aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2018-05-13Improve ipfix template packet rewrite constructionDave Barach9-28/+180
Instead of repeatedly cutting, pasting, and hacking to create a new callback, use vnet_flow_rewrite_generic_callback(). Add three arguments to the flow rewrite callback: (in) pointer to an array of report elements, (in) length of array, (out) pointer to the stream index Change existing code prototypes. Code owners encouraged to evaluate whether they can use the generic callback or not, at leisure. /* ipfix field definitions for a particular report */ typedef struct { u32 info_element; u32 size; } ipfix_report_element_t; Best generated like so: _(sourceIPv4Address, 4) \ _(destinationIPv4Address, 4) \ _(sourceTransportPort, 2) \ _(destinationTransportPort, 2) \ _(protocolIdentifier, 1) \ _(flowStartMicroseconds, 8) \ _(flowEndMicroseconds, 8) static ipfix_report_element_t simple_report_elements[] = { foreach_simple_report_ipfix_element }; ... /* Set up the ipfix report */ memset (&a, 0, sizeof (a)); a.is_add = 1 /* to enable the report */ ; a.domain_id = 1 /* pick a domain ID */ ; a.src_port = UDP_DST_PORT_ipfix /* src port for reports */ ; a.rewrite_callback = vnet_flow_rewrite_generic_callback; a.report_elements = simple_report_elements; a.n_report_elements = ARRAY_LEN (simple_report_elements); a.stream_indexp = &jim->stream_index; a.flow_data_callback = simple_flow_data_callback; /* Create the report */ rv = vnet_flow_report_add_del (frm, &a, &template_id); if (rv) return rv; ... Change-Id: If6131e6821d3a37a29269c0d58040cdf18ff05e4 Signed-off-by: Dave Barach <dave@barachs.net>
2018-05-13session: improve app verbose format functionFlorin Coras1-5/+6
Change-Id: Idae4ecb60351f2e74bad2f2a33c073de8412fcb0 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-05-13session: alloc one frame per output node dispatchFlorin Coras5-54/+94
Change-Id: I1f7877af61f3726cfb7b93ce7893f6df23e866a6 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-05-12dpdk: Add constants for failsafe PMDRui Cai2-2/+13
Adding name, enum constants and formatting code for failsafe PMD. This is part of initial effort to enable vpp running over dpdk on failsafe PMD in Microsoft Azure(2/4). Change-Id: I4eb0093db9f666e2635f7ddff451e3c9064bd0c4 Signed-off-by: Rui Cai <rucai@microsoft.com>
2018-05-12dpdk: Add build related keywords for failsafe PMDRui Cai4-1/+13
Added build related keywords for TAP, FAILSAFE PMD and also added some missing keywords for mlx4 PMD This is part of initial effort to enable vpp running over dpdk on failsafe PMD in Microsoft Azure (1/4). Change-Id: I2aebf209fbc6db030185f41971b51a593a003a3a Signed-off-by: Rui Cai <rucai@microsoft.com>
2018-05-11dpdk: fix Unknown interface with Mellanox NICSteve Shin1-1/+1
When port_type_from_speed_capa() is called before the port link update isn't completed, xd->port_type becomes VNET_DPDK_PORT_TYPE_UNKNOWN. This happens with Mellanox NIC without lsc interrupt. Calling rte_eth_link_get before getting dev_info will ensure the link state is up-to-date. Change-Id: I83a59654778eb4bf0c65a4a4e225a326227b9641 Signed-off-by: Steve Shin <jonshin@cisco.com>
2018-05-11Periodic scan and probe of IP neighbors to maintain neighbor poolsJohn Lo14-14/+651
Scan IPv4 and IPv6 neigbor pool entries once a minute to keep them up to date. The neighbor of an entry is probed if its time-stamp is older than 1 minute. If the neighbor respond, its time-stamp will be updated. If there is no response from a neighbor, its entry will be deleted when the time-stamp of the entry become more than 4 minutes old. Static neighbor entries are not probed nor deleted. Implemented CLI and API to enable and disable priodic scan of IPv4, IPv6 or both types of IP neighbors. CLI is "ip scan-neighbor" and API is "ip_scan_neighbor_enable_disable". Other IP neighbor scan parameters can also be changed from their defaults via the CLI/API. Change-Id: Id1a0a934ace15d03db845aa698bcbb9cdabebfcd Signed-off-by: John Lo <loj@cisco.com>
2018-05-11make test: reorganize ipsec_ah test codeKlement Sekera1-191/+124
Change-Id: Ie0eb0127affd3d771d19bb7c60e79c31858d82cd Signed-off-by: Klement Sekera <ksekera@cisco.com>
2018-05-11VPP-1275 Fix memory leaks in IPsec CLIKlement Sekera2-55/+84
Change-Id: I1f7c634328f25b33580a215af2daeb498cd3b181 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2018-05-11Add ipfix exporter coding guideDave Barach1-0/+375
Change-Id: Iaa28f96d613d6fb75bd29958d757de206448eb22 Signed-off-by: Dave Barach <dave@barachs.net>
2018-05-11Fix issue with xconnect not working on the main interfaceDamjan Marion1-9/+6
Due to union, l2 sub-interface bits were wrongly set causing sporadic misconfiguration of l2 mode on some interfaces. Change-Id: Id77ee281e3a0030878641a786c22ffe16ce1c759 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-05-10Remove the historical memfd api segment bootstrapDave Barach3-252/+58
Clean up default and vpp_api_test custom private api segment allocator ring configurations. Change-Id: I145b6d64ba0a6315b5ccb07909c8256eeb772146 Signed-off-by: Dave Barach <dave@barachs.net>
2018-05-10vppinfra: use count_trailing_zeros in sparse_vec_indexDamjan Marion8-84/+46
It is much cheaper to use ctzll than to do shift,subtract and mask in likely case when we are looking for 1st set bit in the uword. Change-Id: I31954081571978878c7098bafad0c85a91755fa2 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-05-10NAT44: sessions counters per user fix (VPP-1270)Matus Fabian2-6/+31
Change-Id: I6306b81e0e1c3e1c591f929a76bb265c1c1d0859 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-05-10vnet: device flow offload infraDamjan Marion18-0/+1335
Change-Id: Ibea4a96bdec5e368301a03d8b11a0712fa0265e0 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-05-10session: fix proxy app multithreadingFlorin Coras1-15/+50
Change-Id: Ic5304749935f69018eb00183bb4670bb9f16273c Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-05-10Change the way IP header pointer is calculated in esp_decrypt nodesSzymon Sliwa3-4/+18
The pointer to IP header was derived from l3_hdr_offset, which would be ok, if l3_hdr_offset was valid. But it does not have to be, so it was a bad solution. Now the previous nodes mark whether it is a IPv6 or IPv4 packet tyle, and in esp_decrypt we count get ip header pointer by substracting the size of the ip header from the pointer to esp header (which lies in front of the ip header). Change-Id: I6d425b90931053711e8ce9126811b77ae6002a16 Signed-off-by: Szymon Sliwa <szs@semihalf.com>
2018-05-10DHCP4 client process replies when renewing leaseMatthew Smith1-16/+24
When a DHCP client is in the bound state, it wakes up halfway through it's lease (by default) to try and renew the lease. The ip4-dhcp-client-detect is not enabled as a feature at this point, so replies sent from the DHCP server do not get applied to the lease. Eventually the lease expires, the address is removed from the interface, a new discovery is performed and the same address is added back to the interface. Before sending a request to renew in the bound state, enable the feature to process the reply. Change-Id: I95332ee0596f47df6f3c8bf8e3f0698dde9a1fc5 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2018-05-10vppinfra: use popcnt instruction when availableDamjan Marion1-0/+8
Change-Id: Id02d613b8613a2d448840fe2d6a5e3b168a3c563 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-05-10tcp: fix jumbo retransmitsFlorin Coras1-42/+42
Change-Id: I1c8a14d4d51aa730f0edcf491e3c4725e2d8bd66 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-05-10dpdk:fix tx countEyal Bari1-1/+2
Change-Id: I921465ea64b59d42674cc8f19069ed04e3b25026 Signed-off-by: Eyal Bari <ebari@cisco.com>
2018-05-09dpdk: fix free of tx dropped packetsFlorin Coras1-1/+1
Change-Id: I3669068f694614f8555b33bf0b703c41e45363ef Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-05-09ipsec: support UDP encap/decap for NAT traversalKlement Sekera13-48/+366
Change-Id: I65c12617ad49e4d5ef242e53988782f0cefa5684 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2018-05-09session: cleanup session tx functionFlorin Coras9-376/+532
- rework the function to declutter and avoid building more than one tx frame - add dual loop although benefits in my tests seem to be minimal - improve tcp/udp echo external apps. They have slightly better throughput than internal echo apps. - udp bugfixes Change-Id: Iea4a245b1b1bb407a7f403dedcce2664a49f774b Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-05-09dpdk: tx code reworkDamjan Marion4-261/+170
Change-Id: Ifea9c772e8784642433b92091f5769eb9ec06890 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-05-09dpdk:fix mbuf index typo'sEyal Bari1-4/+4
Change-Id: I387b22427b3f322969bcf32fcfc189123c8ed6ae Signed-off-by: Eyal Bari <ebari@cisco.com>
2018-05-08NAT44: TCP connection close detection (VPP-1266)Matus Fabian8-57/+364
Change-Id: Iba1cc1179ee80478e29888790a6476571d1904dc Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-05-07opensuse: OS_ID field content changed for SUSEMarco Varlese1-1/+1
Change-Id: I4bb582d55b1071d3581155eb158995ca5153ba3c Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2018-05-07dpdk: improve perf of buffer indices calc in the input nodeDamjan Marion1-34/+53
Change-Id: I16557189aa4a763ec496cb4a45f6e12f2d46971f Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-05-07fix: AttributeError: module 'os' has no attribute 'cwd'Andrey "Zed" Zaikin1-1/+1
Change-Id: I1c49a12ef7fa7bd0046f1a420b01c1654b6d21ec Signed-off-by: Andrey "Zed" Zaikin <zed.0xff@gmail.com>
2018-05-07BFD: Fix format_ip46_address() parameter ordering.Jon Loeliger1-1/+1
Change-Id: I2b50e3fc06b4e905395d4706083f12ebc76826ce Signed-off-by: Jon Loeliger <jdl@netgate.com>
2018-05-07vxlan:vxlan.c conform coding styleEyal Bari1-354/+374
Change-Id: I9937912cd760698e39044e8ae022a90b58c8db30 Signed-off-by: Eyal Bari <ebari@cisco.com>
2018-05-05autodetect alignment during _vec_resizeDamjan Marion5-8/+12
Change-Id: I2896dbde78b5d58dc706756f4c76632c303557ae Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-05-04ipsec: allow null/null for crypto/integ algorithms pairRadu Nicolau4-7/+8
Change-Id: Ic1e189c22e3d344d165e0eab05ccb667eef088a9 Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
2018-05-04Add python lex and yacc to spec file build requirements.Thomas F Herbert1-3/+3
Change-Id: Icf1a30c9df4d3298407c00383020debe99acdbff Signed-off-by: Thomas F Herbert <therbert@redhat.com>
2018-05-04Flow: Rename IPFIX exporter.Ole Troan16-25/+25
Change-Id: I9363cf54b73f7cfd8622af6f1cb250438ea0d3b6 Signed-off-by: Ole Troan <ot@cisco.com>
2018-05-04build-data: Common makefile for NXP DPAA1/DPAA2 platformsSachin Saxena2-66/+87
- Same makefile will be used to support DPAA1 and DPAA2 platforms. - Support added to have both on Host compilation as well as Cross compilation. - If Cross compiling, by default NXP cutomized toolchain "aarch64-fsl-linux" will be used. To use Linaro toolchains, please set env variable CROSS_PREFIX. Like: export CROSS_PREFIX=aarch64-linux-gnu - Added CPU_MTUNE to modify xxx_mtune , if CPU is not A72 which is default. - You may set DPDK_PATH to dpdk installation folder, if wish to use locally compiled DPDK. - In case of Cross compilation, OPENSSL_PATH will be required to include OPENSSL libs. Change-Id: I9057dfc57522b60e306810f684b3085bfccf85e9 Signed-off-by: Sachin Saxena <sachin.saxena@nxp.com>
2018-05-04Harmonize vec/pool_get_aligned object sizes and alignment requestsDave Barach49-15/+185
Object sizes must evenly divide alignment requests, or vice versa. Otherwise, only the first object will be aligned as requested. Three choices: add CLIB_CACHE_LINE_ALIGN_MARK(align_me) at the end of structures, manually pad to an even divisor or multiple of the alignment request, or use plain vectors/pools. static assert for enforcement. Change-Id: I41aa6ff1a58267301d32aaf4b9cd24678ac1c147 Signed-off-by: Dave Barach <dbarach@cisco.com>
2018-05-04arm64: Avoid setting march to corei7 when Cross Compiling for ARMSachin Saxena1-3/+3
When Cross-compiling VPP for arm64 target and build machine is x86_64, based on build_cpu value, the march variable is set to corei7 which is an unrecoganized option for ARM tool chain. This breaks the VPP compilation. Change-Id: I4cba5b4990e7cf0bdc1403e90c3d18110900bbef Signed-off-by: Sachin Saxena <sachin.saxena@nxp.com>
2018-05-04Address compilation issues with Java > 1.8Marco Varlese1-8/+3
This patch addresses the changes in the JDK to build headers (javah no longer available) Change-Id: I3e94b1cf97c8c474535c26b75ea08379338fe0af Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2018-05-04Fix format for the dst address in the STN traceMilan Lenco1-2/+2
Output string 's' was not assigned the return value of format() for the destination address, which, in case the underlying memory was moved by the realloc, resulted in an invalid memory access by the subsequent invocations of format(). Change-Id: I2b5dfd85db085c553ca5ec0b3257aeeb437c360a Signed-off-by: Milan Lenco <milan.lenco@pantheon.tech>
2018-05-04VAPI: support VLAs in type definitionsKlement Sekera3-59/+57
Change-Id: I8d54415972d6644190857175b0e895c5319ce7b6 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2018-05-03NAT: fix bin API dump of static mappings.Milan Lenco1-2/+5
Static mappings with equal local and external IPs but different ports were dumped as identity mappings. Change-Id: Ifea7cef5b78aea4c2eb31cf1620185eeef2681e5 Signed-off-by: Milan Lenco <milan.lenco@pantheon.tech>
2018-05-03MPLS prefetch fixesNeale Ranns2-15/+15
Change-Id: I565d79af410825c72f291ab40178883b1bc6f1df Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-05-03NAT44: fix VAT nat44_user_session_detailsMatus Fabian1-4/+5
Change-Id: If379247f0574fbfcca39e752684bf6c81b95187b Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-05-03NAT44 segv on unknown proto on inside interfaceMatthew Smith1-22/+25
When a packet with an unknown proto arrives on an inside interface and there are no existing sessions for the source address, a segv occurs. snat_in2out_unknown_proto() finds the head of the sessions dlist, fetches the address of the next element using head->next, and then dereferences the next element. On the first packet received from a source address, head->next is ~0, so this results in a segv. Check that the session list is not empty before trying to traverse it. Also removed unnecessary lookup against tsm->user_hash. Prior call to nat_user_get_or_create() already performed that lookup and added a user if one didn't exist. Change-Id: If73e79aa2f8e3962ab7b876ecf55aea40d7a5472 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2018-05-03tcp: fix echo server rx retries counter vec allocFlorin Coras1-0/+2
If sessions are not preallocated, the rx retries counters are not correctly validated/initialized Change-Id: Iaf7456f3a0e2181fcea0c370613d694f8e98276d Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-05-02Fix CentOS 7 build issue with vxlanMatthew Smith1-2/+4
Two vxlan union/struct initializations caused gcc on CentOS 7 to puke. Modified them to make the build work again. Change-Id: Iad667444b86cfde5ee4329993b520028d3b593ad Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2018-05-02Scapy; update to release 2.4.0Neale Ranns1-1/+1
Change-Id: Ibcae49ab106efa9cd0ff60be60904ac5a2fc0b65 Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2018-05-02vxlan:encap - use vnet rewriteeyal bari3-53/+50
moving the rewrite into the tunnel struct Change-Id: Iec74b48e13456d32957e826cffb5ea35a8ebd1a0 Signed-off-by: Eyal Bari <ebari@cisco.com>