Age | Commit message (Collapse) | Author | Files | Lines |
|
Type: feature
Support setting the MTU for a peer on an interface. The minimum value of
the path and interface MTU is used at forwarding time.
the path MTU is specified for a given peer, by address and table-ID.
In the forwarding plane the MTU is enfored either:
1 - if the peer is attached, then the MTU is set on the peer's
adjacency
2 - if the peer is not attached, it is remote, then a DPO is added to
the peer's FIB entry to perform the necessary fragmentation.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I8b9ea6a07868b50e97e2561f18d9335407dea7ae
|
|
Ensure policer struct is cache aligned and fits in one cache line.
Give it a simpler name to reflect its job as the representation of
a policer.
Type: improvement
Signed-off-by: Brian Russell <brian@graphiant.com>
Change-Id: If1ae4931c818b86eee20306e503f4e5d6b84bd0d
|
|
Calling mem{cpy,move} with NULL pointers results in undefined behaviour.
This in turns is exploited by GCC. For example, the sequence:
memcpy (dst, src, n);
if (!src)
return;
src[0] = 0xcafe;
will be optimized as
memcpy (dst, src, n);
src[0] = 0xcafe;
IOW the test for NULL is gone.
vec_*() functions sometime call memcpy with NULL pointers and 0 length,
triggering this optimization. For example, the sequence:
vec_append(v1, v2);
len = vec_len(v2);
will crash if v2 is NULL, because the test for NULL pointer in vec_len()
has been optimized out.
This commit fixes occurrences of such undefined behaviour, and also
introduces a memcpy wrapper to catch those in debug mode.
Type: fix
Change-Id: I175e2dd726a883f97cf7de3b15f66d4b237ddefd
Signed-off-by: Benoît Ganne <bganne@cisco.com>
|
|
Type: fix
Change-Id: I744cedb9c1b57945af5e83057e4759964fd2e104
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
When strongSwan rekeys it sends create child sa request first and then
delete request for the old child sa (or vice versa depending on
configuration) as opposed to sending just a single create child sa with
rekey notify message.
Type: fix
Change-Id: I1fa55a607ca623cd3a6d887436207153c6f6bbf6
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
Add a new api to allow a policer to be bound to
a specific worker thread for thread handoff.
Type: improvement
Signed-off-by: Brian Russell <brian@graphiant.com>
Change-Id: I2623a6827843c3d93c0d7b4ad7c2e13611ec1696
|
|
Type: feature
Change-Id: Ib777a5201f1c728438c7a5f2b1aa2246f1344b9b
Signed-off-by: Nathan Skrzypczak <nathan.skrzypczak@gmail.com>
|
|
Type: fix
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: Id7b27edf3712aaa3c277e752b9ca78bb91d184a1
|
|
Type: refactor
Change-Id: I7136cb8ba101ea3917dacc31ceb3a76a31328301
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Also apply style edits as proprosed by checkstyle.
Ticket: VPP-1971
Type: fix
Change-Id: I4332a4e32220f3076b4a373da01cc0022cde32f5
Signed-off-by: Vratko Polak <vrpolak@cisco.com>
|
|
Don't expect save_rewrite_length to be set correctly on RX path.
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: Ieee40d119213f617c3d836181e5879f084b74548
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Type: improvement
negates the need to load the SA in the handoff node.
don't prefetch the packet data, it's not needed.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I340472dc437f050cc1c3c11dfeb47ab09c609624
|
|
u32[0] is not enough unique for some platforms like azure
where several devices(not only network) can have almost
the same addresses and this can cause collisions.
Change hash to mhash type for vmbus devices with key
of whole 16 bytes of vmbus address.
Type: improvement
Signed-off-by: Vladimir Ratnikov <vratnikov@netgate.com>
Change-Id: Ic6c6a657ae29f45beddd0c69d8e785e702349460
|
|
Convert old logging style to new and remove unused tracepoints.
Remove code always conditionally not compiled.
Make comment style consistent.
Type: improvement
Change-Id: I13339f28539cf190fb92be2d5c8020b6249319c8
Signed-off-by: Brian Russell <brian@graphiant.com>
|
|
Make the policer action enum packed and use it in the policer code.
Use other policer enums where applicable.
Type: improvement
Signed-off-by: Brian Russell <brian@graphiant.com>
Change-Id: I32f9735942af8bca3160b9ef8a75f605d9aba5fa
|
|
The policer code uses a naming convention of prefixing a lot of
its definitions with "SSE2" when in fact there is nothing SSE2
specific about them. This is confusing so remove the prefix.
Unfortunately it has to stay in the API definitions for backward
compatibility.
Type: improvement
Signed-off-by: Brian Russell <brian@graphiant.com>
Change-Id: I59a7df9fd5ded2575f2e587b2768a025a213b07c
|
|
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I5ee2e8aba3ee7281bbca11825dece79983e52f06
|
|
Fix memory leak coverity errors where free was not called
on error conditions. Or called twice.
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I21cffa8b01e4f72f10501f202f6a762ae300a941
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I4830656ad852de62211e31574a0e0afb62d00f37
|
|
If the multi-worker default VPP configuration is triggered by
setting VPP_WORKER_CONFIG="workers 2", some of the tests fail
for various reasons.
It's a substantial number, so this change marks all of the
testsets that have this issue, such that they can be addressed
later independently.
Type: test
Change-Id: I4f77196499edef3300afe7eabef9cbff91f794d3
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Change-Id: I645bb0a31b333a6160c74987dddb3fb50ff154d8
Type: improvement
Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
|
|
Use the common IP definitions of DSCP rather than duplicating in the
policer code.
Type: improvement
Signed-off-by: Brian Russell <brian@graphiant.com>
Change-Id: Iff4bc789356edc290b9c31eca33e93cf5b6211bf
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I3c15a465f84f2ceb6bd5f1c459899824d4bc1c90
|
|
Add some tests which configure policer params, use the policer
test helper CLI to police pretend packets and then check the
policer stats.
Type: test
Signed-off-by: Brian Russell <brian@graphiant.com>
Change-Id: Ib2688b6f77d84a4bfd3c8185e44c59fa2300716a
|
|
Add a helper CLI to exercise a policer pre-configured by the test
harness. The test harness will check the stats afterwards.
Type: test
Signed-off-by: Brian Russell <brian@graphiant.com>
Change-Id: I913dda4a9f8179c1c6b3061a68164bf1e698a392
|
|
Turns out that both the multi-core and single-core add / del tests run
for just under 5 seconds (aarch64, debug image). Increase the vapi =>
debug CLI timeout to avoid spurious failures.
Type: test
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: Ia64bffa82a908172a21c34f3ae4402ad774af28a
|
|
support
Type: feature
attmpet 2. this includes changes in ah_encrypt that don't use
uninitialised memory when doing tunnel mode fixups.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: Ie3cb776f5c415c93b8a5ee22f22586fd0181110d
|
|
Avoid doing inter-thread reads without locks by doing a handoff before
destination address rewrite. Destination address is read from a session
which is possibly owned by a different thread. By splitting the work in
two parts with a handoff in the middle, we can do both in a thread safe
way.
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: I1c50d188393a610f5564fa230c75771a8065f273
|
|
Running vpp without any interface configured and then invoking the
binary-api l2_xconnect_dump causes vpp to crash in l2_input_is_xconnect due
to l2input_main.configs has no memory allocated to it, not even for the local
interface which exists all the times.
The reason that l2input_main.configs has no memory allocated to it was due to
gerrit patch 29232 which took out a line in l2input_init
/* Create the config vector */
vec_validate (mp->configs, 100);
The fix is to iterate through l2input_main.configs for each interface in
l2 to call l2_input_is_xconnect when dumping l2_xconnect interfaces.
Type: fix
Fixes: gerrit 29232
Signed-off-by: Steven Luong <sluong@cisco.com>
Change-Id: I8d9cba4b7eba4c2e0c60887c4fd57d5ec3b06d3b
|
|
Type: feature
Basic dtls transport protocol implementation that relies on openssl
wire protocol implementation. Retries/timeouts not yet supported.
To test using vcl test apps, first ensure all arp entries are properly
resolved and subsequently:
server: vcl_server -p dtls 1234
client: vcl_client -p dtls <server-ip> 1234 -U -N 2000000 -T 1460 -X
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I04b4516a8fe9ce85ba230bcdd891f33a900046ed
|
|
Type: fix
Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: I2828287c58115aa08c0a4297c01cea60f41f4749
|
|
When IPsec async mode is enabled, packets don't pass through the tunnel
if ciphers other than AES GCM are used for child SAs. An error that
arises is "bad-hmac" in the "crypto-dispatch" node.
On the encryption stage, the VNET_CRYPTO_OP_FLAG_HMAC_CHECK flag is set
for the integrity crypto operation when it's not supposed to. It seems
that the flag remains from the previous operation.
With this change, zero flags of crypto operations in the SW scheduler
during operation filling.
Type: fix
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: Iabac253474e95cb01f9ec0933f3c4860f8a5289c
|
|
Type: fix
Change-Id: I1f8245e8cccacb5bbb511aef39e31d0a76bba95f
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
root@ae2a2e85c5d4:/vpp/src/vpp-api/python# python3
Python 3.6.9 (default, Oct 8 2020, 12:12:24)
[GCC 8.4.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import vpp_papi
>>> vpp_papi.__version__
'1.6.2'
Type: feature
Change-Id: I73025427a58214a842245fceaa77daa7acd3e6f8
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Type: fix
Change-Id: I4901f7eb9d739afd4d45a25306434e9d122a4068
Signed-off-by: Paul Vinciguerra <pvinci@vinciconsulting.com>
|
|
Type: improvement
Signed-off-by: Klement Sekera <ksekera@cisco.com>
Change-Id: Ibea7ec844d1d910e8a3235e11154b1ecea8302ac
|
|
If static-mapping-only is enabled, NAT pool cannot be configured, only
static mappings. There're two ways to add addresses to the NAT pool:
by address range, or by first found address from an interface.
NAT44_ADD_DEL_ADDRESS_RANGE already tests if dynamic mappings are
available but NAT44_ADD_DEL_INTERFACE_ADDR doesn't. If
static-mapping-only is enabled, adding addresses by range is rejected
but by interface not.
With this change, if static-mapping-only is enabled, do not allow to
add addresses to the NAT pool both ways.
Type: fix
Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
Change-Id: Ifc055ea9a71a5e579388833a2990aef21bf7ed29
|
|
Including a general missing free in fromjson autogenerated code.
Type: fix
Signed-off-by: Ole Troan <ot@cisco.com>
Change-Id: I9ab2b0193135e2fb3d62d51b3c114df56969e341
Signed-off-by: Ole Troan <ot@cisco.com>
|
|
Type: improvement
Change-Id: I456f9b14e6a4eb46c9c49f6e09acccae530e4ebc
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
This reverts commit c7eaa711f3e25580687df0618e9ca80d3dc85e5f.
Reason for revert: The jenkins job named 'vpp-merge-master-ubuntu1804-x86_64' had 2 IPv6 AH tests fail after the change was merged. Those 2 tests also failed the next time that job ran after an unrelated change was merged.
Change-Id: I0e2c3ee895114029066c82624e79807af575b6c0
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
|
|
To catch coding mistakes: calling vlib_get_frame_to_node() from a
worker thread with vm = &vlib_global_main instead of
vm = vlib_mains[worker_thread_index]
Type: improvement
Signed-off-by: Dave Barach <dave@barachs.net>
Change-Id: I5a8f01fdf9f35daeeada2d6eaa7180a60c4ca529
|
|
support
Type: feature
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I6d4a9b187daa725d4b2cbb66e11616802d44d2d3
|
|
Sometimes, vnet_hw_if_rx_queue_set_int_pending is called on rxqs which
are not in interrupt mode. Currently, it segfaults due to a too small
clib_interrupt_t structure. This change prevents that and makes the
framework slightly more robust to driver bugs (that might be subtle
to track in some cases involving concurrency...)
Change-Id: I9643b9b1aa37e6852754b93f10cd2f96ed9e6118
Signed-off-by: Mohammed Hawari <mohammed@hawari.fr>
Type: fix
|
|
Type: improvement
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: Ib3cefe5d27286c4853eb0c0e1803a94787a62c97
|
|
Type: fix
Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
Change-Id: I41faa2ca249ff75e564a732af896e6b5d76bf665
|
|
Type: fix
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I2325d311a6fd7343c7041dc516777f4db0029823
|
|
Allow to supply the external VPP worker config for tests which
do not specify the workers config explicitly, and use
the tags infra to flag those that need attention in this configuration.
This commit shows one example use of such a tag, there will be
a separate commit with the rest of the places needing it,
since that change is rather mechanical.
Thus, the assumption is that the test should by default be agnostic
of the VPP configuration, unless it explicitly specifies so.
Type: test
Change-Id: I3c0077e4e22a75cb9561fb98d3b783b93486b2be
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Type: fix
Currently ping stops on events like SOCKET_READ_EVENT,
which makes it hard to use over e.g. govpp as it aborts
immediately most of the time. With this patch, ping only
stops upon real CLI read / quit events.
Signed-off-by: Ivan Shvedunov <ivan4th@gmail.com>
Change-Id: Id7a8d0b0fdeb7bbc7b85240e398d27bd5199345b
|
|
Type: feature
The added functionality is to support copying TTL and flow label from
inner to outer. The .api was extened to support expressing this and also
adding a common tunnel endpoint type. i find it best to make API changes
in one patch so there are less versions of the API.
Signed-off-by: Neale Ranns <neale@graphiant.com>
Change-Id: I755c1e3f4c475058792af39c1abeda92129efb76
|
|
Fix dependency issues where multi-arch file is using API generated file.
Type: improvement
Change-Id: I5d4af7a630529bc138c35841723e38938f36d963
Signed-off-by: Ole Troan <ot@cisco.com>
|