Age | Commit message (Collapse) | Author | Files | Lines |
|
Currently ipip tunnel allows to use an empty addresses for dst when we
trying to add tunnel, but it doesn't return it correctly on ipip dump
call. There is case when we create an ipip tunnel with an empty ipv6
address, address is zero, but AF is ipv6. And when we dump ipip tunnels
we get an emtpy ipv4 address instead of an empty ipv6 address.
There is no point to detect AF for each address in
send_ipip_tunnel_details, because ipip tunnel can't handle different
AF for src and dst addresses, and prohibits creating ipip tunnel
with different AF of dst and src addresses.
With this fix, send_ipip_tunnel_details function return a correct AF
despite address value.
Type: fix
Change-Id: Ib343293ad79a300cdb70135fffbfd156dfef6e27
Signed-off-by: Anton Nikolaev <anikolaev@netgate.com>
|
|
The offload should be handled by gso node or by the NIC
if the latter has the relevant capabilities. But ip midchain
is missing the support for buffer offload metadata in case
of GSO packet.
This patch adds the relevant support to add the buffer metadata
if the packet is GSO/IPIP to be handled accordingly.
Type: improvement
Change-Id: I17f5d71bf4c5f43a85ca3f2fbebfa1426b42ef69
Signed-off-by: Arthur de Kerhor <arthurdekerhor@gmail.com>
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
Type: refactor
Change-Id: I5235bf3e9aff58af6ba2c14e8c6529c4fc9ec86c
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: improvement
There is a mode field in ipip_tunnel_details. The handler for the dump
API does not do anything to populate it so it always contains 0
(TUNNEL_API_MODE_P2P). This is correct for p2p tunnels but is wrong for
multipoint tunnels.
Populate the field with the correct mode.
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
Change-Id: I6c1288a0d3929db0f67100748b5760c36b594f97
|
|
Type: improvement
Change-Id: I3659de6599f402c92e3855e3bf0e5e3388f2bea0
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: fix
When registering a new FIB node type, no name was required on the API, and so no name was printed.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I8a99cf29c194637a550061b0a5e9782ffe8b31dd
|
|
Type: fix
Using the adjacency to modify the interface's feature arc doesn't work, since there are potentially more than one adj per-interface.
Instead have the interface, when it is created, register what the end node of the feature arc is. This end node is then also used as the interface's tx node (i.e. it is used as the adjacency's next-node).
rename adj-midhcain-tx as 'tunnel-output', that's a bit more intuitive.
There's also a fix in config string handling to:
1- prevent false sharing of strings when the end node of the arc is different.
2- call registered listeners when the end node is changed
For IPSec the consequences are that one cannot provide per-adjacency behaviour using different end-nodes - this was previously done for the no-SA and an SA with no protection. These cases are no handled in the esp-encrypt node.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: If3a83d03a3000f28820d9a9cb4101d244803d084
|
|
While looking at a coverity warning it was discovered that it's caused
by return value modified by pd msg handlers. As these are legacy, it's
a good time to remove them and also fix the warning this way.
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: Ic72ab8b2b7a2e55188d1c31cfd18a74b7cf82c43
|
|
Type: fix
The init of fib_index_by_sw_if_index wasn't
setting default value to 0. Which we now
need for setting interfaces unnumbered
Change-Id: Ie5be9b5e5373ef055557a871ad4d1c45fbfc1dee
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Type: fix
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: Id7b27edf3712aaa3c277e752b9ca78bb91d184a1
|
|
Type: feature
The added functionality is to support copying TTL and flow label from
inner to outer. The .api was extened to support expressing this and also
adding a common tunnel endpoint type. i find it best to make API changes
in one patch so there are less versions of the API.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I755c1e3f4c475058792af39c1abeda92129efb76
|
|
Type: feature
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: Ief1755131297afcaa14fe74fd8dd28c71a92fbe6
|
|
Type: refactor
Change-Id: Ie67dc579e88132ddb1ee4a34cb69f96920101772
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I53011e089bfecb08483792029b534b09b9e33a10
Type: improvement
Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
|
|
Change-Id: I2bf6ba325975309183dba1e14e9519c944710752
Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
Type: improvement
|
|
Change-Id: I162061f83a190723c3b4b5585717851c4b9ba255
Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
Type: fix
|
|
Type: fix
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I9717d420e42098e291c5b6c7d18e935ad78fdc3d
|
|
Type: style
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I3703b9a882b7577025f495d500daf08a916891b9
|
|
Type: improvement
Change-Id: Ica75c4e43d6198658a1954640c7ac56ea68bb39a
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Type: fix
Change-Id: I6fdc4e952097e92ac3aa53e0be3ef99e0d801b28
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Type: improvement
- inline some common encap fixup functions into the midchain
rewrite node so we don't incur the cost of the virtual function call
- change the copy 'guess' from ethernet_header (which will never happen) to an ip4 header
- add adj-midchain-tx to multiarch sources
- don't run adj-midchain-tx as a feature, instead put this node as the
adj's next and at the end of the feature arc.
- cache the feature arc config index (to save the cache miss going to fetch it)
- don't check if features are enabled when taking the arc (since we know they are)
the last two changes will also benefit normal adjacencies taking the arc (i.e. for NAT, ACLs, etc)
for IPSec:
- don't run esp_encrypt as a feature, instead when required insert this
node into the adj's next and into the end of the feature arc. this
implies that encrypt is always 'the last feature' run, which is
symmetric with decrypt always being the first.
- esp_encrpyt for tunnels has adj-midchain-tx as next node
Change-Id: Ida0af56a704302cf2d7797ded5f118a781e8acb7
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Type: fix
Change-Id: I008f23b5f0c7269ddd35cc747a867240fbe9c49b
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Type: refactor
The Tunnel Endpoint Informatiob Base (TEIB) is a better
description of what it is (a mapping between tunnel endpoint
address, in the overlay, and next-hop address, in the underlay)
whereas NHRP is one instanc eof a control protocol that might add
such endpoints.
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: Idcb2ad0b6543d3e5d9f6e96f9d14dafb5ce2aa85
|
|
Type: feature
common funcitons across IP-in-IP and GRE tunnels for encap/decap
functions
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I325b66824878d843af167adfe5a7a96b0ab90566
|
|
Type: feature
plus fixes for gre
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I0eca5f94b8b8ea0fcfb058162cafea4491708db6
|
|
Type: refactor
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I18dcdb7af3e327f6cacdbcb1e52b89f13d6ba6e2
|
|
Type: fix
Change-Id: Ib00ab9b2f28c0f4d85e96bf95697f61b8e415f37
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Type: refactor
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I3aad20b35d89fc541fdf185096d71ca12b09a6e2
|
|
Type: feature
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I9467f11775936754406892b8e9e275f989ac9b30
|
|
Type: feature
fts and trex rely on yaml config files. Verify
that they are valid, so comitters can catch
errors early.
Change-Id: Ide0bb276659119c59bdbbc8b8155e37562a648b8
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Type: fix
Signed-off-by: Ignas Bacius <ignas@noia.network>
Change-Id: Ica069e8c9dd4efd1f00639754da471bf11418b57
|
|
Split generation of API message enum and the typedefs into
separate files, so that the type file can be included from
elsewhere.
Generate a C file for VPP that contains the API registration,
this was previously done via X macros by the C pre-
processor.
This allows deleting lots of skeleton/copy paste code
for each feature.
plugins/flowprobe
plugins/map
examples/sample-plugin
vnet/ipip
used as Guinea pigs.
Generate a C Test file for VAT, that does the same for VAT plugins.
Also add support for a per-message CLI option, that is currently
limited to VAT help text. option vat_help = "<help text>";
Type: refactor
Change-Id: I245e3104bb76f7e1fb69a59ab20cc7c8dfcdd460
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Instead of all clients directly RR sourcing the entry they are tracking,
use a deidcated 'tracker' object. This tracker object is a entry
delegate and a child of the entry. The clients are then children of the
tracker.
The benefit of this aproach is that each time a new client tracks the
entry it doesn't RR source it. When an entry is sourced all its children
are updated. Thus, new clients tracking an entry is O(n^2). With the
tracker as indirection, the entry is sourced only once.
Type: feature
Change-Id: I5b80bdda6c02057152e5f721e580e786cd840a3b
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
format_vl_api_prefix_t returns a dict with keys 'address' and 'address_length',
but other format_vl_api_prefix functions return a dict with 'prefix', and 'len'.
Refactor all format_vl_api_prefix_t to return consistent keys 'address' and 'len'.
Type: refactor
Change-Id: I5f9558fc2da8742a303266e011102f5b2db80aad
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
please consult the new tunnel proposal at:
https://wiki.fd.io/view/VPP/IPSec
Type: feature
Change-Id: I52857fc92ae068b85f59be08bdbea1bd5932e291
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Add tooling for feature metadata configuration files.
The main tool is in src/scripts/fts.py
make checkfeaturelist to validate against schema.
make featurelist to dump all feature lists to stdout.
Example feature definition:
name: IP in IP tunnelling
maintainer: Ole Troan <ot@cisco.com>
features:
- IPv4/IPv6 over IPv4/IPv6 encapsulation:
- Fragmentation and Reassembly
- Configurable MTU
- Inner to outer Traffic Class / TOS copy
- Configurable Traffic Class / TOS
- ICMPv4 / ICMPv6 proxying
- 6RD (RFC5969):
- Border Relay
description: "Implements IP{v4,v6} over IP{v4,v6} tunnelling as
described in RFC2473. This module also implement the border relay of
6RD (RFC5969)."
state: production
properties: [API, CLI, STATS, MULTITHREAD]
missing:
- Tunnel PMTUD
- Tracking of FIB state for tunnel state
- IPv6 extension headers (Tunnel encapsulation limit option)
JSON schema is embedded in fts.py
Example markdown: https://github.com/otroan/scratch/blob/master/features.md
Change-Id: I903b4ee6b316a9378c259e86dc937092e5d4b7da
Type: make
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Use explicit types vl_api_address/prefix in ipip.api.
Change-Id: Ib3133cebdbe4437742924efd49cde4009c4cc31b
Type: refactor
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Change-Id: Ida6a8f96bd858246e993250087bed45e7084ede1
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Debug cli short help for 6rd tunnel creation was out-of-date.
Change-Id: I06e4d28481470825bf225ba0fd371a3aebd889fa
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Change-Id: I215e1e0208a073db80ec6f87695d734cf40fabe3
Signed-off-by: Jim Thompson <jim@netgate.com>
|
|
this can be used by e.g. tunnels so it doesn't need to be
implemented for each tunnel type.
Change-Id: I0790f89aa49f83421612b35108cce67693285999
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I9c05225b71b60dc2b419a96daeb71d89757aef98
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
if a tunnel's destination address is reachable through the tunnel
(see example config belwo) then search for and detect a recursion
loop and don't stack the adjacency. Otherwise this results in a
nasty surprise.
DBGvpp# loop cre
DBGvpp# set int state loop0 up
DBGvpp# set int ip addr loop0 10.0.0.1/24
DBGvpp# create gre tunnel src 10.0.0.1 dst 1.1.1.1
DBGvpp# set int state gre0 up
DBGvpp# set int unnum gre0 use loop0
DBGvpp# ip route 1.1.1.1/32 via gre0
DBGvpp# sh ip fib 1.1.1.1
ipv4-VRF:0, fib_index:0, flow hash:[src dst sport dport proto ] locks:[src:plugin-hi:2, src:default-route:1, ]
1.1.1.1/32 fib:0 index:11 locks:4 <<< this is entry #11
src:CLI refs:1 entry-flags:attached, src-flags:added,contributing,active,
path-list:[14] locks:2 flags:shared,looped, uPRF-list:12 len:1 itfs:[2, ]
path:[14] pl-index:14 ip4 weight=1 pref=0 attached-nexthop: oper-flags:recursive-loop,resolved, cfg-flags:attached,
1.1.1.1 gre0 (p2p)
[@0]: ipv4 via 0.0.0.0 gre0: mtu:9000 4500000000000000fe2fb0cc0a0000010101010100000800
stacked-on entry:11: <<<< and the midchain forwards via entry #11
[@2]: dpo-drop ip4
src:recursive-resolution refs:1 src-flags:added, cover:-1
forwarding: unicast-ip4-chain
[@0]: dpo-load-balance: [proto:ip4 index:13 buckets:1 uRPF:12 to:[0:0]]
[0] [@6]: ipv4 via 0.0.0.0 gre0: mtu:9000 4500000000000000fe2fb0cc0a0000010101010100000800
stacked-on entry:11:
[@2]: dpo-drop ip4
DBGvpp# sh adj 1
[@1] ipv4 via 0.0.0.0 gre0: mtu:9000 4500000000000000fe2fb0cc0a0000010101010100000800
stacked-on entry:11:
[@2]: dpo-drop ip4
flags:midchain-ip-stack midchain-looped <<<<< this is a loop
counts:[0:0]
locks:4
delegates:
children:
{path:14}
Change-Id: I39b82bd1ea439be4611c88b130d40289fa0c1b59
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Previously all types are compound. This adds support for aliases,
so one can do things like:
typedef u32 interface_index;
or
typedef u8 ip4_address[4];
Change-Id: I0455cad0123fc88acb491d2a3ea2725426bdb246
Signed-off-by: Ole Troan <ot@cisco.com>
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Change-Id: Ied34720ca5a6e6e717eea4e86003e854031b6eab
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
- Error where ICMPv6 error code doesn't reset VLIB_TX = -1
Leading to crash for ICMP generated on tunnelled packets
- Missed setting VNET_BUFFER_F_LOCALLY_ORIGINATED, so
IP in IPv6 packets never got fragmented.
- Add support for fragmentation of buffer chains.
- Remove support for inner fragmentation in frag code itself.
Change-Id: If9a97301b7e35ca97ffa5c0fada2b9e7e7dbfb27
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Change-Id: Ifaef196a24fa9b6924f2b9692318f69763cee5e1
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
|
|
Change-Id: Iff557f566ebc9ab170d75da1233997d83b8c8a66
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Change-Id: I9ce801e9b257eaa6be0cbe2ad3bfe630717f8c67
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
|
|
Change-Id: I63c36644c9d93f2c3ec6606ca0205b407499de4e
Signed-off-by: Eyal Bari <ebari@cisco.com>
|