aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2019-06-03ARP: add feature arcNeale Ranns7-168/+508
- arp-input, registered with the ethernet protocol dispatcher, performs basic checks and starts the arc - arp-reply; first feature on the arc replies to requests and learns from responses (no functional change) - arp-proxy; checks against the proxy DB arp-reply and arp-proxy are enabled when the interface is appropriately configured. Change-Id: I7d1bbabdb8c8b8187cac75e663daa4a5a7ce382a Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-06-03crypto_ia32: native AES-GCM implementationDamjan Marion5-1/+1046
Change-Id: I006a150577e897731649f21908b4789e2eb485c3 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-06-03vom: Add bridge domain arp unicast forwarding flagMohsin Kazmi4-3/+48
Change-Id: Iede47e8d9e168125bcd938cca6182c9270dcb5c4 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2019-06-02IPSec: memcpy of integ key borkNeale Ranns1-1/+1
Change-Id: Icd76769d841792eb2d59ffc23c557dcca9ddc580 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-05-31VPP-1692: move NULL pointer checkDave Barach1-5/+5
TBH, this looks like merge damage or some such. Perfectly fine NULL pointer check, about three lines after it was needed. Change-Id: I52831062e30533a59fb76b644ee5ae389676d2ae Signed-off-by: Dave Barach <dave@barachs.net>
2019-05-31tools: FEATURE.yaml meta-data infrastructureOle Troan6-3/+191
Add tooling for feature metadata configuration files. The main tool is in src/scripts/fts.py make checkfeaturelist to validate against schema. make featurelist to dump all feature lists to stdout. Example feature definition: name: IP in IP tunnelling maintainer: Ole Troan <ot@cisco.com> features: - IPv4/IPv6 over IPv4/IPv6 encapsulation: - Fragmentation and Reassembly - Configurable MTU - Inner to outer Traffic Class / TOS copy - Configurable Traffic Class / TOS - ICMPv4 / ICMPv6 proxying - 6RD (RFC5969): - Border Relay description: "Implements IP{v4,v6} over IP{v4,v6} tunnelling as described in RFC2473. This module also implement the border relay of 6RD (RFC5969)." state: production properties: [API, CLI, STATS, MULTITHREAD] missing: - Tunnel PMTUD - Tracking of FIB state for tunnel state - IPv6 extension headers (Tunnel encapsulation limit option) JSON schema is embedded in fts.py Example markdown: https://github.com/otroan/scratch/blob/master/features.md Change-Id: I903b4ee6b316a9378c259e86dc937092e5d4b7da Type: make Signed-off-by: Ole Troan <ot@cisco.com>
2019-05-31VPP-1640 - Missing rules in vpp-selinux-policyBilly McFall1-1/+2
SELinux exceptions occurring for host interfaces and with the vmxnet3 driver. Change-Id: Ia22bd82572acfa07ae287a755830abe1413f9939 Signed-off-by: Billy McFall <bmcfall@redhat.com>
2019-05-31VPP-1679 - SElinux rules are not set accordinglyBilly McFall1-2/+4
Updates to the VPP SELinux policy to support the MLX5 DPDK driver. Change-Id: I089ede88a5e9c4152178f8cf9be5ee14d8a9130f Signed-off-by: Billy McFall <bmcfall@redhat.com>
2019-05-31VPP-1640 - Missing rules in vpp-selinux-policyBilly McFall1-0/+212
Add additional section to the SELinux documentation to describe how to collect debug information when SELinux issues are encountered. This is purely a documentation change. Note: Merged seperate from SELinux Policy change in case policy change needs to be cherry-picked to older releases. Change-Id: I7ba3d3c7d84171b503d956eb01e13a680b4d53fc Signed-off-by: Billy McFall <bmcfall@redhat.com>
2019-05-31crypo_ia32: don't optimize debug buildsDamjan Marion2-1/+5
Type: fix Fixes: d5023a72 Change-Id: I17cf7887d1274cf3ca9301ec87b8c8f539359456 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-05-31Update vnet hardware flags if link state changesDave Barach1-1/+9
Explains a variety of hard-to-diagnose problems with certain Atom and Denverton NIC types. I finally tripped over a highly-repeatable failure: home gateway use-case bitten by refusal to negotiate a DHCP lease for the trunk port. The dhcp client won't send pkts unless VNET_HW_INTERFACE_FLAG_LINK_UP is set on the tx hw interface: /* Interface(s) down? */ if ((hw->flags & VNET_HW_INTERFACE_FLAG_LINK_UP) == 0) return; Change-Id: I17ef2ba7b39078555fa27d2d874a60c67e1530ee Signed-off-by: Dave Barach <dave@barachs.net>
2019-05-31bonding: add support for numa awarenessZhiyong Yang4-12/+90
This patch enables bonding numa awareness on multi-socket server working in active-backeup mode. The VPP adds capability for automatically preferring slave with local numa node in order to reduces the load on the QPI-bus and improve system overall performance in multi-socket use cases. Users doesn't need to add any extra operation as usual. Change-Id: Iec267375fc399a9a0c0a7dca649fadb994d36671 Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
2019-05-30nat44: fix CLI doc errorjackiechen19851-2/+2
Change-Id: Iac6bd29389839c9eb8c1ff2105b4da69b6e1ce3e Signed-off-by: jackiechen1985 <xiaobo.chen@tieto.com>
2019-05-30IP load-balance; perf improvement using the usual reciepeNeale Ranns2-305/+233
before and after: ip4-load-balance 1.54e1 ip4-load-balance 1.36e1 p.s. Quad loops were not beneficial Change-Id: I7bc01fc26288f0490af74db2b1b7993526c3d982 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-05-30FIB: correctly report IPv6 FIB Unicast and Multicast memory usage (VPP-1578)"Neale Ranns9-18/+320
and document scaling Change-Id: I65d8999e65616d77e525963c770d91e9b0d5e593 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-05-3019.04.1 Release NotesDave Wallace1-7/+16
Change-Id: I2a69b29b9ecea2bfdf1832c184c7e63058a33b94 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2019-05-30lisp-cp: start lisp retry service on demandFlorin Coras2-8/+18
Change-Id: I07681d94301e19389dda0caacd5a93b21d9aff1f Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-05-30sample-plugin: refactor .api to use explicit typesOle Troan1-8/+9
Use explicit types in .api definition. Change-Id: Ib4c3c4ab6282a6d443e3d19af029dc091b462dac Type: refactor Signed-off-by: Ole Troan <ot@cisco.com>
2019-05-30ipip: refactor ipip.api with explicit typesOle Troan4-61/+84
Use explicit types vl_api_address/prefix in ipip.api. Change-Id: Ib3133cebdbe4437742924efd49cde4009c4cc31b Type: refactor Signed-off-by: Ole Troan <ot@cisco.com>
2019-05-30dpdk: remove bonding codeDamjan Marion7-252/+12
We have native implementation and we should not maintain both.... Change-Id: Ic09ebffda52cdc733b3cfeff06690e0d3cc08084 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-05-30dpdk: bump to 19.05Damjan Marion2-1/+4
Change-Id: I738ff20a1ebb1cc70fb6ddb40791b6747cada372 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-05-30NAT: create bypass in correct thread if workers>1Alexander Chernavin1-9/+40
Change-Id: I70817579a09a7026f5fa7c8e71babded891ea285 Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2019-05-30Start the dns resolver process on demandDave Barach3-8/+19
Change-Id: Iab27b405fb3ca7aed94ae974d57c286c41298c3a Signed-off-by: Dave Barach <dave@barachs.net>
2019-05-30IPsec: modify post-decrypt buf len calculationMatthew G Smith1-2/+2
For tunnel mode, after decryption the buffer length was being adjusted by adding (iv length + esp header size). Subtract it instead. Required for BFD to work on an IPsec tunnel interface. BFD verifies that the amount of received data is the expected size. It drops the packet if the buffer metadata says that the packet buffer contains more data than the packet headers say it should. Change-Id: I3146d5c3cbf1cceccc9989eefbc9a59e604e9975 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2019-05-30mpls: leverage vlib_buffer_advanceZhiyong Yang1-7/+4
Change-Id: I363a4444f4d296f04371acd65c702b1a1ce70913 Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
2019-05-30osi_input: leverage vlib_buffer_get_currentZhiyong Yang1-3/+3
Change-Id: Ib9297b712ff7d08bf085fb0b6c9e6ffd83c5fa57 Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
2019-05-29gtpu: unit-test check udp portsJakub Grajciar1-0/+87
Change-Id: I3efbbb1aefb43ecdf7016541b97343f9ca41f842 Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
2019-05-29ipsec: fix perf issue in esp_aad_fillDamjan Marion1-4/+7
Type: fix Fixes: 47feb11 Change-Id: I6b3b97cd361eef19c910c14fd06edb001a4c191b Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-05-29Start the cdp period process on demandDave Barach4-22/+20
Change-Id: I219b270f905dad5939ab38e933712845c314286d Signed-off-by: Dave Barach <dave@barachs.net>
2019-05-29vxlan-gbp: prefetch encap header memory areaZhiyong Yang1-66/+70
This patch helps save 4.1 clocks/pkt from 62.9 to 58.8 clocks/pkt on Skylake. Change-Id: I749a88a8fa6c78243441a89d6afcd04f106af3da Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
2019-05-29emacs-skeleton: improve generated .api filesDave Barach3-29/+58
Type cleanups: s/u8/bool/ for "enable_disable" s/u32/vl_api_interface_index_t/ for "sw_if_index" Add an API version stamp. Add a doxygen tag for the binary API. Add Apache-2 licence text. Change-Id: I2fa168336efb0f1d9b9b6dec945589cbc5fd5595 Signed-off-by: Dave Barach <dave@barachs.net>
2019-05-29Tests: vpp_pg_interface. Don't rewrite Dot1AD ethertype.Paul Vinciguerra1-11/+0
Type: Refactor Change-Id: I42f65bcc76e4b0fcfbfe051c1c382a940bff1b3a Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-05-29make test: fix packet counter assertKlement Sekera3-27/+33
Change-Id: Ic6e6ac0629bbf07f7dad1803a85aabfdccbc2035 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-05-29dpdk: make sure each segment have initalized rte_mbufDamjan Marion1-12/+4
Change-Id: I0e28d059143fb7489d27a10c5b4a152d0d7dfb1f Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-05-29make: git commit templateOle Troan2-0/+48
Add a commit template for tagging of commits with a type. Later tooling can then process the commit log and generate reports of new features etc. Usage: The template is automatically added to the current repository by make install-dep. (git config commit.template .git_commit_template.txt) Type: make Change-Id: I485d61f9852b7390e4f0539d737ab210f7b0723a Signed-off-by: Ole Troan <ot@cisco.com>
2019-05-29Break out the broom for some cleanup workDave Barach6-35/+78
Maintain the MAINTAINERS file. Removed src/plugins/*.am listings. Added a couple of plugins. Add vlib_process_create (vlib_main_t *vm, char *name, vlib_node_function_t *f, u32 log2_n_stack_bytes); /** @brief Create a vlib process * @param vm &vlib_global_main * @param f the process node function * @param log2_n_stack_bytes size of the process stack, defaults to 16K * @return newly-create node index * @warning call only on the main thread. Barrier sync required. */ This function makes it easy to spin up periodic processes when features are enabled for the first time. That coding pattern is highly recommended. Update the emacs-lisp plugin generator to use vlib_process_create, instead of generating static periodic process nodes. Change-Id: Icda33e93b9034779d3a3e228cd1110af14b058a5 Signed-off-by: Dave Barach <dave@barachs.net>
2019-05-29map: Use vl_api_string macros.Paul Vinciguerra3-31/+53
* Add optional tag to api call in tests * Add test for map_domain_dump() for api code coverage. Type: fix Change-Id: I2f7784aecdca4bf9e94de3319f959786e3d2c607 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-05-29plugins: http_static. Migrate to use api string type.Paul Vinciguerra3-11/+23
This is not my core competency. Reviews/feedback/suggestions welcomed. ;) Tested with: rv = self.vapi.http_static_enable( fifo_size = 1, cache_size_limit = 1000000, prealloc_fifos = 0, private_segment_size = 0, uri="tcp://0.0.0.0/80", www_root = "/var/tmp/run/vpp/html" ) DBGvpp# show http static server www_root /var/tmp/run/vpp/html, cache size 0 bytes, limit 1000000 bytes, evictions 0 Change-Id: I0f660753317ceedab89da1b65701a24d6f7145de Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-05-28nsim: remove buffer u32 upper boundKorian Edeline1-1/+1
Extreme BDP flows requires more buffer memory. Change-Id: I1134be248c6bdd719fa1a033bca41414ceb73371 Signed-off-by: Korian Edeline <korian.edeline@ulg.ac.be>
2019-05-28docs: Add some packages for building the docsjdenisco2-2/+13
Change-Id: I7af427ba6378ddd8480a153a65ec11c578bab12e Signed-off-by: jdenisco <jdenisco@cisco.com>
2019-05-28l2tp: l2tp-decap-local don't accept packets unless configuredJakub Grajciar4-10/+58
Change-Id: I2e48eb772dc44912192d0684b8ee631d8d975e9e Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
2019-05-28make test: add option in pg interfaces for duplicating packetsAlexandre Poirrier1-2/+12
Change-Id: Ia6d6de5de0414291d5637fb4b8c1480925f646d3 Signed-off-by: Alexandre Poirrier <apoirrie@cisco.com>
2019-05-28ipsec: ah_encrypt reworkFilip Tehlar1-194/+280
call crypto backend only once per node call Change-Id: I0faab89f603424f6c6ac0db28cc1a2b2c025093e Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2019-05-28docs: Add VPP API language documentationOle Troan2-0/+344
Initial commit of VPP API language documentation. Change-Id: Ied67203265319a8603086486c9031e723484c501 Signed-off-by: Ole Troan <ot@cisco.com>
2019-05-28Punt: socket register for exception dispatched/punted packets based on reasonNeale Ranns22-1137/+2066
- add to the Punt API to allow different descriptions of the desired packets: UDP or exceptions - move the punt nodes into punt_node.c - improve tests (test that the correct packets are punted to the registered socket) Change-Id: I1a133dec88106874993cba1f5a439cd26b2fef72 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-05-28Add an ip6 local hop-by-hop protocol demux tableDave Barach5-27/+357
Add a minimal ip6 hbh header processing test. ioam plugin: use ip6_local_hop_by_hop_register_protocol() in udp_ping_init(). Please test the ioam plugin udp_ping path AYEC, so I can publish the patch. Change-Id: I74e35276d6c38c31022026cfd238fad5e4a54485 Signed-off-by: Dave Barach <dave@barachs.net>
2019-05-28nat44: make nat44-ed-hairpin-src follow arcMatthew Smith1-1/+1
It defaults to using interface-output as the next node. If other output features are enabled on the ip4-output arc, they get skipped. That makes me sad. Change-Id: I3f4d3320fb8092918e1e0663c66baca1c74c26ec Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2019-05-28gre: don't register gre input nodes unless a gre tunnel is createdJakub Grajciar3-3/+50
Change-Id: Id5c0f420e32e0504cea660fed2013f3ad28088aa Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
2019-05-28papi: avoid IOError on disconnectVratko Polak2-6/+18
Change-Id: I331efb20b98a7e3c507d9158d0221ee7d5353b18 Signed-off-by: Vratko Polak <vrpolak@cisco.com>
2019-05-28tap: crash in multi-thread environmentMohsin Kazmi3-5/+4
In tap tx routine, virtio_interface_tx_inline, there used to be an interface spinlock to ensure packets are processed in an orderly fashion clib_spinlock_lock_if_init (&vif->lockp); When virtio code was introduced in 19.04, that line is changed to clib_spinlock_lock_if_init (&vring->lockp); to accommodate multi-queues. Unfortunately, althrough the spinlock exists in the vring, it was never initialized for tap, only for virtio. As a result, many nasty things can happen when running tap interface in multi-thread environment. Crash is inevitable. The fix is to initialize vring->lockp for tap and remove vif->lockp as it is not used anymore. Change-Id: I82b15d3e9b0fb6add9b9ac49bf602a538946634a Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> (cherry picked from commit c2c89782d34df0dc7197b18b042b4c2464a101ef)