summaryrefslogtreecommitdiffstats
path: root/src/plugins
AgeCommit message (Collapse)AuthorFilesLines
2017-04-26CGNAT: close session API and CLI commands.Martin Gálik3-4/+351
Change-Id: I9c8636bd2c4b8da2907e8e4a4f2be1a2c3a8e0bb Signed-off-by: Martin Gálik <magalik@cisco.com>
2017-04-25"autoreply" flag: autogenerate standard xxx_reply_t messagesDave Barach12-374/+37
Change-Id: I72298aaae7d172082ece3a8edea4217c11b28d79 Signed-off-by: Dave Barach <dave@barachs.net>
2017-04-22Fix multicast enable on the bonded interfaceSteve Shin2-1/+13
Multicast enable flag should be set when the bonded interface is up. This flag allows multicast packets to be processed from the slave devices of the bonded interface. Also promiscuous mode for all-multicast should be correctly displayed as part of 'show hardware detail' output. Change-Id: Ief0157c4c030a28afb9c45ebf3d6a12710083724 Signed-off-by: Steve Shin <jonshin@cisco.com>
2017-04-21CGN: IPFIX loggingMatus Fabian3-18/+215
maximum entries per user exceeded event Change-Id: Ie35d7f40f55001e2ef4a38f934f176594f25b189 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-04-20Temporary workaround for the bug VPP-698.Milan Lenco1-2/+2
Change-Id: I220b0b95449f24cc547206e38ab8e10019115ec0 Signed-off-by: Milan Lenco <milan.lenco@pantheon.tech>
2017-04-20Clean up old datapath code in ACL plugin.Andrew Yourtchenko13-2078/+18
Change-Id: I3d64d5ced38a68f3fa208be00c49d20c4e6d4d0e Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-04-19Support ping from outside network in 1:1 NAT (VPP-695)Juraj Sloboda4-45/+59
Change-Id: Iec8fd4c2bd26874bd8bda82172af797e9b92592c Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2017-04-18ACL-plugin does not match UDP next-header, VPP-687Pavel Kotucek1-1/+1
Change-Id: Ide4f9bd6158fb64d069540fb43f4e593e39d6ff3 Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
2017-04-13Remove unsed parameter from fib_table_entry_special_add() (only used in FIB ↵Neale Ranns3-7/+3
tests). The DPO was incorrectly initialised with FIB_PROTO_MAX Change-Id: I962df9e162e4dfb6837a5ce79ea795d5ff2d7315 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-12Handle multiple flows with the same client port in deterministic NATJuraj Sloboda2-15/+23
Handle situation when client tries to connect to multiple hosts/ports from the same client port. Extend matching to include remote host/port when searching for existing session and create session for each flow even when originating from the same client port. Change-Id: I4f54ded930e59e7196843c6bc1d2d2386c57cd3c Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2017-04-12acl-plugin: missing "deny" parameter in APIPavel Kotucek1-0/+5
Change-Id: Ie2ab844ad27b5ddb552bad9b19e7029cf91e4071 Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
2017-04-12CGN: configurable timeoutsMatus Fabian5-15/+290
add API and CLI configuration of deterministic NAT session timeout for TCP, UDP and ICMP protocol Change-Id: I577440452e7eaedcb5d80501a7fd4b76e31e8c9c Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-04-12Support ICMP session timeout in deterministic NATJuraj Sloboda2-1/+8
Change-Id: I0306bc0ab87908adb79c594c657d579cb34b3ec1 Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2017-04-11Add ICMP support for deterministic NATJuraj Sloboda4-26/+414
Change-Id: I9a6bcb7d173a2c13d89784e7ff8a6e42dcee201f Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2017-04-11Remove usued, redundant and deprecated code from lookup.hNeale Ranns3-11/+6
Change-Id: Ic16bc10d0b2877b2afdf052615f9334f31b9519f Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-11dpdk: use common interface placement infraDamjan Marion6-301/+64
This pathch deprecates "show dpdk placement" and "set dpdk placement" CLI commands. Change-Id: I4e052ec3e8b8e6c54b4816e1e689e5b7a24892db Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-04-10Refactor SNAT codeJuraj Sloboda3-119/+132
Change-Id: I71f34dc64d4ddc5f2ec1164cb3c353d0fe2d95ab Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2017-04-10Handle ICMP echo with TTL=1 in deterministic and fast SNAT nodesJuraj Sloboda2-3/+85
Change-Id: Icd25ec2e5faf69898178199aa44f21790ce664e1 Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2017-04-10Make fixes in SNAT codeJuraj Sloboda2-52/+56
Change-Id: I691d1bfb2923a07c0003485b1d0272aaf9ed27ee Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2017-04-07Fix init of ENIC driver to allow receiving of jumbo packetsJohn Lo1-49/+27
Set rxmode.enable_scatter field in DPDK port config parameter so ENIC driver will use multiple mbuf's for receiving jumbo packets. Also remove ENIC driver check to disable setting ENIC MTU as this capability is now working with the new ENIC driver, subject to 9002B limit. Change-Id: I563976201c4968d4538c0759505cef2de876934a Signed-off-by: John Lo <loj@cisco.com>
2017-04-07MPLS McastNeale Ranns1-1/+1
1 - interface-DPO Used in the Data-plane to change a packet's input interface 2 - MPLS multicast FIB entry Same as a unicast entry but it links to a replicate not a load-balance DPO 3 - Multicast MPLS tunnel Update MPLS tunnels to use a FIB path-list to describe the endpoint[s]. Use the path-list to generate the forwarding chain (DPOs) to link to . 4 - Resolve a path via a local label (of an mLDP LSP) For IP multicast entries to use an LSP in the replication list, we need to decribe the 'resolve-via-label' where the label is that of a multicast LSP. 5 - MPLS disposition path sets RPF-ID For a interface-less LSP (i.e. mLDP not RSVP-TE) at the tail of the LSP we still need to perform an RPF check. An MPLS disposition DPO performs the MPLS pop validation checks and sets the RPF-ID in the packet. 6 - RPF check with per-entry RPF-ID An RPF-ID is used instead of a real interface SW if index in the case the IP traffic arrives from an LSP that does not have an associated interface. Change-Id: Ib92e177be919147bafeb599729abf3d1abc2f4b3 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-06acl-plugin: make the IPv4/IPv6 non-first fragment handling in line with ACL ↵Andrew Yourtchenko4-13/+77
(VPP-682) This fixes the previously-implicit "drop all non-first fragments" behavior to be more in line with security rules: a non-first fragment is treated for the purposes of matching the ACL as a packet with the port match succeeding. This allows to change the behavior to permit the fragmented packets for the default "permit specific rules" ruleset, but also gives the flexibility to block the non-initial fragments by inserting into the begining a bogus rule which would deny the L4 traffic. Also, add a knob which allows to potentially turn this behavior off in case of a dire need (and revert to dropping all non-initial fragments), via a debug CLI. Change-Id: I546b372b65ff2157d9c68b1d32f9e644f1dd71b4 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> (cherry picked from commit 9fc0c26c6b28fd6c8b8142ea52f52eafa7e8c7ac)
2017-04-06Use thread local storage for thread indexDamjan Marion27-212/+216
This patch deprecates stack-based thread identification, Also removes requirement that thread stacks are adjacent. Finally, possibly annoying for some folks, it renames all occurences of cpu_index and cpu_number with thread index. Using word "cpu" is misleading here as thread can be migrated ti different CPU, and also it is not related to linux cpu index. Change-Id: I68cdaf661e701d2336fc953dcb9978d10a70f7c1 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-04-05acl-plugin: fix pretty-printing in "api trace custom-dump" (VPP-683)Andrew Yourtchenko6-317/+391
Change-Id: Id15b401223aabe7dacb7566c871ebefc17fbb1fc Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> (cherry picked from commit 7fd3f513c7df198c45204eba0a3e9a3abe509593)
2017-04-05Fix two more memif coverity issuesMilan Lenco2-25/+32
Change-Id: I935620798d6fe82b99b6bd564749e20a189b4ae3 Signed-off-by: Milan Lenco <milan.lenco@pantheon.tech>
2017-04-03Fix memif coverity issuesMilan Lenco3-10/+33
Change-Id: I844ec53b55ceaa1e00996f5cf8a018537ea8b481 Signed-off-by: Milan Lenco <milan.lenco@pantheon.tech>
2017-03-31dpdk: add support for Mellanox ConnectX-5 devicesDamjan Marion1-1/+4
Change-Id: I3ed2834a326eac50a7cb4faa592f42fd06325d5a Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-03-30acl-plugin: cleaner node bugfixes (VPP-675)Andrew Yourtchenko3-51/+75
- use the counters in a private struct rather than node error counters - ensure the timer for the non-idle connections is restarted - fix the deletion of conn at the current tail the list Change-Id: I632f63574d2ced95fb75c5e7fb588c78fb3cce1c Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> (cherry picked from commit 097051a3bd1f63a177c0728f15375afd84a68918)
2017-03-30vppinfra: add spinlock inline functionsDamjan Marion3-30/+7
Change-Id: I86089e9bb604adfc260a111685001be1c897ce53 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-03-29dpdk: fix --with-dpdk-mlx5-pmd link issueDamjan Marion1-0/+3
Change-Id: I8edb927289c080929380bfbf2b760749b7984d4b Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-03-29Bugfixing and documentation for SRv6Pablo Camarillo6-505/+0
- Fixed three coverity issues - Linked SRv6 docs - Moved sample plugin to examples folder - Fixed bug with hash. Now everything is using mhash. Potentially in the future we want to do bihash. Change-Id: Ie03a13c8fecb1e315e67d0596cbd23220779aaf2 Signed-off-by: Pablo Camarillo <pcamaril@cisco.com>
2017-03-22Add memif - packet memory interface for intra-host communicationDamjan Marion11-0/+2767
Change-Id: I94c06b07a39f07ceba87bf3e7fcfc70e43231e8a Signed-off-by: Damjan Marion <damarion@cisco.com> Co-Authored-By: Milan Lenco <Milan.Lenco@pantheon.tech>
2017-03-22Update MAC address kept for Bonded Interface and its SlavesJohn Lo1-23/+32
Change-Id: I9f7f9f840c3c1aad5e8c9a4fa1ba7a58a85cfd9e Signed-off-by: John Lo <loj@cisco.com>
2017-03-22vlib: add description field in plugin registrationDamjan Marion9-1/+10
Change-Id: I88b322a5d602f3d6d3310e971479180a89430e0e Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-03-22dpdk: fix plugin linking with sw crypto librariesSergio Gonzalez Monroy1-1/+6
Change-Id: I3e3bf786ab3c7672ff2cc7acd221421072e3ac8b Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
2017-03-22SNAT: added actual delete to snat_det_mapMartin1-12/+45
Change-Id: I8187b43129b80fadd90ea493afb922064f79abbe Signed-off-by: Martin <magalik@cisco.com>
2017-03-22Initial draft of VPP changes to cleanup iOAM export.Vengada8-6/+9
This is needed for iOAM export for NSH. Change-Id: I702934b2cde8b1c07ec5c299d5fcd98dce94c62c Signed-off-by: Vengada <venggovi@cisco.com>
2017-03-21ACL plugin 1.2Andrew Yourtchenko6-19/+2087
L3 path support, L2+L3 unified processing node, skip IPv6 EH support. Change-Id: Iac37a466ba1c035e5c2997b03c0743bfec5c9a08 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-03-18Fix bonded interface name to use instance number starting from 0John Lo3-5/+7
With DPDK 17.02, bonded interface device_index does not start from 0 and may vary depends on the existence of other interfaces. Implement instance number for bonded interface so the interface name can make use of instance number starting from 0. Change-Id: Ia8eb7bd530446faa02ee7c7d1f6abdc22ac60b62 Signed-off-by: John Lo <loj@cisco.com>
2017-03-17Fix bonded ethernet PMD name for DPDK 17.02Alexander Popovsky (apopovsk)2-7/+24
In DPDK 17.02 bonded PMD name is changed from rte_bond_pmd to net_bonding. Change-Id: I1a57a16b0ae68b5fa56a561a4f75981112228572 Signed-off-by: Alexander Popovsky (apopovsk) <apopovsk@cisco.com>
2017-03-16API:replaced all REPLY_MACRO's with api_helper_macros.hEyal Bari9-281/+33
Change-Id: I08ab1fd0abdd1db4aff11a38c9c0134b01368e11 Signed-off-by: Eyal Bari <ebari@cisco.com>
2017-03-15API: define optional base_id for REPLY_MACRO'sEyal Bari1-102/+3
this enables sharing the api_helper_macros.h implementation Change-Id: Ie3fc89f3b4b5a47fcfd4b5776db90e249c55dbc3 Signed-off-by: Eyal Bari <ebari@cisco.com>
2017-03-15VPP changes to support iOAM over NSH-MD2. Separate trace dataVengada8-18/+56
structure definitions into two files to share code with NSH plugin (iOAM) Change-Id: I0192551f71678e4f814bc6a7d25200a1580f3033 Signed-off-by: Vengada <venggovi@cisco.com>
2017-03-14Fix packet trace output: dpdk_rx_trace must decode the actual ethertypeDave Barach1-1/+31
As opposed to rubbish (typically) 14 octets past the ethertype. Also fix buffer error code setup in dpdk-input node single loop. Change-Id: Ide7c4097d3bb91e62749ed4e1d69a7b4b90225de Signed-off-by: Dave Barach <dbarach@cisco.com> Signed-off-by: John Lo <loj@cisco.com>
2017-03-14ioam: ip6 hop by hop ext header and SR header co-existenceshwethab1-3/+3
1. Fix finding sr extension header 2. Fix for assert checks for space for sr header in packet headroom 3. ioam build warnings 4. Fix for SR header removal in presence of hbh ext header clib_memcpy with overlapping src/dst was failing Change-Id: I8576204eb571d1d4725a4e6976e18fe61cd1cd35 Signed-off-by: shwethab <shwetha.bhandari@gmail.com>
2017-03-14IOAM Coverity fixAkshayaNadahalli8-34/+42
Coverity IDs - 163911, 163910, 163909, 163908, 163905, 163904, 163896, 161957, 161955 Change-Id: Ida822fa45c6936240f61282e2280541d7e6427b3 Signed-off-by: AkshayaNadahalli <anadahal@cisco.com>
2017-03-13VPP-279: Document changes for vnet/vnet/devicesBilly McFall4-4/+93
Add doxygen documentation for DPDK crypto CLI command. The move of DPDK to a plugin invalidated the local dir.dox. So moved dpdk/dir.dox to dpdk/device/dir.dox to fix. Change-Id: I229e2921c4b0cdd380021adb520cd2089a376afa Signed-off-by: Billy McFall <bmcfall@redhat.com>
2017-03-13ACL plugin rejects ICMP messages (VPP-624)Pavel Kotucek1-21/+19
Change-Id: I95113a277b94cce5ff332fcf9f57ec6f385acec0 Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
2017-03-13Refactor SNAT ICMP codeJuraj Sloboda4-314/+558
Change-Id: I07de08ef111011694638a8ebe7a13c240714ce7e Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2017-03-10Retire vpp_liteDamjan Marion4-1/+4265
vpp_lite platform is not needed anymore as same efect can be achieved with following startup.conf config: plugins { plugin dpdk_plugin.so { disable } } Change-Id: I690ea8ceb1c6e1fe32e01e7da54e9958019a93bf Signed-off-by: Damjan Marion <damarion@cisco.com>