summaryrefslogtreecommitdiffstats
path: root/src/vnet
AgeCommit message (Collapse)AuthorFilesLines
2019-07-17tcp: add node with no 6-tuple lookupVladimir Kropylev1-22/+96
Type: feature Add new node in TCP stack where TCP 6 tuple lookup is not required. In new node, packet metadata contains connection-index which can be used to retrieve the TCP connection. The new node will be used by proxy. Change-Id: I3aa0268946898912f4176d5c8c5903e06657479d Signed-off-by: Vladimir Kropylev <vladimir.kropylev@enea.com>
2019-07-17session: move constants definitionFlorin Coras2-2/+3
Type:refactor Change-Id: Ie4a89ae603cd365b28795c92daa08d5943e692ea Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-07-17session: use llist in session node evt handlingFlorin Coras3-66/+145
Type: refactor Change-Id: I24159e0a848f552b4e27acfb5fe6f2cd91b50a19 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-07-17session: grab mq lock until ctrl event is enqueuedFlorin Coras1-2/+1
Type: fix Change-Id: I26a6af7f92316f7a8a5309047b3b3605b87ca327 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-07-16session: fix node enable sequenceVladimir Kropylev1-1/+1
Type: fix Change the sequence to first allocate session_manager and then enable the session-nodes. During “session enable”, sometimes an issue was seen when in some cases POLLING node calls transport_update_time -> tcp_update_time -> tcp_set_time_now which access tcp_main.wrk_ctx before tcp_main_enable allocates the wrk_ctx. 0 0x00007ffff73f7778 in tcp_set_time_now (wrk=<optimized out>) at src/vnet/tcp/tcp.h:953 1 tcp_update_time (now=11.059735140000001, thread_index=<optimized out>) at src/vnet/tcp/tcp.c:1192 2 0x00007ffff75a75de in transport_update_time (time_now=11.059735140000001, thread_index=thread_index@entry=1 '\001') at src/vnet/session/transport.c:740 3 0x00007ffff75a0f4c in session_queue_node_fn (vm=0x7fff74913480, node=0x7fff75e7d5c0, frame=<optimized out>) at src/vnet/session/session_node.c:873 Change-Id: Id2288dd05ba179af2ff22c58bac1331fc21a1c7d Signed-off-by: Vladimir Kropylev <vladimir.kropylev@enea.com>
2019-07-16ipsec: handle UDP keepalivesNeale Ranns8-38/+227
Type: feature Change-Id: I87cc1168466f267e8c4bbec318401982f4bdf03a Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-07-16ipsec: coverity found c-n-p errorNeale Ranns1-1/+1
Type: fix Fixes: 4b0b0d4 Change-Id: Ibd37c9099f9847ed23fa8357fd8e57ee516e52ab Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-07-15ipsec: rewind missing from dual loopNeale Ranns1-4/+9
Type: fix Fixes: a6bee0a1 Change-Id: I1959e28b82825d7928d471d3dfa827ea4cdd74b7 Signed-off-by: Giles Heron <giheron@cisco.com> Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-07-15interface: fix issue that pcap rx/tx trace not available when there are ↵Wei CHEN2-8/+10
worker threads Type: fix Change-Id: Ie9a3a78b45b53344a0a5d7e2027c0e0354a49ebe Signed-off-by: Wei CHEN <weichen@astri.org>
2019-07-15session: allow transports to generate closed notificationsFlorin Coras6-27/+44
In contrast to the closing notification, whereby a transport informs the session layer that is beginning the closing procedure, this allows transports to notify the session layer of the fact that the transport is "fully" closed, i.e., it expects no more data. Also: - adds app closed state for sessions - changes tcp to have it notify when an active close has finished Type: feature Change-Id: I13c738006c03f85015e05ab82843a33a69382aaf Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-07-14api: add DSCP definitions to ip_types.apiPaul Vinciguerra1-0/+46
- also adds ecn definitions. Type: feature Change-Id: Id98d9ae57289425fcfed367f426442173ef4e882 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-07-12quic: fix show session verboseAloys Augustin2-4/+5
Proprely display quic connections in show session verbose, and add a small fix for UDPC listeners and UDP sessions formatting. Change-Id: I33f83e77bf357347623d87ad23c483aba60a9bb2 Signed-off-by: Aloys Augustin <aloaugus@cisco.com> Type: feature
2019-07-12tls quic: reduce default segment sizesAloys Augustin1-1/+1
This reduces the memory required by tls and quic, allowing to run them (and their tests) in more constrained environments by default. Change-Id: I954081c725fb4f5f173db1f8e76922d957c5b0a2 Signed-off-by: Aloys Augustin <aloaugus@cisco.com> Type: fix
2019-07-12session: add thread index to all formattersAloys Augustin5-2/+9
Add a thread_index argument to half-open and listener session formatters because QUIC can have listeners and half-open sessions in any thread. Change-Id: I1de60e35ece4c68ba8cfdd6b63f211bc620d687b Signed-off-by: Aloys Augustin <aloaugus@cisco.com> Type: feature
2019-07-12ipsec: drop outbound ESP when no crypto alg setMatthew Smith4-5/+162
Type: fix If a tunnel interface has the crypto alg set on the outbound SA to IPSEC_CRYPTO_ALG_NONE and packets are sent out that interface, the attempt to write an ESP trailer on the packet occurs at the wrong offset and the vnet buffer opaque data is corrupted, which can result in a SEGV when a subsequent node attempts to use that data. When an outbound SA is set on a tunnel interface which has no crypto alg set, add a node to the ip{4,6}-output feature arcs which drops all packets leaving that interface instead of adding the node which would try to encrypt the packets. Change-Id: Ie0ac8d8fdc8a035ab8bb83b72b6a94161bebaa48 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2019-07-12ip: Trace the packet from the punt nodeNeale Ranns1-7/+14
Type: feature Change-Id: I01f1cc53efc93b0a7bb588ea6db89a53c971a3f5 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-07-12ipsec: Reference count the SAsNeale Ranns9-166/+155
- this remove the need to iterate through all state when deleting an SA - and ensures that if the SA is deleted by the client is remains for use in any state until that state is also removed. Type: feature Change-Id: I438cb67588cb65c701e49a7a9518f88641925419 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-07-12ip ipsec: Remove IPSec SPI-0 punt reasonNeale Ranns5-31/+31
Type: fix There's no call for an SPI-0 punt reason with UDP encap, since it's only with UDP encap that the ambiguity between IKE or IPSEC occurs (and SPI=0 determines IKE). Enhance the punt API to dum ponly the reason requested, so a client can use this as a get-ID API Change-Id: I5c6d72b03885e88c489117677e72f1ef5da90dfc Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-07-12syslog: fix syslog structured data formattingBenoît Ganne1-1/+1
syslog structured data are stored as vectors not null-terminated C-strings. Use '%v' instead of '%s'. Type: fix Fixes: b4515b4be4 Change-Id: Iba224f271c832daca90d4bbccfef45d0f563fe60 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-07-11ip: Punt node does not free iovecsNeale Ranns3-11/+22
Type: fix Fixes: f7a55ad74c Change-Id: Ic3474e746887f880a8f6246bebc399715bac8e80 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-07-11ipsec: Revert "IPSEC: remove byte swap operations in DP during SPD classify"Neale Ranns5-27/+26
Type: fix Fixes: 231c4696872cb344f28648949603840136c0795d This reverts commit 231c4696872cb344f28648949603840136c0795d. Change-Id: I136344555983dd10a31dbc000ee40e2de2c91291 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-07-11ipsec: Revert "IPSEC: remove double byte swap of IP addresses"Neale Ranns1-10/+18
This reverts commit 9b208ced585d3b4620d6fde586cd047fe2027ecf. Type: fix Fixes: 9b208ced585d3b4620d6fde586cd047fe2027ecf Change-Id: I94a17039b4727bff0877423da5ba6cfceb188b17 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-07-10tcp: improve rate estimateFlorin Coras2-9/+22
Type:feature - sample rtt estimation - report acked+sacked - report last lost bytes - use snd_una == snd_nxt to detect 0 bytes in flight Change-Id: I83181261fdb375c7e33d24b7a82343561e6a905f Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-07-10ip: fix show ip neigh vector read overflowBenoît Ganne3-38/+30
Both format_ethernet_arp_ip4_entry() and format_ip6_neighbor_ip6_entry() used %s to format flags which is a vector and not a null-terminated C-string. Introduce format_ip_neighbor_flags() instead. Type: fix Fixes: 102ec52bc4 Change-Id: I0c9349fefbeb76471933de358acceb50512a21aa Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-07-10misc: fix buffer issue in geneve_inputZhiyong Yang1-10/+8
Type: fix Change-Id: I32000cd42b0ab2ce54a159c6727823fd0d113fe4 Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
2019-07-10fib: fib_entry_flags_update takes a vector of pathsNeale Ranns1-5/+1
Type: fix Fixes: 097fa66b Change-Id: I690e31433b64f11399c08b4a0318762916c2c2f0 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-07-09session: notify app of session and transport cleanupFlorin Coras5-3/+39
Type:feature Change-Id: Ic9515c0b11ca6f75503f47ec6b2c58d240afb144 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-07-09udp: UDPC handle open failNathan Skrzypczak1-6/+9
Type: fix Change-Id: Ib8fb4957f4da9e464e2575c45c8ff3828db89872 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2019-07-09tcp: remove warning for multi-seg scnario.Simon Zhang1-1/+0
Type: fix Change-Id: I64e2082bd8ac5b0be21e10407dc29ba4c3f4cab3 Signed-off-by: Simon Zhang <yuwei1.zhang@intel.com>
2019-07-09fib: fix urpf_itfs vector overflowBenoît Ganne1-45/+16
When removing duplicates in urpf_itfs vector we search for the 1st next different entry in the vector, but the loop test is in the wrong order: (urpf->furpf_itfs[i] == urpf->furpf_itfs[j] && j < vec_len(urpf->furpf_itfs)) We must check for overflow before checking equality. Type: fix Fixes: 3ee44040c66cbe47ff292ac7fb0badccbe2afe6d Change-Id: I63729aff12057d5abce6c24ec24339cd9cd79494 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-07-09tcp: track last lost bytes in sack sbFlorin Coras2-3/+10
Type:feature Change-Id: I687809ebcc759cec8cb1d5c3b2b7e6bc995a7985 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-07-09vppinfra: allocate bihash virtual space on demandDave Barach3-0/+6
Reduces the vpp image virtual size by multiple gigabytes Add a "show bihash" command which displays configured and current virtual space in use by bihash tables. Modify the .py test framework to call "show bihash" on test tear-down Type: refactor Change-Id: Ifc1b7e2c43d29bbef645f6802fa29ff8ef09940c Signed-off-by: Dave Barach <dave@barachs.net>
2019-07-08map gbp papi: match endianess of f64Paul Vinciguerra1-2/+2
clib_net_to_host_f64, clib_host_to_net_f64 are now implemented as '=', https://gerrit.fd.io/r/#/c/20406/ set papi to match. - all f64 api references are now wrapped with clib_net_to_host_f64 or clib_host_to_net_f64. IEEE f64 endianess is not defined. If clib_net_to_host_f64 and clib_host_to_net_f64 are later defined in VPP as big-endian, it is a single character change in the papi vpp_serializer. Note: This breaks the api in a manner that would not be detected by the flag day initiative. The scope is small. This only impacts map.api, which applied the u64 transformation, while the gbp api uses '='. The implementation of "=" raises issues for the papi socket implementation if used between systems of differing endianess. See Vratko's comments. - Added get_f64_endian_value() to api to allow client to verify endianess of f64's. Type: fix Depends-on: https://gerrit.fd.io/r/#/c/20484/ Change-Id: I00fc64a6557ba0190398df211aa0ea5c7eb101df Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-07-08ip: retain local interface address adjacencyMatthew Smith1-6/+24
Type: feature ip4_local_check_src() was overwriting vnet buffer opaque data on the adjacency for packets with "local" (dpo-receive) destination addresses. Retain the dpo receive index in vnet_buffer()->adj_index[VLIB_TX]. This can allow a graph node to distinguish the interface where the destination address is configured from the interface where the packet was received. This can be useful in correctly handling packets that have been sent to an address configured on a loopback interface. Change-Id: I52a942e85b5302b338a2d0404a37c5ea1a99e89f Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2019-07-08session: add flag to disable session lookupNathan Skrzypczak5-5/+15
Type: feature Change-Id: I1369859be0a722ea37e5d3ecb35dee5684fc69f8 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2019-07-08session: target app.fib_index in unbind_uriNathan Skrzypczak1-3/+6
Type: fix Change-Id: Iafcf85315c73bcd73af20bd84b1ccba030e2065b Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2019-07-05vxlan-gbp: Decap ignores reserved bitsNeale Ranns2-18/+22
Type: fix from the draft: 3. Backward Compatibility VXLAN [RFC7348] requires reserved fields to be set to zero on transmit and ignored on receive. Change-Id: I98544907894f1a6eba9595a37c3c88322905630e Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-07-05ethernet: ARP disabled nodeNeale Ranns1-15/+106
Type: feature improve the tracing from: 00:00:01:259665: pg-input stream pcap3, 42 bytes, 3 sw_if_index current data 0, length 42, buffer-pool 0, ref-count 1, trace handle 0x0 ARP: 02:03:00:00:ff:02 -> ff:ff:ff:ff:ff:ff request, type ethernet/IP4, address size 6/4 02:03:00:00:ff:02/172.16.3.5 -> 00:00:00:00:00:00/172.16.2.1 00:00:01:259690: ethernet-input frame: flags 0x1, hw-if-index 3, sw-if-index 3 ARP: 02:03:00:00:ff:02 -> ff:ff:ff:ff:ff:ff 00:00:01:259702: arp-input request, type ethernet/IP4, address size 6/4 02:03:00:00:ff:02/172.16.3.5 -> 00:00:00:00:00:00/172.16.2.1 00:00:01:259710: error-drop rx:pg2 00:00:01:259717: drop null-node: blackholed packets to 00:00:01:283323: pg-input stream pcap3, 42 bytes, 3 sw_if_index current data 0, length 42, buffer-pool 0, ref-count 1, trace handle 0x0 ARP: 02:03:00:00:ff:02 -> ff:ff:ff:ff:ff:ff request, type ethernet/IP4, address size 6/4 02:03:00:00:ff:02/172.16.3.5 -> 00:00:00:00:00:00/172.16.2.1 00:00:01:283348: ethernet-input frame: flags 0x1, hw-if-index 3, sw-if-index 3 ARP: 02:03:00:00:ff:02 -> ff:ff:ff:ff:ff:ff 00:00:01:283360: arp-input request, type ethernet/IP4, address size 6/4 02:03:00:00:ff:02/172.16.3.5 -> 00:00:00:00:00:00/172.16.2.1 00:00:01:283369: arp-disabled request, type ethernet/IP4, address size 6/4 02:03:00:00:ff:02/172.16.3.5 -> 00:00:00:00:00:00/172.16.2.1 00:00:01:283374: error-drop rx:pg2 00:00:01:283380: drop arp-disabled: ARP Disabled on this interface Change-Id: I49b915b84cf56d6c138dedd8a596c045c150c4fb Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-07-05sctp: move to plugins, disabled by defaultFlorin Coras21-8539/+56
Removed sctp buffer metadata from vnet/buffer.h, added it to the plugin. Add registration APIs for plugin-based vlib_buffer_opaque / opaque2 decoders, used by "pcap dispatch trace ..." for display in the wireshark dissector. Type:refactor Not actively maintained. Change-Id: Ie4cb6ba66f68b3b3a7d7d2c63c917fdccf994371 Signed-off-by: Florin Coras <fcoras@cisco.com> Signed-off-by: Dave Barach <dave@barachs.net>
2019-07-05tcp: timestamp adjustmentVladimir Kropylev3-3/+14
Type: feature Change-Id: Icb3c574100cde95ab5be4923c8739889cf7e48c6 Signed-off-by: Vladimir Kropylev <vladimir.kropylev@enea.com>
2019-07-05tcp: add cc algo start tx eventFlorin Coras2-0/+16
Type: feature Notify cc algos that new data is sent on a connection that was apparently idle. Change-Id: I892e5e9bb5b88d791265ffbbefce6f9694d01970 Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-07-05tcp: add cc algo undo recovery notificationFlorin Coras2-18/+23
Type:feature Change-Id: Iedefe87555f0a0033abed8569bc2995c8f523d7e Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-07-05tcp: add loss signal to cc algoFlorin Coras5-26/+62
Type:feature Change-Id: Ibe1a4c555b55fb929d55b02599aaf099ed522cdf Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-07-03vxlan-gpe: simplify counter codeZhiyong Yang1-22/+10
Type: style Change-Id: Ia50867a853388d9f69571815ddcdaadfc47206bc Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
2019-07-03misc: fix coverity warningsDave Barach1-0/+5
Type: fix Ticket: VPP-1649 Change-Id: I93a393eca80065c379035478500e75e855f39b12 Signed-off-by: Dave Barach <dave@barachs.net>
2019-07-03quic: fifo notifications fixAloys Augustin1-0/+1
Add SESSION_IO_EVT_RX handling in session_send_evt_to_thread to allow internal apps to send rx events ("tx notifications") to quic. Add a call to quic_send_packets in quic_custom_app_rx_callback to ensure QUIC ACKs are sent if there is no other activity on the connection. Type: fix Change-Id: I885e01e6475e5b0274f274e9dd34d4a771719e69 Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
2019-07-03fib: allow route delete with no paths and multipath=0 to remove theNeale Ranns4-50/+55
whole route Type: fix Fixes: 097fa66b Change-Id: I017ab5797670eb278c27c6e306cd8cadaacddf9d Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-07-02gbp: add anonymous l3-out external interfacesBenoît Ganne2-0/+2
So far, GBP l3-out packets classification & policy relied on programmed EP. All traffic to/from l3-out must go through a known EP. This patch introduces a new feature where l3-out next-hops are only known by their subnets (l3-out prefixes). As there are no longer known EPs to program, an interface must be configured as external anonymous l3-out. Packets classification & policy on this interface will rely on the external subnets programmed in the BD VRF. Note that contrary to all other interfaces in a GBP BD, external anonymous l3-out interfaces have BD L2 learning turned on and rely on ARP/ND. Type: feature Change-Id: Ieedb29dff4e967d08c4301e82d06bff450a63e5f Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-07-02fib: Coverity fix to remove dead codeNeale Ranns1-2/+0
Type: fix Change-Id: I678f523f058165030572d9cd395802b772db9ed7 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-07-02lisp: init locator probed field in parserFlorin Coras1-0/+1
Type: fix Reported by coverity. Change-Id: Ic84ac8c373c4c834bfddbf3ca08e2cfa2152e2ae Signed-off-by: Florin Coras <fcoras@cisco.com>