summaryrefslogtreecommitdiffstats
path: root/src/plugins
AgeCommit message (Collapse)AuthorFilesLines
2020-01-27map: api: fix tag overflow and leakBenoît Ganne2-4/+6
The 'tag' parameter is expected to be a NULL-terminated C-string in callees: - make sure it is null-terminated in both API and CLI cases - do not allocate & copy the string into a non-NULL-terminated vector in API case - fix leak in CLI case Type: fix Change-Id: I221a489a226240548cdeb5e3663bbfb94eee4600 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-01-27docs nat: fix nat-ha ascii artPaul Vinciguerra1-0/+2
See: https://docs.fd.io/vpp/19.08/nat_ha_doc.html Type: docs Change-Id: I43ecf1dfb6976ebafee04d820f0e1b07393a0b93 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2020-01-24nat: in2out-output nodes work with acl reflectMatthew Smith2-2/+107
Type: feature The current feature ordering of NAT44 nodes with respect to the ACL plugin's IPv4 input/output features is: ip4-output: acl-plugin-out-ip4-fa runs before any NAT44 nodes ip4-unicast: acl-plugin-in-ip4-fa runs before any NAT44 nodes ACL rules with action permit+reflect can keep track of outbound flows and allow the replies inbound without an explicit inbound rule. If ACL permit+reflect rules are configured on an interface that also has NAT44 configured with output-feature/postrouting translation of outbound packets, the ACL rules cannot allow inbound packets. The ACL state that was stored on the outbound flow contains the IP addresses of the original packet, prior to translation. The inbound packets are being evaluated by the ACL node using the translated addresses. The order of processing inbound needs to be the opposite of what it was outbound for this to work. Change the NAT44 features on ip4-output so that they run before outbound ACL nodes. This matches the existing behavior of the NAT44 nodes which rewrite source addresses as an input feature instead of an output feature. This was only done for endpoint dependent mode because the regular endpoint independent in2out-output node currently selects an explicit next node rather than using the next node on the feature arc. Unit test added to configure both NAT and an ACL and ensure that out2in packets matching an in2out flow are permitted by the ACL and translated by NAT. Change-Id: Ibd679c28b64c3fc3cc8c0606ea93123e384e839f Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2020-01-23srv6-mobile: fix the converity issueTetsuya Murakami1-26/+21
Type: fix Signed-off-by: Tetsuya Murakami <tetsuya.mrk@gmail.com> Change-Id: I358a290f4ac121f075f7ee52941beabe478bfba0
2020-01-22ipsec: re-enable DPDK IPSec for tunnel decap/encap (VPP-1823)Neale Ranns4-5/+27
Type: fix Change-Id: Iff9b1960b122f7d326efc37770b4ae3e81eb3122 Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-01-22hsa: proxy app fixesFlorin Coras1-33/+15
Type: fix Change-Id: Icb4b331c9346d3781f4ddd6f62891c78d4059c1f Signed-off-by: Florin Coras <fcoras@cisco.com>
2020-01-22nsim: enable output scheduling on main threadDave Wallace2-2/+29
Type: fix Change-Id: I5d47cb9bc7eb7f3c8485e3b42f0701e81d87ba2a Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2020-01-21nat: fix dhcp client on outside interface with output featureAlexander Chernavin2-18/+18
There was an attempt to fix this problem in the commit: d3b8c861a44e70c197ab721fa3ce7f38bbeab7fd But checking the LOCALLY_ORIGINATED flag didn't work because this flag gets reset before it can reach the NAT nodes. With this commit, replace the check for the LOCALLY_ORIGINATED flag with a check to see if the packet is a DHCP broadcast. Type: fix Change-Id: I069c08a785b5988b10192f528e4f9c4c7cc2f8a3 Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2020-01-21nat: removed obsolete fragmentation codeFilip Varga1-84/+16
Type: fix Ticket: VPP-1817 Signed-off-by: Filip Varga <fivarga@cisco.com> Change-Id: Id4d694ce636b0a213e65ce27c32a8150df9af0f8
2020-01-17lb: fix that lb_add_del_vip and lb_add_del_as api doesn't work correctlyYulong Pei3-12/+9
Currently if user want to set ip4 address to the api, it must convert to ip6 format, e.g. user want to ip4 "90.1.2.1" but must convert to "::5A01:0201", it is not acceptable, this fix solved the issue. Ticket: FDIO-753 Type: fix Change-Id: I2ffa5a3d38400ee176cf601421074f71fc395f03 Signed-off-by: Yulong Pei <yulong.pei@intel.com>
2020-01-17nat: refactor of port/address allocation functionsFilip Varga8-15/+429
Change-Id: Ie2a3c0f44322dd8415603b7ce51bb72d72769c95 Ticket: VPP-1815 Type: refactor Signed-off-by: Filip Varga <fivarga@cisco.com>
2020-01-15build: install vpp_echo for CSIT QUIC perf testsDave Wallace1-1/+0
Type: make Signed-off-by: Dave Wallace <dwallacelf@gmail.com> Change-Id: Iddfcce1f662efe63c5a6788a0a604917b1c9d81e
2020-01-15tls: enable async node on demandYu Ping1-3/+1
Type: fix Change-Id: Iab7c65614c94497e8ec5a96624be72c1a139e486 Signed-off-by: Yu Ping <ping.yu@intel.com>
2020-01-15quic: add FEATURE.yamlAloys Augustin1-0/+10
Type: docs Change-Id: Ica60b42e64703879c5c229209e4a4fac278bda31 Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
2020-01-15srv6-mobile: Revert "srv6-mobile:"Andrew Yourtchenko15-2110/+329
This reverts commit 57584d99dd8a8524db90c67c88525d58879d9b8e. The reasons for reverting: - the documentation seems "work in progress". Also, 500K of pngs should probably go on wiki, rather than in the repo. Please make sure that newly added documentation renders correctly and sensibly as part of the review/commit process. - runner.py seems to contain unit tests, so it should be rewritten in a manner that allows the testing from within CI (including an unprivileged docker container) - the above items, especially the testing one, warrant more work, and at a RC1 milestone time it is probably not a good idea to include a significant patch without proper care. I suggest to prepare it so it is ready for the next release, or cherrypick it for a 20.01.1 release, if having it in stable/2001 is absolute necessity. - when submitting it, ensure that the commit message makes sense, especially having "srv6-mobile:" with no further text should be absolutely avoided. Change-Id: If81441f7ebf11a6ad5638b1327faf18e8ebe6a35 Type: fix Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2020-01-15tls: add picotls session close processSimon Zhang1-1/+10
Type: fix Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com> Change-Id: If0a1691c1435f2826c8c83f8bc52e4cd3ecc6256
2020-01-14tcp: handle ack advancement with no holes and renegingFlorin Coras1-1/+35
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I9afba8dc9e087b8c436fe568531c02614a577a7c
2020-01-14tests: fix worker thread initializationPaul Vinciguerra1-4/+7
from threading.thread __init__: This constructor should always be called with keyword arguments. If a subclass overrides the constructor, it must make sure to invoke the base class constructor (Thread.__init__()) before doing anything else to the thread. Type: test Change-Id: Ifa89202e97053a4baf19e9a0ca0913430d5087a3 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2020-01-14srv6-mobile:Tetsuya Murakami15-329/+2110
Type: feature Add new functions in SRv6 Mobile Plug-in GTP4.DT and GTP6.DT Signed-off-by: Tetsuya Murakami <tetsuya.mrk@gmail.com> Change-Id: I573a0c27bd463dd56a4d11b940941b8a8c826e08 Signed-off-by: Tetsuya Murakami <tetsuya.mrk@gmail.com>
2020-01-14dpdk: enforce max tx retriesBenoît Ganne1-0/+1
n_retry was never decremented and so never enforced. Type: fix Change-Id: I71d60a72c156286f7e5b82b1c77a723361317c69 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-01-13acl: Remove unsued typeNeale Ranns2-53/+31
Type: style and add some indent offs. Change-Id: I31cf3ab9ff9b64d2cd1f2034dcedd4a9c453efb4 Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-01-13ct6: dst,src copy typoNeale Ranns1-1/+1
Type: fix Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I266fa5dc637383fd8dac6592c9c266a1b70a73e9
2020-01-13tls: enable TLS OpenSSL plugin works in 3.0.0Yu Ping1-0/+5
Type: fix Change-Id: Id1602981fcc6efed1b0efe79a1fc8177457acdb5 Signed-off-by: Yu Ping <ping.yu@intel.com>
2020-01-10sr: feature YAML files for Segment Routingpcamaril3-0/+24
Type: docs Signed-off-by: pcamaril <pcamaril@cisco.com> Change-Id: Ia35d18113e17fd2ba5310e81ca527d3569cd110e Signed-off-by: pcamaril <pcamaril@cisco.com>
2020-01-10docs: Edit FEATURE.yaml files so they can be publishedJohn DeNisco17-28/+28
Type: docs Signed-off-by: John DeNisco <jdenisco@cisco.com> Change-Id: I7280e5c5ad10a66c0787a5282291a2ef000bff5f
2020-01-08rdma: api: prepare support for direct verbBenoît Ganne7-10/+79
Prepare rdma interface creation API for direct verb support: - add new optional 'mode' parameters to select between ibverb or direct verb backend (optional, default to 'auto') - set default value for rxq_num (1), rxq_size (1024) and txq_size (1024) so they are now optional - bump default create value for rxq_size and txq_size to 1024 if unset (0) so they are coherent with default values above Type: feature Change-Id: Id9eae2b8eb0baaf34a0fcd55da6ad09515f57a93 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-01-08tcp: fix last sacked with no holesFlorin Coras1-0/+44
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Id12b0a9b8bc47aef8b393544e5b4c8228ed6a606
2020-01-08acl: add FEATURE.yamlAndrew Yourtchenko1-0/+26
Change-Id: If6f13e7962c27f35528058224928def927fff19f Type: docs Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2020-01-08rdma: add FEATURE.yamlBenoît Ganne1-0/+8
Type: docs Change-Id: I91d701814e4bd9953616d2b7c76ae2ea7c07074b Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-01-07tls: Make tls CPS test run for a quite long timeYu Ping1-3/+7
Type: fix Change-Id: I8cfb48bd7f92689b296861dd368186408918061b Signed-off-by: Yu Ping <ping.yu@intel.com>
2020-01-07tcp: fix duplicate sack whith renegingFlorin Coras1-11/+99
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I6f7fb91e059996ff702eb9c36e3abaed237fe221
2020-01-06vmxnet3: add FEATURE.yamlSteven Luong1-0/+9
Type: docs Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I8b0432a3a384dc2431fcb0b4e7c3f0cfb1713d8e
2020-01-06lacp: Add FEATURE.yamlSteven Luong1-0/+8
Type: docs Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I6fe5555a9ec867d4e39f0751662256717b45e0f9
2020-01-06quic: call quic_send_packets only once per ctxAloys Augustin1-3/+7
This prevents unnecessary calls to quic_send_packets. Type: fix Change-Id: I7abe509aa8b7b9d5a01c9876046cf0f4507a79cf Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
2020-01-06lb: add FEATURE file for lb/pppoe/gtpu/vxlan-gpe/pppoeHongjun Ni4-0/+48
Type: docs Change-Id: Ia3949954423eb7691c02e99444767a9f01a14adf Signed-off-by: Hongjun Ni <hongjun.ni@intel.com>
2020-01-03hsa: fix coverity warningFlorin Coras1-0/+2
Type:fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I38b155f7617d002ac16943c2c031269a17f4ba73
2020-01-03map: fix ip4-map-t DF behaviorVladimir Ratnikov1-11/+12
ip4_is_fragment(header) or ip4_is_first_fragment(header) didn't changed when packet with fragmentation needed arrives. This patch checks DF flag and MTU with packet length and if DF is set and length > MTU, packet is dropped. In case if ignore_df is set, DF flag makes no sense. Type: fix Fixes: d6d50cebde647f9a5ee7251a7fef977506f315d7 Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com> Change-Id: I720e25167c19a0b13ac5fdfb41b12c0bbdc00d09
2020-01-03nat: use SVRKlement Sekera30-5270/+1444
Remove NAT's implementation of shallow virtual reassembly with corresponding CLIs, APIs & tests. Replace with standalone shallow virtual reassembly provided by ipX-sv-reass* nodes. Type: refactor Change-Id: I7e6c7487a5a500d591f6871474a359e0993e59b6 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2020-01-03abf: add feature.yamlNeale Ranns1-0/+20
Type: docs Change-Id: I4959010617b0fb51652beafe6967afd556f27e92 Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-01-03igmp: Add feature.yamlNeale Ranns1-0/+9
Type: docs Change-Id: I8d6ab1b4fd9f059a3f4c8ba28fc9f20debfb65cb Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-01-03l3xc: add feature.yamlNeale Ranns1-0/+13
Type: docs Change-Id: I0d939b26079e9e45fba1cbb7c8e668918c128526 Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-01-03nat: add feature.yamlOle Troan1-0/+27
And add support for multiple maintainers in JSON schema. Type: docs Change-Id: Ice430927ceecf53526a3fdf46c075a95206bf0ac Signed-off-by: Ole Troan <ot@cisco.com>
2020-01-03svs: add feature.yamlNeale Ranns1-0/+15
Type: docs Change-Id: Ie75368f64201f2f6623413bc2ba015d9dc8fbc9f Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-01-02crypto-ipsecmb: Add FEATURE.yaml for all crypto engine pluginsNeale Ranns3-0/+35
Type: docs Change-Id: Ia00e3167e954271c9eb7618792fd86df288d5c19 Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-01-02http_static: add FEATURE.yamlDave Barach2-0/+23
Type: docs Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I2f9a74541183af6c10abea2c29002842ddb88815
2020-01-02session: fix listener global endpoint lookupFlorin Coras1-1/+1
Type: fix Ensure listeners for app transport protocols are added to lookup tables using their session endpoints instead of their transport connections, which can override the network connection id in the transport connection. Change-Id: I56fa3666bb1422c0799fc7143cd099751ff6e2e6 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-12-24unittest: test_bihash call clib_time_init(...)Dave Barach1-0/+1
Fix "Rejecting large frequency change of +infinity" errors. Type: test Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I8efca1291e38c48bb98e7f8109253224a4f0a2a1
2019-12-23tests: vpp_memif fix formatting error in exceptionPaul Vinciguerra1-5/+2
Type: test Change-Id: I2d32797efd1c3478a862b7950ef9ab63428da890 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-12-21session: move add/del segment msg to mqFlorin Coras4-97/+95
Type: refactor Change-Id: I32234173ebd69f80acb1afa4039fffbd19157f6d Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-12-20vxlan: reuse inner packet flow hash for tunnel outer header load balanceShawn Ji1-0/+9
Type: fix Several tunnels encapsulation use udp as outer header and udp src port is set by inner header flow hash, such as gtpu, geneve, vxlan, vxlan-gbd Since flow hash of inner header is already been calculated, keeping it to vnet_buffere[b]->ip.flow_hash should save load-balance node work to select ECMP uplinks. Change-Id: I0e4e2b27178f4fcc5785e221d6d1f3e8747d0d59 Signed-off-by: Shawn Ji <xiaji@tethrnet.com>