Age | Commit message (Collapse) | Author | Files | Lines |
|
update the GBP plugin to implement the full NAT feature set of opflex agent
Change-Id: Ic06a039c889445ed0b9087fa1f292634192b0f8d
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
|
|
In dpdk based bonding, when the bond interface is configured for l2,
it automatically sets the bond interface to promiscuous mode and sets rx
redirect to ethernet-input. This allows traffic to be bridged to
non compute node facing interface when it is received from the compute
node interface.
For native vpp bonding, we need to do similar things. When the bond interface
is configured for l2, we set the slave interfaces to promiscuous mode
and set rx redirect to ethernet-input because dpdk does not know anything
about the bond interface. Likewise, when a new interface is enslaved, we also
need to do the same thing if the bond interface has already been configured
for l2.
Change-Id: I7e168008e8a4221be74929b2a20e6db0ce8f3110
Signed-off-by: Steven <sluong@cisco.com>
|
|
Change-Id: I50ff0cacf88182f8e0be19840c50f4954de586e2
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
|
|
only one counter update per frame (was updated per iteration)
only access ethertype for casts (was always accessing ethertype)
Change-Id: I3a3c3219ec63e975cf5bd8cf2d93103932a4aaa3
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
For implementation of MACIP ACLs enhancement (VPP-1088), an outbound
classifier-based ACL would be needed. There was an existing incomplete
code for outbound ACLs, it looked almost exact copy of input ACLs, minus
the various enhancements, trying to sync that code seemed error-prone
and cumbersome to maintain in the longer run.
This change refactors the input+output ACLs processing into a unified
routine (thus any changes will have effect on both), and also adds
the API to set the output interface ACL, with the same format
and semantics as the existing input one (except working on output
ACL of course).
WARNING: IP outbound ACL in L3 mode clobbers the ip.* fields
in the vnet_buffer_opaque_t, since the code is using l2_classify.*
The net_buffer (p0)->ip.save_rewrite_length is rescued into
l2_classify.pad.l2_len, and used to rewind the header in case of
drop, so that ipX_drop prints something sensible.
Change-Id: I62f814f1e3650e504474a3a5359edb8a0a8836ed
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
For ARP/ICMPv6 packets received from a BVI in a BD, allow flood
to all remote VTEPs via VXLAN tunnels irrespective of SHG check
for ARP request or ICMPv6 neighbor solicitation packets only.
All other packets types will flood normally as per SHG check.
Change-Id: I17b1cef9015e363fb684c2b6506ed6c4efe70bba
Signed-off-by: John Lo <loj@cisco.com>
(cherry picked from commit 5b99133cff1ff0eb9043dd8bd3648b0b3aafa47e)
|
|
This change makes sure ARP/ICMPv6 brodcast packets received from
the BVI of a BD can be flooded to all remote VTEPs via its VXLAN
tunnels irrespective of SHG setting. Similar processing was done
for unicast packets already and needs to be extpanded to ARP and
ICMPv6 broadcast packets.
Change-Id: I26ac43ecdbc81a769f742a583a156506f7e70d49
Signed-off-by: John Lo <loj@cisco.com>
(cherry picked from commit c97b4aca0db8d84b17ceb03a14ab44346a2b3466)
|
|
As per proposal on the mailing list, this patch fixes
the represntation of MAC address in VPP API calls for
· L2fib_add_del
· L2_fib_table_details
Change-Id: I31e17efd1a6314cded69666e693cb8fc33158d02
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
Change L2 learning path so it update stale timestamp in MAC entry
only if aging is enabled on the BD for the MAC entry.
Change-Id: I7babe986ceef3c030d8ef9185076c42b405f7b0f
Signed-off-by: John Lo <loj@cisco.com>
|
|
Change-Id: If608bbc7f4c8b0d5c3a237098a20279e407c82d3
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
Simplify L2 output feature infra to unify with L2 input feature
infra using the newly improved feature bitmap mechanism.
Updated all L2 features to use the more efficient infra functions.
Change-Id: If8f463826b0af0717129befe92a27ea8cfc40449
Signed-off-by: John Lo <loj@cisco.com>
|
|
Change-Id: Id9737b6aa2b6fe3032f4627dfdbd2ea728cc3fb1
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
Cleanup mapping of interface output node for the l2-output node
when interface is configured to L2 or L3 modes. The mapping is
now always done in the main thread as part of API/CLI processing,
instead of initiate mapping in the forwarding path which can be
in the worker threads.
Change-Id: Ia789493e7d9f5c76d68edfaf34db43f3e3f53506
Signed-off-by: John Lo <loj@cisco.com>
(cherry picked from commit bea5ebf205e0bec922bf26c6c1a6a9392b4cad67)
|
|
fixed instability in l2bd_multi_instnce test - sometimes failing with extra
packets captured
it appears l2-learn was not updating hit entries but rather a copy of them.
if the ager did not have a chance to run before the test was running the
learning cycle - entries were not updated with the packet's seq num - causing
packets to flood when hitting the stale seq_num in l2-fwd - hence the extra
packets
fixed handling of filter entries
revert workaround for instability in test
Change-Id: I16d918e6310a5bf40bad5b7335b2140c2867cb71
Signed-off-by: Eyal Bari <ebari@cisco.com>
(cherry picked from commit 25ff2ea3a31e422094f6d91eab46222a29a77c4b)
|
|
l2_classify memeber table_index was overlaid over l2.l2fib_seq_num
which over written when table_index gets initialized in l2_input_classify
solved by overlaying both table_index and opaque_index as only one is used
seperated l2fib seq num from l2_input configs
for better handling of theoretical ABA issue where an entry for a deleted
interface is considered valid by the ager because a different interface with
same sw_if_index and seq_num was created before the ager got a chance to delete
Change-Id: I7b0eeded971627406f1c80834d7e02c0ebe62136
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
Enforce bridge domain ID range to allow a maximum value of 16M
which matches the range of 24-bit VNI used for virtual overlay
network ID.
Fix "show bridge-domain" output to allow full 16M BD ID range
to be displayed using 8-digit spaces.
Change-Id: I80d9c76ea7c001bcccd3c19df1f3e55d2970f01c
Signed-off-by: John Lo <loj@cisco.com>
|
|
added CLI l2fib flush-mac all
added API l2fib_flush_all
flushes all non static l2fib entries on all valid BDs
Change-Id: Ic963c88f4bed56308c03ab43106033132a0e87be
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
Change-Id: I80a723f55fcf2ecc3209a35e8297c88b45b1abfb
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
This patch deprecates stack-based thread identification,
Also removes requirement that thread stacks are adjacent.
Finally, possibly annoying for some folks, it renames
all occurences of cpu_index and cpu_number with thread
index. Using word "cpu" is misleading here as thread can
be migrated ti different CPU, and also it is not related
to linux cpu index.
Change-Id: I68cdaf661e701d2336fc953dcb9978d10a70f7c1
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Allow non-static MACs in the L2FIB which is associated with an
interface or a bridge domain (BD) be flushed. MAC flush are
initiated automatically when an interface is removed from a BD
or when a BD is deleted. MAC flush can also be invoked manually
via the following CLI:
l2fib mac-flush interface <if-name>
l2fib mac-flush bridge-domain <bd-id>
Change-Id: Ie33243622834810a765f48ebcd22bdb8e8fc87a4
Signed-off-by: John Lo <loj@cisco.com>
|
|
via l2output_main.next_nodes
Before this commit, several output features that happen to be the
last in the list of features to be executed, send the packets directly
to <interfaceName>-output. To do this, they use l2_output_dispatch,
which builds a list of sw_if_index to next index mappings.
When interfaces are deleted and the new interfaces are created,
these mappings become stale, and cause the packets being sent to wrong
interface output nodes.
This patch (thanks John Lo for the brilliant idea!) adds a feature node "output",
whose sole purpose is dispatching the packets to the correct interface output
nodes. To do that, it uses the l2output_main.next_nodes, which is already
taken care of for the case of the sw_if_index reuse, so this makes the dependent
features all work correctly.
Since this changes the packet path, for the features that were always the last ones
it has triggered a side problem of the output feat_next_node_index not being properly
initalized. These two users are l2-output-classify node and the output nodes belonging
to the acl-plugin.
For the first one the less invasive fix is just to initialize that field.
For the acl-plugin nodes, rewrite the affected part of the code to use
feat_bitmap_get_next_node_index since this is essentially what the conditional
in l2_output_dispatch does, and fix the compiler warnings generated.
This fix was first made in stable/1701 under commit e7dcee4027854b0ad076101471afdfff67eb9011.
Change-Id: I32e876ab1e1d498cf0854c19c6318dcf59a93805
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
With VPP-651, the L2 output config with L2-tag rewrite was not
cleared when a sub-interface is deleted. Subsequently, when the
same sw_if_index was reused for another interface, the L2 output
config with L2-tag rewrite remained on the new interface.
On deleting a (sub-)interface which is in L2 mode, it will be
changed to L3 mode first to clear any L2 config. The L2 to L3 mode
change path did address L2 input config cleanup. It is now fixed
to also clear L2 output config.
Change-Id: I3352a89d92e1b27340a5adcf75bbaa01a5050c29
Signed-off-by: John Lo <loj@cisco.com>
|
|
Change-Id: Ib0c8572773499d8dd4d81b3a565c24412ccc3510
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: I7b51f88292e057c6443b12224486f2d0c9f8ae23
Signed-off-by: Damjan Marion <damarion@cisco.com>
|