summaryrefslogtreecommitdiffstats
path: root/src/vnet
AgeCommit message (Collapse)AuthorFilesLines
2020-03-31ipsec: fix udp-encap in transport modeAlexander Chernavin1-1/+7
Now UDP enacapsulation doesn't work in transport mode with crypto algorithms that have iv_sz=8 like AES GCM or 3DES CBC. That happens because the inserted UDP header overlaps with the old IP header and gets filled before the information from the old IP header can be copied to a new IP header. The result is a broken packet: 00:03:39:620863: esp4-encrypt-tun esp: sa-index 3 spi 3464048590 (0xce792fce) seq 31 sa-seq-hi 0 crypto aes-gcm-128 integrity none udp-encap-enabled 00:03:39:620867: adj-midchain-tx ... 00:03:39:620868: ip4-rewrite ... 00:03:39:620869: GigabitEthernet0/8/0-output GigabitEthernet0/8/0 IP4: 08:00:27:a9:6b:d6 -> 08:00:27:5a:dd:0c UDP: 10.255.0.10 -> 10.255.0.20 version 0, header length 0 tos 0x80, ttl 63, length 0, checksum 0x653e (should be 0xffff) dscp CS4 ecn NON_ECN fragment id 0x0000 UDP: 128 -> 0 length 0, checksum 0x0000 00:03:39:620870: GigabitEthernet0/8/0-tx GigabitEthernet0/8/0 tx queue 0 ... IP4: 08:00:27:a9:6b:d6 -> 08:00:27:5a:dd:0c UDP: 10.255.0.10 -> 10.255.0.20 version 0, header length 0 tos 0x80, ttl 63, length 0, checksum 0x653e (should be 0xffff) dscp CS4 ecn NON_ECN fragment id 0x0000 UDP: 128 -> 0 length 0, checksum 0x0000 With this commit, fill UDP header after copying the IP headers in transport mode. Type: fix Change-Id: Ie9a6e562aa05a8378114329d6a9ff395189fa6a8 Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2020-03-30tcp: reuse session infra for syns and resetsFlorin Coras6-88/+71
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I71df27049ef0193578f0c42f8f8bbd5c54e4d53e
2020-03-30session udp: flag for connected udpFlorin Coras5-5/+46
Type: improvement This can be used as alternative to udpc Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ic3f7efe6728b25d4a8a0b61ddb36de66b4672c4f
2020-03-30vxlan: leverage vlib_get_buffers in vxlan_encap_inlineZhiyong Yang1-12/+14
vlib_get_buffers can save about 1.2 clocks per packet for vxlan encap graph node on Skylake. Type: improvement Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com> Change-Id: I9cad3211883de117c1b84324e8dfad38879de2d2
2020-03-30gso: fix the header parser to read onlyMohsin Kazmi3-6/+44
Previously, header parser sets the tcp/udp checksum to 0. It should be read only function for vlib_buffer_t. Type: fix Change-Id: I9c3398372f22998da3df188f0b7db13748303068 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2020-03-30interface: remove mtu clib_warning message from api handlerPaul Vinciguerra1-1/+0
Type: fix Change-Id: I85000cce698d44a96adcab7ff6aa37e7dcca51f7 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2020-03-27docs ethernet: add docs for ethernet SectionPaul Vinciguerra1-0/+7
Type: docs Change-Id: I6ad92b35df3e0fecb1334511625eacf3e3d8925f Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2020-03-26session: fix coverity warningDave Barach1-1/+1
Type: fix Ticket: VPP-1837 Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: Ib5da600b7a40f775de7dc5b9aaa8d967e49e8632
2020-03-26svm: correct format_fifo_segmentRyujiro Shibuya1-1/+3
Type: improvement Signed-off-by: Ryujiro Shibuya <ryujiro.shibuya@owmobility.com> Change-Id: Ia8aef3695f12e09b087be79ebe40e758fb8105ad
2020-03-25session: api to add new transport typesFlorin Coras14-77/+136
Type: feature Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: If4dee6dba1ea942daa921d566b35cdecdda680ee
2020-03-25tcp: avoid updating rcv wnd in resetsFlorin Coras1-3/+1
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I0884bf63db57b4b4dbccf41ab64c030b3fe4dde2
2020-03-25sr: Change the CLI keyword from address to prefix.Tetsuya Murakami1-1/+1
Change the CLI keyword from address to prefix in sr localsid command. Type: feature Signed-off-by: Tetsuya Murakami <tetsuya.mrk@gmail.com> Change-Id: Icc3072404a106ab40e829d2d291e5c179a4443a8 Signed-off-by: Tetsuya Murakami <tetsuya.mrk@gmail.com>
2020-03-25ip: Adding IP tables is no MP safeNeale Ranns1-2/+0
Type: fix it was marked MP safe in the CLI (which it shouldn't be) but it it not marked MP safe on the API. Change-Id: I4bdea498a510a8b406d13d62a899b6d03656f7e8 Signed-off-by: Neale Ranns <nranns@cisco.com>
2020-03-24map: fix translation of icmp6 error messagesAlexander Chernavin1-0/+51
Translation of ICMPv6 error messages to ICMP error messages fails because the sender port is not set that leads to securtiy check failure. With this commit, during ICMPv6 error messages translation, get the sender port value from the inner packet. Type: fix Change-Id: I1ee295a3685fab4837172edfb629a699f49afbee Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2020-03-23tcp: add lost and in flight to byte trackerFlorin Coras2-2/+15
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I3b0041d72d835cbb11e803cc56ac4c68a68238a0
2020-03-23ipsec: Revert "ipsec: fix chained ESP"Florin Coras2-144/+50
This reverts commit c2c1bfd9b72aec88526c06479b128725eb525866. Reason for revert: Seems it's breaking ipsec esp tests Type: fix Change-Id: Iac590eee23cbf92a10c62dafa789aa9c3b2284dd Signed-off-by: Florin Coras <fcoras@cisco.com>
2020-03-23sr: srv6 API cleanupJakub Grajciar5-111/+149
Use consistent API types. Type: fix Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com> Change-Id: I3c348ad2fca8bb3d9a246af7a2aa9dc9c33f57c3 Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
2020-03-23ipsec: fix chained ESPFilip Tehlar2-50/+144
This fixes a special case when buffer chain enters decrypt node and becomes a single buffer after decryption. Type: fix Change-Id: I1d4da029b952baa97400adb7173aa63fd97d916b Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-03-23ipsec: increment no-tunnel counter in ipsec-tun-inputAlexander Chernavin1-0/+3
If "no-tunnel" error erises, you will not see it in the "show errors" output because the packet will be punted. That fact complicates troubleshooting. Type: improvement Change-Id: Ic08347f81131a4a73a05b66acbfb02797373f5ab Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2020-03-23virtio: vhost gso checksum error when both indirect and mrg_rxbuf are offSteven Luong1-20/+19
Turn on gso, turn off both indirect and mrg_rxbuf caused traffic received and sent with checksum error. The problem is we are not mapping the hdr correctly in the shared memory address. Type: fix Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I7ef3bc2755544167b0e624365988111b17399e89
2020-03-23tap: fix the numa/queue for buffersMohsin Kazmi1-1/+1
Type: fix Change-Id: Ib320171708bebde6d1dae0b2c665f9bcfc9102db Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2020-03-23virtio: improve error handlingMohsin Kazmi1-9/+30
Type: improvement Change-Id: I134465760272ceb29f85486cba838d8687696bbf Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2020-03-21srv6-mobile: Fix the localsid length issue on vnet/srv6Tetsuya Murakami1-5/+6
Fix the following issue. 1. The localsid length was not stored in sr localsid structure. 2. SRv6 mobile test cases were modified based on the new sr localsid CLI syntax. Type: fix Signed-off-by: Tetsuya Murakami <tetsuya.mrk@gmail.com> Change-Id: Ieb7620c35439e90a599802a7e0dba61a39707349
2020-03-21srv6-mobile: Support GTP4/6.DT and User Plane message mappingTetsuya Murakami1-0/+7
Support the following new features in srv6-mobile. 1. GTP4.DT 2. GTP6.DT 3. User Plane Message encoding based on draft-murakami-dmm-user-plane-message-encoding-01 4. Add SRv6 mobile test cases Type: feature Signed-off-by: Tetsuya Murakami <tetsuya.mrk@gmail.com> Change-Id: I890e5171bf03513d54b4830f01b9dc7f47fe7c48 Signed-off-by: Tetsuya Murakami <tetsuya.mrk@gmail.com>
2020-03-21ipsec: efficient layout of ESP per thread dataRajesh Goel1-3/+4
Type: fix Change-Id: I1ba921503a41ca37ce5c920682893617740571a9 Signed-off-by: Rajesh Goel <rajegoel@cisco.com>
2020-03-21virtio: fix link up/down flagMohsin Kazmi1-3/+9
Type: fix "set int state <interface> down" puts the virtio device link down. It will not put the link in "UP" state, when "set int state <interface up>" will be used again to change the interface admin up. This patch fixes it. To test: create tap set int state tap0 up set int state tap0 down sh hardware sh int set int state tap0 up sh int sh hardware Change-Id: I3c0e31539f8a2a1e40220e7fb57eedecf408f067 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2020-03-21ikev2: add support for custom ipsec-over-udp portFilip Tehlar5-11/+28
Type: feature Change-Id: Ifee2b3dca85ea915067b9285e3636802bf0c19a8 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-03-21virtio: fix the out of order descriptors in txMohsin Kazmi4-8/+102
Type: fix Some vhost-backends give used descriptors back in out-of-order. This patch fixes the native virtio to handle out-of-order descriptors. Change-Id: I57323303349f6a385e412ee22772ab979ae8edbf Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2020-03-20tcp: avoid spurious retransmit attemptFlorin Coras1-4/+2
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I6ce6fb0fe0ceb8a70b6a13e6a72fdb842bfded7a
2020-03-20session: export session_alloc_for_connectionAndreas Schultz2-1/+3
Type: refactor Signed-off-by: Andreas Schultz <andreas.schultz@travelping.com> Change-Id: I45c6f434065ab0ad8ada3184b5a875a32a1b3faa
2020-03-20ip: provide extern declaration for ip punt nodesJawahar Santosh Gundapaneni2-0/+2
Type: fix Signed-off-by: Jawahar Santosh Gundapaneni <jgundapa@cisco.com> Change-Id: Ife0f7749a72cc834a3d811f8cf6b5a0840157014
2020-03-20ip: ip API types coverity fixJakub Grajciar1-1/+0
Type: fix Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com> Change-Id: I6b2c7550ae5918c27b02b1173533d2042c6c15c7
2020-03-19tcp: move accept init to separate reusable functionFlorin Coras3-102/+107
Type: refactor Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I5120eb321e9e2050eb64dca9e2dfb6256ff2b62d
2020-03-19tcp: force deschedule if no send space availableFlorin Coras8-23/+38
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Iae9f118f710153b6c0e390265039db7434e67ed8
2020-03-19session tcp udp: consolidate transport snd apisFlorin Coras11-103/+175
Type: improvement Use only one api to retrieve transport send parameters. Additionally, allow transports to request postponing and descheduling of events. With this, tcp now requests descheduling of sessions when the connections are stuck probing for zero snd_wnd Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I722c974f3e68fa15424c519a1fffacda43af050c
2020-03-19tcp: count dupacks with no sacksFlorin Coras2-1/+3
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ia2e29b4776c0f8df666da39a14c5ef2fa1693c21
2020-03-19ip: change ip API enums address_family and ip_proto size to u8Jakub Grajciar7-59/+71
Type: fix Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com> Change-Id: I73d27520726543d6375caad76a841339f68c3533 Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
2020-03-19fib: format functions for pathNeale Ranns2-0/+72
Type: improvement Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: Ib7a9e457cb2462e6ce9e5e2af53d1f997f4ae6cf
2020-03-18ethernet: Copy only 6 bytes of mac address into a u64Jon Loeliger1-3/+3
Rather than leaving 2 bytes of junk in the upper word of a mac address represented as a u64, zero them out. That way later compairsons stand a chance of matching when deleting a bridge's arp termination entries. The volatile qualifier shouldn't be needed here, but without it the compiler removes the clib_memcpy() at -O2. Bad compiler. No biscuit. Type: fix commit: faf22cb303b65e2a6bf8dad959d7f5ee6d031c4f Change-Id: Iebcf35fdd421293dccbcaefadef767f7e139438e Signed-off-by: Jon Loeliger <jdl@netgate.com>
2020-03-17fib: Always install all routers mcast addressesNeale Ranns5-30/+93
Type: improvement Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: Ia8dff15855a81cf29729bdaa3ff28fbe3254fa97
2020-03-17ip: ip_address_t uses ip46_address_tNeale Ranns16-196/+341
Type: improvement type re-use. Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: Ic2a2e6babf9ae66a1e53aec53a6cd157e1893dc8
2020-03-17ipsec: initialize algs to none in 'create ipsec tunnel' cliDamjan Marion1-2/+2
Type: fix Change-Id: I901c9384710eee5847b3fbce060c78e115ba4169 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-03-16arp: Restore CLI for setting ARP proxy entriesNeale Ranns1-2/+47
Type: fix Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I3a21afef86990c1198ffcc47ffe2dba8a97125ee
2020-03-16vxlan: vxlan/vxlan.api API cleanupJakub Grajciar2-38/+47
Use consistent API types. Type: fix Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com> Change-Id: I7f6f37ec6eed780322e2488d6eb0f5681945ba09 Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
2020-03-13devices: netlink create the object if missingDave Barach1-4/+4
Type: fix Fixes: b49bc1a Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I3dd81a2484c8b4925fd07556576c29d1cde337e1
2020-03-12policer: API cleanupJakub Grajciar4-53/+115
Use consistent API types. Type: fix Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com> Change-Id: Ia14f33992353b419b70b55beed63ab8ed6a2e837 Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
2020-03-12sr: SRv6 uN behaviorPablo Camarillo4-33/+42
Implements the uN behavior Type: feature Change-Id: Icb5efc560e09052cd183b468772cf7f799f81194 Signed-off-by: pcamaril <pcamaril@cisco.com>
2020-03-10tcp: protect against forced cleanupsFlorin Coras1-0/+2
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I0c3b847044d522f55dfd8262afa7c161d5bd5dd3
2020-03-10mpls: add user defined name tag to mpls tunnelsIJsbrand Wijnands4-4/+19
This allows a user creating MPLS tunnel through the bin_api to add a name tag. This is useful to correlate the Tunnel with its use-case. Also useful if the user needs to recover the MPLS Tunnel after a restart (mark-sweep). Type: feature Change-Id: Signed-off-by: IJsbrand Wijnands <ice@cisco.com> Change-Id: Idc080a63810a176ab090a2678a73d2cf9f7b523f
2020-03-10ipsec: API cleanupJakub Grajciar2-25/+27
Use consistent API types. Change vl_api_ipsec_proto_t to iana values: ESP 50, AH 51, Type: fix Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com> Change-Id: I2becefb343246e0233f290fefbfdd172d8237325 Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>