summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2017-08-17acl-plugin: time out the sessions created by main thread too (VPP-948)Andrew Yourtchenko4-13/+28
In multithread setup the main thread may send packets, which may pass through the node with permit+reflect action. This creates the connection in lists for thread0, however in multithread there are no interupt handlers there. Ensure we are not spending too much time spinning in a tight cycle by suspending the main cleaner thread until the current iteration of interrupts is processed. Change-Id: Idb7346737757ee9a67b5d3e549bc9ad9aab22e89 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-08-11Fix LISP cp buffer leakageFlorin Coras1-1/+3
Change-Id: Id7e0f967cc510f0b45f043f74493854083ac67ae Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-08-10acl-plugin: add the debug CLI to show macip ACLs and where they are applied ↵Andrew Yourtchenko1-0/+76
(VPP-936) When looking at resource utilisation, it is useful to understand the interactions between the acl-plugin and the rest of VPP. MACIP ACLs till now could only be dumped via API, which is tricky when debugging. Add the CLIs to see the MACIP ACLs and where they are applied. Change-Id: I3211901589e3dcff751697831c1cd0e19dcab1da Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-08-10acl-plugin: match index set to first portrange element if non-first ↵Andrew Yourtchenko2-5/+192
portrange matches on the same hash key (VPP-938) Multiple portranges that land on the same hash key will always report the match on the first portrange - even when the subsequent portranges have matched. Test escape, so make a corresponding test case and fix the code so it passes. Change-Id: Idbeb8a122252ead2468f5f9dbaf72cf0e8bb78f1 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-08-10acl-plugin: hash lookup bitmask not cleared when ACL is unapplied from ↵Andrew Yourtchenko3-4/+31
interface (VPP-935) The logic in hash ACL bitmask update was using the vector of ACLs applied to the interface to rebuild the hash lookup mask. However, in transient cases (like doing group manipulation with hash ACLs), that will not hold true. Thus, make a local copy of for which ACL indices the hash_acl_apply was called previously, and maintain that one local to the hash_lookup.c file logic. Change-Id: I30187d68febce8bba2ab6ffbb1eee13b5c96a44b Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-08-10acl-plugin: avoid crash in multithreaded setup adding/deleting ACLs with ↵Andrew Yourtchenko3-0/+83
traffic (VPP-910/VPP-929) The commit fixing the VPP-910 and separating the memory operations into separate heaps has missed setting the MHEAP_FLAG_THREAD_SAFE, which quite obviously caused the issues in the multithread setup. Fix that. Also, add the debug CLIs "set acl-plugin heap {main|hash} {validate|trace} {1|0}" to toggle the memory instrumentation, in case we ever need it in the future. Change-Id: I8bd4f7978613f5ea75a030cfb90674dac34ae7bf Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-08-09acl-plugin: all TCP sessions treated as transient (VPP-932)Andrew Yourtchenko2-13/+146
The packet that was creating the session was not tracked, consequently the TCP flags seen within the session record never got the value for the session to get treated as being in the established state. Test-escape, so add the TCP tests which test the three phases of the TCP session life and make them all pass. Change-Id: Ib048bc30c809a7f03be2de7e8361c2c281270348 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-08-08ping: fixing wrong value when there are worker threadsMohammed Hawari2-9/+21
- the echo_reply_node is now notifying the cli process on the main thread/vlib_main - the timestamp for the icmp reply is now acquired in the echo_reply_node and not in the cli process to avoid an off by 10ms error (see 【vpp-dev】delay is error in ping with multi worker thread) Change-Id: I21d37002b0376b4f2ccab08d8f04c2f2944b9b39 Signed-off-by: Mohammed Hawari <mhawari@cisco.com> (cherry picked from commit 03a6213fb5022d37ea92f974a1814db1c70bcbdf)
2017-08-08acl-plugin: fix a misplaced return (VPP-910)Andrew Yourtchenko1-1/+1
It was uncaught by make test because the corresponding tests are not there yet - part of 17.10 deliverables Change-Id: I55456f1874ce5665a06ee411c7abf37cd19ed814 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-08-08acl-plugin: rework the optimization 7383, fortify acl-plugin memory behavior ↵Andrew Yourtchenko5-150/+289
(VPP-910) The further prolonged testing from testbed that reported VPP-910 has uncovered a couple of deeper issues with optimization from 7384, and the usage of subscripts rather than vec_elt_at_index() allowed to hide a couple of further errors in the code. Also, the current acl-plugin behavior of using the global heap for its dynamic data is problematic - it makes the troubleshooting much harder by potentially spreading the problem around. Based on this experience, this commits makes a few changes to fix the issues seen, also improving the serviceability of the acl-plugin code for the future: - Use separate mheaps for any ACL-related control plane operations and separate for the hash lookup datastructures, to compartmentalize any memory-related issues for the ACL plugin. - Ensure vec_elt_at_index() usage throughout the hash_lookup.c file. - Use vectors rather than raw memory for storing the "ordinary" ACL rules. - Rework the optimization from 7384 to use a separate tail pointer rather than overloading the "prev" field. - Make get_session_ptr() more conservative and adjust is_valid_session_ptr accordingly Change-Id: Ifda85193f361de5ed3782a4acd39622bd33c5830 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-08-02acl-plugin: multicore: CSIT c100k 2-core stateful ACL test does not pass ↵Andrew Yourtchenko4-41/+106
(VPP-912) Fix several threading-related issues uncovered by the CSIT scale/performance test: - make the per-interface add/del counters per-thread - preallocate the per-worker session pools rather than attempting to resize them within the datapath - move the bihash initialization to the moment of ACL being applied rather than later during the connection creation - adjust the connection cleaning logic to not require the signaling from workers to main thread - make the connection lists check in the main thread robust against workers updating the list heads at the same time - add more information to "show acl-plugin sessions" to aid in debugging Change-Id: If82ef715e4993614df11db5e9afa7fa6b522d9bc Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-07-31Fix interface reuse when running multithreadedDamjan Marion1-4/+12
Node function pointer was not set on all node runtimes causing crash if new interface is different type. Change-Id: I4661fe883befc6cd3fc6dfc14fd44f6fa5faf27c Signed-off-by: Damjan Marion <damarion@cisco.com> (cherry picked from commit c418e4ac7cf36bd64f3130c258d5f1897c245f2b)
2017-07-28Use CSIT release branch for verify jobJan Gelety1-1/+1
Change-Id: If68d9cda27941305fe5186c034028684b6079380 Signed-off-by: Jan Gelety <jgelety@cisco.com>
2017-07-21vhost: debug vhost-user command needs better error checking on the syntax ↵Steven1-5/+26
(VPP-916) The syntax for debug vhost-user is debug vhost-user <on | off> However, currently the code does not reject the invalid command such as below debug vhost-user debug vhost-user on blah debug vhost-user off blah The fix is to enforece the correct syntax and reject the command when invalid option is entered. Change-Id: I1a04ae8ddb6dd299aa6d15b043362964e685ddde Signed-off-by: Steven <sluong@cisco.com>
2017-07-20acl-plugin: assertion failed at hash_lookup.c:226 when modifying ACLs ↵Andrew Yourtchenko1-0/+11
applied as part of many (VPP-910) change 7385 has added the code which has the first ACE's "prev" entry within the linked list of shadowed ACEs pointing to the last ACE, in order to avoid the frequent linear list traversal. That change was not complete and did not update this "prev" entry whenever the last ACE was deleted. As a result the changes within the applied ACLs which caused the calls to hash_acl_unapply/hash_acl_apply may result in hitting assert which does the sanity check. The solution is to add the missing update logic. Change-Id: I9cbe9a7c68b92fa3a22a8efd11b679667d38f186 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-07-1917.07 Release Notev17.07Neale Ranns1-0/+64
Change-Id: Iffbfffac1c508b000451e9f0e0b688d80785f7f5 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-07-15DHCP complete event sends mask lengthNeale Ranns3-3/+7
Change-Id: I4a529dfab5d0ce6b0bbc0ccbbd89c6b109dbf917 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-07-13L2INPUT:fix features mask cailculationEyal Bari1-6/+10
Change-Id: I84cea7530b01302a0adeef95b4924f54dc2e41ec Signed-off-by: Eyal Bari <ebari@cisco.com> (cherry picked from commit 8af1b2fdecc883eadfec6b91434adc6044e24cb2)
2017-07-13Fix crash with worker threads on 4K VXLAN/BD setup (VPP-907)John Lo8-173/+51
Cleanup mapping of interface output node for the l2-output node when interface is configured to L2 or L3 modes. The mapping is now always done in the main thread as part of API/CLI processing, instead of initiate mapping in the forwarding path which can be in the worker threads. Change-Id: Ia789493e7d9f5c76d68edfaf34db43f3e3f53506 Signed-off-by: John Lo <loj@cisco.com>
2017-07-12memif: avoid double buffer freeDamjan Marion1-1/+0
Change-Id: I902f54618c4e1f649af11497c1cb10922e43755a Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-07-12memif: mask interrupts on startup if we are in the polling modeDamjan Marion1-0/+8
Change-Id: Ief02eb1109a1bc463665d9747e9fa4e0c0e3d7e0 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-07-12vlib: fix issues with PCI handling codeDamjan Marion2-7/+7
- PCI devices not properly discovered - vlib_pci_bus_master_enable () not working Change-Id: I7433ab1b19b890b8900635b43037b9a2017a1921 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-07-12dpdk: add FiftyGigabitEtherenet interface supportDamjan Marion3-0/+7
Change-Id: Ied8b26179cdf4add34440a9c396cb821716cfb8e Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-07-12vppinfra: revert clib_memcpy optimizationDamjan Marion2-10/+14
Looks like some compiler versions are producing wrong code when we are copying 9-16 bytes so reverting back to the original code. Change-Id: I74b5fa54a3b01f6288648f1cb0926030edd3b26f Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-07-11VPP-895 multi-thread: fix vpp crash on show runtimeIgor Mikhailov (imichail)1-0/+29
In multi-threaded model (e.g. 1 main and 1 worker threads), after an ethernet interface is deleted (e.g. vhost-user interface), 'show runtime' command produces garbled output and sometimes leads to vpp crash. The reason is because vlib_node_rename() frees and reallocates node's 'n->name' vector, however the change is not propagated into copies of the node on worker threads. Change-Id: Ibf22422913b7f2df22f70f3b2fe8dafd34c1dd06 Signed-off-by: Igor Mikhailov (imichail) <imichail@cisco.com>
2017-07-11Fix vppctl error messages to handle lack off permissionsEd Warnicke1-0/+27
Change-Id: Ia35edcb14eb8d786065ee4ab394f4f1aa52e1625 Signed-off-by: Ed Warnicke <hagbard@gmail.com>
2017-07-10lldp packet transmission on a bonded interfaceSteve Shin3-7/+11
LLDP packets are dropped at interface output node if each slave's link is configured as the LLDP interface. The admin state is configured and managed by the bonded interface, so slave link's state is down by default. The checking for the admin state UP should be ignored for the slave link. Change-Id: I06ca250f42fcb8cc50e0ea3a3817a2c5b56865df Signed-off-by: Steve Shin <jonshin@cisco.com> (cherry picked from commit 042a621b90c9f521b546cbbf724bb908e36f3b25)
2017-07-10VPP-904: fixes zero length CLI parameters parseAlexander Kotov1-2/+3
Change-Id: I21fbc9aff2b97a8b3f4cbed202c00b6d84557a6e Signed-off-by: Alexander Kotov <kot@yandex.ru> (cherry picked from commit 28160f38488743b8cee0a7bd62b432a9dd8f4bfd)
2017-07-09format: Check for NaN when rendering doublesChris Luke2-1/+14
- The result of 0.0/0.0 was being rendered as a lot of zeroes in the integer portion, as in this example: DBGvpp# show physmem 0: 16 objects, 576k of 582k used, 3k free, 0 reclaimed, 2k overhead, 16380k capacity alloc. from small object cache: 0 hits 0 attempts (0.00%) replacements 0 alloc. from free-list: 0 attempts, 0 hits (0.00%), 0 considered (per-attempt 0.00) alloc. from vector-expand: 16 allocs: 16 73643.06 clocks/call frees: 0 000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000.00 clocks/call - Add two macros to vppinfra/math.h that use compiler builtins to check for NaN and Infinity and then use them in format_float(). Change-Id: Iccc03997e6e33d6b888d1e7e20cd78df0cfd02e8 Signed-off-by: Chris Luke <chrisy@flirble.org> (cherry picked from commit bb18ee6f1c7c172d30cb0c98153499af571777ee)
2017-07-08LLDP: properly parse lldp cmds from startup configKlement Sekera1-3/+1
Change-Id: I0e6c86bd923fcf7cf16f948b9869a5927e6d3745 Signed-off-by: Klement Sekera <ksekera@cisco.com> (cherry picked from commit 3d62a7f0b9a4b967ad53f5990729acca932f90b4)
2017-07-08Add API support for LLDP config/interface setSteve Shin11-47/+401
Add API methods to configure LLDP and set interface to enable/disable. Also add port description TLV for LLDP. Change-Id: Ib959d488c2ab8a0069f143558871f41fcc43a5d3 Signed-off-by: Steve Shin <jonshin@cisco.com> (cherry picked from commit 99a0e60eb6f6acd7eabd5a4cb7ded1e0419ccd54)
2017-07-07Update CSIT tests 170622 -> 170706Jan Gelety1-1/+1
- update of CSIT operational branch to be used for VPP-patch test Change-Id: I6bd86ea60f323b524f2de1a2236f1af48184a99f Signed-off-by: Jan Gelety <jgelety@cisco.com>
2017-07-06Send GARP/NA on bonded intf slave up/down if in active-backup modeJohn Lo7-8/+232
If a bonded interface is in active-backup mode and configured with IPv4 and/or IPv6 addresses, on slave interface link up/down, send a GARP packet if configured with an IPv4 address and an unsolcited NA if configured with an IPv6 address. These packets can help with faster route convergence in the next hop router/switch. Change-Id: I68ccb11a4a40cda414704fa08ee0171c952befa2 Signed-off-by: John Lo <loj@cisco.com> (cherry picked from commit 8b81cb43359380e50d3fc216d93ff05894149939)
2017-07-06VPP-902: LISP-CP: Wrong size in one_l2_arp_entries_get message.Ole Troan1-1/+1
Change-Id: I56bf6b46527f9465d78ed7c08b6e216e50c135ec Signed-off-by: Ole Troan <ot@cisco.com>
2017-07-06Remove autosudo from pythonic vppctlEd Warnicke1-3/+0
Change-Id: Iaea91a95d58678b8b3c56f3fceab76817e0f63ff Signed-off-by: Ed Warnicke <eaw@cisco.com>
2017-07-05Buffer name inconsistently used a cstring/vec (VPP-901)Chris Luke1-3/+3
Spotted in the output of CLI command "show buffers", the name field sometimes had trailing garbage, the hall sign of a string not being terminated. In this case it was being inconsistently used as a cstring or a vec. - CLI printf needs %v to print the vec srring - vlib_buffer_create_free_list_helper tried to use clib_mem_is_heap_object() to detect a vec object, wheras it should use clib_mem_is_vec() Change-Id: Ib8b242a0c5a18924b8af7e8e1432784eebcf572c Signed-off-by: Chris Luke <chrisy@flirble.org>
2017-07-05VPP-900: VPP is released under the Apache 2.0 License (ASL 2.0). Update RPM ↵v17.07-rc2Billy McFall1-1/+1
specfile to reflect the proper license. Change-Id: I9e8d1643ea65afd91a0cd5ad9545248575e32617 Signed-off-by: Billy McFall <bmcfall@redhat.com>
2017-07-04Refactor API message handling codeKlement Sekera11-477/+609
This is preparation for new C API. Moving common stuff to separate headers reduces dependency issues. Change-Id: Ie7adb23398de72448e5eba6c1c1da4e1bc678725 Signed-off-by: Klement Sekera <ksekera@cisco.com> (cherry picked from commit 58eb866b15a45514dc356170f28640d6c9db8034)
2017-07-04acl-plugin: fix acl plugin test failing sporadically (VPP-898)Andrew Yourtchenko1-0/+5
The "acl_plugin" tests has one of the tests sporadically fail with the following traceback: r.reply.decode().rstrip('\x00') UnicodeDecodeError: 'ascii' codec can't decode byte 0xd8 in position 20666: ordinal not in range(128) This occurs in the newly added "show acl-plugin table" debug CLI. This CLI has only the numeric outputs, so the conclusion is that it is the incorrect termination (trailing zero) that might be most probably causing it. The other acl-plugins show commands also lack the zero-termination termination, so fix all of them. The particularity of this command vs. the other acl-plugin debug CLIs is that the accumulator is freed and allocated multiple times, this might explain the issue is not seen with them. Change-Id: I87b5c0d6152fbebcae9c7d0ce97155c1ae6666db Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-07-03SNAT: fix failing test_session_limit_per_user (VPP-896)Matus Fabian1-0/+2
Change-Id: Idf46a03803125babd9bb880363686359fbcca27d Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-07-03acl-plugin: VPP-897: applying of large number of ACEs is slowAndrew Yourtchenko2-20/+45
When applying ACEs, in the new hash-based scheme, for each ACE the lookup in the hash table is done, and either that ACE is added to the end of the existing list if there is a match, or a new list is created if there is no match. Usually ACEs do not overlap, so this operation is fast, however, the fragment-permit entries in case of a large number of ACLs create a huge list which needs to be traversed for every other ACE being added, slowing down the process dramatically. The solution is to add an explicit flag to denote the first element of the chain, and use the "prev" index of that element to point to the tail element. The "next" field of the last element is still ~0 and if we touch that one, we do the linear search to find the first one, but that is a relatively infrequent operation. Change-Id: I352a3becd7854cf39aae65f0950afad7d18a70aa Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-07-01devices: show interface rx-placement displays the wrong information (VPP-894)Steven1-1/+3
show interface rx-placement somtimes displays the wrong interface names. This happens when there exists subinterfaces in VPP. The problem is due to the function show_interface_rx_placement_fn is calling format_vnet_sw_if_index_name with hw_if_index instead of sw_if_index. VPP has the concept of sw_if_index and hw_if_index. Each serves a different purpose. When there is no subinterfaces, both hw_if_index and sw_if_index may happen to have the same value.But don't count on it. When the API calls for sw_if_index, we must pass the sw_if_index although the hw_if_index has the same type which the compiler does not catch. Passing hw_if_index for an API which requires sw_if_index may have an unpredictable result such as described in the VPP-894 and sometimes it may even crash if the particular index does not exist. Change-Id: I76c4834f79b88a1c20684fcba64f14b2da142d77 Signed-off-by: Steven <sluong@cisco.com>
2017-06-30VPP-893: handle multiple simultaneous event registrationsDave Barach2-1/+7
Change-Id: I8cd90820624987dbef848935e2de86fa66a86c17 Signed-off-by: Dave Barach <dave@barachs.net>
2017-06-30IP4/IP6 FIB: fix crash during interface deletePavel Kotucek4-1/+42
after deleting a sub interface with IP4/IP6 address vpp crash Change-Id: Ie768ca845b9e2394f61e2a8e9722a80a788746e7 Signed-off-by: Pavel Kotucek <pkotucek@cisco.com> (cherry picked from commit 9f5a2b6310ce5c8e59c32ca6f27d8a187b0e4346)
2017-06-29VPP debug image with worker threads hit assert on adding IP route with ↵Neale Ranns3-1/+39
traffic (VPP-892) When stacking DPOs the VLIB graph is also updated to add the edge between the nodes, if this edge does not yet exist. This addition should be done with the workers stopped. Change-Id: I327e4d7d26f0b23eb280f17e4619ff2093ff7940 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-06-27L2-LEARN:fix l2fib entry seq num not updated on hit (VPP-888)Eyal Bari6-116/+93
fixed instability in l2bd_multi_instnce test - sometimes failing with extra packets captured it appears l2-learn was not updating hit entries but rather a copy of them. if the ager did not have a chance to run before the test was running the learning cycle - entries were not updated with the packet's seq num - causing packets to flood when hitting the stale seq_num in l2-fwd - hence the extra packets fixed handling of filter entries revert workaround for instability in test Change-Id: I16d918e6310a5bf40bad5b7335b2140c2867cb71 Signed-off-by: Eyal Bari <ebari@cisco.com>
2017-06-26VPP-889: MAP Stats API/CLI crashes when no domains.Ole Troan2-1/+11
Change-Id: Ib7824bfc08cb3c8f20258379e1a1f2c159c4f687 Signed-off-by: Ole Troan <ot@cisco.com>
2017-06-25Add Maintainers for Vxlan-gpe featureHongjun Ni1-3/+8
Change-Id: I3f42e9bbd816a6e2192cc65eeb10a4681cf9e29a Signed-off-by: Hongjun Ni <hongjun.ni@intel.com> (cherry picked from commit fcfa38d68007418d9460533d248adf34aca88ec1)
2017-06-25VPP crash on creating vxlan gpe interface. VPP-875Hongjun Ni5-19/+118
Change-Id: I6b19634ecb03860a7624d9408e09b52e95f47aef Signed-off-by: Hongjun Ni <hongjun.ni@intel.com> (cherry picked from commit 04ffd0ad83b2d87edb669a9d76eee85f5c589564)
2017-06-2217.07 change default branch in gitreviewv17.07-rc1Neale Ranns1-0/+1
Change-Id: I7d0a27c4d103dd11561ac7ae4d59592ba77ab899 Signed-off-by: Neale Ranns <nranns@cisco.com>