Age | Commit message (Collapse) | Author | Files | Lines |
|
Change-Id: Idddb60bbc7fcc701d39212f6422a6b2f6dc75221
Signed-off-by: Florin Coras <fcoras@cisco.com>
(cherry picked from commit cba3675fabe618194bf80a9de0e9c53b89a541ca)
|
|
This patch addresses the need to handle out-of-order data chunks
received by a peer. To do that effectively, we had to add the handling
of data chunks flags (E/B/U bit) to understand whether the stream is
fragmenting user-message data and in that case if a fragment is the
FIRST/MIDDLE/LAST one of a transmission.
The same patch also addresses the security requirement to have a HMAC
calculated and incorporated in the INIT_ACK and COOKIE_ECHO chunks. The
algorithm used is the HMAC-SHA1.
Change-Id: Ib6a9a80492e2aafe5c8480d6e02da895efe9f90b
Signed-off-by: Marco Varlese <marco.varlese@suse.com>
|
|
Change-Id: Ic5dcadd13c88b8a5e7896dab82404509c081614a
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Prior to this commit, the VXLAN "create" API assumed
the vrf_id belonged to only the IPv4 FIB tables space.
With this commit, the FIB table is found in either the
IPv4 or IPv6 table as determined by the is_ipv6 flag.
This follows the same pattern that was already being
done in the CLI code for the VXLAN "create" command.
Change-Id: I35d5e37db24efa858e4696dc2c004fa64bb4a4a8
Signed-off-by: Jon Loeliger <jdl@netgate.com>
|
|
Rather than having multiple copies of the same function
scattered around, promote the function into the FIB
PROTOCOL definitions in fib_types.h.
Change-Id: I11c4d85931167d3a5f3dc1278afecc8845b23cd7
Signed-off-by: Jon Loeliger <jdl@netgate.com>
|
|
Fixed a typo in tcp_push_header(). The typo only kicks in when the macro
VLIB_BUFFER_TRACE_TRAJECTORY is enabled.
Change-Id: I62832a4932ec5b14e3063d5eac113780851aae59
Signed-off-by: Steven <sluong@cisco.com>
|
|
Change-Id: I670e41bcfc61a45555431603c937f8dad4d165e9
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
a crash on debug image (VPP-1151)
In debug image, there is extra code to validate the buffer when it is
freed. It uses the hash table to lookup the buffer index with spinlock
to prevent contention. However, there is one spinlock for each worker
thread. So allocating the buffer on thread-x and freeing the same buffer
on thread-y causes the validation to fail on thread-y. The fix is to
have only one spinlock, stored in vlib_global_main.
Change-Id: Ic383846cefe84a3e262255afcf82276742f0f62e
Signed-off-by: Steven <sluong@cisco.com>
(cherry picked from commit a7effa1b072463f12305a474f082aeaffb7ada4b)
|
|
now we get
00:00:03:665501: pg-input
...
00:00:03:665681: ethernet-input
...
00:00:03:665691: ip6-input
UDP: 2001::1 -> ffef::1
tos 0x00, flow label 0x0, hop limit 64, payload length 108
UDP: 1234 -> 1234
length 108, checksum 0x7b25
00:00:03:665695: ip6-not-enabled
UDP: 2001::1 -> ffef::1
tos 0x00, flow label 0x0, hop limit 64, payload length 108
UDP: 1234 -> 1234
length 108, checksum 0x7b25
00:00:03:665706: error-drop
ethernet-input: no error
Same goes for IPv4
Change-Id: Ia360df39b43281d3a0aa1b686f04b73cfa37c546
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
This patch addresses the missing field in various data-structures to
track valuable information to implement the congestion-control
algorithms and manage sub-connections states.
It adds the possibility to queue up to 2 SACKs chunks when the connection
is not gapping.
At the same time, it pushes some variable/field renaming for better
readibility.
Change-Id: Idcc53512983456779600a75e78e21af078e46602
Signed-off-by: Marco Varlese <marco.varlese@suse.de>
|
|
Add an SELinux profile such that VPP can run under SELinux on RPM based
platforms. The SELinux Policy is currently only implemented for RPM
packages, specifically, Fedora, CentOS and RHEL. Doxygen User
Documentation has been included (selinux_doc.md). Once some discussion
on file locations has completed (see vpp-devlist), updates to the Debug
CLI documentation will also need to be updated.
Additional changes:
Patch Set 2:
- Rework selinux_doc.md such that each line is only 80 characters
instead of each sentence on a line. Made additonal minor chnages
to the text.
- Update vHost Debug CLI documentation to reflex new socket location.
Cleaned up some text from when I originally wrote it, to better
reflex proper use.
- Update exec Debug CLI documentation to be more inline with suggested
helptext, added text regarding recommended script file location.
- For Debian builds, create the /var/log/vpp/ directory. I don't use
Debian very much, so please pay extra attention to
build-data/platforms.mk and build-root/deb/debian/.gitignore.
- Per discussion on VPP call, changed the default log location to
/var/log/vpp/vpp.log.
- Changed the socket location for vHost in AutoConfig to
/var/run/vpp/.
Patch Set 3:
- Update selinux_doc.md based on comments.
Change-Id: I400520dc33f1ca51012d09ef8fe5a7b7b96c631e
Signed-off-by: Billy McFall <bmcfall@redhat.com>
|
|
returned in the fixup function
Change-Id: I458e6e03b03e27775df33a2fd302743126d6ac44
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I1df3d23c1c5668b83d52b41f51c0e3f24183af9e
Signed-off-by: Vijayabhaskar Katamreddy <vkatamre@cisco.com>
|
|
Change-Id: If0f8472c0de5e324b24c9c672c0f8b57cc9f49a8
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
|
|
Change-Id: I68933d709ce9cc686ba06466e136434b663920ef
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I5c404eacb4a6c1e16485a6656168d9171ff49a8b
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: If421bad17b6cfe8e321257c93bb38931e37d7b64
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
This consolidates builtin apps under session-apps folder. It also
removes duplicate builtin echo server/client implementations.
Change-Id: I75ed879399c5aa9b75b1eb38b33aedf69dd8df3f
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
- update segment manager and session api to work with both flavors of
ssvm segments
- added generic ssvm slave/master init and del functions
- cleanup/refactor tcp_echo
- fixed uses of svm fifo pool as vector
Change-Id: Ieee8b163faa407da6e77e657a2322de213a9d2a0
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
== CONTENT ==
* SCTP chunks definition as per RFC4960;
* Helper functions to set/get values to/from the corresponding chunks;
* Hooks to the session/application layers;
* Complete state-machine handling;
* Implementation for unexpected chunk received in a certain
state (state-machine error handling)
* Support for 1-single connection;
* Sample application to test receive/transmit data-path;
* Test to validate SCTP stack;
Change-Id: I1b55c455ab400be9513f4e094dadfc3181d2ebc9
Signed-off-by: Marco Varlese <marco.varlese@suse.com>
|
|
now we get:
00:00:04:288925: pg-input
...
00:00:04:289345: ethernet-input
...
00:00:04:289524: ip6-input
...
00:00:04:289553: ip6-mfib-forward-lookup
...
00:00:04:289584: ip6-mfib-forward-rpf
entry 14 itf 2 flags Forward,
00:00:04:289754: ip6-drop
UDP: 2002::1 -> ff01:2::255
tos 0x00, flow label 0x0, hop limit 64, payload length 21
UDP: 1234 -> 1234
length 21, checksum 0x90d1
00:00:04:289802: error-drop
ip4-input: Multicast RPF check failed
08:36:44,517 Count Node Reason
182 ip4-input Multicast RPF check failed
8 ip6-icmp-input neighbor advertisements sent
8 ip6-icmp-input router advertisements sent
8 arp-input ARP replies sent
Change-Id: I1b29cda4ec77a88db45bfb25c7473cd64bbf501a
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Modify interface creation to allow creation of tunnel interfaces
without dedicated per tunnel output and tx nodes which are not
used for most tunnel types. Also changed interface-output node
function vnet_per_buffer_interface_output() so it does not rely
on hw_if_index as the next node index which is not flexible nor
efficient for large scale tunnel interfaces.
The improvenemts are done for VXLAN, VXLAN-GPE, GENEVE and GTPU
tunnels. GRE tunnel is still using per tunnel output nodes which
will be changed in a separate patch with other GRE enhencements.
Change-Id: I4123c01c0d2ead814417a867adb8c8a407e4df55
Signed-off-by: John Lo <loj@cisco.com>
|
|
Change-Id: I4a3a6803083f3d707351440486bba59d8194339f
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
DISCOVER message sent.
According to RFC2131:
In the case of a client using DHCP for initial configuration (before
the client's TCP/IP software has been completely configured), DHCP
requires creative use of the client's TCP/IP software and liberal
interpretation of RFC 1122. The TCP/IP software SHOULD accept and
forward to the IP layer any IP packets delivered to the client's
hardware address before the IP address is configured; DHCP servers
and BOOTP relay agents may not be able to deliver DHCP messages to
clients that cannot accept hardware unicast datagrams before the
TCP/IP software is configured.
To work around some clients that cannot accept IP unicast datagrams
before the TCP/IP software is configured as discussed in the previous
paragraph, DHCP uses the 'flags' field [21]. The leftmost bit is
defined as the BROADCAST (B) flag. The semantics of this flag are
discussed in section 4.1 of this document. The remaining bits of the
flags field are reserved for future use. They MUST be set to zero by
clients and ignored by servers and relay agents. Figure 2 gives the
format of the 'flags' field.
this changes means VPP conforms to the:
"SHOULD accept and forward to the IP layer any IP packets delivered
to the client's hardware address before the IP address is configured"
with the caveat that VPP allows DHCP packets destined to the stanard client
DHCP port to be delivered. With this enhancement the control-plane is now
able to choose the setting of the broadcast flag.
Change-Id: Ia4eb2c9bb1e30c29f9192facc645e9533641955a
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
This is a version of the VPP API generator in Python PLY. It supports
the existing language, and has a plugin architecture for generators.
Currently C and JSON are supported.
Changes:
- vl_api_version to option version = "major.minor.patch"
- enum support
- Added error checking and reporting
- import support (removed the C pre-processor)
- services (tying request/reply together)
Version:
option version = "1.0.0";
Enum:
enum colours {
RED,
BLUE = 50,
};
define foo {
vl_api_colours_t colours;
};
Services:
service {
rpc foo returns foo_reply;
rpc foo_dump returns stream foo_details;
rpc want_stats returns want_stats_reply
events ip4_counters, ip6_counters;
};
Future planned features:
- unions
- bool, text
- array support (including length)
- proto3 output plugin
- Refactor C/C++ generator as a plugin
- Refactor Java generator as a plugin
Change-Id: Ifa289966c790e1b1a8e2938a91e69331e3a58bdf
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
address area
This patch fixed the VMA leak that if mapping one of guest physical address area get failed.
Change-Id: I07b0b9a932209561d6ff2b2dd08a111ea5db2209
Signed-off-by: Haiyang Tan <haiyang.tan.dev@gmail.com>
|
|
unified some code from IPv4/6 pathes
replaced unrolled rewrite copy with simple assignment
refactored stats handling
was not tested for performance
Change-Id: I00aeb9dd5b72584e6606e1a076e5c8270389aaa4
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
On deleting sub-interfaces, functions vnet_delete_sub_interface()
and vnet_delete_hw_interface() are not cleaning up sub-interface
related hash tables and memory properly.
Change-Id: I17c7c4b2078c062c77bfe48889beb677610035ca
Signed-off-by: John Lo <loj@cisco.com>
(cherry picked from commit 7f5bec647c9dc743c015d461d040e63a77fd0a08)
|
|
Change-Id: I4e2804754b443f5f41fb25eed8334908c4a70f84
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I76fd655ecd9445299b94b3b5af10e7b1588584e4
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
forwarding provided by the source is pushed to all other entries
it covers in the sub-tree
Change-Id: I2a45222ef653358f55c2436de3e3c6353cfadba2
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
This happens when 2 packets belonging to 2 different interfaces hit
dual loop in the ethernet-input. Packets go to slow path which doesn't
set l2 hdr offset correctly for l3 packets.
Change-Id: I61d87c079db0b2e21f8af6f6b600bff14030535d
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: Ib0d0b663bf71ce52ead2f81140c710f31f040f89
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Buffers may be allocated for indirect descriptors by tx thread and
they are freed when tx thread is invoked in the next invocation.
This is to allow the recipient (kernel) to have a chance to process
them. But if the tap interface is deleted, the tx thread may not yet
be called to clean up the indirect descriptors' buffers. In that case,
we need to remove them without waiting for the tx thread to be called.
Failure to do so may cause buffers leak when the tap interface is deleted.
For the RX ring, leakage also exists for vring->buffers when the interface
is removed.
Change-Id: I3df313a0e60334776b19daf51a9f5bf20dfdc489
Signed-off-by: Steven <sluong@cisco.com>
(cherry picked from commit d8a998e74b815dd3725dfcd80080e4e540940236)
|
|
Change-Id: I58598f18b9af70e580be4d28a0c40ec0ffcd5dca
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: Icde296e956eb89ea3a17d547f04a833916ec6440
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Improve "show xxx tunnel" output functions format_xxx_tunnel() for
GRE, VXLAN, VXLAN-GPE, GENEVE and GTPU tunnels to make their output
more consistent and provide better information.
Improved the output of "show int addr" to make its info more
consistent with tunnels and provide fib-index info.
Change-Id: Icd4b5b85a5bec417f8ee19afea336c770ad3b4c5
Signed-off-by: John Lo <loj@cisco.com>
|
|
Fixes the remainig apis that explicitly check svm queue length.
Change-Id: I6055c7c50050affee3098e162e15fb12c205e5db
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I94c7315558ccc9f3d4bcdefd09a696234bc56227
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
This does not update api client code. In other words, if the client
assumes the transport is shmem based, this patch does not change that.
Furthermore, code that checks queue size, for tail dropping, is not
updated.
Done for the following apis:
Plugins
- acl
- gtpu
- memif
- nat
- pppoe
VNET
- bfd
- bier
- tapv2
- vhost user
- dhcp
- flow
- geneve
- ip
- punt
- ipsec/ipsec-gre
- l2
- l2tp
- lisp-cp/one-cp
- lisp-gpe
- map
- mpls
- policer
- session
- span
- udp
- tap
- vxlan/vxlan-gpe
- interface
VPP
- api/api.c
OAM
- oam_api.c
Stats
- stats.c
Change-Id: I0e33ecefb2bdab0295698c0add948068a5a83345
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Poster-child: 8.8.8.8 resolving mag.ncep.noaa.gov
Change-Id: I600cd0274b9017e9c91817511d3d3366f0bd02b9
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: Ib99058323c50f20fcdb44185aee027c5c6ef8c91
Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
|
|
At least when testing against "known good" DNS servers: it turns out
that sending 2x requests - one for an A-record and another for a
AAAA-record - seems to work better than sending a single DNS_TYPE_ALL
request.
Fix c-string vs. u8 vector mistakes. Fix server failover.
Change-Id: I26554f0a9c1744376f21372506ebec8658e351e2
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
provide one label stack per fib_table_entry_path_add2 call. otherwise multiple mheap releases take place.
Change-Id: I475ca1b801fc85dddda0b540c69ad628a274df7f
Signed-off-by: Pablo Camarillo <pcamaril@cisco.com>
|
|
Packets with a SR policy of one SID list create a malformed packet.
Outer IPv6 header points to a routing extension header that does not
exist since the SID list contains only one SID.
Change-Id: I1effee0457453bab95706a8a24fdabfbd843d5b7
Signed-off-by: Pablo Camarillo <pcamaril@cisco.com>
|
|
- separate client/server code for both memory and socket apis
- separate memory api code from generic vlib api code
- move unix_shared_memory_fifo to svm and rename to svm_fifo_t
- overall declutter
Change-Id: I90cdd98ff74d0787d58825b914b0f1eafcfa4dc2
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Follow up fix - vl_api_gre_add_del_tunnel_t_handler should pass
outer_fib_id from API message to vnet_gre_add_del_tunnel() and
not convert it to fib_index, since vnet_gre_add_del_tunnel()
already perform the lookup to get fib_index from fib_id.
Change-Id: I24967a97f82ce018ddef596e556bd3eb1706cb63
Signed-off-by: John Lo <loj@cisco.com>
|
|
- rename l2_bridged to is_dvr. Including on the ip.api
this was new in the 18.01 release so no compatability issues.
- steal the free space in vnet_buffer_opaque_t for use with flags.
- run the ipX-output feature arc from the DVR DPO
Change-Id: I040e5976d1dbe076fcdda3a40a7804f56337ce3f
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: Ie291468ea9d05c47cefe39c4ff7fea3e016bacf2
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: Iddd754d00ace3d042336e5c2c40431566275051a
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
|