summaryrefslogtreecommitdiffstats
path: root/src/vnet
AgeCommit message (Collapse)AuthorFilesLines
2021-05-26fib: During the mfib lookup set the unicast FIB index in the packet so that ↵Neale Ranns1-26/+28
a uRPF check on a for-us packet is done in the correct VRF Type: fix Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: Iafa6efea0d96962aa9136dccefc148a961f74476
2021-05-25srtp: basic implementation based on libsrtp2Florin Coras2-2/+3
Type: feature Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ic5e99938a5f130e83de6d590d2f89252d055bceb
2021-05-25interface: show if tx queue is sharedDamjan Marion1-4/+6
Type: improvement Change-Id: Idb48f835730db6c652c4b0e6ef310c7f36599a72 Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-05-21session: improve main thread connects rpcFlorin Coras2-18/+26
Avoid grabbing the worker barrier if there's no work to be done. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ice3de5df41cd1752aba3419ad2e2dd82f30e9bfb
2021-05-21bfd: use vnet cryptoKlement Sekera3-104/+43
Type: improvement Change-Id: I873a99c1258a97ed5ed195b9756e8302f865e7f0 Signed-off-by: Klement Sekera <ksekera@cisco.com> Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2021-05-21ipsec: Default the IPSec interface MTU to 9000Neale Ranns1-0/+1
Type: fix The same value is used for other tunnel types. Signed-off-by: Neale Ranns <neale@graphiant.com> Change-Id: I6593001918993d65f127cc9f716c95e932239842
2021-05-20gre: Walk IPv6 adjacencies during restackMatthew Smith1-2/+4
Type: fix If a GRE tunnel is created and the peer is not resolved yet and an IPv6 route is added which points to the tunnel, packets matching the route will be dropped. When the tunnel peer is resolved, adjacencies on the tunnel interface should be restacked and packets matching the route can be encapsulated and sent.. There is a loop that is intended to do this for both IPv4 and IPv6. The call to walk adjacencies is invoked in a "return" statement though. So the loop is exited and the function returns before IPv6 adjacencies are walked. Remove the return so the loop finishes. Change-Id: Ia4f695681713020209ea490ae4142857cea49c41 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2021-05-20tls svm: prealloc tcp fifo chunks before ssl writeFlorin Coras1-1/+3
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I7c47b55ec6f0c83f2d13e0e737d0559a32f7c837
2021-05-20session: fix transport half-open cleanup callFlorin Coras1-1/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I47d241a8f2f9e9d0761d14dcddd3327c3b28932c
2021-05-19session: cleanup event llist usageFlorin Coras3-41/+27
Type: refactor Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I750c856ac81d951e8c0e62c710e0f35a0c80d6f9
2021-05-19session: fix session queue node access on disableFlorin Coras1-1/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ie4e3623e7e00456437fac5fb8f9c9083f1aa2a2e
2021-05-19interface: shared tx queue supportDamjan Marion2-4/+7
Type: improvement Change-Id: I6bb7b6d6bd63b044952ab981be5b0673144c9834 Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-05-18tls: fix dtls with no workersFlorin Coras4-10/+22
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Iecc33fda7f28c037289775ffe0525a50f89a2b8c
2021-05-18session: poll main thread if pending connectsFlorin Coras3-48/+76
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ie8a15c50531f3ccd5f91dbc0779e4d9c0d146844
2021-05-18session: only handle old ctrl events per dispatchFlorin Coras1-6/+12
Avoids dispatching ctrl events generated while handling the current pending list. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ibeaf901ba4cf58a68fbd88e5ec3c23f6c2f6f145
2021-05-18session: move tx-buffers to tx ctxFlorin Coras2-16/+14
Type: refactor Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I10ec410fb7f3acb47128dda23510162dc13b20d0
2021-05-17virtio: add the checks for descriptors chain lenMohsin Kazmi1-0/+23
Type: fix virtio uses indirect descriptors for chain buffers. indirect descriptor chain is mapped on a vlib_buffer_t. Single descriptor is 16 bytes and vlib_buffer_t has 2048 bytes space. So maximum long chain can have 128 (=2048/16) indirect descriptors. This patch adds check to make sure descriptors chain len should not exceed 128. Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I060cfb7709568f42c9b5634527172690ce66a1a3
2021-05-16session: rpc for connects to mainFlorin Coras3-5/+88
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ifa47e1500e5cfb3c717f87b1d21131b9531c9005
2021-05-15session: fix coverity warningFlorin Coras1-1/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I24484a5192d7e683507ed640f75fb37914c0efb0
2021-05-14tcp: remove ho lockFlorin Coras3-13/+0
Half-open sessions are allocated by main thread and cleaned up on main with timers. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I37f000920a45908b62b5501ae9d54a88a9e4c609
2021-05-14vlib: pass node runtime to vlib_buffer_enqueue_to_thread()Damjan Marion7-16/+12
Mechanical change for patch following this one... Type: improvement Change-Id: Iee12f3a8851f35569e6c039494a94fc36e83d20f Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-05-14interface: fix converity in update_runtime_dataMohammed Hawari1-1/+1
Change-Id: I59eb41516b5e052109428ae70660ed49126c25bb Type: fix Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
2021-05-14interface: update tx queue runtime if vector size changesDamjan Marion1-1/+5
Fixes issue which causes crash in case when VPP only runs with main thread. Type: fix Change-Id: Ia0ca973bb7e7ff81f15b37764ae248e2502bdcec Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-05-14session: switch ct to vc and track half-opensFlorin Coras5-77/+220
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I7f9c4b9b6e523ab549087ad21724f34f08fca793
2021-05-14tls: switch dtls to vc and track half-opensFlorin Coras4-14/+132
Also adds support for half-open support transport migration. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Id04c194138956336f93246bbed0332a7030c67e2
2021-05-13interface: fix tx queue runtime updateDamjan Marion1-0/+2
Type: fix Change-Id: I5ce7e57ae277de26af602fe786048bf21b8612f8 Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-05-13tests: move test source to vpp/testDave Wallace22-10139/+0
- Generate copyright year and version instead of using hard-coded data Type: refactor Signed-off-by: Dave Wallace <dwallacelf@gmail.com> Change-Id: I6058f5025323b3aa483f5df4a2c4371e27b5914e
2021-05-12flow: fix vxlan vni convert bugChenmin Sun1-2/+2
This patch fixes a vxlan vni field conversion bug in flow api layer Type: fix Signed-off-by: Chenmin Sun <chenmin.sun@intel.com> Change-Id: I37b2ffb54792f48b390ff42da577db2c4869d253
2021-05-12tls: switch to vc service and track half-open sessionsFlorin Coras7-19/+78
Half-open tls sessions are now tracked by the app worker and are cleaned up only when tcp cleans up its half-open session, i.e., independent of when the established tls context is allocated. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: If5d594d7095192dd527daf4ea1358ffeccdfcc7a
2021-05-12session: return connect session handle to appFlorin Coras6-32/+36
App transports not supported for now. Will have to be updated individually. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I75cb6c4e1c5af008af72858a9ee573016812abd4
2021-05-12session: support half-close connectionliuyacan9-5/+139
Some app(e.g. Envoy) may call shutdown() instead of close() when draining connection. Type: improvement Signed-off-by: liuyacan <liuyacan@corp.netease.com> Change-Id: I9543b9ca3caa87b10b134fd1fc4019124e41e4d2
2021-05-11ip: ensure ttl doesn't decrease to 0 when puntingAloys Augustin1-0/+2
Change-Id: I248ef12fd34ea2a1c383fbcc530a8ffeb31ba92b Type: fix Signed-off-by: Aloys Augustin <aloaugus@cisco.com>
2021-05-11interface: tx queue infraDamjan Marion10-50/+485
Type: improvement Change-Id: I415b2f980de10ca3154d2c8677c24792453eccd0 Signed-off-by: Damjan Marion <damarion@cisco.com>
2021-05-10misc: fix crash in lawful intercept CLIhemant_mnkcg1-6/+6
Type: fix Signed-off-by: hemant_mnkcg <hemant@mnkcg.com> Change-Id: I097815617053dac09de7ad3092b3d3071770114f
2021-05-10session: use half-open sessions for vc establishmentFlorin Coras9-119/+126
Use half-open sessions to track virtual circuit connection establishment. These sesssions can only be allocated and freed by the thread that allocates half-open connections (main). Consequently, they can only be freed on half-open cleanup notifications from transports. Goal is to simplify state tracking within the session layer but it's also a first step towards allowing builtin apps to track and cleanup outstanding connects. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I8a535906d13eb7f8966deb82333839de80f8049f
2021-05-10gso: fix the gro coalesced chain lenMohsin Kazmi1-1/+2
Type: fix Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I86b940384a6898d4cb04f3decf30996c94b43d07
2021-05-08vhost: low performance in interrupt mode in some casesSteven Luong1-35/+19
When vhost and another interface, say tap, are configured for interrupt mode, performance number may be very low from vhost. Further analysis discovers that when vhost posts an interrupt to the RX infra, there is a 10 msec delay in waking up its input routine. The delay is due to vhost posts the interrupt from the main thread which tries to wake up the worker thread. The fix is for vhost to move the posting interrupt call to the corresponding input worker thread by calling vnet_hw_if_set_rx_queue_file_index() to set it up. While at it, streamline the function vhost_user_kickfd_read_ready() since it will be called from the worker thread. Type: fix Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I9beedcd33e1558c8335da4ee7fadc51c29ee4589
2021-05-07session: connects seg manager is always firstFlorin Coras4-79/+23
By convention, connects segment manager will be first. Therefore it will be the one with the first segment wherein lies the app's message queue. Saves us the trouble of allocating it on first connect, if app started by listening, and we no longer need to track if it's assignable to a listener or if it can be removed. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Iba9a8ffaab618eeb41ec2144dcfee62d006dc7a2
2021-05-06vlib: rename vl_counter_t to vlib_error_desc_tOle Troan1-1/+1
Type: improvement Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: I368b0410db2d633d3c52199c840e24d21952c1b4
2021-05-06memif: add severity to countersOle Troan2-4/+4
Also rename counters in stat segment to make them more filesystem friendly. Type: improvement Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: I8a3f3ec318931f5475fcb181f8b4a079a1fa4b9c Signed-off-by: Ole Troan <ot@cisco.com>
2021-05-06vlib: fix the offload flags sizeMohsin Kazmi11-33/+35
Type: fix Change-Id: I433fe3799975fe3ba00fa30226f6e8dae34e88fc Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2021-05-05vlib: move offload flags to 1st cacheline in vlib_buffer_tMohsin Kazmi8-19/+18
Type: improvement Some tests i.e. ipsec see performance regression when offload flags are moved to 2nd cacheline. This patch moves them back to 1st cacheline. Change-Id: I6ead45ff6d2c467b0d248f409e27c2ba31758741 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2021-05-05misc: ipfix process node wait time adjustmentMatthew Smith2-3/+15
Type: fix The ipfix process node has a hardcoded 5s sleep between sending packets. The interval between template packets is configurable, but the timing of packets being sent does not match configuration because of the time being hardcoded. E.g. - With template interval set to 3s, a packet will be sent every 5s. With template interval set to 8s, a packet will be sent every 10s. Honor the configuration by reducing the wait time to less than 5s if a template will need to be sent less than 5s from the current time. Change-Id: I8c11f7bc502ce5b20b6e82a7e7a135a8805a2bad Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2021-05-05crypto crypto-openssl: support hashing operationsFilip Tehlar2-15/+52
Type: feature Change-Id: I36041fe5c5f0ff129aee42516189807e96f62123 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2021-05-05tcp: cleanup rcv-process and bulk buffer translationFlorin Coras1-141/+160
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I2ca8a5e30e55a84d4567422e4b7fcf90830921d3
2021-05-05tcp: cleanup listen node and bulk buffer translationFlorin Coras1-41/+48
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I2d11b1411a7653b94fddd889a5f28640c5f5566c
2021-05-05tcp: cleanup syn-sent and bulk buffer translationFlorin Coras1-112/+124
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Idb286e77a877a6a60aa532263277f002fc002e48
2021-05-04tcp: cleanup established and bulk buffer translationFlorin Coras1-29/+28
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Ic37f640b7f0d0a041c003e76c8f29c21b5e664b3
2021-05-04virtio: add simple drop counter for interfaceMohsin Kazmi1-30/+33
Type: improvement Change-Id: I4ac6b1a6553e26a5c26b6761fa3c4cc5d4925486 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2021-05-04virtio: fix the interruptMohsin Kazmi3-162/+202
Type: fix virtio/tap interfaces set the empty buffers in the input node for receiving data. Backend uses those buffers, fills them with data and notifies the virtio/tap driver. But virtio/tap driver gets into stall state if interface is created and configured through exec script on VPP startup.conf and put the interface in interrupt mode while VPP is only configured with main thread. This patch fixes the problem by prefilling buffers during the interface creation. Change-Id: Ibc4d0e70e127ccc4b7cf8b2b18406ae4b02c73b4 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>