summaryrefslogtreecommitdiffstats
path: root/src/vnet
AgeCommit message (Collapse)AuthorFilesLines
2019-02-11session: add config for evt qs segment sizeFlorin Coras2-3/+6
Change-Id: I286d0d53a9ef2d6e28cd301eae25fc119d491f22 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-02-11session: cleanup application interfaceFlorin Coras15-653/+561
Change-Id: I89d240753b3f3c5e984aa303a7c8fa35fa59bf7f Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-02-11ipsec: multi-arch, next-node-index cleanupKingwel Xie5-27/+55
1. specify ipsec_xxx_node.c in MULTIARCH_SOURCES 2. cleanup foreach_ipsec_output_next & foreach_ipsec_input_next, as next-nodes are actually added by ipsec_register_xx_backend dynamically thus, ipsec4-input-feature will point to ah4/esp4-encrypt, instead of pointing to ah6/esp6-encrypt 3. remove an unused count and add counter IPSEC_INPUT_ERROR_RX_MATCH_PKTS in ipsec-input Change-Id: Ifcf167812d2cc18187c2cea84b657a52b67e17d4 Signed-off-by: Kingwel Xie <kingwel.xie@ericsson.com>
2019-02-09buffers: fix typoDamjan Marion16-22/+21
Change-Id: I4e836244409c98739a13092ee252542a2c5fe259 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-02-09tls: move test certificates to separate header fileFlorin Coras8-76/+102
Change-Id: I543cb78e268d7a4a7fba590d305351ec79f4e4da Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-02-09session: refactor listen logicFlorin Coras17-645/+598
Make app-listener the handle for app listens. Consequently transport and local listen sessions are now associated to the app-listener. Change-Id: I9397a26d42cccb100970b6b4794c15bac2e11465 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-02-07tcp: fix fib_index for v6 ll packetsFlorin Coras1-0/+7
Change-Id: Ie69bdb9860d61f2c599c0c80b0ea80dfdfe178bd Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-02-07IPSEC: remove unused members of main structNeale Ranns1-4/+0
Change-Id: Ib55deb620f4f58cac07da7cb69418a3a30ff3136 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-02-07IPSEC: no second lookup after tunnel encapNeale Ranns15-444/+716
in the same maaner as with other tunnel tyeps we use the FIB to cache and track the destination used to reach the tunnel endpoint. Post encap we can then ship the packet straight to this adjacency and thus elide the costly second lookup. - SA add and del function so they can be used both directly from the API and for tunnels. - API change for the SA dump to use the SA type - ipsec_key_t type for convenience (copying, [un]formating) - no matching tunnel counters in ipsec-if-input Change-Id: I9d144a59667f7bf96442f4ca66bef5c1d3c7f1ea Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-02-07Fix parsing overflow in unformat_mac_address_t()Benoît Ganne1-3/+3
'%x' unformat specifier expects a pointer to a 4-byte object and will overflow when using a pointer to a 1-byte object. Use '%X' instead which allows to pass the size of the object alongside its pointer. The bug was exposed with the following commands: ~# make run DBGvpp# loop create loop0 DBGvpp# set ip6 neigh loop0 3001::2 a:a:a:a:a:a DBGvpp# show ip6 neigh Time Address Flags Link layer Interface 35.7743 ::2 D 0a:0a:0a:0a:0a:0a loop0 ^^^ wrong address: should be 3001::2 Note that the bug impact depends from the parsing order and memory layout. Change-Id: I29ba2eb53ba5a2daf4517215602d027508e2cb9f Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-02-07tcp: fix reset sending in syn-sentFlorin Coras3-6/+7
Change-Id: I468b1015bca5f95b162fb49e904aa4e4d38db75e Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-02-06buffers: make buffer data size configurable from startup configDamjan Marion16-21/+24
Example: buffers { default data-size 1536 } Change-Id: I5b4436850ca18025c9fdcfc7ed648c2c2732d660 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-02-06virtio: enable msix interrupt modeMohsin Kazmi4-44/+114
Change-Id: Idd560f3afde1dd03bc3d6fbb2070096146865f50 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2019-02-06virtio: Use new buffer optimizationMohsin Kazmi5-2/+24
Change-Id: Ifc98373371b967c49a75989eac415ddda1dcf15f Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2019-02-06transport: cleanupFlorin Coras19-544/+571
- move transport specific types to transport_types - add transport wrapper functions for interaction with transport protocol vfts Change-Id: I93f70d884585fc2f41c4a605e310c80e8a8972f2 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-02-05session: cleanup part 3Florin Coras7-234/+245
Aggregate session specific types, getters and setters under session_types.h Change-Id: Ib205337502654969d60c72d1800c90247e1a9068 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-02-05session: cleanup part 2Florin Coras8-1191/+1228
Move app worker logic to app_worker.c Change-Id: Ic5e5735b2884f006c064d023f491aa6888114810 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-02-05IPSEC: SPD counters in the stats sgementNeale Ranns12-505/+411
- return the stats_index of each SPD in the create API call - no ip_any in the API as this creates 2 SPD entries. client must add both v4 and v6 explicitly - only one pool of SPD entries (rhter than one per-SPD) to support this - no packets/bytes in the dump API. Polling the stats segment is much more efficient (if the SA lifetime is based on packet/bytes) - emit the policy index in the packet trace and CLI commands. Change-Id: I7eaf52c9d0495fa24450facf55229941279b8569 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-02-04session: cleanup part 1Florin Coras37-497/+482
Rename core data structures. This will break compatibility for out of tree builtin apps. - stream_session_t to session_t - server_rx/tx_fifo to rx/tx_fifo - stream_session.h to session_types.h - update copyright Change-Id: I414097c6e28bcbea866fbf13b8773c7db3f49325 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-02-04ipsec: cli 'create ipsec tunnel' more optionsKingwel Xie1-3/+7
use-esp use-anti-replay Change-Id: I977b65eee926adaded0cb923e14feb0ee90fc32c Signed-off-by: Kingwel Xie <kingwel.xie@ericsson.com>
2019-02-02session: improve show session cliFlorin Coras3-43/+64
Change-Id: If30cea80058752cedcc6ecc38e90bef8732c83d3 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-02-02Deprecate old mutliarch code, phase 1Damjan Marion6-56/+9
It is causing compilation sloness with gcc-7 so removing it before it was originally planned. So far macros are left in the tree so we can know which nodes to convert to new multiarch code. Change-Id: Idb14622ca61fdce1eba59723b20d98715b7971e6 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-02-02tcp: remove internal buffer cacheFlorin Coras2-81/+32
Change-Id: I3051d49aa9b9c38dcd8069ea1748f74ab20ac0f6 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-02-02session: remove local buffer cacheFlorin Coras1-33/+14
Change-Id: I71ccb39c56962fe0160d3f4c83453e72d2dd3030 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-02-01IPSEC: minor refactorNeale Ranns11-754/+1002
No function change. Only breaking the monster ipsec.[hc] into smaller constituent parts Change-Id: I3fd4d2d041673db5865d46a4002f6bd383f378af Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-01-31IPSEC: API modernisationNeale Ranns3-257/+396
- use enums to enumerate the algoritms and protocols that are supported - use address_t types to simplify encode/deocde - use typedefs of entry objects to get consistency between add/del API and dump Change-Id: I7e7c58c06a150e2439633ba9dca58bc1049677ee Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-01-30virtio: fix the device order (legacy or modern)Mohsin Kazmi1-3/+3
Change-Id: I60f88d50f062b004e6dea487bd627d303d0a5e75 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2019-01-30Use IP and MAC API types for neighborsNeale Ranns23-597/+685
use address_t and mac_address_t for IPv6 and ARP entries and all other API calls in ip.api aprat from the route ones, that will follow in a separate commit Change-Id: I67161737c2184d3f8fc1e79ebd2b55121c5b0191 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-01-30MPLS tunnel; fix crash when deleting non-existant pathNeale Ranns1-0/+3
in the case the tunnel is the only user of the shared path list then removing its dependency removes the path list. hence lock the list Change-Id: I18318441698ceac16715b1826266a7d19dcd76e1 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-01-30ipsec: fix check support functionsKlement Sekera2-5/+17
Change-Id: If94c57fbb07a7376a9f2873e1489c00b28152620 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-01-30lisp: set reachable flag in map-registerFlorin Coras3-0/+3
Change-Id: I9faaa321113e435844931247f23dbc1d190cc9da Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-01-29virtio: Support legacy and transitional virtio devicesMohsin Kazmi1-3/+11
Change-Id: Ib1316482dd7b1ae3c27c7eeb55839ed8af9ca162 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2019-01-28Add Ipsec IKE support to openssl 3.0.0 master branchPing Yu1-0/+24
Change-Id: I7bd43f57d23b1ecf031530c4a7508f949ddf616f Signed-off-by: Ping Yu <ping.yu@intel.com>
2019-01-27session: properly initialize accepted/connected msgsFlorin Coras1-0/+2
Change-Id: I36b3ae56e6ca160081c892367fd6a979751fe717 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-01-25deprecate tapcliDamjan Marion6-2024/+0
Change-Id: I82dceaa27a7b0c96de077cf283e4f64aa426f271 Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-01-25MPLS-tunnel: show output to display the tunnel name correctlyNeale Ranns1-1/+1
Change-Id: I1554d9a4d6e4a4007cda9d0f83b03feb8fdbe853 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-01-25IPSEC: tests use opbject registryNeale Ranns1-1/+11
this means we test the dumps - to some extent Change-Id: I8d90745701012012b41a7b3aaf9be97b4dd2bdf8 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-01-25pg: bugfix for pg paylod hdr-sizeKingwel Xie1-3/+3
it was specified to 0 after https://gerrit.fd.io/r/16909 causes unformat_pg_ip4_header to wrongly set ip header len. do more check when assigning e->lsb_bit_offset to avoid negative value Change-Id: Ib772c7135cdeb355f0d60f1ee11602f6b5a0ff21 Signed-off-by: Kingwel Xie <kingwel.xie@ericsson.com>
2019-01-25IP6 FIB: walk table for dump (VPP-1553)Neale Ranns1-12/+7
Change-Id: Iaa57ace6df96bfacd1235c80ec7bb08e5f335530 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-01-24session/vcl: support worker ownership change for listenersFlorin Coras4-5/+40
Change-Id: I2ad54b20b96f10b009c3e651b2a2f885577ca5b6 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-01-24move misc-drop-errors to vnetDave Barach1-0/+31
thanks, Eliot... Change-Id: I8d8fee09bf1fe24933e6ef4e126dba8e22fe62b1 Signed-off-by: Dave Barach <dave@barachs.net>
2019-01-24IPSEC Tests: to per-test setup and tearDownNeale Ranns1-4/+4
don't do the setup and teardown in class methods so that with each test the config is added and deleted. that way we test that delete actually removes state. more helpful error codes from VPP for existing IPSEC state. Change-Id: I5de1578f73b935b420d4cdd85aa98d5fdcc682f6 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-01-24add "Mtrie mheap usage" in "show ip fib memory"Lollita Liu1-2/+9
Adding "Mtrie mheap usage" in output of "show ip fib memory" command, for displaying the total Mtrie Mheap usage together with memery usage of each node and each table Change-Id: I2bcc570924e44a2b406f69cfc2f2f8d5abb61a39 Signed-off-by: Lollita Liu <lollita.liu@ericsson.com> Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-01-24virtio: Minor fixes and header cleanupMohsin Kazmi5-24/+7
Change-Id: I2e5fd45abcd07e9eda6184587889bdcd9613a159 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2019-01-23bond: packet drops on VPP bond interface [VPP-1544]Steven2-20/+21
We register callback for VNET_HW_INTERFACE_LINK_UP_DOWN_FUNCTION and VNET_SW_INTERFACE_ADMIN_UP_DOWN_FUNCTION to add and remove the slave interface from the bond interface accordingly. For static bonding without lacp, one would think that it is good enough to put the slave interface into the ective slave set as soon as it is configured. Wrong, sometimes the slave interface is configured to be part of the bonding without ever bringing up the hardware carrier or setting the admin state to up. In that case, we send traffic to the "dead" slave interface. The fix is to make sure both the carrier and admin state are up before we put the slave into the active set for forwarding traffic. Change-Id: I93b1c36d5481ca76cc8b87e8ca1b375ca3bd453b Signed-off-by: Steven <sluong@cisco.com>
2019-01-23pg: cli improvementKingwel Xie4-32/+97
1. show packet-generator verbose, display all edit-groups and hdr-size 2. unformat_pg_payload, always mark payload hdr-size as 0 3. packet-generator now can change rate/limit/size at runtime 4. validate_stream checks buffer min-size/max-size against all edit groups' header size 5. remove incorrect max packet size limit check in validate_stream(...) Change-Id: Ic45e4f2b98bc0fd7330e0b480dd677fa3c69a677 Signed-off-by: Kingwel Xie <kingwel.xie@ericsson.com> Signed-off-by: Dave Barach <dave@barachs.net>
2019-01-23virtio: Add support for loggingMohsin Kazmi4-31/+97
Change-Id: Ieadf0a97379ed8b17241e454895c4e5e195dc52f Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2019-01-23AH encrypt; don't double enqueue nor emit clib_warnings when seq-num max ↵Neale Ranns1-5/+0
exceeded Change-Id: Id5b47f78521a0cbedf7bd2c72babfb2ffe9fa67d Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-01-23lisp: cli for marking local mappings authoritativeFlorin Coras2-0/+3
Change-Id: I92af6455b50a49de4c912737fcd3b7787dd31de0 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-01-23IP route local and connectedNeale Ranns2-3/+14
allow routes that are local and connected to be added via the API. this emulates the addition of a second address in the same subnet added to an interface. Change-Id: Ib18a08c26956be9a07b3360664210c8cf6734c84 Signed-off-by: Neale Ranns <nranns@cisco.com>