aboutsummaryrefslogtreecommitdiffstats
AgeCommit message (Collapse)AuthorFilesLines
2024-10-07ip: add extended shallow reassemblyKlement Sekera7-587/+1063
This patch adds some fixes and improvements: Fixes bug where save_rewrite_length gets overwritten on reassembly handoff. Fixes bug where duplicate fragments could cause a reassembly context to be lost, because the race losing thread would remove bihash entry created by winning thread. Improves tracing by adding more events. Adds extended shallow reassembly. This is a toggleable option, which if turned on will cause reassembly to wait for both first and last fragments to calculate total IP payload length. Furthermore it'll store a local copy of first fragment and necessary data to retrieve it in vnet_buffer2. This allows downstream features to access full L3/L4 headers when dealing with fragments. Type: fix Change-Id: I81695070533410c5815291dbc65ea71c87e3ae05 Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
2024-10-07ip: fix feature logicKlement Sekera1-6/+8
This fixes ip6 feature logic, so error and handoff packets are no longer sent to next feature instead of being dropped/handed off. Type: fix Change-Id: If280de5345d9ed3b553dd3b3fa40274619d333ae Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
2024-10-07ip: add ip6 shallow reassembly output featureKlement Sekera2-42/+172
Type: improvement Change-Id: I0cb4014f03abdd0e55d4bb7ff40ae293a6ed3562 Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
2024-10-07vapi: don't store dict in length fieldKlement Sekera1-17/+19
Rather validate the format and use proper Field call. Type: fix Fixes: d7a32ebd9948ff37c15d8b6e0e5d9cf243026239 Change-Id: I78ac1e62911d613dc0d7a9bd6e8784fbe7f0a797 Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
2024-10-07ip: fix ip4 shallow reassembly output feature handoffKlement Sekera2-70/+103
Use a new frame queue for output feature instead of passing frames to standard feature. Fixes bug where save_rewrite_length gets overwritten on reassembly handoff. Type: fix Change-Id: I6c6191aec5f1c89e1ca0510a08781e390d327bbf Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
2024-10-07pg: add support to delete pg interfaceMohsin Kazmi7-3/+132
Type: improvement Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I3102fded415c644673fb79a0fdb7a7448ce20f26
2024-10-04session vcl: add support for vcl transport attributesFlorin Coras5-23/+96
Session layer can push transport attributes to vcl sessions which are stored as vector for session lifetime. Store original_dst_ip and port when available in vcl session attribute vector. Type: feature Change-Id: Iab6c65ddcfed220fc919f564cd19083561812faf Signed-off-by: Florin Coras <fcoras@cisco.com>
2024-10-04hs-test: fix core_pattern volume mountsFlorin Coras1-3/+7
If system is configured to use something like apport, avoid mounting. Type: fix Change-Id: I6af900bd334acba974c9c4ae30c3b2ce26d1f49b Signed-off-by: Florin Coras <fcoras@cisco.com>
2024-10-03session: use proper name for ct transportFlorin Coras5-13/+15
Type: refactor Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Iebf5155a429c77143df9eb44f504fea28cddaf98
2024-10-03hs-test: prom consecutive connections testMatus Fabian2-26/+42
Type: test Change-Id: Ide4571dd8ac9bcb64fcd5ba408b6d1f99d34185f Signed-off-by: Matus Fabian <matfabia@cisco.com>
2024-10-03hs-test: added nginx multi-thread testsAdrian Villin16-202/+168
- added Dockerfile.envoy - removed nginx vcl.conf file as it's created by the framework now Type: test Change-Id: I5f2be015c864c8d2aa938a22b1abece64989999b Signed-off-by: Adrian Villin <avillin@cisco.com>
2024-10-03session: allow session input rpcsFlorin Coras1-0/+3
Type: improvement Change-Id: Ib8e9f9fb6dfc553cc9e344544961832fecbea8c1 Signed-off-by: Florin Coras <fcoras@cisco.com>
2024-10-03hs-test: use nginx 1.26.2 for NginxHttp3TestAdrian Villin9-47/+46
- test is no longer marked as extended - no building required -> removed nginx build scripts Type: test Change-Id: I1814b1e4b7e514f81797efa3b5c1e818d2fe4cda Signed-off-by: Adrian Villin <avillin@cisco.com>
2024-10-02session: incomprehensible error message for adding sdl and rule-table entrySteven Luong2-39/+19
1. When the backend engine is not enable, adding an entry returns a confusing error message. DBGvpp# session sdl add 191.1.1.30/32 action 1 tag blue-v4-rule1 session sdl add 191.1.1.30/32 action 1 tag blue-v4-rule1 unknown input `add 191.1.1.30/32 action 1 ta...' DBGvpp# 2. When the sdl or rule-table entry is already present, adding the duplicate entry returns a confusing error message. DBGvpp# session sdl add 8.8.8.1/32 action 0 session sdl add 8.8.8.1/32 action 0 DBGvpp# session sdl add 8.8.8.1/32 action 0 session sdl add 8.8.8.1/32 action 0 session: session is already enable. Must disable first DBGvpp# The problem is because there are multiple cli commands start with "session". When the command is failed with the best match chain, it passes the command to the other parser chains which start with the keyword "session". The other cli chain also fails to parse the command. The error message that the previous parser chain returned may be overwritten by the newest error message. The fix is to not return an error in sdl and rule-table parser command chain. Type: fix Change-Id: If0165324a763f47ec98ab79a41c3ee9b10057454 Signed-off-by: Steven Luong <sluong@cisco.com>
2024-10-01build: fix dpdk mellanox driver build settingDave Wallace2-1/+4
- dpdk mellanox driver setting requires rdma-core.mk is included before dpdk.mk makefile. Include check for rdma-core_version variable definition in dpdk.mk to prevent a re-occurance of this issue. Type: fix Fixes: 70522a1dc Change-Id: I297cbd734ac7abe970eac7fb317d06b7acfc5a40 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2024-10-01tests: fix wireguard test case failuresIvan Ivanets2-21/+71
Type: test There are random failures in the wireguard test cases that are not related to concurrency issues. The root cause is a retry of the handshake initiation after (REKEY_TIMEOUT + JITTER) ms, where JITTER is a random value between 0 and 333 ms. Solution: Add a filter parameter for the `send_and_expect` method of the vpptestcase. This filter allows for excluding unexpected handshake initiation packets when the responder sends two packets (with `message_type = 1` and `message_type = 2`),while only a single packet (with `message_type = 2`) is expected. Change-Id: I62816931fc1b85e2202f3d36eb6c2a23714644d5 Signed-off-by: Ivan Ivanets <iivanets@cisco.com>
2024-09-30http: http_state_wait_server_reply fixMatus Fabian1-0/+1
We enqueue 2 segments to app, first is masg (http_msg_t) and second as much as possible of the raw data, so it must be: max_enq - sizeof (msg) Type: fix Change-Id: Ib7ece7e0ad1aac99d687d49149f1bccea599b10f Signed-off-by: Matus Fabian <matfabia@cisco.com>
2024-09-28hs-test: replaced gofmt with goimportsAdrian Villin18-25/+52
- goimports properly formats imports Type: test Change-Id: I78c162dd552fd3ee3d59955d7ea215af30601425 Signed-off-by: Adrian Villin <avillin@cisco.com>
2024-09-28session: fix SDL to use remote instead localSteven Luong7-93/+291
The language is local == VPP local interface remote == sender prefix to VPP node SDL acts on remote prefix. Type: fix Change-Id: I82917c6ef801fc67430dfdd15c5630cb7a6347e0 Signed-off-by: Steven Luong <sluong@cisco.com>
2024-09-28hsa: Add multiple listeners supportSteven Luong1-10/+123
It is desirable that http cli server can support multiple listeners. This is needed for supporting both ip4 and ip6 at the same time. Added the optional keyword listener add | del to the http cli server command. Example usage: start ip4 default uri and then add ip6 uri http cli server http cli server uri http://2001::2/80 listener add Type: improvement Change-Id: I884a4cd64ff676f9759a062b6d607a1742f610f3 Signed-off-by: Steven Luong <sluong@cisco.com>
2024-09-27snort: API functions for pluginAlexander Skorichenko9-47/+1082
Also, made disconnect-instance and delete-instance functions available via cli. Type: feature Change-Id: I7939d27867959cb871b1cc7205b94410b53906fd Signed-off-by: Alexander Skorichenko <askorichenko@netgate.com>
2024-09-26tls: cleanup engine hs cb and improve ctx formattingFlorin Coras6-54/+24
Handshake completion is now tracked via a ctx flag so we no longer need ctx_handshake_is_over. Also, as we no longer prealloc application sessions, improve ctx state formatting. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: If48588ecde13e56fb99d1a46238bda53ed4eae1b
2024-09-26dev: dev process node scheduling improvementsDamjan Marion1-52/+108
Type: improvement Change-Id: If39e4d2b46820d5c0465fcc40d255fa95d137d38 Signed-off-by: Damjan Marion <damarion@cisco.com>
2024-09-26vlib: process node scheduler reworkDamjan Marion6-150/+244
This commit allow use od cooperative multitasking with multiple descheduling reasons (i.e. event wait and suspend) inside the same process node. In previus code remote node will wake up process node by sending event evein if process node is waiting in vlib_process_ssupend(). This change also allowed new vlib_process_yield() API which deschedules current process and it puts it into the end of queue. Change-Id: I846e5a99b4ea1809eb80895f6ffe0ef0b2fd21ae Type: improvement Signed-off-by: Damjan Marion <damarion@cisco.com>
2024-09-26octeon: fix pause flow control for lbk/sdp devicesAlok Mishra1-1/+6
Pause frame flow control is not supported for LBK (Loopback) and SDP (System DPI Packet Interface Unit) devices. This patch skips the pause flow configuration for these devices. Type: fix Fixes: 53239b4 Signed-off-by: Alok Mishra <almishra@marvell.com> Change-Id: I3096fcef9df4ad59d64bfabb83f91f13813128a8
2024-09-25vppinfra: add CLIB_SWAP()Damjan Marion1-0/+7
Type: improvement Change-Id: I1911a9d6a0ca8e1d24ce7b95281886392081ffc6 Signed-off-by: Damjan Marion <damarion@cisco.com>
2024-09-25session: set dgram mss when not constrained by transportFlorin Coras1-0/+1
Type: fix Change-Id: I12ddcd56f2fecb504180cdc044a3b3c3d1db7e3c Signed-off-by: Florin Coras <fcoras@cisco.com>
2024-09-25build: add missing fib_walk.h to VNET_HEADERSRadislav Chugunov1-0/+1
Type: fix Change-Id: Ie64ce16ea512b855a1b886eceb94c0e6ba33df05 Signed-off-by: Radislav Chugunov <chgnrdv@gmail.com>
2024-09-25dpdk: add new device ID for Cisco VIC VFHyong Youb Kim1-1/+2
VIC now supports standard SR-IOV, as opposed to VM-FEX SR-IOV. It uses a new device ID 0x02b7 for VF. Add it to the supported list. Type: improvement Change-Id: Ifc91c66f5e75dd005aa9d8a47700896a941abab5 Signed-off-by: Hyong Youb Kim <hyonkim@cisco.com>
2024-09-25dpdk: Enable dpdk build on FreeBSDTom Jones1-4/+4
Type: improvement Change-Id: If897f3bdfc131f8d7c01718057b54087eff02d7a Signed-off-by: Tom Jones <thj@freebsd.org>
2024-09-25vppinfra: exclude clib_dt_node_add_child on FreeBSDTom Jones1-2/+1
clib_dt_read_from_sysfs is the only user of clib_dt_node_add_child, on FreeBSD this causes a build failure due to an unused function. Place clib_dt_node_add_child behind an include guard for linux only. Type: fix Change-Id: I9641ffd10d9d15e1e552f570cd386211d3b4ab39 Signed-off-by: Tom Jones <thj@freebsd.org>
2024-09-25octeon: enable h/w vlan tagging supportAlok Mishra1-0/+1
This patch enables h/w vlan tagging by setting MAX_VTAG_INS field in NIX_AF_SMQ_CFG register. This is required to configure VLAN tag insertion by the hardware for egress packets Type: feature Signed-off-by: Alok Mishra <almishra@marvell.com> Change-Id: Ifcdf9c1e5b0b8ddc27cabab597ae91780ceca095
2024-09-25misc: Initial 25.02-rc0 commitv25.02-rc0Andrew Yourtchenko2-1/+1
Type: docs Change-Id: Ic8f0204752b93339203fe9ba04fdb77ba635e6d8 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2024-09-24ipsec: cleanup tun protect on interface removalStanislav Zaikin1-11/+39
when a protected tunnel gets deleted it's necessary to run a proper cleanup Type: fix Change-Id: I9d2c60ecbf97c4df299ac5c2228b036bf3478a56 Signed-off-by: Stanislav Zaikin <stanislav.zaikin@46labs.com>
2024-09-24octeon: enable ethernet pause frame supportAlok Mishra1-0/+73
This patch adds support for MAC pause flow control. By default, pause flow control is enabled in the device configuration. Type: feature Signed-off-by: Alok Mishra <almishra@marvell.com> Change-Id: I0f448479a38fae615d87af7e736c6053ada89cca
2024-09-24octeon: fix error handling for packet with errorMonendra Singh Kushwaha1-1/+15
Type: fix Change-Id: Ieb97f1526939bcd732c155d3a7535dca71971258 Signed-off-by: Monendra Singh Kushwaha <kmonendra@marvell.com>
2024-09-24octeon: fix SDP device link informationMonendra Singh Kushwaha1-1/+1
This patch fixes SDP (System DPI Packet Interface Unit) device link information. Type: fix Change-Id: I4563094601d9bb24132e4dc712cde14daa7f4364 Signed-off-by: Monendra Singh Kushwaha <kmonendra@marvell.com>
2024-09-23http_static: fix memory hss_session using after be freedXiaomingJiang1-2/+2
Type: fix Change-Id: Ic3d3de4198310361de876a8224e4f7cd0b48b698 Signed-off-by: XiaomingJiang <jiangxiaoming@outlook.com>
2024-09-20build: archive make install-ext-deps build logs in ciDave Wallace3-3/+18
- also add build/external artifacts to .gitignore file Type: make Change-Id: I9c8f4a312bbfddfa8024531e7246518c8c3589a4 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2024-09-20udp: node counter for connected sessionsFlorin Coras2-0/+2
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I4c0c1b27adb3e3ea3c3ff6353b068447db19fa85
2024-09-20hs-test: proxy testing improvementsMatus Fabian9-33/+75
- nginx and curl timeouts are extended if debug flag is set - added write-out for curl (outputs extra info after transfer is done) Type: test Change-Id: I3f6c336a14cd00b9ae8669d2fa26e00709162100 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2024-09-20hs-test: debugging utility methodsMatus Fabian2-14/+63
Type: test Change-Id: I0c7e8424e53f1ad1896cd8439027e6081ccfeb28 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2024-09-19pvti: remove clib_warning at init timeAndrew Yourtchenko1-2/+0
Type: fix Change-Id: I62ccd96ea3549205510ff53118eab1fa3613d009 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2024-09-19l2: fix DVR test failure on AWS Graviton on Ubuntu 22.04Andrew Yourtchenko1-8/+5
The AWS Graviton make test fails in dvr_test.py on Ubuntu 22.04, due to a mismatching source MAC address. Debian 11 tests run fine. The following can be seen in the log.txt trace: 00:00:00:756422: ethernet-input frame: flags 0x1, hw-if-index 3, sw-if-index 3 IP4: 02:03:00:00:ff:02 -> de:ad:00:00:00:00 802.1q vlan 92 00:00:00:756435: l2-input l2-input: sw_if_index 6 dst de:ad:00:00:00:00 src 02:03:00:00:ff:02 [l2-input-vtr l2-learn l2-fwd l2-flood l2-flood ] 00:00:00:756438: l2-input-vtr l2-input-vtr: sw_if_index 6 dst de:ad:00:00:00:00 src 02:03:00:00:00:00 data 08 00 45 00 00 80 00 01 00 00 40 11 00:00:00:756441: l2-learn l2-learn: sw_if_index 6 dst de:ad:00:00:00:00 src 02:03:00:00:00:00 bd_index 1 Note how l2-input-vtr node has the two lowest bytes of the source MAC corrupted. Discussing with Benoit, since this could be caused by unaligned memory accesses, using clib_memcpy_fast. Type: fix Change-Id: I28991e1166335df0edd1e4b84fa72a2b1d0bb9bf Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2024-09-18hs-test: containerize iperf testsAdrian Villin4-55/+75
Type: test Change-Id: I2c0bb76d96ccadd5ecfd6a04565420855043699e Signed-off-by: Adrian Villin <avillin@cisco.com>
2024-09-18octeon: fix compilation on octeon9Monendra Singh Kushwaha1-1/+2
Type: fix Signed-off-by: Monendra Singh Kushwaha <kmonendra@marvell.com> Change-Id: I9ffa78122dcd6b98cad9902e43ba8432fcd572b1
2024-09-17vcl: add http support to vcl_test_protosAritra Basu7-11/+501
Type: improvement Change-Id: Ibb493f1d7713d0e10b8bd1d5ff17b89967b53b8a Signed-off-by: Aritra Basu <aritrbas@cisco.com>
2024-09-17pvti: Packet Vector Tunnel InterfaceAndrew Yourtchenko20-0/+4353
This plugin implements a PoC of UDP-based tunnel substrate whose aim is to specifically provide higher MTU to the upper layers by chunking the payload PDUs into smaller packets with full 5-tuple. At the same time, if there are multiple small packets to the same destination during the vector processing, they are packed into "carrier" packets up to underlay MTU size. It does assume a trustworthy underlying medium, thus for the operation over Internet it requires the use of encryption layer underneath. Type: feature Change-Id: I323958fa8de62584f6ed15643ea689568a9a62bc Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2024-09-16dpdk: bump to DPDK 24.07 and RDMA 52.0Kai Ji3-2/+5
This patch bumps DPDK version to 24.07 and RDMA version per dpdk 24.07 release notes (rdma-core >= 52.0) Type: feature Change-Id: I07c6f27becdbcd3696b821bbfd145610775cf51e Signed-off-by: Kai Ji <kai.ji@intel.com>
2024-09-14session: improve sh session cliFlorin Coras1-75/+194
Add support for: - "sh session verbose thread <n> [lcl|rmt|ep] <ip>[:port]", which can be used to filter sessions based on transport ip:port - "force-print" option to force printing even when it exceeds existing printing thresholds Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Iab3e58b8162664b425379d14818b8a4daa0ce345