summaryrefslogtreecommitdiffstats
path: root/src/vnet
AgeCommit message (Collapse)AuthorFilesLines
2019-05-30IPsec: modify post-decrypt buf len calculationMatthew G Smith1-2/+2
For tunnel mode, after decryption the buffer length was being adjusted by adding (iv length + esp header size). Subtract it instead. Required for BFD to work on an IPsec tunnel interface. BFD verifies that the amount of received data is the expected size. It drops the packet if the buffer metadata says that the packet buffer contains more data than the packet headers say it should. Change-Id: I3146d5c3cbf1cceccc9989eefbc9a59e604e9975 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2019-05-30mpls: leverage vlib_buffer_advanceZhiyong Yang1-7/+4
Change-Id: I363a4444f4d296f04371acd65c702b1a1ce70913 Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
2019-05-30osi_input: leverage vlib_buffer_get_currentZhiyong Yang1-3/+3
Change-Id: Ib9297b712ff7d08bf085fb0b6c9e6ffd83c5fa57 Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
2019-05-29ipsec: fix perf issue in esp_aad_fillDamjan Marion1-4/+7
Type: fix Fixes: 47feb11 Change-Id: I6b3b97cd361eef19c910c14fd06edb001a4c191b Signed-off-by: Damjan Marion <damarion@cisco.com>
2019-05-29vxlan-gbp: prefetch encap header memory areaZhiyong Yang1-66/+70
This patch helps save 4.1 clocks/pkt from 62.9 to 58.8 clocks/pkt on Skylake. Change-Id: I749a88a8fa6c78243441a89d6afcd04f106af3da Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
2019-05-28l2tp: l2tp-decap-local don't accept packets unless configuredJakub Grajciar3-10/+10
Change-Id: I2e48eb772dc44912192d0684b8ee631d8d975e9e Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
2019-05-28ipsec: ah_encrypt reworkFilip Tehlar1-194/+280
call crypto backend only once per node call Change-Id: I0faab89f603424f6c6ac0db28cc1a2b2c025093e Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2019-05-28Punt: socket register for exception dispatched/punted packets based on reasonNeale Ranns14-802/+1482
- add to the Punt API to allow different descriptions of the desired packets: UDP or exceptions - move the punt nodes into punt_node.c - improve tests (test that the correct packets are punted to the registered socket) Change-Id: I1a133dec88106874993cba1f5a439cd26b2fef72 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-05-28Add an ip6 local hop-by-hop protocol demux tableDave Barach3-22/+341
Add a minimal ip6 hbh header processing test. ioam plugin: use ip6_local_hop_by_hop_register_protocol() in udp_ping_init(). Please test the ioam plugin udp_ping path AYEC, so I can publish the patch. Change-Id: I74e35276d6c38c31022026cfd238fad5e4a54485 Signed-off-by: Dave Barach <dave@barachs.net>
2019-05-28gre: don't register gre input nodes unless a gre tunnel is createdJakub Grajciar2-3/+4
Change-Id: Id5c0f420e32e0504cea660fed2013f3ad28088aa Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
2019-05-28tap: crash in multi-thread environmentMohsin Kazmi3-5/+4
In tap tx routine, virtio_interface_tx_inline, there used to be an interface spinlock to ensure packets are processed in an orderly fashion clib_spinlock_lock_if_init (&vif->lockp); When virtio code was introduced in 19.04, that line is changed to clib_spinlock_lock_if_init (&vring->lockp); to accommodate multi-queues. Unfortunately, althrough the spinlock exists in the vring, it was never initialized for tap, only for virtio. As a result, many nasty things can happen when running tap interface in multi-thread environment. Crash is inevitable. The fix is to initialize vring->lockp for tap and remove vif->lockp as it is not used anymore. Change-Id: I82b15d3e9b0fb6add9b9ac49bf602a538946634a Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> (cherry picked from commit c2c89782d34df0dc7197b18b042b4c2464a101ef)
2019-05-28snap_input: simplify code using existing functionsZhiyong Yang1-11/+6
Change-Id: Ia0cadebab8b800e34e9574601cdebee5ca90cc6a Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
2019-05-28llc_input: simplify code using existing functionsZhiyong Yang1-11/+6
Change-Id: I3906adf9aa20b4221eeb7a8b5b353c6f0cb32d04 Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
2019-05-28hdlc_input: simplify code using existing functionsZhiyong Yang1-10/+6
Change-Id: I527b7e43dfba05eab12591e193f07f5036e33f56 Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
2019-05-27IPIP tunnel: use address types on APINeale Ranns2-46/+48
Change-Id: Ida6a8f96bd858246e993250087bed45e7084ede1 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-05-27virtio: Add gso support for native virtio driverMohsin Kazmi5-7/+77
Change-Id: I7b735f5a540e8c278bac88245acb3f8c041c49c0 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2019-05-27geneve: encap performance enhancementZhiyong Yang1-58/+53
This patch can help save 2.7 clocks/pkt from 51.5 to 48.5 clocks/pkt on Skylake server. Change-Id: I10173c8a147a0e54f925c7841c26f133eb75cbed Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
2019-05-27rewrite vnet_interface_output_node_inline_gsoZhiyong Yang1-59/+47
1. Using vlib_get_buffers replaces original logic. 2. Simplify some implementation. Change-Id: I46cd3487c1d3289074d9dff22aa384688be326dd Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
2019-05-27tcp: handle disconnects in rcv-processFlorin Coras1-0/+1
Change-Id: I005f96480e81f3e750c18261e78d0e401da7528e Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-05-25tcp: handle fin+rst in same frameFlorin Coras1-1/+8
Change-Id: Ie7a6c7b92a6beeb356f01384216a4982fb3d420e Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-05-24vxlan-gpe: improve encap performanceZhiyong Yang1-46/+41
This patch improves performance by prefetching encap header area and taking full advantage of optimized function vlib_get_buffers. After applying the patch, the function vxlan_gpe_encap can save 4.1 clocks/pkt from 41.7 to 37.6 clocks/pkt on Skylake. Change-Id: I85d486b21a2524d64f2e246dfb4183539ec2532d Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
2019-05-24ip4/6-reassembly fixesVijayabhaskar Katamreddy2-2/+11
When multichained fragments comes into reassembly, followed by buffer Linearization or dropping the buffer for other reasons inbetween disturbs the multichained mbuf linking. When packet is transmitted, followed by freeing of the buffers, woudl result in double free and packet corruptions Change-Id: Ib5711d54e61fdd6a67deb30dad0b2a14afb9c2da Signed-off-by: Vijayabhaskar Katamreddy <vkatamre@cisco.com>
2019-05-24Tap: Fix the indirect buffers allocation VPP-1660Mohsin Kazmi4-48/+61
Indirect buffers are used to store indirect descriptors to xmit big packets. This patch moves the indirect buffer allocation from interface creation to device node. Now it allocates or deallocates buffers during tx for chained buffers. Change-Id: I55cec208a2a7432e12fe9254a7f8ef84a9302bd5 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> (cherry picked from commit 55203e745f5e3f1f6c4dbe99d6eab8dee4d13ea6)
2019-05-24Remove historical ip4 icmp OAM codeDave Barach1-0/+7
Add a registration overwritten warning to ip4_icmp_register_type(...) Change-Id: I6c2aabdb979b54ec49e827225acc74559ac4caab Signed-off-by: Dave Barach <dave@barachs.net>
2019-05-23Fix vpp crash bug while deleting dhcp clientjackiechen19851-1/+1
We must do lock fib while vrf id ~0, otherwise it crashes while unlocking fib. Change-Id: Iec9754ccd67634a132bc5384a4f796d4a65943ae Signed-off-by: jackiechen1985 <xiaobo.chen@tieto.com>
2019-05-23Optimize codejackiechen19851-9/+4
Replace enqueue code with marcro vlib_validate_buffer_enqueue_x1 Change-Id: I4b454b1d73fa5adbaf5f40cf45dc8975878ac93b Signed-off-by: jackiechen1985 <xiaobo.chen@tieto.com>
2019-05-22fix show session verbose crash with udp transportDave Wallace1-0/+2
Type: fix Change-Id: Ib3a2777317f8c57e91ce43820ad7ca5d10ac8677 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2019-05-22new_log2_pages may increase 2dongjuan1-1/+0
when try_resplit Signed-off-by: dongjuan <dong.juan1@zte.com.cn> Change-Id: I3ebbe7d2d11453700503df7f3be549781d8b73a7
2019-05-22vxlan-gpe: fix CLI document errorZhiyong Yang1-3/+3
Change-Id: Id95fd604ed181a2f70c24e2c8cc4321755b7ba7f Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
2019-05-22stats: support multiple works for error countersOle Troan4-50/+0
The current code only allowed access to the main thread error counters. That is not so useful for a multi worker instance. No return a vector indexed by thread of counter_t values. Type: fix Change-Id: Ie322c8889c0c8175e1116e71de04a2cf453b9ed7 Signed-off-by: Ole Troan <ot@cisco.com>
2019-05-21geneve_input: leverage vlib_get_buffersZhiyong Yang1-12/+11
vlib_get_buffers helps save 1.4 clocks/pkt from 34.6 to 33.2 clocks/pkt on Skylake. Change-Id: I741d10d20373f12d30ec8b04ad8c7444ffb42246 Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
2019-05-20IPSEC: rename default backendNeale Ranns1-2/+2
Change-Id: I3a4883426b558476040af5b89bb7ccc8f151c5cc Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-05-20reassembly: prevent long chain attackKlement Sekera8-13/+86
limit max # of fragments to 3 per packet by default add API option to configure the limit at runtime Change-Id: Ie4b9507bf5c6095b9a5925972b37fe0032f4f9e8 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2019-05-20bonding: clean up redundant codeZhiyong Yang1-55/+44
1. remove unnecessary cast for void * pointer. 2. remove the unused input parameter. Change-Id: Ic0324364fc0c772200d30fb18a0ba959ed4f7ea4 Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>
2019-05-18api: export ip_types.api for out-of-tree pluginsBenoît Ganne1-1/+5
Out-of-tree plugins can refer to IP types in their API. The .api and associated headers must be exported. Change-Id: I75004343b040defd9eebac6a8a95c2ecf3c8079a Signed-off-by: Benoît Ganne <bganne@cisco.com>
2019-05-17Add a debug-CLI leak-checkerDave Barach5-116/+60
leak-check { <any-debug-cli-command-and-args> } Hint: "set term history off" or you'll have to sort through a bunch of bogus leaks related to the debug cli history mechanism. Cleaned up a set of reported leaks in the "show interface" command. At some point, we thought about making a per-thread vlib_mains vector, but we never did that. Several interface-related CLI's maintained local static cache vectors. Not a bad idea, but not useful as things shook out. Removed the static vectors. Change-Id: I756bf2721a0d91993ecfded34c79da406f30a548 Signed-off-by: Dave Barach <dave@barachs.net>
2019-05-17Tests: Raise exception if API cli_inband command fails.Paul Vinciguerra1-1/+2
* Configure tests to raise exception if cli_inband fails. * Fix failing tests. * Add filename detail to pcap.stat clib_error_return for debugging. Note: this change identifies spurious issues with packet-generator such as: CliFailedCommandError: packet-generator capture: pcap file '/tmp/vpp-unittest-Test6RD-v09RPA/pg0_out.pcap' does not exist. These issues resolve themselves on remaining test passes. Change-Id: Iecbd09daee954d892306d11baff3864a43c5b603 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-05-17UDP-Local: fix unregistered portsNeale Ranns1-64/+51
- if the port is unregistered then write ~0 into the sparse vec, this allows the DP to send packets to ICMP - remove the v6 arcs from the v4 node and vice-versa (since they're never taken) - i have tests for this in a pending change for the punt socket Change-Id: Icbd97de2c2fc38490c16afc2e0b414d8436593c4 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-05-16Add transport_opts to connect_sock bapiNathan Skrzypczak5-6/+26
Needed by QUIC to distinguish Q/Ssessions Change-Id: Idcc9e46f86f54a7d06ce6d870edec1766e95c82d Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2019-05-16init / exit function orderingDave Barach19-200/+166
The vlib init function subsystem now supports a mix of procedural and formally-specified ordering constraints. We should eliminate procedural knowledge wherever possible. The following schemes are *roughly* equivalent: static clib_error_t *init_runs_first (vlib_main_t *vm) { clib_error_t *error; ... do some stuff... if ((error = vlib_call_init_function (init_runs_next))) return error; ... } VLIB_INIT_FUNCTION (init_runs_first); and static clib_error_t *init_runs_first (vlib_main_t *vm) { ... do some stuff... } VLIB_INIT_FUNCTION (init_runs_first) = { .runs_before = VLIB_INITS("init_runs_next"), }; The first form will [most likely] call "init_runs_next" on the spot. The second form means that "init_runs_first" runs before "init_runs_next," possibly much earlier in the sequence. Please DO NOT construct sets of init functions where A before B actually means A *right before* B. It's not necessary - simply combine A and B - and it leads to hugely annoying debugging exercises when trying to switch from ad-hoc procedural ordering constraints to formal ordering constraints. Change-Id: I5e4353503bf43b4acb11a45fb33c79a5ade8426c Signed-off-by: Dave Barach <dave@barachs.net>
2019-05-15IPSEC: remove CLI check for unsupported IPv6-AH - it is supportedNeale Ranns1-22/+0
Change-Id: I72ec95d4a3009a55b0f1fa7e45f9c53f31ef5fc1 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-05-15Remove unused function nat44_ha_resync() and error IN_PROGRESS.Jon Loeliger1-1/+0
The unused function nat44_ha_resync() was the only function that used the error message VNET_API_ERROR_IN_PROGRESS. The error was the only error code that was positive, and didn't really play well with the other error codes. Change-Id: I7d03c2ee915094b635f6efdca7427f71e4d19f2b Signed-off-by: Jon Loeliger <jdl@netgate.com>
2019-05-14QUIC multi thread updateAloys Augustin1-1/+1
* Add support for multiple threads * Replace quicly buffers with fifos * Fix cleanup of sessions * Update quicly release version Change-Id: I551f936bbec05a15703f043ee85c8e1ba0ab9723 Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2019-05-14svm: improve fifo segment prealloc supportFlorin Coras1-3/+8
- track fifo segment free and chunk freelist memory - improve fifo alloc. If there are enough chunks to satisfy a fifo allocation request but not enough free memory, allocate a multi-chunk fifo - add apis to preallocate chunks and fifo headers - more tests Change-Id: If18dba7ab856272c9f565d36ac36365139793e0b Signed-off-by: Florin Coras <fcoras@cisco.com>
2019-05-14IPSEC coverity fixesNeale Ranns2-2/+4
Change-Id: I753fbce091c0ba1004690be5ddeb04f463cf95a3 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-05-14IPSEC: remove unecessary pass by reference of sequence numberNeale Ranns3-4/+4
Change-Id: Id406eb8c69a89c57305d8f138e8e6730037aa799 Signed-off-by: Neale Ranns <nranns@cisco.com>
2019-05-14Coverity: Fix CID-198494 & CID-198388Dave Wallace1-1/+1
Change-Id: I5fa4a3fa512b732fc444e908729582a109db538c Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2019-05-14Unregister UDPC port only when ownedNathan Skrzypczak3-2/+9
Needed in QUIC, when cleaning up accepted UDP sessions Change-Id: Ifcb32687175562bed4ca69bdc519cedd4dc3c2bc Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
2019-05-13Trivial Typo's in bier comments/docs.Paul Vinciguerra14-27/+27
Change-Id: I3b3e868277d5caf6b1341814003a3bc5726c2df9 Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
2019-05-13vnet: remove macro definitionsZhiyong Yang1-3/+0
These two macro definitions should be removed as enum vnet_interface_helper_flags_t has defined them. Change-Id: I31bd0ea75639d2f9a53f396ac3cf42f9fc5fbdbe Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com>