aboutsummaryrefslogtreecommitdiffstats
path: root/src/plugins
AgeCommit message (Collapse)AuthorFilesLines
2017-10-09NAT: hairpinning rework (VPP-1003)Matus Fabian2-14/+114
Change-Id: I7c6911cd6ac366fe62675fd0ff8b0246a25ea1db Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-10-09NAT: fixed ICMP broken translation for GRE tunnel interface (VPP-1008)Matus Fabian3-31/+27
Change-Id: Ie3245b96c511cc30915e70e8c881f445291a38c2 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-10-06Separate CP and DP fib table for PPPoEHongjun Ni3-56/+66
CP table: link_table DP table: session_table Change-Id: I2adbfd8f6a63d51d00d6dd291f32aebf20d13e4d Signed-off-by: Hongjun Ni <hongjun.ni@intel.com>
2017-10-05dpdk/ipsec: rework plus improved cli commandsSergio Gonzalez Monroy8-1658/+2421
This patch reworks the DPDK ipsec implementation including the cryptodev management as well as replacing new cli commands for better usability. For the data path: - The dpdk-esp-encrypt-post node is not necessary anymore. - IPv4 packets in the decrypt path are sent to ip4-input-no-checksum instead of ip4-input. The DPDK cryptodev cli commands are replaced by the following new commands: - show dpdk crypto devices - show dpdk crypto placement [verbose] - set dpdk crypto placement (<device> <thread> | auto) - clear dpdk crypto placement <device> [<thread>] - show dpdk crypto pools Change-Id: I47324517ede82d3e6e0e9f9c71c1a3433714b27b Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
2017-10-04[aarch64] Fixes CLI crashes on dpaa2 platform.Christophe Fontaine7-21/+21
- always use 'va_args' as pointer in all format_* functions - u32 for all 'indent' params as it's declaration was inconsistent Change-Id: Ic5799309a6b104c9b50fec309cba789c8da99e79 Signed-off-by: Christophe Fontaine <christophe.fontaine@enea.com>
2017-10-04dpdk: use vpp physmem allocator for dpdk buffersDamjan Marion2-63/+144
This allows us to have single contignuous allocation for DPDK buffers with single mmap FD, so buffer memory can be easily shared with diffrent process. As a consequence dpdk socket-mem is no longer in charge for allocating buffer memory, but still we need some space allocated for dpdk structures so default socket-mem is reduced form 256 to 64 MB. For a default of 16K buffers per numa node, physmem allocation is now 40MB, so basically this change reduces footprint from 256MB per socket to 48 (64 + 40). Change-Id: Ic8cfe83930a18411545b37a12b14aac89affd04f Signed-off-by: Damjan Marion <damarion@cisco.com> Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com> Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-10-04memif: crash on slave modeSteven1-0/+1
Crash was seen on recent image with this BT on top of the stack (gdb) bt full (mif=0x7fffb6226568) at /vpp/build-data/../src/plugins/memif/memif.c:297 ring = 0x0 <<<<<<<<<< i = 0 j = 0 buffer_offset = 65792 r = 0x7fffb5e59f80 alloc = {flags = 1, name = 0x7fffb449f965 "memif region", size = 4260096, numa_node = 0, addr = 0x7fff41dac000, fd = 11, log2_page_size = 12, n_pages = 1041} err = 0x0 __FUNCTION__ = "memif_init_regions_and_queues" The crash happened at this line. ring = memif_get_ring (mif, MEMIF_RING_S2M, i); ring=>head = ring->tail = 0; <===== Please note that the crash is caused by dereferencing NULL rinng. Put breakpoint into the function. I notice that mif->regions[0].shm is not initialized. (gdb) p mif->regions[0].shm $8 = (void *) 0x0 It looks like we forgot to set shm after clib_mem_vm_ext_alloc(). Add the missing cide and the crash is fixed. Change-Id: Ib722a6c241c77acfa8e33962106b57faa50e1ea7 Signed-off-by: Steven <sluong@cisco.com>
2017-10-03Repair vlib API socket serverDave Barach30-30/+16
- Teach vpp_api_test to send/receive API messages over sockets - Add memfd-based shared memory - Add api messages to create memfd-based shared memory segments - vpp_api_test supports both socket and shared memory segment connections - vpp_api_test pivot from socket to shared memory API messaging - add socket client support to libvlibclient.so - dead client reaper sends ping messages, container-friendly - dead client reaper falls back to kill (<pid>, 0) live checking if e.g. a python app goes silent for tens of seconds - handle ping messages in python client support code - teach show api ring about pairwise shared-memory segments - fix ip probing of already resolved destinations (VPP-998) We'll need this work to implement proper host-stack client isolation Change-Id: Ic23b65f75c854d0393d9a2e9d6b122a9551be769 Signed-off-by: Dave Barach <dave@barachs.net> Signed-off-by: Dave Wallace <dwallacelf@gmail.com> Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-09-28General documentation updatesChris Luke2-3/+5
- We now have several developer-focused docs, so create an index page for them. - Rework several docs to fit into the index structure. - Experiment with code highlighting; tweak the CSS slightly to make it slightly nicer to look at. Change-Id: I4185a18f84fa0764745ca7a3148276064a3155c6 Signed-off-by: Chris Luke <chrisy@flirble.org>
2017-09-27Fix: unnecesary uio binding for Mellanox NICSteve Shin1-1/+3
UIO binding is not required for Mellanox NIC and calling vlib_pci_bind_to_uio() should be skipped. Change-Id: I10ea457bc3c8d4be8117dec51d5bd940ee416a44 Signed-off-by: Steve Shin <jonshin@cisco.com>
2017-09-27acl-plugin: take 2 at VPP-991 fix, this time with a test case which verifies it.Andrew Yourtchenko1-2/+2
The replacement of [] with pool_elt_at_index and subsequent fixing it was incorrect - it was equivalent to &[], since it returns a pointer to the element. I've added VPP-993 previously to create a testcase, so this commit partially fulfills that one as well. Change-Id: I5b15e3ce48316f0429232aacf885e8f7c63d9522 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-09-26NAT: remove worker_by_in lookup hash table (VPP-992)Matus Fabian4-97/+30
Change-Id: I3873d3e411bf93cac82e73a0b8e3b22563aaf217 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-26Memory overwritten when using unformat %u (VPP-987)Aequitas3-19/+19
Change-Id: I7d8f807fb502d61688aa1dee25fa4edcbeb32f41 Signed-off-by: Aequitas <wang.junqi@zte.com.cn>
2017-09-25acl-plugin: use vec_elt_at_index rather than pool_elt_at_index to access ↵Andrew Yourtchenko1-2/+2
vector elements bb7f0f644 aimed to fix the coverity issue has incorrectly replaced the previous [] access with pool_elt_at_index(), for an element of a vector, with predictably interesting result. VPP-991 has uncovered the issue. Change-Id: Ifd3fb70332d3fdd1c4ff8570372f394913f7b6c8 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-09-25Fix sending GARP/NA on Bonded Interface Active/Backup Link Up/DownJohn Lo2-24/+72
For bonded interface in Active/Backup mode (mode 1), we need to send a GARP/NA packet, if IP address is present, on slave link state change to up or down to help with route convergence. The callback from DPDK happens in a separate thread so we need to make sure RPC call is used to signal the send_garp_na process in the main thread. Also need to fix DPDK polling so the slave links are not polled. Change-Id: If5fd8ea2d28c54dd28726ac403ad366386ce9651 Signed-off-by: John Lo <loj@cisco.com>
2017-09-25NAT: session number limitation to avoid running out of memory crash (VPP-984)Matus Fabian4-38/+120
Change-Id: I7f18f8c4ba609d96950dc1f833feb967d4a099b7 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-22acl-plugin: remove the clib_warning "ACL enabling..."Andrew Yourtchenko1-4/+0
It was useful for debugging once upon a time... but time to say goodbye to it... Also remove the warning printed when sending ACL details. Change-Id: I43b2537e176556831eb7ff34b25c9068aa05ee27 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-09-21NAT: remove worker_by_out lookup hash table (VPP-989)Matus Fabian3-133/+120
Change-Id: Ibcd2cf22348ae5a72770a8f8ad25cbe8df7fd390 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-20NAT: don't call ipfix rpc when disabled (VPP-988)Matus Fabian1-168/+181
Change-Id: Id98b523f7b20f82291a34e73762978fa65e24140 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-20NAT: move session and user lookup tables to per thread data (VPP-986)Matus Fabian5-110/+151
Change-Id: I41a51bb36e31e05c76fef0b34fe006afbee27729 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-19ACL plugin enable macip for ip4/ip6 trafficPavel Kotucek1-8/+4
Plus fixed problem with acl heap. Change-Id: I3d91db549ebe4595f1dab9b8780f90722540024b Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
2017-09-18ACL-plugin: fix coverity issuePavel Kotucek1-17/+17
Fix coverity CIDs 176805, 176806, 176811, 176812 Change-Id: I73591c922307e7a98d38d5d92ebf37c8b2ff0145 Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
2017-09-16dpdk: display EAL init args on startupDamjan Marion1-0/+1
Change-Id: I83ea1eae73cb41353cacd1c1b910339d10900502 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-09-15dpdk: cli to check for buffer leakageFlorin Coras4-1/+126
Use buffer pre_data and existing buffer trace trajectory code to find out dpdk buffer leakages. Change-Id: I26a5d8bd2f23d01cb6070ffc3ddcc6d3d863b575 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-09-15vppinfra: add clib_mem_vm_ext_alloc functionDamjan Marion2-14/+13
Change-Id: Iff33694fc42cc3bcc73cf1372339053a6365039c Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-09-15Modify return value of snat_out2in_lb(VPP-985)dongjuan2-10/+12
in order to trace session_index Change-Id: I4433155fbe21635f8a997523e2c7900c6a7569af Signed-off-by: dongjuan <dong.juan1@zte.com.cn>
2017-09-13NAT: fixed bug in snat_alloc_outside_address_and_port (VPP-981)Matus Fabian1-1/+1
generated random ports overlap between threads Change-Id: I7a13785e3f98b87e475426b0bd7f6bf2d9c1336c Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-13devices: Fix coverity discovered 9/13/2017Steven1-0/+1
Missing a break statement in the case Change-Id: I1b1e198748343bc116ee0eaf9012abc3be15c40a Signed-off-by: Steven <sluong@cisco.com>
2017-09-13lb_vip_command_fn param redundancy when unformat ip address(VPP-977)flyingeagle231-1/+1
Change-Id: I92de5b9ed42cda6c0438b8dc71892d322b642a70 Signed-off-by: flyingeagle23 <wang.hui56@zte.com.cn>
2017-09-13nat lb: del lb static mapping existed vec mem leak(VPP-983)flyingeagle231-0/+1
Change-Id: Id7306b432a33bb0fa594b6949e65ca528d8c0916 Signed-off-by: flyingeagle23 <wang.hui56@zte.com.cn>
2017-09-12physmem: remove debug leftoversDamjan Marion1-1/+0
Change-Id: I5a5dc0794d3398e749b64b07dfd1e2fc2230089b Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-09-12NAT: fixed bug in snat_alloc_outside_address_and_port (VPP-981)Matus Fabian3-9/+29
Change-Id: I6c5eccd4193c44604da3fd27c108defe71b38a4b Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-12devices: Display VhostEthernet instead of UnknownEthernet for dpdk net_vhost ↵Steven3-2/+14
driver Added a new macro VNET_DPDK_PORT_TYPE_VHOST_ETHER for dpdk net_vhost driver to display VhostEthernet instead of UnknownEthernet. Change-Id: Ie407d83ebbbd60e4d11be79f0ebc44e2867a5f3b Signed-off-by: Steven <sluong@cisco.com>
2017-09-12net/mlx5: fix warning messageShachar Beiser1-0/+3
Add support for Mellanox provider id and vendor id Change-Id: Ib2451e69fbe949f01bcb1ee556aa3020da225610 Signed-off-by: Shachar Beiser <shacharbe@mellanox.com>
2017-09-12Fix issue in nat Bisearch algorithm (VPP-980)flyingeagle231-1/+1
Change-Id: I39b1d1ec6fb9a10e2a0e67d36b01c0bf2522d07f Signed-off-by: flyingeagle23 <wang.hui56@zte.com.cn>
2017-09-12acl-plugin: add startup-config section "acl-plugin" and heap/hash parametersAndrew Yourtchenko3-4/+60
This adds the ability to tweak the memory allocation parameters of the ACL plugin from the startup config. It may be useful in the cases involving higher limit of the connections than the default 1M, or the high number of cores. Change-Id: I2b6fb3f61126ff3ee998424b762b6aefe8fb1b8e Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-09-12nat lb mapping command existed array out of bounds(VPP-979)flyingeagle231-1/+2
Change-Id: Id1dce0c2eebd4097bc17842f050453b76a94eb70 Signed-off-by: flyingeagle23 <wang.hui56@zte.com.cn>
2017-09-12ACL-plugin add "replace" semantics for adding a new MacIP aclPavel Kotucek4-18/+295
Change-Id: Ia5c869b2d8b8ad012b9e89fb6720c9c32d9ee065 Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
2017-09-11memif: mode ip is not settable from binary APISteven3-4/+10
While mode ip is supported via the CLI for creating a memif interface, it is not settable from the binary API due to missing code. While at it, update the help usage to include the missing keyword secret. Change-Id: Ia9c71f4017210a5e1733ce4992fbb566b7d20c1a Signed-off-by: Steven <sluong@cisco.com>
2017-09-11FIB table add/delete APINeale Ranns2-11/+19
part 2; - this adds the code to create an IP and MPLS table via the API. - but the enforcement that the table must be created before it is used is still missing, this is so that CSIT can pass. Change-Id: Id124d884ade6cb7da947225200e3bb193454c555 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-09-10NAT: fixed hairpinning for in2out translation as an output feature (VPP-976)Matus Fabian1-7/+19
Test whether the hairpinning flag is set only for packets from NAT inside interface. Change-Id: I4a4fdd2084a76a70ce9dfe3e2b8332c02fa2eccd Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-09move unix_file_* code to vppinfraDamjan Marion3-64/+66
This will allow us to use this code in client libraries without vlib. Change-Id: I8557b752496841ba588aa36b6082cbe2cd1867fe Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-09-08vlib: move linux-specific code to vlib/linuxDamjan Marion3-30/+2
Change-Id: Id79d2c2be7a98e15416a537c890a8f2dd6d4464d Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-09-08memif: fix coverity warnings as of 9/7Steven4-12/+29
1. coverity complains about "buffer not null terminated" for strncpy because we pass the size of the destination to the call which is equal to the true size of the destination. We subtract 1 for the size to accommodate the null like all other places are already doing it. 2. Add a check to tx_queues in memif_interface_tx_inline to avoid "divide by zero". 3. To avoid null pointer dereference in memif_create_if, change the goto done rather than goto error and spit a more meaningful error rather than silent about it. 4. Shuffle a line to avoid "check after use" in vl_api_memif_delete_t_handler. Change-Id: Icba7ecd5362c012a48ac35795d31aab356617420 Signed-off-by: Steven <sluong@cisco.com>
2017-09-08ACL-plugin MACIP ACLs testsPavel Kotucek1-2/+16
Change-Id: Ie40c837358454cfe9475cb2c14fdf20b24fa6602 Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
2017-09-08acl-plugin: add hitcount to applied hash-acl entriesAndrew Yourtchenko3-4/+10
Add a counter incremented upon the ACL check, so it is easier to see which kind of traffic is being checked by the policy, add the corresponding output to the debug CLI "show acl-plugin tables" command. Change-Id: Id811dddf204e63eeceabfcc509e3e9c5aae1dbc8 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-09-07vlib physmem reworkDamjan Marion5-18/+35
This patch adds supprot support for multiple numa-aware physmem regions. Change-Id: I5c69a6f4da33c8ee21bdb8604d52fd2886f2327e Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-09-07NAT: fixed bug in snat_get_worker_out2in_cb (VPP-832)Matus Fabian1-0/+2
Change-Id: Id9c977634a1259865e3403ba0d90aecaca85207d Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-07acl-plugin: match index set to first portrange element if non-first ↵Andrew Yourtchenko1-5/+1
portrange matches on the same hash key (VPP-937) Multiple portranges that land on the same hash key will always report the match on the first portrange - even when the subsequent portranges have matched. Test escape, so make a corresponding test case and fix the code so it passes. (the commit on stable/1707 has erroneously mentioned VPP-938 jira ticket) Change-Id: Idbeb8a122252ead2468f5f9dbaf72cf0e8bb78f1 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> (cherry picked from commit fb088f0a201270e949469c915c529d75ad13353e) Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-09-06Fixes for issues raised by Coverity (VPP-972)Chris Luke1-2/+2
Change-Id: I4b1f27b95d67d48b7a13750ff8754c344ed7afa7 Signed-off-by: Chris Luke <chrisy@flirble.org>