summaryrefslogtreecommitdiffstats
path: root/src/vnet
AgeCommit message (Collapse)AuthorFilesLines
2022-11-28ipsec: remove redundant policy array in fast path spdPiotr Bronowski3-90/+178
Fast path spd was explicitely storing array of policy id vectors. This information was redundand, as this inofrmation is already stored in bihash table. This additional array was affecting performance when adding and removing fast path policies. The other place that needed refactoring after removing this array was cli command showing fast path policies. Type: feature Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com> Change-Id: I78d45653f71539e7ba90ff5d2834451f83ead4be
2022-11-28udp: preallocate ports sparse vec mapFlorin Coras1-2/+80
Not ideal. The sparse vector used to map ports to next nodes assumes only a few ports are ever used. When udp transport is enabled this does not hold and, to make matters worse, ports are consumed in a random order. This can lead to a lot of slow updates to internal data structures which in turn can slow udp connection allocations until all ports are eventually consumed. Consequently, reallocate sparse vector, preallocate all ports and have them point to UDP_NO_NODE_SET. We could consider switching the sparse vector to a preallocated vector but that would increase memory consumption for vpp deployments that do not rely on host stack. For reference, populating one of the v4 or v6 sparse vectors in reverse order takes about 9.8s on a skylake cpu. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Id795e1805d0d3ba54f56a152a9506a7a2a06ecbc
2022-11-25interface: remove the pending interrupt from deleting interfaceMohsin Kazmi2-5/+16
Type: fix Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I3138f97519d216b89a9c46865271db1f9ddd53cd
2022-11-24sr: srv6 path tracing apiJulian Klaiber4-0/+160
Implements the API for SRv6 Path Tracing Type: feature Signed-off-by: Julian Klaiber <julian@klaiber.me> Change-Id: Iefa7e512c8e1894595a9e3f5d42eab4160db1f28
2022-11-23gso: add gso documentationMohsin Kazmi1-0/+154
Type: docs Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I8a96e6cc73b5f7ab3049fef37aafba43f3ef4d84
2022-11-22policer: adding documentationMaxime Peim2-4/+231
Type: docs Several kinds of policers are implemented in VPP. However, they could differ from the RFCs it is said they are from. Additionally, the CLI command's help has been updated with the current list of acceptable parameters. Signed-off-by: Maxime Peim <mpeim@cisco.com> Change-Id: Ic9bf94e1094bea0fcc87ccaa882c2c5f88824041
2022-11-21ipsec: improve ipsec policy adding performanceXiaoming Jiang1-19/+15
Type: improvement Signed-off-by: jiangxiaoming <jiangxiaoming@outlook.com> Change-Id: I91ba1ff4c1085f4aca60ca111cbbaf14a3b4d761
2022-11-18ipsec: Failure at the start of the batch should not invalidate the rest of ↵Neale Ranns1-1/+1
the batch Type: fix Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: Icd1e43a5764496784c355c93066273435f16dd35
2022-11-15session: add transport main structureFlorin Coras1-39/+37
Leave tp_vfts vector out for now. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ic20a1671be9424280d0645f48ef2131a694cd16f
2022-11-11session: safe pools for cut-through sessionsFlorin Coras1-1/+2
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I6dd400285ae475974c416f9b94e8a5b4b6257ca1
2022-11-10session: reduce safe pool expand rateFlorin Coras1-2/+1
Make sure they only double in size. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I18d5508c7f32836deb3b25943e8e3af39d0dbc33
2022-11-10http: support client connectFilip Tehlar1-0/+2
Type: feature Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: I0738c0aefb41ab6c0ff717cfccd1df75ddb481fa
2022-11-09ip: fix unformat_ip_address forcing version to IP4 for some IP6 addressesAndrew Yourtchenko1-9/+10
dd2f12ba made use of ip46_address_is_ip4() in order to determine whether the address is ipv4 or ipv6 within unformat_ip_address - however, its logic is correct only for some addresses. e.g. a valid IPv6 address of :: (unspecified) will result in "true" result. This is probably not an issue for most of the cases (the unspecified address is quite rare), however if the unformat_ip_address is used as part of the prefix parsing, the ::/0 is a fairly often utilized construct, which gets parsed as 0.0.0.0 Solution: return the old logic, but use a temporary variable to avoid overwriting the target memory on failure. Type: fix Fixes: dd2f12ba6ab952d9d66f4d9ba89ffde6309b1ff2. Change-Id: I272f740dfdf07036cec68516e153f0701a53233d Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2022-11-08policer: improvement show policer cli.Huawei LI1-3/+3
cli show policer's help info is not consistent with it's arguments. Type: improvement Signed-off-by: Huawei LI <lihuawei_zzu@163.com> Change-Id: I8332fe97ba343e98511db9ff1bb6afd6f3c657cd
2022-11-06ip6-nd: set router flag on NA if appropriateMatthew Smith3-1/+19
Type: fix The router flag on a neighbor advertisement can be used by neighbors to detect that a router has changed to a host (RFC 4861 section 4.4). If a neighbor adds routes after receiving a router advertisement sent by VPP and subsequently receives a neighbor advertisement sent by VPP, it may remove any routes it added based on the RA if the NA does not have the router flag set. It appears that this is how windows behaves. When sending a neighbor advertisement, set the router flag if sending RAs is enabled on the interface. Signed-off-by: Matthew Smith <mgsmith@netgate.com> Change-Id: I1f3e42bbd8ea1a4c116b1ce5a8273652d4cd763d
2022-11-05ip6-nd: initialize radv_info->send_radv to 1Dave Barach1-0/+3
Otherwise, the newly configured interface will never send RADV's. See below. In the typical case, suppress = 0 and is_no = 0, which propagates the current value of radv->send_radv: radv_info->send_radv = (suppress != 0) ? ((is_no != 0) ? 1 : 0) : radv_info->send_radv; No other bit of code will set send_radv, at least in straightforward ways. Type:fix Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: If9368155f7676460ca1f87729c2b3c453405d08d
2022-11-04classify: fix crash when update nonexistent classify table.Huawei LI1-1/+3
vpp crash when update nonexistent classify table. Program received signal SIGABRT, Aborted. 0x00007fbf3b49b337 in raise () from /lib64/libc.so.6 (gdb) bt 0 0x00007fbf3b49b337 in raise () from /lib64/libc.so.6 1 0x00007fbf3b49ca28 in abort () from /lib64/libc.so.6 2 0x00000000004079db in os_panic () at /usr/src/debug/vpp-23.02/src/vpp/vnet/main.c:417 3 0x00007fbf3bb611c7 in debugger () at /usr/src/debug/vpp-23.02/src/vppinfra/error.c:84 4 0x00007fbf3bb61529 in _clib_error (how_to_die=2, function_name=0x0, line_number=0, fmt=0x7fbf3d03af08 "%s:%d (%s) assertion `%s' fails") at /usr/src/debug/vpp-23.02/src/vppinfra/error.c:143 5 0x00007fbf3c67062c in vnet_classify_add_del_table (cm=0x7fbf3d438f00 <vnet_classify_main>, mask=0x7fbf00fdc088 "", nbuckets=2, memory_size=2097152, skip=4, match=1, next_table_index=4294967295, miss_next_index=4294967295, table_index=0x7fbeed930b98, current_data_flag=0 '\000', current_data_offset=0, is_add=1, del_chain=0) at /usr/src/debug/vpp-23.02/src/vnet/classify/vnet_classify.c:780 6 0x00007fbf3c672bf4 in classify_table_command_fn (vm=0x7fbefb465740, input=0x7fbeed930ef0, cmd=0x7fbefc45ec18) at /usr/src/debug/vpp-23.02/src/vnet/classify/vnet_classify.c:1622 7 0x00007fbf3d52b527 in vlib_cli_dispatch_sub_commands (vm=0x7fbefb465740, cm=0x4273f0 <vlib_global_main+48>, input=0x7fbeed930ef0, parent_command_index=1064) at /usr/src/debug/vpp-23.02/src/vlib/cli.c:650 8 0x00007fbf3d52b2c3 in vlib_cli_dispatch_sub_commands (vm=0x7fbefb465740, cm=0x4273f0 <vlib_global_main+48>, input=0x7fbeed930ef0, parent_command_index=0) at /usr/src/debug/vpp-23.02/src/vlib/cli.c:607 9 0x00007fbf3d52b9cb in vlib_cli_input (vm=0x7fbefb465740, input=0x7fbeed930ef0, function=0x7fbf3d597406 <unix_vlib_cli_output>, function_arg=0) at /usr/src/debug/vpp-23.02/src/vlib/cli.c:753 10 0x00007fbf3d59cb0c in unix_cli_process_input (cm=0x7fbf3d61fe00 <unix_cli_main>, cli_file_index=0) at /usr/src/debug/vpp-23.02/src/vlib/unix/cli.c:2616 11 0x00007fbf3d59d25a in unix_cli_process (vm=0x7fbefb465740, rt=0x7fbf00f7bfc0, f=0x0) at /usr/src/debug/vpp-23.02/src/vlib/unix/cli.c:2745 12 0x00007fbf3d555a25 in vlib_process_bootstrap (_a=140458063833296) at /usr/src/debug/vpp-23.02/src/vlib/main.c:1221 13 0x00007fbf3bb74204 in clib_calljmp () at /usr/src/debug/vpp-23.02/src/vppinfra/longjmp.S:123 14 0x00007fbef10028a0 in ?? () 15 0x00007fbf3d555b4e in vlib_process_startup (vm=0x7fbf3bb7d70f <clib_mem_size+24>, p=0x7fbef10028d0, f=0x7fbf00f06ae0) at /usr/src/debug/vpp-23.02/src/vlib/main.c:1246 16 0x00007fbf3d592be6 in vec_max_bytes (v=0x8) at /usr/src/debug/vpp-23.02/src/vppinfra/vec_bootstrap.h:161 17 0x00007fbf00f06af8 in ?? () 18 0x0000000000000004 in ?? () 19 0x00000000000000ff in ?? () 20 0x00007fbef1002980 in ?? () 21 0x00007fbf3d592dcb in _vec_set_len (v=<error reading variable: Cannot access memory at address 0xfffffffffffffff5>, len=<error reading variable: Cannot access memory at address 0xffffffffffffffed>, elt_sz=<error reading variable: Cannot access memory at address 0xffffffffffffffe5>) at /usr/src/debug/vpp-23.02/src/vppinfra/vec_bootstrap.h:196 Backtrace stopped: previous frame inner to this frame (corrupt stack?) (gdb) f 5 0x00007fbf3c67062c in vnet_classify_add_del_table (cm=0x7fbf3d438f00 <vnet_classify_main>, mask=0x7fbf00fdc088 "", nbuckets=2, memory_size=2097152, skip=4, match=1, next_table_index=4294967295, miss_next_index=4294967295, table_index=0x7fbeed930b98, current_data_flag=0 '\000', current_data_offset=0, is_add=1, del_chain=0) at /usr/src/debug/vpp-23.02/src/vnet/classify/vnet_classify.c:780 780 t = pool_elt_at_index (cm->tables, *table_index); (gdb) p *table_index $1 = 8 (gdb) p cm->tables $2 = (vnet_classify_table_t *) 0x0 (gdb) Type: fix Signed-off-by: Huawei LI <lihuawei_zzu@163.com> Change-Id: I1c5f6168f0a7e1d1989ce07ec6c30c6fd9f0aaa9
2022-11-03session: fix tx_fifo clear and incorrect bitmap invalidationDongya Zhang2-5/+12
The tx_fifo of session may not be set up yet, if app request to disconnect the session, svm_fifo_dequeue_drop_all will crash. In debug image, ho_session_alloc will do clib_bitmap_validate to prevent race condition, however the input is not correct which will make vpp crash. Type: fix Change-Id: Ia8bff325d238eacb671e6764ea2a4eecd3fca609 Signed-off-by: Dongya Zhang <fortitude.zhang@gmail.com>
2022-11-02sr: SRv6 Path Tracing Midpoint behaviourJulian Klaiber4-0/+196
Type: feature Signed-off-by: Julian Klaiber <julian@klaiber.me> Change-Id: I866a2d2e06013380309c98a54078c1b3f6ad76fc
2022-10-31tls: use safe pool reallocsFlorin Coras2-51/+7
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ia2c771cbf826526d2d06b6da022509ab02917350
2022-10-26session: add session event log for session stateSteven Luong5-35/+68
To aid sesipon debug, add session event log in SM debug to track the session state. Type: improvement Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I6909cf969cd5b6a3ea5a06d08ae32c2f1d48f686
2022-10-25virtio: use current_data as l2_hdr_offsetMohsin Kazmi1-4/+2
Type: fix virtio transmit node uses header offsets to set the appropriate metadata for packet with offloads. But l2_hdr_offset is not correctly set by previous node(s). This patch makes use of curren_data field as l2_hdr_offset. Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: Id2f41a7650be45c9cc1ebacc7bec298be79bf218
2022-10-25devices: fix the l2 hdr offset in af_packet transmit sideMohsin Kazmi1-4/+2
Type: fix af_packet transmit node uses header offsets to set the appropriate metadata for packet with offload. But l2_hdr_offset is not correctly set by previous node. This patch makes use of curren_data field as l2_hdr_offset. Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I751a725af5c231a443eed22231a867eb7f3894e0
2022-10-25udp: use new wrk context for connectionsFlorin Coras2-18/+19
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I9c4050f96c310f1e6eb2cae8d908c44968526c3c
2022-10-25udp: postpone cleanup of udp connectionsFlorin Coras2-2/+48
Avoid deleting connections in session layer io event handler. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I87b3e53f9039161688467d9716875583ad797c07
2022-10-24crypto: fix dead nn foreachDmitry Valter1-5/+5
Pass vec_foreach args in the right order Type: fix Signed-off-by: Dmitry Valter <d-valter@yandex-team.ru> Change-Id: I90d3dfb70ee2dbd9a48ae9ecfd2c1526a74d0786
2022-10-24gso: remove vxlan header include file dependencySteven Luong1-2/+3
vxlan will be moved to a plugin. Remove vnet files from including vxlan header include files. Type: fix Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I4268110b4ed54f7ae3ffecd6db0e3025122fa59c
2022-10-21devices: add support for af-packet v2Mohsin Kazmi7-186/+645
Type: feature Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I2ccaf1d512dcb72e414be8c69cbb538ebbe0e933
2022-10-20udp: support for disabling tx csumFlorin Coras5-4/+62
Type: feature Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I84843eb3a0a66c64cd46536624633e0dae1c4681
2022-10-20session: add session debug cliSteven Luong4-54/+176
- add session debug cli to enable fine control of which event logs are enable/disable with below syntax session debug {show | group <list> level <n>} list may be entered with a dash, "0-4" or it may be entered with a comma, "0,1,4" - fix compilation errors when SESSION_EVT is enable - change SESSION_EVT_FREE_HANDLER to use DEC_SESSION_ED instead of DEC_SESSION_ETD because the transport may already be free when the handler is called Type: improvement Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: Iab2989e0a847bb59002ef16494eebcc1d112b2ae
2022-10-20virtio: fix the missing unlockMohsin Kazmi1-1/+2
Type: fix Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I7003162ee72c39c44be1e7ff0d27f4416b3eca5a
2022-10-19udp: explicit udp output nodeFlorin Coras5-12/+283
This allows for custom next node selection on output. Type: feature Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ib0fee71a01847184e95c18097bbbfdadfbd9d030
2022-10-18session: pass sep.opaque to listen sessionMohammed Hawari1-0/+1
Change-Id: I34ce2cc4585bfbd679d7d66d5bef69ddb268bb57 Type: improvement Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
2022-10-17virtio: fix the tx side hdr offsetMohsin Kazmi1-11/+10
Type: fix Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: Ibb4b17b954c55bcb37ede57d398966f244735c3d
2022-10-17devices: fix the header offsets in af_packetMohsin Kazmi1-8/+18
Type: fix Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I7fc645c46d285ceb13903f5835c99e9b6a9e5b07
2022-10-17gso: fix the metadata for gro packetsMohsin Kazmi1-0/+2
Type: fix Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I3a059b9dcbbcb597a7822f4f35fb275a7c197647
2022-10-17ip: fix the pseudo header checksumMohsin Kazmi1-4/+2
Type: fix Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I5eb83cbd0f8534dc50ecb907b3582717e8709aa2
2022-10-16ip-neighbor: delete redundant help information in cli.Huawei LI1-12/+17
Delete redundant help information in ip neighbor's cli. There is no code implementation about fib-id and proxy in the cli's subsequent process. Type: fix Signed-off-by: Huawei LI <lihuawei_zzu@163.com> Change-Id: I1e276aad030409e3f2f62fee489ea95d316e67b5
2022-10-13l2: coverity complains dead codesSteven Luong1-14/+11
Coverity complains dead codes in 2 places due to a recent commit as pointed out in Fixes. The dead codes are if (seed < L2_BD_ID_MAX % 2) is_seed_low = 1; and if (is_seed_low) seed += (2 * (i % 2) - 1) * i; seed can never be less than (L2_BD_ID_MAX % 2). Consequently, is_seed_low is always 0. There is also other problem. The inner loop is iterating only once. The fix is to greatly simplify the code to generate a random bd_id. Type: fix Fixes: Ieb6919f958f437fc603d5e1f48cab01de780951d Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I318773b9a59950920e051548ef14e36054ebd5e6
2022-10-13session: make session code compile with SESSION_DEBUG enableSteven Luong2-2/+15
Session debug code does not compile anymore due to vlib_mains global variable disappearing over time. Replace it with vlib_get_main_by_index call. Add a cmake variable and pass it from make command line to enable session debug. Notice transport debug is required for session debug. make rebuild VPP_EXTRA_CMAKE_ARGS=-DVPP_TCP_DEBUG_ALWAYS=ON VPP_EXTRA_CMAKE_ARGS+=-DVPP_SESSION_DEBUG=ON Type: fix Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: Ic2e887c6b10b77cbabd56934f4931fcfa04a6751
2022-10-12ip: migrate ip4 full reassembly to use vlib_buffer_enqueue_to_nextDamjan Marion1-155/+144
Type: improvement Change-Id: Ibf683c9ba8a2751e0b40920f6735cfe0a35a6e6d Signed-off-by: Damjan Marion <dmarion@me.com>
2022-10-12ip: simpler and faster ip4_full_reass_drop_allDamjan Marion1-41/+19
Type: improvement Change-Id: I4a75583ce718ba6466cd09ca8373fd43988ef62a Signed-off-by: Damjan Marion <dmarion@me.com>
2022-10-12misc: fix issues reported by clang-15Damjan Marion8-19/+7
Type: improvement Change-Id: I3fbbda0378b72843ecd39a7e8592dedc9757793a Signed-off-by: Damjan Marion <dmarion@me.com>
2022-10-11l2: Add bridge_domain_add_del_v2 to l2 apiLaszlo Kiraly5-5/+136
https://jira.fd.io/browse/VPP-2034 Type: fix Signed-off-by: Laszlo Kiraly <laszlo.kiraly@est.tech> Change-Id: Ieb6919f958f437fc603d5e1f48cab01de780951d
2022-10-11fib: fix crash when create vxlan/vxlan-gpe/geneve/gtpu tunnel.Huawei LI5-16/+18
Fix vpp crash when create vxlan/vxlan-gpe/geneve/gtpu tunnel with 0.0.0.0 dst ip in debug build. The ASSERT should be move out of fib_prefix_from_ip46_addr, which may be called when create vxlan/vxlan-gpe/geneve/gtpu tunnel with 0.0.0.0 dst ip. How to reproduce: 1. build debug vpp and run vpp 2. create vxlan t src 192.168.0.2 dst 0.0.0.0 vni 1 instance 1 create vxlan-gpe tunnel local 192.168.0.2 remote 0.0.0.0 vni 1 create geneve tunnel local 192.168.0.2 remote 0.0.0.0 vni 1 create gtpu tunnel src 192.168.0.2 dst 0.0.0.0 teid 1 Type: fix Change-Id: I19972f6af588f4ff7fd17de1b16b9301e43d596f Signed-off-by: Huawei LI <lihuawei_zzu@163.com>
2022-10-07tcp: cmake option VPP_TCP_DEBUG_ALWAYS=ON not taken by all filesSteven Luong1-0/+1
Some files include tcp_debug.h without including <vpp/vnet/config.h> As a result, those files do not get VPP_TCP_DEBUG_ALWAYS option set. The fix is to include <vpp/vnet/config.h> in tcp_debug.h Type: fix Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I0c141147f1e8d1b49c5a1440fac1e97cbd96aaa7
2022-10-07tcp: build image with TCP_DEBUG_ALWAYS via makeSteven Luong1-0/+4
Add cmake option to enable TCP_DEBUG_ALWAYS. make rebuild VPP_EXTRA_CMAKE_ARGS=-DVPP_TCP_DEBUG_ALWAYS=ON make rebuild VPP_EXTRA_CMAKE_ARGS=-DVPP_TCP_DEBUG_ALWAYS=OFF Type: improvement Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I911a8d615f76516ae0a988bc6135c3b0d8fcb3df
2022-10-07fib: add fib_entry_get_path_list_for_sourceDamjan Marion2-0/+22
Type: improvement Change-Id: Ie035bebf64226691cffc84484e4bf7310287d1b7 Signed-off-by: Damjan Marion <dmarion@me.com>
2022-10-06gso: set the header offsets in gro hdr fixupMohsin Kazmi1-0/+3
Type: fix Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I9d5004f8764b1833e5ca825bc52345e23770c6bc
2022-10-06gso: fix the checksum for odd number of data bytesMohsin Kazmi1-0/+1
Type: fix Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I07b694323e0f6745dec2b846785026b152d78af6