aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2017-04-04acl-plugin: make the IPv4/IPv6 non-first fragment handling in line with ACL ↵Andrew Yourtchenko6-22/+168
(VPP-682) This fixes the previously-implicit "drop all non-first fragments" behavior to be more in line with security rules: a non-first fragment is treated for the purposes of matching the ACL as a packet with the port match succeeding. This allows to change the behavior to permit the fragmented packets for the default "permit specific rules" ruleset, but also gives the flexibility to block the non-initial fragments by inserting into the begining a bogus rule which would deny the L4 traffic. Also, add a knob which allows to potentially turn this behavior off in case of a dire need (and revert to dropping all non-initial fragments), via a debug CLI. Change-Id: I546b372b65ff2157d9c68b1d32f9e644f1dd71b4 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-04-04Fix typo in minimal epoll polling timePierre Pfister1-1/+1
epoll was supposed to not sleep when timeout is less than 1ms, but a typo made it not sleep any time the requested timeout is lower than 1000 seconds (in practice, never...). This patch replaces "1e3" with "1e-3", which represents 1ms. Change-Id: I731851b27a6bf6ab8e41586e017e94b962b09bf3 Signed-off-by: Pierre Pfister <ppfister@cisco.com>
2017-04-03Fix memif coverity issuesMilan Lenco3-9/+32
Change-Id: I1cd649e1d4582792f75d0db60a9524471fc76a9f Signed-off-by: Milan Lenco <milan.lenco@pantheon.tech>
2017-03-30vpp-678: Rename "show interfaces" -> "show interface"Dave Barach4-5/+5
To line up with "show interface placement," recently added. Otherwise, "show int" refers only to "show interface placement," which tends to annoy the cash customers... Change-Id: Iea9e3681aeb051e2b0e1ecbf06706d98af9a3abf Signed-off-by: Dave Barach <dave@barachs.net> (cherry picked from commit 13ad1f02922858177915b1cb1450041d2e4d85de)
2017-03-30VPP-673 Fix L2 steering.Pablo Camarillo1-12/+14
Change-Id: I1eab03525f234139ceefbc9b9895a35a03a56910 Signed-off-by: Pablo Camarillo <pcamaril@cisco.com>
2017-03-30acl-plugin: cleaner node bugfixes (VPP-675)Andrew Yourtchenko3-51/+75
- use the counters in a private struct rather than node error counters - ensure the timer for the non-idle connections is restarted - fix the deletion of conn at the current tail the list Change-Id: I632f63574d2ced95fb75c5e7fb588c78fb3cce1c Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-03-30LISP: fix IID in decap, VPP-676Filip Tehlar2-3/+4
Change-Id: I3f67d32d5d76069a27176deef6cba0c1a194b7ec Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-03-29af_packet driver failure to check VLIB_BUFFER_NEXT_PRESENT flagJim Gibson1-1/+2
af_packet driver must check that VLIB_BUFFER_NEXT_PRESENT flag is set when walking vlib_buffer_t next_buffer chain on transmit. On buffer allocation: - next_buffer is not and may contain a stale invalid value that should be ignored if not overwritten by a valid value. - VLIB_BUFFER_NEXT_PRESENT flag is cleared and only set if a valid value is written to next_buffer. Change-Id: Iebf76ce8eea24a0d63c7bf749e672d6a232c80e7 Signed-off-by: Jim Gibson <gibson+fdio@cisco.com>
2017-03-29Coverity Error: logically dead code in IP unnumbered CLINeale Ranns1-4/+0
Change-Id: Id3398bd4b7a56c168aaab37942b92715e19d4025 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-29Bugfixing and documentation for SRv6Pablo Camarillo17-246/+203
- Fixed three coverity issues - Linked SRv6 docs - Moved sample plugin to examples folder - Fixed bug with hash. Now everything is using mhash. Potentially in the future we want to do bihash. Change-Id: Ie03a13c8fecb1e315e67d0596cbd23220779aaf2 Signed-off-by: Pablo Camarillo <pcamaril@cisco.com>
2017-03-29SR replicate mheap corruption fix VPP-672shwethab4-12/+5
Change-Id: If1c68fc63fa71fab198f2bf4f79bdd7a9841c2e8 Signed-off-by: shwethab <shwetha.bhandari@gmail.com> Signed-off-by: Pablo Camarillo <pcamaril@cisco.com>
2017-03-28Python API: Fixup of debian package after cFFI changes.Ole Troan5-19/+8
Change-Id: I4c2a1a818f28d4c6cf52af45f3b7dbfa41d77ccb Signed-off-by: Ole Troan <ot@cisco.com> (cherry picked from commit afaa85f873a7bff1cf1e32c22f909af3018ccfee)
2017-03-28Implement MAC Flush for BD or Interface from the L2FIBJohn Lo9-49/+258
Allow non-static MACs in the L2FIB which is associated with an interface or a bridge domain (BD) be flushed. MAC flush are initiated automatically when an interface is removed from a BD or when a BD is deleted. MAC flush can also be invoked manually via the following CLI: l2fib mac-flush interface <if-name> l2fib mac-flush bridge-domain <bd-id> Change-Id: Ie33243622834810a765f48ebcd22bdb8e8fc87a4 Signed-off-by: John Lo <loj@cisco.com>
2017-03-28Python-API: debian packaging now depends on python-all (for pybuild)Ole Troan1-1/+1
Change-Id: I6b1dd6bdf03fa506c4b114d15800d9fe03e36395 Signed-off-by: Ole Troan <ot@cisco.com> (cherry picked from commit 9f81d4fe5cfab856e23926bfdb11c03c04838478)
2017-03-28Fix output feature processing (VPP-670)AkshayaNadahalli1-0/+41
Double committing to 17.04 as its a bug-fix. Change-Id: I94539812191ad0eb8abe78e2dad25ab96c780f30 Signed-off-by: AkshayaNadahalli <anadahal@cisco.com>
2017-03-22Change default branch in .gitreviewv17.04-rc1Ole Troan1-0/+1
Change-Id: I204a6125615accaa96b94657e7f76b243c9305d1 Signed-off-by: Ole Troan <ot@cisco.com>
2017-03-22Add memif - packet memory interface for intra-host communicationDamjan Marion13-0/+2774
Change-Id: I94c06b07a39f07ceba87bf3e7fcfc70e43231e8a Signed-off-by: Damjan Marion <damarion@cisco.com> Co-Authored-By: Milan Lenco <Milan.Lenco@pantheon.tech>
2017-03-22Update MAC address kept for Bonded Interface and its SlavesJohn Lo1-23/+32
Change-Id: I9f7f9f840c3c1aad5e8c9a4fa1ba7a58a85cfd9e Signed-off-by: John Lo <loj@cisco.com>
2017-03-22LISP: improve DP speedFilip Tehlar4-4/+29
Change-Id: I5bd0721b70dfc240fa9225df3704774f6b0ede81 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-03-22vlib: add description field in plugin registrationDamjan Marion12-6/+21
Change-Id: I88b322a5d602f3d6d3310e971479180a89430e0e Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-03-22ping: allow the user to send bursts of N packets instead of single packetAndrew Yourtchenko1-10/+42
Change-Id: I3c1d3a2db56487473123e6fec2b076a063473313 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-03-22make test: run all tests in test-cov targetKlement Sekera1-0/+1
Change-Id: I7040c1ecc8b6e5e883420c1c81aa8b70e56263e5 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-03-22make test: support out-of-tree pluginsKlement Sekera2-2/+14
usage: env EXTERN_PLUGINS=/path/to/plugins make test Change-Id: I8eece726dfafeff1cffd921c1e18cd3eb7eb64ed Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-03-22make test: support out-of-tree testsKlement Sekera3-6/+61
env EXTERN_TESTS="/path/to/extra/tests" make test causes to run the default test set and tests collected from test_*.py files under subtree specified in EXTERN_TESTS. Change-Id: I58c5471dd6010730278a5b47d4318737d920bc28 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-03-22dpdk: fix plugin linking with sw crypto librariesSergio Gonzalez Monroy2-20/+32
Change-Id: I3e3bf786ab3c7672ff2cc7acd221421072e3ac8b Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
2017-03-22vhost: support interrupt modeSteven4-32/+392
vhost currently supports only polling mode. This patch is to add interrupt mode. When the interface is configured for interrupt mode, our input node does not get called unless there is a packet in the vring. If a particular CPU has one interface configured for polling mode and another in interrupt, the input node is set to polling for that CPU. This diffs also includes two crashes in vlib's dispatch_node. One is included in https://gerrit.fd.io/r/#/c/5516. The other crash is in the ASSERT. The ASSERT can become true when the caller of dispatch_node is in a loop. The first call converted the node to polling. The second call thereafter will hit the ASSERT. Change-Id: If17b6d48b20d7d8605c6a161459828637173cd32 Signed-off-by: Steven <sluong@cisco.com>
2017-03-22SNAT: added actual delete to snat_det_mapMartin2-12/+49
Change-Id: I8187b43129b80fadd90ea493afb922064f79abbe Signed-off-by: Martin <magalik@cisco.com>
2017-03-22policer: fix byte ordering in policer_details msgMarek Gradzki2-4/+4
Change-Id: Id53131e8cd32bfd35739a7bd7cdbadf3a9f4d941 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-03-22Initial draft of VPP changes to cleanup iOAM export.Vengada8-6/+9
This is needed for iOAM export for NSH. Change-Id: I702934b2cde8b1c07ec5c299d5fcd98dce94c62c Signed-off-by: Vengada <venggovi@cisco.com>
2017-03-21ACL plugin 1.2Andrew Yourtchenko7-19/+2809
L3 path support, L2+L3 unified processing node, skip IPv6 EH support. Change-Id: Iac37a466ba1c035e5c2997b03c0743bfec5c9a08 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-03-21LISP statisticsFilip Tehlar13-46/+639
Change-Id: I399cac46d279e020ba33459ef759d9d29d3ac716 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-03-21armv8 - fix os_cpu_clock_frequency for armv8Gabriel Ganne1-0/+6
System timer of ARMv8 runs at a different frequency than the CPU's. The frequency is fixed, typically in the range 1-50MHz. It can be read at CNTFRQ special register. Change-Id: I6a21a6a9e2df783559df0caec63d5525c2258227 Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
2017-03-20vnet: add device-input threadplacement infraDamjan Marion7-78/+310
This change adds two new debug CLI command: - "show interface placmenet" to display which thread (main or worker) is responsible for processing interface rx queue vpp# show interface placement Thread 0 (vpp_main): node af-packet-input: host-vpp1 queue 0 Thread 1 (vpp_wk_0): node af-packet-input: host-virbr0 queue 0 Thread 2 (vpp_wk_1): node af-packet-input: host-vpp2 queue 0 host-lxcbr0 queue 0 - "set interface placmenet" to assign thread (main or worker) which process specific interface rx queue vpp# set interface placement host-vpp1 queue 0 main Change-Id: Id4dd00cf2b05e10fae2125ac7cb4411b446c5e9c Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-03-18Fix bonded interface name to use instance number starting from 0John Lo3-5/+7
With DPDK 17.02, bonded interface device_index does not start from 0 and may vary depends on the existence of other interfaces. Implement instance number for bonded interface so the interface name can make use of instance number starting from 0. Change-Id: Ia8eb7bd530446faa02ee7c7d1f6abdc22ac60b62 Signed-off-by: John Lo <loj@cisco.com>
2017-03-18Check change in unnumbered setting before updating IP enabled stateNeale Ranns2-6/+23
Change-Id: I6424a083ec889961ba4d0cd1df8348f20436be14 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-17features: remove remaining .end_nodeDamjan Marion1-1/+0
Change-Id: If882adb9c937f57223c524ed87453f3053f616ed Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-03-17PNEUM: Fix Coverity error (missing unlock).Ole Troan1-1/+2
Change-Id: I53433e89d06fbc95e160887517acafc1544e81b5 Signed-off-by: Ole Troan <ot@cisco.com>
2017-03-17Fix bonded ethernet PMD name for DPDK 17.02Alexander Popovsky (apopovsk)2-7/+24
In DPDK 17.02 bonded PMD name is changed from rte_bond_pmd to net_bonding. Change-Id: I1a57a16b0ae68b5fa56a561a4f75981112228572 Signed-off-by: Alexander Popovsky (apopovsk) <apopovsk@cisco.com>
2017-03-1764 bit per-thread countersNeale Ranns8-201/+132
after: TenGigabitEthernet5/0/1-output active 107522 17375708 0 7.22e0 161.60 TenGigabitEthernet5/0/1-tx active 107522 17375708 0 6.93e1 161.60 ip4-input-no-checksum active 107522 17375708 0 2.52e1 161.60 ip4-lookup active 107522 17375708 0 3.10e1 161.60 ip4-rewrite active 107522 17375708 0 2.52e1 161.60 before TenGigabitEthernet5/0/1-output active 433575 110995200 0 6.95e0 256.00 TenGigabitEthernet5/0/1-tx active 433575 110995200 0 7.14e1 256.00 ip4-input-no-checksum active 433575 110995200 0 2.66e1 256.00 ip4-lookup active 433575 110995200 0 3.29e1 256.00 ip4-rewrite active 433575 110995200 0 2.59e1 256.00 Change-Id: I46405bd22189f48a39f06e3443bb7e13f410b539 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-17Fix IP feature ordering.Neale Ranns12-61/+316
Drop comes before lookup when enabled. is_first_or_last is not required when setting a feature, the anchor is added in find_config_with_features(). Don't make the PG interfaces automatically L3 enabled, this way we can have tests that check the L3 protocol disbaled behaviour. Change-Id: Icef22a920b27ff9cec6ab2da6b05f05c532cb60f Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-17MPLS performance improvments.Neale Ranns9-141/+300
1 - Quad loop lookup and label imposition. 2 - optimise imposition for the 1 label case 3 - input gets TTL from header directly (no byte swap) Change-Id: I59204c9e5d134b0df75d7afa43e360f946d1ffe7 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-17Attached hostsNeale Ranns10-30/+269
allow this config to function: set int ip address loop0 169.254.1.1/32 (the default GW address for attached hosts) set int unnumbered af_packet0 use loop0 ('enable' IP on the host interface) ip route add 192.168.1.1/32 via af_packet0 (where to find the host) repeat for each host and host interface. Inter-host communication is throught the /32 routes. To allow this: 1 - attached host routes have the ATTACHED flag set, so the ARP code accepts then as legitimate sources 2 - unnumbered interfaces inherit the source address from the IP interface Change-Id: Ib66c5f0e848c528f79372813adc3a0c11b50717f Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-17Python API: Fix RPM packaging (again).Ole Troan1-4/+6
Change-Id: I5c510cde1227a131ddda58d090cd5dbf112ce1fb Signed-off-by: Ole Troan <ot@cisco.com>
2017-03-17vlib: fix potential crash in dispatch_node ELOG_DATA callSteven1-2/+11
dispatch_node may be invoked from vlib main or worker threads. The call to ELOG_DATA in dispatch_node passes the parameter &vm->elog_main. It works fine when dispatch_node is invoked from the main thread. It does bad thing when it is invoked from the worker thread. While we are at it, make two additional enhancements to the same area. 1. Use ELOG_TRACK_DATA instead of ELOG_DATA to enhance g2 viewer presentation. 2. Since ELOG_DATA is in the data path, it could get very chatty. Make the call to ELOG_TRACK_DATA conditional compile. Change-Id: I80ca0eea10bc1e5d0d5549f9844dd9a34dbb65a2 Signed-off-by: Steven <sluong@cisco.com>
2017-03-17Cache a 'has-features' flag on the adjacency for faster access. Reclaim the ↵Neale Ranns12-162/+162
node_index memeber from the rewrite for space - this is only used for formtting before: ip4-rewrite * * * * 2.66e1 256.00 after: ip4-rewrite * * * * 2.40e1 256.00 Change-Id: Ic397150727cad38811564777419ad6bd26b8a3a6 Signed-off-by: Neale Ranns <nranns@wasa-ucs-11.cisco.com>
2017-03-17Use the feature anchor in the MPLS input arc - it performs much betterNeale Ranns3-7/+9
Change-Id: I3d64ddb248478accd4d9b3124f018c9aab63a60f Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-17Adjacency refinement; check the cover's interface against the adjacency'sNeale Ranns3-24/+150
Change-Id: I3fa2f35056b74e479288bb956f2713f727a81c72 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-16Add epel-rpm-macros for CentOS/RHEL install-depAlexander Popovsky (apopovsk)1-1/+1
%py2_install is required by vpp-api-python and is not available on bare CentOS/RHEL install, causing 'fg: no job control' error. Added 'epel-rpm-macros' to the list of EPEL dependencies Change-Id: I1e09d7d825d9d8db06e7385d2b8d5579c8ce748b Signed-off-by: Alexander Popovsky (apopovsk) <apopovsk@cisco.com>
2017-03-16vlib: additional runtime_data checksDamjan Marion1-8/+14
Change-Id: I9b6ed9741fae89bdefa6f601398eb63a21155069 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-03-16ping: Fix coverity error 163907Andrew Yourtchenko2-0/+6
Return an error if the ip6_interface_first_address decides to return NULL. Change-Id: Iea0184382b8fbe2af81a781c3671687a1fbb5b32 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>