Age | Commit message (Collapse) | Author | Files | Lines |
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ic904abedcd270c95e782159170d457bc396424a0
|
|
Type: fix
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: Ib1eabbc87a573c660ac251602d631f167928259b
|
|
To enable add "app-socket-api /path/to/socket" to vcl.conf. On vpp side, add
use-app-socket-api to session stanza in startup.conf
VPP allocates a socket per application namespace which it places in the
app_ns_sockets subfolder of the run folder (default /var/run/vpp). The
socket used implicitly selects the app namespace for the vcl app.
Type: feature
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ifc14b93dcbf6ef9bed1852d46cd069f4855b92ef
|
|
Type: refactor
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I0391db5c3ad038265cb8ebf9de02925653e35959
|
|
This is an af_unix socket alternative to the binary api. To enable it,
add use-app-socket-api under session stanza in startup.conf. When the
socket api is enabled, attachments through the binary api are disabled.
The socket api only works with memfd fifo segments, i.e., shm segments
are not supported.
Type: feature
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I55ffcee201d004846daeeec85c700c7e7a578d43
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ibbe438aa6f2fe6d9f55c56ca6d3aec1a29b32cad
|
|
Type: fix
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: Icc1c458474d357c7d9b3b4df1897500de0c314a1
|
|
The dslite plugin would on plugin load initialize large bihash datastructures.
Postpone until configured.
Type: improvement
Change-Id: Ie790ab8c5fc39fac18153acd54dcd051805e763a
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Type: improvement
Change-Id: Ie44dbf9396cfed19dba153810b7bd76ce5377cd4
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: fix
Change-Id: If44c807d188b3e88d819f4132d73e6a34402a525
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Type: fix
add UT for sneding handshale init and transport packets
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: Iab1ed8864c666d5a0ae0b2364a9ca4de3c8770dc
|
|
In the vat help msg for one_add_del_l2_arp_entry the IP address option
is misspelled as "ip4 <ip4>" when it should have been "ip <ip4>".
Type: fix
Signed-off-by: Onong Tayeng <otayeng@cisco.com>
Change-Id: Id4058a3ddfdb78b840d7e5a3c330e67b393f5d3b
|
|
Change-Id: Ic40bf11210cf1c36420578281f5a42668bad9801
Type: docs
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Type: fix
Change-Id: I4c19636c2be8a577c6cba272708cb04bcc24785b
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
The lisp|one show eid-table command's help msg does not display the
available options. This patch fixes that.
show lisp eid-table [local|remote|eid <eid>]
show one eid-table [local|remote|eid <eid>]
Type: fix
Signed-off-by: Onong Tayeng <otayeng@cisco.com>
Change-Id: Id39148db2ff291a7fe859830c1488b69ccd15c05
|
|
Type: fix
Signed-off-by: Chenmin Sun <chenmin.sun@intel.com>
Change-Id: Ie328834159687cdb4314c37d36697f2fb9081fbd
|
|
Type: improvement
Change-Id: Ib64c9b8207776986656e5a26c13a221edc6cc950
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Avoid situations where promisc mode is chaged while avf process
is suspended in the middle of adminq operation.
Type: fix
Change-Id: Ia1fc6551e83218b5938630ad3a15d4f3f0ceceff
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Multiple (> 1) workers leads to handoff node being enabled.
This node pops next feature index to nat.arc_next to make sure
that packet will be pushed to the next feature in the arc.
But node nat44-ed-in2out-output also pops next feature and changes
arc_next. So actual next feature will be skipped in that case.
It leads to all nat44-ed-in2out packets being dropped if we have
multiple workers (handoff node enabled).
To resolve this a new node was added (nat-pre-in2out-output) to fill
arc_next in single worker case and multiple worker case is already
handled by handoff node.
Type: fix
Signed-off-by: Vladimir Isaev <visaev@netgate.com>
Change-Id: I9dfba68f00164d2d5ab867224871811bef4411ed
|
|
device pool my grow during suspemd which will cause crash in avf process
after it exits from suspend.
Type: fix
Change-Id: I51fec90088c909cfbaaca6c245272a28c0827ca0
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: fix
Change-Id: I1b4f52e186165b04db5bd5f11058dc77b647bc94
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: fix
Change-Id: Icf6ce0ddb5fe9d078503e9d9ff7e7b26423f53f8
Signed-off-by: Filip Varga <fivarga@cisco.com>
|
|
Type: fix
Change-Id: Ic07d0ae313b32e420ba93693cb75960a86f752a9
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
It may happen that process node is suspended while it waits for response
from adminq and during that time CLI or API process can call
avf_delete_if. When avf process node resumes, it may happen that device
is not there anymeore.
This patch delegates interface deletion to process node, so CLI/API
process just sends signal instead of deleting device instance itself.
Type: fix
Change-Id: I7f12e12df3071650f6e60ad7eb5af23b7acfe335
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: fix
Static analysis identified a possible null pointer dereference. It
was introduced by a recent patch which expanded the DMAC comparison
on inbound packets on a BVI interface to include any secondary MAC
addresses which were added to an interface.
Check if the pointer is null before dereferencing.
Change-Id: Ic2afe2b062eda32977e05bf3f98d82c1fe64620c
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
|
|
- make sure everything is freed on cleanup
- reuse already allocated vectors where possible
Type: fix
Change-Id: Ibd8da1edb37126522dc2d525596521d32dceb73a
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: fix
Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
Change-Id: Ic51ba3450b3d0722ebff4280127f526b5a9934b1
|
|
vpp-20.05 on up-to-date Centos 7.8 host with enforcing SELinux fails to
create a host-interface due to two missing SELinux-permissions:
vpp_t self:packet_socket { read write }
This simple patch adds these two permissions. Tested successfully on
local installation.
The steps to reproduce:
$ ip link add vpeer-host type veth peer name vpeer-vpp
vpp# create host-interface name vpeer-vpp
create host-interface: Permission denied (errno 13)
[...]
$ semodule -i vpp-packet-socket.pp
vpp# create host-interface name vpeer-vpp
host-vpeer-vpp
Type: fix
Ticket: VPP-1931
Change-Id: I2b3d92b27b9a9f26aa1c85af2946b15e83e27944
Signed-off-by: Martin Millnert <martin@millnert.se>
|
|
VAT crashes when the one_add_del_local_eid api is invoked with mac
address as eid.
Type: fix
Signed-off-by: Onong Tayeng <otayeng@cisco.com>
Change-Id: I29e246f6cad4b350fec52d54e94dbed586d488c4
|
|
Type: fix
Change-Id: I96e8c5c9c792b1d9aefd39ce3e240d220827b7d1
Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
|
|
With packet trace on, VPP crashes when an arp packet arrives. This patch
fixes the crash and also ensures that the packet trace displays the eid
info.
Type: fix
Signed-off-by: Onong Tayeng <otayeng@cisco.com>
Change-Id: Iaad09a5e2b33e931ab9bd7bc3d4573b5ed5e4bfd
|
|
Type: docs
Change-Id: If8602d4b73cc1f04e42d19b8df60a05f67aa90c9
Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
|
|
Type: improvement
Change-Id: I13517bff4129497644e0efc3495d0ee7897fe5a7
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: docs
Change-Id: I5f20ac0232c5cdc3cf64015185b0d0fc5c4a3100
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Type: docs
Change-Id: I1a37450261e0bcedf90685243b14027f3cf23704
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Type: fix
VRRP cannot be used on a BVI interface currently because packets sent
to the virtual mac address of the VR fail the destination mac check in
l2_to_bvi().
Apparently people want to use VRRP on BVI interfaces, so update the
check in l2_to_bvi() so that it will check any secondary mac addresses
which have been added to the ethernet interface if the destination mac
address does not match the primary mac address for the interface.
An equivalent check is already done in ethernet_input_inline() for L3
interfaces which are in promiscuous mode.
Change-Id: I7c5bf624dafda8744fea236c704e8e17e5f53b35
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
|
|
Type: docs
Change-Id: I91a954abf77335e1ddcbd1468633d9d7980bbac2
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Type: fix
Change-Id: Ia9cd71ce12584cd8ef90bfe357cf762dd7653f71
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
also, remove a duplicate 17.01.1 section and wrong page tag for 20.09
Change-Id: Ia2cc77faa75cccab38972ad46517762cb7456466
Type: docs
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Type: feature
The main information about plugin you can see in README.md
vpp# wireguard ?
wireguard create wireguard create listen-port <port> private-key <key> src <IP> [generate-key]
wireguard delete wireguard delete <interface>
wireguard peer add wireguard peer add <wg_int> public-key <pub_key_other>endpoint <ip4_dst> allowed-ip <prefix>dst-port [port_dst] persistent-keepalive [keepalive_interval]
wireguard peer remove wireguard peer remove <index>
Change-Id: I85eb0bfc033ccfb2045696398d8a108b1c64b8d9
Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
Signed-off-by: Damjan Marion <damarion@cisco.com>
Signed-off-by: Jim Thompson <jim@netgate.com>
Signed-off-by: Neale Ranns <nranns@cisco.com>
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: feature
This patch updateds cryptodev engine uses new DPDK Cryptodev
API planned to be upstreamed in DPDK 20.11.
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Signed-off-by: Piotr Bronowski <piotrX.bronowski@intel.com>
Change-Id: I8dd1a8ac643f1e952deb787e466b76ea7aa5f420
|
|
This patch adds the RSS steering queues set interface, and it's
implementation in DPDK device:
/* Interface to set rss queues of the interface */
typedef clib_error_t *(vnet_interface_rss_queues_set_t)
(struct vnet_main_t * vnm, struct vnet_hw_interface_t * hi,
clib_bitmap_t *bitmap);
This patch also introduces a command line to set the RSS queues:
set interface rss queues <interface> <list <queue-list>>
To display the rss queues, use "show hardware-interfaces"
Below is the example to configure rss queues for interface Gig0:
vpp# set interface rss queues Gig0 list 0,2,4-7
vpp# show hardware-interfaces brief
Name Idx Link Hardware
VirtualFunctionEthernet18/1/0 1 down VirtualFunctionEthernet18/1/0
Link speed: unknown
RSS queues: 0 2 4 5 6 7
local0 0 down local0
Link speed: unknown
vpp#
Users can also configure the rss queues on a dpdk interface in
startup.conf:
dpdk {
dev 0000:18:01.0 {
rss-queues 0,2,5-7
}
}
Type: feature
Signed-off-by: Chenmin Sun <chenmin.sun@intel.com>
Change-Id: I1835595a1c54016a84eabee9fd62ce137935385d
|
|
Type: fix
Signed-off-by: Rajesh Goel <rajegoel@cisco.com>
Change-Id: Ib37802f4270fe894a31e871c7fbb12b5a1cdf058
|
|
Type: fix
Signed-off-by: Ryujiro Shibuya <ryujiro.shibuya@owmobility.com>
Change-Id: If5a8313262da828616db8b1d9ef831d42b11d952
|
|
Type: fix
Signed-off-by: Christian Hopps <chopps@labn.net>
Change-Id: I4dee2ea723631e1bd95b33a74b9431d984565aef
|
|
- These were displaying blank, apparently dpdk extended stat strings
must be within the heap so they are identified as vectors by
format_c_identifier even though they are not.
Type: fix
Change-Id: I2b153b100203b9856ce3af6d5ecb2daae410fb5b
Signed-off-by: Christian Hopps <chopps@labn.net>
|
|
Was seeing imissed counter become negative. Reuse the RX_ERROR code for all
three error counters to avoid the problem.
Type: fix
Change-Id: I99a69c8816326682745785ecd30e18a131ac2969
Signed-off-by: Christian Hopps <chopps@labn.net>
|
|
Type: fix
- Document that ooo dequeues with ooo lookups cannot be done in
combination with in order dequeues.
- Added assert to capture this scenario and de-initialized rbtrees for
cut-through tx fifo
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ic40d020b3f0391fcf022ea3c906b86121744144f
|
|
Not all ESP crypto algorithms require padding/alignment to be the same
as AES block/IV size. CCM, CTR and GCM all have no padding/alignment
requirements, and the RFCs indicate that no padding (beyond ESPs 4 octet
alignment requirement) should be used unless TFC (traffic flow
confidentiality) has been requested.
CTR: https://tools.ietf.org/html/rfc3686#section-3.2
GCM: https://tools.ietf.org/html/rfc4106#section-3.2
CCM: https://tools.ietf.org/html/rfc4309#section-3.2
- VPP is incorrectly using the IV/AES block size to pad CTR and GCM.
These modes do not require padding (beyond ESPs 4 octet requirement), as
a result packets will have unnecessary padding, which will waste
bandwidth at least and possibly fail certain network configurations that
have finely tuned MTU configurations at worst.
Fix this as well as changing the field names from ".*block_size" to
".*block_align" to better represent their actual (and only) use. Rename
"block_sz" in esp_encrypt to "esp_align" and set it correctly as well.
test: ipsec: Add unit-test to test for RFC correct padding/alignment
test: patch scapy to not incorrectly pad ccm, ctr, gcm modes as well
- Scapy is also incorrectly using the AES block size of 16 to pad CCM,
CTR, and GCM cipher modes. A bug report has been opened with the
and acknowledged with the upstream scapy project as well:
https://github.com/secdev/scapy/issues/2322
Ticket: VPP-1928
Type: fix
Signed-off-by: Christian Hopps <chopps@labn.net>
Change-Id: Iaa4d6a325a2e99fdcb2c375a3395bcfe7947770e
|
|
Add the ability to configure the pp2 rx and tx queue sizes in the CLI.
Type: improvement
Signed-off-by: Christian E. Hopps <chopps@chopps.org>
Change-Id: I6a824f92e22fa47fec3d84525cc2d82524ddf639
|