aboutsummaryrefslogtreecommitdiffstats
path: root/src/vnet
AgeCommit message (Collapse)AuthorFilesLines
2019-05-07add TLS endpoint functionYu Ping2-5/+32
a bit like QUIC, and the added function can get the endpoint info in TLS, so that the VCL layer can get those info correctly Change-Id: Ied7aa3077087c1814499364dfa7654a088ad9910 Signed-off-by: Yu Ping <ping.yu@intel.com>
2019-05-06ip4_load_balance: leverage vlib_get_buffersZhiyong Yang1-13/+11
vlib_get_buffers can save 1.2 clocks/pkt from 16.1 to 14.9 clocks/pkt on Skylake. Change-Id: I79d8b58b192280af5e5a5f73562b6301e1821cec Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
2019-05-06virtio: refactor ctrl queue supportMohsin Kazmi1-22/+32
Change-Id: Ifb16351f39e5eb2cd154e70a1c96243e4842e80d Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2019-05-06ppp: simplify code using existing functionsZhiyong Yang1-10/+6
Change-Id: Ib5289b4d08ca7a8d7f786cc606e6c760735b2a35 Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
2019-05-06Add missing init fn dependency to ipsec_initDave Barach1-0/+5
ipsec_init fails if vnet_feature_init hasn't occurred. Can happen if a particular set of plugins are loaded. Change-Id: I67b289d640c28d04e248b9a09ebcc8f205834fd2 Signed-off-by: Dave Barach <dave@barachs.net>
2019-05-06Fix VPP-1487 DHCP client does not support option 6-domain serverjackiechen19854-7/+45
Change-Id: I36ad1ef2a53af3d3f3a6348bc189b17e9e4e21bd Signed-off-by: jackiechen1985 <xiaobo.chen@tieto.com>
2019-05-03session/svm: apis for fifo shrinkingFlorin Coras2-0/+65
Change-Id: Ie519683bb90aae6fb95f2a09e251cded1890ed41 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-05-03mp_safe SW_INTERFACE_DUMP, SW_INTERFACE_DETAILS, SW_INTERFACE_TAG_ADD_DEL,Steven Luong3-0/+9
BRIDGE_DOMAIN_DUMP, CONTROL_PING, CONTROL_PING_REPLY, and show interface CLI Change-Id: I2927573b66bb5dd134b37ffb72af0e6676750917 Signed-off-by: Steven Luong <sluong@cisco.com> (cherry picked from commit 15c31921a628c5500cbed2ebc588d7ddbaa970a3)
2019-05-03Fix FIB initialization in UDP inputNathan Skrzypczak1-0/+1
Change-Id: I7c88ada2af039aa0861fe7c71361a293b999d0c7 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2019-05-03Add packet headers in UDPC fifosAloys Augustin2-38/+23
This change adds packet headers for each packet in a UDPC connection. This changes the semantic of UDPC from an unreliable, unordered stream of bytes to an unreliable, unordered sequence of packets. Change-Id: I831e43903870a5720d26daa6e971299d03b208d7 Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
2019-05-02vpp_papi_provider.py: update defautmapping.Paul Vinciguerra1-1/+1
Add missing create_bvi/delete_bvi to defaultmapping. Correct typo in interface.api documentation. Change-Id: I8aa187f3b33c21fb2fcd55311ef79777c81d94d4 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-05-01virtio: Fix virtio buffer allocationMohsin Kazmi1-1/+1
Change-Id: I0ffb468aef56f5fd223218a83425771595863666 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2019-05-01virtio: remove configurable queue size supportMohsin Kazmi5-41/+27
Native virtio device through legacy driver can't support configurable queue size. Change-Id: I76c446a071bef8a469873010325d830586aa84bd Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2019-05-01esp_encrypt: remove unnecessary codeZhiyong Yang1-1/+1
Change-Id: I2d7e873fca6ab266af75814fac5d4cb5cda93cef Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
2019-05-01ipsec: fix ipsec format overflowBenoît Ganne1-4/+3
hi->name is not NULL-terminated. Use specialized format function which does the right thing. Change-Id: Iadda51461af0c1ad4f38a6d24b76e816020f35c8 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-04-30svm: more fifo refactor/cleanupFlorin Coras5-18/+17
Change-Id: Ie76c69641c8598164d0d00fd498018037258fd86 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-04-30crypto: enforce per-alg crypto key lengthBenoît Ganne3-16/+55
Crypto algorithms have different requirements on key length. As we do not support key stretching (eg. PBKDF2), user must provide the exact key length used by the algorithm. Failing that means low-level crypto functions might read garbage (eg. aes128_key_expand() will read 16-bytes, regardless of the key provided by the user). Change-Id: I347a1ea7a59720a1ed07ceaad8b00a31f78458c9 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-04-30reassembly: avoid race-conditionsKlement Sekera1-12/+26
Change-Id: Ibf5c283217a985e43a562f1969573eeb26ee6017 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-04-26IF: return VTR attributes for all ifs in dump APIAlexander Chernavin1-20/+20
With this commit, VTR attributes are shown not only for subinterfaces but for all interfaces. Change-Id: I498185d905c0bf48431cddb916165f8e9c841b1f Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2019-04-26crypto, ipsec: change GCM IV handlingDamjan Marion3-4/+22
- nonce construction out of salt and iv is ipsec specific so it should be handled in ipsec code - fixes GCM unit tests - GCM IV is constructed out of simple counter, per RFC4106 section 3.1 Change-Id: Ib7712cc9612830daa737f5171d8384f1d361bb61 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-04-26svm: fifo segment support for chunk allocationFlorin Coras2-2/+26
Change-Id: Ie96706b4d8bcb32d2d5f065bc765f95f4e9369e7 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-04-25crypto: AES GCM IV length is always 12Damjan Marion2-2/+1
... at least for use cases we are interested in Change-Id: I1156ff354635e8f990ce2664ebc8dcd3786ddca5 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-04-25tap: Fix the indirect buffer allocationMohsin Kazmi1-1/+1
Change-Id: I73f76c25754f6fb14a49ae47b6404f3cbabbeeb5 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2019-04-25session: cleanup segment manager and fifo segmentFlorin Coras10-381/+402
Change-Id: I984f347fb465c0c405cef668d8690457e81788e2 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-04-25crypto_ipsecmb: use pre-expanded keysDamjan Marion1-1/+1
Change-Id: Ie1d34b7e71554516595e0cd228e2cd54a3b8d629 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-04-25session: use teps in accept/connect notificationsFlorin Coras6-48/+40
Change-Id: I58e713661a38cecbfdebd4609292d9d12e880cd2 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-04-25IPSEC; dpdk backend for tunnel interface encryptionNeale Ranns8-57/+94
Change-Id: Ide2a9df18db371c8428855d7f12f246006d7c04c Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-04-25ipsec: drop runts in esp-decryptDamjan Marion1-0/+8
Change-Id: Id7fcaf8590f9f2dcccdebea0ad31c7ecd1cbc8af Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-04-25crypto: improve key handlingDamjan Marion11-26/+208
Change-Id: If96f661d507305da4b96cac7b1a8f14ba90676ad Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-04-25Remove dummy_interface_tx nodes from l2tp l2xcrw and nshJohn Lo2-18/+0
Change-Id: I51e0d4a9ec62514a85bbe4c5f56a48d60ab6f4e4 Signed-off-by: John Lo <loj@cisco.com>
2019-04-24Add get_endpoint in transport vftAloys Augustin5-13/+88
This allows QUIC & TLS specific logic to be implemented, and meaningfull IP/port to be returned when connection is overridden. Change-Id: Id79c59fe4d7b16d36f0e96ad3e281c4026b5fe65 Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
2019-04-24ip4_lookup_inline: leverage vlib_get_buffers to improve perfZhiyong Yang1-32/+27
vlib_get_buffers can save at least 1.2 clocks/pkt for ip4_lookup_inline on Haswell. Change-Id: I730fc346cec4d2eb5ca364308e45268bda4d5f89 Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
2019-04-24QUIC: Add multi-stream support to internal test appsAloys Augustin6-7/+171
Change-Id: Iab07697ef482529e62c11433cffa1f8f894e5bb7 Signed-off-by: Aloys Augustin <aloaugus@cisco.com> Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2019-04-24UDPC: Fix open segfault with multiple workersAloys Augustin1-1/+3
Change-Id: Ib4a64f17831e2419f1d6140a6d24649c096bdfa5 Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
2019-04-24l2: Add support for arp unicast forwardingMohsin Kazmi6-8/+112
Change-Id: I79fc55f36a9b83957f84619bdf8cef08acc8ec24 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2019-04-24session: remove unused fifo allo return valueFlorin Coras3-11/+7
Change-Id: I50a6bcc127e4b44becc4b694bdd3018ac9bfab5c Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-04-24ethernet_input_inline: leverage vlib_get_buffersZhiyong Yang1-17/+14
Make full use of well optimized function vlib_get_buffers for ethernet_input_inline. Change-Id: Iee7df570b87fa95c0902895686a62386d730f9a1 Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
2019-04-24Rearrange prefetching in ipsec_output_inlineVratko Polak1-6/+6
Change-Id: I6151e57643ebed42f51b795980db2c52084295ab Signed-off-by: Vratko Polak <vrpolak@cisco.com>
2019-04-23API sw_interface_dump: Dump all if index is zeroVratko Polak2-5/+6
This is a temporary measure, to allow CSIT usage of VAT command sw_interface_dump without arguments. Change-Id: Ic40adfcc89d92179e213afc497e4e71bbc0dad83 Signed-off-by: Vratko Polak <vrpolak@cisco.com>
2019-04-23Fix a ipsec command line typoSimon Zhang1-1/+1
Change-Id: Ic75df36e06a77730ff8764f96d3cf53c4e59923b Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
2019-04-23vnet: clean up calc_checksums()Zhiyong Yang1-7/+8
Remove the duplicated code and unnecessary operations. Change-Id: I78005848d29d3156165627926a79015d590d61a6 Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
2019-04-23ipsec4-output: add pkt header and data prefetchingZhiyong Yang1-2/+9
The graph node running IPsec encap in tunnel mode can be saved from 65.8 to 57.3 clocks/pkt on Haswell platform. The graph node can be saved 10 clockes/pkt on DVN as well in the same case. Change-Id: I4804879c4d489465ee56a8f8317596b7e79b9331 Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
2019-04-22GRE: set gre_tunnel_type init value to zero in APIAlexander Chernavin1-1/+1
Change-Id: I9715b0578852a1ed59d78b7a9e28f32fc763ed3c Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2019-04-19Doxygen cleanup.Dave Wallace2-2/+2
- Add subpages definitions in appropriate section (User or Dev docs) for doc files (*.rst, *.md) that being listed at the top level of the generated doc page. - Generate and add API list to RELEASE doc. - Fix list_api_changes script to use HEAD as the endtag so it doesn't need to be changed every release. Change-Id: Iace7b6433359c6b96869cb1db01facbbcb0ac1e6 Signed-off-by: Dave Wallace <dwallacelf@gmail.com> (cherry picked from commit 11ee93f6abfaddf5bbd56cf0858c0c6ea0384b65)
2019-04-19IPSEC: IPv6 ESP transport mode incorrect packet length and checksum (VPP-1654)Neale Ranns1-7/+14
Change-Id: Ia3474e5bfea5764eae9b2987bf78296535df6778 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-04-196rd: fix debug cli short-helpBenoît Ganne1-1/+2
Debug cli short help for 6rd tunnel creation was out-of-date. Change-Id: I06e4d28481470825bf225ba0fd371a3aebd889fa Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-04-19DOCS-ONLY: Fix broken doxygen tag in BVIDave Wallace1-1/+1
Change-Id: Ia42e7c93ebe51a36470f1358827451bcb98da433 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2019-04-19IPSEC: ESP IPv6 transport mode payload length incorrect (VPP-1653)Neale Ranns1-1/+3
Change-Id: I8977100d7a22b50260858bd1ea9db419b53284ff Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-04-19FIB: recursion casues path reallocNeale Ranns1-1/+12
Change-Id: Ie9c2954eee90ca1a1fc1aa8280f93b2340b544c1 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-04-18svm: allow indirect fifo data chunksFlorin Coras1-1/+0
Fifos can use multiple memory chunks for simple read/write operations. Adding/removing chunks after assignment not yet supported. Change-Id: I2aceab6aea78059d74e0d3a9993c40d5196d077b Signed-off-by: Florin Coras <fcoras@cisco.com>