fd.io vpp bootsrap - Meetupfiles.meetup.com/19623913/Day2DevLab_VPP_Bootstrap.pdf · • cone: •...

fd.iovpp_bootsrap

RayKinsella

fd.ioFoundation 1

KeithBurns

Devenvironment(1)• TwoLinuxContainers• cone:NetworkTestTools(Scapy)• ctwo:VPPLite

• TwoBridges• lxcbr0:LinuxBridgetoaccesscontainersviaSSH/SCPetc.• VPPbridge:Sandboxnetworktraffic;i.e.scapy tovpp_lite.

• Authentication• Keysareautomaticallyprovisionedforpasswordlessaccess.

fd.ioFoundation 2

Virtual Appliance (Ubuntu 14.04)

lxc: cone (, 14.04) lxc:ctwo, 14.04

eth0 veth_link1 eth0 veth_link1

lxcbr0 (Linux Bridge)Bridge 1 (vpp)

Linux Kernel

ssh, ip tools, etc

Linux Kernelscapy, etcVPPssh, ip tools, etc

• cone:• Scapy

• Softwarepacketgenerator,basedonPythonandLibpcap.

• LinuxIPTools• ip,pingetc.

• ctwo:vpp-lite• gitcloneofVPP16.09.• vpp-lite isprebuiltwithplugins.• vpp-lite isabuildprofilefortheVPPcodebase.• af_packet isusedforpacketrx/tx.

fd.ioFoundation 3

Devenvironment(2)

Kernel

Cont

aine

rs

VPP Bridge 1

TXRX TXRX

TXRX

TXRXlibpcappython

scapy

icmp_inputVPP

af_packet_input

ethernet_input

ip4_input

vethXXXX vethXXXX

veth_link1

veth_link1

lxc:cone lxc:ctwo

Hos

t

Devenvironment(3)• Host

• VPP16.09binariesinstalled.• VPPrunningasaservice.• VPPCLIaccessedoversocketwithvppctl.

• Exercise1 configuresBridgeonthehost(re-usedinExercise2and3).

• ctwo• VPP16.09sourcecodebuilt.• RunVPPininteractivemode.• Exercise2and3configuresVPPininteractivemode.

fd.ioFoundation 4

Virtual Appliance (Ubuntu 14.04)

lxc: cone (, 14.04) lxc:ctwo, 14.04

veth_link1 veth_link1

VPPssh, ip tools, etc

Bridge 1 (vpp)

Setup

fd.ioFoundation 5

VirtualAppliance

• Builtfromvpp-bootstrapsandboxproject.• OntheUSBStickyouwillfind…

• vpp-bootstrap.ova– VirtualAppliance(OVAFormat).• vagrant.ppk – PrivateKeytoaccesstheVirtualAppliance.

• Pleaseinstalllocally …• VirtualBox• Putty

fd.ioFoundation 6

ImporttheVirtualAppliance

• VirtualBox →File→ ImportAppliance• Selectvpp-bootstrap.ova• Clicknext

fd.ioFoundation 7

Tweaktheappliancesettings

Ifrequired…• CPU– adjustnumberofcores.2Coresminimum.• RAM– adjustamountofRAM.2048megsminimum.

Thenclickimportandwait…

fd.ioFoundation 8

BoottheVirtualAppliance

• Logonwithcredentials• Username:vagrant• Password:vagrant

• GettheVirtualAppliance’sIPaddress

ip addr showdeveth1

• MinimizetheVirtualMachine

fd.ioFoundation 9

fd.ioFoundation 10

1)

2)

3)

1)SessionTabAdd IPaddressofVirtualAppliance

SetupPutty

2)Connection→DataAddusername`vagrant`

3)Connection→SSH→AuthAddvagrantprivatekey.

4)Hitopen….

4)

LogontotheVirtualAppliance

• Confirmisworkingasexpected.• ssh cone• ssh ctwo• sudo vppctl help

fd.ioFoundation 11

Exercise

fd.ioFoundation 12

Exercise1

• Estimatedtimerequired:20Minutes• Objective:FamiliarizationwiththeVPPCLI• Steps:• Playingwithvppctl andtheVPPCLI;`help`and`?`.• Addingthecontainerback-endstoaL2bridgeonthehost.

• Createhostinterfacesforthecontainerback-endsinVPP.• AssignthehostinterfacestoanL2Bridge.

• PingingbetweencontainersovertheL2bridge.• AssignIPstoveth_link1inContainer’sOneandTwo(coneandctwo).• SetinterfacestatestoupinContainer’sOneandTwo(coneandctwo).

fd.ioFoundation 13

TheVPPCLI:vppctlroot@xxxx:~/vppsb/vpp-bootstrap# ssh vagrant@<whatever>Welcome to Ubuntu 14.04.2 LTS (GNU/Linux 3.16.0-30-generic x86_64)* Documentation: https://help.ubuntu.com/cone: This container is used for vpp testing with scapy.ctwo: This is the vpp build/test container.Last login: Tue Nov 29 07:01:35 2016 from 10.0.2.2

vagrant@host:~$ sudo vppctl help | head -n 10api api commandscj cj <enable | disable | dump>classify classify commandsclear Clear commandsconfigure configure commandscop cop commandscreate create commandsdelete delete commandsdisable disable commandsenable enable commands

vagrant@host:~$ sudo vppctl_______ _ _ _____ ___

__/ __/ _ \ (_)__ | | / / _ \/ _ \_/ _// // / / / _ \ | |/ / ___/ ___//_/ /____(_)_/\___/ |___/_/ /_/

vpp# set interface ip address ?set interface ip address set interface ip address <interface> [<ip-addr>/<mask> [del]] | [del all]

fd.ioFoundation 14

ssh tothevm

- runvppctl innon-interactivemode- accessonlinehelp

- runvppctl ininteractivemode- accesscommandspecifichelp

Exercise1

CreateL2Bridgeforcontainersvagrant@host:~$ ip link | grep -A 1 -e 'veth-.*:'8: veth-cone: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT group default qlen 1000

link/ether fe:17:74:98:8a:b9 brd ff:ff:ff:ff:ff:ff--12: veth-ctwo: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT group default qlen 1000

link/ether fe:05:4e:01:1b:18 brd ff:ff:ff:ff:ff:ff


__/ __/ _ \ (_)__ | | / / _ \/ _ \_/ _// // / / / _ \ | |/ / ___/ ___//_/ /____(_)_/\___/ |___/_/ /_/

vpp# create host-interface name veth-conehost-veth-conevpp# create host-interface name veth-ctwohost-veth-ctwovpp# set interface state host-veth-cone up vpp# set interface state host-veth-ctwo up

vpp# set interface l2 bridge host-veth-cone 1vpp# set interface l2 bridge host-veth-ctwo 1

vpp# show bridge-domain 1 detailID Index Learning U-Forwrd UU-Flood Flooding ARP-Term BVI-Intf1 1 on on on on off N/A

Interface Index SHG BVI VLAN-Tag-Rewrite host-veth-cone 1 0 - none host-veth-ctwo 2 0 - none

fd.ioFoundation 15

listthecontainerveth backends

createthevpp host-interfacesfortheveth(s)

setthehostinterfacesstateup

addthehostinterfacestobridge1

showtheinterfacesonbridge1

Exercise1

Setupcontainers;coneandctwo

fd.ioFoundation 16

vagrant@host:~$ ssh ctwoThe authenticity of host 'ctwo (10.0.3.112)' can't be established.ECDSA key fingerprint is 14:71:50:b9:ca:24:89:9c:b9:e5:6a:ad:9a:6e:9a:f5.Are you sure you want to continue connecting (yes/no)? yesWarning: Permanently added 'ctwo,10.0.3.112' (ECDSA) to the list of known hosts.Welcome to Ubuntu 14.04.5 LTS (GNU/Linux 3.16.0-30-generic x86_64)

* Documentation: https://help.ubuntu.com/vagrant@ctwo:~$ sudo ip addr add 172.16.1.3/24 dev veth_link1vagrant@ctwo:~$ sudo ip link set dev veth_link1 up

vagrant@ctwo:~$ ping –c 2 172.16.1.2PING 172.16.1.2 (172.16.1.2) 56(84) bytes of data.64 bytes from 172.16.1.2: icmp_seq=1 ttl=64 time=0.559 ms64 bytes from 172.16.1.2: icmp_seq=2 ttl=64 time=0.301 ms

vagrant@host:~$ ssh coneThe authenticity of host 'cone (10.0.3.139)' can't be established.ECDSA key fingerprint is 94:a2:01:d6:51:4f:15:42:5e:26:09:69:5b:02:f7:9b.Are you sure you want to continue connecting (yes/no)? yesWarning: Permanently added 'cone,10.0.3.139' (ECDSA) to the list of known hosts.Welcome to Ubuntu 14.04.5 LTS (GNU/Linux 3.16.0-30-generic x86_64)

* Documentation: https://help.ubuntu.com/vagrant@cone:~$ sudo ip addr add 172.16.1.2/24 dev veth_link1vagrant@cone:~$ sudo ip link set dev veth_link1 up

vagrant@cone:~$ ping –c 2 172.16.1.3PING 172.16.1.3 (172.16.1.3) 56(84) bytes of data.64 bytes from 172.16.1.3: icmp_seq=1 ttl=64 time=0.306 ms64 bytes from 172.16.1.3: icmp_seq=2 ttl=64 time=0.460 ms

- setip addressesoninterfaces- setinterfacestateup

pingacrossthebridge

Exercise1

Pingvpp inctwo (1)

fd.ioFoundation 17

vagrant@host:~$ ssh ctwoWelcome to Ubuntu 14.04.5 LTS (GNU/Linux 3.16.0-30-generic x86_64)

* Documentation: https://help.ubuntu.com/Last login: Tue Nov 29 15:52:20 2016 from 10.0.3.1vagrant@ctwo:~$ sudo ip addr del 172.16.1.3/24 dev veth_link1vagrant@ctwo:~$ cd vppvagrant@ctwo:~/vpp$ make PLATFORM=vpp_lite runWARNING: STARTUP_CONF not defined or file doesn't exist.

Running with minimal startup config: unix { interactive }\nunix_physmem_init: use huge pagesvlib_plugin_early_init:213: plugin path /home/vagrant/vpp/build-root/install-vpp_lite_debug-native/plugins/lib64/vpp_pluginsload_one_plugin:92: Loaded plugin: /home/vagrant/vpp/build-root/install-vpp_lite_debug-native/plugins/lib64/vpp_plugins/libsixrd_plugin.so…load_one_plugin:92: Loaded plugin: /home/vagrant/vpp/build-root/install-vpp_lite_debug-native/plugins/lib64/vpp_plugins/lb_plugin.soload_one_plugin:92: Loaded plugin: /home/vagrant/vpp/build-root/install-vpp_lite_debug-native/plugins/lib64/vpp_plugins/ioam_e2e_plugin.so

_______ _ _ _____ ___ __/ __/ _ \ (_)__ | | / / _ \/ _ \_/ _// // / / / _ \ | |/ / ___/ ___//_/ /____(_)_/\___/ |___/_/ /_/

DBGvpp#DBGvpp# create host-interface name veth_link1host-veth_link1DBGvpp# set interface state host-veth_link1 upDBGvpp# set interface ip address host-veth_link1 172.16.1.3/24

removetheip fromLinuxinctwo

- changedirectory tovpp- runVPPininteractivemode

- createthevpp host-interfaces- settheinterfacestateup- addaddresstotheinterface

Exercise1

Pingvpp inctwo (2)

fd.ioFoundation 18

vagrant@host:~$ ssh coneThe authenticity of host 'cone (10.0.3.139)' can't be established.ECDSA key fingerprint is 94:a2:01:d6:51:4f:15:42:5e:26:09:69:5b:02:f7:9b.Are you sure you want to continue connecting (yes/no)? yesWarning: Permanently added 'cone,10.0.3.139' (ECDSA) to the list of known hosts.Welcome to Ubuntu 14.04.5 LTS (GNU/Linux 3.16.0-30-generic x86_64)

* Documentation: https://help.ubuntu.com/vagrant@cone:~$ ping –c 2 172.16.1.3PING 172.16.1.3 (172.16.1.3) 56(84) bytes of data.64 bytes from 172.16.1.3: icmp_seq=1 ttl=64 time=0.306 ms64 bytes from 172.16.1.3: icmp_seq=2 ttl=64 time=0.460 ms


__/ __/ _ \ (_)__ | | / / _ \/ _ \_/ _// // / / / _ \ | |/ / ___/ ___//_/ /____(_)_/\___/ |___/_/ /_/

vpp# trace add af-packet-input 50

vpp# show trace------------------- Start of thread 0 vpp_main -------------------Packet 1

02:33:35:000544: af-packet-inputaf_packet: hw_if_index 1 next-index 3

tpacket2_hdr:status 0x20000001 len 98 snaplen 98 mac 66 net 80sec 0x583daa0f nsec 0x7d9ea22 vlan 0

02:33:35:000606: ethernet-inputIP4: 00:17:3e:9e:7a:3b -> 02:fe:81:16:8f:6a

02:33:35:000629: l2-inputl2-input: sw_if_index 1 dst 02:fe:81:16:8f:6a src 00:17:3e:9e:7a:3b

02:33:35:000650: l2-learnl2-learn: sw_if_index 1 dst 02:fe:81:16:8f:6a src 00:17:3e:9e:7a:3b bd_index 1

02:33:35:000671: l2-fwdl2-fwd: sw_if_index 1 dst 02:fe:81:16:8f:6a src 00:17:3e:9e:7a:3b bd_index 1

02:33:35:000677: l2-outputl2-output: sw_if_index 2 dst 02:fe:81:16:8f:6a src 00:17:3e:9e:7a:3b

02:33:35:000683: host-veth-ctwo-outputhost-veth-ctwoIP4: 00:17:3e:9e:7a:3b -> 02:fe:81:16:8f:6aICMP: 172.16.1.2 -> 172.16.1.3

tos 0x00, ttl 64, length 84, checksum 0x884ffragment id 0x5834, flags DONT_FRAGMENT

ICMP echo_request checksum 0x7d03

pingvpp inctwo fromcone captureatraceofthepingonhost

viewechorequestandechoresponsetracethrough vpp graphnodes

Exercise1

Exercise2

• Estimatedtimerequired:30Minutes• Objective:BuildandtesttheMACSWAPPlugin• Steps:• Familiarizationwiththebuildsystem;sourcetree,build-data,build-rootetc.• EnabletheMACSWAPplugin,dist-cleanandrebuild.• Runvpp_lite intheContainerTwooveraf_packet.

• CreatehostinterfaceinContainerTwofor veth_link1`• Setinterface host-veth_link1`stateup.• Enablemacswap on`host-veth_link1`

• Testingthemacswap pluginwithScapy.• SendapacketfromContainerOnetoContainerTwowithScapy.• Traceresultingmacswap onthehost.

fd.ioFoundation 19

VPPsourcelayout

fd.ioFoundation 20

Exercise2

Directoryname Descriptionbuild-data Buildmetadata – package andplatformspecific build settings. e.g. vpp_lite,x86,cavium etc.

build-root

Buildoutputdirectory• build-vpp_lite_debug-native - buildartifacts forvpp_lite,builtwithsymbols.• install-vpp_lite_debug-native – fakeroot forvpp_lite installation,builtwithsymbols.• deb– debian packages• rpm– rpmpackages• vagrant– bootstrapadevelopment environment

plugins

VPPbundledpluginsdirectory- ila-plugin: IdentifierLocatorAddressing(ILA)- flowperpkt-plugin: Per-packetIPFIXrecordgenerationplugin- lb-plugin:MagLev-likeLoadBalancer,similartoGoogle's MaglevLoadBalancer- snat-plugin: Simpleip4NATplugin- sample-plugin:Sample macswap plugin

vnet

VPPnetworkingsource- device: af-packet, dpdk pmd,ssvm- l2:ethernet,mpls,lldp,ppp,l2tp,mcast- l3+: ip[4,6],ipsec, icmp,udp- overlays:vxlan,gre

vpp VPPapplicationsourcevlib VPPapplicationlibrarysource;vlib-api VPPAPIlibrarysourcevpp-api VPPapplicationAPIsourcevppapigen VPPAPIgeneratorsourcevppinfra VPPcorelibrarysource

VPPbuildsystem

fd.ioFoundation 21

Exercise2

MakeTargets Descriptionbootstrap preparetreeforbuild, setuppathsandcompilersetcinstall-dep installsoftwaredependencies, automaticallyapt-getbuilddependencies, usedbyvagrantprovisioning scripts.wipe,wipe-release wipeallproducts ofdebug/release buildbuild, build-release build debug/release binariesplugins, plugins-release build debug/release pluginbinariesrebuild, rebuild-release wipeandbuild debug/release binariesrun,run-release rundebug/release binaryininteractivemodedebug rundebugbinarywithdebugger(gdb)test,test-debug build andrunfunctional testsbuild-vpp-api build vpp-apipkg-deb, pkg-rpm build packages, build debian andrpmpackagingforVPP,canbedpkg’ed orrpm’ed afterward.ctags,gtags,cscope (re)generatectags/gtags/cscope databasesdoxygen (re)generatedocumentationMakeVariables DescriptionV 1or0,toswitch onverbose buildsPLATFORM Platform specific build, e.g.vpp_lite

don’t forgetPLATFORM=vpp_lite inthisexercise

Buildthesampleplugininctwo

fd.ioFoundation 22


* Documentation: https://help.ubuntu.com/Last login: Tue Nov 29 15:55:07 2016 from 10.0.3.1vagrant@ctwo:~$ cd vppvagrant@ctwo:~/vpp$ (cd build-root; make distclean; rm .bootstrap.ok)rm -rf /home/vagrant/vpp/build-root/build-*/rm -rf /home/vagrant/vpp/build-root/build-tool-*…rm -f /home/vagrant/vpp/build-root/deb/debian/changelogvagrant@ctwo:~/vpp$ sed -i "s/PLUGIN_DISABLED[(]sample[)]/PLUGIN_ENABLED$sample$/" plugins/configure.ac…vagrant@ctwo:~/vpp$ make PLATFORM=vpp_lite bootstrap…vagrant@ctwo:~/vpp$ make PLATFORM=vpp_lite build..vagrant@ctwo:~/vpp$ make PLATFORM=vpp_lite build-vpp-api..vagrant@ctwo:~/vpp$ make PLATFORM=vpp_lite plugins

vagrant@ctwo:~/vpp$ make PLATFORM=vpp_lite runWARNING: STARTUP_CONF not defined or file doesn't exist.

Running with minimal startup config: unix { interactive }\nhtlb_init:128: shmget: Cannot allocate memory (errno 12)unix_physmem_init: use fake dma pagesload_one_plugin:92: Loaded plugin: /home/vagrant/vpp/build-root/install-vpp_lite_debug-native/plugins/lib64/vpp_plugins/libsixrd_plugin.so..load_one_plugin:92: Loaded plugin: /home/vagrant/vpp/build-root/install-vpp_lite_debug-native/plugins/lib64/vpp_plugins/sample_plugin.so..load_one_plugin:92: Loaded plugin: /home/vagrant/vpp/build-root/install-vpp_lite_debug-native/plugins/lib64/vpp_plugins/ioam_e2e_plugin.so_______ _ _ _____ _____/ __/ _ \ (_)__ | | / / _ \/ _ \_/ _// // / / / _ \ | |/ / ___/ ___//_/ /____(_)_/\___/ |___/_/ /_/

DBGvpp#;

Exercise2

dist-cleanthepreviousbuild

- enabletheplugin- build thefollowing targets

- bootstrap- build- build-vpp-api- plugins

runvpp andensure theplugin isloaded.

Enablemacswap onctwo

fd.ioFoundation 23


* Documentation: https://help.ubuntu.com/Last login: Tue Nov 29 15:55:07 2016 from 10.0.3.1vagrant@ctwo:~$ cd vppvagrant@ctwo:~/vpp$ ip link show dev veth_link111: veth_link1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000

link/ether 00:17:3e:93:76:36 brd ff:ff:ff:ff:ff:ffvagrant@ctwo:~/vpp$ make PLATFORM=vpp_lite runWARNING: STARTUP_CONF not defined or file doesn't exist.

Running with minimal startup config: unix { interactive }\nunix_physmem_init: use huge pagesvlib_plugin_early_init:213: plugin path /home/vagrant/vpp/build-root/install-vpp_lite_debug-native/plugins/lib64/vpp_pluginsload_one_plugin:92: Loaded plugin: /home/vagrant/vpp/build-root/install-vpp_lite_debug-native/plugins/lib64/vpp_plugins/libsixrd_plugin.so…load_one_plugin:92: Loaded plugin: /home/vagrant/vpp/build-root/install-vpp_lite_debug-native/plugins/lib64/vpp_plugins/ioam_e2e_plugin.so

_______ _ _ _____ ___ __/ __/ _ \ (_)__ | | / / _ \/ _ \_/ _// // / / / _ \ | |/ / ___/ ___//_/ /____(_)_/\___/ |___/_/ /_/

DBGvpp# create host-interface name veth_link1host-veth_link1DBGvpp# set interface state host-veth_link1 upDBGvpp# sample ?sample macswap sample macswap <interface-name> [disable]

DBGvpp# sample macswap host-veth_link1

Exercise2

Inctwo getthemacaddressofveth_link1

- createthevpp host-interface- settheinterfacestateup- enablemacswaponveth_link1

Sendpackettoctwo,tracethemacswap.

fd.ioFoundation 24

vagrant@host:~$ ssh conevagrant@cone:~$ sudo scapyINFO: Can't import python gnuplot wrapper . Won't be able to plot.…Welcome to Scapy (2.2.0)>>> x=Ether(dst="00:17:3e:93:76:36")/IP(dst="172.16.1.3/32",proto=255)/Raw("Hello World") >>> ls(x)dst : DestMACField = '00:17:3e:93:76:36' (None)src : SourceMACField = '00:17:3e:9e:7a:3b' (None)type : XShortEnumField = 2048 (0)--version : BitField = 4 (4)ihl : BitField = None (None)tos : XByteField = 0 (0)len : ShortField = None (None)id : ShortField = 1 (1)flags : FlagsField = 0 (0)frag : BitField = 0 (0)ttl : ByteField = 64 (64)proto : ByteEnumField = 255 (0)chksum : XShortField = None (None)src : Emph = '172.16.1.2' (None)dst : Emph = Net('172.16.1.3/32') ('127.0.0.1')options : PacketListField = [] ([])--load : StrField = 'Hello World' ('')Sent 1 packets.>>> sendp(x,iface="veth_link1") .

vagrant@host:~$ sudo vppctlvpp# trace af-packet-input 50------------------- Start of thread 0 vpp_main -------------------No packets in trace buffervpp# show trace------------------- Start of thread 0 vpp_main -------------------Packet 1

04:23:33:529244: af-packet-inputaf_packet: hw_if_index 1 next-index 3tpacket2_hdr:status 0x20000001 len 45 snaplen 45 mac 66 net 80sec 0x583dc3e4 nsec 0x318c8a0d vlan 0

04:23:33:529301: ethernet-inputIP4: 00:17:3e:9e:7a:3b -> 00:17:3e:93:76:36

…

Packet 2

04:23:33:529772: af-packet-inputaf_packet: hw_if_index 2 next-index 3tpacket2_hdr:status 0x20000001 len 45 snaplen 45 mac 66 net 80sec 0x583dc3e4 nsec 0x3195b3d6 vlan 0

04:23:33:529803: ethernet-inputIP4: 00:17:3e:93:76:36 -> 00:17:3e:9e:7a:3b

sendpackettoctwo usingscapyusethemacaddressgatheredinthepreviousstep

captureatraceofthepacketonthehostensuretheaddressmacgetsswapped

Exercise2

Exercise3• Estimatedtimerequired:40Minutes.• Objective:Implementanewgraphnode.• Steps:

• ImplementabasicVXLANsetupwithVPP.• CreateahostinterfaceinContainerTwofor veth_link1`.• Assignthehostinterface`host-veth_link1`anIPaddress.• CreateaVXLANTunnel forVNI42inContainerTwo.• SendapackettotheVXLANTunnelonUDPport4789withScapy.• Traceandconfirmthepackethitsthevxlan4_inputgraphnode.

• Createanewgraphnodebasedonvlan4_inputnode.• Createvxlan4_v2_inputgraphnodebasedontheexistingvlan4_inputnode.• Thevxlan4_v2_inputgraphnodewilllistenforpacketsonUDPport4791.

• Confirmvxlan4_v2_inputnodeworksasexpectedwithScapy.• SendapackettotheVXLANTunnelonUDPport4791.• Traceandconfirmthepackethitsthevxlan4_v2_inputgraphnode.

fd.ioFoundation 25

VPP:Anatomyofagraphnode

vlib_node_registration_tType Name Description User visible?vlib_node_function_t * function Vectorprocessing function forthisnodechar* name Nodename see`showrun`u16 n_errors Numberoferrorcodesusedbythisnode.char** error_strings Errorstringsindexedbyerrorcodeforthisnode. see`showerror`u16 n_next_nodes Numberofnextnodenamesthatfollow.char* next_nodes[] Namesofnextnodeswhichthisnode feedsinto.fd.ioFoundation 26

- VLIB_REGISTER_NODE,macrotodeclareagraphnode.

- Creates:-- agraphnode registration

vlib_node_registration_t <graphnode>- initializesvaluesin<graphnode>- aconstruction function

__vlib_add_node_registration_<graph node>toregisterthegraphnodeatstartup.

Exercise3

VPP:AnatomyofaVXLANgraphnode

fd.ioFoundation 27

- VLIB_REGISTER_NODEregisters vxlan4_input_node` node- vxlan4_input isthevectorprocessing function.- vxlan errorsstrings.

- nosuchtunnel.- addnextnodestrings.

- error-drop – nosuchtunnel.- l2-input– layer2input.

Exercise3

Setupandtracevxlan tunnelonctwo

fd.ioFoundation 28

vagrant@localhost:~$ ssh coneWelcome to Ubuntu 14.04.5 LTS (GNU/Linux 3.16.0-30-generic x86_64)

* Documentation: https://help.ubuntu.com/Last login: Sun Dec 4 16:58:59 2016 from 10.0.3.1vagrant@cone:~$ sudo scapyINFO: Can't import matplotlib. Won't be able to plot.INFO: Can't import PyX. Won't be able to use psdump() or pdfdump().WARNING: Failed to execute tcpdump. Check it is installed and in the PATHWARNING: No route found for IPv6 destination :: (no default route?)INFO: Can't import python Crypto lib. Won't be able to decrypt WEP.INFO: Can't import python Crypto lib. Disabled certificate manipulation toolsINFO: Can't import python ecdsa lib. Disabled certificate manipulation toolsWelcome to Scapy (2.3.3)>>> x=Ether()/IP(dst="172.16.1.3")/UDP(sport=1337,dport=4789)/VXLAN(vni=42,flags=8)/Ether()/IP()/UDP()>>> sendp(x,iface="veth_link1").Sent 1 packets.>>>

vagrant@localhost:~$ ssh ctwoWelcome to Ubuntu 14.04.5 LTS (GNU/Linux 3.16.0-30-generic x86_64)

* Documentation: https://help.ubuntu.com/Last login: Fri Dec 2 17:15:01 2016 from 10.0.3.1vagrant@ctwo:~/vpp$ make PLATFORM=vpp_lite runWARNING: STARTUP_CONF not defined or file doesn't exist.

Running with minimal startup config: unix { interactive }\nhtlb_init:128: shmget: Cannot allocate memory (errno 12)unix_physmem_init: use fake dma pagesvlib_plugin_early_init:213: plugin path /home/vagrant/vpp/build-root/install-vpp_lite_debug-native/plugins/lib64/vpp_pluginsload_one_plugin:92: Loaded plugin: /home/vagrant/vpp/build-root/install-vpp_lite_debug-native/plugins/lib64/vpp_plugins/libsixrd_plugin.so….DBGvpp# create host-interface name veth_link1host-veth_link1DBGvpp# set interface state host-veth_link1 upDBGvpp# set interface ip address host-veth_link1 172.16.1.3/24DBGvpp# DBGvpp# create vxlan tunnel src 172.16.1.3 dst 172.16.1.2 vni 42vxlan_tunnel0DBGvpp# set interface state vxlan_tunnel0 upDBGvpp#DBGvpp# trace add af-packet-input 5

createhost-interface,setstateup,assignipcreateVXLANtunnel forVNI42onip.

createVXLANpacketx,destined forctwo.tx packetonveth_link1

Exercise3

Tracevxlan tunnelonctwo

fd.ioFoundation 29

Packet 2

00:00:29:644596: af-packet-inputaf_packet: hw_if_index 1 next-index 3tpacket2_hdr:status 0x20000001 len 92 snaplen 92 mac 66 net 80sec 0x58444bdf nsec 0x2481bd6f vlan 0

00:00:29:644702: ethernet-inputIP4: 00:17:3e:37:19:89 -> 02:fe:42:6b:6d:84

00:00:29:644740: ip4-inputUDP: 172.16.1.2 -> 172.16.1.3tos 0x00, ttl 64, length 78, checksum 0x2079fragment id 0x0001

UDP: 1337 -> 4789length 58, checksum 0x5182

00:00:29:644995: ip4-lookup…00:00:29:645051: ip4-local…00:00:29:645094: ip4-udp-lookupUDP: src-port 1337 dst-port 4789

00:00:29:645117: vxlan4-inputVXLAN decap from vxlan_tunnel0 vni 42 next 1 error 0

00:00:29:645139: l2-inputl2-input: sw_if_index 2 dst ff:ff:ff:ff:ff:ff src 00:00:00:00:00:00

00:00:29:645212: feature-bitmap-dropfeat_bitmap_drop: feature bitmap 0x00000001

00:00:29:645222: error-dropfeature-bitmap-drop: L2 feature forwarding disabled

Packet 1

00:00:29:632073: af-packet-inputaf_packet: hw_if_index 1 next-index 3tpacket2_hdr:status 0x20000001 len 42 snaplen 42 mac 66 net 80sec 0x58444bdf nsec 0x23af6597 vlan 0

00:00:29:634712: ethernet-inputARP: 00:17:3e:37:19:89 -> ff:ff:ff:ff:ff:ff

00:00:29:634812: arp-inputrequest, type ethernet/IP4, address size 6/400:17:3e:37:19:89/172.16.1.2 -> 00:00:00:00:00:00/172.16.1.3

00:00:29:634958: host-veth_link1-outputhost-veth_link1ARP: 02:fe:42:6b:6d:84 -> 00:17:3e:37:19:89reply, type ethernet/IP4, address size 6/402:fe:42:6b:6d:84/172.16.1.3 -> 00:17:3e:37:19:89/172.16.1.2

showtraceonctwo,packet1ARPrequest/response forVTEP

showtraceonctwo,packet2VXLANdecap andforwardtol2-input

Exercise3

SendVXLANpackettoport4791

fd.ioFoundation 30

Packet 2

00:04:34:985933: af-packet-input…

00:04:34:986021: ethernet-inputIP4: 00:17:3e:37:19:89 -> 02:fe:8d:9c:6e:06

00:04:34:986053: ip4-input…

00:04:34:986084: ip4-lookup…00:04:34:986116: ip4-local…00:04:34:986143: ip4-udp-lookupUDP: src-port 1337 dst-port 4791 (no listener)

00:04:34:986143: ip4-icmp-error…00:04:34:986143: ip4-lookup…00:04:34:986143: ip4-rewrite-transit00:04:34:986143: host-veth_link1-output

showtrace onctwo,packet2ICMPerrorduetonolisteneronport4791

vagrant@localhost:~$ ssh cone Welcome to Ubuntu 14.04.5 LTS (GNU/Linux 3.16.0-30-generic x86_64)


createVXLANpacketxonport4791,destined forctwo.tx packetonveth_link1

Exercise3

Addnewnodevxlan4-v2-input

fd.ioFoundation 31

Step Where(file/directory) Description1 vnet/vnet/ip/udp.h AddnewUDPIPv4DestinationPort

2 vnet/vnet/vxlan/decap.c

• Copy andpasteVLIB_REGISTER_NODE(vxlan4_input_node) ={…}toVLIB_REGISTER_NODE(vxlan4_v2_input_node) = {…}

• Updatethenamefield tosomething unique,e.g..name="vxlan4-v2-input“3 vnet/vnet/vxlan/vxlan.h Addaforwarddeclarationforvlib_node_registration_t vxlan4_v2_input_node

4 vnet/vnet/vxlan/vxlan.c

Invxlan_init registerthedestinationUDPport.

udp_register_dst_port (vm,UDP_DST_PORT_vxlan_v2,vxlan4_v2_input_node.index, /*is_ip4*/1);

Whenyouaredone,- `makePLATFORM=vpp_lite build`- `makePLATFORM=vpp_lite run`- setupvxlan tunnelasshownpreviously.

Exercise3

SendVXLANpackettoport4791

fd.ioFoundation 32

Packet 2

00:00:52:869779: af-packet-input…00:00:52:869893: ethernet-input…00:00:52:869967: ip4-lookup…00:00:52:870014: ip4-local…00:00:52:870051: ip4-udp-lookupUDP: src-port 1337 dst-port 4791

00:00:52:870073: vxlan4-v2-inputVXLAN decap from vxlan_tunnel0 vni 42 next 1 error 0

00:00:52:870093: l2-input…

showtraceonctwo,packet2vxlan decap andforwardtol2-input

vagrant@localhost:~$ ssh cone Welcome to Ubuntu 14.04.5 LTS (GNU/Linux 3.16.0-30-generic x86_64)


createVXLANpacketxonport4791,destined forctwo.tx packetonveth_link1

Exercise3

BACKUP

fd.ioFoundation 33

Introducingvpp-bootstrap*• Whatisit?

AvagrantbasedtooltobootstrapalightweightVPPdevelopmentenvironment.

• Whatareitsfeatures?

• Developmentenvironmentfeaturingasandboxnetwork,scapy andvpp_lite.• Autoprovisioningofcredentialsforpassword-lessauthentication.• SupportforbothVirtualBox andAWSviaVagrant.

• Howeasyisit?

git clone https://gerrit.fd.io/r/vppsbcdvpp-bootstrapvagrantup

fd.ioFoundation 34

*vpp-bootstrap isnotyetasanctionedFd.ioProject.

fd.io vpp bootsrap - Meetupfiles.meetup.com/19623913/Day2DevLab_VPP_Bootstrap.pdf · • cone: •...

Documents

Transcript of fd.io vpp bootsrap - Meetupfiles.meetup.com/19623913/Day2DevLab_VPP_Bootstrap.pdf · • cone: •...