Age | Commit message (Collapse) | Author | Files | Lines |
|
Need to vec_free ns_id whenever we return in the function
show_session_rules_command_fn in case memory was allocated to it.
Type: fix
Change-Id: Ifc38d3eb2756a8a128467dd40ad40fe3f0be8fc0
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
SESSION_INVALID_INDEX is u32. The function is supposed to return u64.
The caller of the function tests the return value to see if it is
SESSION_INVALID_HANDLE in ct_session_connect. If it is not, it
thinks it is a valid handle and calls listen_session_get_from_handle
which causes a crash.
Type: fix
Change-Id: I4ede6b2dfb95259f3a6071cfa3a77ce0d9cd9edd
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
session table
When an application namespace is added, we call session_table_is_alloced
to see if we need to allocate a new session table. That check returns true
even if we removed the session table.
The fix is when we delete an application's global session table,
we need to invalidate fib_index_to_table_index.
Fixed test_vcl test script to run two tests back to back.
The 1st test deletes the application namespace at the end.
The 2nd test adds the application namespace in the beginning.
Type: fix
Fixes: 67bae20b05cb46e5f6d19afeaf1f7a52a5309d59
Change-Id: I67f5cc1b726a07659597a9479df011717db08d0a
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
1. Adding an ip6 rule entry
session rule add proto tcp ee80::/10 0 ee80::/10 0 action 2
2. show session rules does not display the entry.
show session rules tcp
3. However, show session rules for a specific entry shows the entry
show session rules tcp ee80::/10 0 ee80::/10 0
Type: fix
Change-Id: I65c881665d3698a2a9452a186ed657eee0bf13e0
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
This makes session_lookup_connection_wt6 consistent with session_lookup_connection_wt4 -
they both just return an error for wrong thread.
Type: fix
Change-Id: Ide38976e9a7274b53311e65711098e6b22a3f8d5
Signed-off-by: Brian Morris <bmorris2@cisco.com>
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I60600452c91184da571d4630bf2f0d9c24a3e85e
|
|
Type: refactor
Change-Id: I5235bf3e9aff58af6ba2c14e8c6529c4fc9ec86c
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Session lookup tables could be allocated from workers, e.g., connects
are done from first worker. Make sure consumers are not affected by
stopping workers.
Type: fix
Change-Id: I63b53c58b41ce91b08f50a2325c69c9f9fd25ed3
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I96bff47206ef64ea7369ae92e1b9ff1f74dfd71b
|
|
Type: improvement
Change-Id: Ie0bad9e03ac2e29da23af01ee7f63cb44489ad9c
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I313c916d268c4b2b448b93e90bc67da341b803e3
|
|
This adds a new API call to add session namespaces
It now takes a netns and a sock_name.
(1) If no netns is passed, sock_name will be used as
socket path. Defaulting to /run/vpp/app_ns_sockets/${ns_id}
(2) If a netns is passed, the sock_name has to be
abstract (i.e. start with '@'). It will default to
`@vpp/session/${ns_id}` and will be created in the provided
netns.
Type: feature
Change-Id: I90e9a8e5ecca2cabe7c05335663e33c8506dc9e7
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: If0712f01bdd6f2fc892bcbe4e2cee28affd02520
|
|
Extending the fib_index_to_table_index could leave entries uninitialized,
pointing to the session tables at index 0. That session index exists by
default, but it is a IPv4 session table. That would break all IPv6 on
the unitilized fib indexes.
Type: fix
Change-Id: Ie3f0a87a7f829ceb39f75ec06658b0ad1d3813ae
Signed-off-by: Andreas Schultz <andreas.schultz@travelping.com>
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie7102355b95eefb233ec7d146e61819051a7bf07
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie3bc31fc3df662e087f7931de6c274eb3608a2d8
|
|
Type: fix
Ensure listeners for app transport protocols are added to lookup tables
using their session endpoints instead of their transport connections,
which can override the network connection id in the transport connection.
Change-Id: I56fa3666bb1422c0799fc7143cd099751ff6e2e6
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Improve host stack CPS test, and it help improve 10x performance
Type: feature
Change-Id: I6af61e0bad7c16ee2d30a1422cc46bb89f1cedb4
Signed-off-by: Yu Ping <ping.yu@intel.com>
Signed-off-by: Yuwei Zhang <yuwei1.zhang@intel.com>
|
|
Type: fix
Change-Id: I4e2617f99064c5a96e4debae8b68716ca129ee73
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: fix
show session rules tcp
vpp/src/vnet/session/application_namespace.c:34 (app_namespace_get)
assertion `! pool_is_free (app_namespace_pool, _e)' fails
Thread 1 "vpp_main" received signal SIGABRT, Aborted.
Signed-off-by: Guanghua Zhang <ghzhang@fiberhome.com>
Change-Id: I3430339a598a92d0a38826471adeb4547b0b7df4
|
|
Type: feature
Change-Id: I1369859be0a722ea37e5d3ecb35dee5684fc69f8
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
current session rule cli can not add session rule of proto is udp.
because vnet_session_rule_add_del function's paramter does not include transport_proto element in args struct,
but session rule type on the basis of input args's transport_proto when create session rule with vnet_session_rule_add_del function,
so just add transport_proto element to vnet_session_rule_add_del function's args that to solve this problem
Change-Id: If1a5942b4a0b006d73376e0cb01b97e84c593493
Signed-off-by: zhanglimao <zhanglimao0017@gmail.com>
|
|
Change-Id: I42addcd413094a8b6e9b2858ba2a292bd295ec82
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
- Switches local connects to cut-thru transport
- Removes local sessions as a separate session type
Change-Id: I997c6355d8c8e4f2110678f785b0f5d96bba47f7
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I89d240753b3f3c5e984aa303a7c8fa35fa59bf7f
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
- move transport specific types to transport_types
- add transport wrapper functions for interaction with transport
protocol vfts
Change-Id: I93f70d884585fc2f41c4a605e310c80e8a8972f2
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Rename core data structures. This will break compatibility for out of
tree builtin apps.
- stream_session_t to session_t
- server_rx/tx_fifo to rx/tx_fifo
- stream_session.h to session_types.h
- update copyright
Change-Id: I414097c6e28bcbea866fbf13b8773c7db3f49325
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I7e59ae718d2722c49d42b22a0874e1645a191e89
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Allow apps to register child processes as app workers. In particular,
on fork vcl now registers the child process with vpp as a new worker.
Change-Id: I52a65fbc3292962b1f6e1fe0f6153f739e6e0d4a
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: Ied34720ca5a6e6e717eea4e86003e854031b6eab
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Refactor session layer to support multiple workers per application.
Change-Id: Ie67354688d396449d14bbbb8c56050206e307cd8
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Have vcl poll and wait on the event message queues as opposed to
constantly polling the session fifos. This also adds event signaling to
cut through sessions.
On the downside, because we can't wait on multiple condvars, i.e., when
we have multiple message queues because of cut-through registrations, we
do timed waits.
Change-Id: I29ade95dba449659fe46008bb1af502276a7c5fd
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
It would seem that this avoids using the stack for computing the
subsequent crc32 by storing the 2 x u64 ip4 5-tuple key into two
registers. Probably the cast to the "convenience" data structure "masks"
the fact that the key is 16B. Probably ... :-)
"sh run" on an ip4 tcp sender reports that the number of clocks spent in
tcp_input, where a session lookup is performed, drops ~25% (from ~100
clocks/packet to ~75 clocks/packet)
Change-Id: I50d647115ac72f8407bff7e3b73328ba42f0ddb5
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I825f3822910a6ee368b9004e39ca16ac6833e30c
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I3425b1533b3d31210166e7b3798685464ad1c489
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Memfd backed shared memory segments can only be negotiated over sockets.
For such scenarios, the existing redirect mechanism that establishes
cut-through sessions does not work anymore as the two peer application
do not share such a socket.
This patch adds support for local sessions, as opposed to sessions
backed by a transport connection, in a way that is almost transparent to
the two applications by reusing the existing binary api messages.
Moreover, all segment allocations are now entirely done through the
segment manager valloc, so segment overlaps due to independent
allocations previously required for redirects are completely avoided.
The one notable characteristic of local sessions (cut-through from app
perspective) notification messages is that they carry pointers to two
event queues, one for each app peer, instead of one. For
transport-backed sessions one of the queues can be inferred but for
local session they cannot.
Change-Id: Ia443fb63e2d9d8e43490275062a708f039038175
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: Iab0baabf2f27bc7ad7fbf2d2789a493752b07d8a
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
- compute session type out of transport and network protos
- make session, session lookup and session queue code network protocol
agnostic
This does not update the session layer to support non-ip network layer
protocols
Change-Id: Ifc2f92845e158b649d59462eb7d51c12af536691
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
- make allow action explicit (-3)
- add session lookup is_filtered return flag that is set if lookup hit a
deny filter
- change tcp logic to drop filtered packets when punting is enabled
Change-Id: Ic38f294424663a4e108439b7571511f46f8e0be1
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
This moves session proxy logic from session rules tables to table/logic
used to manage session listeners in order to avoid overlap of
semantically different rules.
Change-Id: I463522cce91b92d942f6a2086fb14c3366b9f023
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I5217364220023df34d5bee071cb750df1661b093
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: Ie747b490901254e962cf61814491851b891129ee
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: Id5ebb410f509ac4c83d60e48efd54e00035e5ce6
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: Ie42fd77e75e86a45cfe5951768c4638f27fdc3aa
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: Ided2980373ed5329c68f958f61be893428bccd31
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
To enable this, applications set the proxy flag in their attach requests
and pass the transport protocols they want to act as proxies for as part
of the attach options.
When proxy is enabled, session rules that point incoming packets to the
proxy app are addedd to the local and global session tables, if these
scopes are accessible to the app. In particular, in case of the former,
the rule accepts packets from all sources and all ports destined to the
namespace's supporting interface address on any port. While in case of
the latter, a generic any destination and any port rule is addedd.
Change-Id: I791f8c1cc083350f02e26a2ac3bdbbfbfa19ece3
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
This introduces 5-tuple lookup tables that may be used to implement
custom session layer actions at connection establishment time (session
layer perspective).
The rules table build mask-match-action lookup trees that for a given
5-tuple key return the action for the first longest match. If rules
overlap, ordering is established by tuple longest match with the
following descending priority: remote ip, local ip, remote port, local
port.
At this time, the only match action supported is to forward packets to
the application identified by the action.
Change-Id: Icbade6fac720fa3979820d50cd7d6137f8b635c3
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I44d5c9df7c49b8d4d5677c6d319033b2da3e6b80
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Applications are now provided the option to select the namespace they
are to be attached to and the scope of their attachement. Application
namespaces are meant to:
1) constrain the scope of communication through the network by
association with source interfaces and/or fib tables that provide the
source ips to be used and limit the scope of routing
2) provide a namespace local scope to session layer communication, as
opposed to the global scope provided by 1). That is, sessions can be
established without assistance from transport and network layers.
Albeit, zero/local-host ip addresses must still be provided in session
establishment messages due to existing application idiosyncrasies. This
mode of communication uses shared-memory fifos (cut-through sessions)
exclusively.
If applications request no namespace, they are assigned to the default
one, which at its turn uses the default fib. Applications can request
access to both local and global scopes for a namespace. If no scope is
specified, session layer defaults to the global one.
When a sw_if_index is provided for a namespace, zero-ip (INADDR_ANY)
binds are converted to binds to the requested interface.
Change-Id: Ia0f660bbf7eec7f89673f75b4821fc7c3d58e3d1
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
177117: fstat() returns -1 on error; the code is
checking for any positive value instead
175142: final return could never be reached; simple
refactoring
175235,175236: Warning suppressed with an explicit
cast to (void)
174817: Final return couldn't be reached; is
is_in_order is 0 then 'rv' is already returned
above
172095,172093: If is_is_set does not get set to 1,
then return 0 has already been invoked
174405: Re-kill this (nothing sets rv)
171136: Looks like a cmd line flag to set test_bytes
was missing; added it, and refactored the
argc/argv processing to avoid two other
potential segv's
176813: Add range checking for term width/height.
First stab at a reasonable range is 1-512
for both.
175350: Fix implicit casting in shift operation
174272: Not a c+p error; try using a coverity
annotation to ignore it
174273,175320: Annotated FORWARD_NULL
Change-Id: I58d0f860fc2209f59f8d1b6b344d631b8d429ace
Signed-off-by: Chris Luke <chrisy@flirble.org>
|