Age | Commit message (Collapse) | Author | Files | Lines |
|
The BFD delayed auth change test was failing intermittently within CI.
Debugging has shown it depends on the initial random seed, e.g. the below
will consistently fail:
RND_SEED=1643734669.7126195 TEST='bfd.BFDAuthOnOffTestCase.test_auth_change_key_delayed'
Same thing will happen with:
RND_SEED=1643736595.1363552
RND_SEED=1643722239.8224792
The analysis of the behavior shown that the function that is doing the hash verification,
modifies the content of the packet for the purposes of hash computation.
In case of the auth rollover, this function may be called twice - resulting in the second
comparison to be made with a bogus packet data, thus failing the check and the test.
The above values of random seed are the ones where the test makes it
to the point of this double comparison.
The solution is to restore the data within the packet after the check from the array
where we have copied it into before modifying the packet.
Change-Id: Ibb09beb4b1230032db04527bbf38fa335651866b
Type: fix
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Type: improvement
Change-Id: I31cae2367e2ec7fc89991ca0df994a73da93aaed
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: fix
Currently, auth activation CLI command
"bfd upd session auth activate ... conf-key-id <cki> bfd-key-id <bki>"
allows to change both key-ids to new values at once.
But if only bfd-key-id should be corrected, e.g. as a result of mistyping,
we can't do that in a single operation, and have to deactivate auth first
and then reactivate it with a correctly entered pair of ids.
Currently, backend's bfd_auth_activate() function returns immediately,
with no action, if it finds that submitted conf-key-id matches the
current record. No check on bfd-key-id value is made.
With this fix, bfd_auth_activate() checks if session's bfd-key-id has to
be changed to a new value, and if so, it updates and logs appropriately.
Change-Id: I3b915a936cb1721707860bb503f70e7dd29e0ddd
Signed-off-by: Alexander Skorichenko <askorichenko@netgate.com>
|
|
Type: fix
Currently, the change in desired_min_tx value initiated locally
doesn't result in actual update of the transmission interval.
bfd_session_t structure has two fields for each of protocol's
local time parameters
desired_min_tx, required_min_rx
In a case of a parameter update,
"config_" prefixed fields store new values sent to remote
bs.config_desired_min_tx_nsec,
bs.config_required_min_rx_nsec
Those prefixed "effective_", keep old values, still in charge,
until new ones are being negotiated between peers:
bs.effective_desired_min_tx_nsec,
bs.effective_required_min_rx_nsec
Currently, upon termination of the Poll Sequence (negotiation) only
bfd_set_effective_required_min_rx()
is called to update effective RX value. TX value remains unchanged.
With this fix, add a call to
bfd_set_effective_desired_min_tx()
to set new, acknowledged TX value in effect.
Signed-off-by: Alexander Skorichenko <askorichenko@netgate.com>
Change-Id: I80b6746533839c9572598f1ad9dabb33e621a525
|
|
Type: improvement
Change-Id: I873a99c1258a97ed5ed195b9756e8302f865e7f0
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
trajectory trace has been broken for a while because we used to save the
buffer trajectory in a vector pointed to in opaque2. This does not work
well when opaque2 is copied (eg. because of a clone) as 2 buffers end up
sharing the same vector.
This dedicates a full cacheline in the buffer metadata instead when
trajectory is compiled in. No dynamic allocation, no sharing, no tears.
Type: refactor
Change-Id: I6a028ca1b48d38f393a36979e5e452c2dd48ad3f
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
If VPP is started in interactive mode, instead of sending logs to syslog
server we print them directly to stderr.
Output is colorized, but that can be turned off with unix { nocolor }
Type: improvement
Change-Id: I9a0f0803e4cba2849a6efa0b6a86b9614ed33ced
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Thanks to Martin Sustrik for spotting the bug introduced by a316744
and submitting the fix.
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I4984fc32503b0c7b6db3543834dfbbfed2a1f23c
|
|
Otherwise the tw_timer_template code ASSERTs...
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I85e00a3e3486e3b238254ac4116d684a32984434
|
|
Type: refactor
Change-Id: I04e71a64e676910dc4c6cbc1ab54ffb0c29aa5b9
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Apply exponential smoothing to the clock rate update calculation in
clib_time_verify_frequency(), with a half-life of 1 minute and a
sampling frequency of 16 seconds. Within 5 minutes or so, the
calculation converges
With each rate recalculation: reset total_cpu_time based on the kernel
timebase delta since vpp started, and the new clock rate
Improve the "show clock [verbose]" debug CLI command.
BFD echo + echo fail tests marked off until the BFD code can be
reworked a bit.
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I24e88a78819b12867736c875067b386ef6115c5c
|
|
Add missing cast to time conversion function to to deal with arbitrary
clocks-per-second values.
Type: fix
Change-Id: I5075a823e7a95c972c513ac765252337d5f59fbf
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
More RFC compliance.
Ticket: VPP-1816 BFD: peer discriminator not reset on timeout
Type: fix
Change-Id: I68063c18097d282b3527e3fb485c1d0d1fd1b0c8
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Change-Id: Ia083050389853c25b069f0f8286d50d3f4aef527
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: Ied34720ca5a6e6e717eea4e86003e854031b6eab
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
when multiple session creating script is ran (via exec) only the first
one actually starts
Change-Id: I0fc36f65795c8921cf180e0b555c446e5a80be45
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
Change-Id: I4acebbf76556428bb45356c8e5b85c72a85a1656
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Remove the expensive RPC call for every received packet and replace it with
lock-protected direct calls. Reinstate RPC for the less frequent
notification traffic.
Adjust the wakeup event sending logic to minimize the number of events
sent, by measuring the time it takes from sending the event to processing
it, and subsequently not sending the event if the pending wake-up time
is within 2x or the event propagation delay.
Eventually: remove oingo / oingoes.
Change-Id: I0b3d33c5d029527b54867a97ab07f35f346aaa3d
Signed-off-by: Dave Barach <dave@barachs.net>
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
Signed-off-by: Steve Shin <jonshin@cisco.com>
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Change-Id: Ieac9cf50156dbbb4962411e900d59256441915ef
Signed-off-by: Damjan Marion <damarion@cisco.com>
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
This allows arm platforms to also take advantage of crc32 hardware
acceleration.
* add a wrapper for crc32_u64. It's the only one really used. Using it
instead of a call to clib_crc32c() eases building symmetrical hash
functions.
* replace #ifdef on SSE4 by a test on clib_crc32c_uses_intrinsics.
Note: keep the test on i386
* fix typo in lb test log
Change-Id: I03a0897b70f6c1717e6901d93cf0fe024d5facb5
Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
|
|
- always use 'va_args' as pointer in all format_* functions
- u32 for all 'indent' params as it's declaration was inconsistent
Change-Id: Ic5799309a6b104c9b50fec309cba789c8da99e79
Signed-off-by: Christophe Fontaine <christophe.fontaine@enea.com>
|
|
32-bit code still can use crc32c instructions, but it operates
on 32 registers
Change-Id: I9bb6b0b59635d6ea6a753584676ebcf59c8f6584
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
- single-hop BFD: attach a delegate to the appropriate adjacency
- multi-hop BFD [not supported yet]: attach a delegate to the FIB entry.
adjacency/fib_entry state tracks the BFD session state. when the state is down the object does not contribute forwarding hence and hence dependent objects will not use it.
For example, if a route is ECMP via two adjacencies and one of them is BFD down, then only the other is used to forward (i.e. we don't drop half the traffic).
Change-Id: I0ef53e20e73b067001a132cd0a3045408811a822
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Make BFD ARP-aware when sending out packets.
Fix a few one-liner bugs discovered while integrating with cisco
nexus. Enhance CLI view to better observe session state.
Change-Id: I266c29492f351207b84328ab665d9d697969da9c
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Change-Id: I06a23d24340c5527f3848177d2178bf3e55f7614
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
In a very unlikely scenario, during which a session is removed
and replaced with a different session sharing the same session
index, while a packet is in-flight during RPC call, drop that packet.
Change-Id: If1c4a77fc2ab460bae2435db066a133185b98747
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Implement command line interface to the BFD binary APIs. Add
corresponding unit tests.
Change-Id: Ia0542d0bc4c8d78e6f7b777a08fd94ebfe4d524f
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Change-Id: Ib1e301d62b687d4e42434239e7cd412065c28da0
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Change-Id: I7d8889dce8495607106593ad83320c9af0f2fa07
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Change-Id: I772b63ac25ebfccaff9ab9d8d0b1445e85f21df7
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Change-Id: I5063d31f5305c848043afb32fcacff6e61aed79f
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Change-Id: Id294dbbd6499ae8221cc8143e1027adc08866ae6
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Change-Id: I1c93f96a752eb2ffd1117a656552131cde1fa489
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Change-Id: I666e5c0cc71a3693640960c93cdd1907f84fbe23
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Add authentication support to BFD feature. Out of three existing
authentication types, implement SHA1 (sole RFC requirement). Simple
password is insecure and MD5 is discouraged by the RFC, so ignore
those.
Add/change APIs to allow configuring BFD authentication keys
and their usage with BFD sessions.
Change-Id: Ifb0fb5b19c2e72196d84c1cde919bd4c074ea415
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Change-Id: Iaa9538c7cca500c04cf2704e5bf87480543cfcdf
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Change-Id: I7f09b45c926557d2ad0e2706b38fa56ff8194a3d
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Change-Id: I7b51f88292e057c6443b12224486f2d0c9f8ae23
Signed-off-by: Damjan Marion <damarion@cisco.com>
|