summaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2018-03-07NAT44: allow to configure one interface only as output or input feature ↵Matus Fabian1-0/+12
(VPP-1192) following is not possible: set interface nat44 out GigabitEthernet0/3/0 output-feature set interface nat44 out GigabitEthernet0/3/0 Change-Id: I1592cc18390881fda66f98316700886b8f5295f0 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-03-07GBP: fix the runs before statement against the ACL nodeNeale Ranns1-2/+2
Change-Id: I0ff13962ab6855663b9aec31c95e4a88cc809ff0 Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2018-03-07packet-generator: use default free listDamjan Marion2-63/+8
Change-Id: I2a34546f9b32edc9bfb86b5492dde34aaef49ccc Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-03-07tls: enforce certificate verificationFlorin Coras11-169/+261
- add option to use test certificate in the ca chain - add hostname to extended session endpoint fields and connect api parameters. If hostname is present, certificate validation is enforced. - use /etc/ssl/certs/ca-certificates.crt to bootstrap CA cert. A different path can be provided via startup config Change-Id: I046f9c6ff3ae6a9c2d71220cb62eca8f7b10e5fb Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-03-07VPPAPIGEN: Run tool directly from source tree.Ole Troan3-9/+8
This ensures that tool changes do not require re-bootstrap. Disabled generation of temporary files (gentab / .pyc) to avoid polluting the source tree. Change-Id: I4d6bc035fbb46550fa8f4e99f4091eef90e2d86c Signed-off-by: Ole Troan <ot@cisco.com>
2018-03-07VAPI: Ensure type definitions are generated in same order as .api file.Ole Troan2-4/+4
The previous use of a dictionary instead of a list led to typedefs being generated in wrong order. Change-Id: Iee6ff73f920883ce6e599180c1b47fe997c1702e Signed-off-by: Ole Troan <ot@cisco.com>
2018-03-06vlib: avoid crash if fill_free_list returns 0 buffersDamjan Marion1-1/+2
Change-Id: If1284696e10df71b4029191b5e3adb32c21c0c5f Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-03-06VCL registration handler added to session for polling sessionsKeith Burns (alagalah)1-6/+9
Change-Id: I5f0f3b07a7aa3f243c3d44a9a15cf0670dbb2d46 Signed-off-by: Keith Burns (alagalah) <alagalah@gmail.com>
2018-03-06LB plugin: Fix Layer-4 checksum error in L3DSR.Yusuke Tatsumi1-0/+5
Though dst-IP address would be change in LB plugin with L3DSR method, layer-4 checksum would not be recomputed after this change. Related changes: - L3DSR: https://gerrit.fd.io/r/#/c/10203/ Change-Id: I98de7b8d80186ac77608a68050208c08d90b7c3b Signed-off-by: Yusuke Tatsumi <ytatsumi@yahoo-corp.jp>
2018-03-06when lb tcp in2out flow,ahdj0071-0/+1
in2out and out2in protocol are not same Change-Id: I4ce680ad1f088cb079e1f2aeb15ca59225fca0d1 Signed-off-by: ahdj007 <dong.juan1@zte.com.cn>
2018-03-06reass frag_n should to be inited to 0ahdj0071-0/+1
Change-Id: I8a4a7a85e86acbfe411e6dfa22e3976d7d4c903b Signed-off-by: ahdj007 <dong.juan1@zte.com.cn>
2018-03-06VOM: Fix state reconciliationMohsin Kazmi11-67/+165
This commit also fixes the acl and arp handle for inspector to view internal state of VOM. Change-Id: Ibc8ff6cb51d2a77b4c04993ac7212564b8892337 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2018-03-06glibc 2.27 fixMarco Varlese2-0/+3
With glibc 2.27 the memfd_create has been added to the devel libraries. That's causing the internally defined static function to clash with the system wide one. This patch addresses that issue on systems with latest glibc libraries. Change-Id: I788bf49b23d5b5f1cb1c0374e243d8a429178a71 Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2018-03-06vppapigen: require service definition for singleton messagesMarek Gradzki1-7/+2
Change-Id: Ie7b1c5e50588f65657c3c0900e5914ea82ebb50f Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2018-03-06vppapigen: do not allow to define message as both request and replyMarek Gradzki1-0/+4
Change-Id: I0738fac32dd0c5d927c52d2eb2c1100d14c147cf Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2018-03-06vppapigen: require reply ID different than caller IDMarek Gradzki1-0/+4
Change-Id: I316dc99881bce6a36904863d3c1c049b4f5cf658 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2018-03-06API: Add service definitions for events and singleton messages (second attempt)Marek Gradzki9-77/+181
Based on https://gerrit.fd.io/r/#/c/10920/ Updates service definition in stats.api with correct reply message names. Change-Id: I3282bee5304e667e23bc1fab3f43d967a50d880d Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2018-03-05Revert "API: Add service definitions for events and singleton messages."Ole Trøan9-181/+77
This reverts commit f7b7fa53b7eaec81d8c00c1023fb7d01f1f9761f. Change-Id: I87496342943248e94f01ada31459f387c0a3a610 Signed-off-by: Ole Troan <ot@cisco.com>
2018-03-05physmem: keep only one physmem_mainDamjan Marion6-9/+10
We don't need per vlib_main physmem_main, so keep it separatelly instead of trying to keep them in sync. Change-Id: I0fbeecf4d9672d31af7a43c640a7d8f05dd6e46f Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-03-05VCL async event handlerKeith Burns (alagalah)4-202/+653
- provides async handling of events such as accept/connect Change-Id: Id95947237ef16629371b3c99822059d423e2f918 Signed-off-by: Keith Burns (alagalah) <alagalah@gmail.com>
2018-03-05SCTP: API to configure some tunablesMarco Varlese6-78/+129
This patch adds the possibility to configure some behaviors of the SCTP stack based on some tunable parameters (mainly ON/OFF). For the time being, that is limited to the bundling option (multiplexing messages) and to delaying the SACK message. Change-Id: I696493e0309e47163c1e119c7d9f82f7d8ee6b87 Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2018-03-05IP6 link-local tableNeale Ranns23-220/+1071
- IPv6 link local table is a per-SW interface array of IPv6 unicast FIBs - the per-interface ocst is sizeof(fib_table_t) which is small, w.r.t. the cost of an interface - FE80::/10 in the 'global' table points to a DPO that performs a lookup in the input interface's LL fib. Change-Id: Ice834b25ebeeacb2e929d7c864d7ec8c09918cbe Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
2018-03-05Set DPDK_MLX4_PMD and DPDK_MLX5_PMD compile with default dlopen linksAmir Zeidner2-25/+0
dlopen linkage allow more transparent use for Mellanox nics. Mellanox shared library librte_pmd_mlx5/4_glue.so* placed in LD_LIBRARY_PATH At run time Mellanox code will be loaded only when Mellanox nics explicty used. i.e if VPP is used with other vendor Mellanox code is not loaded. Change-Id: Ib05bdbfc4cbb6e447c67186c98361f9c5b447140 Signed-off-by: Amir Zeidner <amirzei@mellanox.com>
2018-03-05API: Add service definitions for events and singleton messages.Ole Troan9-77/+181
Change-Id: I7de987c30b263d43521e6280c5273f30b5f6e11c Signed-off-by: Ole Troan <ot@cisco.com>
2018-03-05vlib: add functions to dynamically open/close PCI deviceDamjan Marion2-3/+126
Old code was only allowing PCIdevices to be scanned during startup, now driver can open and close device without restart of vpp. Change-Id: I1a06511e3f16f896101b43dac2bad420b6e6c35e Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-03-05SCTP: retransmission in INIT/SHUTDOWN phaseMarco Varlese4-24/+124
This patch addresses the need to handle timers timeouts (e.g. sent chunks not being acked) for both the INIT and SHUTDOWN phases. The INIT phase requires the handling of two timers the T1-init and T1-cookie timers whilst the SHUTDOWN phase requires the handling of the T2-shutdown timer only for the retransmission case. Left to be implemented is the handling of the DATA chunks retransmission (e.g. T3-rxtx expiration) but that will be submitted with a separate patch. Change-Id: I2b2e13dce11000aea3c7d965f02b27b76c97e605 Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2018-03-05vlib: vlib_buffer_free_internal optimizationsDamjan Marion1-53/+88
Change-Id: Ia819b630b824002c59680836a8833df7e5af90e9 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-03-05vlib: vfio code reworkDamjan Marion10-222/+411
Change-Id: I99cf3e7cc991aa7d32385a155c707a6516516117 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-03-05vlib: rework PCI INTx supportDamjan Marion2-96/+75
Change-Id: I6df5a01416993c213e06645a6d9b48dfe77c8227 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-03-05tls: add stop listen handlerFlorin Coras3-20/+144
Change-Id: I233d02a669b6a0504cd54590c6c8e4fefadc4713 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-03-05NAT44 - unknown protocols work with forwardingMatthew Smith1-6/+9
If forwarding is enabled, inbound packets on an outside interface should not be dropped and instead pass on to the FIB lookup. This works for TCP and UDP but not other IP protocols. Enable it for unknown protocols. Change-Id: I1da84b5633a36b3e5e64079754db2fcc50f29819 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2018-03-04vlib: add PCI MSI-X interrupt support (vfio only)Damjan Marion2-6/+197
Change-Id: Iae2ddf93d1705354175e3dcae26b66e6f98a5c32 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-03-04vlib: map pci region by using vfio FD when vfio is usedDamjan Marion3-47/+89
Change-Id: Ib94e9e9e9fcdad9cdb0e3402b3de7d78bd644abe Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-03-04vlib: fix vlib_pci_get_device_info on when not running as rootDamjan Marion1-4/+2
While comment properly says that only first 64 bytes can be read, actual code was returning error instead being happy with 64 bytes received. Change-Id: I09c0d1d5c9fc8e1f6c59c093d81bb1ce1924281b Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-03-04vppinfra: fix clib_mem_vm_ext_alloc non-shared allocationsDamjan Marion2-3/+9
Change-Id: I6d049c0875b91f67f008dc04ae7efe2f8ddc276e Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-03-03VPPAPIGEN: Improve output module finding for out-of-tree builds.Ole Troan1-2/+12
Change-Id: I3b646d84586dd61018f71cbf21c971c97fda75c1 Signed-off-by: Ole Troan <ot@cisco.com>
2018-03-03netlink: Use nl_pid 0 to play nice with others.Jon Loeliger1-1/+1
While the netlink field is named nl_pid, and typically contains a process id, setting it to a pid value directly prevents other modules from also using a netlink socket. On the other hand, setting it to 0 allows multiple modules to use a netlink socket by letting the kernel assign the nl_pid a value. This allows the verito tap code to interact nicely with the router plugin's librtnl after, say, tap-inject has been enabled. Change-Id: I9771929f34d15497a5f7b8c5fd78dac28e31383b Signed-off-by: Jon Loeliger <jdl@netgate.com>
2018-03-02tls: clib_mem_alloc context to avoid dangling referencesFlorin Coras1-30/+32
Change-Id: I1e3b48dfd21c9dbebdbcc0af0d6e888b416b3ac5 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-03-02gitignore: negate "No core files" pattern in 'vpp-api/java'Marek Gradzki1-0/+2
The 'vpp-api/java' includes 'core' subdir which should be tracked. This patch adds .gitignore for 'vpp-api/java' to negate pattern that matches 'core' files/dirs, introduced by https://gerrit.fd.io/r/#/c/9848/. Change-Id: I4e10ca10a891a2d95d6b45e479ee8d2196749132 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2018-03-02jvpp: object model for jvpp generator (VPP-1184)Marek Gradzki19-2341/+2267
Introduces JSON parser which builds object model of Java API. Also rewrites JNI translation of typedefs to use per type translation functions instead of code inlining. Not covered: - integrate with vappigen plugin (VPP-1154) or vapi parser (VPP-1155) - use better templating engine (VPP-480) - improvements of generator structure (e.g. VPP-1186) Change-Id: I9e12d76c2f3c6ee041669f58e8a37917f656aa90 Signed-off-by: Marek Gradzki <mgradzki@cisco.com>
2018-03-02session: first approximation implementation of tlsFlorin Coras28-168/+1763
It consists of two main parts. First, add an application transport type whereby applications can offer transport to other applications. For instance, a tls app can offer transport services to other applications. And second, a tls transport app that leverages the mbedtls library for tls protocol implementation. Change-Id: I616996c6e6539a9e2368fab8a1ac874d7c5d9838 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-03-02tapv2: CLI and binary API fixesSteven4-11/+11
1. When interface create encouners an error (see test below), the same id cannot be used again. This is due to hash_set is called too early in the function. After the hash entry is set, there are different errors may cause the interface create to be aborted. But we didn't remove the hash entry when error is encountered. The fix is to move the hash_set call near the end which has no more "goto error" DBGvpp# create tap id 1 rx-ring-size 1021 tx-ring-size 1021 create tap id 1 rx-ring-size 1021 tx-ring-size 1021 create tap: ring size must be power of 2 DBGvpp# create tap id 1 rx-ring-size 1024 tx-ring-size 1024 create tap id 1 rx-ring-size 1024 tx-ring-size 1024 create tap: interface already exists DBGvpp# 2. multiple issues exist with api_format.c with the below command binary-api tap_create_v2 id 4 hw-addr 90:e2:ba:76:cf:2f rx-ring-size 1024 tx-ring-size 1024 - hw_addr is not taken due to the test for random mac is inverted - id is an integer, not a string - integer values were not converted to network format Change-Id: I5a669d702a80ad158517df46f0ab089e4d0d692e Signed-off-by: Steven <sluong@cisco.com>
2018-03-02NAT44: interface output feature and service host direct access (VPP-1176)Matus Fabian2-6/+117
forwarding mode: session initiaded from service host - translate session initiaded from remote host - do not translate Change-Id: I48170ee8e4ad14d3d3083ee31a40ef8d10d6ff32 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-03-01SCTP: API to delete a sub-connectionMarco Varlese4-2/+106
This patch adds an API to delete a sub-connection following a SRC/DST IP mapping as required by the RFC4960. Change-Id: I7673dd07352557442ffeed6c6c00da274b24953d Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2018-03-016RD: Rewritten 6RD RFC5969 support.Ole Troan19-730/+921
Change-Id: Ic30fbcb2630f39e45345d7215babf5d7ed4b33a0 Signed-off-by: Ole Troan <ot@cisco.com>
2018-03-01STN: Fix stn_rules_dump/details to follow API conventionOle Troan3-8/+8
Change-Id: I94f6c35bf751d25ca7fe7c67054e676a3ad2241b Signed-off-by: Ole Troan <ot@cisco.com>
2018-03-01Fix ERSPAN encap to set EN bits in the header and add test caseJohn Lo2-9/+12
For ERSPAN encap, both bits in the EN field of the header should be set to indicate any VLAN tag in the original Ethernet frame is preserved. Added SPAN L2 test case where the mirrored packet output is a GRE ERSPAN tunnel. Change-Id: Ie7a40992a9278469c24aa6fa9e122b4505797d10 Signed-off-by: John Lo <loj@cisco.com>
2018-03-01SCTP: API to add a sub-connectionMarco Varlese8-39/+248
This patch adds an API to add a sub-connection following a SRC/DST IP mapping as required by the RFC4960. At the same time, it changes the way the next available sub-connection is being calculated: rather than having an index in the parent connection which is prone to many issues at run-time, the next available sub-connection is being calculated by looking at the state of the set sub-connections and if marked as DOWN it means that is an available slot to be used. Change-Id: I662be6a247bfbbe8bf9aaf3f485183c07ef862fe Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2018-03-01PAPI: pycodestyle on vpp_papi.pyOle Troan1-22/+36
Change-Id: I15cf4a9fd2d2518df4bfffc1ba3c556a87ca5afa Signed-off-by: Ole Troan <ot@cisco.com>
2018-03-01session: zero out ips in local endpoint lookup only if localFlorin Coras3-29/+75
Change-Id: I3425b1533b3d31210166e7b3798685464ad1c489 Signed-off-by: Florin Coras <fcoras@cisco.com>