summaryrefslogtreecommitdiffstats
path: root/src/vnet/ipip
AgeCommit message (Collapse)AuthorFilesLines
2024-04-19ipip: specify af for a tunnel ip addressesAnton Nikolaev1-11/+12
Currently ipip tunnel allows to use an empty addresses for dst when we trying to add tunnel, but it doesn't return it correctly on ipip dump call. There is case when we create an ipip tunnel with an empty ipv6 address, address is zero, but AF is ipv6. And when we dump ipip tunnels we get an emtpy ipv4 address instead of an empty ipv6 address. There is no point to detect AF for each address in send_ipip_tunnel_details, because ipip tunnel can't handle different AF for src and dst addresses, and prohibits creating ipip tunnel with different AF of dst and src addresses. With this fix, send_ipip_tunnel_details function return a correct AF despite address value. Type: fix Change-Id: Ib343293ad79a300cdb70135fffbfd156dfef6e27 Signed-off-by: Anton Nikolaev <anikolaev@netgate.com>
2024-03-21ip: add support for buffer offload metadata in ip midchainArthur de Kerhor1-3/+43
The offload should be handled by gso node or by the NIC if the latter has the relevant capabilities. But ip midchain is missing the support for buffer offload metadata in case of GSO packet. This patch adds the relevant support to add the buffer metadata if the packet is GSO/IPIP to be handled accordingly. Type: improvement Change-Id: I17f5d71bf4c5f43a85ca3f2fbebfa1426b42ef69 Signed-off-by: Arthur de Kerhor <arthurdekerhor@gmail.com> Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2024-03-12misc: remove GNU Indent directivesDamjan Marion5-32/+0
Type: refactor Change-Id: I5235bf3e9aff58af6ba2c14e8c6529c4fc9ec86c Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-07-14ipip: populate mode in tunnel detailsMatthew Smith1-2/+19
Type: improvement There is a mode field in ipip_tunnel_details. The handler for the dump API does not do anything to populate it so it always contains 0 (TUNNEL_API_MODE_P2P). This is correct for p2p tunnels but is wrong for multipoint tunnels. Populate the field with the correct mode. Signed-off-by: Matthew Smith <mgsmith@netgate.com> Change-Id: I6c1288a0d3929db0f67100748b5760c36b594f97
2022-01-18vnet: distinguish between max_frame_size and MTUDamjan Marion1-6/+4
Type: improvement Change-Id: I3659de6599f402c92e3855e3bf0e5e3388f2bea0 Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-12-03fib: Fix the display (or lack of) for fib node types in dependent children listsNeale Ranns1-1/+2
Type: fix When registering a new FIB node type, no name was required on the API, and so no name was printed. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I8a99cf29c194637a550061b0a5e9782ffe8b31dd
2021-11-19fib: Don't use [midchain] adjacencies to change an interface's feature arcNeale Ranns2-3/+6
Type: fix Using the adjacency to modify the interface's feature arc doesn't work, since there are potentially more than one adj per-interface. Instead have the interface, when it is created, register what the end node of the feature arc is. This end node is then also used as the interface's tx node (i.e. it is used as the adjacency's next-node). rename adj-midhcain-tx as 'tunnel-output', that's a bit more intuitive. There's also a fix in config string handling to: 1- prevent false sharing of strings when the end node of the arc is different. 2- call registered listeners when the end node is changed For IPSec the consequences are that one cannot provide per-adjacency behaviour using different end-nodes - this was previously done for the no-SA and an SA with no protection. These cases are no handled in the esp-encrypt node. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: If3a83d03a3000f28820d9a9cb4101d244803d084
2021-10-18api: remove legacy pd msg handlersKlement Sekera1-1/+0
While looking at a coverity warning it was discovered that it's caused by return value modified by pd msg handlers. As these are legacy, it's a good time to remove them and also fix the warning this way. Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: Ic72ab8b2b7a2e55188d1c31cfd18a74b7cf82c43
2021-09-13interface: fix init fib_index_by_sw_if_indexNathan Skrzypczak1-4/+0
Type: fix The init of fib_index_by_sw_if_index wasn't setting default value to 0. Which we now need for setting interfaces unnumbered Change-Id: Ie5be9b5e5373ef055557a871ad4d1c45fbfc1dee Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2021-02-15fib: Always honour flow hash flagNeale Ranns1-8/+15
Type: fix Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: Id7b27edf3712aaa3c277e752b9ca78bb91d184a1
2021-02-08tunnel: support copying TTL and flow label from inner to outerNeale Ranns1-2/+3
Type: feature The added functionality is to support copying TTL and flow label from inner to outer. The .api was extened to support expressing this and also adding a common tunnel endpoint type. i find it best to make API changes in one patch so there are less versions of the API. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I755c1e3f4c475058792af39c1abeda92129efb76
2021-01-07ipip: Support MPLS over IPNeale Ranns2-5/+69
Type: feature Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: Ief1755131297afcaa14fe74fd8dd28c71a92fbe6
2020-12-14misc: move to new pool_foreach macrosDamjan Marion2-5/+5
Type: refactor Change-Id: Ie67dc579e88132ddb1ee4a34cb69f96920101772 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-12-09fib: supporting inner flow hash on tunnelsMohammed Hawari2-7/+15
Change-Id: I53011e089bfecb08483792029b534b09b9e33a10 Type: improvement Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
2020-12-08tunnel: add cli support for encap_decap flagsMohammed Hawari1-2/+7
Change-Id: I2bf6ba325975309183dba1e14e9519c944710752 Signed-off-by: Mohammed Hawari <mohammed@hawari.fr> Type: improvement
2020-12-08ipip: correct ipip_cli.c indentationMohammed Hawari1-212/+277
Change-Id: I162061f83a190723c3b4b5585717851c4b9ba255 Signed-off-by: Mohammed Hawari <mohammed@hawari.fr> Type: fix
2020-11-19ipip: Don't crash when showing non-existant tunnel indexNeale Ranns1-0/+2
Type: fix Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I9717d420e42098e291c5b6c7d18e935ad78fdc3d
2020-09-22ipip: Add option to tunnel create help stringNeale Ranns1-1/+1
Type: style Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I3703b9a882b7577025f495d500daf08a916891b9
2020-09-17teib: Use ip_address_t not ip46_address_tNeale Ranns1-8/+10
Type: improvement Change-Id: Ica75c4e43d6198658a1954640c7ac56ea68bb39a Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-09-17teib: Add adj-fibs for peers/adjacencies on p2mp interfaceNeale Ranns1-1/+2
Type: fix Change-Id: I6fdc4e952097e92ac3aa53e0be3ef99e0d801b28 Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-05-04fib: midchain adjacency optimisationsNeale Ranns1-11/+27
Type: improvement - inline some common encap fixup functions into the midchain rewrite node so we don't incur the cost of the virtual function call - change the copy 'guess' from ethernet_header (which will never happen) to an ip4 header - add adj-midchain-tx to multiarch sources - don't run adj-midchain-tx as a feature, instead put this node as the adj's next and at the end of the feature arc. - cache the feature arc config index (to save the cache miss going to fetch it) - don't check if features are enabled when taking the arc (since we know they are) the last two changes will also benefit normal adjacencies taking the arc (i.e. for NAT, ACLs, etc) for IPSec: - don't run esp_encrypt as a feature, instead when required insert this node into the adj's next and into the end of the feature arc. this implies that encrypt is always 'the last feature' run, which is symmetric with decrypt always being the first. - esp_encrpyt for tunnels has adj-midchain-tx as next node Change-Id: Ida0af56a704302cf2d7797ded5f118a781e8acb7 Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-02-21ipip: Unintialized return variable (coverity warning)Neale Ranns1-0/+1
Type: fix Change-Id: I008f23b5f0c7269ddd35cc747a867240fbe9c49b Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-02-04teib: Rename NHRP to TEIBNeale Ranns1-30/+30
Type: refactor The Tunnel Endpoint Informatiob Base (TEIB) is a better description of what it is (a mapping between tunnel endpoint address, in the overlay, and next-hop address, in the underlay) whereas NHRP is one instanc eof a control protocol that might add such endpoints. Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: Idcb2ad0b6543d3e5d9f6e96f9d14dafb5ce2aa85
2020-01-30gre: Tunnel encap/decap flagsNeale Ranns2-85/+100
Type: feature common funcitons across IP-in-IP and GRE tunnels for encap/decap functions Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I325b66824878d843af167adfe5a7a96b0ab90566
2020-01-27ipip: Multi-point interfaceNeale Ranns7-79/+386
Type: feature plus fixes for gre Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I0eca5f94b8b8ea0fcfb058162cafea4491708db6
2020-01-27tunnel: Common types for IP tunnelsNeale Ranns9-190/+27
Type: refactor Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I18dcdb7af3e327f6cacdbcb1e52b89f13d6ba6e2
2019-12-12ikev2: fix crash during SA rekeyFilip Tehlar1-1/+5
Type: fix Change-Id: Ib00ab9b2f28c0f4d85e96bf95697f61b8e415f37 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2019-12-03fib: constify the adjacency in the rewrite nodesNeale Ranns2-6/+6
Type: refactor Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I3aad20b35d89fc541fdf185096d71ca12b09a6e2
2019-12-03ipip: Tunnel flags controlling copying data to/from payload/encapNeale Ranns9-34/+258
Type: feature Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I9467f11775936754406892b8e9e275f989ac9b30
2019-11-06build: add yaml file linting to make checkstylePaul Vinciguerra1-9/+11
Type: feature fts and trex rely on yaml config files. Verify that they are valid, so comitters can catch errors early. Change-Id: Ide0bb276659119c59bdbbc8b8155e37562a648b8 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-10-15ipip: fix typos in short_helpIgnas Bacius1-3/+3
Type: fix Signed-off-by: Ignas Bacius <ignas@noia.network> Change-Id: Ica069e8c9dd4efd1f00639754da471bf11418b57
2019-09-25api: split api generated filesOle Troan2-65/+31
Split generation of API message enum and the typedefs into separate files, so that the type file can be included from elsewhere. Generate a C file for VPP that contains the API registration, this was previously done via X macros by the C pre- processor. This allows deleting lots of skeleton/copy paste code for each feature. plugins/flowprobe plugins/map examples/sample-plugin vnet/ipip used as Guinea pigs. Generate a C Test file for VAT, that does the same for VAT plugins. Also add support for a per-message CLI option, that is currently limited to VAT help text. option vat_help = "<help text>"; Type: refactor Change-Id: I245e3104bb76f7e1fb69a59ab20cc7c8dfcdd460 Signed-off-by: Ole Troan <ot@cisco.com>
2019-07-19fib: FIB Entry trackingNeale Ranns1-10/+7
Instead of all clients directly RR sourcing the entry they are tracking, use a deidcated 'tracker' object. This tracker object is a entry delegate and a child of the entry. The clients are then children of the tracker. The benefit of this aproach is that each time a new client tracks the entry it doesn't RR source it. When an entry is sourced all its children are updated. Thus, new clients tracking an entry is O(n^2). With the tracker as indirection, the entry is sourced only once. Type: feature Change-Id: I5b80bdda6c02057152e5f721e580e786cd840a3b Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-06-26api: refactor format_vl_api_prefix_t return keysPaul Vinciguerra1-2/+2
format_vl_api_prefix_t returns a dict with keys 'address' and 'address_length', but other format_vl_api_prefix functions return a dict with 'prefix', and 'len'. Refactor all format_vl_api_prefix_t to return consistent keys 'address' and 'len'. Type: refactor Change-Id: I5f9558fc2da8742a303266e011102f5b2db80aad Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-06-18ipsec: ipsec-tun protectNeale Ranns2-1/+21
please consult the new tunnel proposal at: https://wiki.fd.io/view/VPP/IPSec Type: feature Change-Id: I52857fc92ae068b85f59be08bdbea1bd5932e291 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-05-31tools: FEATURE.yaml meta-data infrastructureOle Troan1-0/+22
Add tooling for feature metadata configuration files. The main tool is in src/scripts/fts.py make checkfeaturelist to validate against schema. make featurelist to dump all feature lists to stdout. Example feature definition: name: IP in IP tunnelling maintainer: Ole Troan <ot@cisco.com> features: - IPv4/IPv6 over IPv4/IPv6 encapsulation: - Fragmentation and Reassembly - Configurable MTU - Inner to outer Traffic Class / TOS copy - Configurable Traffic Class / TOS - ICMPv4 / ICMPv6 proxying - 6RD (RFC5969): - Border Relay description: "Implements IP{v4,v6} over IP{v4,v6} tunnelling as described in RFC2473. This module also implement the border relay of 6RD (RFC5969)." state: production properties: [API, CLI, STATS, MULTITHREAD] missing: - Tunnel PMTUD - Tracking of FIB state for tunnel state - IPv6 extension headers (Tunnel encapsulation limit option) JSON schema is embedded in fts.py Example markdown: https://github.com/otroan/scratch/blob/master/features.md Change-Id: I903b4ee6b316a9378c259e86dc937092e5d4b7da Type: make Signed-off-by: Ole Troan <ot@cisco.com>
2019-05-30ipip: refactor ipip.api with explicit typesOle Troan2-24/+16
Use explicit types vl_api_address/prefix in ipip.api. Change-Id: Ib3133cebdbe4437742924efd49cde4009c4cc31b Type: refactor Signed-off-by: Ole Troan <ot@cisco.com>
2019-05-27IPIP tunnel: use address types on APINeale Ranns2-46/+48
Change-Id: Ida6a8f96bd858246e993250087bed45e7084ede1 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-04-196rd: fix debug cli short-helpBenoît Ganne1-1/+2
Debug cli short help for 6rd tunnel creation was out-of-date. Change-Id: I06e4d28481470825bf225ba0fd371a3aebd889fa Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-04-08fixing typosJim Thompson1-1/+1
Change-Id: I215e1e0208a073db80ec6f87695d734cf40fabe3 Signed-off-by: Jim Thompson <jim@netgate.com>
2019-03-26ADJ: midchain delegate to performing stackingNeale Ranns2-110/+22
this can be used by e.g. tunnels so it doesn't need to be implemented for each tunnel type. Change-Id: I0790f89aa49f83421612b35108cce67693285999 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-03-06ipip: migrate old MULTIARCH macros to VLIB_NODE_FNFilip Tehlar1-11/+5
Change-Id: I9c05225b71b60dc2b419a96daeb71d89757aef98 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2018-12-07FIB recusrion loop checks traverse midchain adjacenciesNeale Ranns2-51/+20
if a tunnel's destination address is reachable through the tunnel (see example config belwo) then search for and detect a recursion loop and don't stack the adjacency. Otherwise this results in a nasty surprise. DBGvpp# loop cre DBGvpp# set int state loop0 up DBGvpp# set int ip addr loop0 10.0.0.1/24 DBGvpp# create gre tunnel src 10.0.0.1 dst 1.1.1.1 DBGvpp# set int state gre0 up DBGvpp# set int unnum gre0 use loop0 DBGvpp# ip route 1.1.1.1/32 via gre0 DBGvpp# sh ip fib 1.1.1.1 ipv4-VRF:0, fib_index:0, flow hash:[src dst sport dport proto ] locks:[src:plugin-hi:2, src:default-route:1, ] 1.1.1.1/32 fib:0 index:11 locks:4 <<< this is entry #11 src:CLI refs:1 entry-flags:attached, src-flags:added,contributing,active, path-list:[14] locks:2 flags:shared,looped, uPRF-list:12 len:1 itfs:[2, ] path:[14] pl-index:14 ip4 weight=1 pref=0 attached-nexthop: oper-flags:recursive-loop,resolved, cfg-flags:attached, 1.1.1.1 gre0 (p2p) [@0]: ipv4 via 0.0.0.0 gre0: mtu:9000 4500000000000000fe2fb0cc0a0000010101010100000800 stacked-on entry:11: <<<< and the midchain forwards via entry #11 [@2]: dpo-drop ip4 src:recursive-resolution refs:1 src-flags:added, cover:-1 forwarding: unicast-ip4-chain [@0]: dpo-load-balance: [proto:ip4 index:13 buckets:1 uRPF:12 to:[0:0]] [0] [@6]: ipv4 via 0.0.0.0 gre0: mtu:9000 4500000000000000fe2fb0cc0a0000010101010100000800 stacked-on entry:11: [@2]: dpo-drop ip4 DBGvpp# sh adj 1 [@1] ipv4 via 0.0.0.0 gre0: mtu:9000 4500000000000000fe2fb0cc0a0000010101010100000800 stacked-on entry:11: [@2]: dpo-drop ip4 flags:midchain-ip-stack midchain-looped <<<<< this is a loop counts:[0:0] locks:4 delegates: children: {path:14} Change-Id: I39b82bd1ea439be4611c88b130d40289fa0c1b59 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-11-29API: Add support for type aliasesOle Troan1-6/+7
Previously all types are compound. This adds support for aliases, so one can do things like: typedef u32 interface_index; or typedef u8 ip4_address[4]; Change-Id: I0455cad0123fc88acb491d2a3ea2725426bdb246 Signed-off-by: Ole Troan <ot@cisco.com> Signed-off-by: Klement Sekera <ksekera@cisco.com>
2018-10-23c11 safe string handling supportDave Barach3-4/+4
Change-Id: Ied34720ca5a6e6e717eea4e86003e854031b6eab Signed-off-by: Dave Barach <dave@barachs.net>
2018-09-27IPIP and IPv6 fragmentationOle Troan2-0/+12
- Error where ICMPv6 error code doesn't reset VLIB_TX = -1 Leading to crash for ICMP generated on tunnelled packets - Missed setting VNET_BUFFER_F_LOCALLY_ORIGINATED, so IP in IPv6 packets never got fragmented. - Add support for fragmentation of buffer chains. - Remove support for inner fragmentation in frag code itself. Change-Id: If9a97301b7e35ca97ffa5c0fada2b9e7e7dbfb27 Signed-off-by: Ole Troan <ot@cisco.com>
2018-08-22IPIP and SIXRD tunnels create API needs table-IDs not fib-indexesNeale Ranns5-59/+136
Change-Id: Ifaef196a24fa9b6924f2b9692318f69763cee5e1 Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2018-08-10IP fragmentation to handle buffer chains.Ole Troan2-5/+14
Change-Id: Iff557f566ebc9ab170d75da1233997d83b8c8a66 Signed-off-by: Ole Troan <ot@cisco.com>
2018-07-30SIXRD: fix post introduction of the directed subnet broadcastNeale Ranns1-11/+2
Change-Id: I9ce801e9b257eaa6be0cbe2ad3bfe630717f8c67 Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2018-07-23fix vector index range checksEyal Bari1-1/+1
Change-Id: I63c36644c9d93f2c3ec6606ca0205b407499de4e Signed-off-by: Eyal Bari <ebari@cisco.com>