aboutsummaryrefslogtreecommitdiffstats
path: root/src/vnet
AgeCommit message (Collapse)AuthorFilesLines
5 dayssession: improve endpoint cfg unit testFlorin Coras2-0/+8
We are currently testing only active open from default to non-default appns. Add connect test from non-default to default appns and make sure transport cleans up ports. Type: improvement Change-Id: Id0f05aa295ac175b549d8035eb530dbb9a15d85d Signed-off-by: Florin Coras <fcoras@cisco.com>
8 dayssession: fix lcl port allocation with fibFlorin Coras1-0/+1
Type: fix Change-Id: I0b0cc664cec2643a543a39cc7482292604381bf7 Signed-off-by: Florin Coras <fcoras@cisco.com>
11 dayssession: uri parsing improvementsAdrian Villin2-2/+90
- It is now possible to use "proto://ip4:port/target" or "proto://[ip6]:port/target" format. - Updated http_client and related tests to use the new format Type: improvement Change-Id: Ic6afd8c66eddca2ab1d7afc034e193441c34f8ee Signed-off-by: Adrian Villin <avillin@cisco.com>
2025-03-01session: ignore tx evts for cl sessions with no fifoFlorin Coras1-1/+1
Type: fix Change-Id: I3e484ed3447dde3540c39b2c5c5ce26329c83340 Signed-off-by: Florin Coras <fcoras@cisco.com>
2025-02-25ipsec: coverity warning, issue CID 509068Piotr Bronowski1-5/+0
UNUSED_VALUE warning fixed. Type: fix Change-Id: Idd1f0fab96f252f2081d5c268ecc722223289477 Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com>
2025-02-25vxlan: move vxlan-gpe to a pluginlajoskatona12-4726/+0
Move vxlan-gpe folder under vnet to the plugin folder, update cmake configuration and header paths, and add plugin.c to register plugin. JIRA: VPP-2059 Type: improvement Change-Id: I31b6d326276c4aa684fcdcf8443ef349f7816a6d Signed-off-by: lajoskatona <katonalala@gmail.com> Signed-off-by: Nicolas PLANEL <nplanel@cisco.com>
2025-02-24udp: fix cli for next node and opaqueFlorin Coras1-1/+2
Type: fix Change-Id: I77c2d8e64ed463b1c8e84e0fca8d79684a88714c Signed-off-by: Florin Coras <fcoras@cisco.com>
2025-02-20session: trace all packets sourced by session layerFlorin Coras1-23/+23
Trace both packets generated by dispatching sessions and those that have been enqueued by other nodes, e.g., syns, fins, acks enqueued by tcp input and output. Because not all buffer sources know the session, remove for now the session index from the trace. Nonetheless, next node on path will print it, so no information is lost. Type: improvement Change-Id: Id69094fbf00e6bc8f98095e90cdf20e2b7f0aeda Signed-off-by: Florin Coras <fcoras@cisco.com>
2025-02-18ipsec: enable support for ipv6 udp ipsec encapsulation in policy modePiotr Bronowski1-32/+49
IPSec traffic may be sent encapsulated inside UDP packagaes. In case of esp packgaes decryption is required (according to defined policies), whereas IKE traffic should be bypassed (relevant policy needs to be defined). With this patch required behaviour is provided. Type: feature Change-Id: If99c7bf121db881c0bdf2b45e6fdca87c0d872a5 Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com>
2025-02-18ipsec: add support for bypass and discard policies for ipv6Piotr Bronowski1-120/+223
In case of ipv6 addresses spd did not support bypass and discard policies. This change introduces missing implementation in the same way as it was implemented for ipv4. Type: feature Change-Id: Idad974655b209d946414d7d85037d0783cde7db3 Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com>
2025-02-17sr: fix sr_policy fib tableArtem Glazychev1-2/+3
fib_table_get_flow_hash_config accepts fib_index, not fib_table. Type: fix Change-Id: I0372ca1b6caab4a34bc0590f9856d89deff6ee90 Signed-off-by: Artem Glazychev <glazychev@mts.ru>
2025-02-15ip: add support to preallocate poolsMohsin Kazmi7-2/+64
Type: improvement In certain use cases, the underlying pools expand by allocating a new, larger pool and copying the existing elements into it. This process can be time-consuming, leading to slower control plane configurations, especially when a large number of elements are already present. This patch allows users to pre-configure some of these pools through startup.conf. It also fixes alignment for ip4 mtrie. Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Signed-off-by: Benoît Ganne <bganne@cisco.com> Change-Id: Ib0f1d40e3efb8b4fce989219196c718d6834498a
2025-02-14session: improve chained buffer enqueueFlorin Coras1-50/+58
Type: improvement Change-Id: I86497255cd2a73e37ae9be61dcce3a27199c552f Signed-off-by: Florin Coras <fcoras@cisco.com>
2025-02-14tcp: improve exception checks for established connectionsFlorin Coras1-18/+39
Separate exception state checks, e.g., no connection or closed, from segment validation. Segments with no ack, rst, syn flag should not be received in established node. Still, leave the check in for now. Type: improvement Change-Id: I7ceb01d7133f3a571e18721b6e51ff79f533f8cb Signed-off-by: Florin Coras <fcoras@cisco.com>
2025-02-13ipsec: better pack outbound SA runtime dataDamjan Marion1-5/+5
Type: improvement Change-Id: I9a0437dcfaf5e6930bb7fa057866ea36e7ca328f Signed-off-by: Damjan Marion <damarion@cisco.com>
2025-02-13ipsec: keep inbound seq as u64Damjan Marion4-48/+45
Type: improvement Change-Id: I03f0b6137db6780f2c2935df90e98acf4bd471f9 Signed-off-by: Damjan Marion <damarion@cisco.com>
2025-02-13ipsec: combine huge and normal anti-replay-window handlingDamjan Marion4-239/+118
Type: improvement Change-Id: Idfbaf56e3b56e77c8deaca9d3e41f7a78d8c4e0b Signed-off-by: Damjan Marion <damarion@cisco.com>
2025-02-13ipsec: embed anti-replay bitmap in the runtime dataDamjan Marion2-63/+47
Type: improvement Change-Id: I753917c6d7e30b8d5e3291b85a7532a455ebc2bb Signed-off-by: Damjan Marion <damarion@cisco.com>
2025-02-13ipsec: store anti_replay_window_size in runtime dataDamjan Marion4-55/+31
Type: improvement Change-Id: I0626af365855ad5301419e72e9430a47a5d0e5d7 Signed-off-by: Damjan Marion <damarion@cisco.com>
2025-02-13session: make sure we cannot pass wrong IO event typeBenoît Ganne1-23/+36
GCC 11 complains about potential cast from u32 to session_t. Type: fix Change-Id: Id777e339c40e0ea3c3c8b2b0800acf7cd7a4ced3 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2025-02-12tcp: rename worker ctx to just wrkFlorin Coras6-27/+20
Align with session layer (also less typing in gdb ..) Type: refactor Change-Id: I1455a1aa3e3bad7b53fe638a678774b88b9969b9 Signed-off-by: Florin Coras <fcoras@cisco.com>
2025-02-12session: move io inlines to header fileFlorin Coras2-334/+325
Make sure compiler can optimize out constants. Type: improvement Change-Id: I3982d4b2cf1e0e08e31a0836fd64fab82564a7d6 Signed-off-by: Florin Coras <fcoras@cisco.com>
2025-02-07session: do not match listeners when looking for lcl portFlorin Coras3-5/+73
Also optimize lookup to avoid session rules table matching. Type: fix Change-Id: I5b62c870edd9f7486e7de1417816fffa30d03a3e Signed-off-by: Florin Coras <fcoras@cisco.com>
2025-02-06qos: fix qos record cliFilip Tehlar1-1/+1
Type: fix Change-Id: Ic3d4bbb4df8be6ef109f0af17744b35abc240ba2 Signed-off-by: Filip Tehlar <filip.tehlar@gmail.com>
2025-02-05l2: fix segment faultfenglei1-1/+4
if feature_bitmap is zero, it will make feat_bitmap_get_next_node_index function generate segment fault Type: fix Change-Id: I6a9c0b29d927e600537e9e43ad696d09c091f9b1 Signed-off-by: fenglei <1579628578@qq.com>
2025-02-03crypto: remove barrier on key addSemir Sionek2-52/+48
Type: improvement Signed-off-by: Damjan Marion <damarion@cisco.com> Change-Id: I9eab8a3c2580711c8635f7ba8bca3b27316aa665
2025-02-03ipsec: fix ipsec_sa_v5_detailsMaxime Peim1-2/+6
Re-add the anti-replay window size in the SA dump API and add tests. Type: fix Change-Id: Iacecdf5df796a0a6353491f8160c878751c6039b Signed-off-by: Maxime Peim <mpeim@cisco.com> Signed-off-by: Benoît Ganne <bganne@cisco.com>
2025-02-03ipsec: export ipsec_funcs headerMaxime Peim1-0/+1
Type: fix Change-Id: I78904edd5f38e22821af779e15ab1c0da2294ce8 Signed-off-by: Maxime Peim <mpeim@cisco.com>
2025-01-31ipsec: store outbound seq as u64Damjan Marion6-63/+34
Type: improvement Change-Id: Id7717de00558ab90dbd312a58becd58d008397ea Signed-off-by: Damjan Marion <damarion@cisco.com>
2025-01-30ipsec: add SA inbound and outbound runtime dataDamjan Marion15-666/+891
Type: improvement Change-Id: I0f949b67fb5b65fa1a79ffb7777d654693f0de6a Signed-off-by: Damjan Marion <damarion@cisco.com>
2025-01-24session: make local port allocator fib awareFlorin Coras4-30/+36
Allocate ports per fib. Type: improvement Change-Id: I9e1f113602485bfb09f71092eee58b9a433daa6a Signed-off-by: Florin Coras <fcoras@cisco.com>
2025-01-23session: validate new app worker on update reqestFlorin Coras1-0/+2
Type: fix Change-Id: Id9cec0c802024c1df0ac06a0f8833379a782e9de Signed-off-by: Florin Coras <fcoras@cisco.com>
2025-01-22session: cleanup io event functionsFlorin Coras4-5/+19
Program session events using session handles instead of fifos. Type: improvement Change-Id: I69063190598c2b4dc1104f2938f27c6cd057341a Signed-off-by: Florin Coras <fcoras@cisco.com>
2025-01-22session svm: track session indices in private structFlorin Coras8-19/+26
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I898baf3e2a7586124f4678eaeaa4516db7186f8f
2025-01-21crypto: add async algo macros for ctr sha2Nithinsen Kaithakadan1-1/+10
Add async crypto algo macros for AES_CTR SHA256/384/512. Add support for these in dev octeon plugin. Type: feature Signed-off-by: Nithinsen Kaithakadan <nkaithakadan@marvell.com> Change-Id: I22e81c6ac5a549b2f12556b8c79257a20a5bd47d
2025-01-16crypto: combine sync and async algos and opsDamjan Marion12-770/+419
Type: improvement Change-Id: I4d507b105e5b5ba7dd68d373c7f1ab156a9fc9f1 Signed-off-by: Damjan Marion <damarion@cisco.com>
2025-01-16ipsec: make algo data constantDamjan Marion4-162/+193
Type: improvement Change-Id: I554418fca0cbe1a2b42eddc24eccf25ede5f678a Signed-off-by: Damjan Marion <damarion@cisco.com>
2025-01-16arp: fix command resolve and config filed exist differfenglei1-1/+2
Type: fix Change-Id: I2b2b65a6c12d50146f08b64b9a1603888652b462 Signed-off-by: fenglei <1579628578@qq.com>
2025-01-16ipsec: don't add crypto key if cipher is NONEDamjan Marion1-6/+10
Type: fix Change-Id: I0c418fe71b579febc4ca02e8ad0aeba24df1945d Signed-off-by: Damjan Marion <damarion@cisco.com>
2025-01-15tcp: export sdl header file for out-of-tree pluginsFlorin Coras1-0/+1
Type: fix Change-Id: I27e29690dba1ea52e874cb1db81d24fcc4366bb6 Signed-off-by: Florin Coras <fcoras@cisco.com>
2025-01-13ip: fix local csum checkFlorin Coras1-5/+12
For packets with invalid checksums, in src local check, do not override errors on fast path and do not cache result. Type: fix Change-Id: I4de9351b190ba398d6f89eec80055016cacf028b Signed-off-by: Florin Coras <fcoras@cisco.com>
2025-01-13crypto: remove AEAD opt typesDamjan Marion2-17/+6
Type: improvement Change-Id: I32ccf1d58a34bc6f64946ffd711dbd2b4f5864f6 Signed-off-by: Damjan Marion <damarion@cisco.com>
2025-01-10crypto: key storage improvementsDamjan Marion2-34/+47
Type: improvement Change-Id: I49d8415ce1d64dc797a0cc43f5382daeaddbe11a Signed-off-by: Damjan Marion <damarion@cisco.com>
2025-01-10dev: assign tx queue to all threadsMonendra Singh Kushwaha1-5/+9
This patch assigns tx queue to all thread and enables tx queue sharing if needed. Type: fix Signed-off-by: Monendra Singh Kushwaha <kmonendra@marvell.com> Change-Id: I8cb561c29c2a508b8b478c646121b1caa61b8520
2025-01-09sr: fix aarch64 build issueGuillaume Solignac1-0/+1
GCC complains about a maybe-unitialized variable Type: fix Change-Id: Id77e4a48bdefea74d881190675320036f60ee3d5 Signed-off-by: Guillaume Solignac <gsoligna@cisco.com>
2025-01-08ipsec: fix spd fast path single match compare for ipv6Piotr Bronowski1-15/+91
Fast path match single compare (the last step of policy matching in spd fast path) is only implemented for IPv4 addresses. This change adds support to also do a single match on IPv6 addresses. Type: fix Change-Id: I5aeb6e1e9afccfd2b2082e26502c5b7e9a8b2d4c Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com> Signed-off-by: Vinayak Udandkar <vinayakx.udandkar@intel.com>
2024-12-30session: proxy session migration fixMatus Fabian2-6/+12
Type: fix Change-Id: I487ee4e69d8885f46d7a4af2c66a710da66108c5 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2024-12-23session: add auto sdlSteven Luong8-33/+198
New CLI to enable/disable auto-sdl (requires session enable rt-backend sdl) auto-sdl <enable|disable> [threshold <n>] [remove-timeout <t>] threshold is defined as the number of packets before the SDL entry is created to deny the source. remove-timeout is defined as the duration to remove the SDL entry which was created earlier. Type: feature Change-Id: I513094a59663970beae33257006c652674643764 Signed-off-by: Steven Luong <sluong@cisco.com>
2024-12-18crypto: move crypto engines outside of pluginsDamjan Marion3-6/+174
This is first step in process of making crypto engine binaries less dependant on specific VPP version. Type: improvement Change-Id: Ib08135688be409049b660e2b2ac435578b63be65 Signed-off-by: Damjan Marion <dmarion@me.com>
2024-12-16policer: Add return_dsc for policer_add_command_fnfenglei1-2/+5
Type: improvement add return_desc for except failure Change-Id: Idcec0f8833fc264f66d2e0a784ece2a62c425263 Signed-off-by: fenglei <1579628578@qq.com>