Age | Commit message (Collapse) | Author | Files | Lines |
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Id13f33843b230a1d169560742c4f7b2dc17d8718
|
|
This is the code refactor for vnet/flow infra and the dpdk_plugin flow
implementation. The main works of the refactor are:
1. Added two base flow type: VNET_FLOW_TYPE_IP4 and VNET_FLOW_TYPE_IP6
as the base the flow type
2. All the other flows are derived from the base flow types
3. Removed some flow types that are not currently supported by
the hardware, and VPP won't leverage them either:
IP4_GTPU_IP4, IP4_GTPU_IP6, IP6_GTPC, IP6_GTPU,
IP6_GTPU_IP4, IP6_GTPU_IP6
4. Re-implemented the vnet/flow cli as well as the dpdk_plugin
implementation
5. refine cli prompt
6. refine display info in command "show flow entry"
Type: refactor
Signed-off-by: Chenmin Sun <chenmin.sun@intel.com>
Change-Id: Ica5e61c5881adc73b28335fd83e36ec1cb420c96
|
|
Bypass node MUST NOT intercept a packet if destination IP doesn’t match
a local address. However IP address interpretation depends on the VRF,
hence bypass node must take that into account.
This patch also factors-out common VTEP management and checking code.
Type: improvement
Signed-off-by: Nick Zavaritsky <nick.zavaritsky@emnify.com>
Change-Id: I5665d94882bbf45d15f8da140c7ada528ec7fa94
|
|
Add an ALWAYS_ASSERT (...) macro, to (a) shut up coverity, and (b)
check the indicated condition in production images.
As in:
p = hash_get(...);
ALWAYS_ASSERT(p) /* was ASSERT(p) */
elt = pool_elt_at_index(pool, p[0]);
This may not be the best way to handle a specific case, but failure to
check return values at all followed by e.g. a pointer dereference
isn't ok.
Type: fix
Ticket: VPP-1837
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: Ia97c641cefcfb7ea7d77ea5a55ed4afea0345acb
|
|
Type: fix
Change-Id: Id53eb6ed15f270d747b9831a7b585cbafe515dd2
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Type: fix
Since Vxlan hw offload jumps the ethernet-input node, so needs to
adjust the data offset accordingly
In original code, the current_data is 0 when arriving vxlan-flow-input
node(due to no graph node before it, except the dpdk-input), so this
code block cannot find the correct vxlan header:
enum
{ payload_offset = sizeof (ip4_vxlan_header_t) };
vlib_buffer_advance (b0, payload_offset);
see code in src/vnet/vxlan/decap.c, function vxlan4_flow_input_node
This patch fixes this issue
Signed-off-by: Chenmin Sun <chenmin.sun@intel.com>
Change-Id: Iab4af7a7dc3b69a117a4c9ea1c59662669a6438c
|
|
Instead of all clients directly RR sourcing the entry they are tracking,
use a deidcated 'tracker' object. This tracker object is a entry
delegate and a child of the entry. The clients are then children of the
tracker.
The benefit of this aproach is that each time a new client tracks the
entry it doesn't RR source it. When an entry is sourced all its children
are updated. Thus, new clients tracking an entry is O(n^2). With the
tracker as indirection, the entry is sourced only once.
Type: feature
Change-Id: I5b80bdda6c02057152e5f721e580e786cd840a3b
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Enhance the route add/del APIs to take a set of paths rather than just one.
Most unicast routing protocols calcualte all the available paths in one
run of the algorithm so updating all the paths at once is beneficial for the client.
two knobs control the behaviour:
is_multipath - if set the the set of paths passed will be added to those
that already exist, otherwise the set will replace them.
is_add - add or remove the set
is_add=0, is_multipath=1 and an empty set, results in deleting the route.
It is also considerably faster to add multiple paths at once, than one at a time:
vat# ip_add_del_route 1.1.1.1/32 count 100000 multipath via 10.10.10.11
100000 routes in .572240 secs, 174751.80 routes/sec
vat# ip_add_del_route 1.1.1.1/32 count 100000 multipath via 10.10.10.12
100000 routes in .528383 secs, 189256.54 routes/sec
vat# ip_add_del_route 1.1.1.1/32 count 100000 multipath via 10.10.10.13
100000 routes in .757131 secs, 132077.52 routes/sec
vat# ip_add_del_route 1.1.1.1/32 count 100000 multipath via 10.10.10.14
100000 routes in .878317 secs, 113854.12 routes/sec
vat# ip_route_add_del 1.1.1.1/32 count 100000 multipath via 10.10.10.11 via 10.10.10.12 via 10.10.10.13 via 10.10.10.14
100000 routes in .900212 secs, 111084.93 routes/sec
Change-Id: I416b93f7684745099c1adb0b33edac58c9339c1a
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
Signed-off-by: Ole Troan <ot@cisco.com>
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
plugins:
- ipfixcollector
vnet:
- geneve
- vxlan_gpe
- vxlan
Change-Id: I69a8b4017ee6990f2b4874fe3e94c4520bde7101
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
|
|
Change-Id: I68cc509b594b09751ff5e0e09bbca187a4a88edd
Signed-off-by: Jon Loeliger <jdl@netgate.com>
|
|
Change-Id: Ied34720ca5a6e6e717eea4e86003e854031b6eab
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: I70fb7394f85b26f7e632d74fc31ef83597efdd16
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
store local/remote addresses + vrf + vni in hash key
store complete decap info in hash value (sw_if_index + next_index +
error)
this removes the need to access the tunnel object when matching both
unicast and mcast.
however for mcast handling it requires 3 hash lookups:
* one failed unicast lookup (by src+dst addrs)
* lookup by mcast(dst) addr .
* unicast lookup (tunnel local ip as dst + pkt's src addr)
where previously it needed 2:
* lookup by src to find unicast tunnel + compare dst to local addr
(failing for mcast)
* lookup by mcast to find the mcast tunnel
Change-Id: I7a3485d130a54194b8f7e2df0431258db36eceeb
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
Change-Id: I085615fde1f966490f30ed5d32017b8b088cfd59
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
this receipe:
/* Get a line of input. */
if (!unformat_user (input, unformat_line_input, line_input))
return 0;
only works if there is more data following the registered command name.
So it is not so good for show commands...
Change-Id: I54249865a44526ade4b40e2d6207138a2d056e40
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
|
|
Change-Id: I63c36644c9d93f2c3ec6606ca0205b407499de4e
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
Change-Id: I0d4630c88d6caacffcd073ebaa12766dfc893f70
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
* added the fib index into the key
* conform coding style for vxlan.h
* added "show vxlan tunnel raw" command to dump bihash
Change-Id: Icc96e41abb648e96de5b4605b035f68f9e20f8a9
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
ip4 vxlan cli/api (using flow infra) to create flows and enable them on
different hardware (currently tested with i40e)
to offload a vxlan tunnel onto hw:
set flow-offload vxlan hw TwentyFiveGigabitEthernet3/0/0 rx vxlan_tunnel1
to remove offload:
set flow-offload vxlan hw TwentyFiveGigabitEthernet3/0/0 rx vxlan_tunnel1 del
TODO:ipv6 handling
Change-Id: I70e61f792ef8e3f007d03d7df70e97ea4725b101
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
Change-Id: I9937912cd760698e39044e8ae022a90b58c8db30
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
Two vxlan union/struct initializations caused gcc on
CentOS 7 to puke. Modified them to make the build
work again.
Change-Id: Iad667444b86cfde5ee4329993b520028d3b593ad
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
|
|
moving the rewrite into the tunnel struct
Change-Id: Iec74b48e13456d32957e826cffb5ea35a8ebd1a0
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
from encap path
Change-Id: I62a8d13495355ad5e687f13b86c2a5d360bb2b7f
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
Change-Id: I33ba5a011100baf1c786f9a63a0cf3d2e1020493
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
Fixes a small bookkeeping oversight where the VXLAN instance
numbers were being freed erroneously by their device_instance
number rather than the correct user_instance number.
Change-Id: I08f6b2089c7a14cc8a8cb91f04f850f60ecec43b
Signed-off-by: Jon Loeliger <jdl@netgate.com>
|
|
Change-Id: I62a2a6524b72115a4239fbd7dc9ac8fdc35e20ed
Signed-off-by: John Lo <loj@cisco.com>
|
|
Change GRE tunnel to use the interface type where the same encap
node is used as output node for all GRE tunnels, instead of having
dedicated output and tx node for each tunnel. This allows for more
efficient tunnel creation and deletion at scale tested at 1000's
of GRE tunnels.
Add support for ERSPAN encap as another tunnel type, in addition
to the existing L3 and TEB types. The GRE ERSPAN encap supported
is type 2 thus GRE encap need to include sequence number and GRE-
ERSPAN tunnel can be created with user secified ERSPAN session ID.
The GRE tunnel lookup hash key is updated to inclue tunnel type
and session ID, in addition to SIP/DIP and FIB index.
Thus, GRE-ERSPAN tunnel can be created, with the appropriate
session ID, to be used as output interface for SPAN config to
send mirrored packets.
Change interface naming so that all GRE tunnels, irrespective of
tunnel type, uses "greN" where N is the instance number. Removed
interface reuse on tunnel creation and deletion to enable unfied
tunnel interface name.
Add support of user specified instance on GRE tunnel creation.
Thus, N in the "greN" interface name can optionally be specified
by user via CLI/API.
Optimize GRE tunnel encap DPO stacking to bypass load-balance DPO
node since packet output on GRE tunnel always belong to the same
flow after 5-tupple hash.
Change-Id: Ifa83915744a1a88045c998604777cc3583f4da52
Signed-off-by: John Lo <loj@cisco.com>
|
|
vxlan interfaces no longer create tx nodes and are "cheap" to create and delete
Change-Id: I7628d8ce86ec88609ed08162c94f5bc95df0d9f4
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
If one is not selected by the user, the next available id
will be allocated, thus maintaining backward compatibility.
Change-Id: I4691ed0638b8072f9cfa9f20b9fe4f981e708800
Signed-off-by: Jon Loeliger <jdl@netgate.com>
|
|
Rather than having multiple copies of the same function
scattered around, promote the function into the FIB
PROTOCOL definitions in fib_types.h.
Change-Id: I11c4d85931167d3a5f3dc1278afecc8845b23cd7
Signed-off-by: Jon Loeliger <jdl@netgate.com>
|
|
Modify interface creation to allow creation of tunnel interfaces
without dedicated per tunnel output and tx nodes which are not
used for most tunnel types. Also changed interface-output node
function vnet_per_buffer_interface_output() so it does not rely
on hw_if_index as the next node index which is not flexible nor
efficient for large scale tunnel interfaces.
The improvenemts are done for VXLAN, VXLAN-GPE, GENEVE and GTPU
tunnels. GRE tunnel is still using per tunnel output nodes which
will be changed in a separate patch with other GRE enhencements.
Change-Id: I4123c01c0d2ead814417a867adb8c8a407e4df55
Signed-off-by: John Lo <loj@cisco.com>
|
|
Improve "show xxx tunnel" output functions format_xxx_tunnel() for
GRE, VXLAN, VXLAN-GPE, GENEVE and GTPU tunnels to make their output
more consistent and provide better information.
Improved the output of "show int addr" to make its info more
consistent with tunnels and provide fib-index info.
Change-Id: Icd4b5b85a5bec417f8ee19afea336c770ad3b4c5
Signed-off-by: John Lo <loj@cisco.com>
|
|
Move the functions hash_set_key_copy() and hash_unset_key_free()
which are dupilicated in various tunnel support code modules to
hash.h as hash_set_mem_alloc() and hash_unset_mem_free() to be
used by all.
Change-Id: I40723cabe29072ab7feb1804c221f28606d8e4fe
Signed-off-by: John Lo <loj@cisco.com>
|
|
Saves memory at no appreciable performance cost.
before:
DBGvpp# sh fib mem
FIB memory
Name Size in-use /allocated totals
Entry 80 7 / 150 560/12000
after:
DBGvpp# sh fib mem
FIB memory
Name Size in-use /allocated totals
Entry 72 7 / 7 504/504
Change-Id: Ic5d3920ceb57b54260dc9af2078c26484335fef1
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
[support for VPWS/VPLS]
- switch to using dpo_proto_t rather than fib_protocol_t in fib_paths so that we can describe L2 paths
- VLIB nodes to handle pop/push of MPLS labels to L2
Change-Id: Id050d06a11fd2c9c1c81ce5a0654e6c5ae6afa6e
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
tests). The DPO was incorrectly initialised with FIB_PROTO_MAX
Change-Id: I962df9e162e4dfb6837a5ce79ea795d5ff2d7315
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
when tunnel is deleted reply should include the tunnel's sw_if_index
instead of ~0
Change-Id: Ie5e04f4feab9cf2c90f0e155ec0fb9ca839a956d
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
Added a new interface flag - HIDDEN
Indicates that the interface does not appear in CLI/API.
Added three new interface functions:
vnet_sw_interface_is_api_visible - indicates if the sw_if_index should be displayed
vnet_swif_is_api_visible - variant for sw_interface
vnet_sw_interface_is_api_valid - tests if the given if_index exists and is visible
for future use by api functions
Changed the unformat function to only accept visible interfaces
Changed vxlan to add the HIDDEN flag to deleted interfaces
This is the first part in a series to hide deleted interfaces from the API
Change-Id: Ib43cc5cf1c450856560faf4e84126eb3671038e2
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
Change-Id: Ic2447313075cd46f265202dffaaac894f48ddf6d
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
In the CLI parsing, below is a common pattern:
/* Get a line of input. */
if (!unformat_user (input, unformat_line_input, line_input))
return 0;
while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
{
if (unformat (line_input, "x"))
x = 1;
:
else
return clib_error_return (0, "unknown input `%U'",
format_unformat_error, line_input);
}
unformat_free (line_input);
The 'else' returns if an unknown string is encountered. There a memory
leak because the 'unformat_free(line_input)' is not called. There is a
large number of instances of this pattern.
Replaced the previous pattern with:
/* Get a line of input. */
if (!unformat_user (input, unformat_line_input, line_input))
return 0;
while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
{
if (unformat (line_input, "x"))
x = 1;
:
else
{
error = clib_error_return (0, "unknown input `%U'",
format_unformat_error, line_input);
goto done:
}
}
/* ...Remaining code... */
done:
unformat_free (line_input);
return error;
}
In multiple files, 'unformat_free (line_input);' was never called, so
there was a memory leak whether an invalid string was entered or not.
Also, there were multiple instance where:
error = clib_error_return (0, "unknown input `%U'",
format_unformat_error, line_input);
used 'input' as the last parameter instead of 'line_input'. The result
is that output did not contain the substring in error, instead just an
empty string. Fixed all of those as well.
There are a lot of file, and very mind numbing work, so tried to keep
it to a pattern to avoid mistakes.
Change-Id: I8902f0c32a47dd7fb3bb3471a89818571702f1d2
Signed-off-by: Billy McFall <bmcfall@redhat.com>
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
fix wrong udp error codes in decap ip6 handling
Change-Id: Ibf791a995128d38b31725c1ee67ec9d1c9dffca2
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
Change-Id: I9cfff0196845c6f1161848aa49442aa4df81b20e
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
Add vxlan-bypass feature which can be enabled on the IP6 underlay
interface which receive VXLAN packets to accelerate VXLAN decap
processing. The CLI to enable/disable it is:
set interface ip6 vxlan-bypass <interface> [del]
The vxlan-bypass feature is already supported on the IP4 underlay
interface. The CLI to enable/disable it is:
set interface ip vxlan-bypass <interface> [del]
Move vxlan-bypass API/CLI support code from decap.c to vxlan.c.
Also fixed two issues in the VXLAN decap path in the vxlan-input node:
1. Add verification of VXLAN packet FIB index with the encap-vrf-id
of the VXLAN tunnel.
2. Fix checking of VXLANoIPv6 packet mcast DIP against that of the
IP6 mcast VXLAN tunnel.
Change-Id: I2bad4074a468c48fbb8bb5ac64f6437190756ed2
Signed-off-by: John Lo <loj@cisco.com>
|
|
- IPv[46] mfib tables with support for (*,G/m), (*,G) and (S,G) exact and longest prefix match
- Replication represented via a new replicate DPO.
- RPF configuration and data-plane checking
- data-plane signals sent to listening control planes.
The functions of multicast forwarding entries differ from their unicast conterparts, so we introduce a new mfib_table_t and mfib_entry_t objects. However, we re-use the fib_path_list to resolve and build the entry's output list. the fib_path_list provides the service to construct a replicate DPO for multicast.
'make tests' is added to with two new suites; TEST=mfib, this is invocation of the CLI command 'test mfib' which deals with many path add/remove, flag set/unset scenarios, TEST=ip-mcast, data-plane forwarding tests.
Updated applications to use the new MIFB functions;
- IPv6 NS/RA.
- DHCPv6
unit tests for these are undated accordingly.
Change-Id: I49ec37b01f1b170335a5697541c8fd30e6d3a961
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
and refactored hash table mem keys access
hash_set_key_dup - same as hash_set_mem but duplicates the key
hash_unset_key_free - same as hash_unset_mem but frees the key
Change-Id: I18cdcf7e41c57faa615d6337acaf8d1ad058a4c1
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
Change-Id: I15f7ff1e957718e808bfad811895deaacb85d2a3
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
Change-Id: I7b51f88292e057c6443b12224486f2d0c9f8ae23
Signed-off-by: Damjan Marion <damarion@cisco.com>
|