aboutsummaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2022-05-13flowprobe: add support for reporting on inbound packetsAlexander Chernavin7-91/+441
Type: feature Currently, the plugin supports only IPFIX flow record generation for outbound packets. With this change: - add a new API message for enabling the feature on an interface that accepts direction (rx, tx, both); - update existing debug command for feature enabling to accept direction; - update existing debug command for showing currently enabled feature on interfaces to display direction; - update templates to include a direction field; - generate flow records on the specified direction and data path; - report direction in flow data; - update tests to use the new API; - add tests for inbound flows. Change-Id: I121fd904b38408641036ebeea848df7a4e5e0b30 Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2022-05-12pnat: add support to wildcard IP Protocol field if not specifiedFahad Naeem4-4/+39
- add pnat_binding_add_v2 which explicitly requires match mask to set to PNAT_PROTO if we want to match on IP Protocol - fix pnat_binding_add backward compatibility i.e. no need to set match mast to PNAT_PROTO Type: improvement Signed-off-by: Fahad Naeem <fahadnaeemkhan@gmail.com> Change-Id: I5a23244be55b7d4c10552c555881527a4b2f325f
2022-05-11api: revert the changes to atexit for shared memory clientAndrew Yourtchenko1-1/+1
2ca88ff97884ec9ed20a853b13cee6d86f9c9d0f introduced the change into the shared memory atexit, which breaks IPSec tests in some environments. Type: fix Fixes: 2ca88ff97884ec9ed20a853b13cee6d86f9c9d0f Change-Id: Ia132cb045e8d66f55e41d29cffdca3458d61096d Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
2022-05-11dpdk: clear the RTE_MEMPOOL_F_NON_IOMohammed Hawari1-0/+3
This mempool flag should be cleared when the mempool is populated, to reproduce the behaviour of rte_mempool_populate_iova in DPDK 22.03 Change-Id: I4c0e07efca9df2e472e8e393689127c01cf66da2 Signed-off-by: Mohammed Hawari <mohammed@hawari.fr> Type: fix Fixes: 2f132efc3cafde5a0dd01ef8a91606528970cdf7
2022-05-10tests: replace pycodestyle with blackKlement Sekera43-3989/+4955
Drop pycodestyle for code style checking in favor of black. Black is much faster, stable PEP8 compliant code style checker offering also automatic formatting. It aims to be very stable and produce smallest diffs. It's used by many small and big projects. Running checkstyle with black takes a few seconds with a terse output. Thus, test-checkstyle-diff is no longer necessary. Expand scope of checkstyle to all python files in the repo, replacing test-checkstyle with checkstyle-python. Also, fixstyle-python is now available for automatic style formatting. Note: python virtualenv has been consolidated in test/Makefile, test/requirements*.txt which will eventually be moved to a central location. This is required to simply the automated generation of docker executor images in the CI. Type: improvement Change-Id: I022a326603485f58585e879ac0f697fceefbc9c8 Signed-off-by: Klement Sekera <klement.sekera@gmail.com> Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2022-05-10nat: improve icmp type detection performanceKlement Sekera1-12/+10
Replace code with branchless code. Type: improvement Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: Ic38a20ad33483c1c26f90a927f8b963b0ead4a87
2022-05-10ip: reassembly: add documentationKlement Sekera1-0/+221
Type: docs Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I23008cde47d8b7a531346eab02902e2ced18742a
2022-05-10ip: fix buffer leaks in reassemblyKlement Sekera2-29/+32
Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I952ba7e042779855e29628d048da7edec1caaafd
2022-05-09vhost: memory leak upon deleting vhost-user interfaceSteven Luong1-3/+1
We allocate vring_spinlock for all vrings in the vui, not just the ones being used. So when we free the vui, we have to free vring_spinlock for all vrings, not just the one being used. Type: fix Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I3951fda71ce6e11474b04302116ea9e08b404758
2022-05-08devices: fix crash on invalid interfaceGabriel Ganne1-2/+5
Type: fix A simple "create host-interface name xxx" is enough to trigger the bug: The interface is not found, and we goto error with apif=NULL Signed-off-by: Gabriel Ganne <gabriel.ganne@gmail.com> Change-Id: I2f894176d39b3d15efab054dc7340e7a0600a2e8
2022-05-06session: fix session cli maybe parse wrong args if executed in filesXiaoming Jiang3-29/+69
Type: fix Signed-off-by: Xiaoming Jiang <jiangxiaoming@outlook.com> Change-Id: Id19a52df4f237cf5d85d305fdc279ab7df2d6f4b
2022-05-06stats: add vlib_stats_free_string_vectorDamjan Marion2-0/+8
Type: improvement Change-Id: Ifa9f908b24b5fe867826601d32eeb4f0d639fbeb Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-05-06vppinfra: free vector against its heapDamjan Marion1-1/+1
Type: fix Change-Id: Ie292ee56dd5265a56ef472554aaf086e61da7089 Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-05-06stats: strings in string vector are c stringsDamjan Marion1-0/+1
Type: fix Change-Id: I9cf9376f2813f7bceecc6a9d714dcb98df77615d Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-05-05rdma: two small improvements for rdma interfaceJieqiang Wang2-5/+5
- fix branch prediction for checking rdma ERROR flag - add the missing right angle bracket to help message Type: improvement Signed-off-by: Jieqiang Wang <jieqiang.wang@arm.com> Reviewed-by: Lijian Zhang <lijian.zhang@arm.com> Reviewed-by: Tianyu Li <tianyu.li@arm.com> Change-Id: I2ce667631b3e3f60939069e2a16ddba0ff12a695
2022-05-05vat2: fix argument parsingDave Wallace1-20/+19
Type: fix Signed-off-by: Dave Wallace <dwallacelf@gmail.com> Change-Id: I6d40ce90330d644469937a24eec47ea5bd5b649b
2022-05-05policer: output interface policerStanislav Zaikin5-24/+140
Type: improvement Change-Id: Ibc1b5059ed51c34334340534e9eb68121f556bce Signed-off-by: Stanislav Zaikin <zstaseg@gmail.com>
2022-05-05udp: remove buggy assert in udp encapBenoît Ganne1-2/+0
It looks like in a distant past we were using a vnet_rewrite but this no longer the case. Type: fix Change-Id: Ib8d336aec7d5abd7749f543739f531144e76e551 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2022-05-04tls: free app session if connect notify refusedFlorin Coras1-2/+2
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Iee6784c37a835b49d962ae6f87c279cbe65dde15
2022-05-04vhost: use_custom_mac set in create_vhost_user_if_v2Fahad Naeem1-0/+1
Type: fix set use_custom_mac for args in create_vhost_user_if_v2 API Add testcase for custom mac-address Signed-off-by: Fahad Naeem <fahadnaeemkhan@gmail.com> Change-Id: Iac64d818e0f1e6d36187fe769ee33d202aaafd05 Signed-off-by: Fahad Naeem <fahadnaeemkhan@gmail.com>
2022-05-03ipsec: support per next-header next-nodesBenoît Ganne3-36/+100
Type: feature Change-Id: I940b6c9d206e407f3e17d66c97233cd658984e61 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2022-05-02vapi: support api clients within vpp processOle Troan8-58/+653
Add vapi_connect_from_vpp() and vapi_disconnect_from_vpp() calls to allow API clients from within VPP process. Add a new memclnt_create version that gives the user a knob to enable or disable dead client scans (keepalive). Type: feature Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: Id0b7bb89308db3a3aed2d3fcbedf4e1282dcd03f Signed-off-by: Ole Troan <ot@cisco.com>
2022-05-02dhcp: fix dhcp_compl_eventJing Peng1-3/+5
This patch fixes two problems: 1. The lease field in the dhcp_compl_event message can include a list of vl_api_domain_server_t structs, but no memory is allocated for it. 2. The DNS server address is not copied properly, resulting in wrong IP4 addresses in the event message. Type: fix Signed-off-by: Jing Peng <pj.hades@gmail.com> Change-Id: I42c533e7af697568c69714011d983f88368a7e15
2022-04-29build: use env to find bash pathDamjan Marion1-1/+1
Type: make Change-Id: I9f87134ac05d99051888024f889f05dae8e3feec Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-04-29vppinfra: fix clib_mem_destroyDamjan Marion1-2/+1
Passing wrong pointer to clib_mem_vm_unmap... Type: fix Change-Id: I1f695d77bc45d9a6de3a4a3da1fbe6faebdad15e Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-04-28wireguard: Document wireguard async mode defaultJon Loeliger1-2/+2
Type: improvement Signed-off-by: Jon Loeliger <jdl@netgate.com> Change-Id: I446eb86c097d1bf99f05ee47f1c550689d70ced2
2022-04-28af_xdp: more meaningful frame_size error messageBenoît Ganne1-0/+14
Type: improvement Change-Id: If3a83848ae0741334887c654b65e424b99caa73c Signed-off-by: Benoît Ganne <bganne@cisco.com>
2022-04-28session: fix coverity warningFlorin Coras1-1/+1
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I67f5a2c8902dd14c09472c25599b3b1b493a6948
2022-04-27vapi: Fix build when directory contains @Renato Botelho do Couto2-2/+3
During build some header guards are created based on full path where build is happening. If one directory contains @ character build breaks because compiler believes it's a macro declaration. Jenkins adds `@${EXECUTOR_NUMBER}` suffix to workspace directory when it uses more than one executor for that job, breaking the build. Replace any @ character on guard name by _ to get it fixed. Type: fix Change-Id: Id0f4cfc33fda95e168541aa4e353a0d08aa3b664 Signed-off-by: Renato Botelho do Couto <renato@netgate.com>
2022-04-26linux-cp: sync addr and neigh only for lcp interfacesStanislav Zaikin5-7/+38
Type: fix Signed-off-by: Stanislav Zaikin <zstaseg@gmail.com> Change-Id: I792467b73449074e59c4232b1f82d134c399624c
2022-04-26flow: enable RSS queue group action for 5G enhancementTing Xu3-1/+45
Enable the flow action for RSS queue group. Packets can be distributed among queues in group based on specific fields. Queues must be continous in the group. This feature is to support 5G enhancement requirement. Type: feature Signed-off-by: Ting Xu <ting.xu@intel.com> Change-Id: I74fdc617659bcb61f00b3b1934c95ab1c73bb8f3
2022-04-26session: export session counts to stats segmentFlorin Coras1-0/+40
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I02aec410eaa7ccb999159b6967414fbaf4e76a3f
2022-04-26stats: string vector and node collector improvementsDamjan Marion5-135/+161
Type: improvement Change-Id: Ibdadeb4e685f45a93f45504a84709391489abb6a Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-04-25build: add option to build only for native CPUDamjan Marion2-1/+16
Significantly reduces compilation time for uses who are interested to run binaries only on the build machine. Type: make Change-Id: I431f6f7374b6dfa8b3f7c72dc69f3d5cafd1f6bb Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-04-24build: fix 16-8-8 mtrie build optionBenoît Ganne1-1/+1
VPP_IP_FIB_MTRIE_16 should be defined only if the option is enabled instead of being defined as "ON" or "OFF". Type: fix Change-Id: Ib4e29a827bcbd84c8012f05ad264c1408ffccee7 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2022-04-21hsa: vcl test client epoll worker loopFlorin Coras3-15/+301
Supports more connections and track connect time. Can be used to measure CPS. Only works in unidirectional mode for now. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I70bc6a271996407dd16a96115f509bd680a0f302
2022-04-22session: fix ctrl evt rpc elt pool reallocFlorin Coras1-5/+10
Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I79bfe91e81983b619c61a32285d8e038c2654147
2022-04-21session svm: fix mq producer wait on q and ringFlorin Coras4-12/+51
Make sure producer drops lock when it waits for empty ring slot. Type: fix Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Id77d54ee8c01bed20c9eaf5ad372ed4b1e9fa712
2022-04-21nat: tweak rfc7857 tcp connection trackingOle Troan4-292/+61
The RFC7857 state machine introduced in 56c492a is a trade-off. It tries to retain sessions as much as possible and also offers some protection against spurious RST by re-establishing sessions if data is received after the RST. From experience in the wild, this algorithm is a little too liberal, as it leaves too many spurious established sessions in the session table. E.g. a oberserved pattern is: client server <- FIN, ACK ACK -> ACK -> RST, ACK -> With the current state machine this would leave the session in established state. These proposed changes do: - require 3-way handshake to establish session. (current requires only to see SYNs from both sides) - RST will move session to transitory without recovery if data is sent after - Only a single FIN is needed to move to transitory Fixes: 56c492aa0502751de2dd9d890096a82c5f04776d Type: fix Signed-off-by: Ole Troan <ot@cisco.com> Change-Id: I92e593e00b2efe48d04997642d85bd59e0eaa2ea Signed-off-by: Ole Troan <ot@cisco.com>
2022-04-19devices: remove redundant access in af-packet inputMohsin Kazmi1-5/+5
Type: fix current_data is set to 0 for each packet in af-packet input node. It is not required to include it to calculate the headers offset. Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I538d8c04e24c758155b3f8d6a1532472ef549459
2022-04-18session: add support for listen proxiesFlorin Coras2-5/+27
Listener proxies are allowed to listen on IPs that are not local. Configurable only by builtin apps for now. Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: Idb380ee3584a088878a03d45fd85e7bb0deeb590
2022-04-18nat: fix deleting nat ei out interface featureAlexander Skorichenko1-2/+2
Type: fix Set is_add function argument to 0 when deleting interface role. Change-Id: I6ca88d6511e1c88285e51b3750eb501fde2b341b Signed-off-by: Alexander Skorichenko <askorichenko@netgate.com>
2022-04-16hsa: vcl test client allow non-blocking connectsFlorin Coras3-45/+66
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: If7dd56e76efc31ed66b865e2c7231d22ec2322b4
2022-04-15hsa: support configurable vcl client wrk loopFlorin Coras1-69/+128
Type: refactor Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I5e49f43b18ff011ce0b7259ed58854d81f910826
2022-04-15stats: store heap in the directory_entry vectorDamjan Marion2-15/+2
Type: improvement Change-Id: I878803d14d1070ef5a00ed9d3f72022906d55191 Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-04-15build: c compiler version warningsDamjan Marion1-11/+34
Type: make Change-Id: I9455da47f03383df822436d1adc4c4b5e58c7cf9 Signed-off-by: Damjan Marion <damarion@cisco.com>
2022-04-15api: fix infinite loop in show api dump CLIAndrew Yourtchenko1-1/+1
The following illustrates the problem: ./build-root/install-vpp_debug-native/vpp/bin/vpp api-trace { on } unix { cli-listen /tmp/vpp-api-cli.sock } plugins { plugin dpdk_plugin.so { disable } } sleep 5 ./build-root/install-vpp_debug-native/vpp/bin/vppctl -s /tmp/vpp-api-cli.sock show version ./build-root/install-vpp_debug-native/vpp/bin/vppctl -s /tmp/vpp-api-cli.sock show api dump file /tmp/api-table.master-api-baseline compare The last CLI hangs in an infinite loop. Fix the typo which got in during the conversion of _vec_len to read-only: .@@ -1285,7 +1285,7 @@ extract_name (u8 * s) . rv = vec_dup (s); . . while (vec_len (rv) && rv[vec_len (rv)] != '_') .- _vec_len (rv)--; .+ vec_dec_len (rv, 0); . Type: fix Fixes: 8bea589cfe0fca1a6f560e16ca66a4cf199041a2 Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com> Change-Id: I4f895348ae0ebaaba9da97c3a440912d38210f10
2022-04-14vlib: disable cpu pinning if not configuredBenoît Ganne3-23/+24
In some environment like when running a lot of functional tests, it can be useful to run more VPP instances than CPU and let the Linux scheduler decide what to do. This change disable cpu pinning altogether in the single-threaded case, provided that no main-core is explicitely specified in the config Type: improvement Change-Id: I8c2f36fdd49c00f9adaaeb4c81aefb27c3420a9b Signed-off-by: Benoît Ganne <bganne@cisco.com> Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
2022-04-14gtpu: fix memory leakLeung Lai Yung1-0/+1
Type: fix Free the old rewrite string before assigning a new rewrite string for the updated new tteid value. Signed-off-by: Leung Lai Yung <benkerbuild@gmail.com> Change-Id: I1ec19bce6afda3dfdc31c8724b32ac7b9bc84e89
2022-04-14ipsec: perf improvement of ipsec4_input_node using flow cacheZachary Leaf8-54/+311
Adding flow cache support to improve inbound IPv4/IPSec Security Policy Database (SPD) lookup performance. By enabling the flow cache in startup conf, this replaces a linear O(N) SPD search, with an O(1) hash table search. This patch is the ipsec4_input_node counterpart to https://gerrit.fd.io/r/c/vpp/+/31694, and shares much of the same code, theory and mechanism of action. Details about the flow cache: Mechanism: 1. First packet of a flow will undergo linear search in SPD table. Once a policy match is found, a new entry will be added into the flow cache. From 2nd packet onwards, the policy lookup will happen in flow cache. 2. The flow cache is implemented using a hash table without collision handling. This will avoid the logic to age out or recycle the old flows in flow cache. Whenever a collision occurs, the old entry will be overwritten by the new entry. Worst case is when all the 256 packets in a batch result in collision, falling back to linear search. Average and best case will be O(1). 3. The size of flow cache is fixed and decided based on the number of flows to be supported. The default is set to 1 million flows, but is configurable by a startup.conf option. 4. Whenever a SPD rule is added/deleted by the control plane, all current flow cache entries will be invalidated. As the SPD API is not mp-safe, the data plane will wait for the control plane operation to complete. Cache invalidation is via an epoch counter that is incremented on policy add/del and stored with each entry in the flow cache. If the epoch counter in the flow cache does not match the current count, the entry is considered stale, and we fall back to linear search. The following configurable options are available through startup conf under the ipsec{} entry: 1. ipv4-inbound-spd-flow-cache on/off - enable SPD flow cache (default off) 2. ipv4-inbound-spd-hash-buckets %d - set number of hash buckets (default 4,194,304: ~1 million flows with 25% load factor) Performance with 1 core, 1 ESP Tunnel, null-decrypt then bypass, 94B (null encrypted packet) for different SPD policy matching indices: SPD Policy index : 2 10 100 1000 Throughput : Mbps/Mbps Mbps/Mbps Mbps/Mbps Mbps/Mbps (Baseline/Optimized) ARM TX2 : 300/290 230/290 70/290 8.5/290 Type: improvement Signed-off-by: Zachary Leaf <zachary.leaf@arm.com> Signed-off-by: mgovind <govindarajan.Mohandoss@arm.com> Tested-by: Jieqiang Wang <jieqiang.wang@arm.com> Change-Id: I8be2ad4715accbb335c38cd933904119db75827b