summaryrefslogtreecommitdiffstats
path: root/src/vnet
AgeCommit message (Collapse)AuthorFilesLines
2017-03-04Evolving SRv6 (Segment Routing for IPv6)Pablo Camarillo16-5227/+7599
Implements: 1.- SR Policies with several (weighted) SID lists 2.- Binding SID 3.- SR LocalSIDs with support for the following functions - End - End.X - End.DX6 - End.DX4 - End.DX2 - End.DT6 - End.DT2 - End.B6 - End.B6.Encaps 4.- SR Steering policies (to steer a traffic through an SR Policy) - Support for IPv6 traffic (IPv6 Encapsulation / SRH insertion) - Support for IPv4 traffic (IPv6 Encapsulation) - Support for L2 traffic (T.Insert / T.Encaps) 5.- Doxygen documentation 6.- Framework (APIs) to allow the definition of new SR LocalSID behaviors by means of plugins 7.- Sample SRv6 LocalSID plugin Change-Id: I2de3d126699d4f11f54c0f7f3b71420ea41fd389 Signed-off-by: Pablo Camarillo <pcamaril@cisco.com>
2017-03-03Implement a loopback instance allocation scheme.Jon Loeliger2-12/+117
To support creating loopback interfaces with a specific instance number, a new CREATE_LOOPBACK_INSTANCE API call with flag is_specified and value user_instance is introduced. Presumably the existing CREATE_LOOPBACK API message will be obsoleted and revmoved. The VAT cli commands can now mention and format the new field as 'instance %d' data. If no instance number is named, the old call CREATE_LOOPBACK is used to maintain backward compatibility. However, if the instance is named, the new CREATE_LOOPBACK_INSTANCE message will be used. Both the dynamically allocated and user-requested instance number are tracked in a bitvector. If is_specified is 0, the next free instance will be used.. A request for a specific instance number will be granted if it is available. On error, the value ~0 is returned. Change-Id: I849815563a5da736dcd6bccd262ef49b963f6643 Signed-off-by: Jon Loeliger <jdl@netgate.com>
2017-03-03VPP-651: Ensure sw_if_index to node mapping for L2 output path is only done ↵Andrew Yourtchenko3-3/+17
via l2output_main.next_nodes Before this commit, several output features that happen to be the last in the list of features to be executed, send the packets directly to <interfaceName>-output. To do this, they use l2_output_dispatch, which builds a list of sw_if_index to next index mappings. When interfaces are deleted and the new interfaces are created, these mappings become stale, and cause the packets being sent to wrong interface output nodes. This patch (thanks John Lo for the brilliant idea!) adds a feature node "output", whose sole purpose is dispatching the packets to the correct interface output nodes. To do that, it uses the l2output_main.next_nodes, which is already taken care of for the case of the sw_if_index reuse, so this makes the dependent features all work correctly. Since this changes the packet path, for the features that were always the last ones it has triggered a side problem of the output feat_next_node_index not being properly initalized. These two users are l2-output-classify node and the output nodes belonging to the acl-plugin. For the first one the less invasive fix is just to initialize that field. For the acl-plugin nodes, rewrite the affected part of the code to use feat_bitmap_get_next_node_index since this is essentially what the conditional in l2_output_dispatch does, and fix the compiler warnings generated. This fix was first made in stable/1701 under commit e7dcee4027854b0ad076101471afdfff67eb9011. Change-Id: I32e876ab1e1d498cf0854c19c6318dcf59a93805 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-03-03IPv6 RA improvementsNeale Ranns2-157/+123
1) tests for RA options 2) memleaks deleteing a ip6_radv_info_t 3) MLD prefix code refactoring Change-Id: I34db103994bd8fbdbbec50b202d72770dd145681 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-03Changing the IP table for an interface is an error if the interface already ↵Neale Ranns7-66/+110
has an address configured (VPP-601) Change-Id: I311fc264f73dd3b2b3ce9d7d1c33cd0515b36c4a Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-02Clean up binary api message handler registration issuesDave Barach7-164/+2
Removed a fair number of "BUG" message handlers, due to conflicts with actual message handlers in api_format.c. Vpp itself had no business receiving certain messages, up to the point where we started building in relevant code from vpp_api_test. Eliminated all but one duplicate registration complaint. That one needs attention from the vxlan team since the duplicated handlers have diverged. Change-Id: Iafce5429d2f906270643b4ea5f0130e20beb4d1d Signed-off-by: Dave Barach <dave@barachs.net>
2017-03-02bridge domain: fix members reordered when removingEyal Bari1-1/+1
since adding support for multicast vxlan flooding (flood class tunnel master) correct flood functionality depends on the order of the memebers vector solved by using vec_delete instead of vec_del1 which swaps members before deleting the last element Change-Id: I234f218d49172b4142c567db9699a5cb274e4a66 Signed-off-by: Eyal Bari <ebari@cisco.com>
2017-03-02Remove the unused VRF ID parameter from the IP neighbour Add/Del APINeale Ranns1-2/+0
Change-Id: Icf0d72f6af1f98c86f78e586c354515ac69804aa Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-02Fix LISP Coverity warningFlorin Coras1-1/+1
Change-Id: Id1c3832609859ed004bacba0ced0d07dafd6c409 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-03-02VPP-648: CLI Memory leak with invalid parameterBilly McFall3-29/+88
After VPP-635 was merged, did one more pass. While the code was waiting to be merged, a few changes were merged to master with the same issue. This is a few additional changes addressing the same issue. See VPP-635. Change-Id: I7abeac5c260c1e2e9d9d318fd1aae24cd6932efc Signed-off-by: Billy McFall <bmcfall@redhat.com>
2017-03-02BFD: command line interfaceKlement Sekera10-168/+1080
Implement command line interface to the BFD binary APIs. Add corresponding unit tests. Change-Id: Ia0542d0bc4c8d78e6f7b777a08fd94ebfe4d524f Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-03-01dpdk: be a pluginDamjan Marion30-11713/+11
Change-Id: I238258cdeb77035adc5e88903d824593d0a1da90 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-03-01VPP-598: tcp stack initial commitDave Barach59-447/+12496
Change-Id: I49e5ce0aae6e4ff634024387ceaf7dbc432a0351 Signed-off-by: Dave Barach <dave@barachs.net> Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-03-01devices: vnet_get_aggregate_rx_packets should not be dpdk specificDamjan Marion9-44/+58
Change-Id: I1152db4b7d1602653d7d8b2c6cb28cf5c526c4ca Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-02-28dpdk: retire support for dpdk 16.07Damjan Marion5-58/+3
Change-Id: I8585552c026415340fe9fd0458cb8450da3c4ae2 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-02-28Clear L2 output config on interface mode change to L3 (VPP-651)John Lo1-4/+11
With VPP-651, the L2 output config with L2-tag rewrite was not cleared when a sub-interface is deleted. Subsequently, when the same sw_if_index was reused for another interface, the L2 output config with L2-tag rewrite remained on the new interface. On deleting a (sub-)interface which is in L2 mode, it will be changed to L3 mode first to clear any L2 config. The L2 to L3 mode change path did address L2 input config cleanup. It is now fixed to also clear L2 output config. Change-Id: I3352a89d92e1b27340a5adcf75bbaa01a5050c29 Signed-off-by: John Lo <loj@cisco.com>
2017-02-28vlib: add buffer cloning supportDamjan Marion4-57/+74
Change-Id: I50070611af15b2b4cc29664a8bee4f821ac3c835 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-02-27BFD: disable debug printsKlement Sekera1-1/+1
Change-Id: I356581f4bdf47b9610b9e50f4f8db9a1510872a7 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-02-27vlib: add VLIB_BUFFER_EXT_HDR_VALID flagDamjan Marion3-5/+2
Change-Id: If56c66dd12eded1cc997087de5fd1b975766c4e2 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-02-27Add GPE CLI/API for setting encap modeFilip Tehlar7-4/+205
Change-Id: Id89e23fb5d275572b2356c073dfa0f55719e1a76 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-02-27fix:vxlan mcast adj - added as ucast dpo adjEyal Bari1-1/+1
Change-Id: Ic2447313075cd46f265202dffaaac894f48ddf6d Signed-off-by: Eyal Bari <ebari@cisco.com>
2017-02-26BFD: echo functionKlement Sekera8-318/+864
Change-Id: Ib1e301d62b687d4e42434239e7cd412065c28da0 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-02-25Add NSH to GPE decap pathFlorin Coras5-20/+56
Change-Id: I97681322fa9ca81736100b4d32eab84868886c7b Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-02-25MFIB: changes to improve route add/delete performanceNeale Ranns3-7/+12
Change-Id: I063d85200d12b09545ae1c373c7fc69112ae3b34 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-24FIB: 1) fix pool realloc during prefix export. 2) don't walk off the end of ↵Neale Ranns3-7/+31
the path-extension vector Change-Id: I8bd8f6917ace089edb1f65bd017b478ee198c03f Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-24VPP-650: handle buffer failure in vlib_buffer_copy(...)Dave Barach3-9/+53
Change-Id: I6aac48d780fcd935818221044eae50067f225175 Signed-off-by: Dave Barach <dave@barachs.net>
2017-02-24Fixed QAT device binding and device unbinding when vpp package is removedRadu Nicolau1-1/+1
Change-Id: I35ad6a42093cad0945df1df09a39c63c4560dce6 Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
2017-02-24MFIB memory leak. free the per-source interface hashNeale Ranns2-1/+3
Change-Id: I0ccb337eb0ed50ccc64193533cd816f6e36e6db5 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-24VPP-279: Document changes for vnet/vnet/devicesBilly McFall2-100/+617
Add doxygen documentation for dpdk CLI commands. Outside of adding documentation to the CLI Commands, modified the CLI code as follows: * The "set dpdk interface placement" command allows the user to move interface/queues to a different thread. But there is only a subset of threads that are valid. Updated the "show dpdk interface placement" command to display all valid threads, even if all interface/queues have been moved off. Updated the "show dpdk interface hqos placement" the same way. * There is a command to modify the Subport attributes, but no way to display the changes. Added a "Subport" section to the "show dpdk interface hqos" command. * Reworked the "set dpdk interface hqos subport" command. - The current implementation had a local rte_sched_subport_params structure and initialized it to default values, then overwrote with what was input. The side effect of this is that if all the current data is non-default, and a new command is entered with just one attribute, all the remaining attrbutes are getting set back to default under the cover. Very confusing for the user. Updated the code to read the current value and overwrite what has changed. - DPDK does not have a read subport data, so no way query the current applied values. The set command was not updating the local copy that is created at init. Modified the code to store the updated values if the DPDK apply function was successful. - Several functions repeated the same code to get a pointer to the local HQoS data. Added a utility function.get_hqos(..), to perform this action. Did not port other code to use new function. * The "set dpdk interface hqos pktfield" allows the user to set the packet fields required for classifiying the incoming packet. The classification is across three fields (subport, pipe, tc). The command was using 0,1,2 to represent these three fields, but had no explanation regarding these magic numbers. Updated the command to take the three tokens (subport, pipe, tc) for more clarity. For legacy sake, still allow 0,1,2 to be entered. Also updated the "show dpdk interface hqos" command to show these tokens. * The "set dpdk interface hqos tctbl" maps an interface and value 0-63 to a traffic class and queue. The "show dpdk interface hqos" command showed the internal DPDK magic number for traffic class and queue. Updated the show command to display what was input instead of the magic number. * The "show dpdk hqos queue" command always returns zeros by default because RTE_SCHED_COLLECT_STATS is not defined in DPDK. Took me a while to figure out why I wasn't getting values returned. So returned an error message if RTE_SCHED_COLLECT_STATS is not defined instead of zeros. Change-Id: I22b640d668245839ee977ef3602175c61d91d24c Signed-off-by: Billy McFall <bmcfall@redhat.com>
2017-02-23Fix vpp built-in version of api_unformat_sw_if_index(...)Dave Barach2-3/+2
Change-Id: I103fe19a1ecbaf3746ec6b957fa1010458cc9fae Signed-off-by: Dave Barach <dave@barachs.net>
2017-02-22Fix LISP and ONE crc marcosFilip Tehlar3-11/+26
Change-Id: Icd0dba04d8929456228136d1f25c459bffcc6a7a Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-02-22VPP-635: CLI Memory leak with invalid parameterBilly McFall27-429/+1163
In the CLI parsing, below is a common pattern: /* Get a line of input. */ if (!unformat_user (input, unformat_line_input, line_input)) return 0; while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT) { if (unformat (line_input, "x")) x = 1; : else return clib_error_return (0, "unknown input `%U'", format_unformat_error, line_input); } unformat_free (line_input); The 'else' returns if an unknown string is encountered. There a memory leak because the 'unformat_free(line_input)' is not called. There is a large number of instances of this pattern. Replaced the previous pattern with: /* Get a line of input. */ if (!unformat_user (input, unformat_line_input, line_input)) return 0; while (unformat_check_input (line_input) != UNFORMAT_END_OF_INPUT) { if (unformat (line_input, "x")) x = 1; : else { error = clib_error_return (0, "unknown input `%U'", format_unformat_error, line_input); goto done: } } /* ...Remaining code... */ done: unformat_free (line_input); return error; } In multiple files, 'unformat_free (line_input);' was never called, so there was a memory leak whether an invalid string was entered or not. Also, there were multiple instance where: error = clib_error_return (0, "unknown input `%U'", format_unformat_error, line_input); used 'input' as the last parameter instead of 'line_input'. The result is that output did not contain the substring in error, instead just an empty string. Fixed all of those as well. There are a lot of file, and very mind numbing work, so tried to keep it to a pattern to avoid mistakes. Change-Id: I8902f0c32a47dd7fb3bb3471a89818571702f1d2 Signed-off-by: Billy McFall <bmcfall@redhat.com> Signed-off-by: Dave Barach <dave@barachs.net>
2017-02-16Consolidate DHCP v4 and V6 implementation. No functional change intendedNeale Ranns13-940/+840
The DHCP proxy and VSS information maintained by VPP is the same for v4 and v6, so we can manage this state using the same code. Packet handling is cleary different, so this is kept separate. Change-Id: I10f10cc1f7f19debcd4c4b099c6de64e56bb0c69 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-21Add Overlay Network Engine APIFilip Tehlar6-3/+3773
Change-Id: I6b5984df176688f0722a2888e73f05d8ed8b9310 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-02-21dhcp: multiple additionsNeale Ranns10-645/+787
DHCP additions: 1) DHCPv4 will only relay a message back to the client, if the Option82 information is present. So make this the default. 2) It is no longer possible to select via the API to "insert circuit ID" - since this is now default 3) Remove the version 2 API since it's now the same as version 1. 4) Adding the VSS option is now conditional only on the presence of VSS config (not the 'insert' option in the set API) 5) DHCP proxy dump via API Change-Id: Ia7271ba8c1d4dbf34a02c401d268ccfbb1b74f17 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-21Rename LISP GPE API to GPEFilip Tehlar9-91/+86
Change-Id: I133c55bce46d40ffddabbbf8626cbd3d072522d4 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-02-21VPP-540 : pbb tag rewrite detailsPavel Kotucek6-82/+187
Extended sw_interface_dump to provide 802.1ah (pbb) tag rewrite info if present. Extended log "l2-output" to provide raw data to display result of prospetive pbb tag rewrite. Tracing is moved after l2output_vtr to show these changes. Change-Id: I8b7cb865dc67ce21afab402cc086dac35f7c0f07 Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
2017-02-20FIB reset leaves residual routes. Wrong API used to remove the routes meant ↵Neale Ranns2-2/+5
the lock count on the entry did not drop to zero Change-Id: I6e2dff8c3c7976fd1c2e4c5258f5dc73123aa9b7 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-20LISP: don't show PITR generated mapping in dump callFilip Tehlar4-3/+15
Change-Id: Iecba818ccf74a4d34e35d498e6f6a1d3c62419f4 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-02-20CLI extension to add multiple (S,G)s at once and time itNeale Ranns1-10/+76
Change-Id: Id17060fd0e8ac80c8cf1999b0b82d0241b3b969a Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-20Python test IP and MPLS objects conform to infra.Neale Ranns11-15/+438
Add IP[46] MFIB dump. Change-Id: I4a2821f65e67a5416b291e4912c84f64989883b8 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-17Remove duplicate ip6 get interface address codeNeale Ranns4-47/+9
Change-Id: I5e0057b36bc4221e688a27fc1c0f602f78132991 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-17BFD: put session admin-up/admin-downKlement Sekera1-12/+12
Change-Id: I7d8889dce8495607106593ad83320c9af0f2fa07 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-02-17Implemented IKEv2 initiator features:Radu Nicolau13-186/+2180
- IKE_SA_INIT and IKE_AUTH initial exchanges - Delete IKA SA - Rekey and delete Child SA - Child SAs lifetime policy To set up one VPP instance as the initiator use the following CLI commands (or API equivalents): ikev2 profile set <id> responder <interface> <addr> ikev2 profile set <id> ike-crypto-alg <crypto alg> <key size> ike-integ-alg <integ alg> ike-dh <dh type> ikev2 profile set <id> esp-crypto-alg <crypto alg> <key size> esp-integ-alg <integ alg> esp-dh <dh type> ikev2 profile set <id> sa-lifetime <seconds> <jitter> <handover> <max bytes> and finally ikev2 initiate sa-init <profile id> to initiate the IKE_SA_INIT exchange Child SA re-keying process: 1. Child SA expires 2. A new Child SA is created using the Child SA rekey exchange 3. For a set time both SAs are alive 4. After the set time interval expires old SA is deleted Any additional settings will not be carried over (i.e. settings of the ipsec<x> interface associated with the Child SA) CLI API additions: ikev2 profile set <id> responder <interface> <addr> ikev2 profile set <id> ike-crypto-alg <crypto alg> <key size> ike-integ-alg <integ alg> ike-dh <dh type> ikev2 profile set <id> esp-crypto-alg <crypto alg> <key size> esp-integ-alg <integ alg> esp-dh <dh type> ikev2 profile set <id> sa-lifetime <seconds> <jitter> <handover> <max bytes> ikev2 initiate sa-init <profile id> ikev2 initiate del-child-sa <child sa ispi> ikev2 initiate del-sa <sa ispi> ikev2 initiate rekey-child-sa <profile id> <child sa ispi> Sample configurations: Responder: ikev2 profile add pr1 ikev2 profile set pr1 auth shared-key-mic string Vpp123 ikev2 profile set pr1 id local fqdn vpp.home.responder ikev2 profile set pr1 id remote fqdn vpp.home.initiator ikev2 profile set pr1 traffic-selector remote ip-range 192.168.125.0 - 192.168.125.255 port-range 0 - 65535 protocol 0 ikev2 profile set pr1 traffic-selector local ip-range 192.168.124.0 - 192.168.124.255 port-range 0 - 65535 protocol 0 Initiator: ikev2 profile add pr1 ikev2 profile set pr1 auth shared-key-mic string Vpp123 ikev2 profile set pr1 id local fqdn vpp.home.initiator ikev2 profile set pr1 id remote fqdn vpp.home.responder ikev2 profile set pr1 traffic-selector local ip-range 192.168.125.0 - 192.168.125.255 port-range 0 - 65535 protocol 0 ikev2 profile set pr1 traffic-selector remote ip-range 192.168.124.0 - 192.168.124.255 port-range 0 - 65535 protocol 0 ikev2 profile set pr1 responder TenGigabitEthernet3/0/1 192.168.40.20 ikev2 profile set pr1 ike-crypto-alg aes-cbc 192 ike-integ-alg sha1-96 ike-dh modp-2048 ikev2 profile set pr1 esp-crypto-alg aes-cbc 192 esp-integ-alg sha1-96 esp-dh ecp-256 ikev2 profile set pr1 sa-lifetime 3600 10 5 0 Change-Id: I1db9084dc787129ea61298223fb7585a6f7eaf9e Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
2017-02-17ipsec: changed ipsec-input-ip6 node to be a sibling of ipsec-input-ip4, ↵Radu Nicolau1-6/+1
fixes a problem that occurs with cryptodev ipv6 input. Change-Id: I1f0c0db45b2aabc243dd785c8d5d5ef990cac903 Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
2017-02-17l2 input: avoid per-packet trace checks in the fast pathDave Barach4-25/+54
Change-Id: Ib0c8572773499d8dd4d81b3a565c24412ccc3510 Signed-off-by: Dave Barach <dave@barachs.net>
2017-02-17dpdk: quad loop and prefetch in fill_free_listDamjan Marion1-15/+71
Change-Id: I19ec3b769b6512f7408044751393d9faf10d01d5 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-02-16Add NSH load-balance and drop DPOFlorin Coras5-15/+148
Also adds missing gpe nsh address type functions. Change-Id: I3353a23c0518da9ce3b221ddf8c5bd0364930154 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-02-16Fix NSH-LISP interface additionFlorin Coras1-15/+16
Change-Id: I3925d2ebb2d26c676fc61f118d25bdf7fd522f26 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-02-16Fix crash on deleting previously activated IPv6 interface - VPP-636Wojciech Dec1-0/+4
RADV Pool index was not getting updated Change-Id: I2d2f14c56f51034d39049d1c7e13c248180a865f Signed-off-by: Wojciech Dec <wdec@cisco.com>