MTRIE type they contain. THE FIB continues to use the 16-8-8 version. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I5a54d4e6e6cc639f18a3fb65ef2925507a7ef1de
2021-08-11ip: [re]introduce the 8-8-8-8 stride MTRIENeale Ranns2-50/+215
Type: improvement there's a time-space trade-off between the 16-8-8 and 8-8-8-8 stride. FIB continues to use the 16-8-8. Other features are now free to make the choice. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I6691a163486ce62e75e629f6ef0c990f253df8e5
2021-08-11ip: Rename the ip4 mtrie function to be 16_8_8 specificNeale Ranns2-174/+158
Type: improvement the existing mtrie functions use the existing 16_8_8 mtrie. Rename them to make that explicit. Then we can add the 8_8_8_8 types and functions alongside. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: If5ce7a282d5d3742dc65bcd0523220235d9c510d
2021-08-10ip: Use the IP4 lookup functionsNeale Ranns2-76/+15
Type: refactor as opposed to wrtiing out the mtrie steps one by one each time. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I1248861350f9189f9a67ac6e68940813af279e03
2021-08-10ip: Remove the 'test lookup' CLI commandNeale Ranns1-97/+0
Type: fix There's no such thing as a conflict between the FIB and adj tables. This is code that should have been removed way back in 16.04. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I4524e7921b03b89106dd1f35aa1171d0945367cf
2021-08-05ip: fix ip punt redirect cliBenoît Ganne2-13/+12
- restore fib paths support for ip4 - initialize payload_proto to the relevant default protocol so that 'via <dev>' paths are supported - fix 'rx all' - fix temp path vector mem leak Type: fix Change-Id: I564d88dc4dce86884ff6791af69974e6d70ff7ca Signed-off-by: Benoît Ganne <bganne@cisco.com>
2021-07-29ip: add api test fileFilip Tehlar1-0/+1527
Type: improvement Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: I49c4183a443b7b39924328900e6a6ac2e09be426
2021-07-15misc: replace CLIB_PREFETCH with clib_prefetch_{load,store}Damjan Marion6-19/+19
Type: refactor Change-Id: Id10cbf52e8f2dd809080a228d8fa282308be84ac Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-07-14ip: fix check_adj_port_range_x1Damjan Marion1-2/+2
Type: fix Change-Id: I776bf797e07bb3cfd0510a4c09d8182edfa193bd Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-07-14ip: improve check_adj_port_range_x1Damjan Marion1-35/+5
Type: improvement Change-Id: I8337f81fdcd196fcb0e61f8129fec322e9a1e8f1 Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-07-13misc: remove vnet_all_api_h and vnet_msg_enumFilip Tehlar1-14/+0
These file are no longer needed Type: improvement Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: I34f8e0b7e17d9e8c06dcd6c5ffe51aa273cdec07
2021-07-13misc: fix init order to avoid startup warningsBin Zhou (bzhou2)1-16/+6
Put plugin init order inside plugin instead of in vnet Type: improvement Signed-off-by: Bin Zhou (bzhou2) <bzhou2@cisco.com> Change-Id: Icbacdb3f1cb4ac9d74e3f78458e8bc333793b4d6
2021-07-01ip: api cleanupFilip Tehlar2-97/+21
Use autogenerated code. Does not change API definitions. Type: improvement Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: I4b6d881571c158b7a69a78b9680732d090c4f8b5
2021-06-22misc: punt: api cleanupFilip Tehlar2-48/+9
Use autogenerated code. Does not change API definitions. Type: improvement Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: I13dae61ddb7150c7fe9a7fd0eae73055ff3f2816
2021-06-07pg: Reduce the inclusion of pg.hNeale Ranns4-0/+4
Type: style reduce the number of files recompiled after changing pg.h from 1110 to 102. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I50611eba818eeb3a2dffd437a3c72c77766bed80
2021-05-27ip: allow the 'ip6 enable' on tunnel interface typesNeale Ranns1-27/+19
Type: feature This was limited to HW interface types (for historical reason AFAICT) Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I3785a356ae31722fa60d84f64ec9aa53ebdd615f
2021-05-14vlib: pass node runtime to vlib_buffer_enqueue_to_thread()Damjan Marion4-12/+8
Mechanical change for patch following this one... Type: improvement Change-Id: Iee12f3a8851f35569e6c039494a94fc36e83d20f Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-05-11ip: ensure ttl doesn't decrease to 0 when puntingAloys Augustin1-0/+2
Change-Id: I248ef12fd34ea2a1c383fbcc530a8ffeb31ba92b Type: fix Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
2021-05-06vlib: fix the offload flags sizeMohsin Kazmi1-2/+2
Type: fix Change-Id: I433fe3799975fe3ba00fa30226f6e8dae34e88fc Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2021-05-05vlib: move offload flags to 1st cacheline in vlib_buffer_tMohsin Kazmi2-5/+5
Type: improvement Some tests i.e. ipsec see performance regression when offload flags are moved to 2nd cacheline. This patch moves them back to 1st cacheline. Change-Id: I6ead45ff6d2c467b0d248f409e27c2ba31758741 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2021-05-01vlib: refactor trajectory trace debug featureBenoît Ganne2-3/+0
trajectory trace has been broken for a while because we used to save the buffer trajectory in a vector pointed to in opaque2. This does not work well when opaque2 is copied (eg. because of a clone) as 2 buffers end up sharing the same vector. This dedicates a full cacheline in the buffer metadata instead when trajectory is compiled in. No dynamic allocation, no sharing, no tears. Type: refactor Change-Id: I6a028ca1b48d38f393a36979e5e452c2dd48ad3f Signed-off-by: Benoît Ganne <bganne@cisco.com>