summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2017-08-11acl-plugin: add the debug CLI to show macip ACLs and where they are applied ↵Andrew Yourtchenko1-0/+76
(VPP-936) When looking at resource utilisation, it is useful to understand the interactions between the acl-plugin and the rest of VPP. MACIP ACLs till now could only be dumped via API, which is tricky when debugging. Add the CLIs to see the MACIP ACLs and where they are applied. Change-Id: I3211901589e3dcff751697831c1cd0e19dcab1da Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> (cherry picked from commit f2cfcf676e67a7ea80ce20a69826210eb97acba5)
2017-08-10Fix memory leaks found in policer code.Chaoyu Jin1-0/+34
2nd commit is to fix style failures. 3rd commit is to remove unneccesary change based on review comment. Change-Id: I4d54d25c27e037b9d0438f8af416cf113763dc6d Signed-off-by: Chaoyu Jin <chjin@cisco.com>
2017-08-10Add tcp, session-layer MAINTAINERS file entriesDave Barach1-0/+8
Change-Id: I6c89383738624b8b18645b6c93c3025604ac538e Signed-off-by: Dave Barach <dave@barachs.net>
2017-08-10Fix LISP cp buffer leakageFlorin Coras1-1/+3
Change-Id: Id7e0f967cc510f0b45f043f74493854083ac67ae Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-08-10acl-plugin: add MAINTAINERS entryAndrew Yourtchenko1-0/+5
Change-Id: I681eca4897f8dba7e85fdbcbb7e03d1d9ef29224 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-08-10acl-plugin: hash lookup bitmask not cleared when ACL is unapplied from ↵Andrew Yourtchenko3-4/+31
interface (VPP-935) The logic in hash ACL bitmask update was using the vector of ACLs applied to the interface to rebuild the hash lookup mask. However, in transient cases (like doing group manipulation with hash ACLs), that will not hold true. Thus, make a local copy of for which ACL indices the hash_acl_apply was called previously, and maintain that one local to the hash_lookup.c file logic. Change-Id: I30187d68febce8bba2ab6ffbb1eee13b5c96a44b Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> (cherry picked from commit 1de7d7044434196610190011ebb431f054701259)
2017-08-10Improve the svm fifo allocatorDave Barach6-20/+151
- Round up requested fifo size to the next power of two - Maintain per-segment power-of-two freelists - Allocate fifos in chunks, to amortize alignment overhead - Detach builtin test client application after each run so we can use different fifo sizes each time - Be more suspicious of session / application indices Useful prep work for dynamically resizing fifos. As far as the svm fifo code is concerned, it's OK to set fifo->nitems anywhere in the interval: [0, 1<<(fifo->freelist_index) + FIFO_SEGMENT_MIN_FIFO_SIZE] It's unlikely that setting nitems below the path MTU will work out very well... Change-Id: Idad73a027dfb7412056cb02988b77e300fa7e8a7 Signed-off-by: Dave Barach <dave@barachs.net>
2017-08-10acl-plugin: avoid crash in multithreaded setup adding/deleting ACLs with ↵Andrew Yourtchenko3-0/+83
traffic (VPP-910/VPP-929) The commit fixing the VPP-910 and separating the memory operations into separate heaps has missed setting the MHEAP_FLAG_THREAD_SAFE, which quite obviously caused the issues in the multithread setup. Fix that. Also, add the debug CLIs "set acl-plugin heap {main|hash} {validate|trace} {1|0}" to toggle the memory instrumentation, in case we ever need it in the future. Change-Id: I8bd4f7978613f5ea75a030cfb90674dac34ae7bf Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> (cherry picked from commit e6423bef32ca2ffcfcd7a092eb4673badd53ea4c)
2017-08-10make test: bump default test timeout to 10 minutesKlement Sekera1-1/+1
Change-Id: I25d88966376d712ff61f29227a45880a59e8ecf2 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-08-10MPLS tunnel - multiple labels on the CLI - fix cut and paste robot errorsNeale Ranns1-13/+4
Change-Id: I675af62d9c0c9cf2e340bf19e902695861d4e4b5 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-08-09VPP-933 VPP crashes when deleting an ARP entryMatthew Smith1-0/+7
When attempting to delete an ARP entry on an interface that hasn't had any ARP entries added yet, VPP was retrieving an array element at an index that was out of bounds and trying to dereference it. Change-Id: Id141d3bfd8378dd8dd63f43b0b4b41461c285a4f Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2017-08-10make test: detect hung testsKlement Sekera6-29/+148
Run tests in a forked process with a set of pipes to communicate keep-alives and overall result. This allows us to detect when e.g. vpp dies mid-API call causing the test to hang waiting for response (which will never come since vpp died). Support setting a (per test case) TIMEOUT make test option to set timeout, with a default timeout of 120 seconds. Example - fail the test suite if any test-case fails to finish within 300s: make TIMEOUT=300 test Change-Id: I0d04f26a7232968f4bf043adf5d5b508f5018717 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-08-10TCP proxy prototypeDave Barach16-212/+801
- Clean up internal API client registration - Add proxy server - Add a reference count to the svm fifo Change-Id: I5ace1c85497062ed412d26ae76a9e6741af1e984 Signed-off-by: Dave Barach <dave@barachs.net> Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-08-10acl-plugin: all TCP sessions treated as transient (VPP-932)Andrew Yourtchenko2-13/+146
The packet that was creating the session was not tracked, consequently the TCP flags seen within the session record never got the value for the session to get treated as being in the established state. Test-escape, so add the TCP tests which test the three phases of the TCP session life and make them all pass. Change-Id: Ib048bc30c809a7f03be2de7e8361c2c281270348 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> (cherry picked from commit 754370f1b55d4102d21dd94676f2bda3170c7df0)
2017-08-09dpdk: only build SW crypto for x86_64 platformsSergio Gonzalez Monroy1-3/+10
Change-Id: If559747ad59c82c81d15734f27e15548eca0962b Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
2017-08-09PPPoE: use DPO protos in FIB entry path add/removeNeale Ranns1-2/+3
Change-Id: I6ac10ec0adf179b86f97269bbce2a7fd8796e72a Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-08-09Add PPPoE PluginHongjun Ni22-0/+3787
Supports 64K PPPoE sessions This plugin adds three graph nodes: 1) pppoe-input for PPPoE decapsulation 2) pppoe-encap for PPPoE encapsulation 3) pppoe-tap-dispatch for control plane process Below is the configuration to make PPPoE CP and DP work: vim /etc/vpp/startup.conf tuntap { enable ethernet name newtap } create pppoe tap tap-if-index 1 //Configure it after a subscriber's PPPoE discovery and PPP link establishment succeeds: create pppoe session client-ip 100.1.2.1 session-id 1 client-mac 00:11:01:00:00:01 show pppoe fib show pppoe session Change-Id: I73e724b6bf7c3e4181a9914c5752da1fa72d7e60 Signed-off-by: Hongjun Ni <hongjun.ni@intel.com>
2017-08-09Allow multiple MPLS output labels to be passed on the CLINeale Ranns3-16/+53
Change-Id: Ib5af105e32b6b0df86923e189ab6bf6ee59de5b9 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-08-09ARP reply: use interface to build rewrite stringNeale Ranns1-17/+13
Change-Id: I488965e78d0b3291af4c82902098ca666317a22e Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-08-08L2 over MPLSNeale Ranns62-556/+889
[support for VPWS/VPLS] - switch to using dpo_proto_t rather than fib_protocol_t in fib_paths so that we can describe L2 paths - VLIB nodes to handle pop/push of MPLS labels to L2 Change-Id: Id050d06a11fd2c9c1c81ce5a0654e6c5ae6afa6e Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-08-08Create source rpm.Thomas F Herbert3-5/+24
Use actual file name for tarball. Includes required modifications in spec file for unpacking srpm. Spec file source references actual dist tarball name so it matches the revision and release while building from srpm. JIRA: VPP-498 Change-Id: I8b55a69f060b7864527b94d8c5b0a2ebccc306b1 Signed-off-by: Thomas F Herbert <therbert@redhat.com>
2017-08-08acl-plugin: fix a misplaced return (VPP-910)Andrew Yourtchenko1-1/+1
It was uncaught by make test because the corresponding tests are not there yet - part of 17.10 deliverables Change-Id: I55456f1874ce5665a06ee411c7abf37cd19ed814 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> (cherry picked from commit 58013b73509521789608f24a79a00177797ff9b1)
2017-08-08MAC IP ACL interface list dump (as an alternative to the get/reply)Neale Ranns2-1/+90
Change-Id: I2e71aef1aa745e85ad3234b0b708cdc50f335a75 Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2017-08-08acl-plugin: rework the optimization 7383, fortify acl-plugin memory behavior ↵Andrew Yourtchenko5-150/+289
(VPP-910) The further prolonged testing from testbed that reported VPP-910 has uncovered a couple of deeper issues with optimization from 7384, and the usage of subscripts rather than vec_elt_at_index() allowed to hide a couple of further errors in the code. Also, the current acl-plugin behavior of using the global heap for its dynamic data is problematic - it makes the troubleshooting much harder by potentially spreading the problem around. Based on this experience, this commits makes a few changes to fix the issues seen, also improving the serviceability of the acl-plugin code for the future: - Use separate mheaps for any ACL-related control plane operations and separate for the hash lookup datastructures, to compartmentalize any memory-related issues for the ACL plugin. - Ensure vec_elt_at_index() usage throughout the hash_lookup.c file. - Use vectors rather than raw memory for storing the "ordinary" ACL rules. - Rework the optimization from 7384 to use a separate tail pointer rather than overloading the "prev" field. - Make get_session_ptr() more conservative and adjust is_valid_session_ptr accordingly Change-Id: Ifda85193f361de5ed3782a4acd39622bd33c5830 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> (cherry picked from commit bd9c5ffe39e9ce61db95d74d150e07d738f24da1)
2017-08-07LISP: Map-server fallback featureFilip Tehlar6-58/+405
Change-Id: I1356296e1a85b5d532f45ba70572b2184ac3f6fb Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-08-07make test: kill all remaining subprocesses on exitKlement Sekera2-1/+26
This change introduces a wrapper script which kills all processes in the same process group as itself (with the exception of the script). Using this script to run the unit tests should prevent stale processes left behind in some cases (e.g. when test framework crashes). Change-Id: If3b9201c06b87fa6be095721436893207d09b5e4 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-08-05LISP: fix map register TTL reply handler, VPP-926Filip Tehlar1-1/+1
Change-Id: I0c638ad5dabc035b4b7de3b9befbe2c8ba7b0b66 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-08-04jvpp: provide more detailed exception logs (VPP-436)Matej Perina3-3/+38
Error descriptions provided in api_errno.h are never used, only error tag/name and number make it to enum vnet_api_error_t so new macro is introduced in jvpp_common.c to extract message according to error number and passed to VppCallbackException constuctor. Change-Id: If2a687752807d7250d9226987583df00f151e87f Signed-off-by: Matej Perina <mperina@cisco.com> Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2017-08-04don't truncate the interface name in 'sh ip arp'Neale Ranns1-1/+1
Change-Id: Ifb17bae98ae1362078889d40e2369d58997bd92c Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2017-08-04Initialize vxlan-gpe bypass modeHongjun Ni1-0/+16
Change-Id: I2a75357d49a971818c8d96d56d184c5d01fbc775 Signed-off-by: Hongjun Ni <hongjun.ni@intel.com>
2017-08-04SNAT: fix address and port allocation for multiple worker threads (VPP-925)Matus Fabian4-21/+51
There is a chance to allocate the same outside address and port. Assign a block of port numbers to each worker. Change-Id: I6ef7dc0aab4834705f4e6097c362940d18d747e8 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-08-04Fix nasm deps for Fedora.Thomas F Herbert1-1/+5
Fedora 24 and 25 distro already includes nasm 2.12 but Centos does not as yet. Change-Id: I060ea8b7b7892ac8444d850398ed1c9100631fbc Signed-off-by: Thomas F Herbert <therbert@redhat.com>
2017-08-03acl-plugin: multicore: CSIT c100k 2-core stateful ACL test does not pass ↵Andrew Yourtchenko4-41/+106
(VPP-912) Fix several threading-related issues uncovered by the CSIT scale/performance test: - make the per-interface add/del counters per-thread - preallocate the per-worker session pools rather than attempting to resize them within the datapath - move the bihash initialization to the moment of ACL being applied rather than later during the connection creation - adjust the connection cleaning logic to not require the signaling from workers to main thread - make the connection lists check in the main thread robust against workers updating the list heads at the same time - add more information to "show acl-plugin sessions" to aid in debugging Change-Id: If82ef715e4993614df11db5e9afa7fa6b522d9bc Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> (cherry picked from commit 8e4222fc7e23a478b021930ade3cb7d20938e398)
2017-08-03DHCP Client: receive unicast ACKsNeale Ranns3-29/+151
despite VPP DHCP client setting neither ciaddr nor giaddr and setting the broadcast bit (see RFC 2131 section 4.1) some DHCP servers will still send a unicast DCHPACK. So as not to drop this VPP must have both 1) a receive FIB entry for the OFFERED IP adress and 2) a 'don't drop me because of uRPF' FIB entry for the DHCP server's address. Change-Id: I167d858deb45629318cbdccf5bf67d971730a42f Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-08-03Add support for API client to receive L2 MAC eventsJohn Lo11-173/+605
Added APIs want_l2_macs_events and l2_macs_event to allow an API client to receive notification events from VPP for MAC learned or aged in L2FIB. Only one API client is allowed for L2 MAC events. The want_l2_macs_events API allow caller to specify MAC learn limit, event scan delay and max number of MACs that can be included in a event message. These parameters should be choosen properly as to not have too many MAC events sent by VPP and overwhelm the API share memory. They can all be left as 0's so VPP will setup reasonable defaults which are: 1000 learn limit, 100 msec scan delay and 100 MACs per event message. If want_l2_macs_events is never called, VPP learning and aging should behave as before except that MAC entries provisioned by API or CLI will not be aged, even if it is not set as static_mac. These non static MACs, however, can be overwritten by MAC learning on a MAC move as a leared MAC. Only learned MACs are subject to aging. Change-Id: Ia3757a80cf8adb2811a089d2eafbd6439461285c Signed-off-by: John Lo <loj@cisco.com>
2017-08-03gtpu bypass function doesn't work (VPP-924)jerryian1-0/+14
Change-Id: I80183f7d984ed6ed2e3405d1bb65fe761a29bc81 Signed-off-by: jerryian <gu.jian1@zte.com.cn>
2017-08-02LISP: make TTL for map register messages configurableFilip Tehlar6-0/+248
Change-Id: I38e1c6a6b033e12ef3f4345a1deff73fa4adbea0 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-08-02Fix vpp crash sending arp or probing neighb (VPP-917)Pavel Kotucek2-0/+29
VPP crash when trying to send arp message or to probe neighbor over interface with IP address but without hw address (local0 and tunnels - vxlan, gre, ...) Change-Id: I08a1c97d3ea913fc11b2886cf73b2ccc31356664 Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
2017-08-02Fix ip checksum offload, move badly-placed ASSERTDave Barach2-2/+4
Change-Id: I5e04d618c4b4987edc64f6d82fd0a81b8362dbb0 Signed-off-by: Dave Barach <dbarach@cisco.com>
2017-08-02memif: construct interface name out of socket file idx and intf idDamjan Marion1-2/+4
Change-Id: Ib4de018a84e9c94df26a8870bf1b04e26204ace1 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-08-02Added NASM package to support SW cryptoMarco Varlese1-1/+1
Change-Id: Idd6614b80e456eb40c760024b563ffd0e5c313ec Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2017-08-02Update CSIT tests 170724 -> 170731Jan Gelety1-1/+1
- update of CSIT operational branch to be used for VPP-patch test Change-Id: I3ec322a71764d6d3e8aaeeabd4464fd6bde2880e Signed-off-by: Jan Gelety <jgelety@cisco.com>
2017-08-02Fix tcp tx buffer allocationFlorin Coras15-120/+375
- Make tcp output buffer allocation macro an inline function - Use per ip version per thread tx frames for retransmits and timer events - Fix / parameterize tcp data structure preallocation - Add a couple of gdb-callable show commands - Fix local endpoint cleanup Change-Id: I67b47b7570aa14cb4634b6fd93c57cd2eacbfa29 Signed-off-by: Florin Coras <fcoras@cisco.com> Signed-off-by: Dave Barach <dave@barachs.net>
2017-08-02Make ip csum configurable in vlib buffer functionsFlorin Coras8-24/+28
Also fixes csum computation for lisp control plane 4o6 encapsulated control messages. Change-Id: I991e0b5c0d16dc51e0b5bdc79e1d752270b34765 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-08-01FIB path weight incorrect in dump (VPP-922)Neale Ranns6-11/+17
Change-Id: I655f41878ca3595681d0255782b0faba01c9824b Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-08-01Tests for recursive load-balancing with no choices.Neale Ranns2-5/+68
Change-Id: I90bb3369576741d03628a818ffa63cc99d6e4c98 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-08-01P2P EthernetPavel Kotucek18-34/+1145
Change-Id: Idb97e573961b3bc2acdeef77582314590795f8c3 Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
2017-08-01SPAN/API:enable L2 dumpEyal Bari4-7/+25
Change-Id: Icea1dff33aae35a85ae1a7ed1900a0abb3fe4b6b Signed-off-by: Eyal Bari <ebari@cisco.com>
2017-07-31ssvm->name must be a vector containing a c-string.Dave Wallace2-3/+5
Change-Id: I14a97a7fdd000da62d2ed4bea71f55ee34a21311 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-07-31jvpp: moving current tests to separate folder marked as examplesMatej Perina31-183/+114
Change-Id: Ib1a13e0a6cba69aba7a26e1bd52f4c55c4ccc027 Signed-off-by: Matej Perina <mperina@cisco.com>