FD.io VPP  v18.07.1-19-g511ce25
Vector Packet Processing
src/plugins/map

map add domain

Summary/usage

map add domain ip4-pfx <ip4-pfx> ip6-pfx <ip6-pfx> ip6-src <ip6-pfx> ea-bits-len <n> psid-offset <n> psid-len <n> [map-t] [map-ce] [mtu <mtu>].

Description

Add MAP domain

Example usage
vpp# map add domain


Declaration and implementation


Declaration: map_add_domain_command (src/plugins/map/map.c line 2177)


Implementation: map_add_domain_command_fn.



map add rule


Summary/usage


map add rule index <domain> psid <psid> ip6-dst <ip6-addr>.

Description


Add MAP rule to a domain


Example usage
vpp# map add rule


Declaration and implementation


Declaration: map_add_rule_command (src/plugins/map/map.c line 2192)


Implementation: map_add_rule_command_fn.



map del domain


Summary/usage


map del domain index <domain>.

Description


Delete MAP domain


Example usage
vpp# map del domain


Declaration and implementation


Declaration: map_del_command (src/plugins/map/map.c line 2205)


Implementation: map_del_domain_command_fn.



map params fragment


Summary/usage


map params fragment inner|outer.

Description


Configure MAP fragmentation behaviour


Example usage
vpp# map params fragment


Declaration and implementation


Declaration: map_fragment_command (src/plugins/map/map.c line 2127)


Implementation: map_fragment_command_fn.



map params fragment ignore-df


Summary/usage


map params fragment ignore-df on|off.

Description


Ignore the IPv4 Don't fragment bit


Example usage
vpp# map params fragment ignore-df


Allows fragmentation of the IPv4 packet even if the DF bit is set. The choice between inner or outer fragmentation of tunnel packets is complicated. The benefit of inner fragmentation is that the ultimate endpoint must reassemble, instead of the tunnel endpoint. 


Declaration and implementation






Declaration: map_fragment_df_command (src/plugins/map/map.c line 2146)


Implementation: map_fragment_df_command_fn.





map params icmp source-address


Summary/usage




map params icmp source-address <ip4-address>.



Description






Specifiy the IPv4 source address used for relayed ICMP error messages


Example usage
vpp# map params icmp source-address

This command specifies which IPv4 source address (must be local to the system), that is used for relayed received IPv6 ICMP error messages. 


Declaration and implementation






Declaration: map_icmp_relay_source_address_command (src/plugins/map/map.c line 2098)


Implementation: map_icmp_relay_source_address_command_fn.





map params icmp6 unreachables


Summary/usage




map params icmp6 unreachables {on|off}.



Description






Send IPv6 ICMP unreachables


Example usage
vpp# map params icmp6 unreachables

Send IPv6 ICMP unreachable messages back if security check fails or no MAP domain exists. 


Declaration and implementation






Declaration: map_icmp_unreachables_command (src/plugins/map/map.c line 2114)


Implementation: map_icmp_unreachables_command_fn.





map params pre-resolve


Summary/usage




 map params pre-resolve {ip4-nh <address>} | {ip6-nh <address>}.



Description






Bypass IP4/IP6 lookup


Example usage
vpp# map params pre-resolve

Bypass a second FIB lookup of the translated or encapsulated packet, and forward the packet directly to the specified next-hop. This optimization trades forwarding flexibility for performance. 


Declaration and implementation






Declaration: map_pre_resolve_command (src/plugins/map/map.c line 2063)


Implementation: map_pre_resolve_command_fn.





map params reassembly


Summary/usage




map params reassembly [ip4 | ip6] [lifetime <lifetime-ms>] [pool-size <pool-size>] [buffers <buffers>] [ht-ratio <ht-ratio>].



Description






Configure MAP reassembly behaviour


Example usage
vpp# map params reassembly


Declaration and implementation






Declaration: map_ip4_reass_lifetime_command (src/plugins/map/map.c line 2025)


Implementation: map_params_reass_command_fn.





map params security-check


Summary/usage




map params security-check on|off.



Description






Enable or disable the MAP-E inbound security check


Example usage
vpp# map params security-check

By default, a decapsulated packet's IPv4 source address will be verified against the outer header's IPv6 source address. Disabling this feature will allow IPv4 source address spoofing. 


Declaration and implementation






Declaration: map_security_check_command (src/plugins/map/map.c line 2081)


Implementation: map_security_check_command_fn.





map params security-check fragments


Summary/usage




map params security-check fragments on|off.



Description






Specifiy if the inbound security check should be done on fragments


Example usage
vpp# map params security-check fragments

Typically the inbound on-decapsulation security check is only done on the first packet. The packet that contains the L4 information. While a security check on every fragment is possible, it has a cost. State must be created on the first fragment. 


Declaration and implementation






Declaration: map_security_check_frag_command (src/plugins/map/map.c line 2164)


Implementation: map_security_check_frag_command_fn.





map params traffic-class


Summary/usage




map params traffic-class {0x0-0xff | copy}.



Description






Set or copy the IP TOS/Traffic Class field


Example usage
vpp# map params traffic-class

This command is used to set the traffic-class field in translated or encapsulated packets. If copy is specifed (the default) then the traffic-class/TOS field is copied from the original packet to the translated / encapsulating header. 


Declaration and implementation






Declaration: map_traffic_class_command (src/plugins/map/map.c line 2045)


Implementation: map_traffic_class_command_fn.





show map domain


Summary/usage




show map domain index <n> [counters].



Description






Show MAP domains


Example usage
vpp# show map domain


Declaration and implementation






Declaration: show_map_domain_command (src/plugins/map/map.c line 2218)


Implementation: show_map_domain_command_fn.





show map fragments


Summary/usage






show map fragments.


Description






Show MAP fragmentation information


Example usage
vpp# show map fragments


Declaration and implementation






Declaration: show_map_fragments_command (src/plugins/map/map.c line 2244)


Implementation: show_map_fragments_command_fn.





show map stats


Summary/usage






show map stats.


Description






Show MAP statistics


Example usage
vpp# show map stats


Declaration and implementation






Declaration: show_map_stats_command (src/plugins/map/map.c line 2231)


Implementation: show_map_stats_command_fn.