Sorry to interject with my questions.
1. Is Linux-cp alternative to tapv2 interfaces?
2. If ping plug-in is disabled, what’s the alternative to test ping?
Thanks and sorry again for abrupt and novice questions.
On Thu, Jun 17, 2021 at 5:59 PM Mike Beattie wrote:
> On Wed, Jun 16, 2021 at 09:14
.spec'
error: parse error in expression: 0%{rhel} < 8
error: ^
error: /root/vpp/build-root/rpmbuild/SPECS/vpp.spec:162: bad %if condition:
0%{rhel} < 8
make[1]: *** [Makefile:57: RPM] Error 1
make[1]: Leaving directory '/root/vpp/extras/rpm'
make:
Hi,
I am receiving the following error when compiling on fedora 32:
compiling using:
make install-dep
make install-ext-deps
make build
make pkg-rpm
/usr/bin/ld:
/root/vpp/build/external/rpm/tmp/dpdk-20.02/x86_64-native-linuxapp-gcc/lib/librte_pmd_aesni_mb.a(rte_aesni_mb_pmd_ops.o):/root/vpp/buil
) sessions: 0
total udp sessions: 32
total icmp sessions: 0
On Tue, Jun 2, 2020 at 8:42 PM carlito nueno via lists.fd.io wrote:
> Hi Klement,
>
> Got it.
>
> Sorry one more question :)
>
> I did another test and I noticed that tcp transitory sessions increase
> rapidly when I
or ED NAT it doesn’t, as ED NAT no longer has any “user” concept. The
> code for different flavours of NAT needs to be split and polished anyway.
> Idea is to have data/code/APIs separate where appropriate.
>
> Thanks,
> Klement
>
> > On 2 Jun 2020, at 20:31, Carlito
cleanups.
> This will then cause the total sessions to remain at around 3000. If you
> stop creating new traffic, all of these eventually time out (without
> spending any CPU on these timeouts). If again after some time you start
> traffic, sessions will be freed and reused as requ
Hi all,
I am using vpp v20.05 and running NAT44 in end-point dependent mode.
To test NAT, I created 50k tcp and udp sessions and ran packets for 5 mins.
Then I stopped the test.
As soon as the test is stopped, tcp established sessions is 0, tcp
transitory sessions increase and all of the tcp ses
Hi all,
Any ideas I can try? I am not familiar with dhcp plugin.
Thanks.
On Mon, Mar 23, 2020 at 12:55 AM Carlito Nueno
wrote:
> Hi all,
>
> I am using vpp v20.01 and govpp - v0.3.1
>
> lease.DomainServer is showing [0 0 0 0], empty Address and the conversion
> to IP
Hi all,
I am using vpp v20.01 and govpp - v0.3.1
lease.DomainServer is showing [0 0 0 0], empty Address and the conversion
to IP address is 0.0.0.0.
So it knows that there is one dns server but the value is all zeros.
while vppctl sh dhcp client shows:
lan1 state DHCP_BOUND installed 1 addr 10.
eagan wrote:
>
> Hi David ,
>
> Is there any fix or work around for this extended stats issue
>
> Thanks
>
> On Thu, Aug 29, 2019 at 6:58 AM Carlito Nueno
> wrote:
>
>> Hi David,
>>
>> I tried "vppctl interface collect detailed-stats enable"
Hi all,
Anyone get this working? When I enable nat44 forwarding, all NAT
translations stop working.
example - 110.21.22.12 is the IP address of my wan0.
I have:
set interface nat44 in loop0 out wan0
Without forwarding:
vpp# sh nat44 sessions
NAT44 sessions:
thread 0 vpp_main: 2240 sess
Hi Filip,
Thank you! I can do some tests if you want.
On Thu, Oct 31, 2019 at 7:14 AM Filip Varga -X (fivarga - PANTHEON TECH SRO
at Cisco) wrote:
> Hi,
>
>
>
> We have registred this issue int NAT plugin and i am already working on
> solving the issue. If you need to post any additional conten
Hi Brayan,
I am having the same issue as well. Unfortunately, I am not familiar with
NAT code, so am not able to fix the issue.
My previous threads:
https://lists.fd.io/g/vpp-dev/message/14353
https://lists.fd.io/g/vpp-dev/message/14055
Hope we can consolidate all those into one thread.
Thanks!
Hi all,
Does anyone have advice regarding this issue?
Thanks!
On Wed, Sep 25, 2019 at 1:46 PM carlito nueno via Lists.Fd.Io wrote:
> Hi all,
>
> I am trouble with endpoint-dependent NAT. I am running out of tcp
> connections. Also, sessions are not deleted after the NAT ti
Hi all,
I am trouble with endpoint-dependent NAT. I am running out of tcp
connections. Also, sessions are not deleted after the NAT timeout period.
Number of sessions remain almost the same every after no usage for a day or
so.
Here are the stats, nat config and timeouts:
https://gist.github.com
>> extended stats .
>>
>> Thanks
>>
>>
>> On Tue, Aug 27, 2019 at 7:12 AM David Cornejo wrote:
>>
>>> did you make sure that you have detailed stats collection enabled for
>>> the interface?
>>>
>>> (see vl_api_collect_d
Hi all,
I am using: vpp v19.08-release built by root on 365637461ad3 at Wed Aug 21
18:20:49 UTC 2019
When I do sh hardware-interfaces or sh hardware-interfaces detail or
verbose, extended stats are not showing.
On 19.08 I only see stats like below:
rss active:none
tx burst funct
Hi all,
I am running VPP as a gateway and am using NAT44.
*vpp.conf*
set int state TenGigabitEthernet8/0/0 up
set int state GigabitEthernet2/0/0 up
set int state GigabitEthernet3/0/0 up
set int ip address TenGigabitEthernet8/0/0 72.77.156.155/29
ip route add 0.0.0.0/0 via 72.77.156.158
loopbac
ged a refactor patch which converts the dns resolver into a
> plugin. Later this afternoon, I’ll do some multi-core testing. It may take
> a bit of work to repro and fix the problem you’ve reported.
>
>
>
> Dave
>
>
>
> *From:* Carlito Nueno
> *Sent:* Thursday, August 2
Thanks Dave! Let me know if you need me do more tests or gather more info.
On Thu, Aug 22, 2019 at 4:48 AM Dave Barach (dbarach)
wrote:
> Ack. The DNS server has had *zero* multi-core testing, aside from what
> you’ve done. I’ll look at it when I can.
>
>
>
> *From:* Carl
Hi Dave,
Sorry about the late reply.
I used below configs to eliminate most of the complexity. I did not see
binary-api being truncated.
Steps:
1. I used basic vpp.conf (see below) without the dns_name_server commands
2. gdb run -c /etc/vpp/startup.conf (see below)
3. sudo vppctl
4. Entered dns_
Hi Dave,
Thanks for the patch. I merged your edits and compiled a debug version
using stable/1908 as base.
Every time a make a ping request from a LAN device, VPP is restarting.
Sometimes vppctl just hangs, but when I do get into vppctl, if I run a
command (ex: sh nat44 address), VPP again restar
it merge master". Test, and then
> "git push origin mybranch".
>
> Make sure to back up the local bare clone / mirror, since that's the single
> source of "mybranch" truth.
>
> If you want to s/local bare mirror/github/ you can do that, but you'l
- I pushed the VPP master and my branch to github.
- On my build server, I cloned my repo `github.com/carnu/vpp.git`
- I checked out `v1.19.08`
I am not well versed with git. Please let me know how I can compile
after adding custom code.
Really appreciate it!
On Thu, Aug 15, 2019 at 5:44 PM car
I am getting the same error with: build-root/vagrant/build.sh
On Thu, Aug 15, 2019 at 5:21 PM carlito nueno via Lists.Fd.Io
wrote:
>
> Hi all,
>
> I am following this guide to build VPP:
> https://wiki.fd.io/view/VPP/Pulling,_Building,_Running,_Hacking_and_Pushing_VPP_Code
>
&g
Hi all,
I am following this guide to build VPP:
https://wiki.fd.io/view/VPP/Pulling,_Building,_Running,_Hacking_and_Pushing_VPP_Code
I added a patch to stable/1908 branch
using ubuntu 18.04LTS
running as ROOT user
I followed these steps:
apt-get update
apt-get install build-essential
make instal
Hi Balaji,
As far as I know, VPP doesn't have link monitoring to switch routes.
But as you said, I added a cron job to check link status and switch
routes on failure.
I added each interface route to a particular FIB table. This way I am
able to use ping 8.8.8.8 source wan0 or wan1.
Is this the co
8
> binary-api dns_enable_disable
>
> Inside network DHCP server needs to set option 6 (DNS name server) to the vpp
> gateway address.
>
> D.
>
> -Original Message-
> From: vpp-dev@lists.fd.io On Behalf Of carlito nueno
> Sent: Wednesday, August 14, 2019 11:46
ion index -1
00:28:13:590294: error-drop
rx:wan0
00:28:13:590294: drop
nat44-out2in: no translation
On Wed, Aug 14, 2019 at 5:26 PM carlito nueno via Lists.Fd.Io
wrote:
>
> VPP is not crashing anymore. I didn't change anything.
>
> VPP is caching DNS queries
>
> [P] DNS qu
ice is not able to resolve any url
LAN device is at 10.155.6.202
dig @10.155.6.1 www.apple.com
; <<>> DiG 9.10.6 <<>> @10.155.6.1 www.apple.com
; (1 server found)
;; global options: +cmd
;; connection timed out; no servers could be reached
On Wed, Aug 14, 2019 at 4:4
Hi all,
I am trying to use DNS server and on "ping google.com" VPP is crashing
Aug 13 21:31:10 test1-vpp vnet[853]: unknown input `add_del 8.8.8.8
Aug 13 21:31:28 test1-vpp vnet[853]: dns cache: add / del / clear required..
Aug 13 21:31:36 test1-vpp vnet[853]:
vl_api_dns_resolve_name_reply_t_hand
Sorry for not being clear.
Each of the interfaces is connected to a different network (ISP). The
scenario is of dual WAN.
One ISP is providing static address and other is providing DHCP.
wan1 is receiving DHCP.
If I ONLY have:
ip route add 0.0.0.0/0 via 172.78.10.158 wan0
then I am able to ping
Hi all,
I am trying to setup two WAN interfaces where each of them can access
to the outside world at the same time.
So far I have:
set int state wan0 up
set int state wan1 up
set int ip address wan0 172.78.10.155/29
set dhcp client intfc wan1 hostname test-wans
ip route add 0.0.0.0/0 via 172.
Hi all,
I am using VPP (19.04.1) as a gateway and I have two WAN connections.
I want to setup failover with the two WAN interfaces.
Example:
1. Connection on WAN-0 is lost (due to ISP being down)
2. WAN-1 becomes the new primary connection and traffic flows via WAN-1
3. WAN-0 is back up
4. WAN-0
fragment id 0xdfad, flags DONT_FRAGMENT
TCP: 26849 -> 5201
seq. 0x34aa7da4 ack 0x4578b6ae
flags 0x10 ACK, tcp header: 20 bytes
window 53248, checksum 0x1018
Cheers
On Thu, Apr 18, 2019 at 9:12 PM carlito nueno via Lists.Fd.Io
wrote:
>
> John,
>
> from your packet
John,
from your packet trace:
00:01:47:426336: ip4-input-no-checksum
TCP: 10.8.200.1 -> 10.8.200.2
tos 0x00, ttl 64, length 52, checksum 0x96b0
fragment id 0x, flags DONT_FRAGMENT
TCP: 80 -> 18995
seq. 0x732f1a24 ack 0x702b5a27
flags 0x12 SYN ACK, tcp header: 32 bytes
; > UDP: 5201 -> 47346
> >length 8200, checksum 0x5570
> > 00:19:41:824584: nat44-in2out
> > NAT44_IN2OUT_FAST_PATH: sw_if_index 19, next index 4, session -1
> > 00:19:41:824585: nat44-in2out-reass
> > NAT44_REASS: sw_if_index 19, next index 1, stat
Drop fragment
Thanks
On Sun, Mar 3, 2019 at 11:35 PM Ole Troan wrote:
>
> Hi Carlito,
>
> Seems like you are sending IP fragments.
> Those need to be (virtually) reassembled before NATted. Reassembly is to a
> large extent an attack vector, and it’s rate limited.
>
> cheer
lways).
>
>
>
> Matus
>
>
>
>
>
> From: vpp-dev@lists.fd.io On Behalf Of carlito nueno
> Sent: Friday, January 18, 2019 7:45 AM
> To: vpp-dev@lists.fd.io
> Subject: [vpp-dev] nat: create NAT session failed
>
>
>
> Hi all,
>
>
>
> When I s
Hi all,
While running more iperf3 udp tests, I noticed vpp status showing this:
My current vpp conf:
https://gist.github.com/ironpillow/4b119b57e21b31a7ff6985bcb20f952b
Setup to reproduce:
1. iperf3 server on 10.155.3.2 (iperf3 -s -B 10.155.3.2)
2. iperf3 client on 10.155.6.2 but with -R flag (i
> That said, you should not get fragmented packets in the 1st place in a
> correctly configured network. Check the MTU of all your interfaces
> (including clients, AP etc.).
>
> Best
> Ben
>
> > -Original Message-
> > From: Carlito Nueno
> >
((10.155.3.21) as server <---> windows (10.155.6.111) as client.
01:17:50:122097: error-drop
nat44-in2out-reass: Maximum reassemblies exceeded
iperf3 udp trace macbook server:
https://gist.github.com/ironpillow/ae93db2224de2730ce0115d8df22c9d1
Thanks.
On Thu, Feb 28, 2019 at 10:22 AM carlit
> truncated. That could be an AP issue or (more probable) a dpdk driver issue.
>
> Best
> Ben
>
> > -Original Message-
> > From: vpp-dev@lists.fd.io On Behalf Of carlito nueno
> > Sent: jeudi 28 février 2019 03:44
> > To: vpp-dev@lists.fd.io
> >
Hi all,
I got a chance to get my hands on an ixia testing box. Unfortunately I
was not able to test because upstream (from ethernet to client) was
not working:
Not working: ixia on ethernet is not receiving packets
client (ixia) --> WiFi AP --> GigabitEthernet4/0/0.3 --> vpp -->
GigabitEthernet5/
Hi all,
When I set nat to endpoint dependent, I am receiving this error message:
Jan 17 19:14:45 test1 vnet[32197]: nat: create NAT session failed
Jan 17 19:14:45 test1 vnet[32197]: nat: max translations per user 10.155.0.2
Here is: sh nat44 sessions
NAT44 sessions:
thread 0 vpp_main: 0
), enable NAT feature “set interface nat44 in
> tap3 out GigabitEthernet4/0/0” and create static mapping “nat44 add static
> mapping tcp local 192.168.1.2 80 external GigabitEthernet4/0/0 80
> out2in-only”.
>
>
>
> Matus
>
>
>
>
>
> From: vpp-dev@lists.fd.io O
ec 28, 2018 at 1:52 PM carlito nueno via Lists.Fd.Io
wrote:
>
> NAT might be the right way to achieve this.
>
> This is the command I used with iptables:
> iptables -t nat -A eth0 -p tcp --dport 80 -j DNAT --to-destination 192.168.1.2
>
> What is a similar command on VPP-NAT when I
I am looking for rate limiting (bandwidth/traffic shaping) as well.
Vakili, Did you figure it out?
Thanks.
On Sat, Sep 8, 2018 at 12:16 AM wrote:
> Simple Rate Limit and QoS
> Hi dears. Three questions please:
> 1: How can I configure an interface to let pass limited rate (Bandwidth
> manageme
NAT might be the right way to achieve this.
This is the command I used with iptables:
iptables -t nat -A eth0 -p tcp --dport 80 -j DNAT --to-destination 192.168.1.2
What is a similar command on VPP-NAT when I am trying to send port 80 traffic
from main interface to tap-device:
main interface: Gi
Sorry I wasn't clear:
VPP is the gateway in my case.
So when a request comes from client to VPP, how can I get redirect that request
(in VPP) to an application on the linux host?
Application is listening on a tap device on port 80.
Thanks
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages s
Hi Yu,
Option 2:
Can you help understand how I can simulate man in the middle. The request from
client to gateway, which is VPP in my case. How can I use VPP to do this?
Thanks.
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#11782): https://lists
Hi all,
After more research, I found that most devices test connectivity by issuing an
HTTP GET request, e.g. to captive.apple.com or
connectivitycheck.gstatic.com/generate_204.
How do I catch this http request and respond with 302 redirect that redirects
user to lan ip address: 192.168.1.2:80/
Hi all,
GigabitEthernet4/0/0 = LAN interface - 192.168.1.1
Tap1 = tap interface - 192.168.1.2
Clients connected to LAN interface - 192.168.1.100 - 200
GigabitEthernet5/0/0 = WAN interface
I want to redirect any traffic (tcp or udp) from clients
(192.168.1.100 - 200) to a server running locally o
Thank you!
On Tue, Oct 30, 2018 at 12:42 PM Damjan Marion wrote:
>
>
>
> > On 30 Oct 2018, at 19:35, Carlito Nueno wrote:
> >
> > Got it.
> > Just to clarify, does tapv2 use vhost-net backend?
>
> yes
>
> > Is is correct/sufficient way to use it?
&
face from linux
> perspective...
>
> —
> Damjan
>
> > On 27 Oct 2018, at 03:48, carlito nueno wrote:
> >
> > Hi all,
> >
> > Is there a performance difference between using tap device vs veth?
> > Use case: running a DNS server on the host.
>
Hi all,
Is there a performance difference between using tap device vs veth?
Use case: running a DNS server on the host.
Thanks
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#11009): https://lists.fd.io/g/vpp-dev/message/11009
Mute This Topic: http
nd it works well in my server.
>
> Thanks,
> Hongjun
>
> -Original Message-----
> From: vpp-dev@lists.fd.io [mailto:vpp-dev@lists.fd.io] On Behalf Of carlito
> nueno
> Sent: Friday, September 28, 2018 9:45 AM
> To: memarnejad...@gmail.com
> Cc: vpp-dev@lists.fd.io
I also tried installing vpp from https://packagecloud.io/fdio/master
(18.10-rc0~521-g09cce66~b5292).
I am encountering same error.
Thanks
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#10699): https://lists.fd.io/g/vpp-dev/message/10699
Mute This
Hi all,
I pulled the latest vpp master (as of September 27 2018) and am using
the vagrant file to build vpp. Afterwards I transferred the .deb
packages out of vagrant box and installed vpp:
sudo dpkg -i *.deb
When I try to run govpp application I am getting this error:
error while loading share
ake it work.
> In my problem I just updated the vppsb's outdated function to the new one and
> it worked.
> As you know, vppsb is a plugin for vpp and it calls vpp's functions, so any
> change in vpp's function affects vppsb e.g. function singnature change
>
>
&g
Hi all,
I am trying to build the router-plugin:
make V=0 PLATFORM=vpp TAG=vpp_debug install-deb netlink-install router-install
I am using the Vagrantfile present in vpp repo and am pulling the
current master (as of September 26 2018). I am also pulling the
current master of vppsb.
But I am getti
ure ikev2
> implementation. While it works for some use cases, i will not be surprised
> that in this case something is missing. I’m afraid you are stuck unless
> somebody volunteers to invest some time into it.
>
> —
> Damjan
>
> > On 18 Sep 2018, at 05:17, carlito nueno wrote:
&g
Hi all,
I am trying to setup vpn on a vpp router. Testing via MacOS, as client.
When a MacOS device connects it should join into a VLAN and receives
an ip address under subnet 10.154.3.0/24.
I am following this:
https://wiki.fd.io/view/VPP/IPSec_and_IKEv2#VPP_configuration_2
vpp.conf
set int st
> -Original Message-----
> From: Carlito Nueno
> Sent: Monday, August 27, 2018 4:09 PM
> To: Dave Barach (dbarach)
> Cc: vpp-dev@lists.fd.io
> Subject: Re: [vpp-dev] received signal SIGSEGV and vpp restarts continuously
>
> Hi Dave,
>
> I recompiled vpp v18.10-r
> D.
>
> -Original Message-
> From: vpp-dev@lists.fd.io On Behalf Of carlito nueno
> Sent: Wednesday, August 22, 2018 4:07 PM
> To: vpp-dev@lists.fd.io
> Subject: [vpp-dev] received signal SIGSEGV and vpp restarts continuously
>
> Hi all,
>
> I am using vpp
Hi all,
I am using vpp 18.10 master branch and have 6 tap devices: lstack[1...6]
startup.conf
unix {
nodaemon
log /var/log/vpp/vpp.log
full-coredump
cli-listen /run/vpp/cli.sock
gid vpp
startup-config /home/testvpp/vpp.conf
}
api-trace {
on
}
api-segment {
gid vpp
}
cpu {
main-core 2
corelist-
Hi,
I am trying to bond two Intel 82599 on Intel Atom C3000. But I am
getting uio_interrupt error and BondEthernet0 is down. Each NIC works
by itself, without bonding.
[ 12.473426] irq 16: nobody cared (try booting with the "irqpoll" option)
[ 12.480149] CPU: 2 PID: 0 Comm: swapper/2 Not tain
forget to mention, upgraded to vpp v18.04-rc2~26-gac2b736~b45
Current setup:
GigabitEthernet0/14/0.1, Idx 9, ip 192.168.0.0/24, vlan 1
GigabitEthernet0/14/0.2, Idx 12, ip 192.168.2.0/24, vlan 2
I don't want devices on vlan1 and vlan2 to communicate with each other.
I tried to use macip via VAT
v
First Question:
Tried to do “make test TEST=acl_plugin_macip”, but I got this error:
Using /vpp/build-root/python/virtualenv/lib/python2.7/site-packages
Finished processing dependencies for vpp-papi==1.4
make -C ext
make[1]: Entering directory '/vpp/test/ext'
make[1]: *** No rule to make target '/
any suggestions?
Thanks
2018 at 11:47 PM, Andrew Yourtchenko wrote:
> Hi Carlito,
>
> What does the packet trace (as per
> https://wiki.fd.io/view/VPP/How_To_Use_The_Packet_Generator_and_Packet_Tracer)
> look like and which version of VPP are you running ?
>
> --a
>
> On 20 Apr 2018, at 05:00, Carl
lf Of John Lo (loj)
> Sent: Thursday, April 19, 2018 4:48 PM
> To: carlito nueno ; Andrew Yourtchenko
>
> Cc: vpp-dev@lists.fd.io
> Subject: Re: [vpp-dev] VLAN to VLAN
>
> The config looks correct and should work, assuming the following:
> 1. The devices connected t
r acl plugin to restrict the
> traffic.
>
> —a
>
> On 19 Apr 2018, at 21:07, Dave Barach wrote:
>
> Begin forwarded message:
>
> From: Carlito Nueno
> Date: April 19, 2018 at 9:03:51 AM HST
> To: dbar...@cisco.com
> Subject: VLAN to VLAN
>
> Hi Dave,
>
&
Hi,
- How can I enable communication between VLANs?
- If I can, is there a way I can white list devices based on MAC or IP
addresses, so that only certain devices can communicate with other
VLAN?
Thanks
-=-=-=-=-=-=-=-=-=-=-=-
Links:
You receive all messages sent to this group.
View/Reply Onl
Hi,
I have 4 VLANs each with loopback interface and a tap interface. I
want each of the tap interfaces to have access to the WAN (internet)
via BondEthernet0 interface. I am using ubuntu.
snat config:
nat44 add interface address BondEthernet0
set interface nat44 in loop0 out BondEthernet0 // g
Sorry, here is the updated gist link:
https://gist.github.com/ironpillow/a57cf283ce30ac344ef39e5425a81260
On Mon, Jan 8, 2018 at 3:02 PM, Carlito Nueno wrote:
> Hi all,
>
> I followed the home gateway tutorial [1] to setup a router on ubuntu box.
>
> I have a switch with two VL
Hi all,
I followed the home gateway tutorial [1] to setup a router on ubuntu box.
I have a switch with two VLANs, vlan20 and vlan30, on port 1 connected
to VPP router box on port 1. So, its only one physical cable.
My current setup diagram and vpp config files:
https://gist.github.com/anonymous/
77 matches
Mail list logo
