| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Wait transitory timeout seconds before moving internal state of TCP
session to CLOSED state per RFC 7857. This patch implements this
functionality for endpoint-dependent NAT.
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I4491d831cd9edf63fae520a516cdbe590bac85db
|
|
This patch fixes 2 different crashes:
1) BN_bn2bin() returns bytes written, not actual key length. Use
BN_bn2binpad() instead which adds padding.
2) Initiator may receive multiple sa-init responses for the same ispi
which may result in crash. Remember first response and ignore any
subsequent ones.
Type: fix
Change-Id: Ia1eac9167e3100a6894c0563ee70bab04f6a5f4f
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Type: feature
Change-Id: Ibc65d739583dc11735f993f4c7e7ee6d3c8f5b0a
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Type: fix
Change-Id: I746b94f494d059d2db5f47638c9f4e6bc4eb4045
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Type: feature
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: If4dee6dba1ea942daa921d566b35cdecdda680ee
|
|
Change the CLI keyword from address to prefix in sr localsid command.
Type: feature
Signed-off-by: Tetsuya Murakami <tetsuya.mrk@gmail.com>
Change-Id: Icc3072404a106ab40e829d2d291e5c179a4443a8
Signed-off-by: Tetsuya Murakami <tetsuya.mrk@gmail.com>
|
|
Type: improvement
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I172d3d907f324d8cb21e73aa08ef66da029ed365
|
|
If buffer alloc fails, it may happend that rx queue will be stuck
as old code only refills if at least one packet is received.
Type: fix
Change-Id: I388c4f8a9fb2c208bdc222e31b443cbe6b94af82
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: fix
Change-Id: I021b1427362f4bdba1c0ebc9863c9143dd6b3cb7
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Before this patch, packet was dropped in ip4-input,
but ip4-map-t node dropped response due to
'security check failed'
This patch checkes if hop_limit==1 and sets error
and next frame and sends icmp6 response correctly
Type: fix
Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com>
Change-Id: I85a6af58205b05754ef8c45a94817bb84f915c85
|
|
Type: fix
Change-Id: I95d3f8431b468cefc8777526dd3b988a299f0687
Signed-off-by: MathiasRaoul <mathias.raoul@gmail.com>
|
|
Translation of ICMPv6 error messages to ICMP error messages fails
because the sender port is not set that leads to securtiy check
failure.
With this commit, during ICMPv6 error messages translation, get the
sender port value from the inner packet.
Type: fix
Change-Id: I1ee295a3685fab4837172edfb629a699f49afbee
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
|
|
Type: fix
Change-Id: Id20a0fe77372602fd211156ccee01c18d829d8df
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: style
Change-Id: Ie81eb7e3d872923daaa8ae8dad060a4da85349c5
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
|
|
Fix for the coverity issues.
Type: fix
Signed-off-by: Tetsuya Murakami <tetsuya.mrk@gmail.com>
Change-Id: I6bf8a874a9a94b9b7d62da047a401eda8a448567
Signed-off-by: Tetsuya Murakami <tetsuya.mrk@gmail.com>
|
|
Use consistent API types.
Type: fix
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Change-Id: I3c348ad2fca8bb3d9a246af7a2aa9dc9c33f57c3
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
|
|
Fix the following issue.
1. The localsid length was not stored in sr localsid structure.
2. SRv6 mobile test cases were modified based on the new sr localsid CLI syntax.
Type: fix
Signed-off-by: Tetsuya Murakami <tetsuya.mrk@gmail.com>
Change-Id: Ieb7620c35439e90a599802a7e0dba61a39707349
|
|
Support the following new features in srv6-mobile.
1. GTP4.DT
2. GTP6.DT
3. User Plane Message encoding based on draft-murakami-dmm-user-plane-message-encoding-01
4. Add SRv6 mobile test cases
Type: feature
Signed-off-by: Tetsuya Murakami <tetsuya.mrk@gmail.com>
Change-Id: I890e5171bf03513d54b4830f01b9dc7f47fe7c48
Signed-off-by: Tetsuya Murakami <tetsuya.mrk@gmail.com>
|
|
Show encap-vrf-id instead of fib-idx. When a tunnel is created, you
specify encap-vrf-id, hence it makes sense for the show command to
present it the same way. Fib index, on the other hand, is the internal
artifact of how IP tables are managed; showing it isn't helpful.
Type: improvement
Change-Id: I8d1713d6727dd8685d6c10c07f421c18edafa6e0
Signed-off-by: Nick Zavaritsky <nick.zavaritsky@emnify.com>
|
|
Type: fix
Change-Id: Ic6457da31846721e334f144f15d404575eeb73e5
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Type: feature
Change-Id: Ifee2b3dca85ea915067b9285e3636802bf0c19a8
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Type: improvement
Change-Id: I09b017d60bc38ff8a4a7a73aff42b27611bd8955
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: fix
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Change-Id: I73d27520726543d6375caad76a841339f68c3533
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
|
|
Type: improvement
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: Ia8dff15855a81cf29729bdaa3ff28fbe3254fa97
|
|
Type: feature
Adding a very simple test case just to confirm that setting fifo size
same as the current in-use size would result no space to enqueue, which
is zero-window in the TCP.
Signed-off-by: Ryujiro Shibuya <ryujiro.shibuya@owmobility.com>
Change-Id: I6d60449386eaa270f801d2046cc7e546f843bf34
|
|
Type: improvement
type re-use.
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: Ic2a2e6babf9ae66a1e53aec53a6cd157e1893dc8
|
|
Type: improvement
Change-Id: I7f28a3f03ab1ea8461c52743c61dc23a57965237
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Direct Verb allows for direct access to NIC HW rx/tx rings. This patch
introduce TX direct verb support for Mellanox ConnectX-4/5 adapters.
'dv' mode must be explicitely selected at interface creation to benefit
from this.
Type: feature
Change-Id: If830ba9f33db73299acdbddc68b5c09eaf6add98
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: feature
Change-Id: I3f287ab536a482c366ad7df47e1c04e640992ebc
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: refactor
Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
Change-Id: I7a952fd95e49468a0d1c763b3e289648c93539da
|
|
ICMP error messages are translated to ICMPv6 error messages with
erroneous destination address in the outer IPv6 header because sender
port is used instead of receiver port.
Both source and destination addresses in the inner IPv6 header are
translated erroneously because source and destination addresses of the
inner IPv4 header are getting zeroed during the translation.
With this commit, use receiver port for translation and save addresses
of the inner IPv4 header before translation of the inner header.
Type: fix
Change-Id: I1e93d54c1bbc154b401adcbb0fb661299655d01a
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
|
|
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I5ec761bfcdc13a8238b83ff46c2f1c53ec0e79d8
|
|
Type: refactor
Change-Id: I761fc764e6771dc95eb64614479c27fd44016690
Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
|
|
This fixes a bug in the initialization of handoff_out2in_index and
handoff_in2out_index where the node index for out2in was set to the
in2out node, and vice versa.
Type: fix
Signed-off-by: Elias Rudberg <elias.rudberg@bahnhof.net>
Change-Id: I983ddd3b3cec06f4cb3fb95b2a9cda4ab6d1270f
|
|
Fixes 4 coverity issues
Type: fix
Signed-off-by: Pablo Camarillo <pcamaril@cisco.com>
Change-Id: Ib3ef1df3e5d601d7751445ae1c9603bb6ce0f80c
|
|
Patch changes the behavior of session scavenging and fixes multiple
nat issues. Allows proper session clearing and removes issue with lingering sessions
in session db. Patch also updates and fixes CLI/API calls for better readability
of session state metrics. Fixes security issue that would allow attacker to
reuse timed out session in both directions (in2out/out2in).
Type: improvement
Signed-off-by: Filip Varga <fivarga@cisco.com>
Change-Id: I78897585a2a57291fad5db6d457941aa0a0457bd
|
|
Type: fix
fetch the sa_index from the correct location
Change-Id: I351035ee0226c47585995ff9122320fd5c73ec53
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Add a clib_time_t * argument to clib_timebase_init(...), to encourage
client code to share the vlib_main_t's clib_time_t object.
Display the current day / date in GMT via the "show time" debug CLI.
Fix the test framework so it processes the new "show time" output format.
Type: refactor
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I5e52d57eb164b7cdb6355362d520df6928491711
|
|
DPDK provides two new APIs to retrieve information about the Tx/Rx
packet burst mode:
rte_eth_tx_burst_mode_get
rte_eth_rx_burst_mode_get
This patch leverages these two APIs to describe the tx/rx mode.
Currently, Intel X710/E810 and Mellanox Mlx5 support the new APIs.
For NICs that don't support the new APIs, still use the original way
to print their tx/rx function name
Type: refactor
Signed-off-by: Chenmin Sun <chenmin.sun@intel.com>
Change-Id: Ibe47f5debe3b3f17f462fbf9834394e22845cc08
|
|
Type: fix
Fixes: 39e9428b90
VRRP unit tests fail sometimes for changes which have not touched any
code related to VRRP. There were some timing-related changes recently
which probably made the VRRP tests, which rely on a VR changing state
within a certain amount of time, start failing.
Set the VRRP tests to only run with the extended tests rather than
running by default. This is temporary so VRRP will not cause spurious
build failures while a proper solution is figured out.
Change-Id: I5826ea39b944dfb9b0ca4bdfa2ebbe86d269f935
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
|
|
Type: fix
Change-Id: I2c89accddf2307fa975b71e974d4091499f104ed
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Implements the uN behavior
Type: feature
Change-Id: Icb5efc560e09052cd183b468772cf7f799f81194
Signed-off-by: pcamaril <pcamaril@cisco.com>
|
|
Type: refactor
Signed-off-by: Filip Varga <fivarga@cisco.com>
Change-Id: I81546423200cc7f8a06b527dac8ead191a9e0519
|
|
Type: fix
Ticket: VPP-1837
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I357eb72d478d8175ab9c7cf502d312ab3112213e
|
|
Type: refactor
Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
Change-Id: Ic34729d58a4218046afacaffc765649beb056a24
|
|
Type: improvement
Change-Id: I6bad46403c07b211dfda7229aed1b5e19342865f
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Type: improvement
Change-Id: Id8fc6750e856862157917587234a6b7b03531b13
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Use consistent API types.
Type: fix
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Change-Id: Ib752a3425c076eb53bc5255a48039cbb74b1fcce
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
|
|
type should be used to get ICMP type instead of code.
Type: fix
Signed-off-by: Vladimir Isaev <visaev@netgate.com>
Change-Id: Iabf4ae38befde18309caff8efd9e1d956a2fde82
|
|
Add new flow type IP4_N_TUPLE_TAGGED and IP6_N_TUPLE_TAGGED
for vlan tag sensitive flows
The original IP4_N_TUPLE and IP6_N_TUPLE will not match VLAN anymore
Type: feature
Signed-off-by: Chenmin Sun <chenmin.sun@intel.com>
Change-Id: Ie511e9a64126440fe81f29665a56ca060061662d
|
Klement Sekera
Filip Tehlar
Florin Coras
Tetsuya Murakami
Neale Ranns
Damjan Marion
Vladimir Ratnikov
MathiasRaoul
Alexander Chernavin
Vratko Polak
Jakub Grajciar
Nick Zavaritsky
Benoît Ganne
Ryujiro Shibuya
Simon Zhang
Elias Rudberg
Pablo Camarillo
Filip Varga
Dave Barach
Chenmin Sun
Matthew Smith
Vladimir Isaev