Age | Commit message (Collapse) | Author | Files | Lines |
|
For implementation of MACIP ACLs enhancement (VPP-1088), an outbound
classifier-based ACL would be needed. There was an existing incomplete
code for outbound ACLs, it looked almost exact copy of input ACLs, minus
the various enhancements, trying to sync that code seemed error-prone
and cumbersome to maintain in the longer run.
This change refactors the input+output ACLs processing into a unified
routine (thus any changes will have effect on both), and also adds
the API to set the output interface ACL, with the same format
and semantics as the existing input one (except working on output
ACL of course).
WARNING: IP outbound ACL in L3 mode clobbers the ip.* fields
in the vnet_buffer_opaque_t, since the code is using l2_classify.*
The net_buffer (p0)->ip.save_rewrite_length is rescued into
l2_classify.pad.l2_len, and used to rewind the header in case of
drop, so that ipX_drop prints something sensible.
Change-Id: I62f814f1e3650e504474a3a5359edb8a0a8836ed
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
This is a version of the VPP API generator in Python PLY. It supports
the existing language, and has a plugin architecture for generators.
Currently C and JSON are supported.
Changes:
- vl_api_version to option version = "major.minor.patch"
- enum support
- Added error checking and reporting
- import support (removed the C pre-processor)
- services (tying request/reply together)
Version:
option version = "1.0.0";
Enum:
enum colours {
RED,
BLUE = 50,
};
define foo {
vl_api_colours_t colours;
};
Services:
service {
rpc foo returns foo_reply;
rpc foo_dump returns stream foo_details;
rpc want_stats returns want_stats_reply
events ip4_counters, ip6_counters;
};
Future planned features:
- unions
- bool, text
- array support (including length)
- proto3 output plugin
- Refactor C/C++ generator as a plugin
- Refactor Java generator as a plugin
Change-Id: Ifa289966c790e1b1a8e2938a91e69331e3a58bdf
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Fixes the remainig apis that explicitly check svm queue length.
Change-Id: I6055c7c50050affee3098e162e15fb12c205e5db
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
This does not update api client code. In other words, if the client
assumes the transport is shmem based, this patch does not change that.
Furthermore, code that checks queue size, for tail dropping, is not
updated.
Done for the following apis:
Plugins
- acl
- gtpu
- memif
- nat
- pppoe
VNET
- bfd
- bier
- tapv2
- vhost user
- dhcp
- flow
- geneve
- ip
- punt
- ipsec/ipsec-gre
- l2
- l2tp
- lisp-cp/one-cp
- lisp-gpe
- map
- mpls
- policer
- session
- span
- udp
- tap
- vxlan/vxlan-gpe
- interface
VPP
- api/api.c
OAM
- oam_api.c
Stats
- stats.c
Change-Id: I0e33ecefb2bdab0295698c0add948068a5a83345
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
- separate client/server code for both memory and socket apis
- separate memory api code from generic vlib api code
- move unix_shared_memory_fifo to svm and rename to svm_fifo_t
- overall declutter
Change-Id: I90cdd98ff74d0787d58825b914b0f1eafcfa4dc2
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
L2 Emulation is a feautre that is applied to L2 ports to 'extract'
IP packets from the L2 path and inject them into the L3 path (i.e.
into the appropriate ip[4|6]_input node).
L3 routes in the table_id for that interface should then be configured
as DVR routes, therefore the forwarded packet has the L2 header
preserved and togehter the L3 routed system behaves like an L2 bridge.
Change-Id: I8effd7e2f4c67ee277b73c7bc79aa3e5a3e34d03
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
- makes the VAPI generated file more consumable.
- VOM build times improve.
Change-Id: I838488930bd23a0d3818adfdffdbca3eead382df
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
|
|
For ARP/ICMPv6 packets received from a BVI in a BD, allow flood
to all remote VTEPs via VXLAN tunnels irrespective of SHG check
for ARP request or ICMPv6 neighbor solicitation packets only.
All other packets types will flood normally as per SHG check.
Change-Id: I17b1cef9015e363fb684c2b6506ed6c4efe70bba
Signed-off-by: John Lo <loj@cisco.com>
(cherry picked from commit 5b99133cff1ff0eb9043dd8bd3648b0b3aafa47e)
|
|
This change makes sure ARP/ICMPv6 brodcast packets received from
the BVI of a BD can be flooded to all remote VTEPs via its VXLAN
tunnels irrespective of SHG setting. Similar processing was done
for unicast packets already and needs to be extpanded to ARP and
ICMPv6 broadcast packets.
Change-Id: I26ac43ecdbc81a769f742a583a156506f7e70d49
Signed-off-by: John Lo <loj@cisco.com>
(cherry picked from commit c97b4aca0db8d84b17ceb03a14ab44346a2b3466)
|
|
l2fib_make_key() casts and reads the input 6-Bytes mac_address as u64,
therefore if the mac_address is declared with 6 Bytes only, address-sanitizer
rightly triggers an invalid read on the last two Bytes.
However, l2fib_make_key() does a 16 bits shift to discard those 2 values,
therefore, this invalid read is of no consequence (and so can be silenced safely).
Change-Id: I38646fe60073093d25cdf135185d4c96136d55d0
Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
|
|
When adding a filter MAC entry, the default sw_if_index of -1
was incorrectly validated and rejected.
Change-Id: Id7f122b6269ea7c299a4335b05b748afaf01383c
Signed-off-by: John Lo <loj@cisco.com>
|
|
As per proposal on the mailing list, this patch fixes
the represntation of MAC address in VPP API calls for
· L2fib_add_del
· L2_fib_table_details
Change-Id: I31e17efd1a6314cded69666e693cb8fc33158d02
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
Change-Id: I5c1df59bce7c9654101672a12981e5bd62e9adc4
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
- Global variables declared in header files without
the use of the 'extern' keword will result in multiple
instances of the variable to be created by the compiler
-- one for each different source file in which the
the header file is included. This results in wasted
memory allocated in the BSS segments as well as
potentially introducing bugs in the application.
Change-Id: I6ef1790b60a0bd9dd3994f8510723decf258b0cc
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
|
|
Add one of these statements to foo.api:
vl_api_version 1.2.3
to generate a version tuple stanza in foo.api.h:
/****** Version tuple *****/
vl_api_version_tuple(foo, 1, 2, 3)
Change-Id: Ic514439e4677999daa8463a94f948f76b132ff15
Signed-off-by: Dave Barach <dave@barachs.net>
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Change L2 learning path so it update stale timestamp in MAC entry
only if aging is enabled on the BD for the MAC entry.
Change-Id: I7babe986ceef3c030d8ef9185076c42b405f7b0f
Signed-off-by: John Lo <loj@cisco.com>
|
|
- Teach vpp_api_test to send/receive API messages over sockets
- Add memfd-based shared memory
- Add api messages to create memfd-based shared memory segments
- vpp_api_test supports both socket and shared memory segment connections
- vpp_api_test pivot from socket to shared memory API messaging
- add socket client support to libvlibclient.so
- dead client reaper sends ping messages, container-friendly
- dead client reaper falls back to kill (<pid>, 0) live checking
if e.g. a python app goes silent for tens of seconds
- handle ping messages in python client support code
- teach show api ring about pairwise shared-memory segments
- fix ip probing of already resolved destinations (VPP-998)
We'll need this work to implement proper host-stack client isolation
Change-Id: Ic23b65f75c854d0393d9a2e9d6b122a9551be769
Signed-off-by: Dave Barach <dave@barachs.net>
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
fixes an issue where events were not sent if BD doesn't enable mac aging
Change-Id: Iddc53cb5c45e560633e6c5cff2731dccfc70ad5b
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
Change-Id: Ia886ff2bfa2cf33ffbaa35ec89494d4300ec2769
Signed-off-by: Jerome Tollet <jtollet@cisco.com>
|
|
Change-Id: I9a75fdafd0c1d87b6f071fda5b77ff5f6b79deb7
Signed-off-by: Jerome Tollet <jtollet@cisco.com>
|
|
1. Limit MAC entry update per l2-learn call to reduce update burst
when wall clock advance to the the next minute so all MAC time
stamps are behind current time needing update.
2. Optimize l2-learn node fast path code sequence.
3. Invalidate cache_key when update MAC entry.
4. Change L2 learn hit counter to L2 learn hit-update counter.
5. Increase L2FIB table memory size to 512MB to fit 4M entries
6. Set MAC learn limit at 4M entries
Change-Id: I3075ee8fb59645a56850126bac2e3e6d341cef4d
Signed-off-by: John Lo <loj@cisco.com>
|
|
1. Increase default MAC learn limit from 1M to 8M entries.
2. Check MAC learn limit in MAC learning update path.
3. Allow disable of want_l2_macs_events to set MAC learn limit
4. Other minor cleanups
Change-Id: I62438440937b5fa455e16f4a2e4d910277753395
Signed-off-by: John Lo <loj@cisco.com>
|
|
Added APIs want_l2_macs_events and l2_macs_event to allow an API
client to receive notification events from VPP for MAC learned
or aged in L2FIB. Only one API client is allowed for L2 MAC events.
The want_l2_macs_events API allow caller to specify MAC learn
limit, event scan delay and max number of MACs that can be included
in a event message. These parameters should be choosen properly as
to not have too many MAC events sent by VPP and overwhelm the API
share memory. They can all be left as 0's so VPP will setup reasonable
defaults which are: 1000 learn limit, 100 msec scan delay and 100
MACs per event message.
If want_l2_macs_events is never called, VPP learning and aging
should behave as before except that MAC entries provisioned by API
or CLI will not be aged, even if it is not set as static_mac. These
non static MACs, however, can be overwritten by MAC learning on a
MAC move as a leared MAC. Only learned MACs are subject to aging.
Change-Id: Ia3757a80cf8adb2811a089d2eafbd6439461285c
Signed-off-by: John Lo <loj@cisco.com>
|
|
Change-Id: If608bbc7f4c8b0d5c3a237098a20279e407c82d3
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
added span feature nodes for l2-input / l2-output
Change-Id: Ib6e0ce60d0811901b6edd70209e6a4c4a35cd8ff
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
Simplify L2 output feature infra to unify with L2 input feature
infra using the newly improved feature bitmap mechanism.
Updated all L2 features to use the more efficient infra functions.
Change-Id: If8f463826b0af0717129befe92a27ea8cfc40449
Signed-off-by: John Lo <loj@cisco.com>
|
|
Change-Id: Id9737b6aa2b6fe3032f4627dfdbd2ea728cc3fb1
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
According to Maciek, the easiest way to leverage the csit "performance
trend" job is to actually merge the patch once verified. Manual
testing indicates that the patch improves l2 path performance. Other
use-cases are TBD. It's possible that we'll need to back out the patch
depending on what happens.
Change-Id: Ic0a0363de35ef9be953ad7709c57c3936b73fd5a
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
To save space in the first cacheline following is changed:
- total_length_not_including_first_buffer moved to the 2nd cacheline.
This field is used only when VLIB_BUFFER_TOTAL_LENGTH_VALID and
VLIB_BUFFER_NEXT_PRESENT are both set.
- free_list_index is now stored in 4bits inside flags, which
allows up to 16 free lists. In case we need more we can store index
in the 2nd cachelin
Change-Id: Ic8521350819391af470d31d3fa1013e67ecb7681
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Cleanup mapping of interface output node for the l2-output node
when interface is configured to L2 or L3 modes. The mapping is
now always done in the main thread as part of API/CLI processing,
instead of initiate mapping in the forwarding path which can be
in the worker threads.
Change-Id: Ia789493e7d9f5c76d68edfaf34db43f3e3f53506
Signed-off-by: John Lo <loj@cisco.com>
(cherry picked from commit bea5ebf205e0bec922bf26c6c1a6a9392b4cad67)
|
|
Change-Id: I84cea7530b01302a0adeef95b4924f54dc2e41ec
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
fixed instability in l2bd_multi_instnce test - sometimes failing with extra
packets captured
it appears l2-learn was not updating hit entries but rather a copy of them.
if the ager did not have a chance to run before the test was running the
learning cycle - entries were not updated with the packet's seq num - causing
packets to flood when hitting the stale seq_num in l2-fwd - hence the extra
packets
fixed handling of filter entries
revert workaround for instability in test
Change-Id: I16d918e6310a5bf40bad5b7335b2140c2867cb71
Signed-off-by: Eyal Bari <ebari@cisco.com>
(cherry picked from commit 25ff2ea3a31e422094f6d91eab46222a29a77c4b)
|
|
l2_classify memeber table_index was overlaid over l2.l2fib_seq_num
which over written when table_index gets initialized in l2_input_classify
solved by overlaying both table_index and opaque_index as only one is used
seperated l2fib seq num from l2_input configs
for better handling of theoretical ABA issue where an entry for a deleted
interface is considered valid by the ager because a different interface with
same sw_if_index and seq_num was created before the ager got a chance to delete
Change-Id: I7b0eeded971627406f1c80834d7e02c0ebe62136
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
l2_len was not updated for the third tag
as the ethernet node retracts by the vlan count after parse_header (using
ethernet_buffer_header_size) it ends up pointing before the ethernet header
+ some minor cleanups
Change-Id: I4ccaedd33928912e5d837376f146503b27071741
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
after deleting a sub interface it's l2fib entries are left with a dangling
sw_if_index (while waiting for the ager to delete them).
changed "show l2fib" to reflect that state with "Deleted" as the interface name.
added sleep in test_l2_fib as a workaround for packets still passing after flush
will investigate...
Change-Id: Id998d7d3c6a073ef5005c5f3009e1cfb7febf7db
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
is_address_reachable - Disabled so deleted
cli_request - Renamed to cli
vnet_summary_stats_reply - Renamed to vnet_get_summary_stats_reply
bridge_domain_sw_if_details - Deleted, incorporated in main message
l2_fib_table_entry - Renamed to l2_fib_table_details
Change-Id: I93b7e8769a3ba7b4989b3c270270f575f386464f
Signed-off-by: Ole Troan <ot@cisco.com>
Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Enforce bridge domain ID range to allow a maximum value of 16M
which matches the range of 24-bit VNI used for virtual overlay
network ID.
Fix "show bridge-domain" output to allow full 16M BD ID range
to be displayed using 8-digit spaces.
Change-Id: I80d9c76ea7c001bcccd3c19df1f3e55d2970f01c
Signed-off-by: John Lo <loj@cisco.com>
|
|
Change-Id: I417dfeba902ca8c3a080773942d4d2ce4335a9c1
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
added CLI l2fib flush-mac all
added API l2fib_flush_all
flushes all non static l2fib entries on all valid BDs
Change-Id: Ic963c88f4bed56308c03ab43106033132a0e87be
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
Fix global_learn_count to be incremented or decremented by add and
deletion of non-static MAC entries from L2FIB only. Without this fix,
the counter may reach the threshold of 1M and stop MAC leanring even
though number of MAC entries in L2FIB is less than the threshold.
Cleanup indirect hash key memory used by mac_by_ip6 hash table on
BD deletion.
Change-Id: I13986c4e6304c7956122520dd3f83d6bb6e65a15
Signed-off-by: John Lo <loj@cisco.com>
|
|
Change-Id: I80a723f55fcf2ecc3209a35e8297c88b45b1abfb
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
The default bridge domain, 0, is created automatically
with static features. It should be modified by neither
the CLI nor the API. So add tests for, and reject any
operation on BD 0. The new API error message BD_NOT_MODIFIABLE
is returned in such cases.
Change-Id: Iaf3dd80c4f43cf41689ca55756a0a3525420cd12
Signed-off-by: Jon Loeliger <jdl@netgate.com>
|
|
On BD deletion, free memory used by members vector and mac_by_ip4
and mac_by_ip6 hash tables.
Change-Id: Ied467e79bb6636fd8788bdeddee660c66391bb7e
Signed-off-by: John Lo <loj@cisco.com>
|
|
Change-Id: I72298aaae7d172082ece3a8edea4217c11b28d79
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: I29082e7a0c556069180a157e55b3698cf8cd38c7
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
- update default flags
- add missing flag learn
Change-Id: I50a1a001848769836468838775b59d3414d27710
Signed-off-by: Choonho Son <choonho.son@gmail.com>
|
|
This patch deprecates stack-based thread identification,
Also removes requirement that thread stacks are adjacent.
Finally, possibly annoying for some folks, it renames
all occurences of cpu_index and cpu_number with thread
index. Using word "cpu" is misleading here as thread can
be migrated ti different CPU, and also it is not related
to linux cpu index.
Change-Id: I68cdaf661e701d2336fc953dcb9978d10a70f7c1
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I0a6989c6963956f3e60e8c50835c57845fccef8c
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
Change-Id: Ic2d33b31ba88f6d9602a22439865637d98cf4a33
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
Added new CLI command
- create bridge-domain <bridge-domain-id>
- create bridge-domain <bridge-domain-id> del
Change-Id: I1a7d632c7daa3c37b7f424a184e8fabd489518e9
Signed-off-by: Choonho Son <choonho.son@gmail.com>
|