The Vector Packet Processor (VPP)

The Features

VPP Feature list:

ACL Based Forwarding
ACLs for Security Groups
Address Resolution Protocol
Adjacency
Bidirectional Forwarding Detection
Bit Indexed Explicit Replication
Bonding
Buffer Metadata Change Tracker
Builtin URL support for the static http or https server
COP
Classify
Data-Plane Objects
Dynamic Host Configuration Protocol
GPRS Tunneling Protocol
Generic Routing Encapsulation
IP Neighbour Database
IP Security
IP in IP tunnelling
IPFIX probe
IPSec crypto engine provided by Intel IPSecMB library
IPSec crypto engine provided by Openssl library
IPSec crypto engine provided by native implementation
IPv6 Neighbor Discovery
Internet Group Management Protocol
L2TPv3
Layer 2 Forwarding
Layer 3 cross connect
Link Aggregation Control Protocol
Link Layer Discovery Protocol
Load Balancer
Locator ID Separation Protocol Control Plane
Locator ID Separation Protocol Generic Protocol Extension
Mapping of Address and Port
Multi-Protocol Label Switching
NSH
Netmap Device
Network Address Translation
Network Delay Simulator
PG
PPPoE
Pipe Device
QUIC Protocol
Quality of Service
SRv6 - Service Chaining Dynamic Proxy
SRv6 - Service Chaining Masquerading Proxy
SRv6 - Service Chaining Static Proxy
SRv6 Mobuile
Segment Routing for IPv6 (SRv6)
Segment Routing for MPLS
Session Layer
Source VRF Select
Static http https server
TLS OpenSSL
Tap Device
Time-range-based MAC-address filter
Transmission Control Protocol
Transport Layer Security
Tunnel Infra
User Datagram Protocol
VNET GSO
VPP Comms Library
Virtio PCI Device
Virtual Router Redundancy Protocol
Virtual eXtensible LAN
VxLAN-GPE
host-interface Device AF_PACKET
rdma device driver
vlib/unix
vmxnet3 device driver

Feature Details:

VPP version: v20.05-rc0-516-g6d7552ca8

ACL Based Forwarding

Maintainer: Neale Ranns nranns@cisco.com

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/abf

ACLs for Security Groups

Maintainer: Andrew Yourtchenko ayourtch@gmail.com

The ACL plugin allows to implement access control policies at the levels of IP address ownership (by locking down the IP-MAC associations by MACIP ACLs), and by using network and transport level policies in inbound and outbound ACLs. For non-initial fragments the matching is done on network layer only. The session state in stateful ACLs is maintained per-interface (e.g. outbound interface ACL creates the session while inbound ACL matches it), which simplifies the design and operation. For TCP handling, the session processing tracks “established” (seen both SYN segments and seen ACKs for them), and “transient” (all the other TCP states) sessions.

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/acl

Address Resolution Protocol

Maintainer: Neale Ranns nranns@cisco.com

An implementation of the Address resolution protocol (ARP) as described in RFC826

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/arp

Adjacency

Maintainer: Neale Ranns nranns@cisco.com

Adjacencies represent the next-hop information required to reach a directly connected neighbour.

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/adj

Bidirectional Forwarding Detection

Maintainer: Klement Sekera ksekera@cisco.com

An implementation of Bidirectional Forwarding Detection (BFD).

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/bfd

Bit Indexed Explicit Replication

Maintainer: Neale Ranns nranns@cisco.com

An implementation of Bit Indexed Explicit Replication (BIER)

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/bier

Bonding

Maintainer: Steven Luong sluong@cisco.com

Bonding implementation

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/bonding

Buffer Metadata Change Tracker

Maintainer: Dave Barach dave@barachs.net

The Buffer Metadata Change Tracker (mdata) uses the before / after graph node main loop performance callback hooks to snapshoot buffer metadata, then compare and summarize results per-node. Answers the question “what buffer metadata does a particular graph node change?” by direct observation. Zero performance impact until enabled.

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/mdata

Builtin URL support for the static http or https server

Maintainer: Dave Barach dave@barachs.net

The (builtinurl) plugin adds a set of URLs to the static http/https server. Current URLs, all of which return data in .json fmt: /version.json - vpp version info /interface_list.json - list of interfaces /interface_stats - single interface via HTTP POST /interface_stats - all intfcs via HTTP GET.

Feature maturity level: development
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/builtinurl

COP

Maintainer: Dave Barach dbarach@cisco.com

A very simple / fast source-address whitelist feature

Feature maturity level: experimental
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/cop

Classify

Maintainer: Dave Barach dbarach@cisco.com

Mask / match packet classifier

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/classify

Data-Plane Objects

Maintainer: Neale Ranns nranns@cisco.com

Data-Plane Objects (DPO)

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/dpo

Dynamic Host Configuration Protocol

Maintainer: Dave Barach dave@barachs.net, Neale Ranns nranns@cisco.com

An implemenation of the Dynamic Host Configuration Protocol (DHCP) client

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/dhcp

GPRS Tunneling Protocol

Maintainer: Hongjun Ni hongjun.ni@intel.com

An implementation of the GPRS Tunnelling Protocol

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/gtpu

Generic Routing Encapsulation

Maintainer: Neale Ranns nranns@cisco.com

An implementation of Generic Routing Encapsulation (GRE)

Feature maturity level: production
Supports: API CLI MULTITHREAD

Not yet implemented:
- GRE keys

Source Code: https://git.fd.io/vpp/tree/src/vnet/gre

IP Neighbour Database

Maintainer: Neale Ranns nranns@cisco.com

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/ip-neighbor

IP Security

Maintainer: Neale Ranns nranns@cisco.com

An implementation of IPSec

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/ipsec

IP in IP tunnelling

Maintainer: Ole Troan ot@cisco.com

Implements IP{v4,v6} over IP{v4,v6} tunnelling as described in RFC2473. This module also implements the border relay of 6RD (RFC5969).

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD

Not yet implemented:
- Tunnel PMTUD - Tracking of FIB state for tunnel state - IPv6 extension headers (Tunnel encapsulation limit option)

Source Code: https://git.fd.io/vpp/tree/src/vnet/ipip

IPFIX probe

Maintainer: Ole Troan ot@cisco.com

IPFIX flow probe. Works in the L2, or IP input feature path.

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD

Not yet implemented:
- Output path - Export over IPv6 - Export over TCP/SCTP

Source Code: https://git.fd.io/vpp/tree/src/plugins/flowprobe

IPSec crypto engine provided by Intel IPSecMB library

Maintainer: Neale Ranns nranns@cisco.com

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/crypto_ipsecmb

IPSec crypto engine provided by Openssl library

Maintainer: Damjan Marion damarion@cisco.com

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/crypto_openssl

IPSec crypto engine provided by native implementation

Maintainer: Damjan Marion damarion@cisco.com

An implentation of a native crypto-engine

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/crypto_native

IPv6 Neighbor Discovery

Maintainer: Neale Ranns nranns@cisco.com

An implementation of the IPv6 Neighbor discovery protocol as described in RFC4861 and RFC4862.

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/ip6-nd

Internet Group Management Protocol

Maintainer: Neale Ranns nranns@cisco.com

An implementation of the Internet Group Management Protocol (IGMP)

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/igmp

L2TPv3

Maintainer: unmaintained

An initial and incomplete implementation of L2TPv3 (RFC3931).

Feature maturity level: experimental
Supports: API CLI
Source Code: https://git.fd.io/vpp/tree/src/vnet/l2tp

Layer 2 Forwarding

Maintainer: John Lo loj@cisco.com

Layer 2 Bridging and Cross-Connect Support

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/l2

Layer 3 cross connect

Maintainer: Neale Ranns nranns@cisco.com

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/l3xc

Maintainer: Steven Luong sluong@cisco.com

Link Aggregation Control Protocol implementation (LACP)

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/lacp

Maintainer: Klement Sekera ksekera@cisco.com

Link Layer Discovery Protocol (LLDP) implementation

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/lldp

Load Balancer

Maintainer: Pfister ppfister@cisco.com, Hongjun Ni hongjun.ni@intel.com

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/lb

Locator ID Separation Protocol Control Plane

Maintainer: Florin Coras fcoras@cisco.com

Locator ID Separation Protocol control plane (LISP) implementation

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/lisp-cp

Locator ID Separation Protocol Generic Protocol Extension

Maintainer: Florin Coras fcoras@cisco.com

Locator ID Separation Protocol Generic Protocol Extension (LISP-GPE) implementation

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/lisp-gpe

Mapping of Address and Port

Maintainer: Ole Troan ot@cisco.com

Mapping of Address and Port (MAP): IPv4 as a service mechanisms. Tunnel or translate an IPv4 address, an IPv4 subnet or a shared IPv4 address. In shared IPv4 address mode, only UDP, TCP and restricted ICMP is supported.

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/map

Multi-Protocol Label Switching

Maintainer: Neale Ranns nranns@cisco.com

An implementation of Multi-Protocol Label Switching (MPLS)

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/mpls

NSH

Maintainer: Hongjun Ni hongjun.ni@intel.com, Vengada venggovi@cisco.com

NSH for SFC

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/nsh

Netmap Device

Maintainer: Damjan Marion damarion@cisco.com

Create a netmap interface, which is a high speed user-space interface that allows VPP to patch into a linux namespace, a linux container, or a physical NIC without the use of DPDK.

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD

Not yet implemented:
- API dump

Source Code: https://git.fd.io/vpp/tree/src/deprecated/netmap

Network Address Translation

Maintainers: Ole Troan ot@cisco.com, Filip Varga fivarga@cisco.com

The Network Address Translation (NAT) plugin offers a multiple address translation functions. These can be used in a raft of different scenarios. CPE, CGN, etc.

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/nat

Network Delay Simulator

Maintainer: Dave Barach dave@barachs.net

Introduces configurable network delay and loss

Feature maturity level: production
Supports: CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/nsim

PG

Maintainer: Dave Barach dbarach@cisco.com

High-speed packet generator

Feature maturity level: production
Supports: CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/pg

PPPoE

Maintainer: Hongjun Ni hongjun.ni@intel.com

PPP over Ethernet

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/pppoe

Pipe Device

Maintainer: Damjan Marion damarion@cisco.com

Create a pipe device interface, which can pass packets bidirectionally in one side of the pipe to the other side of the pipe. While similar in behavior to a unix pipe, it is not a host-based pipe.

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD

Not yet implemented:
- does not use hw-address - does not support tagged traffic - API dump filtering by sw_if_index

Source Code: https://git.fd.io/vpp/tree/src/vnet/devices/pipe

QUIC Protocol

Maintainer: Aloys Augustin aloaugus@cisco.com

IETF QUIC Protocol implementation

Feature maturity level: experimental
Supports: API CLI STATS MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/quic

Quality of Service

Maintainer: Neale Ranns nranns@cisco.com

An implentation of Quality of Service (QoS)

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/qos

SRv6 - Service Chaining Dynamic Proxy

Maintainer: Francois Clad fclad@cisco.com

SRv6 dynamic proxy

Feature maturity level: production
Supports: CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/srv6-ad

SRv6 - Service Chaining Masquerading Proxy

Maintainer: Francois Clad fclad@cisco.com

SRv6 masquerading proxy

Feature maturity level: production
Supports: CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/srv6-am

SRv6 - Service Chaining Static Proxy

Maintainer: Francois Clad fclad@cisco.com

SRv6 static proxy

Feature maturity level: production
Supports: CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/srv6-as

SRv6 Mobuile

Maintainer: Tetsuya Murakami tetsuya.mrk@gmail.com

SRv6 Mobile End Functions. GTP4.D, GTP4.E, GTP6.D, GTP6.D.Di and GTP6.E are supported.

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/srv6-mobile

Segment Routing for IPv6 (SRv6)

Maintainer: Pablo Camarillo pcamaril@cisco.com

Full SRv6 Network Programming implementation

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/srv6

Segment Routing for MPLS

Maintainer: Pablo Camarillo pcamaril@cisco.com

SR-MPLS

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/srmpls

Session Layer

Maintainer: Florin Coras fcoras@cisco.com

The session layer facilitates the interaction between northbound applications and southbound transport protocols. To this end, northbound, through the app-interface sub layer, the session layer exposes APIs for applications to interact with abstract units of communication, i.e., sessions. And southbound, through the transport protocol interface, it exposes APIs that allow transport protocols to exchange data and events (ctrl and io) with applications, without actually being aware of how that communication is carried out.

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/session

Source VRF Select

Maintainer: Neale Ranns nranns@cisco.com

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/svs

Static http https server

Maintainer: Dave Barach dave@barachs.net

A simple caching static http / https server A built-in vpp host stack application. Supports HTTP GET and HTTP POST methods.

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/http_static

TLS OpenSSL

Maintainer: Florin Coras fcoras@cisco.com, Ping Yu ping.yu@intel.com

TLS OpenSSL plugin for VPP host stack

Feature maturity level: experimental
Supports: API CLI STATS MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/tlsopenssl

Tap Device

Maintainer: damarion@cisco.com sluong@cisco.com sykazmi@cisco.com

Create a tap v2 device interface, which connects to a tap interface on the host system.

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD

Not yet implemented:
- API dump filtering by sw_if_index

Source Code: https://git.fd.io/vpp/tree/src/vnet/devices/tap

Time-range-based MAC-address filter

Maintainer: Dave Barach dave@barachs.net

Device-input/output arc driver level MAC filter. Checks to see if traffic is allowed to/from the given MAC address, and takes the appropriate action. Intended for the home gateway use-case, where WAN traffic is billed per bit.

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/mactime

Transmission Control Protocol

Maintainer: Florin Coras fcoras@cisco.com

High speed and scale Transmission Control Protocol (TCP) implementation

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/tcp

Transport Layer Security

Maintainers: Florin Coras fcoras@cisco.com, Ping Yu ping.yu@intel.com

Transport Layer Security (TLS) protocol implementation that consists of a set of engines that act as wrappers for existing TLS implementations, e.g., OpenSSL, Picotls and MbedTLS, and a framework that integrates the engines into VPP’s host stack

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/tls

Tunnel Infra

Maintainer: Neale Ranns nranns@cisco.com

Tunnel Infrastructure

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/tunnel

User Datagram Protocol

Maintainer: Florin Coras fcoras@cisco.com

User Datagram Protocol (UDP) implementation

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/udp

VNET GSO

Maintainer: ayourtch@gmail.com sykazmi@cisco.com

Generic Segmentation Offload

Feature maturity level: experimental
Supports: API CLI

Not yet implemented:
- Tunnels i.e. VXLAN

Source Code: https://git.fd.io/vpp/tree/src/vnet/gso

VPP Comms Library

Maintainer: Florin Coras fcoras@cisco.com

VPP Comms Library (VCL) simplifies app interaction with session layer by exposing APIs that are similar to but not POSIX-compliant.

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vcl

Virtio PCI Device

Maintainer: sykazmi@cisco.com sluong@cisco.com

Virtio v1.0 implementation

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD

Not yet implemented:
- API dump filtering by sw_if_index

Source Code: https://git.fd.io/vpp/tree/src/vnet/devices/virtio

Virtual Router Redundancy Protocol

Maintainer: Matthew Smith mgsmith@netgate.com

Virtual Router Redundancy Protocol implementation (VRRPv3)

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/vrrp

Virtual eXtensible LAN

Maintainer: John Lo loj@cisco.com

Virtual eXtensible LAN (VXLAN) tunnels support L2 overlay networks that span L3 networks

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/vxlan

VxLAN-GPE

Maintainer: Hongjun Ni hongjun.ni@intel.com

VxLAN-GPE tunnel handling

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/vxlan-gpe

host-interface Device AF_PACKET

Maintainer: Damjan Marion damarion@cisco.com

Create a host interface that will attach to a linux AF_PACKET interface, one side of a veth pair. The veth pair must already exist. Once created, a new host interface will exist in VPP with the name ‘host-’, where ‘’ is the name of the specified veth pair. Use the ‘show interface’ command to display host interface details.

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD

Not yet implemented:
- API dump details beyond sw_if_index and name

Source Code: https://git.fd.io/vpp/tree/src/vnet/devices/af_packet

rdma device driver

Maintainer: Benoît Ganne bganne@cisco.com

rdma device driver support

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/rdma

vlib/unix

Maintainer: Dave Barach dbarach@cisco.com

Linux-specific support routines

Feature maturity level: production
Supports: CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vlib/unix

vmxnet3 device driver

Maintainer: Steven Luong sluong@cisco.com

vmxnet3 device driver support

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/vmxnet3