aboutsummaryrefslogtreecommitdiffstats
path: root/src/vnet/ipfix-export
AgeCommit message (Collapse)AuthorFilesLines
2022-06-02ipfix-export: Fix frame leak in flow_report_process_send()Jon Loeliger1-1/+9
The flow_report_process_send() function always allocates a frame. However, when no template_send is needed, template_bi is ~0. When this happens, no vectors are placed in the frame. When the frame is then "put", a check for n_vectors == 0 prevents the frame from actually being placed back on the free list. Fix that by using a direct call to vlib_frame_free() when there are no frame vctors. Type: fix Signed-off-by: Jon Loeliger <jdl@netgate.com> Change-Id: I936b5cea4cb3c358247c3d2e1a77d034a322ea76
2022-03-04ipfix-export: fix the warning message for uninitialized variableMohsin Kazmi1-2/+2
Type: fix Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I2b8b6a3b5a6df71e84ce2f15ef7117f390121c2f
2022-02-16ipfix-export: pass ipv4 addr to format fn for showPaul Atkins1-3/+4
When the ipfix address was changed to be an ip_address instead of an ip4_address the output when creating an exporter via the cli should have been modified to take the address of the v4 part of the addr. Type: fix Signed-off-by: Paul Atkins <patkins@graphiant.com> Change-Id: I141456cd9092c861a4c4aefba4035dbde23efcd6
2021-11-29ipfix-export: don't check the result of pool_getPaul Atkins1-2/+0
The code to check the exp is set after the call to pool_get() is marked as unreachable in coverity. This is becasue if it fails in pool_get then the it panics. Remove the unreachable code. Type: fix Signed-off-by: Paul Atkins <patkins@graphiant.com> Change-Id: Iabb51b6b6788b6c12ef37c28dde2118c798de831
2021-11-22ipfix-export: support sending of ipv6 pktsPaul Atkins1-62/+176
The current code that sends ipfix packets assumes IPv4. Modify this so that it generates and sends packets based on whether the destination address is IPv4 or IPv6. Where code is common across multiple places pull it out into helper functions. Type: improvement Signed-off-by: Paul Atkins <patkins@graphiant.com> Change-Id: I216c6c4c1b58cacedca22019f74a38c64a368b7e
2021-11-22ipfix-export: Change exp to use ip_addressPaul Atkins4-62/+80
Modify the ipfix_exporter to use ip_address instead of the ipv4 specific version. Modify the current code so that it writes into the v4 specific part of the address, i.e. we are not yet fully supporting IPv6. For the exporter configured via the original API (the one that is always in slot0) we will not support IPv6 addresses. Type: improvement Signed-off-by: Paul Atkins <patkins@graphiant.com> Change-Id: Ic9854ac62aaee76a7a55a958234c456fd9828c4c
2021-11-22ipfix-export: rename variables when building bufsPaul Atkins1-40/+40
Rename the local variables used when building ipfix export packets to make it clear that they are v4 specific variables. Type: improvement Signed-off-by: Paul Atkins <patkins@graphiant.com> Change-Id: I3a5a623aeb0b6f2b7fcdafb3fc19c500934c529b
2021-11-22ipfix-export: refactor params to the callback fnsPaul Atkins4-15/+7
When a new flow-report is created the caller provides 2 callback functions. These functions both take a pointer to the exporter, plus a pointer to the source and dest address. However the pointers to the address are not adding any value as these are always set to the src/dest addresses of the exporter (which is already being passed). Remove these parameters and leave the callback functions to get the addresses out of the exporter. Type: improvement Signed-off-by: Paul Atkins <patkins@graphiant.com> Change-Id: I36dec394f30e85cdca120dd8706b5d90f5e07c48
2021-11-22ipfix-export: Add APIs to get/send buffersPaul Atkins3-0/+234
The ipfix exporter should be doing most of the work of building packets and sending them rather than leaving every client of the exporter to do all the work themselves. Start to move towards that by adding APIs to get and send buffers. Store the state of this in new per thread data on the report so that we can send with minimal use of atomics. We do need an atomic for the sequence number in the packet though as that contains the number of data_records sent for the 'stream', not just for a single core. As the state is stored on the flow_report_t the caller needs to know which report they are using, so add a field to the args struct used to create the report that is used to pass back the report index on success. Type: improvement Signed-off-by: Paul Atkins <patkins@graphiant.com> Change-Id: I222b98a3f0326b3b71b11e0866a8c9736bed6dc1
2021-11-22ipfix-export: add a new API to dump all exportersPaul Atkins2-1/+86
Add a new API to dump all the exporters. As the destination struct type is not the same as for the existing dump/details API no attempt is made to use the existing code to populate the structure. Type: improvement Signed-off-by: Paul Atkins <patkins@graphiant.com> Change-Id: I409f80285b107a530e0e4f3c6a047a803815a0ec
2021-11-22ipfix-export: support creating multiple exportersPaul Atkins4-45/+169
The existing api set_ipfix_exporter only allows for the creation of a single exporter. In some cases it is desirable to export data to multiple different destinations. Allow users to create multiple ipfix exporters to support this. Add a new api that allows for the creation of multiple exporters, and store them in a pool of exporters. The exporter created by the old API will always be in index 0 of the pool. Exporters created by the new API will be given the next available index in the pool, and will return this index to the API caller so that they can track the exporter they created. The collector_address is the key for the exporter, so changes can be made by doing a further call to the API with the same collector_address. Type: improvement Signed-off-by: Paul Atkins <patkins@graphiant.com> Change-Id: Id71c98cffcf8d141d890b40fb90a40b90a91d1d6
2021-11-22ipfix-export: refactor ipfix_exporter_t_handler fnPaul Atkins1-34/+34
Split this api handler into 2 parts. The first is the top level handler and the second is the internal helper function that does all the work. This is in preparation for having a similar API that allows multiple exporters to exist at the same time. Type: refactor Signed-off-by: Paul Atkins <patkins@graphiant.com> Change-Id: Ibd4037682742f4c2f52b4cd1346d35fb2029461d
2021-11-22ipfix-export: pass an exp to flow_report_add_delPaul Atkins5-73/+60
Pass an ipfix_exporter to this function so that callers can choose which exporter they are modifying. Type: improvement Signed-off-by: Paul Atkins <patkins@graphiant.com> Change-Id: Ice0ed19a57baf15b1dc85cd27fe01913e36d7f4f
2021-11-22ipfix-export: make stream fns exporter awarePaul Atkins1-18/+11
The functions that work on streams were getting the set of streams directly from flow_report_main. Modify them to take an ipfix_exporter as an argument, and then any processing they do is only for this exporter. Type: refactor Signed-off-by: Paul Atkins <patkins@graphiant.com> Change-Id: I32bd9a6ba32a15ec4d4ec9556a9b75f3d83fcd6e
2021-11-22ipfix-export: refactor fields in flow_report_mainPaul Atkins4-87/+125
Pull out the fields in flow_report_main_t that are specific to a single exporter and move them into a new structure that represents an exporter. Add a pool of exporters to flow_report_main_t and do a pool_get() to get the entry at index 0, so that the existing users of the code need only change the path at which they access the old fields and have no need to make further code changes. In functions that were accessing the fields that now make up the ipfix_exporter create a local var that points to the first (always valid) exporter and use this as the base for the fields rather than finding them from flow_report_main. This is in preparation for supporting multiple flow_exporters. Note that at the moment the code supports multiple 'streams' for a given exporter, where each stream has its own source port, domain id and template space. But all streams within an exporter have the same destination address, so this is not the same as multiple exporters. Type: refactor Signed-off-by: Paul Atkins <patkins@graphiant.com> Change-Id: I49f5c7fb9e901773351d31dc8a59178c37e99301
2021-11-17ipfix-export: remove unused code in flow_report.hPaul Atkins1-2/+0
There are no implementations for this function so remove it. Type: improvement Signed-off-by: Paul Atkins <patkins@graphiant.com> Change-Id: I793b015ea1657edd1de719c2a574799aeb8b74d5
2021-11-17ipfix-export: tidy code style in flow_report.cPaul Atkins1-46/+46
Indent sections of code properly in vec_foreach loops. Type: style Signed-off-by: Paul Atkins <patkins@graphiant.com> Change-Id: I90183ace164df753f3f47b6c4a6305ded21d744d
2021-11-17ipfix-export: set msg id correctly for dump msgPaul Atkins1-1/+2
When sending the reply to the VL_API_IPFIX_EXPORTER_DUMP message the message id has to be added to the message base. Type: fix Signed-off-by: Paul Atkins <patkins@graphiant.com> Change-Id: I9565be7887046739b5f309e021f34ed75c9e370e
2021-10-13docs: convert vpp doc md->rstNathan Skrzypczak2-355/+360
Type: improvement Change-Id: If453321785b04f9c16e8cea36fb1910efaeb2c59 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2021-06-21misc: ipfix api cleanupFilip Tehlar2-56/+10
Use autogenerated code. Does not change API definitions. Type: improvement Change-Id: I864979ce490651bf1f5fed107620e9bc4ca4bf93 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2021-06-07pg: Reduce the inclusion of pg.hNeale Ranns1-1/+0
Type: style reduce the number of files recompiled after changing pg.h from 1110 to 102. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I50611eba818eeb3a2dffd437a3c72c77766bed80
2021-05-05misc: ipfix process node wait time adjustmentMatthew Smith2-3/+15
Type: fix The ipfix process node has a hardcoded 5s sleep between sending packets. The interval between template packets is configurable, but the timing of packets being sent does not match configuration because of the time being hardcoded. E.g. - With template interval set to 3s, a packet will be sent every 5s. With template interval set to 8s, a packet will be sent every 10s. Honor the configuration by reducing the wait time to less than 5s if a template will need to be sent less than 5s from the current time. Change-Id: I8c11f7bc502ce5b20b6e82a7e7a135a8805a2bad Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2021-05-01vlib: refactor trajectory trace debug featureBenoît Ganne2-4/+0
trajectory trace has been broken for a while because we used to save the buffer trajectory in a vector pointed to in opaque2. This does not work well when opaque2 is copied (eg. because of a clone) as 2 buffers end up sharing the same vector. This dedicates a full cacheline in the buffer metadata instead when trajectory is compiled in. No dynamic allocation, no sharing, no tears. Type: refactor Change-Id: I6a028ca1b48d38f393a36979e5e452c2dd48ad3f Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-12-08misc: fix api in ipfix_classify_table_add/detailsAlexander Chernavin2-5/+5
In ipfix_classify_table_add_del and ipfix_classify_table_details the ip_version field has vl_api_address_family_t type. However, there is no encode/decode for the field in the IPFIX API. Moreover, the IPFIX code expects the field to contain raw 4 or 6 to indicate the IP version. With this change, encode/decode the ip_version field in the IPFIX API. Also, stop converting transport_protocol between host and network byte order because it's u8. Type: fix Signed-off-by: Alexander Chernavin <achernavin@netgate.com> Change-Id: I4051756b8077b4367dd779cb555a34f74f6d7a9d
2020-10-21misc: minimize dependencies on udp.hFlorin Coras4-1/+5
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Id13f33843b230a1d169560742c4f7b2dc17d8718
2020-10-01misc: allow disabling of ipfix exporter via apiAlexander Chernavin1-7/+1
Zero collector address indicates that the IPFIX exporter is disabled. You can zero the collector address via vppctl but you can't do it via the API because the handler returns an error if the address is zero. With this change, do not return an error in the handler when the collector address is zero thus allowing the IPFIX exporter be disabled. Type: fix Signed-off-by: Alexander Chernavin <achernavin@netgate.com> Change-Id: I1335c0d06af81f11d743c395399a360c612c0c21
2020-09-01ip: fix ip zero checksum verificationBenoît Ganne2-3/+3
In one's complement, there are two representations of zero: the all zero and the all one bit values, often referred to as +0 and -0. See RFC 1624 section 3 for more details. This used to be taken care of in ip4_header_checksum(), but it is no longer the case. The check ip->checksum == ip4_header_checksum (ip) is no longer correct in the -0 case. Always use ip4_header_checksum_is_valid() instead (which behaves correctly since 9a79a1ab931c3b5a7ae07d6f0fcfef7c4368a2c4). Type: fix Fixes: e5f0050c7a5d411f96af6401797529d58825e2af Change-Id: Iacc6b60645a834287b085aecb9e3fdb4554cf0cf Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-05-29misc: ipfix-export unformat u16 collector_port fixElias Rudberg1-1/+2
Use %U and unformat_udp_port instead of %u for unformat() call for u16 collector_port number in set_ipfix_exporter_command_fn() to avoid corruption of other variables which can happen if unformat() with %u is used with a 16-bit variable. This avoids crash due to corrupted fib_index value. Type: fix Signed-off-by: Elias Rudberg <elias.rudberg@bahnhof.net> Change-Id: Id54273fcc458a7f9c5aa4025aa91711f160c1c1a
2020-05-16misc: fix typo in set-ipfix-exporter CLI short_helpIgnas Bacius1-1/+1
Type: fix Change-Id: Id6687780b9a740323bd2eef58447864e70dc0235 Signed-off-by: Ignas Bacius <ignas@noia.network>
2020-01-14classify: Reduce the include dependencies on vnet_classify.hNeale Ranns1-0/+1
Type: refactor currently vnet_classify.h is included in ip.h where it's not required. Change-Id: Id55682637601655aa2edda681536a979c8e323bd Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-12-10api: multiple connections per processDave Barach1-1/+1
Type: feature Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I2272521d6e69edcd385ef684af6dd4eea5eaa953
2019-10-22ip: ipfix-export API updateJakub Grajciar2-22/+38
Use consistent API types. Type: fix Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com> Change-Id: I5b03e5de111c3a3b8da4e9f02cba0aa99e3ee9f3
2019-07-31vppinfra: refactor test_and_set spinlocks to use clib_spinlock_tjaszha031-3/+2
Spinlock performance improved when implemented with compare_and_exchange instead of test_and_set. All instances of test_and_set locks were refactored to use clib_spinlock_t when possible. Some locks e.g. ssvm synchronize between processes rather than threads, so they cannot directly use clib_spinlock_t. Type: refactor Change-Id: Ia16b5d4cd49209b2b57b8df6c94615c28b11bb60 Signed-off-by: Jason Zhang <jason.zhang2@arm.com> Reviewed-by: Honnappa Nagarahalli <honnappa.nagarahalli@arm.com> Reviewed-by: Lijian Zhang <Lijian.Zhang@arm.com>
2019-06-24api: implement ipfix_flushPaul Vinciguerra2-3/+38
-Migrate tests to api and cleanup: '# FIXME this should be an API call' in tests. Type: feature Change-Id: I715f9f8acc0f2af9c974ea221b2aea46692a6218 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-05-16init / exit function orderingDave Barach1-1/+1
The vlib init function subsystem now supports a mix of procedural and formally-specified ordering constraints. We should eliminate procedural knowledge wherever possible. The following schemes are *roughly* equivalent: static clib_error_t *init_runs_first (vlib_main_t *vm) { clib_error_t *error; ... do some stuff... if ((error = vlib_call_init_function (init_runs_next))) return error; ... } VLIB_INIT_FUNCTION (init_runs_first); and static clib_error_t *init_runs_first (vlib_main_t *vm) { ... do some stuff... } VLIB_INIT_FUNCTION (init_runs_first) = { .runs_before = VLIB_INITS("init_runs_next"), }; The first form will [most likely] call "init_runs_next" on the spot. The second form means that "init_runs_first" runs before "init_runs_next," possibly much earlier in the sequence. Please DO NOT construct sets of init functions where A before B actually means A *right before* B. It's not necessary - simply combine A and B - and it leads to hugely annoying debugging exercises when trying to switch from ad-hoc procedural ordering constraints to formal ordering constraints. Change-Id: I5e4353503bf43b4acb11a45fb33c79a5ade8426c Signed-off-by: Dave Barach <dave@barachs.net>
2019-04-19Doxygen cleanup.Dave Wallace1-1/+1
- Add subpages definitions in appropriate section (User or Dev docs) for doc files (*.rst, *.md) that being listed at the top level of the generated doc page. - Generate and add API list to RELEASE doc. - Fix list_api_changes script to use HEAD as the endtag so it doesn't need to be changed every release. Change-Id: Iace7b6433359c6b96869cb1db01facbbcb0ac1e6 Signed-off-by: Dave Wallace <dwallacelf@gmail.com> (cherry picked from commit 11ee93f6abfaddf5bbd56cf0858c0c6ea0384b65)
2019-04-08fixing typosJim Thompson1-1/+1
Change-Id: I215e1e0208a073db80ec6f87695d734cf40fabe3 Signed-off-by: Jim Thompson <jim@netgate.com>
2019-02-09buffers: fix typoDamjan Marion1-1/+1
Change-Id: I4e836244409c98739a13092ee252542a2c5fe259 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-02-06buffers: make buffer data size configurable from startup configDamjan Marion1-1/+1
Example: buffers { default data-size 1536 } Change-Id: I5b4436850ca18025c9fdcfc7ed648c2c2732d660 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-01-20buffers: don't init metadata, as it is already initializedDamjan Marion2-8/+1
Change-Id: Ia083050389853c25b069f0f8286d50d3f4aef527 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-11-14Remove c-11 memcpy checks from perf-critical codeDave Barach2-5/+5
Change-Id: Id4f37f5d4a03160572954a416efa1ef9b3d79ad1 Signed-off-by: Dave Barach <dave@barachs.net>
2018-10-23c11 safe string handling supportDave Barach2-5/+5
Change-Id: Ied34720ca5a6e6e717eea4e86003e854031b6eab Signed-off-by: Dave Barach <dave@barachs.net>
2018-10-19vppinfra: add atomic macros for __sync builtinsSirshak Das1-2/+2
This is first part of addition of atomic macros with only macros for __sync builtins. - Based on earlier patch by Damjan (https://gerrit.fd.io/r/#/c/10729/) Additionally - clib_atomic_release macro added and used in the absence of any memory barrier. - clib_atomic_bool_cmp_and_swap added Change-Id: Ie4e48c1e184a652018d1d0d87c4be80ddd180a3b Original-patch-by: Damjan Marion <damarion@cisco.com> Signed-off-by: Sirshak Das <sirshak.das@arm.com> Reviewed-by: Honnappa Nagarahalli <honnappa.nagarahalli@arm.com> Reviewed-by: Ola Liljedahl <ola.liljedahl@arm.com> Reviewed-by: Steve Capper <steve.capper@arm.com>
2018-05-15Update ipfix documentationDave Barach1-195/+180
Change-Id: Ie942efab86d24a953fe34754e3d50df54b560dc0 Signed-off-by: Dave Barach <dave@barachs.net>
2018-05-13Improve ipfix template packet rewrite constructionDave Barach4-10/+127
Instead of repeatedly cutting, pasting, and hacking to create a new callback, use vnet_flow_rewrite_generic_callback(). Add three arguments to the flow rewrite callback: (in) pointer to an array of report elements, (in) length of array, (out) pointer to the stream index Change existing code prototypes. Code owners encouraged to evaluate whether they can use the generic callback or not, at leisure. /* ipfix field definitions for a particular report */ typedef struct { u32 info_element; u32 size; } ipfix_report_element_t; Best generated like so: _(sourceIPv4Address, 4) \ _(destinationIPv4Address, 4) \ _(sourceTransportPort, 2) \ _(destinationTransportPort, 2) \ _(protocolIdentifier, 1) \ _(flowStartMicroseconds, 8) \ _(flowEndMicroseconds, 8) static ipfix_report_element_t simple_report_elements[] = { foreach_simple_report_ipfix_element }; ... /* Set up the ipfix report */ memset (&a, 0, sizeof (a)); a.is_add = 1 /* to enable the report */ ; a.domain_id = 1 /* pick a domain ID */ ; a.src_port = UDP_DST_PORT_ipfix /* src port for reports */ ; a.rewrite_callback = vnet_flow_rewrite_generic_callback; a.report_elements = simple_report_elements; a.n_report_elements = ARRAY_LEN (simple_report_elements); a.stream_indexp = &jim->stream_index; a.flow_data_callback = simple_flow_data_callback; /* Create the report */ rv = vnet_flow_report_add_del (frm, &a, &template_id); if (rv) return rv; ... Change-Id: If6131e6821d3a37a29269c0d58040cdf18ff05e4 Signed-off-by: Dave Barach <dave@barachs.net>
2018-05-11Add ipfix exporter coding guideDave Barach1-0/+375
Change-Id: Iaa28f96d613d6fb75bd29958d757de206448eb22 Signed-off-by: Dave Barach <dave@barachs.net>
2018-05-04Flow: Rename IPFIX exporter.Ole Troan8-0/+2572
Change-Id: I9363cf54b73f7cfd8622af6f1cb250438ea0d3b6 Signed-off-by: Ole Troan <ot@cisco.com>