Age | Commit message (Collapse) | Author | Files | Lines |
|
Type: feature
* initiator behind NAT supported
* tested with static NAT mappings
* works only with pre-configured tunnels
The pre-configured tunnel has to be defined as follows:
initiator (i) side: src=ip(i) dst=ip(r)
responder (r) side: src=ip(r) dst=ip(nat)
Change-Id: Ia9f79ddbbcc3f7dc8fde6bbeca2a433e3b784e94
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Parallel merges introduced two test clasess with a same name. Rename
latter, so that former is seen (and run) by test runner again.
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I47772b41bb940bfdda4536cdd1f9b5e3768ca18b
|
|
Since the removal of "users" concept in ED-NAT nat44_user_dump API
returns empty array. This brings back previous behaviour at
a considerable runtime cost until a better API is introduced.
Type: improvement
Change-Id: I5a45923cfeb6b8ebe6fc906601264d6567386991
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Type: fix
Change-Id: If240bd8b3579678c0a6b5ea723946a35b53e5c31
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
cxgbe PMD initializes its control channel as part of dev_configure(),
and trying to get link status prior to it will lead to a crash.
DPDK documentation loosely hints that we should not call any device
function before dev_start(), call link_state() only for the relevant
PMDs.
From DPDK API documentation:
The functions exported by the application Ethernet API to setup a device
designated by its port identifier must be invoked in the following
order:
rte_eth_dev_configure()
rte_eth_tx_queue_setup()
rte_eth_rx_queue_setup()
rte_eth_dev_start()
Then, the network application can invoke, in any order, the functions
exported by the Ethernet API to get the MAC address of a given device,
to get the speed and the status of a device physical link, to
receive/transmit [burst of] packets, and so on.
Type: fix
Change-Id: I12d2ab4d84e6bd72a9f695447e86f3222929c804
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: fix
Signed-off-by: Mrityunjay Kumar <kumarnitp@gmail.com>
Change-Id: I31cc5e853b57e285064647503231b251e5152d3f
|
|
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I95286d6723fd1860bf6bb0e81c474d732ab25121
|
|
By storing thread and session index in hash table we are able to skip
multiple hash lookups in multi-worker scenario, which were used for
handoff before. Also, by storing sesion index in vnet_buffer2, we can
avoid repeating the lookup after handoff.
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I406fb12f4e2dd8f4a5ca5d83d59dbc37e1af9abf
|
|
Type: fix
Change-Id: Ife726d2f6baaa3516c209011183f39670cf6a55d
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
|
|
Calling ethernet_set_flags() to switch interface to/from promiscuous
mode must use use hw_if_index instead of sw_if_index.
Type: fix
Signed-off-by: John Lo <loj@cisco.com>
Change-Id: I72da286b913893227e32193ee11fbbc56e04804d
|
|
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I2a70db3a25450e014adaed84989f4da9bb77b14d
|
|
This fixes a situation where long-lived inactive session blocks LRU
list. Solution is to have multiple LRU lists based on session type.
This helps because session timeout is same for all sessions of same
type.
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I5e54b2aab73b23911d6518d42e8c3f166c69a38c
|
|
Use a lookup table instead.
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: Ia8461099828bb8824bf016201f135e6b69c444d1
|
|
Type: fix
Change-Id: I14e323e7bb1db7a3d40668212535c07504374e59
Signed-off-by: Filip Varga <fivarga@cisco.com>
|
|
Type: fix
Change-Id: Idf9b0ffb4e3a0113bece80d1195192bdf46feb89
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Fix a couple endian conversions for displaying Marker Protocol packet
in the trace
Type: fix
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: I746a67fb6143b5ad52bc4af9604ff8760dbdec9b
|
|
Avoids crash due to missing symbol, when build system detects toolchain
which is not able to produce binaries for all targets we need....
Type: fix
Change-Id: I77ee63cb8dca3c9e4e83a6235c60f1439a472444
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Fix coverity issue #210194 in gtpu-decap
Type: fix
Signed-off-by: Chenmin Sun <chenmin.sun@intel.com>
Change-Id: I5b172c8494527e7117c4e7e7083a8473165aa40f
|
|
Type: fix
Fixes: b5a575b09
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Change-Id: I22d35159a923075243df9760f1a74e2ca74e30e1
|
|
The original fix access vlib_main before these was initialized.
Removed cached vlib_mains structure.
Type: fix
Fixes: 9bb09afb56b1aa787ca574cc732085272059fd5f
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I686bab9220e27891f66bf60489c1602855786aa8
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I3c914d5c457df40205280ac589a2d353261343d5
|
|
Type: fix
Change-Id: If6784c9eb278f525e05304d10fd1a00641faaaf0
Signed-off-by: Filip Varga <fivarga@cisco.com>
|
|
Use thread-specific vlib_main_t *vm pointers to avoid problems with
different threads accessing the same vlib_main_t data structure.
This avoids assertion failure when vlib_time_now() is called with a vm
corresponding to a different thread.
Type: fix
Signed-off-by: Elias Rudberg <elias.rudberg@bahnhof.net>
Change-Id: I359596ecff86e03d57aa8d2330f77bf9a913485f
|
|
Type: fix
Change-Id: I0ff7a6f3354066c2252c1ebd0d43ac59db278bf0
Signed-off-by: Damjan Marion <damarion@cisco.com>
Signed-off-by: Elias Rudberg <elias.rudberg@bahnhof.net>
|
|
Type: docs
Change-Id: I9b5e5137eb4c1e89f6e8d7a278cd11a0fd496471
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Fix coverity issues in crypto framework and cryptodev
engine.
Type: fix
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Change-Id: Ib261da0163c8182c803600db22c5a6dad5a19999
|
|
Type: fix
Change-Id: I9b613f0af484f601dd20a851e2f59ee5e06b5c37
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Use thread-specific vlib_main_t *vm pointers to avoid problems
with different threads accessing the same vlib_main_t data
structure. This avoids crashing when ipfix logging is enabled
and several threads are used.
Type: fix
Signed-off-by: Elias Rudberg <elias.rudberg@bahnhof.net>
Change-Id: Ic1d3d335919d7666ead14be1153eb8c8c07b7356
|
|
Force session cleanup drops NAT db.
Also fixing user specific cli/api calls.
Type: improvement
Change-Id: Ia3e25fcf07fe5fb9a83d55c03fe90aca727b41ac
Signed-off-by: Filip Varga <fivarga@cisco.com>
|
|
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I609fef6f96c6a3fc85a4dc07e75244b0e1ba9239
|
|
Type: style
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Change-Id: Ief894e940a913a4ccf5368a2fdcf5479917f56cb
|
|
Type: feature
thus allowing NAT traversal,
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: Ie8650ceeb5074f98c68d2d90f6adc2f18afeba08
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Type: fix
Change-Id: Ib73ce48552cfa9e825a6833f5594650783d82f3b
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
this patch adds the offloading capability for the IPv4 GTPU
tunnel which the next-node is assigned as IPv6
Type: feature
Signed-off-by: Chenmin Sun <chenmin.sun@intel.com>
Change-Id: Ie39cd43058d36514656351dc6e906a19d5de89c0
|
|
explicitly convert RSS function types from vnet_rss_function_t to
rte_eth_hash_function to avoid these two types go out of sync in the future...
Type: fix
Signed-off-by: Chenmin Sun <chenmin.sun@intel.com>
Change-Id: Ic09f6bb7f2cfbcf7cc4d380e51554b7f2b7a3b90
|
|
Type: refactor
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I33b2b38961b200dc3297b82124a7107b9ecbd0de
|
|
Type: feature
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie47546ef36590b90ed481b14cf812afbecf7981c
|
|
Type: fix
key file name should be a string and not array of u8.
Change-Id: I7d280d2397030e73732b374ad9d3146fad0bb19f
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Type: improvement
- inline some common encap fixup functions into the midchain
rewrite node so we don't incur the cost of the virtual function call
- change the copy 'guess' from ethernet_header (which will never happen) to an ip4 header
- add adj-midchain-tx to multiarch sources
- don't run adj-midchain-tx as a feature, instead put this node as the
adj's next and at the end of the feature arc.
- cache the feature arc config index (to save the cache miss going to fetch it)
- don't check if features are enabled when taking the arc (since we know they are)
the last two changes will also benefit normal adjacencies taking the arc (i.e. for NAT, ACLs, etc)
for IPSec:
- don't run esp_encrypt as a feature, instead when required insert this
node into the adj's next and into the end of the feature arc. this
implies that encrypt is always 'the last feature' run, which is
symmetric with decrypt always being the first.
- esp_encrpyt for tunnels has adj-midchain-tx as next node
Change-Id: Ida0af56a704302cf2d7797ded5f118a781e8acb7
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.
The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.
Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.
Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".
Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).
Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar
Type: improvement
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
|
|
Type: improvement
Change-Id: I170256ab47978db34fb0ff6808d9cd54ab872410
Signed-off-by: Filip Varga <fivarga@cisco.com>
|
|
The api no longer requires packed ip addresses.
Type: test
Change-Id: If67365d86b7c3189f871a58234e99f9c8f875371
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I6da8cc7c4577d199e9dc0aa52c73b1230a380018
|
|
This patch adds the l2tpv3oip type flow support
Have tested on E810 with Intel iAVF driver
Type: feature
Signed-off-by: Chenmin Sun <chenmin.sun@intel.com>
Change-Id: Icb5114b5f70dd7a63f681e7c6ac802fade8b8cf1
|
|
Type: feature
Signed-off-by: Damjan Marion <damarion@cisco.com>
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com>
Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com>
Signed-off-by: Dariusz Kazimierski <dariuszx.kazimierski@intel.com>
Signed-off-by: Piotr Kleski <piotrx.kleski@intel.com>
Change-Id: I4c3fcccf55c36842b7b48aed260fef2802b5c54b
|
|
Type: fix
Change-Id: I8e4a47bd16fa8475ef695c09e3487eabf08faabe
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Type: improvement
Change-Id: Iebf77a63c0c19b130a3fbd26b5293304a9fed4c1
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: refactor
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I1f03d80c4ee2a555dc6baa262d6df4521c1ae818
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I8c0eb5b5b12ffac1ff5dc89cab10bdb8e4be4322
|
|
This patch enables the RSS configuration through vnet/flow interface
With this RSS feature, users can config the RSS functions for specific flows
Currently, it supports:
default, toeplitz and symmetric_toeplitz rss function, and
ipv4-tcp/ipv4-udp/ipv6-tcp/ipv6-ucp flow types
Users can use the following options to combine with above flow
types for more specific hash input set selection:
l3-src-only, l3-dst-only, l4-src-only, l4-dst-only
Command line:
test flow add dst-ip any proto udp rss function default rss types ipv4-tcp use l3-dst-only
test flow add dst-ip any proto udp rss function toeplitz rss types ipv4-udp use l4-src-only
test flow add dst-ip any proto udp rss function symmetric_toeplitz rss types ipv6-udp use l3-src-only and l3-dst-only
Type: feature
Signed-off-by: Chenmin Sun <chenmin.sun@intel.com>
Change-Id: I213efc76dc8af37f2f63605884f353e05b0f5d2a
|