Age | Commit message (Collapse) | Author | Files | Lines |
|
vnet_session_rule_add_del may be called with a bogus appns index
from the API. Validate the appns index is indeed valid.
Type: fix
Change-Id: Ife1b5b9ab0b180ececa74008d2ef92045a9e8b58
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
session table may be shared among multiple appns's.
app ns add id blue secret 1 if tap0
app ns add id red secret 1 if tap0
session table holds the last added app_ns's appns_index.
If the last app_ns is deleted, session table is not free
since there is still an appns which uses the same session
table. In that case, session table is holding the free
app_ns's appns_index and it can cause problem.
The fix is to modify appns_index in session table to hold
a vector of appns_index's instead of just the appns_index
that was last added. When the app ns is deleted, remove the
deleted appns_index from the session table's vector of
appns_index's.
Type: fix
Change-Id: Ied8bc97f185071dc89b9b56656e18efbd2995131
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
The convention in the binary API is that fields encoded in network order.
For some reason, port was parsed in host order.
Type: fix
Change-Id: I31ea313937097e2547226566b7869be4e28251b8
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
Type: refactor
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I0dd002f923908c4b9244c2c47fc85fa8855d54e1
|
|
App can now pass http connection timeout using extended configuration,
ext cfg type TRANSPORT_ENDPT_EXT_CFG_HTTP, value (in seconds) set in ext
cfg member opaque.
It is optional, default value is 60 seconds.
Type: improvement
Change-Id: Ibeff4bbd3153421be350ff564ec3c8e52e5b9639
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
This allow configuration for each transport protocol when combined,
e.g. HTTPS=HTTP+TLS.
Extended config of session endpoint config is now chunk of memory,
which allow seamless integration with VCL, and internal
representation is hidden behind APIs, which is better for
future improvements. By default chunk is allocated to 512B if the
app doesn't do so before.
Type: improvement
Change-Id: I323f19ec255eba31c58c06b8b83af45aab7f5bb1
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Session layer can push transport attributes to vcl sessions which are
stored as vector for session lifetime.
Store original_dst_ip and port when available in vcl session attribute
vector.
Type: feature
Change-Id: Iab6c65ddcfed220fc919f564cd19083561812faf
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: refactor
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Iebf5155a429c77143df9eb44f504fea28cddaf98
|
|
Type: improvement
Change-Id: Ib8e9f9fb6dfc553cc9e344544961832fecbea8c1
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
1. When the backend engine is not enable, adding an entry returns
a confusing error message.
DBGvpp# session sdl add 191.1.1.30/32 action 1 tag blue-v4-rule1
session sdl add 191.1.1.30/32 action 1 tag blue-v4-rule1
unknown input `add 191.1.1.30/32 action 1 ta...'
DBGvpp#
2. When the sdl or rule-table entry is already present, adding the duplicate
entry returns a confusing error message.
DBGvpp# session sdl add 8.8.8.1/32 action 0
session sdl add 8.8.8.1/32 action 0
DBGvpp# session sdl add 8.8.8.1/32 action 0
session sdl add 8.8.8.1/32 action 0
session: session is already enable. Must disable first
DBGvpp#
The problem is because there are multiple cli commands start with "session".
When the command is failed with the best match chain, it passes the
command to the other parser chains which start with the keyword "session".
The other cli chain also fails to parse the command. The error message
that the previous parser chain returned may be overwritten by
the newest error message.
The fix is to not return an error in sdl and rule-table parser command chain.
Type: fix
Change-Id: If0165324a763f47ec98ab79a41c3ee9b10057454
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
The language is
local == VPP local interface
remote == sender prefix to VPP node
SDL acts on remote prefix.
Type: fix
Change-Id: I82917c6ef801fc67430dfdd15c5630cb7a6347e0
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
Type: fix
Change-Id: I12ddcd56f2fecb504180cdc044a3b3c3d1db7e3c
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Add support for:
- "sh session verbose thread <n> [lcl|rmt|ep] <ip>[:port]", which can be
used to filter sessions based on transport ip:port
- "force-print" option to force printing even when it exceeds existing
printing thresholds
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Iab3e58b8162664b425379d14818b8a4daa0ce345
|
|
With this feature, session enable is now modified to have 3 modes of operation
session enable -- only enable session
session enable rt-backend sdl -- enable session with sdl
session enable rt-backend rule-table -- enable session with rule-table
session rule tables are now created on demand, upon adding first rule
to the rule table.
refactor session table to remove depenency from sesssion rules table. Now
session rules table APIs take srtg_handle and transport
proto instead of srt pointer.
Type: feature
Change-Id: Idde6a9b2f46b29bb931f9039636562575572aa14
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
Backend needs to return protocol to indicate if the prefix is ip4 or ip6.
Type: fix
Change-Id: If827c2e8b2a58051298968fa4d69de71ce9c4fcc
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
Need to vec_free ns_id whenever we return in the function
show_session_rules_command_fn in case memory was allocated to it.
Type: fix
Change-Id: Ifc38d3eb2756a8a128467dd40ad40fe3f0be8fc0
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
SESSION_INVALID_INDEX is u32. The function is supposed to return u64.
The caller of the function tests the return value to see if it is
SESSION_INVALID_HANDLE in ct_session_connect. If it is not, it
thinks it is a valid handle and calls listen_session_get_from_handle
which causes a crash.
Type: fix
Change-Id: I4ede6b2dfb95259f3a6071cfa3a77ce0d9cd9edd
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
session table
When an application namespace is added, we call session_table_is_alloced
to see if we need to allocate a new session table. That check returns true
even if we removed the session table.
The fix is when we delete an application's global session table,
we need to invalidate fib_index_to_table_index.
Fixed test_vcl test script to run two tests back to back.
The 1st test deletes the application namespace at the end.
The 2nd test adds the application namespace in the beginning.
Type: fix
Fixes: 67bae20b05cb46e5f6d19afeaf1f7a52a5309d59
Change-Id: I67f5cc1b726a07659597a9479df011717db08d0a
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
1. Adding an ip6 rule entry
session rule add proto tcp ee80::/10 0 ee80::/10 0 action 2
2. show session rules does not display the entry.
show session rules tcp
3. However, show session rules for a specific entry shows the entry
show session rules tcp ee80::/10 0 ee80::/10 0
Type: fix
Change-Id: I65c881665d3698a2a9452a186ed657eee0bf13e0
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
Type: fix
Change-Id: If07a6a420d467e6305f166ed250f84befe9f983d
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
Type: fix
Change-Id: Id8542ad74389eca4cc7903cd455f556743a5e0cf
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
Invoking the API session_rule_add_del to add a rule causes VPP to crash
if session is not enable.
Type: fix
Change-Id: If8de83f1064bc60d20461e87889b7c3393ad2af1
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
lock the vrf table when adding an application namespace and
unlock the vrf table when deleting an application namespace.
Free the session table when no more application namespace
uses it anymore to avoid memory leaks.
Type: fix
Change-Id: I10422c9a3b549bd4403962c925e29dd61a058eb0
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
We call application_namespace_cleanup to remove the application which
has a reference to the application namespace when deleting an application
namespace. When we find the matching application namespace, we queue
the ns_index instead of app_index to look for the application.
This may lead to a crash.
Type: fix
Change-Id: I89c7f8d1681b4c7c1bcb16641217230a26dbe582
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
Type: improvement
Change-Id: I5a4a33604ecb8a29ef6932cc5826835d3bec7f23
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I3c79d16f6a19767d990e8a4683c296219b559ccd
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Iadc6ec58f5fc7fbff62e4fd31d509557b60395cb
|
|
If session is not enable, type in the CLI session disable cause VPP to crash.
Type: fix
Change-Id: Ib55b7430b7ce521a40025d58fa18b765f5129fd5
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
When toggling session disable and enable, memory leaks found on various
transports.
Don't create the timer wheels on enable when they are already creaded.
Don't create the spin locks when they are already created.
Add session enable disable test in session unit test.
Type: fix
Change-Id: I08988a96bbf2d67a67c743b50b63f5b1e27402a3
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
When the rule table is allocated, the root node is allocated. But it
cannot be deleted by the add_del API, or the table is useless.
When the table is free, the root node is not free and there is memory
leak. Let's add pool_flush when the rule table is free.
Type: fix
Change-Id: I58c3e040cd101c7db501d99a373ad78d85321b8f
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
Avoid double free if app forces reset while half-open is cleaning up.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I2311fb763076aa8a263c193f5967793402eedb6a
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I9e7011ff45f14e17fc0d0d63800184f404c29093
|
|
This makes session_lookup_connection_wt6 consistent with session_lookup_connection_wt4 -
they both just return an error for wrong thread.
Type: fix
Change-Id: Ide38976e9a7274b53311e65711098e6b22a3f8d5
Signed-off-by: Brian Morris <bmorris2@cisco.com>
|
|
Type: fix
Change-Id: I80e90cab8e2e9fef837779e36e0256baf791b801
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Force transport and session cleanup on session detach if transport is
already closing. This should also avoid races between transport
initiated session cleanups and pending session control events.
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I83a947a0c01f5af8ac70aa31fee660276f1d1c60
|
|
Type: improvement
Change-Id: Ib824d0ca9efc7d8967e043db69017655b2dcf6b5
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: fix
Change-Id: I739b7129c7e5a3fccefcdeeaf7f4a298223dd8eb
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I1464e93cd3020eaa26068df558924e39dd255ccb
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ieb4e9d9e39b937ad4c7316b3955b3ca296f0a191
|
|
Type: improvement
Change-Id: Iefe5c2e610a26241a88ca783ac548fd8f2317bb0
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I04f836d09a1cbd5a5b55dc64359d2d761dfc4988
|
|
First step towards moving to an 8 byte struct instead of u64.
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Idd0b95520ab7158e175b9af1702fc09c0613a4bb
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I60600452c91184da571d4630bf2f0d9c24a3e85e
|
|
Type: refactor
Change-Id: I5235bf3e9aff58af6ba2c14e8c6529c4fc9ec86c
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: improvement
Change-Id: Ia1d8aaa3c51938cfa15dd09102471f52ebe67a3d
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: fix
Change-Id: If30d1aa8aa752ae4bddde776832a3009ebc7e316
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I28ccebf4d2f0728dd174ab3ee77a0d7ad4b90951
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ie7ff4bac22e9dbb449610072b52d1ec4e46fe757
|
|
Type: fix
Change-Id: I8cfaa62abd38d5356263b0ffd428638d1a027617
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Session lookup tables could be allocated from workers, e.g., connects
are done from first worker. Make sure consumers are not affected by
stopping workers.
Type: fix
Change-Id: I63b53c58b41ce91b08f50a2325c69c9f9fd25ed3
Signed-off-by: Florin Coras <fcoras@cisco.com>
|