aboutsummaryrefslogtreecommitdiffstats
path: root/src/vnet
AgeCommit message (Collapse)AuthorFilesLines
2018-01-30VPP-899: Run VPP under SELinuxBilly McFall1-13/+17
Add an SELinux profile such that VPP can run under SELinux on RPM based platforms. The SELinux Policy is currently only implemented for RPM packages, specifically, Fedora, CentOS and RHEL. Doxygen User Documentation has been included (selinux_doc.md). Once some discussion on file locations has completed (see vpp-devlist), updates to the Debug CLI documentation will also need to be updated. Additional changes: Patch Set 2: - Rework selinux_doc.md such that each line is only 80 characters instead of each sentence on a line. Made additonal minor chnages to the text. - Update vHost Debug CLI documentation to reflex new socket location. Cleaned up some text from when I originally wrote it, to better reflex proper use. - Update exec Debug CLI documentation to be more inline with suggested helptext, added text regarding recommended script file location. - For Debian builds, create the /var/log/vpp/ directory. I don't use Debian very much, so please pay extra attention to build-data/platforms.mk and build-root/deb/debian/.gitignore. - Per discussion on VPP call, changed the default log location to /var/log/vpp/vpp.log. - Changed the socket location for vHost in AutoConfig to /var/run/vpp/. Patch Set 3: - Update selinux_doc.md based on comments. Change-Id: I400520dc33f1ca51012d09ef8fe5a7b7b96c631e Signed-off-by: Billy McFall <bmcfall@redhat.com>
2018-01-30Allow the provider of a midchain adjacency to pass context data that is ↵Neale Ranns14-25/+76
returned in the fixup function Change-Id: I458e6e03b03e27775df33a2fd302743126d6ac44 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-01-29DRAFT ip4/6_frag to support DPO Style based Next NodeVijayabhaskar Katamreddy2-0/+15
Change-Id: I1df3d23c1c5668b83d52b41f51c0e3f24183af9e Signed-off-by: Vijayabhaskar Katamreddy <vkatamre@cisco.com>
2018-01-29Remove last vestigies of auto-ip-table createNeale Ranns1-34/+4
Change-Id: If0f8472c0de5e324b24c9c672c0f8b57cc9f49a8 Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2018-01-27session: use clib rwlocks instead of custom implementationFlorin Coras2-27/+9
Change-Id: I68933d709ce9cc686ba06466e136434b663920ef Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-01-27Fix session/tcp coverity warningsFlorin Coras3-10/+22
Change-Id: I5c404eacb4a6c1e16485a6656168d9171ff49a8b Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-01-27session: disconnect and echo client improvementsFlorin Coras7-23/+38
Change-Id: If421bad17b6cfe8e321257c93bb38931e37d7b64 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-01-26session: move builtin apps to their own folderFlorin Coras13-2268/+560
This consolidates builtin apps under session-apps folder. It also removes duplicate builtin echo server/client implementations. Change-Id: I75ed879399c5aa9b75b1eb38b33aedf69dd8df3f Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-01-25session: add support for memfd segmentsFlorin Coras20-280/+355
- update segment manager and session api to work with both flavors of ssvm segments - added generic ssvm slave/master init and del functions - cleanup/refactor tcp_echo - fixed uses of svm fifo pool as vector Change-Id: Ieee8b163faa407da6e77e657a2322de213a9d2a0 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-01-24SCTP stack (RFC4960)Marco Varlese20-12/+8170
== CONTENT == * SCTP chunks definition as per RFC4960; * Helper functions to set/get values to/from the corresponding chunks; * Hooks to the session/application layers; * Complete state-machine handling; * Implementation for unexpected chunk received in a certain state (state-machine error handling) * Support for 1-single connection; * Sample application to test receive/transmit data-path; * Test to validate SCTP stack; Change-Id: I1b55c455ab400be9513f4e094dadfc3181d2ebc9 Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2018-01-24Improve the error reporting for a IP multicast RPF miss.Neale Ranns2-3/+16
now we get: 00:00:04:288925: pg-input ... 00:00:04:289345: ethernet-input ... 00:00:04:289524: ip6-input ... 00:00:04:289553: ip6-mfib-forward-lookup ... 00:00:04:289584: ip6-mfib-forward-rpf entry 14 itf 2 flags Forward, 00:00:04:289754: ip6-drop UDP: 2002::1 -> ff01:2::255 tos 0x00, flow label 0x0, hop limit 64, payload length 21 UDP: 1234 -> 1234 length 21, checksum 0x90d1 00:00:04:289802: error-drop ip4-input: Multicast RPF check failed 08:36:44,517 Count Node Reason 182 ip4-input Multicast RPF check failed 8 ip6-icmp-input neighbor advertisements sent 8 ip6-icmp-input router advertisements sent 8 arp-input ARP replies sent Change-Id: I1b29cda4ec77a88db45bfb25c7473cd64bbf501a Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-01-24Improve tunnel interface creation performanceJohn Lo7-76/+81
Modify interface creation to allow creation of tunnel interfaces without dedicated per tunnel output and tx nodes which are not used for most tunnel types. Also changed interface-output node function vnet_per_buffer_interface_output() so it does not rely on hw_if_index as the next node index which is not flexible nor efficient for large scale tunnel interfaces. The improvenemts are done for VXLAN, VXLAN-GPE, GENEVE and GTPU tunnels. GRE tunnel is still using per tunnel output nodes which will be changed in a separate patch with other GRE enhencements. Change-Id: I4123c01c0d2ead814417a867adb8c8a407e4df55 Signed-off-by: John Lo <loj@cisco.com>
2018-01-23Fix typo / coverity warningDave Barach1-1/+1
Change-Id: I4a3a6803083f3d707351440486bba59d8194339f Signed-off-by: Dave Barach <dave@barachs.net>
2018-01-23For DHCP client configuration control the setting of the broadcast flag in theNeale Ranns5-100/+397
DISCOVER message sent. According to RFC2131: In the case of a client using DHCP for initial configuration (before the client's TCP/IP software has been completely configured), DHCP requires creative use of the client's TCP/IP software and liberal interpretation of RFC 1122. The TCP/IP software SHOULD accept and forward to the IP layer any IP packets delivered to the client's hardware address before the IP address is configured; DHCP servers and BOOTP relay agents may not be able to deliver DHCP messages to clients that cannot accept hardware unicast datagrams before the TCP/IP software is configured. To work around some clients that cannot accept IP unicast datagrams before the TCP/IP software is configured as discussed in the previous paragraph, DHCP uses the 'flags' field [21]. The leftmost bit is defined as the BROADCAST (B) flag. The semantics of this flag are discussed in section 4.1 of this document. The remaining bits of the flags field are reserved for future use. They MUST be set to zero by clients and ignored by servers and relay agents. Figure 2 gives the format of the 'flags' field. this changes means VPP conforms to the: "SHOULD accept and forward to the IP layer any IP packets delivered to the client's hardware address before the IP address is configured" with the caveat that VPP allows DHCP packets destined to the stanard client DHCP port to be delivered. With this enhancement the control-plane is now able to choose the setting of the broadcast flag. Change-Id: Ia4eb2c9bb1e30c29f9192facc645e9533641955a Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-01-23VPPAPIGEN: vppapigen replacement in Python PLY.Ole Troan40-73/+91
This is a version of the VPP API generator in Python PLY. It supports the existing language, and has a plugin architecture for generators. Currently C and JSON are supported. Changes: - vl_api_version to option version = "major.minor.patch" - enum support - Added error checking and reporting - import support (removed the C pre-processor) - services (tying request/reply together) Version: option version = "1.0.0"; Enum: enum colours { RED, BLUE = 50, }; define foo { vl_api_colours_t colours; }; Services: service { rpc foo returns foo_reply; rpc foo_dump returns stream foo_details; rpc want_stats returns want_stats_reply events ip4_counters, ip6_counters; }; Future planned features: - unions - bool, text - array support (including length) - proto3 output plugin - Refactor C/C++ generator as a plugin - Refactor Java generator as a plugin Change-Id: Ifa289966c790e1b1a8e2938a91e69331e3a58bdf Signed-off-by: Ole Troan <ot@cisco.com>
2018-01-21vhost_user: 'nregions' saves the actual number of mapped guest physical ↵Haiyang Tan1-1/+2
address area This patch fixed the VMA leak that if mapping one of guest physical address area get failed. Change-Id: I07b0b9a932209561d6ff2b2dd08a111ea5db2209 Signed-off-by: Haiyang Tan <haiyang.tan.dev@gmail.com>
2018-01-19vxlan:restructure encap loopEyal Bari1-321/+198
unified some code from IPv4/6 pathes replaced unrolled rewrite copy with simple assignment refactored stats handling was not tested for performance Change-Id: I00aeb9dd5b72584e6606e1a076e5c8270389aaa4 Signed-off-by: Eyal Bari <ebari@cisco.com>
2018-01-19Sub-Interface deletion not cleanup hash's properly (VPP-1136)John Lo2-14/+18
On deleting sub-interfaces, functions vnet_delete_sub_interface() and vnet_delete_hw_interface() are not cleaning up sub-interface related hash tables and memory properly. Change-Id: I17c7c4b2078c062c77bfe48889beb677610035ca Signed-off-by: John Lo <loj@cisco.com> (cherry picked from commit 7f5bec647c9dc743c015d461d040e63a77fd0a08)
2018-01-18vlib: add vlib_buffer_alloc_to_ring APIDamjan Marion2-11/+4
Change-Id: I4e2804754b443f5f41fb25eed8334908c4a70f84 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-01-18tapv2: add option to set host-side default gwDamjan Marion7-2/+97
Change-Id: I76fd655ecd9445299b94b3b5af10e7b1588584e4 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-01-18FIB Inherited SrouceNeale Ranns18-137/+1621
forwarding provided by the source is pushed to all other entries it covers in the sub-tree Change-Id: I2a45222ef653358f55c2436de3e3c6353cfadba2 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-01-17Fix checksum offload sssue caused by overwriten lX_hdr_offsetDamjan Marion1-2/+2
This happens when 2 packets belonging to 2 different interfaces hit dual loop in the ethernet-input. Packets go to slow path which doesn't set l2 hdr offset correctly for l3 packets. Change-Id: I61d87c079db0b2e21f8af6f6b600bff14030535d Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-01-16Tolerate missing nodes during feature arc initialisationNeale Ranns1-2/+8
Change-Id: Ib0d0b663bf71ce52ead2f81140c710f31f040f89 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-01-16tapv2: deleting tap interface may leak buffers (VPP-1124)Steven4-11/+34
Buffers may be allocated for indirect descriptors by tx thread and they are freed when tx thread is invoked in the next invocation. This is to allow the recipient (kernel) to have a chance to process them. But if the tap interface is deleted, the tx thread may not yet be called to clean up the indirect descriptors' buffers. In that case, we need to remove them without waiting for the tx thread to be called. Failure to do so may cause buffers leak when the tap interface is deleted. For the RX ring, leakage also exists for vring->buffers when the interface is removed. Change-Id: I3df313a0e60334776b19daf51a9f5bf20dfdc489 Signed-off-by: Steven <sluong@cisco.com> (cherry picked from commit d8a998e74b815dd3725dfcd80080e4e540940236)
2018-01-15bfd: fix bfd_auth_keys_dumpFlorin Coras1-1/+1
Change-Id: I58598f18b9af70e580be4d28a0c40ec0ffcd5dca Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-01-15svm: refactor memfd and remove ssvm_ethFlorin Coras3-976/+0
Change-Id: Icde296e956eb89ea3a17d547f04a833916ec6440 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-01-13Improve "show xxx tunnel" and "show int addr" outputJohn Lo5-139/+111
Improve "show xxx tunnel" output functions format_xxx_tunnel() for GRE, VXLAN, VXLAN-GPE, GENEVE and GTPU tunnels to make their output more consistent and provide better information. Improved the output of "show int addr" to make its info more consistent with tunnels and provide fib-index info. Change-Id: Icd4b5b85a5bec417f8ee19afea336c770ad3b4c5 Signed-off-by: John Lo <loj@cisco.com>
2018-01-11api: fix handlers that explicitly depend on svm queueFlorin Coras4-40/+38
Fixes the remainig apis that explicitly check svm queue length. Change-Id: I6055c7c50050affee3098e162e15fb12c205e5db Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-01-11tcp: make proxy server uri cli configurableFlorin Coras2-3/+18
Change-Id: I94c7315558ccc9f3d4bcdefd09a696234bc56227 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-01-11api: remove transport specific code from handlersFlorin Coras29-604/+525
This does not update api client code. In other words, if the client assumes the transport is shmem based, this patch does not change that. Furthermore, code that checks queue size, for tail dropping, is not updated. Done for the following apis: Plugins - acl - gtpu - memif - nat - pppoe VNET - bfd - bier - tapv2 - vhost user - dhcp - flow - geneve - ip - punt - ipsec/ipsec-gre - l2 - l2tp - lisp-cp/one-cp - lisp-gpe - map - mpls - policer - session - span - udp - tap - vxlan/vxlan-gpe - interface VPP - api/api.c OAM - oam_api.c Stats - stats.c Change-Id: I0e33ecefb2bdab0295698c0add948068a5a83345 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-01-11Handle a mix of CNAME, A/AAAA recordsDave Barach1-10/+30
Poster-child: 8.8.8.8 resolving mag.ncep.noaa.gov Change-Id: I600cd0274b9017e9c91817511d3d3366f0bd02b9 Signed-off-by: Dave Barach <dave@barachs.net>
2018-01-11Add support for MAP-T CE (VPP-1058)Juraj Sloboda5-162/+441
Change-Id: Ib99058323c50f20fcdb44185aee027c5c6ef8c91 Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2018-01-10Functional improvements, bug fixesDave Barach4-25/+152
At least when testing against "known good" DNS servers: it turns out that sending 2x requests - one for an A-record and another for a AAAA-record - seems to work better than sending a single DNS_TYPE_ALL request. Fix c-string vs. u8 vector mistakes. Fix server failover. Change-Id: I26554f0a9c1744376f21372506ebec8658e351e2 Signed-off-by: Dave Barach <dave@barachs.net>
2018-01-09VPP-1113 SR MPLS path.frp_label_stackPablo Camarillo1-17/+16
provide one label stack per fib_table_entry_path_add2 call. otherwise multiple mheap releases take place. Change-Id: I475ca1b801fc85dddda0b540c69ad628a274df7f Signed-off-by: Pablo Camarillo <pcamaril@cisco.com>
2018-01-09VPP-1120 SRv6 bug with SID list containing only one SID and no srhPablo Camarillo1-26/+64
Packets with a SR policy of one SID list create a malformed packet. Outer IPv6 header points to a routing extension header that does not exist since the SID list contains only one SID. Change-Id: I1effee0457453bab95706a8a24fdabfbd843d5b7 Signed-off-by: Pablo Camarillo <pcamaril@cisco.com>
2018-01-09api: refactor vlibmemoryFlorin Coras50-284/+248
- separate client/server code for both memory and socket apis - separate memory api code from generic vlib api code - move unix_shared_memory_fifo to svm and rename to svm_fifo_t - overall declutter Change-Id: I90cdd98ff74d0787d58825b914b0f1eafcfa4dc2 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-01-09GRE tunnel key should use fib_index instead of fib_id (VPP-1118)John Lo1-12/+1
Follow up fix - vl_api_gre_add_del_tunnel_t_handler should pass outer_fib_id from API message to vnet_gre_add_del_tunnel() and not convert it to fib_index, since vnet_gre_add_del_tunnel() already perform the lookup to get fib_index from fib_id. Change-Id: I24967a97f82ce018ddef596e556bd3eb1706cb63 Signed-off-by: John Lo <loj@cisco.com>
2018-01-09DVR: run L3 output featuresNeale Ranns15-496/+780
- rename l2_bridged to is_dvr. Including on the ip.api this was new in the 18.01 release so no compatability issues. - steal the free space in vnet_buffer_opaque_t for use with flags. - run the ipX-output feature arc from the DVR DPO Change-Id: I040e5976d1dbe076fcdda3a40a7804f56337ce3f Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-01-09BIER: crash in show command when no tables are presentNeale Ranns1-0/+1
Change-Id: Ie291468ea9d05c47cefe39c4ff7fea3e016bacf2 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-01-09BIER: missing endian swap for imposition object in API returnNeale Ranns1-1/+1
Change-Id: Iddd754d00ace3d042336e5c2c40431566275051a Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2018-01-08Fix missing dereferenceJuraj Sloboda1-1/+1
Change-Id: I123259c131f1bd16c70990bf7f48d9a275c53ce2 Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2018-01-08NAT64: IPFix (VPP-1106)Matus Fabian1-1/+5
Change-Id: Ib90dc5613c9fdac0344b3bd7f163e2f7163c64d8 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-01-06GRE tunnel key should use fib_index instead of fib_id (VPP-1118)John Lo1-2/+11
The code path in src/vnet/gre/interface.c uses fib_id as a component to generate hash key for GRE tunnel. This should be fib_index as the GRE rx/decap data path will be using fib_index to generate the hash key to lookup the GRE tunnel. Change-Id: Ia7f0892d84f9dac79223a6e016775892b61eb5fb Signed-off-by: John Lo <loj@cisco.com> (cherry picked from commit 72247c803250894834d15952a6fddcd8f4a39a9c)
2018-01-06VPP-1110 BVI reply ARP that doesn't request BVI loacl IP.zhaoqingling1-0/+6
Change-Id: I66ae618edaa12c2b4e4afe276da689673b02c9cd Signed-off-by: zhaoqingling <zhao.qingling@zte.com.cn>
2018-01-05sock api: add infra for bootstrapping shm clientsFlorin Coras1-14/+0
- add function to sock client that bootstraps shm api - allow sock clients to request custom shm ring configs Change-Id: Iabc1dd4f0dc8bbf8ba24de37f4966339fcf86107 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-01-05Unify and cleanup usage of hash_set/unset_mem by various tunnelsJohn Lo3-78/+30
Move the functions hash_set_key_copy() and hash_unset_key_free() which are dupilicated in various tunnel support code modules to hash.h as hash_set_mem_alloc() and hash_unset_mem_free() to be used by all. Change-Id: I40723cabe29072ab7feb1804c221f28606d8e4fe Signed-off-by: John Lo <loj@cisco.com>
2018-01-05MAP: Add RFC6052 mapping to MAP-TOle Troan5-19/+73
Change-Id: I2e311f8b7f50133678b9172e8d071826af491609 Signed-off-by: Ole Troan <ot@cisco.com> Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2018-01-05VPP-1115 Fix a debug log mistake when create AF_PACKET socketzhaoqingling1-1/+1
Change-Id: Id6607adbe5da8ae8472dde8bb442ca5f68f6d84f Signed-off-by: zhaoqingling <zhao.qingling@zte.com.cn>
2017-12-22tcp: add builtin server/client transfer testFlorin Coras4-33/+60
Change-Id: Iab0baabf2f27bc7ad7fbf2d2789a493752b07d8a Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-12-21fib: make deag entries urpf extemptFlorin Coras5-0/+19
Change-Id: Ie8f6bb4fcd3e4fa269e86a77d2f21c87f372b783 Signed-off-by: Florin Coras <fcoras@cisco.com>