summaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2018-05-16dpdk: fix rte_eth_dev_set_mtu callsites to use same mtu valueRui Cai1-1/+1
During dpdk_lib_init, it calculates MRU and MTU and later calls rte_eth_dev_set_mtu with calculated MTU value. However, dpdk_device_setup calls rte_eth_dev_set_mtu with hi->max_packet_bytes, which is set to be MRU value in dpdk_lib_init earlier. Most of the time, MRU != MTU in dpdk_lib_init and it looks like hi->max_packet_bytes is treated as MTU in other parts of vpp codebase. Therefore, dpdk_lib_init should be consistent and use MTU instead of MRU for hi->max_packet_bytes. Change-Id: I23ff2a6cd45d6bc819b6f64d5f0fc0490b8a44de Signed-off-by: Rui Cai <rucai@microsoft.com>
2018-05-16Drop IPsec packets when interface is downMatthew Smith1-10/+32
Packets arriving on an IPsec tunnel interface are decrypted and forwarded even if the interface is down. Check interface flags. If the interface is down, cause packet to be dropped and increment the counters for drops. Change-Id: I94456bda3bd8eade0f3f522ad7cc341251174e6e Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2018-05-16Fix broken compilation for non-numa aware platformsSachin Saxena2-0/+4
- The dpdk plugin always looks for libnuma library during compilation. For non-numa aware platforms compilation breaks, if third party libnuma lib is not available. - Issue is more severe with Cross Compilation scenario where one has to download and cross compile libnuma-dev package even when target platofrom is NUMA disabled. Like when cross compiling for ARM platforms, Linaro tool-chain doesn't have libnuma by default. Change-Id: Ib85b3188b787c23ba33b47e3f6123c74fd37190e Signed-off-by: Sachin Saxena <sachin.saxena@nxp.com>
2018-05-16echo client: used fixed pool for preallocated sessionsFlorin Coras2-14/+9
Change-Id: I9e2cf74ebe3e8750fa8d03930d2d72f4cae453c2 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-05-15Update ipfix documentationDave Barach1-195/+180
Change-Id: Ie942efab86d24a953fe34754e3d50df54b560dc0 Signed-off-by: Dave Barach <dave@barachs.net>
2018-05-15No overlapping sub-nets on any interface in the same table/VRF (VPP-943)Neale Ranns2-25/+82
DBGvpp# set int ip addr loop0 10.10.10.10/24 DBGvpp# set int ip addr loop0 10.10.10.11/24 set interface ip address: failed to add 10.10.10.11/24 which conflicts with 10.10.10.10/24 for interface loop0 Change-Id: Iba63ffafbd36b6146ce86adb78139da9d55b40ba Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-05-14proxy: fix active open connection cleanupFlorin Coras1-2/+2
Thanks to DucTM for spotting the issue. Change-Id: I7985560f224c99cf0fdeea0c8457a3ac6f10b03c Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-05-14Rework CP and DP communication in IPv6 RD (VPP-1256)Juraj Sloboda4-359/+163
Replace binary API communication between CP and DP with direct communication using function calls and callbacks. Change-Id: Ib54f09062217c028e5ee0e96ae2449cf7e9224e3 Signed-off-by: Juraj Sloboda <jsloboda@cisco.com>
2018-05-14NAT44: delete closed TCP session (VPP-1274)Matus Fabian3-22/+68
Change-Id: Id25b447bddccb7b321123e4abc4134e7261a0807 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-05-13Improve ipfix template packet rewrite constructionDave Barach9-28/+180
Instead of repeatedly cutting, pasting, and hacking to create a new callback, use vnet_flow_rewrite_generic_callback(). Add three arguments to the flow rewrite callback: (in) pointer to an array of report elements, (in) length of array, (out) pointer to the stream index Change existing code prototypes. Code owners encouraged to evaluate whether they can use the generic callback or not, at leisure. /* ipfix field definitions for a particular report */ typedef struct { u32 info_element; u32 size; } ipfix_report_element_t; Best generated like so: _(sourceIPv4Address, 4) \ _(destinationIPv4Address, 4) \ _(sourceTransportPort, 2) \ _(destinationTransportPort, 2) \ _(protocolIdentifier, 1) \ _(flowStartMicroseconds, 8) \ _(flowEndMicroseconds, 8) static ipfix_report_element_t simple_report_elements[] = { foreach_simple_report_ipfix_element }; ... /* Set up the ipfix report */ memset (&a, 0, sizeof (a)); a.is_add = 1 /* to enable the report */ ; a.domain_id = 1 /* pick a domain ID */ ; a.src_port = UDP_DST_PORT_ipfix /* src port for reports */ ; a.rewrite_callback = vnet_flow_rewrite_generic_callback; a.report_elements = simple_report_elements; a.n_report_elements = ARRAY_LEN (simple_report_elements); a.stream_indexp = &jim->stream_index; a.flow_data_callback = simple_flow_data_callback; /* Create the report */ rv = vnet_flow_report_add_del (frm, &a, &template_id); if (rv) return rv; ... Change-Id: If6131e6821d3a37a29269c0d58040cdf18ff05e4 Signed-off-by: Dave Barach <dave@barachs.net>
2018-05-13session: improve app verbose format functionFlorin Coras1-5/+6
Change-Id: Idae4ecb60351f2e74bad2f2a33c073de8412fcb0 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-05-13session: alloc one frame per output node dispatchFlorin Coras5-54/+94
Change-Id: I1f7877af61f3726cfb7b93ce7893f6df23e866a6 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-05-12dpdk: Add constants for failsafe PMDRui Cai2-2/+13
Adding name, enum constants and formatting code for failsafe PMD. This is part of initial effort to enable vpp running over dpdk on failsafe PMD in Microsoft Azure(2/4). Change-Id: I4eb0093db9f666e2635f7ddff451e3c9064bd0c4 Signed-off-by: Rui Cai <rucai@microsoft.com>
2018-05-11dpdk: fix Unknown interface with Mellanox NICSteve Shin1-1/+1
When port_type_from_speed_capa() is called before the port link update isn't completed, xd->port_type becomes VNET_DPDK_PORT_TYPE_UNKNOWN. This happens with Mellanox NIC without lsc interrupt. Calling rte_eth_link_get before getting dev_info will ensure the link state is up-to-date. Change-Id: I83a59654778eb4bf0c65a4a4e225a326227b9641 Signed-off-by: Steve Shin <jonshin@cisco.com>
2018-05-11Periodic scan and probe of IP neighbors to maintain neighbor poolsJohn Lo14-14/+651
Scan IPv4 and IPv6 neigbor pool entries once a minute to keep them up to date. The neighbor of an entry is probed if its time-stamp is older than 1 minute. If the neighbor respond, its time-stamp will be updated. If there is no response from a neighbor, its entry will be deleted when the time-stamp of the entry become more than 4 minutes old. Static neighbor entries are not probed nor deleted. Implemented CLI and API to enable and disable priodic scan of IPv4, IPv6 or both types of IP neighbors. CLI is "ip scan-neighbor" and API is "ip_scan_neighbor_enable_disable". Other IP neighbor scan parameters can also be changed from their defaults via the CLI/API. Change-Id: Id1a0a934ace15d03db845aa698bcbb9cdabebfcd Signed-off-by: John Lo <loj@cisco.com>
2018-05-11VPP-1275 Fix memory leaks in IPsec CLIKlement Sekera2-55/+84
Change-Id: I1f7c634328f25b33580a215af2daeb498cd3b181 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2018-05-11Add ipfix exporter coding guideDave Barach1-0/+375
Change-Id: Iaa28f96d613d6fb75bd29958d757de206448eb22 Signed-off-by: Dave Barach <dave@barachs.net>
2018-05-11Fix issue with xconnect not working on the main interfaceDamjan Marion1-9/+6
Due to union, l2 sub-interface bits were wrongly set causing sporadic misconfiguration of l2 mode on some interfaces. Change-Id: Id77ee281e3a0030878641a786c22ffe16ce1c759 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-05-10Remove the historical memfd api segment bootstrapDave Barach3-252/+58
Clean up default and vpp_api_test custom private api segment allocator ring configurations. Change-Id: I145b6d64ba0a6315b5ccb07909c8256eeb772146 Signed-off-by: Dave Barach <dave@barachs.net>
2018-05-10vppinfra: use count_trailing_zeros in sparse_vec_indexDamjan Marion8-84/+46
It is much cheaper to use ctzll than to do shift,subtract and mask in likely case when we are looking for 1st set bit in the uword. Change-Id: I31954081571978878c7098bafad0c85a91755fa2 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-05-10NAT44: sessions counters per user fix (VPP-1270)Matus Fabian1-6/+6
Change-Id: I6306b81e0e1c3e1c591f929a76bb265c1c1d0859 Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-05-10vnet: device flow offload infraDamjan Marion18-0/+1335
Change-Id: Ibea4a96bdec5e368301a03d8b11a0712fa0265e0 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-05-10session: fix proxy app multithreadingFlorin Coras1-15/+50
Change-Id: Ic5304749935f69018eb00183bb4670bb9f16273c Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-05-10Change the way IP header pointer is calculated in esp_decrypt nodesSzymon Sliwa3-4/+18
The pointer to IP header was derived from l3_hdr_offset, which would be ok, if l3_hdr_offset was valid. But it does not have to be, so it was a bad solution. Now the previous nodes mark whether it is a IPv6 or IPv4 packet tyle, and in esp_decrypt we count get ip header pointer by substracting the size of the ip header from the pointer to esp header (which lies in front of the ip header). Change-Id: I6d425b90931053711e8ce9126811b77ae6002a16 Signed-off-by: Szymon Sliwa <szs@semihalf.com>
2018-05-10DHCP4 client process replies when renewing leaseMatthew Smith1-16/+24
When a DHCP client is in the bound state, it wakes up halfway through it's lease (by default) to try and renew the lease. The ip4-dhcp-client-detect is not enabled as a feature at this point, so replies sent from the DHCP server do not get applied to the lease. Eventually the lease expires, the address is removed from the interface, a new discovery is performed and the same address is added back to the interface. Before sending a request to renew in the bound state, enable the feature to process the reply. Change-Id: I95332ee0596f47df6f3c8bf8e3f0698dde9a1fc5 Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2018-05-10vppinfra: use popcnt instruction when availableDamjan Marion1-0/+8
Change-Id: Id02d613b8613a2d448840fe2d6a5e3b168a3c563 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-05-10tcp: fix jumbo retransmitsFlorin Coras1-42/+42
Change-Id: I1c8a14d4d51aa730f0edcf491e3c4725e2d8bd66 Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-05-10dpdk:fix tx countEyal Bari1-1/+2
Change-Id: I921465ea64b59d42674cc8f19069ed04e3b25026 Signed-off-by: Eyal Bari <ebari@cisco.com>
2018-05-09dpdk: fix free of tx dropped packetsFlorin Coras1-1/+1
Change-Id: I3669068f694614f8555b33bf0b703c41e45363ef Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-05-09ipsec: support UDP encap/decap for NAT traversalKlement Sekera9-33/+90
Change-Id: I65c12617ad49e4d5ef242e53988782f0cefa5684 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2018-05-09session: cleanup session tx functionFlorin Coras9-376/+532
- rework the function to declutter and avoid building more than one tx frame - add dual loop although benefits in my tests seem to be minimal - improve tcp/udp echo external apps. They have slightly better throughput than internal echo apps. - udp bugfixes Change-Id: Iea4a245b1b1bb407a7f403dedcce2664a49f774b Signed-off-by: Florin Coras <fcoras@cisco.com>
2018-05-09dpdk: tx code reworkDamjan Marion4-261/+170
Change-Id: Ifea9c772e8784642433b92091f5769eb9ec06890 Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-05-09dpdk:fix mbuf index typo'sEyal Bari1-4/+4
Change-Id: I387b22427b3f322969bcf32fcfc189123c8ed6ae Signed-off-by: Eyal Bari <ebari@cisco.com>
2018-05-08NAT44: TCP connection close detection (VPP-1266)Matus Fabian7-13/+131
Change-Id: Iba1cc1179ee80478e29888790a6476571d1904dc Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-05-07dpdk: improve perf of buffer indices calc in the input nodeDamjan Marion1-34/+53
Change-Id: I16557189aa4a763ec496cb4a45f6e12f2d46971f Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-05-07fix: AttributeError: module 'os' has no attribute 'cwd'Andrey "Zed" Zaikin1-1/+1
Change-Id: I1c49a12ef7fa7bd0046f1a420b01c1654b6d21ec Signed-off-by: Andrey "Zed" Zaikin <zed.0xff@gmail.com>
2018-05-07BFD: Fix format_ip46_address() parameter ordering.Jon Loeliger1-1/+1
Change-Id: I2b50e3fc06b4e905395d4706083f12ebc76826ce Signed-off-by: Jon Loeliger <jdl@netgate.com>
2018-05-07vxlan:vxlan.c conform coding styleEyal Bari1-354/+374
Change-Id: I9937912cd760698e39044e8ae022a90b58c8db30 Signed-off-by: Eyal Bari <ebari@cisco.com>
2018-05-05autodetect alignment during _vec_resizeDamjan Marion5-8/+12
Change-Id: I2896dbde78b5d58dc706756f4c76632c303557ae Signed-off-by: Damjan Marion <damarion@cisco.com>
2018-05-04ipsec: allow null/null for crypto/integ algorithms pairRadu Nicolau4-7/+8
Change-Id: Ic1e189c22e3d344d165e0eab05ccb667eef088a9 Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
2018-05-04Flow: Rename IPFIX exporter.Ole Troan16-25/+25
Change-Id: I9363cf54b73f7cfd8622af6f1cb250438ea0d3b6 Signed-off-by: Ole Troan <ot@cisco.com>
2018-05-04Harmonize vec/pool_get_aligned object sizes and alignment requestsDave Barach49-15/+185
Object sizes must evenly divide alignment requests, or vice versa. Otherwise, only the first object will be aligned as requested. Three choices: add CLIB_CACHE_LINE_ALIGN_MARK(align_me) at the end of structures, manually pad to an even divisor or multiple of the alignment request, or use plain vectors/pools. static assert for enforcement. Change-Id: I41aa6ff1a58267301d32aaf4b9cd24678ac1c147 Signed-off-by: Dave Barach <dbarach@cisco.com>
2018-05-04arm64: Avoid setting march to corei7 when Cross Compiling for ARMSachin Saxena1-3/+3
When Cross-compiling VPP for arm64 target and build machine is x86_64, based on build_cpu value, the march variable is set to corei7 which is an unrecoganized option for ARM tool chain. This breaks the VPP compilation. Change-Id: I4cba5b4990e7cf0bdc1403e90c3d18110900bbef Signed-off-by: Sachin Saxena <sachin.saxena@nxp.com>
2018-05-04Address compilation issues with Java > 1.8Marco Varlese1-8/+3
This patch addresses the changes in the JDK to build headers (javah no longer available) Change-Id: I3e94b1cf97c8c474535c26b75ea08379338fe0af Signed-off-by: Marco Varlese <marco.varlese@suse.com>
2018-05-04Fix format for the dst address in the STN traceMilan Lenco1-2/+2
Output string 's' was not assigned the return value of format() for the destination address, which, in case the underlying memory was moved by the realloc, resulted in an invalid memory access by the subsequent invocations of format(). Change-Id: I2b5dfd85db085c553ca5ec0b3257aeeb437c360a Signed-off-by: Milan Lenco <milan.lenco@pantheon.tech>
2018-05-04VAPI: support VLAs in type definitionsKlement Sekera3-59/+57
Change-Id: I8d54415972d6644190857175b0e895c5319ce7b6 Signed-off-by: Klement Sekera <ksekera@cisco.com>
2018-05-03NAT: fix bin API dump of static mappings.Milan Lenco1-2/+5
Static mappings with equal local and external IPs but different ports were dumped as identity mappings. Change-Id: Ifea7cef5b78aea4c2eb31cf1620185eeef2681e5 Signed-off-by: Milan Lenco <milan.lenco@pantheon.tech>
2018-05-03MPLS prefetch fixesNeale Ranns2-15/+15
Change-Id: I565d79af410825c72f291ab40178883b1bc6f1df Signed-off-by: Neale Ranns <nranns@cisco.com>
2018-05-03NAT44: fix VAT nat44_user_session_detailsMatus Fabian1-4/+5
Change-Id: If379247f0574fbfcca39e752684bf6c81b95187b Signed-off-by: Matus Fabian <matfabia@cisco.com>
2018-05-03NAT44 segv on unknown proto on inside interfaceMatthew Smith1-22/+25
When a packet with an unknown proto arrives on an inside interface and there are no existing sessions for the source address, a segv occurs. snat_in2out_unknown_proto() finds the head of the sessions dlist, fetches the address of the next element using head->next, and then dereferences the next element. On the first packet received from a source address, head->next is ~0, so this results in a segv. Check that the session list is not empty before trying to traverse it. Also removed unnecessary lookup against tsm->user_hash. Prior call to nat_user_get_or_create() already performed that lookup and added a user if one didn't exist. Change-Id: If73e79aa2f8e3962ab7b876ecf55aea40d7a5472 Signed-off-by: Matthew Smith <mgsmith@netgate.com>