aboutsummaryrefslogtreecommitdiffstats
path: root/src/vnet
AgeCommit message (Collapse)AuthorFilesLines
2023-08-08ipsec: add support for RFC-4543 ENCR_NULL_AUTH_AES_GMACBenoît Ganne8-9/+85
Type: improvement Change-Id: I830f7a2ea3ac0aff5185698b9fa7a278c45116b0 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2023-07-31ipsec: fix IPv6 IPsec tunnel puntingSylvain Cadilhac1-0/+1
Type: fix Buffer needs to be rewinded before being passed to punt-dispatch node. Change-Id: I43d103515d372e425f4c3b08ca1779398f1fced4 Signed-off-by: Sylvain Cadilhac <sylvain.cadilhac@freepro.com>
2023-07-28session: regrab evt llist elt for app transports txFlorin Coras1-0/+6
App transports like TLS can close sessions on tx and consequently generate new events. That can realloc the event pool. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I58a97502acc1182b3d051ba1aa9e0e98c16f4593
2023-07-28vnet: add vnet_register_device_class functionDamjan Marion2-21/+25
To allow dynamic registration of device classes..." Change-Id: Ie8435e8c55b7e300be06abe97b653c0c3ce7f732 Type: improvement Signed-off-by: Damjan Marion <damarion@cisco.com>
2023-07-27session: remove unused codeFilip Tehlar1-17/+0
Type: improvement Change-Id: I7525aa81acf073707550b23541fdcc358b9bf49c Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2023-07-27ipsec: fix sa bind cliMaxime Peim1-1/+1
Small mistake was made, reported by coverty scan. Type: fix Change-Id: I98ca16c0275a94b2def99831f9353d4ff3fe93a9 Signed-off-by: Maxime Peim <mpeim@cisco.com>
2023-07-26stats: remove extra format lineSteven Luong1-2/+1
The extra format line was added for no reason from patch ff27c9f8e. Type: fix Fixes: ff27c9f8e Change-Id: Ib25149cc8a17c29d0c8a0dbc06f0ea12ca4f328c Signed-off-by: Steven Luong <sluong@cisco.com>
2023-07-26session: use session error type instead of vnet errorFilip Tehlar13-91/+116
Type: improvement Change-Id: Ie0bad9e03ac2e29da23af01ee7f63cb44489ad9c Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2023-07-25classify: add bpf support to pcap classifierMaxime Peim7-3/+126
Type: feature Change-Id: I28fb38e49c89f4c4d4cc58c1a5c0aa8502678472 Signed-off-by: Maxime Peim <mpeim@cisco.com>
2023-07-21vcl: ldp support SO_ORIGINAL_DSTqinyang6-10/+60
Type: improvement Support SO_ORIGINAL_DST socket option to get original dst_ip4 and dst_port if nat44 rule enabled. Change-Id: If00e00d03e48f3b78a23a68f1b078954d79dd0f7 Signed-off-by: qinyang <qiny@yusur.tech>
2023-07-21ipsec: fix logic in ext_hdr_is_pre_espPiotr Bronowski1-3/+3
When _VEC128 instructions are not enabled logic is buggy. The function always returned 1. Type: fix Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com> Change-Id: I603200637e8d65813f4e49ef15d798e74b79b9cf
2023-07-14ipip: populate mode in tunnel detailsMatthew Smith1-2/+19
Type: improvement There is a mode field in ipip_tunnel_details. The handler for the dump API does not do anything to populate it so it always contains 0 (TUNNEL_API_MODE_P2P). This is correct for p2p tunnels but is wrong for multipoint tunnels. Populate the field with the correct mode. Signed-off-by: Matthew Smith <mgsmith@netgate.com> Change-Id: I6c1288a0d3929db0f67100748b5760c36b594f97
2023-07-07stats: fix duplicate /if/names entrySteven Luong1-3/+7
stats entries /if/names are never deleted as it is a vector of the sw_if_index value. When the interface is deleted and then created again later, and if the new interface takes a different sw_if_index, we may end up with duplicate entries for the same interface name. For example, the following configuration sequence causes problem create loopback interface create loopback interface delete loopback interface intfc loop0 delete loopback interface intfc loop1 create loopback interface vpp_get_stats dump /if/names [0]: local0 /if/names [1]: loop0 /if/names [2]: loop0 /if/names The fix is to set the delete /if/names entry to deleted when the interface is deleted. Type: fix Change-Id: I7d811b12d56e3cf8c7deffe14736ea0f24814d02 Signed-off-by: Steven Luong <sluong@cisco.com>
2023-07-06api: ip - Mark old message versions as deprecatedOndrej Fabry1-0/+5
List of changed messages: - ip_punt_redirect_dump - ip_punt_redirect_details This change is part of VPP API cleanup initiative. Type: fix Signed-off-by: Ondrej Fabry <ofabry@cisco.com> Change-Id: Icf91f760b9bd328110b0f9fc2e421bb954033d21
2023-07-06api: pg - Mark old message versions as deprecatedOndrej Fabry1-0/+4
List of changed messages: - pg_create_interface - pg_create_interface_reply This change is part of VPP API cleanup initiative. Type: fix Signed-off-by: Ondrej Fabry <ofabry@cisco.com> Change-Id: I574927f0820c54d748f27fd96a45afec5243b645
2023-07-06api: sr - Mark old message versions as deprecatedOndrej Fabry1-0/+2
List of changed messages: - sr_policies_dump This change is part of VPP API cleanup initiative. Type: fix Signed-off-by: Ondrej Fabry <ofabry@cisco.com> Change-Id: I16ae1bed83ad8c73e3254b6d195251702de84f97
2023-07-06api: ipsec - Mark old message versions as deprecatedOndrej Fabry1-0/+12
List of changed messages: - ipsec_sad_entry_add_del_v2 - ipsec_sad_entry_add_del_v2_reply - ipsec_sa_v2_dump - ipsec_sa_v2_details This change is part of VPP API cleanup initiative. Type: fix Signed-off-by: Ondrej Fabry <ofabry@cisco.com> Change-Id: I8fd6906e9684ef7ebc0688dc8b0637ae2dc8d0a2
2023-06-30bpf_trace_filter: plugin for BPF Trace FilteringMohammed Hawari1-0/+2
Change-Id: I342de0a375b783725aa2b621c1c70bc8bf646450 Signed-off-by: Mohammed Hawari <mohammed@hawari.fr> Type: improvement
2023-06-30vlib: introduce trace filter functionsMohammed Hawari1-1/+6
Change-Id: I7a988fafe98599e4fcf7cdaa307a69b9d76650f0 Signed-off-by: Mohammed Hawari <mohammed@hawari.fr> Type: improvement
2023-06-29ip-neighbor: add api for getting neighbor db configAlexander Chernavin4-1/+74
There is an API call to change neighbor database configuration (i.e. limit on peer number, aging, and recycling). With this change, make getting current values of these settings available via the API. Type: improvement Change-Id: Ie9394e086b68cf9b28ad98dea162f203f8043cbb Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2023-06-27session udp: add len check for tx dgramsFlorin Coras3-2/+22
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I35391fb8c39defbe0e57a241a357c3c98e8cef54
2023-06-27api: tapv2 - Mark old message versions as deprecatedOndrej Fabry1-0/+4
List of changed messages: - tap_create_v2 - tap_create_v2_reply This change is part of VPP API cleanup initiative. Type: fix Signed-off-by: Ondrej Fabry <ofabry@cisco.com> Change-Id: I7b1b22cc4a0e31f5c19fe48e7a0f30631576f9df
2023-06-27virtio: use fast-path for ethernet-input if possibleStanislav Zaikin1-1/+26
If a frame should be sent to 'ethernet-input' set the ETH_INPUT_FRAME_F_SINGLE_SW_IF_IDX flag. It will force 'ethernet-input' to use a fast-path for such frames. This patch also aligns the behaviour with other input nodes. Type: improvement Change-Id: Icff0fa31204d5304a2ea0a4f4e7bc418dedbfe32 Signed-off-by: Stanislav Zaikin <zstaseg@gmail.com>
2023-06-26udp: pass cless hdr to transport through bufferFlorin Coras3-39/+60
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: I7177ada23e5a69ec8e362ec98b98010c3b44b3d7
2023-06-25tcp: avoid initializing counters multiple timesFlorin Coras2-2/+10
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ia98dae5fdde16426d5457742aff0a1b04db4d034
2023-06-23ipsec: manually binding an SA to a workerMaxime Peim6-6/+272
An SA is normally bound to the first thread using it. However, one could want to manually bind an SA to a specific worker. Type: improvement Signed-off-by: Maxime Peim <mpeim@cisco.com> Change-Id: I05cbbf753e44a01d9964ee47812c964db9bbb488
2023-06-23fib: walk over adj glean per tableStanislav Zaikin1-24/+33
Type: fix Signed-off-by: Stanislav Zaikin <stanislav.zaikin@46labs.com> Change-Id: I07f54bb643c24b1839a2d0e93acc593d13a43fed
2023-06-22tcp: add simple stats collectorFlorin Coras2-0/+51
Type: feature Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I435ff10fa3af15b0bed83607aca508a1c087a159
2023-06-22tcp: options support into pgMaxime Peim2-58/+210
Packet-generator does not support TCP options. Along with its support, a formatting function has been added. Further work will be needed to update header formatting functions to take into account TCP connection options. For now, TCP options are taken on a per-packet basis. Type: improvement Change-Id: Id800887853c4941d893be353ce6d8624ed8bbc5d Signed-off-by: Maxime Peim <mpeim@cisco.com>
2023-06-21session: mark half-open transport closed on ntfFlorin Coras1-3/+3
Make sure half-open sessions are marked as transport closed once connected notification is provided. This ensures that if they've been scheduled for tx, the event is ignored. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I8c44584e843d93365ec737ae4e1bcb74eba35506
2023-06-13vppapigen: fix crash with autoendian arraysDave Wallace1-2/+1
Type: fix Ticket: VPP-2078 Change-Id: I418269632bdfc823c5f0ba7652957277276d294d Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2023-06-08tcp: cleanup next nodes and drop logicFlorin Coras2-136/+60
TCP nodes consume the buffers so they have no nexts. To avoid long drop path through vlib graph, add drop node. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ibe6e075e83612ed16270934398c6a013f236ae35
2023-06-08crypto: use fixed crypto frame poolgaoginskx5-8/+42
The async frames pool may be resized once drained. This will cause 2 problems: original pool pointer is invalidated and pool size changed, both problems will confuse the crypto infra user graph nodes (like IPsec and Wireguard) and crypto engines if they expect the pool pointers always valid and the pool size never changed (for performance reason). This patch introduces fixed size of the async frames pool. This helps zeroing surprise to the components shown above and avoiding segmentation fault when pool resizing happened. In addition, the crypto engine may take advantage of the feature to sync its own pool/vector with crypto infra. Type: improvement Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com> Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com> Change-Id: I2a71783b90149fa376848b9c4f84ce8c6c034bef
2023-06-05udp: improve port validity checkBenoît Ganne2-13/+14
- do not allocate port sparse vector when only checking if a port is already in use - do not display port that have been unregistered by default Type: improvement Change-Id: I6cc94e35806dd8d415cd5d1c1c51e6b066ac26a1 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2023-06-02session: cleanup cless listeners from session lookupFlorin Coras1-1/+8
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: I46b8194ff00c6a0a4a2bc19df9991f037856cede
2023-06-01crypto: make crypto-dispatch node working in adaptive modeXiaoming Jiang9-216/+30
This patch can make crypto dispatch node adaptively switching between pooling and interrupt mode, and improve vpp overall performance. Type: improvement Signed-off-by: Xiaoming Jiang <jiangxiaoming@outlook.com> Change-Id: I845ed1d29ba9f3c507ea95a337f6dca7f8d6e24e
2023-05-31fib: fix memory leak in fib_attached_export_purgeStanislav Zaikin1-0/+1
Type: fix Change-Id: I879594fcade4e081190e8dfb1dbcfc53e8431edf Signed-off-by: Stanislav Zaikin <stanislav.zaikin@46labs.com>
2023-05-30virtio: fix the packet buffering initialization orderMohsin Kazmi2-11/+21
Type: fix Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: Idada695432d2bfac8808f35f1e8cd16f84d963c6
2023-05-29ipsec: fix ipsec_set_next_index set with wrong sa index when async frame ↵Xiaoming Jiang3-27/+39
commit failed Type: fix Signed-off-by: Xiaoming Jiang <jiangxiaoming@outlook.com> Change-Id: Ib4c61906a9cbb3eea1214394d164ecffb38fd36d
2023-05-26tls: fix memory leak when client/server init errorXiaoming Jiang1-2/+18
Type: fix Signed-off-by: Xiaoming Jiang <jiangxiaoming@outlook.com> Change-Id: I484f3759b6c27052e08741398ec389729285f035
2023-05-25udp: fix local port reuse checkFlorin Coras1-2/+4
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I323946f7838507110c663f5a904399a74fc76691
2023-05-24hash: add hash documentationMohsin Kazmi1-0/+90
Type: docs Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I36764aa3c0e9657d228413aeafa0a54bbd755e49
2023-05-22teib: fix nh-table-idStanislav Zaikin1-41/+38
Peer fib index and nh fib index should be different when nh-table-id is specified. Type: fix Change-Id: I4c8296adb5aeab1c0022bfc1046e9559331b79b2 Signed-off-by: Stanislav Zaikin <stanislav.zaikin@46labs.com>
2023-05-21mpls: implement state change callbacksAdrian Pistol2-5/+37
There was already a basic type defined, but nothing more. This implements callbacks similar to ip4_enable_disable_interface_callback_t. Type: feature Change-Id: I34fcb146ca68af4eb8cdd244529eb149f884284d Signed-off-by: Adrian Pistol <vifino@posteo.net>
2023-05-21ip-neighbor: fix aged neighbor probeSergio Gonzalez Monroy1-2/+2
The order of the parameters when calling the ip_neighbor_probe_dst for an aged neighbor is wrong and given that it runs on the master thread, probes for IPv6 neighbors were never sent, leading to a certain neighbor strike out and death and its removal from the neighbor cache. Change-Id: Ic021bd0ece05bd2c1c6ab90eab0e2dc27cb10360 Type: fix Fixes: fd2417b2a42 Signed-off-by: Sergio Gonzalez Monroy <monroy@anapaya.net>
2023-05-19fib: fix load-balance and replicate dpos buckets overflowBenoît Ganne4-9/+53
load-balance and replicate dpos both store their number of buckets as u16, which can overflow if too many paths are configured. For load-balance it can happens quite quickly because of weights normalization. Type: fix Change-Id: I0c78c39fc3d40626dfc58b49e7d99d71f9852b50 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2023-05-19interface: add the transmit queue infrastructure documentMohsin Kazmi1-0/+159
Type: docs Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I57f27f8ec4be7f3d8dc3d13ff4ea6b1b21c3cf6b
2023-05-16ip_session_redirect: add session redirect pluginBenoît Ganne2-2/+4
This feature enables the use of the classifier and ip-in-out-acl nodes to redirect matching sessions via arbitrary fib paths instead of relying on additional VRFs. Type: feature Change-Id: Ia59d35481c2555aec96c806b62bf29671abb295a Signed-off-by: Benoît Ganne <bganne@cisco.com>
2023-05-16ethernet: fix adding p2p ethernet crashXiaoming Jiang1-5/+6
Type: fix Signed-off-by: Xiaoming Jiang <jiangxiaoming@outlook.com> Change-Id: Ib0ca3379439d6ee23e696f8f0840e6ddf42430b8
2023-05-16flow: fix wrong to use ntohl function to u64 type variableYulong Pei1-1/+1
This caused that failed to create flow rule with rss types. Type: fix Signed-off-by: Yulong Pei <yulong.pei@intel.com> Change-Id: I77696286a32804cbe884075cb027eec19eb5c7cb Signed-off-by: Yulong Pei <yulong.pei@intel.com>