summaryrefslogtreecommitdiffstats
path: root/src/vnet
AgeCommit message (Collapse)AuthorFilesLines
2019-11-06tcp: validate the IP address while checking TCP connectionSrikanth Akula1-9/+31
Type: feature Along with the port information, we need to validate the IP address details as well. This is very useful in the case port re-use scenario Signed-off-by: Srikanth Akula <srakula@cisco.com> Change-Id: I11e1ebcd3e56aae47ac235a89606a83c928aa6bb
2019-11-06build: add yaml file linting to make checkstylePaul Vinciguerra6-16/+35
Type: feature fts and trex rely on yaml config files. Verify that they are valid, so comitters can catch errors early. Change-Id: Ide0bb276659119c59bdbbc8b8155e37562a648b8 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-11-06tcp: IPv6 flow label supportTarun Gupta3-10/+36
Type:feature For cases when proxy is in use IPv6 flow label received in origin pkt needs to be added to ipv6 header of outgoing pkts from proxy to original destination and vice versa. Signed-off-by: Tarun Gupta <tarungup@cisco.com> Change-Id: I143f7e67237c0f865333078628a016b50ad5e630 Signed-off-by: Tarun Gupta <tarungup@cisco.com>
2019-11-05session tcp: refactor pacer timeFlorin Coras9-104/+74
Type: refactor Change-Id: Ic1c3e1f7987702cd88972acc34849dc1f585d5fe Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-11-05ip: Fragmentation fixesNeale Ranns6-117/+159
Type: fix if the packet is about to be fragmented, then don't call any of the actions that expect the rewrite to have been written. 1) don't double count packets thru the adjacency (original & fragments) 2) don't double decrement the TTL for fragments 3) return to ip4-midchain post ip-frag if that's where we started. 4) only run midchain/mcast fixups if not fragmenting (if no errors) Change-Id: Ib2866787a42713ee5871b87b597d8f74b901044b Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-11-05tcp: correct validity check return valueRyujiro Shibuya1-0/+1
Type: fix Signed-off-by: Ryujiro Shibuya <ryujiro.shibuya@owmobility.com> Change-Id: Ib59bf664d8da20516d8f16d716c5e8698675da4b
2019-11-05ipsec: ipsec-input: check for too-short packetsBenoît Ganne1-12/+25
Make sure packet is big enough before processing it. Policy matching is done speculatively but is discarded if packet is too short. Type: fix Change-Id: I647db2c4e568b0d9bf2cfd5056e1b1c2e25132fe Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-11-04mpls: number of mpls tunnel paths returns zeroIJsbrand Wijnands1-1/+1
The number of paths on the mpls tunnel returned through the bapi is always zero. Doing a ntohl on a uint32 and poking it into a uint8 causes the problem. Type: fix Signed-off-by: IJsbrand Wijnands <ice@cisco.com> Change-Id: I4135ad43a891e7818ca673c8067ef1f11cb34530
2019-11-03session: fix show cli with closed sessionFlorin Coras1-1/+3
Type: fix Change-Id: Ifb6ead644c0273b84a5647f7923053f1db7c5a76 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-11-02session: reschedule asap when snd space constrainedFlorin Coras2-7/+28
Type: feature Improves fairness for sessions that are snd space or pacer constrained. Change-Id: Ida5f523090f1dcbfb17bf5116bc7917747ac8593 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-10-31vlib: only dump 1st buffer in chain by defaultBenoît Ganne1-1/+1
Several nodes include buffers in their traces, but only the 1st. When formatting the trace we must not try to iterate through all chained buffers. Default to display only the 1st buffer. Type: fix Change-Id: Ib3c668bbf4ab70ae68eba2ac402c7b7329825b70 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-10-31ipsec: fix esp trace seq number overflowBenoît Ganne2-4/+12
Do not copy invalid seq number if packet is too small. Type: fix Change-Id: I1e78f5920e9645521f57efccaf35bbf9ce0676a8 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-10-31session: avoid double dispatch of new eventsFlorin Coras1-14/+17
Type: fix Avoid re-dispatching new events if they've just been added to the old events linked list. Change-Id: Ie5d0b799eae6cebb118d97204e5111eb194c0b8e Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-10-31session: fix dispatch event loggingFlorin Coras1-16/+27
Type: fix Change-Id: Icf3c73cd7eb7565ed6e1b0371da172b5408a9d36 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-10-31tcp: track lost rxt segments in byte trackerFlorin Coras2-0/+5
Type: feature Change-Id: I18dfac9c3d2f539edf20dba64cd2b7b541154144 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-10-30l2: fix typo in doxygenPaul Vinciguerra1-2/+2
Type: style Change-Id: I286280fffa6ab5d3e15986911a4ccc35efbf41c3 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-10-30ip: cleanup typos in documentationPaul Vinciguerra8-17/+17
Type: style Change-Id: I7d44b7fab1b8b196e4934cb4832ee51084c5bf98 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-10-30tls: fifo size is u32Dave Wallace1-3/+10
- unformat_memory_size() writes to a uword * - Limit cli input to u32 Type: fix Signed-off-by: Dave Wallace <dwallacelf@gmail.com> Change-Id: I453a5633e04f9ee6f2f1a843634f99063a81579b
2019-10-30tcp: rx fifo size is u32Dave Wallace1-2/+18
- Limit cli input for rx fifo size to u32 Type: fix Signed-off-by: Dave Wallace <dwallacelf@gmail.com> Change-Id: If5a8e0668acf5b0f369acf4f120e47a012bd1899
2019-10-30tls: fix on tcp connection resetZeyu Zhang2-3/+12
VPP would fail in tcp_connection_reset() if the tls or app session was just created. Type: fix Change-Id: I45d107f57e4f3fc468c15ca3392d5e1c413bd690 Signed-off-by: Zeyu Zhang <zeyu.zhang@intel.com>
2019-10-30lisp: fix lisp-gpe db hashBenoît Ganne1-2/+2
lgt->key is already a pointer to the key, hash the pointed data instead of the pointer value. Type: fix Change-Id: I4d29d8c6519afc3843cb2e5ef88795d60f715e23 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-10-30docs: devices-- add FEATURES.yamlPaul Vinciguerra15-17/+65
Type: docs Change-Id: I039ba9ad5385452b202366fba0b367506a21ea4f Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-10-30l2: l2tp API cleanupJakub Grajciar2-24/+39
Use consistent API types. Type: fix Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com> Change-Id: I9015fc60e8d77e5d5ac36bf2862c1fe794addb81 Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
2019-10-29ip: refactor ip4_mtrie to use atomic store-releasejaszha031-14/+5
ip4_mtrie used full memory barrier compare-and-swap in set_leaf () and set_root_leaf () even though only one thread updates the trie. Replaced such instances of compare-and-swap with atomic store-release. Type: refactor Change-Id: Ic6e3c84480697915541acd16dcc630d1c436137d Signed-off-by: Jason Zhang <jason.zhang2@arm.com> Reviewed-by: Lijian Zhang <Lijian.Zhang@arm.com> Reviewed-by: Ruifeng Wang <ruifeng.wang@arm.com>
2019-10-29ip: refactor ip4_mtrie to atomically unset leavesjaszha031-4/+6
ip4_mtrie set leaves atomically in set_leaf () and set_root_leaf () but deleted leaves using regular stores in unset_leaf () and unset_root_leaf (). Changed leaf deletion to update mtrie using atomic store-release. Slight performance improvement was observed in benchmarking on Qualcomm and Xeon machines. Benchmarking involved running 'ip route add' and 'ip route del' on vpp instances. Below are the routes/second for adding and deleting 100k routes before and after the store-release changes: Xeon Add Routes Before: 1.140e6, 1.139e6, 1.148e6, 1.158e6, 1.155e6 Xeon Add Routes After: 1.167e6, 1.170e6, 1.174e6, 1.173e6, 1.169e6 Xeon Del Routes Before: 7.287e7, 8.089e7, 6.048e7, 7.171e7, 7.821e7 Xeon Del Routes After: 8.729e7, 7.353e7, 7.856e7, 8.209e7, 7.787e7 Qualcomm Add Routes Before: 3.709e5, 3.954e5, 3.739e5, 3.759e5, 3.671e5 Qualcomm Add Routes After: 3.879e5, 3.967e5, 3.936e5, 3.764e5, 3.817e5 Qualcomm Del Routes Before: 1.286e7, 1.379e7, 1.353e7, 1.230e7, 1.331e7 Qualcomm Del Routes After: 1.411e7, 1.355e7, 1.373e7, 1.394e7, 1.314e7 Type: refactor Change-Id: If3acd25a2fb87addd0eb13d82d3c8f46579e8060 Signed-off-by: Jason Zhang <jason.zhang2@arm.com> Reviewed-by: Lijian Zhang <Lijian.Zhang@arm.com> Reviewed-by: Ruifeng Wang <ruifeng.wang@arm.com>
2019-10-29ethernet: VNET API to create sub-interfacesNeale Ranns3-55/+56
Type: refactor Change-Id: I37899a9c1c2b0790bee90b84aec6b51cdd5236b4 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-10-29tcp: correct tcp connection lookup conditionRyujiro Shibuya1-7/+10
Type: fix Signed-off-by: Ryujiro Shibuya <ryujiro.shibuya@owmobility.com> Change-Id: Ibdbac568d5f765e6b5c959cab5e32dc33335064d
2019-10-28session: allow transport cleanup only if not deletedFlorin Coras1-2/+3
Type: fix Change-Id: I51282182952a66be698226bace39626df4d67b9f Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-10-28ip: Punt rather than drop unkown IPv6 ICMP packetsNeale Ranns1-5/+5
Type: feature Change-Id: Ib137c453ff2dd5b9d028c653afa80e6b2b81b9e0 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-10-28ping: move the echo responder into the ping pluginNeale Ranns2-200/+3
Type: feature Change-Id: I246346b82858e73b16d727e2106350bc0fc3c6f2 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-10-28ip: reassembly fix sanity checksKlement Sekera2-5/+5
use correct value for sanity checks Type: fix Change-Id: If33db5ce3e4a26f7876c2a67832ca2947563e211 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-10-28session: app-closed to transport-deleted on delete notifyFlorin Coras2-2/+2
Type: refactor As a result, transport-deleted is the only session state that has no transport data structure. Change-Id: I2da2bc4bbb141d8a7b52faae66a4733de8f8513b Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-10-28ip: fix tracing of packet flagsKlement Sekera1-1/+1
This fixes incorrect tracing of flags such as MORE_FRAGMENTS. Type: fix Change-Id: Ia5698418a7cbb45c18bc9c95f560cea020e63c39 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-10-28ip: reassembly: fix use-after-freeBenoît Ganne2-5/+10
When processing the last buffer of a reassembled packet, the current buffer will be freed and must be reloaded using the updated index. Type: fix Change-Id: Ib39e29e60eb527b4cd4828a3aa37d82c8dddd709 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-10-25dhcp: fix crash on unicast renewal sendNeale Ranns1-4/+1
Type: fix - when the addresses were learnt a copy of the client was sent to the main thread, this meant the unicast adjacecny was saved on the copy not on the original. - Add logging. - Improve the proxy-node that hands the clint packets so the DHCP packets are traced. - allow a renewal to configure new address data Change-Id: I6ab0afcccbc4a1cdefdd1b8beeda8fc7ba20ec1f Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-10-25mdata: buffer metadata change tracker pluginDave Barach1-15/+37
A handy tool in case you need to know which metadata will be changed when a packet visits a certain node. Reflect metadata changes into format functions used by the vpp-specific wireshark dissector. Type: feature Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I96fe8a24db4082bb29fe2a33cc522e8616a3a1bb
2019-10-24gso: fix buffers traceBenoît Ganne1-0/+1
When segmenting, new buffers must inherit the original buffer trace handle. Type: fix Change-Id: Ibd1859a501b2862906dfc563b98652cfee5681da Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-10-24lacp: add actor steady state check prior to skip processing lacp pduSteven Luong2-26/+26
In a rare event, we may be skipping processing lacp pdu's when the it is not in steady state. Type: fix Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I3595d22dbff8a97dce9fb4d4452d2051bcf6f523
2019-10-23devices: vhoost cpu->copy array overflow on tcp jumbo frame (65535 bytes)Steven Luong2-2/+8
We reserve 40 slots in cpu->copy array prior to copy out to avoid overflowing the array. However, 40 is not enough for the jumbo frame because desceiptor buffer len is likely at 1536. Change the reserve to 200 and add ASSERT to avoid encountering the same problem in the future. Type: fix Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: Ibf0c03c4b4f33e781d5be8679ccd6c3a4b4a646d
2019-10-23sr: add "set sr encaps hop-limit" commandIgnas Bačius5-1/+74
Default hop-limit for the encapsulating IPv6 header is a compile-time constant. Add ability to specify custom hop-limit, in order to avoid packets being dropped with "hop limit exceeded in transit" response in certain network configurations. Type: feature Signed-off-by: Ignas Bačius <ignas@noia.network> Change-Id: I77f2b35c987cfd31801dc2744d31fb3c1984158f
2019-10-23tcp: improve rate samples for retansmitted segmentsFlorin Coras3-77/+184
Type: fix - Initialize max_seq on both transmitted and retransmitted segments - Keep track of segments that have been sacked. - Track new data segments sent during recovery Change-Id: Ice55231a3da200ae6171702e54b2ce155f831143 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-10-23tcp: fix sack retransmit beyond snd_nxtFlorin Coras2-2/+13
Type: fix Ensure that sack retransmit logic does not try to inadvertently send new data. Change-Id: Idfda19643577d9c1b58e2af8d8283cabfbaf98e6 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-10-22ikev2: fix GCM cipherFilip Tehlar1-9/+17
Type: fix Change-Id: I382499061ff4b1c2cc1b70ebbf9725ff0e1be325 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2019-10-22ip: reassembly: avoid corruption in vnet bufferKlement Sekera1-17/+18
Avoid corrupt next_index in vnet_buffer by moving input and output variables into different memory places instead of sharing a common space. Type: fix Fixes: de34c35fc73226943538149fae9dbc5cfbdc6e75 Change-Id: I34471fc6d0c8487535fac21349e688f398934f6d Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-10-18ipsec: fix tunnel protection removalFilip Tehlar1-1/+1
Type: fix Change-Id: I4d5546d1f9b3a162291997f6f0c094c5c3d6cf31 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2019-10-22ip: ipfix-export API updateJakub Grajciar2-22/+38
Use consistent API types. Type: fix Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com> Change-Id: I5b03e5de111c3a3b8da4e9f02cba0aa99e3ee9f3
2019-10-22vppinfra: add vec_set_len()Benoît Ganne2-4/+6
l2-flood and bier nodes reset vector length without updating it to its effective size. Introduce a helper to do it (this allows ASAN to keep track of the new vector size). Type: refactor Change-Id: I2d652550c440f0553a2b49c3ee3d37b49ebc16c3 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-10-21tls: enable tls engine as the default engineYu Ping1-1/+1
OpenSSL TLS is well maintained and many issues are fixed, and it makes OpenSSL as the default engine will be more friendly to users if app does not configure a specific engine such as http_static Type: fix Change-Id: I37499af1edd40ffb53b00436044d1fce3b43348d Signed-off-by: Yu Ping <ping.yu@intel.com>
2019-10-21session: support registration of custom crypto enginesFlorin Coras3-1/+22
Type: feature Change-Id: I888d415ff645b3827df7d4cfb0d3c5f4ac940617 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-10-21vcl: add api to set lcl ipFlorin Coras3-1/+3
Type: feature Change-Id: I40169fbbe8a20670dd612c341b6c78b5c925bf74 Signed-off-by: Florin Coras <fcoras@cisco.com>