The Vector Packet Processor (VPP)

The Features

VPP Feature list:

ACL Based Forwarding
ACLs for Security Groups
Address Resolution Protocol
Adjacency
Bidirectional Forwarding Detection
Bit Indexed Explicit Replication
Bonding
Buffer Metadata Change Tracker
Builtin URL support for the static http or https server
Data-Plane Objects
Dynamic Host Configuration Protocol
GPRS Tunneling Protocol
Generic Routing Encapsulation
IP Neighbour Database
IP Security
IP in IP tunnelling
IPFIX probe
IPSec crypto engine provided by Intel IPSecMB library
IPSec crypto engine provided by Openssl library
IPSec crypto engine provided by native implementation
IPv6 Neighbor Discovery
Internet Group Management Protocol
Layer 2 Forwarding
Layer 3 cross connect
Link Aggregation Control Protocol
Link Layer Discovery Protocol
Load Balancer
Locator ID Separation Protocol Control Plane
Locator ID Separation Protocol Generic Protocol Extension
Mapping of Address and Port
Multi-Protocol Label Switching
NSH
Netmap Device
Network Address Translation
Network Delay Simulator
PPPoE
Pipe Device
Quality of Service
SRv6 Mobuile
Session Layer
Source VRF Select
Static http https server
Tap Device
Time-range-based MAC-address filter
Transmission Control Protocol
Transport Layer Security
User Datagram Protocol
VPP Comms Library
Virtio PCI Device
Virtual eXtensible LAN
VxLAN-GPE
host-interface Device AF_PACKET
rdma device driver
vmxnet3 device driver

Feature Details:

VPP version: v20.01-rc0-1007-gbbff1439c

ACL Based Forwarding

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/abf

ACLs for Security Groups

The ACL plugin allows to implement access control policies at the levels of IP address ownership (by locking down the IP-MAC associations by MACIP ACLs), and by using network and transport level policies in inbound and outbound ACLs. For non-initial fragments the matching is done on network layer only. The session state in stateful ACLs is maintained per-interface (e.g. outbound interface ACL creates the session while inbound ACL matches it), which simplifies the design and operation. For TCP handling, the session processing tracks “established” (seen both SYN segments and seen ACKs for them), and “transient” (all the other TCP states) sessions.

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/acl

Address Resolution Protocol

An implementation of the Address resolution protocol (ARP) as described in RFC826

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/arp

Adjacency

Adjacencies represent the next-hop information required to reach a directly connected neighbour.

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/adj

Bidirectional Forwarding Detection

An implementation of Bidirectional Forwarding Detection (BFD).

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/bfd

Bit Indexed Explicit Replication

An implementation of Bit Indexed Explicit Replication (BIER)

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/bier

Bonding

Bonding implementation

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/bonding

Buffer Metadata Change Tracker

The Buffer Metadata Change Tracker (mdata) uses the before / after graph node main loop performance callback hooks to snapshoot buffer metadata, then compare and summarize results per-node. Answers the question “what buffer metadata does a particular graph node change?” by direct observation. Zero performance impact until enabled.

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/mdata

Builtin URL support for the static http or https server

The (builtinurl) plugin adds a set of URLs to the static http/https server. Current URLs, all of which return data in .json fmt: /version.json - vpp version info /interface_list.json - list of interfaces /interface_stats - single interface via HTTP POST /interface_stats - all intfcs via HTTP GET.

Feature maturity level: development
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/builtinurl

Data-Plane Objects

Data-Plane Objects (DPO)

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/dpo

Dynamic Host Configuration Protocol

An implemenation of the Dynamic Host Configuration Protocol (DHCP) client

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/dhcp

GPRS Tunneling Protocol

An implementation of the GPRS Tunnelling Protocol

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/gtpu

Generic Routing Encapsulation

An implementation of Generic Routing Encapsulation (GRE)

Feature maturity level: production
Supports: API CLI MULTITHREAD

Not yet implemented:
- GRE keys

Source Code: https://git.fd.io/vpp/tree/src/vnet/gre

IP Neighbour Database

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/ip-neighbor

IP Security

An implementation of IPSec

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/ipsec

IP in IP tunnelling

Implements IP{v4,v6} over IP{v4,v6} tunnelling as described in RFC2473. This module also implements the border relay of 6RD (RFC5969).

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD

Not yet implemented:
- Tunnel PMTUD - Tracking of FIB state for tunnel state - IPv6 extension headers (Tunnel encapsulation limit option)

Source Code: https://git.fd.io/vpp/tree/src/vnet/ipip

IPFIX probe

IPFIX flow probe. Works in the L2, or IP input feature path.

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD

Not yet implemented:
- Output path - Export over IPv6 - Export over TCP/SCTP

Source Code: https://git.fd.io/vpp/tree/src/plugins/flowprobe

IPSec crypto engine provided by Intel IPSecMB library

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/crypto_ipsecmb

IPSec crypto engine provided by Openssl library

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/crypto_openssl

IPSec crypto engine provided by native implementation

An implentation of a native crypto-engine

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/crypto_ia32

IPv6 Neighbor Discovery

An implementation of the IPv6 Neighbor discovery protocol as described in RFC4861 and RFC4862.

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/ip6-nd

Internet Group Management Protocol

An implementation of the Internet Group Management Protocol (IGMP)

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/igmp

Layer 2 Forwarding

Layer 2 Bridging and Cross-Connect Support

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/l2

Layer 3 cross connect

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/l3xc

Link Aggregation Control Protocol implementation (LACP)

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/lacp

Link Layer Discovery Protocol (LLDP) implementation

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/lldp

Load Balancer

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/lb

Locator ID Separation Protocol Control Plane

Locator ID Separation Protocol control plane (LISP) implementation

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/lisp-cp

Locator ID Separation Protocol Generic Protocol Extension

Locator ID Separation Protocol Generic Protocol Extension (LISP-GPE) implementation

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/lisp-gpe

Mapping of Address and Port

Mapping of Address and Port (MAP): IPv4 as a service mechanisms. Tunnel or translate an IPv4 address, an IPv4 subnet or a shared IPv4 address. In shared IPv4 address mode, only UDP, TCP and restricted ICMP is supported.

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/map

Multi-Protocol Label Switching

An implementation of Multi-Protocol Label Switching (MPLS)

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/mpls

NSH

NSH for SFC

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/nsh

Netmap Device

Create a netmap interface, which is a high speed user-space interface that allows VPP to patch into a linux namespace, a linux container, or a physical NIC without the use of DPDK.

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD

Not yet implemented:
- API dump

Source Code: https://git.fd.io/vpp/tree/src/vnet/devices/netmap

Network Address Translation

The Network Address Translation (NAT) plugin offers a multiple address translation functions. These can be used in a raft of different scenarios. CPE, CGN, etc.

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/nat

Network Delay Simulator

Introduces configurable network delay and loss

Feature maturity level: production
Supports: CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/nsim

PPPoE

PPP over Ethernet

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/pppoe

Pipe Device

Create a pipe device interface, which can pass packets bidirectionally in one side of the pipe to the other side of the pipe. While similar in behavior to a unix pipe, it is not a host-based pipe.

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD

Not yet implemented:
- does not use hw-address - does not support tagged traffic - API dump filtering by sw_if_index

Source Code: https://git.fd.io/vpp/tree/src/vnet/devices/pipe

Quality of Service

An implentation of Quality of Service (QoS)

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/qos

SRv6 Mobuile

SRv6 Mobile End Functions. GTP4.D, GTP4.E, GTP6.D, GTP6.D.Di and GTP6.E are supported.

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/srv6-mobile

Session Layer

The session layer facilitates the interaction between northbound applications and southbound transport protocols. To this end, northbound, through the app-interface sub layer, the session layer exposes APIs for applications to interact with abstract units of communication, i.e., sessions. And southbound, through the transport protocol interface, it exposes APIs that allow transport protocols to exchange data and events (ctrl and io) with applications, without actually being aware of how that communication is carried out.

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/session

Source VRF Select

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/svs

Static http https server

A simple caching static http / https server A built-in vpp host stack application. Supports HTTP GET and HTTP POST methods.

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/http_static

Tap Device

Create a tap v2 device interface, which connects to a tap interface on the host system.

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD

Not yet implemented:
- API dump filtering by sw_if_index

Source Code: https://git.fd.io/vpp/tree/src/vnet/devices/tap

Time-range-based MAC-address filter

Device-input/output arc driver level MAC filter. Checks to see if traffic is allowed to/from the given MAC address, and takes the appropriate action. Intended for the home gateway use-case, where WAN traffic is billed per bit.

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/mactime

Transmission Control Protocol

High speed and scale Transmission Control Protocol (TCP) implementation

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/tcp

Transport Layer Security

Transport Layer Security (TLS) protocol implementation that consists of a set of engines that act as wrappers for existing TLS implementations, e.g., OpenSSL, Picotls and MbedTLS, and a framework that integrates the engines into VPP’s host stack

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/tls

User Datagram Protocol

User Datagram Protocol (UDP) implementation

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/udp

VPP Comms Library

VPP Comms Library (VCL) simplifies app interaction with session layer by exposing APIs that are similar to but not POSIX-compliant.

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vcl

Virtio PCI Device

Create a virtio-backed PCI device interface

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD

Not yet implemented:
- API dump filtering by sw_if_index

Source Code: https://git.fd.io/vpp/tree/src/vnet/devices/virtio

Virtual eXtensible LAN

Virtual eXtensible LAN (VXLAN) tunnels support L2 overlay networks that span L3 networks

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/vxlan

VxLAN-GPE

VxLAN-GPE tunnel handling

Feature maturity level: production
Supports: API CLI MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/vnet/vxlan-gpe

host-interface Device AF_PACKET

Create a host interface that will attach to a linux AF_PACKET interface, one side of a veth pair. The veth pair must already exist. Once created, a new host interface will exist in VPP with the name ‘host-’, where ‘’ is the name of the specified veth pair. Use the ‘show interface’ command to display host interface details.

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD

Not yet implemented:
- API dump details beyond sw_if_index and name

Source Code: https://git.fd.io/vpp/tree/src/vnet/devices/af_packet

rdma device driver

rdma device driver support

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/rdma

vmxnet3 device driver

vmxnet3 device driver support

Feature maturity level: production
Supports: API CLI STATS MULTITHREAD
Source Code: https://git.fd.io/vpp/tree/src/plugins/vmxnet3