summaryrefslogtreecommitdiffstats
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2020-06-27vrrp: backup processes priority 255 advertisementMatthew Smith2-1/+381
Type: fix When accept mode is enabled, a backup VR will configure the VR virtual addresses locally and respond to packets sent to those addresses. This did not work when the primary VR is the address owner and sends advertisements using the virtual address as the source address. It also did not work when NAT was configured on the interface with the virtual address as the NAT pool address. In both cases, advertisements from other VRs would arrive and be dropped because they appeared to be spoofed - the source address would be an address that is configured as an interface address on the instance receiving it. When accept mode is enabled for a VR and the VR enters the master state, add an input feature on ip[46]-multicast for the interface which looks for VRRP advertisements, figures out whether they are for a VR which is configured with accept mode and is in the master state and kicks them straight to the VRRP nodes to avoid dropping them. Change-Id: I240ba1ee0b3fd6d693de729698c1181dc71bb08b Signed-off-by: Matthew Smith <mgsmith@netgate.com>
2020-06-27lacp: add unit testSteven Luong1-0/+364
add test_lacp.py to cover basic lacp unit test Type: fix Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: I6f7f3d801956e54106f3c55cedaca186d81dad25
2020-06-27nat: replace speculative buffer enqueue modelKlement Sekera5-2278/+2107
Replace speculative buffer enqueue coding model with vlib_get_buffers(...)/vlib_buffer_enqueue_to_next(...). Type: improvement Change-Id: I7dbfac2234a7bd754c599857eb1d5b601da5bc7c Signed-off-by: Klement Sekera <ksekera@cisco.com>
2020-06-27ikev2: add FEATURE.yamlBenoît Ganne1-0/+17
Type: docs Change-Id: Ie7836543e52bee08d12c565fbb6238d3e82ea3ce Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-06-27flow: add IPSec ESP/AH flowChenmin Sun3-1/+114
This patch adds the IPSec ESP/AH type flow support Have tested on E810 with Intel iAVF driver Type: feature Signed-off-by: Chenmin Sun <chenmin.sun@intel.com> Change-Id: I6ab8e69f67c423cc4e33f3c363881a97cdb98c30
2020-06-27virtio: add tx traceMohsin Kazmi1-2/+60
Type: improvement Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: I0b1a1ce085ceb75fe139092e40878566682a7986
2020-06-27tap: remove the bridge configurations for TUN interfaceMohsin Kazmi1-9/+10
Type: fix Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com> Change-Id: Ifeae641ec0aa7de74e33e582234505bf6e28ca87
2020-06-27ikev2: remove unused fieldFilip Tehlar1-1/+0
Type: improvement Change-Id: I0893d7cd8b8ab9958f585ac564bd0638bc60e78a Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-06-26ip: fix the punt redirect for ip4Mohsin Kazmi1-6/+9
Type: fix Change-Id: I39341f201209931392f315ead5adfddd8b567caf Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2020-06-25misc: add gdb macrosDave Barach1-2/+3
These gdb macros should prove very helpul when poking around in core files. Pifi (pool_is_free_index) is not straighforward. Best to work it out once. Others: bitmap_get = clib_bitmap_get vl = vec_len pe = pool_elts node_name_from_index, as described vnet_buffer_opaque, prints the primary buffer opaque vnet_buffer_opaque2, prints the secondary buffer opaque Fix vppinfra unit-test compile error Type: improvement Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: Id2a2391a47e5a07cf3757f473e3805cc04784161
2020-06-25nat: avoid division by zeroKlement Sekera1-1/+8
Return error instead of dividing by zero. Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I9f6a942e87ab87e8f1921e744ec1add45884e74a
2020-06-24virtio: fix the vlib buffer flagsMohsin Kazmi1-2/+1
Type: fix Change-Id: I92e8e30e4175229e24dd92471016e9095b5cc83e Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2020-06-24nat: deterministic: disallow invalid configKlement Sekera2-5/+20
Prevent overflow if input network prefix is too small and crash on packet #1 due to vector not being allocated/initialized. Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I3494cc62ce889df48cc59cc9340b5dd70338c3a8
2020-06-23udp: jump over ip4 optionsFlorin Coras1-3/+3
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I4f57a776302e11815fcea433ba8cf6724799ff65
2020-06-23vppinfra: fix u32x4_gather definitionDamjan Marion1-1/+1
Type: fix Change-Id: I3df8d3f277bfadee95bfc329e8ce8b929a986af6 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-06-23vlib: debug CLI macro expander, part deuxDave Barach4-16/+51
Deal with circular macro definitions instead of crashing due to stack overflow. Separate macro tables, per CLI session Add documentation to the Sphinx docs Type: improvement Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I55fc9152bd37ad0c15fa3959f38b07b63100e634
2020-06-23nat: fix broken testKlement Sekera1-2/+14
Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I04952865b7e2b447763d0b67d120c3d933177646
2020-06-23ip6-nd: punt neighbor advertisementsAlexander Chernavin1-1/+1
With this change, punt received neighbor advertisements instead of drop in order to give other elements of the system an opportunity to handle them. Type: improvement Change-Id: Ie6cde9eebc83e42029967141cb32ebc459fd3680 Signed-off-by: Alexander Chernavin <achernavin@netgate.com>
2020-06-22nat: set buf error if can't create userKlement Sekera4-27/+9
Type: fix Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I747d78966a7296dcbae54d54b0c165d407c8863d
2020-06-18ikev2: use both local and remote ID for profile lookupFilip Tehlar2-22/+50
Type: fix Ticket: VPP-1890 Change-Id: I9441d5afc38df7dabf6cccaead69dd32646d2a9e Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-06-18tests: add ikev2 test framework with basic test caseFilip Tehlar2-0/+651
Ticket: VPP-1905 Type: test Change-Id: Ie66fbd8e37eb5e69bd61b701ed3449366bee8c84 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-06-19build: add cmake dependency from test plugin to apiTom Seidenberg1-0/+3
Type: fix Signed-off-by: Tom Seidenberg <tseidenb@cisco.com> Change-Id: I00fa22733bd293e56eb6b81346fdf2d75ad9d88f
2020-06-19vlib: add recursive macro expander to debug cliDave Barach6-37/+237
All of the pieces have been sitting around for years. Added several debug CLI commands: "define <variable-name> <value>" "undefine <variable-name>" "show macro [noeval]" "echo <whatever>" Macros may refer to other macros. To defer evaluation: "define foo \$(bar)" or some such. The macro evaluator is not smart about "define foo \$(foo)" or more complicated circular definitions, so don't do that. Environment variables are available, simply use $<name-of-environment-vbl> The macro expander has a table of (overrideable) builtin names, which are evaluated by calling functions. Simple example: echo $USER define ip1 192.168.1.1/24 define ip2 192.168.2.1/24 loop create loop create set int ip address loop0 $ip1 set int ip address loop1 $ip2 show int addr show macro undefine ip1 undefine ip2 Type: feature Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I08a800647bac573d8ae3cfd75c40061d41c5f976
2020-06-19nat: remove unused codeKlement Sekera2-47/+0
Type: refactor Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: Icc55276c8a4c256049718610cb131a34dc8d0a80
2020-06-17docs: add more FEATURE.yaml documentationDave Barach3-0/+39
For src/tools/g2, src/vlibapi, and src/vlibmemory Type: docs Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I800c3e3a1ecb011d5e692d78a015e78342706786
2020-06-17docs: add more FEATURE.yaml documentationDave Barach4-0/+104
This patch documents the DNS plugin, vlib packet tracing, vnet feature arcs, and the vppinfra library. Type: docs Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: Idb16ec0593d428ce78fe8404374a823a56b4b420
2020-06-17nat: print hash table parameters in CLIKlement Sekera1-2/+13
Type: improvement Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: Id6ab7e2ca965e860ea3f96145a888e0f3ccf9778
2020-06-17build: multiple yaml file supportDave Barach1-2/+2
Change the yaml file matching pattern from FEATURE.yaml to FEATURE*.yaml, so we can document multiple features in one directory. Type: improvement Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: Ic62f9fb4c73330c698724244cd8b362364fce5f9
2020-06-17nat: add more trex test scriptsKlement Sekera3-0/+206
Type: improvement Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: Ia824d663c86d6a7c9bafe0206e9a93f93884739d
2020-06-17build: cmake cross-compilation fixesDamjan Marion2-1/+5
Type: fix Change-Id: I40337c208375b74b4dc3c35102c5e66a6e4568e8 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-06-17ip-neighbor: fix MLD hash key using stack pointerBenoît Ganne1-2/+2
Use pointed value (ipv6 address) as hash key instead of pointer value (pointer to ipv6 address on the stack). Type: fix Change-Id: I74a8b6d4bb552b5b344bcb50c8e830700c4ce739 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-06-16misc: fix sonarclound warningsDave Barach3-2/+11
Type: fix Ticket: VPP-1888 Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I9c2fb926a5e010658088a74051c8c3462ff61734
2020-06-16vlib: address sanitizer support for stack switch, enable clangDamjan Marion7-12/+83
Type: improvement Change-Id: I81df4b61d1f0b8c1df77c1ee9bebcb491e155b69 Signed-off-by: Damjan Marion <damarion@cisco.com>
2020-06-16build: fix address sanitizer default argsBenoît Ganne1-1/+1
Type: fix Fixes: ec3a3f16e4cd3b33e2a409fb01b8d8826e05f9fa Change-Id: Iea3acd93a96b4bfc9f335e37ec04c00e8fa5ff27 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-06-16interface: add minimal vpp pkt trace for error-dropDave Barach2-8/+125
Provide a minimal trace [ip4/ip6 src/dst address] for dropped pkts when the user specifies "trace add error-drop XXXX", but does not trace pkts from the original input node. This is a wireshark dissector problem. Packets thrown at error-drop may be well-formed, or not. VPP must not crash, no matter what. The minimal trace capture and decode could be enhanced. Anyone interested in doing that must consider all of the corner-cases involved. This version should be at least somewhat useful. Note that "pcap trace drop ..." - and the packet generator - seem like the right tools to use when researching more complex issues. Type: improvement Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I961ca133980ffa2a1e5707879a443b21442ed894
2020-06-16nat: improve outside port selection & perfKlement Sekera4-87/+110
Prefer using source port form packet as outside port if possible. Type: improvement Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I5c25f6a42386f38c9a6cc95bd7dda9f090b49817
2020-06-16gtpu: support separate rx-decap and encap-tx teid valuesJohn Lo6-76/+232
Support separate local and remote TEIDs, with local (or RX) one used for GTPU tunnel RX/decap and remote (or TX) one used encap/TX. Updated current gtpu API to support seperate RX/TX TEIDs and added new gtpu_tunnel_update_tteid API to allow changing TX-TEID of an existing GTPU tunnel. The current tunnel field "teid" is used for RX-TEID and a new field "tteid" is used for TX-TEID. Type: improvement Signed-off-by: John Lo <loj@cisco.com> Change-Id: I549d79750a34bb965036da298c0ca894d15c2c20
2020-06-16virtio: add vhost sw_if_index filter for sw_interface_vhost_user_dumpSteven Luong4-6/+23
The filter sw_if_index was in the API sw_interface_vhost_user_dump. But it was never implemented in the backend. This patch is to add the backend, vat, and custom dump support for the filter. Type: feature Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: Iaa41a7e11bfbcbb4c60092375e4b0dcf0950077b
2020-06-16gso: fix the udp checksum in testMohsin Kazmi2-13/+8
Type: fix Change-Id: I7005e4763e73f3679c40f94bdab26d439cd23188 Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2020-06-15api: check id is valid for bounce checkingBenoît Ganne1-1/+1
If the id is invalid we cannot check whether we must free the message or not, free it anyway. Type: fix Change-Id: Ie4426f601390d1e5e14c739f670e8c1e6e3aaf1e Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-06-15vcl: move helper functions out of header fileFlorin Coras4-101/+105
Type: improvement Signed-off-by: Florin Coras <fcoras@cisco.com> Change-Id: I3889fd80b145cf80f76f6054d63247e76bdf20ff
2020-06-15vxlan: remove judgement with always trueZhiyong Yang1-27/+15
if ((A | B) == false) it means both A and B are false, so for the following code if (PREDICT_FALSE (!good_udp1)) { if ((flags1 & VNET_BUFFER_F_L4_CHECKSUM_COMPUTED) == 0) { ... } } if ((flags1 & VNET_BUFFER_F_L4_CHECKSUM_COMPUTED) == 0) is always true if the code run it. Remove it. Type: improvement Signed-off-by: Zhiyong Yang <zhiyong.yang@intel.com> Change-Id: I6bd1e9340c7a00089fc1c9ae49773add832d309e
2020-06-15buffers: fix non-default sized buffers initializationBenoît Ganne1-5/+21
Type: fix Change-Id: I4a93e1d9936414c514cb237a22624986b3ef5b3d Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-06-15dpdk: cryptodev: fix non-null terminated stringsBenoît Ganne1-4/+4
Type: fix Change-Id: Ib6f423e24f1a8d8439cd7e8893e4605e10984d48 Signed-off-by: Benoît Ganne <bganne@cisco.com>
2020-06-15ikev2: announce both 'ESN' and 'No ESN'Filip Tehlar1-1/+0
Type: fix Change-Id: If73b88b9478b9314df6d9163c3a13724d4253c80 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-06-12vlib: node recyling and node deletion missing triggering graph node syncSteven Luong1-27/+1
When recycling a graph node vnet_register_interface, it is missing an explicit call to vlib_worker_thread_node_runtime_update(). However, there is an implicit call to vlib_worker_thread_node_runtime_update() via vnet_sw_interface_set_flags_helper() if it enables a new feature on the interface for the first time. But that implicit call is not guaranteed. For example, if an interface is created, deleted, and created, then it may skip the implicit call to vlib_worker_thread_node_runtime_update(). When that happens, the graph nodes on thread 0 are not sync'ed to the worker threads. So the worker thread's graph nodes are out of sync momentarily with the main thread's graph nodes until some other event happens which calls for a sync is needed. During this window, the worker thread's graph node is vulnerable and may experience a crash. When deleting a graph node, we never trigger a sync to the worker thread. A patch was committed 3 years ago via https://gerrit.fd.io/r/c/vpp/+/7523 to fix a show run crash. In hindsight, the approach taken by 7523 is not orthogonal. While at it, let's fix it right for both issues with a call to vlib_worker_thread_node_runtime_update() in the appropriate place and remove 7523. Type: fix Ticket: VPPSUPP-86 Fixes: gerrit 7523 / 19e9d954bd9eb4f04d48640d6540198e84ef65d7 Signed-off-by: Steven Luong <sluong@cisco.com> Change-Id: Ic9472bd2d3a212dbfeceb526506ed0400983a142
2020-06-12virtio: interface type based improvementsMohsin Kazmi3-75/+142
Type: improvement Change-Id: I220ea6ab609e3c1628f5210be441d0d5e825a32c Signed-off-by: Mohsin Kazmi <sykazmi@cisco.com>
2020-06-12ip: allocate ip4 mtrie pages in htlb memoryDave Barach3-2/+48
No change in default behavior. To use htlb pages for the ip4 mtrie, use the "ip" command-line option "mtrie-hugetlb". Type: improvement Signed-off-by: Dave Barach <dave@barachs.net> Change-Id: I5497e426a47200edff2c7e15563ed6a42af12e7f
2020-06-11ikev2: don't add DH group in ESP transform proposalsFilip Tehlar2-10/+10
Type: fix Anouncing DH group in esp transform proposals will enable PFS which is not suppored now. This fixes issue during rekey when using strongswan as responder. Change-Id: Ib9f586113ae0ab9dc67e6ceadff43f8aac463820 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2020-06-11nat: properly scale out2in-ed hash on initKlement Sekera1-1/+3
Type: fix Fixes: a1018c166a468f7692ab621c743503914266f508 Signed-off-by: Klement Sekera <ksekera@cisco.com> Change-Id: I86592f73a60fd146d3764e474f975881e940c244