Age | Commit message (Collapse) | Author | Files | Lines |
|
Add an SELinux profile such that VPP can run under SELinux on RPM based
platforms. The SELinux Policy is currently only implemented for RPM
packages, specifically, Fedora, CentOS and RHEL. Doxygen User
Documentation has been included (selinux_doc.md). Once some discussion
on file locations has completed (see vpp-devlist), updates to the Debug
CLI documentation will also need to be updated.
Additional changes:
Patch Set 2:
- Rework selinux_doc.md such that each line is only 80 characters
instead of each sentence on a line. Made additonal minor chnages
to the text.
- Update vHost Debug CLI documentation to reflex new socket location.
Cleaned up some text from when I originally wrote it, to better
reflex proper use.
- Update exec Debug CLI documentation to be more inline with suggested
helptext, added text regarding recommended script file location.
- For Debian builds, create the /var/log/vpp/ directory. I don't use
Debian very much, so please pay extra attention to
build-data/platforms.mk and build-root/deb/debian/.gitignore.
- Per discussion on VPP call, changed the default log location to
/var/log/vpp/vpp.log.
- Changed the socket location for vHost in AutoConfig to
/var/run/vpp/.
Patch Set 3:
- Update selinux_doc.md based on comments.
Change-Id: I400520dc33f1ca51012d09ef8fe5a7b7b96c631e
Signed-off-by: Billy McFall <bmcfall@redhat.com>
|
|
This is a version of the VPP API generator in Python PLY. It supports
the existing language, and has a plugin architecture for generators.
Currently C and JSON are supported.
Changes:
- vl_api_version to option version = "major.minor.patch"
- enum support
- Added error checking and reporting
- import support (removed the C pre-processor)
- services (tying request/reply together)
Version:
option version = "1.0.0";
Enum:
enum colours {
RED,
BLUE = 50,
};
define foo {
vl_api_colours_t colours;
};
Services:
service {
rpc foo returns foo_reply;
rpc foo_dump returns stream foo_details;
rpc want_stats returns want_stats_reply
events ip4_counters, ip6_counters;
};
Future planned features:
- unions
- bool, text
- array support (including length)
- proto3 output plugin
- Refactor C/C++ generator as a plugin
- Refactor Java generator as a plugin
Change-Id: Ifa289966c790e1b1a8e2938a91e69331e3a58bdf
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Change-Id: I76fd655ecd9445299b94b3b5af10e7b1588584e4
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I94618933719abb6ada1272bcf76f4f5304043873
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
c42fc05bfbb26fd11fe92ac9d11587660a817ac1 removed
mr_create_table_if_needed parameter in FIB API calls.
This commit fixes the API test program, which was not compiling
anymore.
Change-Id: Id6899c860235363bef9ba35cd8f24033a55cd5e6
Signed-off-by: Pierre Pfister <ppfister@cisco.com>
|
|
Commit 6c4dae27e75fc66 broke api_format.c soft link between vat at vpp
api. Probably a make fixstyle issue. Thanks to John Lo for catching
this.
Change-Id: I0567b49fb5c70314d7d6e72f8c9f0f1575948702
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: Icde296e956eb89ea3a17d547f04a833916ec6440
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Fixes the remainig apis that explicitly check svm queue length.
Change-Id: I6055c7c50050affee3098e162e15fb12c205e5db
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
This does not update api client code. In other words, if the client
assumes the transport is shmem based, this patch does not change that.
Furthermore, code that checks queue size, for tail dropping, is not
updated.
Done for the following apis:
Plugins
- acl
- gtpu
- memif
- nat
- pppoe
VNET
- bfd
- bier
- tapv2
- vhost user
- dhcp
- flow
- geneve
- ip
- punt
- ipsec/ipsec-gre
- l2
- l2tp
- lisp-cp/one-cp
- lisp-gpe
- map
- mpls
- policer
- session
- span
- udp
- tap
- vxlan/vxlan-gpe
- interface
VPP
- api/api.c
OAM
- oam_api.c
Stats
- stats.c
Change-Id: I0e33ecefb2bdab0295698c0add948068a5a83345
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
If I remember correctly, I added the interface name filter catalog to
avoid cluttering up the vat interface table with [unused] packet
generator interfaces. Since we no longer create pg interfaces we're
not planning to use, the filter catalog does more harm than
good. Every new interface name prefix would have had to be added to
the list, and folks wouldn't likely know they should do that...
Change-Id: I4067f8ba70ad13c8dc5ebaf21a23759a2cf2675e
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
- separate client/server code for both memory and socket apis
- separate memory api code from generic vlib api code
- move unix_shared_memory_fifo to svm and rename to svm_fifo_t
- overall declutter
Change-Id: I90cdd98ff74d0787d58825b914b0f1eafcfa4dc2
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I5dbd5e5673ecb0d3878053ae9985478740cf3bc6
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
|
|
Change-Id: Iacfbaaa91ea8bd92790dec9fce567063bdbc5d64
Signed-off-by: Pablo Camarillo <pcamaril@cisco.com>
|
|
Change-Id: Ib4012ff598698924484525932d041988cc4c63f6
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I46b4aeb6ec9ab6ee462f9c5074b5778d94bf8dc3
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
- change interface naming scheme
- rework netlink code
- add option to set link address, namespace
Change-Id: Icf667babb3077a07617b0b87c45c957e345cb4d1
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I63d720378b92813993525f80fee90fc79df27fba
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Move elog_sample.c to src/examples/vlib
Change-Id: I7d32c83c424b9ca4a057372c7fc6a6e2b7dab034
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
- add support for assigning tap interface to the bridge
- add support for assigning tap interface host side ip4 and ip6 address
- host namespace can be specified as PID (pid:12345) or full path to file
- automatically bring linux interface up
Change-Id: I1cf7c3cad9a740e430cc1b9c2bb0aad0ba4cc8d8
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: Ided667356d5c6fb9648eb34685aabd6b16a598b7
Signed-off-by: Damjan Marion <damarion@cisco.com>
Signed-off-by: Steven Luong <sluong@cisco.com>
|
|
To facilitate in-tree plugin API testing, via the "binary-api..."
debug CLI command.
Change-Id: If7ee88a6a0dbc8e8f4555cb41e259db24e378a64
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: I1f292e6035e1ff9e7bdca8f0a9275ebd3d4d8d0a
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
New startup.conf knob:
dpdk { ... no-tx-checksum-offload ... }
Change-Id: I337fd57616dd77687300861b411b420a3cb75149
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Enhence support of DHCP VSS (Virtual Subnet Selection) to include
VSS type 0 where VSS info is a NVT (Network Virtual Terminal)
ASCII VPN ID where the ASCII string MUST NOT be terminated with a
zero byte. Existing code already support VSS type 1, where VSS
information is a RFC 2685 VPN-ID of 7 bytes with 3 bytes OUI
and 4 bytes VPN index, and VSS type 255 indicating global VPN.
Change-Id: I54edbc447c89a2aacd1cc9fc72bd5ba386037608
Signed-off-by: John Lo <loj@cisco.com>
|
|
- makes the VAPI generated file more consumable.
- VOM build times improve.
Change-Id: I838488930bd23a0d3818adfdffdbca3eead382df
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
|
|
- see draft-ietf-bier-mpls-encapsulation-10
- midpoint, head and tail functions
- supported payload protocols; IPv4 and IPv6 only.
Change-Id: I59d7363bb6fdfdce8e4016a68a9c8f5a5e5791cb
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: Id324a757517f85973097e20e2eb88d64ae0e931b
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: Id5ebb410f509ac4c83d60e48efd54e00035e5ce6
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
As per proposal on the mailing list, this patch fixes
the represntation of MAC address in VPP API calls for
· L2fib_add_del
· L2_fib_table_details
Change-Id: I31e17efd1a6314cded69666e693cb8fc33158d02
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
|
|
This introduces 5-tuple lookup tables that may be used to implement
custom session layer actions at connection establishment time (session
layer perspective).
The rules table build mask-match-action lookup trees that for a given
5-tuple key return the action for the first longest match. If rules
overlap, ordering is established by tuple longest match with the
following descending priority: remote ip, local ip, remote port, local
port.
At this time, the only match action supported is to forward packets to
the application identified by the action.
Change-Id: Icbade6fac720fa3979820d50cd7d6137f8b635c3
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
- Interactive commands like "ping" read extra input from the
input stream.
- In the case of "ping" it is simply a signal to cease the current
operation.
- "vppctl", in non-interactive mode, will issue a "quit" immediately
after the requested command to queue up closing of the session.
- This resulted in "ping" thinking a keypress was seen and returning
control to the CLI; the "quit" command however is consumed by the
keypress event handler and thus the session does not close.
- This patch reworks vppctl slightly to only issue "quit" after the
command has completed. In particular it uses the fact that VPP issues
NUL bytes as a surrogate prompt between output of commands to signal
acknowledgement that the command has completed; vppctl now flags
that the quit should be issued after the next such acknowledgement.
- Since input it still accepted, the user can still terminate the
"ping" early, if desired.
Change-Id: I7e3dbe767f32f8e364ccb5f81799759b311585df
Signed-off-by: Chris Luke <chrisy@flirble.org>
|
|
- Global variables declared in header files without
the use of the 'extern' keword will result in multiple
instances of the variable to be created by the compiler
-- one for each different source file in which the
the header file is included. This results in wasted
memory allocated in the BSS segments as well as
potentially introducing bugs in the application.
Change-Id: I6ef1790b60a0bd9dd3994f8510723decf258b0cc
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
|
|
Change-Id: Ic531d820b1846ff7363e5c396ac0b1176e87b401
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Any u8* variable created by format() is NOT null-terminated.
Add the null terminating byte with vec_terminate_c_string().
If that variable is used by (at least) hash_get_mem(), then it needs to
be null-terminated, as it will go through string_key_sum() which makes a
call to strlen.
Change-Id: I4e51e1b6668f557e53af3bb897cd281598eedbc0
Signed-off-by: Gabriel Ganne <gabriel.ganne@enea.com>
|
|
Vat supports setting value for the parameter, but
'not_last' is ignored by ip_add_del_route handler,
so can be removed.
This patch
- updates ip.api,
- removes vat handlers
- updates vpp_papi_provider.py
(also mpls_route_add_del with unused not_last)
Change-Id: Ife15de123db4bc8247103a29b90bce1988e46534
Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
|
|
This patch is a plausible first-cut, suitable for initial testing by
vcl (host stack client library).
Main features;
- recursive name resolution
- multiple ip4/ip6 name servers
- cache size limit enforcement
- currently limited to 65K
- ttl / aging
- static mapping support
- show / clear / debug CLI commands
Binary APIs provided for the following:
- add/delete name servers
- enable/disable the name cache
- resolve a name
To Do list:
- Respond to ip4/ip6 client DNS requests (vs. binary API requests)
- Perf / scale tuning
- map pending transaction ids to pool indices, so the cache
can (greatly) exceed 65K entries
- Security improvements
- Use unpredictable dns transaction IDs, related to previous item
- Make sure that response-packet src ip addresses match the server
- Add binary APIs
- deliver raw response data to clients
- control recursive name resolution
- Documentation
Change-Id: I48c373d5c05d7108ccd814d4055caf8c75ca10b7
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
- Management Address TLV is added as per IEEE Std 802.1AB-2009.
- Support of management ipv4/ipv6 addresses and OID.
Change-Id: I57c14741774390809ce5a829cc087947424432c7
Signed-off-by: Steve Shin <jonshin@cisco.com>
|
|
Applications are now provided the option to select the namespace they
are to be attached to and the scope of their attachement. Application
namespaces are meant to:
1) constrain the scope of communication through the network by
association with source interfaces and/or fib tables that provide the
source ips to be used and limit the scope of routing
2) provide a namespace local scope to session layer communication, as
opposed to the global scope provided by 1). That is, sessions can be
established without assistance from transport and network layers.
Albeit, zero/local-host ip addresses must still be provided in session
establishment messages due to existing application idiosyncrasies. This
mode of communication uses shared-memory fifos (cut-through sessions)
exclusively.
If applications request no namespace, they are assigned to the default
one, which at its turn uses the default fib. Applications can request
access to both local and global scopes for a namespace. If no scope is
specified, session layer defaults to the global one.
When a sw_if_index is provided for a namespace, zero-ip (INADDR_ANY)
binds are converted to binds to the requested interface.
Change-Id: Ia0f660bbf7eec7f89673f75b4821fc7c3d58e3d1
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Add one of these statements to foo.api:
vl_api_version 1.2.3
to generate a version tuple stanza in foo.api.h:
/****** Version tuple *****/
vl_api_version_tuple(foo, 1, 2, 3)
Change-Id: Ic514439e4677999daa8463a94f948f76b132ff15
Signed-off-by: Dave Barach <dave@barachs.net>
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Notes on this first implementation:
* First version of the implementation does NOT support GENEVE OPTIONS
HEADER: it isn't well understood what the purpose of the OPTIONS will be and/or
what content would be placed in the variable option data;
Once the IETF work will evolve and further information will be available
it could be possible to modify the frame rewrite to contemplate the
actual GENEVE OPTIONS.
Change-Id: Iddfe6f408cc45bb0800f00ce6a3e302e48a4ed52
Signed-off-by: Marco Varlese <marco.varlese@suse.com>
|
|
- Teach vpp_api_test to send/receive API messages over sockets
- Add memfd-based shared memory
- Add api messages to create memfd-based shared memory segments
- vpp_api_test supports both socket and shared memory segment connections
- vpp_api_test pivot from socket to shared memory API messaging
- add socket client support to libvlibclient.so
- dead client reaper sends ping messages, container-friendly
- dead client reaper falls back to kill (<pid>, 0) live checking
if e.g. a python app goes silent for tens of seconds
- handle ping messages in python client support code
- teach show api ring about pairwise shared-memory segments
- fix ip probing of already resolved destinations (VPP-998)
We'll need this work to implement proper host-stack client isolation
Change-Id: Ic23b65f75c854d0393d9a2e9d6b122a9551be769
Signed-off-by: Dave Barach <dave@barachs.net>
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
wildcard ND events publisher was sending the last event mutiple times
Change-Id: I6c30f2de03fa825e79df9005a3cfaaf68ff7ea2f
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
Short version: Make vppctl behave as expected when run
from scripts, or without a controlling terminal, and
especially when using it with VPP commands on its
command line ("non-interactively").
In particular, prevent the welcome banner and VPP CLI
prompt from being sent by VPP when being used in these
ways.
vppctl
------
- Improve vppctl's detection of non-interactive sessions.
- Pass non-interactiveness in the terminal type telnet option
as a value distinct from "dumb" (which means non-ANSI capable.)
- Make tty setup handling more robust.
- Only send non-interactive command once we've sent the
terminal type, to ensure correct event sequence; we need
the VPP cli session to be in line-by-line mode.
- Ignore stdin when it looks something like /dev/null.
- Skip NUL bytes received from VPP.
VPP CLI
-------
- Detect "non-interactive" terminal types and set session
parameters accordingly.
- Add an "interactive" flag that controls whether the welcome
banner and CLI prompt are sent.
- Detect if telnet options processing switched us into line
mode and act accordingly for the rest of the current input
buffer. This was causing the command string to be echoed
by the CLI editor code.
- For non-interactive sessions, send a NUL byte after the
input buffer has been processed. This is because vppctl
depends on seeing traffic before it will try to close the
session; a command with no output would cause it to hang.
NUL bytes are ignored by all decent terminals, but we have
vppctl strip them out anyway.
- Prevent certain commands from running in non-interactive
sessions since they manipulate interactive-related features.
- For interactive sessions, quench the prompt that prints on
VPP shutdown.
- Detect and handle socket errors in the CLI; sessions were
leaking.
- Pevent SIGPIPE from ever being raised; handle EPIPE instead.
We don't need VPP to die just because a socket closed just
before we try to write to it!
- Add a command to dump a list of current CLI sessions; mostly
this was to detect session leakage, but it may have some
general utility.
Change-Id: Ia147da013317180882c1d967b18eefb8519a55fb
Signed-off-by: Chris Luke <chrisy@flirble.org>
|
|
previous mechanism was emitting duplicates of last event, when handling multiple arp queries.
tests:
* arp events sent for graps
* duplicate suppression
* verify no events when disabled
Change-Id: I84adc23980d43b819261eccf02ec056b5cec61df
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
Change-Id: Ia886ff2bfa2cf33ffbaa35ec89494d4300ec2769
Signed-off-by: Jerome Tollet <jtollet@cisco.com>
|
|
Change-Id: Ie18580e05ec12291e7026f21ad874e088a712c8e
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
- added per-interface simple/combined counters
- refactored fib/nbr API to use common registration scheme
- refactored "want_stats" and "want_interface" to use
per interface registration scheme
- fixed issues with SEGV when client disconnects abruptly.
Change-Id: Ib701bd8e4105d03548259217bfc809bd738b7c72
Signed-off-by: Keith Burns (alagalah) <alagalah@gmail.com>
|
|
Add doxygen tags for show/clear commands
Change-Id: Ic939c561b15b0b720a8db1ecacc17e3d74419e1d
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: I0d74856d4fd999dd9ca5886b8375ab8dd700b8a9
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Change-Id: I8843e57105c6c29bcdaf1e6e3bf8e9caf6bfd2ec
Signed-off-by: Dave Barach <dave@barachs.net>
|