summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2017-10-09NAT: hairpinning rework (VPP-1003)Matus Fabian4-16/+125
Change-Id: I7c6911cd6ac366fe62675fd0ff8b0246a25ea1db Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-10-09NAT: fixed ICMP broken translation for GRE tunnel interface (VPP-1008)Matus Fabian3-31/+27
Change-Id: Ie3245b96c511cc30915e70e8c881f445291a38c2 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-10-09fix buffer allocation for sparse jumbo frames in vhostPierre Pfister1-1/+3
A bug was reported where a jumbo packet would stay in vhost queue forever or until a large enough number of other packets arrived in the queue too. This is due to a bug in vhost input node buffer allocation. The fix is to make sure that vhost always allocates at least enough buffers for one single big packet. '40' is used to account for 65kB frames. Change-Id: I1d293028854165083e30cd798fab9d4140230b78 Signed-off-by: Pierre Pfister <ppfister@cisco.com> (cherry picked from commit 67700d41169ac37d21c400949a316750eabad969)
2017-10-09Allow use of /etc/os-release fileMarco Varlese5-46/+33
The top-level Makefile in VPP already uses the file /etc/os-release to recognize which OS the build is being performed on. The scripts for vagrant images instead were still using different files for different distros and adding a new distro to be supported causes issues with the extra-logic to deal with it. This patch aligns the vagrant scripts to use the same approach followed by the top-level Makefile and simplifies the steps to identify / update the OS and build / run VPP. Change-Id: I539f4a7c27b3fef70ed1c12b0276049bc47dc289 Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2017-10-06Coverity fixes for API socketChris Luke2-8/+10
- Coverity whines about a zero-length field not being initialized. Change the struct setup to an initializer which will implicitly zero all unused fields, and add the coverity notation that should stop it whining. One or both of these should shut it up! - Fix some incorrect use of ntohl that was tainting values; in these cases htonl should have been used, and avoid a double-swap. Change-Id: I00493a77eb23a0b8feb647165ee349e1e9d5cfdb Signed-off-by: Chris Luke <chrisy@flirble.org>
2017-10-06VCL: add epoll_* functions.Dave Wallace5-87/+815
Change-Id: Ife27795ea96919c116fb6ff33d106663b54df72d Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-10-06tuntap: Introduce per thread structure to suport multi-threadsSteven2-65/+99
https://gerrit.fd.io/r/#/c/8551/ decoupled the global variable, namely tm->iovecs from TX and RX. However, to support multi-threads, we have to eliminate the use of this global variable with per thread variable. I notice that rx_buffers must also be per thread variable. So, we introduce per thread struct to contain rx_buffers and iovecs. Each thread will find the per thread struct with thread_index. Change-Id: I61abf2fdace8d722525a382ac72f0d04a173b9ce Signed-off-by: Steven <sluong@cisco.com>
2017-10-06Initial GENEVE TUNNEL implementation and tests.Marco Varlese20-2/+4600
Notes on this first implementation: * First version of the implementation does NOT support GENEVE OPTIONS HEADER: it isn't well understood what the purpose of the OPTIONS will be and/or what content would be placed in the variable option data; Once the IETF work will evolve and further information will be available it could be possible to modify the frame rewrite to contemplate the actual GENEVE OPTIONS. Change-Id: Iddfe6f408cc45bb0800f00ce6a3e302e48a4ed52 Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2017-10-06Separate CP and DP fib table for PPPoEHongjun Ni3-56/+66
CP table: link_table DP table: session_table Change-Id: I2adbfd8f6a63d51d00d6dd291f32aebf20d13e4d Signed-off-by: Hongjun Ni <hongjun.ni@intel.com>
2017-10-05dpdk/ipsec: rework plus improved cli commandsSergio Gonzalez Monroy15-1704/+2524
This patch reworks the DPDK ipsec implementation including the cryptodev management as well as replacing new cli commands for better usability. For the data path: - The dpdk-esp-encrypt-post node is not necessary anymore. - IPv4 packets in the decrypt path are sent to ip4-input-no-checksum instead of ip4-input. The DPDK cryptodev cli commands are replaced by the following new commands: - show dpdk crypto devices - show dpdk crypto placement [verbose] - set dpdk crypto placement (<device> <thread> | auto) - clear dpdk crypto placement <device> [<thread>] - show dpdk crypto pools Change-Id: I47324517ede82d3e6e0e9f9c71c1a3433714b27b Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
2017-10-05Clean up "show api ring" debug CLIDave Barach2-4/+15
Add a primary svm_region_t pointer to the api_main_t so we can always find the primary region, even when processing an API message from a memfd segment. Change-Id: I07fffe2ac1088ce44de10a34bc771ddc93af967d Signed-off-by: Dave Barach <dave@barachs.net>
2017-10-05Distributed Virtual Router SupportNeale Ranns16-109/+727
A distributed virtual router works by attmpeting to switch a packet, but on failing to find a local consumer (i.e. the packet is destined to a locally attached host) then the packet is sent unmodified 'upstream' to where the rest of the 'distributed' router is present. When L3 switching a packet this means the L2 header must not be modifed. This patch adds a 'l2-bridge' object to the L3 FIB which re-injects packets from the L3 path back into the L2 path - use with extreme caution. Change-Id: I069724eb45956647d7980cbe40a80a788ee6ee82 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-10-04[aarch64] Fixes CLI crashes on dpaa2 platform.Christophe Fontaine74-130/+130
- always use 'va_args' as pointer in all format_* functions - u32 for all 'indent' params as it's declaration was inconsistent Change-Id: Ic5799309a6b104c9b50fec309cba789c8da99e79 Signed-off-by: Christophe Fontaine <christophe.fontaine@enea.com>
2017-10-04Packages dependencies: added clang3_8 and indent packagesMarco Varlese1-2/+3
Change-Id: I4ed2d5f7e743369e2a41cfcb93b016d928cfed95 Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2017-10-04checkstyle: add clang-format dependency, fix bugKlement Sekera2-2/+2
Change-Id: I608d3b73700d57652b015a9fc09300e99386a37f Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-10-04Set MAC address needs the HW interface indexNeale Ranns2-2/+6
Change-Id: I7b175d57b85e626aab00221b6dac0498aebcbeae Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-10-04dpdk: use vpp physmem allocator for dpdk buffersDamjan Marion2-63/+144
This allows us to have single contignuous allocation for DPDK buffers with single mmap FD, so buffer memory can be easily shared with diffrent process. As a consequence dpdk socket-mem is no longer in charge for allocating buffer memory, but still we need some space allocated for dpdk structures so default socket-mem is reduced form 256 to 64 MB. For a default of 16K buffers per numa node, physmem allocation is now 40MB, so basically this change reduces footprint from 256MB per socket to 48 (64 + 40). Change-Id: Ic8cfe83930a18411545b37a12b14aac89affd04f Signed-off-by: Damjan Marion <damarion@cisco.com> Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com> Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-10-04Dump of deag/lookup routes has is_drop=1 (VPP-995)Neale Ranns1-0/+2
Change-Id: I58772a83e22885a9ea8a7a981d2bcb4b31a050d2 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-10-04libmemif: memif_rx_burst fixJakub Grajciar1-2/+2
Change-Id: I2f488fef828df8915b57552567e1be79efe69700 Signed-off-by: Jakub Grajciar <Jakub.Grajciar@pantheon.tech>
2017-10-04memif: crash on slave modeSteven1-0/+1
Crash was seen on recent image with this BT on top of the stack (gdb) bt full (mif=0x7fffb6226568) at /vpp/build-data/../src/plugins/memif/memif.c:297 ring = 0x0 <<<<<<<<<< i = 0 j = 0 buffer_offset = 65792 r = 0x7fffb5e59f80 alloc = {flags = 1, name = 0x7fffb449f965 "memif region", size = 4260096, numa_node = 0, addr = 0x7fff41dac000, fd = 11, log2_page_size = 12, n_pages = 1041} err = 0x0 __FUNCTION__ = "memif_init_regions_and_queues" The crash happened at this line. ring = memif_get_ring (mif, MEMIF_RING_S2M, i); ring=>head = ring->tail = 0; <===== Please note that the crash is caused by dereferencing NULL rinng. Put breakpoint into the function. I notice that mif->regions[0].shm is not initialized. (gdb) p mif->regions[0].shm $8 = (void *) 0x0 It looks like we forgot to set shm after clib_mem_vm_ext_alloc(). Add the missing cide and the crash is fixed. Change-Id: Ib722a6c241c77acfa8e33962106b57faa50e1ea7 Signed-off-by: Steven <sluong@cisco.com>
2017-10-04Update CSIT tests 170926 -> 171002Jan Gelety1-1/+1
- update of CSIT operational branch to be used for VPP-patch test Change-Id: I6331016b17b0811bf0ea1be03c5782428514a01a Signed-off-by: Jan Gelety <jgelety@cisco.com>
2017-10-04VPP-1001 - update AF Packet Driver to for modern kernelsAnton Ivanov4-10/+119
1. Add VNET headers support for checksumming - required to operate correctly on any recent Linux 2. Bypass QDISC on transmit - improves performance by ~ 5%. Enabled only if the macro is detected - apparently not present on archaic distributions. This still does not solve all issues with TSO - it can be fixed only by going to tpacket v3 and dynamic rx ring as well as significant changes in the TX (sendmmsg?). Change-Id: Iea14ade12586c0a8da49e6dd1012108a08bc85b3 Signed-off-by: Anton Ivanov <anton.ivanov@cambridgegreys.com>
2017-10-04Add API support to dump IPsec SAsMatthew Smith3-0/+292
Add an API request message type to dump IPsec SAs. Either all IPsec SAs can be dumped or it can be limited to a single SA ID (numeric ID set at creation time - not an index). Add a handler for incoming messages with the new request type. Add an API response message type containing the data for an IPsec SA. Add VAT support for new message type. Change-Id: Id7828d000efc637dee7f988a87d3f707a8b466b7 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2017-10-03api: fix internal client registrationsFlorin Coras1-0/+2
Makes sure vlib_rp and shmem_hdr are initialized for internal registrations. They are needed for keepalive msg exchanges. Change-Id: I805dec2d2aa84b1efdc1fdd692fc1d94389b776e Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-10-03Update L2FIB entry timestamp only if BD aging enabled (VPP-1002)John Lo3-3/+6
Change L2 learning path so it update stale timestamp in MAC entry only if aging is enabled on the BD for the MAC entry. Change-Id: I7babe986ceef3c030d8ef9185076c42b405f7b0f Signed-off-by: John Lo <loj@cisco.com>
2017-10-03L2FIB,TEST:add max macs in event testeyal bari1-0/+22
Change-Id: Ied72d44f8695af524751ffc54196cc3ac1addc85 Signed-off-by: Eyal Bari <ebari@cisco.com>
2017-10-03tcp: updates to connection closing procedure (VPP-996)Florin Coras4-17/+63
- add separate TIME_WAIT time constant - fix output node for TIME_WAIT acks - ensure snd_nxt is snd_una_max after retransmitting fin - debugging improvements Change-Id: Ic947153346979853f2526824b229126e47aead86 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-10-03jvpp: added logs for sending and receiving event messages (VPP-982)Matej Perina5-0/+30
Change-Id: I47f9d12d934378f18c6f841b902af2a64ee7b187 Signed-off-by: Matej Perina <mperina@cisco.com>
2017-10-03Repair vlib API socket serverDave Barach89-1106/+2510
- Teach vpp_api_test to send/receive API messages over sockets - Add memfd-based shared memory - Add api messages to create memfd-based shared memory segments - vpp_api_test supports both socket and shared memory segment connections - vpp_api_test pivot from socket to shared memory API messaging - add socket client support to libvlibclient.so - dead client reaper sends ping messages, container-friendly - dead client reaper falls back to kill (<pid>, 0) live checking if e.g. a python app goes silent for tens of seconds - handle ping messages in python client support code - teach show api ring about pairwise shared-memory segments - fix ip probing of already resolved destinations (VPP-998) We'll need this work to implement proper host-stack client isolation Change-Id: Ic23b65f75c854d0393d9a2e9d6b122a9551be769 Signed-off-by: Dave Barach <dave@barachs.net> Signed-off-by: Dave Wallace <dwallacelf@gmail.com> Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-10-03Propagate duplicate IF addr add/del error up to API.Jon Loeliger3-8/+30
Identify and complain when the same IP prefix is assigned to two different SW interfaces: vpp# set int ip address TenGigabitEthernet6/0/0 1.2.3.4/32 vpp# set int ip address TenGigabitEthernet6/0/1 1.2.3.4/32 set interface ip address: Prefix 1.2.3.4/32 already found on interface TenGigabitEthernet6/0/0 Change-Id: I1aee1b6a7ddd00d3109a53d8e1b6ce97bf45e372 Signed-off-by: Jon Loeliger <jdl@netgate.com>
2017-10-03make test: Copy api_post_mortem.$$ file tmp test dir for archiving.Dave Wallace2-7/+13
Change-Id: I4baf89ef383dbc2f309081a6b56b13ebcb8fc2df Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-10-02L2-FIB:add mac learn events testEyal Bari3-56/+76
fixes an issue where events were not sent if BD doesn't enable mac aging Change-Id: Iddc53cb5c45e560633e6c5cff2731dccfc70ad5b Signed-off-by: Eyal Bari <ebari@cisco.com>
2017-09-30make test: Create link to failed test dir on timeout.Dave Wallace2-1/+7
- Also change default coredump configuration from "coredump-size unlimited" to "full-coredump" Change-Id: Iefedc2636f2d9696b7575b34e91dd7be49f601fa Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-09-30make test: archive failed test data with build logs.Dave Wallace2-17/+32
- Fix invocation of compress_failed.sh - Fix compress_failed to copy compressed results files to $WORKSPACE/archives and return failure exit code. Failed test case data will be copied to logs.fd.io and found in the archives/<make test data dir>-FAILED directory in the build log link in the vpp-verify-master-ubuntu1604 jenkins job page. For example: https://logs.fd.io/production/vex-yul-rot-jenkins-1/vpp-verify-master-ubuntu1604/7353/archives/ Change-Id: Ife9a0737115e69c0a8441e3bb0133af1528d909b Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-09-29make test: fix/disable VAPI tests on centosKlement Sekera5-2/+33
Workaround old `check' library on centos. Disable building/running of C++ VAPI test as centos's gcc can't compile our C++ code (vapi.hpp) due to bug. Change-Id: If9da9c7f1bc076f7cdfb9bd3016dfe60a08afa36 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-09-28cdp/lldp: punt for no bufferSteven2-0/+6
When making a call to vlib_packet_template_get_packet(), it is possible to get back a NULL if the system runs out of buffer. This can happen when there is buffer leaks. But don't crash just because we run out of buffers, just punt. Change-Id: Ie90ea41f3dda6e583d48959cbd18ff124158d7f8 Signed-off-by: Steven <sluong@cisco.com>
2017-09-28C++ API: remove deprecated throw listsKlement Sekera1-8/+4
Change-Id: Ia58664438c9dc949884a794bd123555a13a02e6c Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-09-28drop python3 dependencyKlement Sekera4-29/+26
Change-Id: I99c2c1d0d5b96f33efdb58dd3a2897a752e65349 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-09-27Update package versionFlorin Coras1-1/+1
Change-Id: Ic9bc303b65c95a0e06f90c75b067056b0b11e654 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-09-28General documentation updatesChris Luke16-83/+117
- We now have several developer-focused docs, so create an index page for them. - Rework several docs to fit into the index structure. - Experiment with code highlighting; tweak the CSS slightly to make it slightly nicer to look at. Change-Id: I4185a18f84fa0764745ca7a3148276064a3155c6 Signed-off-by: Chris Luke <chrisy@flirble.org>
2017-09-28tun/tap: Bad packets sent to kernel via tun/tap interfaceSteven2-22/+29
It was observed that under heavy traffic, VPP accidentally sent traffic with the wrong source and destination to the tun/tap interface. Traffic appears to be sent to the wrong direction. This problem is only seen when worker thread is configured. When worker thread is used, TX and RX may reside in different core. Yet both TX and RX threads are sharing the same global variable, namely iovecs without any mutex or memory barrier protection. This creates a race condition when heavy traffic is blasted to VPP, like 1000 pps. We could create a mutex or memory barrier to ensure atomic memory access. But why bother? It is a lot cheaper to just decouple the iovecs such that TX and RX have their own iovecs. Change-Id: I86a5a19bd8de54d54f32e1f0845bae6a81bbf686 Signed-off-by: Steven <sluong@cisco.com>
2017-09-27VPP-990 remove registered handler if control ping failsv18.01-rc0Matej Perina3-0/+14
Change-Id: I5ca5763f0dc0a73cc6f014b855426b7ac180f356 Signed-off-by: Matej Perina <mperina@cisco.com>
2017-09-27LISP: add API handlers for set/get transport protocolFilip Tehlar4-0/+194
Change-Id: Ib675164c475edcdbe3013df7b847adf5e050c53f Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-09-27VLAN support on host(af-packet) interface.Akshaya N1-3/+26
On host interface if a VLAN tagged packet is received, linux kernel removes the VLAN header from packet byte stream and adds metadata in tpacket2_hdr. This patch explicitely checks for the presense of VLAN metadata and adds it in VPP packet. Change-Id: I0ba35c1e98dbc008ce18d032f22f2717d610c1aa Signed-off-by: Akshaya N <akshaya@rtbrick.com>
2017-09-27Update vagrant centos config to CentOS 7.4Dave Wallace3-2/+9
Change-Id: I45c1227b53ba9e57b94f1bc68de939cd3ce9d619 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-09-27Fix: unnecesary uio binding for Mellanox NICSteve Shin1-1/+3
UIO binding is not required for Mellanox NIC and calling vlib_pci_bind_to_uio() should be skipped. Change-Id: I10ea457bc3c8d4be8117dec51d5bd940ee416a44 Signed-off-by: Steve Shin <jonshin@cisco.com>
2017-09-27Various fixes for issues found by Coverity (VPP-972)Chris Luke5-3/+25
174267: Revisit this string termination issue 174816: Add check for NULL when trace is enabled 177211: Add notation that mutex is not required here 177117: Added check for log2_page_size == 0 and returns an error if so 163697,163698: Added missing sw_if_index validation Change-Id: I5a76fcf6505c785bfb3269e353360031c6a0fd0f Signed-off-by: Chris Luke <chrisy@flirble.org>
2017-09-27acl-plugin: take 2 at VPP-991 fix, this time with a test case which verifies it.Andrew Yourtchenko3-3/+42
The replacement of [] with pool_elt_at_index and subsequent fixing it was incorrect - it was equivalent to &[], since it returns a pointer to the element. I've added VPP-993 previously to create a testcase, so this commit partially fulfills that one as well. Change-Id: I5b15e3ce48316f0429232aacf885e8f7c63d9522 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-09-27make test: clean ext binaries when doing test-wipeKlement Sekera1-0/+1
Change-Id: I9f5212ee670ea91c6b35f1406c256d0687b9c6b5 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-09-27Update CSIT tests 1700906 -> 170926Jan Gelety1-1/+1
- update of CSIT operational branch to be used for VPP-patch test Change-Id: If582dc7c5e37bd3cda7ba4858e98fc504e2b7b1e Signed-off-by: Jan Gelety <jgelety@cisco.com>