Re: [vpp-dev] [discuss] sw_if_index in vent_buffer giving wrong IP address with ip_interface_address_get_address
Hi Dave, Sorry to bother you again, I am looking for the VLIB_RX and receiving interface only, I will explain the scenario below, I have a plugin, this plugin attached to the device_Input and runs before ethernet_input. In the plugin I am checking is this packet is ICMP, and is it dstinited to the received interface, if it destined to the received interface, we just fwd to normal VPP processing. As I told in my original email, the same packet shows two different addresses, even the index is the same for both cases and same index we can see in the "show inter" The Packet trace is also the same for the both versions. I tried with a physical interface, it also gave the same set interface ip add HundredGigabitEthernet12/0/0 192.168.198.2/24 set interface state HundredGigabitEthernet12/0/0 up set interface ip addr HundredGigabitEthernet12/0/0 2001:5b0::7cf0::98fc/64 set interface state HundredGigabitEthernetd8/0/0 up set interface ip addr HundredGigabitEthernetd8/0/0 192.168.200.2/24 I am getting the 192.168.200.2 for the sw_if_idx=1 only. Is there any other way, I can get an IP Address from the vlib_buffer(b)? Coming to VLIB_TX, We are going to fill the VLIB_TX from a hash map we are maintaining in our plugin depending on the packet type. Any thoughts will help us. //Ravi On Fri, Jun 19, 2020 at 2:57 PM Dave Barach (dbarach) wrote: > HundredGigabitEthernet12/0/0 (sw_if_index=1) has the ip address > 192.168.198.2. The calculation shown in your original email is producing > 192.168.198.2, which seems right to me. > > > > You’ve looked up the ip address of the rx interface, which may not be what > you had in mind. > > > > The packet got nowhere near ip4-lookup -> ip4-rewrite, which would set > vlib_buffer(b)->sw_if_index[VLIB_*TX*] to the tx interface sw_if_index. > > > > HTH... Dave > > > > *From:* RaviKiran Veldanda > *Sent:* Friday, June 19, 2020 1:47 PM > *To:* Dave Barach (dbarach) > *Subject:* Re: [discuss] sw_if_index in vent_buffer giving wrong IP > address with ip_interface_address_get_address > > > > Yes Dave, > > I did all the things you suggested and the packet is coming on > HundredGigabitEthernet12/0/0 and I am just getting the packets for that > interface only. > > Please find details below: > > Packet 1 > > 00:02:29:382622: dpdk-input > HundredGigabitEthernet12/0/0 rx queue 0 > buffer 0x92556: current data 0, length 60, buffer-pool 0, ref-count 1, > totlen-nifb 0, trace handle 0x0 > ext-hdr-valid > l4-cksum-computed l4-cksum-correct > PKT MBUF: port 0, nb_segs 1, pkt_len 60 > buf_len 2176, data_len 60, ol_flags 0x0, data_off 128, phys_addr > 0x88895600 > packet_type 0x1 l2_len 0 l3_len 0 outer_l2_len 0 outer_l3_len 0 > rss 0x0 fdir.hi 0x0 fdir.lo 0x0 > Packet Types > RTE_PTYPE_L2_ETHER (0x0001) Ethernet packet > 0x0027: 3c:2c:30:65:54:31 -> 01:80:c2:00:00:00 > 00:02:29:437741: ipgw_ent > IPGW_ENT: sw_if_index 1, next index 0 > new src 3c:2c:30:65:54:31 -> new dst 01:80:c2:00:00:00 > 00:02:29:437762: ethernet-input > 0x0027: 3c:2c:30:65:54:31 -> 01:80:c2:00:00:00 > 00:02:29:437764: llc-input > LLC bpdu -> bpdu > 00:02:29:437770: error-drop > rx:HundredGigabitEthernet12/0/0 > 00:02:29:437771: drop > llc-input: unknown llc ssap/dsap > > > > The Commands: > > > > set interface ip add HundredGigabitEthernet12/0/0 192.168.198.2/24 > set interface state HundredGigabitEthernet12/0/0 up > set interface ip addr HundredGigabitEthernet12/0/0 > 2001:5b0::7cf0::98fc/64 > create interface memif id 0 socket-id 0 master > set interface state memif0/0 up > set interface ip add memif0/0 192.168.1.3/24 > set interface ip addr memif0/0 2001:5b0::7cf1::98fc/64 > > > I believe there is some problem with this index in code.Please let us know > your views. > > > > //Ravi > > > > On Fri, Jun 19, 2020 at 10:38 AM Dave Barach (dbarach) > wrote: > > If the packet was received on HundredGigabitEthernet12/0/0, you should get > 192.168.198.2. If it was received on memif0/0 you should get 192.168.1.3. > "trace add dpdk-input" [or send pkts, then "show trace". If that produces > nothing, s/dpdk-input/memif-input/ or whatever the memif input node is > called. > > > > Use "show int addr" / "show int" to determine the sw_if_index to name > mapping, and to display the interface ip addresses. > > > -- > > *From:* disc...@lists.fd.io on behalf of > ravi.jup...@gmail.com > *Sent:* Thursday, June 18, 2020 3:54 PM > *To:* disc...@lists.fd.io > *Subject:* [discuss] sw_if_index in vent_buffer giving w
[vpp-dev] Sub Interface/VLAN receiving packets directly from the Interface and multi thread approach
Hi Team, I have written a plugin attached to device_input and running before ethernet_input. I am receiving all the packets for that particular physical interface. Actually this is working as we expected and okay. Now I have a requirement to get packets only for a particular sub interface/VLAN interface. If I want to receive the packets(Layer2 level) from VLAN interface where should I attach my plugin? I know attaching at device_input we are getting VLAN packets also but we don't want to get all the packets to plugin, because the plugin with become bottleneck for whole my system. Next question I have is, Is it okay to implement multi thread approach in plugin, because my system must reach line speed? In multi thread approach, i want to run several nodes for each interface to get required throughput. Suggest me if we have any better mechanisms to handle 15 or 20 input interfaces? //Ravi -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#16770): https://lists.fd.io/g/vpp-dev/message/16770 Mute This Topic: https://lists.fd.io/mt/74987897/21656 Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[vpp-dev] Sub Interface/VLAN receiving packets directly from the Interface and multi thread approach
[Edited Message Follows] Hi Team, I have written a plugin attached to device_input and running before ethernet_input. I am receiving all the packets for that particular physical interface. Actually this is working as we expected and okay. Now I have a requirement to get packets only for a particular sub interface/VLAN interface. If I want to receive the packets(Layer2 level) from VLAN interface where should I attach my plugin? I know attaching at device_input we are getting VLAN packets also but we don't want to get all the packets to plugin, because the plugin with become bottleneck for whole my system. Next question I have is, Is it okay to implement multi thread approach in plugin, because my system must reach line speed? In multi thread approach, My plugin can spawn one thread for one interface(could be VLAN) its monitoring, Like that it will spawn several threads depending on the requirement. Do you think is it feasible approach? do you have any better approach to handle this situation? If we can't do parallel processing, I think we can not achieve line speed in my system, please advice me //Ravi -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#16770): https://lists.fd.io/g/vpp-dev/message/16770 Mute This Topic: https://lists.fd.io/mt/74987897/21656 Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [vpp-dev] Sub Interface/VLAN receiving packets directly from the Interface and multi thread approach
Hi Team, Any advice or pointer helps us to progress on this issue. //Ravi -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#16789): https://lists.fd.io/g/vpp-dev/message/16789 Mute This Topic: https://lists.fd.io/mt/74987897/21656 Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[vpp-dev] Can one memif have multiple sockets
Hi Team, I realized that memif and corresponding sockets are tightly coupled. Means for example memif1 --> /run/vpp/memif1.sock --> application. We can not have multiple sockets for memif1, is my understanding correct? memif1 --> /run/vpp/memif1.sock if its already mapped, then we can not create memif1-->/run/vpp/memif2.sock please let me know if my understanding wrong and we can create multiple sockets for single interface? //Ravi -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#16862): https://lists.fd.io/g/vpp-dev/message/16862 Mute This Topic: https://lists.fd.io/mt/75245182/21656 Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[vpp-dev] Distributing VPPCOM TX sessions to different worker thread #vnet #vppcom #TxBuff
Hi Team, We are planning to use VPP for throughput enhancement with our Applications. However I found a bottleneck in TX side. So our application is placed like this VPP RX Interface--> VPP Memif --> Our Application --> VPPCOM UDP session --> VPP TX Interface. The RX part we are not seeing issue and we could able to reach expected throughput. However with TX we are suffering to push same amount of traffic out. After further investigation I found, the TX sessions are only on Worker 1, These are not getting distributed among other threads, vpp# show sess verbose Connection State Rx-f Tx-f [0:0][U] 2001:5b0::1150:b883:31f:178:98f8:7428LISTEN 0 0 [0:1][U] 2001:5b0::1150:b883:31f:678:98f8:7428LISTEN 0 0 [0:2][U] 2001:5b0::1150:b883:31f:378:98f8:7428LISTEN 0 0 [0:3][U] 2001:5b0::1150:b883:31f:278:98f8:7428LISTEN 0 0 [0:4][U] 2001:5b0::1150:b883:31f:578:98f8:7428LISTEN 0 0 [0:5][U] 2001:5b0::1150:b883:31f:478:98f8:7428LISTEN 0 0 Thread 0: active sessions 6 Connection State Rx-f Tx-f *[1:0][U] 2001:5b0::1150:b883:31f:178:98f8:2194OPENED 0 0* *[1:1][U] 2001:5b0::1150:b883:31f:178:98f8:2753OPENED 0 0* *[1:2][U] 2001:5b0::1150:b883:31f:178:98f8:5163OPENED 0 0* *[1:3][U] 2001:5b0::1150:b883:31f:178:98f8:6022OPENED 0 0* *[1:4][U] 2001:5b0::1150:b883:31f:178:98f8:1272OPENED 0 0* *[1:5][U] 2001:5b0::1150:b883:31f:178:98f8:1222OPENED 0 0* *[1:6][U] 2001:5b0::1150:b883:31f:178:98f8:3080OPENED 0 0* *[1:7][U] 2001:5b0::1150:b883:31f:178:98f8:8598OPENED 0 0* *[1:8][U] 2001:5b0::1150:b883:31f:178:98f8:2764OPENED 0 0* *[1:9][U] 2001:5b0::1150:b883:31f:178:98f8:1567OPENED 0 0* *[1:10][U] 2001:5b0::1150:b883:31f:178:98f8:243OPENED 0 0* *[1:11][U] 2001:5b0::1150:b883:31f:178:98f8:458OPENED 0 0* Thread 1: active sessions 12 Thread 2: no sessions Connection State Rx-f Tx-f [3:0][U] 2001:5b0::1150:b883:31f:178:98f8:7428OPENED 0 0 [3:1][U] 2001:5b0::1150:b883:31f:678:98f8:7428OPENED 0 0 Thread 3: active sessions 2 Connection State Rx-f Tx-f [4:0][U] 2001:5b0::1150:b883:31f:278:98f8:7428OPENED 0 0 [4:1][U] 2001:5b0::1150:b883:31f:578:98f8:7428OPENED 0 0 Thread 4: active sessions 2 Thread 5: no sessions Connection State Rx-f Tx-f [6:0][U] 2001:5b0::1150:b883:31f:378:98f8:7428OPENED 0 0 [6:1][U] 2001:5b0::1150:b883:31f:478:98f8:7428OPENED 0 0 Thread 6: active sessions 2 That is creating Bottleneck, Please find our RX placement, vpp# show interface rx-placement Thread 1 (vpp_wk_0): node memif-input: memif15/0 queue 0 (polling) memif16/0 queue 0 (polling) Thread 2 (vpp_wk_1): node memif-input: memif2/0 queue 0 (polling) memif4/0 queue 0 (polling) Thread 3 (vpp_wk_2): node memif-input: memif3/0 queue 0 (polling) memif14/0 queue 0 (polling) node dpdk-input: HundredGigabitEthernet12/0/0 queue 2 (polling) Thread 4 (vpp_wk_3): node memif-input: memif1/0 queue 0 (polling) memif12/0 queue 0 (polling) node dpdk-input: HundredGigabitEthernet12/0/0 queue 3 (polling) Thread 5 (vpp_wk_4): node memif-input: memif11/0 queue 0 (polling) memif13/0 queue 0 (polling) node dpdk-input: HundredGigabitEthernet12/0/0 queue 0 (polling) Thread 6 (vpp_wk_5): node memif-input: memif5/0 queue 0 (polling) memif6/0 queue 0 (polling) node dpdk-input: HundredGigabitEthernet12/0/0 queue 1 (polling) vpp# We made sure the RX queues are on not on worker 1 and 0, there is slight improvement but not upto the mark, So our question is, 1> How can we distribute these TX sessions among different workers? 2> Or How can we attain maximum with one thread? Thanks in advance for reading and answering -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#17508): https://lists.fd.io/g/vpp-dev/message/17508 Mute This Topic: https://lists.fd.io/mt/77078709/21656 Mute #vnet:https://lists.fd.io/g/vpp-dev/mutehashtag/vnet Mute #vppcom:https://lists.fd.io/g/vpp-dev/mutehashtag/vppcom Mute #txbuff:https://lists.fd.io/g/vpp-dev/mutehashtag/txbuff Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [vpp-dev] Distributing VPPCOM TX sessions to different worker thread #vnet #vppcom #TxBuff
Thanks Florin for your response Please find my answers below 1> I opened the UDP sessions with vppcom_session_connect and these are always for TX and it will not receive any data. 2> No there is no sent traffic on these. I can try this part. 3> Actually the throughput as you know depends on different factors like cores and etc, we have 100G card but we have our own application has limit. So i cannot answer what maximum we can push. 4> Coming to the dropped the Input Queues are getting filled with traffic. *Connection State Rx-f Tx-f [1:0][U] 2001:5b0::1150:b883:31f:178:98f8:2035OPENED 0 7999863 [1:1][U] 2001:5b0::1150:b883:31f:178:98f8:5100OPENED 0 7999863 [1:2][U] 2001:5b0::1150:b883:31f:178:98f8:1160OPENED 0 7999863 [1:3][U] 2001:5b0::1150:b883:31f:178:98f8:3442OPENED 0 7999863 [1:4][U] 2001:5b0::1150:b883:31f:178:98f8:1220OPENED 0 7999863 [1:5][U] 2001:5b0::1150:b883:31f:178:98f8:3303OPENED 0 7999863 [1:6][U] 2001:5b0::1150:b883:31f:178:98f8:5397OPENED 0 0 [1:7][U] 2001:5b0::1150:b883:31f:178:98f8:2545OPENED 0 0 [1:8][U] 2001:5b0::1150:b883:31f:178:98f8:4097OPENED 0 0 [1:9][U] 2001:5b0::1150:b883:31f:178:98f8:3618OPENED 0 0 [1:10][U] 2001:5b0::1150:b883:31f:178:98f8:141OPENED 0 0 [1:11][U] 2001:5b0::1150:b883:31f:178:98f8:465OPENED 0 0 Thread 1: active sessions 12* The Interface Counters doesn't have drops, RX FIFO and TX-FIFO rx-fifo-size 800 tx-fifo-size 800 Please let me know is there any other method to distribute these TX Flows or increase the throughput. //Ravi -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#17518): https://lists.fd.io/g/vpp-dev/message/17518 Mute This Topic: https://lists.fd.io/mt/77078709/21656 Mute #vnet:https://lists.fd.io/g/vpp-dev/mutehashtag/vnet Mute #vppcom:https://lists.fd.io/g/vpp-dev/mutehashtag/vppcom Mute #txbuff:https://lists.fd.io/g/vpp-dev/mutehashtag/txbuff Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [vpp-dev] Distributing VPPCOM TX sessions to different worker thread #vnet #vppcom #TxBuff
Thanks Florin, I am seeing maximum 12G with 1.5kB Datagrams. Not able to achieve 20Gbps. I will explore the option you provided. -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#17520): https://lists.fd.io/g/vpp-dev/message/17520 Mute This Topic: https://lists.fd.io/mt/77078709/21656 Mute #vnet:https://lists.fd.io/g/vpp-dev/mutehashtag/vnet Mute #vppcom:https://lists.fd.io/g/vpp-dev/mutehashtag/vppcom Mute #txbuff:https://lists.fd.io/g/vpp-dev/mutehashtag/txbuff Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[vpp-dev] vppcom and binary api #binapi #vapi #vppcom
Hi Team, We have our application which uses VPPCOM sessions to read and write some packets. We have one more requirement that Application uses Vpp-binary api and provide some information to our own plugin. When we try calling this binary apis without VPPCOM session started or running, the VPP Binary APIs are working fine. When we try to call after VPPCOM session create then we are seeing our application crash in VPP library. So we want to understand, if we are using VPPCOM session, is vpp binary api not allowed to use? If that is true, do we have any other mechanism to call my plugin binary API? I don't want to use CLI because these APIs will get call in fast path. Please advice us. -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#18241): https://lists.fd.io/g/vpp-dev/message/18241 Mute This Topic: https://lists.fd.io/mt/78677945/21656 Mute #binapi:https://lists.fd.io/g/vpp-dev/mutehashtag/binapi Mute #vapi:https://lists.fd.io/g/vpp-dev/mutehashtag/vapi Mute #vppcom:https://lists.fd.io/g/vpp-dev/mutehashtag/vppcom Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [vpp-dev] vppcom and binary api #binapi #vapi #vppcom
Hi Florin, Thanks for your response, however I have a question, If I want to use another Binary API initialization do we need to do at our Application or in VPP code. When I check VPP source code, the initialization always with "vpe-api" vpe_api_init calls always vl_set_memory_region_name ("/vpe-api"); so wondering do we have any other region present? FYI: We are using 20.05 stable version. Regards, Ravi. -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#18248): https://lists.fd.io/g/vpp-dev/message/18248 Mute This Topic: https://lists.fd.io/mt/78677945/21656 Mute #binapi:https://lists.fd.io/g/vpp-dev/mutehashtag/binapi Mute #vapi:https://lists.fd.io/g/vpp-dev/mutehashtag/vapi Mute #vppcom:https://lists.fd.io/g/vpp-dev/mutehashtag/vppcom Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [vpp-dev] vppcom and binary api #binapi #vapi #vppcom
Hi Florin/Team of experts, I have one more question, The basic requirement we have is We have to send some data from our application to our own plugin. While going through previous messages and documentation, we found we can use memif or quick sockets. Our question is, do we have any other VPP provided methods of communication between a Plugin and Application? if yes can you please provide a pointer. That may resolve our issue. //Ravi. -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#18269): https://lists.fd.io/g/vpp-dev/message/18269 Mute This Topic: https://lists.fd.io/mt/78677945/21656 Mute #binapi:https://lists.fd.io/g/vpp-dev/mutehashtag/binapi Mute #vapi:https://lists.fd.io/g/vpp-dev/mutehashtag/vapi Mute #vppcom:https://lists.fd.io/g/vpp-dev/mutehashtag/vppcom Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[vpp-dev] Plugin communication with Host Application. #plugin #vpp-dev #control_and_data_plane_together
Hi Team, We developed a plugin and forwarding packets to several interfaces depending on some filtering rules. Now we have a requirement to create these filtering rules from Host Application. We have a problem to use VPPCOM/Binary API. DO we have any communication method from HOSTAPP to VPP Plugin? can you please provide any pointer which can help us to refer and develop? The Plugin currently registered with VPP and working fine. Can we make plugin to monitor on a file/event for these filtering rules which needed from HostAPP without impacting the normal fast path processing of plugin? Any pointers for which does "Control" and "Data plane" functionality same without VPPCOM/Binary API? Thanks for your support. //Ravi. -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#18277): https://lists.fd.io/g/vpp-dev/message/18277 Mute This Topic: https://lists.fd.io/mt/78788956/21656 Mute #plugin:https://lists.fd.io/g/vpp-dev/mutehashtag/plugin Mute #vpp-dev:https://lists.fd.io/g/vpp-dev/mutehashtag/vpp-dev Mute #control_and_data_plane_together:https://lists.fd.io/g/vpp-dev/mutehashtag/control_and_data_plane_together Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[vpp-dev] Plugin communication with Host Application. #plugin #vpp-dev #control_and_data_plane_together
[Edited Message Follows] Hi Team, We developed a plugin and forwarding packets to several interfaces depending on some filtering rules. Now we have a requirement to create these filtering rules from Host Application. We have a problem to use VPPCOM/Binary API. DO we have any communication method from HOSTAPP to VPP Plugin? can you please provide any pointer which can help us to refer and develop? The Plugin currently registered with VPP and working fine. Can we make plugin to monitor on a file/event for these filtering rules which needed from HostAPP without impacting the normal fast path processing of plugin? Any pointers for which does "Control" and "Data plane" functionality in the same plugin without using VPPCOM/Binary API? Thanks for your support. //Ravi. -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#18277): https://lists.fd.io/g/vpp-dev/message/18277 Mute This Topic: https://lists.fd.io/mt/78788956/21656 Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[vpp-dev] VLAN based routing #vpp-dev
Hi Team, Our architecture is something like this INGRESS>VPP->Plugin->MEMIF(Ethernet mode)->USER Application, In ingress we want to read the packet layer 2. EGRESS ==> User Application --> MEMIF(IP MODE) --> VPP. We want to get the packet routed through VPP. We are seeing the VPP dropping the packets if DST Subnet not matched with any of the interface configuration in VPP. If we add the default route, the VPP sending packets to default router. However we can not make one default route to send all the packets to router/GW. Our requirement is depending on different VLANs we want to forward the packets to different GWs. Can you please provide any pointer? is there any way we can achieve this VLAN based forwarding? //Ravi -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#18893): https://lists.fd.io/g/vpp-dev/message/18893 Mute This Topic: https://lists.fd.io/mt/81218380/21656 Mute #vpp-dev:https://lists.fd.io/g/vpp-dev/mutehashtag/vpp-dev Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[vpp-dev] Plugin and getting packets from Bonded interface. #vpp-memif #vpp-hoststack #vnet
Hi Team, We developed a plugin in VPP to read data from a physical interface and forward to our application, Packet 2 *03:03:45:254785: dpdk-input* *HundredGigabitEthernet12/0/0 rx queue 0* buffer 0x1f3a68: current data 0, length 114, buffer-pool 0, ref-count 1, totlen-nifb 132, trace handle 0x101 ext-hdr-valid PKT MBUF: port 0, nb_segs 1, pkt_len 114 buf_len 9344, data_len 114, ol_flags 0x182, data_off 128, phys_addr 0xf28e9a80 packet_type 0x2e1 l2_len 0 l3_len 0 outer_l2_len 0 outer_l3_len 0 rss 0x42828e0 fdir.hi 0x0 fdir.lo 0x42828e0 Packet Offload Flags PKT_RX_RSS_HASH (0x0002) RX packet with RSS hash result PKT_RX_IP_CKSUM_GOOD (0x0080) IP cksum of RX pkt. is valid PKT_RX_L4_CKSUM_GOOD (0x0100) L4 cksum of RX pkt. is valid Packet Types RTE_PTYPE_L2_ETHER (0x0001) Ethernet packet RTE_PTYPE_L3_IPV6_EXT_UNKNOWN (0x00e0) IPv6 packet with or without extension headers RTE_PTYPE_L4_UDP (0x0200) UDP packet IP6: b8:83:03:81:55:e0 -> 33:33:00:00:99:01 802.1q vlan 501 UDP: 2001:5b0::501:b883:31f:181:55e0 -> ff38:23:2001:5b0:2000::9901 tos 0x00, flow label 0x88b96, hop limit 254, payload length 56 UDP: 58362 -> 9901 length 56, checksum 0x6a9b *03:03:45:254786: ipgw_ent* *IPGW_ENT: sw_if_index 2, next index 0* new src b8:83:03:81:55:e0 -> new dst 33:33:00:00:99:01 03:03:45:254787: ethernet-input IP6: b8:83:03:81:55:e0 -> 33:33:00:00:99:01 802.1q vlan 501 03:03:45:254787: ip6-input UDP: 2001:5b0::501:b883:31f:181:55e0 -> ff38:23:2001:5b0:2000::9901 tos 0x00, flow label 0x88b96, hop limit 254, payload length 56 UDP: 58362 -> 9901 length 56, checksum 0x6a9b 03:03:45:254787: ip6-mfib-forward-lookup fib 0 entry 3 03:03:45:254787: ip6-mfib-forward-rpf entry 3 itf -1 flags 03:03:45:254788: ip6-drop UDP: 2001:5b0::501:b883:31f:181:55e0 -> ff38:23:2001:5b0:2000::9901 tos 0x00, flow label 0x88b96, hop limit 254, payload length 56 UDP: 58362 -> 9901 length 56, checksum 0x6a9b 03:03:45:254788: error-drop rx:HundredGigabitEthernet12/0/0.501 03:03:45:254788: drop ip6-input: drops due to concurrent reassemblies limit This is working fine when we attach to a physical interface, however we want to create a bonded interface and attach bonded interface to the plugin, This is not working and the plugin never getting hit. I tried adding the VNET_FEATURE_INIT (ipgw_ent, static) = { .arc_name = "device-input", *.node_name = "ipgw_ent",* *.runs_before = VNET_FEATURES ("bond-input"),* }; or "before ethernet-input", still the bonded interface is not getting catch and the trace looks like below. Packet 2 *00:47:16:953591: dpdk-input* *HundredGigabitEthernet12/0/0 rx queue 0* buffer 0x169d81: current data 0, length 68, buffer-pool 0, ref-count 1, totlen-nifb 0, trace handle 0x101 ext-hdr-valid PKT MBUF: port 0, nb_segs 1, pkt_len 68 buf_len 9344, data_len 68, ol_flags 0x0, data_off 128, phys_addr 0x692760c0 packet_type 0x1 l2_len 0 l3_len 0 outer_l2_len 0 outer_l3_len 0 rss 0x0 fdir.hi 0x0 fdir.lo 0x0 Packet Types RTE_PTYPE_L2_ETHER (0x0001) Ethernet packet *0x0032: 3c:2c:30:65:54:3d -> 01:00:0c:cc:cc:cd 802.1q vlan 1150 priority 7* *00:47:16:953592: bond-input* src 3c:2c:30:65:54:3d, dst 01:00:0c:cc:cc:cd, HundredGigabitEthernet12/0/0 -> BondEthernet0 00:47:16:953592: ethernet-input 0x0032: 3c:2c:30:65:54:3d -> 01:00:0c:cc:cc:cd 802.1q vlan 1150 priority 7 00:47:16:953592: llc-input LLC snap -> snap 00:47:16:953595: snap-input SNAP cisco per_vlan_spanning_tree 00:47:16:953596: error-drop rx:BondEthernet0.1150 00:47:16:953596: drop snap-input: unknown oui/snap protocol We needed bonded interface support for "LACP/Active-backup" creation. However our main requirement is we need to get packets to our application as "Raw" or "RawSocket" format, so that we can do filtering/forwarding depending on our own logic. That's why we used VPP--> ourplugin--> memif-->ourapplication, Do you have any better approach, please suggest us. Or how to attach my plugin to BondedInterface, anyone will solve our problem. //Ravi -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#19403): https://lists.fd.io/g/vpp-dev/message/19403 Mute This Topic: https://lists.fd.io/mt/82919092/21656 Mute #vpp-memif:https://lists.fd.io/g/vpp-dev/mutehashtag/vpp-memif Mute #vpp-hoststack:https://lists.fd.io/g/vpp-dev/mutehashtag/vpp-hoststack Mute #vnet:https://lists.fd.io/g/vpp-dev/mutehashtag/vnet Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[vpp-dev] ACL IPV6 rule addition using the "set acl_plugin acl" command from "vppctl" #vppctl #acl #acl_plugin #ipv6
Hi Experts, We were trying to create some ACL rules for IPv6 addresses, *"set acl-plugin acl permit src 2001:5b0::1150::0/64 " in vppctl. * "set acl-plugin acl permit ipv6 src 2001:5b0::1150::0/64 " in vppctl. giving ACL index but when I check "show acl_plugin acl" its not giving any information. vpp# set acl-plugin acl ipv6 permit src 2001:5b0::1150::0/64 ACL index:1 vpp# show acl-plugin acl acl-index 0 count 1 tag {cli} 0: ipv4 permit src 172.25.169.0/24 dst 0.0.0.0/0 proto 0 sport 0-65535 dport 0-65535 acl-index 1 count 0 tag {cli} vpp# We are using VPP 20.05 stable version. We couldn't able to set the ACL for IPv6. We are not seeing any error message on the logs. We could able to set ACL for IPv4 without any issue. We tried same thing from vpp_api_test, still we couldn't able to set IPv6 rule. Can you please provide some pointer for creating "acl rule for IPV6." Thanks for your help. //Ravi -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#19771): https://lists.fd.io/g/vpp-dev/message/19771 Mute This Topic: https://lists.fd.io/mt/84212274/21656 Mute #acl_plugin:https://lists.fd.io/g/vpp-dev/mutehashtag/acl_plugin Mute #ipv6:https://lists.fd.io/g/vpp-dev/mutehashtag/ipv6 Mute #vppctl:https://lists.fd.io/g/vpp-dev/mutehashtag/vppctl Mute #acl:https://lists.fd.io/g/vpp-dev/mutehashtag/acl Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[vpp-dev] BondedInterface and memif interface for raw packet #memif #BondedInterface #plugin
Hi Experts, We implemented a PLUGIN, this plugin reads packets from physical interface and sends to memif. The memif other end is our application, it takes necessary action. The packet flow would be Devie-Input --> OUR Plugin --> Memif --> Our application.(Plugin filters the packets and send to memif or Bond-input.) or Devie-Input --> OUR Plugin --> bond-input --> VPP processing. Our plugin is working with only physical interface. Now we are trying to make this work with Bonded Interface, its not working with bonded interface. If we disable bond-input for that physical interface and only enable our plugin it will work fine. But we needed BondedInterface support for LACP. So we can't just avoid BondedInterface. Our feature arc is VNET_FEATURE_INIT (ipgw_ent, static) = { .arc_name = "device-input", .node_name = "ravi_plugin", .runs_before = VNET_FEATURES ("ethernet-input"), }; I tried placing different arcs for my plugin, its not working. Can you please suggest how can our plugin to make it work for logical interfaces. Like if we want to make it work for BondedInterface.1100? which arc we should choose, we need raw packet to our application. Any pointers are very big help. //Ravi. -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#19793): https://lists.fd.io/g/vpp-dev/message/19793 Mute This Topic: https://lists.fd.io/mt/84233170/21656 Mute #memif:https://lists.fd.io/g/vpp-dev/mutehashtag/memif Mute #bondedinterface:https://lists.fd.io/g/vpp-dev/mutehashtag/bondedinterface Mute #plugin:https://lists.fd.io/g/vpp-dev/mutehashtag/plugin Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[vpp-dev] BondedInterface and memif interface for raw packet #memif #BondedInterface #plugin
[Edited Message Follows] Hi Experts, We implemented a PLUGIN, this plugin reads packets from physical interface and sends to memif. We implemented this approach to get RAW packets to our application. The memif other end is our application, it takes necessary action. The packet flow would be Devie-Input --> OUR Plugin --> Memif --> Our application.(Plugin filters the packets and send to memif or Bond-input.) or Devie-Input --> OUR Plugin --> bond-input --> VPP processing. Our plugin is working with only physical interface. Now we are trying to make this work with Bonded Interface, its not working with bonded interface. If we disable bond-input for that physical interface and only enable our plugin it will work fine. But we needed BondedInterface support for LACP. So we can't just avoid BondedInterface. Our feature arc is VNET_FEATURE_INIT (ipgw_ent, static) = { .arc_name = "device-input", .node_name = "ravi_plugin", .runs_before = VNET_FEATURES ("ethernet-input"), }; I tried placing different arcs for my plugin, its not working. Can you please suggest how can our plugin to make it work for logical interfaces. Like if we want to make it work for BondedInterface.1100? which arc we should choose, we need raw packets to our application. Any mechanism which can provide RAW PACKET reading from VPP also works fine. Any pointers are very big help. //Ravi. -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#19793): https://lists.fd.io/g/vpp-dev/message/19793 Mute This Topic: https://lists.fd.io/mt/84233170/21656 Mute #plugin:https://lists.fd.io/g/vpp-dev/mutehashtag/plugin Mute #memif:https://lists.fd.io/g/vpp-dev/mutehashtag/memif Mute #bondedinterface:https://lists.fd.io/g/vpp-dev/mutehashtag/bondedinterface Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[vpp-dev] ACL-->ABF--> Memif, Seeing arp request for the packets #acl #abf #policy #routing
Hi Experts, We are trying to implement forwarding dst X.X.X.X/X subnet packets on interface Y to the memif1/0 To achieve that we used ACL and ABF policy rules. When I am trying to send traffic to "X.X.X.X" network I see ARP requests for that subnet on memif1/0. We don't need to send ARP for these "X.X.X.X", because Our application at other end of memif1/0 will take care of further processing. How to achieve that kind of forwarding. Please find my configuration for your reference. =Receving on the memif set interface state HundredGigabitEthernet12/0/0 up create sub-interfaces HundredGigabitEthernet12/0/0 1100 set interface state HundredGigabitEthernet12/0/0.1100 up set interface ip add HundredGigabitEthernet12/0/0.1100 192.168.110.2/24 create memif socket id 1 filename /run/vpp/memif1.sock create interface memif id 0 socket-id 1 master set interface state memif1/0 up set interface ip add memif1/0 192.168.1.3/24 ACL rules set acl-plugin acl permit dst 172.172.0.0/24 abf policy add id 0 acl 0 via memif1/0 abf attach ip4 policy 0 HundredGigabitEthernet12/0/0.1100 === We are expecting any "Ingress" traffic destined to "172.172.0.0/24" should go to the "memif1/0". How can we achieve that kind of forwarding in VPP? Any pointers will be a big help for us. //Ravi -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#19807): https://lists.fd.io/g/vpp-dev/message/19807 Mute This Topic: https://lists.fd.io/mt/84250705/21656 Mute #acl:https://lists.fd.io/g/vpp-dev/mutehashtag/acl Mute #abf:https://lists.fd.io/g/vpp-dev/mutehashtag/abf Mute #policy:https://lists.fd.io/g/vpp-dev/mutehashtag/policy Mute #routing:https://lists.fd.io/g/vpp-dev/mutehashtag/routing Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[vpp-dev] ACL-->ABF--> Memif, Seeing arp request for the packets #acl #abf #policy #routing
[Edited Message Follows] Hi Experts, We are trying to implement forwarding dst X.X.X.X/X subnet packets on interface Y to the memif1/0 To achieve that we used ACL and ABF policy rules. When I am trying to send traffic to "X.X.X.X" network I see ARP requests for that subnet on memif1/0. We don't need to send ARP for these "X.X.X.X", because Our application at other end of memif1/0 will take care of further processing. How to achieve that kind of forwarding. Please find my configuration for your reference. =Receving on the memif set interface state HundredGigabitEthernet12/0/0 up create sub-interfaces HundredGigabitEthernet12/0/0 1100 set interface state HundredGigabitEthernet12/0/0.1100 up set interface ip add HundredGigabitEthernet12/0/0.1100 192.168.110.2/24 create memif socket id 1 filename /run/vpp/memif1.sock create interface memif id 0 socket-id 1 master set interface state memif1/0 up set interface ip add memif1/0 192.168.1.3/24 ACL rules set acl-plugin acl permit dst 172.172.0.0/24 abf policy add id 0 acl 0 via memif1/0 abf attach ip4 policy 0 HundredGigabitEthernet12/0/0.1100 === We are expecting any "Ingress" traffic destined to "172.172.0.0/24" should go to the "memif1/0". We tried giving abf policy add id 0 acl 0 via 192.168.1.5 memif1/0 --> still same problem. We see ARP request for 172.172.0.1 How can we achieve that kind of forwarding in VPP? Any pointers will be a big help for us. //Ravi -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#19807): https://lists.fd.io/g/vpp-dev/message/19807 Mute This Topic: https://lists.fd.io/mt/84250705/21656 Mute #acl:https://lists.fd.io/g/vpp-dev/mutehashtag/acl Mute #abf:https://lists.fd.io/g/vpp-dev/mutehashtag/abf Mute #policy:https://lists.fd.io/g/vpp-dev/mutehashtag/policy Mute #routing:https://lists.fd.io/g/vpp-dev/mutehashtag/routing Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [vpp-dev] ACL-->ABF--> Memif, Seeing arp request for the packets #acl #abf #policy #routing
Hi Neale, Thanks for your time. Yes I got that and I did created a dummy arp to make this work. ip neighbor memif1/0 192.168.1.3 dead.dead.dead set acl-plugin acl permit dst 172.172.0.0/24 abf policy add id 0 acl 0 via 192.168.1.3 memif1/0 abf attach ip4 policy 0 HundredGigabitEthernet12/0/0 however I have one more question, *if we want to get VLAN header also on memif how can we get it?* I am seeing the packets with ehternet header but VLAN is getting stripped. How can we get VLAN header to memif when we do ABF Any pointers will be a great help. //Ravi -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#19819): https://lists.fd.io/g/vpp-dev/message/19819 Mute This Topic: https://lists.fd.io/mt/84250705/21656 Mute #acl:https://lists.fd.io/g/vpp-dev/mutehashtag/acl Mute #abf:https://lists.fd.io/g/vpp-dev/mutehashtag/abf Mute #policy:https://lists.fd.io/g/vpp-dev/mutehashtag/policy Mute #routing:https://lists.fd.io/g/vpp-dev/mutehashtag/routing Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [vpp-dev] ACL-->ABF--> Memif, Seeing arp request for the packets #acl #abf #policy #routing
[Edited Message Follows] Hi Neale, Thanks for your time. Yes I got that and I did created a dummy arp to make this work. ip neighbor memif1/0 192.168.1.3 dead.dead.dead set acl-plugin acl permit dst 172.172.0.0/24 abf policy add id 0 acl 0 via 192.168.1.3 memif1/0 abf attach ip4 policy 0 HundredGigabitEthernet12/0/0.1100 however I have one more question, *if we want to get VLAN header also on memif how can we get it?* I am seeing the packets with ehternet header but VLAN is getting stripped. How can we get VLAN header to memif when we do ABF Any pointers will be a great help. //Ravi -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#19819): https://lists.fd.io/g/vpp-dev/message/19819 Mute This Topic: https://lists.fd.io/mt/84250705/21656 Mute #acl:https://lists.fd.io/g/vpp-dev/mutehashtag/acl Mute #abf:https://lists.fd.io/g/vpp-dev/mutehashtag/abf Mute #policy:https://lists.fd.io/g/vpp-dev/mutehashtag/policy Mute #routing:https://lists.fd.io/g/vpp-dev/mutehashtag/routing Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [vpp-dev] ACL-->ABF--> Memif, Seeing arp request for the packets #acl #abf #policy #routing
Neale, This is really I never thought we can create VLAN for memif This saved enormous of amount my time... I am really excited and its working perfectly fine. //Ravi -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#19822): https://lists.fd.io/g/vpp-dev/message/19822 Mute This Topic: https://lists.fd.io/mt/84250705/21656 Mute #acl:https://lists.fd.io/g/vpp-dev/mutehashtag/acl Mute #abf:https://lists.fd.io/g/vpp-dev/mutehashtag/abf Mute #policy:https://lists.fd.io/g/vpp-dev/mutehashtag/policy Mute #routing:https://lists.fd.io/g/vpp-dev/mutehashtag/routing Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[vpp-dev] VLAN based Forwarding to My application #vlan #memif #forwarding #acl
Hi Experts, Our requirement is when VPP receives tcp/udp traffic with VLAN header, it should forward to application in Linux So our requirement is VLAN 1--> Memif1 --> App1 VLAN 2 --> Memif2 --> App1 How can we achieve this. We don't want to use ip route based or ACL->ABF because at least I couldn't able to figure out VLAN based routing is possible. Any help will be a big help for us. //Ravi -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#19880): https://lists.fd.io/g/vpp-dev/message/19880 Mute This Topic: https://lists.fd.io/mt/84532112/21656 Mute #vlan:https://lists.fd.io/g/vpp-dev/mutehashtag/vlan Mute #memif:https://lists.fd.io/g/vpp-dev/mutehashtag/memif Mute #forwarding:https://lists.fd.io/g/vpp-dev/mutehashtag/forwarding Mute #acl:https://lists.fd.io/g/vpp-dev/mutehashtag/acl Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[vpp-dev] VLAN based Forwarding to My application #vlan #memif #forwarding #acl
[Edited Message Follows] Hi Experts, Our requirement is when VPP receives tcp/udp traffic with VLAN header, it should forward to application in Linux So our requirement is VLAN 1--> Memif1 --> App1 VLAN 2 --> Memif2 --> App2 How can we achieve this. We don't want to use ip route based or ACL->ABF because at least I couldn't able to figure out VLAN based routing is possible. Any help will be a big help for us. //Ravi -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#19880): https://lists.fd.io/g/vpp-dev/message/19880 Mute This Topic: https://lists.fd.io/mt/84532112/21656 Mute #acl:https://lists.fd.io/g/vpp-dev/mutehashtag/acl Mute #memif:https://lists.fd.io/g/vpp-dev/mutehashtag/memif Mute #vlan:https://lists.fd.io/g/vpp-dev/mutehashtag/vlan Mute #forwarding:https://lists.fd.io/g/vpp-dev/mutehashtag/forwarding Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[vpp-dev] VLAN+IP Based forwarding is possible? #vlan #abf #acl #memif
Hi Experts, We have our application reading packets through memif and does consume them. We are adding rules in the VPP to reach particualr memif based on dst IP. "ip route add 172.172.0.0/24 via 192.168.1.3 memif1/0" However we have a requirement, where the Destination NETWORK can overlap with other VLAN. So we need forward rules based on the "VLAN + MEMIF" For example If VLAN is *301* and DST IP is *172.173.0.0/24* it should reach to *memif1/0* If VLAN is *302* and DST IP is 172.173.0.0/24 it should reach to *memif2/0 * any suggestion is a great help. //Ravi -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#19892): https://lists.fd.io/g/vpp-dev/message/19892 Mute This Topic: https://lists.fd.io/mt/84619355/21656 Mute #vlan:https://lists.fd.io/g/vpp-dev/mutehashtag/vlan Mute #abf:https://lists.fd.io/g/vpp-dev/mutehashtag/abf Mute #acl:https://lists.fd.io/g/vpp-dev/mutehashtag/acl Mute #memif:https://lists.fd.io/g/vpp-dev/mutehashtag/memif Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [vpp-dev] VLAN based Forwarding to My application #vlan #memif #forwarding #acl
Hi Neale, Thanks for your suggestion and time. However I tried following things " set interface l2 xconnect memif1/0 memif2/0 set interface l2 xconnect memif2/0 memif1/0 " and forwarding to memif1/0 from some routing. the memif1/0 is getting received the packets. But memif2/0 is not getting received any thing? is xconnect doesn't work for across 2 memif interfaces? When I tried with the following commands, memif1/0 is receiving the packets set interface l2 xconnect BondEthernet0.1100 memif1/0 set interface l2 xconnect memif1/0 BondEthernet0.1100 But I need between 2 memifs? any help is appreciated. //Ravi -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#19894): https://lists.fd.io/g/vpp-dev/message/19894 Mute This Topic: https://lists.fd.io/mt/84532112/21656 Mute #acl:https://lists.fd.io/g/vpp-dev/mutehashtag/acl Mute #memif:https://lists.fd.io/g/vpp-dev/mutehashtag/memif Mute #vlan:https://lists.fd.io/g/vpp-dev/mutehashtag/vlan Mute #forwarding:https://lists.fd.io/g/vpp-dev/mutehashtag/forwarding Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[vpp-dev] VLAN+IP based forwarding #acl, #abf #vlan #memif #forwarding #vpp
Hi Experts, We have our application reading packets through memif and does consume them. We are adding rules in the VPP to reach particualr memif based on dst IP. "ip route add 172.172.0.0/24 via 192.168.1.3 memif1/0" However we have a requirement, where the Destination NETWORK can overlap with other VLAN. So we need forward rules based on the "VLAN + MEMIF" For example If *VLAN is 301* and *DST IP is 172.173.0.0/24* it should reach to *memif1/0* If *VLAN is 302* and *DST IP is 172.173.0.0/24* it should reach to *memif2/0* If *VLAN is 302* and *DST IP is 172.174.0.0/24* it should reach to *memif1/0* If *VLAN is 301* and *DST IP is 172.174.0.0/24* it should reach to *memif2/0* We can not use *L2 xconnect* , which directly relays L2 packets to corresponding memif1/0, *We need DST and VLAN because our application handles multiple clients with same overlapping subnets with VLAN+IP based routing.* So we need *VLAN+DST IP based routing, any suggestion is a great help.* //Ravi -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#19896): https://lists.fd.io/g/vpp-dev/message/19896 Mute This Topic: https://lists.fd.io/mt/84622474/21656 Mute #abf:https://lists.fd.io/g/vpp-dev/mutehashtag/abf Mute #vlan:https://lists.fd.io/g/vpp-dev/mutehashtag/vlan Mute #memif:https://lists.fd.io/g/vpp-dev/mutehashtag/memif Mute #forwarding:https://lists.fd.io/g/vpp-dev/mutehashtag/forwarding Mute #vpp:https://lists.fd.io/g/vpp-dev/mutehashtag/vpp Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[vpp-dev] Delete ACL rules #acl_plugin #acl #abf
Hi Team, I am trying to find a way to delete the ACL rules. From the commands provided in acl-plugin, I coudn't find a way to delete the acls after addition. The only way to delete ACL rules are just restart VPP, I don't want to do that. How can we dynamically delete the rules? always the rules are getting piled up if we don't restart VPP. Can you please help me to provide a cli to delete the ACL rules. For example: set acl-plugin acl permit src 172.25.169.0/24 --> this is one ACL rule, if I want to delete which command should I use. //Ravi -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#19936): https://lists.fd.io/g/vpp-dev/message/19936 Mute This Topic: https://lists.fd.io/mt/84778842/21656 Mute #acl_plugin:https://lists.fd.io/g/vpp-dev/mutehashtag/acl_plugin Mute #acl:https://lists.fd.io/g/vpp-dev/mutehashtag/acl Mute #abf:https://lists.fd.io/g/vpp-dev/mutehashtag/abf Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [vpp-dev] Delete ACL rules #acl_plugin #acl #abf
Any pointer will be a big help. //Ravi -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#19941): https://lists.fd.io/g/vpp-dev/message/19941 Mute This Topic: https://lists.fd.io/mt/84778842/21656 Mute #acl_plugin:https://lists.fd.io/g/vpp-dev/mutehashtag/acl_plugin Mute #acl:https://lists.fd.io/g/vpp-dev/mutehashtag/acl Mute #abf:https://lists.fd.io/g/vpp-dev/mutehashtag/abf Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [vpp-dev] Delete ACL rules #acl_plugin #acl #abf
Thanks for the help Neale \\Ravi -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#19945): https://lists.fd.io/g/vpp-dev/message/19945 Mute This Topic: https://lists.fd.io/mt/84778842/21656 Mute #acl_plugin:https://lists.fd.io/g/vpp-dev/mutehashtag/acl_plugin Mute #acl:https://lists.fd.io/g/vpp-dev/mutehashtag/acl Mute #abf:https://lists.fd.io/g/vpp-dev/mutehashtag/abf Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[vpp-dev] Blocking API call #ACL #binapi
HI Experts, We want to use API calls to create the ACL and ABF policies. We need a blocking calls because we need to decide next action on the return values. When I checked using the VAPI, I see only Asynchronous calls and we need to register callback for return values but I need a blocking calls For example If I want use Show version with blocking call and return values how can I achieve. Is there a way to use Blocking API calls and get return values. If any example to use Blocking API calls that will be great.. thanks. Regards, Ravi -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#20041): https://lists.fd.io/g/vpp-dev/message/20041 Mute This Topic: https://lists.fd.io/mt/85216718/21656 Mute #acl:https://lists.fd.io/g/vpp-dev/mutehashtag/acl Mute #binapi:https://lists.fd.io/g/vpp-dev/mutehashtag/binapi Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[vpp-dev] VAPI ACL addition. Not getting ACL index in response. #acl #acl_plugin #vapi
Hi Experts, We are trying to use VPP-API(VAPI) to create ACL rules. We are using the VAPI in blocking mode to get response immediately. We are getting the response back but the *ACL-INDEX is some other value*. Can you please see the below code, if I am doing something wrong. Any pointers are big help. printf ("--- Basic acl addition- reply test ---\n"); vapi_msg_acl_add_replace *acl= vapi_alloc_acl_add_replace(ctx, 1); if(acl==NULL) { printf("ACL retuns NULL %d\n",__LINE__); exit(1); } acl->payload.acl_index=-1; strncpy((char *)acl->payload.tag,"CheckIsWorking",12); acl->payload.count=1; vapi_type_prefix src_addr,dst_addr; acl->payload.r[0].is_permit=1; src_addr.address.af=0; src_addr.len=24;//prefix len inet_aton("172.1.1.0",(struct in_addr *)&(src_addr.address.un.ip4)); dst_addr.address.af=0; dst_addr.len=24;//prefix len inet_aton("111.1.1.0",(struct in_addr *)&(dst_addr.address.un.ip4)); acl->payload.r[0].src_prefix=src_addr; acl->payload.r[0].dst_prefix=dst_addr; vapi_msg_acl_add_replace_hton(acl); rv = vapi_send (ctx, acl); if(rv!=VAPI_OK) { printf("vapi_Send %d\n",__LINE__); exit(1); } vapi_payload_acl_add_replace_reply *resp; size_t size; rv = vapi_recv (ctx, (void *) &resp, &size, 0, 0); if(rv!=VAPI_OK) { printf("vapi_Send %d\n",__LINE__); exit(1); } printf("So the reply receivied ACL Index %d Retval %d\n",resp->acl_index,resp->retval); vapi_msg_free (ctx, resp); //Ravi. -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#20048): https://lists.fd.io/g/vpp-dev/message/20048 Mute This Topic: https://lists.fd.io/mt/85263360/21656 Mute #acl_plugin:https://lists.fd.io/g/vpp-dev/mutehashtag/acl_plugin Mute #vapi:https://lists.fd.io/g/vpp-dev/mutehashtag/vapi Mute #acl:https://lists.fd.io/g/vpp-dev/mutehashtag/acl Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[vpp-dev] VAPI ACL addition. Not getting ACL index in response. #acl #acl_plugin #vapi
[Edited Message Follows] Hi Experts, We are trying to use VPP-API(VAPI) to create ACL rules. We are using the VAPI in blocking mode to get response immediately. We are getting the response back but the *ACL-INDEX is some other value*. Can you please see the below code, if I am doing something wrong. Any pointers are big help. printf ("--- Basic acl addition- reply test ---\n"); vapi_msg_acl_add_replace *acl= vapi_alloc_acl_add_replace(ctx, 1); if(acl==NULL) { printf("ACL retuns NULL %d\n",__LINE__); exit(1); } acl->payload.acl_index=-1; strncpy((char *)acl->payload.tag,"CheckIsWorking",12); acl->payload.count=1; vapi_type_prefix src_addr,dst_addr; acl->payload.r[0].is_permit=1; src_addr.address.af=0; src_addr.len=24;//prefix len inet_aton("172.1.1.0",(struct in_addr *)&(src_addr.address.un.ip4)); dst_addr.address.af=0; dst_addr.len=24;//prefix len inet_aton("111.1.1.0",(struct in_addr *)&(dst_addr.address.un.ip4)); acl->payload.r[0].src_prefix=src_addr; acl->payload.r[0].dst_prefix=dst_addr; vapi_msg_acl_add_replace_hton(acl); rv = vapi_send (ctx, acl); if(rv!=VAPI_OK) { printf("vapi_Send %d\n",__LINE__); exit(1); } vapi_payload_acl_add_replace_reply *resp; size_t size; rv = vapi_recv (ctx, (void *) &resp, &size, 0, 0); if(rv!=VAPI_OK) { printf("vapi_Send %d\n",__LINE__); exit(1); } printf("So the reply receivied ACL Index %d Retval %d\n",resp->acl_index,resp->retval); vapi_msg_free (ctx, resp); *This is our testing Output:* # ./vapi_cli --- Basic show version message - reply test --- show_version_reply: program: `vpe', version: `21.06.0-2~g99c146915-dirty', build directory: `/opt/vpp', build date: `2021-07-29T16:36:55' --- Basic acl addition- reply test --- So the reply receivied ACL Index 42754 Retval 0 *VPP created the ACL: * # vppctl show acl-plugin acl acl-index 0 count 1 tag {CheckIsWorki} 0: ipv4 permit src 172.0.1.0/24 dst 111.0.1.0/24 proto 0 sport 0 dport 0 acl-index 1 count 1 tag {CheckIsWorki} 0: ipv4 permit src 172.1.1.0/24 dst 111.1.1.0/24 proto 0 sport 0 dport 0 acl-index 2 count 1 tag {CheckIsWorki} 0: ipv4 permit src 172.1.1.0/24 dst 111.1.1.0/24 proto 0 sport 0 dport 0 acl-index 3 count 1 tag {CheckIsWorki} 0: ipv4 permit src 172.1.1.0/24 dst 111.1.1.0/24 proto 0 sport 0 dport 0 acl-index 4 count 1 tag {CheckIsWorki} 0: ipv4 permit src 172.1.1.0/24 dst 111.1.1.0/24 proto 0 sport 0 dport 0 acl-index 5 count 1 tag {CheckIsWorki} 0: ipv4 permit src 172.1.1.0/24 dst 111.1.1.0/24 proto 0 sport 0 dport 0 I am expecting the vapi_payload_acl_add_replace_reply *resp; should contain the acl_index but not. Can someone help. //Ravi. -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#20048): https://lists.fd.io/g/vpp-dev/message/20048 Mute This Topic: https://lists.fd.io/mt/85263360/21656 Mute #vapi:https://lists.fd.io/g/vpp-dev/mutehashtag/vapi Mute #acl_plugin:https://lists.fd.io/g/vpp-dev/mutehashtag/acl_plugin Mute #acl:https://lists.fd.io/g/vpp-dev/mutehashtag/acl Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[vpp-dev] VAPI ACL addition. Not getting ACL index in response. #acl #acl_plugin #vapi
[Edited Message Follows] Hi Experts, We are trying to use VPP-API(VAPI) to create ACL rules. We are using the VAPI in blocking mode to get response immediately. We are getting the response back but the *ACL-INDEX is some other value*. Can you please see the below code, if I am doing something wrong. Any pointers are big help. printf ("--- Basic acl addition- reply test ---\n"); vapi_msg_acl_add_replace *acl= vapi_alloc_acl_add_replace(ctx, 1); if(acl==NULL) { printf("ACL retuns NULL %d\n",__LINE__); exit(1); } acl->payload.acl_index=-1; strncpy((char *)acl->payload.tag,"CheckIsWorking",12); acl->payload.count=1; vapi_type_prefix src_addr,dst_addr; acl->payload.r[0].is_permit=1; src_addr.address.af=0; src_addr.len=24;//prefix len inet_aton("172.1.1.0",(struct in_addr *)&(src_addr.address.un.ip4)); dst_addr.address.af=0; dst_addr.len=24;//prefix len inet_aton("111.1.1.0",(struct in_addr *)&(dst_addr.address.un.ip4)); acl->payload.r[0].src_prefix=src_addr; acl->payload.r[0].dst_prefix=dst_addr; vapi_msg_acl_add_replace_hton(acl); rv = vapi_send (ctx, acl); if(rv!=VAPI_OK) { printf("vapi_Send %d\n",__LINE__); exit(1); } vapi_payload_acl_add_replace_reply *resp; size_t size; rv = vapi_recv (ctx, (void *) &resp, &size, 0, 0); if(rv!=VAPI_OK) { printf("vapi_Send %d\n",__LINE__); exit(1); } printf("So the reply receivied ACL Index %d Retval %d\n",resp->acl_index,resp->retval); vapi_msg_free (ctx, resp); *This is our testing Output:* # ./vapi_cli --- Basic show version message - reply test --- show_version_reply: program: `vpe', version: `21.06.0-2~g99c146915-dirty', build directory: `/opt/vpp', build date: `2021-07-29T16:36:55' --- Basic acl addition- reply test --- So the reply receivied *ACL Index 42754 Retval 0* *VPP created the ACL: * # vppctl show acl-plugin acl acl-index 0 count 1 tag {CheckIsWorki} 0: ipv4 permit src 172.0.1.0/24 dst 111.0.1.0/24 proto 0 sport 0 dport 0 acl-index 1 count 1 tag {CheckIsWorki} 0: ipv4 permit src 172.1.1.0/24 dst 111.1.1.0/24 proto 0 sport 0 dport 0 acl-index 2 count 1 tag {CheckIsWorki} 0: ipv4 permit src 172.1.1.0/24 dst 111.1.1.0/24 proto 0 sport 0 dport 0 acl-index 3 count 1 tag {CheckIsWorki} 0: ipv4 permit src 172.1.1.0/24 dst 111.1.1.0/24 proto 0 sport 0 dport 0 acl-index 4 count 1 tag {CheckIsWorki} 0: ipv4 permit src 172.1.1.0/24 dst 111.1.1.0/24 proto 0 sport 0 dport 0 acl-index 5 count 1 tag {CheckIsWorki} 0: ipv4 permit src 172.1.1.0/24 dst 111.1.1.0/24 proto 0 sport 0 dport 0 I am expecting the *vapi_payload_acl_add_replace_reply *resp; should contain the acl_index but not. Any help is truly appreciated.* //Ravi. -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#20048): https://lists.fd.io/g/vpp-dev/message/20048 Mute This Topic: https://lists.fd.io/mt/85263360/21656 Mute #vapi:https://lists.fd.io/g/vpp-dev/mutehashtag/vapi Mute #acl_plugin:https://lists.fd.io/g/vpp-dev/mutehashtag/acl_plugin Mute #acl:https://lists.fd.io/g/vpp-dev/mutehashtag/acl Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [vpp-dev] VAPI ACL addition. Not getting ACL index in response. #acl #acl_plugin #vapi
Sorry for spamming, anyway, I found the problem. I was sending wrong response structure causing the problem. We supposed to use, *vapi_msg_acl_add_replace_reply* *resp; *vapi_payload_acl_add_replace_reply* *resp; Its working fine. Just incase some one wants to use above example, providing working one below. printf ("--- Basic acl addition- reply test ---\n"); vapi_msg_acl_add_replace *acl= vapi_alloc_acl_add_replace(ctx, 1); if(acl==NULL) { printf("ACL retuns NULL %d\n",__LINE__); exit(1); } acl->payload.acl_index=-1; strncpy((char *)acl->payload.tag,"CheckIsWorking",12); acl->payload.count=1; vapi_type_prefix src_addr,dst_addr; acl->payload.r[0].is_permit=1; src_addr.address.af=0; src_addr.len=24;//prefix len inet_aton("172.1.1.0",(struct in_addr *)&(src_addr.address.un.ip4)); dst_addr.address.af=0; dst_addr.len=24;//prefix len inet_aton("111.1.1.0",(struct in_addr *)&(dst_addr.address.un.ip4)); acl->payload.r[0].src_prefix=src_addr; acl->payload.r[0].dst_prefix=dst_addr; vapi_msg_acl_add_replace_hton(acl); rv = vapi_send (ctx, acl); if(rv!=VAPI_OK) { printf("vapi_Send %d\n",__LINE__); exit(1); } vapi_msg_acl_add_replace_reply *resp; size_t size; rv = vapi_recv (ctx, (void *) &resp, &size, 0, 0); if(rv!=VAPI_OK) { printf("vapi_Send %d\n",__LINE__); exit(1); } vapi_msg_acl_add_replace_reply_ntoh(resp); printf("So the reply receivied ACL Index %d Retval %d\n",resp->payload.acl_index,resp->payload.retval); vapi_msg_free (ctx, resp); -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#20049): https://lists.fd.io/g/vpp-dev/message/20049 Mute This Topic: https://lists.fd.io/mt/85263360/21656 Mute #vapi:https://lists.fd.io/g/vpp-dev/mutehashtag/vapi Mute #acl_plugin:https://lists.fd.io/g/vpp-dev/mutehashtag/acl_plugin Mute #acl:https://lists.fd.io/g/vpp-dev/mutehashtag/acl Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [vpp-dev] VAPI ACL addition. Not getting ACL index in response. #acl #acl_plugin #vapi
[Edited Message Follows] Sorry for spamming, anyway, I found the problem. I was sending wrong response structure causing the problem. We supposed to use, *vapi_msg_acl_add_replace_reply* *resp; but I was using *vapi_payload_acl_add_replace_reply* *resp; Its working fine. Just incase some one wants to use above example, providing working one below. printf ("--- Basic acl addition- reply test ---\n"); vapi_msg_acl_add_replace *acl= vapi_alloc_acl_add_replace(ctx, 1); if(acl==NULL) { printf("ACL retuns NULL %d\n",__LINE__); exit(1); } acl->payload.acl_index=-1; strncpy((char *)acl->payload.tag,"CheckIsWorking",12); acl->payload.count=1; vapi_type_prefix src_addr,dst_addr; acl->payload.r[0].is_permit=1; src_addr.address.af=0; src_addr.len=24;//prefix len inet_aton("172.1.1.0",(struct in_addr *)&(src_addr.address.un.ip4)); dst_addr.address.af=0; dst_addr.len=24;//prefix len inet_aton("111.1.1.0",(struct in_addr *)&(dst_addr.address.un.ip4)); acl->payload.r[0].src_prefix=src_addr; acl->payload.r[0].dst_prefix=dst_addr; vapi_msg_acl_add_replace_hton(acl); rv = vapi_send (ctx, acl); if(rv!=VAPI_OK) { printf("vapi_Send %d\n",__LINE__); exit(1); } vapi_msg_acl_add_replace_reply *resp; size_t size; rv = vapi_recv (ctx, (void *) &resp, &size, 0, 0); if(rv!=VAPI_OK) { printf("vapi_Send %d\n",__LINE__); exit(1); } vapi_msg_acl_add_replace_reply_ntoh(resp); printf("So the reply receivied ACL Index %d Retval %d\n",resp->payload.acl_index,resp->payload.retval); vapi_msg_free (ctx, resp); -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#20049): https://lists.fd.io/g/vpp-dev/message/20049 Mute This Topic: https://lists.fd.io/mt/85263360/21656 Mute #vapi:https://lists.fd.io/g/vpp-dev/mutehashtag/vapi Mute #acl_plugin:https://lists.fd.io/g/vpp-dev/mutehashtag/acl_plugin Mute #acl:https://lists.fd.io/g/vpp-dev/mutehashtag/acl Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[vpp-dev] acl ipv6 rule creation with VAPI. #acl #ipv6 #vapi
Hi Experts, I got tired trying several ways to add the IPV6 ACL rules using API. I couldn't successful. The same thing working fine with IPv4 rule. When I tried IPV6 rule, I am getting retval is -58, I am not able to figure out what is this error. Can anyone please help me to understand what could be causing the problem in the following. vapi_msg_acl_add_replace *acl= vapi_alloc_acl_add_replace(ctx, 1); acl->payload.acl_index=-1; strncpy((char *)acl->payload.tag,"fromthread1",12); acl->payload.count=1; acl->payload.r[0].is_permit=1; char ipv6addrstr[64]="\0"; acl->payload.r[0].src_prefix.address.af=1;//Ipv4 =0 IPv6=1; acl->payload.r[0].dst_prefix.address.af=1; acl->payload.r[0].dst_prefix.len=64;//prefix len int ret=0; //inet_ntop(AF_INET6, &(acl->payload.r[0].src_prefix.address.un.ip6), ipv6addrstr, INET6_ADDRSTRLEN); //printf("1ret %d,ipv6addrstr %s\n",ret,ipv6addrstr); ret=inet_pton(AF_INET6,"fd01::1",&(acl->payload.r[0].dst_prefix.address.un.ip6)); //struct in6_addr tmp_v6_addr; //ret=inet_pton(AF_INET6,"fd01::1",&(tmp_v6_addr)); //memcpy(&(acl->payload.r[0].dst_prefix.address.un.ip6),&(tmp_v6_addr.s6_addr[0]),sizeof(struct in6_addr)); //memcpy(&(acl->payload.r[0].dst_prefix.address.un.ip6),&(tmp_v6_addr),sizeof(struct in6_addr)); //for(i=0;i<16;i++) //{ // acl->payload.r[0].dst_prefix.address.un.ip6[i]=tmp_v6_addr.s6_addr[i]; // printf("val %x\n",tmp_v6_addr.s6_addr[i]); //} inet_ntop(AF_INET6, &(acl->payload.r[0].dst_prefix.address.un.ip6), ipv6addrstr, INET6_ADDRSTRLEN); printf("2ret %d,ipv6addrstr %s\n",ret,ipv6addrstr); vapi_msg_acl_add_replace_hton(acl); vapi_msg_acl_add_replace_reply *resp; rv=vapi_send_recv(ctx,acl,&resp); vapi_msg_acl_add_replace_reply_ntoh(resp); printf("So the reply receivied ACL Index %d Retval %d\n",resp->payload.acl_index,resp->payload.retval); *All the different ways to convert from ascii to IPV6 I tried, but in any case the payload.retval is -58.* *If I use inet_pton to ipv4, I am getting same error, but I am using inet_aton for ipv4 address to progress.* Any other method to convert the ASCII to IPV6 address may help I am not sure... Let us know if you guys find any problem in my code or... let us know the best way to add IPV6 ACL rules from application.(we don't want to use vppctl) //Ravi -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#20060): https://lists.fd.io/g/vpp-dev/message/20060 Mute This Topic: https://lists.fd.io/mt/85340656/21656 Mute #acl:https://lists.fd.io/g/vpp-dev/mutehashtag/acl Mute #ipv6:https://lists.fd.io/g/vpp-dev/mutehashtag/ipv6 Mute #vapi:https://lists.fd.io/g/vpp-dev/mutehashtag/vapi Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [vpp-dev] acl ipv6 rule creation with VAPI. #acl #ipv6 #vapi
Sorry for spamming, After going over the acl_plugin code I understood that the prefix length must match the address othewise the acl_plugin doesn't accept the rules :-( Error line ==> ret=inet_pton(AF_INET6,"fd01:: 1",&(acl->payload.r[0].dst_ prefix.address.un.ip6)); after changing the line to ==> rett=inet_pton(AF_INET6," *fd01: :",* &(acl->payload.r[0].dst_ prefix.address.un.ip6)); its started working.. I struggled some time finding out actual error. Its fine now. //Ravi -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#20061): https://lists.fd.io/g/vpp-dev/message/20061 Mute This Topic: https://lists.fd.io/mt/85340656/21656 Mute #vapi:https://lists.fd.io/g/vpp-dev/mutehashtag/vapi Mute #ipv6:https://lists.fd.io/g/vpp-dev/mutehashtag/ipv6 Mute #acl:https://lists.fd.io/g/vpp-dev/mutehashtag/acl Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[vpp-dev] VPP hangs after few hours of continuous VAPI Send/Recv #acl #abf #vapi
Hi Experts, I am running several applications and calling some ACL/ABF API to add and delete rules in VPP, these rules are added/deleted from all the applications continuously. After 5 to 6 hours I see the VPP ACL/ABF API will return VAPI_OK but payload.retval is NONZero number, If we keep on add/delete after this error, the VPP crashes. If we just want to read version using VAPI it will give empty values and if we want to do "cli" using vppctl, the vppctl also hangs. only way to recover the VPP is "kill -9". Is anyone have any clue? if the VPP/VAPI gets hanged how can we make the VPP to normal state without "kill -9 " Any suggestion would be great help. -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#20114): https://lists.fd.io/g/vpp-dev/message/20114 Mute This Topic: https://lists.fd.io/mt/85566777/21656 Mute #acl:https://lists.fd.io/g/vpp-dev/mutehashtag/acl Mute #abf:https://lists.fd.io/g/vpp-dev/mutehashtag/abf Mute #vapi:https://lists.fd.io/g/vpp-dev/mutehashtag/vapi Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [vpp-dev] VPP hangs after few hours of continuous VAPI Send/Recv #acl #abf #vapi
This definition is way too vague to tell anything. Hi Andrew, Please find my answers below What is the setup ? (Cores and their config) Its 1U server, with 72cores available and 5cores for VPP. With 100G NIC. VAPI with 512 request and response size. What are the exact rules being pushed ? >>> ACL Permit rules pushed using VPP API. set acl-plugin acl permit dst 172.172.0.0/24 abf policy add id 0 acl 0 via 192.168.1.5 memif1/0 abf attach ip4 policy 0 BondedEthernet0.1100 Same kind of rules for 100s of subnets Every few minutes, the rules will be added and deleted. What are the type of traffic that is passing ? >> No much traffic passing. I am testing only VAPI for ACL rules. If you see the VPP stuck - what does looking at it with GDB tell about the state of it ? >> I missed this point... I can provide next time when it hangs. Is this reliably reproducible in the lab ? >> Yes, after every several hours of addition and deletion its reproducible. Please let me know if you need anything more. //Ravi -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#20116): https://lists.fd.io/g/vpp-dev/message/20116 Mute This Topic: https://lists.fd.io/mt/85566777/21656 Mute #vapi:https://lists.fd.io/g/vpp-dev/mutehashtag/vapi Mute #acl:https://lists.fd.io/g/vpp-dev/mutehashtag/acl Mute #abf:https://lists.fd.io/g/vpp-dev/mutehashtag/abf Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [vpp-dev] VPP hangs after few hours of continuous VAPI Send/Recv #acl #abf #vapi
Hi Andrew, >>>What is sitting on the other end of the memif interfaces? Are those >>>applications experiencing any changes / restarts throughout, or are they >>>permanently run so no transient events in memif ? There is no transition on memif interfaces, and I am not running any traffic so no events on memif. Could you see if it is still reproducible if you disconnect the other components altogether ? (I am trying to see how reproducible it is in an isolated case, and if it is then hopefully it is something that could be made into a standalone harness that you might be able to share so i could try reproducing it locally. Yes, Its reproducible with standalone and I am using "vapi_connect" and "vapi_send"/"recv" calls for ACL creation and deletion.(I believe its SHM based) I will reproduce and provide gdb context. //Ravi. -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#20118): https://lists.fd.io/g/vpp-dev/message/20118 Mute This Topic: https://lists.fd.io/mt/85566777/21656 Mute #vapi:https://lists.fd.io/g/vpp-dev/mutehashtag/vapi Mute #acl:https://lists.fd.io/g/vpp-dev/mutehashtag/acl Mute #abf:https://lists.fd.io/g/vpp-dev/mutehashtag/abf Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [vpp-dev] VPP hangs after few hours of continuous VAPI Send/Recv #acl #abf #vapi
Please find GDB context: Its waiting on some ptherad_condition_wait --> not a timed wait. gdb /usr/bin/vpp 0x7f023297848c in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0 Missing separate debuginfos, use: yum debuginfo-install glibc-2.28-101.el8.x86_64 libuuid-2.32.1-22.el8.x86_64 mbedtls-2.16.9-1.el8.x86_64 numactl-libs-2.0.12-9.el8.x86_64 openssl-libs-1.1.1c-15.el8.x86_64 sssd-client-2.2.3-20.el8.x86_64 zlib-1.2.11-13.el8.x86_64 (gdb) bt *#0 0x7f023297848c in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0* #1 0x7f0232da1016 in svm_queue_wait_inline (q=0x1301c6c80) at /usr/src/debug/vpp-21.06.0-2~g99c146915_dirty.x86_64/src/svm/queue.c:157 #2 svm_queue_add (q=0x1301c6c80, elem=elem@entry=0x7f01e1d01dc8 "X\241\005\060\001", nowait=nowait@entry=0) at /usr/src/debug/vpp-21.06.0-2~g99c146915_dirty.x86_64/src/svm/queue.c:284 #3 0x7f02346b17d7 in vl_msg_api_send_shmem (q=, elem=elem@entry=0x7f01e1d01dc8 "X\241\005\060\001") at /usr/src/debug/vpp-21.06.0-2~g99c146915_dirty.x86_64/src/vlibmemory/memory_shared.c:790 #4 0x7f01f1bab6d1 in vl_api_send_msg (elem=, rp=0x1301c6b90) at /usr/src/debug/vpp-21.06.0-2~g99c146915_dirty.x86_64/src/vlibmemory/api.h:43 #5 vl_api_abf_itf_attach_add_del_t_handler (mp=0x1300f51b8) at /usr/src/debug/vpp-21.06.0-2~g99c146915_dirty.x86_64/src/plugins/abf/abf_api.c:121 #6 0x7f02346ca7fb in vl_msg_api_handler_with_vm_node (am=am@entry=0x7f02348d8f40 , vlib_rp=vlib_rp@entry=0x130023000, the_msg=, vm=vm@entry=0x7f01f1db5680, node=node@entry=0x7f01f3088e80, is_private=is_private@entry=0 '\000') at /usr/src/debug/vpp-21.06.0-2~g99c146915_dirty.x86_64/src/vlibapi/api_shared.c:635 #7 0x7f02346af2a6 in void_mem_api_handle_msg_i (is_private=0 '\000', node=0x7f01f3088e80, vm=0x7f01f1db5680, vlib_rp=0x130023000, am=0x7f02348d8f40 ) at /usr/src/debug/vpp-21.06.0-2~g99c146915_dirty.x86_64/src/vlibmemory/memory_api.c:696 #8 vl_mem_api_handle_msg_main (vm=vm@entry=0x7f01f1db5680, node=node@entry=0x7f01f3088e80) at /usr/src/debug/vpp-21.06.0-2~g99c146915_dirty.x86_64/src/vlibmemory/memory_api.c:707 #9 0x7f02346c1636 in vl_api_clnt_process (vm=, node=0x7f01f3088e80, f=) at /usr/src/debug/vpp-21.06.0-2~g99c146915_dirty.x86_64/src/vlibmemory/vlib_api.c:338 #10 0x7f0232fedb16 in vlib_process_bootstrap (_a=) at /usr/src/debug/vpp-21.06.0-2~g99c146915_dirty.x86_64/src/vlib/main.c:1284 #11 0x7f0232550ee8 in clib_calljmp () at /usr/src/debug/vpp-21.06.0-2~g99c146915_dirty.x86_64/src/vppinfra/longjmp.S:123 #12 0x7f01e3f65dc0 in ?? () #13 0x7f0232ff0ec4 in vlib_process_startup (f=0x0, p=0x7f01f3088e80, vm=0x7f01f1db5680) at /usr/src/debug/vpp-21.06.0-2~g99c146915_dirty.x86_64/src/vppinfra/types.h:133 #14 dispatch_process (vm=, p=0x7f01f3088e80, last_time_stamp=, f=0x0) at /usr/src/debug/vpp-21.06.0-2~g99c146915_dirty.x86_64/src/vlib/main.c:1365 #15 0x in ?? () (gdb) quit -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#20119): https://lists.fd.io/g/vpp-dev/message/20119 Mute This Topic: https://lists.fd.io/mt/85566777/21656 Mute #vapi:https://lists.fd.io/g/vpp-dev/mutehashtag/vapi Mute #acl:https://lists.fd.io/g/vpp-dev/mutehashtag/acl Mute #abf:https://lists.fd.io/g/vpp-dev/mutehashtag/abf Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [vpp-dev] VPP hangs after few hours of continuous VAPI Send/Recv #acl #abf #vapi
[Edited Message Follows] This is reproduced with stand alone app, which just creates and deletes the ACL,ABF policies. No traffic, No memif. Please find GDB context: Its waiting on some ptherad_condition_wait --> not a timed wait. gdb /usr/bin/vpp 0x7f023297848c in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0 Missing separate debuginfos, use: yum debuginfo-install glibc-2.28-101.el8.x86_64 libuuid-2.32.1-22.el8.x86_64 mbedtls-2.16.9-1.el8.x86_64 numactl-libs-2.0.12-9.el8.x86_64 openssl-libs-1.1.1c-15.el8.x86_64 sssd-client-2.2.3-20.el8.x86_64 zlib-1.2.11-13.el8.x86_64 (gdb) bt *#0 0x7f023297848c in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0* #1 0x7f0232da1016 in svm_queue_wait_inline (q=0x1301c6c80) at /usr/src/debug/vpp-21.06.0-2~g99c146915_dirty.x86_64/src/svm/queue.c:157 #2 svm_queue_add (q=0x1301c6c80, elem=elem@entry=0x7f01e1d01dc8 "X\241\005\060\001", nowait=nowait@entry=0) at /usr/src/debug/vpp-21.06.0-2~g99c146915_dirty.x86_64/src/svm/queue.c:284 #3 0x7f02346b17d7 in vl_msg_api_send_shmem (q=, elem=elem@entry=0x7f01e1d01dc8 "X\241\005\060\001") at /usr/src/debug/vpp-21.06.0-2~g99c146915_dirty.x86_64/src/vlibmemory/memory_shared.c:790 #4 0x7f01f1bab6d1 in vl_api_send_msg (elem=, rp=0x1301c6b90) at /usr/src/debug/vpp-21.06.0-2~g99c146915_dirty.x86_64/src/vlibmemory/api.h:43 #5 vl_api_abf_itf_attach_add_del_t_handler (mp=0x1300f51b8) at /usr/src/debug/vpp-21.06.0-2~g99c146915_dirty.x86_64/src/plugins/abf/abf_api.c:121 #6 0x7f02346ca7fb in vl_msg_api_handler_with_vm_node (am=am@entry=0x7f02348d8f40 , vlib_rp=vlib_rp@entry=0x130023000, the_msg=, vm=vm@entry=0x7f01f1db5680, node=node@entry=0x7f01f3088e80, is_private=is_private@entry=0 '\000') at /usr/src/debug/vpp-21.06.0-2~g99c146915_dirty.x86_64/src/vlibapi/api_shared.c:635 #7 0x7f02346af2a6 in void_mem_api_handle_msg_i (is_private=0 '\000', node=0x7f01f3088e80, vm=0x7f01f1db5680, vlib_rp=0x130023000, am=0x7f02348d8f40 ) at /usr/src/debug/vpp-21.06.0-2~g99c146915_dirty.x86_64/src/vlibmemory/memory_api.c:696 #8 vl_mem_api_handle_msg_main (vm=vm@entry=0x7f01f1db5680, node=node@entry=0x7f01f3088e80) at /usr/src/debug/vpp-21.06.0-2~g99c146915_dirty.x86_64/src/vlibmemory/memory_api.c:707 #9 0x7f02346c1636 in vl_api_clnt_process (vm=, node=0x7f01f3088e80, f=) at /usr/src/debug/vpp-21.06.0-2~g99c146915_dirty.x86_64/src/vlibmemory/vlib_api.c:338 #10 0x7f0232fedb16 in vlib_process_bootstrap (_a=) at /usr/src/debug/vpp-21.06.0-2~g99c146915_dirty.x86_64/src/vlib/main.c:1284 #11 0x7f0232550ee8 in clib_calljmp () at /usr/src/debug/vpp-21.06.0-2~g99c146915_dirty.x86_64/src/vppinfra/longjmp.S:123 #12 0x7f01e3f65dc0 in ?? () #13 0x7f0232ff0ec4 in vlib_process_startup (f=0x0, p=0x7f01f3088e80, vm=0x7f01f1db5680) at /usr/src/debug/vpp-21.06.0-2~g99c146915_dirty.x86_64/src/vppinfra/types.h:133 #14 dispatch_process (vm=, p=0x7f01f3088e80, last_time_stamp=, f=0x0) at /usr/src/debug/vpp-21.06.0-2~g99c146915_dirty.x86_64/src/vlib/main.c:1365 #15 0x in ?? () (gdb) quit -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#20119): https://lists.fd.io/g/vpp-dev/message/20119 Mute This Topic: https://lists.fd.io/mt/85566777/21656 Mute #vapi:https://lists.fd.io/g/vpp-dev/mutehashtag/vapi Mute #acl:https://lists.fd.io/g/vpp-dev/mutehashtag/acl Mute #abf:https://lists.fd.io/g/vpp-dev/mutehashtag/abf Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [vpp-dev] VPP hangs after few hours of continuous VAPI Send/Recv #acl #abf #vapi
Hi Andrew, Thanks for prompt reply, Please find details below VAPI Configuration ==> I believe you are talking about this rv = vapi_connect (ctx, "checking", NULL, 512, 512, VAPI_MODE_BLOCKING, true); The VPP_IFADDR.cfg --> is for all interface information. The startup.conf for the VPP startup. I can try with Single worker thread.. but we need minimum 4 worker thread anyway. //Ravi vpp_ifaddr.cfg Description: Binary data startup.conf Description: Binary data -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#20122): https://lists.fd.io/g/vpp-dev/message/20122 Mute This Topic: https://lists.fd.io/mt/85566777/21656 Mute #vapi:https://lists.fd.io/g/vpp-dev/mutehashtag/vapi Mute #acl:https://lists.fd.io/g/vpp-dev/mutehashtag/acl Mute #abf:https://lists.fd.io/g/vpp-dev/mutehashtag/abf Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[vpp-dev] VPP healthy or not, or VAPI connection is healthy or not #vapi #vpp #shm
Hi Experts, We are using several applications to communicate the VPP by using the VAPI. We are using Vapi_connect, Vapi_send, Vapi_recv calls, Sometimes I see one of the application can not able to communicate with VPP and it will give errors. At the same time other applications are running fine with VPP and VPP also running fine. So I have two questions, 1> How to determine the VAPI Connection is stable and its working? to take decision application reconnect/restart. 2> How to determine the VPP is in good state and its working? to take decision of vpp restart. Any pointer will be big help.. //Ravi -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#20129): https://lists.fd.io/g/vpp-dev/message/20129 Mute This Topic: https://lists.fd.io/mt/85602420/21656 Mute #shm:https://lists.fd.io/g/vpp-dev/mutehashtag/shm Mute #vapi:https://lists.fd.io/g/vpp-dev/mutehashtag/vapi Mute #vpp:https://lists.fd.io/g/vpp-dev/mutehashtag/vpp Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[vpp-dev] VPP Socket API how to use from the application #socket-api #vpp #sock-api
Hi Experts, I was trying to find out how to use socket-api instead of "VAPI" based API. Can you please provide how to use socket-api any pointer will be a great help. //Ravi -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#20184): https://lists.fd.io/g/vpp-dev/message/20184 Mute This Topic: https://lists.fd.io/mt/85796959/21656 Mute #socket-api:https://lists.fd.io/g/vpp-dev/mutehashtag/socket-api Mute #vpp:https://lists.fd.io/g/vpp-dev/mutehashtag/vpp Mute #sock-api:https://lists.fd.io/g/vpp-dev/mutehashtag/sock-api Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [vpp-dev] VPP Socket API how to use from the application #socket-api #vpp #sock-api
Hi Ole, Thanks for your response, I have a question on other language, So we don't have any SOCKET API support for C/C++? The socket API support is possible with go/python right? //Ravi -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#20186): https://lists.fd.io/g/vpp-dev/message/20186 Mute This Topic: https://lists.fd.io/mt/85796959/21656 Mute #vpp:https://lists.fd.io/g/vpp-dev/mutehashtag/vpp Mute #socket-api:https://lists.fd.io/g/vpp-dev/mutehashtag/socket-api Mute #sock-api:https://lists.fd.io/g/vpp-dev/mutehashtag/sock-api Group Owner: vpp-dev+ow...@lists.fd.io Unsubscribe: https://lists.fd.io/g/vpp-dev/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-