aboutsummaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2017-06-15acl-plugin: store sessions in a single hash table instead of a per-interfaceAndrew Yourtchenko4-22/+39
A bihash-per-interface is convenient, but turns out tricky difficult from the maintenance standpoint with the large number of interfaces. This patch makes the sessions reside in a single hash table for all the interfaces, adding the lower 16 bit of sw_if_index as part of the key into the previously unused space. There is a tradeoff, that a session with an identical 5-tuple and the same sw_if_index modulo 65536 will match on either of the interfaces. The probability of that is deemed sufficiently small to not worry about it. In case it still happens before the heat death of the universe, there is a clib_warning and the colliding packet will be dropped, at which point we will need to bump the hash key size by another u64, but rather not pay the cost of doing that right now. Change-Id: I2747839cfcceda73e597cbcafbe1e377fb8f1889 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-06-14Fix session api connect sock handler.Dave Wallace1-1/+10
Change-Id: I034efb9fc3ebb846c0aef07b18c1f110b8cbf3e3 Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2017-06-14acl-plugin: shrink the L2 classifier tables used for traffic redirectAndrew Yourtchenko1-17/+17
The previous iteration of the code used the L2 classifier tables for session storage, as a result, the table allocations were pretty big. The new ACL plugin datapath uses the tables just as a redirection mechanism, without adding any entries. Thus, the tables can be much smaller. Change-Id: Ieec4a5abf0abda6e513ab4e675f912f14d47e671 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-06-14VPP-874: fix coverity warnings in tw_timer_template.cDave Barach1-4/+4
Best guess, tested carefully, should do no harm. Clang doesn't complain either way; it's not certain that this patch will make the coverity warnings in tw_timer_template.c disappear. Change-Id: I75aa0cfd8970751e823a1165df2a755e947c4cf9 Signed-off-by: Dave Barach <dave@barachs.net>
2017-06-14ETH:fix l2_len/vlan count mismatch for > 2 tagsEyal Bari3-16/+7
l2_len was not updated for the third tag as the ethernet node retracts by the vlan count after parse_header (using ethernet_buffer_header_size) it ends up pointing before the ethernet header + some minor cleanups Change-Id: I4ccaedd33928912e5d837376f146503b27071741 Signed-off-by: Eyal Bari <ebari@cisco.com>
2017-06-13FIB walk process - wake-up rate unnecessarily highNeale Ranns1-1/+11
Change-Id: I7dedf283c83c7f0e0b7642f095b68bc0b40898cf Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-06-13SNAT: fix 1:1 NAT without port hairpinning TCP checksum updateMatus Fabian1-0/+10
Change-Id: I5077fcf3671a6116b475f87e43120efc10ecaa08 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-06-13memif: fix crash during interface deleteDamjan Marion1-0/+4
Change-Id: Ide6d26d6fcc81be6f26ac0abe2cd0d6a0838cfe6 Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-06-12L2FIB:fix crash in show with deleted subif entriesEyal Bari1-4/+7
after deleting a sub interface it's l2fib entries are left with a dangling sw_if_index (while waiting for the ager to delete them). changed "show l2fib" to reflect that state with "Deleted" as the interface name. added sleep in test_l2_fib as a workaround for packets still passing after flush will investigate... Change-Id: Id998d7d3c6a073ef5005c5f3009e1cfb7febf7db Signed-off-by: Eyal Bari <ebari@cisco.com>
2017-06-12three-level timer wheel implementation w/ overflow vectorDave Barach13-77/+1331
prep work for s/timing_wheel/tw_timer/ in the vlib process model Change-Id: I763f4968a8fce1764a3778b12def0afbd30086b1 Signed-off-by: Dave Barach <dave@barachs.net>
2017-06-12memif: complete refactor of socket handling codeDamjan Marion11-1146/+1796
Change-Id: I4d41def83a23f13701f1ddcea722d481e4c85cbc Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-06-12Fix build breakge post 6956Neale Ranns1-0/+2
Change-Id: I0ab0e3e40b00ed5c2a34f5c23d04b596c1e9aa5f Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-06-12NAT64: bug fixMatus Fabian2-6/+29
ICMP to ICMPv6 error message inner UDP packet translation delete ST entries when deleting static BIB entry Change-Id: I2a28631ac040e20827a692331506cd8254f70916 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-06-12Remove calls to crc_u32 and add clib_crc32c for armv8+crcChristophe Fontaine6-92/+61
crc_u32 was not defined for non x86_64 with SSE4.2 processors. Calls to "crc_u32" are removed and replaced by either a call to clib_crc32c or a call to clib_xxhash, as the result is not used as a check value but as a hash. Change-Id: I3af4d68e2e5ebd0c9b0a6090f848d043cb0f20a2 Signed-off-by: Christophe Fontaine <christophe.fontaine@enea.com>
2017-06-12NAT64: coverity fixMatus Fabian1-2/+14
Change-Id: I08544b2f06f993c8a6435901232a0616d0548b94 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-06-12Fix coverity issueFilip Tehlar1-0/+1
Change-Id: Ib62ee0eacd6c91dc4cd95835efe901079754ef42 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-06-10MPLS: cannot delete a path from the CLINeale Ranns1-13/+25
Change-Id: I7f85870ef99405727312a5de6839c8875c9fa1c5 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-06-09Fix gpe coverity issue (VPP-874)Florin Coras1-3/+8
Change-Id: I70fb60619a0a02d891276ea6c7ac277ba2b26fa3 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-06-09Implement sack based tcp loss recovery (RFC 6675)Florin Coras17-409/+973
- refactor existing congestion control code (RFC 6582/5681). Handling of ack feedback now consists of: ack parsing, cc event detection, event handling, congestion control update - extend sack scoreboard to support sack based retransmissions - basic implementation of Eifel detection algorithm (RFC 3522) for detecting spurious retransmissions - actually initialize the per-thread frame freelist hash tables - increase worker stack size to 2mb - fix session queue node out-of-buffer handling - ensure that the local buffer cache vec_len matches reality - avoid 2x spurious event requeues when short of buffers - count out-of-buffer events - make the builtin server thread-safe - fix bihash template threading issue: need to paint -1 across uninitialized working_copy_length vector elements (via rebase from master) Change-Id: I646cb9f1add9a67d08f4a87badbcb117980ebfc4 Signed-off-by: Florin Coras <fcoras@cisco.com> Signed-off-by: Dave Barach <dbarach@cisco.com>
2017-06-09Sample plugin: Add sample plugin documentationRay Kinsella2-7/+89
Added some user documentation to sample plugin. Change-Id: I518910f80499307e8fcac8dcef7baaeab5ea8e35 Signed-off-by: Ray Kinsella <ray.kinsella@intel.com>
2017-06-09acl-plugin: wrap a verbose debug message in the appropriate conditionalAndrew Yourtchenko1-0/+2
Change-Id: Ibd57cb617642e42d4c4d64f186479702b8a81900 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-06-09dpdk: fix ipsec coverity warningSergio Gonzalez Monroy1-2/+2
CID 170475 Change-Id: I9748dd56bdcb62e68d8f672e5b1619a3be400b8f Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
2017-06-09NAT64: ICMP error supportMatus Fabian6-23/+207
Added ICMP error messages translation. Added check for multi thread (not supported yet, so init failed). Added API definition for custom NAT64 refix. Change-Id: Ice2f04631af63e594aecc09087a1cf59f3b676fb Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-06-08LISP: add NSH supportFilip Tehlar15-44/+826
Change-Id: I971c110ed126f1a24a963f9d3b88cf8f8c308816 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-06-08acl-plugin: remove clib_warnings on plugin initAndrew Yourtchenko1-3/+0
Change-Id: Ic3c9a914a588824b8abd6668961f731432083c4f Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-06-08Add gpe native-forward static route supportFlorin Coras5-16/+402
Change-Id: I744e7d64d94dbb302f2c1246663480f720672ee2 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-06-08P2P Ethernet - APIPavel Kotucek8-6/+442
API for P2P Ethernet feature Change-Id: Id0280f42b9ce2428262e79c4dc309595037cd10e Signed-off-by: Pavel Kotucek <pkotucek@cisco.com>
2017-06-08NAT64: Add NAT64 support for snat plugin (VPP-699)Matus Fabian12-11/+3676
Basic NAT64 feature (no hairpinning, no multi-thread). Change-Id: I392fccbce93e70c117f4a9a7ec7cf08d6c537f2d Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-06-07Small update to session APIFlorin Coras2-1/+5
Change-Id: I6a566d1dc9531b790bdcb00edc73516f86daeb72 Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-06-07VPP-874: fix coverity warning in vnet_classify.cDave Barach1-1/+1
Change-Id: Icffd2862eadbe9ddfb3ee34f3cb19c9324b3d9b4 Signed-off-by: Dave Barach <dave@barachs.net>
2017-06-07acl-plugin: add a plugin-specific control-ping message api and make the test ↵Andrew Yourtchenko4-1/+75
code use it This fixes the undesirable pause in the dump commands in case there is nothing to dump. Change-Id: I0554556c9e442038aa2a1ed8c88234f21f7fe9b9 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-06-07acl-plugin: make the ACL plugin multicore-capableAndrew Yourtchenko5-207/+912
Add the logic to be able to use stateful ACLs in a multithreaded setup. Change-Id: I3b0cfa6ca4ea8f46f61648611c3e97b00c3376b6 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-06-07VPP-873: fix vector expansion bug in dispatch_pending_nodeDave Barach1-13/+27
The main interior graph-node dispatch loop had a longstanding dangling vector element reference: for (i = 0; i < _vec_len (nm->pending_frames); i++) cpu_time_now = dispatch_pending_node (vm, nm->pending_frames + i, cpu_time_now); Passing a pointer to a vector element (nm->pending_frames + i) has considerable comedic potential if there's any chance that the vector could expand. dispatch_pending_node() calls dispatch_node(), and indirectly any interior graph node dispatch function. If that node happens to expand nm->pending_frames by filling in a new frame, nm->pending_frames can expand. After calling the node dispatch function, dispatch_node() does the following: nf = vec_elt_at_index (nm->next_frames, p->next_frame_index); If nm->pending_frames expands during dispatch function execution, p is a dangling reference to freed memory. By luck, the TCP stack managed to allocate a fresh frame which included "old-p," which caused p->next_frame_index to be filled with the new-frame poison pattern 0xfefefefe. This has been broken from day 1, summer 2007, first use of the third-generation vector processing library. Change-Id: Ideb6363bb060c4e8bf9b901882c318bd83853121 Signed-off-by: Dave Barach <dave@barachs.net>
2017-06-07VPP-872 and End.T function for SRv6Pablo Camarillo3-126/+183
Fixes VPP-872 and adds support for End.T Change-Id: I3c32cb6e412f37babe1abd293c0b6b49367fc2a9 Signed-off-by: Pablo Camarillo <pcamaril@cisco.com>
2017-06-07acl-plugin: fix coverity error in acl_test.cAndrew Yourtchenko1-2/+2
Attempting to supply within a VAT CLI to add the ACLs a rule count override with no rules to add would result in null pointer dereference as we attempt to copy those rules to the message. Add the check to avoid copy if the source pointer is null (i.e. if there are no rules to copy from). This commit fixes coverity errors 166797 and 166792. Change-Id: Icabe060d961ba07dc41f63b8e17fca12ff82aa29 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2017-06-07dpdk: ipsec fixesSergio Gonzalez Monroy2-43/+43
- Fix buffer trace from esp_decrypt node - Fix VLIB_REGISTER_NODE macro format - Remove unnecessary code since we do not reconfigure graph unless requirements are met Change-Id: Ic1c2afffb8265e40a6ced0c8a58775c05fadc9e2 Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
2017-06-07dpdk: fix ipsec coverity warningsSergio Gonzalez Monroy1-2/+3
CID 161044 and 161045 Change-Id: I50a450e231e387f05e354e3b07dc777ab864d018 Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
2017-06-07Add support for memif API to VAT.Milan Lenco2-0/+364
Change-Id: I01dc439fc84f9213e55ba56982eff34474637115 Signed-off-by: Milan Lenco <milan.lenco@pantheon.tech>
2017-06-06Fix coverity error in IP4 Mtrie.Neale Ranns1-4/+4
Change-Id: I586a758a8b4b0ea5ca030b2df2796f5acb49e154 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-06-06Packets recieved on VLAN-0 map to the main interfaceNeale Ranns2-164/+32
Change-Id: I21b1ad39275495d4d006023b58f630a213445854 Signed-off-by: Neale Ranns <nranns@cisco.com>
2017-06-06Fix coverity issueFilip Tehlar1-0/+3
Change-Id: I5f7dc38beb96b600be67599049f951d8a17ff8da Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-06-06Rework vxlan-gpe to support FIB 2.0 and bypass modeHongjun Ni9-87/+1169
Change-Id: I0324f945bdb4dd3b19151be6f3ce24a47a000104 Signed-off-by: Hongjun Ni <hongjun.ni@intel.com>
2017-06-06Fix lisp map-notify parsingFlorin Coras1-0/+1
Change-Id: Ib22ffee3d8ac63af171d032c2ffcb44a2e42400c Signed-off-by: Florin Coras <fcoras@cisco.com>
2017-06-06vlib: add screen-256color CLI terminal typeDamjan Marion1-0/+1
Change-Id: Ia78e69e5e8ed18020314aef321b94ac37037799b Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-06-05vlib: add unix_file_del_by_index functionDamjan Marion1-0/+8
Change-Id: I9eca5f9d1c1ae62d5ba5fb36f2f97434dbaf334e Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-06-05vppinfra: fix vec_validate_init_empty_aligned macroDamjan Marion1-1/+1
Change-Id: Ieafd00c7d03fe5c090808c7af4aa2f86974a092e Signed-off-by: Damjan Marion <damarion@cisco.com>
2017-06-05SNAT: fix ICMP hairpinningMatus Fabian1-1/+67
Change-Id: I9d63133bd1db72917571ade868040c4597c896a1 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2017-06-05More GCC-7 errorsMarco Varlese2-0/+4
The Wmaybe-uninitialized is the new error included with Wall. This patch addresses the warning and fixes it. Change-Id: I8fdf9ff2d236c46b717024a14874fbbbad8af303 Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2017-06-05LISP-GPE: return index of newly created fwd entry, VPP-868Filip Tehlar5-3/+53
Change-Id: I4fc45097cb994ab6a59503d9fcfb693d1c7ec442 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2017-06-05LISP: fix GPE entry dump, VPP-871Filip Tehlar1-5/+5
Change-Id: Ifcd6d2caecce29c8b4605d06b9df82b36a403e74 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>