summaryrefslogtreecommitdiffstats
path: root/src/vnet
AgeCommit message (Collapse)AuthorFilesLines
2018-03-02tls: clib_mem_alloc context to avoid dangling referencesFlorin Coras1-30/+32
Change-Id: I1e3b48dfd21c9dbebdbcc0af0d6e888b416b3ac5 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-03-02session: first approximation implementation of tlsFlorin Coras24-163/+1737
It consists of two main parts. First, add an application transport type whereby applications can offer transport to other applications. For instance, a tls app can offer transport services to other applications. And second, a tls transport app that leverages the mbedtls library for tls protocol implementation. Change-Id: I616996c6e6539a9e2368fab8a1ac874d7c5d9838 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-03-02tapv2: CLI and binary API fixesSteven2-3/+3
1. When interface create encouners an error (see test below), the same id cannot be used again. This is due to hash_set is called too early in the function. After the hash entry is set, there are different errors may cause the interface create to be aborted. But we didn't remove the hash entry when error is encountered. The fix is to move the hash_set call near the end which has no more "goto error" DBGvpp# create tap id 1 rx-ring-size 1021 tx-ring-size 1021 create tap id 1 rx-ring-size 1021 tx-ring-size 1021 create tap: ring size must be power of 2 DBGvpp# create tap id 1 rx-ring-size 1024 tx-ring-size 1024 create tap id 1 rx-ring-size 1024 tx-ring-size 1024 create tap: interface already exists DBGvpp# 2. multiple issues exist with api_format.c with the below command binary-api tap_create_v2 id 4 hw-addr 90:e2:ba:76:cf:2f rx-ring-size 1024 tx-ring-size 1024 - hw_addr is not taken due to the test for random mac is inverted - id is an integer, not a string - integer values were not converted to network format Change-Id: I5a669d702a80ad158517df46f0ab089e4d0d692e Signed-off-by: Steven <sluong@cisco.com>
2018-03-01SCTP: API to delete a sub-connectionMarco Varlese4-2/+106
This patch adds an API to delete a sub-connection following a SRC/DST IP mapping as required by the RFC4960. Change-Id: I7673dd07352557442ffeed6c6c00da274b24953d Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2018-03-016RD: Rewritten 6RD RFC5969 support.Ole Troan9-9/+17
Change-Id: Ic30fbcb2630f39e45345d7215babf5d7ed4b33a0 Signed-off-by: Ole Troan <ot@cisco.com>
2018-03-01Fix ERSPAN encap to set EN bits in the header and add test caseJohn Lo2-9/+12
For ERSPAN encap, both bits in the EN field of the header should be set to indicate any VLAN tag in the original Ethernet frame is preserved. Added SPAN L2 test case where the mirrored packet output is a GRE ERSPAN tunnel. Change-Id: Ie7a40992a9278469c24aa6fa9e122b4505797d10 Signed-off-by: John Lo <loj@cisco.com>
2018-03-01SCTP: API to add a sub-connectionMarco Varlese7-38/+243
This patch adds an API to add a sub-connection following a SRC/DST IP mapping as required by the RFC4960. At the same time, it changes the way the next available sub-connection is being calculated: rather than having an index in the parent connection which is prone to many issues at run-time, the next available sub-connection is being calculated by looking at the state of the set sub-connections and if marked as DOWN it means that is an available slot to be used. Change-Id: I662be6a247bfbbe8bf9aaf3f485183c07ef862fe Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2018-03-01session: zero out ips in local endpoint lookup only if localFlorin Coras3-29/+75
Change-Id: I3425b1533b3d31210166e7b3798685464ad1c489 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-02-28tapv2: abort in tap_create_if (VPP-1179)Steven1-0/+1
The following command sequences cause the crash: create tap id 0 rx-ring-size 1024 tx-ring-size 1024 create tap id 1 rx-ring-size 1024 tx-ring-size 1024 set interface state tap0 up set interface state tap1 up delete tap tap0 delete tap tap1 create tap id 0 rx-ring-size 1024 tx-ring-size 1024 0: /home/sluong/vpp2/vpp/build-data/../src/vnet/interface_funcs.h:46 (vnet_get_hw_interface) assertion `! pool_is_free (vnm->interface_main.hw_interfaces, _e)' fails The reason for the crash is because when the tap interface is deleted, the code does not remove the entry from the device queue. But the interface is deleted anyway from vnet_main.interface_main.hw_interfaces. When an interface is created again, it may encounter the deleted entry in the device queue and crash. Notice create and delete a single entry does not cause a crash. Need to create and delete 2 interfaces to create a "hole" in the device queue. Change-Id: I42ce0b7943d73b3eab32a16751a0a3183de62d9f Signed-off-by: Steven <sluong@cisco.com>
2018-02-28at af_packet input, drop partial packets to prevent l4 checksum deadloop at ↵Chaoyu Jin1-4/+17
ouptut Change-Id: I6f75b7328fd0aa71d00a701e36c8b4ad06bff3c4 Signed-off-by: Chaoyu Jin <chjin@cisco.com>
2018-02-28SCTP: handle COOKIE while in SHUTDOWN phaseMarco Varlese3-20/+40
This patch address the requirement to handle a COOKIE chunk whilst in SHUTDOWN phase. The COOKIE shouldn't just be dropped but an OPERATION ERROR chunk shall be sent to the peer to inform about the current situation. Change-Id: I1a47652402d49cfee3b0c810304d7902f3a62f40 Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2018-02-27vnet/interface: vnet_(put|get)frame_to_sw_interface is not worker thread awareSteven1-2/+2
When heavy traffic is running using worker threads, it may crash here DBGvpp# 0: /home/sluong/vpp3/vpp/build-data/../src/vlib/main.c:1128 (dispatch_pending_node) assertion `f->flags & VLIB_FRAME_PENDING' fails Thread 1 "vpp_main" received signal SIGABRT, Aborted. 0x00007ffff5d50428 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:54 54 ../sysdeps/unix/sysv/linux/raise.c: No such file or directory. (gdb) No crash was observed if only main thread was used. Change-Id: I96f8b02ec23accc85c0f1ddecfeff6043b5e3c2b Signed-off-by: Steven <sluong@cisco.com>
2018-02-27sctp: sctp_output.c failed to compile when VLIB_BUFFER_TRACE_TRAJECTORY is ↵Steven1-1/+1
enabled Fixed a typo in sctp_push_header(). It was inherited from tcp_output.c Change-Id: I810fcb4c24cfd3d54f15da72a5184cfc4df24592 Signed-off-by: Steven <sluong@cisco.com>
2018-02-27SRv6: API uses table-IDs not FIB indiciesNeale Ranns1-3/+3
Change-Id: Iacbf7593ef9c03000db502e68335ac3ae18995d7 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-02-26Added u8x16,u32x4,u64x2 variants of _zero_byte_mask(x) for ARM/NEON ↵Adrian Oanca1-8/+4
platform. VPP-1129 Change-Id: I954acb56d901e42976e71534317f38d7c4359bcf Signed-off-by: Adrian Oanca <adrian.oanca@enea.com>
2018-02-26SCTP: Handle a COOKIE ECHO/ACK when a TCB ExistsMarco Varlese4-17/+146
This patch addresses the requirements depicted in section 5.2.4 of the RFC 4960. It also takes care of handling the ERROR chunk and obviously the STALE COOKIE error. Change-Id: I6b88a9371546b18a52abac22f7c593a5f16be838 Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2018-02-26SCTP: handle INIT corner-case handlingMarco Varlese4-5/+215
As per RFC4960 the INIT chunk could be received in unexpected scenarios and - depending on the state of the internal state-machine - the INIT chunk requires different treatment. This patch addresses section 5.2.1 and 5.2.2 of the RFC4960. Change-Id: Ib23ef490c6a5ca3da6c46a9584b75e7577cb7042 Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2018-02-26Fix current data offset to use vlib_buffer_get_current in input/output ACLSteve Shin1-5/+5
vlib_buffer_get_current() should be used for current data offset in ACL. This is required for output ACL where packets are decoded through a vxlan tunnel rx node. Change-Id: I6f739f251c3eb0d59ee4ae0da97aa04ddf667468 Signed-off-by: Steve Shin <jonshin@cisco.com>
2018-02-26IPv6 MLD; pointer address used as hash keyNeale Ranns1-3/+3
Change-Id: I7b2f52b2b2ce13f27bddc8750b8fc564bf6ab73e Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-02-26vnet: add 25G interface speed flagDamjan Marion1-2/+4
Change-Id: I1d3ede2b043e1fd4abc54f540bb1d3ac9863016e Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-02-26vnet: add vnet_device_input_have_features functionDamjan Marion1-0/+7
Change-Id: I28cfa7f7f5e4938146478c4a5cc5ad18612aadaa Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-02-25SCTP: fix connection memory corruptionMarco Varlese4-14/+23
A bug was found when multiple SCTP connections were being opened to the same SCTP server. This patch addresses that problem, removing the use of the 'parent' pointer approach for sub-connection and saving instead within the sub-connection itself the ID representing its position. That facilitates pointer-arithmetic to be computed in the get_connection_from_transport(). Change-Id: Iaa1f4efc501590be1c93e42fd6fe3d6e02f635eb Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2018-02-23VXLAN: Instance numbers now properly freed upon delete.Jon Loeliger1-1/+1
Fixes a small bookkeeping oversight where the VXLAN instance numbers were being freed erroneously by their device_instance number rather than the correct user_instance number. Change-Id: I08f6b2089c7a14cc8a8cb91f04f850f60ecec43b Signed-off-by: Jon Loeliger <jdl@netgate.com>
2018-02-23Convert a pcap file to a set of C initializersDave Barach2-1/+140
Change-Id: Ieb6b7a75fa23c8142ae15f42cd3a703253f39e10 Signed-off-by: Dave Barach <dave@barachs.net>
2018-02-22bihash table size perf/scale improvementsDave Barach1-3/+11
Directly allocate and carve cache-line-aligned chunks of virtual memory. To a first approximation, bihash wasn't using clib_mem_free(...). We eliminate mheap object header/trailers, which improves space efficiency. We also eliminate the 4gb bihash table size limit. An 8_8 bihash w/ 100 million random entries uses 3.8 Gbytes. Change-Id: Icf925fdf99bce7d6ac407ac4edd30560b8f04808 Signed-off-by: Dave Barach <dave@barachs.net>
2018-02-21SCTP: minor refactorMarco Varlese5-31/+50
This patch adds some missing information in various debugging messages which can help with debugging state-machine and connection-tracking. It also renames some internal variable names for better code readibility. Change-Id: I68503fc0214300032f7514426c8b5b2b12edf11a Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2018-02-21Adj Delegates; don't store raw pointersNeale Ranns4-43/+37
... you'd think I'd have leanred by now... Change-Id: I65c54feb2ec016baa07ed96c81ab8f60277c3418 Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2018-02-20Fix reset the vlan flags when main interface is deleted.Steve Shin1-0/+2
The dot1q_vlans & dot1ad_vlans should be reset to 0 when main interface is deleted. Otherwise, VPP will crash if the same interface index is reused without attaching the sub interface on it. Change-Id: I484d4a8892ff4241a3a32b22189746193d5f2594 Signed-off-by: Steve Shin <jonshin@cisco.com>
2018-02-20SCTP: congestion controlMarco Varlese5-184/+251
This patch addresses the requirements depicted by section 7.1.1 and 7.1.2 of the RFC 4960. Specifically, it implements the Slow-start and Congestion-avoidance policies. The patch also took care of correctly implementing some 'formatting' functions required - for instance - in packet(s) tracing. Change-Id: I68eade1b30345de3acb3ac8a653a5ef76eb6d2ac Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2018-02-20vppinfra: CLIB_HAVE_VEC128 mandates SSE4.2Damjan Marion2-1/+3
Change-Id: I6511110d0472203498a4f8741781eeeeb4f90844 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-02-19Use neutral vector code for ethernet_frame_is_taggedDamjan Marion2-41/+43
Also it removes ethernet_frame_is_any_taged implemebntation which seems to be equally costly compared to two invocations of ethernet_frame_is_tagged. Change-Id: If1c95f8267cd34b807ec07e0d675cbd0db2fdf9f Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-02-19virtio: add missing tx lock when running multithreadedDamjan Marion3-0/+10
Change-Id: I373f429c53c6f66ad38322addcfaccddb7761392 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-02-19Adjacency Delegate updatesNeale Ranns7-157/+287
- Register new type (for use from puglins) - Memory for delegate is provided by delegate provider Change-Id: I5ece86b1fe84e3028a5c853871476c4ba015b2eb Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2018-02-17SCTP: 'multi-home' supportMarco Varlese6-186/+218
This patch addresses the SCTP requirement for multiple sub-connections to implement the so called 'multi-homed' scenario. Change-Id: Ibce18f216e9d2bebe318992c441bf278e16aad17 Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2018-02-16Adj: VFTs for adjacency sub-blocksOle Troan5-29/+69
Change-Id: I85602b0178315023bb512babdd5b7dd4263a322d Signed-off-by: Ole Troan <ot@cisco.com>
2018-02-16Allow providers to override glean behaviourNeale Ranns9-77/+110
and update glean address on local interface MAC change Change-Id: I530826d60c7e9db2b0fa2d45754139d82c5ea807 Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2018-02-16Minor VXLAN/GRE Tunnel Encap Optimization and CleanupJohn Lo4-37/+53
Change-Id: I62a2a6524b72115a4239fbd7dc9ac8fdc35e20ed Signed-off-by: John Lo <loj@cisco.com>
2018-02-15session: fix fifo allocation for empty connect seg-managersFlorin Coras1-1/+0
Change-Id: Ibc5b1149f3fbbe3dfe1f069ab69bfed7de660582 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-02-15Revert "Allow interface types to override glean adjacency behaivour"Ole Trøan9-95/+76
This reverts commit 8b30e471df4d42214619e1d6c50cc8298426b45f. Change-Id: I99edb236eb0a7f8ba3fba333c3481a710ebcb59c Signed-off-by: Ole Troan <ot@cisco.com>
2018-02-15Revert "Adj: VFTs for adjacency sub-blocks"Ole Trøan5-74/+29
This reverts commit a44b015aa012d3b07ed873925d47c6d5955b7dd2. Change-Id: I2d76bc0844f58e5ddf3f3a4326b86076f46e3751 Signed-off-by: Ole Troan <ot@cisco.com>
2018-02-15Adj: VFTs for adjacency sub-blocksOle Troan5-29/+74
Change-Id: I19390f87343bacea84b49fc5d08af38875fdafdd Signed-off-by: Ole Troan <ot@cisco.com>
2018-02-15SCTP: coverity warning fixMarco Varlese1-1/+5
Change-Id: I1f8a325eac2a9e2c825996f04026ae86259a7ddd Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2018-02-15Allow interface types to override glean adjacency behaivourNeale Ranns9-76/+95
update the glean adj on a local interface MAC change Change-Id: Ia5c5cde424ed0fea3431532cc5abf22b364bbab5 Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-02-15Optimize GRE Tunnel and add support for ERSPAN encapJohn Lo10-346/+691
Change GRE tunnel to use the interface type where the same encap node is used as output node for all GRE tunnels, instead of having dedicated output and tx node for each tunnel. This allows for more efficient tunnel creation and deletion at scale tested at 1000's of GRE tunnels. Add support for ERSPAN encap as another tunnel type, in addition to the existing L3 and TEB types. The GRE ERSPAN encap supported is type 2 thus GRE encap need to include sequence number and GRE- ERSPAN tunnel can be created with user secified ERSPAN session ID. The GRE tunnel lookup hash key is updated to inclue tunnel type and session ID, in addition to SIP/DIP and FIB index. Thus, GRE-ERSPAN tunnel can be created, with the appropriate session ID, to be used as output interface for SPAN config to send mirrored packets. Change interface naming so that all GRE tunnels, irrespective of tunnel type, uses "greN" where N is the instance number. Removed interface reuse on tunnel creation and deletion to enable unfied tunnel interface name. Add support of user specified instance on GRE tunnel creation. Thus, N in the "greN" interface name can optionally be specified by user via CLI/API. Optimize GRE tunnel encap DPO stacking to bypass load-balance DPO node since packet output on GRE tunnel always belong to the same flow after 5-tupple hash. Change-Id: Ifa83915744a1a88045c998604777cc3583f4da52 Signed-off-by: John Lo <loj@cisco.com>
2018-02-15session: avoid session handle conflict with vclFlorin Coras6-13/+63
Change-Id: I7f5a3b8d92ef07d60315bab6e560eba49ea07249 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-02-15SCTP: fix corrupted buffers seen in output nodeMarco Varlese4-44/+62
The issue observed in the output-node was actually caused by one of the input-node pushing buffers to the output node when not required. That is the case with the parsing/handling of incoming packets like the COOKIE_ACK, HEARTBEAT_ACK, DATA, SACK which do not require a response to be sent to the other peer. In all the mentioned cases the packets (buffers) need to be consumed and dropped instead of heading to the output-node. Change-Id: I3dcbe5de1cedb2ab8b06fff4364749b525cc7ac6 Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2018-02-15SCTP: refactoringMarco Varlese4-129/+97
This patch takes care of some refactoring, including the initialization of the timestamp to calculate the RTO, the output state-machine validation which can be enabled (disabled by default) when debugging and some clean-up of unused fields. It also addresses the requirement of Karn's algorithm when computing the RTO. Change-Id: I6b875152369bff23cad085708cec1f7e1151cfa8 Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2018-02-14Reenable dhcp client detect when lease expiresDave Barach1-1/+50
We disable the client detect feature when we bind a DHCP address. Turn it back on again when the lease expires. Otherwise, if the DHCP server replies after an outage, we'll never see the reply. Add dhcp packet tx counters, by packet type Change-Id: Id54b05647d5d7bd8d3ab99e6584ee86d9e4ff7f9 Signed-off-by: Dave Barach <dave@barachs.net>
2018-02-14session: support local sessions and deprecate redirectsFlorin Coras18-447/+1180
Memfd backed shared memory segments can only be negotiated over sockets. For such scenarios, the existing redirect mechanism that establishes cut-through sessions does not work anymore as the two peer application do not share such a socket. This patch adds support for local sessions, as opposed to sessions backed by a transport connection, in a way that is almost transparent to the two applications by reusing the existing binary api messages. Moreover, all segment allocations are now entirely done through the segment manager valloc, so segment overlaps due to independent allocations previously required for redirects are completely avoided. The one notable characteristic of local sessions (cut-through from app perspective) notification messages is that they carry pointers to two event queues, one for each app peer, instead of one. For transport-backed sessions one of the queues can be inferred but for local session they cannot. Change-Id: Ia443fb63e2d9d8e43490275062a708f039038175 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-02-14vxlan:remove interface recycle mechanismEyal Bari2-69/+11
vxlan interfaces no longer create tx nodes and are "cheap" to create and delete Change-Id: I7628d8ce86ec88609ed08162c94f5bc95df0d9f4 Signed-off-by: Eyal Bari <ebari@cisco.com>