Age | Commit message (Collapse) | Author | Files | Lines |
|
When a packet with an unknown proto arrives
on an inside interface and there are no existing sessions
for the source address, a segv occurs.
snat_in2out_unknown_proto() finds the head of the sessions
dlist, fetches the address of the next element using
head->next, and then dereferences the next element. On the
first packet received from a source address, head->next is
~0, so this results in a segv.
Check that the session list is not empty before trying to
traverse it.
Also removed unnecessary lookup against tsm->user_hash.
Prior call to nat_user_get_or_create() already performed
that lookup and added a user if one didn't exist.
Change-Id: If73e79aa2f8e3962ab7b876ecf55aea40d7a5472
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
|
|
If sessions are not preallocated, the rx retries counters are not
correctly validated/initialized
Change-Id: Iaf7456f3a0e2181fcea0c370613d694f8e98276d
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Two vxlan union/struct initializations caused gcc on
CentOS 7 to puke. Modified them to make the build
work again.
Change-Id: Iad667444b86cfde5ee4329993b520028d3b593ad
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
|
|
moving the rewrite into the tunnel struct
Change-Id: Iec74b48e13456d32957e826cffb5ea35a8ebd1a0
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
Change-Id: I906e58b4f9827a79a6ab673f8fa2e03036c69820
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I54a00686a7f3a61f583a5f701a0ab6c5480a455b
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: I2d39e56ff605e3a24927d6330d65d0406f588381
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: If33854f9c32736edf571fb66cdfa759db1c9de25
Signed-off-by: Szymon Sliwa <szs@semihalf.com>
|
|
Change-Id: Id9bad9a2fd99d22296a705ab08d1daedc3fef5c1
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I5cab31639e7819c9ab7e9c9159d931b25161d00b
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
- move the IPv6 incomplete and glean node to ip6_neighbour.c (so it has access to ip6_neighbour_main_t)
- use the RA info config on the interface to find the multicast adj to use
Change-Id: I835e419072abe54fb09dafb0e7eb0a9e50eba1af
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
1 - use bit-map to re-use ID values and thus VLIB nodes
2 - free vrings
3 - free hw_address on HW interface delete (a HW * struct is memset on pool_get)
4 - free temporary node names during TX node setup
Change-Id: Id114c8bb9c844fd4ceb02fbbeb4b511ecfeb61ce
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: Iea174f03dfba3bd06024db0f0cc373532300dcae
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I2794384557c6272fe217269b14a9db09eda19220
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I2b418b9aefe298e4e6190cbe2e220a657f688cda
Signed-off-by: Igor Mikhailov (imichail) <imichail@cisco.com>
|
|
While some levels such as debug and emerg work, others don't. See below.
DBGvpp# set log class tap level warn
set log class tap level warn
set logging class: unknown input `level warn'
DBGvpp# set log class tap level debug
set log class tap level debug
DBGvpp# set log class tap level info
set log class tap level info
set logging class: unknown input `level info'
DBGvpp# set log class tap level err
set log class tap level err
DBGvpp# set log class tap level crit
set log class tap level crit
set logging class: unknown input `level crit'
DBGvpp# set log class tap level emerg
set log class tap level emerg
DBGvpp#
Cause:
The reason for the failure for the shorter keywords is level_str is unformatted
with %v which is not null terminated. For example, the character after "info"
could be anything in level_str. The memcmp with size of the macro keyword __##uc
which includes the null character or 5 in this case and thus the comparison fails.
Fix:
Use %s which insure level_str is null terminated. Use strcmp to rule out
false positve match like "debugxxx" against keyword "debug".
Change-Id: I7a2d97a0f7f618df105da7eca791618dce04d21e
Signed-off-by: Steven <sluong@cisco.com>
|
|
Change-Id: Icd42abf4e35db550df496592cffce655f1987d68
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Be gentle with people who run VPP in the noisy envirement where
not-for-us IGMP messages are flying around...
Change-Id: I07e74e29bc12ecdcc83faead9182d861c7ea1add
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Currently for VXLAN IPv4.
Change-Id: Id4b8bc0d9f6ab043810e4d1b9f28e01c27ce0660
Signed-off-by: Igor Mikhailov (imichail) <imichail@cisco.com>
|
|
It is possible for span-input to get call with sw_if_index which is greater than
sm->interfaces and crashes in span_mirror () in the following line
span_interface_t *si0 = vec_elt_at_index (sm->interfaces, sw_if_index0);
For example, span-input mirrors a main interface as source, it may actually get
call for traffic coming in from the subinterface and crashes.
The fix is simply to check if sw_if_index >= vec_len (sm->interfaces) and
punt if it is.
Change-Id: I8312eb321d638518e14ba2326fffd1a7919646ca
Signed-off-by: Steven <sluong@cisco.com>
(cherry picked from commit 516d63ff2c6671f3b0dc641511a50017a9804179)
|
|
Change-Id: If174d189de40e6f9ffae99997bba93a2519d9fda
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I379150a88f2d53d6281be41e8bad6fc4f4e88a71
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
|
|
from encap path
Change-Id: I62a8d13495355ad5e687f13b86c2a5d360bb2b7f
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
recompile each time
Change-Id: I97ef0ef5f694062e5867e11d434e3b521a57f649
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I69fee1dcf07a4d2eed69a59f0a36e63e3741ed4e
Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
|
|
When walking all adjacencies for a given {next-hop,interface} instead of
walking all the adjacencies on that interface and matching the next-hop
(which is O(n) in the number of adjacencies on that link, find all instances
of an adjacency with any link-type and wtih that {next-hop,interfacE} pair:
this is O(1).
Change-Id: Ic80399fc9e93c8df111379c039e592d8cafbab18
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Fixes:
- the parsing of the packet falsely assume an ethernet header at offset 0
- it causes a frame leak
Change-Id: Ib9ac9535173ed216de613baaa06d0e1dea3640ca
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I927c9358915e03187cf7d3098c00b85b5ea2f92d
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Improve igmp membership report performance, introduce group and source specific timers.
(side effect compatible with Group-specific query).
Change-Id: Ie3dd2c0dabe5f7138c2f8029e6bbbbfcb5e4904f
Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
|
|
Change-Id: Id90e6fb1211b7789e6e3df0b6579c4757e7fdfa6
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
[VPP-1251]
Problem:
When the bond subinterface is removed, it was observed that we lost the lacp
partner. Show hardware shows rx counter goes up, but show interface does not
for the slave interfaces.
Cause:
We reset the interface promiscuous mode when the bond subinterface is deleted.
This causes dpdk not to accept any packet. Leave the interface in promiscuous
mode fixes the problem.
Other fixes:
There are few places we use hw_if_index as if they are sw_if_index. But they
don't necessarily have the same value. As soon as a subinterface is created,
they start to diverge. The fix is to use the correct API for the hw_if_index
and sw_if_index.
Change-Id: I1e6b8bca0a4aae396d217a141271cbf968500c91
Signed-off-by: Steven <sluong@cisco.com>
(cherry picked from commit 42c6599bf3057a7e8f4f00f5b6a9dd72af48d283)
|
|
obvious leak of parent_indices
Change-Id: I572b33de1756c8062a87c754117d990622fe12fe
Signed-off-by: Kingwel Xie <kingwel.xie@ericsson.com>
|
|
Change-Id: I228728bacfca6056dc409a96de1bffb9cadcd3e6
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: I55f978c84a56bc089e5657c528195b6c84409364
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
(cherry picked from commit df53f5fda277a035984f1de4474f0b58ae15b114)
|
|
Some scenarios not involving ip[4,6]-input paths might benefit from IP
header QOS fields recorded and applied.
An example: L2 (overlay) traffic being encapsulated by VPP in VXLAN
and transmitted on another (underlay) interface might want the QOS
information carried over in the outer IP header.
Change-Id: I4d9462c47ae6ba97680edb1e53340b17cfd7845b
Signed-off-by: Igor Mikhailov (imichail) <imichail@cisco.com>
|
|
set the IS_RX flag based on CLI 'l2-input-on'
Change-Id: I53d9129a7c09f605c1eb55753426f392b1b480bc
Signed-off-by: Neale Ranns <neale.ranns@cisco.com>
|
|
We should be sending LACP PDU every second if the partner has LACP_TIMEOUT flag
set which means it will time us out in 3 seconds.
Add interface name for lacp trace
Change-Id: If7d816c062d03e80cc0dd7d10dba0b76ace0664a
Signed-off-by: Steven <sluong@cisco.com>
|
|
Should be more resilient to ack losses
Change-Id: Icec3b93c1d290dec437fcc4e6fe5171906c9ba8a
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I9ab11ba9f958c679112eb22c8db39cb269a29dc7
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
When creating an IPsec tunnel interface, allow a numeric
identifier to be set for use in the interface's name in
place of the dev instance. Default to using the dev instance
if no value is explicitly set.
When an IPsec tunnel is deleted, the interface is deleted
now instead of being kept in a pool of available hw
interfaces. Otherwise there was the possibility of
conflicting tx node names between deleted tunnels and
newly created ones.
Change-Id: Ic525466622a0dec38a845fa5871c084f6d9da380
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
|
|
When enabled then Twice-NAT is applied only when
source IP equals destination IP after DNAT
Change-Id: I58a9d1d222b2a10c83eafffb2107f32c1b4aa3a8
Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
|
|
Change-Id: Ibf3ef82950f50b746394a731cd2e7cba1cd16ec4
Signed-off-by: John Lo <loj@cisco.com>
|
|
- use of vlib_log for non-dataplane logging
- redirect of dpdk logs trough unix pipe into vlib_log
- "show dpdk physmem" cli
Change-Id: I5da70f9c130273072a8cc80d169df31fc216b2c2
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I1c72d9ddefdc83c7d5ab2564f89d83ffd3fa6110
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I008a4d7ad7160d1f07e7ceef712a5318a9368308
Signed-off-by: Andrey "Zed" Zaikin <zed.0xff@gmail.com>
|
|
hard code the address mask offsets. This are protocol specific and only used on ethernet when used at all.
Change-Id: Ib1f6f33682f53254ffbb5a241a1583e65420e0c7
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Change-Id: I53bb1e289ba16ee6d9aed7285b18437c996077a4
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I7e6b0e7e91cc032b1685f35de5d84363a85158a5
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: I6c1c855cf5fc2ee06f1c7ddd6576ca16cd556fdd
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
This patch addresses the warning 182994
Change-Id: I071f3cbdf9965c7b57d444f79430ee75c66c856e
Signed-off-by: Marco Varlese <marco.varlese@suse.com>
|