summaryrefslogtreecommitdiffstats
path: root/src/vnet
AgeCommit message (Collapse)AuthorFilesLines
2017-02-27vlib: add VLIB_BUFFER_EXT_HDR_VALID flagDamjan Marion3-5/+2
Change-Id: If56c66dd12eded1cc997087de5fd1b975766c4e2 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-02-27Add GPE CLI/API for setting encap modeFilip Tehlar7-4/+205
Change-Id: Id89e23fb5d275572b2356c073dfa0f55719e1a76 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-02-27fix:vxlan mcast adj - added as ucast dpo adjEyal Bari1-1/+1
Change-Id: Ic2447313075cd46f265202dffaaac894f48ddf6d Signed-off-by: Eyal Bari <ebari@cisco.com>
2017-02-26BFD: echo functionKlement Sekera8-318/+864
Change-Id: Ib1e301d62b687d4e42434239e7cd412065c28da0 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-02-25Add NSH to GPE decap pathFlorin Coras5-20/+56
Change-Id: I97681322fa9ca81736100b4d32eab84868886c7b Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-02-25MFIB: changes to improve route add/delete performanceNeale Ranns3-7/+12
Change-Id: I063d85200d12b09545ae1c373c7fc69112ae3b34 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-24FIB: 1) fix pool realloc during prefix export. 2) don't walk off the end of ↵Neale Ranns3-7/+31
the path-extension vector Change-Id: I8bd8f6917ace089edb1f65bd017b478ee198c03f Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-24VPP-650: handle buffer failure in vlib_buffer_copy(...)Dave Barach3-9/+53
Change-Id: I6aac48d780fcd935818221044eae50067f225175 Signed-off-by: Dave Barach <dave@barachs.net>
2017-02-24Fixed QAT device binding and device unbinding when vpp package is removedRadu Nicolau1-1/+1
Change-Id: I35ad6a42093cad0945df1df09a39c63c4560dce6 Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
2017-02-24MFIB memory leak. free the per-source interface hashNeale Ranns2-1/+3
Change-Id: I0ccb337eb0ed50ccc64193533cd816f6e36e6db5 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-24VPP-279: Document changes for vnet/vnet/devicesBilly McFall2-100/+617
Add doxygen documentation for dpdk CLI commands. Outside of adding documentation to the CLI Commands, modified the CLI code as follows: * The "set dpdk interface placement" command allows the user to move interface/queues to a different thread. But there is only a subset of threads that are valid. Updated the "show dpdk interface placement" command to display all valid threads, even if all interface/queues have been moved off. Updated the "show dpdk interface hqos placement" the same way. * There is a command to modify the Subport attributes, but no way to display the changes. Added a "Subport" section to the "show dpdk interface hqos" command. * Reworked the "set dpdk interface hqos subport" command. - The current implementation had a local rte_sched_subport_params structure and initialized it to default values, then overwrote with what was input. The side effect of this is that if all the current data is non-default, and a new command is entered with just one attribute, all the remaining attrbutes are getting set back to default under the cover. Very confusing for the user. Updated the code to read the current value and overwrite what has changed. - DPDK does not have a read subport data, so no way query the current applied values. The set command was not updating the local copy that is created at init. Modified the code to store the updated values if the DPDK apply function was successful. - Several functions repeated the same code to get a pointer to the local HQoS data. Added a utility function.get_hqos(..), to perform this action. Did not port other code to use new function. * The "set dpdk interface hqos pktfield" allows the user to set the packet fields required for classifiying the incoming packet. The classification is across three fields (subport, pipe, tc). The command was using 0,1,2 to represent these three fields, but had no explanation regarding these magic numbers. Updated the command to take the three tokens (subport, pipe, tc) for more clarity. For legacy sake, still allow 0,1,2 to be entered. Also updated the "show dpdk interface hqos" command to show these tokens. * The "set dpdk interface hqos tctbl" maps an interface and value 0-63 to a traffic class and queue. The "show dpdk interface hqos" command showed the internal DPDK magic number for traffic class and queue. Updated the show command to display what was input instead of the magic number. * The "show dpdk hqos queue" command always returns zeros by default because RTE_SCHED_COLLECT_STATS is not defined in DPDK. Took me a while to figure out why I wasn't getting values returned. So returned an error message if RTE_SCHED_COLLECT_STATS is not defined instead of zeros. Change-Id: I22b640d668245839ee977ef3602175c61d91d24c Signed-off-by: Billy McFall <bmcfall@redhat.com>
2017-02-23Fix vpp built-in version of api_unformat_sw_if_index(...)Dave Barach2-3/+2
Change-Id: I103fe19a1ecbaf3746ec6b957fa1010458cc9fae Signed-off-by: Dave Barach <dave@barachs.net>
2017-02-22Fix LISP and ONE crc marcosFilip Tehlar3-11/+26
Change-Id: Icd0dba04d8929456228136d1f25c459bffcc6a7a Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-02-22VPP-635: CLI Memory leak with invalid parameterBilly McFall27-429/+1163
In the CLI parsing, below is a common pattern: /* Get a line of input. */ if (!unformat_user (input, unformat_line_input, line_input)) return 0; while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT) { if (unformat (line_input, "x")) x = 1; : else return clib_error_return (0, "unknown input `%U'", format_unformat_error, line_input); } unformat_free (line_input); The 'else' returns if an unknown string is encountered. There a memory leak because the 'unformat_free(line_input)' is not called. There is a large number of instances of this pattern. Replaced the previous pattern with: /* Get a line of input. */ if (!unformat_user (input, unformat_line_input, line_input)) return 0; while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT) { if (unformat (line_input, "x")) x = 1; : else { error = clib_error_return (0, "unknown input `%U'", format_unformat_error, line_input); goto done: } } /* ...Remaining code... */ done: unformat_free (line_input); return error; } In multiple files, 'unformat_free (line_input);' was never called, so there was a memory leak whether an invalid string was entered or not. Also, there were multiple instance where: error = clib_error_return (0, "unknown input `%U'", format_unformat_error, line_input); used 'input' as the last parameter instead of 'line_input'. The result is that output did not contain the substring in error, instead just an empty string. Fixed all of those as well. There are a lot of file, and very mind numbing work, so tried to keep it to a pattern to avoid mistakes. Change-Id: I8902f0c32a47dd7fb3bb3471a89818571702f1d2 Signed-off-by: Billy McFall <bmcfall@redhat.com> Signed-off-by: Dave Barach <dave@barachs.net>
2017-02-16Consolidate DHCP v4 and V6 implementation. No functional change intendedNeale Ranns13-940/+840
The DHCP proxy and VSS information maintained by VPP is the same for v4 and v6, so we can manage this state using the same code. Packet handling is cleary different, so this is kept separate. Change-Id: I10f10cc1f7f19debcd4c4b099c6de64e56bb0c69 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-21Add Overlay Network Engine APIFilip Tehlar6-3/+3773
Change-Id: I6b5984df176688f0722a2888e73f05d8ed8b9310 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-02-21dhcp: multiple additionsNeale Ranns10-645/+787
DHCP additions: 1) DHCPv4 will only relay a message back to the client, if the Option82 information is present. So make this the default. 2) It is no longer possible to select via the API to "insert circuit ID" - since this is now default 3) Remove the version 2 API since it's now the same as version 1. 4) Adding the VSS option is now conditional only on the presence of VSS config (not the 'insert' option in the set API) 5) DHCP proxy dump via API Change-Id: Ia7271ba8c1d4dbf34a02c401d268ccfbb1b74f17 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-21Rename LISP GPE API to GPEFilip Tehlar9-91/+86
Change-Id: I133c55bce46d40ffddabbbf8626cbd3d072522d4 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-02-21VPP-540 : pbb tag rewrite detailsPavel Kotucek6-82/+187
Extended sw_interface_dump to provide 802.1ah (pbb) tag rewrite info if present. Extended log "l2-output" to provide raw data to display result of prospetive pbb tag rewrite. Tracing is moved after l2output_vtr to show these changes. Change-Id: I8b7cb865dc67ce21afab402cc086dac35f7c0f07 Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
2017-02-20FIB reset leaves residual routes. Wrong API used to remove the routes meant ↵Neale Ranns2-2/+5
the lock count on the entry did not drop to zero Change-Id: I6e2dff8c3c7976fd1c2e4c5258f5dc73123aa9b7 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-20LISP: don't show PITR generated mapping in dump callFilip Tehlar4-3/+15
Change-Id: Iecba818ccf74a4d34e35d498e6f6a1d3c62419f4 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-02-20CLI extension to add multiple (S,G)s at once and time itNeale Ranns1-10/+76
Change-Id: Id17060fd0e8ac80c8cf1999b0b82d0241b3b969a Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-20Python test IP and MPLS objects conform to infra.Neale Ranns11-15/+438
Add IP[46] MFIB dump. Change-Id: I4a2821f65e67a5416b291e4912c84f64989883b8 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-17Remove duplicate ip6 get interface address codeNeale Ranns4-47/+9
Change-Id: I5e0057b36bc4221e688a27fc1c0f602f78132991 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-17BFD: put session admin-up/admin-downKlement Sekera1-12/+12
Change-Id: I7d8889dce8495607106593ad83320c9af0f2fa07 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-02-17Implemented IKEv2 initiator features:Radu Nicolau13-186/+2180
- IKE_SA_INIT and IKE_AUTH initial exchanges - Delete IKA SA - Rekey and delete Child SA - Child SAs lifetime policy To set up one VPP instance as the initiator use the following CLI commands (or API equivalents): ikev2 profile set <id> responder <interface> <addr> ikev2 profile set <id> ike-crypto-alg <crypto alg> <key size> ike-integ-alg <integ alg> ike-dh <dh type> ikev2 profile set <id> esp-crypto-alg <crypto alg> <key size> esp-integ-alg <integ alg> esp-dh <dh type> ikev2 profile set <id> sa-lifetime <seconds> <jitter> <handover> <max bytes> and finally ikev2 initiate sa-init <profile id> to initiate the IKE_SA_INIT exchange Child SA re-keying process: 1. Child SA expires 2. A new Child SA is created using the Child SA rekey exchange 3. For a set time both SAs are alive 4. After the set time interval expires old SA is deleted Any additional settings will not be carried over (i.e. settings of the ipsec<x> interface associated with the Child SA) CLI API additions: ikev2 profile set <id> responder <interface> <addr> ikev2 profile set <id> ike-crypto-alg <crypto alg> <key size> ike-integ-alg <integ alg> ike-dh <dh type> ikev2 profile set <id> esp-crypto-alg <crypto alg> <key size> esp-integ-alg <integ alg> esp-dh <dh type> ikev2 profile set <id> sa-lifetime <seconds> <jitter> <handover> <max bytes> ikev2 initiate sa-init <profile id> ikev2 initiate del-child-sa <child sa ispi> ikev2 initiate del-sa <sa ispi> ikev2 initiate rekey-child-sa <profile id> <child sa ispi> Sample configurations: Responder: ikev2 profile add pr1 ikev2 profile set pr1 auth shared-key-mic string Vpp123 ikev2 profile set pr1 id local fqdn vpp.home.responder ikev2 profile set pr1 id remote fqdn vpp.home.initiator ikev2 profile set pr1 traffic-selector remote ip-range 192.168.125.0 - 192.168.125.255 port-range 0 - 65535 protocol 0 ikev2 profile set pr1 traffic-selector local ip-range 192.168.124.0 - 192.168.124.255 port-range 0 - 65535 protocol 0 Initiator: ikev2 profile add pr1 ikev2 profile set pr1 auth shared-key-mic string Vpp123 ikev2 profile set pr1 id local fqdn vpp.home.initiator ikev2 profile set pr1 id remote fqdn vpp.home.responder ikev2 profile set pr1 traffic-selector local ip-range 192.168.125.0 - 192.168.125.255 port-range 0 - 65535 protocol 0 ikev2 profile set pr1 traffic-selector remote ip-range 192.168.124.0 - 192.168.124.255 port-range 0 - 65535 protocol 0 ikev2 profile set pr1 responder TenGigabitEthernet3/0/1 192.168.40.20 ikev2 profile set pr1 ike-crypto-alg aes-cbc 192 ike-integ-alg sha1-96 ike-dh modp-2048 ikev2 profile set pr1 esp-crypto-alg aes-cbc 192 esp-integ-alg sha1-96 esp-dh ecp-256 ikev2 profile set pr1 sa-lifetime 3600 10 5 0 Change-Id: I1db9084dc787129ea61298223fb7585a6f7eaf9e Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
2017-02-17ipsec: changed ipsec-input-ip6 node to be a sibling of ipsec-input-ip4, ↵Radu Nicolau1-6/+1
fixes a problem that occurs with cryptodev ipv6 input. Change-Id: I1f0c0db45b2aabc243dd785c8d5d5ef990cac903 Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
2017-02-17l2 input: avoid per-packet trace checks in the fast pathDave Barach4-25/+54
Change-Id: Ib0c8572773499d8dd4d81b3a565c24412ccc3510 Signed-off-by: Dave Barach <dave@barachs.net>
2017-02-17dpdk: quad loop and prefetch in fill_free_listDamjan Marion1-15/+71
Change-Id: I19ec3b769b6512f7408044751393d9faf10d01d5 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-02-16Add NSH load-balance and drop DPOFlorin Coras5-15/+148
Also adds missing gpe nsh address type functions. Change-Id: I3353a23c0518da9ce3b221ddf8c5bd0364930154 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-02-16Fix NSH-LISP interface additionFlorin Coras1-15/+16
Change-Id: I3925d2ebb2d26c676fc61f118d25bdf7fd522f26 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-02-16Fix crash on deleting previously activated IPv6 interface - VPP-636Wojciech Dec1-0/+4
RADV Pool index was not getting updated Change-Id: I2d2f14c56f51034d39049d1c7e13c248180a865f Signed-off-by: Wojciech Dec <wdec@cisco.com>
2017-02-16LISP: minor enhacementsFilip Tehlar1-13/+13
* use RLOC for IP version detection * don't check whether RLOC is local when deleting Change-Id: Icdb84025dd5511eb5348b654bf7b373def15406c Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-02-15LISP: fix deleting src/dst entry from GID dictionaryFilip Tehlar2-5/+24
Change-Id: Ic674cc953b45ddd4811e07821e1a0af28b5f6214 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-02-15BFD: loop back echo packetsKlement Sekera4-38/+247
Change-Id: I772b63ac25ebfccaff9ab9d8d0b1445e85f21df7 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-02-15Fix bug in definition of tcp_header_tJuraj Sloboda1-1/+4
Change-Id: Ic814b805ef77913ffe86f82c009602c75258acfb Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2017-02-14VPP-279: Document changes for vnet/vnet/devicesBilly McFall2-52/+210
Add doxygen documentation for pcap tx trace CLI command. In the process of adding the documentation, made the following changes to the way the command worked: * If there is an error with any of the attributes, the whole command fails. The existing behavior was to apply attribute by attribute, then bail if there was an issue, with partial apply. * Move the 'on' processing to the end. The existing behavior was to process the 'on' as it was encountered on the commandline. That meant that any attributes after the 'on' in the commandline were saved and displayed, but not really being used in the packet trace. * Enhanced the 'status' to show all the configured attributes. NOTE: The packet capture has some weird behavior with regards to how many packets are written to file and if the file is appended or overwritten. VPP-634 written to document the issue. Change-Id: Iab241228b125385052de242865afd9515fa2524f Signed-off-by: Billy McFall <bmcfall@redhat.com>
2017-02-14BFD: respect remote demand modeKlement Sekera1-9/+46
Change-Id: I5063d31f5305c848043afb32fcacff6e61aed79f Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-02-14BFD: set per session UDP source port per RFCKlement Sekera4-16/+43
Change-Id: Id294dbbd6499ae8221cc8143e1027adc08866ae6 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-02-14Fix coverity issues: ioamShwetha Bhandari1-5/+6
Change-Id: I0963760a7da95612d5cab19596919b369a4d0f8e Signed-off-by: Shwetha Bhandari <shwethab@cisco.com>
2017-02-14Fix is_server flag in vhost dump (VPP-562)Marek Gradzki1-0/+1
Change-Id: I5b308eb39ae770d58d1498d7fafa49b236b3f534 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-02-14vhost-user: fix crash when descriptor points to unknown regionDamjan Marion1-1/+2
This happens only on when compiled for older microarchitectures, where BSF insutruction is used instead of TZCNT. BSF provides undefined result if operand is 0. Change-Id: I7a13350786a533428168595097ef01a560fde53b Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-02-13Out-of-tree Build Error fixAkshayaNadahalli2-22/+20
File vnet/fib/fib_urpf_list.h was included in vnet/fib/ip6_fib.h but was exported to be installed in /usr/include/vnet. So out-of-tree builds relying on an installed package was failing. Fix is to inlcude fib_urpf_list.h in source file rather than including it in header file. Change-Id: Iae39c1d9417dbd31ee67fa1bd2d1915d5e813c73 Signed-off-by: AkshayaNadahalli <anadahal@cisco.com>
2017-02-13Augment IP_DETAILS, IP_ADDRESS_DETAILS with a few context fields.Jon Loeliger2-5/+15
When handling the IP_DETAILS and IP_ADDRESS_DETAILS replies, it is almost certainly going to require having both the is_ipv6 and sw_if_index context to handle them properly. Placing these values in an essentially global location as the current VAT does isn't thread-safe. Fruthermore, rather than forcing every API user to hoop-jump to establish these context values, simply provide them in their DETAILS reply messages. Change-Id: I6a9e0cb16ecdbf87fca8fc5c7663e98d3a53c26c Signed-off-by: Jon Loeliger <jdl@netgate.com>
2017-02-13Basic support for LISP-GPE encapsulated NSH packetsFlorin Coras27-22/+942
Change-Id: I97fedb0f70dd18ed9bbe985407cc5fe714e8a2e2 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-02-13VPP-632 : InBand OAM AnalyserAkshayaNadahalli5-41/+29
Refer to jira ticket for more details. Change-Id: I6facb9ef8553a21464f9a2e612706f152badbb68 Signed-off-by: AkshayaNadahalli <anadahal@cisco.com>
2017-02-09Improve MFIB doxygen helpNeale Ranns4-4/+12
Change-Id: Ie490b7fd5238cbad23f0199161cc14324fd9c554 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-08BFD: minor fixesKlement Sekera2-5/+3
Change-Id: I1c93f96a752eb2ffd1117a656552131cde1fa489 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-02-08BFD: modify session parametersKlement Sekera9-114/+414
Change-Id: I666e5c0cc71a3693640960c93cdd1907f84fbe23 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-02-08Fix source address reachability check for ip6 local packetsAkshayaNadahalli2-7/+26
Currently ip6 local check fails with error - source lookup miss if route to source of packet is over a dpo object such as load balance - recurssive route, tunnel adj - GRE, SR etc. So unless packet source is of a directly connected neibhor or has route with both interface and nexthop specified, it will be dropped. Fix is to check urpf list and if at least one link exists in the list, then allow packets to be processed, else drop. Change-Id: Id426311bb63bab506754a79409c602fdb6d0f190 Signed-off-by: AkshayaNadahalli <anadahal@cisco.com>