summaryrefslogtreecommitdiffstats
path: root/src/vnet/bfd
AgeCommit message (Collapse)AuthorFilesLines
2022-12-16bfd: fix bfd udp error enum incompatibilityDmitry Valter2-4/+55
New BFD UDP errors were no longer compatible with BFD errors. This was causing out-of-bound reads and ASAN test crashes. Fix this issue by statically checking if these enums are compatible. Type: fix Signed-off-by: Dmitry Valter <d-valter@yandex-team.ru> Change-Id: I92fddd26270f946bc16ade840c94e5496e2cb88a
2022-09-23bfd: add tracing support to bfd-processKlement Sekera4-104/+160
Outgoing packets can be now traced via: trace add bfd-process <count> Type: improvement Change-Id: Ia19af6054289b18f55e518dbea251a2bee9b9457 Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
2022-08-10bfd: Express node stats using the .api fileNeale Ranns2-59/+77
Type: improvement This method allows the assignment of a severity to the error. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: Id1a414a88018390d03bd6b16bd048a98903bab5a
2022-08-10bfd: More descriptive error codes during packet receive handlingNeale Ranns3-59/+74
Type: improvement Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I8907fecde6d48f5362f0f91372d5a9a1bba6f931
2022-04-04vppinfra: make _vec_len() read-onlyDamjan Marion1-2/+2
Use of _vec_len() to set vector length breaks address sanitizer. Users should use vec_set_len(), vec_inc_len(), vec_dec_len () instead. Type: improvement Change-Id: I441ae948771eb21c23a61f3ff9163bdad74a2cb8 Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-03-24bfd: use local error index when incrementing node countersPaul Atkins1-4/+4
When incrementing node counters with vlib_node_increment_counter the local error index should be passed in. vlib_node_increment_counter adds the local index to the nodes base index to get the counter to write to. If we pass in the global counter index, the offset gets added again in the fn, and we then potentially write into memory that is not part of the counter vector. Type: fix Signed-off-by: Paul Atkins <patkins@graphiant.com> Change-Id: I43be33a51bcb52d520495d326b971c1d848d96b5
2022-03-18bfd: remove source IP check from session addKlement Sekera1-55/+0
Checking for existence of source address on interface prevents creating session before assigning address to said interface. Removing this check allows more flexibility when configuring BFD feature. Type: improvement Signed-off-by: Klement Sekera <klement.sekera@gmail.com> Change-Id: Ia57960e29b5dbdb758a7a64193c28f21482f229e
2022-03-09stats: refactorDamjan Marion1-9/+8
Type: refactor Change-Id: Ifd533a095d979dc55bfbe5fac7e0b7510a4d900c Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-02-16fib: Use the same adjacency that BFD is usingNeale Ranns2-1/+9
Type: improvement When the adj subsystem is notified of a BFD session, it attempts to find the appropriate adjacency from the session's key. This could lead to a mismatch between the adj used by BFD and that of FIB. The BFD session stores the adj it is using, so FIB uses that instead. Since adj is now using the same adj as BFD, it does not need to maintain its own locks. In BFD it is necessary to initialise the adj index used in INVALID and ensure it is not unlock before listeners are notified of the session delete. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I9630867b10bb18969475299a0c754942a8df0f44
2022-02-16bfd: On a point to point link use the all zeros address for the peer.Neale Ranns1-8/+12
Type: fix The adjacency used is then the same one as that used by routes in the FIB and so the BFD protection/fast-failover works for thise route, since they are children of the BFD protected adjacency. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I72e10b3074697cba8a002a4c1acf690983985157
2022-02-14bfd: add per session countersKlement Sekera4-28/+128
Add udp total session counts - as stat segment entries: /bfd/udp4/sessions /bfd/udp6/sessions and per session packet/byte counters: /bfd/rx-session-counters /bfd/rx-session-echo-counters /bfd/tx-session-counters /bfd/tx-session-echo-counters These counters are per-thread and per-session id. Adjust tests to verify proper function. Type: refactor Signed-off-by: Klement Sekera <klement.sekera@gmail.com> Change-Id: Ie597928022b6ac74c2220019b9e8e1714295f170
2022-02-14bfd: refactor code to fix misc warningsKlement Sekera3-131/+110
This change fixes multiple unused parameter warnings, narrowing conversion warnings and identical switch statement warnings. Type: refactor Signed-off-by: Klement Sekera <klement.sekera@gmail.com> Change-Id: I4140e939c409ce06cc5aaaf5e1b042681f7ca448
2022-02-09bfd: Add an update API that has create new or modify existing semanticsNeale Ranns4-22/+120
Type: improvement helps keep the agents stateless Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I3588f13c081e24f5a8083b490eb02856361e4ccb
2022-02-02bfd: restore the data within the packet after hash verificationAndrew Yourtchenko1-0/+5
The BFD delayed auth change test was failing intermittently within CI. Debugging has shown it depends on the initial random seed, e.g. the below will consistently fail: RND_SEED=1643734669.7126195 TEST='bfd.BFDAuthOnOffTestCase.test_auth_change_key_delayed' Same thing will happen with: RND_SEED=1643736595.1363552 RND_SEED=1643722239.8224792 The analysis of the behavior shown that the function that is doing the hash verification, modifies the content of the packet for the purposes of hash computation. In case of the auth rollover, this function may be called twice - resulting in the second comparison to be made with a bogus packet data, thus failing the check and the test. The above values of random seed are the ones where the test makes it to the point of this double comparison. The solution is to restore the data within the packet after the check from the array where we have copied it into before modifying the packet. Change-Id: Ibb09beb4b1230032db04527bbf38fa335651866b Type: fix Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2021-12-18bfd: fix NULL dereference in bfd_api_verify_commonFrédéric Perrin1-1/+1
ip6_get_link_local_address() may return NULL if the local interface is not (or not yet) configured Type: fix Signed-off-by: Frédéric Perrin <fred@fperrin.net> Change-Id: I42bf2081582c4a36fa4e32145ca2f0ff73488110
2021-11-12hash: refactor crc32_5tupleDamjan Marion1-3/+3
Type: improvement Change-Id: I31cae2367e2ec7fc89991ca0df994a73da93aaed Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-10-19bfd: fix bfd_key_id updateAlexander Skorichenko1-4/+8
Type: fix Currently, auth activation CLI command "bfd upd session auth activate ... conf-key-id <cki> bfd-key-id <bki>" allows to change both key-ids to new values at once. But if only bfd-key-id should be corrected, e.g. as a result of mistyping, we can't do that in a single operation, and have to deactivate auth first and then reactivate it with a correctly entered pair of ids. Currently, backend's bfd_auth_activate() function returns immediately, with no action, if it finds that submitted conf-key-id matches the current record. No check on bfd-key-id value is made. With this fix, bfd_auth_activate() checks if session's bfd-key-id has to be changed to a new value, and if so, it updates and logs appropriately. Change-Id: I3b915a936cb1721707860bb503f70e7dd29e0ddd Signed-off-by: Alexander Skorichenko <askorichenko@netgate.com>
2021-10-19bfd: fix desired_min_tx_nsec updateAlexander Skorichenko1-0/+2
Type: fix Currently, the change in desired_min_tx value initiated locally doesn't result in actual update of the transmission interval. bfd_session_t structure has two fields for each of protocol's local time parameters desired_min_tx, required_min_rx In a case of a parameter update, "config_" prefixed fields store new values sent to remote bs.config_desired_min_tx_nsec, bs.config_required_min_rx_nsec Those prefixed "effective_", keep old values, still in charge, until new ones are being negotiated between peers: bs.effective_desired_min_tx_nsec, bs.effective_required_min_rx_nsec Currently, upon termination of the Poll Sequence (negotiation) only bfd_set_effective_required_min_rx() is called to update effective RX value. TX value remains unchanged. With this fix, add a call to bfd_set_effective_desired_min_tx() to set new, acknowledged TX value in effect. Signed-off-by: Alexander Skorichenko <askorichenko@netgate.com> Change-Id: I80b6746533839c9572598f1ad9dabb33e621a525
2021-10-13docs: convert vpp doc md->rstNathan Skrzypczak2-374/+512
Type: improvement Change-Id: If453321785b04f9c16e8cea36fb1910efaeb2c59 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2021-06-22bfd: api cleanupFilip Tehlar2-62/+11
Use autogenerated code. Does not change API definitions. Type: improvement Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: I7a0a189ce635a4a74e63ac4cb133686b8b7ba53a
2021-05-21bfd: use vnet cryptoKlement Sekera2-100/+42
Type: improvement Change-Id: I873a99c1258a97ed5ed195b9756e8302f865e7f0 Signed-off-by: Klement Sekera <ksekera@cisco.com> Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2021-05-13tests: move test source to vpp/testDave Wallace2-3186/+0
- Generate copyright year and version instead of using hard-coded data Type: refactor Signed-off-by: Dave Wallace <dwallacelf@gmail.com> Change-Id: I6058f5025323b3aa483f5df4a2c4371e27b5914e
2021-05-01vlib: refactor trajectory trace debug featureBenoît Ganne1-2/+0
trajectory trace has been broken for a while because we used to save the buffer trajectory in a vector pointed to in opaque2. This does not work well when opaque2 is copied (eg. because of a clone) as 2 buffers end up sharing the same vector. This dedicates a full cacheline in the buffer metadata instead when trajectory is compiled in. No dynamic allocation, no sharing, no tears. Type: refactor Change-Id: I6a028ca1b48d38f393a36979e5e452c2dd48ad3f Signed-off-by: Benoît Ganne <bganne@cisco.com>
2021-03-15tests: use socket transport instead of shared memoryOle Troan3-16/+79
Type: improvement Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: I9e65c94a5a05047a5104e9361ea36eac77b40442 Signed-off-by: Ole Troan <ot@cisco.com>
2021-02-11tests: tag the tests that do not work with multi-worker configurationAndrew Yourtchenko1-0/+2
If the multi-worker default VPP configuration is triggered by setting VPP_WORKER_CONFIG="workers 2", some of the tests fail for various reasons. It's a substantial number, so this change marks all of the testsets that have this issue, such that they can be addressed later independently. Type: test Change-Id: I4f77196499edef3300afe7eabef9cbff91f794d3 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2021-01-22tests: add generalized tags for tests, use them for run-solo testsAndrew Yourtchenko1-24/+7
We have accumulated several scenarios in prod or wishlists where it would be useful to have a general infra to say yes/no about a certain test, and potentially make decisions based on that, for example: - runs solo (aka 'time-dependent') - (wishlist) part of quick smoke-test set - (wishlist) intermittent failure unrelated to timing - (wishlist) test broken with a multi-worker config in vpp Refactor the current "run-solo" code to allow for this extension. Type: test Change-Id: Ia5b3810e57c0543753c8e0dc4dc0cfb4a30b36ac Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> Signed-off-by: Klement Sekera <ksekera@cisco.com>
2020-12-22tests: move bfd tests to src/vnet/bfd/testDave Wallace2-0/+3201
- Refactor make test code to be co-located with the vpp feature source code. Type: test Signed-off-by: Dave Wallace <dwallacelf@gmail.com> Change-Id: I3ef69bc915d2217357a9e2b1afa1cfd6c363faa0
2020-12-14misc: move to new pool_foreach macrosDamjan Marion3-21/+23
Type: refactor Change-Id: Ie67dc579e88132ddb1ee4a34cb69f96920101772 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-10-21vlib: print logs to stderr if interactive or nosyslog setDamjan Marion1-25/+19
If VPP is started in interactive mode, instead of sending logs to syslog server we print them directly to stderr. Output is colorized, but that can be turned off with unix { nocolor } Type: improvement Change-Id: I9a0f0803e4cba2849a6efa0b6a86b9614ed33ced Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-10-21misc: minimize dependencies on udp.hFlorin Coras1-1/+1
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Id13f33843b230a1d169560742c4f7b2dc17d8718
2020-09-25bfd: add missing unlockKlement Sekera1-0/+1
Thanks to Martin Sustrik for spotting the bug introduced by a316744 and submitting the fix. Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I4984fc32503b0c7b6db3543834dfbbfed2a1f23c
2020-04-09bfd: always start timers with non-zero tick countsDave Barach1-0/+1
Otherwise the tw_timer_template code ASSERTs... Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I85e00a3e3486e3b238254ac4116d684a32984434
2020-02-17bfd: use tw_timer_template instead of legacy wheelKlement Sekera7-309/+336
Type: refactor Change-Id: I04e71a64e676910dc4c6cbc1ab54ffb0c29aa5b9 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2020-01-30vppinfra: improve clocks_per_second convergenceDave Barach1-1/+1
Apply exponential smoothing to the clock rate update calculation in clib_time_verify_frequency(), with a half-life of 1 minute and a sampling frequency of 16 seconds. Within 5 minutes or so, the calculation converges With each rate recalculation: reset total_cpu_time based on the kernel timebase delta since vpp started, and the new clock rate Improve the "show clock [verbose]" debug CLI command. BFD echo + echo fail tests marked off until the BFD code can be reworked a bit. Type: fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I24e88a78819b12867736c875067b386ef6115c5c
2020-01-30bfd: add missing castKlement Sekera1-1/+1
Add missing cast to time conversion function to to deal with arbitrary clocks-per-second values. Type: fix Change-Id: I5075a823e7a95c972c513ac765252337d5f59fbf Signed-off-by: Klement Sekera <ksekera@cisco.com>
2020-01-27bfd: reset peer discriminator on timeoutKlement Sekera1-0/+13
More RFC compliance. Ticket: VPP-1816 BFD: peer discriminator not reset on timeout Type: fix Change-Id: I68063c18097d282b3527e3fb485c1d0d1fd1b0c8 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2020-01-10docs: Edit FEATURE.yaml files so they can be publishedJohn DeNisco1-2/+2
Type: docs Signed-off-by: John DeNisco <jdenisco@cisco.com> Change-Id: I7280e5c5ad10a66c0787a5282291a2ef000bff5f
2020-01-04misc: fix feature.yamlOle Troan1-1/+0
Add checkfeaturelist validation to checkstyle. Fix two files with errors. Type: docs Change-Id: I81eda0e25b271f2006b4da22efdf7218d52a67d3 Signed-off-by: Ole Troan <ot@cisco.com>
2020-01-03bfd: add feature.yamlKlement Sekera1-0/+9
Type: docs Change-Id: Ica2b4a9d4fe2ceaafd6d707ebe3c4a7fa0af1c07 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-12-17ip: Protocol Independent IP NeighborsNeale Ranns2-5/+5
Type: feature - ip-neighbour: generic neighbour handling; APIs, DBs, event handling, aging - arp: ARP protocol implementation - ip6-nd; IPv6 neighbor discovery implementation; separate ND, MLD, RA - ip6-link; manage link-local addresses - l2-arp-term; events separated from IP neighbours, since they are not the same. vnet retains just enough education to perform ND/ARP packet construction. arp and ip6-nd to be moved to plugins soon. Change-Id: I88dedd0006b299344f4c7024a0aa5baa6b9a8bbe Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-12-10api: multiple connections per processDave Barach1-1/+1
Type: feature Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I2272521d6e69edcd385ef684af6dd4eea5eaa953
2019-11-16bfd: allow IPv6 link-local address as local addressAlexander Chernavin1-15/+30
Type: fix Change-Id: Ia3dacd2628591f7ba9710e8e4d68df97ae21935c Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2019-09-04bfd: API cleanupJakub Grajciar2-84/+66
Use consistent API types. Type: fix Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com> Change-Id: I4b91ebe8aadbec8b95716ed1cde4b0a13eee3a3f Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
2019-07-23api: binary api cleanupDave Barach2-5/+5
Multiple API message handlers call vnet_get_sup_hw_interface(...) without checking the inbound sw_if_index. This can cause a pool_elt_at_index ASSERT in a debug image, and major disorder in a production image. Given that a number of places are coded as follows, add an "api_visible_or_null" variant of vnet_get_sup_hw_interface, which returns NULL given an invalid sw_if_index, or a hidden sw interface: - hw = vnet_get_sup_hw_interface (vnm, sw_if_index); + hw = vnet_get_sup_hw_interface_api_visible_or_null (vnm, sw_if_index); if (hw == NULL || memif_device_class.index != hw->dev_class_index) return clib_error_return (0, "not a memif interface"); Rename two existing xxx_safe functions -> xxx_or_null to make it obvious what they return. Type: fix Change-Id: I29996e8d0768fd9e0c5495bd91ff8bedcf2c5697 Signed-off-by: Dave Barach <dave@barachs.net>
2019-06-07bfd: midchain adjacency supportMatthew G Smith1-10/+51
Support an adjacency with lookup_next_index of IP_LOOKUP_NEXT_MIDCHAIN so tunnel interfaces can have BFD configured on them. Also, check if the interface a session is configured on is up and skip assembling the packet and calculating the checksum if the interface is down. Change-Id: I44f76478d0fc1592e3491dd9368819a5c957e74a Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2019-03-28Typos. A bunch of typos I've been collecting.Paul Vinciguerra1-1/+1
Change-Id: I53ab8d17914e6563110354e4052109ac02bf8f3b Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-03-12bfd: register udp ports only when enabledKlement Sekera1-14/+49
Change-Id: Iffb4b314be3ded0d9c6acb77ec1c6f22778f301d Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-02-14Add -fno-common compile optionBenoît Ganne1-1/+1
-fno-common makes sure we do not have multiple declarations of the same global symbol across compilation units. It helps debug nasty linkage bugs by guaranteeing that all reference to a global symbol use the same underlying object. It also helps avoiding benign mistakes such as declaring enum as global objects instead of types in headers (hence the minor fixes scattered across the source). Change-Id: I55c16406dc54ff8a6860238b90ca990fa6b179f1 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-01-20buffers: don't init metadata, as it is already initializedDamjan Marion2-3/+0
Change-Id: Ia083050389853c25b069f0f8286d50d3f4aef527 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-11-14Remove c-11 memcpy checks from perf-critical codeDave Barach2-21/+22
Change-Id: Id4f37f5d4a03160572954a416efa1ef9b3d79ad1 Signed-off-by: Dave Barach <dave@barachs.net>