aboutsummaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2017-04-12Handle multiple flows with the same client port in deterministic NATJuraj Sloboda2-15/+23
Handle situation when client tries to connect to multiple hosts/ports from the same client port. Extend matching to include remote host/port when searching for existing session and create session for each flow even when originating from the same client port. Change-Id: I4f54ded930e59e7196843c6bc1d2d2386c57cd3c Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2017-04-12acl-plugin: missing "deny" parameter in APIPavel Kotucek1-0/+5
Change-Id: Ie2ab844ad27b5ddb552bad9b19e7029cf91e4071 Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
2017-04-12CGN: configurable timeoutsMatus Fabian5-15/+290
add API and CLI configuration of deterministic NAT session timeout for TCP, UDP and ICMP protocol Change-Id: I577440452e7eaedcb5d80501a7fd4b76e31e8c9c Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-04-12Support ICMP session timeout in deterministic NATJuraj Sloboda2-1/+8
Change-Id: I0306bc0ab87908adb79c594c657d579cb34b3ec1 Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2017-04-11LISP: show mapping negative action in CLIFilip Tehlar1-2/+3
Change-Id: I26087cbde40cc5f2f1cb501ca6e791292e02badf Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-04-11move binary-api client-only routines to memory_client.cDave Barach2-250/+241
Change-Id: I0755f731b1b01e6a1a231948d498c625a2c966b7 Signed-off-by: Dave Barach <dave@barachs.net>
2017-04-11Devices: set interface placement does not remove the old interface placementSteven1-3/+0
The command set interface placement is supposed to remove the existing interface placement and add a new interface placement based on the given options. My quick test for the CLI shows that the old interface placement continues to exist. But the new interface placement is also added. The bug exists in vnet_device_input_unassign_thread which checks the old thread index is the same as the passed thread index and skips the deletion if they are the same. The fix is to remove the check which is not supposed to be there. Change-Id: Ib055721fad47513949a03b3cb6dc292bd19fd1e8 Signed-off-by: Steven <sluong@cisco.com>
2017-04-11Add ICMP support for deterministic NATJuraj Sloboda4-26/+414
Change-Id: I9a6bcb7d173a2c13d89784e7ff8a6e42dcee201f Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2017-04-11MPLS Mcast coverity fixesNeale Ranns3-3/+3
Change-Id: Ic07ec5d4c2560a414d5f4f7eb37e10faf591664a Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-11MTRIE coverity fixesNeale Ranns1-6/+8
Change-Id: If98355bebe823f45b11b0908a8d7700ab273a6db Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-11Remove usued, redundant and deprecated code from lookup.hNeale Ranns17-174/+78
Change-Id: Ic16bc10d0b2877b2afdf052615f9334f31b9519f Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-11dpdk: use common interface placement infraDamjan Marion6-301/+64
This pathch deprecates "show dpdk placement" and "set dpdk placement" CLI commands. Change-Id: I4e052ec3e8b8e6c54b4816e1e689e5b7a24892db Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-04-11Fix bug in configure 'pcap drop trace on file xx.cap' command (VPP-691)jerryian1-1/+1
Change-Id: Id9cc1fbe18099fae483a823dc7c2b16d6bc46a8c Signed-off-by: jerryian <gu.jian1@zte.com.cn>
2017-04-11vhost: interrupt mode enhancementsSteven2-34/+26
- Add cpu index to the vring structure for quick lookup - Reduce the code that needs to be protected by vlib_worker_thread_barrier_sync - Set minimum timer no less than 1 ms Change-Id: Iafef4bf6879a8efb350abf4e0f517e38f7ff7a8b Signed-off-by: Steven <sluong@cisco.com>
2017-04-11Fix typo in minimal epoll polling timePierre Pfister1-1/+1
epoll was supposed to not sleep when timeout is less than 1ms, but a typo made it not sleep any time the requested timeout is lower than 1000 seconds (in practice, never...). This patch replaces "1e3" with "1e-3", which represents 1ms. Change-Id: I731851b27a6bf6ab8e41586e017e94b962b09bf3 Signed-off-by: Pierre Pfister <ppfister@cisco.com> (cherry picked from commit ec06222ae189fe8d84b63410130fff04bf446573)
2017-04-10Refactor SNAT codeJuraj Sloboda3-119/+132
Change-Id: I71f34dc64d4ddc5f2ec1164cb3c353d0fe2d95ab Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2017-04-10Common device-input interrupt infraDamjan Marion7-29/+194
Change-Id: I23b588eb56a3f5690158449a1f9bc8053cd3d251 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-04-10Handle ICMP echo with TTL=1 in deterministic and fast SNAT nodesJuraj Sloboda2-3/+85
Change-Id: Icd25ec2e5faf69898178199aa44f21790ce664e1 Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2017-04-10Make fixes in SNAT codeJuraj Sloboda2-52/+56
Change-Id: I691d1bfb2923a07c0003485b1d0272aaf9ed27ee Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2017-04-07Fix init of ENIC driver to allow receiving of jumbo packetsJohn Lo1-49/+27
Set rxmode.enable_scatter field in DPDK port config parameter so ENIC driver will use multiple mbuf's for receiving jumbo packets. Also remove ENIC driver check to disable setting ENIC MTU as this capability is now working with the new ENIC driver, subject to 9002B limit. Change-Id: I563976201c4968d4538c0759505cef2de876934a Signed-off-by: John Lo <loj@cisco.com>
2017-04-07MPLS McastNeale Ranns71-1101/+4042
1 - interface-DPO Used in the Data-plane to change a packet's input interface 2 - MPLS multicast FIB entry Same as a unicast entry but it links to a replicate not a load-balance DPO 3 - Multicast MPLS tunnel Update MPLS tunnels to use a FIB path-list to describe the endpoint[s]. Use the path-list to generate the forwarding chain (DPOs) to link to . 4 - Resolve a path via a local label (of an mLDP LSP) For IP multicast entries to use an LSP in the replication list, we need to decribe the 'resolve-via-label' where the label is that of a multicast LSP. 5 - MPLS disposition path sets RPF-ID For a interface-less LSP (i.e. mLDP not RSVP-TE) at the tail of the LSP we still need to perform an RPF check. An MPLS disposition DPO performs the MPLS pop validation checks and sets the RPF-ID in the packet. 6 - RPF check with per-entry RPF-ID An RPF-ID is used instead of a real interface SW if index in the case the IP traffic arrives from an LSP that does not have an associated interface. Change-Id: Ib92e177be919147bafeb599729abf3d1abc2f4b3 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-07Fix gpe dp args to allow for 32 bit bridge domain ids, VPP-690Florin Coras1-1/+1
Change-Id: I4e3df197eed33acbceaff495279def8716773303 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-04-07VPP-684.Add ip which mask length exceeding upper limit,ping segmentfaultflyingeagle231-1/+4
Change-Id: I2d1c5e4dbdcab2a81d6c88801183ca0bbc83e1d9 Signed-off-by: flyingeagle23 <wang.hui56@zte.com.cn>
2017-04-06acl-plugin: make the IPv4/IPv6 non-first fragment handling in line with ACL ↵Andrew Yourtchenko4-13/+77
(VPP-682) This fixes the previously-implicit "drop all non-first fragments" behavior to be more in line with security rules: a non-first fragment is treated for the purposes of matching the ACL as a packet with the port match succeeding. This allows to change the behavior to permit the fragmented packets for the default "permit specific rules" ruleset, but also gives the flexibility to block the non-initial fragments by inserting into the begining a bogus rule which would deny the L4 traffic. Also, add a knob which allows to potentially turn this behavior off in case of a dire need (and revert to dropping all non-initial fragments), via a debug CLI. Change-Id: I546b372b65ff2157d9c68b1d32f9e644f1dd71b4 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> (cherry picked from commit 9fc0c26c6b28fd6c8b8142ea52f52eafa7e8c7ac)
2017-04-06jvpp: remove unused print&endian headers (fixes VPP-688)Marek Gradzki6-64/+10
Change-Id: I97e03d98758a08b1f75a9a1f35f0181385a10ae8 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-04-06BFD-FIB interactionsNeale Ranns22-146/+1555
- single-hop BFD: attach a delegate to the appropriate adjacency - multi-hop BFD [not supported yet]: attach a delegate to the FIB entry. adjacency/fib_entry state tracks the BFD session state. when the state is down the object does not contribute forwarding hence and hence dependent objects will not use it. For example, if a route is ECMP via two adjacencies and one of them is BFD down, then only the other is used to forward (i.e. we don't drop half the traffic). Change-Id: I0ef53e20e73b067001a132cd0a3045408811a822 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-06VPP-686: create bridge-domainChoonho Son1-2/+4
- update default flags - add missing flag learn Change-Id: I50a1a001848769836468838775b59d3414d27710 Signed-off-by: Choonho Son <choonho.son@gmail.com>
2017-04-06Use thread local storage for thread indexDamjan Marion109-791/+790
This patch deprecates stack-based thread identification, Also removes requirement that thread stacks are adjacent. Finally, possibly annoying for some folks, it renames all occurences of cpu_index and cpu_number with thread index. Using word "cpu" is misleading here as thread can be migrated ti different CPU, and also it is not related to linux cpu index. Change-Id: I68cdaf661e701d2336fc953dcb9978d10a70f7c1 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-04-06VXLAN:fix tunnel delete not returning sw_if_indexEyal Bari1-0/+1
when tunnel is deleted reply should include the tunnel's sw_if_index instead of ~0 Change-Id: Ie5e04f4feab9cf2c90f0e155ec0fb9ca839a956d Signed-off-by: Eyal Bari <ebari@cisco.com>
2017-04-05L2FIB:add l2fib_flush_bd l2fib_flush_int apisEyal Bari4-2/+180
Change-Id: I0a6989c6963956f3e60e8c50835c57845fccef8c Signed-off-by: Eyal Bari <ebari@cisco.com>
2017-04-05BFD: add ARP-awareness, fix bugsKlement Sekera5-77/+282
Make BFD ARP-aware when sending out packets. Fix a few one-liner bugs discovered while integrating with cisco nexus. Enhance CLI view to better observe session state. Change-Id: I266c29492f351207b84328ab665d9d697969da9c Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-04-05acl-plugin: fix pretty-printing in "api trace custom-dump" (VPP-683)Andrew Yourtchenko6-317/+391
Change-Id: Id15b401223aabe7dacb7566c871ebefc17fbb1fc Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> (cherry picked from commit 7fd3f513c7df198c45204eba0a3e9a3abe509593)
2017-04-05Fix two more memif coverity issuesMilan Lenco2-25/+32
Change-Id: I935620798d6fe82b99b6bd564749e20a189b4ae3 Signed-off-by: Milan Lenco <milan.lenco@pantheon.tech>
2017-04-05LISP: fix crash when GPE interface is re-added, VPP-685Filip Tehlar1-3/+3
Change-Id: Ib83baf6ddec4ac192f6b4123d9eb599fb370fd0c Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-04-05LISP: fix crash when adding a negative forwarding entry, VPP-681Filip Tehlar1-15/+14
Change-Id: I190696da5555c05074ee0eee32eb914bd16e38fb Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-04-05GRE over IPv6Ciara Loftus7-190/+610
Refactors the GRE node to work with both IPv4 and IPv6 transports. Note that this changes the binary configuration API to support both address families; each address uses the same memory for either address type and a flag to indicate which is in use. The CLI and VAT syntax remains unchanged; the code detects whether an IPv4 or an IPv6 address was given. Configuration examples: IPv4 CLI: create gre tunnel src 192.168.1.1 dst 192.168.1.2 IPv6 CLI: create gre tunnel src 2620:124:9000::1 dst 2620:124:9000::2 IPv4 VAT: gre_add_del_tunnel src 192.168.1.1 dst 192.168.1.2 IPv6 VAT: gre_add_del_tunnel src 2620:124:9000::1 dst 2620:124:9000::2 Change-Id: Ica8ee775dc101047fb8cd41617ddc8fafc2741b0 Signed-off-by: Ciara Loftus <ciara.loftus@intel.com>
2017-04-04Fix issue with gre protocol registration when running multithreadedDamjan Marion2-39/+15
Change-Id: Ic5bd7da08f8a46b548d56516e4633f0b8badf2a1 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-04-04Fix issue with udp port registration when running multithreadedDamjan Marion2-74/+51
Change-Id: I16606757176649e61f0a51895329586311144766 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-04-04BD/API:add bridge_domain_set_mac_age apiEyal Bari6-15/+150
Change-Id: Ic2d33b31ba88f6d9602a22439865637d98cf4a33 Signed-off-by: Eyal Bari <ebari@cisco.com>
2017-04-04Clear pid-vector, to avoid spurious track selectionDave Barach2-4/+4
Change-Id: Ibc293aa1305126920c0b2c44df1f7a7d5ae9ea9d Signed-off-by: Dave Barach <dave@barachs.net>
2017-04-04vlib: make vlib_node_interrupt_pending(...) thread safeDamjan Marion3-5/+22
Change-Id: I24577bd32ae23fbe8515cc8d960eab5448ce3b5c Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-04-04VXLAN:fix api dump flipped src<->dstEyal Bari1-5/+2
Change-Id: I48bf6c46d78773669e76dc4749be3b1af80782f4 Signed-off-by: Eyal Bari <ebari@cisco.com>
2017-04-03g2: add multi-track time-slew controlsDave Barach4-16/+361
Create an elog_merge utility, extracted from test_elog. Change-Id: Ide137b4858c88b3a2885583b7fbb15ddc4963af9 Signed-off-by: Dave Barach <dave@barachs.net>
2017-04-03Fix memif coverity issuesMilan Lenco3-10/+33
Change-Id: I844ec53b55ceaa1e00996f5cf8a018537ea8b481 Signed-off-by: Milan Lenco <milan.lenco@pantheon.tech>
2017-04-03vnet: remove vnet/rewrite.h from vnet.amDamjan Marion1-1/+0
Change-Id: I2a1246061e57c4caae0a1a1b861c459d115860cd Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-04-03Add an API call to set interface MAC addresses.Jon Loeliger2-2/+59
Change-Id: I316862e1d33e5d10c058317cc4827304e55ceba4 Signed-off-by: Jon Loeliger <jdl@netgate.com>
2017-04-03Adjacency layout change and move to vnet/adjNeale Ranns15-265/+253
Change-Id: I03195a86c69f84a301051c6b3ab64456bbf28645 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-02TCP cc/window management fixes and debuggingFlorin Coras13-146/+386
- added persist timer - update rcv_las whenever sending an ack - moved fifo size to its own cache line - improved session and builtin client debugging Change-Id: Ia649cf942cf0c061a713e8b67f0eb6974a6cd55b Signed-off-by: Florin Coras <fcoras@cisco.com> Signed-off-by: Dave Barach <dave@barachs.net>
2017-04-01CLI: create/delete bridge-domainChoonho Son2-1/+201
Added new CLI command - create bridge-domain <bridge-domain-id> - create bridge-domain <bridge-domain-id> del Change-Id: I1a7d632c7daa3c37b7f424a184e8fabd489518e9 Signed-off-by: Choonho Son <choonho.son@gmail.com>
2017-04-01ARP/ND/API:fix arp reg + nd no identical regsEyal Bari2-65/+59
fixed arp registration without allocating the event added protection against identical ND registrations Change-Id: I4e2db4913b35d895d8686ada1f0818920f276ad6 Signed-off-by: Eyal Bari <ebari@cisco.com>