summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2023-11-16dhcp: api to enable client detect on interfaceOle Troan3-0/+39
DHCPv4 aka BOOTP is somewhat awkward. A DHCP client on an interface must receive DHCP packets to the broadcast address or to a unicast address. Apparently before it's been assigned to itself. Add this new API to allow external DHCP clients enable the DHCP client detect feature per interface. Type: improvement Change-Id: If55aac03f25a045496be483940e4f5e7e18885b9 Signed-off-by: Ole Troan <otroan@employees.org>
2023-11-15misc: VPP 23.10 Release NotesAndrew Yourtchenko2-0/+630
Type: docs Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> Change-Id: Icd40064c06ccc53efba1cd9564613108b999b656 (cherry picked from commit 7c4027fa5e42a8cc7176cd62ab7a0043fb1933ff)
2023-11-15docs: Remove references to vlan-strip-offload as it is deprecatedSteven Luong2-17/+0
Type: fix Change-Id: I3a258433cf507f48cd67332387eb7fef103a88f8 Signed-off-by: Steven Luong <sluong@cisco.com>
2023-11-14flowprobe: fix L3 header offset calculation for tx flowsAlexander Chernavin1-1/+1
The recent TX flows generation fix introduced "l3_hdr_offset" which represents the offset of the IP header in the buffer's data. The problem is that it is erroneously defined as a 16-bit unsigned integer. If the calculated offset is negative, "l3_hdr_offset" will get a value close to UINT16_MAX. And the code will search the IP header somewhere beyond the buffer's data. For example, this will occur in the case when an ICMP error is being sent in response to a received packet. With this fix, make "l3_hdr_offset" a signed integer. Type: fix Change-Id: I6f1283c7ba02656d0f592519b5863e68348c5583 Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2023-11-14vppinfra: respect indent in format_tableDamjan Marion1-2/+3
Change-Id: Ib7e5cb5adfe81e5cc6243125d91f5179608a7733 Type: improvement Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-11-14vppinfra: add unformat_{single,double}_quoted_string functionDamjan Marion2-0/+44
Change-Id: I8ee90be1b772074c1130b98c71b3be48c973b2e2 Type: improvement Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-11-14tests: retry unlinking pcap files on os errorDave Wallace1-2/+11
Type: test Change-Id: I270798ed68f04bd3974dd39c44e85dad5fa02de0 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2023-11-13ena: Amazon Elastic Network Adapter (ENA) native driverDamjan Marion22-1/+4440
Type: feature Change-Id: Icd9de05f2cbac0e5a6dfb1f1414f21dc4b893104 Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-11-13dev: add change_max_rx_frame_size capabilityDamjan Marion9-30/+55
Type: improvement Change-Id: I922e216818b78f2fe7689c21a1d27d74a0ae28b8 Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-11-12flowprobe: fix tx flows generated for rewritten trafficAlexander Chernavin2-5/+82
Currently, when IPFIX records generation is enabled for an interface in the TX direction, some rewritten traffic is being sent from that interface, and the Ethernet header's location has changed due to rewriting, generated TX flows will contain fields with wrong and zero values. For example, that can be observed when traffic is rewritten from a subinterface to a hardware interface (i.e. when tags are removed). A TX flow generated in this case will have wrong L2 fields because of an incorrectly located Ethernet header. And zero L3/L4 fields because the Ethernet type will match neither IP4 nor IP6. The same code is executed to generate flows for both input and output features. And the same mechanism is applied to identify the Ethernet header in the buffer's data. However, such general code usually works with the buffer's data conditionally based on the direction. For most input features, the buffer's current_data will likely point to the IP header. For most output features, the buffer's current_data will likely point to the Ethernet header. With this fix: - Keep relying on ethernet_buffer_get_header() to locate the Ethernet header for input features. And start using vlib_buffer_get_current() to locate the Ethernet header for output features. The function will account for the Ethernet header's position change in the buffer's data if there is rewriting. - After fixing Ethernet header determination in the buffer's data, L3/L4 fields will contain non-zero but still incorrect data. That is because IP header determination needs to be fixed too. It currently relies on the fact that the Ethernet header is always located at the beginning of the buffer's data and that l2_hdr_sz can be used as an IP header offset. However, this may not be the case after rewriting. So start calculating the actual offset of the IP header in the buffer's data. - Add a unit test to cover the case. Type: fix Change-Id: Icf3f9e6518912d06dff0d5aa48e103b3dc94edb7 Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2023-11-10tls: fix forced ho cleanupFlorin Coras1-3/+13
Do not force cleanup of tcp half-open connection if tcp's cleanup notification to tls is pending. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I7bccbe8429a4aab10df1c89b66138b967e04ac19
2023-11-10gtpu: support non-G-PDU packets and PDU SessionRune E. Jensen8-527/+2551
Updated the gtpu plugin code to support the PDU Session user plane protocol, required for 5G, as specified in 3GPP TS 38.415 version 17.0.0. This enables some initial support of 5G gNodeB's with the gtpu plugin. New features: - Basic support for the GTP-U Extension Header Flag. Packets with one extension can now be decapsulated. This enables basic support of the PDU Session user plane protocol (3GPP TS 38.415 version 17.0.0). New tunnels can be created with a PDU enable flag and a 6-bit QoS Flow Identifier (QFI). With this, encapsulated packets will have the PDU Session extension header, and the QFI set. - Ability to forward GTP-U packets that are not handled by the plugin directly. Only GTP-U packets with a message type of 255 (G-PDU) are handled directly. However, 3GPP TS 29.281 defines several other message types like echo and error indication. A new feature is added to optionally forward unknown or unsupported packets to a new IP address. This works separately for unknown GTP-U message types, unknown TEIDs, and packets with an unknown GTP-U header. This allows both echo and error indications from a 5G gNodeB to be handled by a different system outside VPP. - Simple way to get metrics for active tunnels and on tunnel close. In 5G session/tunnel lifetime is often short and created frequently. The normal API becomes too slow and inaccurate when too many tunnels are created and deleted every second. Improvements: - A clean ground structure to handle multiple message type in the future. The code path for G-PDU packets is optimized for performance, representing the typical case. Unsupported GTP-U packets enter a slow path that decodes the nature of the error. This presents a easy hook to handle other message types in the future. - Improved error reporting When using traces there is more details in the tunnel descriptions. - Updated the API with several enums. Fixes: - gtpu0->length field in IPv6 was computed with IPv4 header lengths in the encapsulation code. - vec_set_len (t->rewrite, ...) size was computed with the IPv4 header size also for IPv6 tunnels. Issues: - This PR does not enable full support of the 3GPP specification. In particular it only supports a single QoS/QFI flow for each tunnel. It ignores all incoming extension header flags. - API functions might change again when/if more support of the 3GPP TS 38.415 spec is added. Note that I have bumped the API version to 2.1.0 as it seems to be the correct approach based on my API changes. Type: feature Signed-off-by: Rune E. Jensen <runeerle@wgtwo.com> Change-Id: I91cd2b31f2561f1b3fb1e46c4c34a5a3c71b4625
2023-11-10tests: perfmon - Added a check if test is running with root privilegesadrianvillin1-0/+6
Type: test Change-Id: I1910f3ef79e9018aee032daca0f1932eccb7b9f9 Signed-off-by: adrianvillin <avillin@cisco.com>
2023-11-09iavf: interrupt mode supportDamjan Marion7-86/+241
Type: improvement Change-Id: Ie5fcaa706ab0995e0021cf1ee74b95c5a3b30283 Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-11-09tls: fix handling of client and server init errorsFlorin Coras1-11/+9
- notify app on failed connect - avoid cleanup of ctx before transport cleanup to be able to handle pending rx notifications. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I1b70ad45109d4c942afa1990dfce4fc44a50a637
2023-11-09ipsec: IPsec fix constant propagationMaxime Peim1-2/+3
In some anti-replay, some functions weren't using the boolean telling if the window was huge or not. Hence, limiting the constant propagation at compilation. Type: fix Change-Id: Ie5f2dda38339bb32113c6f7b2b82c82135fc92a8 Signed-off-by: Maxime Peim <mpeim@cisco.com>
2023-11-08tls: propagate transport closed notificationsFlorin Coras0-0/+0
Notify app that transport is closed when tcp moves to closed state. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I18cbe1ac16b1a48ecd06af4c1b5535e12e4b0e75
2023-11-08tls: avoid reads after tcp transport removedFlorin Coras1-4/+18
Make sure underlying transport connection is not removed on rescheduled read event. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I0137a2e43aa84d9442279e036c25771aeefd207f
2023-11-08tests: Fix http static test failing on retryadrianvillin2-5/+21
- test_http_static.py: If namespace creation fails, try to delete the namespace and create it again - vpp_qemu_utils.py: Added "isinstance()" to "delete_namespace()" to match "create_namespace()" Type: test Change-Id: I88ff7a36f5d52816fee16283efba6af025496491 Signed-off-by: adrianvillin <avillin@cisco.com>
2023-11-08tests: added a simple perfmon plugin testadrianvillin1-0/+42
Type: test Change-Id: Ief0c0e13a2c19a03b48219d9a0d85256fb0c9dbe Signed-off-by: adrianvillin <avillin@cisco.com>
2023-11-08tests: added simple CT6 plugin testsadrianvillin1-0/+72
Type: test Change-Id: I77f119ac982170627484d792dc456753c9847af8 Signed-off-by: adrianvillin <avillin@cisco.com>
2023-11-08dev: remove unused codeDamjan Marion3-37/+0
Change-Id: If380e4ab6ca30243137fd31fbe51845c0414721a Type: improvement Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-11-08dev: interrupt mode supportDamjan Marion10-154/+306
Type: improvement Change-Id: I4a0578598182339bcf76e6b01da76b590a06f773 Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-11-07af_packet: remove UNIX_FILE_EVENT_EDGE_TRIGGERED flagArtem Glazychev1-1/+0
af_packet does not process data until the interface is UP. If after interface creation, but before it is UP, the host interfaces are flooded, then blocking case may occur - VPP interface will never be able to process the data. If the EDGE_TRIGGERED flag is set, the event will not arrive, because nothing new is happening anymore (probably because the queue is already full). Therefore, we need to use LEVEL_TRIGGERED (default value), which indicates that there is still unprocessed data (accumulated after interface creation, but before it was UP). Type: fix Signed-off-by: Artem Glazychev <artem.glazychev@xored.com> Change-Id: Ied459fd194149d09f226bcb0a5907b3e327b148a
2023-11-07flowprobe: fix clearing interface state on feature disablingAlexander Chernavin2-1/+23
As a result of recent fixes, all currently stored flows of an interface are deleted when the feature is being disabled for the interface. This includes stopping the timer and freeing the flow entries for further reuse. The problem is that meta information is not cleared in the flow entries being deleted. For example, packet delta count will keep its value. The next flow that gets one of these pool entries will already have a non-zero packet count. So the counting of packets will start from a non-zero value. And incorrect packet delta count will be exported for that flow. With this fix, clear meta information too when clearing interface state. Also, update the corresponding test to cover this case. Type: fix Change-Id: I9a73b3958adfd1676e66b0ed50f1478920671cca Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2023-11-07build: disable bogus warnings for GCC 12Jieqiang Wang1-0/+8
The array bounds and string overread check on GCC 12 report a dozen of false positives that result in VPP build failures on ubuntu 22.04. Work around this build issue by unconditionally disabling these two warnings if C compiler is GCC 12 or newer version. Type: fix Signed-off-by: Jieqiang Wang <jieqiang.wang@arm.com> Change-Id: I999e847bb625ebdf3ef5f11b11598c553f306670
2023-11-07misc: silence -Wmaybe-uninitialized warningsJieqiang Wang4-4/+4
GCC 12 complains about such errors while the code itself looks good. Type: fix Signed-off-by: Jieqiang Wang <jieqiang.wang@arm.com> Change-Id: I021719fdbf7d9bd93a12eac76aeac8cbca13a810
2023-11-06vppinfra: fix ASAN issue in vec_foreach_pointer and pool_foreach_pointerDamjan Marion2-5/+6
Change-Id: If9381ae7283488b352a3c22f85732cd56ac6bfd9 Type: fix Fixes: 9937359, 91ff0e9 Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-11-06ipsec: delete redundant codeDengfeng Liu1-4/+0
Type: fix Change-Id: I0de1c51455b0d3958c75ab5626a318ac656adbe7 Signed-off-by: Dengfeng Liu <liudf0716@gmail.com>
2023-11-06dpdk: correct the printing of Rx offloading flagsJieqiang Wang1-1/+1
DPDK added new Rx checksum flags[1] to handle cases like the virtual drivers. Current check of flags is not strict enough for flags like RTE_MBUF_F_RX_IP_CKSUM_NONE and will always be true no matter the checksum in packet is good or bad. Fix this issue by comparing the result of AND operation with the correspinding Rx checksum flags. Before this patch, packet trace prints the offload flags as below: Packet Offload Flags PKT_RX_IP_CKSUM_GOOD (0x0080) IP cksum of RX pkt. is valid PKT_RX_IP_CKSUM_NONE (0x0090) no IP cksum of RX pkt. PKT_RX_L4_CKSUM_GOOD (0x0100) L4 cksum of RX pkt. is valid PKT_RX_L4_CKSUM_NONE (0x0108) no L4 cksum of RX pkt. After this patch, packet offload flags would be like: Packet Offload Flags PKT_RX_IP_CKSUM_GOOD (0x0080) IP cksum of RX pkt. is valid PKT_RX_L4_CKSUM_GOOD (0x0100) L4 cksum of RX pkt. is valid Type: fix [1] https://github.com/DPDK/dpdk/commit/5842289a546ceb0072bd7faccb93821e21848e07 Signed-off-by: Jieqiang Wang <jieqiang.wang@arm.com> Change-Id: I3182022d9ccd46b2fc55bb3edfbfac9062ed7c89
2023-11-06pci: remove unnecessary ioctl() call and improve logging in vfio_set_irqsDamjan Marion3-34/+49
Type: improvement Change-Id: Ic8e2785bf375882defe5a1d299948d522cdd4895 Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-11-06pci: fix VFIO set IRQ codeDamjan Marion1-2/+2
Type: fix Fixes: 599a16b Change-Id: I954e037ab944028798f9aa2a93f45322c8c7b4bb Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-11-04bonding: add checks for sw_if_index in apiStanislav Zaikin1-0/+12
Type: fix Signed-off-by: Stanislav Zaikin <stanislav.zaikin@46labs.com> Change-Id: I16b48460b3fcd82bbb89c375402cb2455414d8bb
2023-11-03vppinfra: refactor interrupt codeDamjan Marion11-165/+127
Type: improvement Change-Id: Ie6987736faf7d8a641762e276775da8ee0c03ea4 Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-11-03tests: allow explicit defaults for arg typesDmitry Valter1-2/+2
Allow settings default values explicitly in positive_int_or_default and positive_float_or_default. It allows setting setting default 0 test retries explicitly despite it being not positive. Type: improvement Signed-off-by: Dmitry Valter <d-valter@yandex-team.com> Change-Id: Id23a9fdae0ef174eea8992c1f9fc2530aade6194
2023-11-03dev: strip debig log function name prefix during compilationDamjan Marion6-32/+14
Type: improvement Change-Id: I9b9bb37a0895366b412f042b0e2da5bbdd477325 Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-11-03tests: refactor asf framework codeDave Wallace166-2974/+1050
- Make framework.py classes a subset of asfframework.py classes - Remove all packet related code from asfframework.py - Add test class and test case set up debug output to log - Repatriate packet tests from asf to test directory - Remove non-packet related code from framework.py and inherit them from asfframework.py classes - Clean up unused import variables - Re-enable BFD tests on Ubuntu 22.04 and fix intermittent test failures in echo_looped_back testcases (where # control packets verified but not guaranteed to be received during test) - Re-enable Wireguard tests on Ubuntu 22.04 and fix intermittent test failures in handshake ratelimiting testcases and event testcase - Run Wiregard testcase suites solo - Improve debug output in log.txt - Increase VCL/LDP post sleep timeout to allow iperf server to finish cleanly. - Fix pcap history files to be sorted by suite and testcase and ensure order/timestamp is correct based on creation in the testcase. - Decode pcap files for each suite and testcase for all errors or if configured via comandline option / env var - Improve vpp corefile detection to allow complete corefile generation - Disable vm vpp interfaces testcases on debian11 - Clean up failed unittest dir when retrying failed testcases and unify testname directory and failed linknames into framwork functions Type: test Change-Id: I0764f79ea5bb639d278bf635ed2408d4d5220e1e Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2023-11-02tcp: fix reset w pktFlorin Coras1-24/+3
Do not add ip header as that's added by tcp output and fix checksum. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I9439acf5c66184af0350b1d4d7406b3feb2e79a1
2023-11-02tests: remove packet debug output from npt66 testcasesDave Wallace1-1/+1
Type: test Change-Id: I1883b50f67890aefb28ca0ca7447f4e73c574d26 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2023-11-02iavf: new driver using new dev infraDamjan Marion18-4/+4589
Type: feature Change-Id: I9ae0dbf28b4571a37c568b587b771f90c06f200d Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-11-02dev: new device driver infraDamjan Marion35-5/+5466
Type: feature Change-Id: I20c56e0d3103624407f18365c2bc1273dea5c199 Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-11-01tcp: remove redundant ack checksFlorin Coras1-18/+0
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I4001f39afde8c33b60c15f74034bcce013fbbf70
2023-11-01tcp: allow ooo data in syn-rcvdFlorin Coras1-9/+0
As long as ack and segment are legitimate accept ooo data as we transition to established. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I85cdc65d70cb8ae689a9ce9bbe4f86228b1ac533
2023-11-01tcp: postpone cleanup on connect failuresFlorin Coras1-2/+6
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I231b319d4d7aa3e17cc8cfe8aaa4762995a5b2c4
2023-10-31tests: fix UDP port range for mdata and bufmonDave Wallace2-2/+2
- Use of well known UDP port numbers causes random failure of mdata and bufmon tests Type: test Change-Id: I21a01c54e5f166aea101d3caace85b53f3f7285d Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2023-10-31docs: Updated "VPP with Containers" use-case sectionhsandid4-29/+26
Type: improvement Modified "VPP with Containers" doc section to run on Ubuntu 22.04 LTS. Change-Id: Ic09b88cf0e3b492711222a1bb24552de964a7d03 Signed-off-by: hsandid <halsandi@cisco.com>
2023-10-31tests: http static - skip if cannot create namespacesadrianvillin1-9/+6
Type: test Change-Id: I5fddb293f1b56853613ca2823dbb6d3d887d9929 Signed-off-by: adrianvillin <avillin@cisco.com>
2023-10-31hsa: use common app session interface in echo testsFilip Tehlar4-86/+56
Type: test Change-Id: Ib320cfb5e20f12614c013a92ac15490f8ca3a7ce Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2023-10-31ipsec: separate UDP and UDP-encapsulated ESP packet processingvinay tripathi1-8/+33
This fix differentiates UDP and UDP-encapsulated ESP packets processing. While UDP-encapsulated ESP traffic is processed as IPsec traffic, UDP as other plain-text protocols is NOT dispatched against SPD policies. Key logic is taken from RFC 3948, and is based on the fact that the checksum of UDP packet encapsulating ESP packet must be zero. Type: fix Signed-off-by: vinay tripathi <vinayx.tripathi@intel.com> Change-Id: Ib1b4d240eea8e89f2daf17ec833905f26cdb31bd
2023-10-31ipsec: modify IPsec related tests to send and verify UDP-encapsulated ESP ↵vinay Tripathi3-12/+162
traffics In this patch, IPsec related test files have been modified to send UDP-encapsulated ESP packets,and validate against Inbound and Outbound policies that are configured with Bypass, Discard and Protect action. Type: test Change-Id: I4b8da18270fd177868223bfe1389dc9c50e86cc5 Signed-off-by: vinay Tripathi <vinayx.tripathi@intel.com>