81 Commits

Author SHA1 Message Date
Matus Fabian
2ba92e32e0 NAT: Rename snat plugin to nat (VPP-955)
Change-Id: I30a7e3da7a4efc6038a91e27b48045d4b07e2764
Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-08-23 07:42:10 +00:00
Kris Michielsen
910744394f SRv6 tests
Change-Id: Ib1d2fc5a83d9d007a0468591a73881675f1bec9b
Signed-off-by: Kris Michielsen <kmichiel@cisco.com>
2017-08-22 11:12:34 +00:00
Matus Fabian
ab9a59c19a SNAT: Make proto optional in nat64_bib_dump (VPP-942)
make proto optional in nat64_bib_dump and nat64_st_dump

Change-Id: Idd102ce2b1555d38783fd22c84e46b4c48570edc
Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-08-16 15:56:32 +00:00
Neale Ranns
a07bd70800 Dedicated SW Interface Event
Change-Id: I06a10a4291e61aec3f1396d2514ed6fe3901897a
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-08-11 02:58:30 +00:00
Hongjun Ni
62f9cdd82c Add PPPoE Plugin
Supports 64K PPPoE sessions

This plugin adds three graph nodes:
1) pppoe-input for PPPoE decapsulation
2) pppoe-encap for PPPoE encapsulation
3) pppoe-tap-dispatch for control plane process

Below is the configuration to make PPPoE CP and DP work:
vim /etc/vpp/startup.conf
tuntap {
  enable
  ethernet
  name newtap
}

create pppoe tap tap-if-index 1

//Configure it after a subscriber's PPPoE discovery and PPP link establishment succeeds:
create pppoe session client-ip 100.1.2.1 session-id 1 client-mac 00:11:01:00:00:01

show pppoe fib
show pppoe session

Change-Id: I73e724b6bf7c3e4181a9914c5752da1fa72d7e60
Signed-off-by: Hongjun Ni <hongjun.ni@intel.com>
2017-08-09 07:41:11 +00:00
Neale Ranns
da78f957e4 L2 over MPLS
[support for VPWS/VPLS]
- switch to using dpo_proto_t rather than fib_protocol_t in fib_paths so that we can describe L2 paths
- VLIB nodes to handle pop/push of MPLS labels to L2

Change-Id: Id050d06a11fd2c9c1c81ce5a0654e6c5ae6afa6e
Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-08-08 17:25:00 +00:00
Pavel Kotucek
15ac81c16f P2P Ethernet
Change-Id: Idb97e573961b3bc2acdeef77582314590795f8c3
Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
2017-08-01 14:44:13 +00:00
Eyal Bari
001fd406df SPAN:add l2 mirror
added span feature nodes for l2-input / l2-output

Change-Id: Ib6e0ce60d0811901b6edd70209e6a4c4a35cd8ff
Signed-off-by: Eyal Bari <ebari@cisco.com>
2017-07-24 08:21:52 +03:00
Matus Fabian
93d84c9fc2 SNAT: in2out translation as an output feature (VPP-903)
in2out translation as an output feature on the outside interface (postrouting)

Change-Id: I32c0311be09bdf102b9a0885b8b89c7588cb558f
Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-07-20 06:56:07 +00:00
Neale Ranns
51822bf07a DHCP client option 61 "client_id"
the existing seeting of client_id to a VPP version number was unused and so overridden

Change-Id: If9ebea936336f1fcca8d07e67186c95f8f8f0ccd
Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-07-18 19:05:03 +00:00
Neale Ranns
a2fbf6ba0e DHCP client - remove interface address when DHCP de-configured
Change-Id: I63c59e3c13859b51999d283774f7783ef0a6a5ed
Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-07-18 19:01:00 +00:00
Eyal Bari
c86e592f9a TEST:add L2BD arp term tests
Change-Id: I42414da9663ecfc8dfe5baf3e6615cf3b9b02e22
Signed-off-by: Eyal Bari <ebari@cisco.com>
2017-07-04 11:57:35 +00:00
Matus Fabian
428dc9110b NAT64: custom prefix
Change-Id: If397b49861468eed29b964fa64b186f80eb0eceb
Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-06-21 16:27:41 +00:00
Eyal Bari
284293a3ff L2-VTR: add vtr tests
re-enable l2 fib flush tests
reorder l2bd multi instance tests - move flags test as last
enabling of uu-flood will now flood when entry is stale

Change-Id: I052663ec3eb4acee5f296fb7525dd535924e0003
Signed-off-by: Eyal Bari <ebari@cisco.com>
2017-06-21 01:29:37 +00:00
Matus Fabian
06596c54dc NAT64: Add NAT64 support for snat plugin (VPP-699)
Basic NAT64 feature (no hairpinning, no multi-thread).

Change-Id: I392fccbce93e70c117f4a9a7ec7cf08d6c537f2d
Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-06-08 11:39:53 +00:00
Hongjun Ni
8a0a0ae60b Rework vxlan-gpe to support FIB 2.0 and bypass mode
Change-Id: I0324f945bdb4dd3b19151be6f3ce24a47a000104
Signed-off-by: Hongjun Ni <hongjun.ni@intel.com>
2017-06-06 07:26:00 +00:00
Eyal Bari
93b503e1a4 L2FIB: add flush test
add tests for flush int/bd/all

Change-Id: Ia589ec5925b9c8acbb2fc16dafbf4842aa1a6eff
Signed-off-by: Eyal Bari <ebari@cisco.com>
2017-05-16 15:10:52 +00:00
Hongjun Ni
ef486b1545 Add GTP-U plugin. VPP-694
Basic GTP-U feature

Change-Id: I31226f890a92c5303ac06e112ed7820cae52d9bd
Signed-off-by: Hongjun Ni <hongjun.ni@intel.com>
2017-05-15 19:34:00 +00:00
Neale Ranns
227038a444 IP Flow Hash Config fixes
- the flow hash config is (and was) cached on the load-balance object so the fib_table_t struct is not used a switch time. Therefore changes to the table's flow hash config need to be propagated to all load-balances and hance all FIB entries in the table.
- enable API for setting the IPv6 table flow hash config
- use only the hash config in the fib_table_t object and not on the ipX_fib_t
- add tests.

Change-Id: Ib804c11162c6d4972c764957562c372f663e05d4
Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-26 15:31:41 +00:00
Martin Gálik
9806eae1f5 CGN: Session dump, test naming for ports fixed
Change-Id: Ib542b2b3ee023fbe3d0e01ceaf4b4ab7a0ec80dc
Signed-off-by: Martin Gálik <magalik@cisco.com>
2017-04-26 05:17:42 -07:00
Martin Gálik
6bc8c6493c CGNAT: close session API and CLI commands.
Change-Id: I9c8636bd2c4b8da2907e8e4a4f2be1a2c3a8e0bb
Signed-off-by: Martin Gálik <magalik@cisco.com>
2017-04-26 00:23:22 -07:00
Matus Fabian
6a0946f078 CGN: configurable timeouts
add API and CLI configuration of deterministic NAT session timeout for TCP, UDP
and ICMP protocol

Change-Id: I577440452e7eaedcb5d80501a7fd4b76e31e8c9c
Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-04-12 13:09:34 +00:00
Neale Ranns
0f26c5a013 MPLS Mcast
1 - interface-DPO
        Used in the Data-plane to change a packet's input interface
 2 - MPLS multicast FIB entry
        Same as a unicast entry but it links to a replicate not a load-balance DPO
 3 - Multicast MPLS tunnel
        Update MPLS tunnels to use a FIB path-list to describe the endpoint[s]. Use the path-list to generate the forwarding chain (DPOs) to link to .
 4 - Resolve a path via a local label (of an mLDP LSP)
        For IP multicast entries to use an LSP in the replication list, we need to decribe the 'resolve-via-label' where the label is that of a multicast LSP.
 5 - MPLS disposition path sets RPF-ID
        For a interface-less LSP (i.e. mLDP not RSVP-TE) at the tail of the LSP we still need to perform an RPF check. An MPLS disposition DPO performs the MPLS pop validation checks and sets the RPF-ID in the packet.
 6 - RPF check with per-entry RPF-ID
       An RPF-ID is used instead of a real interface SW if index in the case the IP traffic arrives from an LSP that does not have an associated interface.

Change-Id: Ib92e177be919147bafeb599729abf3d1abc2f4b3
Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-07 09:12:12 +00:00
Neale Ranns
88fc83eb71 BFD-FIB interactions
- single-hop BFD: attach a delegate to the appropriate adjacency
- multi-hop BFD [not supported yet]: attach a delegate to the FIB entry.

adjacency/fib_entry state tracks the BFD session state. when the state is down the object does not contribute forwarding hence and hence dependent objects will not use it.
For example, if a route is ECMP via two adjacencies and one of them is BFD down, then only the other is used to forward (i.e. we don't drop half the traffic).

Change-Id: I0ef53e20e73b067001a132cd0a3045408811a822
Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-06 15:18:44 +00:00
Ole Troan
3cc4971882 Python API: Change from cPython to CFFI.
Change-Id: I03e52466fb3f909ae52b8fba601168f3eadbd972
Signed-off-by: Ole Troan <ot@cisco.com>
2017-03-15 21:43:30 +01:00
Neale Ranns
b3b2de71ce IMplementation for option to not create a FIB table entry when adding a neighbor entry
Change-Id: I952039e101031ee6a06e63f4c73d8eb359423e1a
Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-09 15:34:14 +00:00
Neale Ranns
8082380922 MAP pre-resolve - use FIB to track pre-resolved next-hop
Change-Id: I9ea16881caf7aee57f0daf4ac2e8b82c672f87e9
Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-09 13:24:11 +00:00
Martin
17a75cb272 SNAT: deterministic map dump
Change-Id: Iead6dc6a0fe15a0b8e148e780c3aeadd0b378824
Signed-off-by: Martin <magalik@cisco.com>
2017-03-08 23:43:44 +00:00
Martin
6b7fcda466 SNAT: user_session_dump is_ip4 and vat unformating added
Change-Id: I0ffab147c3218a75b7c3bb829983f538c7b637ee
Signed-off-by: Martin <magalik@cisco.com>
2017-03-08 04:38:37 -08:00
Neale Ranns
3f844d0bc9 Proxy ND (RFC4389 - or a sub-set thereof). This allows the 'emulation' of bridging. That is hosts in one sub-net reachable via differenet interfaces.
Introducate a new API command:
  ip6 nd proxy <host-address> <interface>

this indicates 2 things;
 1) that host <host-address> is reachable out of interface <interface>. VPP will thus install that route.
 2) NS requests sent to <host-address> will be responeded to (i.e. proxied).

Change-Id: I863f967fdb5097ab3b574769c70afdbfc8d5478a
Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-08 09:47:03 +00:00
Matus Fabian
066f034b90 CGN: Deterministic NAT (VPP-623)
Inside user is statically mapped to a set of outside ports. Support endpoint
dependent mapping to deal with overloading of the outside ports.

Change-Id: I8014438744597a976f8ae459283e8b91f63b7f72
Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-03-07 12:47:12 +00:00
Juraj Sloboda
eab38d91e8 Add setting of tenant VRF id for SNAT addresses (VPP-641)
Change-Id: I9c0bb35ba16e04206ac481495f6638d3763754a1
Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2017-03-07 12:25:31 +00:00
Neale Ranns
87df12d5de IPv6 RA improvements
1) tests for RA options
 2) memleaks deleteing a ip6_radv_info_t
 3) MLD prefix code refactoring

Change-Id: I34db103994bd8fbdbbec50b202d72770dd145681
Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-03 17:23:50 +00:00
Klement Sekera
7112c542ea python API: work towards python/vpp api separation
This change improves vpp_papi behaviour by introducing alternate way of
calling vpp APIs.

The common code is the same:

vpp = VPP(...)
vpp.connect(...)

Calling VPP API is different, instead of deprecated:

vpp.show_version() # deprecated

one should write

vpp.api.show_version()

this allows VPP messages like "connect" and "disconnect" to be used,
once the old API is dropped (in 17.07). Also part of this patch is a
check for name conflict, to prevent VPP object overwriting its own
functionality with generated code based on json files.

Change-Id: I22e573b6a45f8b2a1f0340c5c2597c194fe42ca4
Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-03-03 07:58:23 +00:00
magalik
23caa885af SNAT: user's dump and session dump of a certain snat user.
Change-Id: If75a35dbdcb43c1ce0128b8649f2ca3970d3fff5
Signed-off-by: Martin <magalik@cisco.com>
2017-03-02 18:20:38 +00:00
Neale Ranns
baf2e90a91 Remove the unused VRF ID parameter from the IP neighbour Add/Del API
Change-Id: Icf0d72f6af1f98c86f78e586c354515ac69804aa
Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-02 18:12:55 +00:00
Klement Sekera
7388448712 BFD: command line interface
Implement command line interface to the BFD binary APIs. Add
corresponding unit tests.

Change-Id: Ia0542d0bc4c8d78e6f7b777a08fd94ebfe4d524f
Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-03-02 11:56:47 +00:00
Neale Ranns
39f9d8bd22 [Proxy] ARP tests
Change-Id: I40d6d763b55a26cdee0afef85d1acdd19dd10dd6
Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-27 12:10:50 +00:00
Klement Sekera
239790fd91 BFD: echo function
Change-Id: Ib1e301d62b687d4e42434239e7cd412065c28da0
Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-02-26 14:20:24 +00:00
Neale Ranns
20a175a184 dhcp: multiple additions
DHCP additions:
1) DHCPv4 will only relay a message back to the client, if the Option82 information is present. So make this the default.
2) It is no longer possible to select via the API to "insert circuit ID" - since this is now default
3) Remove the version 2 API since it's now the same as version 1.
4) Adding the VSS option is now conditional only on the presence of VSS config (not the 'insert' option in the set API)
5) DHCP proxy dump via API

Change-Id: Ia7271ba8c1d4dbf34a02c401d268ccfbb1b74f17
Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-21 22:25:48 +00:00
Filip Tehlar
770e89e6b9 Add basic 4o4 LISP unit test
Change-Id: I2d812153d7afe7980346382b525af89b3c47e796
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-02-21 22:21:19 +00:00
Jan Gelety
057bb8c3a4 test: ip6 vrf instances multi-context test (CSIT-497)
- add/delete IPv6 VRF instances and verify results by parsing output
  of ip6_fib_dump API command and by traffic

- small changes in assert_nothing_captured and get_capture to get logged
  unexpected packets

Change-Id: I32207447be2df942e335aa9890ff52fb88e46597
Signed-off-by: Jan Gelety <jgelety@cisco.com>
2017-02-21 22:20:58 +00:00
Neale Ranns
5a8123bda0 Python test IP and MPLS objects conform to infra.
Add IP[46] MFIB dump.

Change-Id: I4a2821f65e67a5416b291e4912c84f64989883b8
Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-20 09:54:49 +00:00
Klement Sekera
acb9b8e8c3 make test: improve stability
Disable automatic garbage collection and run it manually before
running each test case to minimize stalls. Improve vpp subprocess
cleanup. Reduce helper thread count to one and properly clean that
thread once it's not needed.

Change-Id: I3ea78ed9628552b5ef3ff29cc7bcf2d3fc42f2c3
Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-02-14 03:38:37 +01:00
Klement Sekera
a57a970952 BFD: modify session parameters
Change-Id: I666e5c0cc71a3693640960c93cdd1907f84fbe23
Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-02-08 07:47:00 +01:00
Matus Fabian
09d96f4a61 SNAT: Port allocation per protocol
Ports are allocated per protocol (UDP, TCP, ICMP)
1:1 NAT with port is configured for specific protocol

Change-Id: I37ae5eed3715b223d0620d4fdaed7a482bb7a834
Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-02-03 01:09:45 -08:00
Klement Sekera
b17dd9607e BFD: SHA1 authentication
Add authentication support to BFD feature. Out of three existing
authentication types, implement SHA1 (sole RFC requirement). Simple
password is insecure and MD5 is discouraged by the RFC, so ignore
those.
Add/change APIs to allow configuring BFD authentication keys
and their usage with BFD sessions.

Change-Id: Ifb0fb5b19c2e72196d84c1cde919bd4c074ea415
Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-02-02 12:04:30 +00:00
Neale Ranns
32e1c010b0 IP Multicast FIB (mfib)
- IPv[46] mfib tables with support for (*,G/m), (*,G) and (S,G) exact and longest prefix match
 - Replication represented via a new replicate DPO.
 - RPF configuration and data-plane checking
 - data-plane signals sent to listening control planes.

The functions of multicast forwarding entries differ from their unicast conterparts, so we introduce a new mfib_table_t and mfib_entry_t objects. However, we re-use the fib_path_list to resolve and build the entry's output list. the fib_path_list provides the service to construct a replicate DPO for multicast.

'make tests' is added to with two new suites; TEST=mfib, this is invocation of the CLI command 'test mfib' which deals with many path add/remove, flag set/unset scenarios, TEST=ip-mcast, data-plane forwarding tests.

Updated applications to use the new MIFB functions;
  - IPv6 NS/RA.
  - DHCPv6
 unit tests for these are undated accordingly.

Change-Id: I49ec37b01f1b170335a5697541c8fd30e6d3a961
Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-01-27 19:53:46 +00:00
Neale Ranns
fca0c242e4 DHCPv[46] proxy tests
Change-Id: I6aaf9c602cd515ed9d4416d286f9191d048c1a87
Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-01-26 05:14:35 -08:00
Klement Sekera
e0545ef85a make test: elegantly handle expected API failures
Allow writing simple code to expect API failure when needed:

with self.vapi.expect_negative_api_retval():
    do_api_call()  # expected to return negative retval in response

Change-Id: Id58d91d9ce38d20ad6ff7a43a6897e79ffbd23bf
Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-01-25 15:57:14 +00:00