Age | Commit message (Collapse) | Author | Files | Lines |
|
This patch reworks the DPDK ipsec implementation including the cryptodev
management as well as replacing new cli commands for better usability.
For the data path:
- The dpdk-esp-encrypt-post node is not necessary anymore.
- IPv4 packets in the decrypt path are sent to ip4-input-no-checksum instead
of ip4-input.
The DPDK cryptodev cli commands are replaced by the following new commands:
- show dpdk crypto devices
- show dpdk crypto placement [verbose]
- set dpdk crypto placement (<device> <thread> | auto)
- clear dpdk crypto placement <device> [<thread>]
- show dpdk crypto pools
Change-Id: I47324517ede82d3e6e0e9f9c71c1a3433714b27b
Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
|
|
Add a primary svm_region_t pointer to the api_main_t so we can always
find the primary region, even when processing an API message from a
memfd segment.
Change-Id: I07fffe2ac1088ce44de10a34bc771ddc93af967d
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
A distributed virtual router works by attmpeting to switch a packet, but on failing to find a local consumer (i.e. the packet is destined to a locally attached host) then the packet is sent unmodified 'upstream' to where the rest of the 'distributed' router is present. When L3 switching a packet this means the L2 header must not be modifed. This patch adds a 'l2-bridge' object to the L3 FIB which re-injects packets from the L3 path back into the L2 path - use with extreme caution.
Change-Id: I069724eb45956647d7980cbe40a80a788ee6ee82
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
- always use 'va_args' as pointer in all format_* functions
- u32 for all 'indent' params as it's declaration was inconsistent
Change-Id: Ic5799309a6b104c9b50fec309cba789c8da99e79
Signed-off-by: Christophe Fontaine <christophe.fontaine@enea.com>
|
|
Change-Id: I7b175d57b85e626aab00221b6dac0498aebcbeae
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
This allows us to have single contignuous allocation for DPDK buffers
with single mmap FD, so buffer memory can be easily shared with diffrent
process.
As a consequence dpdk socket-mem is no longer in charge for allocating
buffer memory, but still we need some space allocated for dpdk
structures so default socket-mem is reduced form 256 to 64 MB.
For a default of 16K buffers per numa node, physmem allocation is now
40MB, so basically this change reduces footprint from 256MB per socket
to 48 (64 + 40).
Change-Id: Ic8cfe83930a18411545b37a12b14aac89affd04f
Signed-off-by: Damjan Marion <damarion@cisco.com>
Signed-off-by: Sergio Gonzalez Monroy <sergio.gonzalez.monroy@intel.com>
Signed-off-by: Damjan Marion <damarion@cisco.com>
|
|
Change-Id: I58772a83e22885a9ea8a7a981d2bcb4b31a050d2
Signed-off-by: Neale Ranns <nranns@cisco.com>
|
|
Crash was seen on recent image with this BT on top of the stack
(gdb) bt full
(mif=0x7fffb6226568) at
/vpp/build-data/../src/plugins/memif/memif.c:297
ring = 0x0 <<<<<<<<<<
i = 0
j = 0
buffer_offset = 65792
r = 0x7fffb5e59f80
alloc = {flags = 1, name = 0x7fffb449f965 "memif region",
size = 4260096, numa_node = 0, addr = 0x7fff41dac000,
fd = 11,
log2_page_size = 12, n_pages = 1041}
err = 0x0
__FUNCTION__ = "memif_init_regions_and_queues"
The crash happened at this line.
ring = memif_get_ring (mif, MEMIF_RING_S2M, i);
ring=>head = ring->tail = 0; <=====
Please note that the crash is caused by dereferencing NULL rinng.
Put breakpoint into the function. I notice that
mif->regions[0].shm is not initialized.
(gdb) p mif->regions[0].shm
$8 = (void *) 0x0
It looks like we forgot to set shm after clib_mem_vm_ext_alloc().
Add the missing cide and the crash is fixed.
Change-Id: Ib722a6c241c77acfa8e33962106b57faa50e1ea7
Signed-off-by: Steven <sluong@cisco.com>
|
|
1. Add VNET headers support for checksumming - required
to operate correctly on any recent Linux
2. Bypass QDISC on transmit - improves performance by ~ 5%.
Enabled only if the macro is detected - apparently not
present on archaic distributions.
This still does not solve all issues with TSO - it can be
fixed only by going to tpacket v3 and dynamic rx ring as
well as significant changes in the TX (sendmmsg?).
Change-Id: Iea14ade12586c0a8da49e6dd1012108a08bc85b3
Signed-off-by: Anton Ivanov <anton.ivanov@cambridgegreys.com>
|
|
Add an API request message type to dump IPsec SAs. Either
all IPsec SAs can be dumped or it can be limited to a single
SA ID (numeric ID set at creation time - not an index).
Add a handler for incoming messages with the new request type.
Add an API response message type containing the data
for an IPsec SA.
Add VAT support for new message type.
Change-Id: Id7828d000efc637dee7f988a87d3f707a8b466b7
Signed-off-by: Matthew Smith <mgsmith@netgate.com>
|
|
Makes sure vlib_rp and shmem_hdr are initialized for internal
registrations. They are needed for keepalive msg exchanges.
Change-Id: I805dec2d2aa84b1efdc1fdd692fc1d94389b776e
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change L2 learning path so it update stale timestamp in MAC entry
only if aging is enabled on the BD for the MAC entry.
Change-Id: I7babe986ceef3c030d8ef9185076c42b405f7b0f
Signed-off-by: John Lo <loj@cisco.com>
|
|
- add separate TIME_WAIT time constant
- fix output node for TIME_WAIT acks
- ensure snd_nxt is snd_una_max after retransmitting fin
- debugging improvements
Change-Id: Ic947153346979853f2526824b229126e47aead86
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: I47f9d12d934378f18c6f841b902af2a64ee7b187
Signed-off-by: Matej Perina <mperina@cisco.com>
|
|
- Teach vpp_api_test to send/receive API messages over sockets
- Add memfd-based shared memory
- Add api messages to create memfd-based shared memory segments
- vpp_api_test supports both socket and shared memory segment connections
- vpp_api_test pivot from socket to shared memory API messaging
- add socket client support to libvlibclient.so
- dead client reaper sends ping messages, container-friendly
- dead client reaper falls back to kill (<pid>, 0) live checking
if e.g. a python app goes silent for tens of seconds
- handle ping messages in python client support code
- teach show api ring about pairwise shared-memory segments
- fix ip probing of already resolved destinations (VPP-998)
We'll need this work to implement proper host-stack client isolation
Change-Id: Ic23b65f75c854d0393d9a2e9d6b122a9551be769
Signed-off-by: Dave Barach <dave@barachs.net>
Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Identify and complain when the same IP prefix is assigned
to two different SW interfaces:
vpp# set int ip address TenGigabitEthernet6/0/0 1.2.3.4/32
vpp# set int ip address TenGigabitEthernet6/0/1 1.2.3.4/32
set interface ip address: Prefix 1.2.3.4/32 already found on
interface TenGigabitEthernet6/0/0
Change-Id: I1aee1b6a7ddd00d3109a53d8e1b6ce97bf45e372
Signed-off-by: Jon Loeliger <jdl@netgate.com>
|
|
fixes an issue where events were not sent if BD doesn't enable mac aging
Change-Id: Iddc53cb5c45e560633e6c5cff2731dccfc70ad5b
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
When making a call to vlib_packet_template_get_packet(), it
is possible to get back a NULL if the system runs out of buffer.
This can happen when there is buffer leaks. But don't crash
just because we run out of buffers, just punt.
Change-Id: Ie90ea41f3dda6e583d48959cbd18ff124158d7f8
Signed-off-by: Steven <sluong@cisco.com>
|
|
Change-Id: Ia58664438c9dc949884a794bd123555a13a02e6c
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Change-Id: I99c2c1d0d5b96f33efdb58dd3a2897a752e65349
Signed-off-by: Klement Sekera <ksekera@cisco.com>
|
|
Change-Id: Ic9bc303b65c95a0e06f90c75b067056b0b11e654
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
- We now have several developer-focused docs, so create an index page
for them.
- Rework several docs to fit into the index structure.
- Experiment with code highlighting; tweak the CSS slightly to make
it slightly nicer to look at.
Change-Id: I4185a18f84fa0764745ca7a3148276064a3155c6
Signed-off-by: Chris Luke <chrisy@flirble.org>
|
|
It was observed that under heavy traffic, VPP accidentally sent traffic
with the wrong source and destination to the tun/tap interface. Traffic
appears to be sent to the wrong direction. This problem is only
seen when worker thread is configured.
When worker thread is used, TX and RX may reside in different
core. Yet both TX and RX threads are sharing the same global variable,
namely iovecs without any mutex or memory barrier protection.
This creates a race condition when heavy traffic is blasted to VPP,
like 1000 pps.
We could create a mutex or memory barrier to ensure atomic memory access.
But why bother? It is a lot cheaper to just decouple the iovecs such
that TX and RX have their own iovecs.
Change-Id: I86a5a19bd8de54d54f32e1f0845bae6a81bbf686
Signed-off-by: Steven <sluong@cisco.com>
|
|
Change-Id: I5ca5763f0dc0a73cc6f014b855426b7ac180f356
Signed-off-by: Matej Perina <mperina@cisco.com>
|
|
Change-Id: Ib675164c475edcdbe3013df7b847adf5e050c53f
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
On host interface if a VLAN tagged packet is received, linux kernel removes
the VLAN header from packet byte stream and adds metadata in tpacket2_hdr.
This patch explicitely checks for the presense of VLAN metadata and adds it
in VPP packet.
Change-Id: I0ba35c1e98dbc008ce18d032f22f2717d610c1aa
Signed-off-by: Akshaya N <akshaya@rtbrick.com>
|
|
UIO binding is not required for Mellanox NIC and calling vlib_pci_bind_to_uio()
should be skipped.
Change-Id: I10ea457bc3c8d4be8117dec51d5bd940ee416a44
Signed-off-by: Steve Shin <jonshin@cisco.com>
|
|
174267: Revisit this string termination issue
174816: Add check for NULL when trace is enabled
177211: Add notation that mutex is not required here
177117: Added check for log2_page_size == 0 and returns an error if so
163697,163698: Added missing sw_if_index validation
Change-Id: I5a76fcf6505c785bfb3269e353360031c6a0fd0f
Signed-off-by: Chris Luke <chrisy@flirble.org>
|
|
The replacement of [] with pool_elt_at_index and subsequent fixing it
was incorrect - it was equivalent to &[], since it returns a pointer to
the element. I've added VPP-993 previously to create a testcase,
so this commit partially fulfills that one as well.
Change-Id: I5b15e3ce48316f0429232aacf885e8f7c63d9522
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Change-Id: I2cf4c4850b9c3c093a7dce0cec89b9f710f69393
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Update ping code to use the new function
Change-Id: Ieb753b23f8402cbe5667c22747896784c8ece937
Signed-off-by: Florin Coras <fcoras@cisco.com>
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: I3873d3e411bf93cac82e73a0b8e3b22563aaf217
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: I7d8f807fb502d61688aa1dee25fa4edcbeb32f41
Signed-off-by: Aequitas <wang.junqi@zte.com.cn>
|
|
Change-Id: I365c31607332a944ef498369881332b515894ed7
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
vector elements
bb7f0f644 aimed to fix the coverity issue has incorrectly replaced the previous [] access
with pool_elt_at_index(), for an element of a vector, with predictably interesting result.
VPP-991 has uncovered the issue.
Change-Id: Ifd3fb70332d3fdd1c4ff8570372f394913f7b6c8
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
Change-Id: Idad65cbb3765500a66f1097126076a2c5fdb4f1b
Signed-off-by: Jerome Tollet <jtollet@cisco.com>
|
|
For bonded interface in Active/Backup mode (mode 1), we need to
send a GARP/NA packet, if IP address is present, on slave link
state change to up or down to help with route convergence. The
callback from DPDK happens in a separate thread so we need to make
sure RPC call is used to signal the send_garp_na process in the
main thread. Also need to fix DPDK polling so the slave links are
not polled.
Change-Id: If5fd8ea2d28c54dd28726ac403ad366386ce9651
Signed-off-by: John Lo <loj@cisco.com>
|
|
Change-Id: Id1a5da12b13d87bacfa81094f471b95db40c39be
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: I7f18f8c4ba609d96950dc1f833feb967d4a099b7
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
In this specific corner-case setup, ioctl (0, TIOCGWINSZ) returns
window height = 0 and width = 0. Rather than declaring the terminal to
be non-interactive, set the window size parameters to 80 x 24.
Change-Id: If66f5f0883f1940518ec1c6e26228c9bb6f32852
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
When changing the admin state of a vhost-user interface, do not put it
in link-up mode if the interface is not actually ready.
Change-Id: Idbc631a7126efa79d199909f9e7656d21bd412ca
Signed-off-by: Yoann Desmouceaux <ydesmouc@cisco.com>
|
|
It was useful for debugging once upon a time...
but time to say goodbye to it...
Also remove the warning printed when sending ACL details.
Change-Id: I43b2537e176556831eb7ff34b25c9068aa05ee27
Signed-off-by: Andrew Yourtchenko <ayourtch@gmail.com>
|
|
wildcard ND events publisher was sending the last event mutiple times
Change-Id: I6c30f2de03fa825e79df9005a3cfaaf68ff7ea2f
Signed-off-by: Eyal Bari <ebari@cisco.com>
|
|
Short version: Make vppctl behave as expected when run
from scripts, or without a controlling terminal, and
especially when using it with VPP commands on its
command line ("non-interactively").
In particular, prevent the welcome banner and VPP CLI
prompt from being sent by VPP when being used in these
ways.
vppctl
------
- Improve vppctl's detection of non-interactive sessions.
- Pass non-interactiveness in the terminal type telnet option
as a value distinct from "dumb" (which means non-ANSI capable.)
- Make tty setup handling more robust.
- Only send non-interactive command once we've sent the
terminal type, to ensure correct event sequence; we need
the VPP cli session to be in line-by-line mode.
- Ignore stdin when it looks something like /dev/null.
- Skip NUL bytes received from VPP.
VPP CLI
-------
- Detect "non-interactive" terminal types and set session
parameters accordingly.
- Add an "interactive" flag that controls whether the welcome
banner and CLI prompt are sent.
- Detect if telnet options processing switched us into line
mode and act accordingly for the rest of the current input
buffer. This was causing the command string to be echoed
by the CLI editor code.
- For non-interactive sessions, send a NUL byte after the
input buffer has been processed. This is because vppctl
depends on seeing traffic before it will try to close the
session; a command with no output would cause it to hang.
NUL bytes are ignored by all decent terminals, but we have
vppctl strip them out anyway.
- Prevent certain commands from running in non-interactive
sessions since they manipulate interactive-related features.
- For interactive sessions, quench the prompt that prints on
VPP shutdown.
- Detect and handle socket errors in the CLI; sessions were
leaking.
- Pevent SIGPIPE from ever being raised; handle EPIPE instead.
We don't need VPP to die just because a socket closed just
before we try to write to it!
- Add a command to dump a list of current CLI sessions; mostly
this was to detect session leakage, but it may have some
general utility.
Change-Id: Ia147da013317180882c1d967b18eefb8519a55fb
Signed-off-by: Chris Luke <chrisy@flirble.org>
|
|
Change-Id: Ibcd2cf22348ae5a72770a8f8ad25cbe8df7fd390
Signed-off-by: Matus Fabian <matfabia@cisco.com>
|
|
Change-Id: Ie3a99f09f44ec081d9b88a213bdb8d987fb462de
Signed-off-by: Florin Coras <fcoras@cisco.com>
|
|
Change-Id: Iedcea2fb45052852666b91a21eed011f5593313d
Signed-off-by: Dave Barach <dave@barachs.net>
|
|
Change-Id: Ib5d335d6130617d6135615c6c8fa8deaac971331
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
|
|
When one starts VPP, types a command, presses up rather than enter,
then types a new command, unix_cli_line_process_one() segfaults.
This is due to cf->cursor not being reset upon pressing up if the
history is empty.
Change-Id: Ie503f20a9cb551e735abb8b0f4feb8c0006d2b61
Signed-off-by: Yoann Desmouceaux <ydesmouc@cisco.com>
|
|
When given a single IPv6 address, the "tcp src-address" command incorrectly
infers the end of the range by copying sizeof(ip4_address_t) bytes from the
given address.
Change-Id: I100d5c6674d3a3980b8c018588988bdd32ff7269
Signed-off-by: Yoann Desmouceaux <ydesmouc@cisco.com>
|