aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2017-09-12acl-plugin: add startup-config section "acl-plugin" and heap/hash parametersAndrew Yourtchenko3-4/+60
This adds the ability to tweak the memory allocation parameters of the ACL plugin from the startup config. It may be useful in the cases involving higher limit of the connections than the default 1M, or the high number of cores. Change-Id: I2b6fb3f61126ff3ee998424b762b6aefe8fb1b8e Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-09-12nat lb mapping command existed array out of bounds(VPP-979)flyingeagle231-1/+2
Change-Id: Id1dce0c2eebd4097bc17842f050453b76a94eb70 Signed-off-by: flyingeagle23 <wang.hui56@zte.com.cn>
2017-09-12ACL-plugin add "replace" semantics for adding a new MacIP aclPavel Kotucek7-42/+427
Change-Id: Ia5c869b2d8b8ad012b9e89fb6720c9c32d9ee065 Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
2017-09-11replace uint32_t with u32Neale Ranns6-12/+12
Change-Id: I6cab79c266837a8731adcf78c9e093dfa6be0ead Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-09-11arp/glean: fix hash computationFlorin Coras1-1/+2
Change-Id: Ifef8a9328bb865f6ddb041bafe3699153f89755a Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-09-11Recombine diags and minimum barrier open time changes (VPP-968)Colin Tregenza Dancer7-13/+367
Support logging to both syslog and elog Also include DaveB is_mp_safe fix, which had been lost Change-Id: If82f7969e2f43c63c3fed5b1a0c7434c90c1f380 Signed-off-by: Colin Tregenza Dancer <ctd@metaswitch.com>
2017-09-11memif: mode ip is not settable from binary APISteven3-4/+10
While mode ip is supported via the CLI for creating a memif interface, it is not settable from the binary API due to missing code. While at it, update the help usage to include the missing keyword secret. Change-Id: Ia9c71f4017210a5e1733ce4992fbb566b7d20c1a Signed-off-by: Steven <sluong@cisco.com>
2017-09-11FIB table add/delete APINeale Ranns65-538/+1643
part 2; - this adds the code to create an IP and MPLS table via the API. - but the enforcement that the table must be created before it is used is still missing, this is so that CSIT can pass. Change-Id: Id124d884ade6cb7da947225200e3bb193454c555 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-09-11Improved arm64 chip detectionBrian Brooks1-11/+46
Use ARMv8 Main ID Register (exposed thru /proc/cpuinfo) to identify the CPU implementor and part number. For further details, see the ARMv8 ARM D7.2.66. Change-Id: I2b0d0b165cda4ab9fc57c645af90e9e354b73f44 Signed-off-by: Brian Brooks <brian.brooks@arm.com> Signed-off-by: Jeremy Linton <jeremy.linton@arm.com> Signed-off-by: Ola Liljedahl <ola.liljedahl@arm.com> Reviewed-by: Song Zhu <song.zhu@arm.com>
2017-09-10NAT: fixed hairpinning for in2out translation as an output feature (VPP-976)Matus Fabian2-12/+33
Test whether the hairpinning flag is set only for packets from NAT inside interface. Change-Id: I4a4fdd2084a76a70ce9dfe3e2b8332c02fa2eccd Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-09move unix_file_* code to vppinfraDamjan Marion26-352/+423
This will allow us to use this code in client libraries without vlib. Change-Id: I8557b752496841ba588aa36b6082cbe2cd1867fe Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-09-08physmem: make fake allocation non-fatal if we cannot pick numa nodeDamjan Marion1-4/+11
Change-Id: I563c043ed82e3ef199fc3d47931108f31cc01728 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-09-08gitignore update for IDEKeith Burns (alagalah)1-1/+2
Change-Id: I95096e8d507f9bcb0f808d0da0355655b474d29a Signed-off-by: Keith Burns (alagalah) <alagalah@gmail.com>
2017-09-08Initialize ip4_reass_lock of map_main to zero (VPP-975)dongjuan1-0/+2
Change-Id: I0f58100a944e36f5b530101178303d4595b3207f Signed-off-by: dongjuan <dong.juan1@zte.com.cn>
2017-09-08add apr-devel to rpm dependency list for centos-7Gabriel Ganne1-0/+1
Error mesasge: ... rpmbuild -bb \ --define "_topdir /home/gannega/vpp" \ --define "_version 17.10" \ --define "_release rc0~269_g030ab48" \ vpp.spec error: Failed build dependencies: apr-devel is needed by vpp-17.10-rc0~269_g030ab48.x86_64 Change-Id: I7c09b65dcc9e57cae3da396c0165b8a4c85a8c2b Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
2017-09-08vlib: move linux-specific code to vlib/linuxDamjan Marion13-298/+364
Change-Id: Id79d2c2be7a98e15416a537c890a8f2dd6d4464d Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-09-08PUNT: Missing include for readv()Marco Varlese1-0/+1
The missing header include was generating a compile-time error; src/vnet/ip/punt.c:460:10: error: implicit declaration of function 'readv' Change-Id: I3f74294e7824ea3602b8d416c86fdada1aac1906 Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2017-09-08memif: fix coverity warnings as of 9/7Steven4-12/+29
1. coverity complains about "buffer not null terminated" for strncpy because we pass the size of the destination to the call which is equal to the true size of the destination. We subtract 1 for the size to accommodate the null like all other places are already doing it. 2. Add a check to tx_queues in memif_interface_tx_inline to avoid "divide by zero". 3. To avoid null pointer dereference in memif_create_if, change the goto done rather than goto error and spit a more meaningful error rather than silent about it. 4. Shuffle a line to avoid "check after use" in vl_api_memif_delete_t_handler. Change-Id: Icba7ecd5362c012a48ac35795d31aab356617420 Signed-off-by: Steven <sluong@cisco.com>
2017-09-08ACL-plugin MACIP ACLs testsPavel Kotucek4-3/+832
Change-Id: Ie40c837358454cfe9475cb2c14fdf20b24fa6602 Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
2017-09-08acl-plugin: add hitcount to applied hash-acl entriesAndrew Yourtchenko3-4/+10
Add a counter incremented upon the ACL check, so it is easier to see which kind of traffic is being checked by the policy, add the corresponding output to the debug CLI "show acl-plugin tables" command. Change-Id: Id811dddf204e63eeceabfcc509e3e9c5aae1dbc8 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-09-08Fix socket_test.sh vagrant based multi-host tests.Dave Wallace4-128/+307
Change-Id: I8ef75a0c702098030c6814c127d3443820122327 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-09-08Fixes for issues reported by Coverity (VPP-972)Chris Luke7-20/+48
Change-Id: I25238debb7081b4467aec4620dfdef33fbef3295 Signed-off-by: Chris Luke <chrisy@flirble.org>
2017-09-07Allow individual stats API and introduce stats.apiKeith Burns (alagalah)10-592/+1132
- want_interface_simple_stats - want_interface_combined_stats - want_ip4|6_fib|nbr_stats Change-Id: I4e97461def508958b3e429c3fe8859b36fef2d18 Signed-off-by: Keith Burns (alagalah) <alagalah@gmail.com>
2017-09-07vlib physmem reworkDamjan Marion19-517/+700
This patch adds supprot support for multiple numa-aware physmem regions. Change-Id: I5c69a6f4da33c8ee21bdb8604d52fd2886f2327e Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-09-07LISP: add neighbor discovery and CP protocol separation APIsFilip Tehlar2-0/+86
Change-Id: Ia2fc4621f0e199b0d02ac4d2104b54bdb49c14dd Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-09-07LISP: Add APIs for enable/disable xTR/P-ITR/P-ETR modesFilip Tehlar1-0/+60
Change-Id: Ieeb3b7eaabb568180320fe54d3eae2d26f3e4704 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-09-07The missing variable (added with this patch) was causing the build on AARCH64Marco Varlese1-0/+1
platforms to default to lib (instead of lib64) when not explicitely defining the --libdir through the configure script. This patch fixes that. Change-Id: Ia4c152e0f40acab7f098885d672ff9385f57b0fe Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2017-09-07Devices: Set interface rx-mode may cause SIGSEGV with nonexistent queueSteven3-3/+17
When I type in set interface rx-mode with a nonexistent queue, I got a crash with the following traceback. It looks like the vm is NULL when vlib_node_get_runtime is called. DBGvpp# sh int rx Thread 0 (vpp_main): node dpdk-input: TenGigabitEthernet5/0/0 queue 0 (polling) TenGigabitEthernet5/0/1 queue 0 (polling) TenGigabitEthernet7/0/0 queue 0 (polling) TenGigabitEthernet7/0/1 queue 0 (polling) node vhost-user-input: VirtualEthernet0/0/2 queue 0 (adaptive) DBGvpp# set interface rx-mode VirtualEthernet0/0/2 queue 1 polling Thread 1 "vpp_main" received signal SIGSEGV, Segmentation fault. 0x00007ffff6d4e0bc in vlib_node_get_runtime (vm=0x0, node_index=125) at /home/sluong/vpp/build-data/../src/vlib/node_funcs.h:92 92 vlib_node_t *n = vec_elt (nm->nodes, node_index); (gdb) where at /home/sluong/vpp/build-data/../src/vlib/node_funcs.h:92 at /home/sluong/vpp/build-data/../src/vlib/node_funcs.h:112 vnm=0x6f0fa0 <vnet_main>, hw_if_index=7, queue_id=1, mode=0x7fffb62099e8) at /home/sluong/vpp/build-data/../src/vnet/devices/devices.c:307 hw_if_index=7, queue_id=1, mode=VNET_HW_INTERFACE_RX_MODE_POLLING) at /home/sluong/vpp/build-data/../src/vnet/interface_cli.c:1192 vm=0x7ffff7b9d440 <vlib_global_main>, input=0x7fffb6209ef0, cmd=0x7fffb61d5d14) at /home/sluong/vpp/build-data/../src/vnet/interface_cli.c:1288 vm=0x7ffff7b9d440 <vlib_global_main>, cm=0x7ffff7b9d630 <vlib_global_main+496>, input=0x7fffb6209ef0, parent_command_index=18) at /home/sluong/vpp/build-data/../src/vlib/cli.c:588 vm=0x7ffff7b9d440 <vlib_global_main>, cm=0x7ffff7b9d630 <vlib_global_main+496>, input=0x7fffb6209ef0, parent_command_index=12) The fix is to add a check for vec_len(hw->input_node_thread_index_by_queue) and vec_len (hw->rx_mode_by_queue) to reject the command if the queue_id is out of bound. While at it, I notice inputting queue_id=-1 is being interpreted as all queues. An easy fix is to not overload the queue_id variable with -1 to mean something else. Change-Id: Id70ec3e7d06ccc67635e6d28ef53420bdac4a988 Signed-off-by: Steven <sluong@cisco.com>
2017-09-07test: factor out "L4_Conn" into a class within util.py (VPP-931)Andrew Yourtchenko2-50/+68
It seems a useful abstraction for the purposes of writing fine-grained tests, to be able to create a "connection" object which would be bound to two VPP interfaces, and hold some information about the state, allowing to send the packets back and forth with minimal amount of arguments. Change-Id: Idb83b6b82b38bded5b7e1756a41bb2df4cd58e3a Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-09-07NAT: fixed bug in snat_get_worker_out2in_cb (VPP-832)Matus Fabian1-0/+2
Change-Id: Id9c977634a1259865e3403ba0d90aecaca85207d Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-07Update CSIT tests 170814 -> 170906Jan Gelety1-1/+1
- update of CSIT operational branch to be used for VPP-patch test Change-Id: I23c6b5cb9bab6e295ff145531eabc2d51df49a94 Signed-off-by: Jan Gelety <jgelety@cisco.com>
2017-09-07acl-plugin: match index set to first portrange element if non-first ↵Andrew Yourtchenko2-5/+192
portrange matches on the same hash key (VPP-937) Multiple portranges that land on the same hash key will always report the match on the first portrange - even when the subsequent portranges have matched. Test escape, so make a corresponding test case and fix the code so it passes. (the commit on stable/1707 has erroneously mentioned VPP-938 jira ticket) Change-Id: Idbeb8a122252ead2468f5f9dbaf72cf0e8bb78f1 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> (cherry picked from commit fb088f0a201270e949469c915c529d75ad13353e) Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-09-07Punt socket: Fix coverity error for pathname length mismatch between API and ↵Ole Troan1-1/+1
sun_path. Change-Id: I69d67707540e075afe7bad0a70e57d9d80b1bc8e Signed-off-by: Ole Troan <ot@cisco.com>
2017-09-07Add fd/socket name to clib_socket_* error msgs.Dave Wallace1-12/+22
Change-Id: Ifcc9df04e7b224dfc9e9be53a30df5bbccbe05b4 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-09-07Fix session connect_* api message handling.Dave Wallace9-179/+165
Change-Id: If7fd125989c90240de12953658d10007b9eb4f07 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-09-07Support for bridge domain free text tagJerome Tollet4-2/+66
Change-Id: I9a75fdafd0c1d87b6f071fda5b77ff5f6b79deb7 Signed-off-by: Jerome Tollet <jtollet@cisco.com>
2017-09-07make test: disable L2BD Multi-instance test 5Florin Coras1-1/+2
Change-Id: Iba44aec60a74ada5add41ecf00b25dc44f3ad3a3 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-09-06Set uid/gid on ssvm segment file.Dave Wallace3-1/+12
Change-Id: I482bb9654f4dfe240bace5c2b61056cfd04cf018 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-09-06Improve "show segment-manager segments"Dave Barach6-29/+176
Clean up private-segment fifo preallocation Change-Id: I53c630ed81d48f2832a204992d73635536926983 Signed-off-by: Dave Barach <dave@barachs.net>
2017-09-06Fixes for issues raised by Coverity (VPP-972)Chris Luke3-6/+4
Change-Id: I4b1f27b95d67d48b7a13750ff8754c344ed7afa7 Signed-off-by: Chris Luke <chrisy@flirble.org>
2017-09-06NAT: Destination NAT44 with load-balancing (VPP-954)Matus Fabian8-70/+1142
added load-balancing static mappings with unequal load support Change-Id: Ie505e41f24d46f812b94dd28bdafe3dc170a6060 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-06dpdk/ipsec: fix setup when using master core onlySergio Gonzalez Monroy1-2/+3
Change-Id: I62b7aa896dfe218358f11a5197b1228a3dd67152 Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
2017-09-05Add pidfile cmdline optionPierre Pfister3-9/+98
Change-Id: Ibaa61b624eb6683b1be6901a7b29f5f73aad27b2 Signed-off-by: Pierre Pfister <ppfister@cisco.com>
2017-09-05Refork worker thread data structures in parallel (VPP-970)Colin Tregenza Dancer3-136/+214
Change the rebuilding of worker thread clone datastructures to run in parallel on the workers, instead of serially on main. Change-Id: Ib76bcfbef1e51f2399972090f4057be7aaa84e08 Signed-off-by: Colin Tregenza Dancer <ctd@metaswitch.com>
2017-09-05PUNT socket: External control plane processes connected via UNIX domain sockets.Ole Troan5-11/+652
An external (to VPP) process can register (over the VPP binary API) to receive control plane packets over a UNIX domain socket. The packets are prepended with a packet descriptor containing meta-data (if_index of interface, etc). Currently only UDP is supported. The socket supports sending of packets/frames as well. The sent packet is prepended with a descriptor, telling VPP to route the packet (via ip4-lookup, ip6-lookup) or as an pre-formed Ethernet frame that is sent directly to interface-output. The intended use case for this is for an external DHCP client or a RIP implementation. New configuration option: punt { socket <socket path> } To register use the punt_socket API message. TODO: - Add support for pre-routing. I.e send L3 packet to given TX interface, but do ARP/ND (ip[46]-rewrite) - Add test scripts - Support for abstract names (starting with \0) - Add rate limiting (COP) - Support for other protocols, e.g. IPv6 ND Change-Id: I4a0afc8020deebb3d9d74686dde694ee5bcb8d0f Signed-off-by: Ole Troan <ot@cisco.com>
2017-09-04LISP: re-fetch mapping before it expiresFilip Tehlar10-138/+330
Change-Id: I0581a1bddad55d8d573c546ec84b0b2760abab3d Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-09-03Improve L2FIB PDR/NDR performance (VPP-963)John Lo4-18/+30
1. Limit MAC entry update per l2-learn call to reduce update burst when wall clock advance to the the next minute so all MAC time stamps are behind current time needing update. 2. Optimize l2-learn node fast path code sequence. 3. Invalidate cache_key when update MAC entry. 4. Change L2 learn hit counter to L2 learn hit-update counter. 5. Increase L2FIB table memory size to 512MB to fit 4M entries 6. Set MAC learn limit at 4M entries Change-Id: I3075ee8fb59645a56850126bac2e3e6d341cef4d Signed-off-by: John Lo <loj@cisco.com>
2017-09-01The build system still builds the DPDK plugin when the optionMarco Varlese1-0/+2
vpp_uses_dpdk is set to "no" in build-data/platforms/vpp.mk causing the build to fail. This patch addresses that issue. Change-Id: Icc1aaa508e730c9b8715119e1259e4c82f974048 Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2017-09-01Add fixed-size, preallocated pool supportDave Barach19-98/+520
Simply call pool_init_fixed(...) before using the pool. Note that fixed, preallocated pools live in individually-mmap'ed address segments, except for the free element bitmap. A large fixed pool can exceed 4gb. Fix tcp buffer allocator leak, remove broken assert Change-Id: I4421082e12a77c41c6e20f7747f3150dcd01fc26 Signed-off-by: Dave Barach <dave@barachs.net>
2017-08-31VPP-959: Python API require minimum CFFI version.Ole Troan1-1/+1
Change-Id: I328689b7d4efe6017412de43630a5e9f3633dd71 Signed-off-by: Ole Troan <ot@cisco.com>