Age | Commit message (Collapse) | Author | Files | Lines |
|
Implements:
1.- SR Policies with several (weighted) SID lists
2.- Binding SID
3.- SR LocalSIDs with support for the following functions
- End
- End.X
- End.DX6
- End.DX4
- End.DX2
- End.DT6
- End.DT2
- End.B6
- End.B6.Encaps
4.- SR Steering policies (to steer a traffic through an SR Policy)
- Support for IPv6 traffic (IPv6 Encapsulation / SRH insertion)
- Support for IPv4 traffic (IPv6 Encapsulation)
- Support for L2 traffic
(T.Insert / T.Encaps)
5.- Doxygen documentation
6.- Framework (APIs) to allow the definition of new SR LocalSID behaviors by means of plugins
7.- Sample SRv6 LocalSID plugin
Change-Id: I2de3d126699d4f11f54c0f7f3b71420ea41fd389
Signed-off-by: Pablo Camarillo <pcamaril@cisco.com>
|
|
To support creating loopback interfaces with a specific
instance number, a new CREATE_LOOPBACK_INSTANCE API call
with flag is_specified and value user_instance is introduced.
Presumably the existing CREATE_LOOPBACK API message will be
obsoleted and revmoved.
The VAT cli commands can now mention and format
the new field as 'instance %d' data. If no instance
number is named, the old call CREATE_LOOPBACK is used
to maintain backward compatibility. However, if the
instance is named, the new CREATE_LOOPBACK_INSTANCE
message will be used.
Both the dynamically allocated and user-requested instance
number are tracked in a bitvector. If is_specified is 0,
the next free instance will be used.. A request for a specific
instance number will be granted if it is available. On error,
the value ~0 is returned.
Change-Id: I849815563a5da736dcd6bccd262ef49b963f6643
Signed-off-by: Jon Loeliger <jdl@netgate.com>
|
|
via l2output_main.next_nodes
Before this commit, several output features that happen to be the
last in the list of features to be executed, send the packets directly
to <interfaceName>-output. To do this, they use l2_output_dispatch,
which builds a list of sw_if_index to next index mappings.
When interfaces are deleted and the new interfaces are created,
these mappings become stale, and cause the packets being sent to wrong
interface output nodes.
This patch (thanks John Lo for the brilliant idea!) adds a feature node "output",
whose sole purpose is dispatching the packets to the correct interface output
nodes. To do that, it uses the l2output_main.next_nodes, which is already
taken care of for the case of the sw_if_index reuse, so this makes the dependent
features all work correctly.
Since this changes the packet path, for the features that were always the last ones
it has triggered a side problem of the output feat_next_node_index not being properly
initalized. These two users are l2-output-classify node and the output nodes belonging
to the acl-plugin.
For the first one the less invasive fix is just to initialize that field.
For the acl-plugin nodes, rewrite the affected part of the code to use
feat_bitmap_get_next_node_index since this is essentially what the conditional
in l2_output_dispatch does, and fix the compiler warnings generated.
This fix was first made in stable/1701 under commit e7dcee4027854b0ad076101471afdfff67eb9011.
Change-Id: I32e876ab1e1d498cf0854c19c6318dcf59a93805
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
1) tests for RA options
2) memleaks deleteing a ip6_radv_info_t
3) MLD prefix code refactoring
Change-Id: I34db103994bd8fbdbbec50b202d72770dd145681
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
has an address configured (VPP-601)
Change-Id: I311fc264f73dd3b2b3ce9d7d1c33cd0515b36c4a
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Removed a fair number of "BUG" message handlers, due to conflicts with
actual message handlers in api_format.c. Vpp itself had no business
receiving certain messages, up to the point where we started building
in relevant code from vpp_api_test.
Eliminated all but one duplicate registration complaint. That one
needs attention from the vxlan team since the duplicated handlers have
diverged.
Change-Id: Iafce5429d2f906270643b4ea5f0130e20beb4d1d
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
since adding support for multicast vxlan flooding (flood class tunnel master)
correct flood functionality depends on the order of the memebers vector
solved by using vec_delete instead of vec_del1 which swaps members before deleting the last element
Change-Id: I234f218d49172b4142c567db9699a5cb274e4a66
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
Change-Id: Icf0d72f6af1f98c86f78e586c354515ac69804aa
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: Id1c3832609859ed004bacba0ced0d07dafd6c409
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
After VPP-635 was merged, did one more pass. While the code was waiting
to be merged, a few changes were merged to master with the same issue.
This is a few additional changes addressing the same issue. See VPP-635.
Change-Id: I7abeac5c260c1e2e9d9d318fd1aae24cd6932efc
Signed-off-by: Billy McFall <bmcfall@redhat.com>
|
|
Implement command line interface to the BFD binary APIs. Add
corresponding unit tests.
Change-Id: Ia0542d0bc4c8d78e6f7b777a08fd94ebfe4d524f
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Change-Id: I238258cdeb77035adc5e88903d824593d0a1da90
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I49e5ce0aae6e4ff634024387ceaf7dbc432a0351
Signed-off-by: Dave Barach <dave@barachs.net>
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I1152db4b7d1602653d7d8b2c6cb28cf5c526c4ca
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I8585552c026415340fe9fd0458cb8450da3c4ae2
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
With VPP-651, the L2 output config with L2-tag rewrite was not
cleared when a sub-interface is deleted. Subsequently, when the
same sw_if_index was reused for another interface, the L2 output
config with L2-tag rewrite remained on the new interface.
On deleting a (sub-)interface which is in L2 mode, it will be
changed to L3 mode first to clear any L2 config. The L2 to L3 mode
change path did address L2 input config cleanup. It is now fixed
to also clear L2 output config.
Change-Id: I3352a89d92e1b27340a5adcf75bbaa01a5050c29
Signed-off-by: John Lo <loj@cisco.com>
|
|
Change-Id: I50070611af15b2b4cc29664a8bee4f821ac3c835
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I356581f4bdf47b9610b9e50f4f8db9a1510872a7
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Change-Id: If56c66dd12eded1cc997087de5fd1b975766c4e2
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: Id89e23fb5d275572b2356c073dfa0f55719e1a76
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Change-Id: Ic2447313075cd46f265202dffaaac894f48ddf6d
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
Change-Id: Ib1e301d62b687d4e42434239e7cd412065c28da0
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Change-Id: I97681322fa9ca81736100b4d32eab84868886c7b
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I063d85200d12b09545ae1c373c7fc69112ae3b34
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
the path-extension vector
Change-Id: I8bd8f6917ace089edb1f65bd017b478ee198c03f
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I6aac48d780fcd935818221044eae50067f225175
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: I35ad6a42093cad0945df1df09a39c63c4560dce6
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
|
|
Change-Id: I0ccb337eb0ed50ccc64193533cd816f6e36e6db5
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Add doxygen documentation for dpdk CLI commands.
Outside of adding documentation to the CLI Commands, modified the CLI
code as follows:
* The "set dpdk interface placement" command allows the user to move
interface/queues to a different thread. But there is only a subset of
threads that are valid. Updated the "show dpdk interface placement"
command to display all valid threads, even if all interface/queues
have been moved off. Updated the "show dpdk interface hqos placement"
the same way.
* There is a command to modify the Subport attributes, but no way to
display the changes. Added a "Subport" section to the "show dpdk
interface hqos" command.
* Reworked the "set dpdk interface hqos subport" command.
- The current implementation had a local rte_sched_subport_params
structure and initialized it to default values, then overwrote with
what was input. The side effect of this is that if all the current
data is non-default, and a new command is entered with just one
attribute, all the remaining attrbutes are getting set back to
default under the cover. Very confusing for the user. Updated the
code to read the current value and overwrite what has changed.
- DPDK does not have a read subport data, so no way query the current
applied values. The set command was not updating the local copy that
is created at init. Modified the code to store the updated values if
the DPDK apply function was successful.
- Several functions repeated the same code to get a pointer to the
local HQoS data. Added a utility function.get_hqos(..), to perform
this action. Did not port other code to use new function.
* The "set dpdk interface hqos pktfield" allows the user to set the
packet fields required for classifiying the incoming packet. The
classification is across three fields (subport, pipe, tc). The command
was using 0,1,2 to represent these three fields, but had no
explanation regarding these magic numbers. Updated the command to take
the three tokens (subport, pipe, tc) for more clarity. For legacy
sake, still allow 0,1,2 to be entered. Also updated the "show dpdk
interface hqos" command to show these tokens.
* The "set dpdk interface hqos tctbl" maps an interface and value 0-63
to a traffic class and queue. The "show dpdk interface hqos" command
showed the internal DPDK magic number for traffic class and queue.
Updated the show command to display what was input instead of the
magic number.
* The "show dpdk hqos queue" command always returns zeros by default
because RTE_SCHED_COLLECT_STATS is not defined in DPDK. Took me a
while to figure out why I wasn't getting values returned. So returned
an error message if RTE_SCHED_COLLECT_STATS is not defined instead of
zeros.
Change-Id: I22b640d668245839ee977ef3602175c61d91d24c
Signed-off-by: Billy McFall <bmcfall@redhat.com>
|
|
Change-Id: I103fe19a1ecbaf3746ec6b957fa1010458cc9fae
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: Icd0dba04d8929456228136d1f25c459bffcc6a7a
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
In the CLI parsing, below is a common pattern:
/* Get a line of input. */
if (!unformat_user (input, unformat_line_input, line_input))
return 0;
while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
{
if (unformat (line_input, "x"))
x = 1;
:
else
return clib_error_return (0, "unknown input `%U'",
format_unformat_error, line_input);
}
unformat_free (line_input);
The 'else' returns if an unknown string is encountered. There a memory
leak because the 'unformat_free(line_input)' is not called. There is a
large number of instances of this pattern.
Replaced the previous pattern with:
/* Get a line of input. */
if (!unformat_user (input, unformat_line_input, line_input))
return 0;
while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT)
{
if (unformat (line_input, "x"))
x = 1;
:
else
{
error = clib_error_return (0, "unknown input `%U'",
format_unformat_error, line_input);
goto done:
}
}
/* ...Remaining code... */
done:
unformat_free (line_input);
return error;
}
In multiple files, 'unformat_free (line_input);' was never called, so
there was a memory leak whether an invalid string was entered or not.
Also, there were multiple instance where:
error = clib_error_return (0, "unknown input `%U'",
format_unformat_error, line_input);
used 'input' as the last parameter instead of 'line_input'. The result
is that output did not contain the substring in error, instead just an
empty string. Fixed all of those as well.
There are a lot of file, and very mind numbing work, so tried to keep
it to a pattern to avoid mistakes.
Change-Id: I8902f0c32a47dd7fb3bb3471a89818571702f1d2
Signed-off-by: Billy McFall <bmcfall@redhat.com>
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
The DHCP proxy and VSS information maintained by VPP is the same for v4 and v6, so we can manage this state using the same code.
Packet handling is cleary different, so this is kept separate.
Change-Id: I10f10cc1f7f19debcd4c4b099c6de64e56bb0c69
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I6b5984df176688f0722a2888e73f05d8ed8b9310
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
DHCP additions:
1) DHCPv4 will only relay a message back to the client, if the Option82 information is present. So make this the default.
2) It is no longer possible to select via the API to "insert circuit ID" - since this is now default
3) Remove the version 2 API since it's now the same as version 1.
4) Adding the VSS option is now conditional only on the presence of VSS config (not the 'insert' option in the set API)
5) DHCP proxy dump via API
Change-Id: Ia7271ba8c1d4dbf34a02c401d268ccfbb1b74f17
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I133c55bce46d40ffddabbbf8626cbd3d072522d4
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Extended sw_interface_dump to provide 802.1ah (pbb) tag rewrite info if
present.
Extended log "l2-output" to provide raw data to display result of
prospetive pbb tag rewrite. Tracing is moved after l2output_vtr to show
these changes.
Change-Id: I8b7cb865dc67ce21afab402cc086dac35f7c0f07
Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
|
|
the lock count on the entry did not drop to zero
Change-Id: I6e2dff8c3c7976fd1c2e4c5258f5dc73123aa9b7
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: Iecba818ccf74a4d34e35d498e6f6a1d3c62419f4
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Change-Id: Id17060fd0e8ac80c8cf1999b0b82d0241b3b969a
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Add IP[46] MFIB dump.
Change-Id: I4a2821f65e67a5416b291e4912c84f64989883b8
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I5e0057b36bc4221e688a27fc1c0f602f78132991
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I7d8889dce8495607106593ad83320c9af0f2fa07
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
- IKE_SA_INIT and IKE_AUTH initial exchanges
- Delete IKA SA
- Rekey and delete Child SA
- Child SAs lifetime policy
To set up one VPP instance as the initiator use the following CLI commands (or API equivalents):
ikev2 profile set <id> responder <interface> <addr>
ikev2 profile set <id> ike-crypto-alg <crypto alg> <key size> ike-integ-alg <integ alg> ike-dh <dh type>
ikev2 profile set <id> esp-crypto-alg <crypto alg> <key size> esp-integ-alg <integ alg> esp-dh <dh type>
ikev2 profile set <id> sa-lifetime <seconds> <jitter> <handover> <max bytes>
and finally
ikev2 initiate sa-init <profile id> to initiate the IKE_SA_INIT exchange
Child SA re-keying process:
1. Child SA expires
2. A new Child SA is created using the Child SA rekey exchange
3. For a set time both SAs are alive
4. After the set time interval expires old SA is deleted
Any additional settings will not be carried over (i.e. settings of the ipsec<x> interface associated with the Child SA)
CLI API additions:
ikev2 profile set <id> responder <interface> <addr>
ikev2 profile set <id> ike-crypto-alg <crypto alg> <key size> ike-integ-alg <integ alg> ike-dh <dh type>
ikev2 profile set <id> esp-crypto-alg <crypto alg> <key size> esp-integ-alg <integ alg> esp-dh <dh type>
ikev2 profile set <id> sa-lifetime <seconds> <jitter> <handover> <max bytes>
ikev2 initiate sa-init <profile id>
ikev2 initiate del-child-sa <child sa ispi>
ikev2 initiate del-sa <sa ispi>
ikev2 initiate rekey-child-sa <profile id> <child sa ispi>
Sample configurations:
Responder:
ikev2 profile add pr1
ikev2 profile set pr1 auth shared-key-mic string Vpp123
ikev2 profile set pr1 id local fqdn vpp.home.responder
ikev2 profile set pr1 id remote fqdn vpp.home.initiator
ikev2 profile set pr1 traffic-selector remote ip-range 192.168.125.0 - 192.168.125.255 port-range 0 - 65535 protocol 0
ikev2 profile set pr1 traffic-selector local ip-range 192.168.124.0 - 192.168.124.255 port-range 0 - 65535 protocol 0
Initiator:
ikev2 profile add pr1
ikev2 profile set pr1 auth shared-key-mic string Vpp123
ikev2 profile set pr1 id local fqdn vpp.home.initiator
ikev2 profile set pr1 id remote fqdn vpp.home.responder
ikev2 profile set pr1 traffic-selector local ip-range 192.168.125.0 - 192.168.125.255 port-range 0 - 65535 protocol 0
ikev2 profile set pr1 traffic-selector remote ip-range 192.168.124.0 - 192.168.124.255 port-range 0 - 65535 protocol 0
ikev2 profile set pr1 responder TenGigabitEthernet3/0/1 192.168.40.20
ikev2 profile set pr1 ike-crypto-alg aes-cbc 192 ike-integ-alg sha1-96 ike-dh modp-2048
ikev2 profile set pr1 esp-crypto-alg aes-cbc 192 esp-integ-alg sha1-96 esp-dh ecp-256
ikev2 profile set pr1 sa-lifetime 3600 10 5 0
Change-Id: I1db9084dc787129ea61298223fb7585a6f7eaf9e
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
|
|
fixes a problem that occurs with cryptodev ipv6 input.
Change-Id: I1f0c0db45b2aabc243dd785c8d5d5ef990cac903
Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
|
|
Change-Id: Ib0c8572773499d8dd4d81b3a565c24412ccc3510
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: I19ec3b769b6512f7408044751393d9faf10d01d5
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Also adds missing gpe nsh address type functions.
Change-Id: I3353a23c0518da9ce3b221ddf8c5bd0364930154
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I3925d2ebb2d26c676fc61f118d25bdf7fd522f26
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
RADV Pool index was not getting updated
Change-Id: I2d2f14c56f51034d39049d1c7e13c248180a865f
Signed-off-by: Wojciech Dec <wdec@cisco.com>
|