Fix 3 coverity warnings
1. api_format.c: init net_ns = 0 and remove its corresponding vec_add and
vec_free
2. netlink.c (reported in tap.c before the code was removed): resource leaked
due to fd is not close
3. tap.c: subtract 1 for size when calling strncpy to accommodate the
terminated NULL character
Change-Id: Iff4e66604862f0c06dac227b8cfd48d3979e41a5
Signed-off-by: Steven <sluong@cisco.com>
Enhence support of DHCP VSS (Virtual Subnet Selection) to include
VSS type 0 where VSS info is a NVT (Network Virtual Terminal)
ASCII VPN ID where the ASCII string MUST NOT be terminated with a
zero byte. Existing code already support VSS type 1, where VSS
information is a RFC 2685 VPN-ID of 7 bytes with 3 bytes OUI
and 4 bytes VPN index, and VSS type 255 indicating global VPN.
Change-Id: I54edbc447c89a2aacd1cc9fc72bd5ba386037608
Signed-off-by: John Lo <loj@cisco.com>
- makes the VAPI generated file more consumable.
- VOM build times improve.
Change-Id: I838488930bd23a0d3818adfdffdbca3eead382df
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
Add clib_net_to_host conversion for integer fields greater than
two bytes
Change-Id: I187d8d1adbb1e534d58bd69bfbc1c58df5b8fc1e
Signed-off-by: Steven <sluong@cisco.com>
As per proposal on the mailing list, this patch fixes
the represntation of MAC address in VPP API calls for
· L2fib_add_del
· L2_fib_table_details
Change-Id: I31e17efd1a6314cded69666e693cb8fc33158d02
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Also add vat test code to test the subject API. The format is
sw_interface_set_rx_mode sw_if_index <index> [queue <id>]
<polling|nterrupt|adaptive>
Change-Id: Ib810d85d430077865bead8cc08a070f8ae478225
Signed-off-by: Steven <sluong@cisco.com>
This introduces 5-tuple lookup tables that may be used to implement
custom session layer actions at connection establishment time (session
layer perspective).
The rules table build mask-match-action lookup trees that for a given
5-tuple key return the action for the first longest match. If rules
overlap, ordering is established by tuple longest match with the
following descending priority: remote ip, local ip, remote port, local
port.
At this time, the only match action supported is to forward packets to
the application identified by the action.
Change-Id: Icbade6fac720fa3979820d50cd7d6137f8b635c3
Signed-off-by: Florin Coras <fcoras@cisco.com>
Make it easier to integrate with external IKE daemon.
IPsec interfaces can have one or both SAs replaced after
creation. This allows for the possibility of setting a
new child SA on an interface when rekeying occurs. It also
allows for the possibility of creating an interface ahead
of time and updating the SA when parameters that are
negotiated during IKE exchange become known.
Change-Id: I0a31afdcc2bdff7098a924a51abbc58bdab2bd08
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
- Global variables declared in header files without
the use of the 'extern' keword will result in multiple
instances of the variable to be created by the compiler
-- one for each different source file in which the
the header file is included. This results in wasted
memory allocated in the BSS segments as well as
potentially introducing bugs in the application.
Change-Id: I6ef1790b60a0bd9dd3994f8510723decf258b0cc
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Vat supports setting value for the parameter, but
'not_last' is ignored by ip_add_del_route handler,
so can be removed.
This patch
- updates ip.api,
- removes vat handlers
- updates vpp_papi_provider.py
(also mpls_route_add_del with unused not_last)
Change-Id: Ife15de123db4bc8247103a29b90bce1988e46534
Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
We need to push/pop the rx pthread's heap without affecting other
thread(s).
Search clib_per_cpu_mheaps, locate an unused slot. Duplicate the main
thread heap pointer in that slot, and set __os_thread_index
appropriately.
Miscellaneous cleanups. Print exec_inband results as a vector, instead
of as a format string. Don't bail out of vpp_api_test with results
pending, e.g. at the end of a vpp_api_test script. Even though vpp
will eventuallly garbage-collect them, We don't want to leave
allocated reply messages lurking in the api message allocation
rings...
Change-Id: I0e8a25d1ff0d3700249dc330d079db16c2fcbc55
Signed-off-by: Dave Barach <dave@barachs.net>
This reverts commit f9342023c1.
Reverting to unblock master. No idea why jjb +1ed this patch! On closer inspection it looks like it -1ed it and subsequently changed opinion. CSIT tests should be fixed before re-merging.
Change-Id: I26608912a962c52083073e16c7c9d2cc44a3cc8d
Signed-off-by: Florin Coras <fcoras@cisco.com>
There was already a CLI command and a libvnet function
to set the keys on an existing IPsec tunnel interface.
Expose this via the API.
Change-Id: I226a9616f680fc022f04447177a2e8232690657f
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
last i the serise of the use of the FIB table create/delete API. VPP now forces the tables to have been explicitly creted before they are used.
Change-Id: Ifde3b1bbb76697a01ab71bce4f5264e6d1725467
Signed-off-by: Neale Ranns <nranns@cisco.com>
This patch is a plausible first-cut, suitable for initial testing by
vcl (host stack client library).
Main features;
- recursive name resolution
- multiple ip4/ip6 name servers
- cache size limit enforcement
- currently limited to 65K
- ttl / aging
- static mapping support
- show / clear / debug CLI commands
Binary APIs provided for the following:
- add/delete name servers
- enable/disable the name cache
- resolve a name
To Do list:
- Respond to ip4/ip6 client DNS requests (vs. binary API requests)
- Perf / scale tuning
- map pending transaction ids to pool indices, so the cache
can (greatly) exceed 65K entries
- Security improvements
- Use unpredictable dns transaction IDs, related to previous item
- Make sure that response-packet src ip addresses match the server
- Add binary APIs
- deliver raw response data to clients
- control recursive name resolution
- Documentation
Change-Id: I48c373d5c05d7108ccd814d4055caf8c75ca10b7
Signed-off-by: Dave Barach <dave@barachs.net>
- Management Address TLV is added as per IEEE Std 802.1AB-2009.
- Support of management ipv4/ipv6 addresses and OID.
Change-Id: I57c14741774390809ce5a829cc087947424432c7
Signed-off-by: Steve Shin <jonshin@cisco.com>
Applications are now provided the option to select the namespace they
are to be attached to and the scope of their attachement. Application
namespaces are meant to:
1) constrain the scope of communication through the network by
association with source interfaces and/or fib tables that provide the
source ips to be used and limit the scope of routing
2) provide a namespace local scope to session layer communication, as
opposed to the global scope provided by 1). That is, sessions can be
established without assistance from transport and network layers.
Albeit, zero/local-host ip addresses must still be provided in session
establishment messages due to existing application idiosyncrasies. This
mode of communication uses shared-memory fifos (cut-through sessions)
exclusively.
If applications request no namespace, they are assigned to the default
one, which at its turn uses the default fib. Applications can request
access to both local and global scopes for a namespace. If no scope is
specified, session layer defaults to the global one.
When a sw_if_index is provided for a namespace, zero-ip (INADDR_ANY)
binds are converted to binds to the requested interface.
Change-Id: Ia0f660bbf7eec7f89673f75b4821fc7c3d58e3d1
Signed-off-by: Florin Coras <fcoras@cisco.com>
- new IPv4 and IPv6 feature arcs on the punt and drop nodes
- new features:
- redirect punted traffic to an interface and nexthop
- police punted traffic.
Change-Id: I53be8bf4e06545add8a3619e462de5ffedd0a95c
Signed-off-by: Neale Ranns <nranns@cisco.com>
Notes on this first implementation:
* First version of the implementation does NOT support GENEVE OPTIONS
HEADER: it isn't well understood what the purpose of the OPTIONS will be and/or
what content would be placed in the variable option data;
Once the IETF work will evolve and further information will be available
it could be possible to modify the frame rewrite to contemplate the
actual GENEVE OPTIONS.
Change-Id: Iddfe6f408cc45bb0800f00ce6a3e302e48a4ed52
Signed-off-by: Marco Varlese <marco.varlese@suse.com>
- always use 'va_args' as pointer in all format_* functions
- u32 for all 'indent' params as it's declaration was inconsistent
Change-Id: Ic5799309a6b104c9b50fec309cba789c8da99e79
Signed-off-by: Christophe Fontaine <christophe.fontaine@enea.com>
Add an API request message type to dump IPsec SAs. Either
all IPsec SAs can be dumped or it can be limited to a single
SA ID (numeric ID set at creation time - not an index).
Add a handler for incoming messages with the new request type.
Add an API response message type containing the data
for an IPsec SA.
Add VAT support for new message type.
Change-Id: Id7828d000efc637dee7f988a87d3f707a8b466b7
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
- Teach vpp_api_test to send/receive API messages over sockets
- Add memfd-based shared memory
- Add api messages to create memfd-based shared memory segments
- vpp_api_test supports both socket and shared memory segment connections
- vpp_api_test pivot from socket to shared memory API messaging
- add socket client support to libvlibclient.so
- dead client reaper sends ping messages, container-friendly
- dead client reaper falls back to kill (<pid>, 0) live checking
if e.g. a python app goes silent for tens of seconds
- handle ping messages in python client support code
- teach show api ring about pairwise shared-memory segments
- fix ip probing of already resolved destinations (VPP-998)
We'll need this work to implement proper host-stack client isolation
Change-Id: Ic23b65f75c854d0393d9a2e9d6b122a9551be769
Signed-off-by: Dave Barach <dave@barachs.net>
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Signed-off-by: Florin Coras <fcoras@cisco.com>
- v6 support
- Non-default VRF ID collection
- Break up ip source address list into CLI + API-friendly functions
- Automate proxy arp / proxy nd configuration
- Automate local adjacency insertion
- Binary API support
Change-Id: Iede31184f65cc1ec8c414447d2d60a1334e3fe15
Signed-off-by: Dave Barach <dave@barachs.net>
commit only the addition of the .api definition and their invocation through VAT so CSIT can use it
Change-Id: Id510f14b1ce007fe5e92120507ea34100652fc64
Signed-off-by: Neale Ranns <nranns@cisco.com>
[support for VPWS/VPLS]
- switch to using dpo_proto_t rather than fib_protocol_t in fib_paths so that we can describe L2 paths
- VLIB nodes to handle pop/push of MPLS labels to L2
Change-Id: Id050d06a11fd2c9c1c81ce5a0654e6c5ae6afa6e
Signed-off-by: Neale Ranns <nranns@cisco.com>
Added APIs want_l2_macs_events and l2_macs_event to allow an API
client to receive notification events from VPP for MAC learned
or aged in L2FIB. Only one API client is allowed for L2 MAC events.
The want_l2_macs_events API allow caller to specify MAC learn
limit, event scan delay and max number of MACs that can be included
in a event message. These parameters should be choosen properly as
to not have too many MAC events sent by VPP and overwhelm the API
share memory. They can all be left as 0's so VPP will setup reasonable
defaults which are: 1000 learn limit, 100 msec scan delay and 100
MACs per event message.
If want_l2_macs_events is never called, VPP learning and aging
should behave as before except that MAC entries provisioned by API
or CLI will not be aged, even if it is not set as static_mac. These
non static MACs, however, can be overwritten by MAC learning on a
MAC move as a leared MAC. Only learned MACs are subject to aging.
Change-Id: Ia3757a80cf8adb2811a089d2eafbd6439461285c
Signed-off-by: John Lo <loj@cisco.com>
Add API methods to configure LLDP and set interface to enable/disable.
Also add port description TLV for LLDP.
Change-Id: Ib959d488c2ab8a0069f143558871f41fcc43a5d3
Signed-off-by: Steve Shin <jonshin@cisco.com>
