summaryrefslogtreecommitdiffstats
path: root/src/vnet
AgeCommit message (Collapse)AuthorFilesLines
2019-02-28IPSEC: crash on SA dump when SA are bound to tunnelsNeale Ranns1-2/+5
Change-Id: I1c8256af838e6d4f371549ca91b8b0a4c0c44c65 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-02-27buffer chain linearizationKlement Sekera4-336/+91
Rewrite vlib_buffer_chain_linearize function so that it works as intended. Linearize buffer chains coming out of reassembly to work around some dpdk-tx issues. Note that this is not a complete workaround as a sufficiently large packet will still cause the resulting chain to be too long. Drop features from reassembly code which relies on knowing which and how many buffers were freed during linearization, buffer counts and tracing capabilities for these cases. Change-Id: Ic65de53ecb5c78cd96b178033f6a576ab4060ed1 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-02-22vhost: VPP stalls with vhost performing control plane actions [VPP-1572]Steven Luong3-214/+259
Symptom ------- With NDR traffic blasting at VPP, bringing up a new VM with vhost connection to VPP causes packet drops. I am able to recreate this problem easily using a simple setup like this. TREX-------------- switch ---- VPP |---------------| |-------| Cause ----- The reason for the packet drops is due to vhost holding onto the worker barrier lock for too long in vhost_user_socket_read(). There are quite a few of system calls inside the routine. At the end of the routine, it unconditionally calls vhost_user_update_iface_state() for all message types. vhost_user_update_iface_state() also unconditionally calls vhost_user_rx_thread_placement() and vhost_user_tx_thread_placement(). vhost_user_rx_thread_placement scraps out all existing cpu/queue mappings for the interface and creates brand new cpu/queue mappings for the interface. This process is very disruptive and very expensive. In my opinion, this area of code needs a makeover. Fixes ----- * vhost_user_socket_read() is rewritten that it should not hold onto the worker barrier lock for system calls, or at least minimize the need for doing it. * Remove the call to vhost_user_update_iface_state as a default route at the end of vhost_user_socket_read(). There is only a couple of message types which really need to call vhost_user_update_iface_state(). We put the call to those message types which need it. * Remove vhost_user_rx_thread_placement() and vhost_user_tx_thread_placement from vhost_user_update_iface_state(). There is no need to repetatively change the cpu/queue mappings. * vhost_user_rx_thread_placement() is actually quite expensive. It should be called only once per queue for the interface. There is no need to scrap the existing cpu/queue mappings and create new cpu/queue mappings when the additional queues becomes active/enable. * Change to create the cpu/queue mappings for the first RX when the interface is created. Dont remove the cpu/queue mapping when the interface is disconnected. Remove the cpu/queue mapping only when the interface is deleted. The create vhost user interface CLI also has some very expensive system calls if the command is entered with the optional keyword "server" As a bonus, This patch makes the create vhost user interface binary-api and CLI thread safe. Do the protection for the small amount of code which is thread unsafe. Change-Id: I4a19cbf7e9cc37ea01286169882e5603e6d7eb77 Signed-off-by: Steven Luong <sluong@cisco.com> (cherry picked from commit 67f935ec6eb9ec37b7d73029c5afa89cbf4a9aa2)
2019-02-22tcp: free sack block list on connection cleanupFlorin Coras1-0/+2
Change-Id: I7152b4ae64528082765726d5844580aad54c0c70 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-02-22Add no-append flag to vlib_frame_tDamjan Marion2-0/+2
Change-Id: I01c4f5755d579282773ac227b0bc24f8ddbb2bd1 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-02-20IP route local and connectedNeale Ranns2-3/+14
allow routes that are local and connected to be added via the API. this emulates the addition of a second address in the same subnet added to an interface. Change-Id: Ib18a08c26956be9a07b3360664210c8cf6734c84 Signed-off-by: Neale Ranns <nranns@cisco.com> (cherry picked from commit 7425f9289bdc17d330044b0df0fc31cdeeca626b)
2019-02-20FIB: pass a copy the walk contextNeale Ranns1-1/+3
since it can realloc when new ctx are added. If not we can get some nasty memory corruption. Change-Id: I617709c3013acbcb8aee07dc147894f0de896555 Signed-off-by: Neale Ranns <nranns@cisco.com> (cherry picked from commit 58085f2f6757e464196b283cc8335ab5cf34a012)
2019-02-19Revert "bond: problem switching from l2 to l3"Peter Mikus1-11/+0
During CSIT testing we discovered that LACP tests were failing and producing coredumps. Reverting this patch fix the problem with VPP crashing. This reverts commit f23890138e02d4218c828c427f687f8ecdb0e165. Change-Id: Icf97053ce1473350add885cbebe591f7f3efcbea Signed-off-by: Peter Mikus <pmikus@cisco.com>
2019-02-07tcp: fix reset sending in syn-sentFlorin Coras3-6/+7
Change-Id: I468b1015bca5f95b162fb49e904aa4e4d38db75e Signed-off-by: Florin Coras <fcoras@cisco.com> (cherry picked from commit d4c49be5e20406220cf89083c9df86c3c0761a81)
2019-01-30ipsec: fix check support functionsKlement Sekera2-5/+17
Change-Id: If94c57fbb07a7376a9f2873e1489c00b28152620 Signed-off-by: Klement Sekera <ksekera@cisco.com> (cherry picked from commit 4fd5a9d3e6abdf61f266da8400a299fe5b0eb0ed)
2019-01-25IP6 FIB: walk table for dump (VPP-1553)Neale Ranns1-12/+7
Change-Id: Iaa57ace6df96bfacd1235c80ec7bb08e5f335530 Signed-off-by: Neale Ranns <nranns@cisco.com> (cherry picked from commit 5c1f559b1bf32acd528664e7674a2d46f2aed947)
2019-01-23bond: packet drops on VPP bond interface [VPP-1544]Steven2-20/+21
We register callback for VNET_HW_INTERFACE_LINK_UP_DOWN_FUNCTION and VNET_SW_INTERFACE_ADMIN_UP_DOWN_FUNCTION to add and remove the slave interface from the bond interface accordingly. For static bonding without lacp, one would think that it is good enough to put the slave interface into the ective slave set as soon as it is configured. Wrong, sometimes the slave interface is configured to be part of the bonding without ever bringing up the hardware carrier or setting the admin state to up. In that case, we send traffic to the "dead" slave interface. The fix is to make sure both the carrier and admin state are up before we put the slave into the active set for forwarding traffic. Change-Id: I93b1c36d5481ca76cc8b87e8ca1b375ca3bd453b Signed-off-by: Steven <sluong@cisco.com> (cherry picked from commit e43278f75fe3188551580c7d7991958805756e2f)
2019-01-20session: add support for vrf in session unformat (VPP-1546)Florin Coras1-7/+22
Change-Id: Ic5ba751c2bd2db9af4a21d3db40cc305d1208c30 Signed-off-by: Florin Coras <fcoras@cisco.com> (cherry picked from commit baee8d498830bbbf54ec76e7c0c887c6373fe985)
2019-01-20tcp: fix debugging without cc stats (VPP-1547)Florin Coras1-0/+1
Change-Id: I376856fcadce570bb555064435f5876eefb2befa Signed-off-by: Florin Coras <fcoras@cisco.com> (cherry picked from commit 0702554639e5149d9012cc196aa43c3c8d0d7f9b)
2019-01-20fix data_length in IpSec API call (VPP-1548)Michal Cmarada1-4/+6
Change-Id: Idb2839f6082bd2e052be2bc5417f0ebb43d1c0a6 Signed-off-by: Michal Cmarada <mcmarada@cisco.com>
2019-01-18tcp: allow data in passive open ack (VPP-1545)Florin Coras1-2/+3
Change-Id: Iceb99d3f8b7029bd1b1e9ebafb1e0b3790c573e4 Signed-off-by: Florin Coras <fcoras@cisco.com> (cherry picked from commit 865872ebdb2bbaf3f157e2a9889405b84114d2eb)
2019-01-13bonding: support custom interface IDsAlexander Chernavin5-3/+40
Change-Id: I78fe58144fa3ba2e1c7135897a13a2541f235c91 Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2019-01-12session: generate wrong thread errors instead of crashingFlorin Coras6-22/+45
Change-Id: I7e59ae718d2722c49d42b22a0874e1645a191e89 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-01-11Fix 'show interface span' field lengthIgor Mikhailov (imichail)1-2/+2
Allow to display longer interface names, e.g. VirtualEthernet0/0/0.102 The field length (32) is now the same as for 'show interface'. Change-Id: I1cb1efd459acb800bfaeeec40b672c8b17cd8c3d Signed-off-by: Igor Mikhailov (imichail) <imichail@cisco.com>
2019-01-10session/vcl: improve fifo tx notificationsFlorin Coras3-49/+50
Change-Id: Ied476c417c8ba5b4d7c615125c36eecd9ca64fbc Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-01-10ARP/ND: copy opaque2 persistent fields to new packetNeale Ranns3-4/+16
Change-Id: Ic65f686aaccaf8450732d88d7471b587faccaa9d Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-01-09VXLAN: Prevent duplicate bypass graph nodes.Jon Loeliger2-4/+37
Change-Id: I68cc509b594b09751ff5e0e09bbca187a4a88edd Signed-off-by: Jon Loeliger <jdl@netgate.com>
2019-01-08Fix name of ipv6-n-tupleHongjun Ni1-1/+1
Change-Id: Ia95a75295e4865b4720573f164ccba8bcc7679ae Signed-off-by: Hongjun Ni <hongjun.ni@intel.com>
2019-01-08virtio: fix kick race issueDamjan Marion3-10/+29
Change-Id: I25b2a28513821bc5eab9ac6890a3964d412b0399 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-01-07tapv2: add "tap_flags" field to the TAPv2 interface APIAndrew Yourtchenko3-0/+8
Change-Id: I26f99d95f52c9fe107d17dcbbf5c6185523beade Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2019-01-07VOM: mroutesNeale Ranns4-6/+31
- fixes in ip.api for dumping mroute path flags Change-Id: I13b0cfb15d374250ed71bd4e13dda9b798c18204 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-01-07L2 BD API to flush all IP-MAC entries in the specified BDJohn Lo4-12/+83
Implement API/CLI to clear IP-MAC tables used for ARP-termination in the specified bridge domain. The CLI to flush MAC IP tables for a BD is: set bridge-domain arp entry <bd-id> del-all The API added is bd_ip_mac_flush. Change-Id: I34ceb87c0f480c7102f6559312c24081ed485af8 Signed-off-by: John Lo <loj@cisco.com>
2019-01-07Handle buffer alloc failure in vlib_buffer_add_dataDave Barach3-34/+72
It's not OK to crash due to a transient buffer allocation failure. Return 1 if the requested operation failed, otherwise 0. Buffer index parameter change to a value-result, so the caller can differentiate between partial and complete allocation failure: callers which request an initial allocation (inbound bi = ~0) need to check the (out) value to decide whether or not to call vlib_buffer_free(...). Change-Id: I03029d7f2714c17dca4630dfd95a1eb578b68384 Signed-off-by: Dave Barach <dave@barachs.net>
2019-01-07Fix TCP checksum.Andrej Kozemcak1-1/+4
Set TCP checksum to zero, before calculate the TCP checksum. Change-Id: Id96743334481804b8ebb74afef2f1dbfed29e0cb Signed-off-by: Andrej Kozemcak <andrej.kozemcak@pantheon.tech>
2019-01-06pktgen: support mixed multi/single chunk pcap replayDave Barach3-71/+165
Change-Id: I3d387b5e2b17f89ed688ea6cfee3fb6d782fe326 Signed-off-by: Dave Barach <dave@barachs.net>
2019-01-05vcl/session: add api for changing session app workerFlorin Coras5-15/+176
In case of multi process apps, after forking, the parent may decide to close part or all of the sessions it shares with the child. Because the sessions have fifos allocated in the parent's segment manager, they must be moved to the child's segment manager. Change-Id: I85b4c8c8545005724023ee14043647719cef61dd Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-01-04tcp: fix reset in syn-sentFlorin Coras1-2/+1
Change-Id: I6732adc06fbb3d4b427e671ddcfe6eabc08d4a1b Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-01-03tcp: add more closing state arcsFlorin Coras1-0/+19
Change-Id: If6f4d6404753b2d6b96e17f5414079bcdb9edde8 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-01-03tcp: better randomize issFlorin Coras2-4/+41
Change-Id: I3638221e59024d6b7d82499d57e25b8e609f73cb Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-01-03Fix used-before-set in vl_api_bridge_flags_t_handlerDave Barach1-1/+2
The aarch64 cross-compiler complains about this when building an optimized image. So we fix it... Change-Id: Ib2b2089c0534753d7d470311012fa0073ab27d1d Signed-off-by: Dave Barach <dave@barachs.net>
2019-01-03Fix an issue in tls.cPing Yu1-1/+3
Curernt code will overwrite parent_app_api_context, and defer the setting after this value is used in callback. Change-Id: Ie16e432fd0f4214e6deff3aa3b58b3be824b0331 Signed-off-by: Ping Yu <ping.yu@intel.com>
2019-01-02Revert "add ipsecmb plugin"Florin Coras1-4/+0
This reverts commit be16020c5034bc69df25a8ecd7081aec9898d93c. The arm verify job actually failed but the result was overwritten by an x86 ubuntu retry. Change-Id: Idcae7691fc575053563b8ff8bcad661c15891668 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-01-02Fixes for buliding for 32bit targets:David Johnson7-15/+23
* u32/u64/uword mismatches * pointer-to-int fixes * printf formatting issues * issues with incorrect "ULL" and related suffixes * structure alignment and padding issues Change-Id: I70b989007758755fe8211c074f651150680f60b4 Signed-off-by: David Johnson <davijoh3@cisco.com>
2019-01-02ipsec: fix support check when using AES-GCMMatthew Smith1-10/+15
When adding an IPsec SA, ipsec_check_support_cb() is called. This invokes a callback for AH and a callback for ESP to check if the algorithms are supported. When using AES-GCM on an ESP SA with the DPDK IPsec backend selected, the AH callback fails. The DPDK IPsec backend has no AH support, so the callback for the default OpenSSL backend is invoked. This checks whether the crypto algorithm is AES-GCM and returns failure. Only invoke the callback to check support for the IPsec protocol of the SA - either AH or ESP rather than doing both. Change-Id: Ic10be6a17b580d06ffb7e82ef5866e53a4f8b525 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2019-01-02add ipsecmb pluginKlement Sekera1-0/+4
Change-Id: I99c0737dfeeec2db267773625ddc9b55324fd237 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-01-01buffers: remove unused codeDamjan Marion12-39/+18
Change-Id: If2bbfbc52994f5de0879763e0b7a7864498debb6 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-01-01vcl/ldp: add write msg function and fine tuningFlorin Coras5-26/+61
Allows app to push data. Additionally, ensure reset/close replies are not sent unless vcl closes the session. Change-Id: Icbbf933cf57b55cfbcc7b802af0f83919a066f65 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-12-28session: free session after transport and app confirmFlorin Coras12-80/+95
In addition to that, a bit of refactoring. Change-Id: Iea1eabc2167bcdef185ec53bc09bae087c5398e6 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-12-26tcp: add more last-ack arcsFlorin Coras1-0/+19
Change-Id: If538bb9d6fb489906099b727a7bfdb9d9af29402 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-12-26tcp: separate active and passive establish timersFlorin Coras5-94/+107
Change-Id: Ia2241e963cf45765d8d17c65eea781edbf74d4f9 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-12-25tcp: add fin-wait-1 dispatch arcsFlorin Coras1-0/+19
Change-Id: Ie4cb08f5d9f7fd025f1a8ae610cebb0b0c315d9f Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-12-24FIB: adj src assert fix part 2Neale Ranns1-1/+8
Change-Id: Ic112180e53a55993b06ba18102202d6ac5854def Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-12-24tcp: compute seq_end in tcp_inputFlorin Coras3-50/+41
syn/fin are no longer added to seq_end so they must be considered individually in each state. Change-Id: I5e3047194101c4fca2db9f9ad29a4a6468c397ab Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-12-23FIB: remove assert from adj srcNeale Ranns1-1/+0
this is the case when the ADJ fib is in the non-forwarding trie Change-Id: I7bcda475b3b1e142d16363147dba3a1e2c5a07f9 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-12-22tcp: improve waitclose in closing statesFlorin Coras6-17/+83
Change-Id: I90056176194cb2a144d49a3cb283653d8d30f051 Signed-off-by: Florin Coras <fcoras@cisco.com>