summaryrefslogtreecommitdiffstats
path: root/src/plugins
AgeCommit message (Collapse)AuthorFilesLines
2017-09-25acl-plugin: use vec_elt_at_index rather than pool_elt_at_index to access ↵Andrew Yourtchenko1-2/+2
vector elements bb7f0f644 aimed to fix the coverity issue has incorrectly replaced the previous [] access with pool_elt_at_index(), for an element of a vector, with predictably interesting result. VPP-991 has uncovered the issue. Change-Id: Ifd3fb70332d3fdd1c4ff8570372f394913f7b6c8 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-09-25Fix sending GARP/NA on Bonded Interface Active/Backup Link Up/DownJohn Lo2-24/+72
For bonded interface in Active/Backup mode (mode 1), we need to send a GARP/NA packet, if IP address is present, on slave link state change to up or down to help with route convergence. The callback from DPDK happens in a separate thread so we need to make sure RPC call is used to signal the send_garp_na process in the main thread. Also need to fix DPDK polling so the slave links are not polled. Change-Id: If5fd8ea2d28c54dd28726ac403ad366386ce9651 Signed-off-by: John Lo <loj@cisco.com>
2017-09-25NAT: session number limitation to avoid running out of memory crash (VPP-984)Matus Fabian4-38/+120
Change-Id: I7f18f8c4ba609d96950dc1f833feb967d4a099b7 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-22acl-plugin: remove the clib_warning "ACL enabling..."Andrew Yourtchenko1-4/+0
It was useful for debugging once upon a time... but time to say goodbye to it... Also remove the warning printed when sending ACL details. Change-Id: I43b2537e176556831eb7ff34b25c9068aa05ee27 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-09-21NAT: remove worker_by_out lookup hash table (VPP-989)Matus Fabian3-133/+120
Change-Id: Ibcd2cf22348ae5a72770a8f8ad25cbe8df7fd390 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-20NAT: don't call ipfix rpc when disabled (VPP-988)Matus Fabian1-168/+181
Change-Id: Id98b523f7b20f82291a34e73762978fa65e24140 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-20NAT: move session and user lookup tables to per thread data (VPP-986)Matus Fabian5-110/+151
Change-Id: I41a51bb36e31e05c76fef0b34fe006afbee27729 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-19ACL plugin enable macip for ip4/ip6 trafficPavel Kotucek1-8/+4
Plus fixed problem with acl heap. Change-Id: I3d91db549ebe4595f1dab9b8780f90722540024b Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
2017-09-18ACL-plugin: fix coverity issuePavel Kotucek1-17/+17
Fix coverity CIDs 176805, 176806, 176811, 176812 Change-Id: I73591c922307e7a98d38d5d92ebf37c8b2ff0145 Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
2017-09-16dpdk: display EAL init args on startupDamjan Marion1-0/+1
Change-Id: I83ea1eae73cb41353cacd1c1b910339d10900502 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-09-15dpdk: cli to check for buffer leakageFlorin Coras4-1/+126
Use buffer pre_data and existing buffer trace trajectory code to find out dpdk buffer leakages. Change-Id: I26a5d8bd2f23d01cb6070ffc3ddcc6d3d863b575 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-09-15vppinfra: add clib_mem_vm_ext_alloc functionDamjan Marion2-14/+13
Change-Id: Iff33694fc42cc3bcc73cf1372339053a6365039c Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-09-15Modify return value of snat_out2in_lb(VPP-985)dongjuan2-10/+12
in order to trace session_index Change-Id: I4433155fbe21635f8a997523e2c7900c6a7569af Signed-off-by: dongjuan <dong.juan1@zte.com.cn>
2017-09-13NAT: fixed bug in snat_alloc_outside_address_and_port (VPP-981)Matus Fabian1-1/+1
generated random ports overlap between threads Change-Id: I7a13785e3f98b87e475426b0bd7f6bf2d9c1336c Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-13devices: Fix coverity discovered 9/13/2017Steven1-0/+1
Missing a break statement in the case Change-Id: I1b1e198748343bc116ee0eaf9012abc3be15c40a Signed-off-by: Steven <sluong@cisco.com>
2017-09-13lb_vip_command_fn param redundancy when unformat ip address(VPP-977)flyingeagle231-1/+1
Change-Id: I92de5b9ed42cda6c0438b8dc71892d322b642a70 Signed-off-by: flyingeagle23 <wang.hui56@zte.com.cn>
2017-09-13nat lb: del lb static mapping existed vec mem leak(VPP-983)flyingeagle231-0/+1
Change-Id: Id7306b432a33bb0fa594b6949e65ca528d8c0916 Signed-off-by: flyingeagle23 <wang.hui56@zte.com.cn>
2017-09-12physmem: remove debug leftoversDamjan Marion1-1/+0
Change-Id: I5a5dc0794d3398e749b64b07dfd1e2fc2230089b Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-09-12NAT: fixed bug in snat_alloc_outside_address_and_port (VPP-981)Matus Fabian3-9/+29
Change-Id: I6c5eccd4193c44604da3fd27c108defe71b38a4b Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-12devices: Display VhostEthernet instead of UnknownEthernet for dpdk net_vhost ↵Steven3-2/+14
driver Added a new macro VNET_DPDK_PORT_TYPE_VHOST_ETHER for dpdk net_vhost driver to display VhostEthernet instead of UnknownEthernet. Change-Id: Ie407d83ebbbd60e4d11be79f0ebc44e2867a5f3b Signed-off-by: Steven <sluong@cisco.com>
2017-09-12net/mlx5: fix warning messageShachar Beiser1-0/+3
Add support for Mellanox provider id and vendor id Change-Id: Ib2451e69fbe949f01bcb1ee556aa3020da225610 Signed-off-by: Shachar Beiser <shacharbe@mellanox.com>
2017-09-12Fix issue in nat Bisearch algorithm (VPP-980)flyingeagle231-1/+1
Change-Id: I39b1d1ec6fb9a10e2a0e67d36b01c0bf2522d07f Signed-off-by: flyingeagle23 <wang.hui56@zte.com.cn>
2017-09-12acl-plugin: add startup-config section "acl-plugin" and heap/hash parametersAndrew Yourtchenko3-4/+60
This adds the ability to tweak the memory allocation parameters of the ACL plugin from the startup config. It may be useful in the cases involving higher limit of the connections than the default 1M, or the high number of cores. Change-Id: I2b6fb3f61126ff3ee998424b762b6aefe8fb1b8e Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-09-12nat lb mapping command existed array out of bounds(VPP-979)flyingeagle231-1/+2
Change-Id: Id1dce0c2eebd4097bc17842f050453b76a94eb70 Signed-off-by: flyingeagle23 <wang.hui56@zte.com.cn>
2017-09-12ACL-plugin add "replace" semantics for adding a new MacIP aclPavel Kotucek4-18/+295
Change-Id: Ia5c869b2d8b8ad012b9e89fb6720c9c32d9ee065 Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
2017-09-11memif: mode ip is not settable from binary APISteven3-4/+10
While mode ip is supported via the CLI for creating a memif interface, it is not settable from the binary API due to missing code. While at it, update the help usage to include the missing keyword secret. Change-Id: Ia9c71f4017210a5e1733ce4992fbb566b7d20c1a Signed-off-by: Steven <sluong@cisco.com>
2017-09-11FIB table add/delete APINeale Ranns2-11/+19
part 2; - this adds the code to create an IP and MPLS table via the API. - but the enforcement that the table must be created before it is used is still missing, this is so that CSIT can pass. Change-Id: Id124d884ade6cb7da947225200e3bb193454c555 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-09-10NAT: fixed hairpinning for in2out translation as an output feature (VPP-976)Matus Fabian1-7/+19
Test whether the hairpinning flag is set only for packets from NAT inside interface. Change-Id: I4a4fdd2084a76a70ce9dfe3e2b8332c02fa2eccd Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-09move unix_file_* code to vppinfraDamjan Marion3-64/+66
This will allow us to use this code in client libraries without vlib. Change-Id: I8557b752496841ba588aa36b6082cbe2cd1867fe Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-09-08vlib: move linux-specific code to vlib/linuxDamjan Marion3-30/+2
Change-Id: Id79d2c2be7a98e15416a537c890a8f2dd6d4464d Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-09-08memif: fix coverity warnings as of 9/7Steven4-12/+29
1. coverity complains about "buffer not null terminated" for strncpy because we pass the size of the destination to the call which is equal to the true size of the destination. We subtract 1 for the size to accommodate the null like all other places are already doing it. 2. Add a check to tx_queues in memif_interface_tx_inline to avoid "divide by zero". 3. To avoid null pointer dereference in memif_create_if, change the goto done rather than goto error and spit a more meaningful error rather than silent about it. 4. Shuffle a line to avoid "check after use" in vl_api_memif_delete_t_handler. Change-Id: Icba7ecd5362c012a48ac35795d31aab356617420 Signed-off-by: Steven <sluong@cisco.com>
2017-09-08ACL-plugin MACIP ACLs testsPavel Kotucek1-2/+16
Change-Id: Ie40c837358454cfe9475cb2c14fdf20b24fa6602 Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
2017-09-08acl-plugin: add hitcount to applied hash-acl entriesAndrew Yourtchenko3-4/+10
Add a counter incremented upon the ACL check, so it is easier to see which kind of traffic is being checked by the policy, add the corresponding output to the debug CLI "show acl-plugin tables" command. Change-Id: Id811dddf204e63eeceabfcc509e3e9c5aae1dbc8 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-09-07vlib physmem reworkDamjan Marion5-18/+35
This patch adds supprot support for multiple numa-aware physmem regions. Change-Id: I5c69a6f4da33c8ee21bdb8604d52fd2886f2327e Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-09-07NAT: fixed bug in snat_get_worker_out2in_cb (VPP-832)Matus Fabian1-0/+2
Change-Id: Id9c977634a1259865e3403ba0d90aecaca85207d Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-07acl-plugin: match index set to first portrange element if non-first ↵Andrew Yourtchenko1-5/+1
portrange matches on the same hash key (VPP-937) Multiple portranges that land on the same hash key will always report the match on the first portrange - even when the subsequent portranges have matched. Test escape, so make a corresponding test case and fix the code so it passes. (the commit on stable/1707 has erroneously mentioned VPP-938 jira ticket) Change-Id: Idbeb8a122252ead2468f5f9dbaf72cf0e8bb78f1 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> (cherry picked from commit fb088f0a201270e949469c915c529d75ad13353e) Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-09-06Fixes for issues raised by Coverity (VPP-972)Chris Luke1-2/+2
Change-Id: I4b1f27b95d67d48b7a13750ff8754c344ed7afa7 Signed-off-by: Chris Luke <chrisy@flirble.org>
2017-09-06NAT: Destination NAT44 with load-balancing (VPP-954)Matus Fabian6-70/+1011
added load-balancing static mappings with unequal load support Change-Id: Ie505e41f24d46f812b94dd28bdafe3dc170a6060 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-09-06dpdk/ipsec: fix setup when using master core onlySergio Gonzalez Monroy1-2/+3
Change-Id: I62b7aa896dfe218358f11a5197b1228a3dd67152 Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
2017-08-31dpdk/ipsec: update doc regarding startup.confSergio Gonzalez Monroy1-10/+7
Change-Id: Ie449072ab1efec081235b508f1def60a1287ff5f Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
2017-08-30Offload prep calls needed for IP and UDP checksum offload pktsDave Barach1-1/+4
Change-Id: I9b29bcff348bddfb49b1c38b1d409249e37bb075 Signed-off-by: Dave Barach <dave@barachs.net>
2017-08-29Fix static mapping lookup issue for NAT pluginHongjun Ni1-0/+1
Change-Id: Ic99d1db5360f69126b23bb2b78f29d6404cbbae9 Signed-off-by: Hongjun Ni <hongjun.ni@intel.com>
2017-08-29Fix some issue of comment and help for nat featureHongjun Ni1-3/+3
Change-Id: I9233e427b5f8874492fefb2bfe7c1ab329e366b2 Signed-off-by: Hongjun Ni <hongjun.ni@intel.com>
2017-08-29Flowprobe: Fix flow start time and hash computationPierre Pfister2-25/+21
Upon hash collision, the flow start time was not reset. The hash computation techniques (crc32 or xxhash) also both had bugs which are now fixed. Change-Id: I94d72997f34018d1699324264f7dded2a5cbd776 Signed-off-by: Pierre Pfister <ppfister@cisco.com>
2017-08-25dpdk: bump to dpdk 17.08, remove support for dpdk 17.02Damjan Marion5-35/+4
Change-Id: I674fb1212e48693939045523df085326a4dd1809 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-08-25acl-plugin: warning printed when acl_add_replace already applied ACLs ↵Andrew Yourtchenko4-17/+49
(complete the fix for VPP-935) The fix for VPP-935 missed the case that hash_acl_add() and hash_acl_delete() may be called during the replacement of the existing applied ACL, as a result the "applied" logic needs to be replicated for the hash acls separately, since it is a lower layer. Change-Id: I7dcb2b120fcbdceb5e59acb5029f9eb77bd0f240 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> (cherry picked from commit ce9714032d36d18abe72981552219dff871ff392)
2017-08-25Use Quad-loop to improve gtpu-encap performanceHongjun Ni1-49/+194
Change-Id: I440fae09e77502392af5cde45dd9c532afa5d976 Signed-off-by: Hongjun Ni <hongjun.ni@intel.com>
2017-08-25dpdk: required changes for 17.08Sergio Gonzalez Monroy9-216/+471
DPDK 17.08 breaks ethdev and cryptodev APIs. Address those changes while keeping backwards compatibility for DPDK 17.02 and 17.05. Change-Id: Idd6ac264d0d047fe586c41d4c4ca74e8fc778a54 Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
2017-08-24Make VPP runtime directory configurableDamjan Marion3-22/+22
New startup config command: unix { runtime-dir /run/vpp } Also, adds recursive mkdir funtion for use in deifferent places like cli-config socket path and dpdk hugepage directory path. Change-Id: I1446ceab9c220c25804e73a743a3ebb383450124 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-08-24NAT64: Fix error message typo (VPP-961)Matus Fabian1-5/+6
Change-Id: Ieb81c5e157e342cbb532bd65f3b64059e5838691 Signed-off-by: Matus Fabian <matfabia@cisco.com>