VPP/Tutorial Routing and Switching

This is a basic tutorial intended for VPP newcomers. It progressivly introduces main CLI commands for creating a switched and routed network. For the purpose of this tutorial, a virtual network will be created by the mean of Linux network namespaces, veth, and tap interfaces.

Prerequisites

For this tutorial, you will need a Linux environment with VPP installed. You can follow this tutorial to setup your development environment.

Running vpp

Start VPP

If you installed VPP using the vagrant tutorial, do vagrant up and vagrant ssh in VPP's vagrant directory. VPP should be already be running.

~$ sudo vppctl show version
vpp v1.0.0-433~gb53693a-dirty built by vagrant on localhost at Wed May  4 03:03:02 PDT 2016

If it is not running, try:

~$ sudo start vpp

If you have installed vpp through other means, you can execute VPP directly.

~$ sudo vpp unix { interactive log /tmp/vpp.log full-coredump } api-trace { on }

This command will start VPP in interactive mode. Which means you will be able to enter VPP CLI commands just like if they were executed using sudo vppctl your command.

From now on, we will use vppctl and ommit sudo, but you can use VPP's interactive mode if you want.

Basic VPP commands

Execute the following commands.

~$ vppctl show interface
             Name               Idx       State          Counter          Count
GigabitEthernet0/8/0              5        down
GigabitEthernet0/9/0              6        down
local0                            0        down
pg/stream-0                       1        down
pg/stream-1                       2        down
pg/stream-2                       3        down
pg/stream-3                       4        down

In this example, the VM has two PCI interfaces, owned by DPDK drivers. DPDK runs in polling mode, which means that the single VPP thread currently takes 100% CPU.

~$ top
 PID USER      PR  NI    VIRT    RES    SHR S  %CPU %MEM     TIME+ COMMAND
8510 root      20   0 2123488  28876   9672 R  89.6  0.7   1:43.84 vpp_main

VPP Debug CLI implements a lot of different commands. You can display CLI help with '?'.

~$ vppctl ?
  ...
~$ vppctl show ?
  ...

Virtual Network Setup

VPP supports two non-DPDK drivers enabling communications with Linux namespaces:

• veth interfaces with vpp host interfaces (based on efficient AF_PACKET shared memory with kernel). Click here for more information about interfaces and Linux network namespaces.
• tap interfaces from Linux's tuntap support.

This tutorial is going to use 3 different namespaces: ns0, ns1, and ns2. ns0 and ns1 will be connected to VPP by the mean of veth interfaces, while ns2 will be using a tap interface.

ns0, ns1 and veth interfaces

Let's configure ns0.

~$ ip netns add ns0
~$ ip link add vpp0 type veth peer name vethns0
~$ ip link set vethns0 netns ns0
~$ ip netns exec ns0 ip link set lo up
~$ ip netns exec ns0 ip link set vethns0 up
~$ ip netns exec ns0 ip addr add 2001::1/64 dev vethns0
~$ ip netns exec ns0 ip addr add 10.0.0.1/24 dev vethns0
~$ ip link set vpp0 up

And do the same for ns1.

~$ ip netns add ns1
~$ ip link add vpp1 type veth peer name vethns1
~$ ip link set vethns1 netns ns1
~$ ip netns exec ns1 ip link set lo up
~$ ip netns exec ns1 ip link set vethns1 up
~$ ip netns exec ns1 ip addr add 2001::2/64 dev vethns0
~$ ip netns exec ns1 ip addr add 10.0.0.2/24 dev vethns0
~$ ip link set vpp1 up

Now on VPP side.

Let's create the host (af-packet) interfaces and set them up.

~$ vppctl create host-interface name vpp0
~$ vppctl create host-interface name vpp1
~$ vppctl set interface state host-vpp0 up
~$ vppctl set interface state host-vpp1 up

Host interfaces are created with names like host-<linux-ifname>.

~$ sudo vppctl show interface
             Name               Idx       State          Counter          Count
GigabitEthernet0/8/0              5        down
GigabitEthernet0/9/0              6        down
host-vpp0                         7         up
host-vpp1                         8         up
local0                            0        down
pg/stream-0                       1        down
pg/stream-1                       2        down
pg/stream-2                       3        down
pg/stream-3                       4        down

~$ sudo vppctl show hardware

             Name                Idx   Link  Hardware
GigabitEthernet0/8/0               5    down  GigabitEthernet0/8/0
  Ethernet address 08:00:27:1b:35:da
  Intel 82540EM (e1000)
    carrier up full duplex speed 1000 mtu 9216

GigabitEthernet0/9/0               6    down  GigabitEthernet0/9/0
  Ethernet address 08:00:27:59:74:1a
  Intel 82540EM (e1000)
    carrier up full duplex speed 1000 mtu 9216

host-vpp0                          7     up   host-vpp0
  Ethernet address 02:fe:0b:67:bd:b0
  Linux PACKET socket interface
host-vpp1                          8     up   host-vpp1
  Ethernet address 02:fe:da:fd:40:19
  Linux PACKET socket interface
[...]

Routing and Switching

This section will show how to configure our little virtual network with switching and routing.

Switching ns0 and ns1

In this section, we are going to switch ns0, ns1, and VPP within a common bridging domain.

~# vppctl set interface l2 bridge host-vpp0 1
~# vppctl set interface l2 bridge host-vpp1 1

The two interfaces are now bridged ! Let's try and see packets coming in and out by using VPP's tracing.

~# vppctl trace add af-packet-input 8
~# ip netns exec ns0 ping6 2001::2
~# vppctl show trace

You should be able to see NDP packets followed by echo requests and responses.

~# vppctl clear trace

The two namespaces are connected but VPP is not. Let's change that by adding a loopback interface to the bridge domain.

~# vppctl create loopback interface
~# vppctl show interface
             Name               Idx       State          Counter          Count
[...]
loop0                             9        down
[...]

Routing