| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Allow other apps to own transport sessions for tls.
Type: improvement
Change-Id: Ida04cef1dc49acb7117cbed8657e26890bf43d2a
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Invoking the API session_rule_add_del to add a rule causes VPP to crash
if session is not enable.
Type: fix
Change-Id: If8de83f1064bc60d20461e87889b7c3393ad2af1
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
lock the vrf table when adding an application namespace and
unlock the vrf table when deleting an application namespace.
Free the session table when no more application namespace
uses it anymore to avoid memory leaks.
Type: fix
Change-Id: I10422c9a3b549bd4403962c925e29dd61a058eb0
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
When a FIB entry has multiple sources installed by covering inheritance,
the first walk installs the covering source, which can be worse than the
already used one (hence the source is not activated). If a covering path
is added and a new fib cover walk is done, the deactivated source is
compared to itself. This operation calls for a reactivation of the source which was not activated in the first place.
Type: fix
Change-Id: I2639401bed14eb5a2cb003664c04d6c1f9130de9
Signed-off-by: Maxime Peim <mpeim@cisco.com>
|
|
Avoid to do fixup either if TTL or MTU check fails. It rewrites the
icmp header copied in case the ip6-icmp-error ran before.
Type: fix
Change-Id: If043d1cae35c41ebf70ba979883119604bee883d
Signed-off-by: Maxime Peim <mpeim@cisco.com>
|
|
VPP IPv6 FIB relies on 2 bihash for all its VRFs: 1 for control plane
and one for data plane. Because of that, control plane VRF walks
time grows with the number of VRFs as it has to go through all the VRFs.
In order to improve control plane performance with large number of VRFs,
the control plane data structure is changed from a global bihash to a
per-VRF hashtable, similarly to IPv4. Contrary to IPv4, there is only 1
hashtable per VRF and not 1 hashtable per prefix-length per VRF, which
is a compromise between memory consumption and single VRF scaling.
Type: improvement
Change-Id: Ib738a44adb88e46c95c4c62c853ee1f1392c7187
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
In some cases we do not need multicast support. Making it optional helps
scaling to high number of VRFs, by reducing the control plane operations
and memory consumption.
Type: improvement
Change-Id: Ib34ed3fe2806e2f4624981da4e4a3c49c69f70be
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Destroying a non-empty fib table can lead to difficult to diagnose bugs,
like dandling fib entries preventing entries to be inserting to the
mtrie.
Always log an error to help diagnose those issues.
Type: improvement
Change-Id: I2c771a80595035b440931b74cca4429af22161a2
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
We call application_namespace_cleanup to remove the application which
has a reference to the application namespace when deleting an application
namespace. When we find the matching application namespace, we queue
the ns_index instead of app_index to look for the application.
This may lead to a crash.
Type: fix
Change-Id: I89c7f8d1681b4c7c1bcb16641217230a26dbe582
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
Type: refactor
Change-Id: I3d7ff64e2e54b113f8d4b26f2dbf5b9c67b80976
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: improvement
Change-Id: I5a4a33604ecb8a29ef6932cc5826835d3bec7f23
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I3c79d16f6a19767d990e8a4683c296219b559ccd
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Iadc6ec58f5fc7fbff62e4fd31d509557b60395cb
|
|
If session is not enable, type in the CLI session disable cause VPP to crash.
Type: fix
Change-Id: Ib55b7430b7ce521a40025d58fa18b765f5129fd5
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
When toggling session disable and enable, memory leaks found on various
transports.
Don't create the timer wheels on enable when they are already creaded.
Don't create the spin locks when they are already created.
Add session enable disable test in session unit test.
Type: fix
Change-Id: I08988a96bbf2d67a67c743b50b63f5b1e27402a3
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
Type: refactor
Change-Id: If3a195f1ea600bfd621717f333af1b1273ab0807
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
When the rule table is allocated, the root node is allocated. But it
cannot be deleted by the add_del API, or the table is useless.
When the table is free, the root node is not free and there is memory
leak. Let's add pool_flush when the rule table is free.
Type: fix
Change-Id: I58c3e040cd101c7db501d99a373ad78d85321b8f
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
RFC6935 section 5 states that, by default, the UDP checksum must be
computed when originating an IPv6 UDP packet. The default behavior
may be overridden when conditions defined by RFC6936 are satisfied.
However this implementation does not satisfy all the conditions so
the checksum must be computed.
After ESP encryption the packet is an IPv6 UDP packet so set the
l3_hdr_offset and l4_hdr_offset values, and set the UDP_CKSUM
offload flag in the buffer.
Type: improvement
Co-authored-by: Cian Ferriter <cian.ferriter@intel.com>
Change-Id: I9f8c434c9fe9dbddd8890d5ae366984bfcf34067
Signed-off-by: Jeff Shaw <jeffrey.b.shaw@intel.com>
|
|
Since main thread is the only one thread that can modify address
hash, avoid barriers while IP_ADDRESS_DUMP api calls.
Type: improvement
Signed-off-by: Vladislav Grishenko <themiron@yandex-team.ru>
Change-Id: I9c35400bdef9fb08e81d859c8f2e3bdaa5468f4b
|
|
Type: fix
Change-Id: I3a5c04b14bf1156376e2acece69f8256d00f261a
Signed-off-by: Maxime Peim <mpeim@cisco.com>
|
|
Do not mark drop paths as imported to avoid crashes on invalid table lookup.
```
vpp[8478]: /build/Vpp2310/source/src/vnet/fib/fib_table.c:35 (fib_table_get) assertion `! pool_is_free (ip4_main.fibs, _e)' fails
#9 0x00007ff21785da1d in _clib_error () from /lib/x86_64-linux-gnu/libvppinfra.so.23.10
#10 0x00007ff218087698 in fib_table_get (index=4294967295, proto=FIB_PROTOCOL_IP4) at /build/Vpp2310/source/src/vnet/fib/fib_table.c:35
#11 0x00007ff218087a37 in fib_table_lookup_exact_match (fib_index=4294967295, prefix=0x7ff0eae0d354) at /build/Vpp2310/source/src/vnet/fib/fib_table.c:100
#12 0x00007ff2180bc938 in fib_attached_export_import (fib_entry=0x7ff0eceac3e0, export_fib=4294967295) at /build/Vpp2310/source/src/vnet/fib/fib_attached_export.c:264
#13 0x00007ff218098ade in fib_entry_post_flag_update_actions (fib_entry=0x7ff0eceac3e0, old_flags=FIB_ENTRY_FLAG_NONE, new_fib_index=4294967295) at /build/Vpp2310/source/src/vnet/fib/fib_entry.c:624
#14 0x00007ff218098b90 in fib_entry_post_install_actions (fib_entry=0x7ff0eceac3e0, source=FIB_SOURCE_API, old_flags=FIB_ENTRY_FLAG_NONE) at /build/Vpp2310/source/src/vnet/fib/fib_entry.c:674
#15 0x00007ff218098cce in fib_entry_create (fib_index=1, prefix=0x7ff0d3244d80, source=FIB_SOURCE_API, flags=FIB_ENTRY_FLAG_NONE, paths=0x7ff0eac15ab8) at /build/Vpp2310/source/src/vnet/fib/fib_entry.c:712
#16 0x00007ff218088db4 in fib_table_entry_update (fib_index=1, prefix=0x7ff0d3244d80, source=FIB_SOURCE_API, flags=FIB_ENTRY_FLAG_NONE, paths=0x7ff0eac15ab8) at /build/Vpp2310/source/src/vnet/fib/fib_table.c:799
#17 0x00007ff2180c026c in fib_api_route_add_del (is_add=1 '\001', is_multipath=0 '\000', fib_index=1, prefix=0x7ff0d3244d80, src=FIB_SOURCE_API, entry_flags=FIB_ENTRY_FLAG_NONE, rpaths=0x7ff0eac15ab8) at /build/Vpp2310/source/src/vnet/fib/fib_api.c:485
#18 0x00007ff217d4b6dd in ip_route_add_del_t_handler (mp=0x7ff0eb08b998, stats_index=0x7ff0d3244dc8) at /build/Vpp2310/source/src/vnet/ip/ip_api.c:718
#19 0x00007ff217d4b986 in vl_api_ip_route_add_del_t_handler (mp=0x7ff0eb08b998) at /build/Vpp2310/source/src/vnet/ip/ip_api.c:789
```
Type: fix
Fixes: 4b08632748727486e7ebfdcf4d992743595bc500
Signed-off-by: Dmitry Valter <d-valter@yandex-team.com>
Change-Id: I647899533771c35f44c9ecde517a30f111b36ad9
|
|
format_vl_api_address_union() is used by vnet, creating a linkage
dependency from vnet to vpp.
Type: fix
Change-Id: I298a90d521e51b7527ef140d66130062824e1d16
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Ic89570315a5c3c00e0e89c5535929313916869eb
|
|
Type: improvement
Change-Id: I86e8616a134829a66a9c9bb4313bbf95f835e7c0
Signed-off-by: Dau Do <daudo@yahoo.com>
|
|
Avoid double free if app forces reset while half-open is cleaning up.
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I2311fb763076aa8a263c193f5967793402eedb6a
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I9e7011ff45f14e17fc0d0d63800184f404c29093
|
|
This inline function is introduced to simplify code readability and consolidate AH packet
processing in separate API.
Type: improvement
Change-Id: Id98074d00aba277fed714ea9995655c9e84ec83b
Signed-off-by: vinay tripathi <vinayx.tripathi@intel.com>
|
|
Type: improvement
Change-Id: I252951d3ec01497c049ca0ffb7cb42aaf2efb965
Signed-off-by: Dau Do <daudo@yahoo.com>
|
|
Type: feature
Change-Id: Ibd876c5251fc2f9d87816d235fff2de22be4b21c
Signed-off-by: Monendra Singh Kushwaha <kmonendra@marvell.com>
|
|
When using gdb_show_traces() in debug mode, don't assert if workers are
not parked, as it is typically called from gdb.
Type: fix
Change-Id: Iabf175d96dc152da4d1abfbce9ccc9020d0b5d61
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
This patch fixes counter_start value, as it should hold the cumulative
counter value whenever counter clear routine is called.
Type: fix
Fixes: 38c619115b
Change-Id: I50bf8ddcde419caf1170dfacdea03ff3d93a3327
Signed-off-by: Monendra Singh Kushwaha <kmonendra@marvell.com>
|
|
Type: fix
This patch fixes the missing UDP port check in IPsec NAT-T
case. As of RFC3948 UDP encapped ESP traffic should have
destination port ID of 4500, which was missing.
The related tests are updated with this port ID, too.
Change-Id: I73ecc6a93de8d0f4b642313b0f4d9c2f214a7790
Signed-off-by: Fan Zhang <fanzhang.oss@gmail.com>
|
|
Type: improvement
Change-Id: Ib822f36ff7b3ecda162fc99bf3892f912d0649f0
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
Type: fix
fib_api_path_decode() is utilized by the IP route API call
to translate the path from the API to the fib_route_path_t
structure. The ip_route_add_del_handler_t function initializes
the fib_route_path_t structure to zeros, consequently setting
the sw_if_index value to 0, which is a valid value in VPP.
Typically, the default VRF (Virtual Routing and Forwarding)
has a local interface at index 0, leading to normal functionality.
However, a custom VRF table without any interface will result
in a crash.
The issue arises because the DROP route in fib_api_path_decode()
does not override the sw_if_index value with the one provided
in vl_api_fib_path_t. Subsequently, when this sw_if_index is
attempted to be resolved in the VRF table where the interface
does not exist, it leads to a crash.
This patch addresses the problem by setting the sw_if_index of
fib_route_path_t to the sw_if_index value of the API path.
To reproduce the issue, please remove the fix and run the following command:
make test-debug TEST=test_ip4.TestIPv4RouteLookup.test_exact_match
Change-Id: I5d72e91e5c701e749a92873941bee7b7b5eabd41
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
Type: improvement
Change-Id: Ia70f16c92dfc153256db6dcdf23f5487d5a7b678
Signed-off-by: Maxime Peim <mpeim@cisco.com>
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I11de9e1156420e0a37d637d8611bb3cf9788d699
|
|
Type: fix
Change-Id: I57ce42c193fd9408b9d4790482ea76d784148c30
Signed-off-by: Maxime Peim <mpeim@cisco.com>
|
|
In production network, often the host and the vm are managed by different
groups. The host statistics may not be readily available to the folks who
manage the VM. Having the RX queue full statistics in VPP can inform
that there might possibly be drops in the host.
Type: improvement
Change-Id: I43206647ac0d8092968c4187236d9696ae0acccd
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
This makes session_lookup_connection_wt6 consistent with session_lookup_connection_wt4 -
they both just return an error for wrong thread.
Type: fix
Change-Id: Ide38976e9a7274b53311e65711098e6b22a3f8d5
Signed-off-by: Brian Morris <bmorris2@cisco.com>
|
|
To match the API behavior, and as it is more useful to have an entry
age than its time last probe.
Type: fix
Change-Id: I07680cd713d0d2b6208a58208b032af7f6a92825
Signed-off-by: Maxime Peim <mpeim@cisco.com>
|
|
Move sr_mpls folder under vnet to the plugin folder, update cmake configuration
and header paths, and add plugin.c to register plugin.
JIRA: VPP-2054
Type: improvement
Change-Id: I1ad6f287f67eb0c35588c339bcd51218fadf5f8e
Signed-off-by: Scott Hutton <schutton@cisco.com>
|
|
"port->attr.hw_addr" is set during the port initialization. It won't be
updated if the mac address of the port is changed via the vpp command
line.
Use "port->primary_hw_addr" to dump the updated mac address correclty.
Type: fix
Fixes: 38c619115b
Change-Id: I6c99fcfdfae67efb3606e17f36781c56716ff7ea
Signed-off-by: Alok Mishra <almishra@marvell.com>
|
|
When the NIC does not support mac filter, we rely on ethernet-input
node to do the destination mac check, ie, when the interface is in L3,
the mac address for the packet must be the mac address of the
interface where the packet arrives. This works fine in ethernet-input
node when all packets in the frame might have different interfaces, ie,
ETH_INPUT_FRAME_F_SINGLE_SW_IF_ID is not set in the frame. However,
when all packets are having the same interface,
ETH_INPUT_FRAME_F_SINGLE_SW_IF_ID is set, ethernet-input node goes
through the optimized routine eth_input_single_int -> eth_input_process_frame.
That is where dmac check has a bug when all packets in the frame are
either, ip4, ip6, or mpls without vlan tags. Because without vlan tags,
the code handles all packets in fast path and ignores dmac check.
With vlan tags, the code goes to slow path where dmac check is handled
properly.
The fix is to check if we have a bad dmac in the fast path and force the
code to go to slow path which will handle dmac check properly.
Also do a wholesale correction on all the testcases which do not use
the proper dmac when sending L3 packets.
Type: fix
Change-Id: I73153a805cecdc24c4eefcc781676de04737ae2c
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
set_interface_name may crash if wrong sw_if_index is passed e.g. ~0
Type: fix
Signed-off-by: Stanislav Zaikin <stanislav.zaikin@46labs.com>
Change-Id: Ic7e400c914fb33c2f9eac4f2985bb5b163a18d57
|
|
Type: improvement
Change-Id: I955fbef0e0238cb69307e96cd1c677061737e5f3
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
Type: fix
Change-Id: I80e90cab8e2e9fef837779e36e0256baf791b801
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
This commit adds missing support in CLI for creating ipsec itf
in p2mp mode.
Type: fix
Signed-off-by: Gabriel Oginski <gabrielx.oginski@intel.com>
Change-Id: I1bd1cc6667625b8e527af8d25bd8e723751dbc41
|
|
Currently ipip tunnel allows to use an empty addresses for dst when we
trying to add tunnel, but it doesn't return it correctly on ipip dump
call. There is case when we create an ipip tunnel with an empty ipv6
address, address is zero, but AF is ipv6. And when we dump ipip tunnels
we get an emtpy ipv4 address instead of an empty ipv6 address.
There is no point to detect AF for each address in
send_ipip_tunnel_details, because ipip tunnel can't handle different
AF for src and dst addresses, and prohibits creating ipip tunnel
with different AF of dst and src addresses.
With this fix, send_ipip_tunnel_details function return a correct AF
despite address value.
Type: fix
Change-Id: Ib343293ad79a300cdb70135fffbfd156dfef6e27
Signed-off-by: Anton Nikolaev <anikolaev@netgate.com>
|
|
Type: fix
Fixes: c4c205b091934d96a173f4c0d75ef7e888298ac7
Change-Id: I110729601a9f19451297883b781ec56e2b31465b
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
|
|
Force transport and session cleanup on session detach if transport is
already closing. This should also avoid races between transport
initiated session cleanups and pending session control events.
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I83a947a0c01f5af8ac70aa31fee660276f1d1c60
|
Florin Coras
Steven Luong
Maxime Peim
Benoît Ganne
Damjan Marion
Jeff Shaw
Vladislav Grishenko
Dmitry Valter
Dau Do
vinay tripathi
Monendra Singh Kushwaha
Fan Zhang
Mohsin Kazmi
Brian Morris
Scott Hutton
Alok Mishra
Stanislav Zaikin
Gabriel Oginski
Anton Nikolaev
Vratko Polak