summaryrefslogtreecommitdiffstats
path: root/src/plugins
AgeCommit message (Collapse)AuthorFilesLines
2019-05-28nat44: make nat44-ed-hairpin-src follow arcMatthew Smith1-1/+1
It defaults to using interface-output as the next node. If other output features are enabled on the ip4-output arc, they get skipped. That makes me sad. Change-Id: I3f4d3320fb8092918e1e0663c66baca1c74c26ec Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2019-05-27unittest: fix test crypto perf for AEAD algosDamjan Marion1-2/+3
Change-Id: I055014ff0bc7f6d32d59eaf3511ecb91e268d49b Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-05-27dpdk: vlan strip config does not take effect in default deviceChenmin Sun1-0/+6
copy vlan strip config from default device Change-Id: I4ad1c159bad964fd1900b5ae4960b7014dd9f9b1 Signed-off-by: Chenmin Sun <chenmin.sun@intel.com>
2019-05-27dpdk: fix rss configuration error issueChenmin Sun1-7/+5
Reorder foreach_dpdk_rss_hf to fix rss configuration error issue. Change-Id: Idec45534cd7dfe810b25584b1b27ac52b1c45110 Signed-off-by: Chenmin Sun <chenmin.sun@intel.com>
2019-05-24udp-ping: disable due to conflict with mldv2Florin Coras1-2/+4
Change-Id: I9e6a0fb583b0b6dd9b5e16aa9169bdf7b99a7664 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-05-24Add callback multiplex supportDave Barach1-15/+47
Change-Id: Iddeb3a1b0e20706e72ec8f74dabc60b342f003ba Signed-off-by: Dave Barach <dave@barachs.net>
2019-05-24rdma: add support for promiscuous modeBenoît Ganne2-71/+145
rdma interfaces filter packets per MAC by default to share the physical interface between multiple users (eg. VPP and Linux). When configured in promiscuous mode, all packets will go to this interface, regardless of the MAC. All other interface will not receive anymore packet while it is in promiscuous mode. Promiscuous mode is needed (and automatically turned on) for L2 path (l2patch, xconnect, bridge...). Change-Id: I4c0eb4421f51d116e635e7828d00f202f4a97ded Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-05-23fix rte_eth_dev_info’ has no member named ‘pci_dev’ when run ↵cohu1-5/+9
show_dpdk_hqos_queue_stats Change-Id: Ic1a900e0fb85ee016af21535764dfca2e6282194 Signed-off-by: cohu <cong.hu@tieto.com>
2019-05-23crypto_ia32: multiarchDamjan Marion5-58/+70
Change-Id: Iead43a2b524b735a2069e611d899cd41d3a8efdc Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-05-23Fix vpp crash bug while deleting dhcp clientjackiechen19851-0/+1
We must do lock fib while vrf id ~0, otherwise it crashes while unlocking fib. Change-Id: Iec9754ccd67634a132bc5384a4f796d4a65943ae Signed-off-by: jackiechen1985 <xiaobo.chen@tieto.com>
2019-05-23fix show session verbose crash with quic transportDave Wallace1-2/+48
Type: fix Change-Id: I8199c233f6968ac147fb1867a4f10ef04d67642f Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2019-05-22gtpu: don't register udp ports unless a tunnel is createdJakub Grajciar1-5/+11
Change-Id: I2945c2a2062ee5eda78f783c55cf16c2d60f959c Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
2019-05-22Fix Diffie-Hellman exchange with newer openssl APIChristian E. Hopps1-21/+16
Change-Id: Id42a597c130d0053d074446e552a81c7264549e7 Signed-off-by: Christian E. Hopps <chopps@chopps.org>
2019-05-21docs: add quic subpage to user docsVratko Polak1-1/+1
+ Sort subpage list. + Fix copypaste error in quic doc label. Change-Id: Id8bdb4ad0d744f9886db3631ddad0e29bbb3c938 Signed-off-by: Vratko Polak <vrpolak@cisco.com>
2019-05-21vmxnet3: gso_l4_hdr_sz is not set correctlySteven Luong1-16/+24
vnet_buffer2 -> gso_l4_hdr_sz is not set correctly because vnet_buffer->l4_hdr_offset is not set yet at the top. Move the code to set vnet_buffer->gso_l4_hdr_sz further down. Change-Id: I0110e4687572bb93cb593d7d4d14a3d5083af13a Signed-off-by: Steven Luong <sluong@cisco.com>
2019-05-21QUIC: Add initial documentationAloys Augustin1-0/+38
Change-Id: Ic00f8827f572e13b07d55c6c2f10fb6cdebf7e72 Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
2019-05-20openssl plugin 3des routine iv_len fixVladimir Ratnikov1-1/+7
Since 3DES has 8 bytes of initialization vector and code contains hardcode for 16 bytes, check added to determine if crypto algorythm is 3DES_CBC and set corresponding iv_len param Change-Id: Iac50c8a8241e321e3b4d576c88f2496852bd905c Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com>
2019-05-17Fix punctuation fails in 2x pluginsDave Barach2-2/+2
More to the point: fix the Python API binding for the plugins. The http_static and ct6 plugin setup_message_id_table calls didn't have "_"'s between message names and CRCs. I would have expected this to originate in the emacs skeleton, but the skeleton is correct. Punctuation saves lives: "Let's eat Grandma..." != "Let's eat, Grandma..." More or less. Change-Id: Icd87813308701d203cf6f147b2bb90d39d51ddeb Signed-off-by: Dave Barach <dave@barachs.net>
2019-05-17dpdk-ipsec: fix encrypt/decrypt single queueSergio Gonzalez Monroy6-39/+58
When the same worker thread processes packet for encrypt and decrypt, ie. single worker with bi-directional traffic, given that the queue is shared results in packets to be decrypted being dropped as the encrypt always happens first for each main loop. With this change, each crypto device queue is logically split into two queues, each half the real size, avoiding the described problem. Change-Id: Ifd3f15e316c92fbd6ca05802456b10a7f73f85da Signed-off-by: Sergio Gonzalez Monroy <sgmonroy@gmail.com>
2019-05-16init / exit function orderingDave Barach30-192/+194
The vlib init function subsystem now supports a mix of procedural and formally-specified ordering constraints. We should eliminate procedural knowledge wherever possible. The following schemes are *roughly* equivalent: static clib_error_t *init_runs_first (vlib_main_t *vm) { clib_error_t *error; ... do some stuff... if ((error = vlib_call_init_function (init_runs_next))) return error; ... } VLIB_INIT_FUNCTION (init_runs_first); and static clib_error_t *init_runs_first (vlib_main_t *vm) { ... do some stuff... } VLIB_INIT_FUNCTION (init_runs_first) = { .runs_before = VLIB_INITS("init_runs_next"), }; The first form will [most likely] call "init_runs_next" on the spot. The second form means that "init_runs_first" runs before "init_runs_next," possibly much earlier in the sequence. Please DO NOT construct sets of init functions where A before B actually means A *right before* B. It's not necessary - simply combine A and B - and it leads to hugely annoying debugging exercises when trying to switch from ad-hoc procedural ordering constraints to formal ordering constraints. Change-Id: I5e4353503bf43b4acb11a45fb33c79a5ade8426c Signed-off-by: Dave Barach <dave@barachs.net>
2019-05-16Add default value for API Nat flagsMichal Cmarada1-0/+1
Change-Id: I4f1b83ae1c746b8f67f2d12a02081702b9553b44 Signed-off-by: Michal Cmarada <mcmarada@cisco.com>
2019-05-15Add QUIC human readable error logsNathan Skrzypczak1-7/+56
Change-Id: I01cf5074b5a8b0018de5c3f59c9266d350c22f37 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2019-05-15Remove unused function nat44_ha_resync() and error IN_PROGRESS.Jon Loeliger1-38/+0
The unused function nat44_ha_resync() was the only function that used the error message VNET_API_ERROR_IN_PROGRESS. The error was the only error code that was positive, and didn't really play well with the other error codes. Change-Id: I7d03c2ee915094b635f6efdca7427f71e4d19f2b Signed-off-by: Jon Loeliger <jdl@netgate.com>
2019-05-14QUIC multi thread updateAloys Augustin2-253/+299
* Add support for multiple threads * Replace quicly buffers with fifos * Fix cleanup of sessions * Update quicly release version Change-Id: I551f936bbec05a15703f043ee85c8e1ba0ab9723 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2019-05-14svm: improve fifo segment prealloc supportFlorin Coras1-1/+114
- track fifo segment free and chunk freelist memory - improve fifo alloc. If there are enough chunks to satisfy a fifo allocation request but not enough free memory, allocate a multi-chunk fifo - add apis to preallocate chunks and fifo headers - more tests Change-Id: If18dba7ab856272c9f565d36ac36365139793e0b Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-05-14IPSEC: remove unecessary pass by reference of sequence numberNeale Ranns1-1/+1
Change-Id: Id406eb8c69a89c57305d8f138e8e6730037aa799 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-05-14IPsec: increment tunnel intf tx countersMatthew Smith1-0/+9
Recent changes removed the function that was incrementing the tx counters. Increment them in the esp_encrypt functions. Change-Id: I446333a23ccf66e34893adb2aa49af562cf35507 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2019-05-14rdma: update MAINTAINERS and add docBenoît Ganne1-0/+51
Change-Id: Ida681d299fd57eba66338444b99d2476bdb3c695 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-05-10Fix typo in nat44_cli.c:nat_ha_failover_command_fn.Paul Vinciguerra1-3/+3
Change-Id: Icdf531b3c688c4da6be732ff178316e3757aebb5 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-05-09add mactime plugin unit / code coverage testsDave Barach3-5/+184
The unit and code coverage tests are boring. The rest of the patch involves test and packet-generator infra cleanups. Teach the "make test-xxx" family of targets to set the api test plugin path correctly, to make "binary-api <api-message-name> <args>" debug CLI commands work correctly in the "make test" environment. Unfortunately involves both the top-level and test Makefiles. Add a minor pg cli feature, a CLI to manually set s->sw_if_index[VLIB_TX]. Consider the case where one configures an interface with both a device-input and an output feature. To test the output feature using the pg, it's necessary to inject packets into the interface output node with both b->sw_if_index[VLIB_TX] and b->sw_if_index[VLIB_RX] set correctly. For example: packet-generator new { name tx limit 15 size 128-128 interface local0 # rx: device input feature not configured on local0 tx-interface loop0 # tx: output node requires b->sw_if_index[VLIB_TX] node loop0-output data { hex 0x01005e7ffffa000dead0000008000102030405060708090a0b0c0d0e0f0102030405 } } Fix a longstanding bug in the packet generator stream setup. Remove kludges which set b->sw_if_index[VLIB_TX] to ~0 [in multiple places] instead of using the stream value s->sw_if_index[VLIB_TX], and setting THAT datum correctly. Change-Id: I1097a18e8db73661ded6b822c1d718f7e5cf36ed Signed-off-by: Dave Barach <dave@barachs.net>
2019-05-09dpdk: fix return variable sizeZhiyong Yang1-2/+2
The function dpdk_ol_flags_extract should return u16 instead of u8. Change-Id: Id0b08b04c93598818f9a2eee5a88733900320dfa Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
2019-05-09NAT: VPP-1665 coverity scan issue fixFilip Varga1-2/+9
Change-Id: I092a9f8237a895f907590772f2ea213a86502fb4 Signed-off-by: Filip Varga <fivarga@cisco.com>
2019-05-08session: send tx events when data is dequeuedFlorin Coras1-0/+3
Change-Id: Ib8cb19361c42e38e3f68d7147358378fff161eb1 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-05-07svm: decouple fifo and default chunk allocationFlorin Coras1-13/+29
Default chunk is no longer embedded into the fifo and on free is returned to its respective chunk list. Change-Id: Ifc5d214eaa6eca44356eb79dd75650fb8569113f Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-05-07Add bihash statistics hookDave Barach1-1/+67
Example / unit-test in .../src/plugins/unittest/bihash_test.c Change-Id: I23fd0ba742d65291667a755965aee1a3d3477ca2 Signed-off-by: Dave Barach <dave@barachs.net>
2019-05-07ipsec-mb: fix the "make test" on non-AESNI platformsAndrew Yourtchenko1-0/+3
"make test" fails with invalid instruction on non-AESNI platform, so do not register the ipsec-mb crypto backend in this case. Change-Id: I61887e40ce3d39880e7da534b9dee00fd677d8fd Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2019-05-06Remove target option when IPSecMB disabledNathan Skrzypczak1-2/+1
Change-Id: I2313932bdc41a4702585aa338f22df3f6e4e23d7 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2019-05-06Add QUIC multistream supportNathan Skrzypczak2-290/+696
Change-Id: I9dc746b8c62c3e7ee2f65e34a1a1dca243ed4bd9 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2019-05-06NAT64: Fix port byte order in nat64_free_out_addr_and_portFaicker Mo1-1/+1
Change-Id: Idc050e469a5b697ca5587ddd4e87ac2d48d15658 Signed-off-by: Faicker Mo <faicker.mo@ucloud.cn>
2019-05-06NAT66:assgin a error value for clib_bihash_kv_48_8_t kvlijianpeng1-2/+3
Change-Id: Iac0c8218abc8d144d93a955e948a48a732b63107 Signed-off-by: lijianpeng <li.jianpeng@zte.com.cn>
2019-05-03session/svm: apis for fifo shrinkingFlorin Coras1-0/+75
Change-Id: Ie519683bb90aae6fb95f2a09e251cded1890ed41 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-05-03svm: basic support for fifo shrinkingFlorin Coras1-0/+400
As opposed to growing, this is not a bulk operation, instead dependent on how the producer/consumer advance head and tail, the fifo will shrink in one or multiple steps. Only once the fifo's nitems and size are reduced to their appropriate values, equal or larger to what was requested, can the fifo chunks be collected by the owner. Chunk collection must be done with the segment heap pushed. Change-Id: Iae407ccf48d85320aa3c1e0304df56c5972c88c1 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-05-03svm: store normalized head/tail for fifoFlorin Coras1-2/+7
If head/tail are stored as "absolute" values that are normalized to [0, fifo_size] interval, when fifo is shrunk/grown the consumer and producer have to independently update to the new fifo size and fix head and tail, respectively. If the head and tail are stored as normalized values, under the right conditions, they don't need to be fixed when fifo size changes. This reverts one of the changes in gerrit 18223. Change-Id: I55a908828afe90925cf7c20186a940b25e5805f9 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-05-03plugins: clean up plugin descriptionsDave Wallace37-36/+37
- Make plugin descriptions more consistent so the output of "show plugin" can be used in the wiki. Change-Id: I4c6feb11e7dcc5a4cf0848eed37f1d3b035c7dda Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2019-05-01Add node, frame to vlib main loop perf analysis callback argumentsDave Barach1-1/+3
Change-Id: Iaa5cd89791b0dfdb56a75009c564581d10696d83 Signed-off-by: Dave Barach <dave@barachs.net>
2019-04-30svm: more fifo refactor/cleanupFlorin Coras4-91/+91
Change-Id: Ie76c69641c8598164d0d00fd498018037258fd86 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-04-27svm: fix fifo tail/head/ooo logic for u32 wrapFlorin Coras1-12/+279
These were introduced with the switch to unbound tail/head size, so they only affect master. Added unit tests to avoid future surprises. Change-Id: I83b6c9efbe31d8092ba59b8e2ed46f4da97f35db Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-04-26crypto, ipsec: change GCM IV handlingDamjan Marion2-54/+17
- nonce construction out of salt and iv is ipsec specific so it should be handled in ipsec code - fixes GCM unit tests - GCM IV is constructed out of simple counter, per RFC4106 section 3.1 Change-Id: Ib7712cc9612830daa737f5171d8384f1d361bb61 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-04-26nat: fix ED mode unknown proto session managementMatthew Smith3-8/+24
In endpoint dependent mode, when a session at the head of a user LRU is reused, if the IP protocol for that session was unknown (any other than tcp, udp, or icmp), the attempt to delete the session mapping from the in2out bihash was not using the same key that was used when the mapping was added. This would cause the deletion of the mapping to fail. If packets arrive later which match the original session, the search for the session key would succeed when it should have failed and the session, which is now associated with a different pair of endpoints, may end up being updated when it should not be. Update the key generation when reallocating an existing session to do the right thing if the session is for an unknown protocol. Also update format_nat_session() for unknown protocols so that 'vppctl show nat44 session detail' will display the protocol correctly. In endpoint dependent mode, the IP protocol is stored in the port field on a session if the protocol is unknown. The value is stored in host byte order, but the format function was swapping the bytes before writing the protocol. Change-Id: I9e8daadd4569cb2610532dab4e4f41d1567cf3d1 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2019-04-26nat: prevent creation when-resolved static mappings on errorsAlexander Chernavin1-1/+1
When you create two identical NAT44 static mappings using interface name as external address and only local or ext port is different, VALUE_EXIST will be raised but when-resolved static mapping will remain. vpp# nat44 add static mapping tcp local 10.128.0.129 443 external GigabitEthernet0/8/0 8443 vpp# nat44 add static mapping tcp local 10.128.0.129 80 external GigabitEthernet0/8/0 8443 nat44 add static mapping: Mapping already exist. vpp# show nat44 static mappings NAT44 static mappings: tcp local 10.128.0.129:443 external 2.2.2.2:8443 vrf 0 tcp local 10.128.0.129:443 external GigabitEthernet0/8/0:8443 vrf -1 tcp local 10.128.0.129:80 external GigabitEthernet0/8/0:8443 vrf -1 With this commit, when-resolved static mapping is not created if the translation only differs in local or ext port. Change-Id: Ifc960b9dc1371caa2a8d3206a80a0ffd10d293e4 Signed-off-by: Alexander Chernavin <achernavin@netgate.com>