FD.io VPP  v21.06-3-gbb25fbf28
Vector Packet Processing
All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Friends Macros Modules Pages
src/plugins/map

map add domain

Summary/usage

map add domain [tag <tag>] ip4-pfx <ip4-pfx> ip6-pfx <ip6-pfx> ip6-src <ip6-pfx> ea-bits-len <n> psid-offset <n> psid-len <n> [map-t] [mtu <mtu>].

Description

Add MAP domain

Example usage
vpp# map add domain



Declaration and implementation


Declaration: map_add_domain_command (src/plugins/map/map.c line 1397)


Implementation: map_add_domain_command_fn.



map add rule



Summary/usage


map add rule index <domain> psid <psid> ip6-dst <ip6-addr>.


Description


Add MAP rule to a domain


Example usage
vpp# map add rule



Declaration and implementation


Declaration: map_add_rule_command (src/plugins/map/map.c line 1413)


Implementation: map_add_rule_command_fn.



map del domain



Summary/usage


map del domain index <domain>.


Description


Delete MAP domain


Example usage
vpp# map del domain



Declaration and implementation


Declaration: map_del_command (src/plugins/map/map.c line 1426)


Implementation: map_del_domain_command_fn.



map interface



Summary/usage


map interface <interface-name> [map-t] [del].


Description


Enable MAP processing on interface (input feature)



Declaration and implementation


Declaration: map_if_command (src/plugins/map/map.c line 1462)


Implementation: map_if_command_fn.



map params fragment



Summary/usage


map params fragment inner|outer ignore-df|honor-df.


Description


Configure MAP fragmentation behaviour


Example usage
vpp# map params fragment


Allows fragmentation of the IPv4 packet even if the DF bit is set. The choice between inner or outer fragmentation of tunnel packets is complicated. The benefit of inner fragmentation is that the ultimate endpoint must reassemble, instead of the tunnel endpoint. 





Declaration and implementation


Declaration: map_fragment_command (src/plugins/map/map.c line 1383)


Implementation: map_fragment_command_fn.





map params icmp source-address





Summary/usage


map params icmp source-address <ip4-address>.






Description


Specifiy the IPv4 source address used for relayed ICMP error messages


Example usage
vpp# map params icmp source-address

This command specifies which IPv4 source address (must be local to the system), that is used for relayed received IPv6 ICMP error messages. 





Declaration and implementation


Declaration: map_icmp_relay_source_address_command (src/plugins/map/map.c line 1348)


Implementation: map_icmp_relay_source_address_command_fn.





map params icmp6 unreachables





Summary/usage


map params icmp6 unreachables {on|off}.






Description


Send IPv6 ICMP unreachables


Example usage
vpp# map params icmp6 unreachables

Send IPv6 ICMP unreachable messages back if security check fails or no MAP domain exists. 





Declaration and implementation


Declaration: map_icmp_unreachables_command (src/plugins/map/map.c line 1364)


Implementation: map_icmp_unreachables_command_fn.





map params pre-resolve





Summary/usage


 map params pre-resolve {ip4-nh <address>} | {ip6-nh <address>}.






Description


Bypass IP4/IP6 lookup


Example usage
vpp# map params pre-resolve

Bypass a second FIB lookup of the translated or encapsulated packet, and forward the packet directly to the specified next-hop. This optimization trades forwarding flexibility for performance. 





Declaration and implementation


Declaration: map_pre_resolve_command (src/plugins/map/map.c line 1306)


Implementation: map_pre_resolve_command_fn.





map params security-check





Summary/usage


map params security-check enable|disable fragments on|off.






Description


Enable or disable the MAP-E inbound security check
Specifiy if the inbound security check should be done on fragments


Example usage
vpp# map params security-check

By default, a decapsulated packet's IPv4 source address will be verified against the outer header's IPv6 source address. Disabling this feature will allow IPv4 source address spoofing.


Typically the inbound on-decapsulation security check is only done
on the first packet. The packet that contains the L4
information. While a security check on every fragment is possible,
it has a cost. State must be created on the first fragment.






Declaration and implementation


Declaration: map_security_check_command (src/plugins/map/map.c line 1330)


Implementation: map_security_check_command_fn.





map params tcp-mss





Summary/usage


map params tcp-mss <value>.






Description


TCP MSS clamping


Example usage
vpp# map params tcp-mss

This command is used to set the TCP MSS in translated or encapsulated packets. 





Declaration and implementation


Declaration: map_tcp_mss_command (src/plugins/map/map.c line 1288)


Implementation: map_tcp_mss_command_fn.





map params traffic-class





Summary/usage


map params traffic-class {0x0-0xff | copy}.






Description


Set or copy the IP TOS/Traffic Class field


Example usage
vpp# map params traffic-class

This command is used to set the traffic-class field in translated or encapsulated packets. If copy is specifed (the default) then the traffic-class/TOS field is copied from the original packet to the translated / encapsulating header. 





Declaration and implementation


Declaration: map_traffic_class_command (src/plugins/map/map.c line 1272)


Implementation: map_traffic_class_command_fn.





show map domain





Summary/usage


show map domain index <n> [counters].






Description


Show MAP domains


Example usage
vpp# show map domain





Declaration and implementation


Declaration: show_map_domain_command (src/plugins/map/map.c line 1439)


Implementation: show_map_domain_command_fn.





show map stats





Summary/usage


show map stats.





Description


Show MAP statistics


Example usage
vpp# show map stats





Declaration and implementation


Declaration: show_map_stats_command (src/plugins/map/map.c line 1452)


Implementation: show_map_stats_command_fn.