aboutsummaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2018-06-21acl-plugin: fallback to linear ACL search for fragmentsAndrew Yourtchenko2-38/+34
Trying to accomodate fragments as first class citizens has shown to be more trouble than it's worth. So fallback to linear ACL search in case it is a fragment packet. Delete the corresponding code from the hash matching. Change-Id: Ic9ecc7c800d575615addb33dcaa89621462e9c7b Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2018-06-20Nested-loop index typo. Oops.Dave Barach1-6/+6
Change-Id: I73b5a4adcfce0d7cd1dd4cf6d9d6a5fb25256bcf Signed-off-by: Dave Barach <dave@barachs.net>
2018-06-20tcp: add per worker ctx structureFlorin Coras3-54/+56
Change-Id: I28d3c31bdc4255a4ca223d80bcf44709fb39f4ed Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-06-20ipsec: VPP-1308 fix sorting of SPD entriesKlement Sekera2-10/+11
Change-Id: I761aced55b7cef51a9b47048283b2cb9430bcde2 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2018-06-20acl-plugin: acl-as-a-service: VPP-1248: fix the error if exports.h included ↵Andrew Yourtchenko10-207/+229
in more than one C file Including the exports.h from multiple .c files belonging to a single plugin results in an error. Rework the approach to require the table of function pointers to be filled in by the initialization function. Since the inline functions are compiled in the "caller" context, there is no knowledge about the acl_main structure used by the ACL plugin. To help with that, the signature of inline functions is slightly different, taking the p_acl_main pointer as the first parameter. That pointer is filled into the .p_acl_main field of the method table during the initialization - since the calling of non-inline variants would have required filling the method table, this should give minimal headaches during the use and switch between the two methods. Change-Id: Icb70695efa23579c46c716944838766cebc8573e Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2018-06-20Fix sw-if-index display error.Brant Lin1-2/+2
If the sw-if-index is set to -1, it will send out all interfaces' arp enties. In this case, the sw-if-index is always set to -1. It is not correct. Change-Id: I21e9ee078c757ac7efa70a2a1f1a7a4eb73d66a1 Signed-off-by: Brant Lin <brant.lin@ericsson.com>
2018-06-19VCL: Fix session peer and local addressesDave Wallace1-6/+20
VPP-1302: VCL does not provide local and peer addresses Change-Id: I7ff12e57799796dfeb030b181b4c24da07dc12eb Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2018-06-19Driver level time-based src mac filterDave Barach11-0/+1500
Change-Id: I062d7653e00d77e73a61d8841e01ab4a159b6404 Signed-off-by: Dave Barach <dbarach@cisco.com>
2018-06-19tcp: optimize tcp outputFlorin Coras7-172/+199
Change-Id: Idf17a0633a1618b12c22b1119e40c2e9d3192df9 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-06-19tcp: optimize tcp inputFlorin Coras1-134/+204
Change-Id: Ib98cfc93f6c574de5250f251925f7ed4e86f5f6f Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-06-19Check get packet template allocation failure (VPP-1321)John Lo5-0/+24
After calling vlib_packet_template_get_packet(), make sure packet buffer is allocated before using it. Change-Id: Idb5199f4e2c9596137b2101e502d611f474a6ffe Signed-off-by: John Lo <loj@cisco.com>
2018-06-19VCL: refactor async & spinlocksDave Wallace5-544/+577
- Consolidate async code. - Add macros for spinlocks to improve readability. Change-Id: I2e0fd2b82ea76987aaf298a183d816c7d2ee0867 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2018-06-19ip checksum multiarch support, cleanupDave Barach2-109/+91
When computing tcp/udp checksums across large amounts of data - e.g. when NIC h/w checksum offload is not available - it's worth providing arch-dependent code; if only to compile the code w/ -O3. Fix calculation when data is fully unaligned / on an odd byte boundary. Add a buffer alignment test vector. Change-Id: I7644e2276ac6cbc3f575bf61746a6ffedbbb6150 Signed-off-by: Dave Barach <dave@barachs.net>
2018-06-19Fixed bugs in SRv6 APIPablo Camarillo5-75/+243
Jira ticket VPP-1196 Jira ticket VPP-1081 Jira ticket VPP-1078 Jira ticket VPP-1217 Change-Id: Id7e85229cae1017acb0aa4ca63ced334e6dafb8d Signed-off-by: pcamaril <pcamaril@cisco.com> Signed-off-by: Pablo Camarillo <pcamaril@cisco.com> Signed-off-by: pcamaril <pcamaril@cisco.com> Signed-off-by: Michal Cmarada <michal.cmarada@pantheon.tech>
2018-06-19flow:free lookup entries after packets are handledeyal bari3-13/+36
Change-Id: I737dad64bf6dd0743d36500d5cfa1cb1a6594b98 Signed-off-by: Eyal Bari <ebari@cisco.com>
2018-06-18Revert "Python API: Add enum and union support."Ole Trøan5-542/+309
This reverts commit a5ee900fb75201bbfceaf13c8bc57a13ed094988. Some of the unit tests breaks. Backing out until fixed. Change-Id: I1846fb417db44a2a772f7b59cda8bcfe6d39f8c3 Signed-off-by: Ole Troan <ot@cisco.com>
2018-06-17Python API: Add enum and union support.Ole Troan5-309/+542
As well as a rewrite of the encoders/decoders to make it more readable and extensible. Change-Id: I253369ac76303922bf9c11377622c8974fa92f19 Signed-off-by: Ole Troan <ot@cisco.com>
2018-06-17acl-plugin: fix the high cpu usage caused by the connection cleanerAndrew Yourtchenko1-1/+2
The commit 4bc1796b346efd10f3fb19b176ff089179263a24 had incorrect calculation of the session lists minimal timeout, resulting in returned value of 0 which resulted in existing sessions constantly requeued, taking up the CPU. Fix this calculation. Change-Id: I9a789739f96a1f01522c68f91b0a02db2417837f Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2018-06-17acl-plugin: split (L3) and (L4/pkt) logic of creation of 5tuple structure, ↵Andrew Yourtchenko1-46/+70
optimize stores in the (l4/pkt) Having two pieces of code - one for now much simpler to recreate L3 info, one for a more difficult do build L4/pkt metadata allows more degrees of freedom for optimizations. Also, construct the metadata in local variables first before saving it into the memory structure, this fewer memory stores and they are better aligned, allowing to coalesce with subsequent reads if needed. Change-Id: Icb35d933834b14294f875362c9b58db3feb38d99 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2018-06-16NAT44: fix coverityMatus Fabian1-1/+1
Change-Id: Ib1e4563dbc027571c77497e5c190201713adc72b Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-06-15STATS: Separate socket for fd exchange.Ole Troan6-252/+98
stats { interval <no> socket-name <name> | default } Where the default socket is in /run/vpp/stats.sock Change-Id: Idd501b328c662804d4ccd58034b0ea6b8aa1f89a Signed-off-by: Ole Troan <ot@cisco.com>
2018-06-15STATS: Add more hierarchy to counters.Ole Troan5-44/+44
Put error counters under node_index. /err/<node-name>/<error-name> E.g: /err/ip4-lookup/Hash table collisions /err/ip6-rewrite/Buffer allocation error Error names are not globally unique, and this allows for walking all errors for a particular node. Put interface counters under the directory /if. E.g. /if/rx Put system counters under the directory /sys. E.g. /sys/vector_rate Change-Id: I5b794d16698f61bcb2063a8cd77a7c4ae36419b8 Signed-off-by: Ole Troan <ot@cisco.com>
2018-06-15avf: tx node fixesDamjan Marion1-9/+9
- missing RSV bit set in descriptor - wrong buffer offset Change-Id: I8b138266652a30a50e4541c6344e4fe3dec4d1ca Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-06-15Update DHCPv6 DUID code and fix coverity warningsJuraj Sloboda5-39/+85
- Generate client DUID only when DHCPv6 PD feature is enabled - Change client DUID type from DUID-LLT to DUID-LL - Fix coverity warnings Change-Id: I20e518fc9a1c5f3f7ea9add7e7e03a487c99e978 Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2018-06-15NAT44: endpoint dependent mode (VPP-1273)Matus Fabian9-1454/+3499
To enable NAT plugin endpoint dependent mode add following to statrup config: nat { endpoint-dependent } Enable endpoint dependent filtering and mapping for all sessions. Move some existing functionality such as service load balancing, twice nat, out2in-only static mappings and unknown protocol dynamic translations, which use endpoint dependent lookup hash tables before. Basically split to vanilla NAT44 and extra features NAT44. Change-Id: I3925eb5ddcc8f1ec4cf6af4e2a618a7ec7aa9735 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-06-15TLS async supportPing Yu6-24/+747
Change-Id: I26194e00dfb85e5cd1c65ff4e6ffd665be2d719b Signed-off-by: Ping Yu <ping.yu@intel.com>
2018-06-14Fix SEGV in generic event sub reaperMatthew Smith1-1/+1
When a client subscribed to receive events disconnects from the API, while deleting their subscription, a hash lookup was being performed against a pointer that did not refer to a hash, resulting in a SEGV. Perform the hash lookup against the correct hash. Change-Id: I011d7479e2c3b9ee50721cf7499385c3ff7f704a Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2018-06-14Use __attribute__((weak)) references where necessaryDave Barach5-17/+25
It should be possible to use vlib without the vlibmemory library, etc. Change-Id: Ic2316b93d7dbb728fb4ff42a3ca8b0d747c9425e Signed-off-by: Dave Barach <dave@barachs.net>
2018-06-14Add clib_bihash_search_inline_2_with_hash to bihash templateAndrew Yourtchenko1-5/+15
Use similar approach as in the clib_bihash_search_inline_with_hash to be able to do the hash calculation and lookup separately. Change-Id: Ief79aa0f9f1e42b0af88be4807ca01fac30a80d7 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2018-06-14Use unicast DMAC for IP neighbor pool refresh probesJohn Lo7-15/+28
Change-Id: I12fbebd1d24c37dc77c147773ea522c8a4b7b99d Signed-off-by: John Lo <loj@cisco.com>
2018-06-14acl-plugin: VAT: add an option to load entire ACL from a ClassBench ruleset ↵Andrew Yourtchenko1-0/+190
file for testing Add a command "acl_add_replace_from_file" to VAT which can load a ruleset and add an ACL with it. There are a few options which augment the ACL being created: "permit+reflect" or "permit" alter the default action from deny on the ACEs created. "append-default-permit" adds an entry in the end with the "permit+reflect" if the default action has been changed to permit+reflect, or with a simple permit otherwise. This command is IPv4-only because the available datasets were IPv4-only. Change-Id: I26b9f33ecb6b59e051d1d9cbafedbc47e8203392 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2018-06-14vxlan:use VLIB_NODE_FN for multiarch selectionEyal Bari1-17/+1
Change-Id: Ic98945fa1ffcc73e0b239ff5cc11d45e7318613e Signed-off-by: Eyal Bari <ebari@cisco.com>
2018-06-14MTU: IP fragmentation added to ip4-rewrite and ip6-rewriteOle Troan3-15/+56
Change-Id: Ibae260273f25a319153be37470aed49ff73e957a Signed-off-by: Ole Troan <ot@cisco.com>
2018-06-14acl-plugin: use 16_8 bihash for IPv4 sessions and 40_8 bihash for IPv6 sessionsAndrew Yourtchenko7-84/+165
Add a new kv_16_8 field into 5tuple union, rename the existing kv into kv_40_8 for clarity, and add the compile-time alignment constraints. Change-Id: I9bfca91f34850a5c89cba590fbfe9b865e63ef94 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2018-06-13Disable bihash bucket-level cachingDave Barach3-3/+3
It'll be interesting to see what the perf trend job says about this change. Change-Id: I66307a19a865011ac9660108098874fa1481c895 Signed-off-by: Dave Barach <dave@barachs.net>
2018-06-13Stat segment / client: show run" works nowDave Barach14-83/+338
Seems to have minimal-to-zero performance consequences. Data appears accurate: result match the debug CLI output. Checked at low rates, 27 MPPS sprayed across two worker threads. Change-Id: I09ede5150b88a91547feeee448a2854997613004 Signed-off-by: Dave Barach <dave@barachs.net>
2018-06-13acl-plugin: change the src/dst L3 info in 5tuple struct to be always ↵Andrew Yourtchenko6-97/+156
contiguous with L4 data Using ip46_address_t was convenient from operational point of view but created some difficulties dealing with IPv4 addresses - the extra 3x of u32 padding are costly, and the "holes" mean we can not use the smaller key-value data structures for the lookup. This commit changes the 5tuple layout for the IPv4 case, such that the src/dst addresses directly precede the L4 information. That will allow to treat the same data within 40x8 key-value structure as a 16x8 key-value structure starting with 24 byte offset. Change-Id: Ifea8d266ca0b9c931d44440bf6dc62446c1a83ec Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2018-06-13add end of string for format name in unix_physmem_region_alloclollita liu1-1/+1
Change-Id: I8cb4d5d90fb321de6e5037a3d0440507db79ec75 Signed-off-by: lollita liu <lollita.liu@ericsson.com>
2018-06-13cli: 'restart' should close open files (VPP-1068)Chris Luke1-2/+17
- On 'restart' close all registered files (except stdio) so that the new process has a clean start; in particular, CLI sockets, API sockets, tun/af_packet etc descriptors all need to close so they're not left open but unused by the new VPP process. To do this we iterate all the files registered for the polling mechanism and close() them.[1] - While we're here, retain the original environment on 'restart'; several things make use of it. [1] An alternative mechanism would be to mark all files with CLOEXEC on opening; I think that is a little fragile for this fairly esoteric use case. Change-Id: I81b4e261c4d3c4e2948981231be899824dd4e69f Signed-off-by: Chris Luke <chrisy@flirble.org>
2018-06-13Fix clang compilation on aarch64: extraneous parenthesesSirshak Das1-6/+16
Fixes clang error: equality comparison with extraneous parentheses Changing all the #defines to inlines. Change-Id: I30a931679ac3325b23b249b1ae28c7c8cf54b012 Signed-off-by: Sirshak Das<sirshak.das@arm.com>
2018-06-13vxlan:offload RX floweyal bari8-7/+701
ip4 vxlan cli/api (using flow infra) to create flows and enable them on different hardware (currently tested with i40e) to offload a vxlan tunnel onto hw: set flow-offload vxlan hw TwentyFiveGigabitEthernet3/0/0 rx vxlan_tunnel1 to remove offload: set flow-offload vxlan hw TwentyFiveGigabitEthernet3/0/0 rx vxlan_tunnel1 del TODO:ipv6 handling Change-Id: I70e61f792ef8e3f007d03d7df70e97ea4725b101 Signed-off-by: Eyal Bari <ebari@cisco.com>
2018-06-12avf: fix crash if device is busyJakub Grajciar1-1/+8
Change-Id: I170d78c8e5f7e16a264c9f226a09693109aece5e Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
2018-06-12tcp: add close-wait state flagsFlorin Coras1-0/+1
Change-Id: I35508d5251633396393f52842d1b58bc1c1463f6 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-06-12MTU assigning to itself (Coverity)Ole Troan1-4/+0
Change-Id: Iee8de25ab3c68ae3698c79852195dc336050914c Signed-off-by: Ole Troan <ot@cisco.com>
2018-06-11tcp: cleanup connection/session fixesFlorin Coras11-50/+81
- Cleanup session state after last ack and avoid using a cleanup timer. - Change session cleanup to free the session as opposed to waiting for delete notify. - When in close-wait, postpone sending the fin on close until all outstanding data has been sent. - Don't flush rx fifo unless in closed state Change-Id: Ic2a4f0d5568b65c83f4b55b6c469a7b24b947f39 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-06-11udp: fix for multiple workers and add testFlorin Coras5-7/+24
Since the main thread is not used for session polling anymore, when vpp is started with multiple wokers, allocate connections on the first. Also add a simple udp make test. Change-Id: Id869f5d89e0fced51048f0384fa86a5022258b7c Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-06-11MTU: Software interface / Per-protocol MTU supportOle Troan30-145/+346
This patch separates setting of hardware interfaec and software interface MTU. Software MTU is L2 payload MTU (i.e. not including L2 header). Per-protocol MTU for IPv4, IPv6 and MPLS can also be set. Currently only IP4, IP6 are enabled in adjacency / rewrite code. Documentation in src/vnet/MTU.md Change-Id: Iee2fd6f0bbc8210748dd8e073ab9fab87d323690 Signed-off-by: Ole Troan <ot@cisco.com>
2018-06-11Fix multiple NAT translation with interface address as externalAlexander Chernavin1-4/+4
Change-Id: Idd65c6d0489bf83984a2c34d22d3f94000fc7018 Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2018-06-10IGMP: use simple u32 bit hash keyNeale Ranns3-18/+15
some IGMP hashse use only a u32 key, which is not stored in the object, so don't use memory based hash Change-Id: Iaa4eddf568ea0164bc2a812da4cc502f1811b93c Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-06-10cli: Disable XON/XOFF in the ttyChris Luke1-0/+4
- CLI history forward-search is bound to ^S which is common, but that is also the tty's default control byte to pause output. So we disable XON/XOFF in the tty so that we can use ^S. Change-Id: I61717c77a11733d64eed7f8119677e7cd2e20029 Signed-off-by: Chris Luke <chrisy@flirble.org>