summaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2019-06-06DVR: Control the reinject as L2 or L3 based on the output interface typeNeale Ranns3-11/+84
Change-Id: Ib4cdbe8a6a1d10a643941c13aa0acbed410f876c Type: Feature Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-06-06reassembly: support more custom options for appsKlement Sekera3-49/+146
Change-Id: Ib9f98fba5a724480ca95f11a762002c53e08df70 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-06-06gbp: fix lpm classification with vlanBenoît Ganne2-50/+45
Fix GBP LPM packet classification in the presence of a VLAN header. Change-Id: I2ff63b34f7475d696b10b5a245ff802bbb1ff01a Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-06-06gbp: do not classify unknown packet as EP packetsBenoît Ganne1-0/+4
If we fail to classify the packet based on LPM we must not classify it based on the EP sclass. Change-Id: Ie234e0c87bd44976c3c57c818359c93f7d99ab84 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-06-06lb: crashed with some specific commit under heavy trafficHongjun Ni3-5/+13
- When deleting VIP member with flush, VPP will crash. - When deleting VIP member without flush, vpp won't crash. - This crash is almost 100% reproductive. Ticket: VPP-1680 Type: fix Change-Id: Ia4e8f9e0f987176c7f6ec52c92e66563f313b0c3 Signed-off-by: Hongjun Ni <hongjun.ni@intel.com>
2019-06-05ipsec: fix combined counters in ah-encrypt nodeFilip Tehlar1-3/+5
Type: fix Fixes: 1197449 Change-Id: Icdda3c667ba76542ea3af5d66cc7c3fb10ade1ca Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2019-06-05ipsec: fix sa counters in esp-encryptDamjan Marion1-4/+7
Type: fix Fixes: c59b9a2 Change-Id: I6021e67196a4d31ab11d4e3cfbda34b678150701 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-06-05ipsec: fix sa counters in esp-decryptDamjan Marion1-6/+7
Type: fix Fixes: b4fff3a Change-Id: I2552cbc0a02e7445825a5a4ce290cde3d10c5f0b Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-06-05Switch atomic release API from __sync to __atomic builtin.Sirshak Das1-1/+1
__sync_lock_release switched to __atomic_store for code consitency, although both generate same instructions with current compilers. Change-Id: I37d320509e43a4c2b8a49af6346dc4a43ca2f535 Signed-off-by: Sirshak Das <sirshak.das@arm.com> Reviewed-by: Lijian Zhang <Lijian.Zhang@arm.com> Reviewed-by: Honnappa Nagarahalli <Honnappa.Nagarahalli@arm.com>
2019-06-05Switch atomic test and set API from __sync to __atomic builtinSirshak Das1-1/+1
__sync_test_and_set uses full memory barriers for AArch64, __atomic_exchange(ACQUIRE) would use load acquire. Change-Id: Ifdf2481db3b9dde6c5842d75671402862adb6d81 Signed-off-by: Sirshak Das <sirshak.das@arm.com> Reviewed-by: Lijian Zhang <Lijian.Zhang@arm.com> Reviewed-by: Honnappa Nagarahalli <Honnappa.Nagarahalli@arm.com>
2019-06-05avf: enable promiscuous modeSteven Luong3-1/+18
In order to receive multicast packets from the VF interface, promiscuos mode must be enable. Type: fix Fixes: b4ff07a Change-Id: I549bc37a05895d3355f2832c200e9262c95a27b5 Signed-off-by: Steven Luong <sluong@cisco.com>
2019-06-05In ip6_mfib_forward_rpf_node,is_v4 should be 0.mu.duojiao1-1/+1
Change-Id: I9de63cebfcef8898d0ea4c9c2b7451b168b06c2c Signed-off-by: mu.duojiao <mu.duojiao@zte.com.cn>
2019-06-05L3 cross connectNeale Ranns11-4/+1434
- all packets input on interface X are load-balanced over the set of paths provided. Change-Id: Ic27cb88c4cd5d6d3462570632daff7a43d5a652d Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-06-05IPSEC: some CLI fixesNeale Ranns6-10/+44
Change-Id: I45618347e37440263270baf07b2f82f653f754a5 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-06-04Tests: simple refactor in vpp_pg_interface.Paul Vinciguerra1-25/+23
Pull common code into a single method. Type: refactor Change-Id: Ic540d23eebbd17f838ed7a1a9dee80815a27847c Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-06-04elog: make elog_string() multi-thread safeSteven Luong1-0/+2
elog is supposed to be thread safe. Yet elog_string() is not. To fulfill that promise, let's make elog_string() thread safe to avoid surprises. Change-Id: Iab82faa7cb6719777a66c3ff14775e59a6a68a20 Signed-off-by: Steven Luong <sluong@cisco.com>
2019-06-04punt: fix the set_punt API/CLI which was rejecting valid portsNeale Ranns2-12/+31
add a UT for the API Change-Id: I93fb6ec2c5f74b991bf7f229250a30c0395b8e24 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-06-04features will register udp ports once configuredJakub Grajciar4-18/+38
plugins: - ipfixcollector vnet: - geneve - vxlan_gpe - vxlan Change-Id: I69a8b4017ee6990f2b4874fe3e94c4520bde7101 Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
2019-06-04Fix: bug prevented IPsec ipv4 SPDs to show correctlyGuillaume Solignac1-4/+9
Because of the initialisation of the end of the range, the command show ipsec spd on an ipv4 SPD didn't work correctly. Change-Id: I3582382197bb6edef4fb077aac1e927ef4581cbf Signed-off-by: Guillaume Solignac <gsoligna@cisco.com>
2019-06-04sort worker-thread init functions in advanceDave Barach5-12/+71
Otherwise, all N worker threads try to sort the list at the same time: a good way to have a bad day. This approach performs *far* better than maintaing order by adding a spin-lock. By direct measurement w/ elog + g2: 11 threads execute the per-thread init function list in 22us, vs. 50ms with a CLIB_PAUSE() enabled spin-lock. Change-Id: I1745f2a213c0561260139a60114dcb981e0c64e5 Signed-off-by: Dave Barach <dave@barachs.net>
2019-06-04stats: removing empty object in stats vectorOle Troan2-2/+4
Type: fix Change-Id: I9b6bdacdb9a0750834de9a93d8c3f7ed827ce3c8 Signed-off-by: Ole Troan <ot@cisco.com>
2019-06-04Punt: specify packets by IP protocol TypeNeale Ranns12-41/+442
Change-Id: I0c2d6fccd95146e52bb88ca4a6e84554d5d6b2ed Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-06-04mactime: upstream new featuresDave Barach6-25/+161
Add per mac address data quotas (simple version) Add mini-ACLs to turf "call home" traffic from a certain species of security DVR. Add FEATURE.yaml Update the API version number Type: feature Feature-name: mactime Change-Id: Ida6945f7791ab43909afa68dcf2f652b20c53afd Signed-off-by: Dave Barach <dave@barachs.net>
2019-06-04dpdk: rework extended statsFilip Tehlar4-47/+33
Change-Id: I421192e1921d4c9c5486a6dcca745582aebf4e3e Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2019-06-04startup: remove dpdk linking bonding configurationZhiyong Yang1-10/+0
As dpdk linking bonding code has been removed by the patch https://gerrit.fd.io/r/#/c/19867/, corresponding configuration info should be removed. Change-Id: I048ae068619c83190252a75284bd5306ce61611e Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
2019-06-04srp: leverage vlib_buffer_get_currentZhiyong Yang1-3/+3
Change-Id: I8e4592734cd8343cd95b32ad8617fed4aec3f590 Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
2019-06-04vom: Add bridge domain unknown unicast flooding flagMohsin Kazmi4-5/+54
UU flood can be disabled or enabled using this flag in a bd. Change-Id: I799be2742b599783eec019b5fd295c3b940eb3e8 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2019-06-03GBP: add subnet cli commandBenoît Ganne1-2/+85
Change-Id: I0f631da9d13df2d9c32bad879b2a6034cb847378 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-06-03ARP: add feature arcNeale Ranns7-168/+508
- arp-input, registered with the ethernet protocol dispatcher, performs basic checks and starts the arc - arp-reply; first feature on the arc replies to requests and learns from responses (no functional change) - arp-proxy; checks against the proxy DB arp-reply and arp-proxy are enabled when the interface is appropriately configured. Change-Id: I7d1bbabdb8c8b8187cac75e663daa4a5a7ce382a Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-06-03crypto_ia32: native AES-GCM implementationDamjan Marion5-1/+1046
Change-Id: I006a150577e897731649f21908b4789e2eb485c3 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-06-03vom: Add bridge domain arp unicast forwarding flagMohsin Kazmi4-3/+48
Change-Id: Iede47e8d9e168125bcd938cca6182c9270dcb5c4 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2019-06-02IPSec: memcpy of integ key borkNeale Ranns1-1/+1
Change-Id: Icd76769d841792eb2d59ffc23c557dcca9ddc580 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-05-31VPP-1692: move NULL pointer checkDave Barach1-5/+5
TBH, this looks like merge damage or some such. Perfectly fine NULL pointer check, about three lines after it was needed. Change-Id: I52831062e30533a59fb76b644ee5ae389676d2ae Signed-off-by: Dave Barach <dave@barachs.net>
2019-05-31tools: FEATURE.yaml meta-data infrastructureOle Troan6-3/+191
Add tooling for feature metadata configuration files. The main tool is in src/scripts/fts.py make checkfeaturelist to validate against schema. make featurelist to dump all feature lists to stdout. Example feature definition: name: IP in IP tunnelling maintainer: Ole Troan <ot@cisco.com> features: - IPv4/IPv6 over IPv4/IPv6 encapsulation: - Fragmentation and Reassembly - Configurable MTU - Inner to outer Traffic Class / TOS copy - Configurable Traffic Class / TOS - ICMPv4 / ICMPv6 proxying - 6RD (RFC5969): - Border Relay description: "Implements IP{v4,v6} over IP{v4,v6} tunnelling as described in RFC2473. This module also implement the border relay of 6RD (RFC5969)." state: production properties: [API, CLI, STATS, MULTITHREAD] missing: - Tunnel PMTUD - Tracking of FIB state for tunnel state - IPv6 extension headers (Tunnel encapsulation limit option) JSON schema is embedded in fts.py Example markdown: https://github.com/otroan/scratch/blob/master/features.md Change-Id: I903b4ee6b316a9378c259e86dc937092e5d4b7da Type: make Signed-off-by: Ole Troan <ot@cisco.com>
2019-05-31VPP-1640 - Missing rules in vpp-selinux-policyBilly McFall1-1/+2
SELinux exceptions occurring for host interfaces and with the vmxnet3 driver. Change-Id: Ia22bd82572acfa07ae287a755830abe1413f9939 Signed-off-by: Billy McFall <bmcfall@redhat.com>
2019-05-31VPP-1679 - SElinux rules are not set accordinglyBilly McFall1-2/+4
Updates to the VPP SELinux policy to support the MLX5 DPDK driver. Change-Id: I089ede88a5e9c4152178f8cf9be5ee14d8a9130f Signed-off-by: Billy McFall <bmcfall@redhat.com>
2019-05-31VPP-1640 - Missing rules in vpp-selinux-policyBilly McFall1-0/+212
Add additional section to the SELinux documentation to describe how to collect debug information when SELinux issues are encountered. This is purely a documentation change. Note: Merged seperate from SELinux Policy change in case policy change needs to be cherry-picked to older releases. Change-Id: I7ba3d3c7d84171b503d956eb01e13a680b4d53fc Signed-off-by: Billy McFall <bmcfall@redhat.com>
2019-05-31crypo_ia32: don't optimize debug buildsDamjan Marion2-1/+5
Type: fix Fixes: d5023a72 Change-Id: I17cf7887d1274cf3ca9301ec87b8c8f539359456 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-05-31Update vnet hardware flags if link state changesDave Barach1-1/+9
Explains a variety of hard-to-diagnose problems with certain Atom and Denverton NIC types. I finally tripped over a highly-repeatable failure: home gateway use-case bitten by refusal to negotiate a DHCP lease for the trunk port. The dhcp client won't send pkts unless VNET_HW_INTERFACE_FLAG_LINK_UP is set on the tx hw interface: /* Interface(s) down? */ if ((hw->flags & VNET_HW_INTERFACE_FLAG_LINK_UP) == 0) return; Change-Id: I17ef2ba7b39078555fa27d2d874a60c67e1530ee Signed-off-by: Dave Barach <dave@barachs.net>
2019-05-31bonding: add support for numa awarenessZhiyong Yang4-12/+90
This patch enables bonding numa awareness on multi-socket server working in active-backeup mode. The VPP adds capability for automatically preferring slave with local numa node in order to reduces the load on the QPI-bus and improve system overall performance in multi-socket use cases. Users doesn't need to add any extra operation as usual. Change-Id: Iec267375fc399a9a0c0a7dca649fadb994d36671 Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
2019-05-30nat44: fix CLI doc errorjackiechen19851-2/+2
Change-Id: Iac6bd29389839c9eb8c1ff2105b4da69b6e1ce3e Signed-off-by: jackiechen1985 <xiaobo.chen@tieto.com>
2019-05-30IP load-balance; perf improvement using the usual reciepeNeale Ranns2-305/+233
before and after: ip4-load-balance 1.54e1 ip4-load-balance 1.36e1 p.s. Quad loops were not beneficial Change-Id: I7bc01fc26288f0490af74db2b1b7993526c3d982 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-05-30FIB: correctly report IPv6 FIB Unicast and Multicast memory usage (VPP-1578)"Neale Ranns9-18/+320
and document scaling Change-Id: I65d8999e65616d77e525963c770d91e9b0d5e593 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-05-3019.04.1 Release NotesDave Wallace1-7/+16
Change-Id: I2a69b29b9ecea2bfdf1832c184c7e63058a33b94 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2019-05-30lisp-cp: start lisp retry service on demandFlorin Coras2-8/+18
Change-Id: I07681d94301e19389dda0caacd5a93b21d9aff1f Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-05-30sample-plugin: refactor .api to use explicit typesOle Troan1-8/+9
Use explicit types in .api definition. Change-Id: Ib4c3c4ab6282a6d443e3d19af029dc091b462dac Type: refactor Signed-off-by: Ole Troan <ot@cisco.com>
2019-05-30ipip: refactor ipip.api with explicit typesOle Troan4-61/+84
Use explicit types vl_api_address/prefix in ipip.api. Change-Id: Ib3133cebdbe4437742924efd49cde4009c4cc31b Type: refactor Signed-off-by: Ole Troan <ot@cisco.com>
2019-05-30dpdk: remove bonding codeDamjan Marion7-252/+12
We have native implementation and we should not maintain both.... Change-Id: Ic09ebffda52cdc733b3cfeff06690e0d3cc08084 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-05-30dpdk: bump to 19.05Damjan Marion2-1/+4
Change-Id: I738ff20a1ebb1cc70fb6ddb40791b6747cada372 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-05-30NAT: create bypass in correct thread if workers>1Alexander Chernavin1-9/+40
Change-Id: I70817579a09a7026f5fa7c8e71babded891ea285 Signed-off-by: Alexander Chernavin <achernavin@netgate.com>