| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Type: fix
Signed-off-by: Stanislav Zaikin <stanislav.zaikin@46labs.com>
Change-Id: I6431557d01756174005df26350c28299f83fcee0
|
|
Type: improvement
Change-Id: I7c9e882b1cdf141b34e84dbfed46b392624d1f62
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: fix
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: Ida88c304f110b05051211ce243fd04ce811a9d4d
|
|
This patch adds some fixes and improvements:
Fixes bug where save_rewrite_length gets overwritten on reassembly
handoff.
Fixes bug where duplicate fragments could cause a reassembly context
to be lost, because the race losing thread would remove bihash entry
created by winning thread.
Improves tracing by adding more events.
Adds extended shallow reassembly. This is a toggleable option, which if
turned on will cause reassembly to wait for both first and last
fragments to calculate total IP payload length. Furthermore it'll store
a local copy of first fragment and necessary data to retrieve it in
vnet_buffer2. This allows downstream features to access full L3/L4
headers when dealing with fragments.
Type: fix
Change-Id: I81695070533410c5815291dbc65ea71c87e3ae05
Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
|
|
This fixes ip6 feature logic, so error and handoff packets are no longer
sent to next feature instead of being dropped/handed off.
Type: fix
Change-Id: If280de5345d9ed3b553dd3b3fa40274619d333ae
Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
|
|
Type: improvement
Change-Id: I0cb4014f03abdd0e55d4bb7ff40ae293a6ed3562
Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
|
|
Use a new frame queue for output feature instead of passing frames
to standard feature.
Fixes bug where save_rewrite_length gets overwritten on reassembly
handoff.
Type: fix
Change-Id: I6c6191aec5f1c89e1ca0510a08781e390d327bbf
Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
|
|
Type: improvement
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: I3102fded415c644673fb79a0fdb7a7448ce20f26
|
|
Session layer can push transport attributes to vcl sessions which are
stored as vector for session lifetime.
Store original_dst_ip and port when available in vcl session attribute
vector.
Type: feature
Change-Id: Iab6c65ddcfed220fc919f564cd19083561812faf
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: refactor
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Iebf5155a429c77143df9eb44f504fea28cddaf98
|
|
Type: improvement
Change-Id: Ib8e9f9fb6dfc553cc9e344544961832fecbea8c1
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
1. When the backend engine is not enable, adding an entry returns
a confusing error message.
DBGvpp# session sdl add 191.1.1.30/32 action 1 tag blue-v4-rule1
session sdl add 191.1.1.30/32 action 1 tag blue-v4-rule1
unknown input `add 191.1.1.30/32 action 1 ta...'
DBGvpp#
2. When the sdl or rule-table entry is already present, adding the duplicate
entry returns a confusing error message.
DBGvpp# session sdl add 8.8.8.1/32 action 0
session sdl add 8.8.8.1/32 action 0
DBGvpp# session sdl add 8.8.8.1/32 action 0
session sdl add 8.8.8.1/32 action 0
session: session is already enable. Must disable first
DBGvpp#
The problem is because there are multiple cli commands start with "session".
When the command is failed with the best match chain, it passes the
command to the other parser chains which start with the keyword "session".
The other cli chain also fails to parse the command. The error message
that the previous parser chain returned may be overwritten by
the newest error message.
The fix is to not return an error in sdl and rule-table parser command chain.
Type: fix
Change-Id: If0165324a763f47ec98ab79a41c3ee9b10057454
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
The language is
local == VPP local interface
remote == sender prefix to VPP node
SDL acts on remote prefix.
Type: fix
Change-Id: I82917c6ef801fc67430dfdd15c5630cb7a6347e0
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
Handshake completion is now tracked via a ctx flag so we no longer need
ctx_handshake_is_over.
Also, as we no longer prealloc application sessions, improve ctx state
formatting.
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: If48588ecde13e56fb99d1a46238bda53ed4eae1b
|
|
Type: improvement
Change-Id: If39e4d2b46820d5c0465fcc40d255fa95d137d38
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: fix
Change-Id: I12ddcd56f2fecb504180cdc044a3b3c3d1db7e3c
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: fix
Change-Id: Ie64ce16ea512b855a1b886eceb94c0e6ba33df05
Signed-off-by: Radislav Chugunov <chgnrdv@gmail.com>
|
|
when a protected tunnel gets deleted it's necessary to run a proper
cleanup
Type: fix
Change-Id: I9d2c60ecbf97c4df299ac5c2228b036bf3478a56
Signed-off-by: Stanislav Zaikin <stanislav.zaikin@46labs.com>
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I4c0c1b27adb3e3ea3c3ff6353b068447db19fa85
|
|
The AWS Graviton make test fails in dvr_test.py on Ubuntu 22.04,
due to a mismatching source MAC address. Debian 11 tests run fine.
The following can be seen in the log.txt trace:
00:00:00:756422: ethernet-input
frame: flags 0x1, hw-if-index 3, sw-if-index 3
IP4: 02:03:00:00:ff:02 -> de:ad:00:00:00:00 802.1q vlan 92
00:00:00:756435: l2-input
l2-input: sw_if_index 6 dst de:ad:00:00:00:00 src 02:03:00:00:ff:02 [l2-input-vtr l2-learn l2-fwd l2-flood l2-flood ]
00:00:00:756438: l2-input-vtr
l2-input-vtr: sw_if_index 6 dst de:ad:00:00:00:00 src 02:03:00:00:00:00 data 08 00 45 00 00 80 00 01 00 00 40 11
00:00:00:756441: l2-learn
l2-learn: sw_if_index 6 dst de:ad:00:00:00:00 src 02:03:00:00:00:00 bd_index 1
Note how l2-input-vtr node has the two lowest bytes of the source MAC corrupted.
Discussing with Benoit, since this could be caused by unaligned memory accesses,
using clib_memcpy_fast.
Type: fix
Change-Id: I28991e1166335df0edd1e4b84fa72a2b1d0bb9bf
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Add support for:
- "sh session verbose thread <n> [lcl|rmt|ep] <ip>[:port]", which can be
used to filter sessions based on transport ip:port
- "force-print" option to force printing even when it exceeds existing
printing thresholds
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Iab3e58b8162664b425379d14818b8a4daa0ce345
|
|
Also retires old marvell plugin.
Change-Id: Icedec11f5661909058fdfe8d5fc455306adafacd
Type: feature
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
This patch removes redundant sa index value in
format_ipsec_tun_protect_input_trace() as sa index value already added
by format_ipsec4_tunnel_kv().
Type: fix
Change-Id: I7834bda57ba0f7cfe5084b671f6f7da0749ba64d
Signed-off-by: Garvit <gvarshney@marvell.com>
|
|
With this feature, session enable is now modified to have 3 modes of operation
session enable -- only enable session
session enable rt-backend sdl -- enable session with sdl
session enable rt-backend rule-table -- enable session with rule-table
session rule tables are now created on demand, upon adding first rule
to the rule table.
refactor session table to remove depenency from sesssion rules table. Now
session rules table APIs take srtg_handle and transport
proto instead of srt pointer.
Type: feature
Change-Id: Idde6a9b2f46b29bb931f9039636562575572aa14
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
Now when lcp pair is created, tap instance is based on hw_id. But tap
interface with such instance can already exist. Introduce an offset and
auto-selection based on it.
Type: fix
Signed-off-by: Stanislav Zaikin <stanislav.zaikin@46labs.com>
Change-Id: I9db39106b0b0d5bf95c445b03e5b7ff52f946dd2
|
|
Change-Id: Ief8e159b25d4fc4859c7116da6ff22c15bd3fff0
Type: feature
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Add RSS support to make use of multiple queues.
With 4 RX queues and RSS enabled
ping from host to guest vm ip queue use
192.168.2.3 192.168.2.1 2
'' 192.168.2.10 0
'' 192.168.2.5 1
'' 192.168.2.105 3
With 4 RX queues and RSS disabled, queue 0 is always used for all of the above cases
Type: improvement
Change-Id: I3ca78fd83fce26cbe8f23fee0a9034cb572bacb7
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
Type: fix
Change-Id: Ibe8ee27484c3b7b920529fd082b1e46b7daef1e5
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: improvement
Change-Id: Id81d1ac23505a74d3bc6f5d7eddca2be20d39f45
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: fix
Change-Id: I3ea7664c9f2cd1deaa6721bfd31214fe27f21468
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
|
|
Type: refactor
This patch moves osi into a plugin, and also modifies
the init functions of llc and snap to preserve init
order dependency (llc_init --> osi_init --> snap_init).
While the initial intent was to move osi/llc/snap together
into a single plugin, there exists a dependency on llc
in vnet/ethernet, which would require further refactoring
and testing work.
Change-Id: Ic0eff030ee29c8d316c0e0fe13931451aa193527
Signed-off-by: Hadi Rayan Al-Sandid <halsandi@cisco.com>
|
|
This patch adds capability to update max_rx_frame_size on octeon
port.
Initial MTU value is being set in the "oct_port_start", which is
invoked every time the Ethernet interface is brought up, thus
overwriting any MTU value set by VPP CLI.
Moved the MTU initialization to "oct_port_init" to address this.
Type: feature
Change-Id: I00d0d52bc7711062cde47b8fe52e6823bb718d08
Signed-off-by: Alok Mishra <almishra@marvell.com>
|
|
Type: improvement
Change-Id: Ia6a9f69b787950e3dbffd13ae577e499d6d2f55f
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Backend needs to return protocol to indicate if the prefix is ip4 or ip6.
Type: fix
Change-Id: If827c2e8b2a58051298968fa4d69de71ce9c4fcc
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
Need to vec_free ns_id whenever we return in the function
show_session_rules_command_fn in case memory was allocated to it.
Type: fix
Change-Id: Ifc38d3eb2756a8a128467dd40ad40fe3f0be8fc0
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
SESSION_INVALID_INDEX is u32. The function is supposed to return u64.
The caller of the function tests the return value to see if it is
SESSION_INVALID_HANDLE in ct_session_connect. If it is not, it
thinks it is a valid handle and calls listen_session_get_from_handle
which causes a crash.
Type: fix
Change-Id: I4ede6b2dfb95259f3a6071cfa3a77ce0d9cd9edd
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
Type: improvement
Change-Id: Ibc1e391356cef415b992b65c00f3d365fc97386d
Signed-off-by: Aritra Basu <aritrbas@cisco.com>
|
|
When packets are dropped and this field is not set, then
trace shows the packet being dropped by the null-node instead
of the correct reason.
Type: fix
Change-Id: I3ed9186285d0db7fa6a1e5b739a28ee625968f30
Signed-off-by: Ole Troan <otroan@employees.org>
|
|
Type: fix
Change-Id: I844539af3a283c8ec12498dbfd4857b8b533d7c1
Signed-off-by: Aritra Basu <aritrbas@cisco.com>
|
|
Type: improvement
Change-Id: Ie8f6ddc96fd3f5d44827ace834f8f6baa330d37d
Signed-off-by: Aritra Basu <aritrbas@cisco.com>
|
|
Type: improvement
Change-Id: I11dc43bdf65cecfa5c48ac734a4727b377023c80
Signed-off-by: Aritra Basu <aritrbas@cisco.com>
|
|
session table
When an application namespace is added, we call session_table_is_alloced
to see if we need to allocate a new session table. That check returns true
even if we removed the session table.
The fix is when we delete an application's global session table,
we need to invalidate fib_index_to_table_index.
Fixed test_vcl test script to run two tests back to back.
The 1st test deletes the application namespace at the end.
The 2nd test adds the application namespace in the beginning.
Type: fix
Fixes: 67bae20b05cb46e5f6d19afeaf1f7a52a5309d59
Change-Id: I67f5cc1b726a07659597a9479df011717db08d0a
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
ip4_sas_commonlen may be called with null a2 argument from
ip4_neighbor_advertise -> ip4_sas_by_sw_if_index.
If a1 or a2 is null, there is no common length, shortest mask
between a1 and a2, return 0 instead of crashing.
Type: fix
Change-Id: I307509ee7dedafac76d8877a1ef76ab8bbafef59
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
1. Adding an ip6 rule entry
session rule add proto tcp ee80::/10 0 ee80::/10 0 action 2
2. show session rules does not display the entry.
show session rules tcp
3. However, show session rules for a specific entry shows the entry
show session rules tcp ee80::/10 0 ee80::/10 0
Type: fix
Change-Id: I65c881665d3698a2a9452a186ed657eee0bf13e0
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
Type: fix
Coverity issue: 394440
Change-Id: I915a088145ee1317a7c8746b517f4af50323aa11
Signed-off-by: Fan Zhang <fanzhang.oss@gmail.com>
|
|
- fixes incorrect pcap packet type for packet
generator interfaces configured in ip mode.
- corrects pcap file decode for pg output files
- fixes scapy versions > 2.4.3 which now appear to
use the packet type in the pcap file header which
had been ignored in earlier versions
Type: fix
Change-Id: Idb1e3f8fbc7ca938fb5d2aaa72365e333c0ea2e9
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
|
|
Type: improvement
Change-Id: I8c5bfc82c1db1213eb43072853f8500ce1d2ee92
Signed-off-by: Klement Sekera <klement.sekera@gmail.com>
|
|
Type: fix
Change-Id: If07a6a420d467e6305f166ed250f84befe9f983d
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
Type: fix
Change-Id: Id8542ad74389eca4cc7903cd455f556743a5e0cf
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
Allow other apps to own transport sessions for tls.
Type: improvement
Change-Id: Ida04cef1dc49acb7117cbed8657e26890bf43d2a
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
Stanislav Zaikin
Damjan Marion
Mohsin Kazmi
Klement Sekera
Florin Coras
Steven Luong
Radislav Chugunov
Andrew Yourtchenko
Garvit
Benoît Ganne
Dave Wallace
Hadi Rayan Al-Sandid
Alok Mishra
Aritra Basu
Ole Troan
Fan Zhang