Age | Commit message (Collapse) | Author | Files | Lines |
|
- add option to use test certificate in the ca chain
- add hostname to extended session endpoint fields and connect api
parameters. If hostname is present, certificate validation is
enforced.
- use /etc/ssl/certs/ca-certificates.crt to bootstrap CA cert. A
different path can be provided via startup config
Change-Id: I046f9c6ff3ae6a9c2d71220cb62eca8f7b10e5fb
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
One of basic requirements from day one for maek test is that it should
run unpriviledged, so modifying system paremeters is unacceptable.
Disabling script and reassembly tests as they need to be done in
different way.
Change-Id: I063c73eb82f2ebd7499e8adb1574a9fd2475fb5b
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
This ensures that tool changes do not require re-bootstrap.
Disabled generation of temporary files (gentab / .pyc) to avoid polluting the source tree.
Change-Id: I4d6bc035fbb46550fa8f4e99f4091eef90e2d86c
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
The previous use of a dictionary instead of a list led to typedefs being generated in wrong order.
Change-Id: Iee6ff73f920883ce6e599180c1b47fe997c1702e
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Change-Id: If1284696e10df71b4029191b5e3adb32c21c0c5f
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I5f0f3b07a7aa3f243c3d44a9a15cf0670dbb2d46
Signed-off-by: Keith Burns (alagalah) <alagalah@gmail.com>
|
|
Though dst-IP address would be change in LB plugin with L3DSR method,
layer-4 checksum would not be recomputed after this change.
Related changes:
- L3DSR: https://gerrit.fd.io/r/#/c/10203/
Change-Id: I98de7b8d80186ac77608a68050208c08d90b7c3b
Signed-off-by: Yusuke Tatsumi <ytatsumi@yahoo-corp.jp>
|
|
in2out and out2in protocol are not same
Change-Id: I4ce680ad1f088cb079e1f2aeb15ca59225fca0d1
Signed-off-by: ahdj007 <dong.juan1@zte.com.cn>
|
|
Change-Id: I8a4a7a85e86acbfe411e6dfa22e3976d7d4c903b
Signed-off-by: ahdj007 <dong.juan1@zte.com.cn>
|
|
This commit also fixes the acl and arp handle for
inspector to view internal state of VOM.
Change-Id: Ibc8ff6cb51d2a77b4c04993ac7212564b8892337
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
With glibc 2.27 the memfd_create has been added to the devel libraries.
That's causing the internally defined static function to clash with the
system wide one. This patch addresses that issue on systems with latest
glibc libraries.
Change-Id: I788bf49b23d5b5f1cb1c0374e243d8a429178a71
Signed-off-by: Marco Varlese <marco.varlese@suse.com>
|
|
Change-Id: Ie7b1c5e50588f65657c3c0900e5914ea82ebb50f
Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
|
|
Change-Id: I0738fac32dd0c5d927c52d2eb2c1100d14c147cf
Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
|
|
Change-Id: I316dc99881bce6a36904863d3c1c049b4f5cf658
Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
|
|
Based on https://gerrit.fd.io/r/#/c/10920/
Updates service definition in stats.api with correct reply message names.
Change-Id: I3282bee5304e667e23bc1fab3f43d967a50d880d
Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
|
|
This reverts commit f7b7fa53b7eaec81d8c00c1023fb7d01f1f9761f.
Change-Id: I87496342943248e94f01ada31459f387c0a3a610
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
We don't need per vlib_main physmem_main, so keep it separatelly instead
of trying to keep them in sync.
Change-Id: I0fbeecf4d9672d31af7a43c640a7d8f05dd6e46f
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
- provides async handling of events such as accept/connect
Change-Id: Id95947237ef16629371b3c99822059d423e2f918
Signed-off-by: Keith Burns (alagalah) <alagalah@gmail.com>
|
|
This patch adds the possibility to configure some behaviors of the SCTP
stack based on some tunable parameters (mainly ON/OFF). For the time
being, that is limited to the bundling option (multiplexing messages)
and to delaying the SACK message.
Change-Id: I696493e0309e47163c1e119c7d9f82f7d8ee6b87
Signed-off-by: Marco Varlese <marco.varlese@suse.com>
|
|
- IPv6 link local table is a per-SW interface array of IPv6 unicast FIBs
- the per-interface ocst is sizeof(fib_table_t) which is small,
w.r.t. the cost of an interface
- FE80::/10 in the 'global' table points to a DPO that performs a lookup in the
input interface's LL fib.
Change-Id: Ice834b25ebeeacb2e929d7c864d7ec8c09918cbe
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
|
|
dlopen linkage allow more transparent use for Mellanox nics.
Mellanox shared library librte_pmd_mlx5/4_glue.so* placed in LD_LIBRARY_PATH
At run time Mellanox code will be loaded only when Mellanox nics explicty used.
i.e if VPP is used with other vendor Mellanox code is not loaded.
Change-Id: Ib05bdbfc4cbb6e447c67186c98361f9c5b447140
Signed-off-by: Amir Zeidner <amirzei@mellanox.com>
|
|
Change-Id: I7de987c30b263d43521e6280c5273f30b5f6e11c
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Old code was only allowing PCIdevices to be scanned during startup,
now driver can open and close device without restart of vpp.
Change-Id: I1a06511e3f16f896101b43dac2bad420b6e6c35e
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
This patch addresses the need to handle timers timeouts (e.g. sent
chunks not being acked) for both the INIT and SHUTDOWN phases.
The INIT phase requires the handling of two timers the T1-init and
T1-cookie timers whilst the SHUTDOWN phase requires the handling of the
T2-shutdown timer only for the retransmission case.
Left to be implemented is the handling of the DATA chunks retransmission
(e.g. T3-rxtx expiration) but that will be submitted with a separate
patch.
Change-Id: I2b2e13dce11000aea3c7d965f02b27b76c97e605
Signed-off-by: Marco Varlese <marco.varlese@suse.com>
|
|
Change-Id: Ia819b630b824002c59680836a8833df7e5af90e9
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I99cf3e7cc991aa7d32385a155c707a6516516117
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I6df5a01416993c213e06645a6d9b48dfe77c8227
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I233d02a669b6a0504cd54590c6c8e4fefadc4713
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
If forwarding is enabled, inbound packets on an outside
interface should not be dropped and instead pass on to
the FIB lookup. This works for TCP and UDP but not other
IP protocols. Enable it for unknown protocols.
Change-Id: I1da84b5633a36b3e5e64079754db2fcc50f29819
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
|
|
Change-Id: Iae2ddf93d1705354175e3dcae26b66e6f98a5c32
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: Ib94e9e9e9fcdad9cdb0e3402b3de7d78bd644abe
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
While comment properly says that only first 64 bytes can be read, actual
code was returning error instead being happy with 64 bytes received.
Change-Id: I09c0d1d5c9fc8e1f6c59c093d81bb1ce1924281b
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I6d049c0875b91f67f008dc04ae7efe2f8ddc276e
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I3b646d84586dd61018f71cbf21c971c97fda75c1
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
While the netlink field is named nl_pid, and typically
contains a process id, setting it to a pid value directly
prevents other modules from also using a netlink socket.
On the other hand, setting it to 0 allows multiple modules
to use a netlink socket by letting the kernel assign the
nl_pid a value.
This allows the verito tap code to interact nicely with
the router plugin's librtnl after, say, tap-inject has
been enabled.
Change-Id: I9771929f34d15497a5f7b8c5fd78dac28e31383b
Signed-off-by: Jon Loeliger <jdl@netgate.com>
|
|
Change-Id: I1e3b48dfd21c9dbebdbcc0af0d6e888b416b3ac5
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
- Add VCL cut thru uni-direction test over multiple sockets
- Add VCL cut thru bi-direction test over multiple sockets
- Add LDP cut thru uni-directional test over multiple sockets
- Add LDP cut thru bi-directional test over multiple sockets
- Add VCL thru host stack uni-direction test over multiple sockets
- Add VCL thru host stack bi-direction test over multiple sockets
- Add LDP thru host stack uni-directional test over multiple sockets
- Add LDP thru host stack bi-directional test over multiple sockets
- Fix validateResults to ensure worker_server process is killed if
it still exists after running the test.
Change-Id: I77ea9acef172667558dbcec23af1e4c72b29f376
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
|
|
Change-Id: I89540e93f3c8839bf6fc4363f4736e9c01d91927
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
|
|
The 'vpp-api/java' includes 'core' subdir which should be tracked.
This patch adds .gitignore for 'vpp-api/java'
to negate pattern that matches 'core' files/dirs,
introduced by https://gerrit.fd.io/r/#/c/9848/.
Change-Id: I4e10ca10a891a2d95d6b45e479ee8d2196749132
Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
|
|
Update RPM spec to know about it
Change-Id: I61c7c1ce96071e3b84d792c18ff8880217b14fce
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
|
|
Introduces JSON parser which builds object model of Java API.
Also rewrites JNI translation of typedefs
to use per type translation functions
instead of code inlining.
Not covered:
- integrate with vappigen plugin (VPP-1154) or vapi parser (VPP-1155)
- use better templating engine (VPP-480)
- improvements of generator structure (e.g. VPP-1186)
Change-Id: I9e12d76c2f3c6ee041669f58e8a37917f656aa90
Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
|
|
It consists of two main parts. First, add an application transport type
whereby applications can offer transport to other applications. For
instance, a tls app can offer transport services to other applications.
And second, a tls transport app that leverages the mbedtls library for
tls protocol implementation.
Change-Id: I616996c6e6539a9e2368fab8a1ac874d7c5d9838
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
1. When interface create encouners an error (see test below),
the same id cannot be used again.
This is due to hash_set is called too early in the function. After the
hash entry is set, there are different errors may cause the interface
create to be aborted. But we didn't remove the hash entry when error is
encountered. The fix is to move the hash_set call near the end which has
no more "goto error"
DBGvpp# create tap id 1 rx-ring-size 1021 tx-ring-size 1021
create tap id 1 rx-ring-size 1021 tx-ring-size 1021
create tap: ring size must be power of 2
DBGvpp# create tap id 1 rx-ring-size 1024 tx-ring-size 1024
create tap id 1 rx-ring-size 1024 tx-ring-size 1024
create tap: interface already exists
DBGvpp#
2. multiple issues exist with api_format.c with the below command
binary-api tap_create_v2 id 4 hw-addr 90:e2:ba:76:cf:2f rx-ring-size 1024 tx-ring-size 1024
- hw_addr is not taken due to the test for random mac is inverted
- id is an integer, not a string
- integer values were not converted to network format
Change-Id: I5a669d702a80ad158517df46f0ab089e4d0d692e
Signed-off-by: Steven <sluong@cisco.com>
|
|
forwarding mode:
session initiaded from service host - translate
session initiaded from remote host - do not translate
Change-Id: I48170ee8e4ad14d3d3083ee31a40ef8d10d6ff32
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: Ic151be9ff7114c1fdec22d5ad056654960cf12b2
Signed-off-by: John DeNisco <jdenisco@cisco.com>
|
|
This patch adds an API to delete a sub-connection following a SRC/DST IP
mapping as required by the RFC4960.
Change-Id: I7673dd07352557442ffeed6c6c00da274b24953d
Signed-off-by: Marco Varlese <marco.varlese@suse.com>
|
|
Change-Id: Ic30fbcb2630f39e45345d7215babf5d7ed4b33a0
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Change-Id: I94f6c35bf751d25ca7fe7c67054e676a3ad2241b
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
For ERSPAN encap, both bits in the EN field of the header should
be set to indicate any VLAN tag in the original Ethernet frame is
preserved.
Added SPAN L2 test case where the mirrored packet output is a GRE
ERSPAN tunnel.
Change-Id: Ie7a40992a9278469c24aa6fa9e122b4505797d10
Signed-off-by: John Lo <loj@cisco.com>
|
|
This patch adds an API to add a sub-connection following a SRC/DST IP
mapping as required by the RFC4960.
At the same time, it changes the way the next available sub-connection
is being calculated: rather than having an index in the parent
connection which is prone to many issues at run-time, the next available
sub-connection is being calculated by looking at the state of the set
sub-connections and if marked as DOWN it means that is an available slot
to be used.
Change-Id: I662be6a247bfbbe8bf9aaf3f485183c07ef862fe
Signed-off-by: Marco Varlese <marco.varlese@suse.com>
|