summaryrefslogtreecommitdiffstats
path: root/src/vnet/bfd/bfd_main.c
AgeCommit message (Collapse)AuthorFilesLines
2022-02-02bfd: restore the data within the packet after hash verificationAndrew Yourtchenko1-0/+5
The BFD delayed auth change test was failing intermittently within CI. Debugging has shown it depends on the initial random seed, e.g. the below will consistently fail: RND_SEED=1643734669.7126195 TEST='bfd.BFDAuthOnOffTestCase.test_auth_change_key_delayed' Same thing will happen with: RND_SEED=1643736595.1363552 RND_SEED=1643722239.8224792 The analysis of the behavior shown that the function that is doing the hash verification, modifies the content of the packet for the purposes of hash computation. In case of the auth rollover, this function may be called twice - resulting in the second comparison to be made with a bogus packet data, thus failing the check and the test. The above values of random seed are the ones where the test makes it to the point of this double comparison. The solution is to restore the data within the packet after the check from the array where we have copied it into before modifying the packet. Change-Id: Ibb09beb4b1230032db04527bbf38fa335651866b Type: fix Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2021-11-12hash: refactor crc32_5tupleDamjan Marion1-3/+3
Type: improvement Change-Id: I31cae2367e2ec7fc89991ca0df994a73da93aaed Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-10-19bfd: fix bfd_key_id updateAlexander Skorichenko1-4/+8
Type: fix Currently, auth activation CLI command "bfd upd session auth activate ... conf-key-id <cki> bfd-key-id <bki>" allows to change both key-ids to new values at once. But if only bfd-key-id should be corrected, e.g. as a result of mistyping, we can't do that in a single operation, and have to deactivate auth first and then reactivate it with a correctly entered pair of ids. Currently, backend's bfd_auth_activate() function returns immediately, with no action, if it finds that submitted conf-key-id matches the current record. No check on bfd-key-id value is made. With this fix, bfd_auth_activate() checks if session's bfd-key-id has to be changed to a new value, and if so, it updates and logs appropriately. Change-Id: I3b915a936cb1721707860bb503f70e7dd29e0ddd Signed-off-by: Alexander Skorichenko <askorichenko@netgate.com>
2021-10-19bfd: fix desired_min_tx_nsec updateAlexander Skorichenko1-0/+2
Type: fix Currently, the change in desired_min_tx value initiated locally doesn't result in actual update of the transmission interval. bfd_session_t structure has two fields for each of protocol's local time parameters desired_min_tx, required_min_rx In a case of a parameter update, "config_" prefixed fields store new values sent to remote bs.config_desired_min_tx_nsec, bs.config_required_min_rx_nsec Those prefixed "effective_", keep old values, still in charge, until new ones are being negotiated between peers: bs.effective_desired_min_tx_nsec, bs.effective_required_min_rx_nsec Currently, upon termination of the Poll Sequence (negotiation) only bfd_set_effective_required_min_rx() is called to update effective RX value. TX value remains unchanged. With this fix, add a call to bfd_set_effective_desired_min_tx() to set new, acknowledged TX value in effect. Signed-off-by: Alexander Skorichenko <askorichenko@netgate.com> Change-Id: I80b6746533839c9572598f1ad9dabb33e621a525
2021-05-21bfd: use vnet cryptoKlement Sekera1-87/+42
Type: improvement Change-Id: I873a99c1258a97ed5ed195b9756e8302f865e7f0 Signed-off-by: Klement Sekera <ksekera@cisco.com> Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2021-05-01vlib: refactor trajectory trace debug featureBenoît Ganne1-2/+0
trajectory trace has been broken for a while because we used to save the buffer trajectory in a vector pointed to in opaque2. This does not work well when opaque2 is copied (eg. because of a clone) as 2 buffers end up sharing the same vector. This dedicates a full cacheline in the buffer metadata instead when trajectory is compiled in. No dynamic allocation, no sharing, no tears. Type: refactor Change-Id: I6a028ca1b48d38f393a36979e5e452c2dd48ad3f Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-10-21vlib: print logs to stderr if interactive or nosyslog setDamjan Marion1-25/+19
If VPP is started in interactive mode, instead of sending logs to syslog server we print them directly to stderr. Output is colorized, but that can be turned off with unix { nocolor } Type: improvement Change-Id: I9a0f0803e4cba2849a6efa0b6a86b9614ed33ced Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-09-25bfd: add missing unlockKlement Sekera1-0/+1
Thanks to Martin Sustrik for spotting the bug introduced by a316744 and submitting the fix. Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I4984fc32503b0c7b6db3543834dfbbfed2a1f23c
2020-04-09bfd: always start timers with non-zero tick countsDave Barach1-0/+1
Otherwise the tw_timer_template code ASSERTs... Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I85e00a3e3486e3b238254ac4116d684a32984434
2020-02-17bfd: use tw_timer_template instead of legacy wheelKlement Sekera1-223/+239
Type: refactor Change-Id: I04e71a64e676910dc4c6cbc1ab54ffb0c29aa5b9 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2020-01-30vppinfra: improve clocks_per_second convergenceDave Barach1-1/+1
Apply exponential smoothing to the clock rate update calculation in clib_time_verify_frequency(), with a half-life of 1 minute and a sampling frequency of 16 seconds. Within 5 minutes or so, the calculation converges With each rate recalculation: reset total_cpu_time based on the kernel timebase delta since vpp started, and the new clock rate Improve the "show clock [verbose]" debug CLI command. BFD echo + echo fail tests marked off until the BFD code can be reworked a bit. Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I24e88a78819b12867736c875067b386ef6115c5c
2020-01-30bfd: add missing castKlement Sekera1-1/+1
Add missing cast to time conversion function to to deal with arbitrary clocks-per-second values. Type: fix Change-Id: I5075a823e7a95c972c513ac765252337d5f59fbf Signed-off-by: Klement Sekera <ksekera@cisco.com>
2020-01-27bfd: reset peer discriminator on timeoutKlement Sekera1-0/+13
More RFC compliance. Ticket: VPP-1816 BFD: peer discriminator not reset on timeout Type: fix Change-Id: I68063c18097d282b3527e3fb485c1d0d1fd1b0c8 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-01-20buffers: don't init metadata, as it is already initializedDamjan Marion1-2/+0
Change-Id: Ia083050389853c25b069f0f8286d50d3f4aef527 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-10-23c11 safe string handling supportDave Barach1-9/+9
Change-Id: Ied34720ca5a6e6e717eea4e86003e854031b6eab Signed-off-by: Dave Barach <dave@barachs.net>
2018-10-11bfd:fix handling session creation batchEyal Bari1-27/+34
when multiple session creating script is ran (via exec) only the first one actually starts Change-Id: I0fc36f65795c8921cf180e0b555c446e5a80be45 Signed-off-by: Eyal Bari <ebari@cisco.com>
2018-09-14Remove scaffoldingDave Barach1-8/+0
Change-Id: I4acebbf76556428bb45356c8e5b85c72a85a1656 Signed-off-by: Dave Barach <dave@barachs.net>
2018-08-29Address bfd rpc scale issuesDave Barach1-5/+170
Remove the expensive RPC call for every received packet and replace it with lock-protected direct calls. Reinstate RPC for the less frequent notification traffic. Adjust the wakeup event sending logic to minimize the number of events sent, by measuring the time it takes from sending the event to processing it, and subsequently not sending the event if the pending wake-up time is within 2x or the event propagation delay. Eventually: remove oingo / oingoes. Change-Id: I0b3d33c5d029527b54867a97ab07f35f346aaa3d Signed-off-by: Dave Barach <dave@barachs.net> Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> Signed-off-by: Steve Shin <jonshin@cisco.com> Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2018-04-17Add logging supportDamjan Marion1-36/+82
Change-Id: Ieac9cf50156dbbb4962411e900d59256441915ef Signed-off-by: Damjan Marion <damarion@cisco.com> Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-12-16Use crc32 wrapper (VPP-1086)Gabriel Ganne1-4/+4
This allows arm platforms to also take advantage of crc32 hardware acceleration. * add a wrapper for crc32_u64. It's the only one really used. Using it instead of a call to clib_crc32c() eases building symmetrical hash functions. * replace #ifdef on SSE4 by a test on clib_crc32c_uses_intrinsics. Note: keep the test on i386 * fix typo in lb test log Change-Id: I03a0897b70f6c1717e6901d93cf0fe024d5facb5 Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
2017-10-04[aarch64] Fixes CLI crashes on dpaa2 platform.Christophe Fontaine1-1/+1
- always use 'va_args' as pointer in all format_* functions - u32 for all 'indent' params as it's declaration was inconsistent Change-Id: Ic5799309a6b104c9b50fec309cba789c8da99e79 Signed-off-by: Christophe Fontaine <christophe.fontaine@enea.com>
2017-05-10Add crc32c inline function, allows compilation on 32-bit systemsDamjan Marion1-1/+1
32-bit code still can use crc32c instructions, but it operates on 32 registers Change-Id: I9bb6b0b59635d6ea6a753584676ebcf59c8f6584 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-04-06BFD-FIB interactionsNeale Ranns1-0/+23
- single-hop BFD: attach a delegate to the appropriate adjacency - multi-hop BFD [not supported yet]: attach a delegate to the FIB entry. adjacency/fib_entry state tracks the BFD session state. when the state is down the object does not contribute forwarding hence and hence dependent objects will not use it. For example, if a route is ECMP via two adjacencies and one of them is BFD down, then only the other is used to forward (i.e. we don't drop half the traffic). Change-Id: I0ef53e20e73b067001a132cd0a3045408811a822 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-04-05BFD: add ARP-awareness, fix bugsKlement Sekera1-55/+81
Make BFD ARP-aware when sending out packets. Fix a few one-liner bugs discovered while integrating with cisco nexus. Enhance CLI view to better observe session state. Change-Id: I266c29492f351207b84328ab665d9d697969da9c Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-03-06BFD: documentationKlement Sekera1-4/+2
Change-Id: I06a23d24340c5527f3848177d2178bf3e55f7614 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-03-06BFD: drop rpc call if packet doesn't match sessionKlement Sekera1-1/+1
In a very unlikely scenario, during which a session is removed and replaced with a different session sharing the same session index, while a packet is in-flight during RPC call, drop that packet. Change-Id: If1c4a77fc2ab460bae2435db066a133185b98747 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-03-02BFD: command line interfaceKlement Sekera1-34/+120
Implement command line interface to the BFD binary APIs. Add corresponding unit tests. Change-Id: Ia0542d0bc4c8d78e6f7b777a08fd94ebfe4d524f Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-02-26BFD: echo functionKlement Sekera1-205/+484
Change-Id: Ib1e301d62b687d4e42434239e7cd412065c28da0 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-02-17BFD: put session admin-up/admin-downKlement Sekera1-12/+12
Change-Id: I7d8889dce8495607106593ad83320c9af0f2fa07 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-02-15BFD: loop back echo packetsKlement Sekera1-25/+18
Change-Id: I772b63ac25ebfccaff9ab9d8d0b1445e85f21df7 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-02-14BFD: respect remote demand modeKlement Sekera1-9/+46
Change-Id: I5063d31f5305c848043afb32fcacff6e61aed79f Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-02-14BFD: set per session UDP source port per RFCKlement Sekera1-7/+2
Change-Id: Id294dbbd6499ae8221cc8143e1027adc08866ae6 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-02-08BFD: minor fixesKlement Sekera1-1/+1
Change-Id: I1c93f96a752eb2ffd1117a656552131cde1fa489 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-02-08BFD: modify session parametersKlement Sekera1-74/+222
Change-Id: I666e5c0cc71a3693640960c93cdd1907f84fbe23 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-02-02BFD: SHA1 authenticationKlement Sekera1-60/+568
Add authentication support to BFD feature. Out of three existing authentication types, implement SHA1 (sole RFC requirement). Simple password is insecure and MD5 is discouraged by the RFC, so ignore those. Add/change APIs to allow configuring BFD authentication keys and their usage with BFD sessions. Change-Id: Ifb0fb5b19c2e72196d84c1cde919bd4c074ea415 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-01-17BFD: IPv6 supportKlement Sekera1-29/+23
Change-Id: Iaa9538c7cca500c04cf2704e5bf87480543cfcdf Signed-off-by: Klement Sekera <ksekera@cisco.com>
2017-01-03BFD: immediately honor reduced remote_min_rx intervalKlement Sekera1-20/+22
Change-Id: I7f09b45c926557d2ad0e2706b38fa56ff8194a3d Signed-off-by: Klement Sekera <ksekera@cisco.com>
2016-12-28Reorganize source tree to use single autotools instanceDamjan Marion1-0/+969
Change-Id: I7b51f88292e057c6443b12224486f2d0c9f8ae23 Signed-off-by: Damjan Marion <damarion@cisco.com>