summaryrefslogtreecommitdiffstats
path: root/src/vnet
AgeCommit message (Collapse)AuthorFilesLines
2022-01-06tcp: optimize newreno cong ack handlerFlorin Coras1-19/+20
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I196ee5f4630cec637245493f370b5f83a939fe44
2022-01-06tcp: update snd_congestion only during congestionFlorin Coras3-31/+14
If running without sacks, if snd_una does not cover snd_congestion fast recovery can be missed but the two heuristics from RFC6582 should avoid that. Also snd_congestion was used as a means of inferring if the connection recently exited congestion while setting the persist timer but that does not always work correctly if not congested. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I94d4ac738cdd4f7f23f62e97dd63059de1cd4af9
2022-01-06tcp: mark lost first sack hole on timeoutFlorin Coras3-1/+27
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I1abff943f3fe3ff0219126b5b8beded4ad859758
2022-01-06tcp: handle start tx event in cubicFlorin Coras1-0/+18
If app was idle update start time of current congestion avoidance phase unless tcp connection was not idle. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Idf6a03a9ef96c409462de9f9cb19df609f730afe
2022-01-06tcp: always exit recovery if not in fastrecoveryFlorin Coras1-3/+3
Stay in fast recovery only if it's already on. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Idcdbbacfed3e5f3c991fa293c532be1c671f5217
2022-01-06tcp: exit retransmit before processing feedbackFlorin Coras1-21/+17
Type: refactor Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I5838e4c370d0c02a21b5eadb4af3baae781df097
2022-01-06tcp: use bytes delivered to compute cwndFlorin Coras3-7/+9
Should estimated cwnd better with loss Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Idd75d40dbab212ac0a5d533009c5540b1a58f4c4
2022-01-06tcp: cast timer ticks to u32Florin Coras3-7/+8
tc->rto * TCP_TO_TIMER_TICK can return garbage if not cast to u32 and that confuses clib_max Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> signed-off-by: Vipul Agrawal <Vipul.Agrawal@enea.com> Change-Id: Ief4d29b9625e2ef2e75e0c7e3d731ab147465f6d
2022-01-06tap: add num_tx_queues APINathan Skrzypczak5-5/+181
This adds a create_tap_v3 api that has a num_tx_queues parameter allowing to create more than num_workers queues, following on multi TX support Type: feature Change-Id: Idce433147e8dd165f842241d6c76e041e1b1c9b8 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2022-01-05interface: refactor interface capabilities codeDamjan Marion15-122/+186
Make it shorter to type, easier to debug, make adding callbacks in future simpler. Type: improvement Change-Id: I6cdd6375e36da23bd452a7c7273ff42789e94433 Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-01-05crypto: encrypt/decrypt queues sw_schedulerJakub Wysocki4-34/+99
Type: improvement Previously multiple sw crypto scheduler queues per core design caused unaverage frame processing rate for each async op ID – the lower the op ID is the highly likely they are processed first. For example, when a RX core is feeding both encryption and decryption jobs of the same crypto algorithm to the queues at a high rate, in the mean time the crypto cores have no enough cycles to process all: the jobs in the decryption queue are less likely being processed, causing packet drop. To improve the situation this patch makes every core only owning a two queues, one for encrypt operations and one for decrypt. The queue is changed either after checking each core or after founding a frame to process. All crypto jobs with different algorithm are pushed to thoses queues and are treated evenly. In addition, the crypto async infra now uses unified dequeue handler, one per engine. Only the active engine will be registered its dequeue handler in crypto main. Signed-off-by: DariuszX Kazimierski <dariuszx.kazimierski@intel.com> Signed-off-by: PiotrX Kleski <piotrx.kleski@intel.com> Signed-off-by: Fan Zhang <roy.fan.zhang@intel.com> Signed-off-by: Jakub Wysocki <jakubx.wysocki@intel.com> Change-Id: I517ee8e31633980de5e0dd4b05e1d5db5dea760e
2021-12-31fib: Refetech the adj after the walk in case the pool realloc'dNeale Ranns1-1/+1
Type: fix Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I8734c72cf15533d6614fbeb53b95c824dbd251a9
2021-12-31misc: Remove the unused GBP fields from the buffer meta-dataNeale Ranns2-13/+1
Type: refactor Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I92496501360ee073795206bde87f4731a5ce074c
2021-12-26tcp: set sw_if_index in tcp src-address cliMercury1-2/+2
the receive dpo added by tcp src-address cli do not have a valid sw_if_index , ip4_local_check_src() and tcp_input_lookup_buffer() will set ~0 to vnet_buffer(b)->sw_if_index[VLIB_RX], which will cause crash in tcp46_reset_inline, Type: fix Signed-off-by: Mercury <mercury124185@gmail.com> Change-Id: Ie01c31f3575e14187c6380ebcfff96fcb6098cde
2021-12-24ip: remove archaic vector code from mtrieDamjan Marion2-86/+12
Type: improvement Change-Id: Ib39478a2e6991d721c4ba3ea61c97bfb07238016 Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-12-23tcp: fix endpoint lookup failed caused by key uninitializedMercury1-0/+1
fix ipv4 key uninitialized in local_endpoints_table, which will cause transport_endpoint_cleanup() failed to lookup the endpoint and can not delete it, as for ipv6, clib_memcpy_fast() will change all bytes of lcl_addr and there maybe no need to initalize, Type: fix Signed-off-by: Mercury <mercury124185@gmail.com> Change-Id: I56676493a393b1d64eaa438224e256094ca75d2f
2021-12-23session svm: track fs and seg manager index in fsFlorin Coras2-42/+20
Simplifies allocation of fifos as fifo segment and segment manager indices can be set at alloc time. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ibd357b3ff0279d8deefcdcb17010b4068007ccb7
2021-12-22session: fix segment alloc/free worker raceFlorin Coras2-70/+119
Avoid scenarios where a worker allocates a segment but while it drops the segment manager writer lock and acquires the reader lock another worker uses the segment and frees it. Type: fix Thanks to wanghanlin@corp.netease.com for the report. Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I0a88d738c51b33fd07c34916f125c98806861a06
2021-12-21tls: don't add listen to lookup tableFilip Tehlar1-0/+1
Type: fix Signed-off-by: Filip Tehlar <ftehlar@cisco.com> Change-Id: I0432dd0209f9c7702a8497161e21e178ee243bb1
2021-12-21fib: MPLS EOS chains built for attached prefixes should link to a lookup DPONeale Ranns9-66/+57
Type: fix Presently a local label associated with an attached or connected prefix will link to the glean. This is a problem since it will never use the adj-fibs that are installed for that attached prefix. Instead link the local label to a lookup in the table in which the attached link is bound. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: Iad49fb6168b9ba47216a9a52bd262363b49c3c43
2021-12-20session: ignore rpc in fifo event lookupsFlorin Coras1-10/+0
RPCs are not associated to sessions. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I6b7870a3ebc2e8f32a6c1b10e2552d9e074c7eb3
2021-12-20session: improve sh segment-manager cliFlorin Coras1-53/+81
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I5d669fcba609bcdb35103f57c45e0a270213d84a
2021-12-20ip: SVR fix race conditionKlement Sekera2-2/+14
There could be a race condition where two fragments of one chain end up at the same time on different workers, one overwriting others hash entry. Add a check for that and restart processing on the unlucky worker who ends up being second from hash table POV. This will then result in a proper handover to worker now owning this reassembly. Type: fix Fixes: de34c35fc73226943538149fae9dbc5cfbdc6e75 Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I9eb29c5cb1ffe3b5eb1d5a638e17ab7ba2628d28
2021-12-19fib: Incorrect logic for IPv6 link-local attached export.Neale Ranns1-1/+1
Type: fix IPv6 link-local FIB entries are never needed for attached export. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I08aad78e754d89ad54d07a211fb7a0d7fbc7a0fe
2021-12-18bfd: fix NULL dereference in bfd_api_verify_commonFrédéric Perrin1-1/+1
ip6_get_link_local_address() may return NULL if the local interface is not (or not yet) configured Type: fix Signed-off-by: Frédéric Perrin <fred@fperrin.net> Change-Id: I42bf2081582c4a36fa4e32145ca2f0ff73488110
2021-12-16session: app mq congestion detectionFlorin Coras3-266/+349
Detect mq congestion and handle it by queueing messages in a fifo and postponing handling via rpcs. App workers with congested mqs cannot accept nor connect additional sessions. Type: feature Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I401d971a1a53896758b88fc60f158cbc31e0c7cb
2021-12-14virtio: integrate with new tx infraMohsin Kazmi11-58/+251
Type: improvement Change-Id: I337ec63d0868f665329d68eadf1744e080b73a0d Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2021-12-14interface: Add interface monitor cliNathan Skrzypczak2-0/+120
This adds an interface CLI 'monitor interface <interface>' that periodically reports rx/tx pps & bandwidth for a given interface. Type: feature Change-Id: Ia9d59b3443913520a52b38d7bda012190be6f167 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2021-12-14vxlan: crash on configuring vxlan tunnel on l3 modeSteven Luong2-7/+9
Configure a vxlan tunnel using this CLI and then assign an ip address to the vxlan tunnel cause VPP to crash immediately create vxlan tunnel src x.x.x.x dst y.y.y.y vni 1000 decap-next node ethernet-input l3 set interface ip address vxlan_tunnel0 z.z.z.z/24 It looks like when l3 mode is configured, the code calls the wrong function to register the interface Type: fix Fixes: 3e38422ab905d26ab1625c74268e30c94327ea54 Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: Ie1a08efc028f37fb528a7dfd7048ff6836bb8ddc
2021-12-14api: verify message size on receiptKlement Sekera5-4/+25
When a message is received, verify that it's sufficiently large to accomodate any VLAs within message. To do that, we need a way to calculate message size including any VLAs. This patch adds such funcionality to vppapigen and necessary C code to use those to validate message size on receipt. Drop messages which are malformed. Type: improvement Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I2903aa21dee84be6822b064795ba314de46c18f4
2021-12-14ip: reassembly: drop zero length fragmentsKlement Sekera3-0/+17
Zero length fragments are invalid and should be dropped. This patch adds that. Type: improvement Change-Id: Ic6466c39ca8bf376efe06bb3b7f5d7f1ae812866 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2021-12-12arp: fix arp_vft callbackMercury1-1/+1
arp proxy is not enabled correctly by ip4_neighbor_proxy_enable() Type: fix Signed-off-by: Mercury <mercury124185@gmail.com> Change-Id: I672b5d4a9652030b5604e9d39743c39cb93a2531
2021-12-12tcp: fix the tcp src-address cliMercury1-0/+2
When the src-address to add match a route without a valid output interface(such as default route 0.0.0.0/0), fib_entry_get_resolving_interface() will return (u32)~0, which will cause crash in ip4_neighbor_proxy_enable(). Type: fix Signed-off-by: Mercury <mercury124185@gmail.com> Change-Id: I5aee5676a2ff43ec06745ebed4dba2b9e5b98c4d
2021-12-10ip: reassembly: handle atomic fragments correctlyKlement Sekera2-45/+93
If a fragment arrives with fragment offset = 0 and M = 0, it means that this is actually a complete packet and per RFC 8200, it should be treated independently from other fragments. This patch does that. Fragmentation header is stripped and fragment is forwarded irregardles of other existing reassemblies in case of full reassembly and treated the same way as regular packet in shallow virtual reassembly. Type: improvement Change-Id: If3322d5e3160cd755b8465a642702a9166d46cc2 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2021-12-08api: improve REPLY_MACRO safetyKlement Sekera1-35/+41
Improve vppapigen to generate per-message #define indicating whether said message is dynamically sized (due to VLA or string) or not. Use these #defines in REPLY_MACROs to prevent improper usage. Fix existing improper REPLY_MACRO* usage. Type: improvement Change-Id: Ia77aaf9f6cf3ed68ea21075a4cc8deda78a68651 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2021-12-08session: stricter tx checks for ct sessionsFlorin Coras1-1/+11
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ied4fe0f2b35eeca4e3e82fa21346de7f243aa52a
2021-12-08session: fix duplicate segment del messageFlorin Coras1-6/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I42b5a5a07aae6708a20ed424c8f26ddbe91278fb
2021-12-07fib: fix coverity warning/don't dereference NULLKlement Sekera1-1/+1
fib_sas6_get is called with NULL dst explicitly so add a NULL check to avoid a NULL dereference. Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I8ebcba98832f374991f5442c1b83a4b6e64771d0
2021-12-04ipsec: fix async buffer leakMatthew Smith3-3/+2
Type: fix Fixes: f16e9a5507 If an attempt to submit an async crypto frame fails, the buffers that were added to the frame are supposed to be dropped. This was not happening and they are leaking, resulting in buffer exhaustion. There are two issues: 1. The return value of esp_async_recycle_failed_submit() is used to figure out how many buffers should be dropped. That function calls vnet_crypto_async_reset_frame() and then returns f->n_elts. Resetting the frame sets n_elts to 0. So esp_async_recycle_failed_submit() always returns 0. It is safe to remove the call to reset the frame because esp_async_recycle_failed_submit() is called in 2 places and a call to reset the frame is made immediately afterwards in both cases - so it is currently unnecessary anyway. 2. An array and an index are passed to esp_async_recycle_failed_submit(). The index should indicate the position in the array where indices of the buffers contained in the frame should be written. Across multiple calls, the same index value (n_sync) is passed. This means each call may overwrite the same entries in the array with the buffer indices in the frame rather than appending them to the entries which were written earlier. Pass n_noop as the index instead of n_sync. Change-Id: I525ab3c466965446f6c116f4c8c5ebb678a66d84 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2021-12-03interface: add multi tx-queues support for new tx infraMohsin Kazmi14-136/+867
Type: feature Change-Id: I231f782b3c56dc2b10321e4569ac7acdad1c11da Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2021-12-03ip: extension header parsing fails for fragment headerOle Troan8-294/+277
Refactor and improve boundary checking on IPv6 extension header handling. Limit parsing of IPv6 extension headers to a maximum of 4 headers and a depth of 256 bytes. Type: fix Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: Ide40aaa2b482ceef7e92f02fa0caeadb3b8f7556 Signed-off-by: Ole Troan <ot@cisco.com>
2021-12-03fib: Fix the display (or lack of) for fib node types in dependent children listsNeale Ranns4-22/+37
Type: fix When registering a new FIB node type, no name was required on the API, and so no name was printed. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I8a99cf29c194637a550061b0a5e9782ffe8b31dd
2021-11-30interface: add support for outer header checksumsMohsin Kazmi3-0/+43
Type: improvement Change-Id: I7c341dc4a99898dd1f865ac2ebd99de9898bb0bd Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2021-11-29session: remove segment if empty after writer lockFlorin Coras1-9/+18
Make sure segment is empty after writer lock acquired. Other workers might add fifos in between empty test and writer lock acquire. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I3400fdd14be98d9d8fb4e415d3a849be1d255241
2021-11-29session: mark first listener segment as protectedFlorin Coras1-0/+4
Avoid constantly re-mapping a listener's first segment when all its sessions are closed. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Iea7033fb70f4cf9e4408d542b7c0ff2b0c5c2f92
2021-11-29session: no deq notifications after closeFlorin Coras1-0/+2
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I3e633f017c68e8c5446e45b577048138a387daf6
2021-11-29session: postpone close notification if still acceptingFlorin Coras1-0/+14
Acceping sessions might be rejected so the notification might not make sense. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I3ababdce7c2cec62941d9722a9c06fa48ec547db
2021-11-29ipfix-export: don't check the result of pool_getPaul Atkins1-2/+0
The code to check the exp is set after the call to pool_get() is marked as unreachable in coverity. This is becasue if it fails in pool_get then the it panics. Remove the unreachable code. Type: fix Signed-off-by: Paul Atkins <patkins@graphiant.com> Change-Id: Iabb51b6b6788b6c12ef37c28dde2118c798de831
2021-11-29session: fix clib_rwlock_writer_unlock lostwanghanlin1-1/+4
Type: fix Signed-off-by: wanghanlin <wanghanlin@corp.netease.com> Change-Id: Iab857b056639f7e513f87a6095bea081b7d8349c
2021-11-27devices: fix af_packet GSO checkNathan Skrzypczak1-1/+6
Type: fix This fixes the GSO size calculation in af_packet which didn't include the ethernet size. This is not ideal, as we default to the host side mtu to check whether a packet is GSO or not and to set the GSO size. But there doesn't seem to be more info passed with the packets. Change-Id: I9769e1dd21d5989b4cf67295352b5535454f88d1 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>