Age | Commit message (Collapse) | Author | Files | Lines |
|
This patch adds a configuration parameter to IPSec tunnels, enabling
custom FIB selection for encapsulated packets.
Although this option could also be used for policy-based IPSec,
this change only enables it for virtual-tunnel-interface mode.
Note that this patch does change the API default behavior regarding
TX fib selection for encapsulated packets.
Previous behavior was to use the same FIB after and before encap.
The new default behavior consists in using the FIB 0 as default.
Change-Id: I5c212af909940a8cf6c7e3971bdc7623a2296452
Signed-off-by: Pierre Pfister <ppfister@cisco.com>
|
|
Change-Id: I7893a8fd5b3e15063675597c0e9bd1cd0b49ef0e
Signed-off-by: jackiechen1985 <xiaobo.chen@tieto.com>
|
|
Change-Id: Ib0d9b533d72c899b77c9a7bd1daa9b4a55b7221c
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
if a tunnel's destination address is reachable through the tunnel
(see example config belwo) then search for and detect a recursion
loop and don't stack the adjacency. Otherwise this results in a
nasty surprise.
DBGvpp# loop cre
DBGvpp# set int state loop0 up
DBGvpp# set int ip addr loop0 10.0.0.1/24
DBGvpp# create gre tunnel src 10.0.0.1 dst 1.1.1.1
DBGvpp# set int state gre0 up
DBGvpp# set int unnum gre0 use loop0
DBGvpp# ip route 1.1.1.1/32 via gre0
DBGvpp# sh ip fib 1.1.1.1
ipv4-VRF:0, fib_index:0, flow hash:[src dst sport dport proto ] locks:[src:plugin-hi:2, src:default-route:1, ]
1.1.1.1/32 fib:0 index:11 locks:4 <<< this is entry #11
src:CLI refs:1 entry-flags:attached, src-flags:added,contributing,active,
path-list:[14] locks:2 flags:shared,looped, uPRF-list:12 len:1 itfs:[2, ]
path:[14] pl-index:14 ip4 weight=1 pref=0 attached-nexthop: oper-flags:recursive-loop,resolved, cfg-flags:attached,
1.1.1.1 gre0 (p2p)
[@0]: ipv4 via 0.0.0.0 gre0: mtu:9000 4500000000000000fe2fb0cc0a0000010101010100000800
stacked-on entry:11: <<<< and the midchain forwards via entry #11
[@2]: dpo-drop ip4
src:recursive-resolution refs:1 src-flags:added, cover:-1
forwarding: unicast-ip4-chain
[@0]: dpo-load-balance: [proto:ip4 index:13 buckets:1 uRPF:12 to:[0:0]]
[0] [@6]: ipv4 via 0.0.0.0 gre0: mtu:9000 4500000000000000fe2fb0cc0a0000010101010100000800
stacked-on entry:11:
[@2]: dpo-drop ip4
DBGvpp# sh adj 1
[@1] ipv4 via 0.0.0.0 gre0: mtu:9000 4500000000000000fe2fb0cc0a0000010101010100000800
stacked-on entry:11:
[@2]: dpo-drop ip4
flags:midchain-ip-stack midchain-looped <<<<< this is a loop
counts:[0:0]
locks:4
delegates:
children:
{path:14}
Change-Id: I39b82bd1ea439be4611c88b130d40289fa0c1b59
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: Ic6a6202a2d5aca33eee7fc6ff8eeaa1db9b58525
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I20820145377060e12aeeb23b433206c79fd88332
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I5a5ee48755befc370a1f89ddbb0d91f164ed564f
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I6debfe85d9d55f6f9a8ef0ce1dcc008393847a37
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: Ia9048bb4e074f7ebc36eb77e542a916924103332
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: Iff75be238a231df88a37b61610c134e4a4770708
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: If7835e9b80ec9402404bfc8d271eb11a10ef992b
Signed-off-by: Pavel Kotucek <pavel.kotucek@pantheon.tech>
|
|
Change-Id: Ife66395b89e1e9f9206666e5f0fd441b3c241bb2
Signed-off-by: jackiechen1985 <xiaobo.chen@tieto.com>
|
|
Change-Id: Id8669bbadd1d6b2054865a310a654e9b38d1667d
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Change-Id: I7cf3ae8c10dd584e8bc234a3253bea3c5a2d105a
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I45fd7538853f84c6c8bf804cc20acbc9601db3ba
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: Ibb55427ed49d0277854a352922c6c4bb007bf072
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Change-Id: Ia56c2698adb0ea7811203844dc4db10e121fbc42
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Add a check to make sure that the vlib and vnet buffer flag bit
definitions do not overlap.
The VNET_BUFFER_F_AVAIL1...8 definitions allow out-of-tree codes to:
#define VNET_BUFFER_F_MY_USECASE VNET_BUFFER_F_AVAIL1
and so on. This avoids introducing irrelevant and/or proprietary bit
definitions into vnet/buffer.h, and hopefully minimizes merge pain for
everyone involved.
Change-Id: I5be4f61dceb81b5bfca005f6d609ade074af205b
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: I92f415bf253d6e051ec9d94ebeb98f081b2a0293
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: Ifdbb4c4cffd90c4ec8b39513d284ebf7be39eca5
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: Iad3120ab6466b77875efc89ccb49f6d22e36e62a
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: Ic6a8b9aaec7e5dee4fb1971168988dbe4f931f86
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Change-Id: I9d2f52e756363df011026773bfffa838a557313f
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
cleaning up some unused code
Change-Id: I1558eec79af173e5cdcc769d7c3909039403eed8
Signed-off-by: Vijayabhaskar Katamreddy <vkatamre@cisco.com>
|
|
Change-Id: Ia5d45db73e4bdb32214ed4f365d5eec8e28115f3
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I89be597376690bb75c4347bcfc1c6c3d27c4034c
Signed-off-by: Chore <s3m2e1.6star@gmail.com>
|
|
VPP graph dispatch trace record description:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Major Version | Minor Version | NStrings | ProtoHint |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Buffer index (big endian) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+ VPP graph node name ... ... | NULL octet |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Buffer Metadata ... ... | NULL octet |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Buffer Opaque ... ... | NULL octet |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Buffer Opaque 2 ... ... | NULL octet |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| VPP ASCII packet trace (if NStrings > 4) | NULL octet |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Packet data (up to 16K) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Graph dispatch records comprise a version stamp, an indication of how
many NULL-terminated strings will follow the record header, and a
protocol hint.
The buffer index allows downstream consumers of these data to easily
filter/track single packets as they traverse the forwarding
graph. FWIW, the 32-bit buffer index is stored in big endian format.
As of this writing, major version = 1, minor version = 0. Nstrings
will be either 4 or 5.
Here is the current set of protocol hints:
typedef enum
{
VLIB_NODE_PROTO_HINT_NONE = 0,
VLIB_NODE_PROTO_HINT_ETHERNET,
VLIB_NODE_PROTO_HINT_IP4,
VLIB_NODE_PROTO_HINT_IP6,
VLIB_NODE_PROTO_HINT_TCP,
VLIB_NODE_PROTO_HINT_UDP,
VLIB_NODE_N_PROTO_HINTS,
} vlib_node_proto_hint_t;
Example: VLIB_NODE_PROTO_HINT_IP6 means that the first octet of packet
data SHOULD be 0x60, and should begin an ipv6 packet header.
Change-Id: Idf310bad80cc0e4207394c80f18db5f77c378741
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: I45b97cfd0c3785bfbf6d142d362bd3d4d56bae00
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Instead of waiting for notification from binary api.
Change-Id: I5ecab857d6bcdbed62d6bb06709570c4cf6b19ea
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I03884b6cde9d4c38ae13d1994fd8d37d44016ef0
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: Icf1408c50a6438c81e16033e83b2a76ce6eb0166
Signed-off-by: John Lo <loj@cisco.com>
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
DHCP tests failed intermittantly with a core dump.
Let's see if this fixes it.
Change-Id: I42829a2c7e7f5a9a6775330d37bf972ff0008210
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Change-Id: I4799a9d469c797e54669ff4b50851a9acc849427
Signed-off-by: Chore <s3m2e1.6star@gmail.com>
|
|
Change-Id: Id4a20066fc5be716c61a497dfcb4d00dc1dbb28d
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
- intercept fork and register a new worker with vpp
- share sessions between parent and forked child
- keep binary api state per worker
Change-Id: Ib177517d661724fa042bd2d98d18e777056352a2
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I790f7785e183cc9aaffd5b593617c4e12a32e20d
Signed-off-by: Pavel Kotucek <pavel.kotucek@pantheon.tech>
|
|
Change-Id: Ibb6d648948f990280e3cb048ce907f01e5c32b12
Signed-off-by: Jon Loeliger <jdl@netgate.com>
|
|
Previously all types are compound. This adds support for aliases,
so one can do things like:
typedef u32 interface_index;
or
typedef u8 ip4_address[4];
Change-Id: I0455cad0123fc88acb491d2a3ea2725426bdb246
Signed-off-by: Ole Troan <ot@cisco.com>
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Change-Id: Ia3dcd98edb6188deb96a3a99d831e71b2ffa0060
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Prefetching first 2 packets' header is useless cause of the prefetching
action is not done before using the packets.
There's no performance drop in Xeon platform and slightly performance
gain in Atom platform after rmoving the prefetch.
Change-Id: Ib4b074af20d7cd5053aecc7147b162141aec31f5
Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
|
|
Significant refit coming soon.
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: If7d196e84354c5088706e2ac81e2add42597a550
|
|
strncpy stops copying when a byte set to 0 is read.
The fix is to use mempcy instead.
This patch also adds spd id to ipsec input trace.
Change-Id: Ibed071d3607fa76c3f6ee065f94128f1aca9b2e2
Signed-off-by: Pierre Pfister <ppfister@cisco.com>
|
|
Verify that last node in the computed feature order matches
reality. This check doesn't make sense in all cases, so we skip it if
the newly-added vnet_feature_arc_registration_t ".last_in_arc" datum
is a NULL pointer.
Change-Id: Ia99c3e2b2da2e4780a7d5bc71670c5742a66fef2
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
When 'Symmetric' flag is enabled, it will sort the addresses
and hence, same flow hash will be calculated on both directions.
Change-Id: I5d846f8d0b94ca1121e03d15b02bb56edb5887b1
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
Change-Id: I0e89fbc51f30325655c4e9d0104aceb3ead3b16f
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Should be less expensive...
Change-Id: I678a39e42a054bf5f6ef9c59d0fb93ff9719b964
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I1bbad8716b9be3f2413aaebd400887c1e2aa3c7a
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I1ed39c4ee084b26faac8286d9729413311ba9508
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I9dbeff51d3ede6db3cd5a097623aa580e5e25042
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I6e6963882825e83d8da3a460be35c7349e107777
Signed-off-by: Damjan Marion <damarion@cisco.com>
|