summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2018-04-10CSIT-895 dpdk/ipsec: add locks on session data hash updatesRadu Nicolau2-33/+40
Change-Id: I6400b77de388c01e85209e5dc5f11ccafb79a459 Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
2018-04-10srv6-ad: fixing cache size issueFrancois Clad3-11/+18
Change-Id: Iaadfbc75832e37ae52511b25448da14116214fc1 Signed-off-by: Francois Clad <fclad@cisco.com>
2018-04-10Make IPsec tunnel intf work with IPv4 output featuresMatthew Smith2-0/+13
With no IPv4 output features on an IPsec tunnel inferface, when packets are forwarded to that interface, they reach the ipsec-if-output node via the output_node_index on the hw interface and they are handled correctly. When an IPv4 output feature (e.g. output ACL, outbound NAT) is enabled on an IPsec tunnel interface, outbound IPsec stops working for that interface. The last node in the ip4-output feature arc is interface-output. From there a packet is sent to ipsec<N>-output, and then ipsec<N>-tx. The tx function for an IPsec tunnel interface that is called by ipsec<N>-tx is a dummy that doesn't do anything except write a warning message. Enable a feature on the interface-output feature arc for an IPsec tunnel interface so the ipsec-if-output node is reached from the interface-output node. Change-Id: Ia9c73d3932f5930ec7ce0791a0375b1d37148b01 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2018-04-09features: don't break linked list, create separate one for arcDamjan Marion4-14/+16
We need to keep original linked list so destructire can remove entries. Change-Id: I5ff5ca0e1a417d88707255207725bba46433c943 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-04-09L2: no-flood interface type in the Bridge-DomainNeale Ranns5-11/+42
Change-Id: I50ff0cacf88182f8e0be19840c50f4954de586e2 Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2018-04-09plugins: unload plugin if early init failsDamjan Marion12-5/+215
Change-Id: I32f68e2ee8f5d32962acdefb0193583f71d342b3 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-04-09NAT44: don't add static mapping to resolution vector if failed (VPP-1225)Matus Fabian1-3/+27
Change-Id: I71660eb327124179ff200763c4743cc81dc6e1c6 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-04-09jvpp: log error output of Java process on test failureMarek Gradzki1-3/+6
helps troubleshooting JVpp test failures. Change-Id: I4747832a0610ace168285bfe423c506ba4e00700 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2018-04-09Autodetect plugin pathDamjan Marion4-16/+61
dpdk plugin self-disables if there are no hugepages available Change-Id: Ib286e1a370deeb21248e6e961573ef9c68759b4c Signed-off-by: Damjan Marion <damarion@cisco.com> Signed-off-by: Dave Barach <dave@barachs.net>
2018-04-09DVR: save the rewrite length in packet meta-data for featuresNeale Ranns1-3/+9
Change-Id: I0efd03bdb84bc9ff2334d398bfdb82486228114a Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2018-04-09make test: fix failure on centosKlement Sekera1-1/+1
Change-Id: I1fcc742699a60ef99ce97b35f7b964ee6ad29ddf Signed-off-by: Klement Sekera <ksekera@cisco.com>
2018-04-08Restore building of debuginfo RPMsThomas F Herbert1-10/+2
JIRA: VPP-1227 Remove rpm tmp dir build debuginfo rpms. Reverses commits to fix a build problem with old versions of rpmbuild that prevented builds in chrooted environments with short paths and short project names. Change-Id: I852696dccc984bf4882fd3ca9ec4c8da080bdb41 Signed-off-by: Thomas F Herbert <therbert@redhat.com>
2018-04-08Remove subunit from Centos requirements.Thomas F Herbert2-2/+4
JIRA: VPP-1229 Subunit and Subunit-devel in Fedora and Epel but not Centos. This patch moves the Fedora from the Centos specific requirements. Change-Id: I093a4571cddf14af5ee2827ba8ee00c7bcbe6fc0 Signed-off-by: Thomas F Herbert <therbert@redhat.com>
2018-04-07BIER coveroty fix for unintialised return value on errorNeale Ranns1-1/+1
Change-Id: I2b1d1035f810cb58356626cf081d46eb289265b4 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-04-06Change l2-fwd node to allow possible feature before UU-FLOODJohn Lo1-6/+14
If l2-fwd node does not find an L2FIB entry for DMAC of packet, use input feature bitmap to find next node instead of always sending packet to l2-flood node to perform unknow unicast flood. It provides possibilty of using other feature to forward unknow unicast packet instead of flooding the BD. Change-Id: I56b277050537678c92bd548d96d87cadc8d2e287 Signed-off-by: John Lo <loj@cisco.com>
2018-04-06Remove mbedtls from build requirement for CentosThomas F Herbert2-2/+4
Although mbedtls is in Fedora and Epel, it is not in Centos yet. It is not strictly necessary for TLS which also can use openssl. Change-Id: Id62d52000f9ecda2fc10d1938f02be1142fa5bdb Signed-off-by: Thomas F Herbert <therbert@redhat.com>
2018-04-05VOM: Get vhost-user type from nameMohsin Kazmi1-1/+2
Adopt nova naming convention for vhost-user interfaces. Change-Id: If70f0828106bf594eb11d4f0ed2898a35ec0af15 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2018-04-05IPIP: version.h is not neededNeale Ranns1-1/+0
Change-Id: I78a4176f98c2b4630a57ac5ddb7faf58ba0c4ee1 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-04-05memif: bug fixesDamjan Marion2-22/+74
Change-Id: Id775efb2e85d850e510d00f1b48bb711a3342397 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-04-05VOM: Add sub_interface in specific routing tableMohsin Kazmi2-0/+19
Change-Id: I3700fc1d140e30da783e41762670618f0298c7db Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2018-04-05DSLite: Implement new API call DSLITE_ADDRESS_DUMP.Jon Loeliger2-0/+67
Change-Id: I92ca28d3007f7ea43cd3e8b20659e400dfa6c75c Signed-off-by: Jon Loeliger <jdl@netgate.com>
2018-04-04Bump package versionChris Luke1-1/+1
Change-Id: I81d870ab9fc0b1f0e1b777d56ca7870ff99c7c2c Signed-off-by: Chris Luke <chrisy@flirble.org>
2018-04-04Hm this ended up on master, but should not have.v18.07-rc0Chris Luke1-1/+0
Revert "Setup for branch stable/1804" This reverts commit c9c0988a0f331cbecfefb3f8cf0617b42bc89139. Change-Id: I53ac0e9742317962aebe6f6eb5c9180fa87af2a8 Signed-off-by: Chris Luke <chrisy@flirble.org>
2018-04-04Setup for branch stable/1804Chris Luke1-0/+1
Change-Id: I09360055222efba6fad178b4fa5917808b551a9d Signed-off-by: Chris Luke <chrisy@flirble.org>
2018-04-04Doc updates prior to branchChris Luke6-16/+40
Change-Id: Ibcffee7d20dbb79720199bcd82d2353f39d5544f Signed-off-by: Chris Luke <chrisy@flirble.org>
2018-04-04memif: zero copy slaveDamjan Marion7-145/+677
Change-Id: I65306fb1f8e39221dd1d8c00737a7fb1c0129ba8 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-04-04Detailed stats collection featureNeale Ranns12-41/+434
Use device-input and interface-output feautre arcs to collect unicast, multicast and broadcast states for RX and TX resp. Since these feature arcs are present only for 'physical' interfaces (i.e. not su-interfaces) counter collection is supported only on parent interface types. Change-Id: I915c235e336b0fc3a3c3de918f95dd674e4e0e4e Signed-off-by: Neale Ranns <nranns@cisco.com> Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2018-04-04NAT added FIB entries have a preference lower than API/CLINeale Ranns3-6/+12
Change-Id: Ia99490180683e8649784f7d9d18c509c3ca78438 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-04-04NAT44: prohibit multiple static mappings for a single local address (VPP-1224)Matus Fabian1-0/+11
Change-Id: I32b30210c2f1aec10a1b614d04f427662326a3d2 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-04-04NAT44: fix static mapping for DHCP addressed interface deleting (VPP-1223)Matus Fabian1-4/+92
Change-Id: Ifb4d23059b7989c32a52eaf0c25c275b35e83010 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-04-04dpdk:fix checksum handling of l2 interfacesEyal Bari1-17/+19
dpdk-input was dropping packets with bad ip-checksum on l2 interfaces Change-Id: Ife5b52766bb71e878b1da6e94ae7b8a1e59fc478 Signed-off-by: Eyal Bari <ebari@cisco.com>
2018-04-03Makefile: Alter VPP_PYTHON_PREFIX for preloading depsEd Kern2-1/+6
Allow setting of VPP_PYTHON_PREFIX to alternate location so the python prereqs can be installed into base image Also added test-dep trigger to isolate dependency install from actual test run Change-Id: Ia80f5dbf71bc24eb46cd6586bcadd474ef822704 Signed-off-by: Ed Kern <ejk@cisco.com>
2018-04-03reassembly: bug fixesKlement Sekera4-19/+23
This change fixes a bug which would corrupt features infra by making feature infra resistant to double-removal. It also fixes 'out of memory' issue by properly initializing the bihash tables. Change-Id: I78ac03139234a9a0e0b48e7bdfac1c38a0069e82 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2018-04-03Fix bugs in emacs plugin templatesDave Barach2-22/+17
use api_helper_macros.h declare plugin_main_t external in the header file declare plugin_main_t instance in plugin.c setup main_t->vlib_main, main_t->vnet_main in the init routine Change-Id: Ib8c742a60c63adfe9724447e1a2acc8c7723e90c Signed-off-by: Dave Barach <dave@barachs.net>
2018-04-03session: use fib index in ip local testFlorin Coras1-1/+1
Change-Id: I148cb40c8bea55dabe54fa6a662d46862e571640 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-03-31make test: print a warning in case a core_pattern contains a filter programAndrew Yourtchenko3-0/+19
The default config on Ubuntu 16.04.4 desktop results in truncated cores when running make test which coredumps. Uninstalling the filter program (apport) makes the corefiles normal size. Print a warning about that fact, so the others potentially affected didn't have to wonder. Change-Id: Iba4b0a2765a25100d6e24fd7f4de0e0339efd835 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2018-03-30tapv2: Sporadic SIGABRT in ethernet_input [VPP-1183]Steven2-5/+6
virtio_free_rx_buffers uses the wrong slot in the vring to get the buffer index. It uses desc_next. It should be last_used_idx which is the slot number for the first valid descriptor. Change-Id: I6b62b794f06869fbffffce45430b8b2e37b1266c Signed-off-by: Steven <sluong@cisco.com>
2018-03-30libmemif: zero-copy-slave mode + header spaceJakub Grajciar10-72/+1696
Slave is now able to dequeue buffers from rx queue and enqueue them to tx queue (zero-copy operation). Slave can produce buffers with headroom, which will allow adding encap without copy. Change-Id: Ia189f8de1a68be787545ed46cf78d36403e7e9bf Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
2018-03-30acl-plugin: implement an optional session reclassification when ACL is ↵Andrew Yourtchenko4-10/+128
(re-)applied There were several discussions in which users would expect the sessions to be deleted if the new policy after the change does not permit them. There is no right or wrong answer to this question - it is a policy decision. This patch implements an idea to approach this. It uses a per-interface-per-direction counter to designate a "policy epoch" - a period of unchanging rulesets. The moment one removes or adds an ACL applied to an interface, this counter increments. The newly created connections inherit the current policy epoch in a given direction. Likewise, this counter increments if anyone updates an ACL applied to an interface. There is also a new (so far hidden) CLI "set acl-plugin reclassify-sessions [0|1]" (with default being 0) which allows to enable the checking of the existing sessions against the current policy epoch in a given direction. The session is not verified unless there is traffic hitting that session *in the direction of the policy creation* - if the epoch has changed, the session is deleted and within the same processing cycle is evaluated against the ACL rule base and recreated - thus, it should allow traffic-driven session state refresh without affecting the connectivity for the existing sessions. If the packet is coming in the direction opposite to which the session was initially created, the state adjustment is never done, because doing so generically is not really possible without diving too deep into the special cases, which may or may not work. Change-Id: I9e90426492d4bd474b5e89ea8dfb75a7c9de2646 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2018-03-30Updated sample startup.conf with supported plugin config options.Maciek Konstantynowicz1-10/+19
Change-Id: Id2884a4c2208b4382fce56019b11e4b7fdc4275b Signed-off-by: Maciek Konstantynowicz <mkonstan@cisco.com>
2018-03-30Fix minor issues.John DeNisco4-8/+24
Change-Id: I1ce5106d99dd4d4b1c033d4873b4511e9a170afc Signed-off-by: John DeNisco <jdenisco@cisco.com>
2018-03-30Add missing stdint.hChris Luke1-0/+1
Coverity has started whining about uint32_t missing in this .h Change-Id: I57992121c0593d6a0ada35917802d0300cf91259 Signed-off-by: Chris Luke <chrisy@flirble.org>
2018-03-30lacp: faster convergence for slow-rate config optionSteven6-18/+29
Do fast-rate if we are not yet synchronized with the partner. Stop sending LACP updates as a flash in the worker thread. Just expire the timer and let the lacp_process handle sending LACP PDU. Change-Id: I8b36fe74e752e7f45bd4a8d70512c0341cc197a1 Signed-off-by: Steven <sluong@cisco.com>
2018-03-30bond: show trace causes a crash if the interface is deletedSteven3-13/+32
For the debug image, if the interface is removed and the trace was collected prior to the interface delete, show trace may cause a crash. This is because vnet_get_sw_interface_name and vnet_get_sup_hw_interface are not safe if the interface is deleted. The fix is to use format_vnet_sw_if_index_name if all we need is to get the interface name in the trace to display. It would show "DELETED" which is better than a crash. Change-Id: I912402d3e71592ece9f49d36c8a6b7af97f3b69e Signed-off-by: Steven <sluong@cisco.com>
2018-03-30dpdk: fix crash due to incorrect xd->flags value with slave's link togglingSteve Shin1-2/+5
xd->flags is set incorrectly when a slave link is down in bonded interface mode. This can result in VPP crash when data traffic flows to the interface. Change-Id: Ideb9f5231db1211e8452c52fde646d681310c951 Signed-off-by: Steve Shin <jonshin@cisco.com>
2018-03-29Coverity fixes (VPP-1204)Chris Luke6-13/+17
Minor bug fixes CID 183000: double close CID 180996: dead code CID 180995: NULL deref CID 181957: NULL deref CID 182676: NULL deref CID 182675: NULL deref Change-Id: Id35e391c95fafb8cd771984ee8a1a6e597056d37 Signed-off-by: Chris Luke <chrisy@flirble.org>
2018-03-29ip6: fix ip6-local urpf checkingFlorin Coras2-9/+10
Use sw_if_index[VLIB_TX] if set as fib index when doing the urpf check. Change-Id: I5ec3e7f7a54c6782704d91e9a5614fd0f7f9e3de Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-03-29l2_input:optimize counter accessEyal Bari1-31/+16
only one counter update per frame (was updated per iteration) only access ethertype for casts (was always accessing ethertype) Change-Id: I3a3c3219ec63e975cf5bd8cf2d93103932a4aaa3 Signed-off-by: Eyal Bari <ebari@cisco.com>
2018-03-29tcp: fix fib index buffer taggingFlorin Coras4-33/+44
Change-Id: I373cc252df3621d44879b8eca70aed17d7752a2a Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-03-29No need for this routine to be globalDave Barach1-1/+1
Causes subtle misbehavior elsewhere Change-Id: I3a0ade26e8e03b8c5dc8e722f6a01fb99ec7a1e0 Signed-off-by: Dave Barach <dave@barachs.net>