| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Type: improvement
Currently, when an interface is brought down administratively, IPv4
routes that resolve through that interface remain in the FIB. However,
the kernel removes those routes but doesn't send any notifications about
that. Desynchronization between the kernel and VPP happens.
With this change, when a notification received from the kernel
indicating that an interface was brought down, in addition to bringing
the VPP interface down, walk the IPv4 FIB bound to that interface and
remove any entries that resolve through that interface and were added
with one of the linux-cp FIB sources.
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: I0cd14bb63c9e6616ae1c5739b17c3bf33b186bc2
|
|
Type: fix
Primarily fix an issue reported by Coverity in
lcp_nl_open_sync_socket() that close() could possibly be run with
negative fd. Also, add more checks and error logging there.
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: I9a88520d068392977a6eba0766451e5652fe512c
|
|
Type: improvement
Currently, read event signal is sent on every notification message
received and added in the queue.
With this change, signal read event only when all currently available
notification messages are received.
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: Ib86d189311ce01f50167e4e97feb99df0292ad96
|
|
Type: improvement
Currently, while reading notifications, ENOBUFS error is ignored and
reading continues. This was done to minimize the number of notifications
that are lost due to reopening the socket.
Now that synchronization is implemented to recover from socket errors,
ignoring ENOBUFS and reading as much notifications as possible is not
actual. Before synchronization, all currently enqueued notification are
discarded in any case.
With this change, stop reading notifications if any error occurs.
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: I1184d9a3aa99df63ef59bc2a67be2b1e5e0e9329
|
|
Type: fix
if original packet was to the link local, then the
fib index in the buffer is that of the LL table, we can't use that
to foward the response if the new destination
is global, so reset to the fib index of the link.
In other case, the fib index we need has been written
to the buffer already.
Add a test for IPv6 ping in an MPLS-VPN where int inout interface is
not the the same VRF as the response should be sent.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I18a232d90ddd3ef051a52476c5d861c87060e76f
|
|
Type: improvement
When dump of neighbors is requested, the replies will also include
neighbor entries for IPv6 multicast addresses:
GigabitEthernet0/8/0 S ff02::16 33:33:00:00:00:16
GigabitEthernet0/8/0 S ff02::1:ff76:7135 33:33:ff:76:71:35
GigabitEthernet0/8/0 S ff02::2 33:33:00:00:00:02
Such entries are not reported in netlink notification messages and
VPP is unlikely to use these.
With this change, ignore neighbor entries when the IP address is a
multicast address.
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: Ic712aa4904f1d559f31fd89ff4541268e2340f84
|
|
Type: improvement
During synchronization, only the current actual set of entries is
loaded. If some entries are no longer present in the set being loaded
but present in VPP, they should be removed to fully syncronize.
With this change, add handlers for sync begin and end events. Begin
handlers will mark the entries as stale. End handlers will remove the
entries that are still marked as stale.
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: I4f7e872af3e1c9ffa6c63bcc3984ec76def1bb43
|
|
Type: improvement
Currently, if an error happens on the netlink notification socket, the
socket gets reopened. A portion of notification messages have been lost
because of this and will never arrive on the socket. VPP will be out of
sync with the kernel networking state.
With this change, synchronize VPP state and the kernel networking state
if there was an error polling or reading the notification socket.
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: I8cdff89b505cd227535a0acaadb6ee757204c45e
|
|
Type: improvement
For some message types, timestamps are checked on netlink message to
decide whether the message should be applied. For notification messages
timestamps are expected to be always available.
With this change, before accessing the timestamp, make sure the message
info object that carries it is not null. If it is null, pass the check.
This is to be ready to process dump replies that will not need the
timestamp check and will have the message info object set to null.
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: Ic7211c0d451d72f6a5248898b3a8f8e0bca8f7aa
|
|
Type: fix
Currently, a tap interface created to be a member of a linux-cp pair has
default link state (down) and default link speed (10Mb/s). Then the
plugin monitors the link state of the paired hardware interface and if
it changes, the new link state is reflected on the tap interface. And
when the new link state is "up", the link speed is also reflected on the
tap interface.
The problem is that this scheme implies that the hardware interface's
link state is "down" at the moment of the linux-cp pair creation and
then changes. But there are cases when the link state is already "up" at
that moment. If that is the case, the link speed on the tap interface
will remain the default one until the link comes down and then comes up.
With this fix, when a linux-cp pair is created, reflect current link
state of the hardware interface being paired on the created tap
interface.
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: I73664d753f4daaa6d439c9ca898fb7363d21c06d
|
|
Some possible side effects for multicast routes appears to be in
lcp_router_table_add_or_lock. so ff00/8 route will be processed
for ospf purposes the right way
Ignore IPv6 kernel routes
Skip adding auto routes into FIB
Type: fix
Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com>
Change-Id: I35f73d629a7fffca7f7d4547adc2549b72c2048f
|
|
Include the user_instance in wireguard interface details.
In addition to dumping all wireguard interface details,
also allow selective dumping of just one interface.
Type: improvement
Signed-off-by: Jon Loeliger <jdl@netgate.com>
Change-Id: Iaf1093c6ae3eb00a685f34b2e0171285b02fae2b
|
|
Useful for stress testing.
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I0b1701682494a9fbf7deac311b4afd3036c50b56
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: If5eed7dac4951f0510a4b4b092f66f44d0d3cacd
|
|
Type: fix
Signed-off-by: Saravanan Murugesan <sarmurug@cisco.com>
Change-Id: I5f7f4b925b3d250c5b8616d1fb35edbde50a7a23
|
|
The app keeps on using the default app ns but each listen will be done
in the vrf configured.
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I0947e03188d55231b299916351115038e0b1f5da
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ibe92497cc5446ac5c734f8fe5c63c0167204dd09
|
|
This fixes an issue caused by session layer reading expected part of
data (cert + key) before the client actually sends it.
Type: fix
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Change-Id: I6ddddb08f9576211b302e814d7c2b040383e5fb7
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I925618e426b325f4fafb9ed39a2d7c2d7c7b38f3
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I37ff8099c6c8044881379b4cd47ca8843746c315
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie89326ed4e599231fc20de67c5dadbb428568bec
|
|
Type: fix
Fixed coverity-issue CID 248517.
Originally possible passing null pointer to one function and directly
dereferences it.
This patch fixes the issue by add a new condition to check this
pointer.
Change-Id: If506abaf08c9f003860b641971af291f68613c18
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
|
|
Type: fix
Fixes: 39e9428b90bc
When a VRRP advertisement is received by a worker thread, the worker
calls vl_api_rpc_call_main_thread() so the main thread will process the
packet and make adjustments to VR state if necessary.
The data being passed to the main thread included a pointer to the VRRP
header in the received packet buffer. Since the main thread processes
the RPC request asynchronously from the worker thread, it's possible for
the worker to drop the packet and for the buffer to be overwritten before
the main thread can process it.
Copy the fields which may be needed by the main thread into a struct
instead of passing a pointer to a packet buffer.
Change-Id: I4e899e967df5a54776b521825a80e9cce1a94f5f
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
|
|
Integer math on 32 bytes of base64 data might yield 33 bytes
of data in some poorly formed user input of private key values.
Rather than smashing the stack (detected) and aborting, simply
allow for the possible yet irrelevant 33-rd byte of data.
Type: fix
Fixes: edca1325cf296bd0f5ff422fc12de2ce7a7bad88
Change-Id: I42acfbf3e8fbb3d517e21c53d4f80459d4800e9d
Signed-off-by: Jon Loeliger <jdl@netgate.com>
|
|
Type: fix
otherwise the feature is enabled n times for n lcp-pairs and the packets go n times through the feature.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I8e47e4a293d6e2711f54aa09e9545e5e07728026
|
|
Type: fix
Fixes: 6fdcc3d
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I820c505482801ff2ab8dac41a0016bb3a741a4ee
|
|
TCP/UDP packets which are dropped are not counted towards TCP/UDP
counters. Apply same behaviour to ICMP packets.
Type: improvement
Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
Change-Id: I487fa7135ac8e49431a621fac213638d2dab31c8
|
|
Type: fix
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Change-Id: I4ede67c901456d57e457c648d28153423d45fb41
|
|
Breakdown the distribution of uops delivered to the frontend.
Collerates directly with the source of the uops.
Type: improvement
Signed-off-by: Ray Kinsella <mdr@ashroe.eu>
Change-Id: I93a57dbe56dfa0f378527844aa4e63f45a548e55
|
|
Type: feature
Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com>
Change-Id: I2fd12a5b30aacdbaecb9156b829bfc06dfea377f
|
|
This is required after distinguishing between max_frame_size and MTU
Type: fix
Signed-off-by: Artem Glazychev <artem.glazychev@xored.com>
Change-Id: Ie642bee4e30ca76903bb8be5eeb6914c2c09bf35
|
|
Type: fix
Fixed coverity-issue CID 248517.
Originally possibly passing null pointer to one function and
directly dereferences it.
This patch fixes the problem by add a new condition.
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: I02fc6fb5d1cfd6138ea4ba2b1946fd8a7ef34d3b
|
|
If the user supplies an instance number when creating a wireguard
interface, it should be used in the device name. If no user-instance
is given, the device instnce (tunnel number) is used.
For example:
vpp# wireguard create instance 17 listen-port 23023 src 1.2.3.4
private-key MDEwMjAzMDQwNTA2MDcwODA5MTAxMTEyMTMxNDE1MTY=
wg17
Type: fix
Fixes: edca1325cf296bd0f5ff422fc12de2ce7a7bad88
Signed-off-by: Jon Loeliger <jdl@netgate.com>
Change-Id: Ibf51868bf7b4b9e8a3f85557d05667207873bc91
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: If5e6d0e8c686ea93674d6201c38b3a4d1c4786a5
|
|
Supported only when eventfd option is enabled.
Type: feature
Change-Id: Ic9d6e38604e978f7bc8e54d74fe9b8f3fc53622d
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Type: refactor
To be consistent with the location of the IPv4 responder
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: Ie3a5c3ecc10755317591d7ff57b74770c2798e77
|
|
Type: fix
Signed-off-by: Vyshakh Krishnan <vyshakh@rtbrick.com>
Change-Id: I0b085fd2d3d9b8e08a16585c4964101b6461bf06
|
|
Type: fix
Since commit https://github.com/DPDK/dpdk/commit/e2a6d08bef489215ebb77b1d3033875ada757cfa
DPDK started advertising scattered Rx feature for elastic network adapters. Thus, dpdk
plugin doesn't have to disable it for ENA by default anymore
Signed-off-by: akolechk <akolechk@cisco.com>
Change-Id: I2d4f429be992e3c4edcc0c3adf8c55f3d5381631
|
|
Originally XDP_FLAGS_REPLACE was passed to the function.
For kernels not defining this macro (for example 5.4) in if_link.h vpp
sets it to 0.
If kernel has this macro problem appears, replace flag requires
specifying the program to be replaced. bpf_set_link_xdp_fd wraps
around __bpf_set_link_xdp_fd_replace and passes 0 as old_fd, it leads to
an error while assessing for replacement (if 0 is passed
there is no assessing for replacement).
To address this issue no flag is passed to the function, only 0.
Type: improvement
Signed-off-by: Dastin Wilski <dastin.wilski@gmail.com>
Change-Id: I3689ce7eb8c71c699f0e589111929979c2bbe213
|
|
Type: improvement
When the adj subsystem is notified of a BFD session, it attempts to find the appropriate adjacency from the session's key.
This could lead to a mismatch between the adj used by BFD and that of FIB. The BFD session stores the adj it is using, so FIB uses that instead.
Since adj is now using the same adj as BFD, it does not need to maintain its own locks.
In BFD it is necessary to initialise the adj index used in INVALID and ensure it is not unlock before listeners are notified of the session delete.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I9630867b10bb18969475299a0c754942a8df0f44
|
|
Type:fix
Signed-off-by: fanxb <fxb_mail@163.com>
Change-Id: I244f6ddd0a34e82ababd375646d3bb194602b5d5
|
|
Type: refactor
IP4 does not depend on TCP (it's the other way around).
This upside down dependency leads to some nasty circular includes when trying to use ip46_address.h in interface.h
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I4a1bd21543b08b9c1cf1e5563da738414734a878
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Id78cdf742689a5cff356ac0aa3167af1c886b531
|
|
Can be used for throughput testing over http. For instance, start
server:
http tps #implicitly listens on port 80
Then, to test throughput with curl:
curl <server_ip>/test_file_10g
curl <server_ip>/test_file_123m
Similarly, for https:
http tps uri tls://<server_ip>/443
curl -k <server_ip>/test_file_1g
Type: feature
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I30ab7f0d94a7357b3f04546e4a3d3c410a733908
|
|
Type: fix
Change-Id: Id183c47328510b5db7ffcc7a4dfb41f5a3151399
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Iad7304c3a8fef14ec85c4240714feb86637411ca
|
|
Support segment and fifo sizes for now.
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie7242936de7a87df8a703eb371f665be5be4390d
|
|
Makes it similar to connects.
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I38c328670054e1a9ba4dc4ea8fe7519a5a09e8be
|
|
Type: test
The FIB UT fails in debug mode because there is no string associated woth its fib_node_type_t.
Change the tests to register their own type, which will give it a name.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I36e546718faa7241c088494cbae10939aca51d5a
|
|
not needed, '>' works...
Type: improvement
Change-Id: I9bfbac787e8dca24e9b1bceda0922740eed26346
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
Alexander Chernavin
Neale Ranns
Vladimir Ratnikov
Jon Loeliger
Florin Coras
Saravanan Murugesan
Filip Tehlar
Gabriel Oginski
Matthew Smith
Klement Sekera
Ray Kinsella
Artem Glazychev
Vyshakh Krishnan
akolechk
Dastin Wilski
fanxb
Nathan Skrzypczak
Damjan Marion