summaryrefslogtreecommitdiffstats
path: root/src/vnet
AgeCommit message (Collapse)AuthorFilesLines
2020-10-24ipsec: remove pending nodeFan Zhang3-104/+127
This patch removes esp-encrypt-pending and esp-decrypt-pending graph nodes from ipsec data-path. Type: improvement Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com> Change-Id: Icd90837eafdbfbfdf348681dcafb872593978980
2020-10-23tcp: remove snd_una_maxFlorin Coras7-22/+15
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I03f923053499f219035c9b7b6640fc575568d474
2020-10-23tcp: remove force retransmit timer updateFlorin Coras2-17/+8
Also simplify condition for detecting unintended timer pops. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I8b120dfc2d16e40ee865240dbc9667708cd1c808
2020-10-23tcp: remove delack time configFlorin Coras2-4/+0
Type: refactor Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Iae5045686c62ad9279be350cffeaa41b8297d179
2020-10-22virtio: checksum error reported for ip6 traffic with GSO enableSteven Luong2-11/+1
When GSO is enabled, vhost clears the checksum field prior to transmitting the packet. Some newer kernel version does not like that and complains about checksum error. This was seen with ip6 traffic. Type: fix Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I7c6f2a6148f4a30107bfa8b078f5990e64300cf1
2020-10-22tcp: no send space in timer recoveryFlorin Coras1-1/+4
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I9461b6539c504ca844c25d04abe95929f842e4e9
2020-10-22tap: fix the api for use of vec_lenMohsin Kazmi1-3/+8
Type: fix Fixes: 03b76a20c569b8275beb8783691300a7d66b54a4 Change-Id: Ife788974cb7b2c35f40a017dd195dc2f7ee797b4 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2020-10-21tcp: updating time constans as timer tick changedRyujiro Shibuya2-15/+17
Type: fix Signed-off-by: Ryujiro Shibuya <ryujiro.shibuya@owmobility.com> Change-Id: Ibe305b96f04ffdc95ddb07d144dc00119ae69a07
2020-10-21vlib: print logs to stderr if interactive or nosyslog setDamjan Marion1-25/+19
If VPP is started in interactive mode, instead of sending logs to syslog server we print them directly to stderr. Output is colorized, but that can be turned off with unix { nocolor } Type: improvement Change-Id: I9a0f0803e4cba2849a6efa0b6a86b9614ed33ced Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-10-21ipsec: support for multipoint on ipsec interfacesNeale Ranns5-7/+64
Type: feature Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: Iae9fe35cfbce4c675fa25e0800c0f4629a83e012
2020-10-21ip: convert u32 entry_flags to vl_api_mfib_entry_flags_t on mroute APINeale Ranns6-6/+40
Type: fix This is not an API change, it's the same values, just a different named type. also use VppEnum values in tests Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I3a18b529514f3cc9467ae4e8ac3e88d067fc776b
2020-10-21virtio: run process to send interrupts to input nodesMohsin Kazmi4-17/+112
Type: improvement virtio interfaces support packet coalescing and buffering which depends on timer expiry to flush the stored packets periodically. virtio input node checks timer expiry and schedules tx queue accordingly. In poll mode, timer expiry is handled naturally, as input node runs periodically. In interrupt mode, virtio input node depends on the interrupts send from backend. Stored packets could starve, if there would not be interrupts to input node. This patch implements a process node which periodically sends interrupt to virtio input node given coalescing or buffering feature is enabled on an interface. Change-Id: Ic38f749f74b001073d4d0579dca149d0a4cea039 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2020-10-21ipsec: Add to the SA info directly in the bihashNeale Ranns5-81/+83
Type: improvement this save the cache miss on the protect structure. Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I867d5e49df5edfd6b368f17a34747f32840080e4
2020-10-21gso: remove dependency on tcp proto implementationFlorin Coras3-2/+2
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I3af84e968c38df0452746729dcb722d48fa438fb
2020-10-21virtio: improve input node performanceDamjan Marion1-13/+26
- Avoid feature arc lookup per packet, as all packets belong to the same interface - don't validate enqueue for l2 packets, as they all have same destionation Type: improvement Change-Id: I32ddd801f219eab9281736abafdc91a4ff9e0989 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-10-21virtio: move lock and kick to outer functionDamjan Marion1-31/+28
Type: improvement Change-Id: I4fdcb40142e8cc9f5f1d0035116659543d5d92fe Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-10-21misc: minimize dependencies on udp.hFlorin Coras31-279/+363
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Id13f33843b230a1d169560742c4f7b2dc17d8718
2020-10-21tls: enable cert key pair setting for connectjiangxiaoming1-0/+1
Type: improvement Signed-off-by: jiangxiaoming <jiangxiaoming@outlook.com> Change-Id: Ie0e6d48d65b0b8b493e9d49cfdf93c645523659a
2020-10-20ipsec: Stack the adj from the destination in the SA's TX tableNeale Ranns1-1/+1
Type: fix Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: Ib7f39243e051cdf44cc7151d14458a7fab42c6a8
2020-10-19ip: Move the IP6 fib into ip6_[m]fib.cNeale Ranns13-151/+185
Type: improvement reduce the compile time by moving the bihash includes out of ip[46].h Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I6b9216e10aff1013071f9238b3e1ebbdd205bd80
2020-10-19hsa: cleanup sock server testFlorin Coras1-1/+1
Type: refactor Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I769174f0023d00a59bc5a03cf0a05996b616742b
2020-10-19ipsec: Layout and prefetching of SA structNeale Ranns3-26/+44
Type: improvement - collect all DP used variables onto 1st or 2nd cache line - prefetch the 2nd cache line - in encrypt prefetch the likely location of the trailer. Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I44d58f8d2d469ff71a4f4a71578e7cc1acaeba43
2020-10-19virtio: fix compilation timeDamjan Marion1-30/+31
There is no need to inline 3 times virtio_refill_vring()... Type: fix Change-Id: Ic26e24fd7911af743fedd0e2282784b715e86c3c Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-10-19gso: add checksum validation in groMohsin Kazmi2-1/+23
Type: improvement Change-Id: I0680c1626a46c8afcb7b6e665cc0734b7b37fd18 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2020-10-17tap: replaces strlen to vec_lenMohsin Kazmi1-4/+4
Type: fix Change-Id: I478b6fc54c47f0e77a1470ed29fdd56774671441 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2020-10-16ipsec: fix instance, and cli del for new ipsec interfaceEric Kinzie2-4/+4
- use user instance number in interface name Restore the behavior of previous versions where the IPsec tunnel interface name contained the value of the user-provided instance number. For example, a command similar to create ipsec tunnel local-ip . . . instance 5 would result in the creation of interface "ipsec5". - ipsec: delete tunnel protection when asked The "ipsec tunnel protect" command will parse a "del" argument but does not undo the tunnel protection, leaving the SAs hanging around with reference counts that were incremented by a previous invocation of the command. Allow the tunnel protection to be deleted and also update the help text to indicate that deletion is an option. - test: ipsec: add test for ipsec interface instance Also cleanup (unconfig) after TestIpsecItf4 NULL algo test. Type: fix Fixes: dd4ccf2623b5 ("ipsec: Dedicated IPSec interface type") Signed-off-by: Eric Kinzie <ekinzie@labn.net> Signed-off-by: Christian Hopps <chopps@labn.net> Change-Id: Idb59ceafa0633040344473c9942b6536e3d941ce
2020-10-15ethernet: fix Ethernet DMAC checksIvan Shvedunov1-7/+12
Type: fix Due to confusion between ethernet flags and hw interface flags, DMAC filtering was not happening, most of the time. Signed-off-by: Ivan Shvedunov <ivan4th@gmail.com> Change-Id: I95209e1ea0f95f9be0b1a82ec9fcbc80955428d2
2020-10-14mpls: no per-MPLS-tunnel tx nodeNeale Ranns3-98/+161
Type: improvement do not add a per-MPLS tunnel tx node. per-tunnl nodes limit the number of tunnels that can be created to the number o fnodes that can be created (64k). improve the tx node. Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I6016f05e809c6c64a0b098a101b28c9dd47824b3
2020-10-13tcp: fix bt acked_sacked on recoveryFlorin Coras1-2/+3
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I2e2d76661fbb07dd8c6afa3583bb18e01b7a7fb6
2020-10-13session: listeners verbose format alignmentFlorin Coras1-3/+3
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ic8e98d7372af3bfde36bface49f9b90de5f3c64b
2020-10-13tcp: fix listener trace coverity warningFlorin Coras1-6/+2
Type: fix Change-Id: I75c0bd862260e188f625271c3bd545a7ab37af5d Signed-off-by: Florin Coras <fcoras@cisco.com>
2020-10-13session: allow custom config of segment basevaFlorin Coras1-0/+2
Type: improvement Change-Id: If9ea09d652c228004492cf47854a7f6c1f8b3bc2 Signed-off-by: Florin Coras <fcoras@cisco.com>
2020-10-13stats: counters data modelOle Troan2-3/+4
This adds a new data model for counters. Specifying the errors severity and unit. A later patch will update vpp_get_stats to take advantage of this. Only the map plugin is updates as an example. New .api language: A new "counters" keyword to define counter sets. counters map { none { severity info; type counter64; units "packets"; description "valid MAP packets"; }; bad_protocol { severity error; type counter64; units "packets"; description "bad protocol"; }; }; Each counter has 4 keywords. severity, which is one of error, info or warn. A type, which is one of counter64 or gauge64. units, which is a text field using units from YANG. paths { "/err/ip4-map" "map"; "/err/ip6-map" "map"; "/err/ip4-t-map" "map"; "/err/ip6-t-map" "map"; }; A new paths keyword that maps the counter-set to a path in the stats segment KV store. Updated VPP CLI to include severity so user can see error counter severity. DBGvpp# show errors Count Node Reason Severity 13 ethernet-input no error error Type: feature Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: Ib2177543f49d4c3aef4d7fa72476cff2068f7771 Signed-off-by: Ole Troan <ot@cisco.com>
2020-10-12l2: mark l2 fib uninitialized after clearingMatthew Smith1-0/+2
Type: fix After clearing the l2fib with 'vppctl clear l2fib', a SEGV occurs the next time a MAC address is learned. In l2fib_clear_table(), the l2fib bihash is freed and then l2fib_table_init() is called to reinitialize it. l2fib_table_init() will not do anything if l2fib_main.mac_table_initialized is set to 1. Reset the value of l2fib_main.mac_table_initialized to 0 before calling l2fib_table_init(). Change-Id: I87f1a3f9a46c951f36c1c0a5ab795b0ec08c81a8 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2020-10-12misc: clang-11 and gcc-10 supportDamjan Marion2-2/+2
clang-11 complains: error: field 'buffer_template' with variable sized type 'vlib_buffer_t' not at the end of a struct or class is a GNU extension [-Werror,-Wgnu-variable-sized-type-not-at-end] Type: improvement Change-Id: I2cb6b4fde723a05b42cf33dd8130df074f0362ab Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-10-12ip: IP6 incorrectly disabled on removing first ip6 prefixNeale Ranns1-1/+3
Type: fix reference counting on the ip6 state was broken, meaning that disabling one of serveral ip6 configs on an interface, completely ip6 disabled the interface. Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: Ie3af51587310ffe871ad2a9cbd927e15a3ececa9
2020-10-12tcp: use 100us timer resolutionFlorin Coras1-4/+4
Experimental reduction of tcp timer resolution from 100ms that allows for finer grained timers, if needed. Please report issues if any encountered. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I4050f7691aa7365b77298b4427408a4a447834fa
2020-10-12tcp: fix connection reuse with no listenerFlorin Coras1-0/+6
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I674872f68406ac778779a68d3ad991f41765d4e2
2020-10-10session: app_name should format with %vjiangxiaoming2-4/+6
Type: fix Signed-off-by: jiangxiaoming <jiangxiaoming@outlook.com> Change-Id: Ib096ad14e6ddbaff52429a416ea4d245703a368d
2020-10-08tcp: treat pending timers as activeFlorin Coras3-3/+4
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ic63af51fab8dbefe79439554ea563f20e3788afa
2020-10-08tcp: custom geometry for timer wheelFlorin Coras5-25/+83
Type: refactor Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I04f992e5d91d21f1e5bbafef070478cfe268d94a
2020-10-08pg: Choose the input interface from the stream's rxNeale Ranns1-1/+3
Type: fix Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I656918a417d33ec6bea30054805e03ae19c38f2d
2020-10-08gre: MPLS over GRE does not select correct fixup functionNeale Ranns1-2/+2
Type: fix Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I9eff41407b0f172f2b567e6a4ea1c48be8df883a
2020-10-08l2: Fix compile error on unused next_indexNeale Ranns1-3/+0
Type: fix Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: Ifc6b4c15f6055df4f403e9cd633e31f061a6d2da
2020-10-08interface: shorten vnet_hw_if_rx_modeDamjan Marion15-78/+73
This is part of bigger refactor. Type: refactor Change-Id: I6fc2c0a1e2d217a70952901bcf775b8485bd3c20 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-10-08ip-neighbor: Grat ARPs from different subnet are droppedNeale Ranns1-5/+8
Type: test Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: Id07e8981a903f11f50fb494a93d01815382025e4
2020-10-08l2: input performanceNeale Ranns17-530/+724
Type: improvement - cache the values form the BD on the input config to avoid loading - avoid the short write long read on the sequence number - use vlib_buffer_enqueue_to_next Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I33442b9104b457e4c638d26e9ad3bc965687a0bc
2020-10-08virtio: fix the traceMohsin Kazmi1-23/+19
Type: fix This patch fixes the commit e347acbc31111504c015531e8ad764a86d489309 Change-Id: Icee7a6e250c94ae93e606d7869acc55c7a5806b1 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2020-10-08ipsec: Allow SAs with NULL auth &crypto on IPSec interfaceNeale Ranns1-2/+3
Type: improvement on the dedicated IPSec interface, the SA describes the peer, so it is not possible to forward to a peer for which there is no SA. Therefore if an SA is added with NULL auth and integ then this explicitly states that this is what the peer desires. on the contrary on the IP-IP/GRE interface, in the absence of protection and an SA, then the traffic is sent in the clear. So adding NULL auth/crypto iSA is a means to describe that the peer should not be sent traffic. Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I7ad2d466cc74eb7ff8c4c84e0d7897d06e2fcf86
2020-10-08fib: Register multicast MAC with interface for accepting interfacesNeale Ranns7-7/+298
Type: fix Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: Ic6c76b65e2dcc08916373153944507a297c962c0