Re: [vpp-dev] Different available feature paths in VPP

I cannot begin to imagine how you got the unexpected result. I tried with my output from "make build-release" and I obtained your make test results. Burt On Wed, Jun 7, 2017 at 2:42 AM, Ni, Hongjun wrote: > Hey all, > > > > When I start vpp using latest code and enter

Re: [vpp-dev] Need some help on VPP

Thank you.. In VPP, can we limit the packets across interface. If we can limit the packets which all the API's are responsible please mention to me. Thanks and regards, Mahesh Mathad Monday, 05 June 2017, 11:26PM +05:30 from Dave Barach (dbarach) dbar...@cisco.com : >I stand corrected, at

Re: [vpp-dev] [SUSPICIOUS] Is this a valid route?

Hi nagp, That’s the correct way to do it. Does 10.1.1.1 in table 0 have out-labels? It needs then in order to be a resolution target for a labelled recursive. Implicit-null is the expected out-label if 10.1.1.1 is directly attached. Regards, Neale From: on

Re: [vpp-dev] Bind / Unbind of ACL

On Fri, 2017-06-09 at 14:27 +0200, Andrew  Yourtchenko wrote: > Hi Marco, > > On 6/9/17, Marco Varlese wrote: > > > > Hi Andrew, > > > > On Fri, 2017-06-09 at 13:53 +0200, Andrew   Yourtchenko wrote: > > > > > > Hi Marco, > > > > > > Yes, this works as expected,

[vpp-dev] Is this a valid route?

Hi, I am trying to add the following route in VPP, but it is only getting a drop-dpo in "show ip fib": "ip route add table 2 4.4.4.4/32 via 10.1.1.1 next-hop-table 0 out-label 300" I am trying to add 4.4.4.4/32 in table 2 but its nexthop, 10.1.1.1, has to be resolved in table 0 and the packet

Re: [vpp-dev] Bind / Unbind of ACL

Assuming the only change is to effectively have "unbind_acl_from_everywhere; delete_acl" instead of "delete_acl", maybe it would be best to tackle that post-17.07 with a separate API message acl_del_and_unbind or similar ? I feel a beet wary of adding more hidden state (even though the reflected

Re: [vpp-dev] Bind / Unbind of ACL

Would it make sense to have a flag on the interface (or globally), set when applying the ACL, that indicates the desired behavior when the ACL is empty or non-existent? At the moment to me it seems logical that this is the same behavior as when matching falls off the end of the ACL. Chris. >

Re: [vpp-dev] Bind / Unbind of ACL

Hi Andrew, On Fri, 2017-06-09 at 13:53 +0200, Andrew  Yourtchenko wrote: > Hi Marco, > > Yes, this works as expected, assuming after deletion *all* the traffic > is denied, rather than just the SSH traffic. > > If you apply to an interface the ACL# that does not exist, that is the > same as

Re: [vpp-dev] Bind / Unbind of ACL

Hi Marco, Yes, this works as expected, assuming after deletion *all* the traffic is denied, rather than just the SSH traffic. If you apply to an interface the ACL# that does not exist, that is the same as if there was an ACL with just the "deny all" semantics, to avoid the perception that a

[vpp-dev] Bind / Unbind of ACL

Hi, I am trying the ACL functionality and I found a "strange" behaviour. The steps I follow to use an ACL are: * I create an ACL to deny SSH traffic between VMs (via the 'acl_add_replace' function) * Set that ACL to the interfaces involved (via the 'acl_interface_set_acl_list' function) After

Re: [vpp-dev] control_ping messages in acl plugin

Khers, grab the code from https://gerrit.fd.io/r/#/c/6838/, it is already in the master. Klement, at least from the VAT plumbing standpoint there is no way to use the regular control_ping due to the way the .h stuff is done, and SNAT plugin already implements its own ping. Also, Jon Loeliger