summaryrefslogtreecommitdiffstats
path: root/src/scripts
AgeCommit message (Collapse)AuthorFilesLines
2019-05-31tools: FEATURE.yaml meta-data infrastructureOle Troan1-0/+131
Add tooling for feature metadata configuration files. The main tool is in src/scripts/fts.py make checkfeaturelist to validate against schema. make featurelist to dump all feature lists to stdout. Example feature definition: name: IP in IP tunnelling maintainer: Ole Troan <ot@cisco.com> features: - IPv4/IPv6 over IPv4/IPv6 encapsulation: - Fragmentation and Reassembly - Configurable MTU - Inner to outer Traffic Class / TOS copy - Configurable Traffic Class / TOS - ICMPv4 / ICMPv6 proxying - 6RD (RFC5969): - Border Relay description: "Implements IP{v4,v6} over IP{v4,v6} tunnelling as described in RFC2473. This module also implement the border relay of 6RD (RFC5969)." state: production properties: [API, CLI, STATS, MULTITHREAD] missing: - Tunnel PMTUD - Tracking of FIB state for tunnel state - IPv6 extension headers (Tunnel encapsulation limit option) JSON schema is embedded in fts.py Example markdown: https://github.com/otroan/scratch/blob/master/features.md Change-Id: I903b4ee6b316a9378c259e86dc937092e5d4b7da Type: make Signed-off-by: Ole Troan <ot@cisco.com>
2019-04-30crypto: enforce per-alg crypto key lengthBenoît Ganne1-2/+2
Crypto algorithms have different requirements on key length. As we do not support key stretching (eg. PBKDF2), user must provide the exact key length used by the algorithm. Failing that means low-level crypto functions might read garbage (eg. aes128_key_expand() will read 16-bytes, regardless of the key provided by the user). Change-Id: I347a1ea7a59720a1ed07ceaad8b00a31f78458c9 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-03-26Convert GRE nodes to new buffer APIs and multiarchBenoît Ganne2-0/+124
Change-Id: I3b3c8333287bb704ac7b0bbc81b3dbb059e8d2ac Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-03-26Simplify adjacency rewrite codeBenoît Ganne1-0/+67
Using memcpy instead of complex specific copy logic. This simplify the implementation and also improve perf slightly. Also move adjacency data from tail to head of buffer, which improves cache locality (header and data share the same cacheline) Finally, fix VxLAN which used to workaround vnet_rewrite logic. Change-Id: I770ddad9846f7ee505aa99ad417e6a61d5cbbefa Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-03-04IPSEC: script to bounce IPSEC traffic through a pipe to test encrypt and decrpytNeale Ranns1-0/+66
Change-Id: I262a9412951b5df616920a8fad16c61eae96d0cc Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-02-20pg: remove no-recycle optionDamjan Marion39-77/+0
Change-Id: Ic47bde2d08b2719b5c6c87cb2e9a8af0d2160e6e Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-01-29cmake: fix out-of-git-tree buildDamjan Marion1-1/+1
Change-Id: Ib94637ec09799c23f3179599b54a2be6e2768425 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-01-20Rework of debian packagingDamjan Marion1-0/+37
Change-Id: Ifede85d3af36f3ee6c6f8f92dcf5db0ed8f1bfeb Signed-off-by: Damjan Marion <damarion@cisco.com> Signed-off-by: Dave Barach <dave@barachs.net>
2018-08-17CMake as an alternative to autotools (experimental)Damjan Marion1-0/+28
Change-Id: Ibc59323e849810531dd0963e85493efad3b86857 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-06-15NAT44: endpoint dependent mode (VPP-1273)Matus Fabian2-1/+49
To enable NAT plugin endpoint dependent mode add following to statrup config: nat { endpoint-dependent } Enable endpoint dependent filtering and mapping for all sessions. Move some existing functionality such as service load balancing, twice nat, out2in-only static mappings and unknown protocol dynamic translations, which use endpoint dependent lookup hash tables before. Basically split to vanilla NAT44 and extra features NAT44. Change-Id: I3925eb5ddcc8f1ec4cf6af4e2a618a7ec7aa9735 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-03-12License text cleanupDave Barach1-0/+13
Change-Id: I105375c653b1a1dce8f0f71005b281ff137c6f42 Signed-off-by: Dave Barach <dave@barachs.net>
2017-12-13NAT64: multi-thread support (VPP-891)Matus Fabian2-0/+86
Change-Id: Iebf859b6d86482e4465423bad598eecf87e53ec4 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-10-30Remove old Python vppctl scriptChris Luke1-134/+0
- The binary API method for executing commands was superceded by the unix-socket CLI approach used by the C vppctl utility. The API call it makes will soon be deprecated. - This Python vppctl script was still being copied to the install directory, and then later overwritten by the binary vppctl. Change-Id: I0a4b09b7c733049d0545b4c83b9ac5ac499a7300 Signed-off-by: Chris Luke <chrisy@flirble.org>
2017-10-16udp: refactor udp codeFlorin Coras2-25/+72
Change-Id: I44d5c9df7c49b8d4d5677c6d319033b2da3e6b80 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-08-23NAT: Rename snat plugin to nat (VPP-955)Matus Fabian4-10/+10
Change-Id: I30a7e3da7a4efc6038a91e27b48045d4b07e2764 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-08-04SNAT: fix address and port allocation for multiple worker threads (VPP-925)Matus Fabian1-5/+12
There is a chance to allocate the same outside address and port. Assign a block of port numbers to each worker. Change-Id: I6ef7dc0aab4834705f4e6097c362940d18d747e8 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-05-09Add support for tcp/session buffer chainsFlorin Coras1-2/+17
Change-Id: I01c6e3dc3a1b2785df37bb66b19c4b5cbb8f3211 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-05-05First commit SR MPLSPablo Camarillo7-118/+11
Change-Id: I961685a2a0e4c314049444c64eb6ccf877c278dd Signed-off-by: Pablo Camarillo <pcamaril@cisco.com>
2017-04-19Fix "make dist" to include version number, docouple it from rpm packagingDamjan Marion1-8/+4
Change-Id: If2f9976d668089026c97b897cf449bff09050631 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-04-13Session layer refactoringFlorin Coras1-1/+2
Major refactoring of the session layer api - Add attatch api for application binding to the the session layer - Simplify listen/connect calls - Update application CLI - Add transport endpoint to accept callback - Associate segment manager to application and allow for multiple binds/connects per app Additional: - svm fifo cleanup - add fifo free, format fns - add fifo offset enqueue unit test Change-Id: Id93a65047de61afc2bf3d58c9b544339c02065af Signed-off-by: Florin Coras <fcoras@cisco.com> Signed-off-by: Dave Barach <dave@barachs.net>
2017-03-13VPP-659 Improve tcp/session debugging and testingFlorin Coras1-0/+4
- event-logging support for tcp and session layer - improvements to uri test code - builtin_server on port 1234 - use the CLOSEWAIT timer when we rx FIN in FIN_WAIT_2 state Change-Id: Ibc445f164b2086b20323bf89c77cffd3059f570f Signed-off-by: Florin Coras <fcoras@cisco.com> Signed-off-by: Dave Barach <dbarach@cisco.com> Signed-off-by: Dave Barach <dave@barachs.net>
2017-03-10VPP-659 TCP improvementsFlorin Coras3-3/+28
- builtin test echo server - fix SYN-ACK retransmit canceling - avoid sending spurious ACK if in LAST_ACK - improved client dummy test app - renamed tx fifo dequeuing and sending functions to avoid confusion - improved RST handling Change-Id: Ia14aad3df319540dcf6e6a4e18a9f8d423a4b83b Signed-off-by: Florin Coras <fcoras@cisco.com> Signed-off-by: Dave Barach <dave@barachs.net>
2017-03-07DHCP Multiple Servers (VPP-602, VPP-605)Neale Ranns1-1/+2
Multiple DHCP (4 and/or 6) servers can be added and removed through multiple calls to the 'set dhcp server' API. All 4/6/ discover/solicit messages will then be replicated to all servers in the list. The expectation is that the servers/system is configured in such a way that this is viable. If VSS information is providied for the clinet VRF which also has multiple servers configured, then the same VSS information is sent to each server. Likewise the source address of packets sent to from VPP to each server is the same. Change-Id: I3287cb084c84b3f612b78bc69cfcb5b9c1f8934d Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-03-07CGN: Deterministic NAT (VPP-623)Matus Fabian1-0/+108
Inside user is statically mapped to a set of outside ports. Support endpoint dependent mapping to deal with overloading of the outside ports. Change-Id: I8014438744597a976f8ae459283e8b91f63b7f72 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-03-04Cleanup URI code and TCP bugfixingFlorin Coras2-0/+66
- Add CLI/API to enable session layer, by default it's disabled - Improve rcv wnd computation - Improvements to tx path - URI code cleanup - Builtin test tcp server - Improve src port allocation Change-Id: I2ace498e76a0771d4c31a8075cc14fe33d7dfa38 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-03-01VPP-598: tcp stack initial commitDave Barach5-8/+91
Change-Id: I49e5ce0aae6e4ff634024387ceaf7dbc432a0351 Signed-off-by: Dave Barach <dave@barachs.net> Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-02-28vlib: add buffer cloning supportDamjan Marion1-8/+11
Change-Id: I50070611af15b2b4cc29664a8bee4f821ac3c835 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-02-21dhcp: multiple additionsNeale Ranns1-0/+21
DHCP additions: 1) DHCPv4 will only relay a message back to the client, if the Option82 information is present. So make this the default. 2) It is no longer possible to select via the API to "insert circuit ID" - since this is now default 3) Remove the version 2 API since it's now the same as version 1. 4) Adding the VSS option is now conditional only on the presence of VSS config (not the 'insert' option in the set API) 5) DHCP proxy dump via API Change-Id: Ia7271ba8c1d4dbf34a02c401d268ccfbb1b74f17 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-02-02Fix SR multicast post mfib commitNeale Ranns1-0/+58
1 - use the SR policy to construct the replicate DPO. Each bucket therein is a SR tunnel. 2 - install a special mfib entry that links via this replicate 3 - forwarding is now mfib-lookup -> replicate -> sr_rewrite (per-tunnel) no need for a separate sr_replicate node. 4 - Stack the sr tunnel on the forwarding DPO of the first-hop FIB entry. no need for a second lookup post SR encap. 5 - fix some path-list lock leaks in the MFIB entry. Change-Id: I20de96ea4c4be4fae252625bde159d9c435c8315 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-01-27IP Multicast FIB (mfib)Neale Ranns1-0/+22
- IPv[46] mfib tables with support for (*,G/m), (*,G) and (S,G) exact and longest prefix match - Replication represented via a new replicate DPO. - RPF configuration and data-plane checking - data-plane signals sent to listening control planes. The functions of multicast forwarding entries differ from their unicast conterparts, so we introduce a new mfib_table_t and mfib_entry_t objects. However, we re-use the fib_path_list to resolve and build the entry's output list. the fib_path_list provides the service to construct a replicate DPO for multicast. 'make tests' is added to with two new suites; TEST=mfib, this is invocation of the CLI command 'test mfib' which deals with many path add/remove, flag set/unset scenarios, TEST=ip-mcast, data-plane forwarding tests. Updated applications to use the new MIFB functions; - IPv6 NS/RA. - DHCPv6 unit tests for these are undated accordingly. Change-Id: I49ec37b01f1b170335a5697541c8fd30e6d3a961 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-01-27Add multi-vpp support back into pythonic vppctlEd Warnicke1-7/+20
Back when vppctl was a shell script, you could use -p or --prefix to set the chroot prefix to drive multiple vpp instances. This patch adds that capability back. Change-Id: Iaa70a20eff13e8d7e206fcceadb7e5d06afa3fc5 Signed-off-by: Ed Warnicke <hagbard@gmail.com>
2017-01-25[re]Enable per-Adjacency/neighbour countersNeale Ranns1-2/+16
Change-Id: I953b3888bbc6d8a5f53f684a5edc8742b382f323 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-01-21Fix issue in rpm versioning for release buildsDamjan Marion1-1/+1
Change-Id: I562f93017ee90b0828d36624dca694c04e332a74 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-01-13vppctl: new bash completion for vppctl commandsPadraig Connolly1-0/+30
Bash completion for vppctl *vppctl_completion uses generated list vppctl-cmd-list to provide bash completion *List of commands generated using grep, then moved by vpp packaging *Once vpp package installed restart bash to use Change-Id: I3b25e55a432c395af421231cf7c37c2e243fee61 Signed-off-by: Padraig Connolly <padraig.connolly@intel.com>
2017-01-10Revert "vppctl: bash completion for vppctl commands"Damjan Marion1-30/+0
This patch is causing build failures This reverts commit d995c757f05f78aa759b0a65c0a7e38088e690a9. Change-Id: I0c8d5a4208135d77aaa3a6a470d26140f7b74733 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-01-09vppctl: bash completion for vppctl commandsPadraig Connolly1-0/+30
Added bash completion that will include all commands from build time *Script takes list of commands generated by doxygen-siphon-list *Configured doxygen-siphon makefile to generate just cli commands *List of cli commands put in /usr/share/vpp *Stopped siphon using doxygen bootstrap, uses main bootstrap instead *Added rpm/deb check for installation of packages, separate from bootstrap *NOTE: Once you have installed the vpp .deb/.rpm package you will have to restart bash Change-Id: Ie503e80d5177481f6e7dbe59378f2e0d76f29152 Signed-off-by: Padraig Connolly <padraig.connolly@intel.com>
2017-01-03fix version.h generation for out-of-tree buildsDamjan Marion1-0/+54
Change-Id: Ic882f5aec74858a36533ed8cd61a7726947dceef Signed-off-by: Damjan Marion <damarion@cisco.com>
2016-12-28Reorganize source tree to use single autotools instanceDamjan Marion78-0/+3766
Change-Id: I7b51f88292e057c6443b12224486f2d0c9f8ae23 Signed-off-by: Damjan Marion <damarion@cisco.com>