| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Separate exception state checks, e.g., no connection or closed, from
segment validation. Segments with no ack, rst, syn flag should not be
received in established node. Still, leave the check in for now.
Type: improvement
Change-Id: I7ceb01d7133f3a571e18721b6e51ff79f533f8cb
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: improvement
Change-Id: I9a0437dcfaf5e6930bb7fa057866ea36e7ca328f
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: improvement
Change-Id: I03f0b6137db6780f2c2935df90e98acf4bd471f9
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: improvement
Change-Id: Idfbaf56e3b56e77c8deaca9d3e41f7a78d8c4e0b
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: improvement
Change-Id: I753917c6d7e30b8d5e3291b85a7532a455ebc2bb
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: improvement
Change-Id: I0626af365855ad5301419e72e9430a47a5d0e5d7
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
GCC 11 complains about potential cast from u32 to session_t.
Type: fix
Change-Id: Id777e339c40e0ea3c3c8b2b0800acf7cd7a4ced3
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Align with session layer (also less typing in gdb ..)
Type: refactor
Change-Id: I1455a1aa3e3bad7b53fe638a678774b88b9969b9
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Make sure compiler can optimize out constants.
Type: improvement
Change-Id: I3982d4b2cf1e0e08e31a0836fd64fab82564a7d6
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Also optimize lookup to avoid session rules table matching.
Type: fix
Change-Id: I5b62c870edd9f7486e7de1417816fffa30d03a3e
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: fix
Change-Id: Ic3d4bbb4df8be6ef109f0af17744b35abc240ba2
Signed-off-by: Filip Tehlar <filip.tehlar@gmail.com>
|
|
if feature_bitmap is zero, it will make feat_bitmap_get_next_node_index function generate segment fault
Type: fix
Change-Id: I6a9c0b29d927e600537e9e43ad696d09c091f9b1
Signed-off-by: fenglei <1579628578@qq.com>
|
|
Type: improvement
Signed-off-by: Damjan Marion <damarion@cisco.com>
Change-Id: I9eab8a3c2580711c8635f7ba8bca3b27316aa665
|
|
Re-add the anti-replay window size in the SA dump API and add tests.
Type: fix
Change-Id: Iacecdf5df796a0a6353491f8160c878751c6039b
Signed-off-by: Maxime Peim <mpeim@cisco.com>
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: fix
Change-Id: I78904edd5f38e22821af779e15ab1c0da2294ce8
Signed-off-by: Maxime Peim <mpeim@cisco.com>
|
|
Type: improvement
Change-Id: Id7717de00558ab90dbd312a58becd58d008397ea
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: improvement
Change-Id: I0f949b67fb5b65fa1a79ffb7777d654693f0de6a
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Allocate ports per fib.
Type: improvement
Change-Id: I9e1f113602485bfb09f71092eee58b9a433daa6a
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: fix
Change-Id: Id9cec0c802024c1df0ac06a0f8833379a782e9de
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Program session events using session handles instead of fifos.
Type: improvement
Change-Id: I69063190598c2b4dc1104f2938f27c6cd057341a
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: improvement
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I898baf3e2a7586124f4678eaeaa4516db7186f8f
|
|
Add async crypto algo macros for AES_CTR SHA256/384/512.
Add support for these in dev octeon plugin.
Type: feature
Signed-off-by: Nithinsen Kaithakadan <nkaithakadan@marvell.com>
Change-Id: I22e81c6ac5a549b2f12556b8c79257a20a5bd47d
|
|
Type: improvement
Change-Id: I4d507b105e5b5ba7dd68d373c7f1ab156a9fc9f1
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: improvement
Change-Id: I554418fca0cbe1a2b42eddc24eccf25ede5f678a
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: fix
Change-Id: I2b2b65a6c12d50146f08b64b9a1603888652b462
Signed-off-by: fenglei <1579628578@qq.com>
|
|
Type: fix
Change-Id: I0c418fe71b579febc4ca02e8ad0aeba24df1945d
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: fix
Change-Id: I27e29690dba1ea52e874cb1db81d24fcc4366bb6
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
For packets with invalid checksums, in src local check, do not override
errors on fast path and do not cache result.
Type: fix
Change-Id: I4de9351b190ba398d6f89eec80055016cacf028b
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: improvement
Change-Id: I32ccf1d58a34bc6f64946ffd711dbd2b4f5864f6
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Type: improvement
Change-Id: I49d8415ce1d64dc797a0cc43f5382daeaddbe11a
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
This patch assigns tx queue to all thread and enables tx queue
sharing if needed.
Type: fix
Signed-off-by: Monendra Singh Kushwaha <kmonendra@marvell.com>
Change-Id: I8cb561c29c2a508b8b478c646121b1caa61b8520
|
|
GCC complains about a maybe-unitialized variable
Type: fix
Change-Id: Id77e4a48bdefea74d881190675320036f60ee3d5
Signed-off-by: Guillaume Solignac <gsoligna@cisco.com>
|
|
Fast path match single compare (the last step of policy matching in spd fast path)
is only implemented for IPv4 addresses.
This change adds support to also do a single match on IPv6 addresses.
Type: fix
Change-Id: I5aeb6e1e9afccfd2b2082e26502c5b7e9a8b2d4c
Signed-off-by: Piotr Bronowski <piotrx.bronowski@intel.com>
Signed-off-by: Vinayak Udandkar <vinayakx.udandkar@intel.com>
|
|
Type: fix
Change-Id: I487ee4e69d8885f46d7a4af2c66a710da66108c5
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
New CLI to enable/disable auto-sdl (requires session enable rt-backend sdl)
auto-sdl <enable|disable> [threshold <n>] [remove-timeout <t>]
threshold is defined as the number of packets before the SDL entry is created to deny the source.
remove-timeout is defined as the duration to remove the SDL entry which was created earlier.
Type: feature
Change-Id: I513094a59663970beae33257006c652674643764
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
This is first step in process of making crypto engine binaries
less dependant on specific VPP version.
Type: improvement
Change-Id: Ib08135688be409049b660e2b2ac435578b63be65
Signed-off-by: Damjan Marion <dmarion@me.com>
|
|
Type: improvement
add return_desc for except failure
Change-Id: Idcec0f8833fc264f66d2e0a784ece2a62c425263
Signed-off-by: fenglei <1579628578@qq.com>
|
|
Type: fix
policer_input didn't check policer_index will lead to coredump
when refer to cm->counters[thread_index] variable, cm->counters[thread_index] is null.
Change-Id: I8c6ef6c4c2bc96f23ab806327cb6f179c958cee2
Signed-off-by: fenglei <1579628578@qq.com>
|
|
Fixes an issue preventing a feature to be configured on a secondary interface.
Type: fix
Signed-off-by: Guillaume Solignac <gsoligna@cisco.com>
Change-Id: I8ecd80988d22291013cd0addae6dc25043aaea98
|
|
1) pg can typically injects packets in ethernet-input, ip4-input or
ip6-input. Make sure offload offsets are correctly set for ip4-input and
ip6-input.
2) add hw-addr support for ethernet mode (only available through cli)
3) refactor pg creation code to improve the readability by using
data structure pg_interface_args_t
4) fix the pg input and output traces to use headers according to
pg interface mode
5) introduce pg interface flags i.e. checksum, gso, gro
Type: improvement
Change-Id: Iffed502e9c6357d7ef8e8a72217867e8297236aa
Signed-off-by: Benoît Ganne <bganne@cisco.com>
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
Type: fix
Change-Id: Id6aa410a75356ece1d114a2970f70cf32203997f
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Type: improvement
Change-Id: I7ca860dbee0d0a24b7f00943142d8c878ed90e80
Signed-off-by: Hadi Rayan Al-Sandid <halsandi@cisco.com>
|
|
A philosophical question. Do an interface have to have an IPv4 address
to process IPv4 packets? For ICMP error generation it's sufficient that
it has an address available on the node.
More concretely this patch is to allow an extern DHCP client to process
IP packets before it configures an address on the interface, without
having to have an node early in the ip4-unicast feature-arc like
ip4-dhcp-client-detect to intercept the packets.
Type: improvement
Change-Id: I780c579eec28ba564cf8417fbcc87e7a7876fdd2
Signed-off-by: Ole Troan <otroan@employees.org>
|
|
Problem
The API app_namespace_add_del allows specifying ip4_fib_id and
ip6_fib_id. But the CLI does not. It only allows interface.
Interface binding may change after the application namespace
is created and there is no registration for the callback
when the interface binding changes.
Fix
Add ip4-fib-id and ip6-fib-id to app ns CLI. When both
interface and fib-id's are specified, interface takes
precedence. When interface is not specified, either ip4-fib-id
or ip6-fib-id or both ip4 and ip6 fib-id's may be specified.
If only ip4-fib-id is specified, ip6 is disable for this
particular app namespace. If only ip6-fib-id is specified,
ip4 is disable for this namespace.
When the interface binding changes to different vrf and the
application namespace was created via interface option, we
delete the application namespace and recreate the application
namespace with the new interface binding. Notice when the
application namespace is removed, all session rules and
sdl rules previously created for the deleted application
namespace will be deleted. However, if the fib table/session
table was shared by another namespace, the other namespace
will still contain the session rules and sdl rules.
Type: improvement
Change-Id: I76eb30da1ed8a39d06694c1e66d0675bf03516bf
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
Display segment manager information for show app <index> verbose
Mark segment manager as listener if it is a listener segment.
Type: improvement
Change-Id: I8d91f4c2ed5b8f39620f2c8b06950c0e7ee2225e
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
Adds support for tls async processing using OpenSSL.
Adds new CLI command to configure OpenSSL TLS configurations used by
OpenSSL context and session. New CLI format is:
tls openssl set-tls [record-size <size>]
[record-split-size <size>]
[max-pipelines <size>]
Sets default values to below TLS configuration parameters:
- first_seg_size: 32MB
- add_seg_size: 256MB
Type: feature
Signed-off-by: Varun Rapelly <vrapelly@marvell.com>
Change-Id: I990be31fced9e258fdb036f5751cd67594b0bce7
|
|
Type: refactor
Move PPP folder under vnet to the plugin folder, and modify some of path
of the #inlude<header> to the new path.
Add a plugin.c file to register a plugin.
Resolve ip4_input and ip6_input's dependency on PPP functions by moving
those calls to PPP's initialization.
Resolve osi's inter-plugin dependency on PPP by having it retrieve the
function pointer
Add ppp to the list of valid spelling words
JIRA: VPP-2052
Change-Id: I1a26ef0663a91857d13f7d87a3bb14bc38893194
Signed-off-by: Joel Ahn <joeahn@cisco.com>
|
|
The app ns semantics allows the same app ns to be re-added with different
interface. For example,
app ns add id blue secret 1 if tap0
app ns add id blue secret 1 if tap1
If tap0 is bound to table 0 and tap1 is bound to tap1, we need to clean
up the existing session table and possibly allocate a new session table
for the app ns.
Type: fix
Change-Id: I566d621081b7cdbd7d0c481fda53953b39c26001
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
- added TAP_API_FLAG_CONSISTENT_QP = 256
Type: improvement
Change-Id: I57d95503395baf265c29d48a92bd69347f0a7333
Signed-off-by: Adrian Villin <avillin@cisco.com>
|
|
Type: fix
Change-Id: I66607164b1552011b39808bafc8e02b5a24f883c
Signed-off-by: Renato Botelho do Couto <renato@netgate.com>
|
Florin Coras
Damjan Marion
Benoît Ganne
Filip Tehlar
fenglei
Semir Sionek
Maxime Peim
Nithinsen Kaithakadan
Monendra Singh Kushwaha
Guillaume Solignac
Piotr Bronowski
Matus Fabian
Steven Luong
Damjan Marion
Hadi Rayan Al-Sandid
Ole Troan
Varun Rapelly
Joel Ahn
Adrian Villin
Renato Botelho do Couto