Age | Commit message (Collapse) | Author | Files | Lines |
|
This patch adds the API for vnet/flow infra.
Currently this API supports the below flow types:
VNET_FLOW_TYPE_IP4_N_TUPLE
VNET_FLOW_TYPE_IP6_N_TUPLE
VNET_FLOW_TYPE_IP4_N_TUPLE_TAGGED
VNET_FLOW_TYPE_IP6_N_TUPLE_TAGGED
VNET_FLOW_TYPE_IP4_L2TPV3OIP
VNET_FLOW_TYPE_IP4_IPSEC_ESP
VNET_FLOW_TYPE_IP4_IPSEC_AH
VNET_FLOW_TYPE_IP4_GTPU
All the above flows are tested with Intel E810/X710 NIC
Type: feature
Signed-off-by: Chenmin Sun <chenmin.sun@intel.com>
Change-Id: Icb8ae20cab9bdad6b120dddc3bd4fb1d85634f3f
|
|
Make sure payload_proto variable is set properly in vnet_ip_mroute_cmd()
function. This avoids using an uninitialized payload_proto value which
could lead to assertion failure when using e.g. the ip mroute add
command.
Type: fix
Signed-off-by: Elias Rudberg <elias.rudberg@bahnhof.net>
Change-Id: I8b1d1df02e80150836b7b0448814d8f99747eeed
|
|
vrf table may be dynamically added or deleted. When the table is deleted,
clients who use the corresponding vrf table may need a callback to
do the clean up. The mechanism added here is cloned from
VNET_SW_INTERFACE_ADD_DEL_FUNCTION.
Type: improvement
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: I08635c715cd7361a6c359b90890dd3545b0da94c
|
|
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: Ia77ce41a8f1a032c5e027c4bb47347752cfda0a9
|
|
Type: fix
Change-Id: Idb6f82e08b29e3805ed2133acb5fd7226148f672
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
- add 64-bit version
- remove byte swaps, as they are actually not needed
Type: improvement
Change-Id: Ia1efe54ee80b4ae7633b9ab36b3154c3357006d7
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: improvement
Change-Id: I67bacb90a3dd8a9bd7beb4975ad0fe344675b65f
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Previously there's a format_ip4_address in format_ip6...
This patch fixes this typo
Type: fix
Signed-off-by: Chenmin Sun <chenmin.sun@intel.com>
Change-Id: Ice124db6594720ed35a992d069341f399c331e1d
|
|
Type: fix
Signed-off-by: jiangxiaoming <jiangxiaoming@outlook.com>
Change-Id: I3ace7dfe3ddacb4f7fa7a974a2ffe2b3cf902ff9
|
|
Type: fix
Fixes: a84cb715f5a4366dd2f32de18ad92bec566924da
Change-Id: Id448d6ae9cfdd3122e8187121c509412835117c5
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
Type: fix
Change-Id: I39341f201209931392f315ead5adfddd8b567caf
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
No change in default behavior. To use htlb pages for the ip4 mtrie,
use the "ip" command-line option "mtrie-hugetlb".
Type: improvement
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I5497e426a47200edff2c7e15563ed6a42af12e7f
|
|
Type: fix
Signed-off-by: zhengdelun <xszhengdelun@gmail.com>
Change-Id: I3f6240b4c0798f85960acc55a193a0cbf0c67ea4
|
|
VXLAN uses csum_offload for IPv6 packets.
But without gso node we have csum calculated only for inner
packet.
This patch adds support for outer header csum calculation.
Checksum for inner packet should be calculated before
interface-output node (for example in vxlan node).
Type: fix
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Signed-off-by: Vladimir Isaev <visaev@netgate.com>
Change-Id: Ica68429ede4426293769207cd83c791ebe72fe56
|
|
make sure we don't pass a 0 (zero) to log2.
Type: fix
Signed-off-by: Andreas Schultz <andreas.schultz@travelping.com>
Change-Id: Ib3386ad4686835d3836f48294cee4058e897847a
|
|
Fix and optimize DMAC check in ethernet-input node to utilize NIC or
driver which support L3 DMAC-filtering mode so that DMAC check can be
bypassed safely for interfaces/sub-interfaces in L3 mode.
Checking of interface in L3-DMAC-filtering state to avoid DMAC check
require the following:
a) Fix interface driver init sequence for devices which supports L3
DMAC-filtering to indicate its capability and initialize interface
to L3 DMAC-filtering state.
b) Fix ethernet_set_flags() function and its associated callback
flags_change() functions registered by various drivers in interface
infra to provide proper L3 DMAC filtering status.
Maintain interface/sub-interface L3 config count so DMAC checks can be
bypassed if L3 forwarding is not setup on any main/sub-interfaces.
Type: fix
Ticket: VPP-1868
Signed-off-by: John Lo <loj@cisco.com>
Change-Id: I204d90459c13e9e486cfcba4e64e3d479bc9f2ae
|
|
Type: fix
Ticket: VPP-1883
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: Icf50a645e114fa3b7bd974f8c82f5ceebfcedcd7
|
|
Type: fix
Change-Id: Idf7c80b7d81f796bd0512bca4276bcfcf2af241a
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Identified and removed executable bit from source files in the tree.
find . -perm 755 -name *.[ch] -exec chmod a-x {} \;
Type: improvement
Signed-off-by: Ray Kinsella <mdr@ashroe.eu>
Change-Id: I00710d59fcc46ce5be5233109af4c8077daff74b
|
|
Type: fix
Signed-off-by: Ye donggang <yedg@wangsu.com>
Change-Id: Ia9f72ff2be455ecd4ff3d16e884c5a50f9df69fe
|
|
Type: docs
Change-Id: I9b5e5137eb4c1e89f6e8d7a278cd11a0fd496471
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Add an IP_ROUTE_LOOKUP function that does either an exact match or
longest prefix match in a given fib table for a given prefix
returning the match if present.
Add API test.
Type: improvement
Signed-off-by: Christian Hopps <chopps@labn.net>
Change-ID: I67ec5a61079f4acf1349a9c646185f91f5f11806
|
|
Type: improvement
- inline some common encap fixup functions into the midchain
rewrite node so we don't incur the cost of the virtual function call
- change the copy 'guess' from ethernet_header (which will never happen) to an ip4 header
- add adj-midchain-tx to multiarch sources
- don't run adj-midchain-tx as a feature, instead put this node as the
adj's next and at the end of the feature arc.
- cache the feature arc config index (to save the cache miss going to fetch it)
- don't check if features are enabled when taking the arc (since we know they are)
the last two changes will also benefit normal adjacencies taking the arc (i.e. for NAT, ACLs, etc)
for IPSec:
- don't run esp_encrypt as a feature, instead when required insert this
node into the adj's next and into the end of the feature arc. this
implies that encrypt is always 'the last feature' run, which is
symmetric with decrypt always being the first.
- esp_encrpyt for tunnels has adj-midchain-tx as next node
Change-Id: Ida0af56a704302cf2d7797ded5f118a781e8acb7
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Add a hook to src/vlibapi/api_shared.c to fuzz (screw up) binary API
messages, e.g. by xoring random data into them before processing. We
specifically exempt client connection messages, and inband debug CLI
messages. We step over msg_id, client index, client context, and
sw_if_index. Otherwise, "make test" vectors fail too rapidly to learn
anything.
The goal is to reduce the number of crashes caused to zero. We're
fairly close with this patch.
Add vl_msg_api_max_length(void *mp), which returns the maximum
plausible length for a binary API message.
Use it to hardern vl_api_from_api_to_new_vec(...) which takes an
additional argument - message pointer - so it can verify that
astr->length is sane. If it's not sane, return a u8 *vector of the
form "insane astr->length nnnn\0".
Verify array lengths in vl_api_dhcp6_send_client_message_t_handler(...)
and vl_api_dhcp6_pd_send_client_message_t_handler(...).
Add a fairly effective binary API fuzz hook to the unittest plugin,
and modify the "make test" framework.py to pass "api-fuzz { on|off }"
to enable API fuzzing: "make API_FUZZ=on TEST=xxx test-debug" or similar
Type: improvement
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I0157267652a163c01553d5267620f719cc6c3bde
|
|
Type: fix
Change-Id: I8d68e7c7392dcb748a2a84e72c7b1ca0c6c0eb07
Signed-off-by: Tom Seidenberg <tseidenb@cisco.com>
|
|
facilitates use of papi beyond the tests.
Type: improvement
Change-Id: I3d502d9130b81a7fb65ee69bb06fe55802b28a27
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
When use the kv->v.memory_owner_thread_index as the index to get the
reass in pool, maybe this element is freed by the owner thread because
of timeout, too many fragments, and so on.
So we should check if do_handoff with kv->v.memory_owner_thread_index
before get the reass from pool.
Type: fix
Signed-off-by: Gao Feng <davidfgao@tencent.com>
Change-Id: Ie0f1dc368f86d0fd65292ca0c5e1908348015e09
|
|
Type: refactor
Change-Id: Ib2d4a11ffa0e1e56ca05705ba8cdf84e6cc66427
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
interface
Type: fix
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I0b7c189006e30a357cd6be4f3c9c61fded4157cb
|
|
Type: feature
- replace functions for prefixes attached to interfaces
- add ip_interface.[ch] to consoldate the functions
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I9c0c39c09dbf80ea1aadefee02c9bd16f094b6ad
|
|
Type: fix
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I8c9f5330879fb8f51792b4476d5f0c873dbe4d7a
|
|
Type: fix
Change-Id: I87d301aec20b9f5b34997b394493c796188fce14
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Merge two mildly incompatible static inlines, and rename the results
vnet_calc_checksums_inline (...).
The resulting inline has three additional parameters: int is_ip4, int
is_ip6, and int with_gso. All calls manage to pass one or more as
compile-time constants, which causes a certain amount of code to
disappear in each instantiation.
Type: refactor
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I1a2a0e353b9a7bca20bc81318e8c915617261e1a
|
|
Type: feature
- move the IP4 code to plugin
- add ip6 support
- add suport for uRPF on TX
- add tests
Change-Id: I074c2debc486d3e79c12fad4b8dbd72c41e841a0
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
If vlib_buffer_clone (...) fails due to a buffer allocation error, update
*n_dispatched with the actual number of clones, not the requested
number of clones.
Punt_replicate(...) should not set *to_next[0] = bi0. The original
buffer is enqueued separately in punt_dispatch_node(...)
Type: fix
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I774ad8f8c1a0633de4cf8ae5530629201c229347
|
|
Type: fix
- doing so in MTU dec, means mtu_inc is broken
- there's no need to. if a packet encounters ipX-rewrite a second time then it went through a tunnel the first time and is still locally originated.
Change-Id: I0f279c2837b608c1677485fe93f63398ab2737b3
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ida8f9e759b4990ea6e34e71dc45bdb3b5eabc27f
|
|
Type: fix
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I9d25129fbf1ea880121b281f41750155286fb489
|
|
Type: fix
this is mainly cosmetic, assuming users use the symbolic names,
since VPP's API types encode/decode functions corrected the values
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: Iecbb8102aee64b2565a3fc89a30cad73a935269d
|
|
Type: fix
it was marked MP safe in the CLI (which it shouldn't be) but
it it not marked MP safe on the API.
Change-Id: I4bdea498a510a8b406d13d62a899b6d03656f7e8
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Translation of ICMPv6 error messages to ICMP error messages fails
because the sender port is not set that leads to securtiy check
failure.
With this commit, during ICMPv6 error messages translation, get the
sender port value from the inner packet.
Type: fix
Change-Id: I1ee295a3685fab4837172edfb629a699f49afbee
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
|
|
Type: fix
Signed-off-by: Jawahar Santosh Gundapaneni <jgundapa@cisco.com>
Change-Id: Ife0f7749a72cc834a3d811f8cf6b5a0840157014
|
|
Type: fix
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Change-Id: I6b2c7550ae5918c27b02b1173533d2042c6c15c7
|
|
Type: fix
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Change-Id: I73d27520726543d6375caad76a841339f68c3533
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
|
|
Type: improvement
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: Ia8dff15855a81cf29729bdaa3ff28fbe3254fa97
|
|
Type: improvement
type re-use.
Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: Ic2a2e6babf9ae66a1e53aec53a6cd157e1893dc8
|
|
Bypass node MUST NOT intercept a packet if destination IP doesn’t match
a local address. However IP address interpretation depends on the VRF,
hence bypass node must take that into account.
This patch also factors-out common VTEP management and checking code.
Type: improvement
Signed-off-by: Nick Zavaritsky <nick.zavaritsky@emnify.com>
Change-Id: I5665d94882bbf45d15f8da140c7ada528ec7fa94
|
|
Type: fix
Ticket: VPP-1837
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: Ifb310d6378c77ed9d3aae994897ca71ba8c44fa2
|
|
build vat with src/vnet/ip/ip_types_api.c
Type: fix
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Change-Id: Iab0f18bf7a89cf9512beab0629bc3a349edec383
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
|
|
- Remove vl_api_from_api_string
to prevent use of not nul-terminated strings.
- Rename vl_api_from_api_to_vec -> vl_api_from_api_to_new_vec
to imply a new vector is created. NOT nul terminated.
- Add vl_api_from_api_to_new_c_string. Returns
nul terminated string in a new vector.
- Add vl_api_c_string_to_api_string. Convert nul terminated
string to vl_api_string_t
- Add vl_api_vec_to_api_string. Convert NON nul terminated
vector to vl_api_string_t
Type: fix
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
Change-Id: Iadd59b612c0d960a34ad0dd07a9d17f56435c6ea
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
|